aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2014-12-29 02:15:35 +0000
committerlloyd <[email protected]>2014-12-29 02:15:35 +0000
commit05b6811827fe7f4e107a9339142f6aec56f0f202 (patch)
treef38c9ac13990f0ddf000f9ce6a23d002c8e8321f
parent6322dc69fcf9f3effed4e51de90b3f5b163db47e (diff)
Support 96 bit nonces in ChaCha20 as specified in draft-irtf-cfrg-chacha20-poly1305-03
-rw-r--r--src/lib/stream/chacha/chacha.cpp13
-rw-r--r--src/lib/stream/chacha/chacha.h2
-rw-r--r--src/tests/data/stream/chacha.vec9
3 files changed, 21 insertions, 3 deletions
diff --git a/src/lib/stream/chacha/chacha.cpp b/src/lib/stream/chacha/chacha.cpp
index 33db7ac92..419f8f67a 100644
--- a/src/lib/stream/chacha/chacha.cpp
+++ b/src/lib/stream/chacha/chacha.cpp
@@ -135,8 +135,17 @@ void ChaCha::set_iv(const byte iv[], size_t length)
m_state[12] = 0;
m_state[13] = 0;
- m_state[14] = load_le<u32bit>(iv, 0);
- m_state[15] = load_le<u32bit>(iv, 1);
+ if(length == 8)
+ {
+ m_state[14] = load_le<u32bit>(iv, 0);
+ m_state[15] = load_le<u32bit>(iv, 1);
+ }
+ else if(length == 12)
+ {
+ m_state[13] = load_le<u32bit>(iv, 0);
+ m_state[14] = load_le<u32bit>(iv, 1);
+ m_state[15] = load_le<u32bit>(iv, 2);
+ }
chacha(&m_buffer[0], &m_state[0]);
++m_state[12];
diff --git a/src/lib/stream/chacha/chacha.h b/src/lib/stream/chacha/chacha.h
index b7d720685..c7c11771d 100644
--- a/src/lib/stream/chacha/chacha.h
+++ b/src/lib/stream/chacha/chacha.h
@@ -23,7 +23,7 @@ class BOTAN_DLL ChaCha : public StreamCipher
void set_iv(const byte iv[], size_t iv_len);
bool valid_iv_length(size_t iv_len) const
- { return (iv_len == 8); }
+ { return (iv_len == 8 || iv_len == 12); }
Key_Length_Specification key_spec() const
{
diff --git a/src/tests/data/stream/chacha.vec b/src/tests/data/stream/chacha.vec
index 9ef1792e2..e4386cbd5 100644
--- a/src/tests/data/stream/chacha.vec
+++ b/src/tests/data/stream/chacha.vec
@@ -5,6 +5,8 @@ Nonce = 0000000000000000
In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Out = 89670952608364FD00B2F90936F031C8E756E15DBA04B8493D00429259B20F46CC04F111246B6C2CE066BE3BFB32D9AA0FDDFBC12123D4B9E44F34DCA05A103F
+# From draft-agl-tls-chacha20poly1305-01
+
Key = 0000000000000000000000000000000000000000000000000000000000000000
Nonce = 0000000000000000
In = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
@@ -24,3 +26,10 @@ Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
Nonce = 0001020304050607
In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Out = F798A189F195E66982105FFB640BB7757F579DA31602FC93EC01AC56F85AC3C134A4547B733B46413042C9440049176905D3BE59EA1C53F15916155C2BE8241A38008B9A26BC35941E2444177C8ADE6689DE95264986D95889FB60E84629C9BD9A5ACB1CC118BE563EB9B3A4A472F82E09A7E778492B562EF7130E88DFE031C79DB9D4F7C7A899151B9A475032B63FC385245FE054E3DD5A97A5F576FE064025D3CE042C566AB2C507B138DB853E3D6959660996546CC9C4A6EAFDC777C040D70EAF46F76DAD3979E5C5360C3317166A1C894C94A371876A94DF7628FE4EAAF2CCB27D5AAAE0AD7AD0F9D4B6AD3B54098746D4524D38407A6DEB
+
+# From draft-irtf-cfrg-chacha20-poly1305-03
+Key = 0000000000000000000000000000000000000000000000000000000000000000
+Nonce = 000000000000000000000002
+In = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+Out = C2C64D378CD536374AE204B9EF933FCD1A8B2288B3DFA49672AB765B54EE27C78A970E0E955C14F3A88E741B97C286F75F8FC299E8148362FA198A39531BED6D
+