diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2019-12-30 22:43:48 +0100 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2019-12-30 22:43:48 +0100 |
| commit | 1a85646bdb96855b261280bcf814c01e2b8d462d (patch) | |
| tree | 3ba0bc867c0ec488863dcb5bf234f86b6db9004f /ed25519-sha512-verify.c | |
| parent | d1d7d737457eaba5b51a98457cac06982638a8fd (diff) | |
| download | nettle-1a85646bdb96855b261280bcf814c01e2b8d462d.tar.gz | |
Reorganize eddsa, based on patch by Daiki Ueno.
* eddsa-internal.h (struct ecc_eddsa): New struct for eddsa
parameters.
* ed25519-sha512.c (_nettle_ed25519_sha512): New parameter struct.
* eddsa-expand.c (_eddsa_expand_key): Replace input
struct nettle_hash with struct ecc_eddsa, and generalize for
ed448. Update all callers.
* eddsa-sign.c (_eddsa_sign): Likewise.
* eddsa-verify.c (_eddsa_verify): Likewise.
* eddsa-compress.c (_eddsa_compress): Store sign bit in most
significant bit of last byte, as specified by RFC 8032.
* eddsa-decompress.c (_eddsa_decompress): Corresponding update.
Also generalize to support ed448, and make validity checks
stricter.
* testsuite/eddsa-sign-test.c (test_ed25519_sign): New function.
(test_main): Use it.
* testsuite/eddsa-verify-test.c (test_ed25519): New function.
(test_main): Use it.
Diffstat (limited to 'ed25519-sha512-verify.c')
| -rw-r--r-- | ed25519-sha512-verify.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/ed25519-sha512-verify.c b/ed25519-sha512-verify.c index 1d6a8c22..bb90d0a1 100644 --- a/ed25519-sha512-verify.c +++ b/ed25519-sha512-verify.c @@ -53,9 +53,11 @@ ed25519_sha512_verify (const uint8_t *pub, int res; #define A scratch #define scratch_out (scratch + 3*ecc->p.size) + + sha512_init (&ctx); res = (_eddsa_decompress (ecc, A, pub, scratch_out) - && _eddsa_verify (ecc, &nettle_sha512, + && _eddsa_verify (ecc, &_nettle_ed25519_sha512, pub, A, &ctx, length, msg, signature, scratch_out)); |