void ChaCha::set_iv(const byte iv[], size_t length)
{
if(!valid_iv_length(length))
throw Invalid_IV_Length(name(), length);
m_state[12] = 0;
m_state[13] = 0;
if(length == 8)
{
m_state[14] = load_le<u32bit>(iv, 0);
m_state[15] = load_le<u32bit>(iv, 1);
}
else if(length == 12)
{
m_state[13] = load_le<u32bit>(iv, 0);
m_state[14] = load_le<u32bit>(iv, 1);
m_state[15] = load_le<u32bit>(iv, 2);
}
chacha(m_buffer.data(), m_state.data());
++m_state[12];
m_state[13] += (m_state[12] == 0);
m_position = 0;
}
void OFB::set_iv(const byte iv[], size_t iv_len)
{
if(!valid_iv_length(iv_len))
throw Invalid_IV_Length(name(), iv_len);
zeroise(m_buffer);
buffer_insert(m_buffer, 0, iv, iv_len);
m_cipher->encrypt(m_buffer);
m_buf_pos = 0;
}
/*
* Set the Salsa IV
*/
void Salsa20::set_iv(const uint8_t iv[], size_t length)
{
if(!valid_iv_length(length))
throw Invalid_IV_Length(name(), length);
if(length == 0)
{
// Salsa20 null IV
m_state[6] = 0;
m_state[7] = 0;
}
else if(length == 8)
{
// Salsa20
m_state[6] = load_le<uint32_t>(iv, 0);
m_state[7] = load_le<uint32_t>(iv, 1);
}
else
{
// XSalsa20
m_state[6] = load_le<uint32_t>(iv, 0);
m_state[7] = load_le<uint32_t>(iv, 1);
m_state[8] = load_le<uint32_t>(iv, 2);
m_state[9] = load_le<uint32_t>(iv, 3);
secure_vector<uint32_t> hsalsa(8);
hsalsa20(hsalsa.data(), m_state.data());
m_state[ 1] = hsalsa[0];
m_state[ 2] = hsalsa[1];
m_state[ 3] = hsalsa[2];
m_state[ 4] = hsalsa[3];
m_state[ 6] = load_le<uint32_t>(iv, 4);
m_state[ 7] = load_le<uint32_t>(iv, 5);
m_state[11] = hsalsa[4];
m_state[12] = hsalsa[5];
m_state[13] = hsalsa[6];
m_state[14] = hsalsa[7];
}
m_state[8] = 0;
m_state[9] = 0;
salsa20(m_buffer.data(), m_state.data());
++m_state[8];
m_state[9] += (m_state[8] == 0);
m_position = 0;
}
void StreamCipher::set_iv(const byte[], size_t iv_len)
{
if(!valid_iv_length(iv_len))
throw Invalid_IV_Length(name(), iv_len);
}
