summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/evp/e_chacha20poly1305.c8
-rw-r--r--src/lib/libssl/src/crypto/evp/e_chacha20poly1305.c8
2 files changed, 8 insertions, 8 deletions
diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c
index 2eb9ab8c0e..f512837c32 100644
--- a/src/lib/libcrypto/evp/e_chacha20poly1305.c
+++ b/src/lib/libcrypto/evp/e_chacha20poly1305.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_chacha20poly1305.c,v 1.12 2015/11/02 15:43:55 reyk Exp $ */ 1/* $OpenBSD: e_chacha20poly1305.c,v 1.13 2016/04/13 13:25:05 jsing Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org> 4 * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>
@@ -209,11 +209,11 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
209 const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state; 209 const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
210 unsigned char mac[POLY1305_TAG_LEN]; 210 unsigned char mac[POLY1305_TAG_LEN];
211 unsigned char poly1305_key[32]; 211 unsigned char poly1305_key[32];
212 const unsigned char *iv; 212 const unsigned char *iv = nonce;
213 poly1305_state poly1305; 213 poly1305_state poly1305;
214 const uint64_t in_len_64 = in_len; 214 const uint64_t in_len_64 = in_len;
215 size_t plaintext_len; 215 size_t plaintext_len;
216 uint64_t ctr; 216 uint64_t ctr = 0;
217 217
218 if (in_len < c20_ctx->tag_len) { 218 if (in_len < c20_ctx->tag_len) {
219 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT); 219 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT);
@@ -280,7 +280,7 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
280 return 0; 280 return 0;
281 } 281 }
282 282
283 CRYPTO_chacha_20(out, in, plaintext_len, c20_ctx->key, nonce, 1); 283 CRYPTO_chacha_20(out, in, plaintext_len, c20_ctx->key, iv, ctr + 1);
284 *out_len = plaintext_len; 284 *out_len = plaintext_len;
285 return 1; 285 return 1;
286} 286}
diff --git a/src/lib/libssl/src/crypto/evp/e_chacha20poly1305.c b/src/lib/libssl/src/crypto/evp/e_chacha20poly1305.c
index 2eb9ab8c0e..f512837c32 100644
--- a/src/lib/libssl/src/crypto/evp/e_chacha20poly1305.c
+++ b/src/lib/libssl/src/crypto/evp/e_chacha20poly1305.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_chacha20poly1305.c,v 1.12 2015/11/02 15:43:55 reyk Exp $ */ 1/* $OpenBSD: e_chacha20poly1305.c,v 1.13 2016/04/13 13:25:05 jsing Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org> 4 * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>
@@ -209,11 +209,11 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
209 const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state; 209 const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
210 unsigned char mac[POLY1305_TAG_LEN]; 210 unsigned char mac[POLY1305_TAG_LEN];
211 unsigned char poly1305_key[32]; 211 unsigned char poly1305_key[32];
212 const unsigned char *iv; 212 const unsigned char *iv = nonce;
213 poly1305_state poly1305; 213 poly1305_state poly1305;
214 const uint64_t in_len_64 = in_len; 214 const uint64_t in_len_64 = in_len;
215 size_t plaintext_len; 215 size_t plaintext_len;
216 uint64_t ctr; 216 uint64_t ctr = 0;
217 217
218 if (in_len < c20_ctx->tag_len) { 218 if (in_len < c20_ctx->tag_len) {
219 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT); 219 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT);
@@ -280,7 +280,7 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
280 return 0; 280 return 0;
281 } 281 }
282 282
283 CRYPTO_chacha_20(out, in, plaintext_len, c20_ctx->key, nonce, 1); 283 CRYPTO_chacha_20(out, in, plaintext_len, c20_ctx->key, iv, ctr + 1);
284 *out_len = plaintext_len; 284 *out_len = plaintext_len;
285 return 1; 285 return 1;
286} 286}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 19:46:38 +0000