Skip to content

Commit 769f0b2

Browse files
committed
disallow updates after squeezes
1 parent 680136d commit 769f0b2

File tree

1 file changed

+12
-0
lines changed

1 file changed

+12
-0
lines changed

openssl/src/hash.rs

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -283,6 +283,18 @@ impl Hasher {
283283
if self.state == Finalized {
284284
self.init()?;
285285
}
286+
if self.state == Squeeze {
287+
// [`EVP_DigestUpdate`], depending on the implementation, may allow Updates after Squeezes.
288+
// But, [FIPS 202], as shown in Figure 7, has a distinguished absorbing phase followed by a squeezing phase.
289+
// Indeed, the [`sha3.c`] implmentation disallows Updates after Squeezes.
290+
// For consistency, we always return an error when Update is called after Squeeze.
291+
//
292+
// [`EVP_DigestUpdate`]: https://github.com/openssl/openssl/blob/b3bb214720f20f3b126ae4b9c330e9a48b835415/crypto/evp/digest.c#L385-L393
293+
// [FIPS 202]: https://dx.doi.org/10.6028/NIST.FIPS.202
294+
// [`sha3.c`]: https://github.com/openssl/openssl/blob/b3bb214720f20f3b126ae4b9c330e9a48b835415/crypto/sha/sha3.c#L52-L63
295+
let errors = ErrorStack::get();
296+
return Err(errors);
297+
}
286298
unsafe {
287299
cvt(ffi::EVP_DigestUpdate(
288300
self.ctx,

0 commit comments

Comments
 (0)