mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-07 17:40:51 +02:00
Rust wrapper: BLAKE2: check for non-empty hash buffer in finalize()
This is related to F-1070 but not the same. We do not need to check that hash_size being passed in matches the initialized digest size because the C function will use the passed-in size as long as it is non-zero.
This commit is contained in:
@@ -157,6 +157,12 @@ impl BLAKE2b {
|
||||
/// ```
|
||||
pub fn finalize(&mut self, hash: &mut [u8]) -> Result<(), i32> {
|
||||
let hash_size = hash.len() as u32;
|
||||
if hash_size == 0 {
|
||||
// The C function uses the internal state configured digest size
|
||||
// if hash_size is passed in as 0. We do not want to allow a
|
||||
// buffer overrun, so do not allow an empty hash buffer here.
|
||||
return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
|
||||
}
|
||||
let rc = unsafe {
|
||||
sys::wc_Blake2bFinal(&mut self.wc_blake2b, hash.as_mut_ptr(), hash_size)
|
||||
};
|
||||
@@ -434,6 +440,12 @@ impl BLAKE2s {
|
||||
/// ```
|
||||
pub fn finalize(&mut self, hash: &mut [u8]) -> Result<(), i32> {
|
||||
let hash_size = hash.len() as u32;
|
||||
if hash_size == 0 {
|
||||
// The C function uses the internal state configured digest size
|
||||
// if hash_size is passed in as 0. We do not want to allow a
|
||||
// buffer overrun, so do not allow an empty hash buffer here.
|
||||
return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
|
||||
}
|
||||
let rc = unsafe {
|
||||
sys::wc_Blake2sFinal(&mut self.wc_blake2s, hash.as_mut_ptr(), hash_size)
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user