X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/a23e71839a8b7caff67b837245236882cc4a23b4..71887b00bdaf045f33da5a528fff4f0a5cdca4ee:/server/bulkcrypto.c

diff --git a/server/bulkcrypto.c b/server/bulkcrypto.c
index 4e98ea12..4c6be323 100644
--- a/server/bulkcrypto.c
+++ b/server/bulkcrypto.c
@@ -1321,7 +1321,8 @@ static int naclbox_chaltag(bulkchal *bc, const void *m, size_t msz,
   poly1305_ctx pm;
   octet b[POLY1305_KEYSZ + POLY1305_MASKSZ];
 
-  assert(SALSA20_NONCESZ <= sizeof(b));
+  STATIC_ASSERT(SALSA20_NONCESZ <= sizeof(b), "Need more space for nonce");
+
   memset(b, 0, SALSA20_NONCESZ - 4); STORE32(b + SALSA20_NONCESZ - 4, seq);
   GC_SETIV(c->c, b); GC_ENCRYPT(c->c, 0, b, sizeof(b));
   poly1305_keyinit(&pk, b, POLY1305_KEYSZ);
@@ -1339,13 +1340,15 @@ static int naclbox_chalvrf(bulkchal *bc, const void *m, size_t msz,
   poly1305_ctx pm;
   octet b[POLY1305_KEYSZ + POLY1305_MASKSZ];
 
-  assert(SALSA20_NONCESZ <= sizeof(b));
+  STATIC_ASSERT(SALSA20_NONCESZ <= sizeof(b), "Need more space for nonce");
+  STATIC_ASSERT(POLY1305_TAGSZ <= sizeof(b), "Need more space for tag");
+
   memset(b, 0, SALSA20_NONCESZ - 4); STORE32(b + SALSA20_NONCESZ - 4, seq);
   GC_SETIV(c->c, b); GC_ENCRYPT(c->c, 0, b, sizeof(b));
   poly1305_keyinit(&pk, b, POLY1305_KEYSZ);
   poly1305_macinit(&pm, &pk, b + POLY1305_KEYSZ);
   if (msz) poly1305_hash(&pm, m, msz);
-  assert(POLY1305_TAGSZ <= sizeof(b)); poly1305_done(&pm, b);
+  poly1305_done(&pm, b);
   return (ct_memeq(t, b, POLY1305_TAGSZ) ? 0 : -1);
 }