Crate blake2[][src]

Expand description

An implementation of the BLAKE2 hash functions.

Usage

Blake2b can be used in the following way:

use blake2::{Blake2b, Blake2s, Digest};
use hex_literal::hex;

// create a Blake2b object
let mut hasher = Blake2b::new();

// write input message
hasher.update(b"hello world");

// read hash digest and consume hasher
let res = hasher.finalize();
assert_eq!(res[..], hex!("
    021ced8799296ceca557832ab941a50b4a11f83478cf141f51f933f653ab9fbc
    c05a037cddbed06e309bf334942c4e58cdf1a46e237911ccd7fcf9787cbc7fd0
")[..]);

// same example for `Blake2s`:
let mut hasher = Blake2s::new();
hasher.update(b"hello world");
let res = hasher.finalize();
assert_eq!(res[..], hex!("
    9aec6806794561107e594b1f6a8a6b0c92a0cba9acf5e5e93cca06f781813b0b
")[..]);

Also see RustCrypto/hashes readme.

Variable output size

If you need variable sized output you can use VarBlake2b and VarBlake2s which support variable output sizes through VariableOutput trait. Update trait has to be imported as well.

use blake2::VarBlake2b;
use blake2::digest::{Update, VariableOutput};

let mut hasher = VarBlake2b::new(10).unwrap();
hasher.update(b"my_input");
hasher.finalize_variable(|res| {
    assert_eq!(res, [44, 197, 92, 132, 228, 22, 146, 78, 100, 0])
})

Message Authentication Code (MAC)

BLAKE2 can be used as a MAC without any additional constructs:

use blake2::Blake2b;
use blake2::crypto_mac::{Mac, NewMac};

let mut hasher = Blake2b::new_varkey(b"my key").unwrap();
hasher.update(b"hello world");

// `result` has type `crypto_mac::Output` which is a thin wrapper around
// a byte array and provides a constant time equality check
let result = hasher.finalize();
// To get underlying array use the `into_bytes` method, but be careful,
// since incorrect use of the code value may permit timing attacks which
// defeat the security provided by the `crypto_mac::Output`
let code_bytes = result.into_bytes();

// To verify the message it's recommended to use `verify` method
let mut hasher = Blake2b::new_varkey(b"my key").unwrap();
hasher.update(b"hello world");
// `verify` return `Ok(())` if code is correct, `Err(MacError)` otherwise
hasher.verify(&code_bytes).unwrap();

Acknowledgment

Based on the blake2-rfc crate.

Re-exports

pub use crypto_mac;
pub use digest;

Structs

Blake2b instance with a fixed output.

Blake2s instance with a fixed output.

Blake2b instance with a variable output.

Blake2s instance with a variable output.

Traits

The Digest trait specifies an interface common for digest functions.