zec
/
zcash_note_encryption
mirror of https://github.com/zcash/zcash_note_encryption.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor comment on epk canonicity. 

Extracted from: 389e6ca6a3
This commit is contained in:
Kris Nuttycombe 2021-04-12 18:43:21 -06:00 committed by GitHub
parent c3d0a64fac
commit a14db84fea
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/lib.rs
View File

@ -458,6 +458,9 @@ pub fn try_output_recovery_with_ock<D: Domain, Output: ShieldedOutput<D>>(
let esk = D::extract_esk(&op)?;
let shared_secret = D::ka_agree_enc(&esk, &pk_d);
// The small-order point check at the point of output parsing rejects
// non-canonical encodings, so reencoding here for the KDF should
// be okay.
let key = D::kdf(shared_secret, &D::epk_bytes(output.epk()));
let mut plaintext = [0; ENC_CIPHERTEXT_SIZE];