mirror of
https://github.com/jedisct1/libsodium.git
synced 2024-12-23 20:15:19 -07:00
Add a crypto_core_ed25519_NONREDUCEDSCALARBYTES constant
and reject 0 in crypto_core_ed25519_random()
This commit is contained in:
parent
c0652ef7ca
commit
59bd82edab
@ -74,7 +74,8 @@ crypto_core_ed25519_scalar_random(unsigned char *r)
|
|||||||
do {
|
do {
|
||||||
randombytes_buf(r, crypto_core_ed25519_SCALARBYTES);
|
randombytes_buf(r, crypto_core_ed25519_SCALARBYTES);
|
||||||
r[crypto_core_ed25519_SCALARBYTES - 1] &= 0x1f;
|
r[crypto_core_ed25519_SCALARBYTES - 1] &= 0x1f;
|
||||||
} while (sc25519_is_canonical(r) == 0);
|
} while (sc25519_is_canonical(r) == 0 ||
|
||||||
|
sodium_is_zero(r, crypto_core_ed25519_SCALARBYTES));
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
@ -86,9 +87,10 @@ crypto_core_ed25519_scalar_invert(unsigned char *recip, const unsigned char *s)
|
|||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
crypto_core_ed25519_scalar_reduce(unsigned char *r, const unsigned char s[64])
|
crypto_core_ed25519_scalar_reduce(unsigned char *r,
|
||||||
|
const unsigned char s[crypto_core_ed25519_NONREDUCEDSCALARBYTES])
|
||||||
{
|
{
|
||||||
unsigned char t[64];
|
unsigned char t[crypto_core_ed25519_NONREDUCEDSCALARBYTES];
|
||||||
|
|
||||||
memcpy(t, s, sizeof t);
|
memcpy(t, s, sizeof t);
|
||||||
sc25519_reduce(t);
|
sc25519_reduce(t);
|
||||||
@ -102,6 +104,12 @@ crypto_core_ed25519_bytes(void)
|
|||||||
return crypto_core_ed25519_BYTES;
|
return crypto_core_ed25519_BYTES;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
size_t
|
||||||
|
crypto_core_ed25519_nonreducedscalarbytes(void)
|
||||||
|
{
|
||||||
|
return crypto_core_ed25519_NONREDUCEDSCALARBYTES;
|
||||||
|
}
|
||||||
|
|
||||||
size_t
|
size_t
|
||||||
crypto_core_ed25519_uniformbytes(void)
|
crypto_core_ed25519_uniformbytes(void)
|
||||||
{
|
{
|
||||||
|
@ -20,6 +20,10 @@ size_t crypto_core_ed25519_uniformbytes(void);
|
|||||||
SODIUM_EXPORT
|
SODIUM_EXPORT
|
||||||
size_t crypto_core_ed25519_scalarbytes(void);
|
size_t crypto_core_ed25519_scalarbytes(void);
|
||||||
|
|
||||||
|
#define crypto_core_ed25519_NONREDUCEDSCALARBYTES 64
|
||||||
|
SODIUM_EXPORT
|
||||||
|
size_t crypto_core_ed25519_nonreducedscalarbytes(void);
|
||||||
|
|
||||||
SODIUM_EXPORT
|
SODIUM_EXPORT
|
||||||
int crypto_core_ed25519_is_valid_point(const unsigned char *p)
|
int crypto_core_ed25519_is_valid_point(const unsigned char *p)
|
||||||
__attribute__ ((nonnull));
|
__attribute__ ((nonnull));
|
||||||
|
@ -30,7 +30,7 @@ add_P(unsigned char * const S)
|
|||||||
static void
|
static void
|
||||||
add_l64(unsigned char * const S)
|
add_l64(unsigned char * const S)
|
||||||
{
|
{
|
||||||
static const unsigned char l[64] =
|
static const unsigned char l[crypto_core_ed25519_NONREDUCEDSCALARBYTES] =
|
||||||
{ 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
|
{ 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
|
||||||
0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
|
0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
|
||||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
@ -182,6 +182,8 @@ main(void)
|
|||||||
|
|
||||||
assert(crypto_core_ed25519_BYTES == crypto_core_ed25519_bytes());
|
assert(crypto_core_ed25519_BYTES == crypto_core_ed25519_bytes());
|
||||||
assert(crypto_core_ed25519_SCALARBYTES == crypto_core_ed25519_scalarbytes());
|
assert(crypto_core_ed25519_SCALARBYTES == crypto_core_ed25519_scalarbytes());
|
||||||
|
assert(crypto_core_ed25519_NONREDUCEDSCALARBYTES == crypto_core_ed25519_nonreducedscalarbytes());
|
||||||
|
assert(crypto_core_ed25519_NONREDUCEDSCALARBYTES >= crypto_core_ed25519_SCALARBYTES);
|
||||||
assert(crypto_core_ed25519_UNIFORMBYTES == crypto_core_ed25519_uniformbytes());
|
assert(crypto_core_ed25519_UNIFORMBYTES == crypto_core_ed25519_uniformbytes());
|
||||||
assert(crypto_core_ed25519_UNIFORMBYTES >= crypto_core_ed25519_BYTES);
|
assert(crypto_core_ed25519_UNIFORMBYTES >= crypto_core_ed25519_BYTES);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user