cesarb / blake2-rfc Goto Github PK

View Code? Open in Web Editor NEW

63.0 6.0 17.0 689 KB

A pure Rust implementation of BLAKE2 based on RFC 7693.

License: Apache License 2.0

Rust 100.00%

blake2-rfc's Introduction

blake2-rfc

This is a pure Rust implementation of BLAKE2 based on RFC 7693.

Design

This crate follow the common API design for streaming hash functions, which has one state/context struct and three associated functions: one to initialize the struct, one which is called repeatedly to process the incoming data, and one to do the final processing and return the hash. For the case where the full data is already in memory, there is a convenience function which does these three steps in a single call.

This basic design was slightly adapted to make a better use of Rust's characteristics: the finalization function consumes the struct, doing a move instead of a borrow, so the struct cannot be accidentally used after its internal state has been overwritten by the finalization.

To prevent timing attacks, it's important that the comparison of hash values takes constant time. To make it easier to do the right thing, the finalization function returns the result wrapped in a struct which does a constant-time comparison by default. If a constant-time comparison is not necessary, the hash result can easily be extracted from this struct.

Limitations

A single BLAKE2b hash is limited to 16 exabytes, lower than its theorical limit (but identical to the BLAKE2s theorical limit), due to the use of a u64 as the byte counter. This limit can be increased, if necessary, after either the extprim crate (with its u128 type) or the OverflowingOps trait become usable with the "stable" Rust release.

This crate does not attempt to clear potentially sensitive data from its work memory (which includes the state context, the stack, and processor registers). To do so correctly without a heavy performance penalty would require help from the compiler. It's better to not attempt to do so than to present a false assurance.

Non-RFC uses

This crate is limited to the features described in the RFC: only the "digest length" and "key length" parameters can be used.

If you need to use other advanced BLAKE2 features, this crate has an undocumented function to create a hashing context with an arbitrary parameter block, and an undocumented function to finalize the last node in tree hashing mode. You are responsible for creating a valid parameter block, for hashing the padded key block if using keyed hashing, and for calling the correct finalization function. The parameter block is not validated by these functions.

SIMD optimization

This crate has experimental support for explicit SIMD optimizations. It requires nightly Rust due to the use of unstable features.

The following cargo features enable the explicit SIMD optimization:

simd enables the explicit use of SIMD vectors instead of a plain struct
simd_opt additionally enables the use of SIMD shuffles to implement some of the rotates
simd_asm additionally enables the use of inline asm to implement some of the SIMD shuffles

While one might expect that each of these is faster than the previous one, and that they are all faster than not enabling explicit SIMD vectors, that's not always the case. It can vary depending on target architecture and compiler options. If you need the extra speed from these optimizations, benchmark each one (the bench feature enables cargo bench in this crate, so you can use for instance cargo bench --features="bench simd_asm"). They have currently been tuned for SSE2 (x86 and x86-64) and NEON (arm).

`no_std` support

This crate links against the Rust standard library by default, to provide implementations of std::io::Write. To build no_std, use default-features = false.

License

Licensed under either of

Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

blake2-rfc's People

Contributors

Stargazers

Watchers

Forkers

zmanian ia0 mcginty gtank burdges brenzi atul9 nikvolf c410-f3r naincykumariknoldus sgx-test peterhj jefferyq7

blake2-rfc's Issues

Add "Digest" trait

I see that your crate uses macros. Is it possible to provide a Digest trait? It doesn't have to match the rust-crypto Digest trait.

Ppoblem with compilation after updating serde to v1.0.62

Hi, need help. After updating serde I catch a lot of errors addressed to i128/u128 types.

error[E0658]: 128-bit type is unstable (see issue #35118)
   --> .../.cargo/registry/src/github.com-1ecc6299db9ec823/serde-1.0.62/src/de/value.rs:242:29
    |
242 |     primitive_deserializer!(i128, "an `i128`.", I128Deserializer, visit_i128);
    |                             ^^^^
    |
    = help: add #![feature(i128_type)] to the crate attributes to enable

If you want more information on this error, try using "rustc --explain E0658"
error[E0658]: 128-bit type is unstable (see issue #35118)
   --> .../.cargo/registry/src/github.com-1ecc6299db9ec823/serde-1.0.62/src/de/value.rs:243:29
    |
243 |     primitive_deserializer!(u128, "a `u128`.", U128Deserializer, visit_u128);
    |                             ^^^^
    |
    = help: add #![feature(i128_type)] to the crate attributes to enable

no_std is broken (using with sgx)

When I use this crate within a sgx enclave (https://github.com/baidu/rust-sgx-sdk)
I get:

error: duplicate lang item in crate `std`: `f32_runtime`.
  |
  = note: first defined in crate `sgx_tstd`.

error: duplicate lang item in crate `std`: `f64_runtime`.
  |
  = note: first defined in crate `sgx_tstd`.

error: duplicate lang item in crate `std`: `panic_impl`.
  |
  = note: first defined in crate `sgx_tstd`.

error: duplicate lang item in crate `std`: `oom`.
  |
  = note: first defined in crate `sgx_trts`.

Cargo.toml:

...
blake2-rfc = { version = "0.2.18", default-features = false}
...

What is the default IV (personalization) to blake2b function?

I'm looking for an 8-byte value such as one used in sapling-crypto: https://github.com/matter-labs/sapling-crypto/blob/master/src/circuit/blake2s.rs#L265

Does not build with `simd` feature enabled

Cargo.toml:

[dependencies]
blake2 = { version = "*", features = ["simd"] }

rustc 1.24.0-nightly (f8af59d95 2017-12-13)

error[E0432]: unresolved import `simdint`
 --> /home/sanmai/.cargo/bin/registry/src/github.com-1ecc6299db9ec823/blake2-0.7.0/src/simd/simdop.rs:9:30
  |
9 | #[cfg(feature = "simd")] use simdint;
  |                              ^^^^^^^ no `simdint` in the root

Update ArrayVec to version 0.7

On #16, backwards compatibility was a thing to be considered but the PR ended up being merged anyway (even with CI still pointing to version 1.20).

So in order to avoid having duplicated dependencies in the same project, do you mind me creating a PR to update ArrayVec?

It is also worth mentioning that the Rust team does not back-port security bugs , i.e., old compiler versions are vulnerable to known issues (https://www.cvedetails.com/vulnerability-list/vendor_id-19029/product_id-48677/Rust-lang-Rust.html) with https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html being the most recent.

Relicense under dual MIT/Apache-2.0

This issue was automatically generated. Feel free to close without ceremony if
you do not agree with re-licensing or if it is not possible for other reasons.
Respond to @cmr with any questions or concerns, or pop over to
#rust-offtopic on IRC to discuss.

You're receiving this because someone (perhaps the project maintainer)
published a crates.io package with the license as "MIT" xor "Apache-2.0" and
the repository field pointing here.

TL;DR the Rust ecosystem is largely Apache-2.0. Being available under that
license is good for interoperation. The MIT license as an add-on can be nice
for GPLv2 projects to use your code.

Why?

The MIT license requires reproducing countless copies of the same copyright
header with different names in the copyright field, for every MIT library in
use. The Apache license does not have this drawback. However, this is not the
primary motivation for me creating these issues. The Apache license also has
protections from patent trolls and an explicit contribution licensing clause.
However, the Apache license is incompatible with GPLv2. This is why Rust is
dual-licensed as MIT/Apache (the "primary" license being Apache, MIT only for
GPLv2 compat), and doing so would be wise for this project. This also makes
this crate suitable for inclusion and unrestricted sharing in the Rust
standard distribution and other projects using dual MIT/Apache, such as my
personal ulterior motive, the Robigalia project.

Some ask, "Does this really apply to binary redistributions? Does MIT really
require reproducing the whole thing?" I'm not a lawyer, and I can't give legal
advice, but some Google Android apps include open source attributions using
this interpretation. Others also agree with
it.
But, again, the copyright notice redistribution is not the primary motivation
for the dual-licensing. It's stronger protections to licensees and better
interoperation with the wider Rust ecosystem.

How?

To do this, get explicit approval from each contributor of copyrightable work
(as not all contributions qualify for copyright, due to not being a "creative
work", e.g. a typo fix) and then add the following to your README:

## License

Licensed under either of

 * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)
 * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)

at your option.

### Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any
additional terms or conditions.

and in your license headers, if you have them, use the following boilerplate
(based on that used in Rust):

// Copyright 2016 blake2-rfc Developers
//
// Licensed under the Apache License, Version 2.0, <LICENSE-APACHE or
// http://apache.org/licenses/LICENSE-2.0> or the MIT license <LICENSE-MIT or
// http://opensource.org/licenses/MIT>, at your option. This file may not be
// copied, modified, or distributed except according to those terms.

It's commonly asked whether license headers are required. I'm not comfortable
making an official recommendation either way, but the Apache license
recommends it in their appendix on how to use the license.

Be sure to add the relevant LICENSE-{MIT,APACHE} files. You can copy these
from the Rust repo for a plain-text
version.

And don't forget to update the license metadata in your Cargo.toml to:

license = "MIT OR Apache-2.0"

I'll be going through projects which agree to be relicensed and have approval
by the necessary contributors and doing this changes, so feel free to leave
the heavy lifting to me!

Contributor checkoff

To agree to relicensing, comment with :

I license past and future contributions under the dual MIT/Apache-2.0 license, allowing licensees to chose either at their option.

Or, if you're a contributor, you can check the box in this repo next to your
name. My scripts will pick this exact phrase up and check your checkbox, but
I'll come through and manually review this issue later as well.

@cesarb

Implement Copy on Blake2b?

It would sometimes be useful to copy the hash accumulator state.