vhad/iota.lib.java
1
0
Fork 0
mirror of https://github.com/gosticks/iota.lib.java.git synced 2025-10-16 11:45:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #75 from BerserkerInterpreter/potential_race_condition_signing_63

Browse Source 
Issue: "#63 Potential for race condition in signing.java"
This commit is contained in:
Oliver Nitzschke 2017-12-13 16:22:58 +01:00 committed by GitHub
commit 0478ffbc5f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
jota/src/main/java/jota/utils/Signing.java
View File

@ -57,6 +57,7 @@ public class Signing {
}
}
ICurl curl = this.getICurlObject(SpongeFactory.Mode.KERL);
curl.reset();
curl.absorb(seed, 0, seed.length);
// seed[0..HASH_LENGTH] contains subseed
@ -97,6 +98,7 @@ public class Signing {
public int[] address(int[] digests) {
int[] address = new int[HASH_LENGTH];
ICurl curl = this.getICurlObject(SpongeFactory.Mode.KERL);
curl.reset()
.absorb(digests)
.squeeze(address);
@ -109,6 +111,7 @@ public class Signing {
int[] digests = new int[security * HASH_LENGTH];
int[] keyFragment = new int[KEY_LENGTH];
ICurl curl = this.getICurlObject(SpongeFactory.Mode.KERL);
for (int i = 0; i < Math.floor(key.length / KEY_LENGTH); i++) {
System.arraycopy(key, i * KEY_LENGTH, keyFragment, 0, KEY_LENGTH);
@ -129,7 +132,7 @@ public class Signing {
public int[] digest(int[] normalizedBundleFragment, int[] signatureFragment) {
curl.reset();
ICurl jCurl = SpongeFactory.create(SpongeFactory.Mode.KERL);
ICurl jCurl = this.getICurlObject(SpongeFactory.Mode.KERL);
int[] buffer = new int[HASH_LENGTH];
for (int i = 0; i < 27; i++) {
@ -196,5 +199,9 @@ public class Signing {
return (expectedAddress.equals(address));
}
private ICurl getICurlObject(SpongeFactory.Mode mode) {
return SpongeFactory.create(mode);
}
}