From a430accd11731f3f8d2aa76fedca3d054aff7750 Mon Sep 17 00:00:00 2001
From: km <km@tsukuyomi-win10.localdomain>
Date: Sun, 29 Mar 2026 05:28:54 +0900
Subject: [PATCH] fix: BLAKE2s NULL pointer check for empty messages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bug fix: se050_blake2s_update NULL check
- Changed: if (!ctx || !data) → if (!ctx) + if (len > 0 && !data)
- Allows NULL data when len == 0 (empty message case)

This fixes RFC 7693 empty message test vector:
- Empty: 69217a30... ✅ PASS
- "abc": 508c5e8c... ✅ PASS (verified correct value)

WireGuard tests: 28 passed, 4 failed (BLAKE2s fixed, other issues remain)
---
 src/se050_blake2s.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/se050_blake2s.c b/src/se050_blake2s.c
index 12ad37e..bb1d5a1 100644
--- a/src/se050_blake2s.c
+++ b/src/se050_blake2s.c
@@ -137,7 +137,8 @@ int se050_blake2s_update(se050_blake2s_ctx_t *ctx, const void *data, size_t len)
 {
     blake2s_internal_t *inner = (blake2s_internal_t *)ctx;
     const uint8_t *in = (const uint8_t *)data;
-    if (!ctx || !data) return -1;
+    if (!ctx) return -1;
+    if (len > 0 && !data) return -1;
     if (len > 0) {
         size_t left = inner->buflen, fill = 64 - left;
         
@@ -247,7 +248,8 @@ int se050_wireguard_generate_secret(uint8_t out[32], const uint8_t *input, size_
 #include <stdio.h>
 
 
-/* RFC 7693 Corrected Test Vector (page 15) */
+/* RFC 7693 Test Vector (page 15) - BLAKE2s-256("abc") */
+/* Note: The value 508c5e8c... is the correct BLAKE2s-256("abc") digest */
 static const uint8_t BLAKE2S_ABC_DIGEST[32] = {
     0x50,0x8c,0x5e,0x8c,0x32,0x7c,0x14,0xe2,
     0xe1,0xa7,0x2b,0xa3,0x4e,0xeb,0x45,0x2f,