drop 128-bit keys from ChaCha implementation
This commit is contained in:
Daniel Micay
parent
b52d9ca831
commit
433af6d4ba
27
chacha.c
27
chacha.c
|
|
@ -41,30 +41,21 @@ Public domain.
|
|||
c = PLUS(c,d); b = ROTATE(XOR(b,c), 7);
|
||||
|
||||
static const char sigma[16] = "expand 32-byte k";
|
||||
static const char tau[16] = "expand 16-byte k";
|
||||
|
||||
void chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits)
|
||||
void chacha_keysetup(chacha_ctx *x,const u8 *k)
|
||||
{
|
||||
const char *constants;
|
||||
|
||||
x->input[0] = U8TO32_LITTLE(sigma + 0);
|
||||
x->input[1] = U8TO32_LITTLE(sigma + 4);
|
||||
x->input[2] = U8TO32_LITTLE(sigma + 8);
|
||||
x->input[3] = U8TO32_LITTLE(sigma + 12);
|
||||
x->input[4] = U8TO32_LITTLE(k + 0);
|
||||
x->input[5] = U8TO32_LITTLE(k + 4);
|
||||
x->input[6] = U8TO32_LITTLE(k + 8);
|
||||
x->input[7] = U8TO32_LITTLE(k + 12);
|
||||
if (kbits == 256) { /* recommended */
|
||||
k += 16;
|
||||
constants = sigma;
|
||||
} else { /* kbits == 128 */
|
||||
constants = tau;
|
||||
}
|
||||
x->input[8] = U8TO32_LITTLE(k + 0);
|
||||
x->input[9] = U8TO32_LITTLE(k + 4);
|
||||
x->input[10] = U8TO32_LITTLE(k + 8);
|
||||
x->input[11] = U8TO32_LITTLE(k + 12);
|
||||
x->input[0] = U8TO32_LITTLE(constants + 0);
|
||||
x->input[1] = U8TO32_LITTLE(constants + 4);
|
||||
x->input[2] = U8TO32_LITTLE(constants + 8);
|
||||
x->input[3] = U8TO32_LITTLE(constants + 12);
|
||||
x->input[8] = U8TO32_LITTLE(k + 16);
|
||||
x->input[9] = U8TO32_LITTLE(k + 20);
|
||||
x->input[10] = U8TO32_LITTLE(k + 24);
|
||||
x->input[11] = U8TO32_LITTLE(k + 28);
|
||||
}
|
||||
|
||||
void chacha_ivsetup(chacha_ctx *x,const u8 *iv)
|
||||
|
|
|
|||
5
chacha.h
5
chacha.h
|
|
@ -3,6 +3,9 @@
|
|||
|
||||
#include <stdint.h>
|
||||
|
||||
#define CHACHA_KEY_SIZE 32
|
||||
#define CHACHA_IV_SIZE 8
|
||||
|
||||
typedef uint8_t u8;
|
||||
typedef uint32_t u32;
|
||||
|
||||
|
|
@ -11,7 +14,7 @@ typedef struct
|
|||
u32 input[16];
|
||||
} chacha_ctx;
|
||||
|
||||
void chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits);
|
||||
void chacha_keysetup(chacha_ctx *x,const u8 *k);
|
||||
void chacha_ivsetup(chacha_ctx *x,const u8 *iv);
|
||||
void chacha_keystream_bytes(chacha_ctx *x,u8 *c,u32 bytes);
|
||||
|
||||
|
|
|
|||
9
random.c
9
random.c
|
|
@ -35,14 +35,11 @@ static void get_random_seed(void *buf, size_t size) {
|
|||
}
|
||||
}
|
||||
|
||||
#define KEY_SIZE 32
|
||||
#define IV_SIZE 8
|
||||
|
||||
void random_state_init(struct random_state *state) {
|
||||
uint8_t rnd[KEY_SIZE + IV_SIZE];
|
||||
uint8_t rnd[CHACHA_KEY_SIZE + CHACHA_IV_SIZE];
|
||||
get_random_seed(rnd, sizeof(rnd));
|
||||
chacha_keysetup(&state->ctx, rnd, KEY_SIZE * 8);
|
||||
chacha_ivsetup(&state->ctx, rnd + KEY_SIZE);
|
||||
chacha_keysetup(&state->ctx, rnd);
|
||||
chacha_ivsetup(&state->ctx, rnd + CHACHA_KEY_SIZE);
|
||||
chacha_keystream_bytes(&state->ctx, state->cache, RANDOM_CACHE_SIZE);
|
||||
state->index = 0;
|
||||
state->reseed = 0;
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user