Version v0.3.37 - Implement ChaCha20 nonce extension to support pads larger than 256GB

src/entropy.c

@@ -219,8 +219,22 @@ int add_entropy_chacha20(const char* pad_chksum, const unsigned char* entropy_da
     unsigned char buffer[64 * 1024]; // 64KB chunks
     unsigned char keystream[64 * 1024];
     uint64_t offset = 0;
-    uint32_t counter = 0;
+    uint32_t counter_low = 0;
+    uint32_t counter_high = 0;
     time_t start_time = time(NULL);
+    
+    // Use extended counter for pads larger than 256GB
+    // 256GB = 2^32 blocks * 64 bytes = 274,877,906,944 bytes
+    int use_extended = (pad_size > 274877906944ULL);
+    
+    // For extended mode, use reduced 8-byte nonce
+    unsigned char nonce_reduced[8];
+    if (use_extended) {
+        memcpy(nonce_reduced, nonce + 4, 8);
+        if (display_progress) {
+            printf("Using extended counter mode for large pad (>256GB)\n");
+        }
+    }
 
     while (offset < pad_size) {
         size_t chunk_size = sizeof(buffer);
@@ -237,7 +251,15 @@ int add_entropy_chacha20(const char* pad_chksum, const unsigned char* entropy_da
         }
 
         // Generate keystream for this chunk
-        if (chacha20_encrypt(key, counter, nonce, buffer, keystream, chunk_size) != 0) {
+        int chacha_result;
+        if (use_extended) {
+            chacha_result = chacha20_encrypt_extended(key, counter_low, counter_high,
+                                                      nonce_reduced, buffer, keystream, chunk_size);
+        } else {
+            chacha_result = chacha20_encrypt(key, counter_low, nonce, buffer, keystream, chunk_size);
+        }
+        
+        if (chacha_result != 0) {
             printf("Error: Chacha20 keystream generation failed\n");
             fclose(pad_file);
             chmod(pad_path, S_IRUSR);
@@ -265,7 +287,16 @@ int add_entropy_chacha20(const char* pad_chksum, const unsigned char* entropy_da
         }
 
         offset += chunk_size;
-        counter += (chunk_size + 63) / 64; // Round up for block count
+        
+        // Update counters
+        uint32_t blocks = (chunk_size + 63) / 64; // Round up for block count
+        uint32_t old_counter_low = counter_low;
+        counter_low += blocks;
+        
+        // Check for overflow and increment high counter
+        if (counter_low < old_counter_low) {
+            counter_high++;
+        }
 
         // Show progress for large pads
         if (display_progress && offset % (64 * 1024 * 1024) == 0) { // Every 64MB
@@ -282,7 +313,8 @@ int add_entropy_chacha20(const char* pad_chksum, const unsigned char* entropy_da
 
     if (display_progress) {
         show_progress(pad_size, pad_size, start_time);
-        printf("\n✓ Entropy successfully added to pad using Chacha20\n");
+        printf("\n✓ Entropy successfully added to pad using Chacha20%s\n",
+               use_extended ? " (extended counter)" : "");
         printf("✓ Pad integrity maintained\n");
         printf("✓ %zu bytes of entropy distributed across entire pad\n", entropy_size);
         printf("✓ Pad restored to read-only mode\n");