[tor-bugs] #22006 [Core Tor/Tor]: prop224: Validate ed25519 pubkeys to remove torsion component

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 23 22:19:03 UTC 2017


#22006: prop224: Validate ed25519 pubkeys to remove torsion component
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  asn
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.2.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, prop224, ed25519, review-    |  Actual Points:
  group-18                                       |
Parent ID:  #21888                               |         Points:
 Reviewer:  nickm, isis                          |        Sponsor:
                                                 |  SponsorR-can
-------------------------------------------------+-------------------------

Comment (by isis):

 Replying to [comment:17 isis]:
 > Replying to [comment:14 nickm]:
 > > I left some quick notes on the patch.  I need somebody mathy to look
 at the actual multiplication functions

 A couple minor things:

  * In `ed25519_donna_scalarmult_with_group_order()` since it's unpacking
 the public key from bytes into a point, perhaps we should not ignore the
 return value of `ge25519_unpack_negative_vartime()`, since the latter
 function will return 0 if the point wasn't on the curve (refer to the
 `check ← sqrt(u/v)` comment from my code above for what the check in the
 unpacking function is doing).
  * The cleanups at the end of
 `ed25519_donna_scalarmult_with_group_order()` seem like they might be
 unnecessary overhead, since all those variables are public, but it doesn't
 really harm anything to memwipe them.

 LGTM though.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22006#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list