cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Mention when the state will eventually be cleared

Browse Source
This commit is contained in:
Frank Denis 2017-09-26 21:28:08 +02:00
parent d338ae9512
commit 93c386cb6c
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna32.h
View File

@ -28,7 +28,7 @@ typedef struct poly1305_state_internal_t {
static void
poly1305_init(poly1305_state_internal_t *st, const unsigned char key[32])
{
/* r &= 0xffffffc0ffffffc0ffffffc0fffffff */
/* r &= 0xffffffc0ffffffc0ffffffc0fffffff - wiped after finalization */
st->r[0] = (LOAD32_LE(&key[0])) & 0x3ffffff;
st->r[1] = (LOAD32_LE(&key[3]) >> 2) & 0x3ffff03;
st->r[2] = (LOAD32_LE(&key[6]) >> 4) & 0x3ffc0ff;

1
src/libsodium/crypto_onetimeauth/poly1305/donna/poly1305_donna64.h
View File

@ -46,6 +46,7 @@ poly1305_init(poly1305_state_internal_t *st, const unsigned char key[32])
t0 = LOAD64_LE(&key[0]);
t1 = LOAD64_LE(&key[8]);
/* wiped after finalization */
st->r[0] = (t0) &0xffc0fffffff;
st->r[1] = ((t0 >> 44) | (t1 << 20)) & 0xfffffc0ffff;
st->r[2] = ((t1 >> 24)) & 0x00ffffffc0f;