refactor(ed448): Address review comments

ProtonMail · Nov 22, 2023 · 13e4612 · 13e4612
1 parent 820b395
commit 13e4612
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 12 deletions.
diff --git a/openpgp/ed25519/ed25519.go b/openpgp/ed25519/ed25519.go
@@ -62,6 +62,7 @@ func (sk *PrivateKey) UnmarshalByteSecret(seed []byte) error {
 	return nil
 }
 
+// GenerateKey generates a fresh private key with the provided randomness source.
 func GenerateKey(rand io.Reader) (*PrivateKey, error) {
 	publicKey, privateKey, err := ed25519lib.GenerateKey(rand)
 	if err != nil {

diff --git a/openpgp/ed448/ed448.go b/openpgp/ed448/ed448.go
@@ -10,34 +10,47 @@ import (
 	ed448lib "github.com/cloudflare/circl/sign/ed448"
 )
 
-const PointSize = 57
-const PrivateKeySize = 114
-const SignatureSize = 114
+const (
+	// PublicKeySize is the size, in bytes, of public keys in this package.
+	PublicKeySize = ed448lib.PublicKeySize
+	// SeedSize is the size, in bytes, of private key seeds.
+	// The private key representation used by RFC 8032.
+	SeedSize = ed448lib.SeedSize
+	// SignatureSize is the size, in bytes, of signatures generated and verified by this package.
+	SignatureSize = ed448lib.SignatureSize
+)
 
 type PublicKey struct {
+	// Point represents the elliptic curve point of the public key.
 	Point []byte
 }
 
 type PrivateKey struct {
 	PublicKey
-	Key []byte // encoded as seed | pub key point
+	// Key the private key representation by RFC 8032,
+	// encoded as seed | public key point.
+	Key []byte
 }
 
+// NewPublicKey creates a new empty ed25519 public key.
 func NewPublicKey() *PublicKey {
 	return &PublicKey{}
 }
 
+// NewPrivateKey creates a new empty private key referencing the public key.
 func NewPrivateKey(key PublicKey) *PrivateKey {
 	return &PrivateKey{
 		PublicKey: key,
 	}
 }
 
+// Seed returns the ed25519 private key secret seed.
+// The private key representation by RFC 8032.
 func (pk *PrivateKey) Seed() []byte {
-	return pk.Key[:PointSize]
+	return pk.Key[:SeedSize]
 }
 
-// MarshalByteSecret returns the underlying 32 byte seed of the private key
+// MarshalByteSecret returns the underlying seed of the private key.
 func (pk *PrivateKey) MarshalByteSecret() []byte {
 	return pk.Seed()
 }
@@ -49,6 +62,7 @@ func (sk *PrivateKey) UnmarshalByteSecret(seed []byte) error {
 	return nil
 }
 
+// GenerateKey generates a fresh private key with the provided randomness source.
 func GenerateKey(rand io.Reader) (*PrivateKey, error) {
 	publicKey, privateKey, err := ed448lib.GenerateKey(rand)
 	if err != nil {
@@ -81,19 +95,21 @@ func Validate(priv *PrivateKey) error {
 	if subtle.ConstantTimeCompare(priv.Key, expectedPrivateKey) == 0 {
 		return errors.KeyInvalidError("ed448: invalid ed448 secret")
 	}
-	if subtle.ConstantTimeCompare(priv.PublicKey.Point, expectedPrivateKey[PointSize:]) == 0 {
+	if subtle.ConstantTimeCompare(priv.PublicKey.Point, expectedPrivateKey[SeedSize:]) == 0 {
 		return errors.KeyInvalidError("ed448: invalid ed448 public key")
 	}
 	return nil
 }
 
 // ENCODING/DECODING signature:
 
+// WriteSignature encodes and writes an ed448 signature to writer.
 func WriteSignature(writer io.Writer, signature []byte) error {
 	_, err := writer.Write(signature)
 	return err
 }
 
+// ReadSignature decodes an ed448 signature from a reader.
 func ReadSignature(reader io.Reader) ([]byte, error) {
 	signature := make([]byte, SignatureSize)
 	if _, err := io.ReadFull(reader, signature); err != nil {

diff --git a/openpgp/ed448/ed448_test.go b/openpgp/ed448/ed448_test.go
@@ -11,7 +11,7 @@ func TestGenerate(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	if len(priv.Key) != 114 && len(priv.Point) != 57 {
+	if len(priv.Key) != SeedSize+PublicKeySize && len(priv.Point) != PublicKeySize {
 		t.Error("gnerated wrong key sizes")
 	}
 }

diff --git a/openpgp/packet/private_key.go b/openpgp/packet/private_key.go
@@ -1025,7 +1025,7 @@ func (pk *PrivateKey) parseEd448PrivateKey(data []byte) (err error) {
 	privateKey := ed448.NewPrivateKey(*publicKey)
 	privateKey.PublicKey = *publicKey
 
-	if len(data) != ed448.PointSize {
+	if len(data) != ed448.SeedSize {
 		err = errors.StructuralError("wrong ed448 key size")
 	}
 	err = privateKey.UnmarshalByteSecret(data)

diff --git a/openpgp/packet/public_key.go b/openpgp/packet/public_key.go
@@ -546,7 +546,7 @@ func (pk *PublicKey) parseEd25519(r io.Reader) (err error) {
 }
 
 func (pk *PublicKey) parseEd448(r io.Reader) (err error) {
-	point := make([]byte, ed448.PointSize)
+	point := make([]byte, ed448.PublicKeySize)
 	_, err = io.ReadFull(r, point)
 	if err != nil {
 		return
@@ -634,7 +634,7 @@ func (pk *PublicKey) algorithmSpecificByteCount() int {
 	case PubKeyAlgoEd25519:
 		length += ed25519.PublicKeySize
 	case PubKeyAlgoEd448:
-		length += ed448.PointSize
+		length += ed448.PublicKeySize
 	default:
 		panic("unknown public key algorithm")
 	}
@@ -989,7 +989,7 @@ func (pk *PublicKey) BitLength() (bitLength uint16, err error) {
 	case PubKeyAlgoEd25519:
 		bitLength = ed25519.PublicKeySize * 8
 	case PubKeyAlgoEd448:
-		bitLength = ed448.PointSize * 8
+		bitLength = ed448.PublicKeySize * 8
 	default:
 		err = errors.InvalidArgumentError("bad public-key algorithm")
 	}