CRYPTO_BLAKE2B(3MONOCYPHER) | 3MONOCYPHER | CRYPTO_BLAKE2B(3MONOCYPHER) |
crypto_blake2b
,
crypto_blake2b_general
,
crypto_blake2b_general_init
,
crypto_blake2b_init
,
crypto_blake2b_update
,
crypto_blake2b_final
—
#include <monocypher.h>
void
crypto_blake2b
(uint8_t hash[64],
const uint8_t *message, size_t
message_size);
void
crypto_blake2b_general
(uint8_t
*hash, size_t hash_size, const
uint8_t *key, size_t key_size,
const uint8_t *message, size_t
message_size);
void
crypto_blake2b_init
(crypto_blake2b_ctx
*ctx);
void
crypto_blake2b_general_init
(crypto_blake2b_ctx
*ctx, size_t hash_size, const
uint8_t *key, size_t key_size);
void
crypto_blake2b_update
(crypto_blake2b_ctx
*ctx, const uint8_t *message,
size_t message_size);
void
crypto_blake2b_final
(crypto_blake2b_ctx
*ctx, uint8_t *hash);
Note that BLAKE2b itself is not suitable for hashing passwords and deriving keys from them; use the crypto_argon2i(3monocypher) family of functions for that purpose instead.
BLAKE2b is immune to length extension attacks, and as such, does not require specific precautions such as using the HMAC algorithm.
The arguments are:
NULL
if key_size is 0, in
which case no key is used. Keys can be used to create a message
authentication code (MAC). Use
crypto_verify16(3monocypher),
crypto_verify32(3monocypher),
or
crypto_verify64(3monocypher)
to compare MACs created this way. Choose the size of the hash accordingly.
Users may want to wipe the key with
crypto_wipe(3monocypher) once
they are done with it.NULL
if message_size is
0.crypto_blake2b
()
and crypto_blake2b_general
().
crypto_blake2b
() is provided for convenience and is
equivalent to calling crypto_blake2b_general
() with no
key and a 64-byte hash.
crypto_blake2b_general
() users can specify
the size of the hash and use a secret key to make the hash unpredictable,
– which is useful for message authentication codes. Even when using a
key, you do not have to wipe the context struct with
crypto_wipe(3monocypher).
crypto_blake2b_general_init
()
or crypto_blake2b_init
(), which sets up a context
with the hashing parameters;crypto_blake2b_update
(), which hashes
the message chunk by chunk and keeps the intermediary result in the
context;crypto_blake2b_final
(),
which produces the final hash. The
crypto_blake2b_ctx is automatically wiped upon
finalisation.The invariants of the parameters are the same as for
crypto_blake2b_general
().
crypto_blake2b_init
() is a convenience
initialisation function that specifies a 64-byte hash and no key. This is
considered a good default.
arc4random_buf
(), which fills the given buffer with
cryptographically secure random bytes. If
arc4random_buf
() does not exist on your system, see
intro(3monocypher) for advice about how to
generate cryptographically secure random bytes.
Hashing a message all at once:
uint8_t hash [64]; /* Output hash (64 bytes) */ uint8_t message[12] = "Lorem ipsum"; /* Message to hash */ crypto_blake2b(hash, message, 12);
Computing a message authentication code all at once:
uint8_t hash [16]; uint8_t key [32]; uint8_t message[11] = "Lorem ipsu"; /* Message to authenticate */ arc4random_buf(key, 32); crypto_blake2b_general(hash, 16, key, 32, message, 11); /* Wipe secrets if they are no longer needed */ crypto_wipe(message, 11); crypto_wipe(key, 32);
Hashing a message incrementally (without a key):
uint8_t hash [ 64]; /* Output hash (64 bytes) */ uint8_t message[500] = {1}; /* Message to hash */ crypto_blake2b_ctx ctx; crypto_blake2b_init(&ctx); for (size_t i = 0; i < 500; i += 100) { crypto_blake2b_update(&ctx, message + i, 100); } crypto_blake2b_final(&ctx, hash);
Computing a message authentication code incrementally:
uint8_t hash [ 16]; uint8_t key [ 32]; uint8_t message[500] = {1}; /* Message to authenticate */ crypto_blake2b_ctx ctx; arc4random_buf(key, 32); crypto_blake2b_general_init(&ctx, 16, key, 32); /* Wipe the key */ crypto_wipe(key, 32); for (size_t i = 0; i < 500; i += 100) { crypto_blake2b_update(&ctx, message + i, 100); /* Wipe secrets if they are no longer needed */ crypto_wipe(message + i, 100); } crypto_blake2b_final(&ctx, hash);
crypto_blake2b
(),
crypto_blake2b_general
(),
crypto_blake2b_general_init
(),
crypto_blake2b_init
(),
crypto_blake2b_update
(), and
crypto_blake2b_final
() functions first appeared in
Monocypher 0.1.
February 13, 2022 | Debian |