#crypto #blake2 #hash #mac #kdf


Implements Blake2b for crypto_api

2 unstable releases

0.2.0 Oct 7, 2021
0.1.3 Apr 3, 2019
0.1.2 Apr 3, 2019

#1488 in Cryptography

BSD-2-Clause OR MIT

336 lines

docs.rs License BSD-2-Clause License MIT crates.io Download numbers AppVeyor CI dependency status


Welcome to crypto_api_blake2 🎉


This crate implements Blake2b with APIs for various use-cases:

  • Streaming and oneshot variable length hash algorithm (obviously)
  • Streaming and oneshot message authentication code (= keyed hash with secure finalization to prevent length extension attacks)
  • Salt- and info-based KDF


⚠️ Some words of warning ahead: This library is beta and has not been audited yet – use at your own risk! ⚠️

However we try to do things right from the start – this library is KISS and tested against various test vectors.

Test Vectors

All implementations pass all reference test vectors and are assumed to produce correct results even in corner cases – we also use API test vectors to test our input validation.

Memory Hygiene

crypto_api_blake2 does not perform any attempts to erase sensitive contents from memory. However, all sensitive contents are stored in heap-allocated memory, so if you're using an erasing memory-allocator like MAProper they will be erased nontheless.

Using an erasing memory allocator is a good idea anyway, because Rust makes it pretty hard to keep track on how the memory is managed under the hood – the memory allocator on the other hand sees everything that happens on the heap and can take care of it accordingly.


Because this code implements the crypto_api, it depends on the crypto_api-crate. Otherwise, it's dependency less.