noise: store clamped key instead of raw key

author: Jason A. Donenfeld <Jason@zx2c4.com> 2019-02-03 22:00:36 +0100
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2019-02-05 12:59:42 +0100
commit: 3af9aa88a310f7c2b86bae1ebb3ed3843424ce9e (patch)
tree: c92b471e4a728cc41b8f18d1bca7d7f21d61a839 /noise-helpers.go
parent: tai64n: whiten nano seconds (diff)
download: wireguard-go-3af9aa88a310f7c2b86bae1ebb3ed3843424ce9e.tar.xz
wireguard-go-3af9aa88a310f7c2b86bae1ebb3ed3843424ce9e.zip
1 files changed, 6 insertions, 4 deletions
diff --git a/noise-helpers.go b/noise-helpers.go
index 1b2746c..af11f09 100644
--- a/noise-helpers.go
+++ b/noise-helpers.go
@@ -78,12 +78,14 @@ func setZero(arr []byte) {
 	}
 }
 
+func (sk *NoisePrivateKey) clamp() {
+	sk[0] &= 248
+	sk[31] = (sk[31] & 127) | 64
+}
+
 func newPrivateKey() (sk NoisePrivateKey, err error) {
-	// clamping: https://cr.yp.to/ecdh.html
 	_, err = rand.Read(sk[:])
-	sk[0] &= 248
-	sk[31] &= 127
-	sk[31] |= 64
+	sk.clamp()
 	return
 }
author	Jason A. Donenfeld <Jason@zx2c4.com>	2019-02-03 22:00:36 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2019-02-05 12:59:42 +0100
commit	3af9aa88a310f7c2b86bae1ebb3ed3843424ce9e (patch)
tree	c92b471e4a728cc41b8f18d1bca7d7f21d61a839 /noise-helpers.go
parent	tai64n: whiten nano seconds (diff)
download	wireguard-go-3af9aa88a310f7c2b86bae1ebb3ed3843424ce9e.tar.xz wireguard-go-3af9aa88a310f7c2b86bae1ebb3ed3843424ce9e.zip