[git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-380-g7d91e99

by Christian Grothoff cvs at cvs.gnupg.org
Wed Nov 13 14:06:24 CET 2013


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  7d91e99bcd30a463dd4faed014b8521a663d8316 (commit)
      from  c4f9af49f228df59c218381a25fa3c0f93ccbeae (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7d91e99bcd30a463dd4faed014b8521a663d8316
Author: Christian Grothoff <christian at grothoff.org>
Date:   Mon Nov 11 16:04:30 2013 +0100

    ecc: Fix key generation for a plain Ed25519 key.
    
    * cipher/ecc.c (nist_generate_key): Use custom code for ED25519.
    --
    
    I wish there would a an RFC for Curve25519 - the description in the
    paper is easy to misunderstand for a non-mathematician.  Source code
    and a paper are nice but a proper description (like those in the HAC)
    would be better.  Problem spotted by Florian Dold.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/ecc.c b/cipher/ecc.c
index 9135b68..72ca726 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -145,7 +145,21 @@ nist_generate_key (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx,
   point_init (&Q);
 
   /* Generate a secret.  */
-  sk->d = _gcry_dsa_gen_k (E->n, random_level);
+  if (ctx->dialect == ECC_DIALECT_ED25519)
+    {
+      char *rndbuf;
+
+      sk->d = mpi_snew (256);
+      rndbuf = gcry_random_bytes_secure (32, random_level);
+      rndbuf[0] &= 0x7f;  /* Clear bit 255. */
+      rndbuf[0] |= 0x40;  /* Set bit 254.   */
+      rndbuf[31] &= 0xf8; /* Clear bits 2..0 so that d mod 8 == 0  */
+      _gcry_mpi_set_buffer (sk->d, rndbuf, 32, 0);
+      gcry_free (rndbuf);
+    }
+  else
+    sk->d = _gcry_dsa_gen_k (E->n, random_level);
+
 
   /* Compute Q.  */
   _gcry_mpi_ec_mul_point (&Q, sk->d, &E->G, ctx);

-----------------------------------------------------------------------

Summary of changes:
 cipher/ecc.c |   16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org


_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits




More information about the Gcrypt-devel mailing list