Hi,
> I'm aware it doesn't affect anything because the caller shouldn't process
> more than 2^32 * 64 bytes per key/nonce setup anyway.
>
> I was just wondering because it differs from the s390 asm implementation
> (and whether there is a particular reason to do so).
Implementation is
/IBM@IBMDE
Cc: openssl-dev@openssl.org
Date: 27.04.2016 15:02
Subject: Re: [openssl-dev] [openssl.org #4512] ChaCha20_ctr32 function
increments 64 bit counter?
Hi,
> The following code in the ChaCha20_ctr32 function in
> crypto/chacha/chacha_enc.c looks like you ar
Hi,
> The following code in the ChaCha20_ctr32 function in
> crypto/chacha/chacha_enc.c looks like you are actually using an IV=[64bit
> counter||64 bit nonce] as specified in the "original Bernstein ChaCha"
> instead of IV=[32bit counter||96bit nonce] as specified in RFC7539.
Correct. While
Hello openssl team,
The following code in the ChaCha20_ctr32 function in
crypto/chacha/chacha_enc.c looks like you are actually using an IV=[64bit
counter||64 bit nonce] as specified in the "original Bernstein ChaCha"
instead of IV=[32bit counter||96bit nonce] as specified in RFC7539.
u32