wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-04 02:15:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add HMAC-BLAKE2b and HMAC-BLAKE2s API functions

Browse Source
This commit is contained in:
Josh Holtrop
2026-01-09 18:19:06 -05:00
parent 2a5256ba18
commit 92b57d7e34
4 changed files with 248 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
wolfcrypt/src/blake2b.c
View File

@@ -511,7 +511,65 @@ int wc_Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz)
}
/* end CTaoCrypt API */
int wc_Blake2bHmac(const byte * in, size_t in_len,
const byte * key, size_t key_len,
byte * out, size_t out_len)
{
byte x_key[BLAKE2B_BLOCKBYTES];
byte i_hash[BLAKE2B_OUTBYTES];
Blake2b state;
int i;
int ret;
if (in == NULL || key == NULL || out == NULL)
return BAD_FUNC_ARG;
if (out_len != BLAKE2B_OUTBYTES)
return BUFFER_E;
if (key_len > BLAKE2B_BLOCKBYTES) {
if ((ret = wc_InitBlake2b(&state, BLAKE2B_OUTBYTES)) != 0)
return ret;
if ((ret = wc_Blake2bUpdate(&state, key, (word32)key_len)) != 0)
return ret;
if ((ret = wc_Blake2bFinal(&state, x_key, 0)) != 0)
return ret;
} else {
XMEMCPY(x_key, key, key_len);
XMEMSET(x_key + key_len, 0, BLAKE2B_BLOCKBYTES - key_len);
}
for (i = 0; i < BLAKE2B_BLOCKBYTES; ++i)
x_key[i] ^= 0x36U;
if ((ret = wc_InitBlake2b(&state, BLAKE2B_OUTBYTES)) != 0)
return ret;
if ((ret = wc_Blake2bUpdate(&state, x_key, BLAKE2B_BLOCKBYTES)) != 0)
return ret;
if ((ret = wc_Blake2bUpdate(&state, in, (word32)in_len)) != 0)
return ret;
if ((ret = wc_Blake2bFinal(&state, i_hash, 0)) != 0)
return ret;
for (i = 0; i < BLAKE2B_BLOCKBYTES; ++i)
x_key[i] ^= (0x5CU ^ 0x36U);
if ((ret = wc_InitBlake2b(&state, BLAKE2B_OUTBYTES)) != 0)
return ret;
if ((ret = wc_Blake2bUpdate(&state, x_key, BLAKE2B_BLOCKBYTES)) != 0)
return ret;
if ((ret = wc_Blake2bUpdate(&state, i_hash, BLAKE2B_OUTBYTES)) != 0)
return ret;
if ((ret = wc_Blake2bFinal(&state, i_hash, 0)) != 0)
return ret;
XMEMCPY(out, i_hash, BLAKE2B_OUTBYTES);
XMEMSET(x_key, 0, BLAKE2B_BLOCKBYTES);
XMEMSET(i_hash, 0, BLAKE2B_OUTBYTES);
return 0;
}
/* end wolfCrypt API */
#endif /* HAVE_BLAKE2 */

62
wolfcrypt/src/blake2s.c
View File

@@ -505,7 +505,65 @@ int wc_Blake2sFinal(Blake2s* b2s, byte* final, word32 requestSz)
}
/* end CTaoCrypt API */
int wc_Blake2sHmac(const byte * in, size_t in_len,
const byte * key, size_t key_len,
byte * out, size_t out_len)
{
byte x_key[BLAKE2S_BLOCKBYTES];
byte i_hash[BLAKE2S_OUTBYTES];
Blake2s state;
int i;
int ret;
if (in == NULL || key == NULL || out == NULL)
return BAD_FUNC_ARG;
if (out_len != BLAKE2S_OUTBYTES)
return BUFFER_E;
if (key_len > BLAKE2S_BLOCKBYTES) {
if ((ret = wc_InitBlake2s(&state, BLAKE2S_OUTBYTES)) != 0)
return ret;
if ((ret = wc_Blake2sUpdate(&state, key, (word32)key_len)) != 0)
return ret;
if ((ret = wc_Blake2sFinal(&state, x_key, 0)) != 0)
return ret;
} else {
XMEMCPY(x_key, key, key_len);
XMEMSET(x_key + key_len, 0, BLAKE2S_BLOCKBYTES - key_len);
}
for (i = 0; i < BLAKE2S_BLOCKBYTES; ++i)
x_key[i] ^= 0x36U;
if ((ret = wc_InitBlake2s(&state, BLAKE2S_OUTBYTES)) != 0)
return ret;
if ((ret = wc_Blake2sUpdate(&state, x_key, BLAKE2S_BLOCKBYTES)) != 0)
return ret;
if ((ret = wc_Blake2sUpdate(&state, in, (word32)in_len)) != 0)
return ret;
if ((ret = wc_Blake2sFinal(&state, i_hash, 0)) != 0)
return ret;
for (i = 0; i < BLAKE2S_BLOCKBYTES; ++i)
x_key[i] ^= (0x5CU ^ 0x36U);
if ((ret = wc_InitBlake2s(&state, BLAKE2S_OUTBYTES)) != 0)
return ret;
if ((ret = wc_Blake2sUpdate(&state, x_key, BLAKE2S_BLOCKBYTES)) != 0)
return ret;
if ((ret = wc_Blake2sUpdate(&state, i_hash, BLAKE2S_OUTBYTES)) != 0)
return ret;
if ((ret = wc_Blake2sFinal(&state, i_hash, 0)) != 0)
return ret;
XMEMCPY(out, i_hash, BLAKE2S_OUTBYTES);
XMEMSET(x_key, 0, BLAKE2S_BLOCKBYTES);
XMEMSET(i_hash, 0, BLAKE2S_OUTBYTES);
return 0;
}
/* end wolfCrypt API */
#endif /* HAVE_BLAKE2S */