1
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-20 02:25:14 -07:00

Faster; doesn't require to wipe the output stream

This commit is contained in:
Frank Denis 2017-09-18 20:51:47 +02:00
parent 5da8f4fbc6
commit 66c621f417

View File

@ -76,13 +76,24 @@ crypto_secretstream_xchacha20poly1305_rekey
{
unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
crypto_secretstream_xchacha20poly1305_INONCEBYTES];
size_t i;
crypto_stream_chacha20_ietf(new_key_and_inonce, sizeof new_key_and_inonce,
for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
new_key_and_inonce[i] = state->k[i];
}
for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
STATE_INONCE(state)[i];
}
crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
sizeof new_key_and_inonce,
state->nonce, state->k);
XOR_BUF(state->k, new_key_and_inonce, crypto_stream_chacha20_ietf_KEYBYTES);
XOR_BUF(STATE_INONCE(state),
new_key_and_inonce + crypto_stream_chacha20_ietf_KEYBYTES,
crypto_secretstream_xchacha20poly1305_INONCEBYTES);
for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
state->k[i] = new_key_and_inonce[i];
}
for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
STATE_INONCE(state)[i] = new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i];
}
memset(STATE_COUNTER(state), 0,
crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
}