From b4b734e882d792bb94cd912660c7fa48a3598fc2 Mon Sep 17 00:00:00 2001 From: mikeb Date: Tue, 27 Oct 2015 11:13:06 +0000 Subject: [PATCH] Sync chacha_ivsetup to the version in ssh so that we could specify custom counter value when setting up Chacha context. ok reyk djm --- sys/crypto/chacha_private.h | 8 ++++---- sys/dev/rnd.c | 10 +++++----- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/sys/crypto/chacha_private.h b/sys/crypto/chacha_private.h index 66b57c59d7b..662c074de4e 100644 --- a/sys/crypto/chacha_private.h +++ b/sys/crypto/chacha_private.h @@ -50,7 +50,7 @@ static const char sigma[16] = "expand 32-byte k"; static const char tau[16] = "expand 16-byte k"; static void -chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits,u32 ivbits) +chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits) { const char *constants; @@ -75,10 +75,10 @@ chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits,u32 ivbits) } static void -chacha_ivsetup(chacha_ctx *x,const u8 *iv) +chacha_ivsetup(chacha_ctx *x, const u8 *iv, const u8 *counter) { - x->input[12] = 0; - x->input[13] = 0; + x->input[12] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 0); + x->input[13] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 4); x->input[14] = U8TO32_LITTLE(iv + 0); x->input[15] = U8TO32_LITTLE(iv + 4); } diff --git a/sys/dev/rnd.c b/sys/dev/rnd.c index 58f12eda783..ed84f239cfb 100644 --- a/sys/dev/rnd.c +++ b/sys/dev/rnd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rnd.c,v 1.175 2015/05/25 03:07:07 deraadt Exp $ */ +/* $OpenBSD: rnd.c,v 1.176 2015/10/27 11:13:06 mikeb Exp $ */ /* * Copyright (c) 2011 Theo de Raadt. @@ -568,8 +568,8 @@ static inline void _rs_init(u_char *buf, size_t n) { KASSERT(n >= KEYSZ + IVSZ); - chacha_keysetup(&rs, buf, KEYSZ * 8, 0); - chacha_ivsetup(&rs, buf + KEYSZ); + chacha_keysetup(&rs, buf, KEYSZ * 8); + chacha_ivsetup(&rs, buf + KEYSZ, NULL); } static void @@ -833,8 +833,8 @@ randomread(dev_t dev, struct uio *uio, int ioflag) buf = malloc(POOLBYTES, M_TEMP, M_WAITOK); if (total > ARC4_MAIN_MAX_BYTES) { arc4random_buf(lbuf, sizeof(lbuf)); - chacha_keysetup(&lctx, lbuf, KEYSZ * 8, 0); - chacha_ivsetup(&lctx, lbuf + KEYSZ); + chacha_keysetup(&lctx, lbuf, KEYSZ * 8); + chacha_ivsetup(&lctx, lbuf + KEYSZ, NULL); explicit_bzero(lbuf, sizeof(lbuf)); myctx = 1; } -- 2.20.1