Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: etherscan-io/elliptic
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: indutny/elliptic
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 16 commits
  • 26 files changed
  • 7 contributors

Commits on Aug 2, 2020

  1. build(deps): bump elliptic from 6.4.1 to 6.5.3 (indutny#231) 

    Bumps [elliptic](https://github.com/indutny/elliptic) from 6.4.1 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](indutny/elliptic@v6.4.1...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Aug 2, 2020
    Configuration menu
    Copy the full SHA
    8421a01 View commit details
    Browse the repository at this point in the history

  2. lib: relint using eslint

    @indutny
    indutny committed Aug 2, 2020
    Configuration menu
    Copy the full SHA
    e71b2d9 View commit details
    Browse the repository at this point in the history

Commits on Feb 2, 2021

  1. ec: validate that a point before deriving keys 

    This update checks to make sure that the public key passed in to
ECDH is a point that actually exists on the curve. This is
important to prevent a twist attack that can be used to reveal
the private key of a party in an ECDH operation over a number of
occurances.

For more details on the attack see this blog post:
https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md

CVE: CVE-2020-28498
    @kdenhartog @indutny
    kdenhartog authored and indutny committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    441b742 View commit details
    Browse the repository at this point in the history

  2. package: bump deps

    @indutny
    indutny committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    f4bc72b View commit details
    Browse the repository at this point in the history

  3. 6.5.4

    @indutny
    indutny committed Feb 2, 2021
    Configuration menu
    Copy the full SHA
    43ac7f2 View commit details
    Browse the repository at this point in the history

Commits on Mar 5, 2024

  1. [Fix] restore node < 4 compat 

    Fixes indutny#314.
    @ljharb
    ljharb authored Mar 5, 2024
    Configuration menu
    Copy the full SHA
    0a78e03 View commit details
    Browse the repository at this point in the history

  2. lib: lint

    @indutny
    indutny committed Mar 5, 2024
    Configuration menu
    Copy the full SHA
    206da2e View commit details
    Browse the repository at this point in the history

  3. 6.5.5

    @indutny
    indutny committed Mar 5, 2024
    Configuration menu
    Copy the full SHA
    7570078 View commit details
    Browse the repository at this point in the history

Commits on Jul 17, 2024

  1. Merge commit from fork

    @Markus-MS
    Markus-MS authored Jul 17, 2024
    Configuration menu
    Copy the full SHA
    7ac5360 View commit details
    Browse the repository at this point in the history

  2. 6.5.6

    @indutny
    indutny committed Jul 17, 2024
    Configuration menu
    Copy the full SHA
    03e06e1 View commit details
    Browse the repository at this point in the history

Commits on Aug 14, 2024

  1. lib: DER signature decoding correction

    @Markus-MS
    Markus-MS authored Aug 14, 2024
    Configuration menu
    Copy the full SHA
    accb61e View commit details
    Browse the repository at this point in the history

  2. 6.5.7

    @indutny
    indutny committed Aug 14, 2024
    Configuration menu
    Copy the full SHA
    3e46a48 View commit details
    Browse the repository at this point in the history

Commits on Oct 26, 2024

  1. fix: signature verification due to leading zeros 

    According to FIPS 186-5, section 6.4.2 ECDSA Signature
Verification Algorithm, the hash of the message must be adjusted
based on the order n of the base point of the elliptic curve:

    If log2(n) ≥ hashlen, set E = H. Otherwise, set E equal to
    the leftmost log2(n) bits of H.

Unfortunately because elliptic converts messages to BN instances the
reported `byteLength()` for the message can be incorrect if the message
has 8 or more leading zero bits.

Here we fix it by:

1. Counting leading zeroes in hex strings provided as messages
2. Counting all array entries in Array-like (e.g. Buffer)
   messages
3. Providing an `msgBitLength` option to both `.sign`/`.verify` to let
   user override the behavior

Original PR: indutny#322
Credit: @Markus-MS
    @indutny
    indutny authored Oct 26, 2024
    Configuration menu
    Copy the full SHA
    34c8534 View commit details
    Browse the repository at this point in the history

  2. 6.6.0

    @indutny
    indutny committed Oct 26, 2024
    Configuration menu
    Copy the full SHA
    b8a7edd View commit details
    Browse the repository at this point in the history

Commits on Nov 13, 2024

  1. Merge commit from fork

    @ChALkeR
    ChALkeR authored Nov 13, 2024
    Configuration menu
    Copy the full SHA
    04cb6f5 View commit details
    Browse the repository at this point in the history

  2. 6.6.1

    @indutny
    indutny committed Nov 13, 2024
    Configuration menu
    Copy the full SHA
    9b77436 View commit details
    Browse the repository at this point in the history
Loading