[Standards] OMEMO and Olm

Dave Cridland dave at cridland.net
Sun May 28 10:31:51 UTC 2017


On 27 May 2017 at 16:46, Sam Whited <sam at samwhited.com> wrote:
> On Fri, May 26, 2017 at 7:27 PM, Remko Tronçon <remko at el-tramo.be> wrote:
>> - We change the XEP to use XEdDsa, and someone gets an implementation into
>> an (peer reviewed and preferably established) crypto library, *independent*
>> of libolm.
>
> In its most basic form XEdDSA just requires being able to convert keys
> from a coordinate on a montgomery curve to a point on an edwards
> curve; this operation isn't unique to XEdDSA and might already be
> implemented in your ed25519 library of choice, and if so you don't
> really need anything extra to have XEdDSA support since valid XEdDSA
> signatures are also valid EdDSA signatures, as far as I understand.
>
> Here's the start of a submission to the Go crypto libraries (review
> pending discussion of the proposal):
> https://go-review.googlesource.com/c/44334/
>
> Aside from it being a bit hard to debug due to a lack of test vectors
> and a few scalar operations that weren't implemented in the Go library
> it ended up being relatively trivial (although we'll see what happens
> when it's reviewed).

Original libsignal:

https://github.com/WhisperSystems/curve25519-java/blob/master/android/jni/ed25519/additions/sc_cmov.c

Your implementation:

https://go-review.googlesource.com/c/44334/7/ed25519/internal/edwards25519/edwards25519.go#1462

The comments are identical, and the variable names and code structures
are identical.

My conclusion would be that the Go version is a clear-cut derivation
of the libsignal code, and thus a derived work (in copyright
language), and therefore under the GPL.

If you didn't directly copy the code, then I apologise, but I also
don't think it'd stand up in court when someone is sued by OWS for
license infringement.

Dave.


More information about the Standards mailing list