Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Behaviour change in crypto:verify/5 between 24.3.4.5 and 25.0 #6313

Closed
mtrudel opened this issue Sep 18, 2022 · 2 comments
Closed

Behaviour change in crypto:verify/5 between 24.3.4.5 and 25.0 #6313

mtrudel opened this issue Sep 18, 2022 · 2 comments
Assignees
@IngelaAndin
Labels
bug Issue is reported as a bug duplicate team:PS Assigned to OTP team PS
Milestone
OTP-25.1

Comments

@mtrudel
Copy link

mtrudel commented Sep 18, 2022
edited
Loading

Describe the bug
Calls to crypto:verify/5 which succeeded on OTP up to and including 24.3.4.5 now fail on OTP 25.0 and newer.

To Reproduce

Message = <<115, 205, 18, 146, 208, 219, 183, 107, 241, 205, 182, 147, 60, 175, 110, 115,
  186, 186, 9, 228, 115, 196, 97, 28, 38, 200, 191, 59, 112, 141, 3, 54, 69, 66,
  70, 66, 56, 65, 56, 50, 45, 57, 69, 52, 48, 45, 52, 57, 57, 69, 45, 66, 68,
  53, 49, 45, 51, 50, 52, 50, 68, 55, 48, 57, 57, 69, 56, 53, 86, 64, 132, 242,
  162, 131, 28, 46, 85, 114, 54, 183, 19, 255, 150, 107, 23, 18, 227, 60, 190,
  106, 248, 156, 48, 74, 18, 58, 235, 168, 156, 216>>.
Signature = <<214, 188, 190, 17, 243, 236, 205, 32, 101, 36, 137, 44, 107, 221, 72, 134,
  119, 8, 223, 217, 136, 25, 143, 111, 222, 79, 160, 76, 59, 163, 75, 126, 3,
  177, 69, 235, 36, 216, 139, 69, 213, 24, 115, 198, 42, 227, 173, 162, 136,
  163, 8, 149, 154, 201, 73, 78, 254, 67, 75, 69, 82, 176, 13, 8>>.
Key = <<86, 64, 132, 242, 162, 131, 28, 46, 85, 114, 54, 183, 19, 255, 150, 107, 23,
  18, 227, 60, 190, 106, 248, 156, 48, 74, 18, 58, 235, 168, 156, 216>>.
crypto:verify(eddsa, sha512, Message, Signature, [Key, ed25519]).

The above call returns true on OTP 24.3.4.5 (and all earlier versions that I've tried), and false on OTP 25.0 and newer

(Mis)behaviour verified on macOS 12.3.1 (Erlang installed via asdf), and aarch64 linux (via official Docker images)

Expected behavior

OTP behaviour should be unchanged

Affected versions

OTP 25.0 and newer
@mtrudel mtrudel added the bug Issue is reported as a bug label Sep 18, 2022
@IngelaAndin IngelaAndin added the team:PS Assigned to OTP team PS label Sep 19, 2022
@IngelaAndin IngelaAndin self-assigned this Sep 19, 2022
@IngelaAndin IngelaAndin added this to the OTP-25.1 milestone Sep 19, 2022
@IngelaAndin
Copy link
Contributor

This has been fixed in OTP-25.1, planned to be released on Wednesday 21 September. This issue is a duplicate of #6219

@mtrudel
Copy link
Author

mtrudel commented Sep 19, 2022

I can confirm that this is fixed on master. Thanks for the quick turnaround!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@IngelaAndin IngelaAndin

Labels
bug Issue is reported as a bug duplicate team:PS Assigned to OTP team PS
Projects
None yet
Milestone
OTP-25.1
Development

No branches or pull requests
2 participants
@mtrudel @IngelaAndin