toothrot
commented
4 years ago /cc @FiloSottile @katiehockman
Open cathugger opened 4 years ago
toothrot
commented
4 years ago /cc @FiloSottile @katiehockman
cathugger
commented
4 years ago btw I can provide patch if needed, just not exactly sure about desired API.
It'll probably be func New(size int, key []byte) (hash.Hash, error) as that'd mirror blake2b's API, and allow more choices blake2s is capable of.
I'm unsure if Sum()-like API should be added, blake2b have them fixed-length without 224bit variant, and sha3's ShakeSum128/ShakeSum256 functions don't actually have output length distinguishers, so it wouldn't act exactly the same.
Nephirus
commented
4 years ago I've created a pull request for this issue, using API suggestion by @cathugger
What version of Go are you using (
go version)?irrelevant
Does this issue reproduce with the latest release?
yes
What operating system and processor architecture are you using (
go env)?irrelevant
What did you do?
Went to https://godoc.org/golang.org/x/crypto/blake2s and looked for 224bit version.
What did you expect to see?
Something like
func New224(key []byte) (hash.Hash, error)(kinda like in crypto/sha256) orfunc New(size int, key []byte) (hash.Hash, error)(like in x/crypto/blake2b).What did you see instead?
I didn't find anything what would clearly enable using canonical blake2s-224 hash. Truncating New256 output would be ugly and wouldn't match canonical blake2s-224 (output size is embedded into IV). I don't think blake2s XOF would provide canonical blake2s-224 either.