diff options
author | Niels Möller <nisse@lysator.liu.se> | 2020-11-30 16:18:00 +0100 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2020-11-30 16:21:48 +0100 |
commit | 905556f72afc2c7ad3b3e6719103811cc6646655 (patch) | |
tree | 4e86d9528f5edb053a1b5eeb142614b5e93ee02a | |
parent | 54a9be1e6015fab3b90e6c656b271f808cdf9750 (diff) | |
download | nettle-905556f72afc2c7ad3b3e6719103811cc6646655.tar.gz |
Fix counter bug in _chacha_crypt32_3core.
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | chacha-crypt.c | 4 |
2 files changed, 4 insertions, 3 deletions
@@ -1,5 +1,8 @@ 2020-11-30 Niels Möller <nisse@lysator.liu.se> + * chacha-crypt.c (_nettle_chacha_crypt32_3core): Fix bug in + handling of counter; this function should not propagate any carry. + * aes-internal.h: Delete name mangling of internal symbols. Update all internal references to use _nettle prefix. * camellia-internal.h: Likewise. diff --git a/chacha-crypt.c b/chacha-crypt.c index 58d0b0c2..a13898f1 100644 --- a/chacha-crypt.c +++ b/chacha-crypt.c @@ -193,7 +193,6 @@ _nettle_chacha_crypt32_3core(struct chacha_ctx *ctx, { _nettle_chacha_3core32 (x, ctx->state, CHACHA_ROUNDS); ctx->state[12] += 3; - ctx->state[13] += (ctx->state[12] < 3); if (length <= 3*CHACHA_BLOCK_SIZE) { memxor3 (dst, src, x, length); @@ -208,13 +207,12 @@ _nettle_chacha_crypt32_3core(struct chacha_ctx *ctx, if (length <= CHACHA_BLOCK_SIZE) { _nettle_chacha_core (x, ctx->state, CHACHA_ROUNDS); - ctx->state[13] += (++ctx->state[12] == 0); + ++ctx->state[12]; } else { _nettle_chacha_3core32 (x, ctx->state, CHACHA_ROUNDS); ctx->state[12] += 2; - ctx->state[13] += (ctx->state[12] < 2); } memxor3 (dst, src, x, length); } |