summaryrefslogtreecommitdiff
path: root/src/ext/ed25519/ref10/blinding.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2014-09-25 15:03:55 -0400
committerNick Mathewson <nickm@torproject.org>2014-09-25 15:08:32 -0400
commit46cda485bce60894d3128dcd42831a8c6cc7bcb4 (patch)
treed275ffaf6c369520474a34a10d287840d823b5aa /src/ext/ed25519/ref10/blinding.c
parent6dbd451b9f7542b16f64415a57a1af26723f8645 (diff)
downloadtor-46cda485bce60894d3128dcd42831a8c6cc7bcb4.tar.gz
tor-46cda485bce60894d3128dcd42831a8c6cc7bcb4.zip
Comments and tweaks based on review by asn
Add some documentation Rename "derive" -> "blind" Check for failure on randombytes().
Diffstat (limited to 'src/ext/ed25519/ref10/blinding.c')
-rw-r--r--src/ext/ed25519/ref10/blinding.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/src/ext/ed25519/ref10/blinding.c b/src/ext/ed25519/ref10/blinding.c
index f0154e098f..4d9a9cbbe7 100644
--- a/src/ext/ed25519/ref10/blinding.c
+++ b/src/ext/ed25519/ref10/blinding.c
@@ -19,7 +19,7 @@ gettweak(unsigned char *out, const unsigned char *param)
out[31] |= 64;
}
-int ed25519_ref10_derive_secret_key(unsigned char *out,
+int ed25519_ref10_blind_secret_key(unsigned char *out,
const unsigned char *inp,
const unsigned char *param)
{
@@ -40,7 +40,7 @@ int ed25519_ref10_derive_secret_key(unsigned char *out,
return 0;
}
-int ed25519_ref10_derive_public_key(unsigned char *out,
+int ed25519_ref10_blind_public_key(unsigned char *out,
const unsigned char *inp,
const unsigned char *param)
{
@@ -58,7 +58,8 @@ int ed25519_ref10_derive_public_key(unsigned char *out,
* strongly that I'm about to code my own ge_scalarmult_vartime). */
/* We negate the public key first, so that we can pass it to
- * frombytes_negate_vartime, which negates it again. */
+ * frombytes_negate_vartime, which negates it again. If there were a
+ * "ge_frombytes", we'd use that, but there isn't. */
memcpy(pkcopy, inp, 32);
pkcopy[31] ^= (1<<7);
ge_frombytes_negate_vartime(&A, pkcopy);
@@ -69,7 +70,7 @@ int ed25519_ref10_derive_public_key(unsigned char *out,
memwipe(tweak, 0, sizeof(tweak));
memwipe(&A, 0, sizeof(A));
memwipe(&Aprime, 0, sizeof(Aprime));
- memwipe(&pkcopy, 0, sizeof(pkcopy));
+ memwipe(pkcopy, 0, sizeof(pkcopy));
return 0;
}