diff options
| author | Damien Miller <djm@mindrot.org> | 2013-12-18 17:50:13 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2013-12-18 17:50:13 +1100 |
| commit | d58a5964426ee014384d67d775d16712e93057f3 (patch) | |
| tree | 84fd7ec69f02f6390a11dc60a08f90719cb7bac8 | |
| parent | 059321d19af24d87420de3193f79dfab23556078 (diff) | |
- djm@cvs.openbsd.org 2013/12/15 21:42:35
[cipher-chachapoly.c]
add some comments and constify a constant
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | cipher-chachapoly.c | 20 |
2 files changed, 13 insertions, 10 deletions
@@ -25,6 +25,9 @@ [ssh-add.c] Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page. ok markus@ + - djm@cvs.openbsd.org 2013/12/15 21:42:35 + [cipher-chachapoly.c] + add some comments and constify a constant 20131208 - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna diff --git a/cipher-chachapoly.c b/cipher-chachapoly.c index 20628ab5..91b0830f 100644 --- a/cipher-chachapoly.c +++ b/cipher-chachapoly.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: cipher-chachapoly.c,v 1.2 2013/11/21 02:50:00 djm Exp $ */ +/* $OpenBSD: cipher-chachapoly.c,v 1.3 2013/12/15 21:42:35 djm Exp $ */ #include "includes.h" @@ -38,20 +38,19 @@ void chachapoly_init(struct chachapoly_ctx *ctx, /* * chachapoly_crypt() operates as following: - * Copy 'aadlen' bytes (without en/decryption) from 'src' to 'dest'. - * Theses bytes are treated as additional authenticated data. - * En/Decrypt 'len' bytes at offset 'aadlen' from 'src' to 'dest'. - * Use POLY1305_TAGLEN bytes at offset 'len'+'aadlen' as the - * authentication tag. - * This tag is written on encryption and verified on decryption. - * Both 'aadlen' and 'authlen' can be set to 0. + * En/decrypt with header key 'aadlen' bytes from 'src', storing result + * to 'dest'. The ciphertext here is treated as additional authenticated + * data for MAC calculation. + * En/decrypt 'len' bytes at offset 'aadlen' from 'src' to 'dest'. Use + * POLY1305_TAGLEN bytes at offset 'len'+'aadlen' as the authentication + * tag. This tag is written on encryption and verified on decryption. */ int chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, int do_encrypt) { u_char seqbuf[8]; - u_char one[8] = { 1, 0, 0, 0, 0, 0, 0, 0 }; /* NB. little-endian */ + const u_char one[8] = { 1, 0, 0, 0, 0, 0, 0, 0 }; /* NB little-endian */ u_char expected_tag[POLY1305_TAGLEN], poly_key[POLY1305_KEYLEN]; int r = -1; @@ -76,7 +75,7 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, goto out; } /* Crypt additional data */ - if (aadlen) { + if (aadlen) { chacha_ivsetup(&ctx->header_ctx, seqbuf, NULL); chacha_encrypt_bytes(&ctx->header_ctx, src, dest, aadlen); } @@ -97,6 +96,7 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, return r; } +/* Decrypt and extract the encrypted packet length */ int chachapoly_get_length(struct chachapoly_ctx *ctx, u_int *plenp, u_int seqnr, const u_char *cp, u_int len) |