From 6243d29ca663040757529b6e50802c4cc2010f8a Mon Sep 17 00:00:00 2001 From: Edward Shen Date: Thu, 11 Jan 2024 06:07:03 -0800 Subject: [PATCH] blake2: Refuse empty keys in keyed hash construction (#510) --- blake2/src/macros.rs | 11 +++++++---- blake2/tests/mac.rs | 6 ++++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/blake2/src/macros.rs b/blake2/src/macros.rs index bf92d503..ad22f5b3 100644 --- a/blake2/src/macros.rs +++ b/blake2/src/macros.rs @@ -274,9 +274,12 @@ macro_rules! blake2_mac_impl { { /// Create new instance using provided key, salt, and persona. /// - /// Key length should not be bigger than block size, salt and persona - /// length should not be bigger than quarter of block size. If any - /// of those conditions is false the method will return an error. + /// # Errors + /// + /// Key length should not be empty or bigger than the block size and + /// the salt and persona length should not be bigger than quarter of + /// block size. If any of those conditions is false the method will + /// return an error. #[inline] pub fn new_with_salt_and_personal( key: &[u8], @@ -286,7 +289,7 @@ macro_rules! blake2_mac_impl { let kl = key.len(); let bs = <$hash as BlockSizeUser>::BlockSize::USIZE; let qbs = bs / 4; - if kl > bs || salt.len() > qbs || persona.len() > qbs { + if kl == 0 || kl > bs || salt.len() > qbs || persona.len() > qbs { return Err(InvalidLength); } let mut padded_key = Block::<$hash>::default(); diff --git a/blake2/tests/mac.rs b/blake2/tests/mac.rs index 439d2898..75710284 100644 --- a/blake2/tests/mac.rs +++ b/blake2/tests/mac.rs @@ -27,3 +27,9 @@ fn blake2b_new_test() { run::(&[0x42; 32]); run::(&[0x42; 64]); } + +#[test] +fn mac_refuses_empty_keys() { + assert!(blake2::Blake2bMac512::new_with_salt_and_personal(&[], b"salt", b"persona").is_err()); + assert!(blake2::Blake2sMac256::new_with_salt_and_personal(&[], b"salt", b"persona").is_err()); +}