diff --git a/aead_chacha20_poly1305.c b/aead_chacha20_poly1305.c index 49bb357..8560d62 100644 --- a/aead_chacha20_poly1305.c +++ b/aead_chacha20_poly1305.c @@ -67,8 +67,8 @@ chacha20_poly1305_seal(uint8_t *out, size_t *outlen, const void *initparams, inlen > SIZE_MAX - LC_POLY1305_TAGLEN) return 0; /* Counter 0 is used for deriving Poly1305 key. */ - if (inlen > SIZE_MAX - (CHACHA20_CHUNK - 1) || - (inlen + CHACHA20_CHUNK - 1) / CHACHA20_CHUNK > + if (inlen > SIZE_MAX - (CHACHA20_BLOCKLEN - 1) || + (inlen + CHACHA20_BLOCKLEN - 1) / CHACHA20_BLOCKLEN > CHACHA20_CTRMAX - 1) return 0; @@ -156,8 +156,8 @@ xchacha20_poly1305_seal(uint8_t *out, size_t *outlen, const void *initparams, inlen > SIZE_MAX - LC_POLY1305_TAGLEN) return 0; /* Counter 0 is used for deriving Poly1305 key. */ - if (inlen > SIZE_MAX - (CHACHA20_CHUNK - 1) || - (inlen + CHACHA20_CHUNK - 1) / CHACHA20_CHUNK > + if (inlen > SIZE_MAX - (CHACHA20_BLOCKLEN - 1) || + (inlen + CHACHA20_BLOCKLEN - 1) / CHACHA20_BLOCKLEN > CHACHA20_CTRMAX - 1) return 0; @@ -246,8 +246,8 @@ chacha20_poly1305_open(uint8_t *out, size_t *outlen, const void *initparams, inlen > UINT64_MAX || aadlen > UINT64_MAX) return 0; /* Counter 0 is used for deriving Poly1305 key. */ - if (inlen > SIZE_MAX - (CHACHA20_CHUNK - 1) || - (inlen + CHACHA20_CHUNK - 1) / CHACHA20_CHUNK > + if (inlen > SIZE_MAX - (CHACHA20_BLOCKLEN - 1) || + (inlen + CHACHA20_BLOCKLEN - 1) / CHACHA20_BLOCKLEN > CHACHA20_CTRMAX - 1) { return 0; } @@ -341,8 +341,8 @@ xchacha20_poly1305_open(uint8_t *out, size_t *outlen, const void *initparams, inlen > UINT64_MAX || aadlen > UINT64_MAX) return 0; /* Counter 0 is used for deriving Poly1305 key. */ - if (inlen > SIZE_MAX - (CHACHA20_CHUNK - 1) || - (inlen + CHACHA20_CHUNK - 1) / CHACHA20_CHUNK > + if (inlen > SIZE_MAX - (CHACHA20_BLOCKLEN - 1) || + (inlen + CHACHA20_BLOCKLEN - 1) / CHACHA20_BLOCKLEN > CHACHA20_CTRMAX - 1) { return 0; } diff --git a/auth_hmac.c b/auth_hmac.c index 4c71fb8..5ae4758 100644 --- a/auth_hmac.c +++ b/auth_hmac.c @@ -63,7 +63,7 @@ hmac_sha224_sha256_init(void *arg, const void *initparams) const struct lc_hmac_params *params = initparams; struct hmac_ctx *ctx = arg; - ctx->blocksz = SHA256_CHUNK; + ctx->blocksz = SHA256_BLOCKLEN; return hmac_common_init(ctx, params->key, params->keylen); } @@ -74,7 +74,7 @@ hmac_sha384_sha512_init(void *arg, const void *initparams) const struct lc_hmac_params *params = initparams; struct hmac_ctx *ctx = arg; - ctx->blocksz = SHA512_CHUNK; + ctx->blocksz = SHA512_BLOCKLEN; return hmac_common_init(ctx, params->key, params->keylen); } diff --git a/auth_poly1305.c b/auth_poly1305.c index 67843ea..ddb2214 100644 --- a/auth_poly1305.c +++ b/auth_poly1305.c @@ -59,7 +59,7 @@ poly1305_init(void *arg, const void *initparams) ctx->s3 = load32le(¶ms->key[28]); ctx->mlen = 0; - for (i = 0; i < POLY1305_CHUNK; i++) + for (i = 0; i < POLY1305_BLOCKLEN; i++) ctx->m[i] = 0; return 1; @@ -71,13 +71,13 @@ poly1305_update(void *arg, const uint8_t *in, size_t inlen) struct poly1305_ctx *ctx = arg; size_t i; - for (i = 0; i + ctx->mlen < POLY1305_CHUNK && i < inlen; i++) + for (i = 0; i + ctx->mlen < POLY1305_BLOCKLEN && i < inlen; i++) ctx->m[i + ctx->mlen] = in[i]; ctx->mlen += i; in += i; inlen -= i; - if (ctx->mlen == POLY1305_CHUNK) { + if (ctx->mlen == POLY1305_BLOCKLEN) { poly1305_block(ctx, 1); ctx->mlen = 0; } @@ -85,13 +85,13 @@ poly1305_update(void *arg, const uint8_t *in, size_t inlen) if (inlen == 0) return 1; - while (inlen >= POLY1305_CHUNK) { - for (i = 0; i < POLY1305_CHUNK; i++) + while (inlen >= POLY1305_BLOCKLEN) { + for (i = 0; i < POLY1305_BLOCKLEN; i++) ctx->m[i] = in[i]; poly1305_block(ctx, 1); - in += POLY1305_CHUNK; - inlen -= POLY1305_CHUNK; + in += POLY1305_BLOCKLEN; + inlen -= POLY1305_BLOCKLEN; } for (i = 0; i < inlen; i++) @@ -114,9 +114,9 @@ poly1305_final(void *arg, uint8_t *out, size_t *outlen) i = ctx->mlen; if (i > 0) { - if (i < POLY1305_CHUNK) { + if (i < POLY1305_BLOCKLEN) { ctx->m[i++] = 1; - for (; i < POLY1305_CHUNK; i++) + for (; i < POLY1305_BLOCKLEN; i++) ctx->m[i] = 0; poly1305_block(ctx, 0); } else diff --git a/cipher_chacha20.c b/cipher_chacha20.c index fb34758..88b10dc 100644 --- a/cipher_chacha20.c +++ b/cipher_chacha20.c @@ -37,7 +37,7 @@ chacha20_anycrypt_init(void *arg, const void *initparams) struct chacha20_ctx *ctx = arg; size_t i; - for (i = 0; i < CHACHA20_CHUNK_WORDS; i++) + for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) ctx->s[i] = 0; for (i = 0; i < CHACHA20_KEY_WORDS; i++) ctx->k[i] = load32le(¶ms->key[i * 4]); @@ -56,7 +56,7 @@ xchacha20_anycrypt_init(void *arg, const void *initparams) struct chacha20_ctx *ctx = arg; size_t i; - for (i = 0; i < CHACHA20_CHUNK_WORDS; i++) + for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) ctx->s[i] = 0; for (i = 0; i < CHACHA20_KEY_WORDS; i++) ctx->k[i] = load32le(¶ms->key[i * 4]); @@ -91,50 +91,52 @@ chacha20_anycrypt_update(void *arg, uint8_t *out, size_t *outlen, uint32_t h; *outlen = 0; - if (inlen > SIZE_MAX - (CHACHA20_CHUNK - 1) - ctx->mlen) + if (inlen > SIZE_MAX - (CHACHA20_BLOCKLEN - 1) - ctx->mlen) return 0; - blocks = (inlen + ctx->mlen + CHACHA20_CHUNK - 1) / CHACHA20_CHUNK; + blocks = (inlen + ctx->mlen + CHACHA20_BLOCKLEN - 1) / + CHACHA20_BLOCKLEN; if (blocks + ctx->n[0] > CHACHA20_CTRMAX) return 0; - *outlen = ctx->mlen + inlen - ((ctx->mlen + inlen) % CHACHA20_CHUNK); + *outlen = ctx->mlen + inlen - + ((ctx->mlen + inlen) % CHACHA20_BLOCKLEN); if (out == NULL) return 1; - for (i = 0; i + ctx->mlen < CHACHA20_CHUNK && i < inlen; i++) + for (i = 0; i + ctx->mlen < CHACHA20_BLOCKLEN && i < inlen; i++) ctx->m[i + ctx->mlen] = in[i]; ctx->mlen += i; in += i; inlen -= i; - if (ctx->mlen == CHACHA20_CHUNK) { + if (ctx->mlen == CHACHA20_BLOCKLEN) { chacha20_block(ctx); ctx->n[0]++; - for (i = 0; i < CHACHA20_CHUNK_WORDS; i++) { + for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) { h = load32le(&ctx->m[i * 4]); h ^= ctx->s[i]; store32le(&out[i * 4], h); } - out += CHACHA20_CHUNK; + out += CHACHA20_BLOCKLEN; ctx->mlen = 0; } if (inlen == 0) return 1; - while (inlen >= CHACHA20_CHUNK) { + while (inlen >= CHACHA20_BLOCKLEN) { chacha20_block(ctx); ctx->n[0]++; - for (i = 0; i < CHACHA20_CHUNK_WORDS; i++) { + for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) { h = load32le(&in[i * 4]); h ^= ctx->s[i]; store32le(&out[i * 4], h); } - out += CHACHA20_CHUNK; - in += CHACHA20_CHUNK; - inlen -= CHACHA20_CHUNK; + out += CHACHA20_BLOCKLEN; + in += CHACHA20_BLOCKLEN; + inlen -= CHACHA20_BLOCKLEN; } for (i = 0; i < inlen; i++) @@ -187,8 +189,9 @@ chacha20_anycrypt(uint8_t *out, size_t *outlen, const void *initparams, *outlen = 0; - if (inlen > SIZE_MAX - (CHACHA20_CHUNK - 1) || - (inlen + CHACHA20_CHUNK - 1) / CHACHA20_CHUNK > CHACHA20_CTRMAX) + if (inlen > SIZE_MAX - (CHACHA20_BLOCKLEN - 1) || + (inlen + CHACHA20_BLOCKLEN - 1) / CHACHA20_BLOCKLEN > + CHACHA20_CTRMAX) return 0; if (out == NULL) { diff --git a/hash_sha224_sha256.c b/hash_sha224_sha256.c index 7fe36b0..7f885fa 100644 --- a/hash_sha224_sha256.c +++ b/hash_sha224_sha256.c @@ -71,7 +71,7 @@ sha224_init(void *arg) ctx->sz = 0; ctx->mlen = 0; - for (i = 0; i < SHA256_CHUNK; i++) + for (i = 0; i < SHA256_BLOCKLEN; i++) ctx->m[i] = 0; return 1; @@ -95,7 +95,7 @@ sha256_init(void *arg) ctx->sz = 0; ctx->mlen = 0; - for (i = 0; i < SHA256_CHUNK; i++) + for (i = 0; i < SHA256_BLOCKLEN; i++) ctx->m[i] = 0; return 1; @@ -111,13 +111,13 @@ sha224_sha256_update(void *arg, const uint8_t *in, size_t inlen) return 0; ctx->sz += inlen; - for (i = 0; i + ctx->mlen < SHA256_CHUNK && i < inlen; i++) + for (i = 0; i + ctx->mlen < SHA256_BLOCKLEN && i < inlen; i++) ctx->m[i + ctx->mlen] = in[i]; ctx->mlen += i; in += i; inlen -= i; - if (ctx->mlen == SHA256_CHUNK) { + if (ctx->mlen == SHA256_BLOCKLEN) { sha256_block(ctx); ctx->mlen = 0; } @@ -125,8 +125,8 @@ sha224_sha256_update(void *arg, const uint8_t *in, size_t inlen) if (inlen == 0) return 1; - while (inlen >= SHA256_CHUNK) { - for (i = 0; i < SHA256_CHUNK; i++) + while (inlen >= SHA256_BLOCKLEN) { + for (i = 0; i < SHA256_BLOCKLEN; i++) ctx->m[i] = in[i]; in += i; inlen -= i; @@ -161,14 +161,14 @@ sha224_sha256_final(struct sha256_ctx *ctx) mlen = ctx->mlen; ctx->m[mlen++] = 0x80; - if (mlen >= SHA256_CHUNK - sizeof(uint64_t)) { - for (i = mlen; i < SHA256_CHUNK; i++) + if (mlen >= SHA256_BLOCKLEN - sizeof(uint64_t)) { + for (i = mlen; i < SHA256_BLOCKLEN; i++) ctx->m[i] = 0; sha256_block(ctx); mlen = 0; } - for (i = mlen; i < SHA256_CHUNK - sizeof(uint64_t); i++) + for (i = mlen; i < SHA256_BLOCKLEN - sizeof(uint64_t); i++) ctx->m[i] = 0; store64be(&ctx->m[i], ctx->sz << 3); sha256_block(ctx); diff --git a/hash_sha384_sha512.c b/hash_sha384_sha512.c index 274b756..07626bf 100644 --- a/hash_sha384_sha512.c +++ b/hash_sha384_sha512.c @@ -72,7 +72,7 @@ sha384_init(void *arg) ctx->szhi = ctx->szlo = 0; ctx->mlen = 0; - for (i = 0; i < SHA512_CHUNK; i++) + for (i = 0; i < SHA512_BLOCKLEN; i++) ctx->m[i] = 0; return 1; @@ -96,7 +96,7 @@ sha512_init(void *arg) ctx->szhi = ctx->szlo = 0; ctx->mlen = 0; - for (i = 0; i < SHA512_CHUNK; i++) + for (i = 0; i < SHA512_BLOCKLEN; i++) ctx->m[i] = 0; return 1; @@ -116,13 +116,13 @@ sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen) } else ctx->szlo += inlen; - for (i = 0; i + ctx->mlen < SHA512_CHUNK && i < inlen; i++) + for (i = 0; i + ctx->mlen < SHA512_BLOCKLEN && i < inlen; i++) ctx->m[i + ctx->mlen] = in[i]; ctx->mlen += i; in += i; inlen -= i; - if (ctx->mlen == SHA512_CHUNK) { + if (ctx->mlen == SHA512_BLOCKLEN) { sha512_block(ctx); ctx->mlen = 0; } @@ -130,8 +130,8 @@ sha384_sha512_update(void *arg, const uint8_t *in, size_t inlen) if (inlen == 0) return 1; - while (inlen >= SHA512_CHUNK) { - for (i = 0; i < SHA512_CHUNK; i++) + while (inlen >= SHA512_BLOCKLEN) { + for (i = 0; i < SHA512_BLOCKLEN; i++) ctx->m[i] = in[i]; in += i; inlen -= i; @@ -166,14 +166,14 @@ sha384_sha512_final(struct sha512_ctx *ctx) mlen = ctx->mlen; ctx->m[mlen++] = 0x80; - if (mlen >= SHA512_CHUNK - 2 * sizeof(uint64_t)) { - for (i = mlen; i < SHA512_CHUNK; i++) + if (mlen >= SHA512_BLOCKLEN - 2 * sizeof(uint64_t)) { + for (i = mlen; i < SHA512_BLOCKLEN; i++) ctx->m[i] = 0; sha512_block(ctx); mlen = 0; } - for (i = mlen; i < SHA512_CHUNK - 2 * sizeof(uint64_t); i++) + for (i = mlen; i < SHA512_BLOCKLEN - 2 * sizeof(uint64_t); i++) ctx->m[i] = 0; store64be(&ctx->m[i], (ctx->szhi << 3) | (ctx->szlo >> 63)); store64be(&ctx->m[i + sizeof(uint64_t)], ctx->szlo << 3); diff --git a/impl_chacha20.c b/impl_chacha20.c index 2c2a298..44829be 100644 --- a/impl_chacha20.c +++ b/impl_chacha20.c @@ -45,7 +45,7 @@ void chacha20_block(struct chacha20_ctx *ctx) { - uint32_t x[CHACHA20_CHUNK_WORDS]; + uint32_t x[CHACHA20_BLOCKLEN_WORDS]; size_t i; x[0] = SIGMA0; @@ -65,7 +65,7 @@ chacha20_block(struct chacha20_ctx *ctx) x[14] = ctx->n[2]; x[15] = ctx->n[3]; - for (i = 0; i < CHACHA20_CHUNK_WORDS; i++) + for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) ctx->s[i] = x[i]; for (i = 0; i < CHACHA20_ROUNDS; i++) { @@ -80,14 +80,14 @@ chacha20_block(struct chacha20_ctx *ctx) QUARTERROUND(x[3], x[4], x[9], x[14]); } - for (i = 0; i < CHACHA20_CHUNK_WORDS; i++) + for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) ctx->s[i] += x[i]; } void hchacha20_block(struct chacha20_ctx *ctx) { - uint32_t x[CHACHA20_CHUNK_WORDS]; + uint32_t x[CHACHA20_BLOCKLEN_WORDS]; size_t i; x[0] = SIGMA0; @@ -119,6 +119,6 @@ hchacha20_block(struct chacha20_ctx *ctx) QUARTERROUND(x[3], x[4], x[9], x[14]); } - for (i = 0; i < CHACHA20_CHUNK_WORDS; i++) + for (i = 0; i < CHACHA20_BLOCKLEN_WORDS; i++) ctx->s[i] = x[i]; } diff --git a/impl_chacha20.h b/impl_chacha20.h index 407a467..297c6fb 100644 --- a/impl_chacha20.h +++ b/impl_chacha20.h @@ -20,8 +20,8 @@ #include "lilcrypto.h" -#define CHACHA20_CHUNK 64 -#define CHACHA20_CHUNK_WORDS (CHACHA20_CHUNK / sizeof(uint32_t)) +#define CHACHA20_BLOCKLEN 64 +#define CHACHA20_BLOCKLEN_WORDS (CHACHA20_BLOCKLEN / sizeof(uint32_t)) #define CHACHA20_CTRMAX 4294967295 /* 2^32 - 1 */ #define CHACHA20_KEY_WORDS (LC_CHACHA20_KEYLEN / sizeof(uint32_t)) #define CHACHA20_NONCE_WORDS 4 @@ -29,11 +29,11 @@ struct chacha20_ctx { - uint32_t s[CHACHA20_CHUNK_WORDS]; + uint32_t s[CHACHA20_BLOCKLEN_WORDS]; uint32_t k[CHACHA20_KEY_WORDS]; uint32_t n[CHACHA20_NONCE_WORDS]; size_t mlen; - uint8_t m[CHACHA20_CHUNK]; + uint8_t m[CHACHA20_BLOCKLEN]; }; diff --git a/impl_poly1305.h b/impl_poly1305.h index eb166ce..9e785f0 100644 --- a/impl_poly1305.h +++ b/impl_poly1305.h @@ -20,7 +20,7 @@ #include "lilcrypto.h" -#define POLY1305_CHUNK 16 +#define POLY1305_BLOCKLEN 16 #define POLY1305_TAGLEN_WORDS (LC_POLY1305_TAGLEN / sizeof(uint32_t)) @@ -30,7 +30,7 @@ struct poly1305_ctx { uint32_t x1, x2, x3, x4; uint32_t s0, s1, s2, s3; size_t mlen; - uint8_t m[POLY1305_CHUNK]; + uint8_t m[POLY1305_BLOCKLEN]; }; diff --git a/impl_sha256.c b/impl_sha256.c index f48bd9a..cb5463a 100644 --- a/impl_sha256.c +++ b/impl_sha256.c @@ -50,11 +50,11 @@ static const uint32_t K[SHA256_ROUNDS] = { void sha256_block(struct sha256_ctx *ctx) { - uint32_t m[SHA256_CHUNK_WORDS], W[SHA256_ROUNDS]; + uint32_t m[SHA256_BLOCKLEN_WORDS], W[SHA256_ROUNDS]; uint32_t a, b, c, d, e, f, g, h, T1, T2; size_t i; - for (i = 0; i < SHA256_CHUNK_WORDS; i++) + for (i = 0; i < SHA256_BLOCKLEN_WORDS; i++) W[i] = m[i] = load32be(&ctx->m[i * 4]); for (; i < SHA256_ROUNDS; i++) W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) + diff --git a/impl_sha256.h b/impl_sha256.h index d9db590..c47af6c 100644 --- a/impl_sha256.h +++ b/impl_sha256.h @@ -20,8 +20,8 @@ #include "lilcrypto.h" -#define SHA256_CHUNK 64 -#define SHA256_CHUNK_WORDS (SHA256_CHUNK / sizeof(uint32_t)) +#define SHA256_BLOCKLEN 64 +#define SHA256_BLOCKLEN_WORDS (SHA256_BLOCKLEN / sizeof(uint32_t)) #define SHA256_ROUNDS 64 @@ -29,7 +29,7 @@ struct sha256_ctx { uint32_t h0, h1, h2, h3, h4, h5, h6, h7; uint64_t sz; size_t mlen; - uint8_t m[SHA256_CHUNK]; + uint8_t m[SHA256_BLOCKLEN]; }; diff --git a/impl_sha512.c b/impl_sha512.c index dc83c50..be28726 100644 --- a/impl_sha512.c +++ b/impl_sha512.c @@ -74,11 +74,11 @@ static const uint64_t K[SHA512_ROUNDS] = { void sha512_block(struct sha512_ctx *ctx) { - uint64_t m[SHA512_CHUNK_WORDS], W[SHA512_ROUNDS]; + uint64_t m[SHA512_BLOCKLEN_WORDS], W[SHA512_ROUNDS]; uint64_t a, b, c, d, e, f, g, h, T1, T2; size_t i; - for (i = 0; i < SHA512_CHUNK_WORDS; i++) + for (i = 0; i < SHA512_BLOCKLEN_WORDS; i++) W[i] = m[i] = load64be(&ctx->m[i * 8]); for (; i < SHA512_ROUNDS; i++) W[i] = SSIG1(W[i - 2]) + W[i - 7] + SSIG0(W[i - 15]) + diff --git a/impl_sha512.h b/impl_sha512.h index ee40eaf..268011b 100644 --- a/impl_sha512.h +++ b/impl_sha512.h @@ -20,8 +20,8 @@ #include "lilcrypto.h" -#define SHA512_CHUNK 128 -#define SHA512_CHUNK_WORDS (SHA512_CHUNK / sizeof(uint64_t)) +#define SHA512_BLOCKLEN 128 +#define SHA512_BLOCKLEN_WORDS (SHA512_BLOCKLEN / sizeof(uint64_t)) #define SHA512_ROUNDS 80 @@ -29,7 +29,7 @@ struct sha512_ctx { uint64_t h0, h1, h2, h3, h4, h5, h6, h7; uint64_t szhi, szlo; size_t mlen; - uint8_t m[SHA512_CHUNK]; + uint8_t m[SHA512_BLOCKLEN]; };