Fix Skein_512::clear

3 files changed, 21 insertions, 2 deletions

diff --git a/doc/relnotes/1_11_8.rst b/doc/relnotes/1_11_8.rst
index d25018643..533443f3b 100644
--- a/doc/relnotes/1_11_8.rst
+++ b/doc/relnotes/1_11_8.rst
@@ -3,3 +3,8 @@ Version 1.11.8, Not Yet Released
 
 * The antique PBES1 private key encryption scheme (which only supports
   DES or 64-bit RC2) has been removed.
+
+* Skein did not reset its internal state properly if clear() was
+  called, causing it to produce incorrect results for the following
+  message. It was reset correctly in final() so most usages should not
+  be affected.
diff --git a/src/lib/hash/skein/skein_512.cpp b/src/lib/hash/skein/skein_512.cpp
index 9aafb1616..94c8a3063 100644
--- a/src/lib/hash/skein/skein_512.cpp
+++ b/src/lib/hash/skein/skein_512.cpp
@@ -197,10 +197,10 @@ HashFunction* Skein_512::clone() const
 
 void Skein_512::clear()
    {
-   zeroise(H);
-   zeroise(T);
    zeroise(buffer);
    buf_pos = 0;
+
+   initial_block(H, T, output_bits, personalization);
    }
 
 void Skein_512::add_data(const byte input[], size_t length)
diff --git a/src/tests/test_hash.cpp b/src/tests/test_hash.cpp
index eaa3ff3b5..cd0fb785b 100644
--- a/src/tests/test_hash.cpp
+++ b/src/tests/test_hash.cpp
@@ -41,6 +41,20 @@ size_t hash_test(const std::string& algo,
          std::cout << algo << " " << provider << " got " << hex_encode(h) << " != " << out_hex << "\n";
          ++fails;
          }
+
+      // Test to make sure clear() resets what we need it to
+      hash->update("some discarded input");
+      hash->clear();
+
+      hash->update(hex_decode(in_hex));
+
+      h = hash->final();
+
+      if(h != hex_decode_locked(out_hex))
+         {
+         std::cout << algo << " " << provider << " got " << hex_encode(h) << " != " << out_hex << "\n";
+         ++fails;
+         }
       }
 
    return fails;