hashes/blake2/src/blake2x.rs at 25d307e3c72fb6377f066318ffde7308d59de58b · RustCrypto/hashes · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
use crate::Blake2Parameters;
use crate::Blake2bVarCore;
use digest::{
    ExtendableOutput, Update, XofReader,
    block_buffer::{LazyBuffer, ReadBuffer},
    consts::U64,
    core_api::{Buffer, BufferKindUser, UpdateCore, VariableOutputCore},
};

use super::{Blake2b512, BlockSizeUser, InvalidLength, Unsigned};

/// Blake2Xb root hasher
pub struct Blake2Xb {
    root_hasher: Blake2bVarCore,
    buffer: LazyBuffer<<Blake2b512 as BlockSizeUser>::BlockSize>,
    max_length: Option<u32>,
}

impl Blake2Xb {
    /// Create new instance using provided key.
    ///
    /// Setting key to `None` indicates unkeyed usage.
    ///
    /// # Errors
    ///
    /// If key is `Some`, then its length should not be zero or bigger
    /// than the block size. If this conditions is false the method will
    /// return an error.
    #[inline]
    pub fn new(key: Option<&[u8]>, max_length: Option<u32>) -> Result<Self, InvalidLength> {
        let kl = key.map_or(0, |k| k.len());
        let bs = <Blake2b512 as BlockSizeUser>::BlockSize::USIZE;
        if key.is_some() && kl == 0 || kl > bs {
            return Err(InvalidLength);
        }

        let params = Blake2Parameters {
            digest_length: 64,
            key_size: kl.try_into().unwrap(),
            fanout: 1,
            depth: 1,
            xof_digest_length: Some(max_length.unwrap_or(u32::MAX)),
            ..<_>::default()
        };
        let root_hasher = Blake2bVarCore::from_params(params);

        let mut hasher = Self {
            root_hasher,
            buffer: <_>::default(),
            max_length,
        };

        if let Some(k) = key {
            // Update state with key
            hasher.update(k);
            // Pad key with zeros
            let pad_len = 128 - kl;
            let padding = [0; 128];
            hasher.update(&padding[..pad_len]);
        }

        Ok(hasher)
    }
}

/// Finalized XOF instance over Blake2b
pub struct Blake2XbReader {
    h0: [u8; 64],
    buffer: ReadBuffer<<Self as BlockSizeUser>::BlockSize>,
    node_offset: u32,
    total_length: u32,
}

impl BlockSizeUser for Blake2XbReader {
    type BlockSize = U64;
}

impl BufferKindUser for Blake2XbReader {
    type BufferKind = <Blake2bVarCore as BufferKindUser>::BufferKind;
}

impl XofReader for Blake2XbReader {
    fn read(&mut self, buffer: &mut [u8]) {
        let Self { buffer: buf, .. } = self;
        buf.read(buffer, |block| {
            let digest_length = 64.min(self.total_length - self.node_offset * 64) as u8;

            let mut hasher = Blake2bVarCore::from_params(Blake2Parameters {
                digest_length,
                leaf_length: 64,
                node_offset: self.node_offset as u64,
                xof_digest_length: Some(self.total_length),
                inner_length: 64,
                ..<_>::default()
            });

            self.node_offset += 1;

            hasher.finalize_variable_core(&mut Buffer::<Blake2bVarCore>::new(&self.h0), block);
        });
    }
}

#[cfg(feature = "std")]
impl std::io::Read for Blake2XbReader {
    #[inline]
    fn read(&mut self, buf: &mut [u8]) -> std::io::Result<usize> {
        XofReader::read(self, buf);
        Ok(buf.len())
    }
}

impl BlockSizeUser for Blake2Xb {
    type BlockSize = <Blake2bVarCore as BlockSizeUser>::BlockSize;
}

impl BufferKindUser for Blake2Xb {
    type BufferKind = <Blake2bVarCore as BufferKindUser>::BufferKind;
}

impl Update for Blake2Xb {
    fn update(&mut self, data: &[u8]) {
        let Self {
            root_hasher,
            buffer,
            ..
        } = self;
        buffer.digest_blocks(data, |blocks| root_hasher.update_blocks(blocks));
    }
}

impl ExtendableOutput for Blake2Xb {
    type Reader = Blake2XbReader;

    fn finalize_xof(self) -> Self::Reader {
        let mut m = <_>::default();
        let Self {
            mut root_hasher,
            mut buffer,
            max_length,
        } = self;
        root_hasher.finalize_variable_core(&mut buffer, &mut m);

        let mut h0 = [0; 64];
        h0.copy_from_slice(&m);

        Blake2XbReader {
            h0,
            buffer: <_>::default(),
            node_offset: 0,
            total_length: max_length.unwrap_or(u32::MAX),
        }
    }
}