aead

Pure Haskell AEAD-ChaCha20-Poly1305 (docs.ppad.tech/aead).
git clone git://git.ppad.tech/aead.git
Log | Files | Refs | README | LICENSE

commit 3c3d1f7454b902ccec1108aa708824e4ea90f613
parent 575c92b3a417af978dacea4e4a34a0316b01c71d
Author: Jared Tobin <jared@jtobin.io>
Date:   Tue, 11 Mar 2025 09:16:32 +0400

lib: smarter padding

Diffstat:
Mlib/Crypto/AEAD/ChaCha20Poly1305.hs | 14+++++---------
1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/lib/Crypto/AEAD/ChaCha20Poly1305.hs b/lib/Crypto/AEAD/ChaCha20Poly1305.hs @@ -64,7 +64,7 @@ _poly1305_key_gen key@(BI.PS _ _ l) nonce pad16 :: BS.ByteString -> BS.ByteString pad16 (BI.PS _ _ l) - | l == 16 = mempty + | l `rem` 16 == 0 = mempty | otherwise = BS.replicate (16 - l `rem` 16) 0 {-# INLINE pad16 #-} @@ -98,10 +98,8 @@ encrypt aad key nonce plaintext | otherwise = let otk = _poly1305_key_gen key nonce cip = ChaCha20.cipher key 1 nonce plaintext - md0 | BS.length aad == 0 = mempty - | otherwise = aad <> pad16 aad - md1 | BS.length cip == 0 = md0 - | otherwise = md0 <> cip <> pad16 cip + md0 = aad <> pad16 aad + md1 = md0 <> cip <> pad16 cip md2 = md1 <> unroll8 (fi (BS.length aad)) md3 = md2 <> unroll8 (fi (BS.length cip)) tag = Poly1305.mac otk md3 @@ -132,10 +130,8 @@ decrypt aad key nonce (cip, mac) | BS.length mac /= 16 = Nothing | otherwise = let otk = _poly1305_key_gen key nonce - md0 | BS.length aad == 0 = mempty - | otherwise = aad <> pad16 aad - md1 | BS.length cip == 0 = md0 - | otherwise = md0 <> cip <> pad16 cip + md0 = aad <> pad16 aad + md1 = md0 <> cip <> pad16 cip md2 = md1 <> unroll8 (fi (BS.length aad)) md3 = md2 <> unroll8 (fi (BS.length cip)) tag = Poly1305.mac otk md3