commit 2f79c562ba01ac64e9f21eb52390b9a6d91ccbfc
author Kazuho Oku <kazuhooku@gmail.com> Fri Feb 10 21:50:27 2023 +0900
committer Kazuho Oku <kazuhooku@gmail.com> Fri Feb 10 21:50:27 2023 +0900
tree 8f592813c1a50ef0ff25ae3bbb734b00dee99a0a
parent b7e6b88e8dbcbf32e30d9dd867721ed378ce7e44

define block size as constant

lib/chacha20poly1305.h

diff --git a/lib/chacha20poly1305.h b/lib/chacha20poly1305.h
index 12ce6d0..974204b 100644
--- a/lib/chacha20poly1305.h
+++ b/lib/chacha20poly1305.h
@@ -23,6 +23,8 @@
 #include <stddef.h>
 #include "picotls.h"
 
+#define CHACHA20POLY1305_BLOCKSIZE 64
+
 struct chacha20poly1305_context_t {
     ptls_aead_context_t super;
     ptls_cipher_context_t *chacha;
@@ -75,7 +77,7 @@
 static void chacha20poly1305_init(ptls_aead_context_t *_ctx, uint64_t seq, const void *aad, size_t aadlen)
 {
     struct chacha20poly1305_context_t *ctx = (struct chacha20poly1305_context_t *)_ctx;
-    uint8_t tmpbuf[64];
+    uint8_t tmpbuf[CHACHA20POLY1305_BLOCKSIZE];
 
     /* init chacha */
     memset(tmpbuf, 0, 16 - PTLS_CHACHA20POLY1305_IV_SIZE);
@@ -84,7 +86,7 @@
 
     /* init poly1305 */
     memset(tmpbuf, 0, sizeof(tmpbuf));
-    ptls_cipher_encrypt(ctx->chacha, tmpbuf, tmpbuf, 64);
+    ptls_cipher_encrypt(ctx->chacha, tmpbuf, tmpbuf, CHACHA20POLY1305_BLOCKSIZE);
     ctx->poly1305_init(ctx, tmpbuf);
 
     ptls_clear_memory(tmpbuf, sizeof(tmpbuf));

lib/openssl.c

diff --git a/lib/openssl.c b/lib/openssl.c
index c64a8db..bd52a23 100644
--- a/lib/openssl.c
+++ b/lib/openssl.c
@@ -49,6 +49,9 @@
 #include <openssl/x509_vfy.h>
 #include "picotls.h"
 #include "picotls/openssl.h"
+#ifdef OPENSSL_IS_BORINGSSL
+#include "./chacha20poly1305.h"
+#endif
 
 #ifdef _WINDOWS
 #ifndef _CRT_SECURE_NO_WARNINGS
@@ -1061,18 +1064,18 @@
     assert(ctx->keystream.len == 0);
 
     if (len >= sizeof(ctx->keystream.bytes)) {
-        size_t apply_len = len / sizeof(ctx->keystream.bytes) * sizeof(ctx->keystream.bytes);
-        CRYPTO_chacha_20(output, input, apply_len, ctx->key, ctx->iv, ctx->keystream.ctr);
-        ctx->keystream.ctr += apply_len / sizeof(ctx->keystream.bytes);
-        output += apply_len;
-        input += apply_len;
-        len -= apply_len;
+        size_t blocks = len / CHACHA20POLY1305_BLOCKSIZE;
+        CRYPTO_chacha_20(output, input, blocks * CHACHA20POLY1305_BLOCKSIZE, ctx->key, ctx->iv, ctx->keystream.ctr);
+        ctx->keystream.ctr += blocks;
+        output += blocks * CHACHA20POLY1305_BLOCKSIZE;
+        input += blocks * CHACHA20POLY1305_BLOCKSIZE;
+        len -= blocks * CHACHA20POLY1305_BLOCKSIZE;
         if (len == 0)
             return;
     }
 
-    memset(ctx->keystream.bytes, 0, sizeof(ctx->keystream.bytes));
-    CRYPTO_chacha_20(ctx->keystream.bytes, ctx->keystream.bytes, sizeof(ctx->keystream.bytes), ctx->key, ctx->iv,
+    memset(ctx->keystream.bytes, 0, CHACHA20POLY1305_BLOCKSIZE);
+    CRYPTO_chacha_20(ctx->keystream.bytes, ctx->keystream.bytes, CHACHA20POLY1305_BLOCKSIZE, ctx->key, ctx->iv,
                      ctx->keystream.ctr++);
     ctx->keystream.len = sizeof(ctx->keystream.bytes);
 
@@ -1277,8 +1280,6 @@
 #if PTLS_OPENSSL_HAVE_CHACHA20_POLY1305
 #ifdef OPENSSL_IS_BORINGSSL
 
-#include "./chacha20poly1305.h"
-
 struct boringssl_chacha20poly1305_context_t {
     struct chacha20poly1305_context_t super;
     poly1305_state poly1305;