changeset 1705:5b701bf529aa

Fix ChaCha20 on 32-bit platforms (#99) * Fix ChaCha20 on 32-bit platforms On 32-bit platforms with old compiler STORE64H() parameter is not auto-expanded to 64-bit value, causing wrong IV data. Spotted on BCM4706 MIPS32r2 with GCC 4.2.4: Exit before auth: Integrity error (bad packet size 2065808956) * Fix Chacha20-Poly1305 and AES-GCM debug messages Functions were renamed earlier and trace messages - not.
author Vladislav Grishenko <themiron@users.noreply.github.com>
date Fri, 29 May 2020 18:26:22 +0500
parents d384bc2e5af3
children 3f80da5fe0b4
files chachapoly.c gcm.c
diffstat 2 files changed, 6 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/chachapoly.c	Thu May 28 23:26:34 2020 +0800
+++ b/chachapoly.c	Fri May 29 18:26:22 2020 +0500
@@ -82,7 +82,7 @@
 		return CRYPT_ERROR;
 	}
 
-	STORE64H(seq, seqbuf);
+	STORE64H((uint64_t)seq, seqbuf);
 	chacha_ivctr64(&state->chacha, seqbuf, sizeof(seqbuf), 0);
 	if ((err = chacha_keystream(&state->chacha, key, sizeof(key))) != CRYPT_OK) {
 		return err;
@@ -122,13 +122,13 @@
 	unsigned char seqbuf[8], buf[4];
 	int err;
 
-	TRACE2(("enter dropbear_chachapoly_parse"))
+	TRACE2(("enter dropbear_chachapoly_getlength"))
 
 	if (len < sizeof(buf)) {
 		return CRYPT_ERROR;
 	}
 
-	STORE64H(seq, seqbuf);
+	STORE64H((uint64_t)seq, seqbuf);
 	chacha_ivctr64(&state->header, seqbuf, sizeof(seqbuf), 0);
 	if ((err = chacha_crypt(&state->header, in, sizeof(buf), buf)) != CRYPT_OK) {
 		return err;
@@ -136,7 +136,7 @@
 
 	LOAD32H(*outlen, buf);
 
-	TRACE2(("leave dropbear_chachapoly_parse"))
+	TRACE2(("leave dropbear_chachapoly_getlength"))
 	return CRYPT_OK;
 }
 
--- a/gcm.c	Thu May 28 23:26:34 2020 +0800
+++ b/gcm.c	Fri May 29 18:26:22 2020 +0500
@@ -100,7 +100,7 @@
 static int dropbear_gcm_getlength(unsigned int UNUSED(seq),
 			const unsigned char *in, unsigned int *outlen,
 			unsigned long len, dropbear_gcm_state* UNUSED(state)) {
-	TRACE2(("enter dropbear_gcm_parse"))
+	TRACE2(("enter dropbear_gcm_getlength"))
 
 	if (len < 4) {
 		return CRYPT_ERROR;
@@ -108,7 +108,7 @@
 
 	LOAD32H(*outlen, in);
 
-	TRACE2(("leave dropbear_gcm_parse"))
+	TRACE2(("leave dropbear_gcm_getlength"))
 	return CRYPT_OK;
 }