RustCrypto · tarcieri · Feb 4, 2021 · Jul 18, 2021 · Aug 28, 2021 · Aug 28, 2021
diff --git a/.kat/blake2-kat.json b/.kat/blake2-kat.json
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/blake2/CHANGELOG.md b/blake2/CHANGELOG.md
@@ -5,22 +5,6 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## 0.11.0 (UNRELEASED)
-### Added
-- `alloc` crate feature ([#678])
-
-### Changed
-- Edition changed to 2024 and MSRV bumped to 1.85 ([#652])
-- Relax MSRV policy and allow MSRV bumps in patch releases
-- Update to `digest` v0.11
-- Replace type aliases with newtypes ([#678])
-
-### Removed
-- `std` crate feature ([#678])
-
-[#652]: https://github.com/RustCrypto/hashes/pull/652
-[#678]: https://github.com/RustCrypto/hashes/pull/678
-
 ## 0.10.6 (2022-12-16)
 ### Added
 - `size_opt` Cargo feature ([#440])

diff --git a/blake2/Cargo.toml b/blake2/Cargo.toml
@@ -1,34 +1,45 @@
 [package]
 name = "blake2"
-version = "0.11.0-rc.2"
+version = "0.9.2"
 description = "BLAKE2 hash functions"
 authors = ["RustCrypto Developers"]
 license = "MIT OR Apache-2.0"
 readme = "README.md"
-edition = "2024"
-rust-version = "1.85"
+edition = "2018"
 documentation = "https://docs.rs/blake2"
 repository = "https://github.com/RustCrypto/hashes"
-keywords = ["blake2", "hash", "digest"]
+keywords = ["crypto", "blake2", "hash", "digest"]
 categories = ["cryptography", "no-std"]
 
 [dependencies]
-digest = { version = "0.11.0-rc.1", features = ["mac"] }
+arrayref = "0.3"
+arrayvec = { version = "0.5", default-features = false }
+crypto-mac = "0.8"
+digest = "0.9"
+opaque-debug = "0.3"
+subtle = { version = ">=2, <2.5", default-features = false }
 
 [dev-dependencies]
-digest = { version = "0.11.0-rc.1", features = ["dev"] }
-hex-literal = "1"
-base16ct = { version = "0.3", features = ["alloc"] }
+crypto-mac = { version = "0.8", features = ["dev"] }
+digest = { version = "0.9", features = ["dev"] }
+hex = "0.4"
+hex-literal = "0.2"
+lazy_static = "1.3"
+rand = "0.7"
+rand_chacha = "0.2"
+serde = { version = "1.0.91", features = ["derive"] }
+serde_json = "1.0.39"
 
 [features]
-default = ["alloc"]
-alloc = ["digest/alloc"]
-zeroize = ["digest/zeroize"]
-reset = [] # Enable reset functionality
-#simd = []
-#simd_opt = ["simd"]
-#simd_asm = ["simd_opt"]
-size_opt = [] # Optimize for code size. Removes some `inline(always)`
+default = ["blake2b", "blake2s"]
+blake2b = []
+blake2s = []
+# This crate does a lot of #[inline(always)]. For BLAKE2b on ARM Cortex-M0 (and
+# presumably other tiny chips), some of that inlining actually hurts
+# performance. This feature disables some inlining, improving the performance
+# of the portable implementation in that specific case.
+uninline_portable = []
 
 [package.metadata.docs.rs]
 all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
diff --git a/blake2/LICENSE-MIT b/blake2/LICENSE-MIT
@@ -1,6 +1,5 @@
-Copyright (c) 2017-2025 The RustCrypto Project Developers
-Copyright (c) 2017 Artyom Pavlov
 Copyright (c) 2015-2016 The blake2-rfc Developers, Cesar Barros
+Copyright (c) 2017 Artyom Pavlov
 
 Permission is hereby granted, free of charge, to any
 person obtaining a copy of this software and associated

diff --git a/blake2/README.md b/blake2/README.md
@@ -2,83 +2,33 @@
 
 [![crate][crate-image]][crate-link]
 [![Docs][docs-image]][docs-link]
-[![Build Status][build-image]][build-link]
 ![Apache2/MIT licensed][license-image]
 ![Rust Version][rustc-image]
 [![Project Chat][chat-image]][chat-link]
+[![Build Status][build-image]][build-link]
 
-Pure Rust implementation of the [BLAKE2] hash function family.
-
-## Examples
-
-### Fixed output size
-
-```rust
-use blake2::{Blake2b512, Blake2s256, Digest};
-use hex_literal::hex;
-
-// create a Blake2b512 object
-let mut hasher = Blake2b512::new();
-
-// write input message
-hasher.update(b"hello world");
-
-// read hash digest and consume hasher
-let hash = hasher.finalize();
-assert_eq!(hash, hex!(
-    "021ced8799296ceca557832ab941a50b4a11f83478cf141f51f933f653ab9fbc"
-    "c05a037cddbed06e309bf334942c4e58cdf1a46e237911ccd7fcf9787cbc7fd0"
-));
-
-// same example for Blake2s256:
-let mut hasher = Blake2s256::new();
-hasher.update(b"hello world");
-let hash = hasher.finalize();
-assert_eq!(hash, hex!("9aec6806794561107e594b1f6a8a6b0c92a0cba9acf5e5e93cca06f781813b0b"));
-
-// Hex-encode hash using https://docs.rs/base16ct
-let hex_hash = base16ct::lower::encode_string(&hash);
-assert_eq!(hex_hash, "9aec6806794561107e594b1f6a8a6b0c92a0cba9acf5e5e93cca06f781813b0b");
-```
-
-Also, see the [examples section] in the RustCrypto/hashes readme.
-
-### Variable output size
+Pure Rust implementation of the [BLAKE2 hash function][1] family.
 
-This implementation supports run and compile time variable sizes.
+[Documentation][docs-link]
 
-Output size set at run time:
-```rust
-use blake2::Blake2bVar;
-use blake2::digest::{Update, VariableOutput};
-use hex_literal::hex;
+## Minimum Supported Rust Version
 
-let mut hasher = Blake2bVar::new(10).unwrap();
-hasher.update(b"my_input");
-let mut buf = [0u8; 10];
-hasher.finalize_variable(&mut buf).unwrap();
-assert_eq!(buf, hex!("2cc55c84e416924e6400"));
-```
+Rust **1.41** or higher.
 
-Output size set at compile time:
-```rust
-use blake2::{Blake2b, Digest, digest::consts::U10};
-use hex_literal::hex;
+Minimum supported Rust version can be changed in the future, but it will be
+done with a minor version bump.
 
-type Blake2b80 = Blake2b<U10>;
+## SemVer Policy
 
-let mut hasher = Blake2b80::new();
-hasher.update(b"my_input");
-let res = hasher.finalize();
-assert_eq!(res, hex!("2cc55c84e416924e6400"));
-```
+- All on-by-default features of this library are covered by SemVer
+- MSRV is considered exempt from SemVer as noted above
 
 ## License
 
-The crate is licensed under either of:
+Licensed under either of:
 
-* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
-* [MIT license](http://opensource.org/licenses/MIT)
+ * [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
+ * [MIT license](http://opensource.org/licenses/MIT)
 
 at your option.
 
@@ -97,11 +47,10 @@ dual licensed as above, without any additional terms or conditions.
 [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
 [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
 [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260041-hashes
-[rustc-image]: https://img.shields.io/badge/rustc-1.85+-blue.svg
-[build-image]: https://github.com/RustCrypto/hashes/actions/workflows/blake2.yml/badge.svg?branch=master
-[build-link]: https://github.com/RustCrypto/hashes/actions/workflows/blake2.yml?query=branch:master
+[rustc-image]: https://img.shields.io/badge/rustc-1.41+-blue.svg
+[build-image]: https://github.com/RustCrypto/hashes/workflows/blake2/badge.svg?branch=master
+[build-link]: https://github.com/RustCrypto/hashes/actions?query=workflow%3Ablake2
 
 [//]: # (general links)
 
-[BLAKE2]: https://blake2.net/
-[examples section]: https://github.com/RustCrypto/hashes#Examples
+[1]: https://blake2.net/
diff --git a/blake2/fuzz/blake2b/.gitignore b/blake2/fuzz/blake2b/.gitignore
@@ -0,0 +1,4 @@
+
+target
+corpus
+artifacts
diff --git a/blake2/fuzz/blake2b/Cargo.toml b/blake2/fuzz/blake2b/Cargo.toml
@@ -0,0 +1,32 @@
+
+[package]
+name = "blake2-fuzz"
+version = "0.0.0"
+authors = ["Kirk Baird"]
+publish = false
+edition = "2018"
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+libfuzzer-sys = { version = "0.3", features = ["arbitrary-derive"] }
+
+[dependencies.blake2]
+path = "../.."
+
+# Prevent this from interfering with workspaces
+[workspace]
+members = ["."]
+
+[[bin]]
+name = "fuzz_updates"
+path = "fuzz_targets/fuzz_updates.rs"
+
+[[bin]]
+name = "fuzz_blake2b"
+path = "fuzz_targets/fuzz_blake2b.rs"
+
+[[bin]]
+name = "fuzz_blake2bp"
+path = "fuzz_targets/fuzz_blake2bp.rs"
diff --git a/blake2/fuzz/blake2b/fuzz_targets/fuzz_blake2b.rs b/blake2/fuzz/blake2b/fuzz_targets/fuzz_blake2b.rs
@@ -0,0 +1,8 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+use blake2::blake2b::blake2b;
+
+fuzz_target!(|data: &[u8]| {
+    blake2b(data);
+});
diff --git a/blake2/fuzz/blake2b/fuzz_targets/fuzz_blake2bp.rs b/blake2/fuzz/blake2b/fuzz_targets/fuzz_blake2bp.rs
@@ -0,0 +1,8 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+use blake2::blake2bp::blake2bp;
+
+fuzz_target!(|data: &[u8]| {
+    blake2bp(data);
+});
diff --git a/blake2/fuzz/blake2b/fuzz_targets/fuzz_updates.rs b/blake2/fuzz/blake2b/fuzz_targets/fuzz_updates.rs
@@ -0,0 +1,35 @@
+#![no_main]
+use libfuzzer_sys::{arbitrary, fuzz_target};
+
+use blake2::blake2b::{Params, KEYBYTES, OUTBYTES, PERSONALBYTES};
+
+#[derive(arbitrary::Arbitrary, Debug)]
+pub struct Wrapper {
+    hash_length: usize,
+    key: Vec<u8>,
+    personal: Vec<u8>,
+    updates: Vec<Vec<u8>>,
+}
+
+fuzz_target!(|wrap: Wrapper| {
+    if wrap.personal.len() > PERSONALBYTES {
+        return;
+    }
+    if wrap.key.len() > KEYBYTES {
+        return;
+    }
+    if 1 > wrap.hash_length || wrap.hash_length > OUTBYTES {
+        return;
+    }
+
+    let mut hasher = Params::new()
+        .hash_length(wrap.hash_length)
+        .key(&wrap.key)
+        .personal(&wrap.personal)
+        .to_state();
+
+    for update in wrap.updates {
+        hasher.update(&update);
+    }
+    hasher.finalize();
+});
diff --git a/blake2/fuzz/blake2s/.gitignore b/blake2/fuzz/blake2s/.gitignore
@@ -0,0 +1,4 @@
+
+target
+corpus
+artifacts
diff --git a/blake2/fuzz/blake2s/Cargo.toml b/blake2/fuzz/blake2s/Cargo.toml
@@ -0,0 +1,32 @@
+
+[package]
+name = "blake2s-fuzz"
+version = "0.0.0"
+authors = ["Kirk Baird"]
+publish = false
+edition = "2018"
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+libfuzzer-sys = { version = "0.3", features = ["arbitrary-derive"] }
+
+[dependencies.blake2]
+path = "../.."
+
+# Prevent this from interfering with workspaces
+[workspace]
+members = ["."]
+
+[[bin]]
+name = "fuzz_blake2s"
+path = "fuzz_targets/fuzz_blake2s.rs"
+
+[[bin]]
+name = "fuzz_blake2sp"
+path = "fuzz_targets/fuzz_blake2sp.rs"
+
+[[bin]]
+name = "fuzz_updates"
+path = "fuzz_targets/fuzz_blake2s.rs"
diff --git a/blake2/fuzz/blake2s/fuzz_targets/fuzz_blake2s.rs b/blake2/fuzz/blake2s/fuzz_targets/fuzz_blake2s.rs
@@ -0,0 +1,8 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+use blake2::blake2s::blake2s;
+
+fuzz_target!(|data: &[u8]| {
+    blake2s(data);
+});
diff --git a/blake2/fuzz/blake2s/fuzz_targets/fuzz_blake2sp.rs b/blake2/fuzz/blake2s/fuzz_targets/fuzz_blake2sp.rs
@@ -0,0 +1,8 @@
+#![no_main]
+use libfuzzer_sys::fuzz_target;
+
+use blake2::blake2sp::blake2sp;
+
+fuzz_target!(|data: &[u8]| {
+    blake2sp(data);
+});
diff --git a/blake2/fuzz/blake2s/fuzz_targets/fuzz_updates.rs b/blake2/fuzz/blake2s/fuzz_targets/fuzz_updates.rs
@@ -0,0 +1,35 @@
+#![no_main]
+use libfuzzer_sys::{arbitrary, fuzz_target};
+
+use blake2::blake2s::{Params, KEYBYTES, OUTBYTES, PERSONALBYTES};
+
+#[derive(arbitrary::Arbitrary, Debug)]
+pub struct Wrapper {
+    hash_length: usize,
+    key: Vec<u8>,
+    personal: Vec<u8>,
+    updates: Vec<Vec<u8>>,
+}
+
+fuzz_target!(|wrap: Wrapper| {
+    if wrap.personal.len() > PERSONALBYTES {
+        return;
+    }
+    if wrap.key.len() > KEYBYTES {
+        return;
+    }
+    if 1 > wrap.hash_length || wrap.hash_length > OUTBYTES {
+        return;
+    }
+
+    let mut hasher = Params::new()
+        .hash_length(wrap.hash_length)
+        .key(&wrap.key)
+        .personal(&wrap.personal)
+        .to_state();
+
+    for update in wrap.updates {
+        hasher.update(&update);
+    }
+    hasher.finalize();
+});