Add notice of the partial buffer bug to README.

Fix sha3.asd ident breakage again.
Update NEWS for 1.0.2 release.
2025-12-22 15:54:30 +01:00 · 2013-09-15 13:15:18 +02:00 · 2013-09-15 13:09:23 +02:00 · 2013-09-15 00:27:57 +02:00 · 2013-09-14 23:57:51 +02:00 · 2013-09-14 23:55:52 +02:00
6 changed files with 43 additions and 13 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -1,2 +1,2 @@
-/*.lisp ident
-/*.asd ident
+*.lisp ident
+*.asd ident
--- a/.gitignore
+++ b/.gitignore
@ -2,6 +2,7 @@
 *.fas
 *.fasl
 *.ofasl
+*.64ofasl
 *.nfasl
 *.xfasl
 *.dx32fsl
--- a/13
+++ b/13
@ -1,3 +1,16 @@
+Release 1.0.2
+=============
+
+ * Fixes a bug reported by Orivej Desh where two or more calls to
+   sha3-update which didn't fill the buffer could lead to the second
+   and later updates being ignored, thereby creating wrong message
+   digests.
+
+Release 1.0.1
+=============
+
+ * Change to 32bit implementation for 64bit LispWorks.
+
 Release 1.0.0
 =============

--- a/7
+++ b/7
@ -3,6 +3,13 @@ This library is an implementation of the Secure Hash Algorithm 3
 messages with an integral number of octets, i.e. sub-byte length
 messages are not supported.

+NOTE that prior to release 1.0.2 this package had a bug in the
+generation of message digests where multiple calls to sha3-update
+with partial buffers could lead to input data being ignored and
+therefore erroneous message digests being generated.  Uses with
+only one call to sha3-update and the high-level routines were not
+affected by this bug.
+
 The code should be portable across nearly all ANSI compliant CL
 implementations with specialized versions tuned for implementations
 that offer unboxed 64bit arithmetic, unboxed 32bit arithmetic and for
--- a/sha3.asd
+++ b/sha3.asd
@ -50,9 +50,11 @@
               (:file "keccak-64bit" :depends-on ("pkgdef" "common"))
               #+(or (and :sbcl (not (or :x86-64 :alpha))) 
                     :cmucl
-                     (and :ccl :64-bit-target))
+                     (and :ccl :64-bit-target)
+                     (and :lispworks :lispworks-64bit))
               (:file "keccak-32bit" :depends-on ("pkgdef" "common"))
-               #-(or :sbcl :cmucl (and :ccl :64-bit-target))
+               #-(or :sbcl :cmucl (and :ccl :64-bit-target) 
+                     (and :lispworks :lispworks-64bit))
               (:file "keccak-16bit" :depends-on ("pkgdef" "common"))
               (:file "sha3" 
                      :depends-on ("pkgdef" 
@ -61,7 +63,9 @@
                                   "keccak-64bit"
                                   #+(or (and :sbcl (not (or :x86-64 :alpha)))
                                         :cmucl
-                                         (and :ccl :64-bit-target))
+                                         (and :ccl :64-bit-target)
+                                         (and :lispworks :lispworks-64bit))
                                   "keccak-32bit"
-                                   #-(or :sbcl :cmucl (and :ccl :64-bit-target))
+                                   #-(or :sbcl :cmucl (and :ccl :64-bit-target)
+                                         (and :lispworks :lispworks-64bit))
                                   "keccak-16bit"))))
--- a/sha3.lisp
+++ b/sha3.lisp
@ -110,16 +110,21 @@ and `end', which must be numeric bounding-indices."
             #.*optimize-declaration*)
    ;; Handle potential remaining bytes
    (unless (zerop buffer-index)
-      (let ((remainder (- (length buffer) buffer-index)))
-        (declare (type fixnum remainder))
+      (let ((remainder (- (length buffer) buffer-index))
+            (length (- end start)))
+        (declare (type fixnum remainder length))
        (replace buffer vector :start1 buffer-index :start2 start :end2 end)
-        (when (>= (- end start) remainder)
+        ;; Return if still unfilled buffer
+        (when (< length remainder)
+          (incf (sha3-state-buffer-index state) length)
+          (return-from sha3-update))
+        ;; Else handle now complete buffer
        (keccak-state-merge-input keccak-state bit-rate buffer 0)
-          (keccak-f keccak-state))
+        (keccak-f keccak-state)
        (setf (sha3-state-buffer-index state) 0
-              start (min (+ start remainder) end))))
+              start (+ start remainder))))
    ;; Now handle full blocks, stuff any remainder into buffer
-    (loop for block-offset of-type fixnum from start to end by rate-bytes
+    (loop for block-offset of-type fixnum from start below end by rate-bytes
          do
       (cond
         ((<= (+ block-offset rate-bytes) end)
Author	SHA1	Message	Date
Pierre R. Mai	ec555c785c	Add notice of the partial buffer bug to README.	2013-09-15 13:15:18 +02:00
Pierre R. Mai	a9cd1d2d5e	Fix sha3.asd ident breakage again.	2013-09-15 13:09:23 +02:00
Pierre R. Mai	c89cddace7	Update NEWS for 1.0.2 release.	2013-09-15 00:27:57 +02:00
Pierre R. Mai	fc1c70579e	Remove superfluous final iteration in sha3-update. The superfluous last iteration when start = end wasn't harmful, since the iteration body winds up as a no-op in that case anyway, but wasn't intended or needed.	2013-09-14 23:57:51 +02:00
Pierre R. Mai	9391b65603	Fix buffer handling for partial updates (fix #1 ). Calls to sha3-update that did not completely fill an already partially filled buffer were handled incorrectly, in that the buffer-index wasn't properly updated. Thanks to Orivej Desh for the bug report.	2013-09-14 23:55:52 +02:00
Pierre R. Mai	4cb18313ac	Fix .gitattributes settings and spurious ids.	2013-09-14 23:45:09 +02:00
Pierre R. Mai	b0e5a4a44d	Add 64bit LispWorks fasl files to gitignore.	2013-03-11 21:13:04 +01:00
Pierre R. Mai	f3e56080be	Update NEWS for 1.0.1 release.	2013-03-11 21:11:15 +01:00
Pierre R. Mai	a016c81cf4	Use 32bit implementation for 64bit LispWorks. Quick and dirty benchmarks seem to imply that 32bit implementation is faster for 64bit LispWorks than 16bit implementation, even though it causes more consing.	2013-03-11 21:07:01 +01:00