shithub: blake2

Download patch

ref: fc572de97b38150710b96b4df515e2b7f013c9ea
parent: 168fbb78f53f684384ec1fa71e509475e96cd1ea
parent: bcc99c1b6a4888fe0c289995879144b489f0dff8
author: Samuel Neves <sneves@users.noreply.github.com>
date: Wed Apr 6 00:58:00 EDT 2016 

Merge pull request #21 from jedisct1/check-multiple-finalizations

blake2*_final() should return an error if called twice


--- a/ref/blake2b-ref.c
+++ b/ref/blake2b-ref.c
@@ -58,6 +58,11 @@
 }
 
 /* Some helper functions, not necessarily useful */
+static inline int blake2b_is_lastblock( const blake2b_state *S )
+{
+  return S->f[0] != 0;
+}
+
 static inline int blake2b_set_lastblock( blake2b_state *S )
 {
   if( S->last_node ) blake2b_set_lastnode( S );
@@ -315,6 +320,9 @@
   uint8_t buffer[BLAKE2B_OUTBYTES] = {0};
 
   if( out == NULL || outlen == 0 || outlen > BLAKE2B_OUTBYTES )
+    return -1;
+
+  if( blake2b_is_lastblock( S ) )
     return -1;
 
   if( S->buflen > BLAKE2B_BLOCKBYTES )
--- a/ref/blake2s-ref.c
+++ b/ref/blake2s-ref.c
@@ -53,6 +53,11 @@
 }
 
 /* Some helper functions, not necessarily useful */
+static inline int blake2s_is_lastblock( const blake2s_state *S )
+{
+  return S->f[0] != 0;
+}
+
 static inline int blake2s_set_lastblock( blake2s_state *S )
 {
   if( S->last_node ) blake2s_set_lastnode( S );
@@ -305,6 +310,10 @@
 
   if( out == NULL || outlen == 0 || outlen > BLAKE2S_OUTBYTES )
     return -1;
+
+  if( blake2s_is_lastblock( S ) )
+    return -1;
+
 
   if( S->buflen > BLAKE2S_BLOCKBYTES )
   {
--- a/sse/blake2b.c
+++ b/sse/blake2b.c
@@ -79,6 +79,11 @@
   return 0;
 }
 
+static inline int blake2b_is_lastblock( const blake2b_state *S )
+{
+  return S->f[0] != 0;
+}
+
 static inline int blake2b_set_lastblock( blake2b_state *S )
 {
   if( S->last_node ) blake2b_set_lastnode( S );
@@ -353,6 +358,9 @@
 int blake2b_final( blake2b_state *S, uint8_t *out, uint8_t outlen )
 {
   if( outlen > BLAKE2B_OUTBYTES )
+    return -1;
+
+  if( blake2b_is_lastblock( S ) )
     return -1;
 
   if( S->buflen > BLAKE2B_BLOCKBYTES )
--- a/sse/blake2s.c
+++ b/sse/blake2s.c
@@ -73,6 +73,11 @@
   return 0;
 }
 
+static inline int blake2s_is_lastblock( const blake2s_state *S )
+{
+  return S->f[0] != 0;
+}
+
 static inline int blake2s_set_lastblock( blake2s_state *S )
 {
   if( S->last_node ) blake2s_set_lastnode( S );
@@ -331,6 +336,9 @@
   uint8_t buffer[BLAKE2S_OUTBYTES] = {0};
 
   if( outlen > BLAKE2S_OUTBYTES )
+    return -1;
+
+  if( blake2s_is_lastblock( S ) )
     return -1;
 
   if( S->buflen > BLAKE2S_BLOCKBYTES )
--