summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2018-09-16 17:09:50 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2018-09-16 17:09:50 +0700
commitaf7355a81832318dd9b3125be82c12389ec0cb90 (patch)
treef74d46d08aae3daf979437d035c72f4c9ea659f0
parentFixed Rfc3211WrapEngine processing of messages over 127 bytes. (diff)
downloadBouncyCastle.NET-ed25519-af7355a81832318dd9b3125be82c12389ec0cb90.tar.xz
Blake2b/s: relax length-only constructor constraints
- addresses https://github.com/bcgit/bc-csharp/issues/142
Diffstat
-rw-r--r--crypto/Readme.html4
-rw-r--r--crypto/src/crypto/digests/Blake2bDigest.cs4
-rw-r--r--crypto/src/crypto/digests/Blake2sDigest.cs7
-rw-r--r--crypto/test/src/crypto/test/Blake2bDigestTest.cs496
-rw-r--r--crypto/test/src/crypto/test/Blake2sDigestTest.cs120
-rw-r--r--crypto/test/src/util/test/SimpleTest.cs57
6 files changed, 435 insertions, 253 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html
index 1d1b74f1c..59c333290 100644
--- a/crypto/Readme.html
+++ b/crypto/Readme.html
@@ -302,6 +302,10 @@ We state, where EC MQV has not otherwise been disabled or removed:
         <ul>
             <li>Rfc3211WrapEngine would not properly handle messages longer than 127 bytes. This has been fixed.</li>
         </ul>
+        <h5>Additional Features and Functionality</h5>
+        <ul>
+            <li>Restrictions on the output sizes of the Blake2b/s digests have been removed.</li>
+        </ul>
 
         <h4><a class="mozTocH4" name="mozTocId85317"></a>Release 1.8.3, Saturday August 11, 2018</h4>
 
diff --git a/crypto/src/crypto/digests/Blake2bDigest.cs b/crypto/src/crypto/digests/Blake2bDigest.cs
index b8e4f272e..770e35caf 100644
--- a/crypto/src/crypto/digests/Blake2bDigest.cs
+++ b/crypto/src/crypto/digests/Blake2bDigest.cs
@@ -136,8 +136,8 @@ namespace Org.BouncyCastle.Crypto.Digests
          */
         public Blake2bDigest(int digestSize)
         {
-            if (digestSize != 160 && digestSize != 256 && digestSize != 384 && digestSize != 512)
-                throw new ArgumentException("BLAKE2b digest restricted to one of [160, 256, 384, 512]");
+            if (digestSize < 8 || digestSize > 512 || digestSize % 8 != 0)
+                throw new ArgumentException("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512");
 
             buffer = new byte[BLOCK_LENGTH_BYTES];
             keyLength = 0;
diff --git a/crypto/src/crypto/digests/Blake2sDigest.cs b/crypto/src/crypto/digests/Blake2sDigest.cs
index f31032874..432b0f4d2 100644
--- a/crypto/src/crypto/digests/Blake2sDigest.cs
+++ b/crypto/src/crypto/digests/Blake2sDigest.cs
@@ -152,13 +152,12 @@ namespace Org.BouncyCastle.Crypto.Digests
         /**
          * BLAKE2s for hashing.
          *
-         * @param digestBits the desired digest length in bits. Must be one of
-         *                   [128, 160, 224, 256].
+         * @param digestBits the desired digest length in bits. Must be a multiple of 8 and less than 256.
          */
         public Blake2sDigest(int digestBits)
         {
-            if (digestBits != 128 && digestBits != 160 && digestBits != 224 && digestBits != 256)
-                throw new ArgumentException("BLAKE2s digest restricted to one of [128, 160, 224, 256]");
+            if (digestBits < 8 || digestBits > 256 || digestBits % 8 != 0)
+                throw new ArgumentException("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256");
 
             buffer = new byte[BLOCK_LENGTH_BYTES];
             keyLength = 0;
diff --git a/crypto/test/src/crypto/test/Blake2bDigestTest.cs b/crypto/test/src/crypto/test/Blake2bDigestTest.cs
index 0d0853977..c9dbfc9d5 100644
--- a/crypto/test/src/crypto/test/Blake2bDigestTest.cs
+++ b/crypto/test/src/crypto/test/Blake2bDigestTest.cs
@@ -14,226 +14,300 @@ namespace Org.BouncyCastle.Crypto.Tests
     public class Blake2bDigestTest 
 	    : SimpleTest
     {
-	    private static readonly string[][] keyedTestVectors =
-	    { // input/message, key, hash
-
-			    // Vectors from BLAKE2 web site: https://blake2.net/blake2b-test.txt
-			    new string[]{
-					    "",
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-					    "10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568" },
-
-			    new string[]{
-					    "00",
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-					    "961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd" },
-
-			    new string[]{
-					    "0001",
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-					    "da2cfbe2d8409a0f38026113884f84b50156371ae304c4430173d08a99d9fb1b983164a3770706d537f49e0c916d9f32b95cc37a95b99d857436f0232c88a965" },
-
-			    new string[]{
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d",
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-					    "f1aa2b044f8f0c638a3f362e677b5d891d6fd2ab0765f6ee1e4987de057ead357883d9b405b9d609eea1b869d97fb16d9b51017c553f3b93c0a1e0f1296fedcd" },
-
-			    new string[]{
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3",
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-					    "c230f0802679cb33822ef8b3b21bf7a9a28942092901d7dac3760300831026cf354c9232df3e084d9903130c601f63c1f4a4a4b8106e468cd443bbe5a734f45f" },
-
-			    new string[]{
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe",
-					    "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-					    "142709d62e28fcccd0af97fad0f8465b971e82201dc51070faa0372aa43e92484be1c1e73ba10906d5d1853db6a4106e0a7bf9800d373d6dee2d46d62ef2a461" }
+        private static readonly string[,] keyedTestVectors = { // input/message, key, hash
+            // Vectors from BLAKE2 web site: https://blake2.net/blake2b-test.txt
+            {
+                "",
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
+                "10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568"
+            },
+            {
+                "00",
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
+                "961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd"
+            },
+            {
+                "0001",
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
+                "da2cfbe2d8409a0f38026113884f84b50156371ae304c4430173d08a99d9fb1b983164a3770706d537f49e0c916d9f32b95cc37a95b99d857436f0232c88a965"
+            },
+            {
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d",
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
+                "f1aa2b044f8f0c638a3f362e677b5d891d6fd2ab0765f6ee1e4987de057ead357883d9b405b9d609eea1b869d97fb16d9b51017c553f3b93c0a1e0f1296fedcd"
+            },
+            {
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3",
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
+                "c230f0802679cb33822ef8b3b21bf7a9a28942092901d7dac3760300831026cf354c9232df3e084d9903130c601f63c1f4a4a4b8106e468cd443bbe5a734f45f"
+            },
+            {
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe",
+                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
+                "142709d62e28fcccd0af97fad0f8465b971e82201dc51070faa0372aa43e92484be1c1e73ba10906d5d1853db6a4106e0a7bf9800d373d6dee2d46d62ef2a461"
+            }
         };
 
-	    private static readonly string[][] unkeyedTestVectors =
-	    { // from: http://fossies.org/linux/john/src/rawBLAKE2_512_fmt_plug.c
-			    // hash, input/message
-			    // digests without leading $BLAKE2$
-			    new string[]{
-					    "4245af08b46fbb290222ab8a68613621d92ce78577152d712467742417ebc1153668f1c9e1ec1e152a32a9c242dc686d175e087906377f0c483c5be2cb68953e",
-					    "blake2" },
-			    new string[]{
-					    "021ced8799296ceca557832ab941a50b4a11f83478cf141f51f933f653ab9fbcc05a037cddbed06e309bf334942c4e58cdf1a46e237911ccd7fcf9787cbc7fd0",
-					    "hello world" },
-			    new string[]{
-					    "1f7d9b7c9a90f7bfc66e52b69f3b6c3befbd6aee11aac860e99347a495526f30c9e51f6b0db01c24825092a09dd1a15740f0ade8def87e60c15da487571bcef7",
-					    "verystrongandlongpassword" },
-			    new string[]{
-					    "a8add4bdddfd93e4877d2746e62817b116364a1fa7bc148d95090bc7333b3673f82401cf7aa2e4cb1ecd90296e3f14cb5413f8ed77be73045b13914cdcd6a918",
-					    "The quick brown fox jumps over the lazy dog" },
-			    new string[]{
-					    "786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce",
-					    "" },
-		        new string[]{
-				        "ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923",
-				        "abc" },
-	    };
-
-	    public override string Name
-	    {
-		    get { return "BLAKE2b"; }
-	    }
-
-	    private void offsetTest(
-		    IDigest digest,
-		    byte[] input,
-		    byte[] expected)
-	    {
-		    byte[] resBuf = new byte[expected.Length + 11];
-
-		    digest.BlockUpdate(input, 0, input.Length);
+        // from: http://fossies.org/linux/john/src/rawBLAKE2_512_fmt_plug.c
+        private static readonly string[,] unkeyedTestVectors = { // hash, input/message
+            // digests without leading $BLAKE2$
+            {
+                "4245af08b46fbb290222ab8a68613621d92ce78577152d712467742417ebc1153668f1c9e1ec1e152a32a9c242dc686d175e087906377f0c483c5be2cb68953e",
+                "blake2"
+            },
+            {
+                "021ced8799296ceca557832ab941a50b4a11f83478cf141f51f933f653ab9fbcc05a037cddbed06e309bf334942c4e58cdf1a46e237911ccd7fcf9787cbc7fd0",
+                "hello world"
+            },
+            {
+                "1f7d9b7c9a90f7bfc66e52b69f3b6c3befbd6aee11aac860e99347a495526f30c9e51f6b0db01c24825092a09dd1a15740f0ade8def87e60c15da487571bcef7",
+                "verystrongandlongpassword"
+            },
+            {
+                "a8add4bdddfd93e4877d2746e62817b116364a1fa7bc148d95090bc7333b3673f82401cf7aa2e4cb1ecd90296e3f14cb5413f8ed77be73045b13914cdcd6a918",
+                "The quick brown fox jumps over the lazy dog"
+            },
+            {
+                "786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce",
+                ""
+            },
+            {
+                "ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923",
+                "abc"
+            },
+        };
+
+        public override string Name
+        {
+            get { return "BLAKE2b"; }
+        }
+
+        private void offsetTest(
+            IDigest digest,
+            byte[] input,
+            byte[] expected)
+        {
+            byte[] resBuf = new byte[expected.Length + 11];
+
+            digest.BlockUpdate(input, 0, input.Length);
 
             digest.DoFinal(resBuf, 11);
 
-		    if (!AreEqual(Arrays.CopyOfRange(resBuf, 11, resBuf.Length), expected))
-		    {
-			    Fail("Offset failed got " + Hex.ToHexString(resBuf));
-		    }
-	    }
-
-	    public override void PerformTest()
-	    {
-		    // test keyed test vectors:
-		
-		    Blake2bDigest blake2bkeyed = new Blake2bDigest(Hex.Decode(keyedTestVectors[0][1]));
-		    for (int tv = 0; tv < keyedTestVectors.Length; tv++)
-		    {						
-
-			    byte[] input = Hex.Decode(keyedTestVectors[tv][0]);
-			    blake2bkeyed.Reset();
-
-			    blake2bkeyed.BlockUpdate(input, 0, input.Length);
-			    byte[] keyedHash = new byte[64];
-			    blake2bkeyed.DoFinal(keyedHash, 0);
-
-			    if (!Arrays.AreEqual(Hex.Decode(keyedTestVectors[tv][2]), keyedHash))
-			    {
-                    Fail("BLAKE2b mismatch on test vector ",
-						    keyedTestVectors[tv][2],
-                            Hex.ToHexString(keyedHash));
-			    }
-
-			    offsetTest(blake2bkeyed, input, keyedHash);
-		    }
-
-		    Blake2bDigest blake2bunkeyed = new Blake2bDigest();
-		    // test unkeyed test vectors:
-		    for (int i = 0; i < unkeyedTestVectors.Length; i++)
-		    {
-				// blake2bunkeyed.update(
-				// unkeyedTestVectors[i][1].getBytes("UTF-8"));
-				// test update(byte b)
-				byte[] unkeyedInput = Encoding.UTF8.GetBytes(unkeyedTestVectors[i][1]);
-				for (int j = 0; j < unkeyedInput.Length; j++)
-				{
-					blake2bunkeyed.Update(unkeyedInput[j]);
-				}
+            if (!AreEqual(Arrays.CopyOfRange(resBuf, 11, resBuf.Length), expected))
+            {
+                Fail("Offset failed got " + Hex.ToHexString(resBuf));
+            }
+        }
+
+        public override void PerformTest()
+        {
+            // test keyed test vectors:
+
+            Blake2bDigest blake2bkeyed = new Blake2bDigest(Hex.Decode(keyedTestVectors[0, 1]));
+            for (int tv = 0; tv < keyedTestVectors.GetLength(0); tv++)
+            {
+                byte[] input = Hex.Decode(keyedTestVectors[tv, 0]);
+                blake2bkeyed.Reset();
+
+                blake2bkeyed.BlockUpdate(input, 0, input.Length);
+                byte[] keyedHash = new byte[64];
+                blake2bkeyed.DoFinal(keyedHash, 0);
+
+                if (!Arrays.AreEqual(Hex.Decode(keyedTestVectors[tv, 2]), keyedHash))
+                {
+                    Fail("BLAKE2b mismatch on test vector ", keyedTestVectors[tv, 2], Hex.ToHexString(keyedHash));
+                }
+
+                offsetTest(blake2bkeyed, input, keyedHash);
+            }
+
+            Blake2bDigest blake2bunkeyed = new Blake2bDigest();
+            // test unkeyed test vectors:
+            for (int i = 0; i < unkeyedTestVectors.GetLength(0); i++)
+            {
+                // test update(byte b)
+                byte[] unkeyedInput = Encoding.UTF8.GetBytes(unkeyedTestVectors[i, 1]);
+                for (int j = 0; j < unkeyedInput.Length; j++)
+                {
+                    blake2bunkeyed.Update(unkeyedInput[j]);
+                }
 
                 byte[] unkeyedHash = new byte[64];
-			    blake2bunkeyed.DoFinal(unkeyedHash, 0);
-			    blake2bunkeyed.Reset();
-
-			    if (!Arrays.AreEqual(Hex.Decode(unkeyedTestVectors[i][0]),
-					    unkeyedHash))
-			    {
-                    Fail("BLAKE2b mismatch on test vector ",
-						    unkeyedTestVectors[i][0],
-						    Hex.ToHexString(unkeyedHash));
-			    }
-		    }
-
-		    cloneTest();
-		    resetTest();
-	    }
-
-	    private void cloneTest()
-	    {
-		    Blake2bDigest blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3][1]), 16, Hex.Decode("000102030405060708090a0b0c0d0e0f"), Hex.Decode("101112131415161718191a1b1c1d1e1f"));
-		    byte[] expected = Hex.Decode("b6d48ed5771b17414c4e08bd8d8a3bc4");
-
-		    checkClone(blake2bCloneSource, expected);
-
-		    // just digest size
-		    blake2bCloneSource = new Blake2bDigest(160);
-		    expected = Hex.Decode("64202454e538279b21cea0f5a7688be656f8f484");
-		    checkClone(blake2bCloneSource, expected);
-
-		    // null salt and personalisation
-		    blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3][1]), 16, null, null);
-		    expected = Hex.Decode("2b4a081fae2d7b488f5eed7e83e42a20");
-		    checkClone(blake2bCloneSource, expected);
-
-		    // null personalisation
-		    blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3][1]), 16, Hex.Decode("000102030405060708090a0b0c0d0e0f"), null);
-		    expected = Hex.Decode("00c3a2a02fcb9f389857626e19d706f6");
-		    checkClone(blake2bCloneSource, expected);
-
-		    // null salt
-		    blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3][1]), 16, null, Hex.Decode("101112131415161718191a1b1c1d1e1f"));
-		    expected = Hex.Decode("f445ec9c062a3c724f8fdef824417abb");
-		    checkClone(blake2bCloneSource, expected);
-	    }
-
-	    private void checkClone(Blake2bDigest blake2bCloneSource, byte[] expected)
-	    {
-		    byte[] message = Hex.Decode(keyedTestVectors[3][0]);
-
-		    blake2bCloneSource.BlockUpdate(message, 0, message.Length);
-
-		    byte[] hash = new byte[blake2bCloneSource.GetDigestSize()];
-
-		    Blake2bDigest digClone = new Blake2bDigest(blake2bCloneSource);
-
-		    blake2bCloneSource.DoFinal(hash, 0);
-		    if (!AreEqual(expected, hash))
-		    {
-			    Fail("clone source not correct");
-		    }
-
-		    digClone.DoFinal(hash, 0);
-		    if (!AreEqual(expected, hash))
-		    {
-			    Fail("clone not correct");
-		    }
-	    }
-
-	    private void resetTest()
-	    {
-		    // Generate a non-zero key
-		    byte[] key = new byte[32];
-		    for (byte i = 0; i < key.Length; i++)
-		    {
-			    key[i] = i;
-		    }
-		    // Generate some non-zero input longer than the key
-		    byte[] input = new byte[key.Length + 1];
-		    for (byte i = 0; i < input.Length; i++)
-		    {
-			    input[i] = i;
-		    }
-		    // Hash the input
-		    Blake2bDigest digest = new Blake2bDigest(key);
+                blake2bunkeyed.DoFinal(unkeyedHash, 0);
+                blake2bunkeyed.Reset();
+
+                if (!Arrays.AreEqual(Hex.Decode(unkeyedTestVectors[i, 0]), unkeyedHash))
+                {
+                    Fail("BLAKE2b mismatch on test vector ", unkeyedTestVectors[i, 0], Hex.ToHexString(unkeyedHash));
+                }
+            }
+
+            CloneTest();
+            ResetTest();
+            DoTestNullKeyVsUnkeyed();
+            DoTestLengthConstruction();
+        }
+
+        private void CloneTest()
+        {
+            Blake2bDigest blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3, 1]), 16,
+                Hex.Decode("000102030405060708090a0b0c0d0e0f"), Hex.Decode("101112131415161718191a1b1c1d1e1f"));
+            byte[] expected = Hex.Decode("b6d48ed5771b17414c4e08bd8d8a3bc4");
+
+            CheckClone(blake2bCloneSource, expected);
+
+            // just digest size
+            blake2bCloneSource = new Blake2bDigest(160);
+            expected = Hex.Decode("64202454e538279b21cea0f5a7688be656f8f484");
+            CheckClone(blake2bCloneSource, expected);
+
+            // null salt and personalisation
+            blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3, 1]), 16, null, null);
+            expected = Hex.Decode("2b4a081fae2d7b488f5eed7e83e42a20");
+            CheckClone(blake2bCloneSource, expected);
+
+            // null personalisation
+            blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3, 1]), 16, Hex.Decode("000102030405060708090a0b0c0d0e0f"), null);
+            expected = Hex.Decode("00c3a2a02fcb9f389857626e19d706f6");
+            CheckClone(blake2bCloneSource, expected);
+
+            // null salt
+            blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3, 1]), 16, null, Hex.Decode("101112131415161718191a1b1c1d1e1f"));
+            expected = Hex.Decode("f445ec9c062a3c724f8fdef824417abb");
+            CheckClone(blake2bCloneSource, expected);
+        }
+
+        private void CheckClone(Blake2bDigest blake2bCloneSource, byte[] expected)
+        {
+            byte[] message = Hex.Decode(keyedTestVectors[3, 0]);
+
+            blake2bCloneSource.BlockUpdate(message, 0, message.Length);
+
+            byte[] hash = new byte[blake2bCloneSource.GetDigestSize()];
+
+            Blake2bDigest digClone = new Blake2bDigest(blake2bCloneSource);
+
+            blake2bCloneSource.DoFinal(hash, 0);
+            if (!AreEqual(expected, hash))
+            {
+                Fail("clone source not correct");
+            }
+
+            digClone.DoFinal(hash, 0);
+            if (!AreEqual(expected, hash))
+            {
+                Fail("clone not correct");
+            }
+        }
+
+        private void DoTestLengthConstruction()
+        {
+            try
+            {
+                new Blake2bDigest(-1);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.Message);
+            }
+
+            try
+            {
+                new Blake2bDigest(9);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.Message);
+            }
+
+            try
+            {
+                new Blake2bDigest(520);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.Message);
+            }
+
+            try
+            {
+                new Blake2bDigest(null, -1, null, null);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("Invalid digest length (required: 1 - 64)", e.Message);
+            }
+
+            try
+            {
+                new Blake2bDigest(null, 65, null, null);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("Invalid digest length (required: 1 - 64)", e.Message);
+            }
+        }
+
+        private void DoTestNullKeyVsUnkeyed()
+        {
+            byte[] abc = Strings.ToByteArray("abc");
+
+            for (int i = 1; i != 64; i++)
+            {
+                Blake2bDigest dig1 = new Blake2bDigest(i * 8);
+                Blake2bDigest dig2 = new Blake2bDigest(null, i, null, null);
+
+                byte[] out1 = new byte[i];
+                byte[] out2 = new byte[i];
+
+                dig1.BlockUpdate(abc, 0, abc.Length);
+                dig2.BlockUpdate(abc, 0, abc.Length);
+
+                dig1.DoFinal(out1, 0);
+                dig2.DoFinal(out2, 0);
+
+                IsTrue(Arrays.AreEqual(out1, out2));
+            }
+        }
+
+        private void ResetTest()
+        {
+            // Generate a non-zero key
+            byte[] key = new byte[32];
+            for (byte i = 0; i < key.Length; i++)
+            {
+                key[i] = i;
+            }
+            // Generate some non-zero input longer than the key
+            byte[] input = new byte[key.Length + 1];
+            for (byte i = 0; i < input.Length; i++)
+            {
+                input[i] = i;
+            }
+            // Hash the input
+            Blake2bDigest digest = new Blake2bDigest(key);
             digest.BlockUpdate(input, 0, input.Length);
-		    byte[] hash = new byte[digest.GetDigestSize()];
-		    digest.DoFinal(hash, 0);
-		    // Using a second instance, hash the input without calling doFinal()
-		    Blake2bDigest digest1 = new Blake2bDigest(key);
+            byte[] hash = new byte[digest.GetDigestSize()];
+            digest.DoFinal(hash, 0);
+            // Using a second instance, hash the input without calling doFinal()
+            Blake2bDigest digest1 = new Blake2bDigest(key);
+            digest1.BlockUpdate(input, 0, input.Length);
+            // Reset the second instance and hash the input again
+            digest1.Reset();
             digest1.BlockUpdate(input, 0, input.Length);
-		    // Reset the second instance and hash the input again
-		    digest1.Reset();
-		    digest1.BlockUpdate(input, 0, input.Length);
-		    byte[] hash1 = new byte[digest.GetDigestSize()];
-		    digest1.DoFinal(hash1, 0);
-		    // The hashes should be identical
-		    if (!Arrays.AreEqual(hash, hash1))
-		    {
-			    Fail("state was not reset");
-		    }
-	    }
+            byte[] hash1 = new byte[digest.GetDigestSize()];
+            digest1.DoFinal(hash1, 0);
+            // The hashes should be identical
+            if (!Arrays.AreEqual(hash, hash1))
+            {
+                Fail("state was not reset");
+            }
+        }
 
         public static void Main(string[] args)
 		{
diff --git a/crypto/test/src/crypto/test/Blake2sDigestTest.cs b/crypto/test/src/crypto/test/Blake2sDigestTest.cs
index 2365071dd..cb075807c 100644
--- a/crypto/test/src/crypto/test/Blake2sDigestTest.cs
+++ b/crypto/test/src/crypto/test/Blake2sDigestTest.cs
@@ -15,34 +15,33 @@ namespace Org.BouncyCastle.Crypto.Tests
         : SimpleTest
     {
         // Vectors from BLAKE2 web site: https://blake2.net/blake2s-test.txt
-        private static readonly string[][] keyedTestVectors = {
-            // input/message, key, hash
-            new string[]{
+        private static readonly string[,] keyedTestVectors = { // input/message, key, hash
+            {
                 "",
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
                 "48a8997da407876b3d79c0d92325ad3b89cbb754d86ab71aee047ad345fd2c49",
             },
-            new string[]{
+            {
                 "00",
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
                 "40d15fee7c328830166ac3f918650f807e7e01e177258cdc0a39b11f598066f1",
             },
-            new string[]{
+            {
                 "0001",
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
                 "6bb71300644cd3991b26ccd4d274acd1adeab8b1d7914546c1198bbe9fc9d803",
             },
-            new string[]{
+            {
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d",
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
                 "172ffc67153d12e0ca76a8b6cd5d4731885b39ce0cac93a8972a18006c8b8baf",
             },
-            new string[]{
+            {
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3",
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
                 "4f8ce1e51d2fe7f24043a904d898ebfc91975418753413aa099b795ecb35cedb",
             },
-            new string[]{
+            {
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe",
                 "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
                 "3fb735061abc519dfe979e54c1ee5bfad0a9d858b3315bad34bde999efd724dd",
@@ -56,38 +55,32 @@ namespace Org.BouncyCastle.Crypto.Tests
 
         public void DoTestDigestWithKeyedTestVectors()
         {
-            Blake2sDigest digest = new Blake2sDigest(Hex.Decode(
-                keyedTestVectors[0][1]));
-            for (int i = 0; i != keyedTestVectors.Length; i++)
+            Blake2sDigest digest = new Blake2sDigest(Hex.Decode(keyedTestVectors[0, 1]));
+            for (int i = 0; i != keyedTestVectors.GetLength(0); i++)
             {
-                String[] keyedTestVector = keyedTestVectors[i];
-                byte[] input = Hex.Decode(keyedTestVector[0]);
+                byte[] input = Hex.Decode(keyedTestVectors[i, 0]);
                 digest.Reset();
 
                 digest.BlockUpdate(input, 0, input.Length);
                 byte[] hash = new byte[32];
                 digest.DoFinal(hash, 0);
 
-                if (!AreEqual(Hex.Decode(keyedTestVector[2]), hash))
+                if (!AreEqual(Hex.Decode(keyedTestVectors[i, 2]), hash))
                 {
-                    Fail("BLAKE2s mismatch on test vector ",
-                        keyedTestVector[2],
-                        Hex.ToHexString(hash));
+                    Fail("BLAKE2s mismatch on test vector ", keyedTestVectors[i, 2], Hex.ToHexString(hash));
                 }
             }
         }
 
         public void DoTestDigestWithKeyedTestVectorsAndRandomUpdate()
         {
-            Blake2sDigest digest = new Blake2sDigest(Hex.Decode(
-                keyedTestVectors[0][1]));
+            Blake2sDigest digest = new Blake2sDigest(Hex.Decode(keyedTestVectors[0, 1]));
             Random random = new Random();
             for (int i = 0; i < 100; i++)
             {
-                for (int j = 0; j != keyedTestVectors.Length; j++)
+                for (int j = 0; j != keyedTestVectors.GetLength(0); j++)
                 {
-                    String[] keyedTestVector = keyedTestVectors[j];
-                    byte[] input = Hex.Decode(keyedTestVector[0]);
+                    byte[] input = Hex.Decode(keyedTestVectors[j, 0]);
                     if (input.Length < 3)
                     {
                         continue;
@@ -108,16 +101,89 @@ namespace Org.BouncyCastle.Crypto.Tests
                     byte[] hash = new byte[32];
                     digest.DoFinal(hash, 0);
 
-                    if (!AreEqual(Hex.Decode(keyedTestVector[2]), hash))
+                    if (!AreEqual(Hex.Decode(keyedTestVectors[j, 2]), hash))
                     {
-                        Fail("BLAKE2s mismatch on test vector ",
-                            keyedTestVector[2],
-                            Hex.ToHexString(hash));
+                        Fail("BLAKE2s mismatch on test vector ", keyedTestVectors[j, 2], Hex.ToHexString(hash));
                     }
                 }
             }
         }
 
+        private void DoTestLengthConstruction()
+        {
+            try
+            {
+                new Blake2sDigest(-1);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.Message);
+            }
+
+            try
+            {
+                new Blake2sDigest(9);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.Message);
+            }
+
+            try
+            {
+                new Blake2sDigest(512);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.Message);
+            }
+
+            try
+            {
+                new Blake2sDigest(null, -1, null, null);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("Invalid digest length (required: 1 - 32)", e.Message);
+            }
+
+            try
+            {
+                new Blake2sDigest(null, 33, null, null);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("Invalid digest length (required: 1 - 32)", e.Message);
+            }
+        }
+
+        private void DoTestNullKeyVsUnkeyed()
+        {
+            byte[] abc = Strings.ToByteArray("abc");
+
+            for (int i = 1; i != 32; i++)
+            {
+                Blake2sDigest dig1 = new Blake2sDigest(i * 8);
+                Blake2sDigest dig2 = new Blake2sDigest(null, i, null, null);
+
+                byte[] out1 = new byte[i];
+                byte[] out2 = new byte[i];
+
+                dig1.BlockUpdate(abc, 0, abc.Length);
+                dig2.BlockUpdate(abc, 0, abc.Length);
+
+                dig1.DoFinal(out1, 0);
+                dig2.DoFinal(out2, 0);
+
+                IsTrue(Arrays.AreEqual(out1, out2));
+            }
+        }
+
         public void DoTestReset()
         {
             // Generate a non-zero key
@@ -225,6 +291,8 @@ namespace Org.BouncyCastle.Crypto.Tests
             DoTestDigestWithKeyedTestVectorsAndRandomUpdate();
             DoTestReset();
             RunSelfTest();
+            DoTestNullKeyVsUnkeyed();
+            DoTestLengthConstruction();
         }
 
         public static void Main(string[] args)
diff --git a/crypto/test/src/util/test/SimpleTest.cs b/crypto/test/src/util/test/SimpleTest.cs
index 154da27f4..dd27205c8 100644
--- a/crypto/test/src/util/test/SimpleTest.cs
+++ b/crypto/test/src/util/test/SimpleTest.cs
@@ -27,6 +27,21 @@ namespace Org.BouncyCastle.Utilities.Test
             throw new TestFailedException(SimpleTestResult.Failed(this, message));
         }
 
+        internal void Fail(
+            string		message,
+            Exception	throwable)
+        {
+            throw new TestFailedException(SimpleTestResult.Failed(this, message, throwable));
+        }
+
+		internal void Fail(
+            string message,
+            object expected,
+            object found)
+        {
+            throw new TestFailedException(SimpleTestResult.Failed(this, message, expected, found));
+        }
+
         internal void IsTrue(bool value)
         {
             if (!value)
@@ -39,22 +54,44 @@ namespace Org.BouncyCastle.Utilities.Test
                 throw new TestFailedException(SimpleTestResult.Failed(this, message));
         }
 
-        internal void Fail(
-            string		message,
-            Exception	throwable)
+        internal void IsEquals(object a, object b)
         {
-            throw new TestFailedException(SimpleTestResult.Failed(this, message, throwable));
+            if (!a.Equals(b))
+                throw new TestFailedException(SimpleTestResult.Failed(this, "no message"));
         }
 
-		internal void Fail(
-            string message,
-            object expected,
-            object found)
+        internal void IsEquals(int a, int b)
         {
-            throw new TestFailedException(SimpleTestResult.Failed(this, message, expected, found));
+            if (a != b)
+                throw new TestFailedException(SimpleTestResult.Failed(this, "no message"));
+        }
+
+        internal void IsEquals(string message, bool a, bool b)
+        {
+            if (a != b)
+                throw new TestFailedException(SimpleTestResult.Failed(this, message));
+        }
+
+        internal void IsEquals(string message, long a, long b)
+        {
+            if (a != b)
+                throw new TestFailedException(SimpleTestResult.Failed(this, message));
+        }
+
+        internal void IsEquals(string message, object a, object b)
+        {
+            if (a == null && b == null)
+                return;
+
+            if (a == null)
+                throw new TestFailedException(SimpleTestResult.Failed(this, message));
+            if (b == null)
+                throw new TestFailedException(SimpleTestResult.Failed(this, message));
+            if (!a.Equals(b))
+                throw new TestFailedException(SimpleTestResult.Failed(this, message));
         }
 
-		internal bool AreEqual(
+        internal bool AreEqual(
             byte[] a,
             byte[] b)
         {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-09 23:02:22 +0000