diff options
| author |   bcook <bcook@openbsd.org> | 2015-12-09 14:07:55 +0000 |
|---|---|---|
| committer | bcook <bcook@openbsd.org> | 2015-12-09 14:07:55 +0000 |
| commit | fac5bb4f638242227893433c019a8841edcb8207 (patch) | |
| tree | 83d6d993d5d7aeac187da5a25354e4819619962d /lib/libssl/src | |
| parent | add a quick test for utf-8 handling (diff) | |
| download | wireguard-openbsd-fac5bb4f638242227893433c019a8841edcb8207.tar.xz wireguard-openbsd-fac5bb4f638242227893433c019a8841edcb8207.zip | |
Change the counter argument for CRYPTO_chacha_20 to be 64-bits on all platforms.
The recently-added EVP_aead_chacha20_poly1305_ietf() function, which implements
informational RFC 7539, "ChaCha20 and Poly1305 for IETF Protocols", needs a
64-bit counter to avoid truncation on 32-bit platforms.
The existing TLS ChaCha20-Poly1305 ciphersuite is not impacted by this, but
making this change requires an ABI bump.
ok jsing@, "Looks sane" beck@
Diffstat (limited to 'lib/libssl/src')
| -rw-r--r-- | lib/libssl/src/crypto/chacha/chacha.c | 6 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/chacha/chacha.h | 5 |
2 files changed, 6 insertions, 5 deletions
diff --git a/lib/libssl/src/crypto/chacha/chacha.c b/lib/libssl/src/crypto/chacha/chacha.c index b8422306fa9..0c384ab88af 100644 --- a/lib/libssl/src/crypto/chacha/chacha.c +++ b/lib/libssl/src/crypto/chacha/chacha.c @@ -1,4 +1,4 @@ -/* $OpenBSD: chacha.c,v 1.6 2014/07/08 14:30:23 bcook Exp $ */ +/* $OpenBSD: chacha.c,v 1.7 2015/12/09 14:07:55 bcook Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -57,7 +57,7 @@ ChaCha(ChaCha_ctx *ctx, unsigned char *out, const unsigned char *in, size_t len) void CRYPTO_chacha_20(unsigned char *out, const unsigned char *in, size_t len, - const unsigned char key[32], const unsigned char iv[8], size_t counter) + const unsigned char key[32], const unsigned char iv[8], uint64_t counter) { struct chacha_ctx ctx; @@ -70,7 +70,7 @@ CRYPTO_chacha_20(unsigned char *out, const unsigned char *in, size_t len, chacha_ivsetup(&ctx, iv, NULL); if (counter != 0) { ctx.input[12] = (uint32_t)counter; - ctx.input[13] = (uint32_t)(((uint64_t)counter) >> 32); + ctx.input[13] = (uint32_t)(counter >> 32); } chacha_encrypt_bytes(&ctx, in, out, (uint32_t)len); diff --git a/lib/libssl/src/crypto/chacha/chacha.h b/lib/libssl/src/crypto/chacha/chacha.h index 8af5ef856f0..8d94e626f8c 100644 --- a/lib/libssl/src/crypto/chacha/chacha.h +++ b/lib/libssl/src/crypto/chacha/chacha.h @@ -1,4 +1,4 @@ -/* $OpenBSD: chacha.h,v 1.6 2014/07/25 14:04:51 jsing Exp $ */ +/* $OpenBSD: chacha.h,v 1.7 2015/12/09 14:07:55 bcook Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -25,6 +25,7 @@ #endif #include <stddef.h> +#include <stdint.h> #ifdef __cplusplus extern "C" { @@ -44,7 +45,7 @@ void ChaCha(ChaCha_ctx *ctx, unsigned char *out, const unsigned char *in, size_t len); void CRYPTO_chacha_20(unsigned char *out, const unsigned char *in, size_t len, - const unsigned char key[32], const unsigned char iv[8], size_t counter); + const unsigned char key[32], const unsigned char iv[8], uint64_t counter); #ifdef __cplusplus } |