1 files changed, 1 insertions, 27 deletions
diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c
index 4fd92eb04e..3b29364586 100644
--- a/src/lib/libcrypto/evp/e_chacha20poly1305.c
+++ b/src/lib/libcrypto/evp/e_chacha20poly1305.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_chacha20poly1305.c,v 1.21 2019/03/27 15:34:01 jsing Exp $ */
+/* $OpenBSD: e_chacha20poly1305.c,v 1.22 2022/08/20 18:51:09 jsing Exp $ */
 /*
 * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>
@@ -124,21 +124,8 @@ aead_chacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, unsigned char *out,
        unsigned char poly1305_key[32];
        poly1305_state poly1305;
        const unsigned char *iv;
-        const uint64_t in_len_64 = in_len;
        uint64_t ctr;
-        /* The underlying ChaCha implementation may not overflow the block
-         * counter into the second counter word. Therefore we disallow
-         * individual operations that work on more than 2TB at a time.
-         * in_len_64 is needed because, on 32-bit platforms, size_t is only
-         * 32-bits and this produces a warning because it's always false.
-         * Casting to uint64_t inside the conditional is not sufficient to stop
-         * the warning. */
-        if (in_len_64 >= (1ULL << 32) * 64 - 64) {
-                EVPerror(EVP_R_TOO_LARGE);
-                return 0;
-        }
        if (max_out_len < in_len + c20_ctx->tag_len) {
                EVPerror(EVP_R_BUFFER_TOO_SMALL);
                return 0;
@@ -188,7 +175,6 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
        unsigned char poly1305_key[32];
        const unsigned char *iv = nonce;
        poly1305_state poly1305;
-        const uint64_t in_len_64 = in_len;
        size_t plaintext_len;
        uint64_t ctr = 0;
@@ -197,18 +183,6 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
                return 0;
        }
-        /* The underlying ChaCha implementation may not overflow the block
-         * counter into the second counter word. Therefore we disallow
-         * individual operations that work on more than 2TB at a time.
-         * in_len_64 is needed because, on 32-bit platforms, size_t is only
-         * 32-bits and this produces a warning because it's always false.
-         * Casting to uint64_t inside the conditional is not sufficient to stop
-         * the warning. */
-        if (in_len_64 >= (1ULL << 32) * 64 - 64) {
-                EVPerror(EVP_R_TOO_LARGE);
-                return 0;
-        }
        if (nonce_len != ctx->aead->nonce_len) {
                EVPerror(EVP_R_IV_TOO_LARGE);
                return 0;

diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c index 4fd92eb04e..3b29364586 100644 --- a/src/lib/libcrypto/evp/e_chacha20poly1305.c +++ b/src/lib/libcrypto/evp/e_chacha20poly1305.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: e_chacha20poly1305.c,v 1.21 2019/03/27 15:34:01 jsing Exp $ */	1	/* $OpenBSD: e_chacha20poly1305.c,v 1.22 2022/08/20 18:51:09 jsing Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>	4	* Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>
@@ -124,21 +124,8 @@ aead_chacha20_poly1305_seal(const EVP_AEAD_CTX ctx, unsigned char out,
124	unsigned char poly1305_key[32];	124	unsigned char poly1305_key[32];
125	poly1305_state poly1305;	125	poly1305_state poly1305;
126	const unsigned char *iv;	126	const unsigned char *iv;
127	const uint64_t in_len_64 = in_len;
128	uint64_t ctr;	127	uint64_t ctr;
129		128
130	/* The underlying ChaCha implementation may not overflow the block
131	* counter into the second counter word. Therefore we disallow
132	* individual operations that work on more than 2TB at a time.
133	* in_len_64 is needed because, on 32-bit platforms, size_t is only
134	* 32-bits and this produces a warning because it's always false.
135	* Casting to uint64_t inside the conditional is not sufficient to stop
136	* the warning. */
137	if (in_len_64 >= (1ULL << 32) * 64 - 64) {
138	EVPerror(EVP_R_TOO_LARGE);
139	return 0;
140	}
141
142	if (max_out_len < in_len + c20_ctx->tag_len) {	129	if (max_out_len < in_len + c20_ctx->tag_len) {
143	EVPerror(EVP_R_BUFFER_TOO_SMALL);	130	EVPerror(EVP_R_BUFFER_TOO_SMALL);
144	return 0;	131	return 0;
@@ -188,7 +175,6 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX ctx, unsigned char out,
188	unsigned char poly1305_key[32];	175	unsigned char poly1305_key[32];
189	const unsigned char *iv = nonce;	176	const unsigned char *iv = nonce;
190	poly1305_state poly1305;	177	poly1305_state poly1305;
191	const uint64_t in_len_64 = in_len;
192	size_t plaintext_len;	178	size_t plaintext_len;
193	uint64_t ctr = 0;	179	uint64_t ctr = 0;
194		180
@@ -197,18 +183,6 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX ctx, unsigned char out,
197	return 0;	183	return 0;
198	}	184	}
199		185
200	/* The underlying ChaCha implementation may not overflow the block
201	* counter into the second counter word. Therefore we disallow
202	* individual operations that work on more than 2TB at a time.
203	* in_len_64 is needed because, on 32-bit platforms, size_t is only
204	* 32-bits and this produces a warning because it's always false.
205	* Casting to uint64_t inside the conditional is not sufficient to stop
206	* the warning. */
207	if (in_len_64 >= (1ULL << 32) * 64 - 64) {
208	EVPerror(EVP_R_TOO_LARGE);
209	return 0;
210	}
211
212	if (nonce_len != ctx->aead->nonce_len) {	186	if (nonce_len != ctx->aead->nonce_len) {
213	EVPerror(EVP_R_IV_TOO_LARGE);	187	EVPerror(EVP_R_IV_TOO_LARGE);
214	return 0;	188	return 0;