noise: store clamped key instead of raw key

This commit is contained in:
Jason A. Donenfeld 2019-02-03 22:00:36 +01:00
parent a5ca02d79a
commit 3af9aa88a3
2 changed files with 11 additions and 7 deletions

View file

@ -78,12 +78,14 @@ func setZero(arr []byte) {
} }
} }
func newPrivateKey() (sk NoisePrivateKey, err error) { func (sk *NoisePrivateKey) clamp() {
// clamping: https://cr.yp.to/ecdh.html
_, err = rand.Read(sk[:])
sk[0] &= 248 sk[0] &= 248
sk[31] &= 127 sk[31] = (sk[31] & 127) | 64
sk[31] |= 64 }
func newPrivateKey() (sk NoisePrivateKey, err error) {
_, err = rand.Read(sk[:])
sk.clamp()
return return
} }

View file

@ -45,8 +45,10 @@ func (key NoisePrivateKey) Equals(tar NoisePrivateKey) bool {
return subtle.ConstantTimeCompare(key[:], tar[:]) == 1 return subtle.ConstantTimeCompare(key[:], tar[:]) == 1
} }
func (key *NoisePrivateKey) FromHex(src string) error { func (key *NoisePrivateKey) FromHex(src string) (err error) {
return loadExactHex(key[:], src) err = loadExactHex(key[:], src)
key.clamp()
return
} }
func (key NoisePrivateKey) ToHex() string { func (key NoisePrivateKey) ToHex() string {