From 63b782a17a08bfc5e2ded50c0031222a3f32b110 Mon Sep 17 00:00:00 2001
From: cheatfate <ka@hardcore.kiev.ua>
Date: Fri, 30 Mar 2018 15:05:22 +0300
Subject: [PATCH] Fix issue with block/key/digest sizes. Add tests for this
 issue. Version 0.2.1.

---
 nimcrypto.nimble       |  2 +-
 nimcrypto/hmac.nim     | 23 +++++++-------
 nimcrypto/ripemd.nim   |  4 +--
 nimcrypto/sha2.nim     |  6 ++--
 tests/testbcmode.nim   | 66 ++++++++++++++++++++++++++++++++++++++
 tests/testhmac.nim     | 46 +++++++++++++++++++++++++++
 tests/testkeccak.nim   | 72 ++++++++++++++++++++++++++++++++++++++++++
 tests/testrijndael.nim | 40 +++++++++++++++++++++++
 tests/testripemd.nim   | 22 +++++++++++++
 tests/testsha2.nim     | 42 ++++++++++++++++++++----
 tests/testtwofish.nim  | 22 +++++++++++++
 11 files changed, 322 insertions(+), 23 deletions(-)

diff --git a/nimcrypto.nimble b/nimcrypto.nimble
index 017eb40..84f40a3 100644
--- a/nimcrypto.nimble
+++ b/nimcrypto.nimble
@@ -1,7 +1,7 @@
 mode = ScriptMode.Verbose
 
 packageName   = "nimcrypto"
-version       = "0.2.0"
+version       = "0.2.1"
 author        = "Eugene Kabanov"
 description   = "Nim cryptographic library"
 license       = "MIT"
diff --git a/nimcrypto/hmac.nim b/nimcrypto/hmac.nim
index 5420234..ec2c73a 100644
--- a/nimcrypto/hmac.nim
+++ b/nimcrypto/hmac.nim
@@ -26,10 +26,11 @@ type
     opadctx: HashType
 
 template sizeBlock*(h: HMAC[Sha2Context]): uint =
-  uint(h.HashType.bsize)
+  uint(h.HashType.sizeBlock)
+  # uint(h.HashType.bsize div 8)
 
 template sizeBlock*(h: HMAC[RipemdContext]): uint =
-  64'u
+  uint(h.HashType.sizeBlock)
 
 template sizeBlock*(h: HMAC[KeccakContext]): uint =
   when h.HashType.kind == Keccak or h.HashType.kind == Sha3:
@@ -46,9 +47,12 @@ template sizeBlock*(h: HMAC[KeccakContext]): uint =
   else:
     {.fatal: "Choosen hash primitive is not yet supported!".}
 
-template sizeDigest*(h: HMAC[Sha2Context]): uint = uint(h.mdctx.bits)
-template sizeDigest*(h: HMAC[RipemdContext]): uint = uint(h.mdctx.bits)
-template sizeDigest*(h: HMAC[KeccakContext]): uint = uint(h.mdctx.bits)
+template sizeDigest*(h: HMAC[Sha2Context]): uint =
+  uint(h.mdctx.sizeDigest)
+template sizeDigest*(h: HMAC[RipemdContext]): uint =
+  uint(h.mdctx.sizeDigest)
+template sizeDigest*(h: HMAC[KeccakContext]): uint =
+  uint(h.mdctx.sizeDigest)
 
 proc init*[T](hmctx: var HMAC[T], key: ptr byte, ulen: uint) =
   mixin init, update, finish
@@ -69,11 +73,9 @@ proc init*[T](hmctx: var HMAC[T], key: ptr byte, ulen: uint) =
     else:
       if ulen > 0'u: copyMem(addr k[0], key, ulen)
 
-  var i = 0'u
-  while i < sizeBlock:
+  for i in 0..<int(sizeBlock):
     opad[i] = 0x5C'u8 xor k[i]
     ipad[i] = 0x36'u8 xor k[i]
-    inc(i)
 
   init(hmctx.mdctx)
   update(hmctx.mdctx, addr ipad[0], sizeBlock)
@@ -98,9 +100,8 @@ proc update*[T: bchar](hmctx: var HMAC, data: openarray[T]) {.inline.} =
 
 proc finish*(hmctx: var HMAC, data: ptr byte, ulen: uint): uint =
   mixin update, finish
-  var buffer: array[hmctx.HashType.bits div 8, byte]
-  let size = finish(hmctx.mdctx, addr buffer[0],
-                    uint(hmctx.HashType.bits div 8))
+  var buffer: array[hmctx.sizeDigest, byte]
+  let size = finish(hmctx.mdctx, addr buffer[0], uint(hmctx.sizeDigest))
   hmctx.opadctx.update(addr buffer[0], size)
   result = hmctx.opadctx.finish(data, ulen)
 
diff --git a/nimcrypto/ripemd.nim b/nimcrypto/ripemd.nim
index df12964..cab883b 100644
--- a/nimcrypto/ripemd.nim
+++ b/nimcrypto/ripemd.nim
@@ -605,7 +605,7 @@ template sizeDigest*(ctx: RipemdContext): uint =
   (ctx.bits div 8)
 
 template sizeBlock*(ctx: RipemdContext): uint =
-  (8)
+  (64)
 
 template sizeDigest*(r: typedesc[ripemd]): int =
   when r is ripemd128:
@@ -618,7 +618,7 @@ template sizeDigest*(r: typedesc[ripemd]): int =
     (40)
 
 template sizeBlock*(r: typedesc[ripemd]): int =
-  (8)
+  (64)
 
 proc init*(ctx: var RipemdContext) =
   ctx.count[0] = 0
diff --git a/nimcrypto/sha2.nim b/nimcrypto/sha2.nim
index 90a3671..c3e3c37 100644
--- a/nimcrypto/sha2.nim
+++ b/nimcrypto/sha2.nim
@@ -116,7 +116,7 @@ template sizeDigest*(ctx: Sha2Context): uint =
   (ctx.bits div 8)
 
 template sizeBlock*(ctx: Sha2Context): uint =
-  (ctx.bsize div 8)
+  (ctx.bsize)
 
 template sizeDigest*(r: typedesc[sha2]): int =
   when r is sha224 or r is sha512_224:
@@ -130,9 +130,9 @@ template sizeDigest*(r: typedesc[sha2]): int =
 
 template sizeBlock*(r: typedesc[sha2]): int =
   when r is sha224 or r is sha256:
-    (8)
+    (64)
   else:
-    (16)
+    (128)
 
 proc init*(ctx: var Sha2Context) =
   ctx.count[0] = 0
diff --git a/tests/testbcmode.nim b/tests/testbcmode.nim
index 8dcda7d..506b2c8 100644
--- a/tests/testbcmode.nim
+++ b/tests/testbcmode.nim
@@ -81,6 +81,72 @@ const
   ]
 
 suite "Block cipher modes Tests":
+  test "AES-128/192/256-ECB/CBC/OFB/CFB/CTR block sizes":
+    var ecb128: ECB[aes128]
+    var ecb192: ECB[aes192]
+    var ecb256: ECB[aes256]
+    var cbc128: CBC[aes128]
+    var cbc192: CBC[aes192]
+    var cbc256: CBC[aes256]
+    var ofb128: OFB[aes128]
+    var ofb192: OFB[aes192]
+    var ofb256: OFB[aes256]
+    var cfb128: CFB[aes128]
+    var cfb192: CFB[aes192]
+    var cfb256: CFB[aes256]
+    var ctr128: CTR[aes128]
+    var ctr192: CTR[aes192]
+    var ctr256: CTR[aes256]
+    check:
+      ecb128.sizeBlock == aes128.sizeBlock
+      ecb192.sizeBlock == aes192.sizeBlock
+      ecb256.sizeBlock == aes256.sizeBlock
+      cbc128.sizeBlock == aes128.sizeBlock
+      cbc192.sizeBlock == aes192.sizeBlock
+      cbc256.sizeBlock == aes256.sizeBlock
+      ofb128.sizeBlock == aes128.sizeBlock
+      ofb192.sizeBlock == aes192.sizeBlock
+      ofb256.sizeBlock == aes256.sizeBlock
+      cfb128.sizeBlock == aes128.sizeBlock
+      cfb192.sizeBlock == aes192.sizeBlock
+      cfb256.sizeBlock == aes256.sizeBlock
+      ctr128.sizeBlock == aes128.sizeBlock
+      ctr192.sizeBlock == aes192.sizeBlock
+      ctr256.sizeBlock == aes256.sizeBlock
+
+  test "AES-128/192/256-ECB/CBC/OFB/CFB/CTR key sizes":
+    var ecb128: ECB[aes128]
+    var ecb192: ECB[aes192]
+    var ecb256: ECB[aes256]
+    var cbc128: CBC[aes128]
+    var cbc192: CBC[aes192]
+    var cbc256: CBC[aes256]
+    var ofb128: OFB[aes128]
+    var ofb192: OFB[aes192]
+    var ofb256: OFB[aes256]
+    var cfb128: CFB[aes128]
+    var cfb192: CFB[aes192]
+    var cfb256: CFB[aes256]
+    var ctr128: CTR[aes128]
+    var ctr192: CTR[aes192]
+    var ctr256: CTR[aes256]
+    check:
+      ecb128.sizeKey == aes128.sizeKey
+      ecb192.sizeKey == aes192.sizeKey
+      ecb256.sizeKey == aes256.sizeKey
+      cbc128.sizeKey == aes128.sizeKey
+      cbc192.sizeKey == aes192.sizeKey
+      cbc256.sizeKey == aes256.sizeKey
+      ofb128.sizeKey == aes128.sizeKey
+      ofb192.sizeKey == aes192.sizeKey
+      ofb256.sizeKey == aes256.sizeKey
+      cfb128.sizeKey == aes128.sizeKey
+      cfb192.sizeKey == aes192.sizeKey
+      cfb256.sizeKey == aes256.sizeKey
+      ctr128.sizeKey == aes128.sizeKey
+      ctr192.sizeKey == aes192.sizeKey
+      ctr256.sizeKey == aes256.sizeKey
+
   test "AES-128-ECB test vectors":
     var key = fromHex(all128K)
     var ctx1, ctx2, ctx3, ctx4: ECB[aes128]
diff --git a/tests/testhmac.nim b/tests/testhmac.nim
index bcd4ff0..91ba567 100644
--- a/tests/testhmac.nim
+++ b/tests/testhmac.nim
@@ -254,6 +254,52 @@ const sha3_512digests = [
 ]
 
 suite "HMAC Tests":
+  test "HMAC block sizes":
+    var ctx1: HMAC[sha224]
+    var ctx2: HMAC[sha256]
+    var ctx3: HMAC[sha384]
+    var ctx4: HMAC[sha512]
+    var ctx5: HMAC[ripemd128]
+    var ctx6: HMAC[ripemd160]
+    var ctx7: HMAC[sha3_224]
+    var ctx8: HMAC[sha3_256]
+    var ctx9: HMAC[sha3_384]
+    var ctx0: HMAC[sha3_512]
+    check:
+      ctx1.sizeBlock == 64'u
+      ctx2.sizeBlock == 64'u
+      ctx3.sizeBlock == 128'u
+      ctx4.sizeBlock == 128'u
+      ctx5.sizeBlock == 64'u
+      ctx6.sizeBlock == 64'u
+      ctx7.sizeBlock == 144'u
+      ctx8.sizeBlock == 136'u
+      ctx9.sizeBlock == 104'u
+      ctx0.sizeBlock == 72'u
+
+  test "HMAC digest sizes":
+    var ctx1: HMAC[sha224]
+    var ctx2: HMAC[sha256]
+    var ctx3: HMAC[sha384]
+    var ctx4: HMAC[sha512]
+    var ctx5: HMAC[ripemd128]
+    var ctx6: HMAC[ripemd160]
+    var ctx7: HMAC[sha3_224]
+    var ctx8: HMAC[sha3_256]
+    var ctx9: HMAC[sha3_384]
+    var ctx0: HMAC[sha3_512]
+    check:
+      ctx1.sizeDigest == uint(sha224.sizeDigest)
+      ctx2.sizeDigest == uint(sha256.sizeDigest)
+      ctx3.sizeDigest == uint(sha384.sizeDigest)
+      ctx4.sizeDigest == uint(sha512.sizeDigest)
+      ctx5.sizeDigest == uint(ripemd128.sizeDigest)
+      ctx6.sizeDigest == uint(ripemd160.sizeDigest)
+      ctx7.sizeDigest == uint(sha3_224.sizeDigest)
+      ctx8.sizeDigest == uint(sha3_256.sizeDigest)
+      ctx9.sizeDigest == uint(sha3_384.sizeDigest)
+      ctx0.sizeDigest == uint(sha3_512.sizeDigest)
+
   test "HMAC-RIPEMD-128 test vectors":
     for i in 0..(len(ripemd128digests) - 1):
       var key = fromHex(stripSpaces(ripemd128keys[i]))
diff --git a/tests/testkeccak.nim b/tests/testkeccak.nim
index ac8aa61..c10f13d 100644
--- a/tests/testkeccak.nim
+++ b/tests/testkeccak.nim
@@ -42,6 +42,78 @@ suite "KECCAK/SHA3 Tests":
   var kec384: keccak384
   var kec512: keccak512
 
+  test "SHA3/KECCAK 224/256/384/512 block sizes":
+    var k224: keccak224
+    var k256: keccak256
+    var k384: keccak384
+    var k512: keccak512
+    var s224: sha3_224
+    var s256: sha3_256
+    var s384: sha3_384
+    var s512: sha3_512
+    check:
+      k224.sizeBlock == 200
+      k256.sizeBlock == 200
+      k384.sizeBlock == 200
+      k512.sizeBlock == 200
+      s224.sizeBlock == 200
+      s256.sizeBlock == 200
+      s384.sizeBlock == 200
+      s512.sizeBlock == 200
+      keccak224.sizeBlock == 200
+      keccak256.sizeBlock == 200
+      keccak384.sizeBlock == 200
+      keccak512.sizeBlock == 200
+      sha3_224.sizeBlock == 200
+      sha3_256.sizeBlock == 200
+      sha3_384.sizeBlock == 200
+      sha3_512.sizeBlock == 200
+
+  test "SHA3/KECCAK 224/256/384/512 digest sizes":
+    var k224: keccak224
+    var k256: keccak256
+    var k384: keccak384
+    var k512: keccak512
+    var s224: sha3_224
+    var s256: sha3_256
+    var s384: sha3_384
+    var s512: sha3_512
+    check:
+      k224.sizeDigest == 28
+      k256.sizeDigest == 32
+      k384.sizeDigest == 48
+      k512.sizeDigest == 64
+      s224.sizeDigest == 28
+      s256.sizeDigest == 32
+      s384.sizeDigest == 48
+      s512.sizeDigest == 64
+      keccak224.sizeDigest == 28
+      keccak256.sizeDigest == 32
+      keccak384.sizeDigest == 48
+      keccak512.sizeDigest == 64
+      sha3_224.sizeDigest == 28
+      sha3_256.sizeDigest == 32
+      sha3_384.sizeDigest == 48
+      sha3_512.sizeDigest == 64
+
+  test "SHAKE-128/256 block sizes":
+    var s128: shake128
+    var s256: shake256
+    check:
+      s128.sizeBlock == 200
+      s256.sizeBlock == 200
+      shake128.sizeBlock == 200
+      shake256.sizeBlock == 200
+
+  test "SHAKE-128/256 digest sizes":
+    var s128: shake128
+    var s256: shake256
+    check:
+      s128.sizeDigest == 16
+      s256.sizeDigest == 32
+      shake128.sizeDigest == 16
+      shake256.sizeDigest == 32
+
   test "KECCAK-224 test vectors":
     ## KECCAK-224
     for item in testVectors("tests/ShortMsgKAT_224.txt"):
diff --git a/tests/testrijndael.nim b/tests/testrijndael.nim
index e1beeb3..cca5731 100644
--- a/tests/testrijndael.nim
+++ b/tests/testrijndael.nim
@@ -135,6 +135,46 @@ const
   EPkey = "0000000000000000000000000000000000000000000000000000000000000000"
 
 suite "Rijndael/AES Tests":
+  test "RIJNDAEL/AES-128/192/256 block sizes":
+    var a128: aes128
+    var a192: aes192
+    var a256: aes256
+    var r128: rijndael128
+    var r192: rijndael192
+    var r256: rijndael256
+    check:
+      a128.sizeBlock == 16
+      a192.sizeBlock == 16
+      a256.sizeBlock == 16
+      r128.sizeBlock == 16
+      r192.sizeBlock == 16
+      r256.sizeBlock == 16
+      aes128.sizeBlock == 16
+      aes192.sizeBlock == 16
+      aes256.sizeBlock == 16
+      rijndael128.sizeBlock == 16
+      rijndael192.sizeBlock == 16
+      rijndael256.sizeBlock == 16
+  test "RIJNDAEL/AES-128/192/256 key sizes":
+    var a128: aes128
+    var a192: aes192
+    var a256: aes256
+    var r128: rijndael128
+    var r192: rijndael192
+    var r256: rijndael256
+    check:
+      a128.sizeKey == 16
+      a192.sizeKey == 24
+      a256.sizeKey == 32
+      r128.sizeKey == 16
+      r192.sizeKey == 24
+      r256.sizeKey == 32
+      aes128.sizeKey == 16
+      aes192.sizeKey == 24
+      aes256.sizeKey == 32
+      rijndael128.sizeKey == 16
+      rijndael192.sizeKey == 24
+      rijndael256.sizeKey == 32
   test "AES-128 GFSbox test vectors":
     var i = 0
     while i < len(testsP128):
diff --git a/tests/testripemd.nim b/tests/testripemd.nim
index 3f25946..90e6563 100644
--- a/tests/testripemd.nim
+++ b/tests/testripemd.nim
@@ -72,6 +72,28 @@ var ctx256, octx256: ripemd256
 var ctx320, octx320: ripemd320
 
 suite "RipeMD Tests":
+  test "RIPEMD 128/160/256/320 block sizes":
+    check:
+      ripemd128.sizeBlock == 64
+      ripemd160.sizeBlock == 64
+      ripemd256.sizeBlock == 64
+      ripemd320.sizeBlock == 64
+      ctx128.sizeBlock == 64
+      ctx160.sizeBlock == 64
+      ctx256.sizeBlock == 64
+      ctx320.sizeBlock == 64
+
+  test "RIPEMD 128/160/256/320 digest sizes":
+    check:
+      ripemd128.sizeDigest == 16
+      ripemd160.sizeDigest == 20
+      ripemd256.sizeDigest == 32
+      ripemd320.sizeDigest == 40
+      ctx128.sizeDigest == 16
+      ctx160.sizeDigest == 20
+      ctx256.sizeDigest == 32
+      ctx320.sizeDigest == 40
+
   test "RIPEMD 128/160/256/320 test vectors":
     var i = 0
     for item in vectors:
diff --git a/tests/testsha2.nim b/tests/testsha2.nim
index 50de755..6520562 100644
--- a/tests/testsha2.nim
+++ b/tests/testsha2.nim
@@ -59,15 +59,45 @@ const
     "3928E184FB8690F840DA3988121D31BE65CB9D3EF83EE6146FEAC861E19B563A"
   ]
 
-var ctx224 = sha224()
-var ctx256 = sha256()
-var ctx384 = sha384()
-var ctx512 = sha512()
-var ctx512224 = sha512_224()
-var ctx512256 = sha512_256()
+var ctx224: sha224
+var ctx256: sha256
+var ctx384: sha384
+var ctx512: sha512
+var ctx512224: sha512_224
+var ctx512256: sha512_256
 var i = 0
 
 suite "SHA2 Tests":
+  test "SHA2 224/256/384/512/512_224/512-256 block sizes":
+    check:
+      sha224.sizeBlock == 64
+      sha256.sizeBlock == 64
+      sha384.sizeBlock == 128
+      sha512.sizeBlock == 128
+      sha512_224.sizeBlock == 128
+      sha512_256.sizeBlock == 128
+      ctx224.sizeBlock == 64
+      ctx256.sizeBlock == 64
+      ctx384.sizeBlock == 128
+      ctx512.sizeBlock == 128
+      ctx512224.sizeBlock == 128
+      ctx512256.sizeBlock == 128
+
+  test "SHA2 224/256/384/512/224_512/256_512 digest sizes":
+    check:
+      sha224.sizeDigest == 28
+      sha256.sizeDigest == 32
+      sha384.sizeDigest == 48
+      sha512.sizeDigest == 64
+      sha512_224.sizeDigest == 28
+      sha512_256.sizeDigest == 32
+      ctx224.sizeDigest == 28
+      ctx256.sizeDigest == 32
+      ctx384.sizeDigest == 48
+      ctx512.sizeDigest == 64
+      ctx512224.sizeDigest == 28
+      ctx512256.sizeDigest == 32
+
   test "SHA2-224 test vectors":
     i = 0
     while i < len(code224):
diff --git a/tests/testtwofish.nim b/tests/testtwofish.nim
index b3607d2..9117bb4 100644
--- a/tests/testtwofish.nim
+++ b/tests/testtwofish.nim
@@ -32,6 +32,28 @@ proc test[T](n: int): seq[uint8] =
     result = data
 
 suite "Twofish Tests":
+  test "TWOFISH-128/192/256 block sizes":
+    var ctx128: twofish128
+    var ctx192: twofish192
+    var ctx256: twofish256
+    check:
+      ctx128.sizeBlock == 16
+      ctx192.sizeBlock == 16
+      ctx256.sizeBlock == 16
+      twofish128.sizeBlock == 16
+      twofish192.sizeBlock == 16
+      twofish256.sizeBlock == 16
+  test "TWOFISH-128/192/256 key sizes":
+    var ctx128: twofish128
+    var ctx192: twofish192
+    var ctx256: twofish256
+    check:
+      ctx128.sizeKey == 16
+      ctx192.sizeKey == 24
+      ctx256.sizeKey == 32
+      twofish128.sizeKey == 16
+      twofish192.sizeKey == 24
+      twofish256.sizeKey == 32
   test "TWOFISH-128":
     var res = test[twofish128](128)
     check(toHex(res) == "5D9D4EEFFA9151575524F115815A12E0")