SHA-2 hashes for sign/verify operations #32
Comments
I think that sha256 would be good although I don't think that sha512 would provide any real additional value and comes at some cost. |
LGTM, but I think @Atheros1 would prefer to make |
Ok, is #35 better ? |
LGTM, thanks! |
#33 is good. I like that it uses the secure algorithm by default. PyBitmessage contains a copy of pyelliptic so that it isn't broken by these sorts of changes. I could manually make the changes that are present in #35 and take them out after an upgrade period. My upgrade plan would be for PyBitmessage to verify the signature using both SHA1 and SHA256 and wait for everyone to upgrade. After a while, clients could start generating signatures using SHA256 and then the custom code could be taken out so that it matches pyelliptic. This is what I did for issue #17. I'll just have to be sure that alternative Bitmessage implementations are prepared. While we're on it, you might like to switch to EVP_DigestInit_ex. In pyelliptic, md_ctx is already being initialized with EVP_MD_CTX_init so it appears to me that EVP_DigestInit could be switched to EVP_DigestInit_ex if you want. |
Yup, it seems good to me. |
Ok, it's in master. I'll push a release on Pypi. |
Hi.
pyelliptic currently uses SHA-1 to hash messages before signing. I've heard SHA-1 is not considered very secure anymore so what do you think about optional
ecdsa-with-sha256
mode (and maybe -sha512)?The text was updated successfully, but these errors were encountered: