diff options
author | Damien Miller <djm@mindrot.org> | 2014-07-04 08:59:01 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-07-04 08:59:01 +1000 |
commit | d2c3cd5f2e47ee24cf7093ce8e948c2e79dfc3fd (patch) | |
tree | 17ee8213cb6ac7b5f7468701141d0ce0d5b2b15b | |
parent | 686feb560ec43a06ba04da82b50f3c183c947309 (diff) |
- jsing@cvs.openbsd.org 2014/07/03 12:42:16
[cipher-chachapoly.c]
Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this
makes it easier to verify that chacha_encrypt_bytes() is only called once
per chacha_ivsetup() call.
ok djm@
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | cipher-chachapoly.c | 8 |
2 files changed, 15 insertions, 3 deletions
@@ -1,3 +1,13 @@ +20140704 + - OpenBSD CVS Sync + - jsing@cvs.openbsd.org 2014/07/03 12:42:16 + [cipher-chachapoly.c] + Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this + makes it easier to verify that chacha_encrypt_bytes() is only called once + per chacha_ivsetup() call. + ok djm@ + + 20140703 - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto doesn't support it. diff --git a/cipher-chachapoly.c b/cipher-chachapoly.c index 0caccd29..8665b41a 100644 --- a/cipher-chachapoly.c +++ b/cipher-chachapoly.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: cipher-chachapoly.c,v 1.5 2014/06/24 01:13:21 djm Exp $ */ +/* $OpenBSD: cipher-chachapoly.c,v 1.6 2014/07/03 12:42:16 jsing Exp $ */ #include "includes.h" @@ -65,8 +65,6 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, chacha_ivsetup(&ctx->main_ctx, seqbuf, NULL); chacha_encrypt_bytes(&ctx->main_ctx, poly_key, poly_key, sizeof(poly_key)); - /* Set Chacha's block counter to 1 */ - chacha_ivsetup(&ctx->main_ctx, seqbuf, one); /* If decrypting, check tag before anything else */ if (!do_encrypt) { @@ -78,11 +76,15 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, goto out; } } + /* Crypt additional data */ if (aadlen) { chacha_ivsetup(&ctx->header_ctx, seqbuf, NULL); chacha_encrypt_bytes(&ctx->header_ctx, src, dest, aadlen); } + + /* Set Chacha's block counter to 1 */ + chacha_ivsetup(&ctx->main_ctx, seqbuf, one); chacha_encrypt_bytes(&ctx->main_ctx, src + aadlen, dest + aadlen, len); |