diff --git a/noise/crypto.py b/noise/crypto.py index 39cca26..c47f522 100644 --- a/noise/crypto.py +++ b/noise/crypto.py @@ -61,8 +61,8 @@ class X448(object): d = (x3 - z3) % P da = (d * a) % P cb = (c * b) % P - x3 = (((da + cb) % P) ** 2) % P - z3 = (x1 * (((da - cb) % P) ** 2) % P) % P + x3 = pow((da + cb) % P, 2, P) + z3 = (x1 * pow((da - cb) % P, 2, P)) % P x2 = (aa * bb) % P z2 = (e * ((aa + (A24 * e) % P) % P)) % P @@ -82,31 +82,29 @@ class X448(object): # Self-test # Test vectors taken from RFC 7748 section 5.2 and 6.2 -scalar1 = bytes.fromhex('203d494428b8399352665ddca42f9de8fef600908e0d461cb021f8c538345dd77c3e4806e25f46d3315c44e0a5b437' - '1282dd2c8d5be3095f') -u1 = bytes.fromhex('0fbcc2f993cd56d3305b0b7d9e55d4c1a8fb5dbb52f8e9a1e9b6201b165d015894e56c4d3570bee52fe205e28a78b91cdfb' - 'de71ce8d157db') -assert X448.mul(scalar1, u1) == bytes.fromhex('884a02576239ff7a2f2f63b2db6a9ff37047ac13568e1e30fe63c4a7ad1b3ee3a5700df3' - '4321d62077e63633c575c1c954514e99da7c179d') +scalar1 = bytes.fromhex( + '203d494428b8399352665ddca42f9de8fef600908e0d461cb021f8c538345dd77c3e4806e25f46d3315c44e0a5b4371282dd2c8d5be3095f') +u1 = bytes.fromhex( + '0fbcc2f993cd56d3305b0b7d9e55d4c1a8fb5dbb52f8e9a1e9b6201b165d015894e56c4d3570bee52fe205e28a78b91cdfbde71ce8d157db') +assert X448.mul(scalar1, u1) == bytes.fromhex( + '884a02576239ff7a2f2f63b2db6a9ff37047ac13568e1e30fe63c4a7ad1b3ee3a5700df34321d62077e63633c575c1c954514e99da7c179d') -scalar2 = bytes.fromhex('3d262fddf9ec8e88495266fea19a34d28882acef045104d0d1aae121700a779c984c24f8cdd78fbff44943eba368f5' - '4b29259a4f1c600ad3') -u2 = bytes.fromhex('06fce640fa3487bfda5f6cf2d5263f8aad88334cbd07437f020f08f9814dc031ddbdc38c19c6da2583fa5429db94ada18aa' - '7a7fb4ef8a086') -assert X448.mul(scalar2, u2) == bytes.fromhex('ce3e4ff95a60dc6697da1db1d85e6afbdf79b50a2412d7546d5f239fe14fbaadeb445fc6' - '6a01b0779d98223961111e21766282f73dd96b6f') +scalar2 = bytes.fromhex( + '3d262fddf9ec8e88495266fea19a34d28882acef045104d0d1aae121700a779c984c24f8cdd78fbff44943eba368f54b29259a4f1c600ad3') +u2 = bytes.fromhex( + '06fce640fa3487bfda5f6cf2d5263f8aad88334cbd07437f020f08f9814dc031ddbdc38c19c6da2583fa5429db94ada18aa7a7fb4ef8a086') +assert X448.mul(scalar2, u2) == bytes.fromhex( + 'ce3e4ff95a60dc6697da1db1d85e6afbdf79b50a2412d7546d5f239fe14fbaadeb445fc66a01b0779d98223961111e21766282f73dd96b6f') -alice_priv = bytes.fromhex('9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f12' - '7ab1d9ac2d8c0a598726b') -alice_pub = bytes.fromhex('9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da8812' - '0d53177f80e532c41fa0') -bob_priv = bytes.fromhex('1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d' - '1b0366f10b65173992d') -bob_pub = bytes.fromhex('3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3d' - 'ae07bdc1c67bf33609') +alice_priv = bytes.fromhex( + '9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b') +alice_pub = bytes.fromhex( + '9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0') +bob_priv = bytes.fromhex( + '1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d1b0366f10b65173992d') +bob_pub = bytes.fromhex( + '3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609') assert alice_pub == X448.mul_5(alice_priv) assert bob_pub == X448.mul_5(bob_priv) -assert X448.mul(alice_priv, bob_pub) == X448.mul(bob_priv, alice_pub) == bytes.fromhex('07fff4181ac6cc95ec1c16a94a0f74d' - '12da232ce40a77552281d282bb60c0b' - '56fd2464c335543936521c24403085d' - '59a449a5037514a879d') +assert X448.mul(alice_priv, bob_pub) == X448.mul(bob_priv, alice_pub) == bytes.fromhex( + '07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d')