marek/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

EdDSA minor cleanup

Browse Source
This commit is contained in:
zzz
2019-01-29 13:51:42 +00:00
parent a51a6d57f9
commit 1bb57c4103
1 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
core/java/src/net/i2p/crypto/eddsa/spec/EdDSAPrivateKeySpec.java
View File

@ -26,7 +26,8 @@ public class EdDSAPrivateKeySpec implements KeySpec {
* @throws IllegalArgumentException if seed length is wrong or hash algorithm is unsupported
*/
public EdDSAPrivateKeySpec(byte[] seed, EdDSAParameterSpec spec) {
if (seed.length != spec.getCurve().getField().getb()/8)
int bd8 = spec.getCurve().getField().getb() / 8;
if (seed.length != bd8)
throw new IllegalArgumentException("seed length is wrong");
this.spec = spec;
@ -34,7 +35,6 @@ public class EdDSAPrivateKeySpec implements KeySpec {
try {
MessageDigest hash = MessageDigest.getInstance(spec.getHashAlgorithm());
int b = spec.getCurve().getField().getb();
// H(k)
h = hash.digest(seed);
@ -46,9 +46,9 @@ public class EdDSAPrivateKeySpec implements KeySpec {
// Saves ~0.4ms per key when running signing tests.
// TODO: are these bitflips the same for any hash function?
h[0] &= 248;
h[(b/8)-1] &= 63;
h[(b/8)-1] |= 64;
a = Arrays.copyOfRange(h, 0, b/8);
h[bd8 - 1] &= 63;
h[bd8 - 1] |= 64;
a = Arrays.copyOfRange(h, 0, bd8);
A = spec.getB().scalarMultiply(a);
} catch (NoSuchAlgorithmException e) {
@ -66,18 +66,19 @@ public class EdDSAPrivateKeySpec implements KeySpec {
* @since 0.9.27 (GitHub issue #17)
*/
public EdDSAPrivateKeySpec(EdDSAParameterSpec spec, byte[] h) {
if (h.length != spec.getCurve().getField().getb()/4)
int bd4 = spec.getCurve().getField().getb() / 4;
if (h.length != bd4)
throw new IllegalArgumentException("hash length is wrong");
int bd8 = bd4 / 2;
this.seed = null;
this.h = h;
this.spec = spec;
int b = spec.getCurve().getField().getb();
h[0] &= 248;
h[(b/8)-1] &= 63;
h[(b/8)-1] |= 64;
a = Arrays.copyOfRange(h, 0, b/8);
h[bd8 - 1] &= 63;
h[bd8 - 1] |= 64;
a = Arrays.copyOfRange(h, 0, bd8);
A = spec.getB().scalarMultiply(a);
}