aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMattias Andrée <maandree@kth.se>2023-07-06 15:51:36 +0200
committerMattias Andrée <maandree@kth.se>2023-07-06 15:51:36 +0200
commit54b1980cc5d13d8ae2f697ee4834bd6b692bf7ab (patch)
tree3b894eca9af7850f805c383cf185ae05d68a12f4
parentbump year (diff)
downloadblakesum-b889adf6a60fd2457b633ad30c63a6f3d7eab309.tar.gz
blakesum-b889adf6a60fd2457b633ad30c63a6f3d7eab309.tar.bz2
blakesum-b889adf6a60fd2457b633ad30c63a6f3d7eab309.tar.xz
Add -P (pepper), -S (salt), and -K (key) to b2sum + m fix1.0
Signed-off-by: Mattias Andrée <maandree@kth.se>
-rw-r--r--README66
-rw-r--r--b224sum.14
-rw-r--r--b256sum.14
-rw-r--r--b2sum.166
-rw-r--r--b2sum.c89
-rw-r--r--b384sum.14
-rw-r--r--b512sum.14
-rw-r--r--bsum.18
-rw-r--r--bsum.c2
-rw-r--r--common.c74
-rw-r--r--common.h2
-rw-r--r--test.c2
12 files changed, 292 insertions, 33 deletions
diff --git a/README b/README
index 6ac5a02..7ad4a47 100644
--- a/README
+++ b/README
@@ -2,12 +2,13 @@ NAME
blakesum - Checksum utilities for the BLAKE-family of hashing functions
SYNOPSIS
- bsum [-l bits] [-c | -B | -L | -U] [-xz] [file] ...
- b224sum [-c | -B | -L | -U] [-xz] [file] ...
- b256sum [-c | -B | -L | -U] [-xz] [file] ...
- b384sum [-c | -B | -L | -U] [-xz] [file] ...
- b512sum [-c | -B | -L | -U] [-xz] [file] ...
- b2sum [-l bits | -X bits] [-c | -B | -L | -U] [-sxz] [file] ...
+ bsum [-l bits] [-S salt] [-c | -B | -L | -U] [-xz] [file] ...
+ b224sum [-S salt] [-c | -B | -L | -U] [-xz] [file] ...
+ b256sum [-S salt] [-c | -B | -L | -U] [-xz] [file] ...
+ b384sum [-S salt] [-c | -B | -L | -U] [-xz] [file] ...
+ b512sum [-S salt] [-c | -B | -L | -U] [-xz] [file] ...
+ b2sum [-l bits | -X bits] [-K key] [-P pepper] [-S salt] \
+ [-c | -B | -L | -U] [-sxz] [file] ...
DESCRIPTION
Print or check BLAKE, BLAKE2, or BLAKE2X checksums.
@@ -38,6 +39,21 @@ OPTIONS
or <tab>, or if they contain a <newline>, unless the
-z option is also used.
+ -K key
+ (Only available in b2sum)
+ Specify a key (which is used for MAC and PRF), that is
+ up to 32 bytes (if the -s option is used) or 64 bytes
+ (otherwise) long, that the algorithm shall use. The
+ key shall be expressed in hexadecimal: each byte in the
+ key shall be expressed, from left to right, as a pairs
+ of hexadecimal digits where highest bits in each byte
+ is stored in the left digit in its pair and the lowest
+ bits in each byte is stored in the right digit in its
+ pair. No delimiters are used, so for a 4 byte key where
+ each byte's value is its index, the key is expessed as
+ 00010203, however each letter may be either small or
+ capital. The key may not be empty.
+
-L Output checksums in lower-case hexadecimal
representation. (Default)
@@ -52,6 +68,44 @@ OPTIONS
the -s option is used between 8 and 256,
inclusively. (Default is maximum.)
+ -P pepper
+ (Only available in b2sum)
+ Specify an 8-byte (if the -s option is used) or 16-byte
+ pepper ("personalisation") (otherwise) that the algorithm
+ shall use. This pepper shall be expressed in full length
+ hexadecimal: 16 (for 8-byte) or 32 (for 16-byte)
+ hexadecimal digits, or rather 8 or 16 pairs of hexadecimal
+ digits, ordered from left to right to specify the values
+ from index 0 to the last byte. In each pair, the left
+ digit stores the high bits of the byte, and the right
+ digit stores the low bits of the byte. For example, the
+ digit pair 80 represents a byte with the decimal value
+ 128, whereas the digit pair 08 represents a byte with
+ the decimal value 8. The pairs are joined without any
+ delimiters, and no byte may be omitted. So, for a 8 byte
+ pepper where each byte's value is its index, the pepper
+ is expressed as 0001020304050607, however each letter
+ may be either small or capital. If no pepper is specified,
+ an all-zeroes pepper is used.
+
+ -S salt
+ Specify a salt that the algorithm shall use. The
+ size of the salt depends on which algorithm used.
+ This salt shall be expressed in full length hexadecimal.
+ The decimal digits are logically groupped in pairs that
+ are ordered from left to right to specify the values
+ from index 0 to the last byte. In each pair, the left
+ digit stores the high bits of the byte, and the right
+ digit stores the low bits of the byte. For example,
+ the digit pair 80 represents a byte with the decimal
+ value 128, whereas the digit pair 08 represents a byte
+ with the decimal value 8. The pairs are joined without
+ any delimiters, and no byte may be omitted. So, for a
+ 16 byte salt where each byte's value is its index, the
+ salt is expressed as 000102030405060708090a0b0c0d0e0f,
+ however each letter may be either small or capital. If
+ no salt is specified, an all-zeroes salt is used.
+
-s (Only available in b2sum)
Use BLAKE2s instead of BLAKE2b.
diff --git a/b224sum.1 b/b224sum.1
index ffc1081..7765147 100644
--- a/b224sum.1
+++ b/b224sum.1
@@ -3,7 +3,7 @@
b224sum - Compute and check BLAKE-224 message digests
.SH SYNOPSIS
.B b224sum
-[-c | -B | -L | -U] [-S salt] [-xz]
+[-S salt] [-c | -B | -L | -U] [-xz]
.RI [ file "] ..."
.SH DESCRIPTION
Print or check BLAKE-224 checksums.
@@ -49,7 +49,7 @@ digit pair
represents a byte with the decimal value 8. The pairs
are joined without any delimiters, and no byte may be
omitted. So, for a salt where each byte's value is its
-index, the salt is expressed as,
+index, the salt is expressed as
.BR 000102030405060708090a0b0c0d0e0f ,
however each letter may be either small or capital.
If no salt is specified, an all-zeroes salt is used.
diff --git a/b256sum.1 b/b256sum.1
index f0a3c18..a3e18d9 100644
--- a/b256sum.1
+++ b/b256sum.1
@@ -3,7 +3,7 @@
b256sum - Compute and check BLAKE-256 message digests
.SH SYNOPSIS
.B b256sum
-[-c | -B | -L | -U] [-S salt] [-xz]
+[-S salt] [-c | -B | -L | -U] [-xz]
.RI [ file "] ..."
.SH DESCRIPTION
Print or check BLAKE-256 checksums.
@@ -49,7 +49,7 @@ digit pair
represents a byte with the decimal value 8. The pairs
are joined without any delimiters, and no byte may be
omitted. So, for a salt where each byte's value is its
-index, the salt is expressed as,
+index, the salt is expressed as
.BR 000102030405060708090a0b0c0d0e0f ,
however each letter may be either small or capital.
If no salt is specified, an all-zeroes salt is used.
diff --git a/b2sum.1 b/b2sum.1
index e870699..dc834c8 100644
--- a/b2sum.1
+++ b/b2sum.1
@@ -3,7 +3,7 @@
b2sum - Compute and check BLAKE2 message digests
.SH SYNOPSIS
.B b2sum
-[-l bits | -X bits] [-c | -B | -L | -U] [-sxz]
+[-l bits | -X bits] [-K key] [-P pepper] [-S salt] [-c | -B | -L | -U] [-sxz]
.RI [ file "] ..."
.SH DESCRIPTION
Print or check BLAKE2 checksums, using BLAKE2b by default.
@@ -31,6 +31,22 @@ contain a <newline>, unless the
.B -z
option is also used.
.TP
+.BI "-K " key
+Specify a key (which is used for MAC and PRF), that is
+up to 32 bytes (if the
+.B -s
+option is used) or 64 bytes (otherwise) long, that the
+algorithm shall use. The key shall be expressed in
+hexadecimal: each byte in the key shall be expressed, from
+left to right, as a pairs of hexadecimal digits where highest
+bits in each byte is stored in the left digit in its pair and
+the lowest bits in each byte is stored in the right digit in
+its pair. No delimiters are used, so for a 4 byte key where
+each byte's value is its index, the key is expessed as
+.BR 00010203 ,
+however each letter may be either small or capital.
+The key may not be empty.
+.TP
.B -L
Output checksums in lower-case hexadecimal representation. (Default)
.TP
@@ -41,6 +57,54 @@ between 8 and 512, inclusively, or if the
option is used between 8 and 256, inclusively.
(Default is maximum.)
.TP
+.BI "-P " pepper
+Specify an 8-byte (if the
+.B -s
+option is used) or 16-byte pepper (\(dqpersonalisation\(dq)
+(otherwise) that the algorithm shall use. This pepper shall
+be expressed in full length hexadecimal: 16 (for 8-byte) or 32
+(for 16-byte) hexadecimal digits, or rather 8 or 16 pairs
+of hexadecimal digits, ordered from left to right to specify
+the values from index 0 to the last byte. In each pair,
+the left digit stores the high bits of the byte, and the
+right digit stores the low bits of the byte. For example,
+the digit pair
+.B 80
+represents a byte with the decimal value 128, whereas the
+digit pair
+.B 08
+represents a byte with the decimal value 8. The pairs
+are joined without any delimiters, and no byte may be
+omitted. So, for a 8 byte pepper where each byte's value
+is its index, the pepper is expressed as
+.BR 0001020304050607 ,
+however each letter may be either small or capital.
+If no pepper is specified, an all-zeroes pepper is used.
+.TP
+.BI "-S " salt
+Specify a 8-byte (if the
+.B -s
+option is used) or 16-byte salt
+(otherwise) that the algorithm shall use. This salt shall
+be expressed in full length hexadecimal: 16 (for 8-byte) or 32
+(for 16-byte) hexadecimal digits, or rather 8 or 16 pairs
+of hexadecimal digits, ordered from left to right to specify
+the values from index 0 to the last byte. In each pair,
+the left digit stores the high bits of the byte, and the
+right digit stores the low bits of the byte. For example,
+the digit pair
+.B 80
+represents a byte with the decimal value 128, whereas the
+digit pair
+.B 08
+represents a byte with the decimal value 8. The pairs
+are joined without any delimiters, and no byte may be
+omitted. So, for a 8 byte salt where each byte's value
+is its index, the salt is expressed as
+.BR 0001020304050607 ,
+however each letter may be either small or capital.
+If no salt is specified, an all-zeroes salt is used.
+.TP
.B -s
Use BLAKE2s instead of BLAKE2b.
.TP
diff --git a/b2sum.c b/b2sum.c
index ebaba67..2d6c4df 100644
--- a/b2sum.c
+++ b/b2sum.c
@@ -13,16 +13,20 @@ static int flag_hex = 0;
static int flag_zero = 0;
static int length = 0;
static long long int xlength = 0;
+static void *key = NULL;
+static size_t key_len = 0;
+static void *salt = NULL;
+static void *pepper = NULL;
static size_t hashlen;
static void
usage(void)
{
- /* TODO add support for key (-K), salt (-S), and personalization (-P) */
/* TODO add support for parallel versions */
/* TODO add support for tree hashing */
- fprintf(stderr, "usage: %s [-l bits | -X bits] [-c | -B | -L | -U] [-sxz] [file] ...", argv0);
+ fprintf(stderr, "usage: %s [-l bits | -X bits] [-K key] [-P pepper] [-S salt]"
+ " [-c | -B | -L | -U] [-sxz] [file] ...\n", argv0);
exit(2);
}
@@ -43,15 +47,37 @@ hash_fd_blake2bs(int fd, const char *fname, int decode_hex, unsigned char hash[]
if (flag_small) {
memset(&params2s, 0, sizeof(params2s));
params2s.digest_len = (uint_least8_t)length;
+ params2s.key_len = (uint_least8_t)key_len;
params2s.fanout = 1;
params2s.depth = 1;
+ if (salt)
+ memcpy(params2s.salt, salt, sizeof(params2s.salt));
+ if (pepper)
+ memcpy(params2s.pepper, pepper, sizeof(params2s.pepper));
libblake_blake2s_init(&state2s, &params2s);
+ if (key) {
+ buf = erealloc(buf, size = 8 << 10);
+ len = 64;
+ memcpy(buf, key, len);
+ off += libblake_blake2s_update(&state2s, key, len);
+ }
} else {
memset(&params2b, 0, sizeof(params2b));
params2b.digest_len = (uint_least8_t)length;
+ params2b.key_len = (uint_least8_t)key_len;
params2b.fanout = 1;
params2b.depth = 1;
+ if (salt)
+ memcpy(params2b.salt, salt, sizeof(params2b.salt));
+ if (pepper)
+ memcpy(params2b.pepper, pepper, sizeof(params2b.pepper));
libblake_blake2b_init(&state2b, &params2b);
+ if (key) {
+ buf = erealloc(buf, size = 8 << 10);
+ len = 128;
+ memcpy(buf, key, len);
+ off += libblake_blake2b_update(&state2b, key, len);
+ }
}
for (;;) {
if (len == size)
@@ -118,17 +144,39 @@ hash_fd_blake2xbs(int fd, const char *fname, int decode_hex, unsigned char hash[
if (flag_small) {
memset(&params2xs, 0, sizeof(params2xs));
params2xs.digest_len = (uint_least8_t)length;
+ params2xs.key_len = (uint_least8_t)key_len;
params2xs.fanout = 1;
params2xs.depth = 1;
params2xs.xof_len = (uint_least16_t)xlength;
+ if (salt)
+ memcpy(params2xs.salt, salt, sizeof(params2xs.salt));
+ if (pepper)
+ memcpy(params2xs.pepper, pepper, sizeof(params2xs.pepper));
libblake_blake2xs_init(&state2xs, &params2xs);
+ if (key) {
+ buf = erealloc(buf, size = 8 << 10);
+ len = 64;
+ memcpy(buf, key, len);
+ off += libblake_blake2xs_update(&state2xs, key, len);
+ }
} else {
memset(&params2xb, 0, sizeof(params2xb));
params2xb.digest_len = (uint_least8_t)length;
+ params2xb.key_len = (uint_least8_t)key_len;
params2xb.fanout = 1;
params2xb.depth = 1;
params2xb.xof_len = (uint_least32_t)xlength;
+ if (salt)
+ memcpy(params2xb.salt, salt, sizeof(params2xb.salt));
+ if (pepper)
+ memcpy(params2xb.pepper, pepper, sizeof(params2xb.pepper));
libblake_blake2xb_init(&state2xb, &params2xb);
+ if (key) {
+ buf = erealloc(buf, size = 8 << 10);
+ len = 128;
+ memcpy(buf, key, len);
+ off += libblake_blake2xb_update(&state2xb, key, len);
+ }
}
for (;;) {
if (len == size)
@@ -204,6 +252,12 @@ hash_fd(int fd, const char *fname, int decode_hex, unsigned char hash[])
int
main(int argc, char *argv[])
{
+ const char *key_str = NULL;
+ uint_least8_t key_buf[128];
+ const char *salt_str = NULL;
+ uint_least8_t salt_buf[16];
+ const char *pepper_str = NULL;
+ uint_least8_t pepper_buf[16];
int status = 0;
int output_case;
char newline;
@@ -223,6 +277,21 @@ main(int argc, char *argv[])
flag_upper = 1;
flag_lower = 0;
break;
+ case 'K':
+ if (key_str)
+ usage();
+ key_str = ARG();
+ break;
+ case 'S':
+ if (salt_str)
+ usage();
+ salt_str = ARG();
+ break;
+ case 'P':
+ if (pepper_str)
+ usage();
+ pepper_str = ARG();
+ break;
case 's':
flag_small = 1;
break;
@@ -266,6 +335,22 @@ main(int argc, char *argv[])
else if (flag_small && xlength > 524280LL)
fprintf(stderr, "%s: valid arguments for -X\n", argv0);
+ if (key_str) {
+ memset(key_buf, 0, sizeof(key_buf));
+ key_len = parse_key(key_buf, key_str, flag_small ? 32 : 64);
+ key = key_buf;
+ }
+
+ if (pepper_str) {
+ parse_pepper(pepper_buf, pepper_str, flag_small ? 8 : 16);
+ pepper = pepper_buf;
+ }
+
+ if (salt_str) {
+ parse_salt(salt_buf, salt_str, flag_small ? 8 : 16);
+ salt = salt_buf;
+ }
+
hashlen = flag_extended ? (size_t)xlength : (size_t)length;
length /= 8;
xlength /= 8;
diff --git a/b384sum.1 b/b384sum.1
index 66e324a..5f5aade 100644
--- a/b384sum.1
+++ b/b384sum.1
@@ -3,7 +3,7 @@
b384sum - Compute and check BLAKE-384 message digests
.SH SYNOPSIS
.B b384sum
-[-c | -B | -L | -U] [-S salt] [-xz]
+[-S salt] [-c | -B | -L | -U] [-xz]
.RI [ file "] ..."
.SH DESCRIPTION
Print or check BLAKE-384 checksums.
@@ -49,7 +49,7 @@ digit pair
represents a byte with the decimal value 8. The pairs
are joined without any delimiters, and no byte may be
omitted. So, for a salt where each byte's value is its
-index, the salt is expressed as,
+index, the salt is expressed as
.BR 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f ,
however each letter may be either small or capital.
If no salt is specified, an all-zeroes salt is used.
diff --git a/b512sum.1 b/b512sum.1
index c583f1d..b602eb9 100644
--- a/b512sum.1
+++ b/b512sum.1
@@ -3,7 +3,7 @@
b512sum - Compute and check BLAKE-512 message digests
.SH SYNOPSIS
.B b512sum
-[-c | -B | -L | -U] [-S salt] [-xz]
+[-S salt] [-c | -B | -L | -U] [-xz]
.RI [ file "] ..."
.SH DESCRIPTION
Print or check BLAKE-512 checksums.
@@ -49,7 +49,7 @@ digit pair
represents a byte with the decimal value 8. The pairs
are joined without any delimiters, and no byte may be
omitted. So, for a salt where each byte's value is its
-index, the salt is expressed as,
+index, the salt is expressed as
.BR 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f ,
however each letter may be either small or capital.
If no salt is specified, an all-zeroes salt is used.
diff --git a/bsum.1 b/bsum.1
index 89ef96f..ac0fd04 100644
--- a/bsum.1
+++ b/bsum.1
@@ -3,7 +3,7 @@
bsum - Compute and check BLAKE message digests
.SH SYNOPSIS
.B bsum
-[-l bits] [-c | -B | -L | -U] [-S salt] [-xz]
+[-l bits] [-S salt] [-c | -B | -L | -U] [-xz]
.RI [ file "] ..."
.SH DESCRIPTION
Print or check BLAKE checksums.
@@ -42,8 +42,8 @@ are 224 (default), 256, 384, and 512.
Specify a 16-byte (for the 224 and 256 bit versions) or
32-byte salt (for the 384 and 512 bit versions) that the
BLAKE algorithm shall use. This salt shall be expressed
-in full length hexadecimal: 32 (for 16-bytes) or 64
-(for 32-bytes) hexadecimal digits, or rather 16 or 32 pairs
+in full length hexadecimal: 32 (for 16-byte) or 64
+(for 32-byte) hexadecimal digits, or rather 16 or 32 pairs
of hexadecimal digits, ordered from left to right to specify
the values from index 0 to the last byte. In each pair,
the left digit stores the high bits of the byte, and the
@@ -56,7 +56,7 @@ digit pair
represents a byte with the decimal value 8. The pairs
are joined without any delimiters, and no byte may be
omitted. So, for a 16 byte salt where each byte's value
-is its index, the salt is expressed as,
+is its index, the salt is expressed as
.BR 000102030405060708090a0b0c0d0e0f ,
however each letter may be either small or capital.
If no salt is specified, an all-zeroes salt is used.
diff --git a/bsum.c b/bsum.c
index 99495e1..80bc203 100644
--- a/bsum.c
+++ b/bsum.c
@@ -17,7 +17,7 @@ static void *salt = NULL;
static void
usage(void)
{
- fprintf(stderr, "usage: %s%s [-c | -B | -L | -U] [-S salt] [-xz] [file] ...",
+ fprintf(stderr, "usage: %s%s [-S salt] [-c | -B | -L | -U] [-xz] [file] ...\n",
argv0, lenght_by_command_name ? "" : " [-l bits]");
exit(2);
}
diff --git a/common.c b/common.c
index ab34e2c..45a764b 100644
--- a/common.c
+++ b/common.c
@@ -227,9 +227,8 @@ hash_and_print(const char *path, size_t hashlen, int decode_hex, char newline, i
return 0;
}
-
-void
-parse_salt(uint_least8_t *salt, const char *s, size_t required_length)
+static void
+parse_salt_or_pepper(uint_least8_t *out, const char *s, size_t required_length, const char *type)
{
size_t i;
@@ -239,8 +238,8 @@ parse_salt(uint_least8_t *salt, const char *s, size_t required_length)
if (!isxdigit(s[0]) || !isxdigit(s[1]))
goto not_hexadecimal;
- salt[i] = (uint_least8_t)((((s[0] & 15) + (s[0] > '9' ? 9 : 0)) << 4) |
- (s[1] & 15) + (s[1] > '9' ? 9 : 0));
+ out[i] = (uint_least8_t)((((s[0] & 15) + (s[0] > '9' ? 9 : 0)) << 4) |
+ (s[1] & 15) + (s[1] > '9' ? 9 : 0));
}
if (*s)
@@ -249,16 +248,71 @@ parse_salt(uint_least8_t *salt, const char *s, size_t required_length)
return;
not_hexadecimal:
- fprintf(stderr, "%s: specified salt contains non-hexadecimal-digit character\n", argv0);
+ fprintf(stderr, "%s: specified %s contains non-hexadecimal-digit character\n", argv0, type);
exit(2);
too_short:
- fprintf(stderr, "%s: specified salt is shorter than expected, should be %zu hexadecimal digits\n",
- argv0, required_length * 2);
+ fprintf(stderr, "%s: specified %s is shorter than expected, should be %zu hexadecimal digits\n",
+ argv0, type, required_length * 2);
+ exit(2);
+
+too_long:
+ fprintf(stderr, "%s: specified %s is longer than expected, should be %zu hexadecimal digits\n",
+ argv0, type, required_length * 2);
+ exit(2);
+}
+
+void
+parse_salt(uint_least8_t *salt, const char *s, size_t required_length)
+{
+ parse_salt_or_pepper(salt, s, required_length, "salt");
+}
+
+void
+parse_pepper(uint_least8_t *pepper, const char *s, size_t required_length)
+{
+ parse_salt_or_pepper(pepper, s, required_length, "pepper");
+}
+
+size_t
+parse_key(uint_least8_t *key, const char *s, size_t maximum_length)
+{
+ size_t i;
+
+ if (!*s)
+ goto empty_key;
+
+ for (i = 0; i < maximum_length; i++, s = &s[2]) {
+ if (!s[0])
+ break;
+ if (!s[1])
+ goto odd_length;
+ if (!isxdigit(s[0]) || !isxdigit(s[1]))
+ goto not_hexadecimal;
+
+ key[i] = (uint_least8_t)((((s[0] & 15) + (s[0] > '9' ? 9 : 0)) << 4) |
+ (s[1] & 15) + (s[1] > '9' ? 9 : 0));
+ }
+
+ if (*s)
+ goto too_long;
+
+ return i;
+
+empty_key:
+ fprintf(stderr, "%s: specified key is empty\n", argv0);
+ exit(2);
+
+odd_length:
+ fprintf(stderr, "%s: specified key contains an odd number of hexadecimal digits\n", argv0);
+ exit(2);
+
+not_hexadecimal:
+ fprintf(stderr, "%s: specified key contains non-hexadecimal-digit character\n", argv0);
exit(2);
too_long:
- fprintf(stderr, "%s: specified salt is longer than expected, should be %zu hexadecimal digits\n",
- argv0, required_length * 2);
+ fprintf(stderr, "%s: specified key is longer than allowed, should be at most %zu hexadecimal digits\n",
+ argv0, maximum_length * 2);
exit(2);
}
diff --git a/common.h b/common.h
index 9eb4980..d871b5b 100644
--- a/common.h
+++ b/common.h
@@ -20,6 +20,8 @@ int open_file(const char *path, int *closep);
int check_and_print(const char *path, size_t hashlen, int decode_hex, char newline);
int hash_and_print(const char *path, size_t hashlen, int decode_hex, char newline, int output_case);
void parse_salt(uint_least8_t *salt, const char *s, size_t required_length);
+void parse_pepper(uint_least8_t *pepper, const char *s, size_t required_length);
+size_t parse_key(uint_least8_t *key, const char *s, size_t maximum_length);
/* *sum.c */
int hash_fd(int fd, const char *fname, int decode_hex, unsigned char hash[]);
diff --git a/test.c b/test.c
index 3bd23ef..7908dd4 100644
--- a/test.c
+++ b/test.c
@@ -363,7 +363,7 @@ main(void)
failed |= check_kat_file("kat/blake2b", "BLAKE2b", &hash_blake2b);
failed |= check_kat_file("kat/blake2xs", "BLAKE2Xs", &hash_blake2xs);
failed |= check_kat_file("kat/blake2xb", "BLAKE2Xb", &hash_blake2xb);
- /* TODO test b2sum -cLUxz, implicit -L, restrictions on -l/-X, and file operand */
+ /* TODO test b2sum -cLUxzSPK, implicit -L, restrictions on -l/-X, and file operand */
return failed;
}