Add hash function BLAKE2 to crypto:hash/hmac

Adds two hash functions blake2b and blake2s (64 bit hash and 32 bit hash respectively). These are modern and standard hash functions used in blockchains and encrypted communication protocols (e.g. Noise - http://www.noiseprotocol.org/). The hash functions are available in OpenSSL since version 1.1.1. Also add test cases and mention in documentation.
author: Hans Svensson <[email protected]> 2019-02-04 10:47:25 +0100
committer: Hans Svensson <[email protected]> 2019-02-04 12:03:56 +0100
commit: c106a56a415bcef201bca8c1f1454ab6fe9bdb46 (patch)
tree: a05d8edd3caca82a7c92d92dd404919519b157af /lib/crypto/c_src
parent: 4bdbb313f621d54038a9c17c6d9895650d539eab (diff)
download: otp-c106a56a415bcef201bca8c1f1454ab6fe9bdb46.tar.gz
otp-c106a56a415bcef201bca8c1f1454ab6fe9bdb46.tar.bz2
otp-c106a56a415bcef201bca8c1f1454ab6fe9bdb46.zip
5 files changed, 40 insertions, 2 deletions
diff --git a/lib/crypto/c_src/algorithms.c b/lib/crypto/c_src/algorithms.c
index 6318c8ad5a..a5bf248ea0 100644
--- a/lib/crypto/c_src/algorithms.c
+++ b/lib/crypto/c_src/algorithms.c
@@ -21,7 +21,7 @@
 #include "algorithms.h"
 
 static unsigned int algo_hash_cnt, algo_hash_fips_cnt;
-static ERL_NIF_TERM algo_hash[12];   /* increase when extending the list */
+static ERL_NIF_TERM algo_hash[14];   /* increase when extending the list */
 static unsigned int algo_pubkey_cnt, algo_pubkey_fips_cnt;
 static ERL_NIF_TERM algo_pubkey[12]; /* increase when extending the list */
 static unsigned int algo_cipher_cnt, algo_cipher_fips_cnt;
@@ -62,6 +62,11 @@ void init_algorithms_types(ErlNifEnv* env)
 #ifdef HAVE_SHA3_512
     algo_hash[algo_hash_cnt++] = enif_make_atom(env, "sha3_512");
 #endif
+#ifdef HAVE_BLAKE2
+    algo_hash[algo_hash_cnt++] = enif_make_atom(env, "blake2b");
+    algo_hash[algo_hash_cnt++] = enif_make_atom(env, "blake2s");
+#endif
+
     // Non-validated algorithms follow
     algo_hash_fips_cnt = algo_hash_cnt;
     algo_hash[algo_hash_cnt++] = enif_make_atom(env, "md4");
@@ -136,7 +141,7 @@ void init_algorithms_types(ErlNifEnv* env)
 #if defined(HAVE_CHACHA20)
     algo_cipher[algo_cipher_cnt++] = enif_make_atom(env,"chacha20");
 #endif
- 
+
     // Validated algorithms first
     algo_mac_cnt = 0;
     algo_mac[algo_mac_cnt++] = enif_make_atom(env,"hmac");
diff --git a/lib/crypto/c_src/atoms.c b/lib/crypto/c_src/atoms.c
index 3a028b9a67..5f19327197 100644
--- a/lib/crypto/c_src/atoms.c
+++ b/lib/crypto/c_src/atoms.c
@@ -110,6 +110,11 @@ ERL_NIF_TERM atom_sha3_512;
 ERL_NIF_TERM atom_md5;
 ERL_NIF_TERM atom_ripemd160;
 
+#ifdef HAVE_BLAKE2
+ERL_NIF_TERM atom_blake2b;
+ERL_NIF_TERM atom_blake2s;
+#endif
+
 #ifdef HAS_ENGINE_SUPPORT
 ERL_NIF_TERM atom_bad_engine_method;
 ERL_NIF_TERM atom_bad_engine_id;
@@ -239,6 +244,10 @@ int init_atoms(ErlNifEnv *env, const ERL_NIF_TERM fips_mode, const ERL_NIF_TERM
     atom_sha3_512 = enif_make_atom(env,"sha3_512");
     atom_md5 = enif_make_atom(env,"md5");
     atom_ripemd160 = enif_make_atom(env,"ripemd160");
+#ifdef HAVE_BLAKE2
+    atom_blake2b = enif_make_atom(env,"blake2b");
+    atom_blake2s = enif_make_atom(env,"blake2s");
+#endif
 
 #ifdef HAS_ENGINE_SUPPORT
     atom_bad_engine_method = enif_make_atom(env,"bad_engine_method");
diff --git a/lib/crypto/c_src/atoms.h b/lib/crypto/c_src/atoms.h
index 9ddf0131ac..32f5ec856c 100644
--- a/lib/crypto/c_src/atoms.h
+++ b/lib/crypto/c_src/atoms.h
@@ -113,6 +113,10 @@ extern ERL_NIF_TERM atom_sha3_384;
 extern ERL_NIF_TERM atom_sha3_512;
 extern ERL_NIF_TERM atom_md5;
 extern ERL_NIF_TERM atom_ripemd160;
+#ifdef HAVE_BLAKE2
+extern ERL_NIF_TERM atom_blake2b;
+extern ERL_NIF_TERM atom_blake2s;
+#endif
 
 #ifdef HAS_ENGINE_SUPPORT
 extern ERL_NIF_TERM atom_bad_engine_method;
diff --git a/lib/crypto/c_src/digest.c b/lib/crypto/c_src/digest.c
index 00ba65bf54..fec286c000 100644
--- a/lib/crypto/c_src/digest.c
+++ b/lib/crypto/c_src/digest.c
@@ -82,6 +82,20 @@ static struct digest_type_t digest_types[] =
      {NULL}
 #endif
     },
+    {{"blake2b"},
+#ifdef HAVE_BLAKE2
+     {&EVP_blake2b512}
+#else
+     {NULL}
+#endif
+    },
+    {{"blake2s"},
+#ifdef HAVE_BLAKE2
+     {&EVP_blake2s256}
+#else
+     {NULL}
+#endif
+    },
 
     {{NULL}, {NULL}}
 };
diff --git a/lib/crypto/c_src/openssl_config.h b/lib/crypto/c_src/openssl_config.h
index c0ce1a59fe..16bc59a865 100644
--- a/lib/crypto/c_src/openssl_config.h
+++ b/lib/crypto/c_src/openssl_config.h
@@ -158,6 +158,12 @@
 #  define HAVE_SHA3_512
 # endif
 
+// BLAKE2:
+#if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,1,1) \
+    && !defined(OPENSSL_NO_BLAKE2)
+# define HAVE_BLAKE2
+#endif
+
 #if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION(0,9,8,'o') \
 	&& !defined(OPENSSL_NO_EC) \
 	&& !defined(OPENSSL_NO_ECDH) \
author	Hans Svensson <[email protected]>	2019-02-04 10:47:25 +0100
committer	Hans Svensson <[email protected]>	2019-02-04 12:03:56 +0100
commit	c106a56a415bcef201bca8c1f1454ab6fe9bdb46 (patch)
tree	a05d8edd3caca82a7c92d92dd404919519b157af /lib/crypto/c_src
parent	4bdbb313f621d54038a9c17c6d9895650d539eab (diff)
download	otp-c106a56a415bcef201bca8c1f1454ab6fe9bdb46.tar.gz otp-c106a56a415bcef201bca8c1f1454ab6fe9bdb46.tar.bz2 otp-c106a56a415bcef201bca8c1f1454ab6fe9bdb46.zip