add basic support for unaligned key/iv in chacha. barely tested
This commit is contained in:
Vincent Hanquez
parent
12e5eca4ea
commit
12a26c14c4
@ -32,6 +32,7 @@
|
||||
#include <string.h>
|
||||
#include "cryptonite_chacha.h"
|
||||
#include "cryptonite_bitfn.h"
|
||||
#include "cryptonite_align.h"
|
||||
#include <stdio.h>
|
||||
|
||||
#define QR(a,b,c,d) \
|
||||
@ -46,11 +47,6 @@
|
||||
static const uint8_t sigma[16] = "expand 32-byte k";
|
||||
static const uint8_t tau[16] = "expand 16-byte k";
|
||||
|
||||
static inline uint32_t load32(const uint8_t *p)
|
||||
{
|
||||
return le32_to_cpu(*((uint32_t *) p));
|
||||
}
|
||||
|
||||
static void chacha_core(int rounds, block *out, const cryptonite_chacha_state *in)
|
||||
{
|
||||
uint32_t x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
|
||||
@ -104,33 +100,35 @@ void cryptonite_chacha_init_core(cryptonite_chacha_state *st,
|
||||
const uint8_t *constants = (keylen == 32) ? sigma : tau;
|
||||
int i;
|
||||
|
||||
st->d[0] = load32(constants + 0);
|
||||
st->d[1] = load32(constants + 4);
|
||||
st->d[2] = load32(constants + 8);
|
||||
st->d[3] = load32(constants + 12);
|
||||
ASSERT_ALIGNMENT(constants, 4);
|
||||
|
||||
st->d[4] = load32(key + 0);
|
||||
st->d[5] = load32(key + 4);
|
||||
st->d[6] = load32(key + 8);
|
||||
st->d[7] = load32(key + 12);
|
||||
st->d[0] = load_le32_aligned(constants + 0);
|
||||
st->d[1] = load_le32_aligned(constants + 4);
|
||||
st->d[2] = load_le32_aligned(constants + 8);
|
||||
st->d[3] = load_le32_aligned(constants + 12);
|
||||
|
||||
st->d[4] = load_le32(key + 0);
|
||||
st->d[5] = load_le32(key + 4);
|
||||
st->d[6] = load_le32(key + 8);
|
||||
st->d[7] = load_le32(key + 12);
|
||||
/* we repeat the key on 128 bits */
|
||||
if (keylen == 32)
|
||||
key += 16;
|
||||
st->d[8] = load32(key + 0);
|
||||
st->d[9] = load32(key + 4);
|
||||
st->d[10] = load32(key + 8);
|
||||
st->d[11] = load32(key + 12);
|
||||
st->d[8] = load_le32(key + 0);
|
||||
st->d[9] = load_le32(key + 4);
|
||||
st->d[10] = load_le32(key + 8);
|
||||
st->d[11] = load_le32(key + 12);
|
||||
st->d[12] = 0;
|
||||
switch (ivlen) {
|
||||
case 8:
|
||||
st->d[13] = 0;
|
||||
st->d[14] = load32(iv + 0);
|
||||
st->d[15] = load32(iv + 4);
|
||||
st->d[14] = load_le32(iv + 0);
|
||||
st->d[15] = load_le32(iv + 4);
|
||||
break;
|
||||
case 12:
|
||||
st->d[13] = load32(iv + 0);
|
||||
st->d[14] = load32(iv + 4);
|
||||
st->d[15] = load32(iv + 8);
|
||||
st->d[13] = load_le32(iv + 0);
|
||||
st->d[14] = load_le32(iv + 4);
|
||||
st->d[15] = load_le32(iv + 8);
|
||||
default:
|
||||
return;
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user