diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2024-02-13 16:11:48 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2024-02-13 16:42:18 +0100 |
commit | 963ca044a05d64fa2b8f6d972ff46d8b7143db6e (patch) | |
tree | 7e2be5a1bb52bc79e11d6e416bfaf71b83dc9b02 | |
parent | 99a2aacc908ed5e2ec07cfbaead54f129dd2d2a6 (diff) |
openpgp: Remove superfluous clamping.
- Asymmetric::x25519_generate_key generates an X25519 key. Clamping
is not necessary here: X25519 mandates implicit clamping when
decrypting.
-rw-r--r-- | openpgp/src/crypto/backend/botan/asymmetric.rs | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/openpgp/src/crypto/backend/botan/asymmetric.rs b/openpgp/src/crypto/backend/botan/asymmetric.rs index 90be41c2..4dd2800c 100644 --- a/openpgp/src/crypto/backend/botan/asymmetric.rs +++ b/openpgp/src/crypto/backend/botan/asymmetric.rs @@ -64,15 +64,7 @@ impl Asymmetric for super::Backend { let secret = Privkey::create("Curve25519", "", &mut rng)?; let mut public = [0u8; 32]; public.copy_from_slice(&secret.pubkey()?.get_x25519_key()?); - let mut secret: Protected = secret.get_x25519_key()?.into(); - - // Clamp the scalar. X25519 does the clamping implicitly, but - // OpenPGP's ECDH over Curve25519 requires the secret to be - // clamped. - secret[0] &= 0b1111_1000; - secret[31] &= !0b1000_0000; - secret[31] |= 0b0100_0000; - + let secret: Protected = secret.get_x25519_key()?.into(); Ok((secret, public)) } |