feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

revert size of ChaCha structure and delay counter increment

Browse Source
This commit is contained in:
Jacob Barthelmeh
2020-01-09 11:37:01 -07:00
parent a1944c477a
commit 1538e631a8
2 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
wolfcrypt/src/chacha.c
View File

@ -262,32 +262,45 @@ static void wc_Chacha_encrypt_bytes(ChaCha* ctx, const byte* m, byte* c,
word32 bytes) word32 bytes)
{ {
byte* output; byte* output;
word32 temp[CHACHA_CHUNK_WORDS]; /* used to make sure aligned */
word32 i; word32 i;
output = (byte*)temp;
/* handle left overs */ /* handle left overs */
if (ctx->left > 0) { if (ctx->left > 0) {
output = (byte*)ctx->tmp + CHACHA_CHUNK_BYTES - ctx->left; wc_Chacha_wordtobyte(temp, ctx->X); /* recreate the stream */
output = (byte*)temp + CHACHA_CHUNK_BYTES - ctx->left;
for (i = 0; i < bytes && i < ctx->left; i++) { for (i = 0; i < bytes && i < ctx->left; i++) {
c[i] = m[i] ^ output[i]; c[i] = m[i] ^ output[i];
} }
ctx->left = ctx->left - i; ctx->left = ctx->left - i;
/* Used up all of the stream that was left, increment the counter */
if (ctx->left == 0) {
ctx->X[CHACHA_IV_BYTES] = PLUSONE(ctx->X[CHACHA_IV_BYTES]);
}
bytes = bytes - i; bytes = bytes - i;
c += i; c += i;
m += i; m += i;
output = (byte*)temp;
} }
output = (byte*)ctx->tmp;
for (; bytes > 0;) { for (; bytes > 0;) {
wc_Chacha_wordtobyte(ctx->tmp, ctx->X); wc_Chacha_wordtobyte(temp, ctx->X);
ctx->X[CHACHA_IV_BYTES] = PLUSONE(ctx->X[CHACHA_IV_BYTES]);
if (bytes <= CHACHA_CHUNK_BYTES) { if (bytes <= CHACHA_CHUNK_BYTES) {
for (i = 0; i < bytes; ++i) { for (i = 0; i < bytes; ++i) {
c[i] = m[i] ^ output[i]; c[i] = m[i] ^ output[i];
} }
ctx->left = CHACHA_CHUNK_BYTES - i; ctx->left = CHACHA_CHUNK_BYTES - i;
/* increment the counter if no more bytes are left */
if (ctx->left == 0) {
ctx->X[CHACHA_IV_BYTES] = PLUSONE(ctx->X[CHACHA_IV_BYTES]);
}
return; return;
} }
ctx->X[CHACHA_IV_BYTES] = PLUSONE(ctx->X[CHACHA_IV_BYTES]);
for (i = 0; i < CHACHA_CHUNK_BYTES; ++i) { for (i = 0; i < CHACHA_CHUNK_BYTES; ++i) {
c[i] = m[i] ^ output[i]; c[i] = m[i] ^ output[i];
} }

1
wolfssl/wolfcrypt/chacha.h
View File

@ -57,7 +57,6 @@ enum {
typedef struct ChaCha { typedef struct ChaCha {
word32 X[CHACHA_CHUNK_WORDS]; /* state of cipher */ word32 X[CHACHA_CHUNK_WORDS]; /* state of cipher */
word32 tmp[CHACHA_CHUNK_WORDS]; /* left over stream */
word32 left; /* number of bytes leftover */ word32 left; /* number of bytes leftover */
#ifdef HAVE_INTEL_AVX1 #ifdef HAVE_INTEL_AVX1
/* vpshufd reads 16 bytes but we only use bottom 4. */ /* vpshufd reads 16 bytes but we only use bottom 4. */