From bfaf1d324d5a3db0361b42901d7945ab360f8620 Mon Sep 17 00:00:00 2001 From: Brandon Hamilton Date: Sun, 9 Oct 2016 22:26:37 +0200 Subject: [PATCH] Correct XSalsa20 initialization when using 8/12 rounds --- cbits/cryptonite_xsalsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cbits/cryptonite_xsalsa.c b/cbits/cryptonite_xsalsa.c index f5aa33a..6718cd7 100644 --- a/cbits/cryptonite_xsalsa.c +++ b/cbits/cryptonite_xsalsa.c @@ -57,7 +57,7 @@ void cryptonite_xsalsa_init(cryptonite_salsa_context *ctx, uint8_t nb_rounds, /* Compute (z0, z1, . . . , z15) = doubleround ^(r/2) (x0, x1, . . . , x15) */ block hSalsa; memset(&hSalsa, 0, sizeof(block)); - cryptonite_salsa_core_xor(20, &hSalsa, &ctx->st); + cryptonite_salsa_core_xor(nb_rounds, &hSalsa, &ctx->st); /* Build a new 512-bit input block (x′0, x′1, . . . , x′15): (x′0, x′5, x′10, x′15) is the Salsa20 constant