mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-13 19:18:56 +00:00
fix chacha20poly1305 issues
This commit is contained in:
parent
d6d7919c87
commit
1ae459912f
@ -1,6 +1,7 @@
|
||||
#ifndef CHACHA20POLY1305_H
|
||||
#define CHACHA20POLY1305_H
|
||||
|
||||
#include <stdint.h>
|
||||
#include "ecrypt-sync.h"
|
||||
#include "poly1305-donna.h"
|
||||
|
||||
|
@ -27,6 +27,7 @@ static const char tau[16] = "expand 16-byte k";
|
||||
|
||||
void ECRYPT_keysetup(ECRYPT_ctx *x,const u8 *k,u32 kbits,u32 ivbits)
|
||||
{
|
||||
(void)ivbits;
|
||||
const char *constants;
|
||||
|
||||
x->input[4] = U8TO32_LITTLE(k + 0);
|
||||
@ -61,7 +62,7 @@ void ECRYPT_encrypt_bytes(ECRYPT_ctx *x,const u8 *m,u8 *c,u32 bytes)
|
||||
{
|
||||
u32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
|
||||
u32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15;
|
||||
u8 *ctarget;
|
||||
u8 *ctarget = 0;
|
||||
u8 tmp[64];
|
||||
int i;
|
||||
|
||||
@ -86,7 +87,7 @@ void ECRYPT_encrypt_bytes(ECRYPT_ctx *x,const u8 *m,u8 *c,u32 bytes)
|
||||
|
||||
for (;;) {
|
||||
if (bytes < 64) {
|
||||
for (i = 0;i < bytes;++i) tmp[i] = m[i];
|
||||
for (i = 0;i < (int)bytes;++i) tmp[i] = m[i];
|
||||
m = tmp;
|
||||
ctarget = c;
|
||||
c = tmp;
|
||||
@ -176,7 +177,7 @@ void ECRYPT_encrypt_bytes(ECRYPT_ctx *x,const u8 *m,u8 *c,u32 bytes)
|
||||
|
||||
if (bytes <= 64) {
|
||||
if (bytes < 64) {
|
||||
for (i = 0;i < bytes;++i) ctarget[i] = c[i];
|
||||
for (i = 0;i < (int)bytes;++i) ctarget[i] = c[i];
|
||||
}
|
||||
x->input[12] = j12;
|
||||
x->input[13] = j13;
|
||||
|
@ -73,7 +73,7 @@ typedef struct
|
||||
* called once when the program starts (e.g., to build expanded S-box
|
||||
* tables).
|
||||
*/
|
||||
void ECRYPT_init();
|
||||
void ECRYPT_init(void);
|
||||
|
||||
/*
|
||||
* Key setup. It is the user's responsibility to select the values of
|
||||
|
@ -1,27 +1,5 @@
|
||||
#include "poly1305-donna.h"
|
||||
|
||||
#if defined(POLY1305_8BIT)
|
||||
#include "poly1305-donna-8.h"
|
||||
#elif defined(POLY1305_16BIT)
|
||||
#include "poly1305-donna-16.h"
|
||||
#elif defined(POLY1305_32BIT)
|
||||
#include "poly1305-donna-32.h"
|
||||
#elif defined(POLY1305_64BIT)
|
||||
#include "poly1305-donna-64.h"
|
||||
#else
|
||||
|
||||
/* auto detect between 32bit / 64bit */
|
||||
#define HAS_SIZEOF_INT128_64BIT (defined(__SIZEOF_INT128__) && defined(__LP64__))
|
||||
#define HAS_MSVC_64BIT (defined(_MSC_VER) && defined(_M_X64))
|
||||
#define HAS_GCC_4_4_64BIT (defined(__GNUC__) && defined(__LP64__) && ((__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4))))
|
||||
|
||||
#if (HAS_SIZEOF_INT128_64BIT || HAS_MSVC_64BIT || HAS_GCC_4_4_64BIT)
|
||||
#include "poly1305-donna-64.h"
|
||||
#else
|
||||
#include "poly1305-donna-32.h"
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
void
|
||||
poly1305_update(poly1305_context *ctx, const unsigned char *m, size_t bytes) {
|
||||
|
@ -1,6 +1,7 @@
|
||||
// Implementation of the ChaCha20 + Poly1305 AEAD construction
|
||||
// as described in RFC 7539.
|
||||
|
||||
#include <string.h>
|
||||
#include "rfc7539.h"
|
||||
|
||||
// Initialize the ChaCha20 + Poly1305 context for encryption or decryption
|
||||
@ -33,8 +34,8 @@ void rfc7539_finish(chacha20poly1305_ctx *ctx, int64_t alen, int64_t plen, uint8
|
||||
uint8_t padding[16] = {0};
|
||||
uint8_t lengths[16] = {0};
|
||||
|
||||
U64TO8_LITTLE(lengths + 0, alen);
|
||||
U64TO8_LITTLE(lengths + 8, plen);
|
||||
memcpy(lengths, &alen, sizeof(int64_t));
|
||||
memcpy(lengths + 8, &plen, sizeof(int64_t));
|
||||
|
||||
poly1305_update(&ctx->poly1305, padding, 16 - plen%16);
|
||||
poly1305_update(&ctx->poly1305, lengths, 16);
|
||||
|
Loading…
Reference in New Issue
Block a user