Skip to content

Commit

Permalink
Merge pull request #157 from cryptosphere/fix-degenerate-keys
Browse files Browse the repository at this point in the history 
Raise error on degenerate keys (fixes #152)
  • Loading branch information
@tarcieri
tarcieri committed Mar 13, 2017
2 parents 369575c + b9e53eb commit 96be04d
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 1 deletion.
8 changes: 7 additions & 1 deletion lib/rbnacl/group_elements/curve25519.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ class Curve25519
# Order of the standard group
STANDARD_GROUP_ORDER = 2**252 + 27_742_317_777_372_353_535_851_937_790_883_648_493

# Degenerate key (all-zeroes, results in an all-zero shared secret)
DEGENERATE_KEY = ("\0" * 32).freeze

include KeyComparator
include Serializable

Expand All @@ -44,6 +47,8 @@ class Curve25519
def initialize(point)
@point = point.to_str

raise CryptoError, "degenerate key detected" if @point == DEGENERATE_KEY

# FIXME: really should have a separate constant here for group element size
# Group elements and scalars are both 32-bits, but that's for convenience
Util.check_length(@point, SCALARBYTES, "group element")
Expand All @@ -61,8 +66,8 @@ def mult(integer)
Util.check_length(integer, SCALARBYTES, "integer")

result = Util.zeros(SCALARBYTES)
self.class.scalarmult_curve25519(result, integer, @point)

raise CryptoError, "degenerate key detected" unless self.class.scalarmult_curve25519(result, integer, @point)
self.class.new(result)
end

Expand All @@ -79,6 +84,7 @@ def to_bytes
#
# @return [RbNaCl::Point] standard base point (a.k.a. standard group element)
def self.base
# TODO: better support fixed-based scalar multiplication (this glosses over native support)
@base_point
end
class << self
Expand Down
6 changes: 6 additions & 0 deletions spec/rbnacl/group_element_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@

let(:alice_mult_bob) { vector :alice_mult_bob }

let(:degenerate_key) { RbNaCl::GroupElements::Curve25519::DEGENERATE_KEY }

subject { described_class.new(bob_public) }

it "multiplies integers with the base point" do
Expand All @@ -23,5 +25,9 @@
expect(subject.to_bytes).to eq bob_public
end

it "detects degenerate keys" do
expect { described_class.new(degenerate_key).mult(alice_private) }.to raise_error RbNaCl::CryptoError
end

include_examples "serializable"
end

0 comments on commit 96be04d

Please sign in to comment.