From 134cbd46e4078ceba79d3c1aa5e02dfd365188db Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Wed, 4 Jan 2017 13:00:31 +0000
Subject: [PATCH] Crypto: Enforce correct seed and hash lengths in
EdDSAPrivateKeySpec From github PR #22
https://github.com/str4d/ed25519-java/commit/747df9f9aa407ba90d34f498c5eab6f304fdd58a
---
.../i2p/crypto/eddsa/spec/EdDSAPrivateKeySpec.java | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/core/java/src/net/i2p/crypto/eddsa/spec/EdDSAPrivateKeySpec.java b/core/java/src/net/i2p/crypto/eddsa/spec/EdDSAPrivateKeySpec.java
index 240ac4f3bf..4e1173ab96 100644
--- a/core/java/src/net/i2p/crypto/eddsa/spec/EdDSAPrivateKeySpec.java
+++ b/core/java/src/net/i2p/crypto/eddsa/spec/EdDSAPrivateKeySpec.java
@@ -21,9 +21,12 @@ public class EdDSAPrivateKeySpec implements KeySpec {
private final EdDSAParameterSpec spec;
/**
- * @throws IllegalArgumentException if hash algorithm is unsupported
+ * @throws IllegalArgumentException if seed length is wrong or hash algorithm is unsupported
*/
public EdDSAPrivateKeySpec(byte[] seed, EdDSAParameterSpec spec) {
+ if (seed.length != spec.getCurve().getField().getb()/8)
+ throw new IllegalArgumentException("seed length is wrong");
+
this.spec = spec;
this.seed = seed;
@@ -56,9 +59,13 @@ public class EdDSAPrivateKeySpec implements KeySpec {
* getSeed() will return null if this constructor is used.
*
* @param h the private key
+ * @throws IllegalArgumentException if hash length is wrong
* @since 0.9.27 (GitHub issue #17)
*/
public EdDSAPrivateKeySpec(EdDSAParameterSpec spec, byte[] h) {
+ if (h.length != spec.getCurve().getField().getb()/4)
+ throw new IllegalArgumentException("hash length is wrong");
+
this.seed = null;
this.h = h;
this.spec = spec;
@@ -77,7 +84,7 @@ public class EdDSAPrivateKeySpec implements KeySpec {
this.h = h;
this.a = a;
this.A = A;
- this.spec = spec;
+ this.spec = spec;
}
/**
--
GitLab