kevin/libsodium
1
Fork 0
mirror of https://github.com/jedisct1/libsodium.git synced 2024-12-20 02:25:14 -07:00
Code Releases Wiki Activity

Use the IETF ChaCha20 version for randombytes_buf_deterministic()

Browse Source 
It doesn't make any difference except by limiting the maximum
length to 256 Gb. But the code for the IETF version has a higher
probability to already be used by something else than the original
version.
Enforcing a 256 Gb limit can also prevent surprises from happening
in other implementations.
This commit is contained in:
Frank Denis 2017-02-19 18:55:32 +01:00
parent 4c6b0ac762
commit eb5ff7270e
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/libsodium/randombytes/randombytes.c
View File

@ -5,6 +5,7 @@
#include <assert.h>
#include <limits.h>
#include <stdint.h>
#include <stdlib.h>
#ifdef __EMSCRIPTEN__
# include <emscripten.h>
@ -169,10 +170,14 @@ void
randombytes_buf_deterministic(void * const buf, const size_t size,
const unsigned char seed[randombytes_SEEDBYTES])
{
static const unsigned char zero[crypto_stream_chacha20_NONCEBYTES];
static const unsigned char zero[crypto_stream_chacha20_ietf_NONCEBYTES];
COMPILER_ASSERT(randombytes_SEEDBYTES == crypto_stream_chacha20_KEYBYTES);
crypto_stream_chacha20((unsigned char *) buf, size, zero, seed);
COMPILER_ASSERT(randombytes_SEEDBYTES == crypto_stream_chacha20_ietf_KEYBYTES);
if (size > 0x4000000000ULL) {
abort();
}
crypto_stream_chacha20_ietf((unsigned char *) buf, (unsigned long long) size,
zero, seed);
}
size_t