/src/libtomcrypt/src/encauth/chachapoly/chacha20poly1305_setiv.c

Source (jump to first uncovered line)
/* LibTomCrypt, modular cryptographic library -- Tom St Denis */
/* SPDX-License-Identifier: Unlicense */

#include "tomcrypt_private.h"

#ifdef LTC_CHACHA20POLY1305_MODE

/**
  Set IV + counter data to the ChaCha20Poly1305 state and reset the context
  @param st     The ChaCha20Poly1305 state
  @param iv     The IV data to add
  @param ivlen  The length of the IV (must be 12 or 8)
  @return CRYPT_OK on success
 */
int chacha20poly1305_setiv(chacha20poly1305_state *st, const unsigned char *iv, unsigned long ivlen)
{
   chacha_state tmp_st;
   int i, err;
   unsigned char polykey[32];

   LTC_ARGCHK(st != NULL);
   LTC_ARGCHK(iv != NULL);
   LTC_ARGCHK(ivlen == 12 || ivlen == 8);

   /* set IV for chacha20 */
   if (ivlen == 12) {
      /* IV 96bit */
      if ((err = chacha_ivctr32(&st->chacha, iv, ivlen, 1)) != CRYPT_OK) return err;
   }
   else {
      /* IV 64bit */
      if ((err = chacha_ivctr64(&st->chacha, iv, ivlen, 1)) != CRYPT_OK) return err;
   }

   /* copy chacha20 key to temporary state */
   for(i = 0; i < 12; i++) tmp_st.input[i] = st->chacha.input[i];
   tmp_st.rounds = 20;
   /* set IV */
   if (ivlen == 12) {
      /* IV 32bit */
      if ((err = chacha_ivctr32(&tmp_st, iv, ivlen, 0)) != CRYPT_OK) return err;
   }
   else {
      /* IV 64bit */
      if ((err = chacha_ivctr64(&tmp_st, iv, ivlen, 0)) != CRYPT_OK) return err;
   }
   /* (re)generate new poly1305 key */
   if ((err = chacha_keystream(&tmp_st, polykey, 32)) != CRYPT_OK) return err;
   /* (re)initialise poly1305 */
   if ((err = poly1305_init(&st->poly, polykey, 32)) != CRYPT_OK) return err;
   st->ctlen  = 0;
   st->aadlen = 0;
   st->aadflg = 1;

   return CRYPT_OK;
}

#endif

Coverage Report

Created: 2024-11-21 07:03

Line	Count	Source (jump to first uncovered line)
1		/* LibTomCrypt, modular cryptographic library -- Tom St Denis */
2		/* SPDX-License-Identifier: Unlicense */
3
4		#include "tomcrypt_private.h"
5
6		#ifdef LTC_CHACHA20POLY1305_MODE
7
8		/**
9		Set IV + counter data to the ChaCha20Poly1305 state and reset the context
10		@param st The ChaCha20Poly1305 state
11		@param iv The IV data to add
12		@param ivlen The length of the IV (must be 12 or 8)
13		@return CRYPT_OK on success
14		*/
15		int chacha20poly1305_setiv(chacha20poly1305_state st, const unsigned char iv, unsigned long ivlen)
16	8	{
17	8	chacha_state tmp_st;
18	8	int i, err;
19	8	unsigned char polykey[32];
20
21	8	LTC_ARGCHK(st != NULL);
22	8	LTC_ARGCHK(iv != NULL);
23	8	LTC_ARGCHK(ivlen == 12 \|\| ivlen == 8);
24
25		/* set IV for chacha20 */
26	8	if (ivlen == 12) {
27		/* IV 96bit */
28	8	if ((err = chacha_ivctr32(&st->chacha, iv, ivlen, 1)) != CRYPT_OK) return err;
29	8	}
30	0	else {
31		/* IV 64bit */
32	0	if ((err = chacha_ivctr64(&st->chacha, iv, ivlen, 1)) != CRYPT_OK) return err;
33	0	}
34
35		/* copy chacha20 key to temporary state */
36	104	for(i = 0; i < 12; i++) tmp_st.input[i] = st->chacha.input[i];
37	8	tmp_st.rounds = 20;
38		/* set IV */
39	8	if (ivlen == 12) {
40		/* IV 32bit */
41	8	if ((err = chacha_ivctr32(&tmp_st, iv, ivlen, 0)) != CRYPT_OK) return err;
42	8	}
43	0	else {
44		/* IV 64bit */
45	0	if ((err = chacha_ivctr64(&tmp_st, iv, ivlen, 0)) != CRYPT_OK) return err;
46	0	}
47		/* (re)generate new poly1305 key */
48	8	if ((err = chacha_keystream(&tmp_st, polykey, 32)) != CRYPT_OK) return err;
49		/* (re)initialise poly1305 */
50	8	if ((err = poly1305_init(&st->poly, polykey, 32)) != CRYPT_OK) return err;
51	8	st->ctlen = 0;
52	8	st->aadlen = 0;
53	8	st->aadflg = 1;
54
55	8	return CRYPT_OK;
56	8	}
57
58		#endif