/src/wolfssl-normal-math/wolfcrypt/src/blake2b.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | BLAKE2 reference source code package - reference C implementations |
3 | | |
4 | | Written in 2012 by Samuel Neves <sneves@dei.uc.pt> |
5 | | |
6 | | To the extent possible under law, the author(s) have dedicated all copyright |
7 | | and related and neighboring rights to this software to the public domain |
8 | | worldwide. This software is distributed without any warranty. |
9 | | |
10 | | You should have received a copy of the CC0 Public Domain Dedication along with |
11 | | this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>. |
12 | | */ |
13 | | /* blake2b.c |
14 | | * |
15 | | * Copyright (C) 2006-2022 wolfSSL Inc. |
16 | | * |
17 | | * This file is part of wolfSSL. |
18 | | * |
19 | | * wolfSSL is free software; you can redistribute it and/or modify |
20 | | * it under the terms of the GNU General Public License as published by |
21 | | * the Free Software Foundation; either version 2 of the License, or |
22 | | * (at your option) any later version. |
23 | | * |
24 | | * wolfSSL is distributed in the hope that it will be useful, |
25 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
26 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
27 | | * GNU General Public License for more details. |
28 | | * |
29 | | * You should have received a copy of the GNU General Public License |
30 | | * along with this program; if not, write to the Free Software |
31 | | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
32 | | */ |
33 | | |
34 | | |
35 | | |
36 | | #ifdef HAVE_CONFIG_H |
37 | | #include <config.h> |
38 | | #endif |
39 | | |
40 | | #include <wolfssl/wolfcrypt/settings.h> |
41 | | |
42 | | #ifdef HAVE_BLAKE2 |
43 | | |
44 | | #include <wolfssl/wolfcrypt/blake2.h> |
45 | | #include <wolfssl/wolfcrypt/blake2-impl.h> |
46 | | #include <wolfssl/wolfcrypt/error-crypt.h> |
47 | | |
48 | | |
49 | | static const word64 blake2b_IV[8] = |
50 | | { |
51 | | 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, |
52 | | 0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL, |
53 | | 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, |
54 | | 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL |
55 | | }; |
56 | | |
57 | | static const byte blake2b_sigma[12][16] = |
58 | | { |
59 | | { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , |
60 | | { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } , |
61 | | { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } , |
62 | | { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } , |
63 | | { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } , |
64 | | { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } , |
65 | | { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } , |
66 | | { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } , |
67 | | { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } , |
68 | | { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } , |
69 | | { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , |
70 | | { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } |
71 | | }; |
72 | | |
73 | | |
74 | | static WC_INLINE int blake2b_set_lastnode( blake2b_state *S ) |
75 | 0 | { |
76 | 0 | S->f[1] = ~0ULL; |
77 | 0 | return 0; |
78 | 0 | } |
79 | | |
80 | | /* Some helper functions, not necessarily useful */ |
81 | | static WC_INLINE int blake2b_set_lastblock( blake2b_state *S ) |
82 | 0 | { |
83 | 0 | if( S->last_node ) blake2b_set_lastnode( S ); |
84 | |
|
85 | 0 | S->f[0] = ~0ULL; |
86 | 0 | return 0; |
87 | 0 | } |
88 | | |
89 | | static WC_INLINE int blake2b_increment_counter( blake2b_state *S, const word64 |
90 | | inc ) |
91 | 0 | { |
92 | 0 | S->t[0] += inc; |
93 | 0 | S->t[1] += ( S->t[0] < inc ); |
94 | 0 | return 0; |
95 | 0 | } |
96 | | |
97 | | static WC_INLINE int blake2b_init0( blake2b_state *S ) |
98 | 0 | { |
99 | 0 | int i; |
100 | 0 | XMEMSET( S, 0, sizeof( blake2b_state ) ); |
101 | |
|
102 | 0 | for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i]; |
103 | |
|
104 | 0 | return 0; |
105 | 0 | } |
106 | | |
107 | | /* init xors IV with input parameter block */ |
108 | | int blake2b_init_param( blake2b_state *S, const blake2b_param *P ) |
109 | 0 | { |
110 | 0 | word32 i; |
111 | 0 | byte *p ; |
112 | 0 | blake2b_init0( S ); |
113 | 0 | p = ( byte * )( P ); |
114 | | |
115 | | /* IV XOR ParamBlock */ |
116 | 0 | for( i = 0; i < 8; ++i ) |
117 | 0 | S->h[i] ^= load64( p + sizeof( S->h[i] ) * i ); |
118 | |
|
119 | 0 | return 0; |
120 | 0 | } |
121 | | |
122 | | |
123 | | int blake2b_init( blake2b_state *S, const byte outlen ) |
124 | 0 | { |
125 | | #ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD |
126 | | blake2b_param P[1]; |
127 | | #else |
128 | 0 | volatile blake2b_param P[1]; |
129 | 0 | #endif |
130 | |
|
131 | 0 | if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return BAD_FUNC_ARG; |
132 | | |
133 | | #ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD |
134 | | P->digest_length = outlen; |
135 | | P->key_length = 0; |
136 | | P->fanout = 1; |
137 | | P->depth = 1; |
138 | | store32( &P->leaf_length, 0 ); |
139 | | store64( &P->node_offset, 0 ); |
140 | | P->node_depth = 0; |
141 | | P->inner_length = 0; |
142 | | XMEMSET( P->reserved, 0, sizeof( P->reserved ) ); |
143 | | XMEMSET( P->salt, 0, sizeof( P->salt ) ); |
144 | | XMEMSET( P->personal, 0, sizeof( P->personal ) ); |
145 | | #else |
146 | 0 | XMEMSET( (blake2b_param *)P, 0, sizeof( *P ) ); |
147 | 0 | P->digest_length = outlen; |
148 | 0 | P->fanout = 1; |
149 | 0 | P->depth = 1; |
150 | 0 | #endif |
151 | 0 | return blake2b_init_param( S, (blake2b_param *)P ); |
152 | 0 | } |
153 | | |
154 | | |
155 | | int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, |
156 | | const byte keylen ) |
157 | 0 | { |
158 | 0 | int ret = 0; |
159 | | #ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD |
160 | | blake2b_param P[1]; |
161 | | #else |
162 | 0 | volatile blake2b_param P[1]; |
163 | 0 | #endif |
164 | |
|
165 | 0 | if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return BAD_FUNC_ARG; |
166 | | |
167 | 0 | if ( !key || !keylen || keylen > BLAKE2B_KEYBYTES ) return BAD_FUNC_ARG; |
168 | | |
169 | | #ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD |
170 | | P->digest_length = outlen; |
171 | | P->key_length = keylen; |
172 | | P->fanout = 1; |
173 | | P->depth = 1; |
174 | | store32( &P->leaf_length, 0 ); |
175 | | store64( &P->node_offset, 0 ); |
176 | | P->node_depth = 0; |
177 | | P->inner_length = 0; |
178 | | XMEMSET( P->reserved, 0, sizeof( P->reserved ) ); |
179 | | XMEMSET( P->salt, 0, sizeof( P->salt ) ); |
180 | | XMEMSET( P->personal, 0, sizeof( P->personal ) ); |
181 | | #else |
182 | 0 | XMEMSET( (blake2b_param *)P, 0, sizeof( *P ) ); |
183 | 0 | P->digest_length = outlen; |
184 | 0 | P->key_length = keylen; |
185 | 0 | P->fanout = 1; |
186 | 0 | P->depth = 1; |
187 | 0 | #endif |
188 | |
|
189 | 0 | ret = blake2b_init_param( S, (blake2b_param *)P ); |
190 | 0 | if ( ret < 0 ) return ret; |
191 | | |
192 | 0 | { |
193 | 0 | #ifdef WOLFSSL_SMALL_STACK |
194 | 0 | byte* block; |
195 | |
|
196 | 0 | block = (byte*)XMALLOC(BLAKE2B_BLOCKBYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
197 | |
|
198 | 0 | if ( block == NULL ) return MEMORY_E; |
199 | | #else |
200 | | byte block[BLAKE2B_BLOCKBYTES]; |
201 | | #endif |
202 | | |
203 | 0 | XMEMSET( block, 0, BLAKE2B_BLOCKBYTES ); |
204 | 0 | XMEMCPY( block, key, keylen ); |
205 | 0 | ret = blake2b_update( S, block, BLAKE2B_BLOCKBYTES ); |
206 | 0 | secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from */ |
207 | | /* memory */ |
208 | |
|
209 | 0 | #ifdef WOLFSSL_SMALL_STACK |
210 | 0 | XFREE(block, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
211 | 0 | #endif |
212 | 0 | } |
213 | 0 | return ret; |
214 | 0 | } |
215 | | |
216 | | static WC_INLINE int blake2b_compress( |
217 | | blake2b_state *S, |
218 | | const byte block[BLAKE2B_BLOCKBYTES], |
219 | | word64* m, |
220 | | word64* v) |
221 | 0 | { |
222 | 0 | int i; |
223 | |
|
224 | 0 | for( i = 0; i < 16; ++i ) |
225 | 0 | m[i] = load64( block + i * sizeof( m[i] ) ); |
226 | |
|
227 | 0 | for( i = 0; i < 8; ++i ) |
228 | 0 | v[i] = S->h[i]; |
229 | |
|
230 | 0 | v[ 8] = blake2b_IV[0]; |
231 | 0 | v[ 9] = blake2b_IV[1]; |
232 | 0 | v[10] = blake2b_IV[2]; |
233 | 0 | v[11] = blake2b_IV[3]; |
234 | 0 | v[12] = S->t[0] ^ blake2b_IV[4]; |
235 | 0 | v[13] = S->t[1] ^ blake2b_IV[5]; |
236 | 0 | v[14] = S->f[0] ^ blake2b_IV[6]; |
237 | 0 | v[15] = S->f[1] ^ blake2b_IV[7]; |
238 | 0 | #define G(r,i,a,b,c,d) \ |
239 | 0 | do { \ |
240 | 0 | (a) = (a) + (b) + m[blake2b_sigma[r][2*(i)+0]]; \ |
241 | 0 | (d) = rotr64((d) ^ (a), 32); \ |
242 | 0 | (c) = (c) + (d); \ |
243 | 0 | (b) = rotr64((b) ^ (c), 24); \ |
244 | 0 | (a) = (a) + (b) + m[blake2b_sigma[r][2*(i)+1]]; \ |
245 | 0 | (d) = rotr64((d) ^ (a), 16); \ |
246 | 0 | (c) = (c) + (d); \ |
247 | 0 | (b) = rotr64((b) ^ (c), 63); \ |
248 | 0 | } while(0) |
249 | 0 | #define ROUND(r) \ |
250 | 0 | do { \ |
251 | 0 | G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \ |
252 | 0 | G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \ |
253 | 0 | G(r,2,v[ 2],v[ 6],v[10],v[14]); \ |
254 | 0 | G(r,3,v[ 3],v[ 7],v[11],v[15]); \ |
255 | 0 | G(r,4,v[ 0],v[ 5],v[10],v[15]); \ |
256 | 0 | G(r,5,v[ 1],v[ 6],v[11],v[12]); \ |
257 | 0 | G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \ |
258 | 0 | G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \ |
259 | 0 | } while(0) |
260 | 0 | ROUND( 0 ); |
261 | 0 | ROUND( 1 ); |
262 | 0 | ROUND( 2 ); |
263 | 0 | ROUND( 3 ); |
264 | 0 | ROUND( 4 ); |
265 | 0 | ROUND( 5 ); |
266 | 0 | ROUND( 6 ); |
267 | 0 | ROUND( 7 ); |
268 | 0 | ROUND( 8 ); |
269 | 0 | ROUND( 9 ); |
270 | 0 | ROUND( 10 ); |
271 | 0 | ROUND( 11 ); |
272 | |
|
273 | 0 | for( i = 0; i < 8; ++i ) |
274 | 0 | S->h[i] = S->h[i] ^ v[i] ^ v[i + 8]; |
275 | |
|
276 | 0 | #undef G |
277 | 0 | #undef ROUND |
278 | |
|
279 | 0 | return 0; |
280 | 0 | } |
281 | | |
282 | | /* inlen now in bytes */ |
283 | | int blake2b_update( blake2b_state *S, const byte *in, word64 inlen ) |
284 | 0 | { |
285 | 0 | int ret = 0; |
286 | 0 | #ifdef WOLFSSL_SMALL_STACK |
287 | 0 | word64* m; |
288 | 0 | word64* v; |
289 | |
|
290 | 0 | m = (word64*)XMALLOC(sizeof(word64) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
291 | |
|
292 | 0 | if ( m == NULL ) return MEMORY_E; |
293 | | |
294 | 0 | v = &m[16]; |
295 | | #else |
296 | | word64 m[16]; |
297 | | word64 v[16]; |
298 | | #endif |
299 | |
|
300 | 0 | while( inlen > 0 ) |
301 | 0 | { |
302 | 0 | word64 left = S->buflen; |
303 | 0 | word64 fill = 2 * BLAKE2B_BLOCKBYTES - left; |
304 | |
|
305 | 0 | if( inlen > fill ) |
306 | 0 | { |
307 | 0 | XMEMCPY( S->buf + left, in, (wolfssl_word)fill ); /* Fill buffer */ |
308 | 0 | S->buflen += fill; |
309 | 0 | blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); |
310 | |
|
311 | 0 | { |
312 | 0 | ret = blake2b_compress( S, S->buf, m, v ); |
313 | 0 | if (ret < 0) break; |
314 | 0 | } |
315 | | |
316 | 0 | XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES ); |
317 | | /* Shift buffer left */ |
318 | 0 | S->buflen -= BLAKE2B_BLOCKBYTES; |
319 | 0 | in += fill; |
320 | 0 | inlen -= fill; |
321 | 0 | } |
322 | 0 | else /* inlen <= fill */ |
323 | 0 | { |
324 | 0 | XMEMCPY( S->buf + left, in, (wolfssl_word)inlen ); |
325 | 0 | S->buflen += inlen; /* Be lazy, do not compress */ |
326 | 0 | inlen = 0; |
327 | 0 | } |
328 | 0 | } |
329 | |
|
330 | 0 | #ifdef WOLFSSL_SMALL_STACK |
331 | 0 | XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
332 | 0 | #endif |
333 | |
|
334 | 0 | return ret; |
335 | 0 | } |
336 | | |
337 | | /* Is this correct? */ |
338 | | int blake2b_final( blake2b_state *S, byte *out, byte outlen ) |
339 | 0 | { |
340 | 0 | int ret = 0; |
341 | 0 | byte buffer[BLAKE2B_OUTBYTES]; |
342 | 0 | int i; |
343 | 0 | #ifdef WOLFSSL_SMALL_STACK |
344 | 0 | word64* m; |
345 | 0 | word64* v; |
346 | |
|
347 | 0 | m = (word64*)XMALLOC(sizeof(word64) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
348 | |
|
349 | 0 | if ( m == NULL ) return MEMORY_E; |
350 | | |
351 | 0 | v = &m[16]; |
352 | | #else |
353 | | word64 m[16]; |
354 | | word64 v[16]; |
355 | | #endif |
356 | |
|
357 | 0 | if( S->buflen > BLAKE2B_BLOCKBYTES ) |
358 | 0 | { |
359 | 0 | blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); |
360 | |
|
361 | 0 | { |
362 | 0 | ret = blake2b_compress( S, S->buf, m, v ); |
363 | 0 | if (ret < 0) goto out; |
364 | 0 | } |
365 | | |
366 | 0 | S->buflen -= BLAKE2B_BLOCKBYTES; |
367 | 0 | XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, (wolfssl_word)S->buflen ); |
368 | 0 | } |
369 | | |
370 | 0 | blake2b_increment_counter( S, S->buflen ); |
371 | 0 | blake2b_set_lastblock( S ); |
372 | 0 | XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) ); |
373 | | /* Padding */ |
374 | 0 | { |
375 | 0 | ret = blake2b_compress( S, S->buf, m, v ); |
376 | 0 | if (ret < 0) goto out; |
377 | 0 | } |
378 | | |
379 | 0 | for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ |
380 | 0 | store64( buffer + sizeof( S->h[i] ) * i, S->h[i] ); |
381 | |
|
382 | 0 | XMEMCPY( out, buffer, outlen ); |
383 | |
|
384 | 0 | out: |
385 | |
|
386 | 0 | #ifdef WOLFSSL_SMALL_STACK |
387 | 0 | XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
388 | 0 | #endif |
389 | |
|
390 | 0 | return ret; |
391 | 0 | } |
392 | | |
393 | | /* inlen, at least, should be word64. Others can be size_t. */ |
394 | | int blake2b( byte *out, const void *in, const void *key, const byte outlen, |
395 | | const word64 inlen, byte keylen ) |
396 | 0 | { |
397 | 0 | blake2b_state S[1]; |
398 | | |
399 | | /* Verify parameters */ |
400 | 0 | if ( NULL == in ) return BAD_FUNC_ARG; |
401 | | |
402 | 0 | if ( NULL == out ) return BAD_FUNC_ARG; |
403 | | |
404 | 0 | if( NULL == key ) keylen = 0; |
405 | |
|
406 | 0 | if( keylen > 0 ) |
407 | 0 | { |
408 | 0 | int ret = blake2b_init_key( S, outlen, key, keylen ); |
409 | 0 | if (ret < 0) return ret; |
410 | 0 | } |
411 | 0 | else |
412 | 0 | { |
413 | 0 | int ret = blake2b_init( S, outlen ); |
414 | 0 | if (ret < 0) return ret; |
415 | 0 | } |
416 | | |
417 | 0 | { |
418 | 0 | int ret = blake2b_update( S, ( byte * )in, inlen ); |
419 | 0 | if (ret < 0) return ret; |
420 | 0 | } |
421 | | |
422 | 0 | return blake2b_final( S, out, outlen ); |
423 | 0 | } |
424 | | |
425 | | #if defined(BLAKE2B_SELFTEST) |
426 | | #include <string.h> |
427 | | #include "blake2-kat.h" |
428 | | int main( int argc, char **argv ) |
429 | | { |
430 | | byte key[BLAKE2B_KEYBYTES]; |
431 | | byte buf[KAT_LENGTH]; |
432 | | |
433 | | for( word32 i = 0; i < BLAKE2B_KEYBYTES; ++i ) |
434 | | key[i] = ( byte )i; |
435 | | |
436 | | for( word32 i = 0; i < KAT_LENGTH; ++i ) |
437 | | buf[i] = ( byte )i; |
438 | | |
439 | | for( word32 i = 0; i < KAT_LENGTH; ++i ) |
440 | | { |
441 | | byte hash[BLAKE2B_OUTBYTES]; |
442 | | if ( blake2b( hash, buf, key, BLAKE2B_OUTBYTES, i, BLAKE2B_KEYBYTES ) < 0 ) |
443 | | { |
444 | | puts( "error" ); |
445 | | return -1; |
446 | | } |
447 | | |
448 | | if( 0 != XMEMCMP( hash, blake2b_keyed_kat[i], BLAKE2B_OUTBYTES ) ) |
449 | | { |
450 | | puts( "error" ); |
451 | | return -1; |
452 | | } |
453 | | } |
454 | | |
455 | | puts( "ok" ); |
456 | | return 0; |
457 | | } |
458 | | #endif |
459 | | |
460 | | |
461 | | /* wolfCrypt API */ |
462 | | |
463 | | /* Init Blake2b digest, track size in case final doesn't want to "remember" */ |
464 | | int wc_InitBlake2b(Blake2b* b2b, word32 digestSz) |
465 | 0 | { |
466 | 0 | if (b2b == NULL){ |
467 | 0 | return BAD_FUNC_ARG; |
468 | 0 | } |
469 | 0 | b2b->digestSz = digestSz; |
470 | |
|
471 | 0 | return blake2b_init(b2b->S, (byte)digestSz); |
472 | 0 | } |
473 | | |
474 | | /* Init Blake2b digest with key, track size in case final doesn't want to "remember" */ |
475 | | int wc_InitBlake2b_WithKey(Blake2b* b2b, word32 digestSz, const byte *key, word32 keylen) |
476 | 0 | { |
477 | 0 | if (b2b == NULL){ |
478 | 0 | return BAD_FUNC_ARG; |
479 | 0 | } |
480 | 0 | b2b->digestSz = digestSz; |
481 | |
|
482 | 0 | if (keylen >= 256) |
483 | 0 | return BAD_FUNC_ARG; |
484 | | |
485 | 0 | if (key) |
486 | 0 | return blake2b_init_key(b2b->S, (byte)digestSz, key, (byte)keylen); |
487 | 0 | else |
488 | 0 | return blake2b_init(b2b->S, (byte)digestSz); |
489 | 0 | } |
490 | | |
491 | | /* Blake2b Update */ |
492 | | int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz) |
493 | 0 | { |
494 | 0 | return blake2b_update(b2b->S, data, sz); |
495 | 0 | } |
496 | | |
497 | | |
498 | | /* Blake2b Final, if pass in zero size we use init digestSz */ |
499 | | int wc_Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz) |
500 | 0 | { |
501 | 0 | word32 sz = requestSz ? requestSz : b2b->digestSz; |
502 | |
|
503 | 0 | return blake2b_final(b2b->S, final, (byte)sz); |
504 | 0 | } |
505 | | |
506 | | |
507 | | /* end CTaoCrypt API */ |
508 | | |
509 | | #endif /* HAVE_BLAKE2 */ |
510 | | |