[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [pluggable-transports/obfs4] 06/08: Do not clamp the private key before Elligator inverse map.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [pluggable-transports/obfs4] 06/08: Do not clamp the private key before Elligator inverse map.
From: gitolite role via tor-commits <tor-commits@xxxxxxxxxxxxxxxxxxxx>
Date: Thu, 08 Sep 2022 14:27:16 +0000
Auto-submitted: auto-generated
Cc: gitolite role <git@xxxxxxxxxxxxxxxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 08 Sep 2022 11:32:21 -0400
In-reply-to: <166264723014.16100.8957505666429037405@cupani.torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
References: <166264723014.16100.8957505666429037405@cupani.torproject.org>
Reply-to: David Fifield <david@xxxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQAAEjRWglHc+PL6RBeF7WmNvqsY1g==

This is an automated email from the git hooks/post-receive script.

meskio pushed a commit to branch master
in repository pluggable-transports/obfs4.

commit 5fcbb0e14064d41e4fa43013e1f0ede4028f25c5
Author: David Fifield <david@xxxxxxxxxxxxxxx>
AuthorDate: Fri Sep 2 11:58:48 2022 -0400

    Do not clamp the private key before Elligator inverse map.
    
    The Elligator inverse map uses the least significant bits of the private
    key, which clamping sets to 0, to choose a random low-order point to add
    to the public key, to ensure uniformity of representatives.
    
    The other ways that the private key is used, namely in calls to
    curve25519.ScalarMult and curve25519.ScalarBaseMult, do their own
    clamping when necessary and are documented to accept a uniformly random
    scalar.
---
 common/ntor/ntor.go | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/common/ntor/ntor.go b/common/ntor/ntor.go
index af24b68..17a9ff7 100644
--- a/common/ntor/ntor.go
+++ b/common/ntor/ntor.go
@@ -273,9 +273,6 @@ func NewKeypair(elligator bool) (*Keypair, error) {
 			return nil, err
 		}
 		digest := sha512.Sum512(priv)
-		digest[0] &= 248
-		digest[31] &= 127
-		digest[31] |= 64
 		copy(priv, digest[:])
 
 		if elligator {

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

References:
- [tor-commits] [pluggable-transports/obfs4] branch master updated (cbf3f3c -> 336a71d)
  - From: gitolite role

Prev by Author: [tor-commits] [tor-browser] 07/65: Bug 10760: Integrate TorButton to TorBrowser core
Next by Author: [tor-commits] [tor-browser] 63/76: Bug 40807: Added QRCode.js to toolkit/modules
Previous by thread: [tor-commits] [pluggable-transports/obfs4] 07/08: doc: Add a changelog entry and clarified a comment (NFC)
Next by thread: [tor-commits] [pluggable-transports/obfs4] 05/08: Test that public keys are not always on the prime-order subgroup.
Index(es):
- Author
- Thread