// ring has a garbage API so its use is avoided, but rust-crypto doesn't have RFC-variant poly1305
// Instead, we steal rust-crypto's implementation and tweak it to match the RFC.
-
-// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
-// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
-// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
-// option. This file may not be copied, modified, or distributed
-// except according to those terms.
-
+//
+// This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
+// or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
+// You may not use this file except in accordance with one or both of these
+// licenses.
+//
// This is a port of Andrew Moons poly1305-donna
// https://github.com/floodyberry/poly1305-donna
use util::poly1305::Poly1305;
use bitcoin::hashes::cmp::fixed_time_eq;
- use util::byte_utils;
-
#[derive(Clone, Copy)]
pub struct ChaCha20Poly1305RFC {
cipher: ChaCha20,
ChaCha20Poly1305RFC::pad_mac_16(&mut mac, aad.len());
ChaCha20Poly1305RFC {
- cipher: cipher,
- mac: mac,
+ cipher,
+ mac,
finished: false,
data_len: 0,
aad_len: aad.len() as u64,
self.mac.input(output);
ChaCha20Poly1305RFC::pad_mac_16(&mut self.mac, self.data_len);
self.finished = true;
- self.mac.input(&byte_utils::le64_to_array(self.aad_len));
- self.mac.input(&byte_utils::le64_to_array(self.data_len as u64));
+ self.mac.input(&self.aad_len.to_le_bytes());
+ self.mac.input(&(self.data_len as u64).to_le_bytes());
self.mac.raw_result(out_tag);
}
self.data_len += input.len();
ChaCha20Poly1305RFC::pad_mac_16(&mut self.mac, self.data_len);
- self.mac.input(&byte_utils::le64_to_array(self.aad_len));
- self.mac.input(&byte_utils::le64_to_array(self.data_len as u64));
+ self.mac.input(&self.aad_len.to_le_bytes());
+ self.mac.input(&(self.data_len as u64).to_le_bytes());
let mut calc_tag = [0u8; 16];
self.mac.raw_result(&mut calc_tag);