crypto/elliptic: go 1.5 change to Unmarshal breaks use of non-standard curves

[Felix Lange]

Hi,

in go-ethereum[1], we use elliptic.{Unmarshal,Marshal} with the secp256k1 curve.

This curve is not strictly supported by package elliptic because it is a short weierstrass curve 

with a=0 whereas the curves in package elliptic have a=-3.

CL 2421 changed elliptic.Unmarshal to verify that the point lies on the curve, but calls

IsOnCurve on CurveParams instead of using the method of the curve interface. This breaks

our use of Unmarshal because CurveParams.IsOnCurve assumes a=-3.

Would you accept a CL that changes elliptic.Unmarshal to call curve.IsOnCurve for Go 1.5,

or is it too late already?

[1]: https://github.com/ethereum/go-ethereum

[Ian Lance Taylor]

It is probably too late for 1.5, unless this is a real bug. I don't
know enough to tell.

Ian

[Adam Langley]

On Tue, Jul 21, 2015 at 9:44 PM, Ian Lance Taylor <ia...@golang.org> wrote:
> It is probably too late for 1.5, unless this is a real bug. I don't
> know enough to tell.

This is unfortunate. I've cooked up
https://go-review.googlesource.com/#/c/12506 but I don't know how
frozen 1.5 is now.

Can you confirm that change solves this issue for you at least?


Cheers

AGL

[Felix Lange]

On Wednesday, July 22, 2015 at 6:37:21 PM UTC+2, agl wrote:

Can you confirm that change solves this issue for you at least?

Yes. It resolves our issue.

[Ian Lance Taylor]

On Wed, Jul 22, 2015 at 9:36 AM, Adam Langley <a...@golang.org> wrote:
> On Tue, Jul 21, 2015 at 9:44 PM, Ian Lance Taylor <ia...@golang.org> wrote:
>> It is probably too late for 1.5, unless this is a real bug. I don't
>> know enough to tell.
>
> This is unfortunate. I've cooked up
> https://go-review.googlesource.com/#/c/12506 but I don't know how
> frozen 1.5 is now.

This can still go in.

Ian

[Adam Langley]

On Wed, Jul 22, 2015 at 2:11 PM, Ian Lance Taylor <ia...@golang.org> wrote:
> This can still go in.

Yep, thanks. Russ landed it.


Cheers

AGL