Closed iaik-jheher closed 3 weeks ago
JesusMcCloud
commented
1 month ago I hate to overcomplicate things, but I really think we need some additional interface on an elliptic curve class to denote which ones work for our current EC math and which ones don't. Currently, all curves work, but this will change in the future. If we add this now, its harder to shoot your future self in the foot
iaik-jheher
commented
4 weeks ago yes, i've thought about this as well; would mean refactoring the ECCurve enum as a sealed interface tree of objects
iaik-jheher
commented
4 weeks ago yes, i've thought about this as well; would mean refactoring the
ECCurveenum as a sealed interface tree of objects
i don't think this is relevant to this PR though; it would be a separate refactor (we will need this anyway when we add pairing curves etc.)
iaik-jheher
commented
3 weeks ago i know the snake_case function names come from the rfc, but still. please use CamelCase (but feel free to add the snake_case names into the apidocs. (yes, even for private functions)
i really don't like this; it makes it harder to verify the code by just putting it side-by-side with the RFC. it's a line-by-line translation wherever possible on purpose.
iaik-jheher
commented
3 weeks ago made the requested changes
RFC. This is needed for lots of advanced cryptography, including OPRFs and OPAQUE. Probably a good thing to have in one place.
Note: side channel security relies on the underlying BigInteger implementation being constant time. I have my doubts whether our underlying BigInteger is constant time.