server/bulkcrypto.c: Replace dynamic assertions with static ones.

[tripe] / server / bulkcrypto.c

diff --git a/server/bulkcrypto.c b/server/bulkcrypto.c
index 4e98ea1..4c6be32 100644 (file)
--- a/server/bulkcrypto.c
+++ b/server/bulkcrypto.c
@@ -1321,7 +1321,8 @@ static int naclbox_chaltag(bulkchal *bc, const void *m, size_t msz,
   poly1305_ctx pm;
   octet b[POLY1305_KEYSZ + POLY1305_MASKSZ];
 
-  assert(SALSA20_NONCESZ <= sizeof(b));
+  STATIC_ASSERT(SALSA20_NONCESZ <= sizeof(b), "Need more space for nonce");
+
   memset(b, 0, SALSA20_NONCESZ - 4); STORE32(b + SALSA20_NONCESZ - 4, seq);
   GC_SETIV(c->c, b); GC_ENCRYPT(c->c, 0, b, sizeof(b));
   poly1305_keyinit(&pk, b, POLY1305_KEYSZ);
@@ -1339,13 +1340,15 @@ static int naclbox_chalvrf(bulkchal *bc, const void *m, size_t msz,
   poly1305_ctx pm;
   octet b[POLY1305_KEYSZ + POLY1305_MASKSZ];
 
-  assert(SALSA20_NONCESZ <= sizeof(b));
+  STATIC_ASSERT(SALSA20_NONCESZ <= sizeof(b), "Need more space for nonce");
+  STATIC_ASSERT(POLY1305_TAGSZ <= sizeof(b), "Need more space for tag");
+
   memset(b, 0, SALSA20_NONCESZ - 4); STORE32(b + SALSA20_NONCESZ - 4, seq);
   GC_SETIV(c->c, b); GC_ENCRYPT(c->c, 0, b, sizeof(b));
   poly1305_keyinit(&pk, b, POLY1305_KEYSZ);
   poly1305_macinit(&pm, &pk, b + POLY1305_KEYSZ);
   if (msz) poly1305_hash(&pm, m, msz);
-  assert(POLY1305_TAGSZ <= sizeof(b)); poly1305_done(&pm, b);
+  poly1305_done(&pm, b);
   return (ct_memeq(t, b, POLY1305_TAGSZ) ? 0 : -1);
 }