/src/wolfssl-sp-math/wolfcrypt/src/blake2b.c
Line | Count | Source |
1 | | /* |
2 | | BLAKE2 reference source code package - reference C implementations |
3 | | |
4 | | Written in 2012 by Samuel Neves <sneves@dei.uc.pt> |
5 | | |
6 | | To the extent possible under law, the author(s) have dedicated all copyright |
7 | | and related and neighboring rights to this software to the public domain |
8 | | worldwide. This software is distributed without any warranty. |
9 | | |
10 | | You should have received a copy of the CC0 Public Domain Dedication along with |
11 | | this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>. |
12 | | */ |
13 | | /* blake2b.c |
14 | | * |
15 | | * Copyright (C) 2006-2025 wolfSSL Inc. |
16 | | * |
17 | | * This file is part of wolfSSL. |
18 | | * |
19 | | * wolfSSL is free software; you can redistribute it and/or modify |
20 | | * it under the terms of the GNU General Public License as published by |
21 | | * the Free Software Foundation; either version 3 of the License, or |
22 | | * (at your option) any later version. |
23 | | * |
24 | | * wolfSSL is distributed in the hope that it will be useful, |
25 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
26 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
27 | | * GNU General Public License for more details. |
28 | | * |
29 | | * You should have received a copy of the GNU General Public License |
30 | | * along with this program; if not, write to the Free Software |
31 | | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
32 | | */ |
33 | | |
34 | | #include <wolfssl/wolfcrypt/libwolfssl_sources.h> |
35 | | |
36 | | #ifdef HAVE_BLAKE2 |
37 | | |
38 | | #include <wolfssl/wolfcrypt/blake2.h> |
39 | | #include <wolfssl/wolfcrypt/blake2-impl.h> |
40 | | |
41 | | static const word64 blake2b_IV[8] = |
42 | | { |
43 | | W64LIT(0x6a09e667f3bcc908), W64LIT(0xbb67ae8584caa73b), |
44 | | W64LIT(0x3c6ef372fe94f82b), W64LIT(0xa54ff53a5f1d36f1), |
45 | | W64LIT(0x510e527fade682d1), W64LIT(0x9b05688c2b3e6c1f), |
46 | | W64LIT(0x1f83d9abfb41bd6b), W64LIT(0x5be0cd19137e2179) |
47 | | }; |
48 | | |
49 | | static const byte blake2b_sigma[12][16] = |
50 | | { |
51 | | { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , |
52 | | { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } , |
53 | | { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } , |
54 | | { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } , |
55 | | { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } , |
56 | | { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } , |
57 | | { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } , |
58 | | { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } , |
59 | | { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } , |
60 | | { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } , |
61 | | { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , |
62 | | { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } |
63 | | }; |
64 | | |
65 | | |
66 | | static WC_INLINE int blake2b_set_lastnode( blake2b_state *S ) |
67 | 0 | { |
68 | 0 | S->f[1] = ~W64LIT(0); |
69 | 0 | return 0; |
70 | 0 | } |
71 | | |
72 | | /* Some helper functions, not necessarily useful */ |
73 | | static WC_INLINE int blake2b_set_lastblock( blake2b_state *S ) |
74 | 0 | { |
75 | 0 | if( S->last_node ) blake2b_set_lastnode( S ); |
76 | |
|
77 | 0 | S->f[0] = ~W64LIT(0); |
78 | 0 | return 0; |
79 | 0 | } |
80 | | |
81 | | static WC_INLINE int blake2b_increment_counter( blake2b_state *S, const word64 |
82 | | inc ) |
83 | 0 | { |
84 | 0 | S->t[0] += inc; |
85 | 0 | S->t[1] += ( S->t[0] < inc ); |
86 | 0 | return 0; |
87 | 0 | } |
88 | | |
89 | | static WC_INLINE int blake2b_init0( blake2b_state *S ) |
90 | 0 | { |
91 | 0 | int i; |
92 | 0 | XMEMSET( S, 0, sizeof( blake2b_state ) ); |
93 | |
|
94 | 0 | for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i]; |
95 | |
|
96 | 0 | return 0; |
97 | 0 | } |
98 | | |
99 | | /* init xors IV with input parameter block */ |
100 | | int blake2b_init_param( blake2b_state *S, const blake2b_param *P ) |
101 | 0 | { |
102 | 0 | word32 i; |
103 | 0 | byte *p ; |
104 | 0 | blake2b_init0( S ); |
105 | 0 | p = ( byte * )( P ); |
106 | | |
107 | | /* IV XOR ParamBlock */ |
108 | 0 | for( i = 0; i < 8; ++i ) |
109 | 0 | S->h[i] ^= load64( p + sizeof( S->h[i] ) * i ); |
110 | |
|
111 | 0 | return 0; |
112 | 0 | } |
113 | | |
114 | | |
115 | | int blake2b_init( blake2b_state *S, const byte outlen ) |
116 | 0 | { |
117 | | #ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD |
118 | | blake2b_param P[1]; |
119 | | #else |
120 | 0 | volatile blake2b_param P[1]; |
121 | 0 | #endif |
122 | |
|
123 | 0 | if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return BAD_FUNC_ARG; |
124 | | |
125 | | #ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD |
126 | | P->digest_length = outlen; |
127 | | P->key_length = 0; |
128 | | P->fanout = 1; |
129 | | P->depth = 1; |
130 | | store32( &P->leaf_length, 0 ); |
131 | | store64( &P->node_offset, 0 ); |
132 | | P->node_depth = 0; |
133 | | P->inner_length = 0; |
134 | | XMEMSET( P->reserved, 0, sizeof( P->reserved ) ); |
135 | | XMEMSET( P->salt, 0, sizeof( P->salt ) ); |
136 | | XMEMSET( P->personal, 0, sizeof( P->personal ) ); |
137 | | #else |
138 | 0 | XMEMSET( (blake2b_param *)P, 0, sizeof( *P ) ); |
139 | 0 | P->digest_length = outlen; |
140 | 0 | P->fanout = 1; |
141 | 0 | P->depth = 1; |
142 | 0 | #endif |
143 | 0 | return blake2b_init_param( S, (blake2b_param *)P ); |
144 | 0 | } |
145 | | |
146 | | |
147 | | int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, |
148 | | const byte keylen ) |
149 | 0 | { |
150 | 0 | int ret = 0; |
151 | | #ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD |
152 | | blake2b_param P[1]; |
153 | | #else |
154 | 0 | volatile blake2b_param P[1]; |
155 | 0 | #endif |
156 | |
|
157 | 0 | if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return BAD_FUNC_ARG; |
158 | | |
159 | 0 | if ( !key || !keylen || keylen > BLAKE2B_KEYBYTES ) return BAD_FUNC_ARG; |
160 | | |
161 | | #ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD |
162 | | P->digest_length = outlen; |
163 | | P->key_length = keylen; |
164 | | P->fanout = 1; |
165 | | P->depth = 1; |
166 | | store32( &P->leaf_length, 0 ); |
167 | | store64( &P->node_offset, 0 ); |
168 | | P->node_depth = 0; |
169 | | P->inner_length = 0; |
170 | | XMEMSET( P->reserved, 0, sizeof( P->reserved ) ); |
171 | | XMEMSET( P->salt, 0, sizeof( P->salt ) ); |
172 | | XMEMSET( P->personal, 0, sizeof( P->personal ) ); |
173 | | #else |
174 | 0 | XMEMSET( (blake2b_param *)P, 0, sizeof( *P ) ); |
175 | 0 | P->digest_length = outlen; |
176 | 0 | P->key_length = keylen; |
177 | 0 | P->fanout = 1; |
178 | 0 | P->depth = 1; |
179 | 0 | #endif |
180 | |
|
181 | 0 | ret = blake2b_init_param( S, (blake2b_param *)P ); |
182 | 0 | if ( ret < 0 ) return ret; |
183 | | |
184 | 0 | { |
185 | 0 | #ifdef WOLFSSL_SMALL_STACK |
186 | 0 | byte* block; |
187 | |
|
188 | 0 | block = (byte*)XMALLOC(BLAKE2B_BLOCKBYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
189 | |
|
190 | 0 | if ( block == NULL ) return MEMORY_E; |
191 | | #else |
192 | | byte block[BLAKE2B_BLOCKBYTES]; |
193 | | #endif |
194 | | |
195 | 0 | XMEMSET( block, 0, BLAKE2B_BLOCKBYTES ); |
196 | 0 | XMEMCPY( block, key, keylen ); |
197 | 0 | ret = blake2b_update( S, block, BLAKE2B_BLOCKBYTES ); |
198 | 0 | secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from */ |
199 | | /* memory */ |
200 | |
|
201 | 0 | WC_FREE_VAR_EX(block, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
202 | 0 | } |
203 | 0 | return ret; |
204 | 0 | } |
205 | | |
206 | | static WC_INLINE int blake2b_compress( |
207 | | blake2b_state *S, |
208 | | const byte block[BLAKE2B_BLOCKBYTES], |
209 | | word64* m, |
210 | | word64* v) |
211 | 0 | { |
212 | 0 | word64 i; |
213 | |
|
214 | 0 | for( i = 0; i < 16; ++i ) |
215 | 0 | m[i] = load64( block + i * sizeof( m[i] ) ); |
216 | |
|
217 | 0 | for( i = 0; i < 8; ++i ) |
218 | 0 | v[i] = S->h[i]; |
219 | |
|
220 | 0 | v[ 8] = blake2b_IV[0]; |
221 | 0 | v[ 9] = blake2b_IV[1]; |
222 | 0 | v[10] = blake2b_IV[2]; |
223 | 0 | v[11] = blake2b_IV[3]; |
224 | 0 | v[12] = S->t[0] ^ blake2b_IV[4]; |
225 | 0 | v[13] = S->t[1] ^ blake2b_IV[5]; |
226 | 0 | v[14] = S->f[0] ^ blake2b_IV[6]; |
227 | 0 | v[15] = S->f[1] ^ blake2b_IV[7]; |
228 | 0 | #define G(r,i,a,b,c,d) \ |
229 | 0 | do { \ |
230 | 0 | (a) = (a) + (b) + m[blake2b_sigma[r][2*(i)+0]]; \ |
231 | 0 | (d) = rotr64((d) ^ (a), 32); \ |
232 | 0 | (c) = (c) + (d); \ |
233 | 0 | (b) = rotr64((b) ^ (c), 24); \ |
234 | 0 | (a) = (a) + (b) + m[blake2b_sigma[r][2*(i)+1]]; \ |
235 | 0 | (d) = rotr64((d) ^ (a), 16); \ |
236 | 0 | (c) = (c) + (d); \ |
237 | 0 | (b) = rotr64((b) ^ (c), 63); \ |
238 | 0 | } while(0) |
239 | 0 | #define ROUND(r) \ |
240 | 0 | do { \ |
241 | 0 | G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \ |
242 | 0 | G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \ |
243 | 0 | G(r,2,v[ 2],v[ 6],v[10],v[14]); \ |
244 | 0 | G(r,3,v[ 3],v[ 7],v[11],v[15]); \ |
245 | 0 | G(r,4,v[ 0],v[ 5],v[10],v[15]); \ |
246 | 0 | G(r,5,v[ 1],v[ 6],v[11],v[12]); \ |
247 | 0 | G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \ |
248 | 0 | G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \ |
249 | 0 | } while(0) |
250 | 0 | ROUND( 0 ); |
251 | 0 | ROUND( 1 ); |
252 | 0 | ROUND( 2 ); |
253 | 0 | ROUND( 3 ); |
254 | 0 | ROUND( 4 ); |
255 | 0 | ROUND( 5 ); |
256 | 0 | ROUND( 6 ); |
257 | 0 | ROUND( 7 ); |
258 | 0 | ROUND( 8 ); |
259 | 0 | ROUND( 9 ); |
260 | 0 | ROUND( 10 ); |
261 | 0 | ROUND( 11 ); |
262 | |
|
263 | 0 | for( i = 0; i < 8; ++i ) |
264 | 0 | S->h[i] = S->h[i] ^ v[i] ^ v[i + 8]; |
265 | |
|
266 | 0 | #undef G |
267 | 0 | #undef ROUND |
268 | |
|
269 | 0 | return 0; |
270 | 0 | } |
271 | | |
272 | | /* inlen now in bytes */ |
273 | | int blake2b_update( blake2b_state *S, const byte *in, word64 inlen ) |
274 | 0 | { |
275 | 0 | int ret = 0; |
276 | 0 | #ifdef WOLFSSL_SMALL_STACK |
277 | 0 | word64* m; |
278 | 0 | word64* v; |
279 | |
|
280 | 0 | m = (word64*)XMALLOC(sizeof(word64) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
281 | |
|
282 | 0 | if ( m == NULL ) return MEMORY_E; |
283 | | |
284 | 0 | v = &m[16]; |
285 | | #else |
286 | | word64 m[16]; |
287 | | word64 v[16]; |
288 | | #endif |
289 | |
|
290 | 0 | while( inlen > 0 ) |
291 | 0 | { |
292 | 0 | word64 left = S->buflen; |
293 | 0 | word64 fill = 2 * BLAKE2B_BLOCKBYTES - left; |
294 | |
|
295 | 0 | if( inlen > fill ) |
296 | 0 | { |
297 | 0 | XMEMCPY( S->buf + left, in, (wolfssl_word)fill ); /* Fill buffer */ |
298 | 0 | S->buflen += fill; |
299 | 0 | blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); |
300 | |
|
301 | 0 | { |
302 | 0 | ret = blake2b_compress( S, S->buf, m, v ); |
303 | 0 | if (ret < 0) break; |
304 | 0 | } |
305 | | |
306 | 0 | XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES ); |
307 | | /* Shift buffer left */ |
308 | 0 | S->buflen -= BLAKE2B_BLOCKBYTES; |
309 | 0 | in += fill; |
310 | 0 | inlen -= fill; |
311 | 0 | } |
312 | 0 | else /* inlen <= fill */ |
313 | 0 | { |
314 | 0 | XMEMCPY( S->buf + left, in, (wolfssl_word)inlen ); |
315 | 0 | S->buflen += inlen; /* Be lazy, do not compress */ |
316 | 0 | inlen = 0; |
317 | 0 | } |
318 | 0 | } |
319 | |
|
320 | 0 | WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
321 | |
|
322 | 0 | return ret; |
323 | 0 | } |
324 | | |
325 | | /* Is this correct? */ |
326 | | int blake2b_final( blake2b_state *S, byte *out, byte outlen ) |
327 | 0 | { |
328 | 0 | int ret = 0; |
329 | 0 | byte buffer[BLAKE2B_OUTBYTES]; |
330 | 0 | word64 i; |
331 | 0 | #ifdef WOLFSSL_SMALL_STACK |
332 | 0 | word64* m; |
333 | 0 | word64* v; |
334 | |
|
335 | 0 | m = (word64*)XMALLOC(sizeof(word64) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
336 | |
|
337 | 0 | if ( m == NULL ) return MEMORY_E; |
338 | | |
339 | 0 | v = &m[16]; |
340 | | #else |
341 | | word64 m[16]; |
342 | | word64 v[16]; |
343 | | #endif |
344 | |
|
345 | 0 | if( S->buflen > BLAKE2B_BLOCKBYTES ) |
346 | 0 | { |
347 | 0 | blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); |
348 | |
|
349 | 0 | { |
350 | 0 | ret = blake2b_compress( S, S->buf, m, v ); |
351 | 0 | if (ret < 0) goto out; |
352 | 0 | } |
353 | | |
354 | 0 | S->buflen -= BLAKE2B_BLOCKBYTES; |
355 | 0 | if ( S->buflen > BLAKE2B_BLOCKBYTES ) |
356 | 0 | return BAD_LENGTH_E; |
357 | 0 | XMEMMOVE( S->buf, S->buf + BLAKE2B_BLOCKBYTES, (wolfssl_word)S->buflen ); |
358 | 0 | } |
359 | | |
360 | 0 | blake2b_increment_counter( S, S->buflen ); |
361 | 0 | blake2b_set_lastblock( S ); |
362 | 0 | XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) ); |
363 | | /* Padding */ |
364 | 0 | { |
365 | 0 | ret = blake2b_compress( S, S->buf, m, v ); |
366 | 0 | if (ret < 0) goto out; |
367 | 0 | } |
368 | | |
369 | 0 | for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ |
370 | 0 | store64( buffer + sizeof( S->h[i] ) * i, S->h[i] ); |
371 | |
|
372 | 0 | XMEMCPY( out, buffer, outlen ); |
373 | |
|
374 | 0 | out: |
375 | |
|
376 | 0 | WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
377 | |
|
378 | 0 | return ret; |
379 | 0 | } |
380 | | |
381 | | /* inlen, at least, should be word64. Others can be size_t. */ |
382 | | int blake2b( byte *out, const void *in, const void *key, const byte outlen, |
383 | | const word64 inlen, byte keylen ) |
384 | 0 | { |
385 | 0 | blake2b_state S[1]; |
386 | | |
387 | | /* Verify parameters */ |
388 | 0 | if ( NULL == in ) return BAD_FUNC_ARG; |
389 | | |
390 | 0 | if ( NULL == out ) return BAD_FUNC_ARG; |
391 | | |
392 | 0 | if( NULL == key ) keylen = 0; |
393 | |
|
394 | 0 | if( keylen > 0 ) |
395 | 0 | { |
396 | 0 | int ret = blake2b_init_key( S, outlen, key, keylen ); |
397 | 0 | if (ret < 0) return ret; |
398 | 0 | } |
399 | 0 | else |
400 | 0 | { |
401 | 0 | int ret = blake2b_init( S, outlen ); |
402 | 0 | if (ret < 0) return ret; |
403 | 0 | } |
404 | | |
405 | 0 | { |
406 | 0 | int ret = blake2b_update( S, ( byte * )in, inlen ); |
407 | 0 | if (ret < 0) return ret; |
408 | 0 | } |
409 | | |
410 | 0 | return blake2b_final( S, out, outlen ); |
411 | 0 | } |
412 | | |
413 | | #if defined(BLAKE2B_SELFTEST) |
414 | | #include <string.h> |
415 | | #include "blake2-kat.h" |
416 | | int main( int argc, char **argv ) |
417 | | { |
418 | | byte key[BLAKE2B_KEYBYTES]; |
419 | | byte buf[KAT_LENGTH]; |
420 | | |
421 | | for( word32 i = 0; i < BLAKE2B_KEYBYTES; ++i ) |
422 | | key[i] = ( byte )i; |
423 | | |
424 | | for( word32 i = 0; i < KAT_LENGTH; ++i ) |
425 | | buf[i] = ( byte )i; |
426 | | |
427 | | for( word32 i = 0; i < KAT_LENGTH; ++i ) |
428 | | { |
429 | | byte hash[BLAKE2B_OUTBYTES]; |
430 | | if ( blake2b( hash, buf, key, BLAKE2B_OUTBYTES, i, BLAKE2B_KEYBYTES ) < 0 ) |
431 | | { |
432 | | puts( "error" ); |
433 | | return -1; |
434 | | } |
435 | | |
436 | | if( 0 != XMEMCMP( hash, blake2b_keyed_kat[i], BLAKE2B_OUTBYTES ) ) |
437 | | { |
438 | | puts( "error" ); |
439 | | return -1; |
440 | | } |
441 | | } |
442 | | |
443 | | puts( "ok" ); |
444 | | return 0; |
445 | | } |
446 | | #endif |
447 | | |
448 | | |
449 | | /* wolfCrypt API */ |
450 | | |
451 | | /* Init Blake2b digest, track size in case final doesn't want to "remember" */ |
452 | | int wc_InitBlake2b(Blake2b* b2b, word32 digestSz) |
453 | 0 | { |
454 | 0 | if (b2b == NULL){ |
455 | 0 | return BAD_FUNC_ARG; |
456 | 0 | } |
457 | 0 | b2b->digestSz = digestSz; |
458 | |
|
459 | 0 | return blake2b_init(b2b->S, (byte)digestSz); |
460 | 0 | } |
461 | | |
462 | | /* Init Blake2b digest with key, track size in case final doesn't want to "remember" */ |
463 | | int wc_InitBlake2b_WithKey(Blake2b* b2b, word32 digestSz, const byte *key, word32 keylen) |
464 | 0 | { |
465 | 0 | if (b2b == NULL){ |
466 | 0 | return BAD_FUNC_ARG; |
467 | 0 | } |
468 | 0 | b2b->digestSz = digestSz; |
469 | |
|
470 | 0 | if (keylen >= 256) |
471 | 0 | return BAD_FUNC_ARG; |
472 | | |
473 | 0 | if (key) |
474 | 0 | return blake2b_init_key(b2b->S, (byte)digestSz, key, (byte)keylen); |
475 | 0 | else |
476 | 0 | return blake2b_init(b2b->S, (byte)digestSz); |
477 | 0 | } |
478 | | |
479 | | /* Blake2b Update */ |
480 | | int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz) |
481 | 0 | { |
482 | 0 | if (b2b == NULL){ |
483 | 0 | return BAD_FUNC_ARG; |
484 | 0 | } |
485 | 0 | if (data == NULL && sz != 0){ |
486 | 0 | return BAD_FUNC_ARG; |
487 | 0 | } |
488 | 0 | if (sz == 0){ |
489 | 0 | return 0; |
490 | 0 | } |
491 | | |
492 | 0 | return blake2b_update(b2b->S, data, sz); |
493 | 0 | } |
494 | | |
495 | | |
496 | | /* Blake2b Final, if pass in zero size we use init digestSz */ |
497 | | int wc_Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz) |
498 | 0 | { |
499 | 0 | word32 sz; |
500 | |
|
501 | 0 | if (b2b == NULL){ |
502 | 0 | return BAD_FUNC_ARG; |
503 | 0 | } |
504 | 0 | if (final == NULL){ |
505 | 0 | return BAD_FUNC_ARG; |
506 | 0 | } |
507 | | |
508 | 0 | sz = requestSz ? requestSz : b2b->digestSz; |
509 | |
|
510 | 0 | return blake2b_final(b2b->S, final, (byte)sz); |
511 | 0 | } |
512 | | |
513 | | |
514 | | /* end CTaoCrypt API */ |
515 | | |
516 | | #endif /* HAVE_BLAKE2 */ |
517 | | |