Mike Hamburg
unread,Mar 25, 2013, 1:43:26 AM3/25/13Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to sjcl-a...@googlegroups.com, sjcl-d...@googlegroups.com
Hello all,
Commits master:e5d53c75a8a36df54e9e6bac47e04b2b103c62fa and ecc:dc042f62fc32cf8dd7fef5cc4b54476f2a891059 contain correct versions of ECDSA, with tests vectors, thanks to Tom Hughes. (Older versions contain a hacked-up version of ECDSA, returning (r,1/s) instead of (r,s), which is equivalent but requires one fewer division to verify. Hooray for premature optimization.)
The sign and verify functions take a third parameter, fakeLegacyVersion. When set to true, sign will produce (r,1/s) signatures compatible with older versions of sjcl; when left undefined or set to false they will produce (r,s) ECDSA signatures.
In the verify() function, if fakeLegacyVersion is left undefined, the library will try first the correct (r,s) version, and then the legacy (r,1/s) version. If it is set to false, the library will check only (r,s), and if set to true it will check only (r,1/s).
So if you update to the latest version in master or ecc and are using signatures, and need backward compatibility, pass true as a third parameter to sign().
Also, I imported the latest version of the closure compressor, because it didn't work with ECC for some reason. This meant reworking the compression scripts to suppress the hundreds of warnings that resulted from the changes. If you find any problems with this, please report them.
Cheers,
-- Mike Hamburg