diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-02-03 22:00:36 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-02-05 12:59:42 +0100 |
commit | 3af9aa88a310f7c2b86bae1ebb3ed3843424ce9e (patch) | |
tree | c92b471e4a728cc41b8f18d1bca7d7f21d61a839 | |
parent | a5ca02d79a953c883694061bba5c683b220fbfe4 (diff) |
noise: store clamped key instead of raw key
-rw-r--r-- | noise-helpers.go | 10 | ||||
-rw-r--r-- | noise-types.go | 6 |
2 files changed, 10 insertions, 6 deletions
diff --git a/noise-helpers.go b/noise-helpers.go index 1b2746c..af11f09 100644 --- a/noise-helpers.go +++ b/noise-helpers.go @@ -78,12 +78,14 @@ func setZero(arr []byte) { } } +func (sk *NoisePrivateKey) clamp() { + sk[0] &= 248 + sk[31] = (sk[31] & 127) | 64 +} + func newPrivateKey() (sk NoisePrivateKey, err error) { - // clamping: https://cr.yp.to/ecdh.html _, err = rand.Read(sk[:]) - sk[0] &= 248 - sk[31] &= 127 - sk[31] |= 64 + sk.clamp() return } diff --git a/noise-types.go b/noise-types.go index df6ee77..902905e 100644 --- a/noise-types.go +++ b/noise-types.go @@ -45,8 +45,10 @@ func (key NoisePrivateKey) Equals(tar NoisePrivateKey) bool { return subtle.ConstantTimeCompare(key[:], tar[:]) == 1 } -func (key *NoisePrivateKey) FromHex(src string) error { - return loadExactHex(key[:], src) +func (key *NoisePrivateKey) FromHex(src string) (err error) { + err = loadExactHex(key[:], src) + key.clamp() + return } func (key NoisePrivateKey) ToHex() string { |