summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortb <>2020-01-26 07:34:05 +0000
committertb <>2020-01-26 07:34:05 +0000
commitca925163abb997be0da93a3a05d78a17b823ccc1 (patch)
tree4c0397f16bad9c539c3866a009a4185105839c66
parent1b26de44d271b3f7f83a642504512a3bcf349f8b (diff)
downloadopenbsd-ca925163abb997be0da93a3a05d78a17b823ccc1.tar.gz
openbsd-ca925163abb997be0da93a3a05d78a17b823ccc1.tar.bz2
openbsd-ca925163abb997be0da93a3a05d78a17b823ccc1.zip
Improve the comment explaining why the previous change matches OpenSSL's
behavior. ok jsing
Diffstat
-rw-r--r--src/lib/libcrypto/evp/e_chacha.c23
1 files changed, 15 insertions, 8 deletions
diff --git a/src/lib/libcrypto/evp/e_chacha.c b/src/lib/libcrypto/evp/e_chacha.c
index bc496241e6..198eaef09f 100644
--- a/src/lib/libcrypto/evp/e_chacha.c
+++ b/src/lib/libcrypto/evp/e_chacha.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_chacha.c,v 1.6 2020/01/26 02:39:58 tb Exp $ */ 1/* $OpenBSD: e_chacha.c,v 1.7 2020/01/26 07:34:05 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -34,7 +34,15 @@ static const EVP_CIPHER chacha20_cipher = {
34 .nid = NID_chacha20, 34 .nid = NID_chacha20,
35 .block_size = 1, 35 .block_size = 1,
36 .key_len = 32, 36 .key_len = 32,
37 .iv_len = 16, /* OpenSSL has 8 byte counter followed by 8 byte iv */ 37 /*
38 * The 128 bit EVP IV is split for ChaCha into four 32 bit pieces:
39 * counter[0] counter[1] iv[0] iv[1]
40 * OpenSSL exposes these as;
41 * openssl_iv = counter[0] iv[0] iv[1] iv[2]
42 * Due to the cipher internal state's symmetry, these are functionally
43 * equivalent.
44 */
45 .iv_len = 16,
38 .flags = EVP_CIPH_STREAM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT | 46 .flags = EVP_CIPH_STREAM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT |
39 EVP_CIPH_CUSTOM_IV, 47 EVP_CIPH_CUSTOM_IV,
40 .init = chacha_init, 48 .init = chacha_init,
@@ -50,17 +58,16 @@ EVP_chacha20(void)
50 58
51static int 59static int
52chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, 60chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
53 const unsigned char *iv, int enc) 61 const unsigned char *openssl_iv, int enc)
54{ 62{
55 if (key != NULL) 63 if (key != NULL)
56 ChaCha_set_key((ChaCha_ctx *)ctx->cipher_data, key, 64 ChaCha_set_key((ChaCha_ctx *)ctx->cipher_data, key,
57 EVP_CIPHER_CTX_key_length(ctx) * 8); 65 EVP_CIPHER_CTX_key_length(ctx) * 8);
58 if (iv != NULL) { 66 if (openssl_iv != NULL) {
59 const unsigned char *openssl_iv = iv + 8; 67 const unsigned char *iv = openssl_iv + 8;
60 const unsigned char *counter = iv; 68 const unsigned char *counter = openssl_iv;
61 69
62 ChaCha_set_iv((ChaCha_ctx *)ctx->cipher_data, openssl_iv, 70 ChaCha_set_iv((ChaCha_ctx *)ctx->cipher_data, iv, counter);
63 counter);
64 } 71 }
65 return 1; 72 return 1;
66} 73}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 06:48:20 +0000