From 323460c6316c6d0cd1e78a54dd26ff0d601d47f8 Mon Sep 17 00:00:00 2001 From: km Date: Thu, 26 Mar 2026 17:22:13 +0900 Subject: [PATCH] =?UTF-8?q?BLAKE2s=20=E5=88=9D=E6=9C=9F=E5=8C=96=E5=87=A6?= =?UTF-8?q?=E7=90=86=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - キー付き初期化時にキーブロックを最初に圧縮 - 初期化パラメータブロックを修正 - 更新処理のカウンタ更新ロジック整理 注:RFC 7693 テストベクトル通過には圧縮関数のさらなる修正必要 --- src/se050_blake2s.c | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/src/se050_blake2s.c b/src/se050_blake2s.c index bbce4f5..bc4c54d 100644 --- a/src/se050_blake2s.c +++ b/src/se050_blake2s.c @@ -154,7 +154,8 @@ int se050_blake2s_init(se050_blake2s_ctx_t *ctx, size_t outlen) } /* Initialize hash state with IV XORed with parameter block */ - ctx->h[0] = BLAKE2S_IV[0] ^ 0x01010020 ^ outlen; /* fanout=1, depth=1, outlen */ + /* Parameter block: 0x01010000 ^ (0 << 8) ^ outlen = 0x01010000 ^ outlen */ + ctx->h[0] = BLAKE2S_IV[0] ^ 0x01010000 ^ outlen; ctx->h[1] = BLAKE2S_IV[1]; ctx->h[2] = BLAKE2S_IV[2]; ctx->h[3] = BLAKE2S_IV[3]; @@ -169,7 +170,6 @@ int se050_blake2s_init(se050_blake2s_ctx_t *ctx, size_t outlen) ctx->f[1] = 0; ctx->buflen = 0; ctx->outlen = outlen; - ctx->last_node = 0; return 0; } @@ -184,7 +184,7 @@ int se050_blake2s_init_key(se050_blake2s_ctx_t *ctx, size_t outlen, return -1; } - /* Initialize with key */ + /* Initialize with key: 0x01010000 ^ (keylen << 8) ^ outlen */ ctx->h[0] = BLAKE2S_IV[0] ^ 0x01010000 ^ (keylen << 8) ^ outlen; ctx->h[1] = BLAKE2S_IV[1]; ctx->h[2] = BLAKE2S_IV[2]; @@ -194,17 +194,18 @@ int se050_blake2s_init_key(se050_blake2s_ctx_t *ctx, size_t outlen, ctx->h[6] = BLAKE2S_IV[6]; ctx->h[7] = BLAKE2S_IV[7]; - ctx->t[0] = 0; + ctx->t[0] = BLAKE2S_BLOCK_SIZE; /* Key block already processed */ ctx->t[1] = 0; ctx->f[0] = 0; ctx->f[1] = 0; - ctx->buflen = keylen; + ctx->buflen = 0; /* Key already compressed */ ctx->outlen = outlen; - ctx->last_node = 0; - /* Pad key to block size */ - memset(ctx->buf, 0, BLAKE2S_BLOCK_SIZE); - memcpy(ctx->buf, key, keylen); + /* Compress key block */ + uint8_t key_block[BLAKE2S_BLOCK_SIZE]; + memset(key_block, 0, BLAKE2S_BLOCK_SIZE); + memcpy(key_block, key, keylen); + blake2s_compress(ctx, key_block); return 0; } @@ -229,25 +230,21 @@ int se050_blake2s_update(se050_blake2s_ctx_t *ctx, const void *data, size_t len) p += left; len -= left; - /* Update counter */ + /* Compress the block */ ctx->t[0] += BLAKE2S_BLOCK_SIZE; if (ctx->t[0] < BLAKE2S_BLOCK_SIZE) { ctx->t[1]++; } - - /* Compress */ blake2s_compress(ctx, ctx->buf); ctx->buflen = 0; } /* Process full blocks */ while (len >= BLAKE2S_BLOCK_SIZE) { - /* Update counter */ ctx->t[0] += BLAKE2S_BLOCK_SIZE; if (ctx->t[0] < BLAKE2S_BLOCK_SIZE) { ctx->t[1]++; } - blake2s_compress(ctx, p); p += BLAKE2S_BLOCK_SIZE; len -= BLAKE2S_BLOCK_SIZE; @@ -268,7 +265,7 @@ int se050_blake2s_final(se050_blake2s_ctx_t *ctx, void *out, size_t outlen) return -1; } - /* Update counter with remaining data */ + /* Update counter */ ctx->t[0] += ctx->buflen; if (ctx->t[0] < ctx->buflen) { ctx->t[1]++;