ChrisChrome/ccryptolib
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Fix Poly1305 canonicalization

Browse source
This commit is contained in:
Miguel Oliveira 2022-04-04 23:36:25 -03:00
parent 4cf7c2e989
commit 0a6c3021d0
No known key found for this signature in database
GPG key ID: 2C2BE789E1377025
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
poly1305.lua
View file

@ -106,16 +106,16 @@ function mod.mac(key, message)
c1 = h0 - c0 + c1 c1 = h0 - c0 + c1
-- Canonicalize. -- Canonicalize.
if c7 == 0xffff * 2 ^ 112 if c7 == 0x3ffff * 2 ^ 112
and c6 == 0xffff * 2 ^ 96 and c6 == 0xffff * 2 ^ 96
and c5 == 0xffff * 2 ^ 80 and c5 == 0xffff * 2 ^ 80
and c4 == 0xffff * 2 ^ 64 and c4 == 0xffff * 2 ^ 64
and c3 == 0xffff * 2 ^ 48 and c3 == 0xffff * 2 ^ 48
and c2 == 0xffff * 2 ^ 32 and c2 == 0xffff * 2 ^ 32
and c1 == 0xffff * 2 ^ 16 and c1 == 0xffff * 2 ^ 16
and c0 >= 0xfffa and c0 >= 0xfffb
then then
c7, c6, c5, c4, c3, c2, c1, c0 = 0, 0, 0, 0, 0, 0, 0, c0 - 0xfffa c7, c6, c5, c4, c3, c2, c1, c0 = 0, 0, 0, 0, 0, 0, 0, c0 - 0xfffb
end end
-- Decode s. -- Decode s.