From da8501f55a18e5a71a653481b4f79794147e78e3 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Tue, 2 May 2017 09:33:35 +0200 Subject: [PATCH] sha3_shake_done another be fix --- src/hashes/sha3.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/src/hashes/sha3.c b/src/hashes/sha3.c index 646ac16..5e70691 100644 --- a/src/hashes/sha3.c +++ b/src/hashes/sha3.c @@ -256,8 +256,11 @@ int sha3_done(hash_state *md, unsigned char *hash) int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen) { - unsigned long idx = 0; - /* sha3_shake_done can be called many times */ + /* IMPORTANT NOTE: sha3_shake_done can be called many times */ + unsigned long idx; +#ifndef ENDIAN_LITTLE + unsigned i; +#endif if (outlen == 0) return CRYPT_OK; /* nothing to do */ LTC_ARGCHK(md != NULL); @@ -270,7 +273,6 @@ int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen) keccakf(md->sha3.s); #ifndef ENDIAN_LITTLE { - unsigned i; for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) { const ulong32 t1 = (ulong32)(md->sha3.s[i] & CONST64(0xFFFFFFFF)); const ulong32 t2 = (ulong32)(md->sha3.s[i] >> 32); @@ -283,12 +285,22 @@ int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen) md->sha3.xof_flag = 1; } - while (idx < outlen) { + for (idx = 0; idx < outlen; idx++) { if(md->sha3.byte_index >= (SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words) * 8) { keccakf(md->sha3.s); +#ifndef ENDIAN_LITTLE + { + for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) { + const ulong32 t1 = (ulong32)(md->sha3.s[i] & CONST64(0xFFFFFFFF)); + const ulong32 t2 = (ulong32)(md->sha3.s[i] >> 32); + STORE32L(t1, md->sha3.sb + i * 8); + STORE32L(t2, md->sha3.sb + i * 8 + 4); + } + } +#endif md->sha3.byte_index = 0; } - out[idx++] = md->sha3.sb[md->sha3.byte_index++]; + out[idx] = md->sha3.sb[md->sha3.byte_index++]; } return CRYPT_OK; }