Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose keyed Blake2 interface #17

Merged
merged 1 commit into from
Sep 25, 2023
Merged

Expose keyed Blake2 interface #17

merged 1 commit into from
Sep 25, 2023

Conversation

MatthiasValvekens
Copy link

@MatthiasValvekens MatthiasValvekens commented Sep 23, 2023
edited
Loading

This PR is a resubmit of haskell-crypto#364. Since the parent project is now defunct, I rebased them onto the master branch of this fork. The original PR description is included below.

Earlier today I noticed an old open issue for keyed Blake2 support (see haskell-crypto#196). Since I need Blake2b-MAC for one of my own pet projects, and it was a simple matter of properly exposing an existing C interface, I figured I'd have a go at adding it myself.

Here's a summary of the changes:

  • Expose keyed init functions for all Blake2 variants (as suggested in a comment from @vincenthz on Support keyed BLAKE2 haskell-crypto/cryptonite#196)
  • Add HashBlake2 typeclass in Crypto.Hash.Blake2 to support keyed initialisation.
  • Add a KeyedBlake2 module to Crypto.MAC with an interface that's essentially isomorphic to the other modules in Crypto.MAC
  • Add tests for all variants. I used the same methodology as the tests for KMAC that were already in the test suite. I got my test vectors from https://github.com/BLAKE2/BLAKE2/.

Note that this is my first time messing around with cryptonite internals, and my experience with the foreign function interface is also pretty limited. In particular, I'd really appreciate a sanity check on the following points:

  • Organisation of the new API.
  • The function signatures for the various cryptonite_blake2XYZ_init_key entry points in the C layer.
  • My implementation of initialize in Crypto.MAC.KeyedBlake2 (the only nontrivial piece of unsafe code)

If there's anything else I need to address, please don't hesitate to tell me.

Thanks a lot!

@MatthiasValvekens
Expose keyed Blake2 interface
a86693b 
This fixes haskell-crypto#196.

 - FFI: expose keyed init functions for all Blake2 variants
 - Add HashBlake2 typeclass in Crypto.Hash.Blake2 to support keyed init
 - Add KeyedBlake2 module to Crypto.MAC

Uses KAT vectors from BLAKE2/BLAKE2 repository, plus quickcheck tests
analogous to those in the KAT_KMAC test module.
@kazu-yamamoto kazu-yamamoto self-requested a review September 25, 2023 00:12
kazu-yamamoto
kazu-yamamoto approved these changes Sep 25, 2023
View reviewed changes
Copy link
Owner

@kazu-yamamoto kazu-yamamoto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.
Let's merge this.

@kazu-yamamoto kazu-yamamoto merged commit b46ec56 into kazu-yamamoto:master Sep 25, 2023
@kazu-yamamoto
Copy link
Owner

Merged.
Thank you for your contribution!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kazu-yamamoto kazu-yamamoto kazu-yamamoto approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MatthiasValvekens @kazu-yamamoto