RFC Errata

Errata Search

Source of RFC
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 8439, "ChaCha20 and Poly1305 for IETF Protocols", June 2018

Source of RFC: IRTF

Errata ID: 5689
Status: Verified
Type: Technical

Reported By: Stefan Heiss
Date Reported: 2019-04-11
Verifier Name: Colin Perkins
Date Verified: 2019-04-15

Section 2.5.1 says:

```for i=1 upto ceil(msg length in bytes / 16)
n = le_bytes_to_num(msg[((i-1)*16)..(i*16)] | [0x01])
a += n
a = (r * a) % p
end

```

It should say:

```for i=1 upto ceil(msg length in bytes / 16)
j = min(i*16-1, msg length in bytes - 1)
n = le_bytes_to_num(msg[((i-1)*16)..j] | [0x01])
a += n
a = (r * a) % p
end

```

Notes:

Correction of Errata 5675

Status: Rejected (1)

RFC 8439, "ChaCha20 and Poly1305 for IETF Protocols", June 2018

Source of RFC: IRTF

Errata ID: 5675
Status: Rejected
Type: Technical

Reported By: Stefan Heiss
Date Reported: 2019-03-25
Rejected by: Colin Perkins
Date Rejected: 2019-04-15

Section 2.5.1 says:

```for i=1 upto ceil(msg length in bytes / 16)
n = le_bytes_to_num(msg[((i-1)*16)..(i*16)] | [0x01])
a += n
a = (r * a) % p
end
```

It should say:

```for i=1 upto floor(msg length in bytes / 16)
j = min(i*16-1, msg length in bytes - 1)
n = le_bytes_to_num(msg[((i-1)*16)..j] | [0x01])
a += n
a = (r * a) % p
end

```

Notes:

Corection for lengths of msg blocks (full blocks are of size 16, NOT 17 and last blocks of size != 16 have to be treated separately).
--VERIFIER NOTES--
Rejected in favour of errata 5689.

Report New Errata