agl/ed25519 no longer supported #38
Description
The github implemetation formerly hosted here is no longer supported and is causing build pipeline to break.
Local build environments should still work, but we should no longer be using this library anyways.
However, the two places that it is used (for ScalarBaseMult) I do not understand what the code is trying to acheive. It seems like we read random bytes into a buffer then do nothing with that buffer.
The library we should be using is https://godoc.org/golang.org/x/crypto/curve25519 (which we are actually already importing and making use of). However, the function interface is slightly different.
This is the code that needs explained/updated, we actually have it duplicated currently in tapdance/common.go (line 188) and tapdance/utils.go (line 249).
for ok := false; ok != true; {
var sliceKeyPrivate []byte = clientPrivate[:]
_, err := rand.Read(sliceKeyPrivate)
if err != nil {
return nil, nil, err
}
ok = extra25519.ScalarBaseMult(&clientPublic, &representative, &clientPrivate)
}
var stationPubkeyByte32 [32]byte
copy(stationPubkeyByte32[:], stationPubkey)
curve25519.ScalarMult(&sharedSecret, &clientPrivate, &stationPubkeyByte32)