chacha/chacha_enc.c: harmonize counter width with subroutine name.
authorAndy Polyakov <appro@openssl.org>
Wed, 27 Apr 2016 13:07:32 +0000 (15:07 +0200)
committerAndy Polyakov <appro@openssl.org>
Fri, 3 Jun 2016 08:23:58 +0000 (10:23 +0200)
_ctr32 in function name refers to 32-bit counter, but it was implementing
64-bit one. This didn't pose problem to EVP, but 64-bit counter was just
misleading.

RT#4512

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/chacha/chacha_enc.c

index 13720d0..239f68a 100644 (file)
@@ -110,8 +110,12 @@ void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
         inp += todo;
         len -= todo;
 
-        /* advance counter */
-        if (++input[12] == 0)
-            input[13]++;
+        /*
+         * Advance 32-bit counter. Note that as subroutine is so to
+         * say nonce-agnostic, this limited counter width doesn't
+         * prevent caller from implementing wider counter. It would
+         * simply take two calls split on counter overflow...
+         */
+        input[12]++;
     }
 }