noise: store clamped key instead of raw key

author Jason A. Donenfeld <Jason@zx2c4.com>

Sun, 3 Feb 2019 20:50:54 +0000 (21:50 +0100)

committer Jason A. Donenfeld <Jason@zx2c4.com>

Sun, 3 Feb 2019 20:51:18 +0000 (21:51 +0100)
author Jason A. Donenfeld <Jason@zx2c4.com>
Sun, 3 Feb 2019 20:50:54 +0000 (21:50 +0100)
committer Jason A. Donenfeld <Jason@zx2c4.com>
Sun, 3 Feb 2019 20:51:18 +0000 (21:51 +0100)
diff --git a/src/curve25519.c b/src/curve25519.c

index 0d52bc87839d68aaa26bb6506495d3e62635ec3d..648daed2715e51100f34e068133481023dc63969 100644 (file)
--- a/src/curve25519.c
+++ b/src/curve25519.c
@@ -68,7 +68,6 @@ static inline void put_unaligned_le64(u64 s, u8 *d)
  #ifndef __force
  #define __force
  #endif
-#define clamp_secret(a) curve25519_clamp_secret(a)
  
  static noinline void memzero_explicit(void *s, size_t count)
  {
diff --git a/src/curve25519.h b/src/curve25519.h

index badcda0c95a7c12de39e940b6c62d1384a5fffd5..c0470199774ef95983c553478d4375d2a5ef1aae 100644 (file)
--- a/src/curve25519.h
+++ b/src/curve25519.h
@@ -10,7 +10,7 @@
  #include <sys/types.h>
  
  enum curve25519_lengths {
-       CURVE25519_KEY_SIZE = 32,
+       CURVE25519_KEY_SIZE = 32
  };
  
  void curve25519(uint8_t mypublic[static CURVE25519_KEY_SIZE], const uint8_t secret[static CURVE25519_KEY_SIZE], const uint8_t basepoint[static CURVE25519_KEY_SIZE]);
@@ -18,8 +18,7 @@ void curve25519_generate_public(uint8_t pub[static CURVE25519_KEY_SIZE], const u
  static inline void curve25519_clamp_secret(uint8_t secret[static CURVE25519_KEY_SIZE])
  {
         secret[0] &= 248;
-       secret[31] &= 127;
-       secret[31] |= 64;
+       secret[31] = (secret[31] & 127) | 64;
  }
  
  #endif
author	Jason A. Donenfeld <Jason@zx2c4.com>
	Sun, 3 Feb 2019 20:50:54 +0000 (21:50 +0100)
committer	Jason A. Donenfeld <Jason@zx2c4.com>
	Sun, 3 Feb 2019 20:51:18 +0000 (21:51 +0100)
src/curve25519.c		patch \| blob \| blame \| history
src/curve25519.h		patch \| blob \| blame \| history