diff options
author | Christian Grothoff <christian@grothoff.org> | 2022-02-19 12:26:18 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2022-02-19 12:26:27 +0100 |
commit | 25ef40ef768743a10b7b29881c267e0fdc9fc677 (patch) | |
tree | 6b89d3c2ca7ce1547cb401a2857d7ee6bc896a91 /src/util | |
parent | 4100c5acfe6a70f520c4a8c998baf49d9b9c1717 (diff) | |
download | gnunet-25ef40ef768743a10b7b29881c267e0fdc9fc677.tar.gz gnunet-25ef40ef768743a10b7b29881c267e0fdc9fc677.zip |
-style fixes
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/crypto_cs.c | 32 |
1 files changed, 13 insertions, 19 deletions
diff --git a/src/util/crypto_cs.c b/src/util/crypto_cs.c index 9bd81efa5..1889e62f6 100644 --- a/src/util/crypto_cs.c +++ b/src/util/crypto_cs.c | |||
@@ -69,14 +69,15 @@ GNUNET_CRYPTO_cs_private_key_get_public (const struct | |||
69 | 69 | ||
70 | 70 | ||
71 | /** | 71 | /** |
72 | * maps 32 random bytes to a scalar | 72 | * Maps 32 random bytes to a scalar. This is necessary because libsodium |
73 | * this is necessary because libsodium expects scalar to be in the prime order subgroup | 73 | * expects scalar to be in the prime order subgroup. |
74 | * @param[out] scalar containing 32 byte char array, is modified to be in prime order subgroup | 74 | * |
75 | * @param[in,out] scalar containing 32 byte char array, is modified to be in prime order subgroup | ||
75 | */ | 76 | */ |
76 | static void | 77 | static void |
77 | map_to_scalar_subgroup (struct GNUNET_CRYPTO_Cs25519Scalar *scalar) | 78 | map_to_scalar_subgroup (struct GNUNET_CRYPTO_Cs25519Scalar *scalar) |
78 | { | 79 | { |
79 | // perform clamping as described in RFC7748 | 80 | /* perform clamping as described in RFC7748 */ |
80 | scalar->d[0] &= 248; | 81 | scalar->d[0] &= 248; |
81 | scalar->d[31] &= 127; | 82 | scalar->d[31] &= 127; |
82 | scalar->d[31] |= 64; | 83 | scalar->d[31] |= 64; |
@@ -100,21 +101,14 @@ GNUNET_CRYPTO_cs_r_derive (const struct GNUNET_CRYPTO_CsNonce *nonce, | |||
100 | const struct GNUNET_CRYPTO_CsPrivateKey *lts, | 101 | const struct GNUNET_CRYPTO_CsPrivateKey *lts, |
101 | struct GNUNET_CRYPTO_CsRSecret r[2]) | 102 | struct GNUNET_CRYPTO_CsRSecret r[2]) |
102 | { | 103 | { |
103 | GNUNET_assert (GNUNET_YES == | 104 | GNUNET_assert ( |
104 | GNUNET_CRYPTO_hkdf (r, | 105 | GNUNET_YES == |
105 | sizeof (struct GNUNET_CRYPTO_CsRSecret) | 106 | GNUNET_CRYPTO_kdf ( |
106 | * 2, | 107 | r, sizeof (struct GNUNET_CRYPTO_CsRSecret) * 2, |
107 | GCRY_MD_SHA512, | 108 | "r", strlen ("r"), |
108 | GCRY_MD_SHA256, | 109 | lts, sizeof (*lts), |
109 | "r", | 110 | nonce, sizeof (*nonce), |
110 | strlen ("r"), | 111 | NULL, 0)); |
111 | lts, | ||
112 | sizeof (*lts), | ||
113 | nonce, | ||
114 | sizeof (*nonce), | ||
115 | NULL, | ||
116 | 0)); | ||
117 | |||
118 | map_to_scalar_subgroup (&r[0].scalar); | 112 | map_to_scalar_subgroup (&r[0].scalar); |
119 | map_to_scalar_subgroup (&r[1].scalar); | 113 | map_to_scalar_subgroup (&r[1].scalar); |
120 | } | 114 | } |