From 0a6c3021d0689b16984ba3de22bd6b6a9ceb3a82 Mon Sep 17 00:00:00 2001 From: Miguel Oliveira Date: Mon, 4 Apr 2022 23:36:25 -0300 Subject: [PATCH] Fix Poly1305 canonicalization --- poly1305.lua | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/poly1305.lua b/poly1305.lua index 642c1fe..cd787d7 100644 --- a/poly1305.lua +++ b/poly1305.lua @@ -106,16 +106,16 @@ function mod.mac(key, message) c1 = h0 - c0 + c1 -- Canonicalize. - if c7 == 0xffff * 2 ^ 112 + if c7 == 0x3ffff * 2 ^ 112 and c6 == 0xffff * 2 ^ 96 and c5 == 0xffff * 2 ^ 80 and c4 == 0xffff * 2 ^ 64 and c3 == 0xffff * 2 ^ 48 and c2 == 0xffff * 2 ^ 32 and c1 == 0xffff * 2 ^ 16 - and c0 >= 0xfffa + and c0 >= 0xfffb then - c7, c6, c5, c4, c3, c2, c1, c0 = 0, 0, 0, 0, 0, 0, 0, c0 - 0xfffa + c7, c6, c5, c4, c3, c2, c1, c0 = 0, 0, 0, 0, 0, 0, 0, c0 - 0xfffb end -- Decode s.