Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Blake2 hashes are incorrect when message size is an even multiple of block size #23

saucecontrol opened this issue May 23, 2018 · 3 comments


Copy link

@saucecontrol saucecontrol commented May 23, 2018


I was just doing some evaluation/benchmarking of the Blake2 implementations available on Nuget, and I noticed yours has a fairly serious bug in it. It appears your implementation eagerly processes every full block, whereas the Blake2 spec delays the processing of each block until it is known whether that block is the last. This is most easily seen with an empty message and a key. The key is padded out to fill the first block, and since the message is empty, the key block becomes the final block. In your implementation, the key block is processed, and then a second 0-filled block is processed to finalize the hash.

For example, the hash for key="abc" msg=null should be 91CC35FC51CE734EAE9E57A20725D68062B0BD6DE1965A4B5DC5EB4D60402D02D00B5079B0907775E317FD84A149634253C9D1FD01819E202729AFFBF47B00E5.

Your implementation returns

The same bug manifests in any message with a length that is an even multiple of the block size.

@saucecontrol saucecontrol changed the title Blak2 hashes are incorrect when message size is an even multiple of block size Blake2 hashes are incorrect when message size is an even multiple of block size May 23, 2018
Copy link

@kmaragon kmaragon commented May 25, 2018

Wow. This is a great find. I'll try to spin up my environment this weekend and take care of that!

kmaragon added a commit that referenced this issue Jun 29, 2018
Copy link

@kmaragon kmaragon commented Jun 29, 2018

As this issue reflects, I finally had the time (or more realistically decided it's been long enough that I was willing to give up a night of sleep to fix it). I'll be pushing v 1.0.7 of the package with the fix. Once that's pushed to nuget, I'll close this issue. Feel free to re-open if the issue isn't fixed by that package.

Copy link

@kmaragon kmaragon commented Jun 29, 2018 should have this fix. Thanks for reporting it with the specific example that I could build a test against.

@kmaragon kmaragon closed this Jun 29, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants