I2P Address: [http://git.idk.i2p]

Skip to content
Snippets Groups Projects
Commit 1bb57c41 authored by zzz's avatar zzz
Browse files

EdDSA minor cleanup

parent a51a6d57
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
core/java/src/net/i2p/crypto/eddsa/spec/EdDSAPrivateKeySpec.java
+ 11
10
View file @ 1bb57c41
...@@ -26,7 +26,8 @@ public class EdDSAPrivateKeySpec implements KeySpec { ...@@ -26,7 +26,8 @@ public class EdDSAPrivateKeySpec implements KeySpec {
* @throws IllegalArgumentException if seed length is wrong or hash algorithm is unsupported * @throws IllegalArgumentException if seed length is wrong or hash algorithm is unsupported
*/ */
public EdDSAPrivateKeySpec(byte[] seed, EdDSAParameterSpec spec) { public EdDSAPrivateKeySpec(byte[] seed, EdDSAParameterSpec spec) {
if (seed.length != spec.getCurve().getField().getb()/8) int bd8 = spec.getCurve().getField().getb() / 8;
if (seed.length != bd8)
throw new IllegalArgumentException("seed length is wrong"); throw new IllegalArgumentException("seed length is wrong");
this.spec = spec; this.spec = spec;
...@@ -34,7 +35,6 @@ public class EdDSAPrivateKeySpec implements KeySpec { ...@@ -34,7 +35,6 @@ public class EdDSAPrivateKeySpec implements KeySpec {
try { try {
MessageDigest hash = MessageDigest.getInstance(spec.getHashAlgorithm()); MessageDigest hash = MessageDigest.getInstance(spec.getHashAlgorithm());
int b = spec.getCurve().getField().getb();
// H(k) // H(k)
h = hash.digest(seed); h = hash.digest(seed);
...@@ -46,9 +46,9 @@ public class EdDSAPrivateKeySpec implements KeySpec { ...@@ -46,9 +46,9 @@ public class EdDSAPrivateKeySpec implements KeySpec {
// Saves ~0.4ms per key when running signing tests. // Saves ~0.4ms per key when running signing tests.
// TODO: are these bitflips the same for any hash function? // TODO: are these bitflips the same for any hash function?
h[0] &= 248; h[0] &= 248;
h[(b/8)-1] &= 63; h[bd8 - 1] &= 63;
h[(b/8)-1] |= 64; h[bd8 - 1] |= 64;
a = Arrays.copyOfRange(h, 0, b/8); a = Arrays.copyOfRange(h, 0, bd8);
A = spec.getB().scalarMultiply(a); A = spec.getB().scalarMultiply(a);
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
...@@ -66,18 +66,19 @@ public class EdDSAPrivateKeySpec implements KeySpec { ...@@ -66,18 +66,19 @@ public class EdDSAPrivateKeySpec implements KeySpec {
* @since 0.9.27 (GitHub issue #17) * @since 0.9.27 (GitHub issue #17)
*/ */
public EdDSAPrivateKeySpec(EdDSAParameterSpec spec, byte[] h) { public EdDSAPrivateKeySpec(EdDSAParameterSpec spec, byte[] h) {
if (h.length != spec.getCurve().getField().getb()/4) int bd4 = spec.getCurve().getField().getb() / 4;
if (h.length != bd4)
throw new IllegalArgumentException("hash length is wrong"); throw new IllegalArgumentException("hash length is wrong");
int bd8 = bd4 / 2;
this.seed = null; this.seed = null;
this.h = h; this.h = h;
this.spec = spec; this.spec = spec;
int b = spec.getCurve().getField().getb();
h[0] &= 248; h[0] &= 248;
h[(b/8)-1] &= 63; h[bd8 - 1] &= 63;
h[(b/8)-1] |= 64; h[bd8 - 1] |= 64;
a = Arrays.copyOfRange(h, 0, b/8); a = Arrays.copyOfRange(h, 0, bd8);
A = spec.getB().scalarMultiply(a); A = spec.getB().scalarMultiply(a);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Base32 Address: [http://7qeve4v2chmjdqlwpa3vl7aojf3nodbku7vepnjwrsxljzqipz6a.b32.i2p] Onion Address: [http://47ggr2fa3vnwfyhvgskzdmr3i32eijwymxohtxsls45dulmriwxszjad.onion]