From 81347148046a29a7ca2d58321cc673ee5029c918 Mon Sep 17 00:00:00 2001
From: Didactic Drunk <1479616+didactic-drunk@users.noreply.github.com>
Date: Sun, 28 Jun 2020 16:32:52 -0700
Subject: [PATCH] Sodium::Digest::Blake2b Log.warn on small key size.

---
 benchmarks/blake2b.cr        | 8 ++++++++
 src/sodium/digest/blake2b.cr | 5 ++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/benchmarks/blake2b.cr b/benchmarks/blake2b.cr
index 8e53c75..9a31715 100644
--- a/benchmarks/blake2b.cr
+++ b/benchmarks/blake2b.cr
@@ -1,10 +1,18 @@
 require "benchmark"
+require "option_parser"
 require "../src/sodium"
 require "openssl"
 require "openssl/digest"
 
 output_size = 64
 sizes = [16, 64, 256, 1024, 8192, 16384]
+
+optp = OptionParser.new
+optp.on("--output-size", "default: 64") { |arg| output_size = arg.to_i }
+optp.on("--input-sizes=ARG", "comma separated list of input sizes") { |arg| sizes = arg.split(",").map(&.to_i).to_a }
+# optp.on("", "") { |arg| }
+optp.parse
+
 bufs = sizes.map { |size| Bytes.new size }.to_a
 
 puts "Compare against 'openssl speed digestname'"
diff --git a/src/sodium/digest/blake2b.cr b/src/sodium/digest/blake2b.cr
index 6dee1e6..54fad4c 100644
--- a/src/sodium/digest/blake2b.cr
+++ b/src/sodium/digest/blake2b.cr
@@ -61,9 +61,12 @@ module Sodium::Digest
     # `key`, `salt`, and `personal` are all optional.  Many other libsodium bindings don't support them.
     # Check the other implementation(s) you need to interoperate with before using.
     def initialize(@digest_size : Int32 = OUT_SIZE, key : Bytes? | SecureBuffer? = nil, salt : Bytes? = nil, personal : Bytes? = nil)
-      if k = key
+      if (k = key) && k.bytesize > 0
         k = k.to_slice
         raise ArgumentError.new("key larger than KEY_SIZE_MAX(#{KEY_SIZE_MAX}), got #{k.bytesize}") if k.bytesize > KEY_SIZE_MAX
+        # Test vectors contain small key sizes.  Small keys shouldn't be used...  Wtf?
+        Log.warn &.emit("key smaller than KEY_SIZE_MIN(#{KEY_SIZE_MIN}), got #{k.bytesize}") if k.bytesize < KEY_SIZE_MIN
+        # raise ArgumentError.new("key smaller than KEY_SIZE_MIN(#{KEY_SIZE_MIN}), got #{k.bytesize}") if k.bytesize < KEY_SIZE_MIN
         @key_size = k.bytesize
         k.copy_to @key.to_slice
       end