[openssl-commits] [openssl] master update

Andy Polyakov appro at openssl.org
Fri Jun 3 08:24:13 UTC 2016


The branch master has been updated
       via  66bceb5f19d8a1c4436138e6c9e66f25fa0f75d4 (commit)
      from  b1ffe8dbeef2e233707a78847494769cbe305821 (commit)


- Log -----------------------------------------------------------------
commit 66bceb5f19d8a1c4436138e6c9e66f25fa0f75d4
Author: Andy Polyakov <appro at openssl.org>
Date:   Wed Apr 27 15:07:32 2016 +0200

    chacha/chacha_enc.c: harmonize counter width with subroutine name.
    
    _ctr32 in function name refers to 32-bit counter, but it was implementing
    64-bit one. This didn't pose problem to EVP, but 64-bit counter was just
    misleading.
    
    RT#4512
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/chacha/chacha_enc.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/crypto/chacha/chacha_enc.c b/crypto/chacha/chacha_enc.c
index 13720d0..239f68a 100644
--- a/crypto/chacha/chacha_enc.c
+++ b/crypto/chacha/chacha_enc.c
@@ -110,8 +110,12 @@ void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
         inp += todo;
         len -= todo;
 
-        /* advance counter */
-        if (++input[12] == 0)
-            input[13]++;
+        /*
+         * Advance 32-bit counter. Note that as subroutine is so to
+         * say nonce-agnostic, this limited counter width doesn't
+         * prevent caller from implementing wider counter. It would
+         * simply take two calls split on counter overflow...
+         */
+        input[12]++;
     }
 }


More information about the openssl-commits mailing list