An implementation of the BLAKE2 hash functions.

Based on the blake2-rfc crate.

Usage

Blake2b can be used in the following way:

use blake2::{Blake2b, Digest};

// create a Blake2b object
let mut hasher = Blake2b::new();

// write input message
hasher.input(b"hello world");

// read hash digest and consume hasher
let output = hasher.result();
println!("{:x}", output);

Same example for Blake2s:

use blake2::{Blake2s, Digest};

let mut hasher = Blake2s::new();
hasher.input(b"hello world");
let output = hasher.result();
println!("{:x}", output);

Variable output size

Both Blake2b and Blake2s support variable output sizes through VariableOutput trait. Input trait has to be imported as well.

use blake2::Blake2b;
use blake2::digest::{Input, VariableOutput};

let mut hasher = Blake2b::new(10).unwrap();
// instead of `input` method here we should use `process`
hasher.process(b"my_input");
let mut buf = [0u8; 10];
hasher.variable_result(&mut buf).unwrap();
assert_eq!(buf, [44, 197, 92, 132, 228, 22, 146, 78, 100, 0])

Message Authentication Code (MAC)

BLAKE2 can be used as a MAC without any additionall constructs:

use blake2::Blake2b;
use blake2::crypto_mac::Mac;

let mut hasher = Blake2b::new(b"my key").unwrap();
hasher.input(b"hello world");

// `result` has type `MacResult` which is a thin wrapper around array of
// bytes for providing constant time equality check
let result = hasher.result();
// To get underlying array use `code` method, but be carefull, since
// incorrect use of the code value may permit timing attacks which defeat
// the security provided by the `MacResult`
let code_bytes = result.code();

// To verify the message it's recommended to use `verify` method
let mut hasher = Blake2b::new(b"my key").unwrap();
hasher.input(b"hello world");
// `verify` return `Ok(())` if code is correct, `Err(MacError)` otherwise
hasher.verify(&code_bytes).unwrap();