Skip to content

fix: return Ed25519 verify result from Identity::validate#56

Merged
attermann merged 1 commit into
attermann:masterfrom
SAY-5:fix-identity-validate-discarded-result
Jun 4, 2026
Merged

fix: return Ed25519 verify result from Identity::validate#56
attermann merged 1 commit into
attermann:masterfrom
SAY-5:fix-identity-validate-discarded-result

Conversation

@SAY-5
Copy link
Copy Markdown
Contributor

@SAY-5 SAY-5 commented Jun 3, 2026

Summary

Identity::validate called _sig_pub->verify(signature, message) but discarded its
bool return and unconditionally returned true on the no-exception path. Since
Ed25519PublicKey::verify returns false on a signature mismatch rather than throwing,
any non-matching signature was accepted as valid. This returns the verify result directly.

Fixes #51.

Test

Added testIdentityValidate to test_crypto: signs a message and checks that the valid
signature passes, while a signature with a flipped byte and a valid signature against a
different message both fail. The new test fails on master and passes with this change
(pio test -e native17 -f test_crypto).

@SAY-5
fix: return Ed25519 verify result from Identity::validate
b6974f2 
Signed-off-by: Sai Asish Y <say.apm35@gmail.com>
@attermann attermann merged commit bf8aaf5 into attermann:master Jun 4, 2026
8 checks passed
@attermann
Copy link
Copy Markdown
Owner

attermann commented Jun 4, 2026
edited
Loading

Thank you @SAY-5 for the fix!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Identity::validate discards Ed25519PublicKey::verify result and always returns true on no-exception path

2 participants

@SAY-5 @attermann