From 5bd46fffa6078dc6495942b41a88fa338296b81b Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Vuotto <lucas@lgv5.net>
Date: Fri, 7 Jun 2024 00:29:17 +0000
Subject: [PATCH] aead/chacha20-poly1305: use chacha20_x_final instead of
 reaching into chacha20_ctx guts

---
 aead_chacha20_poly1305.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/aead_chacha20_poly1305.c b/aead_chacha20_poly1305.c
index c0ba4b6..b137ab2 100644
--- a/aead_chacha20_poly1305.c
+++ b/aead_chacha20_poly1305.c
@@ -64,8 +64,8 @@ chacha20_poly1305_seal(const uint8_t *key, size_t keylen, const uint8_t *iv,
 	    !chacha20_x_update(&cctx, poly1305_key, &olen, poly1305_key,
 	    LC_POLY1305_KEYLEN))
 		return 0;
-	for (i = 0; i < LC_POLY1305_KEYLEN / sizeof(uint32_t); i++)
-		store32le(&poly1305_key[i * 4], cctx.s[i]);
+	if (!chacha20_x_final(&cctx, poly1305_key + olen, &olen))
+		return 0;
 
 	if (!poly1305_init(&pctx, poly1305_key, LC_POLY1305_KEYLEN) ||
 	    !poly1305_update(&pctx, aad, aadlen))
@@ -140,8 +140,8 @@ chacha20_poly1305_open(const uint8_t *key, size_t keylen, const uint8_t *iv,
 	    !chacha20_x_update(&cctx, poly1305_key, &olen, poly1305_key,
 	    LC_POLY1305_KEYLEN))
 		return 0;
-	for (i = 0; i < LC_POLY1305_KEYLEN / sizeof(uint32_t); i++)
-		store32le(&poly1305_key[i * 4], cctx.s[i]);
+	if (!chacha20_x_final(&cctx, poly1305_key + olen, &olen))
+		return 0;
 
 	if (!poly1305_init(&pctx, poly1305_key, LC_POLY1305_KEYLEN) ||
 	    !poly1305_update(&pctx, aad, aadlen))