Skip to content

Commit

Permalink
fix breaking change with ed_448 update
Browse files Browse the repository at this point in the history
  • Loading branch information
Dr. Capybara committed Apr 4, 2024
1 parent 16193bc commit 886a59f
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 16 deletions.
8 changes: 2 additions & 6 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
View file
Expand Up @@ -22,7 +22,7 @@ crypto-bigint = "0.5.3"
fiat-crypto = "0.2.2"
rand = "0.8"
num-bigint = { version = "0.4", features = ["rand"] }
tiny_ed448_goldilocks = "0.1.3"
tiny_ed448_goldilocks = "0.1.5"
aes = "0.8.3"
rayon = "1.5"

Expand Down
18 changes: 9 additions & 9 deletions src/ops.rs
View file
Expand Up @@ -335,8 +335,8 @@ impl KeyPair {
#[allow(non_snake_case)]
pub fn new(pw: &[u8], owner: String, d: &SecParam) -> Result<KeyPair, OperationError> {
let data = kmac_xof(pw, &[], 448, "SK", d)?;
let s: Scalar = bytes_to_scalar(data).mul_mod_r(&Scalar::from(4_u64));
let V = ExtendedPoint::tw_generator() * s;
let s: Scalar = bytes_to_scalar(data).mul_mod(&Scalar::from(4_u64));
let V = ExtendedPoint::generator() * s;
Ok(KeyPair {
owner,
pub_key: V,
Expand Down Expand Up @@ -389,9 +389,9 @@ impl KeyEncryptable for Message {
#[allow(non_snake_case)]
fn key_encrypt(&mut self, pub_key: &ExtendedPoint, d: &SecParam) -> Result<(), OperationError> {
self.d = Some(*d);
let k = bytes_to_scalar(get_random_bytes(56)).mul_mod_r(&Scalar::from(4_u64));
let k = bytes_to_scalar(get_random_bytes(56)).mul_mod(&Scalar::from(4_u64));
let w = (*pub_key * k).to_affine();
let Z = (ExtendedPoint::tw_generator() * k).to_affine();
let Z = (ExtendedPoint::generator() * k).to_affine();

let ke_ka = kmac_xof(&w.x.to_bytes(), &[], 448 * 2, "PK", d)?;
let (ke, ka) = ke_ka.split_at(ke_ka.len() / 2);
Expand Down Expand Up @@ -465,7 +465,7 @@ impl KeyEncryptable for Message {
.ok_or(OperationError::SecurityParameterNotSet)?;

let s_bytes = kmac_xof(pw, &[], 448, "SK", d)?;
let s = bytes_to_scalar(s_bytes).mul_mod_r(&Scalar::from(4_u64));
let s = bytes_to_scalar(s_bytes).mul_mod(&Scalar::from(4_u64));
let Z = (Z * s).to_affine();

let ke_ka = kmac_xof(&Z.x.to_bytes(), &[], 448 * 2, "PK", d)?;
Expand Down Expand Up @@ -531,19 +531,19 @@ impl Signable for Message {
#[allow(non_snake_case)]
fn sign(&mut self, key: &KeyPair, d: &SecParam) -> Result<(), OperationError> {
let s_bytes = kmac_xof(&key.priv_key, &[], 448, "SK", d)?;
let s = bytes_to_scalar(s_bytes).mul_mod_r(&Scalar::from(4_u64));
let s = bytes_to_scalar(s_bytes).mul_mod(&Scalar::from(4_u64));
let s_bytes = scalar_to_bytes(&s);

let k_bytes = kmac_xof(&s_bytes, &self.msg, 448, "N", d)?;
let k = bytes_to_scalar(k_bytes) * Scalar::from(4_u64);

let U = ExtendedPoint::tw_generator() * k;
let U = ExtendedPoint::generator() * k;
let ux_bytes = U.to_affine().x.to_bytes();

let h = kmac_xof(&ux_bytes, &self.msg, 448, "T", d)?;
let h_big = bytes_to_scalar(h.clone());

let z = k - h_big.mul_mod_r(&s);
let z = k - h_big.mul_mod(&s);
self.sig = Some(Signature { h, z });
self.d = Some(*d);
Ok(())
Expand Down Expand Up @@ -591,7 +591,7 @@ impl Signable for Message {
.ok_or(OperationError::SecurityParameterNotSet)?;

let h_scalar = bytes_to_scalar(sig.h.clone());
let U = ExtendedPoint::tw_generator() * sig.z + (*pub_key * h_scalar);
let U = ExtendedPoint::generator() * sig.z + (*pub_key * h_scalar);

let h_p = kmac_xof(&U.to_affine().x.to_bytes(), &self.msg, 448, "T", d)?;

Expand Down

0 comments on commit 886a59f

Please sign in to comment.