add WOLFSSL_API wrappers wc_InitBlake2b_WithKey(), wc_InitBlake2s_WithKey(), and wc_curve25519_make_priv().

wolfcrypt/src/blake2b.c

@@ -429,6 +429,22 @@ int wc_InitBlake2b(Blake2b* b2b, word32 digestSz)
     return blake2b_init(b2b->S, (byte)digestSz);
 }
 
+/* Init Blake2b digest with key, track size in case final doesn't want to "remember" */
+int wc_InitBlake2b_WithKey(Blake2b* b2b, word32 digestSz, const byte *key, word32 keylen)
+{
+    if (b2b == NULL){
+        return -1;
+    }
+    b2b->digestSz = digestSz;
+
+    if (keylen >= 256)
+        return -1;
+
+    if (key)
+        return blake2s_init_key(b2b->S, (byte)digestSz, key, (byte)keylen);
+    else
+        return blake2s_init(b2b->S, (byte)digestSz);
+}
 
 /* Blake2b Update */
 int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz)

wolfcrypt/src/blake2s.c

@@ -424,6 +424,24 @@ int wc_InitBlake2s(Blake2s* b2s, word32 digestSz)
 }
 
 
+/* Init Blake2s digest with key, track size in case final doesn't want to "remember" */
+int wc_InitBlake2s_WithKey(Blake2s* b2s, word32 digestSz, const byte *key, word32 keylen)
+{
+    if (b2s == NULL){
+        return -1;
+    }
+    b2s->digestSz = digestSz;
+
+    if (keylen >= 256)
+        return -1;
+
+    if (key)
+        return blake2s_init_key(b2s->S, (byte)digestSz, key, (byte)keylen);
+    else
+        return blake2s_init(b2s->S, (byte)digestSz);
+}
+
+
 /* Blake2s Update */
 int wc_Blake2sUpdate(Blake2s* b2s, const byte* data, word32 sz)
 {

wolfcrypt/src/curve25519.c

@@ -100,7 +100,12 @@ int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
     return ret;
 }
 
-int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
+/* generate a new private key, as a bare vector.
+ *
+ * return value is propagated from wc_RNG_GenerateBlock(() (0 on success),
+ * or BAD_FUNC_ARG/ECC_BAD_ARG_E, and the byte vector is little endian.
+ */
+int wc_curve25519_make_priv(WC_RNG* rng, int keysize, byte* key)
 {
     int ret;
 
@@ -112,15 +117,29 @@ int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
         return ECC_BAD_ARG_E;
 
     /* random number for private key */
-    ret = wc_RNG_GenerateBlock(rng, key->k.point, keysize);
+    ret = wc_RNG_GenerateBlock(rng, key, keysize);
     if (ret != 0)
         return ret;
 
     /* Clamp the private key */
-    key->k.point[0] &= 248;
-    key->k.point[CURVE25519_KEYSIZE-1] &= 63; /* same &=127 because |=64 after */
-    key->k.point[CURVE25519_KEYSIZE-1] |= 64;
+    key[0] &= 248;
+    key[CURVE25519_KEYSIZE-1] &= 63; /* same &=127 because |=64 after */
+    key[CURVE25519_KEYSIZE-1] |= 64;
 
+    return 0;
+}
+
+/* generate a new keypair.
+ *
+ * return value is propagated from wc_curve25519_make_private() or
+ * wc_curve25519_make_pub() (0 on success).
+ */
+int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key) {
+    if (key == NULL || rng == NULL)
+        return BAD_FUNC_ARG;
+    int ret = wc_curve25519_make_priv(rng, keysize, key->k.point);
+    if (ret < 0)
+        return ret;
     return wc_curve25519_make_pub((int)sizeof key->p.point, key->p.point, sizeof key->k.point, key->k.point);
 }
 

wolfssl/wolfcrypt/blake2.h

@@ -76,12 +76,14 @@ typedef struct Blake2s {
 
 #ifdef HAVE_BLAKE2B
 WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32);
+WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2s*, word32, const byte *, word32);
 WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32);
 WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32);
 #endif
 
 #ifdef HAVE_BLAKE2S
 WOLFSSL_API int wc_InitBlake2s(Blake2s*, word32);
+WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s*, word32, const byte *, word32);
 WOLFSSL_API int wc_Blake2sUpdate(Blake2s*, const byte*, word32);
 WOLFSSL_API int wc_Blake2sFinal(Blake2s*, byte*, word32);
 #endif

wolfssl/wolfcrypt/curve25519.h

@@ -90,6 +90,9 @@ WOLFSSL_API
 int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
                            const byte* priv);
 
+WOLFSSL_API
+int wc_curve25519_make_priv(WC_RNG* rng, int keysize, byte* priv);
+
 WOLFSSL_API
 int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);