Module blake2b

Available on crate feature dep_orion only.

BLAKE2b as specified in the RFC 7693.

Parameters:

• secret_key: The authentication key.
• size: The desired output length for the authentication tag.
• data: Data to be authenticated.
• expected: The expected authentication tag.

Errors:

An error will be returned if:

• size is 0 or greater than 64.
• finalize() is called twice without a reset() in between.
• update() is called after finalize() without a reset() in between.

Panics:

A panic will occur if:

• More than 2*(2^64-1) bytes of data are hashed.

Security:

• The secret key should always be generated using a CSPRNG. SecretKey::generate() can be used for this. It generates a secret key of 32 bytes.
• The minimum recommended size for a secret key is 32 bytes.
• The recommended minimum output size is 32.
• This interface only allows creating authentication tag using BLAKE2b. If hash digests are needed, please refer to the hash::blake2::blake2b module.

Example:

use orion::hazardous::mac::blake2b::{Blake2b, SecretKey};

let key = SecretKey::generate();

let mut state = Blake2b::new(&key, 64)?;
state.update(b"Some data")?;
let tag = state.finalize()?;

assert!(Blake2b::verify(&tag, &key, 64, b"Some data").is_ok());

Structs

Blake2b

BLAKE2b streaming state.

SecretKey

A type to represent the secret key that BLAKE2b uses for keyed mode.

Tag

A type to represent the Tag that BLAKE2b returns.