diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2024-06-18 16:09:58 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2024-06-19 13:10:43 +0200 |
commit | 41d3213b2e99609af7987c04a49091caf922aef8 (patch) | |
tree | 08525aa1d7e558dfd180a505caefb67c4eaf2c2f /openpgp/src | |
parent | 454dfe881879f7f78c9bf46d8bb6e8d853271618 (diff) |
openpgp: Clamp X25519 secrets before handing them to CNG.
Diffstat (limited to 'openpgp/src')
-rw-r--r-- | openpgp/src/crypto/backend/cng/asymmetric.rs | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/openpgp/src/crypto/backend/cng/asymmetric.rs b/openpgp/src/crypto/backend/cng/asymmetric.rs index 4bd8fa70..b7c17a49 100644 --- a/openpgp/src/crypto/backend/cng/asymmetric.rs +++ b/openpgp/src/crypto/backend/cng/asymmetric.rs @@ -68,7 +68,10 @@ impl Asymmetric for super::Backend { let mut public = [0u8; 32]; public.copy_from_slice(pair.x()); - Ok((pair.d().into(), public)) + let mut clamped_secret = pair.d().into(); + Self::x25519_clamp_secret(&mut clamped_secret); + + Ok((clamped_secret, public)) } fn x25519_derive_public(secret: &Protected) -> Result<[u8; 32]> { @@ -79,9 +82,12 @@ impl Asymmetric for super::Backend { let provider = AsymmetricAlgorithm::open( AsymmetricAlgorithmId::Ecdh(NamedCurve::Curve25519) )?; + + let mut clamped_secret = secret.clone(); + Self::x25519_clamp_secret(&mut clamped_secret); let key = AsymmetricKey::<Ecdh<Curve25519>, Private>::import_from_parts( &provider, - secret, + &clamped_secret, )?; Ok(<[u8; 32]>::try_from(&key.export()?.x()[..])?) } @@ -101,10 +107,13 @@ impl Asymmetric for super::Backend { &provider, public, )?; + + let mut clamped_secret = secret.clone(); + Self::x25519_clamp_secret(&mut clamped_secret); let secret = AsymmetricKey::<Ecdh<Curve25519>, Private>::import_from_parts( &provider, - secret, + &clamped_secret, )?; let shared = secret_agreement(&secret, &public)?; |