The branch master has been updated
via 66bceb5f19d8a1c4436138e6c9e66f25fa0f75d4 (commit)
from b1ffe8dbeef2e233707a78847494769cbe305821 (commit)
- Log -----------------------------------------------------------------
commit 66bceb5f19d8a1c4436138e6c9e66f25fa0f75d4
Author: Andy Polyakov <[email protected]>
Date: Wed Apr 27 15:07:32 2016 +0200
chacha/chacha_enc.c: harmonize counter width with subroutine name.
_ctr32 in function name refers to 32-bit counter, but it was implementing
64-bit one. This didn't pose problem to EVP, but 64-bit counter was just
misleading.
RT#4512
Reviewed-by: Richard Levitte <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
crypto/chacha/chacha_enc.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/crypto/chacha/chacha_enc.c b/crypto/chacha/chacha_enc.c
index 13720d0..239f68a 100644
--- a/crypto/chacha/chacha_enc.c
+++ b/crypto/chacha/chacha_enc.c
@@ -110,8 +110,12 @@ void ChaCha20_ctr32(unsigned char *out, const unsigned
char *inp,
inp += todo;
len -= todo;
- /* advance counter */
- if (++input[12] == 0)
- input[13]++;
+ /*
+ * Advance 32-bit counter. Note that as subroutine is so to
+ * say nonce-agnostic, this limited counter width doesn't
+ * prevent caller from implementing wider counter. It would
+ * simply take two calls split on counter overflow...
+ */
+ input[12]++;
}
}
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
