misc: add comments, clarify return type

DennisDyallo · DennisDyallo · commit 4cb9c8ea65e7 · 2025-04-24T10:15:15.000+02:00
diff --git a/Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPrivateKeyDecoder.cs b/Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnPrivateKeyDecoder.cs
@@ -70,7 +70,7 @@ public static IPrivateKey CreatePrivateKey(ReadOnlyMemory<byte> pkcs8EncodedKey)
     public static Curve25519PrivateKey CreateCurve25519Key(ReadOnlyMemory<byte> pkcs8EncodedKey) =>
         Curve25519PrivateKey.CreateFromPkcs8(pkcs8EncodedKey);
 
-    public static (byte[], KeyType) GetCurve25519PrivateKeyData(ReadOnlyMemory<byte> pkcs8EncodedKey)
+    public static (byte[] privateKey, KeyType keyType) GetCurve25519PrivateKeyData(ReadOnlyMemory<byte> pkcs8EncodedKey)
     {
         var reader = new AsnReader(pkcs8EncodedKey, AsnEncodingRules.DER);
         var seqPrivateKeyInfo = reader.ReadSequence();
diff --git a/Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnUtilities.cs b/Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/AsnUtilities.cs
@@ -84,9 +84,9 @@ public static Span<byte> GetIntegerBytes(Span<byte> value)
     /// <exception cref="CryptographicException">If the private key does not meet the bit clamping requirements.</exception>
     public static void VerifyX25519PrivateKey(ReadOnlySpan<byte> x25519PrivateKey)
     {
-        if ((x25519PrivateKey[0] & 0b111) != 0 || // Check that the 3 least significant bits are 0
-            (x25519PrivateKey[31] & 0x80) != 0 || // Check most significant bit is 0
-            (x25519PrivateKey[31] & 0x40) != 0x40) // Check second-most significant bit is 1
+        if ((x25519PrivateKey[0] & 0b111) != 0 || // Check that the 3 least significant bits are set
+            (x25519PrivateKey[31] & 0x80) != 0 || // Check most significant bit is set
+            (x25519PrivateKey[31] & 0x40) != 0x40) // Check second most significant bit not set
         {
             throw new CryptographicException("Invalid X25519 private key: improper bit clamping");
         }
diff --git a/Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/Curve25519PrivateKey.cs b/Yubico.YubiKey/src/Yubico/YubiKey/Cryptography/Curve25519PrivateKey.cs
@@ -68,8 +68,6 @@ public override byte[] ExportPkcs8PrivateKey()
     /// </remarks>
     public override void Clear() => CryptographicOperations.ZeroMemory(_privateKey.Span);
 
-
-
     /// <summary>
     /// Creates an instance of <see cref="Curve25519PrivateKey"/> from a PKCS#8
     /// DER-encoded private key.
diff --git a/Yubico.YubiKey/tests/unit/Yubico/YubiKey/Cryptography/ZeroingMemoryHandleTests.cs b/Yubico.YubiKey/tests/unit/Yubico/YubiKey/Cryptography/ZeroingMemoryHandleTests.cs
@@ -23,7 +23,6 @@ public class ZeroingMemoryHandleTests
     public void Dispose_ShouldClearArrayContent()
     {
         byte[] privateKeyData = new byte[] { 10, 20, 30, 40, 50 };
-
         using (var secureData = new ZeroingMemoryHandle(privateKeyData))
         {
             Assert.Equal(new byte[] { 10, 20, 30, 40, 50 }, secureData.Data);

Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,7 @@ public static IPrivateKey CreatePrivateKey(ReadOnlyMemory<byte> pkcs8EncodedKey)`
`70`	`70`	`public static Curve25519PrivateKey CreateCurve25519Key(ReadOnlyMemory<byte> pkcs8EncodedKey) =>`
`71`	`71`	`Curve25519PrivateKey.CreateFromPkcs8(pkcs8EncodedKey);`
`72`	`72`
`73`		`- public static (byte[], KeyType) GetCurve25519PrivateKeyData(ReadOnlyMemory<byte> pkcs8EncodedKey)`
	`73`	`+ public static (byte[] privateKey, KeyType keyType) GetCurve25519PrivateKeyData(ReadOnlyMemory<byte> pkcs8EncodedKey)`
`74`	`74`	`{`
`75`	`75`	`var reader = new AsnReader(pkcs8EncodedKey, AsnEncodingRules.DER);`
`76`	`76`	`var seqPrivateKeyInfo = reader.ReadSequence();`
Original file line number	Diff line number	Diff line change
`@@ -84,9 +84,9 @@ public static Span<byte> GetIntegerBytes(Span<byte> value)`
`84`	`84`	`/// <exception cref="CryptographicException">If the private key does not meet the bit clamping requirements.</exception>`
`85`	`85`	`public static void VerifyX25519PrivateKey(ReadOnlySpan<byte> x25519PrivateKey)`
`86`	`86`	`{`
`87`		`- if ((x25519PrivateKey[0] & 0b111) != 0 \|\| // Check that the 3 least significant bits are 0`
`88`		`- (x25519PrivateKey[31] & 0x80) != 0 \|\| // Check most significant bit is 0`
`89`		`- (x25519PrivateKey[31] & 0x40) != 0x40) // Check second-most significant bit is 1`
	`87`	`+ if ((x25519PrivateKey[0] & 0b111) != 0 \|\| // Check that the 3 least significant bits are set`
	`88`	`+ (x25519PrivateKey[31] & 0x80) != 0 \|\| // Check most significant bit is set`
	`89`	`+ (x25519PrivateKey[31] & 0x40) != 0x40) // Check second most significant bit not set`
`90`	`90`	`{`
`91`	`91`	`throw new CryptographicException("Invalid X25519 private key: improper bit clamping");`
`92`	`92`	`}`
Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,6 @@ public class ZeroingMemoryHandleTests`
`23`	`23`	`public void Dispose_ShouldClearArrayContent()`
`24`	`24`	`{`
`25`	`25`	`byte[] privateKeyData = new byte[] { 10, 20, 30, 40, 50 };`
`26`		`-`
`27`	`26`	`using (var secureData = new ZeroingMemoryHandle(privateKeyData))`
`28`	`27`	`{`
`29`	`28`	`Assert.Equal(new byte[] { 10, 20, 30, 40, 50 }, secureData.Data);`