New salsa20 constants.

diff --git a/ChangeLog b/ChangeLog
index e5b830948ce453a92bb1a28a5954203b9dc0d436..3b07ac51c056f0098c0e7fd82fd2dd1d70cf94d3 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2012-03-31  Niels Möller  <nisse@lysator.liu.se>
 
+       * salsa20.h (SALSA20_BLOCK_SIZE): New constant.
+       (_SALSA20_INPUT_LENGTH): New constant.
+       * salsa20.c: Use these constants.
+
        * salsa20.c (ROTL32): Deleted macro, use the one from macros.h
        instead, with reversed order of arguments.
        (ROTATE, XOR, PLUS, PLUSONE): Deleted macros, use ROTL32 and

diff --git a/salsa20.c b/salsa20.c
index af452439081d29d58291048b345bf9b3b645a50b..7cab650066d51d58a93e44329c8d5217dd4b5141 100644 (file)
--- a/salsa20.c
+++ b/salsa20.c
@@ -52,12 +52,12 @@
 #define U8TO32_LITTLE(p) U32TO32_LITTLE(((uint32_t*)(p))[0])
 #define U32TO8_LITTLE(p, v) (((uint32_t*)(p))[0] = U32TO32_LITTLE(v))
 
-static void salsa20_wordtobyte(uint8_t output[64],const uint32_t input[16])
+static void salsa20_wordtobyte(uint8_t output[SALSA20_BLOCK_SIZE],const uint32_t input[_SALSA20_INPUT_LENGTH])
 {
-  uint32_t x[16];
+  uint32_t x[_SALSA20_INPUT_LENGTH];
   int i;
 
-  for (i = 0;i < 16;++i) x[i] = input[i];
+  for (i = 0;i < _SALSA20_INPUT_LENGTH;++i) x[i] = input[i];
   for (i = 20;i > 0;i -= 2) {
     x[ 4] ^= ROTL32( 7, x[ 0] + x[12]);
     x[ 8] ^= ROTL32( 9, x[ 4] + x[ 0]);
@@ -92,12 +92,12 @@ static void salsa20_wordtobyte(uint8_t output[64],const uint32_t input[16])
     x[14] ^= ROTL32(13, x[13] + x[12]);
     x[15] ^= ROTL32(18, x[14] + x[13]);
   }
-  for (i = 0;i < 16;++i) x[i] = x[i] + input[i];
-  for (i = 0;i < 16;++i) U32TO8_LITTLE(output + 4 * i,x[i]);
+  for (i = 0;i < _SALSA20_INPUT_LENGTH;++i) x[i] = x[i] + input[i];
+  for (i = 0;i < _SALSA20_INPUT_LENGTH;++i) U32TO8_LITTLE(output + 4 * i,x[i]);
 }
 
-static const char sigma[16] = "expand 32-byte k";
-static const char tau[16] = "expand 16-byte k";
+static const char sigma[_SALSA20_INPUT_LENGTH] = "expand 32-byte k";
+static const char tau[_SALSA20_INPUT_LENGTH] = "expand 16-byte k";
 
 void
 salsa20_set_key(struct salsa20_ctx *ctx,
@@ -144,7 +144,7 @@ salsa20_crypt(struct salsa20_ctx *ctx,
              uint8_t *c,
              const uint8_t *m)
 {
-  uint8_t output[64];
+  uint8_t output[SALSA20_BLOCK_SIZE];
   unsigned i;
 
   if (!length) return;
@@ -155,13 +155,13 @@ salsa20_crypt(struct salsa20_ctx *ctx,
       ctx->input[9]++;
       /* stopping at 2^70 length per nonce is user's responsibility */
     }
-    if (length <= 64) {
+    if (length <= SALSA20_BLOCK_SIZE) {
       for (i = 0;i < length;++i) c[i] = m[i] ^ output[i];
       return;
     }
-    for (i = 0;i < 64;++i) c[i] = m[i] ^ output[i];
-    length -= 64;
-    c += 64;
-    m += 64;
+    for (i = 0;i < SALSA20_BLOCK_SIZE;++i) c[i] = m[i] ^ output[i];
+    length -= SALSA20_BLOCK_SIZE;
+    c += SALSA20_BLOCK_SIZE;
+    m += SALSA20_BLOCK_SIZE;
   }
 }

diff --git a/salsa20.h b/salsa20.h
index 79f1505d62c9a20c442f317cbad0c456d365ddbf..c4b98cae125fa1df8215c42a848f558c63a6f5c1 100644 (file)
--- a/salsa20.h
+++ b/salsa20.h
@@ -43,12 +43,24 @@ extern "C" {
 #define SALSA20_MIN_KEY_SIZE 16
 #define SALSA20_MAX_KEY_SIZE 32
 #define SALSA20_KEY_SIZE 32
+#define SALSA20_BLOCK_SIZE 64
 
 #define SALSA20_IV_SIZE 8
 
+#define _SALSA20_INPUT_LENGTH 16
+
 struct salsa20_ctx
 {
-    uint32_t input[16];
+  /* Indices 1-4 and 11-14 holds the key (two identical copies for the
+     shorter key size), indices 0, 5, 10, 15 are constant, indices 6, 7
+     are the IV, and indices 8, 9 are the block counter:
+
+     C K K K
+     K C I I
+     B B C K
+     K K K C
+  */
+  uint32_t input[_SALSA20_INPUT_LENGTH];
 };
 
 void