From 3a9e7d47e8c0d8b5cc172d48c44afdeed6414429 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 18 Oct 2021 20:24:30 +0200 Subject: do bit twiddling correctly, it's little-endian --- doc/sphinx/cryptography.rst | 5 +++-- doc/system-documentation/design.tex | 5 +++-- src/util/anastasis_crypto.c | 6 ++++-- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/doc/sphinx/cryptography.rst b/doc/sphinx/cryptography.rst index 406732a..194b311 100644 --- a/doc/sphinx/cryptography.rst +++ b/doc/sphinx/cryptography.rst @@ -132,8 +132,9 @@ HKDF to ensure that the result differs from other cases where we hash .. code-block:: c - digest[0] = (digest[0] & 0x7f) | 0x40; - digest[31] &= 0xf8; + digest[0] &= 0xf8; + digest[31] &= 0x7f; + digest[31] |= 0x40; **eddsa_priv**: The generated EdDSA private key. diff --git a/doc/system-documentation/design.tex b/doc/system-documentation/design.tex index 650beb1..0883e7a 100644 --- a/doc/system-documentation/design.tex +++ b/doc/system-documentation/design.tex @@ -373,8 +373,9 @@ eddsa_keys_create (kdf_id, salt, keysize) \end{description} \begin{lstlisting} -digest[0] = (digest[0] & 0x7f) | 0x40; -digest[31] &= 0xf8; +digest[0] &= 0xf8; +digest[31] &= 0x7f; +digest[31] |= 0x40; \end{lstlisting} \begin{description} diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c index 1025e60..9231fc1 100644 --- a/src/util/anastasis_crypto.c +++ b/src/util/anastasis_crypto.c @@ -241,8 +241,10 @@ ANASTASIS_CRYPTO_account_private_key_derive ( return; } /* go from ver_secret to proper private key (eddsa_d_to_a() in spec) */ - priv_key->priv.d[0] = (priv_key->priv.d[0] & 0x7f) | 0x40; - priv_key->priv.d[31] &= 0xf8; + + priv_key->priv.d[0] &= 0xf8; + priv_key->priv.d[31] &= 0x7f; + priv_key->priv.d[31] |= 0x40; } -- cgit v1.2.3