EDDSA malleability #16
Description
It seems that the library does not check the malleability for EDDSA (range of S).
The Wycheproof test case https://github.com/google/wycheproof/blob/master/testvectors/eddsa_test.json#L550-L557
signature is correctly checked, whereas it shouldn't:
| Public key : b'7d4d0e7f6153a69b6242b522abbee685fda4420f8834b108c3bdae369ef549fa'
| Secret key : b'add4bb8103785baf9ac534258e8aaf65f5f1adb5ef5f3df19bb80ab989c4d64b'
| Msg : b'54657374'
| Signature: b'7c38e026f29e14aabd059a0f2db8b0cd783040609a8be684db12f82a27774ab02ee12ce5875bf9dff26556464bae2ad239d4eef676573336a5c51eb6f946b34d'
| Result : should be invalid, but is correctly checked by the lib.