Fixed BigIntegerScalarOps usage of BigIntegerLittleEndianEncoding

str4d · str4d · commit de42efe36478 · 2014-05-11T01:01:57.000Z
diff --git a/src/net/i2p/crypto/eddsa/math/bigint/BigIntegerLittleEndianEncoding.java b/src/net/i2p/crypto/eddsa/math/bigint/BigIntegerLittleEndianEncoding.java
@@ -20,16 +20,18 @@ public void setField(Field f) {
         mask = BigInteger.ONE.shiftLeft(f.getb()-1).subtract(BigInteger.ONE);
     }
 
+    public byte[] encode(FieldElement x) {
+        return encode(((BigIntegerFieldElement)x).bi.and(mask));
+    }
+
     /**
      *  Convert x to little endian.
      *  Constant time.
      *
-     *  @param len must be big enough
-     *  @return array of length len
-     *  @throws ArrayIndexOutOfBoundsException if len not big enough
+     *  @return array of length b/8
      */
-    public byte[] encode(FieldElement x) {
-        byte[] in = ((BigIntegerFieldElement)x).bi.and(mask).toByteArray();
+    public byte[] encode(BigInteger x) {
+        byte[] in = x.toByteArray();
         byte[] out = new byte[f.getb()/8];
         for (int i = 0; i < in.length; i++) {
             out[i] = in[in.length-1-i];
@@ -40,24 +42,21 @@ public byte[] encode(FieldElement x) {
         return out;
     }
 
-    /**
-     *  Convert in to big endian
-     */
     public FieldElement decode(byte[] in) {
-        return decode(in, true);
+        if (in.length != f.getb()/8)
+            throw new IllegalArgumentException("Not a valid encoding");
+        return new BigIntegerFieldElement(f, toBigInteger(in).and(mask));
     }
 
     /**
      *  Convert in to big endian
      */
-    public FieldElement decode(byte[] in, boolean checkLength) {
-        if (checkLength && in.length != f.getb()/8)
-            throw new IllegalArgumentException("Not a valid encoding");
+    public BigInteger toBigInteger(byte[] in) {
         byte[] out = new byte[in.length];
         for (int i = 0; i < in.length; i++) {
             out[i] = in[in.length-1-i];
         }
-        return new BigIntegerFieldElement(f, new BigInteger(1, out).and(mask));
+        return new BigInteger(1, out);
     }
 
     /**
diff --git a/src/net/i2p/crypto/eddsa/math/bigint/BigIntegerScalarOps.java b/src/net/i2p/crypto/eddsa/math/bigint/BigIntegerScalarOps.java
@@ -1,24 +1,26 @@
 package net.i2p.crypto.eddsa.math.bigint;
 
+import java.math.BigInteger;
+
 import net.i2p.crypto.eddsa.math.Field;
 import net.i2p.crypto.eddsa.math.ScalarOps;
 
 public class BigIntegerScalarOps implements ScalarOps {
-    private final BigIntegerFieldElement l;
+    private final BigInteger l;
     private final BigIntegerLittleEndianEncoding enc;
 
-    public BigIntegerScalarOps(Field f, BigIntegerFieldElement l) {
+    public BigIntegerScalarOps(Field f, BigInteger l) {
         this.l = l;
         enc = new BigIntegerLittleEndianEncoding();
         enc.setField(f);
     }
 
     public byte[] reduce(byte[] s) {
-        return enc.encode(enc.decode(s, false).mod(l));
+        return enc.encode(enc.toBigInteger(s).mod(l));
     }
 
     public byte[] multiplyAndAdd(byte[] a, byte[] b, byte[] c) {
-        return enc.encode(enc.decode(a, false).multiply(enc.decode(b, false)).add(enc.decode(c, false)).mod(l));
+        return enc.encode(enc.toBigInteger(a).multiply(enc.toBigInteger(b)).add(enc.toBigInteger(c)).mod(l));
     }
 
 }
diff --git a/src/net/i2p/crypto/eddsa/spec/EdDSANamedCurveTable.java b/src/net/i2p/crypto/eddsa/spec/EdDSANamedCurveTable.java
@@ -6,7 +6,6 @@
 import net.i2p.crypto.eddsa.Utils;
 import net.i2p.crypto.eddsa.math.Curve;
 import net.i2p.crypto.eddsa.math.Field;
-import net.i2p.crypto.eddsa.math.bigint.BigIntegerFieldElement;
 import net.i2p.crypto.eddsa.math.bigint.BigIntegerLittleEndianEncoding;
 import net.i2p.crypto.eddsa.math.bigint.BigIntegerScalarOps;
 
@@ -31,8 +30,7 @@ public class EdDSANamedCurveTable {
             ed25519curve,
             "SHA-512", // H
             new BigIntegerScalarOps(ed25519field,
-                    new BigIntegerFieldElement(ed25519field,
-                            new BigInteger("7237005577332262213973186563042994240857116359379907606001950938285454250989"))), // l
+                    new BigInteger("7237005577332262213973186563042994240857116359379907606001950938285454250989")), // l
             ed25519curve.createPoint( // B
                     Utils.hexToBytes("5866666666666666666666666666666666666666666666666666666666666666"),
                     true)); // Precompute tables for B
diff --git a/test/net/i2p/crypto/eddsa/math/bigint/BigIntegerScalarOpsTest.java b/test/net/i2p/crypto/eddsa/math/bigint/BigIntegerScalarOpsTest.java
@@ -31,14 +31,12 @@ public class BigIntegerScalarOpsTest {
     @Test
     public void testReduce() {
         ScalarOps sc = new BigIntegerScalarOps(ed25519Field,
-                new BigIntegerFieldElement(ed25519Field,
-                        new BigInteger("5")));
+                new BigInteger("5"));
         assertThat(sc.reduce(new byte[] {7}),
                 is(equalTo(Utils.hexToBytes("0200000000000000000000000000000000000000000000000000000000000000"))));
 
         ScalarOps sc2 = new BigIntegerScalarOps(ed25519Field,
-                new BigIntegerFieldElement(ed25519Field,
-                        new BigInteger("7237005577332262213973186563042994240857116359379907606001950938285454250989")));
+                new BigInteger("7237005577332262213973186563042994240857116359379907606001950938285454250989"));
         // Example from test case 1
         byte[] r = Utils.hexToBytes("b6b19cd8e0426f5983fa112d89a143aa97dab8bc5deb8d5b6253c928b65272f4044098c2a990039cde5b6a4818df0bfb6e40dc5dee54248032962323e701352d");
         assertThat(sc2.reduce(r), is(equalTo(Utils.hexToBytes("f38907308c893deaf244787db4af53682249107418afc2edc58f75ac58a07404"))));
