wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

blake2: avoid writing to output buffer when using default digest length

Browse source 
Signed-off-by: Antoine Salon <asalon@vmware.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7726)
This commit is contained in:
Antoine Salon 2019-01-07 15:09:55 -08:00 committed by Matt Caswell
parent b215db236c
commit 8269e44f9e
2 changed files with 24 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
crypto/blake2/blake2b.c
View file

@ -304,19 +304,26 @@ int BLAKE2b_Update(BLAKE2B_CTX *c, const void *data, size_t datalen)
int BLAKE2b_Final(unsigned char *md, BLAKE2B_CTX *c)
{
uint8_t outbuffer[BLAKE2B_OUTBYTES] = {0};
uint8_t *target = outbuffer;
int iter = (c->outlen + 7) / 8;
int i;
/* Avoid writing to the temporary buffer if possible */
if ((c->outlen % sizeof(c->h[0])) == 0)
target = md;
blake2b_set_lastblock(c);
/* Padding */
memset(c->buf + c->buflen, 0, sizeof(c->buf) - c->buflen);
blake2b_compress(c, c->buf, c->buflen);
/* Output full hash to temp buffer */
for (i = 0; i < 8; ++i) {
store64(outbuffer + sizeof(c->h[i]) * i, c->h[i]);
}
/* Output full hash to buffer */
for (i = 0; i < iter; ++i)
store64(target + sizeof(c->h[i]) * i, c->h[i]);
if (target != md)
memcpy(md, target, c->outlen);
memcpy(md, outbuffer, c->outlen);
OPENSSL_cleanse(c, sizeof(BLAKE2B_CTX));
return 1;
}

17
crypto/blake2/blake2s.c
View file

@ -295,19 +295,26 @@ int BLAKE2s_Update(BLAKE2S_CTX *c, const void *data, size_t datalen)
int BLAKE2s_Final(unsigned char *md, BLAKE2S_CTX *c)
{
uint8_t outbuffer[BLAKE2S_OUTBYTES] = {0};
uint8_t *target = outbuffer;
int iter = (c->outlen + 3) / 4;
int i;
/* Avoid writing to the temporary buffer if possible */
if ((c->outlen % sizeof(c->h[0])) == 0)
target = md;
blake2s_set_lastblock(c);
/* Padding */
memset(c->buf + c->buflen, 0, sizeof(c->buf) - c->buflen);
blake2s_compress(c, c->buf, c->buflen);
/* Output full hash to temp buffer */
for (i = 0; i < 8; ++i) {
store32(outbuffer + sizeof(c->h[i]) * i, c->h[i]);
}
/* Output full hash to buffer */
for (i = 0; i < iter; ++i)
store32(target + sizeof(c->h[i]) * i, c->h[i]);
if (target != md)
memcpy(md, target, c->outlen);
memcpy(md, outbuffer, c->outlen);
OPENSSL_cleanse(c, sizeof(BLAKE2S_CTX));
return 1;
}