commit e8533c8a41e3fb29e51200d643382c8d5f882e5e
parent 1ad2fb331548adf635e9cff8786b468e54666371
Author: Florian Dold <florian.dold@gmail.com>
Date: Mon, 6 Jan 2020 14:16:24 +0100
Don't normalize when deriving ECDSA public keys
Diffstat:
3 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
@@ -174,7 +174,7 @@ GNUNET_CRYPTO_ecdsa_key_get_public (
struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
BENCHMARK_START (ecdsa_key_get_public);
- GNUNET_TWEETNACL_scalarmult_le_ed25519_base (pub->q_y, priv->d);
+ GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (pub->q_y, priv->d);
BENCHMARK_END (ecdsa_key_get_public);
}
diff --git a/src/util/tweetnacl-gnunet.c b/src/util/tweetnacl-gnunet.c
@@ -429,7 +429,7 @@ GNUNET_TWEETNACL_sign_pk_from_seed (u8 *pk, const u8 *seed)
}
void
-GNUNET_TWEETNACL_scalarmult_le_ed25519_base (u8 *pk, const u8 *s)
+GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (u8 *pk, const u8 *s)
{
u8 d[64];
gf p[4];
@@ -437,9 +437,8 @@ GNUNET_TWEETNACL_scalarmult_le_ed25519_base (u8 *pk, const u8 *s)
// Treat s as little endian.
for (u32 i = 0; i < 32; i++)
d[i] = s[31 - i];
- d[0] &= 248;
- d[31] &= 127;
- d[31] |= 64;
+
+ // For GNUnet, we don't normalize d
scalarbase (p, d);
pack (pk, p);
diff --git a/src/util/tweetnacl-gnunet.h b/src/util/tweetnacl-gnunet.h
@@ -49,6 +49,6 @@ GNUNET_TWEETNACL_sign_detached (uint8_t *sig,
const uint8_t *sk);
void
-GNUNET_TWEETNACL_scalarmult_le_ed25519_base (uint8_t *pk, const uint8_t *s);
+GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (uint8_t *pk, const uint8_t *s);
#endif
