/* Is this correct? */ int blake2b_final( blake2b_state *S, byte *out, byte outlen ) { byte buffer[BLAKE2B_OUTBYTES]; int i; if( S->buflen > BLAKE2B_BLOCKBYTES ) { blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); if ( blake2b_compress( S, S->buf ) < 0 ) return -1; S->buflen -= BLAKE2B_BLOCKBYTES; XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, (wolfssl_word)S->buflen ); } blake2b_increment_counter( S, S->buflen ); blake2b_set_lastblock( S ); XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) ); /* Padding */ if ( blake2b_compress( S, S->buf ) < 0 ) return -1; for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ store64( buffer + sizeof( S->h[i] ) * i, S->h[i] ); XMEMCPY( out, buffer, outlen ); return 0; }
int blake2b_done(hash_state *md, unsigned char *out) { unsigned char buffer[BLAKE2B_OUTBYTES] = { 0 }; unsigned long i; LTC_ARGCHK(md != NULL); LTC_ARGCHK(out != NULL); /* if(md->blakebs.outlen != outlen) return CRYPT_INVALID_ARG; */ if (blake2b_is_lastblock(md)) return CRYPT_ERROR; blake2b_increment_counter(md, md->blake2b.curlen); blake2b_set_lastblock(md); XMEMSET(md->blake2b.buf + md->blake2b.curlen, 0, BLAKE2B_BLOCKBYTES - md->blake2b.curlen); /* Padding */ blake2b_compress(md, md->blake2b.buf); for (i = 0; i < 8; ++i) /* Output full hash to temp buffer */ STORE64L(md->blake2b.h[i], buffer + i * 8); XMEMCPY(out, buffer, md->blake2b.outlen); zeromem(md, sizeof(hash_state)); #ifdef LTC_CLEAN_STACK zeromem(buffer, sizeof(buffer)); #endif return CRYPT_OK; }
/* Is this correct? */ int blake2b_final( blake2b_state *S, uint8_t *out, uint8_t outlen ) { uint8_t buffer[BLAKE2B_OUTBYTES] = {0}; if( outlen > BLAKE2B_OUTBYTES ) return -1; if( S->buflen > BLAKE2B_BLOCKBYTES ) { blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); blake2b_compress( S, S->buf ); S->buflen -= BLAKE2B_BLOCKBYTES; memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, S->buflen ); } blake2b_increment_counter( S, S->buflen ); blake2b_set_lastblock( S ); memset( S->buf + S->buflen, 0, 2 * BLAKE2B_BLOCKBYTES - S->buflen ); /* Padding */ blake2b_compress( S, S->buf ); for( int i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ store64( buffer + sizeof( S->h[i] ) * i, S->h[i] ); memcpy( out, buffer, outlen ); return 0; }
int blake2b_final( blake2b_state *S, uint8_t *out, uint8_t outlen ) { if( !outlen || outlen > BLAKE2B_OUTBYTES ) { abort(); /* LCOV_EXCL_LINE */ } if( S->buflen > BLAKE2B_BLOCKBYTES ) { blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); blake2b_compress( S, S->buf ); S->buflen -= BLAKE2B_BLOCKBYTES; assert( S->buflen <= BLAKE2B_BLOCKBYTES ); memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, S->buflen ); } blake2b_increment_counter( S, S->buflen ); blake2b_set_lastblock( S ); memset( S->buf + S->buflen, 0, 2 * BLAKE2B_BLOCKBYTES - S->buflen ); /* Padding */ blake2b_compress( S, S->buf ); #ifdef NATIVE_LITTLE_ENDIAN memcpy( out, &S->h[0], outlen ); #else { uint8_t buffer[BLAKE2B_OUTBYTES]; int i; for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ STORE64_LE( buffer + sizeof( S->h[i] ) * i, S->h[i] ); memcpy( out, buffer, outlen ); } #endif return 0; }
int blake2b_final(blake2b_state *S, void *out, size_t outlen) { uint8_t buffer[BLAKE2B_OUTBYTES] = {0}; unsigned int i; /* Sanity checks */ if (S == NULL || out == NULL || outlen < S->outlen) { return -1; } /* Is this a reused state? */ if (S->f[0] != 0) { return -1; } blake2b_increment_counter(S, S->buflen); blake2b_set_lastblock(S); memset(&S->buf[S->buflen], 0, BLAKE2B_BLOCKBYTES - S->buflen); /* Padding */ blake2b_compress(S, S->buf); for (i = 0; i < 8; ++i) { /* Output full hash to temp buffer */ store64(buffer + sizeof(S->h[i]) * i, S->h[i]); } memcpy(out, buffer, S->outlen); burn(buffer, sizeof(buffer)); burn(S->buf, sizeof(S->buf)); burn(S->h, sizeof(S->h)); return 0; }
/* * Calculate the final hash and save it in md. * Always returns 1. */ int BLAKE2b_Final(unsigned char *md, BLAKE2B_CTX *c) { uint8_t outbuffer[BLAKE2B_OUTBYTES] = {0}; uint8_t *target = outbuffer; int iter = (c->outlen + 7) / 8; int i; /* Avoid writing to the temporary buffer if possible */ if ((c->outlen % sizeof(c->h[0])) == 0) target = md; blake2b_set_lastblock(c); /* Padding */ memset(c->buf + c->buflen, 0, sizeof(c->buf) - c->buflen); blake2b_compress(c, c->buf, c->buflen); /* Output full hash to buffer */ for (i = 0; i < iter; ++i) store64(target + sizeof(c->h[i]) * i, c->h[i]); if (target != md) memcpy(md, target, c->outlen); OPENSSL_cleanse(c, sizeof(BLAKE2B_CTX)); return 1; }
/* Single round of Blake2b that hashes two 512bit inputs to one 512bit hash * The round that is used is determined by the current vertex index(vindex). * A single state is used for every consecutive call. */ void __HashFast(int vindex, const uint8_t* i1, const uint8_t* i2, uint8_t hash[H_LEN]){ memcpy(_state.buf, i1, H_LEN); memcpy(_state.buf + H_LEN, i2, H_LEN); _state.buflen = 128; blake2b_increment_counter(&_state, _state.buflen); blake2b_set_lastblock(&_state); //No Padding necessary because the last 1024bits of _state.buf are 0 anyways const int rindex = vindex % 12; blake2round(&_state, _state.buf, rindex); memcpy(hash, &_state.h[0], H_LEN); }
int blake2b_final( blake2b_state *S, uint8_t *out, uint8_t outlen ) { if( S->buflen > BLAKE2B_BLOCKBYTES ) { blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); blake2b_compress( S, S->buf ); S->buflen -= BLAKE2B_BLOCKBYTES; memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, S->buflen ); } blake2b_increment_counter( S, S->buflen ); blake2b_set_lastblock( S ); memset( S->buf + S->buflen, 0, 2 * BLAKE2B_BLOCKBYTES - S->buflen ); /* Padding */ blake2b_compress( S, S->buf ); memcpy( out, &S->h[0], outlen ); return 0; }
int blake2b_final( blake2b_state *S, void *out, size_t outlen ) { uint8_t buffer[BLAKE2B_OUTBYTES] = {0}; size_t i; if( out == NULL || outlen < S->outlen ) return -1; if( blake2b_is_lastblock( S ) ) return -1; blake2b_increment_counter( S, S->buflen ); blake2b_set_lastblock( S ); memset( S->buf + S->buflen, 0, BLAKE2B_BLOCKBYTES - S->buflen ); /* Padding */ blake2b_compress( S, S->buf ); for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ store64( buffer + sizeof( S->h[i] ) * i, S->h[i] ); memcpy( out, buffer, S->outlen ); secure_zero_memory(buffer, sizeof(buffer)); return 0; }
static BLAKE2_INLINE void blake2b_invalidate_state(blake2b_state *S) { burn(S, sizeof(*S)); /* wipe */ blake2b_set_lastblock(S); /* invalidate for further use */ }