Skip to content

Add HMAC-BLAKE2b and HMAC-BLAKE2s API functions #9642

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
holtrop-wolfssl wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Add HMAC-BLAKE2b and HMAC-BLAKE2s API functions #9642

holtrop-wolfssl wants to merge 4 commits into from
+431 −17

Conversation

@holtrop-wolfssl
Copy link
Contributor

@holtrop-wolfssl holtrop-wolfssl commented Jan 12, 2026

Description

Add HMAC-BLAKE2b and HMAC-BLAKE2s API functions

Testing

Added unit tests with two KAT vectors for each HMAC-BLAKE2b and HMAC-BLAKE2s. Verified KAT vectors with both OpenSSL and Rust blake2 crate.

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@holtrop-wolfssl holtrop-wolfssl self-assigned this Jan 12, 2026
@holtrop-wolfssl
Copy link
Contributor Author

holtrop-wolfssl commented Jan 12, 2026

retest this please (org.jenkinsci.plugins.workflow.support.steps.AgentOfflineException: Unable to create live FilePath for wolf-linux-cloud-node-02zun3; wolf-linux-cloud-node-02zun3 was marked offline: Connection was broken)

@holtrop-wolfssl holtrop-wolfssl marked this pull request as ready for review January 12, 2026 18:50
@devin-ai-integration
Copy link
Contributor

devin-ai-integration bot commented Jan 12, 2026

🛟 Devin Lifeguard found 2 likely issues in this PR

  • use-forcezero snippet snippet: Replace both XMEMSET(x_key, 0, BLAKE2B_BLOCKBYTES); / XMEMSET(i_hash, 0, BLAKE2B_OUTBYTES); (and the corresponding BLAKE2s lines) with ForceZero(x_key, BLAKE2B_BLOCKBYTES); and ForceZero(i_hash, BLAKE2B_OUTBYTES);.
  • limit-stack-usage snippet snippet: Move x_key and i_hash (and optionally the state) to heap-allocated buffers using the WOLFSSL_SMALL_STACK pattern (e.g., XMALLOC / XFREE) to keep per-call stack usage under 100 bytes.

@holtrop-wolfssl
please take a look at the above issues which Devin flagged. Devin will not fix these issues automatically.

SparkiDev
SparkiDev reviewed Jan 12, 2026
View reviewed changes
@holtrop-wolfssl
Copy link
Contributor Author

holtrop-wolfssl commented Jan 13, 2026

🛟 Devin Lifeguard found 2 likely issues in this PR

  • use-forcezero snippet snippet: Replace both XMEMSET(x_key, 0, BLAKE2B_BLOCKBYTES); / XMEMSET(i_hash, 0, BLAKE2B_OUTBYTES); (and the corresponding BLAKE2s lines) with ForceZero(x_key, BLAKE2B_BLOCKBYTES); and ForceZero(i_hash, BLAKE2B_OUTBYTES);.
  • limit-stack-usage snippet snippet: Move x_key and i_hash (and optionally the state) to heap-allocated buffers using the WOLFSSL_SMALL_STACK pattern (e.g., XMALLOC / XFREE) to keep per-call stack usage under 100 bytes.

@holtrop-wolfssl please take a look at the above issues which Devin flagged. Devin will not fix these issues automatically.

@douzzer / @SparkiDev - I had mostly copied and adapted @douzzer's kernel implementation for this. But would it make sense to you two to fix either/both of these Devin suggestions?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SparkiDev SparkiDev SparkiDev left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@holtrop-wolfssl holtrop-wolfssl

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@holtrop-wolfssl @SparkiDev @wolfSSL-Bot