-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Extensions: verify digital signatures of update packages
- Uses Ed25519 signatures. - Adds an interface for extension server APIs that support update signature verification can implement. - Implements that interface in the EDD SL server API. - Checks the signatures in the upgrader, and aborts if they are invalid. - The Sodium_Compat library is bundled (version 1.3.1), and used to do the signature verification. We've stripped it down by removing the tests, etc. - The public key for WordPoints.org is pinned in the code as a constant. Fixes #746
- Loading branch information
Showing
102 changed files
with
26,287 additions
and
64 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Submodule dev-lib
updated
5 files
Oops, something went wrong.