Opened 6 years ago

Closed 6 years ago

#1750 closed defect (fixed)

Avoid copying data for one-shot EdDSA sigs

Reported by: zzz Owned by: str4d
Priority: minor Milestone: 0.9.25
Component: api/crypto Version: 0.9.23
Keywords: Cc: str4d
Parent Tickets: Sensitive: no


EdDSAEngine copies the data to a BAOS because it must pass over the data twice, and the Signature API doesn't have a method to do a one-shot sign or verify of all the data.

You have to do initSign/Verify, then update, then finalize with sign/verify.

But we always have all the data in a byte array when we call it from DSAEngine, so the copy is unnecessary.

So let's pass a one-shot flag to EdDSAEngine, saying 'we promise we're only calling update() once, so just save the data array object, offset, and length, and read it directly in sign/verify'.

Sadly, setParameter(String, Object) is deprecated. We could use it anyway, or invent a new AlgorithmParameter? spec to indicate one-shot mode.


Change History (6)

comment:1 Changed 6 years ago by zzz

Owner: set to zzz
Status: newaccepted

comment:3 Changed 6 years ago by zzz

Here's an updated patch, that contains another alternative: Adding "one shot" methods.

What I didn't mention above is that the engine apparently violates the java API, as it doesn't leave the object ready to sign again with the same key after sign(). This patch fixes that.


comment:4 Changed 6 years ago by str4d

+1 on second patch.

I will port this and the other outstanding patches to my upstream library once they land in trunk.

comment:5 Changed 6 years ago by zzz

Owner: changed from zzz to str4d
Status: acceptedassigned

In 4a75758003338b5eba37244269a436303a9f1549 i2p.i2p.zzz.test2 to be propped for 0.9.25 shortly.

Leaving open and reassigning to str4d to enhance unit tests to ensure the object reuse issue is fixed, and add tests for one shot mode. Please add those tests to trunk, not to my branch.

comment:6 Changed 6 years ago by str4d

Resolution: fixed
Status: assignedclosed

Object reuse tests: e5a697230382356b6cfeca313b1b8e1c8ff3a959

One-shot mode tests: ec1e3a8e575a315fa5c870aaf913fc104993ddf4

Note: See TracTickets for help on using tickets.