Pass the 96bit nonce directly instead of in parts
This commit is contained in:
parent
b5dea9b8dc
commit
322c7cb967
|
@ -21,8 +21,8 @@ def poly1305(m,k):
|
||||||
return unu(a+s,128)
|
return unu(a+s,128)
|
||||||
p16=lambda x:b'\x00'*(-len(x)%16)
|
p16=lambda x:b'\x00'*(-len(x)%16)
|
||||||
tag=lambda a,k,n,c:poly1305(b''.join((a,p16(a),c,p16(c),unu(len(a),64),unu(len(c),64))),ccb(k,0,n)[:32])
|
tag=lambda a,k,n,c:poly1305(b''.join((a,p16(a),c,p16(c),unu(len(a),64),unu(len(c),64))),ccb(k,0,n)[:32])
|
||||||
def enc(a,k,i,f,p):c=bytes(chacha20(k,1,f+i,p));return c+tag(a,k,f+i,c)
|
def enc(a,k,n,p):c=bytes(chacha20(k,1,n,p));return c+tag(a,k,n,c)
|
||||||
def dec(a,k,i,f,e):
|
def dec(a,k,n,e):
|
||||||
c=e[:-16]
|
c=e[:-16]
|
||||||
if not secrets.compare_digest(e[-16:],tag(a,k,f+i,c)):return None
|
if not secrets.compare_digest(e[-16:],tag(a,k,f+i,c)):return None
|
||||||
return bytes(chacha20(k,1,f+i,c))
|
return bytes(chacha20(k,1,f+i,c))
|
||||||
|
|
Loading…
Reference in New Issue