An implementation of the BLAKE2 hash functions.
Based on the blake2-rfc crate.
Usage
Blake2b
can be used in the following way:
use blake2::{Blake2b, Digest};
// create a Blake2b object
let mut hasher = Blake2b::new();
// write input message
hasher.input(b"hello world");
// read hash digest and consume hasher
let output = hasher.result();
println!("{:x}", output);
Same example for Blake2s
:
use blake2::{Blake2s, Digest};
let mut hasher = Blake2s::new();
hasher.input(b"hello world");
let output = hasher.result();
println!("{:x}", output);
Variable output size
Both Blake2b
and Blake2s
support variable output sizes through
VariableOutput
trait. Input
trait has to be imported as well.
use blake2::Blake2b;
use blake2::digest::{Input, VariableOutput};
let mut hasher = Blake2b::new(10).unwrap();
// instead of `input` method here we should use `process`
hasher.process(b"my_input");
let mut buf = [0u8; 10];
hasher.variable_result(&mut buf).unwrap();
assert_eq!(buf, [44, 197, 92, 132, 228, 22, 146, 78, 100, 0])
Message Authentication Code (MAC)
BLAKE2 can be used as a MAC without any additionall constructs:
use blake2::Blake2b;
use blake2::crypto_mac::Mac;
let mut hasher = Blake2b::new(b"my key").unwrap();
hasher.input(b"hello world");
// `result` has type `MacResult` which is a thin wrapper around array of
// bytes for providing constant time equality check
let result = hasher.result();
// To get underlying array use `code` method, but be carefull, since
// incorrect use of the code value may permit timing attacks which defeat
// the security provided by the `MacResult`
let code_bytes = result.code();
// To verify the message it's recommended to use `verify` method
let mut hasher = Blake2b::new(b"my key").unwrap();
hasher.input(b"hello world");
// `verify` return `Ok(())` if code is correct, `Err(MacError)` otherwise
hasher.verify(&code_bytes).unwrap();