diff --git a/src/ecdsa/keys.py b/src/ecdsa/keys.py index f74252c7..f17277c9 100644 --- a/src/ecdsa/keys.py +++ b/src/ecdsa/keys.py @@ -718,10 +718,15 @@ def verify_digest( :raises BadSignatureError: if the signature is invalid or malformed :raises BadDigestError: if the provided digest is too big for the curve associated with this VerifyingKey and allow_truncate was not set + :raises ValueError: if this is an Edwards curve key; use + :func:`~VerifyingKey.verify` instead, as EdDSA signs the message + directly and does not operate on pre-hashed digests :return: True if the verification was successful :rtype: bool """ + if isinstance(self.curve.curve, CurveEdTw): + raise ValueError("Method unsupported for Edwards curves") # signature doesn't have to be a bytes-like-object so don't normalise # it, the decoders will do that digest = normalise_bytes(digest) diff --git a/src/ecdsa/test_keys.py b/src/ecdsa/test_keys.py index 348475e2..2bad8876 100644 --- a/src/ecdsa/test_keys.py +++ b/src/ecdsa/test_keys.py @@ -438,6 +438,20 @@ def test_ed25519_sig_verify_malformed(self): with self.assertRaises(BadSignatureError): vk.verify(sig, data) + def test_ed25519_verify_digest(self): + vk_pem = ( + "-----BEGIN PUBLIC KEY-----\n" + "MCowBQYDK2VwAyEAIwBQ0NZkIiiO41WJfm5BV42u3kQm7lYnvIXmCy8qy2U=\n" + "-----END PUBLIC KEY-----\n" + ) + + vk = VerifyingKey.from_pem(vk_pem) + + with self.assertRaises(ValueError) as e: + vk.verify_digest(b"a" * 64, b"b" * 32) + + self.assertIn("Method unsupported for Edwards", str(e.exception)) + def test_ed448_from_pem(self): pem_str = ( "-----BEGIN PUBLIC KEY-----\n"