From f4e4c2935602e8b57c4862b14a1c185f980dfe52 Mon Sep 17 00:00:00 2001
From: Pavol Rusnak <stick@gk2.sk>
Date: Tue, 1 Nov 2016 16:22:20 +0100
Subject: [PATCH] add blake2s, add unittests for blake2s and sha3

---
 Makefile  |   1 +
 README.md |   1 +
 blake2s.c | 317 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 blake2s.h |  37 +++++++
 sha3.c    |  16 +++
 sha3.h    |   3 +
 tests.c   |  77 ++++++++++++-
 7 files changed, 448 insertions(+), 4 deletions(-)
 create mode 100644 blake2s.c
 create mode 100644 blake2s.h

diff --git a/Makefile b/Makefile
index 252a06f22f..46dfeeb2c4 100644
--- a/Makefile
+++ b/Makefile
@@ -47,6 +47,7 @@ SRCS  += sha3.c
 SRCS  += aescrypt.c aeskey.c aestab.c aes_modes.c
 SRCS  += ed25519-donna/ed25519.c
 SRCS  += curve25519-donna/curve25519.c
+SRCS  += blake2s.c
 
 OBJS   = $(SRCS:.c=.o)
 
diff --git a/README.md b/README.md
index ccfe4fc05d..3be6de73b2 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,7 @@ These include:
 - RIPEMD-160
 - SHA256/SHA512
 - SHA3/Keccak
+- BLAKE2s
 - unit tests (using Check - check.sf.net; in tests.c)
 - tests against OpenSSL (in test-openssl.c)
 
diff --git a/blake2s.c b/blake2s.c
new file mode 100644
index 0000000000..1f3b95193e
--- /dev/null
+++ b/blake2s.c
@@ -0,0 +1,317 @@
+/*
+   BLAKE2 reference source code package - reference C implementations
+
+   Copyright 2012, Samuel Neves <sneves@dei.uc.pt>.  You may use this under the
+   terms of the CC0, the OpenSSL Licence, or the Apache Public License 2.0, at
+   your option.  The terms of these licenses can be found at:
+
+   - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
+   - OpenSSL license   : https://www.openssl.org/source/license.html
+   - Apache 2.0        : http://www.apache.org/licenses/LICENSE-2.0
+
+   More information about the BLAKE2 hash function can be found at
+   https://blake2.net.
+*/
+
+#include <string.h>
+
+#include "macros.h"
+#include "blake2s.h"
+
+typedef struct blake2s_param__
+{
+    uint8_t  digest_length; /* 1 */
+    uint8_t  key_length;    /* 2 */
+    uint8_t  fanout;        /* 3 */
+    uint8_t  depth;         /* 4 */
+    uint32_t leaf_length;   /* 8 */
+    uint32_t node_offset;  /* 12 */
+    uint16_t xof_length;    /* 14 */
+    uint8_t  node_depth;    /* 15 */
+    uint8_t  inner_length;  /* 16 */
+    /* uint8_t  reserved[0]; */
+    uint8_t  salt[BLAKE2S_SALTBYTES]; /* 24 */
+    uint8_t  personal[BLAKE2S_PERSONALBYTES];  /* 32 */
+} __attribute__((packed)) blake2s_param;
+
+static const uint32_t blake2s_IV[8] =
+{
+  0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL,
+  0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL
+};
+
+static const uint8_t blake2s_sigma[10][16] =
+{
+  {  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15 } ,
+  { 14, 10,  4,  8,  9, 15, 13,  6,  1, 12,  0,  2, 11,  7,  5,  3 } ,
+  { 11,  8, 12,  0,  5,  2, 15, 13, 10, 14,  3,  6,  7,  1,  9,  4 } ,
+  {  7,  9,  3,  1, 13, 12, 11, 14,  2,  6,  5, 10,  4,  0, 15,  8 } ,
+  {  9,  0,  5,  7,  2,  4, 10, 15, 14,  1, 11, 12,  6,  8,  3, 13 } ,
+  {  2, 12,  6, 10,  0, 11,  8,  3,  4, 13,  7,  5, 15, 14,  1,  9 } ,
+  { 12,  5,  1, 15, 14, 13,  4, 10,  0,  7,  6,  3,  9,  2,  8, 11 } ,
+  { 13, 11,  7, 14, 12,  1,  3,  9,  5,  0, 15,  4,  8,  6,  2, 10 } ,
+  {  6, 15, 14,  9, 11,  3,  0,  8, 12,  2, 13,  7,  1,  4, 10,  5 } ,
+  { 10,  2,  8,  4,  7,  6,  1,  5, 15, 11,  9, 14,  3, 12, 13 , 0 } ,
+};
+
+static inline uint32_t load32( const void *src )
+{
+    uint32_t w;
+    memcpy(&w, src, sizeof w);
+    return w;
+}
+
+static inline void store16( void *dst, uint16_t w )
+{
+    memcpy(dst, &w, sizeof w);
+}
+
+static inline void store32( void *dst, uint32_t w )
+{
+    memcpy(dst, &w, sizeof w);
+}
+
+static inline uint32_t rotr32( const uint32_t w, const unsigned c )
+{
+    return ( w >> c ) | ( w << ( 32 - c ) );
+}
+
+static void blake2s_set_lastnode( blake2s_state *S )
+{
+  S->f[1] = (uint32_t)-1;
+}
+
+/* Some helper functions, not necessarily useful */
+static int blake2s_is_lastblock( const blake2s_state *S )
+{
+  return S->f[0] != 0;
+}
+
+static void blake2s_set_lastblock( blake2s_state *S )
+{
+  if( S->last_node ) blake2s_set_lastnode( S );
+
+  S->f[0] = (uint32_t)-1;
+}
+
+static void blake2s_increment_counter( blake2s_state *S, const uint32_t inc )
+{
+  S->t[0] += inc;
+  S->t[1] += ( S->t[0] < inc );
+}
+
+static void blake2s_init0( blake2s_state *S )
+{
+  size_t i;
+  memset( S, 0, sizeof( blake2s_state ) );
+
+  for( i = 0; i < 8; ++i ) S->h[i] = blake2s_IV[i];
+}
+
+/* init2 xors IV with input parameter block */
+int blake2s_init_param( blake2s_state *S, const blake2s_param *P )
+{
+  const unsigned char *p = ( const unsigned char * )( P );
+  size_t i;
+
+  blake2s_init0( S );
+
+  /* IV XOR ParamBlock */
+  for( i = 0; i < 8; ++i )
+    S->h[i] ^= load32( &p[i * 4] );
+
+  S->outlen = P->digest_length;
+  return 0;
+}
+
+
+/* Sequential blake2s initialization */
+int blake2s_Init( blake2s_state *S, size_t outlen )
+{
+  blake2s_param P[1];
+
+  /* Move interval verification here? */
+  if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1;
+
+  P->digest_length = (uint8_t)outlen;
+  P->key_length    = 0;
+  P->fanout        = 1;
+  P->depth         = 1;
+  store32( &P->leaf_length, 0 );
+  store32( &P->node_offset, 0 );
+  store16( &P->xof_length, 0 );
+  P->node_depth    = 0;
+  P->inner_length  = 0;
+  /* memset(P->reserved, 0, sizeof(P->reserved) ); */
+  memset( P->salt,     0, sizeof( P->salt ) );
+  memset( P->personal, 0, sizeof( P->personal ) );
+  return blake2s_init_param( S, P );
+}
+
+int blake2s_InitKey( blake2s_state *S, size_t outlen, const void *key, size_t keylen )
+{
+  blake2s_param P[1];
+
+  if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1;
+
+  if ( !key || !keylen || keylen > BLAKE2S_KEYBYTES ) return -1;
+
+  P->digest_length = (uint8_t)outlen;
+  P->key_length    = (uint8_t)keylen;
+  P->fanout        = 1;
+  P->depth         = 1;
+  store32( &P->leaf_length, 0 );
+  store32( &P->node_offset, 0 );
+  store16( &P->xof_length, 0 );
+  P->node_depth    = 0;
+  P->inner_length  = 0;
+  /* memset(P->reserved, 0, sizeof(P->reserved) ); */
+  memset( P->salt,     0, sizeof( P->salt ) );
+  memset( P->personal, 0, sizeof( P->personal ) );
+
+  if( blake2s_init_param( S, P ) < 0 ) return -1;
+
+  {
+    uint8_t block[BLAKE2S_BLOCKBYTES];
+    memset( block, 0, BLAKE2S_BLOCKBYTES );
+    memcpy( block, key, keylen );
+    blake2s_Update( S, block, BLAKE2S_BLOCKBYTES );
+    MEMSET_BZERO( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */
+  }
+  return 0;
+}
+
+#define G(r,i,a,b,c,d)                      \
+  do {                                      \
+    a = a + b + m[blake2s_sigma[r][2*i+0]]; \
+    d = rotr32(d ^ a, 16);                  \
+    c = c + d;                              \
+    b = rotr32(b ^ c, 12);                  \
+    a = a + b + m[blake2s_sigma[r][2*i+1]]; \
+    d = rotr32(d ^ a, 8);                   \
+    c = c + d;                              \
+    b = rotr32(b ^ c, 7);                   \
+  } while(0)
+
+#define ROUND(r)                    \
+  do {                              \
+    G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \
+    G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \
+    G(r,2,v[ 2],v[ 6],v[10],v[14]); \
+    G(r,3,v[ 3],v[ 7],v[11],v[15]); \
+    G(r,4,v[ 0],v[ 5],v[10],v[15]); \
+    G(r,5,v[ 1],v[ 6],v[11],v[12]); \
+    G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \
+    G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \
+  } while(0)
+
+static void blake2s_compress( blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBYTES] )
+{
+  uint32_t m[16];
+  uint32_t v[16];
+  size_t i;
+
+  for( i = 0; i < 16; ++i ) {
+    m[i] = load32( in + i * sizeof( m[i] ) );
+  }
+
+  for( i = 0; i < 8; ++i ) {
+    v[i] = S->h[i];
+  }
+
+  v[ 8] = blake2s_IV[0];
+  v[ 9] = blake2s_IV[1];
+  v[10] = blake2s_IV[2];
+  v[11] = blake2s_IV[3];
+  v[12] = S->t[0] ^ blake2s_IV[4];
+  v[13] = S->t[1] ^ blake2s_IV[5];
+  v[14] = S->f[0] ^ blake2s_IV[6];
+  v[15] = S->f[1] ^ blake2s_IV[7];
+
+  ROUND( 0 );
+  ROUND( 1 );
+  ROUND( 2 );
+  ROUND( 3 );
+  ROUND( 4 );
+  ROUND( 5 );
+  ROUND( 6 );
+  ROUND( 7 );
+  ROUND( 8 );
+  ROUND( 9 );
+
+  for( i = 0; i < 8; ++i ) {
+    S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
+  }
+}
+
+#undef G
+#undef ROUND
+
+int blake2s_Update( blake2s_state *S, const void *pin, size_t inlen )
+{
+  const unsigned char * in = (const unsigned char *)pin;
+  if( inlen > 0 )
+  {
+    size_t left = S->buflen;
+    size_t fill = BLAKE2S_BLOCKBYTES - left;
+    if( inlen > fill )
+    {
+      S->buflen = 0;
+      memcpy( S->buf + left, in, fill ); /* Fill buffer */
+      blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );
+      blake2s_compress( S, S->buf ); /* Compress */
+      in += fill; inlen -= fill;
+      while(inlen > BLAKE2S_BLOCKBYTES) {
+        blake2s_increment_counter(S, BLAKE2S_BLOCKBYTES);
+        blake2s_compress( S, in );
+        in += BLAKE2S_BLOCKBYTES;
+        inlen -= BLAKE2S_BLOCKBYTES;
+      }
+    }
+    memcpy( S->buf + S->buflen, in, inlen );
+    S->buflen += inlen;
+  }
+  return 0;
+}
+
+int blake2s_Final( blake2s_state *S, void *out, size_t outlen )
+{
+  uint8_t buffer[BLAKE2S_OUTBYTES] = {0};
+  size_t i;
+
+  if( out == NULL || outlen < S->outlen )
+    return -1;
+
+  if( blake2s_is_lastblock( S ) )
+    return -1;
+
+  blake2s_increment_counter( S, ( uint32_t )S->buflen );
+  blake2s_set_lastblock( S );
+  memset( S->buf + S->buflen, 0, BLAKE2S_BLOCKBYTES - S->buflen ); /* Padding */
+  blake2s_compress( S, S->buf );
+
+  for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
+    store32( buffer + sizeof( S->h[i] ) * i, S->h[i] );
+
+  memcpy( out, buffer, outlen );
+  MEMSET_BZERO(buffer, sizeof(buffer));
+  return 0;
+}
+
+int blake2s(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen)
+{
+    BLAKE2S_CTX ctx;
+    if (0 != blake2s_Init(&ctx, outlen)) return -1;
+    if (0 != blake2s_Update(&ctx, msg, msg_len)) return -1;
+    if (0 != blake2s_Final(&ctx, out, outlen)) return -1;
+    return 0;
+}
+
+int blake2s_Key(const uint8_t *msg, uint32_t msg_len, const void *key, size_t keylen, void *out, size_t outlen)
+{
+    BLAKE2S_CTX ctx;
+    if (0 != blake2s_InitKey(&ctx, outlen, key, keylen)) return -1;
+    if (0 != blake2s_Update(&ctx, msg, msg_len)) return -1;
+    if (0 != blake2s_Final(&ctx, out, outlen)) return -1;
+    return 0;
+}
diff --git a/blake2s.h b/blake2s.h
new file mode 100644
index 0000000000..24cedbe10e
--- /dev/null
+++ b/blake2s.h
@@ -0,0 +1,37 @@
+#ifndef __BLAKE2S_H__
+#define __BLAKE2S_H__
+
+#include <stdint.h>
+#include <stddef.h>
+
+enum blake2s_constant
+{
+    BLAKE2S_BLOCKBYTES = 64,
+    BLAKE2S_OUTBYTES   = 32,
+    BLAKE2S_KEYBYTES   = 32,
+    BLAKE2S_SALTBYTES  = 8,
+    BLAKE2S_PERSONALBYTES = 8
+};
+
+typedef struct __blake2s_state
+{
+    uint32_t h[8];
+    uint32_t t[2];
+    uint32_t f[2];
+    uint8_t  buf[BLAKE2S_BLOCKBYTES];
+    uint32_t buflen;
+    uint8_t  outlen;
+    uint8_t  last_node;
+} blake2s_state;
+
+#define BLAKE2S_CTX blake2s_state
+
+int blake2s_Init(blake2s_state *S, size_t outlen);
+int blake2s_InitKey(blake2s_state *S, size_t outlen, const void *key, size_t keylen);
+int blake2s_Update(blake2s_state *S, const void *pin, size_t inlen);
+int blake2s_Final(blake2s_state *S, void *out, size_t outlen);
+
+int blake2s(const uint8_t *msg, uint32_t msg_len, void *out, size_t outlen);
+int blake2s_Key(const uint8_t *msg, uint32_t msg_len, const void *key, size_t keylen, void *out, size_t outlen);
+
+#endif
diff --git a/sha3.c b/sha3.c
index fc6d1c8bf7..43fbc45095 100644
--- a/sha3.c
+++ b/sha3.c
@@ -359,3 +359,19 @@ void keccak_Final(SHA3_CTX *ctx, unsigned char* result)
 	if (result) me64_to_le_str(result, ctx->hash, digest_length);
 }
 #endif /* USE_KECCAK */
+
+void sha3_256(const unsigned char* data, size_t len, unsigned char* digest)
+{
+	SHA3_CTX ctx;
+	sha3_256_Init(&ctx);
+	sha3_Update(&ctx, data, len);
+	sha3_Final(&ctx, digest);
+}
+
+void sha3_512(const unsigned char* data, size_t len, unsigned char* digest)
+{
+	SHA3_CTX ctx;
+	sha3_512_Init(&ctx);
+	sha3_Update(&ctx, data, len);
+	sha3_Final(&ctx, digest);
+}
diff --git a/sha3.h b/sha3.h
index b605663ae0..b78d9d84b3 100644
--- a/sha3.h
+++ b/sha3.h
@@ -67,6 +67,9 @@ void sha3_Final(SHA3_CTX *ctx, unsigned char* result);
 void keccak_Final(SHA3_CTX *ctx, unsigned char* result);
 #endif
 
+void sha3_256(const unsigned char* data, size_t len, unsigned char* digest);
+void sha3_512(const unsigned char* data, size_t len, unsigned char* digest);
+
 #ifdef __cplusplus
 } /* extern "C" */
 #endif /* __cplusplus */
diff --git a/tests.c b/tests.c
index 6b0394c67d..23da042305 100644
--- a/tests.c
+++ b/tests.c
@@ -30,6 +30,8 @@
 #include <check.h>
 #include "check_mem.h"
 
+#include "options.h"
+
 #include "aes.h"
 #include "bignum.h"
 #include "base58.h"
@@ -39,7 +41,8 @@
 #include "pbkdf2.h"
 #include "rand.h"
 #include "sha2.h"
-#include "options.h"
+#include "sha3.h"
+#include "blake2s.h"
 #include "curves.h"
 #include "secp256k1.h"
 #include "nist256p1.h"
@@ -1774,6 +1777,66 @@ START_TEST(test_sha512)
 }
 END_TEST
 
+// test vectors from http://www.di-mgt.com.au/sha_testvectors.html
+START_TEST(test_sha3_256)
+{
+	uint8_t digest[sha3_256_hash_size];
+
+	sha3_256((uint8_t *)"", 0, digest);
+	ck_assert_mem_eq(digest, fromhex("a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"), sha3_256_hash_size);
+
+	sha3_256((uint8_t *)"abc", 3, digest);
+	ck_assert_mem_eq(digest, fromhex("3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"), sha3_256_hash_size);
+
+	sha3_256((uint8_t *)"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56, digest);
+	ck_assert_mem_eq(digest, fromhex("41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376"), sha3_256_hash_size);
+
+	sha3_256((uint8_t *)"abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 112, digest);
+	ck_assert_mem_eq(digest, fromhex("916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18"), sha3_256_hash_size);
+}
+END_TEST
+
+// test vectors from http://www.di-mgt.com.au/sha_testvectors.html
+START_TEST(test_sha3_512)
+{
+	uint8_t digest[sha3_512_hash_size];
+
+	sha3_512((uint8_t *)"", 0, digest);
+	ck_assert_mem_eq(digest, fromhex("a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"), sha3_512_hash_size);
+
+	sha3_512((uint8_t *)"abc", 3, digest);
+	ck_assert_mem_eq(digest, fromhex("b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0"), sha3_512_hash_size);
+
+	sha3_512((uint8_t *)"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56, digest);
+	ck_assert_mem_eq(digest, fromhex("04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e"), sha3_512_hash_size);
+
+	sha3_512((uint8_t *)"abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 112, digest);
+	ck_assert_mem_eq(digest, fromhex("afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185"), sha3_512_hash_size);
+}
+END_TEST
+
+// test vectors from https://raw.githubusercontent.com/BLAKE2/BLAKE2/master/testvectors/blake2s-kat.txt
+START_TEST(test_blake2s)
+{
+	uint8_t key[BLAKE2S_KEYBYTES];
+	memcpy(key, fromhex("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"), BLAKE2S_KEYBYTES);
+
+	uint8_t digest[BLAKE2S_OUTBYTES];
+
+	blake2s_Key((uint8_t *)"", 0, key, BLAKE2S_KEYBYTES, digest, BLAKE2S_OUTBYTES);
+	ck_assert_mem_eq(digest, fromhex("48a8997da407876b3d79c0d92325ad3b89cbb754d86ab71aee047ad345fd2c49"), BLAKE2S_OUTBYTES);
+
+	blake2s_Key(fromhex("000102"), 3, key, BLAKE2S_KEYBYTES, digest, BLAKE2S_OUTBYTES);
+	ck_assert_mem_eq(digest, fromhex("1d220dbe2ee134661fdf6d9e74b41704710556f2f6e5a091b227697445dbea6b"), BLAKE2S_OUTBYTES);
+
+	blake2s_Key(fromhex("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637"), 56, key, BLAKE2S_KEYBYTES, digest, BLAKE2S_OUTBYTES);
+	ck_assert_mem_eq(digest, fromhex("2966b3cfae1e44ea996dc5d686cf25fa053fb6f67201b9e46eade85d0ad6b806"), BLAKE2S_OUTBYTES);
+
+	blake2s_Key(fromhex("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f"), 112, key, BLAKE2S_KEYBYTES, digest, BLAKE2S_OUTBYTES);
+	ck_assert_mem_eq(digest, fromhex("90a83585717b75f0e9b725e055eeeeb9e7a028ea7e6cbc07b20917ec0363e38c"), BLAKE2S_OUTBYTES);
+}
+END_TEST
+
 // test vectors from https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors
 START_TEST(test_pbkdf2_hmac_sha256)
 {
@@ -2786,12 +2849,18 @@ Suite *test_suite(void)
 	tcase_add_test(tc, test_aes);
 	suite_add_tcase(s, tc);
 
-	tc = tcase_create("sha256");
+	tc = tcase_create("sha2");
 	tcase_add_test(tc, test_sha256);
+	tcase_add_test(tc, test_sha512);
 	suite_add_tcase(s, tc);
 
-	tc = tcase_create("sha512");
-	tcase_add_test(tc, test_sha512);
+	tc = tcase_create("sha3");
+	tcase_add_test(tc, test_sha3_256);
+	tcase_add_test(tc, test_sha3_512);
+	suite_add_tcase(s, tc);
+
+	tc = tcase_create("blake2s");
+	tcase_add_test(tc, test_blake2s);
 	suite_add_tcase(s, tc);
 
 	tc = tcase_create("pbkdf2");