openpgp: Remove superfluous clamping.

- Asymmetric::x25519_generate_key generates an X25519 key. Clamping is not necessary here: X25519 mandates implicit clamping when decrypting.
author: Justus Winter <justus@sequoia-pgp.org> 2024-02-13 16:11:48 +0100
committer: Justus Winter <justus@sequoia-pgp.org> 2024-02-13 16:42:18 +0100
commit: 963ca044a05d64fa2b8f6d972ff46d8b7143db6e (patch)
tree: 7e2be5a1bb52bc79e11d6e416bfaf71b83dc9b02
parent: 99a2aacc908ed5e2ec07cfbaead54f129dd2d2a6 (diff)
1 files changed, 1 insertions, 9 deletions
diff --git a/openpgp/src/crypto/backend/botan/asymmetric.rs b/openpgp/src/crypto/backend/botan/asymmetric.rs
index 90be41c2..4dd2800c 100644
--- a/openpgp/src/crypto/backend/botan/asymmetric.rs
+++ b/openpgp/src/crypto/backend/botan/asymmetric.rs
@@ -64,15 +64,7 @@ impl Asymmetric for super::Backend {
         let secret = Privkey::create("Curve25519", "", &mut rng)?;
         let mut public = [0u8; 32];
         public.copy_from_slice(&secret.pubkey()?.get_x25519_key()?);
-        let mut secret: Protected = secret.get_x25519_key()?.into();
-
-        // Clamp the scalar.  X25519 does the clamping implicitly, but
-        // OpenPGP's ECDH over Curve25519 requires the secret to be
-        // clamped.
-        secret[0] &= 0b1111_1000;
-        secret[31] &= !0b1000_0000;
-        secret[31] |= 0b0100_0000;
-
+        let secret: Protected = secret.get_x25519_key()?.into();
         Ok((secret, public))
     }
author	Justus Winter <justus@sequoia-pgp.org>	2024-02-13 16:11:48 +0100
committer	Justus Winter <justus@sequoia-pgp.org>	2024-02-13 16:42:18 +0100
commit	963ca044a05d64fa2b8f6d972ff46d8b7143db6e (patch)
tree	7e2be5a1bb52bc79e11d6e416bfaf71b83dc9b02
parent	99a2aacc908ed5e2ec07cfbaead54f129dd2d2a6 (diff)