Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/ed25519: differences in edge case handling between s390x KDSA implementation and Go implementation #40475

Closed
mundaym opened this issue Jul 29, 2020 · 4 comments
Closed

crypto/ed25519: differences in edge case handling between s390x KDSA implementation and Go implementation #40475

mundaym opened this issue Jul 29, 2020 · 4 comments
Labels
arch-s390x Issues solely affecting the s390x architecture. FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. release-blocker
Milestone
Go1.15

Comments

@mundaym
Copy link
Member

mundaym commented Jul 29, 2020

@hdevalence has indentified several examples of crafted signed messages that pass verification when using the software implementation of crypto/ed25519 but fail verification when using the s390x KDSA implementation. Regardless of which is correct, the s390x KDSA implementation is new to Go 1.15 so I propose we remove it before the final release is cut to avoid the situation where we see different behaviour when running on different platforms. Once we have more information we can consider whether we can re-add it, perhaps with other fixes or custom special case handling, in a future release.
@mundaym mundaym added the arch-s390x Issues solely affecting the s390x architecture. label Jul 29, 2020
@mundaym mundaym added this to the Go1.15 milestone Jul 29, 2020
@mundaym mundaym self-assigned this Jul 29, 2020
@gopherbot
Copy link

Change https://golang.org/cl/245497 mentions this issue: crypto/ed25519: remove s390x KDSA implementation

@FiloSottile FiloSottile added NeedsFix The path to resolution is known, but the work has not been done. release-blocker labels Jul 29, 2020
@FiloSottile
Copy link
Contributor

/cc @golang/osp-team, this will need cherry-picking, how are you tracking cherry-picks?

@andybons
Copy link
Member

@FiloSottile as the tree is still frozen, if the change lands in the master branch it will be merged into the 1.15 release branch before the next RC or final release.

@FiloSottile FiloSottile mentioned this issue Jul 29, 2020
Closed
@odeke-em odeke-em mentioned this issue Aug 21, 2020
Closed
@gopherbot
Copy link

Change https://golang.org/cl/304349 mentions this issue: crypto/ed25519: add comprehensive edge-case test vectors

gopherbot pushed a commit that referenced this issue Apr 5, 2021
@FiloSottile
crypto/ed25519: add comprehensive edge-case test vectors
79b2e14 
This will allow us to make changes to the internals confidently, without
risking causing issues in consensus applications. It will also prevent
architecture-specific divergence, like #40475.

Fixes #40478

Change-Id: I8c2b31406ca88add6941f14d8df8cecb96379cde
Reviewed-on: https://go-review.googlesource.com/c/go/+/304349
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
Trust: Katie Hockman <katie@golang.org>
@golang golang locked and limited conversation to collaborators Mar 24, 2022
@rsc rsc unassigned mundaym Jun 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
arch-s390x Issues solely affecting the s390x architecture. FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. release-blocker
Projects
None yet
Milestone
Go1.15
Development

No branches or pull requests
4 participants
@andybons @FiloSottile @gopherbot @mundaym