diff --git a/src/blake.js b/src/blake.js
--- a/src/blake.js
+++ b/src/blake.js
@@ -1,14 +1,10 @@
 // https://tools.ietf.org/html/rfc7693
-import {MASK,int32s2bytes,bytes2int32s} from "./util.js";
+import {MASK,int32s2bytes,bytes2int32s,zeroPad} from "./util.js";
 
 const BLOCK_LEN=64;
 
 const IV=[0x6A09E667,0xBB67AE85,0x3C6EF372,0xA54FF53A,0x510E527F,0x9B05688C,0x1F83D9AB,0x5BE0CD19];
 
-function padEnd(arr,length,val=0){
-	return arr.concat((new Array(length-arr.length)).fill(0));
-}
-
 function rrot(x,shift){
 	return ((x>>>shift)|(x<<(32-shift)))&MASK;
 }
@@ -21,7 +17,7 @@ export function BLAKE2S(outputLen=32,key
 	this._state=IV.slice();
 	this._state[0]^=0x01010000^(key.length<<8)^this._outputLen;
 	
-	if(key.length>0){this.update(padEnd(key,BLOCK_LEN,0));}
+	if(key.length>0){this.update(zeroPad(key,BLOCK_LEN));}
 }
 
 BLAKE2S.prototype.update=function(data){
@@ -37,7 +33,7 @@ BLAKE2S.prototype.update=function(data){
 };
 
 BLAKE2S.prototype.digest=function(){
-	this._buffer=padEnd(this._buffer,BLOCK_LEN,0);
+	this._buffer=zeroPad(this._buffer,BLOCK_LEN);
 	this._compress(true);
 	return int32s2bytes(this._state).slice(0,this._outputLen);
 };
diff --git a/src/chacha.js b/src/chacha.js
--- a/src/chacha.js
+++ b/src/chacha.js
@@ -1,5 +1,5 @@
 // https://tools.ietf.org/html/rfc7539
-import {MASK,int32s2bytes,bytes2int32s} from "./util.js";
+import {MASK,int32s2bytes,bytes2int32s,zeroPad} from "./util.js";
 
 function lrot(x,shift){
 	return (x<<shift|x>>>(32-shift))&MASK;
@@ -11,10 +11,6 @@ function createNonce(){
 	return nonce;
 }
 
-function zeroPad(arr,length){
-	return arr.concat((new Array(length)).fill(0)).slice(0,length);
-}
-
 /**
  * A Chacha20 cipher class.
  * @param {Array} key Array of bytes (integers: 0<=x<256). Short keys are padded to 32B, long keys are silently truncated.
diff --git a/src/util.js b/src/util.js
--- a/src/util.js
+++ b/src/util.js
@@ -1,5 +1,9 @@
 export const MASK=0xffffffff;
 
+export function zeroPad(arr,length){
+	return arr.concat((new Array(length)).fill(0)).slice(0,length);
+}
+
 export function bytes2int32(arr){
 	return arr.reduce((acc,b,i)=>acc|b<<(i*8));
 }