feat: Replace Poly1305 with RFC 8439 compliant implementation

Browse Source

Copied from se050-wgtest which has verified implementation:
- aead_poly1305_input() for proper AAD + ciphertext processing
- Complete poly1305_final() with full 128-bit MAC output
- Uses s[0..3] (key[16..31]) for correct MAC computation
- Constant-time reduction with proper mask handling

Test results:
- RFC 8439 §2.8.2: ALL PASS ✅
- WireGuard tests: 28 passed, 4 failed (remaining issue: AAD processing)

...

This commit is contained in:

km

2026-03-29 07:12:18 +09:00

parent 43643bc4cf

commit 675e452071

1 changed files with 485 additions and 716 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

src/se050_chacha20_poly1305.c

+465 -696

File diff suppressed because it is too large Load Diff