BLAKE2s 初期化処理修正
- キー付き初期化時にキーブロックを最初に圧縮 - 初期化パラメータブロックを修正 - 更新処理のカウンタ更新ロジック整理 注:RFC 7693 テストベクトル通過には圧縮関数のさらなる修正必要
This commit is contained in:
km
+12
-15
@@ -154,7 +154,8 @@ int se050_blake2s_init(se050_blake2s_ctx_t *ctx, size_t outlen)
|
||||
}
|
||||
|
||||
/* Initialize hash state with IV XORed with parameter block */
|
||||
ctx->h[0] = BLAKE2S_IV[0] ^ 0x01010020 ^ outlen; /* fanout=1, depth=1, outlen */
|
||||
/* Parameter block: 0x01010000 ^ (0 << 8) ^ outlen = 0x01010000 ^ outlen */
|
||||
ctx->h[0] = BLAKE2S_IV[0] ^ 0x01010000 ^ outlen;
|
||||
ctx->h[1] = BLAKE2S_IV[1];
|
||||
ctx->h[2] = BLAKE2S_IV[2];
|
||||
ctx->h[3] = BLAKE2S_IV[3];
|
||||
@@ -169,7 +170,6 @@ int se050_blake2s_init(se050_blake2s_ctx_t *ctx, size_t outlen)
|
||||
ctx->f[1] = 0;
|
||||
ctx->buflen = 0;
|
||||
ctx->outlen = outlen;
|
||||
ctx->last_node = 0;
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -184,7 +184,7 @@ int se050_blake2s_init_key(se050_blake2s_ctx_t *ctx, size_t outlen,
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Initialize with key */
|
||||
/* Initialize with key: 0x01010000 ^ (keylen << 8) ^ outlen */
|
||||
ctx->h[0] = BLAKE2S_IV[0] ^ 0x01010000 ^ (keylen << 8) ^ outlen;
|
||||
ctx->h[1] = BLAKE2S_IV[1];
|
||||
ctx->h[2] = BLAKE2S_IV[2];
|
||||
@@ -194,17 +194,18 @@ int se050_blake2s_init_key(se050_blake2s_ctx_t *ctx, size_t outlen,
|
||||
ctx->h[6] = BLAKE2S_IV[6];
|
||||
ctx->h[7] = BLAKE2S_IV[7];
|
||||
|
||||
ctx->t[0] = 0;
|
||||
ctx->t[0] = BLAKE2S_BLOCK_SIZE; /* Key block already processed */
|
||||
ctx->t[1] = 0;
|
||||
ctx->f[0] = 0;
|
||||
ctx->f[1] = 0;
|
||||
ctx->buflen = keylen;
|
||||
ctx->buflen = 0; /* Key already compressed */
|
||||
ctx->outlen = outlen;
|
||||
ctx->last_node = 0;
|
||||
|
||||
/* Pad key to block size */
|
||||
memset(ctx->buf, 0, BLAKE2S_BLOCK_SIZE);
|
||||
memcpy(ctx->buf, key, keylen);
|
||||
/* Compress key block */
|
||||
uint8_t key_block[BLAKE2S_BLOCK_SIZE];
|
||||
memset(key_block, 0, BLAKE2S_BLOCK_SIZE);
|
||||
memcpy(key_block, key, keylen);
|
||||
blake2s_compress(ctx, key_block);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -229,25 +230,21 @@ int se050_blake2s_update(se050_blake2s_ctx_t *ctx, const void *data, size_t len)
|
||||
p += left;
|
||||
len -= left;
|
||||
|
||||
/* Update counter */
|
||||
/* Compress the block */
|
||||
ctx->t[0] += BLAKE2S_BLOCK_SIZE;
|
||||
if (ctx->t[0] < BLAKE2S_BLOCK_SIZE) {
|
||||
ctx->t[1]++;
|
||||
}
|
||||
|
||||
/* Compress */
|
||||
blake2s_compress(ctx, ctx->buf);
|
||||
ctx->buflen = 0;
|
||||
}
|
||||
|
||||
/* Process full blocks */
|
||||
while (len >= BLAKE2S_BLOCK_SIZE) {
|
||||
/* Update counter */
|
||||
ctx->t[0] += BLAKE2S_BLOCK_SIZE;
|
||||
if (ctx->t[0] < BLAKE2S_BLOCK_SIZE) {
|
||||
ctx->t[1]++;
|
||||
}
|
||||
|
||||
blake2s_compress(ctx, p);
|
||||
p += BLAKE2S_BLOCK_SIZE;
|
||||
len -= BLAKE2S_BLOCK_SIZE;
|
||||
@@ -268,7 +265,7 @@ int se050_blake2s_final(se050_blake2s_ctx_t *ctx, void *out, size_t outlen)
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Update counter with remaining data */
|
||||
/* Update counter */
|
||||
ctx->t[0] += ctx->buflen;
|
||||
if (ctx->t[0] < ctx->buflen) {
|
||||
ctx->t[1]++;
|
||||
|
||||
Reference in New Issue
Block a user