cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Don't hash the data to sign when using EDDSA

Browse Source
This commit is contained in:
David Hedberg
2021-02-20 14:27:55 +01:00
parent 3fb4771602
commit 6d4f37b154
2 changed files with 61 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
View File

@@ -255,7 +255,9 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
private PGPContentSignerBuilder getAuthenticationContentSignerBuilder(int hashAlgorithm, Map<ByteBuffer,
byte[]> signedHashes) {
if (getAlgorithm() == PublicKeyAlgorithmTags.EDDSA) {
if (
getAlgorithm() == PublicKeyAlgorithmTags.EDDSA
&& mPrivateKeyState != PRIVATE_KEY_STATE_DIVERT_TO_CARD) {
// content signer feeding the input directly into the signature engine,
// since EdDSA hashes the input anyway
return new EdDsaAuthenticationContentSignerBuilder(