diff options
| -rw-r--r-- | src/lib/libcrypto/evp/e_chacha.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/src/lib/libcrypto/evp/e_chacha.c b/src/lib/libcrypto/evp/e_chacha.c index bc496241e6..198eaef09f 100644 --- a/src/lib/libcrypto/evp/e_chacha.c +++ b/src/lib/libcrypto/evp/e_chacha.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_chacha.c,v 1.6 2020/01/26 02:39:58 tb Exp $ */ | 1 | /* $OpenBSD: e_chacha.c,v 1.7 2020/01/26 07:34:05 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -34,7 +34,15 @@ static const EVP_CIPHER chacha20_cipher = { | |||
| 34 | .nid = NID_chacha20, | 34 | .nid = NID_chacha20, |
| 35 | .block_size = 1, | 35 | .block_size = 1, |
| 36 | .key_len = 32, | 36 | .key_len = 32, |
| 37 | .iv_len = 16, /* OpenSSL has 8 byte counter followed by 8 byte iv */ | 37 | /* |
| 38 | * The 128 bit EVP IV is split for ChaCha into four 32 bit pieces: | ||
| 39 | * counter[0] counter[1] iv[0] iv[1] | ||
| 40 | * OpenSSL exposes these as; | ||
| 41 | * openssl_iv = counter[0] iv[0] iv[1] iv[2] | ||
| 42 | * Due to the cipher internal state's symmetry, these are functionally | ||
| 43 | * equivalent. | ||
| 44 | */ | ||
| 45 | .iv_len = 16, | ||
| 38 | .flags = EVP_CIPH_STREAM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT | | 46 | .flags = EVP_CIPH_STREAM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT | |
| 39 | EVP_CIPH_CUSTOM_IV, | 47 | EVP_CIPH_CUSTOM_IV, |
| 40 | .init = chacha_init, | 48 | .init = chacha_init, |
| @@ -50,17 +58,16 @@ EVP_chacha20(void) | |||
| 50 | 58 | ||
| 51 | static int | 59 | static int |
| 52 | chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 60 | chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 53 | const unsigned char *iv, int enc) | 61 | const unsigned char *openssl_iv, int enc) |
| 54 | { | 62 | { |
| 55 | if (key != NULL) | 63 | if (key != NULL) |
| 56 | ChaCha_set_key((ChaCha_ctx *)ctx->cipher_data, key, | 64 | ChaCha_set_key((ChaCha_ctx *)ctx->cipher_data, key, |
| 57 | EVP_CIPHER_CTX_key_length(ctx) * 8); | 65 | EVP_CIPHER_CTX_key_length(ctx) * 8); |
| 58 | if (iv != NULL) { | 66 | if (openssl_iv != NULL) { |
| 59 | const unsigned char *openssl_iv = iv + 8; | 67 | const unsigned char *iv = openssl_iv + 8; |
| 60 | const unsigned char *counter = iv; | 68 | const unsigned char *counter = openssl_iv; |
| 61 | 69 | ||
| 62 | ChaCha_set_iv((ChaCha_ctx *)ctx->cipher_data, openssl_iv, | 70 | ChaCha_set_iv((ChaCha_ctx *)ctx->cipher_data, iv, counter); |
| 63 | counter); | ||
| 64 | } | 71 | } |
| 65 | return 1; | 72 | return 1; |
| 66 | } | 73 | } |