From df1e4130722943b15563e92a0595b31c603aa34d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rafa=C5=82=20Fabich?= <rafal.fabich@thorium.space>
Date: Thu, 25 Apr 2019 16:35:39 +0200
Subject: [PATCH] Salsa20: Fix in the nonce and the counter handling to comply
 with the Salsa20 standard

---
 src/salsa20.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/salsa20.c b/src/salsa20.c
index 34bd156..dbf3c0a 100644
--- a/src/salsa20.c
+++ b/src/salsa20.c
@@ -139,7 +139,7 @@ void cf_salsa20_init(cf_salsa20_ctx *ctx, const uint8_t *key, size_t nkey, const
   }
 
   memset(ctx->nonce, 0, sizeof ctx->nonce);
-  memcpy(ctx->nonce + 8, nonce, 8);
+  memcpy(ctx->nonce, nonce, 8);
   ctx->nblock = 0;
   ctx->ncounter = 8;
 }
@@ -152,7 +152,7 @@ static void cf_salsa20_next_block(void *vctx, uint8_t *out)
                   ctx->nonce,
                   ctx->constant,
                   out);
-  incr_le(ctx->nonce, ctx->ncounter);
+  incr_le(ctx->nonce + 8, ctx->ncounter);
 }
 
 void cf_salsa20_cipher(cf_salsa20_ctx *ctx, const uint8_t *input, uint8_t *output, size_t bytes)