CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2014/06/24 12:12:09
Modified files:
lib/libssl/src/crypto/chacha: chacha-merged.c chacha.c chacha.h
Log message:
If a chacha operation does not consume all of the generated key stream,
ensure that we save it and consume it on subsequent writes. Otherwise we
end up discarding part of the key stream and instead generate a new block
at the start of the next write.
This was only an issue for callers that did multiple writes that are not
multiples of 64 bytes - in particular, the ChaCha20Poly1305 usage does not
hit this problem since it performs encryption in a single-shot. For the
same reason, this is also a non-issue when openssl(1) is used to encrypt
with ChaCha.
Issue identified by insane coder; reported to bugs@ by Joseph M. Schwartz.
ok beck@
