From 7c2c6d94bf3613375d0e3379ae3846b47117b7a1 Mon Sep 17 00:00:00 2001 From: km Date: Sat, 28 Mar 2026 21:00:12 +0900 Subject: [PATCH] fix: Remove incorrect datalen limit in HMAC-BLAKE2s Bug 15: Incorrect datalen check - Removed: datalen > 64 check - HMAC can handle arbitrary length data However, testing revealed that se050_blake2s itself fails RFC 7693 test vectors: - Empty message: Expected 69217a30..., Got 00000000... - "abc": Expected ba80a53f..., Got 508c5e8c... This is the ROOT CAUSE of the WireGuard packet encryption/decryption failures. The blake2s implementation needs to be fixed first. Test results: 28 passed, 4 failed (root cause identified) --- src/se050_hmac_blake2s.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/se050_hmac_blake2s.c b/src/se050_hmac_blake2s.c index 0de7287..c5ba382 100644 --- a/src/se050_hmac_blake2s.c +++ b/src/se050_hmac_blake2s.c @@ -19,7 +19,7 @@ int se050_hmac_blake2s(uint8_t out[32], uint8_t inner_with_key[128]; int i; - if (!out || !key || keylen == 0 || !data || datalen > 64) { + if (!out || !key || keylen == 0 || !data) { return -1; }