echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Crypto: Actually use a random nonzero byte in ElGamal,

Browse Source 
as our specification says
This commit is contained in:
zzz
2016-10-21 17:19:44 +00:00
parent 534609e83a
commit 1bd5ebd8ec
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
core/java/src/net/i2p/crypto/ElGamalEngine.java
View File

@ -120,8 +120,10 @@ public final class ElGamalEngine {
long start = _context.clock().now();
byte d2[] = new byte[1+Hash.HASH_LENGTH+data.length];
// FIXME this isn't a random nonzero byte!
d2[0] = (byte)0xFF;
// random nonzero byte
do {
_context.random().nextBytes(d2, 0, 1);
} while (d2[0] == 0);
_context.sha().calculateHash(data, 0, data.length, d2, 1);
System.arraycopy(data, 0, d2, 1+Hash.HASH_LENGTH, data.length);