define block size as constant
diff --git a/lib/chacha20poly1305.h b/lib/chacha20poly1305.h
index 12ce6d0..974204b 100644
--- a/lib/chacha20poly1305.h
+++ b/lib/chacha20poly1305.h
@@ -23,6 +23,8 @@
#include <stddef.h>
#include "picotls.h"
+#define CHACHA20POLY1305_BLOCKSIZE 64
+
struct chacha20poly1305_context_t {
ptls_aead_context_t super;
ptls_cipher_context_t *chacha;
@@ -75,7 +77,7 @@
static void chacha20poly1305_init(ptls_aead_context_t *_ctx, uint64_t seq, const void *aad, size_t aadlen)
{
struct chacha20poly1305_context_t *ctx = (struct chacha20poly1305_context_t *)_ctx;
- uint8_t tmpbuf[64];
+ uint8_t tmpbuf[CHACHA20POLY1305_BLOCKSIZE];
/* init chacha */
memset(tmpbuf, 0, 16 - PTLS_CHACHA20POLY1305_IV_SIZE);
@@ -84,7 +86,7 @@
/* init poly1305 */
memset(tmpbuf, 0, sizeof(tmpbuf));
- ptls_cipher_encrypt(ctx->chacha, tmpbuf, tmpbuf, 64);
+ ptls_cipher_encrypt(ctx->chacha, tmpbuf, tmpbuf, CHACHA20POLY1305_BLOCKSIZE);
ctx->poly1305_init(ctx, tmpbuf);
ptls_clear_memory(tmpbuf, sizeof(tmpbuf));
diff --git a/lib/openssl.c b/lib/openssl.c
index c64a8db..bd52a23 100644
--- a/lib/openssl.c
+++ b/lib/openssl.c
@@ -49,6 +49,9 @@
#include <openssl/x509_vfy.h>
#include "picotls.h"
#include "picotls/openssl.h"
+#ifdef OPENSSL_IS_BORINGSSL
+#include "./chacha20poly1305.h"
+#endif
#ifdef _WINDOWS
#ifndef _CRT_SECURE_NO_WARNINGS
@@ -1061,18 +1064,18 @@
assert(ctx->keystream.len == 0);
if (len >= sizeof(ctx->keystream.bytes)) {
- size_t apply_len = len / sizeof(ctx->keystream.bytes) * sizeof(ctx->keystream.bytes);
- CRYPTO_chacha_20(output, input, apply_len, ctx->key, ctx->iv, ctx->keystream.ctr);
- ctx->keystream.ctr += apply_len / sizeof(ctx->keystream.bytes);
- output += apply_len;
- input += apply_len;
- len -= apply_len;
+ size_t blocks = len / CHACHA20POLY1305_BLOCKSIZE;
+ CRYPTO_chacha_20(output, input, blocks * CHACHA20POLY1305_BLOCKSIZE, ctx->key, ctx->iv, ctx->keystream.ctr);
+ ctx->keystream.ctr += blocks;
+ output += blocks * CHACHA20POLY1305_BLOCKSIZE;
+ input += blocks * CHACHA20POLY1305_BLOCKSIZE;
+ len -= blocks * CHACHA20POLY1305_BLOCKSIZE;
if (len == 0)
return;
}
- memset(ctx->keystream.bytes, 0, sizeof(ctx->keystream.bytes));
- CRYPTO_chacha_20(ctx->keystream.bytes, ctx->keystream.bytes, sizeof(ctx->keystream.bytes), ctx->key, ctx->iv,
+ memset(ctx->keystream.bytes, 0, CHACHA20POLY1305_BLOCKSIZE);
+ CRYPTO_chacha_20(ctx->keystream.bytes, ctx->keystream.bytes, CHACHA20POLY1305_BLOCKSIZE, ctx->key, ctx->iv,
ctx->keystream.ctr++);
ctx->keystream.len = sizeof(ctx->keystream.bytes);
@@ -1277,8 +1280,6 @@
#if PTLS_OPENSSL_HAVE_CHACHA20_POLY1305
#ifdef OPENSSL_IS_BORINGSSL
-#include "./chacha20poly1305.h"
-
struct boringssl_chacha20poly1305_context_t {
struct chacha20poly1305_context_t super;
poly1305_state poly1305;