cryb.to/cryb-to
1
0
Fork 0
mirror of https://github.com/cryb-to/cryb-to.git synced 2024-12-22 04:21:08 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix counter increment in Salsa and ChaCha.

Browse source 
In my eagerness to eliminate a branch which is taken once per 2^38 bytes of keystream, I forgot that the state words are in host order.  Thus, the counter increment code worked fine on little-endian machines, but not on big-endian ones.  Switch to a simpler (branchful) solution.
This commit is contained in:
Dag-Erling Smørgrav 2017-04-22 02:45:41 +02:00
parent 6e5bac8747
commit b28507b0e9
2 changed files with 4 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/cipher/cryb_chacha.c
View file

@ -137,7 +137,6 @@ size_t
chacha_encrypt(chacha_ctx *ctx, const void *vpt, uint8_t *ct, size_t len)
{
const uint8_t *pt = vpt;
uint64_t ctr;
uint32_t mix[16];
uint8_t ks[64];
unsigned int b, i;
@ -164,8 +163,8 @@ chacha_encrypt(chacha_ctx *ctx, const void *vpt, uint8_t *ct, size_t len)
for (i = 0; i < 64 && i < len; ++i)
*ct++ = *pt++ ^ ks[i];
}
ctr = le64dec(ctx->state + 12);
le64enc(ctx->state + 12, ++ctr);
if (++ctx->state[12] == 0)
++ctx->state[13];
}
return (len);
}

5
lib/cipher/cryb_salsa.c
View file

@ -137,7 +137,6 @@ size_t
salsa_encrypt(salsa_ctx *ctx, const void *vpt, uint8_t *ct, size_t len)
{
const uint8_t *pt = vpt;
uint64_t ctr;
uint32_t mix[16];
uint8_t ks[64];
unsigned int b, i;
@ -164,8 +163,8 @@ salsa_encrypt(salsa_ctx *ctx, const void *vpt, uint8_t *ct, size_t len)
for (i = 0; i < 64 && i < len; ++i)
*ct++ = *pt++ ^ ks[i];
}
ctr = le64dec(ctx->state + 12);
le64enc(ctx->state + 12, ++ctr);
if (++ctx->state[12] == 0)
++ctx->state[13];
}
return (len);
}