Merge pull request #13 from fisherstevenk/bug/12

Bug/12
fisherstevenk · Sep 3, 2022 · 4c5a1d7 · 4c5a1d7
2 parents 57d7a32 + 2132482
commit 4c5a1d7
Show file tree

Hide file tree

Showing 5 changed files with 4 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -41,8 +41,6 @@ Some minor changes were needed for this library to work with JDK 18 (version 2.0
 </project>
 ```
 
-The "builds" directory contains a signed Oracle JDK 18 version (kyberJCE-2.1.2.jar) along with an md5 hash file for verification.
-
 The initial creation of this code was translated from this Go implementation of [Kyber (version 3)](https://github.com/symbolicsoft/kyber-k2so).  After getting that to work, the code was modified into a JCE.  The Diffie-Hellman OpenJDK 11 code was used as a base.
 
 Kyber has three different parameter sets: 512, 768, and 1024.  Kyber-512 aims at security roughly equivalent to AES-128, Kyber-768 aims at security roughly equivalent to AES-192, and Kyber-1024 aims at security roughly equivalent to AES-256. 
@@ -99,7 +97,7 @@ This library is available under the MIT License. The tests from the [Go](https:/
 More details about CRYSTALS and the most secure ways to use it can be found [here](https://pq-crystals.org/index.shtml)
 
 ## Signing Expiration
-The signing certificates are ony valid for 5 years.  This means that the kyberJCE-2.1.2.jar certificate is only good until 2027-08-03.  After that time, you will no longer be able to import the 2.1.2 jar into the Oracle JVM.  (No one knows what will happen in 5 years, but you can import it into the OpenJDK JVM and I probably will have an updated certificate at that point as well.)
+The signing certificates are ony valid for 5 years.  This means that the certificate for each signed Release jar file is only good until 2027-08-03.  After that time, you will no longer be able to import the 2.1.2 jar into the Oracle JVM.  (No one knows what will happen in 5 years, but you can import it into the OpenJDK JVM and I probably will have an updated certificate at that point as well.)
  
 ## Contact
 [email protected]
diff --git a/builds/kyberJCE-2.1.2.jar b/builds/kyberJCE-2.1.2.jar
diff --git a/builds/kyberJCE-2.1.2.md5 b/builds/kyberJCE-2.1.2.md5
diff --git a/pom.xml b/pom.xml
@@ -3,7 +3,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.swiftcryptollc</groupId>
     <artifactId>kyberJCE</artifactId>
-    <version>2.1.2</version>
+    <version>2.1.3</version>
     <packaging>jar</packaging>
     <name>KyberJCE</name>
     <description>Pure Java implementation of Kyber</description>

diff --git a/src/main/java/com/swiftcryptollc/crypto/util/KyberKeyUtil.java b/src/main/java/com/swiftcryptollc/crypto/util/KyberKeyUtil.java
@@ -1,7 +1,7 @@
 package com.swiftcryptollc.crypto.util;
 
-import com.swiftcryptollc.crypto.provider.KyberKeySize;
 import com.swiftcryptollc.crypto.interfaces.KyberPublicKey;
+import com.swiftcryptollc.crypto.provider.KyberKeySize;
 import com.swiftcryptollc.crypto.provider.kyber.KyberParams;
 import com.swiftcryptollc.crypto.spec.KyberPublicKeySpec;
 import java.math.BigInteger;
@@ -90,7 +90,7 @@ private static void validateKyberPublicKey(KyberPublicKeySpec publicKeySpec)
      */
     public static int constantTimeCompare(byte[] x, byte[] y) {
         if (x.length != y.length) {
-            return 0;
+            return 1;
         }
 
         byte v = 0;