39 changed files with 403 additions and 678 deletions
--- a/.envrc
+++ b/.envrc
@ -1 +0,0 @@
 use flake
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,15 +1,3 @@
 ## 0.30
 * Fix some C symbol blake2b prefix to be cryptonite_ prefix (fix mixing with other C library)
 * add hmac-lazy
 * Fix compilation with GHC 9.2
 * Drop support for GHC8.0, GHC8.2, GHC8.4, GHC8.6
 ## 0.29
 * advance compilation with gmp breakage due to change upstream
 * Add native EdDSA support
 ## 0.28
 * Add hash constant time capability
--- a/Crypto/Hash.hs
+++ b/Crypto/Hash.hs
@ -40,8 +40,6 @@ module Crypto.Hash
    , hash
    , hashPrefix
    , hashlazy
    , hashPutContext
    , hashGetContext
    -- * Hash algorithms
    , module Crypto.Hash.Algorithms
    ) where
@ -53,7 +51,7 @@ import           Crypto.Internal.Compat (unsafeDoIO)
 import           Crypto.Hash.Types
 import           Crypto.Hash.Algorithms
 import           Foreign.Ptr (Ptr, plusPtr)
-import           Crypto.Internal.ByteArray (ByteArrayAccess, ByteArray)
+import           Crypto.Internal.ByteArray (ByteArrayAccess)
 import qualified Crypto.Internal.ByteArray as B
 import qualified Data.ByteString.Lazy as L
 import           Data.Word (Word8)
@ -161,16 +159,3 @@ digestFromByteString = from undefined
            unsafeFreeze muArray
          where
            count = CountOf (B.length ba)
 hashPutContext :: forall a ba. (HashAlgorithmResumable a, ByteArray ba) => Context a -> ba
 hashPutContext !c = B.allocAndFreeze (hashInternalContextSize (undefined :: a)) $ \(ptr :: Ptr Word8) ->
  B.withByteArray c $ \(ctx :: Ptr (Context a)) -> hashInternalPutContextBE ctx ptr
 hashGetContext :: forall a ba. (HashAlgorithmResumable a, ByteArrayAccess ba) => ba -> Maybe (Context a)
 hashGetContext = from undefined
  where
        from :: a -> ba -> Maybe (Context a)
        from alg bs
          | B.length bs == (hashInternalContextSize alg) = Just $ Context $ B.allocAndFreeze (B.length bs) $ \(ctx :: Ptr (Context a)) ->
              B.withByteArray bs $ \ptr -> hashInternalGetContextBE ptr ctx
          | otherwise                                    = Nothing
--- a/Crypto/Hash/Algorithms.hs
+++ b/Crypto/Hash/Algorithms.hs
@ -10,7 +10,6 @@
 module Crypto.Hash.Algorithms
    ( HashAlgorithm
    , HashAlgorithmPrefix
    , HashAlgorithmResumable
    -- * Hash algorithms
    , Blake2s_160(..)
    , Blake2s_224(..)
@ -56,7 +55,7 @@ module Crypto.Hash.Algorithms
    , Whirlpool(..)
    ) where
-import           Crypto.Hash.Types (HashAlgorithm, HashAlgorithmPrefix, HashAlgorithmResumable)
+import           Crypto.Hash.Types (HashAlgorithm, HashAlgorithmPrefix)
 import           Crypto.Hash.Blake2s
 import           Crypto.Hash.Blake2sp
 import           Crypto.Hash.Blake2b
--- a/Crypto/Hash/Keccak.hs
+++ b/Crypto/Hash/Keccak.hs
@ -37,10 +37,6 @@ instance HashAlgorithm Keccak_224 where
    hashInternalUpdate        = c_keccak_update
    hashInternalFinalize p    = c_keccak_finalize p 224
 instance HashAlgorithmResumable Keccak_224 where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 -- | Keccak (256 bits) cryptographic hash algorithm
 data Keccak_256 = Keccak_256
    deriving (Show,Data)
@ -56,10 +52,6 @@ instance HashAlgorithm Keccak_256 where
    hashInternalUpdate        = c_keccak_update
    hashInternalFinalize p    = c_keccak_finalize p 256
 instance HashAlgorithmResumable Keccak_256 where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 -- | Keccak (384 bits) cryptographic hash algorithm
 data Keccak_384 = Keccak_384
    deriving (Show,Data)
@ -75,10 +67,6 @@ instance HashAlgorithm Keccak_384 where
    hashInternalUpdate        = c_keccak_update
    hashInternalFinalize p    = c_keccak_finalize p 384
 instance HashAlgorithmResumable Keccak_384 where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 -- | Keccak (512 bits) cryptographic hash algorithm
 data Keccak_512 = Keccak_512
    deriving (Show,Data)
@ -94,10 +82,6 @@ instance HashAlgorithm Keccak_512 where
    hashInternalUpdate        = c_keccak_update
    hashInternalFinalize p    = c_keccak_finalize p 512
 instance HashAlgorithmResumable Keccak_512 where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 foreign import ccall unsafe "cryptonite_keccak_init"
    c_keccak_init :: Ptr (Context a) -> Word32 -> IO ()
@ -107,9 +91,3 @@ foreign import ccall "cryptonite_keccak_update"
 foreign import ccall unsafe "cryptonite_keccak_finalize"
    c_keccak_finalize :: Ptr (Context a) -> Word32 -> Ptr (Digest a) -> IO ()
 foreign import ccall unsafe "cryptonite_sha3_ctx_to_be"
    c_sha3_ctx_to_be :: Ptr (Context a) -> Ptr Word8 -> IO ()
 foreign import ccall unsafe "cryptonite_sha3_be_to_ctx"
    c_sha3_be_to_ctx :: Ptr Word8 -> Ptr (Context a) -> IO ()
--- a/Crypto/Hash/SHA3.hs
+++ b/Crypto/Hash/SHA3.hs
@ -37,10 +37,6 @@ instance HashAlgorithm SHA3_224 where
    hashInternalUpdate        = c_sha3_update
    hashInternalFinalize p    = c_sha3_finalize p 224
 instance HashAlgorithmResumable SHA3_224 where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 -- | SHA3 (256 bits) cryptographic hash algorithm
 data SHA3_256 = SHA3_256
    deriving (Show,Data)
@ -56,10 +52,6 @@ instance HashAlgorithm SHA3_256 where
    hashInternalUpdate        = c_sha3_update
    hashInternalFinalize p    = c_sha3_finalize p 256
 instance HashAlgorithmResumable SHA3_256 where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 -- | SHA3 (384 bits) cryptographic hash algorithm
 data SHA3_384 = SHA3_384
    deriving (Show,Data)
@ -75,10 +67,6 @@ instance HashAlgorithm SHA3_384 where
    hashInternalUpdate        = c_sha3_update
    hashInternalFinalize p    = c_sha3_finalize p 384
 instance HashAlgorithmResumable SHA3_384 where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 -- | SHA3 (512 bits) cryptographic hash algorithm
 data SHA3_512 = SHA3_512
    deriving (Show,Data)
@ -94,10 +82,6 @@ instance HashAlgorithm SHA3_512 where
    hashInternalUpdate        = c_sha3_update
    hashInternalFinalize p    = c_sha3_finalize p 512
 instance HashAlgorithmResumable SHA3_512 where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 foreign import ccall unsafe "cryptonite_sha3_init"
    c_sha3_init :: Ptr (Context a) -> Word32 -> IO ()
@ -107,9 +91,3 @@ foreign import ccall "cryptonite_sha3_update"
 foreign import ccall unsafe "cryptonite_sha3_finalize"
    c_sha3_finalize :: Ptr (Context a) -> Word32 -> Ptr (Digest a) -> IO ()
 foreign import ccall unsafe "cryptonite_sha3_ctx_to_be"
    c_sha3_ctx_to_be :: Ptr (Context a) -> Ptr Word8 -> IO ()
 foreign import ccall unsafe "cryptonite_sha3_be_to_ctx"
    c_sha3_be_to_ctx :: Ptr Word8 -> Ptr (Context a) -> IO ()
--- a/Crypto/Hash/SHAKE.hs
+++ b/Crypto/Hash/SHAKE.hs
@ -62,10 +62,6 @@ instance KnownNat bitlen => HashSHAKE (SHAKE128 bitlen) where
    cshakeInternalFinalize = cshakeFinalizeOutput (Proxy :: Proxy bitlen)
    cshakeOutputLength _ = integralNatVal (Proxy :: Proxy bitlen)
 instance KnownNat bitlen => HashAlgorithmResumable (SHAKE128 bitlen) where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 -- | SHAKE256 (256 bits) extendable output function.  Supports an arbitrary
 -- digest size, to be specified as a type parameter of kind 'Nat'.
 --
@ -90,10 +86,6 @@ instance KnownNat bitlen => HashSHAKE (SHAKE256 bitlen) where
    cshakeInternalFinalize = cshakeFinalizeOutput (Proxy :: Proxy bitlen)
    cshakeOutputLength _ = integralNatVal (Proxy :: Proxy bitlen)
 instance KnownNat bitlen => HashAlgorithmResumable (SHAKE256 bitlen) where
  hashInternalPutContextBE = c_sha3_ctx_to_be
  hashInternalGetContextBE = c_sha3_be_to_ctx
 shakeFinalizeOutput :: KnownNat bitlen
                    => proxy bitlen
                    -> Ptr (Context a)
@ -137,9 +129,3 @@ foreign import ccall unsafe "cryptonite_sha3_finalize_cshake"
 foreign import ccall unsafe "cryptonite_sha3_output"
    c_sha3_output :: Ptr (Context a) -> Ptr (Digest a) -> Word32 -> IO ()
 foreign import ccall unsafe "cryptonite_sha3_ctx_to_be"
    c_sha3_ctx_to_be :: Ptr (Context a) -> Ptr Word8 -> IO ()
 foreign import ccall unsafe "cryptonite_sha3_be_to_ctx"
    c_sha3_be_to_ctx :: Ptr Word8 -> Ptr (Context a) -> IO ()
--- a/Crypto/Hash/Types.hs
+++ b/Crypto/Hash/Types.hs
@ -15,7 +15,6 @@
 module Crypto.Hash.Types
    ( HashAlgorithm(..)
    , HashAlgorithmPrefix(..)
    , HashAlgorithmResumable(..)
    , Context(..)
    , Digest(..)
    ) where
@ -71,9 +70,6 @@ class HashAlgorithm a => HashAlgorithmPrefix a where
                               -> Word32
                               -> Ptr (Digest a)
                               -> IO ()
 class HashAlgorithm a => HashAlgorithmResumable a where
  hashInternalPutContextBE :: Ptr (Context a) -> Ptr Word8 -> IO ()
  hashInternalGetContextBE :: Ptr Word8 -> Ptr (Context a) -> IO ()
 {-
 hashContextGetAlgorithm :: HashAlgorithm a => Context a -> a
--- a/Crypto/Internal/CompatPrim.hs
+++ b/Crypto/Internal/CompatPrim.hs
@ -23,21 +23,15 @@ module Crypto.Internal.CompatPrim
    , convert4To32
    ) where
 import GHC.Prim
 #if !defined(ARCH_IS_LITTLE_ENDIAN) && !defined(ARCH_IS_BIG_ENDIAN)
 import Data.Memory.Endian (getSystemEndianness, Endianness(..))
 #endif
 #if __GLASGOW_HASKELL__ >= 902
 import GHC.Prim
 #else
 import GHC.Prim hiding (Word32#)
 type Word32# = Word#
 #endif
 -- | Byteswap Word# to or from Big Endian
 --
 -- On a big endian machine, this function is a nop.
-be32Prim :: Word32# -> Word32#
+be32Prim :: Word# -> Word#
 #ifdef ARCH_IS_LITTLE_ENDIAN
 be32Prim = byteswap32Prim
 #elif defined(ARCH_IS_BIG_ENDIAN)
@ -49,7 +43,7 @@ be32Prim w = if getSystemEndianness == LittleEndian then byteswap32Prim w else w
 -- | Byteswap Word# to or from Little Endian
 --
 -- On a little endian machine, this function is a nop.
-le32Prim :: Word32# -> Word32#
+le32Prim :: Word# -> Word#
 #ifdef ARCH_IS_LITTLE_ENDIAN
 le32Prim w = w
 #elif defined(ARCH_IS_BIG_ENDIAN)
@ -60,11 +54,16 @@ le32Prim w = if getSystemEndianness == LittleEndian then w else byteswap32Prim w
 -- | Simple compatibility for byteswap the lower 32 bits of a Word#
 -- at the primitive level
-byteswap32Prim :: Word32# -> Word32#
+byteswap32Prim :: Word# -> Word#
-#if __GLASGOW_HASKELL__ >= 902
+#if __GLASGOW_HASKELL__ >= 708
 byteswap32Prim w = wordToWord32# (byteSwap32# (word32ToWord# w))
 #else
 byteswap32Prim w = byteSwap32# w
 #else
 byteswap32Prim w =
    let !a =       uncheckedShiftL# w 24#
        !b = and# (uncheckedShiftL# w 8#) 0x00ff0000##
        !c = and# (uncheckedShiftRL# w 8#) 0x0000ff00##
        !d = and# (uncheckedShiftRL# w 24#) 0x000000ff##
     in or# a (or# b (or# c d))
 #endif
 -- | Combine 4 word8 [a,b,c,d] to a word32 representing [a,b,c,d]
--- a/Crypto/MAC/HMAC.hs
+++ b/Crypto/MAC/HMAC.hs
@ -12,7 +12,6 @@
 {-# LANGUAGE GeneralizedNewtypeDeriving #-}
 module Crypto.MAC.HMAC
    ( hmac
    , hmacLazy
    , HMAC(..)
    -- * Incremental
    , Context(..)
@ -29,7 +28,6 @@ import           Crypto.Internal.ByteArray (ScrubbedBytes, ByteArrayAccess)
 import qualified Crypto.Internal.ByteArray as B
 import           Data.Memory.PtrMethods
 import           Crypto.Internal.Compat
 import qualified Data.ByteString.Lazy as L
 -- | Represent an HMAC that is a phantom type with the hash used to produce the mac.
 --
@ -41,20 +39,13 @@ newtype HMAC a = HMAC { hmacGetDigest :: Digest a }
 instance Eq (HMAC a) where
    (HMAC b1) == (HMAC b2) = B.constEq b1 b2
-- | Compute a MAC using the supplied hashing function
+-- | compute a MAC using the supplied hashing function
 hmac :: (ByteArrayAccess key, ByteArrayAccess message, HashAlgorithm a)
     => key     -- ^ Secret key
     -> message -- ^ Message to MAC
     -> HMAC a
 hmac secret msg = finalize $ updates (initialize secret) [msg]
 -- | Compute a MAC using the supplied hashing function, for a lazy input
 hmacLazy :: (ByteArrayAccess key, HashAlgorithm a)
     => key     -- ^ Secret key
     -> L.ByteString -- ^ Message to MAC
     -> HMAC a
 hmacLazy secret msg = finalize $ updates (initialize secret) (L.toChunks msg)
 -- | Represent an ongoing HMAC state, that can be appended with 'update'
 -- and finalize to an HMAC with 'hmacFinalize'
 data Context hashalg = Context !(Hash.Context hashalg) !(Hash.Context hashalg)
--- a/Crypto/Random/Entropy/Unsafe.hs
+++ b/Crypto/Random/Entropy/Unsafe.hs
@ -25,9 +25,10 @@ replenish :: Int -> [EntropyBackend] -> Ptr Word8 -> IO ()
 replenish _        []       _   = fail "cryptonite: random: cannot get any source of entropy on this system"
 replenish poolSize backends ptr = loop 0 backends ptr poolSize
  where loop :: Int -> [EntropyBackend] -> Ptr Word8 -> Int -> IO ()
-        loop _     _  _ 0 = return ()
+        loop retry [] p n | n == 0     = return ()
-        loop retry [] p n | retry == 3 = error "cryptonite: random: cannot fully replenish"
+                          | retry == 3 = error "cryptonite: random: cannot fully replenish"
                          | otherwise  = loop (retry+1) backends p n
        loop _     (_:_)  _ 0 = return ()
        loop retry (b:bs) p n = do
            r <- gatherBackend b p n
            loop retry bs (p `plusPtr` r) (n - r)
--- a/cbits/aes/x86ni.c
+++ b/cbits/aes/x86ni.c
@ -165,7 +165,7 @@ static __m128i gfmulx(__m128i v)
 TARGET_AESNI
 static __m128i gfmul_generic(__m128i tag, const table_4bit htable)
 {
-	aes_block _t ALIGNMENT(16);
+	aes_block _t;
 	_mm_store_si128((__m128i *) &_t, tag);
 	cryptonite_aes_generic_gf_mul(&_t, htable);
 	tag = _mm_load_si128((__m128i *) &_t);
--- a/cbits/argon2/core.c
+++ b/cbits/argon2/core.c
@ -4,7 +4,7 @@
 * Copyright 2015
 * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves
 *
- * You may use this work under the terms of a Creative Commons CC0 1.0
+ * You may use this work under the terms of a Creative Commons CC0 1.0 
 * License/Waiver or the Apache Public License 2.0, at your option. The terms of
 * these licenses can be found at:
 *
@ -83,25 +83,25 @@ static int blake2b_long(void *pout, size_t outlen, const void *in, size_t inlen)
    } while ((void)0, 0)
    if (outlen <= BLAKE2B_OUTBYTES) {
-        TRY(_cryptonite_blake2b_init(&blake_state, outlen));
+        TRY(blake2b_init(&blake_state, outlen));
-        TRY(_cryptonite_blake2b_update(&blake_state, outlen_bytes, sizeof(outlen_bytes)));
+        TRY(blake2b_update(&blake_state, outlen_bytes, sizeof(outlen_bytes)));
-        TRY(_cryptonite_blake2b_update(&blake_state, in, inlen));
+        TRY(blake2b_update(&blake_state, in, inlen));
-        TRY(_cryptonite_blake2b_final(&blake_state, out, outlen));
+        TRY(blake2b_final(&blake_state, out, outlen));
    } else {
        uint32_t toproduce;
        uint8_t out_buffer[BLAKE2B_OUTBYTES];
        uint8_t in_buffer[BLAKE2B_OUTBYTES];
-        TRY(_cryptonite_blake2b_init(&blake_state, BLAKE2B_OUTBYTES));
+        TRY(blake2b_init(&blake_state, BLAKE2B_OUTBYTES));
-        TRY(_cryptonite_blake2b_update(&blake_state, outlen_bytes, sizeof(outlen_bytes)));
+        TRY(blake2b_update(&blake_state, outlen_bytes, sizeof(outlen_bytes)));
-        TRY(_cryptonite_blake2b_update(&blake_state, in, inlen));
+        TRY(blake2b_update(&blake_state, in, inlen));
-        TRY(_cryptonite_blake2b_final(&blake_state, out_buffer, BLAKE2B_OUTBYTES));
+        TRY(blake2b_final(&blake_state, out_buffer, BLAKE2B_OUTBYTES));
        memcpy(out, out_buffer, BLAKE2B_OUTBYTES / 2);
        out += BLAKE2B_OUTBYTES / 2;
        toproduce = (uint32_t)outlen - BLAKE2B_OUTBYTES / 2;
        while (toproduce > BLAKE2B_OUTBYTES) {
            memcpy(in_buffer, out_buffer, BLAKE2B_OUTBYTES);
-            TRY(_cryptonite_blake2b(out_buffer, BLAKE2B_OUTBYTES, in_buffer,
+            TRY(blake2b(out_buffer, BLAKE2B_OUTBYTES, in_buffer,
                        BLAKE2B_OUTBYTES, NULL, 0));
            memcpy(out, out_buffer, BLAKE2B_OUTBYTES / 2);
            out += BLAKE2B_OUTBYTES / 2;
@ -109,7 +109,7 @@ static int blake2b_long(void *pout, size_t outlen, const void *in, size_t inlen)
        }
        memcpy(in_buffer, out_buffer, BLAKE2B_OUTBYTES);
-        TRY(_cryptonite_blake2b(out_buffer, toproduce, in_buffer, BLAKE2B_OUTBYTES, NULL,
+        TRY(blake2b(out_buffer, toproduce, in_buffer, BLAKE2B_OUTBYTES, NULL,
                    0));
        memcpy(out, out_buffer, toproduce);
    }
@ -149,7 +149,7 @@ static void store_block(void *output, const block *src) {
 }
 /***************Memory functions*****************/
-static
+static 
 int allocate_memory(const argon2_context *context, uint8_t **memory,
                    size_t num, size_t size) {
    size_t memory_size = num*size;
@ -175,7 +175,7 @@ int allocate_memory(const argon2_context *context, uint8_t **memory,
    return ARGON2_OK;
 }
-static
+static 
 void free_memory(const argon2_context *context, uint8_t *memory,
                 size_t num, size_t size) {
    size_t memory_size = num*size;
@ -425,7 +425,7 @@ fail:
 }
 #endif /* ARGON2_NO_THREADS */
-static
+static 
 int fill_memory_blocks(argon2_instance_t *instance) {
 	if (instance == NULL || instance->lanes == 0) {
 	    return ARGON2_INCORRECT_PARAMETER;
@ -437,7 +437,7 @@ int fill_memory_blocks(argon2_instance_t *instance) {
 			fill_memory_blocks_st(instance) : fill_memory_blocks_mt(instance);
 #endif
 }
-static
+static 
 int validate_inputs(const argon2_context *context) {
    if (NULL == context) {
        return ARGON2_INCORRECT_PARAMETER;
@ -564,7 +564,7 @@ int validate_inputs(const argon2_context *context) {
    return ARGON2_OK;
 }
-static
+static 
 void fill_first_blocks(uint8_t *blockhash, const argon2_instance_t *instance) {
    uint32_t l;
    /* Make the first and second block in each lane as G(H0||i||0) or
@ -587,7 +587,7 @@ void fill_first_blocks(uint8_t *blockhash, const argon2_instance_t *instance) {
    }
    clear_internal_memory(blockhash_bytes, ARGON2_BLOCK_SIZE);
 }
-static
+static 
 void initial_hash(uint8_t *blockhash, argon2_context *context,
                  argon2_type type) {
    blake2b_state BlakeHash;
@ -597,31 +597,31 @@ void initial_hash(uint8_t *blockhash, argon2_context *context,
        return;
    }
-    _cryptonite_blake2b_init(&BlakeHash, ARGON2_PREHASH_DIGEST_LENGTH);
+    blake2b_init(&BlakeHash, ARGON2_PREHASH_DIGEST_LENGTH);
    store32(&value, context->lanes);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    store32(&value, context->outlen);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    store32(&value, context->m_cost);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    store32(&value, context->t_cost);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    store32(&value, context->version);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    store32(&value, (uint32_t)type);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    store32(&value, context->pwdlen);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    if (context->pwd != NULL) {
-        _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)context->pwd,
+        blake2b_update(&BlakeHash, (const uint8_t *)context->pwd,
                       context->pwdlen);
        if (context->flags & ARGON2_FLAG_CLEAR_PASSWORD) {
@ -631,18 +631,18 @@ void initial_hash(uint8_t *blockhash, argon2_context *context,
    }
    store32(&value, context->saltlen);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    if (context->salt != NULL) {
-        _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)context->salt,
+        blake2b_update(&BlakeHash, (const uint8_t *)context->salt,
                       context->saltlen);
    }
    store32(&value, context->secretlen);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    if (context->secret != NULL) {
-        _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)context->secret,
+        blake2b_update(&BlakeHash, (const uint8_t *)context->secret,
                       context->secretlen);
        if (context->flags & ARGON2_FLAG_CLEAR_SECRET) {
@ -652,16 +652,16 @@ void initial_hash(uint8_t *blockhash, argon2_context *context,
    }
    store32(&value, context->adlen);
-    _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
+    blake2b_update(&BlakeHash, (const uint8_t *)&value, sizeof(value));
    if (context->ad != NULL) {
-        _cryptonite_blake2b_update(&BlakeHash, (const uint8_t *)context->ad,
+        blake2b_update(&BlakeHash, (const uint8_t *)context->ad,
                       context->adlen);
    }
-    _cryptonite_blake2b_final(&BlakeHash, blockhash, ARGON2_PREHASH_DIGEST_LENGTH);
+    blake2b_final(&BlakeHash, blockhash, ARGON2_PREHASH_DIGEST_LENGTH);
 }
-static
+static 
 int initialize(argon2_instance_t *instance, argon2_context *context) {
    uint8_t blockhash[ARGON2_PREHASH_SEED_LENGTH];
    int result = ARGON2_OK;
--- a/cbits/blake2/ref/blake2.h
+++ b/cbits/blake2/ref/blake2.h
@ -142,51 +142,51 @@ extern "C" {
  };
  /* Streaming API */
-  int _cryptonite_blake2s_init( blake2s_state *S, size_t outlen );
+  int blake2s_init( blake2s_state *S, size_t outlen );
-  int _cryptonite_blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen );
+  int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2s_init_param( blake2s_state *S, const blake2s_param *P );
+  int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
-  int _cryptonite_blake2s_update( blake2s_state *S, const void *in, size_t inlen );
+  int blake2s_update( blake2s_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2s_final( blake2s_state *S, void *out, size_t outlen );
+  int blake2s_final( blake2s_state *S, void *out, size_t outlen );
-  int _cryptonite_blake2b_init( blake2b_state *S, size_t outlen );
+  int blake2b_init( blake2b_state *S, size_t outlen );
-  int _cryptonite_blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen );
+  int blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2b_init_param( blake2b_state *S, const blake2b_param *P );
+  int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
-  int _cryptonite_blake2b_update( blake2b_state *S, const void *in, size_t inlen );
+  int blake2b_update( blake2b_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2b_final( blake2b_state *S, void *out, size_t outlen );
+  int blake2b_final( blake2b_state *S, void *out, size_t outlen );
-  int _cryptonite_blake2sp_init( blake2sp_state *S, size_t outlen );
+  int blake2sp_init( blake2sp_state *S, size_t outlen );
-  int _cryptonite_blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen );
+  int blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2sp_update( blake2sp_state *S, const void *in, size_t inlen );
+  int blake2sp_update( blake2sp_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2sp_final( blake2sp_state *S, void *out, size_t outlen );
+  int blake2sp_final( blake2sp_state *S, void *out, size_t outlen );
-  int _cryptonite_blake2bp_init( blake2bp_state *S, size_t outlen );
+  int blake2bp_init( blake2bp_state *S, size_t outlen );
-  int _cryptonite_blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen );
+  int blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2bp_update( blake2bp_state *S, const void *in, size_t inlen );
+  int blake2bp_update( blake2bp_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2bp_final( blake2bp_state *S, void *out, size_t outlen );
+  int blake2bp_final( blake2bp_state *S, void *out, size_t outlen );
  /* Variable output length API */
-  int _cryptonite_blake2xs_init( blake2xs_state *S, const size_t outlen );
+  int blake2xs_init( blake2xs_state *S, const size_t outlen );
-  int _cryptonite_blake2xs_init_key( blake2xs_state *S, const size_t outlen, const void *key, size_t keylen );
+  int blake2xs_init_key( blake2xs_state *S, const size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2xs_update( blake2xs_state *S, const void *in, size_t inlen );
+  int blake2xs_update( blake2xs_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen);
+  int blake2xs_final(blake2xs_state *S, void *out, size_t outlen);
-  int _cryptonite_blake2xb_init( blake2xb_state *S, const size_t outlen );
+  int blake2xb_init( blake2xb_state *S, const size_t outlen );
-  int _cryptonite_blake2xb_init_key( blake2xb_state *S, const size_t outlen, const void *key, size_t keylen );
+  int blake2xb_init_key( blake2xb_state *S, const size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2xb_update( blake2xb_state *S, const void *in, size_t inlen );
+  int blake2xb_update( blake2xb_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2xb_final(blake2xb_state *S, void *out, size_t outlen);
+  int blake2xb_final(blake2xb_state *S, void *out, size_t outlen);
  /* Simple API */
-  int _cryptonite_blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2b( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2b( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2sp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2bp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2xs( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2xs( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2xb( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2xb( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
  /* This is simply an alias for blake2b */
-  int _cryptonite_blake2( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
 #if defined(__cplusplus)
 }
--- a/cbits/blake2/ref/blake2b-ref.c
+++ b/cbits/blake2/ref/blake2b-ref.c
@ -78,7 +78,7 @@ static void blake2b_init0( blake2b_state *S )
 }
 /* init xors IV with input parameter block */
-int _cryptonite_blake2b_init_param( blake2b_state *S, const blake2b_param *P )
+int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
 {
  const uint8_t *p = ( const uint8_t * )( P );
  size_t i;
@ -95,7 +95,7 @@ int _cryptonite_blake2b_init_param( blake2b_state *S, const blake2b_param *P )
-int _cryptonite_blake2b_init( blake2b_state *S, size_t outlen )
+int blake2b_init( blake2b_state *S, size_t outlen )
 {
  blake2b_param P[1];
@ -113,11 +113,11 @@ int _cryptonite_blake2b_init( blake2b_state *S, size_t outlen )
  memset( P->reserved, 0, sizeof( P->reserved ) );
  memset( P->salt,     0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  return _cryptonite_blake2b_init_param( S, P );
+  return blake2b_init_param( S, P );
 }
-int _cryptonite_blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen )
+int blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen )
 {
  blake2b_param P[1];
@ -138,13 +138,13 @@ int _cryptonite_blake2b_init_key( blake2b_state *S, size_t outlen, const void *k
  memset( P->salt,     0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  if( _cryptonite_blake2b_init_param( S, P ) < 0 ) return -1;
+  if( blake2b_init_param( S, P ) < 0 ) return -1;
  {
    uint8_t block[BLAKE2B_BLOCKBYTES];
    memset( block, 0, BLAKE2B_BLOCKBYTES );
    memcpy( block, key, keylen );
-    _cryptonite_blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
+    blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */
  }
  return 0;
@ -218,7 +218,7 @@ static void blake2b_compress( blake2b_state *S, const uint8_t block[BLAKE2B_BLOC
 #undef G
 #undef ROUND
-int _cryptonite_blake2b_update( blake2b_state *S, const void *pin, size_t inlen )
+int blake2b_update( blake2b_state *S, const void *pin, size_t inlen )
 {
  const unsigned char * in = (const unsigned char *)pin;
  if( inlen > 0 )
@ -245,7 +245,7 @@ int _cryptonite_blake2b_update( blake2b_state *S, const void *pin, size_t inlen
  return 0;
 }
-int _cryptonite_blake2b_final( blake2b_state *S, void *out, size_t outlen )
+int blake2b_final( blake2b_state *S, void *out, size_t outlen )
 {
  uint8_t buffer[BLAKE2B_OUTBYTES] = {0};
  size_t i;
@ -270,7 +270,7 @@ int _cryptonite_blake2b_final( blake2b_state *S, void *out, size_t outlen )
 }
 /* inlen, at least, should be uint64_t. Others can be size_t. */
-int _cryptonite_blake2b( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
+int blake2b( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
 {
  blake2b_state S[1];
@ -287,26 +287,26 @@ int _cryptonite_blake2b( void *out, size_t outlen, const void *in, size_t inlen,
  if( keylen > 0 )
  {
-    if( _cryptonite_blake2b_init_key( S, outlen, key, keylen ) < 0 ) return -1;
+    if( blake2b_init_key( S, outlen, key, keylen ) < 0 ) return -1;
  }
  else
  {
-    if( _cryptonite_blake2b_init( S, outlen ) < 0 ) return -1;
+    if( blake2b_init( S, outlen ) < 0 ) return -1;
  }
-  _cryptonite_blake2b_update( S, ( const uint8_t * )in, inlen );
+  blake2b_update( S, ( const uint8_t * )in, inlen );
-  _cryptonite_blake2b_final( S, out, outlen );
+  blake2b_final( S, out, outlen );
  return 0;
 }
-int _cryptonite_blake2( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen ) {
+int blake2( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen ) {
-  return _cryptonite_blake2b(out, outlen, in, inlen, key, keylen);
+  return blake2b(out, outlen, in, inlen, key, keylen);
 }
 #if defined(SUPERCOP)
 int crypto_hash( unsigned char *out, unsigned char *in, unsigned long long inlen )
 {
-  return _cryptonite_blake2b( out, BLAKE2B_OUTBYTES, in, inlen, NULL, 0 );
+  return blake2b( out, BLAKE2B_OUTBYTES, in, inlen, NULL, 0 );
 }
 #endif
@ -329,9 +329,9 @@ int main( void )
  for( i = 0; i < BLAKE2_KAT_LENGTH; ++i )
  {
    uint8_t hash[BLAKE2B_OUTBYTES];
-    _cryptonite_blake2b( hash, BLAKE2B_OUTBYTES, buf, i, key, BLAKE2B_KEYBYTES );
+    blake2b( hash, BLAKE2B_OUTBYTES, buf, i, key, BLAKE2B_KEYBYTES );
-    if( 0 != memcmp( hash, _cryptonite_blake2b_keyed_kat[i], BLAKE2B_OUTBYTES ) )
+    if( 0 != memcmp( hash, blake2b_keyed_kat[i], BLAKE2B_OUTBYTES ) )
    {
      goto fail;
    }
@ -346,25 +346,25 @@ int main( void )
      size_t mlen = i;
      int err = 0;
-      if( (err = _cryptonite_blake2b_init_key(&S, BLAKE2B_OUTBYTES, key, BLAKE2B_KEYBYTES)) < 0 ) {
+      if( (err = blake2b_init_key(&S, BLAKE2B_OUTBYTES, key, BLAKE2B_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2b_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2b_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2b_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2b_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2b_final(&S, hash, BLAKE2B_OUTBYTES)) < 0) {
+      if ( (err = blake2b_final(&S, hash, BLAKE2B_OUTBYTES)) < 0) {
        goto fail;
      }
-      if (0 != memcmp(hash, _cryptonite_blake2b_keyed_kat[i], BLAKE2B_OUTBYTES)) {
+      if (0 != memcmp(hash, blake2b_keyed_kat[i], BLAKE2B_OUTBYTES)) {
        goto fail;
      }
    }
--- a/cbits/blake2/ref/blake2bp-ref.c
+++ b/cbits/blake2/ref/blake2bp-ref.c
@ -36,7 +36,7 @@
 */
 static int blake2bp_init_leaf_param( blake2b_state *S, const blake2b_param *P )
 {
-  int err = _cryptonite_blake2b_init_param(S, P);
+  int err = blake2b_init_param(S, P);
  S->outlen = P->inner_length;
  return err;
 }
@ -74,11 +74,11 @@ static int blake2bp_init_root( blake2b_state *S, size_t outlen, size_t keylen )
  memset( P->reserved, 0, sizeof( P->reserved ) );
  memset( P->salt, 0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  return _cryptonite_blake2b_init_param( S, P );
+  return blake2b_init_param( S, P );
 }
-int _cryptonite_blake2bp_init( blake2bp_state *S, size_t outlen )
+int blake2bp_init( blake2bp_state *S, size_t outlen )
 {
  size_t i;
@ -99,7 +99,7 @@ int _cryptonite_blake2bp_init( blake2bp_state *S, size_t outlen )
  return 0;
 }
-int _cryptonite_blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen )
+int blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen )
 {
  size_t i;
@ -125,7 +125,7 @@ int _cryptonite_blake2bp_init_key( blake2bp_state *S, size_t outlen, const void
    memcpy( block, key, keylen );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2b_update( S->S[i], block, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S->S[i], block, BLAKE2B_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */
  }
@ -133,7 +133,7 @@ int _cryptonite_blake2bp_init_key( blake2bp_state *S, size_t outlen, const void
 }
-int _cryptonite_blake2bp_update( blake2bp_state *S, const void *pin, size_t inlen )
+int blake2bp_update( blake2bp_state *S, const void *pin, size_t inlen )
 {
  const unsigned char * in = (const unsigned char *)pin;
  size_t left = S->buflen;
@ -145,7 +145,7 @@ int _cryptonite_blake2bp_update( blake2bp_state *S, const void *pin, size_t inle
    memcpy( S->buf + left, in, fill );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2b_update( S->S[i], S->buf + i * BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S->S[i], S->buf + i * BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES );
    in += fill;
    inlen -= fill;
@ -168,7 +168,7 @@ int _cryptonite_blake2bp_update( blake2bp_state *S, const void *pin, size_t inle
    while( inlen__ >= PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES )
    {
-      _cryptonite_blake2b_update( S->S[i], in__, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S->S[i], in__, BLAKE2B_BLOCKBYTES );
      in__ += PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES;
      inlen__ -= PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES;
    }
@ -184,7 +184,7 @@ int _cryptonite_blake2bp_update( blake2bp_state *S, const void *pin, size_t inle
  return 0;
 }
-int _cryptonite_blake2bp_final( blake2bp_state *S, void *out, size_t outlen )
+int blake2bp_final( blake2bp_state *S, void *out, size_t outlen )
 {
  uint8_t hash[PARALLELISM_DEGREE][BLAKE2B_OUTBYTES];
  size_t i;
@ -201,19 +201,19 @@ int _cryptonite_blake2bp_final( blake2bp_state *S, void *out, size_t outlen )
      if( left > BLAKE2B_BLOCKBYTES ) left = BLAKE2B_BLOCKBYTES;
-      _cryptonite_blake2b_update( S->S[i], S->buf + i * BLAKE2B_BLOCKBYTES, left );
+      blake2b_update( S->S[i], S->buf + i * BLAKE2B_BLOCKBYTES, left );
    }
-    _cryptonite_blake2b_final( S->S[i], hash[i], BLAKE2B_OUTBYTES );
+    blake2b_final( S->S[i], hash[i], BLAKE2B_OUTBYTES );
  }
  for( i = 0; i < PARALLELISM_DEGREE; ++i )
-    _cryptonite_blake2b_update( S->R, hash[i], BLAKE2B_OUTBYTES );
+    blake2b_update( S->R, hash[i], BLAKE2B_OUTBYTES );
-  return _cryptonite_blake2b_final( S->R, out, S->outlen );
+  return blake2b_final( S->R, out, S->outlen );
 }
-int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
+int blake2bp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
 {
  uint8_t hash[PARALLELISM_DEGREE][BLAKE2B_OUTBYTES];
  blake2b_state S[PARALLELISM_DEGREE][1];
@ -243,7 +243,7 @@ int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen
    memcpy( block, key, keylen );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2b_update( S[i], block, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S[i], block, BLAKE2B_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */
  }
@ -264,7 +264,7 @@ int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen
    while( inlen__ >= PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES )
    {
-      _cryptonite_blake2b_update( S[i], in__, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S[i], in__, BLAKE2B_BLOCKBYTES );
      in__ += PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES;
      inlen__ -= PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES;
    }
@ -273,10 +273,10 @@ int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen
    {
      const size_t left = inlen__ - i * BLAKE2B_BLOCKBYTES;
      const size_t len = left <= BLAKE2B_BLOCKBYTES ? left : BLAKE2B_BLOCKBYTES;
-      _cryptonite_blake2b_update( S[i], in__, len );
+      blake2b_update( S[i], in__, len );
    }
-    _cryptonite_blake2b_final( S[i], hash[i], BLAKE2B_OUTBYTES );
+    blake2b_final( S[i], hash[i], BLAKE2B_OUTBYTES );
  }
  if( blake2bp_init_root( FS, outlen, keylen ) < 0 )
@ -285,9 +285,9 @@ int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen
  FS->last_node = 1; /* Mark as last node */
  for( i = 0; i < PARALLELISM_DEGREE; ++i )
-    _cryptonite_blake2b_update( FS, hash[i], BLAKE2B_OUTBYTES );
+    blake2b_update( FS, hash[i], BLAKE2B_OUTBYTES );
-  return _cryptonite_blake2b_final( FS, out, outlen );;
+  return blake2b_final( FS, out, outlen );;
 }
 #if defined(BLAKE2BP_SELFTEST)
@ -326,21 +326,21 @@ int main( void )
      size_t mlen = i;
      int err = 0;
-      if( (err = _cryptonite_blake2bp_init_key(&S, BLAKE2B_OUTBYTES, key, BLAKE2B_KEYBYTES)) < 0 ) {
+      if( (err = blake2bp_init_key(&S, BLAKE2B_OUTBYTES, key, BLAKE2B_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2bp_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2bp_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2bp_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2bp_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2bp_final(&S, hash, BLAKE2B_OUTBYTES)) < 0) {
+      if ( (err = blake2bp_final(&S, hash, BLAKE2B_OUTBYTES)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/ref/blake2s-ref.c
+++ b/cbits/blake2/ref/blake2s-ref.c
@ -73,7 +73,7 @@ static void blake2s_init0( blake2s_state *S )
 }
 /* init2 xors IV with input parameter block */
-int _cryptonite_blake2s_init_param( blake2s_state *S, const blake2s_param *P )
+int blake2s_init_param( blake2s_state *S, const blake2s_param *P )
 {
  const unsigned char *p = ( const unsigned char * )( P );
  size_t i;
@ -90,7 +90,7 @@ int _cryptonite_blake2s_init_param( blake2s_state *S, const blake2s_param *P )
 /* Sequential blake2s initialization */
-int _cryptonite_blake2s_init( blake2s_state *S, size_t outlen )
+int blake2s_init( blake2s_state *S, size_t outlen )
 {
  blake2s_param P[1];
@ -109,10 +109,10 @@ int _cryptonite_blake2s_init( blake2s_state *S, size_t outlen )
  /* memset(P->reserved, 0, sizeof(P->reserved) ); */
  memset( P->salt,     0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  return _cryptonite_blake2s_init_param( S, P );
+  return blake2s_init_param( S, P );
 }
-int _cryptonite_blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen )
+int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen )
 {
  blake2s_param P[1];
@ -133,13 +133,13 @@ int _cryptonite_blake2s_init_key( blake2s_state *S, size_t outlen, const void *k
  memset( P->salt,     0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  if( _cryptonite_blake2s_init_param( S, P ) < 0 ) return -1;
+  if( blake2s_init_param( S, P ) < 0 ) return -1;
  {
    uint8_t block[BLAKE2S_BLOCKBYTES];
    memset( block, 0, BLAKE2S_BLOCKBYTES );
    memcpy( block, key, keylen );
-    _cryptonite_blake2s_update( S, block, BLAKE2S_BLOCKBYTES );
+    blake2s_update( S, block, BLAKE2S_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */
  }
  return 0;
@ -211,7 +211,7 @@ static void blake2s_compress( blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBY
 #undef G
 #undef ROUND
-int _cryptonite_blake2s_update( blake2s_state *S, const void *pin, size_t inlen )
+int blake2s_update( blake2s_state *S, const void *pin, size_t inlen )
 {
  const unsigned char * in = (const unsigned char *)pin;
  if( inlen > 0 )
@ -238,7 +238,7 @@ int _cryptonite_blake2s_update( blake2s_state *S, const void *pin, size_t inlen
  return 0;
 }
-int _cryptonite_blake2s_final( blake2s_state *S, void *out, size_t outlen )
+int blake2s_final( blake2s_state *S, void *out, size_t outlen )
 {
  uint8_t buffer[BLAKE2S_OUTBYTES] = {0};
  size_t i;
@ -262,7 +262,7 @@ int _cryptonite_blake2s_final( blake2s_state *S, void *out, size_t outlen )
  return 0;
 }
-int _cryptonite_blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
+int blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
 {
  blake2s_state S[1];
@ -279,22 +279,22 @@ int _cryptonite_blake2s( void *out, size_t outlen, const void *in, size_t inlen,
  if( keylen > 0 )
  {
-    if( _cryptonite_blake2s_init_key( S, outlen, key, keylen ) < 0 ) return -1;
+    if( blake2s_init_key( S, outlen, key, keylen ) < 0 ) return -1;
  }
  else
  {
-    if( _cryptonite_blake2s_init( S, outlen ) < 0 ) return -1;
+    if( blake2s_init( S, outlen ) < 0 ) return -1;
  }
-  _cryptonite_blake2s_update( S, ( const uint8_t * )in, inlen );
+  blake2s_update( S, ( const uint8_t * )in, inlen );
-  _cryptonite_blake2s_final( S, out, outlen );
+  blake2s_final( S, out, outlen );
  return 0;
 }
 #if defined(SUPERCOP)
 int crypto_hash( unsigned char *out, unsigned char *in, unsigned long long inlen )
 {
-  return _cryptonite_blake2s( out, BLAKE2S_OUTBYTES, in, inlen, NULL, 0 );
+  return blake2s( out, BLAKE2S_OUTBYTES, in, inlen, NULL, 0 );
 }
 #endif
@ -317,7 +317,7 @@ int main( void )
  for( i = 0; i < BLAKE2_KAT_LENGTH; ++i )
  {
    uint8_t hash[BLAKE2S_OUTBYTES];
-    _cryptonite_blake2s( hash, BLAKE2S_OUTBYTES, buf, i, key, BLAKE2S_KEYBYTES );
+    blake2s( hash, BLAKE2S_OUTBYTES, buf, i, key, BLAKE2S_KEYBYTES );
    if( 0 != memcmp( hash, blake2s_keyed_kat[i], BLAKE2S_OUTBYTES ) )
    {
@ -334,21 +334,21 @@ int main( void )
      size_t mlen = i;
      int err = 0;
-      if( (err = _cryptonite_blake2s_init_key(&S, BLAKE2S_OUTBYTES, key, BLAKE2S_KEYBYTES)) < 0 ) {
+      if( (err = blake2s_init_key(&S, BLAKE2S_OUTBYTES, key, BLAKE2S_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2s_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2s_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2s_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2s_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2s_final(&S, hash, BLAKE2S_OUTBYTES)) < 0) {
+      if ( (err = blake2s_final(&S, hash, BLAKE2S_OUTBYTES)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/ref/blake2sp-ref.c
+++ b/cbits/blake2/ref/blake2sp-ref.c
@ -35,7 +35,7 @@
 */
 static int blake2sp_init_leaf_param( blake2s_state *S, const blake2s_param *P )
 {
-  int err = _cryptonite_blake2s_init_param(S, P);
+  int err = blake2s_init_param(S, P);
  S->outlen = P->inner_length;
  return err;
 }
@ -71,11 +71,11 @@ static int blake2sp_init_root( blake2s_state *S, size_t outlen, size_t keylen )
  P->inner_length = BLAKE2S_OUTBYTES;
  memset( P->salt, 0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  return _cryptonite_blake2s_init_param( S, P );
+  return blake2s_init_param( S, P );
 }
-int _cryptonite_blake2sp_init( blake2sp_state *S, size_t outlen )
+int blake2sp_init( blake2sp_state *S, size_t outlen )
 {
  size_t i;
@ -96,7 +96,7 @@ int _cryptonite_blake2sp_init( blake2sp_state *S, size_t outlen )
  return 0;
 }
-int _cryptonite_blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen )
+int blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen )
 {
  size_t i;
@ -122,7 +122,7 @@ int _cryptonite_blake2sp_init_key( blake2sp_state *S, size_t outlen, const void
    memcpy( block, key, keylen );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2s_update( S->S[i], block, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S->S[i], block, BLAKE2S_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */
  }
@ -130,7 +130,7 @@ int _cryptonite_blake2sp_init_key( blake2sp_state *S, size_t outlen, const void
 }
-int _cryptonite_blake2sp_update( blake2sp_state *S, const void *pin, size_t inlen )
+int blake2sp_update( blake2sp_state *S, const void *pin, size_t inlen )
 {
  const unsigned char * in = (const unsigned char *)pin;
  size_t left = S->buflen;
@ -142,7 +142,7 @@ int _cryptonite_blake2sp_update( blake2sp_state *S, const void *pin, size_t inle
    memcpy( S->buf + left, in, fill );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2s_update( S->S[i], S->buf + i * BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S->S[i], S->buf + i * BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES );
    in += fill;
    inlen -= fill;
@ -164,7 +164,7 @@ int _cryptonite_blake2sp_update( blake2sp_state *S, const void *pin, size_t inle
    while( inlen__ >= PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES )
    {
-      _cryptonite_blake2s_update( S->S[i], in__, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S->S[i], in__, BLAKE2S_BLOCKBYTES );
      in__ += PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES;
      inlen__ -= PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES;
    }
@ -181,7 +181,7 @@ int _cryptonite_blake2sp_update( blake2sp_state *S, const void *pin, size_t inle
 }
-int _cryptonite_blake2sp_final( blake2sp_state *S, void *out, size_t outlen )
+int blake2sp_final( blake2sp_state *S, void *out, size_t outlen )
 {
  uint8_t hash[PARALLELISM_DEGREE][BLAKE2S_OUTBYTES];
  size_t i;
@ -198,20 +198,20 @@ int _cryptonite_blake2sp_final( blake2sp_state *S, void *out, size_t outlen )
      if( left > BLAKE2S_BLOCKBYTES ) left = BLAKE2S_BLOCKBYTES;
-      _cryptonite_blake2s_update( S->S[i], S->buf + i * BLAKE2S_BLOCKBYTES, left );
+      blake2s_update( S->S[i], S->buf + i * BLAKE2S_BLOCKBYTES, left );
    }
-    _cryptonite_blake2s_final( S->S[i], hash[i], BLAKE2S_OUTBYTES );
+    blake2s_final( S->S[i], hash[i], BLAKE2S_OUTBYTES );
  }
  for( i = 0; i < PARALLELISM_DEGREE; ++i )
-    _cryptonite_blake2s_update( S->R, hash[i], BLAKE2S_OUTBYTES );
+    blake2s_update( S->R, hash[i], BLAKE2S_OUTBYTES );
-  return _cryptonite_blake2s_final( S->R, out, S->outlen );
+  return blake2s_final( S->R, out, S->outlen );
 }
-int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
+int blake2sp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
 {
  uint8_t hash[PARALLELISM_DEGREE][BLAKE2S_OUTBYTES];
  blake2s_state S[PARALLELISM_DEGREE][1];
@ -241,7 +241,7 @@ int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen
    memcpy( block, key, keylen );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2s_update( S[i], block, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S[i], block, BLAKE2S_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */
  }
@ -262,7 +262,7 @@ int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen
    while( inlen__ >= PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES )
    {
-      _cryptonite_blake2s_update( S[i], in__, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S[i], in__, BLAKE2S_BLOCKBYTES );
      in__ += PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES;
      inlen__ -= PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES;
    }
@ -271,10 +271,10 @@ int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen
    {
      const size_t left = inlen__ - i * BLAKE2S_BLOCKBYTES;
      const size_t len = left <= BLAKE2S_BLOCKBYTES ? left : BLAKE2S_BLOCKBYTES;
-      _cryptonite_blake2s_update( S[i], in__, len );
+      blake2s_update( S[i], in__, len );
    }
-    _cryptonite_blake2s_final( S[i], hash[i], BLAKE2S_OUTBYTES );
+    blake2s_final( S[i], hash[i], BLAKE2S_OUTBYTES );
  }
  if( blake2sp_init_root( FS, outlen, keylen ) < 0 )
@ -283,9 +283,9 @@ int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen
  FS->last_node = 1;
  for( i = 0; i < PARALLELISM_DEGREE; ++i )
-    _cryptonite_blake2s_update( FS, hash[i], BLAKE2S_OUTBYTES );
+    blake2s_update( FS, hash[i], BLAKE2S_OUTBYTES );
-  return _cryptonite_blake2s_final( FS, out, outlen );
+  return blake2s_final( FS, out, outlen );
 }
@ -309,7 +309,7 @@ int main( void )
  for( i = 0; i < BLAKE2_KAT_LENGTH; ++i )
  {
    uint8_t hash[BLAKE2S_OUTBYTES];
-    _cryptonite_blake2sp( hash, BLAKE2S_OUTBYTES, buf, i, key, BLAKE2S_KEYBYTES );
+    blake2sp( hash, BLAKE2S_OUTBYTES, buf, i, key, BLAKE2S_KEYBYTES );
    if( 0 != memcmp( hash, blake2sp_keyed_kat[i], BLAKE2S_OUTBYTES ) )
    {
@ -326,21 +326,21 @@ int main( void )
      size_t mlen = i;
      int err = 0;
-      if( (err = _cryptonite_blake2sp_init_key(&S, BLAKE2S_OUTBYTES, key, BLAKE2S_KEYBYTES)) < 0 ) {
+      if( (err = blake2sp_init_key(&S, BLAKE2S_OUTBYTES, key, BLAKE2S_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2sp_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2sp_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2sp_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2sp_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2sp_final(&S, hash, BLAKE2S_OUTBYTES)) < 0) {
+      if ( (err = blake2sp_final(&S, hash, BLAKE2S_OUTBYTES)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/ref/blake2xb-ref.c
+++ b/cbits/blake2/ref/blake2xb-ref.c
@ -23,11 +23,11 @@
 #include "blake2.h"
 #include "blake2-impl.h"
-int _cryptonite_blake2xb_init( blake2xb_state *S, const size_t outlen ) {
+int blake2xb_init( blake2xb_state *S, const size_t outlen ) {
-  return _cryptonite_blake2xb_init_key(S, outlen, NULL, 0);
+  return blake2xb_init_key(S, outlen, NULL, 0);
 }
-int _cryptonite_blake2xb_init_key( blake2xb_state *S, const size_t outlen, const void *key, size_t keylen)
+int blake2xb_init_key( blake2xb_state *S, const size_t outlen, const void *key, size_t keylen)
 {
  if ( outlen == 0 || outlen > 0xFFFFFFFFUL ) {
    return -1;
@ -55,7 +55,7 @@ int _cryptonite_blake2xb_init_key( blake2xb_state *S, const size_t outlen, const
  memset( S->P->salt,     0, sizeof( S->P->salt ) );
  memset( S->P->personal, 0, sizeof( S->P->personal ) );
-  if( _cryptonite_blake2b_init_param( S->S, S->P ) < 0 ) {
+  if( blake2b_init_param( S->S, S->P ) < 0 ) {
    return -1;
  }
@ -63,17 +63,17 @@ int _cryptonite_blake2xb_init_key( blake2xb_state *S, const size_t outlen, const
    uint8_t block[BLAKE2B_BLOCKBYTES];
    memset(block, 0, BLAKE2B_BLOCKBYTES);
    memcpy(block, key, keylen);
-    _cryptonite_blake2b_update(S->S, block, BLAKE2B_BLOCKBYTES);
+    blake2b_update(S->S, block, BLAKE2B_BLOCKBYTES);
    secure_zero_memory(block, BLAKE2B_BLOCKBYTES);
  }
  return 0;
 }
-int _cryptonite_blake2xb_update( blake2xb_state *S, const void *in, size_t inlen ) {
+int blake2xb_update( blake2xb_state *S, const void *in, size_t inlen ) {
-    return _cryptonite_blake2b_update( S->S, in, inlen );
+    return blake2b_update( S->S, in, inlen );
 }
-int _cryptonite_blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
+int blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
  blake2b_state C[1];
  blake2b_param P[1];
@ -98,7 +98,7 @@ int _cryptonite_blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
  }
  /* Finalize the root hash */
-  if (_cryptonite_blake2b_final(S->S, root, BLAKE2B_OUTBYTES) < 0) {
+  if (blake2b_final(S->S, root, BLAKE2B_OUTBYTES) < 0) {
    return -1;
  }
@ -117,10 +117,10 @@ int _cryptonite_blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
    /* Initialize state */
    P->digest_length = block_size;
    store32(&P->node_offset, i);
-    _cryptonite_blake2b_init_param(C, P);
+    blake2b_init_param(C, P);
    /* Process key if needed */
-    _cryptonite_blake2b_update(C, root, BLAKE2B_OUTBYTES);
+    blake2b_update(C, root, BLAKE2B_OUTBYTES);
-    if (_cryptonite_blake2b_final(C, (uint8_t *)out + i * BLAKE2B_OUTBYTES, block_size) < 0 ) {
+    if (blake2b_final(C, (uint8_t *)out + i * BLAKE2B_OUTBYTES, block_size) < 0 ) {
        return -1;
    }
    outlen -= block_size;
@ -133,7 +133,7 @@ int _cryptonite_blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
 }
-int _cryptonite_blake2xb(void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen)
+int blake2xb(void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen)
 {
  blake2xb_state S[1];
@ -154,15 +154,15 @@ int _cryptonite_blake2xb(void *out, size_t outlen, const void *in, size_t inlen,
    return -1;
  /* Initialize the root block structure */
-  if (_cryptonite_blake2xb_init_key(S, outlen, key, keylen) < 0) {
+  if (blake2xb_init_key(S, outlen, key, keylen) < 0) {
    return -1;
  }
  /* Absorb the input message */
-  _cryptonite_blake2xb_update(S, in, inlen);
+  blake2xb_update(S, in, inlen);
  /* Compute the root node of the tree and the final hash using the counter construction */
-  return _cryptonite_blake2xb_final(S, out, outlen);
+  return blake2xb_final(S, out, outlen);
 }
 #if defined(BLAKE2XB_SELFTEST)
@ -189,7 +189,7 @@ int main( void )
  for( outlen = 1; outlen <= BLAKE2_KAT_LENGTH; ++outlen )
  {
      uint8_t hash[BLAKE2_KAT_LENGTH] = {0};
-      if( _cryptonite_blake2xb( hash, outlen, buf, BLAKE2_KAT_LENGTH, key, BLAKE2B_KEYBYTES ) < 0 ) {
+      if( blake2xb( hash, outlen, buf, BLAKE2_KAT_LENGTH, key, BLAKE2B_KEYBYTES ) < 0 ) {
        goto fail;
      }
@ -208,21 +208,21 @@ int main( void )
      size_t mlen = BLAKE2_KAT_LENGTH;
      int err = 0;
-      if( (err = _cryptonite_blake2xb_init_key(&S, outlen, key, BLAKE2B_KEYBYTES)) < 0 ) {
+      if( (err = blake2xb_init_key(&S, outlen, key, BLAKE2B_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2xb_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2xb_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2xb_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2xb_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2xb_final(&S, hash, outlen)) < 0) {
+      if ( (err = blake2xb_final(&S, hash, outlen)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/ref/blake2xs-ref.c
+++ b/cbits/blake2/ref/blake2xs-ref.c
@ -23,11 +23,11 @@
 #include "blake2.h"
 #include "blake2-impl.h"
-int _cryptonite_blake2xs_init( blake2xs_state *S, const size_t outlen ) {
+int blake2xs_init( blake2xs_state *S, const size_t outlen ) {
-  return _cryptonite_blake2xs_init_key(S, outlen, NULL, 0);
+  return blake2xs_init_key(S, outlen, NULL, 0);
 }
-int _cryptonite_blake2xs_init_key( blake2xs_state *S, const size_t outlen, const void *key, size_t keylen )
+int blake2xs_init_key( blake2xs_state *S, const size_t outlen, const void *key, size_t keylen )
 {
  if ( outlen == 0 || outlen > 0xFFFFUL ) {
    return -1;
@ -54,7 +54,7 @@ int _cryptonite_blake2xs_init_key( blake2xs_state *S, const size_t outlen, const
  memset( S->P->salt,     0, sizeof( S->P->salt ) );
  memset( S->P->personal, 0, sizeof( S->P->personal ) );
-  if( _cryptonite_blake2s_init_param( S->S, S->P ) < 0 ) {
+  if( blake2s_init_param( S->S, S->P ) < 0 ) {
    return -1;
  }
@ -62,17 +62,17 @@ int _cryptonite_blake2xs_init_key( blake2xs_state *S, const size_t outlen, const
    uint8_t block[BLAKE2S_BLOCKBYTES];
    memset(block, 0, BLAKE2S_BLOCKBYTES);
    memcpy(block, key, keylen);
-    _cryptonite_blake2s_update(S->S, block, BLAKE2S_BLOCKBYTES);
+    blake2s_update(S->S, block, BLAKE2S_BLOCKBYTES);
    secure_zero_memory(block, BLAKE2S_BLOCKBYTES);
  }
  return 0;
 }
-int _cryptonite_blake2xs_update( blake2xs_state *S, const void *in, size_t inlen ) {
+int blake2xs_update( blake2xs_state *S, const void *in, size_t inlen ) {
-  return _cryptonite_blake2s_update( S->S, in, inlen );
+  return blake2s_update( S->S, in, inlen );
 }
-int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
+int blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
  blake2s_state C[1];
  blake2s_param P[1];
@ -97,7 +97,7 @@ int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
  }
  /* Finalize the root hash */
-  if (_cryptonite_blake2s_final(S->S, root, BLAKE2S_OUTBYTES) < 0) {
+  if (blake2s_final(S->S, root, BLAKE2S_OUTBYTES) < 0) {
    return -1;
  }
@ -116,10 +116,10 @@ int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
    /* Initialize state */
    P->digest_length = block_size;
    store32(&P->node_offset, i);
-    _cryptonite_blake2s_init_param(C, P);
+    blake2s_init_param(C, P);
    /* Process key if needed */
-    _cryptonite_blake2s_update(C, root, BLAKE2S_OUTBYTES);
+    blake2s_update(C, root, BLAKE2S_OUTBYTES);
-    if (_cryptonite_blake2s_final(C, (uint8_t *)out + i * BLAKE2S_OUTBYTES, block_size) < 0) {
+    if (blake2s_final(C, (uint8_t *)out + i * BLAKE2S_OUTBYTES, block_size) < 0) {
        return -1;
    }
    outlen -= block_size;
@ -131,7 +131,7 @@ int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
  return 0;
 }
-int _cryptonite_blake2xs(void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen)
+int blake2xs(void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen)
 {
  blake2xs_state S[1];
@ -152,15 +152,15 @@ int _cryptonite_blake2xs(void *out, size_t outlen, const void *in, size_t inlen,
    return -1;
  /* Initialize the root block structure */
-  if (_cryptonite_blake2xs_init_key(S, outlen, key, keylen) < 0) {
+  if (blake2xs_init_key(S, outlen, key, keylen) < 0) {
    return -1;
  }
  /* Absorb the input message */
-  _cryptonite_blake2xs_update(S, in, inlen);
+  blake2xs_update(S, in, inlen);
  /* Compute the root node of the tree and the final hash using the counter construction */
-  return _cryptonite_blake2xs_final(S, out, outlen);
+  return blake2xs_final(S, out, outlen);
 }
 #if defined(BLAKE2XS_SELFTEST)
@ -187,7 +187,7 @@ int main( void )
  for( outlen = 1; outlen <= BLAKE2_KAT_LENGTH; ++outlen )
  {
      uint8_t hash[BLAKE2_KAT_LENGTH] = {0};
-      if( _cryptonite_blake2xs( hash, outlen, buf, BLAKE2_KAT_LENGTH, key, BLAKE2S_KEYBYTES ) < 0 ) {
+      if( blake2xs( hash, outlen, buf, BLAKE2_KAT_LENGTH, key, BLAKE2S_KEYBYTES ) < 0 ) {
        goto fail;
      }
@ -206,21 +206,21 @@ int main( void )
      size_t mlen = BLAKE2_KAT_LENGTH;
      int err = 0;
-      if( (err = _cryptonite_blake2xs_init_key(&S, outlen, key, BLAKE2S_KEYBYTES)) < 0 ) {
+      if( (err = blake2xs_init_key(&S, outlen, key, BLAKE2S_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2xs_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2xs_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2xs_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2xs_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2xs_final(&S, hash, outlen)) < 0) {
+      if ( (err = blake2xs_final(&S, hash, outlen)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/sse/blake2.h
+++ b/cbits/blake2/sse/blake2.h
@ -142,51 +142,51 @@ extern "C" {
  };
  /* Streaming API */
-  int _cryptonite_blake2s_init( blake2s_state *S, size_t outlen );
+  int blake2s_init( blake2s_state *S, size_t outlen );
-  int _cryptonite_blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen );
+  int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2s_init_param( blake2s_state *S, const blake2s_param *P );
+  int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
-  int _cryptonite_blake2s_update( blake2s_state *S, const void *in, size_t inlen );
+  int blake2s_update( blake2s_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2s_final( blake2s_state *S, void *out, size_t outlen );
+  int blake2s_final( blake2s_state *S, void *out, size_t outlen );
-  int _cryptonite_blake2b_init( blake2b_state *S, size_t outlen );
+  int blake2b_init( blake2b_state *S, size_t outlen );
-  int _cryptonite_blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen );
+  int blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2b_init_param( blake2b_state *S, const blake2b_param *P );
+  int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
-  int _cryptonite_blake2b_update( blake2b_state *S, const void *in, size_t inlen );
+  int blake2b_update( blake2b_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2b_final( blake2b_state *S, void *out, size_t outlen );
+  int blake2b_final( blake2b_state *S, void *out, size_t outlen );
-  int _cryptonite_blake2sp_init( blake2sp_state *S, size_t outlen );
+  int blake2sp_init( blake2sp_state *S, size_t outlen );
-  int _cryptonite_blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen );
+  int blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2sp_update( blake2sp_state *S, const void *in, size_t inlen );
+  int blake2sp_update( blake2sp_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2sp_final( blake2sp_state *S, void *out, size_t outlen );
+  int blake2sp_final( blake2sp_state *S, void *out, size_t outlen );
-  int _cryptonite_blake2bp_init( blake2bp_state *S, size_t outlen );
+  int blake2bp_init( blake2bp_state *S, size_t outlen );
-  int _cryptonite_blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen );
+  int blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2bp_update( blake2bp_state *S, const void *in, size_t inlen );
+  int blake2bp_update( blake2bp_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2bp_final( blake2bp_state *S, void *out, size_t outlen );
+  int blake2bp_final( blake2bp_state *S, void *out, size_t outlen );
  /* Variable output length API */
-  int _cryptonite_blake2xs_init( blake2xs_state *S, const size_t outlen );
+  int blake2xs_init( blake2xs_state *S, const size_t outlen );
-  int _cryptonite_blake2xs_init_key( blake2xs_state *S, const size_t outlen, const void *key, size_t keylen );
+  int blake2xs_init_key( blake2xs_state *S, const size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2xs_update( blake2xs_state *S, const void *in, size_t inlen );
+  int blake2xs_update( blake2xs_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen);
+  int blake2xs_final(blake2xs_state *S, void *out, size_t outlen);
-  int _cryptonite_blake2xb_init( blake2xb_state *S, const size_t outlen );
+  int blake2xb_init( blake2xb_state *S, const size_t outlen );
-  int _cryptonite_blake2xb_init_key( blake2xb_state *S, const size_t outlen, const void *key, size_t keylen );
+  int blake2xb_init_key( blake2xb_state *S, const size_t outlen, const void *key, size_t keylen );
-  int _cryptonite_blake2xb_update( blake2xb_state *S, const void *in, size_t inlen );
+  int blake2xb_update( blake2xb_state *S, const void *in, size_t inlen );
-  int _cryptonite_blake2xb_final(blake2xb_state *S, void *out, size_t outlen);
+  int blake2xb_final(blake2xb_state *S, void *out, size_t outlen);
  /* Simple API */
-  int _cryptonite_blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2b( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2b( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2sp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2bp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2xs( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2xs( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
-  int _cryptonite_blake2xb( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2xb( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
  /* This is simply an alias for blake2b */
-  int _cryptonite_blake2( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
+  int blake2( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen );
 #if defined(__cplusplus)
 }
--- a/cbits/blake2/sse/blake2b.c
+++ b/cbits/blake2/sse/blake2b.c
@ -74,7 +74,7 @@ static void blake2b_increment_counter( blake2b_state *S, const uint64_t inc )
 }
 /* init xors IV with input parameter block */
-int _cryptonite_blake2b_init_param( blake2b_state *S, const blake2b_param *P )
+int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
 {
  size_t i;
  /*blake2b_init0( S ); */
@ -92,7 +92,7 @@ int _cryptonite_blake2b_init_param( blake2b_state *S, const blake2b_param *P )
 /* Some sort of default parameter block initialization, for sequential blake2b */
-int _cryptonite_blake2b_init( blake2b_state *S, size_t outlen )
+int blake2b_init( blake2b_state *S, size_t outlen )
 {
  blake2b_param P[1];
@ -111,10 +111,10 @@ int _cryptonite_blake2b_init( blake2b_state *S, size_t outlen )
  memset( P->salt,     0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  return _cryptonite_blake2b_init_param( S, P );
+  return blake2b_init_param( S, P );
 }
-int _cryptonite_blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen )
+int blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen )
 {
  blake2b_param P[1];
@ -135,14 +135,14 @@ int _cryptonite_blake2b_init_key( blake2b_state *S, size_t outlen, const void *k
  memset( P->salt,     0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  if( _cryptonite_blake2b_init_param( S, P ) < 0 )
+  if( blake2b_init_param( S, P ) < 0 )
    return 0;
  {
    uint8_t block[BLAKE2B_BLOCKBYTES];
    memset( block, 0, BLAKE2B_BLOCKBYTES );
    memcpy( block, key, keylen );
-    _cryptonite_blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
+    blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */
  }
  return 0;
@ -218,7 +218,7 @@ static void blake2b_compress( blake2b_state *S, const uint8_t block[BLAKE2B_BLOC
 }
-int _cryptonite_blake2b_update( blake2b_state *S, const void *pin, size_t inlen )
+int blake2b_update( blake2b_state *S, const void *pin, size_t inlen )
 {
  const unsigned char * in = (const unsigned char *)pin;
  if( inlen > 0 )
@ -246,7 +246,7 @@ int _cryptonite_blake2b_update( blake2b_state *S, const void *pin, size_t inlen
 }
-int _cryptonite_blake2b_final( blake2b_state *S, void *out, size_t outlen )
+int blake2b_final( blake2b_state *S, void *out, size_t outlen )
 {
  if( out == NULL || outlen < S->outlen )
    return -1;
@ -264,7 +264,7 @@ int _cryptonite_blake2b_final( blake2b_state *S, void *out, size_t outlen )
 }
-int _cryptonite_blake2b( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
+int blake2b( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
 {
  blake2b_state S[1];
@ -281,26 +281,26 @@ int _cryptonite_blake2b( void *out, size_t outlen, const void *in, size_t inlen,
  if( keylen )
  {
-    if( _cryptonite_blake2b_init_key( S, outlen, key, keylen ) < 0 ) return -1;
+    if( blake2b_init_key( S, outlen, key, keylen ) < 0 ) return -1;
  }
  else
  {
-    if( _cryptonite_blake2b_init( S, outlen ) < 0 ) return -1;
+    if( blake2b_init( S, outlen ) < 0 ) return -1;
  }
-  _cryptonite_blake2b_update( S, ( const uint8_t * )in, inlen );
+  blake2b_update( S, ( const uint8_t * )in, inlen );
-  _cryptonite_blake2b_final( S, out, outlen );
+  blake2b_final( S, out, outlen );
  return 0;
 }
-int _cryptonite_blake2( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen ) {
+int blake2( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen ) {
-  return _cryptonite_blake2b(out, outlen, in, inlen, key, keylen);
+  return blake2b(out, outlen, in, inlen, key, keylen);
 }
 #if defined(SUPERCOP)
 int crypto_hash( unsigned char *out, unsigned char *in, unsigned long long inlen )
 {
-  return _cryptonite_blake2b( out, BLAKE2B_OUTBYTES, in, inlen, NULL, 0 );
+  return blake2b( out, BLAKE2B_OUTBYTES, in, inlen, NULL, 0 );
 }
 #endif
@ -340,21 +340,21 @@ int main( void )
      size_t mlen = i;
      int err = 0;
-      if( (err = _cryptonite_blake2b_init_key(&S, BLAKE2B_OUTBYTES, key, BLAKE2B_KEYBYTES)) < 0 ) {
+      if( (err = blake2b_init_key(&S, BLAKE2B_OUTBYTES, key, BLAKE2B_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2b_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2b_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2b_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2b_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2b_final(&S, hash, BLAKE2B_OUTBYTES)) < 0) {
+      if ( (err = blake2b_final(&S, hash, BLAKE2B_OUTBYTES)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/sse/blake2bp.c
+++ b/cbits/blake2/sse/blake2bp.c
@ -36,7 +36,7 @@
 */
 static int blake2bp_init_leaf_param( blake2b_state *S, const blake2b_param *P )
 {
-  int err = _cryptonite_blake2b_init_param(S, P);
+  int err = blake2b_init_param(S, P);
  S->outlen = P->inner_length;
  return err;
 }
@ -74,11 +74,11 @@ static int blake2bp_init_root( blake2b_state *S, size_t outlen, size_t keylen )
  memset( P->reserved, 0, sizeof( P->reserved ) );
  memset( P->salt, 0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  return _cryptonite_blake2b_init_param( S, P );
+  return blake2b_init_param( S, P );
 }
-int _cryptonite_blake2bp_init( blake2bp_state *S, size_t outlen )
+int blake2bp_init( blake2bp_state *S, size_t outlen )
 {
  size_t i;
  if( !outlen || outlen > BLAKE2B_OUTBYTES ) return -1;
@ -98,7 +98,7 @@ int _cryptonite_blake2bp_init( blake2bp_state *S, size_t outlen )
  return 0;
 }
-int _cryptonite_blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen )
+int blake2bp_init_key( blake2bp_state *S, size_t outlen, const void *key, size_t keylen )
 {
  size_t i;
@ -124,7 +124,7 @@ int _cryptonite_blake2bp_init_key( blake2bp_state *S, size_t outlen, const void
    memcpy( block, key, keylen );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2b_update( S->S[i], block, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S->S[i], block, BLAKE2B_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */
  }
@ -132,7 +132,7 @@ int _cryptonite_blake2bp_init_key( blake2bp_state *S, size_t outlen, const void
 }
-int _cryptonite_blake2bp_update( blake2bp_state *S, const void *pin, size_t inlen )
+int blake2bp_update( blake2bp_state *S, const void *pin, size_t inlen )
 {
  const unsigned char * in = (const unsigned char *)pin;
  size_t left = S->buflen;
@ -144,7 +144,7 @@ int _cryptonite_blake2bp_update( blake2bp_state *S, const void *pin, size_t inle
    memcpy( S->buf + left, in, fill );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2b_update( S->S[i], S->buf + i * BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S->S[i], S->buf + i * BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES );
    in += fill;
    inlen -= fill;
@ -167,7 +167,7 @@ int _cryptonite_blake2bp_update( blake2bp_state *S, const void *pin, size_t inle
    while( inlen__ >= PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES )
    {
-      _cryptonite_blake2b_update( S->S[i], in__, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S->S[i], in__, BLAKE2B_BLOCKBYTES );
      in__ += PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES;
      inlen__ -= PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES;
    }
@ -185,7 +185,7 @@ int _cryptonite_blake2bp_update( blake2bp_state *S, const void *pin, size_t inle
-int _cryptonite_blake2bp_final( blake2bp_state *S, void *out, size_t outlen )
+int blake2bp_final( blake2bp_state *S, void *out, size_t outlen )
 {
  uint8_t hash[PARALLELISM_DEGREE][BLAKE2B_OUTBYTES];
  size_t i;
@ -202,19 +202,19 @@ int _cryptonite_blake2bp_final( blake2bp_state *S, void *out, size_t outlen )
      if( left > BLAKE2B_BLOCKBYTES ) left = BLAKE2B_BLOCKBYTES;
-      _cryptonite_blake2b_update( S->S[i], S->buf + i * BLAKE2B_BLOCKBYTES, left );
+      blake2b_update( S->S[i], S->buf + i * BLAKE2B_BLOCKBYTES, left );
    }
-    _cryptonite_blake2b_final( S->S[i], hash[i], BLAKE2B_OUTBYTES );
+    blake2b_final( S->S[i], hash[i], BLAKE2B_OUTBYTES );
  }
  for( i = 0; i < PARALLELISM_DEGREE; ++i )
-    _cryptonite_blake2b_update( S->R, hash[i], BLAKE2B_OUTBYTES );
+    blake2b_update( S->R, hash[i], BLAKE2B_OUTBYTES );
-  return _cryptonite_blake2b_final( S->R, out, S->outlen );
+  return blake2b_final( S->R, out, S->outlen );
 }
-int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
+int blake2bp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
 {
  uint8_t hash[PARALLELISM_DEGREE][BLAKE2B_OUTBYTES];
  blake2b_state S[PARALLELISM_DEGREE][1];
@ -244,7 +244,7 @@ int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen
    memcpy( block, key, keylen );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2b_update( S[i], block, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S[i], block, BLAKE2B_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */
  }
@ -265,7 +265,7 @@ int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen
    while( inlen__ >= PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES )
    {
-      _cryptonite_blake2b_update( S[i], in__, BLAKE2B_BLOCKBYTES );
+      blake2b_update( S[i], in__, BLAKE2B_BLOCKBYTES );
      in__ += PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES;
      inlen__ -= PARALLELISM_DEGREE * BLAKE2B_BLOCKBYTES;
    }
@ -274,10 +274,10 @@ int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen
    {
      const size_t left = inlen__ - i * BLAKE2B_BLOCKBYTES;
      const size_t len = left <= BLAKE2B_BLOCKBYTES ? left : BLAKE2B_BLOCKBYTES;
-      _cryptonite_blake2b_update( S[i], in__, len );
+      blake2b_update( S[i], in__, len );
    }
-    _cryptonite_blake2b_final( S[i], hash[i], BLAKE2B_OUTBYTES );
+    blake2b_final( S[i], hash[i], BLAKE2B_OUTBYTES );
  }
  if( blake2bp_init_root( FS, outlen, keylen ) < 0 )
@ -286,9 +286,9 @@ int _cryptonite_blake2bp( void *out, size_t outlen, const void *in, size_t inlen
  FS->last_node = 1; /* Mark as last node */
  for( i = 0; i < PARALLELISM_DEGREE; ++i )
-    _cryptonite_blake2b_update( FS, hash[i], BLAKE2B_OUTBYTES );
+    blake2b_update( FS, hash[i], BLAKE2B_OUTBYTES );
-  return _cryptonite_blake2b_final( FS, out, outlen );
+  return blake2b_final( FS, out, outlen );
 }
@ -311,7 +311,7 @@ int main( void )
  for( i = 0; i < BLAKE2_KAT_LENGTH; ++i )
  {
    uint8_t hash[BLAKE2B_OUTBYTES];
-    _cryptonite_blake2bp( hash, BLAKE2B_OUTBYTES, buf, i, key, BLAKE2B_KEYBYTES );
+    blake2bp( hash, BLAKE2B_OUTBYTES, buf, i, key, BLAKE2B_KEYBYTES );
    if( 0 != memcmp( hash, blake2bp_keyed_kat[i], BLAKE2B_OUTBYTES ) )
    {
@ -328,21 +328,21 @@ int main( void )
      size_t mlen = i;
      int err = 0;
-      if( (err = _cryptonite_blake2bp_init_key(&S, BLAKE2B_OUTBYTES, key, BLAKE2B_KEYBYTES)) < 0 ) {
+      if( (err = blake2bp_init_key(&S, BLAKE2B_OUTBYTES, key, BLAKE2B_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2bp_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2bp_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2bp_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2bp_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2bp_final(&S, hash, BLAKE2B_OUTBYTES)) < 0) {
+      if ( (err = blake2bp_final(&S, hash, BLAKE2B_OUTBYTES)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/sse/blake2s.c
+++ b/cbits/blake2/sse/blake2s.c
@ -72,7 +72,7 @@ static void blake2s_increment_counter( blake2s_state *S, const uint32_t inc )
 }
 /* init2 xors IV with input parameter block */
-int _cryptonite_blake2s_init_param( blake2s_state *S, const blake2s_param *P )
+int blake2s_init_param( blake2s_state *S, const blake2s_param *P )
 {
  size_t i;
  /*blake2s_init0( S ); */
@ -90,7 +90,7 @@ int _cryptonite_blake2s_init_param( blake2s_state *S, const blake2s_param *P )
 /* Some sort of default parameter block initialization, for sequential blake2s */
-int _cryptonite_blake2s_init( blake2s_state *S, size_t outlen )
+int blake2s_init( blake2s_state *S, size_t outlen )
 {
  blake2s_param P[1];
@ -110,11 +110,11 @@ int _cryptonite_blake2s_init( blake2s_state *S, size_t outlen )
  memset( P->salt,     0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  return _cryptonite_blake2s_init_param( S, P );
+  return blake2s_init_param( S, P );
 }
-int _cryptonite_blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen )
+int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen )
 {
  blake2s_param P[1];
@ -136,14 +136,14 @@ int _cryptonite_blake2s_init_key( blake2s_state *S, size_t outlen, const void *k
  memset( P->salt,     0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  if( _cryptonite_blake2s_init_param( S, P ) < 0 )
+  if( blake2s_init_param( S, P ) < 0 )
    return -1;
  {
    uint8_t block[BLAKE2S_BLOCKBYTES];
    memset( block, 0, BLAKE2S_BLOCKBYTES );
    memcpy( block, key, keylen );
-    _cryptonite_blake2s_update( S, block, BLAKE2S_BLOCKBYTES );
+    blake2s_update( S, block, BLAKE2S_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */
  }
  return 0;
@ -206,7 +206,7 @@ static void blake2s_compress( blake2s_state *S, const uint8_t block[BLAKE2S_BLOC
  STOREU( &S->h[4], _mm_xor_si128( ff1, _mm_xor_si128( row2, row4 ) ) );
 }
-int _cryptonite_blake2s_update( blake2s_state *S, const void *pin, size_t inlen )
+int blake2s_update( blake2s_state *S, const void *pin, size_t inlen )
 {
  const unsigned char * in = (const unsigned char *)pin;
  if( inlen > 0 )
@ -233,7 +233,7 @@ int _cryptonite_blake2s_update( blake2s_state *S, const void *pin, size_t inlen
  return 0;
 }
-int _cryptonite_blake2s_final( blake2s_state *S, void *out, size_t outlen )
+int blake2s_final( blake2s_state *S, void *out, size_t outlen )
 {
  uint8_t buffer[BLAKE2S_OUTBYTES] = {0};
  size_t i;
@ -275,15 +275,15 @@ int blake2s( void *out, size_t outlen, const void *in, size_t inlen, const void
  if( keylen > 0 )
  {
-    if( _cryptonite_blake2s_init_key( S, outlen, key, keylen ) < 0 ) return -1;
+    if( blake2s_init_key( S, outlen, key, keylen ) < 0 ) return -1;
  }
  else
  {
-    if( _cryptonite_blake2s_init( S, outlen ) < 0 ) return -1;
+    if( blake2s_init( S, outlen ) < 0 ) return -1;
  }
-  _cryptonite_blake2s_update( S, ( const uint8_t * )in, inlen );
+  blake2s_update( S, ( const uint8_t * )in, inlen );
-  _cryptonite_blake2s_final( S, out, outlen );
+  blake2s_final( S, out, outlen );
  return 0;
 }
@ -330,21 +330,21 @@ int main( void )
      size_t mlen = i;
      int err = 0;
-      if( (err = _cryptonite_blake2s_init_key(&S, BLAKE2S_OUTBYTES, key, BLAKE2S_KEYBYTES)) < 0 ) {
+      if( (err = blake2s_init_key(&S, BLAKE2S_OUTBYTES, key, BLAKE2S_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2s_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2s_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2s_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2s_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2s_final(&S, hash, BLAKE2S_OUTBYTES)) < 0) {
+      if ( (err = blake2s_final(&S, hash, BLAKE2S_OUTBYTES)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/sse/blake2sp.c
+++ b/cbits/blake2/sse/blake2sp.c
@ -35,7 +35,7 @@
 */
 static int blake2sp_init_leaf_param( blake2s_state *S, const blake2s_param *P )
 {
-  int err = _cryptonite_blake2s_init_param(S, P);
+  int err = blake2s_init_param(S, P);
  S->outlen = P->inner_length;
  return err;
 }
@ -71,11 +71,11 @@ static int blake2sp_init_root( blake2s_state *S, size_t outlen, size_t keylen )
  P->inner_length = BLAKE2S_OUTBYTES;
  memset( P->salt, 0, sizeof( P->salt ) );
  memset( P->personal, 0, sizeof( P->personal ) );
-  return _cryptonite_blake2s_init_param( S, P );
+  return blake2s_init_param( S, P );
 }
-int _cryptonite_blake2sp_init( blake2sp_state *S, size_t outlen )
+int blake2sp_init( blake2sp_state *S, size_t outlen )
 {
  size_t i;
@ -96,7 +96,7 @@ int _cryptonite_blake2sp_init( blake2sp_state *S, size_t outlen )
  return 0;
 }
-int _cryptonite_blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen )
+int blake2sp_init_key( blake2sp_state *S, size_t outlen, const void *key, size_t keylen )
 {
  size_t i;
@ -122,7 +122,7 @@ int _cryptonite_blake2sp_init_key( blake2sp_state *S, size_t outlen, const void
    memcpy( block, key, keylen );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2s_update( S->S[i], block, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S->S[i], block, BLAKE2S_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */
  }
@ -130,7 +130,7 @@ int _cryptonite_blake2sp_init_key( blake2sp_state *S, size_t outlen, const void
 }
-int _cryptonite_blake2sp_update( blake2sp_state *S, const void *pin, size_t inlen )
+int blake2sp_update( blake2sp_state *S, const void *pin, size_t inlen )
 {
  const unsigned char * in = (const unsigned char *)pin;
  size_t left = S->buflen;
@ -142,7 +142,7 @@ int _cryptonite_blake2sp_update( blake2sp_state *S, const void *pin, size_t inle
    memcpy( S->buf + left, in, fill );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2s_update( S->S[i], S->buf + i * BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S->S[i], S->buf + i * BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES );
    in += fill;
    inlen -= fill;
@ -165,7 +165,7 @@ int _cryptonite_blake2sp_update( blake2sp_state *S, const void *pin, size_t inle
    while( inlen__ >= PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES )
    {
-      _cryptonite_blake2s_update( S->S[i], in__, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S->S[i], in__, BLAKE2S_BLOCKBYTES );
      in__ += PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES;
      inlen__ -= PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES;
    }
@ -182,7 +182,7 @@ int _cryptonite_blake2sp_update( blake2sp_state *S, const void *pin, size_t inle
 }
-int _cryptonite_blake2sp_final( blake2sp_state *S, void *out, size_t outlen )
+int blake2sp_final( blake2sp_state *S, void *out, size_t outlen )
 {
  uint8_t hash[PARALLELISM_DEGREE][BLAKE2S_OUTBYTES];
  size_t i;
@ -199,20 +199,20 @@ int _cryptonite_blake2sp_final( blake2sp_state *S, void *out, size_t outlen )
      if( left > BLAKE2S_BLOCKBYTES ) left = BLAKE2S_BLOCKBYTES;
-      _cryptonite_blake2s_update( S->S[i], S->buf + i * BLAKE2S_BLOCKBYTES, left );
+      blake2s_update( S->S[i], S->buf + i * BLAKE2S_BLOCKBYTES, left );
    }
-    _cryptonite_blake2s_final( S->S[i], hash[i], BLAKE2S_OUTBYTES );
+    blake2s_final( S->S[i], hash[i], BLAKE2S_OUTBYTES );
  }
  for( i = 0; i < PARALLELISM_DEGREE; ++i )
-    _cryptonite_blake2s_update( S->R, hash[i], BLAKE2S_OUTBYTES );
+    blake2s_update( S->R, hash[i], BLAKE2S_OUTBYTES );
-  return _cryptonite_blake2s_final( S->R, out, S->outlen );
+  return blake2s_final( S->R, out, S->outlen );
 }
-int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
+int blake2sp( void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen )
 {
  uint8_t hash[PARALLELISM_DEGREE][BLAKE2S_OUTBYTES];
  blake2s_state S[PARALLELISM_DEGREE][1];
@ -242,7 +242,7 @@ int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen
    memcpy( block, key, keylen );
    for( i = 0; i < PARALLELISM_DEGREE; ++i )
-      _cryptonite_blake2s_update( S[i], block, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S[i], block, BLAKE2S_BLOCKBYTES );
    secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */
  }
@ -263,7 +263,7 @@ int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen
    while( inlen__ >= PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES )
    {
-      _cryptonite_blake2s_update( S[i], in__, BLAKE2S_BLOCKBYTES );
+      blake2s_update( S[i], in__, BLAKE2S_BLOCKBYTES );
      in__ += PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES;
      inlen__ -= PARALLELISM_DEGREE * BLAKE2S_BLOCKBYTES;
    }
@ -272,10 +272,10 @@ int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen
    {
      const size_t left = inlen__ - i * BLAKE2S_BLOCKBYTES;
      const size_t len = left <= BLAKE2S_BLOCKBYTES ? left : BLAKE2S_BLOCKBYTES;
-      _cryptonite_blake2s_update( S[i], in__, len );
+      blake2s_update( S[i], in__, len );
    }
-    _cryptonite_blake2s_final( S[i], hash[i], BLAKE2S_OUTBYTES );
+    blake2s_final( S[i], hash[i], BLAKE2S_OUTBYTES );
  }
  if( blake2sp_init_root( FS, outlen, keylen ) < 0 )
@ -284,9 +284,9 @@ int _cryptonite_blake2sp( void *out, size_t outlen, const void *in, size_t inlen
  FS->last_node = 1;
  for( i = 0; i < PARALLELISM_DEGREE; ++i )
-    _cryptonite_blake2s_update( FS, hash[i], BLAKE2S_OUTBYTES );
+    blake2s_update( FS, hash[i], BLAKE2S_OUTBYTES );
-  return _cryptonite_blake2s_final( FS, out, outlen );
+  return blake2s_final( FS, out, outlen );
 }
 #if defined(BLAKE2SP_SELFTEST)
@ -308,7 +308,7 @@ int main( void )
  for( i = 0; i < BLAKE2_KAT_LENGTH; ++i )
  {
    uint8_t hash[BLAKE2S_OUTBYTES];
-    _cryptonite_blake2sp( hash, BLAKE2S_OUTBYTES, buf, i, key, BLAKE2S_KEYBYTES );
+    blake2sp( hash, BLAKE2S_OUTBYTES, buf, i, key, BLAKE2S_KEYBYTES );
    if( 0 != memcmp( hash, blake2sp_keyed_kat[i], BLAKE2S_OUTBYTES ) )
    {
@ -325,21 +325,21 @@ int main( void )
      size_t mlen = i;
      int err = 0;
-      if( (err = _cryptonite_blake2sp_init_key(&S, BLAKE2S_OUTBYTES, key, BLAKE2S_KEYBYTES)) < 0 ) {
+      if( (err = blake2sp_init_key(&S, BLAKE2S_OUTBYTES, key, BLAKE2S_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2sp_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2sp_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2sp_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2sp_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2sp_final(&S, hash, BLAKE2S_OUTBYTES)) < 0) {
+      if ( (err = blake2sp_final(&S, hash, BLAKE2S_OUTBYTES)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/sse/blake2xb.c
+++ b/cbits/blake2/sse/blake2xb.c
@ -23,11 +23,11 @@
 #include "blake2.h"
 #include "blake2-impl.h"
-int _cryptonite_blake2xb_init( blake2xb_state *S, const size_t outlen ) {
+int blake2xb_init( blake2xb_state *S, const size_t outlen ) {
-  return _cryptonite_blake2xb_init_key(S, outlen, NULL, 0);
+  return blake2xb_init_key(S, outlen, NULL, 0);
 }
-int _cryptonite_blake2xb_init_key( blake2xb_state *S, const size_t outlen, const void *key, size_t keylen)
+int blake2xb_init_key( blake2xb_state *S, const size_t outlen, const void *key, size_t keylen)
 {
  if ( outlen == 0 || outlen > 0xFFFFFFFFUL ) {
    return -1;
@ -55,7 +55,7 @@ int _cryptonite_blake2xb_init_key( blake2xb_state *S, const size_t outlen, const
  memset( S->P->salt,     0, sizeof( S->P->salt ) );
  memset( S->P->personal, 0, sizeof( S->P->personal ) );
-  if( _cryptonite_blake2b_init_param( S->S, S->P ) < 0 ) {
+  if( blake2b_init_param( S->S, S->P ) < 0 ) {
    return -1;
  }
@ -63,17 +63,17 @@ int _cryptonite_blake2xb_init_key( blake2xb_state *S, const size_t outlen, const
    uint8_t block[BLAKE2B_BLOCKBYTES];
    memset(block, 0, BLAKE2B_BLOCKBYTES);
    memcpy(block, key, keylen);
-    _cryptonite_blake2b_update(S->S, block, BLAKE2B_BLOCKBYTES);
+    blake2b_update(S->S, block, BLAKE2B_BLOCKBYTES);
    secure_zero_memory(block, BLAKE2B_BLOCKBYTES);
  }
  return 0;
 }
-int _cryptonite_blake2xb_update( blake2xb_state *S, const void *in, size_t inlen ) {
+int blake2xb_update( blake2xb_state *S, const void *in, size_t inlen ) {
-    return _cryptonite_blake2b_update( S->S, in, inlen );
+    return blake2b_update( S->S, in, inlen );
 }
-int _cryptonite_blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
+int blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
  blake2b_state C[1];
  blake2b_param P[1];
@ -98,7 +98,7 @@ int _cryptonite_blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
  }
  /* Finalize the root hash */
-  if (_cryptonite_blake2b_final(S->S, root, BLAKE2B_OUTBYTES) < 0) {
+  if (blake2b_final(S->S, root, BLAKE2B_OUTBYTES) < 0) {
    return -1;
  }
@ -117,10 +117,10 @@ int _cryptonite_blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
    /* Initialize state */
    P->digest_length = block_size;
    store32(&P->node_offset, i);
-    _cryptonite_blake2b_init_param(C, P);
+    blake2b_init_param(C, P);
    /* Process key if needed */
-    _cryptonite_blake2b_update(C, root, BLAKE2B_OUTBYTES);
+    blake2b_update(C, root, BLAKE2B_OUTBYTES);
-    if (_cryptonite_blake2b_final(C, (uint8_t *)out + i * BLAKE2B_OUTBYTES, block_size) < 0 ) {
+    if (blake2b_final(C, (uint8_t *)out + i * BLAKE2B_OUTBYTES, block_size) < 0 ) {
        return -1;
    }
    outlen -= block_size;
@ -133,7 +133,7 @@ int _cryptonite_blake2xb_final( blake2xb_state *S, void *out, size_t outlen) {
 }
-int _cryptonite_blake2xb(void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen)
+int blake2xb(void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen)
 {
  blake2xb_state S[1];
@ -154,15 +154,15 @@ int _cryptonite_blake2xb(void *out, size_t outlen, const void *in, size_t inlen,
    return -1;
  /* Initialize the root block structure */
-  if (_cryptonite_blake2xb_init_key(S, outlen, key, keylen) < 0) {
+  if (blake2xb_init_key(S, outlen, key, keylen) < 0) {
    return -1;
  }
  /* Absorb the input message */
-  _cryptonite_blake2xb_update(S, in, inlen);
+  blake2xb_update(S, in, inlen);
  /* Compute the root node of the tree and the final hash using the counter construction */
-  return _cryptonite_blake2xb_final(S, out, outlen);
+  return blake2xb_final(S, out, outlen);
 }
 #if defined(BLAKE2XB_SELFTEST)
@ -189,7 +189,7 @@ int main( void )
  for( outlen = 1; outlen <= BLAKE2_KAT_LENGTH; ++outlen )
  {
      uint8_t hash[BLAKE2_KAT_LENGTH] = {0};
-      if( _cryptonite_blake2xb( hash, outlen, buf, BLAKE2_KAT_LENGTH, key, BLAKE2B_KEYBYTES ) < 0 ) {
+      if( blake2xb( hash, outlen, buf, BLAKE2_KAT_LENGTH, key, BLAKE2B_KEYBYTES ) < 0 ) {
        goto fail;
      }
@ -208,21 +208,21 @@ int main( void )
      size_t mlen = BLAKE2_KAT_LENGTH;
      int err = 0;
-      if( (err = _cryptonite_blake2xb_init_key(&S, outlen, key, BLAKE2B_KEYBYTES)) < 0 ) {
+      if( (err = blake2xb_init_key(&S, outlen, key, BLAKE2B_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2xb_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2xb_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2xb_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2xb_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2xb_final(&S, hash, outlen)) < 0) {
+      if ( (err = blake2xb_final(&S, hash, outlen)) < 0) {
        goto fail;
      }
--- a/cbits/blake2/sse/blake2xs.c
+++ b/cbits/blake2/sse/blake2xs.c
@ -23,11 +23,11 @@
 #include "blake2.h"
 #include "blake2-impl.h"
-int _cryptonite_blake2xs_init( blake2xs_state *S, const size_t outlen ) {
+int blake2xs_init( blake2xs_state *S, const size_t outlen ) {
-  return _cryptonite_blake2xs_init_key(S, outlen, NULL, 0);
+  return blake2xs_init_key(S, outlen, NULL, 0);
 }
-int _cryptonite_blake2xs_init_key( blake2xs_state *S, const size_t outlen, const void *key, size_t keylen )
+int blake2xs_init_key( blake2xs_state *S, const size_t outlen, const void *key, size_t keylen )
 {
  if ( outlen == 0 || outlen > 0xFFFFUL ) {
    return -1;
@ -54,7 +54,7 @@ int _cryptonite_blake2xs_init_key( blake2xs_state *S, const size_t outlen, const
  memset( S->P->salt,     0, sizeof( S->P->salt ) );
  memset( S->P->personal, 0, sizeof( S->P->personal ) );
-  if( _cryptonite_blake2s_init_param( S->S, S->P ) < 0 ) {
+  if( blake2s_init_param( S->S, S->P ) < 0 ) {
    return -1;
  }
@ -62,17 +62,17 @@ int _cryptonite_blake2xs_init_key( blake2xs_state *S, const size_t outlen, const
    uint8_t block[BLAKE2S_BLOCKBYTES];
    memset(block, 0, BLAKE2S_BLOCKBYTES);
    memcpy(block, key, keylen);
-    _cryptonite_blake2s_update(S->S, block, BLAKE2S_BLOCKBYTES);
+    blake2s_update(S->S, block, BLAKE2S_BLOCKBYTES);
    secure_zero_memory(block, BLAKE2S_BLOCKBYTES);
  }
  return 0;
 }
-int _cryptonite_blake2xs_update( blake2xs_state *S, const void *in, size_t inlen ) {
+int blake2xs_update( blake2xs_state *S, const void *in, size_t inlen ) {
-  return _cryptonite_blake2s_update( S->S, in, inlen );
+  return blake2s_update( S->S, in, inlen );
 }
-int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
+int blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
  blake2s_state C[1];
  blake2s_param P[1];
@ -97,7 +97,7 @@ int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
  }
  /* Finalize the root hash */
-  if (_cryptonite_blake2s_final(S->S, root, BLAKE2S_OUTBYTES) < 0) {
+  if (blake2s_final(S->S, root, BLAKE2S_OUTBYTES) < 0) {
    return -1;
  }
@ -116,10 +116,10 @@ int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
    /* Initialize state */
    P->digest_length = block_size;
    store32(&P->node_offset, i);
-    _cryptonite_blake2s_init_param(C, P);
+    blake2s_init_param(C, P);
    /* Process key if needed */
-    _cryptonite_blake2s_update(C, root, BLAKE2S_OUTBYTES);
+    blake2s_update(C, root, BLAKE2S_OUTBYTES);
-    if (_cryptonite_blake2s_final(C, (uint8_t *)out + i * BLAKE2S_OUTBYTES, block_size) < 0) {
+    if (blake2s_final(C, (uint8_t *)out + i * BLAKE2S_OUTBYTES, block_size) < 0) {
        return -1;
    }
    outlen -= block_size;
@ -131,7 +131,7 @@ int _cryptonite_blake2xs_final(blake2xs_state *S, void *out, size_t outlen) {
  return 0;
 }
-int _cryptonite_blake2xs(void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen)
+int blake2xs(void *out, size_t outlen, const void *in, size_t inlen, const void *key, size_t keylen)
 {
  blake2xs_state S[1];
@ -152,15 +152,15 @@ int _cryptonite_blake2xs(void *out, size_t outlen, const void *in, size_t inlen,
    return -1;
  /* Initialize the root block structure */
-  if (_cryptonite_blake2xs_init_key(S, outlen, key, keylen) < 0) {
+  if (blake2xs_init_key(S, outlen, key, keylen) < 0) {
    return -1;
  }
  /* Absorb the input message */
-  _cryptonite_blake2xs_update(S, in, inlen);
+  blake2xs_update(S, in, inlen);
  /* Compute the root node of the tree and the final hash using the counter construction */
-  return _cryptonite_blake2xs_final(S, out, outlen);
+  return blake2xs_final(S, out, outlen);
 }
 #if defined(BLAKE2XS_SELFTEST)
@ -187,7 +187,7 @@ int main( void )
  for( outlen = 1; outlen <= BLAKE2_KAT_LENGTH; ++outlen )
  {
      uint8_t hash[BLAKE2_KAT_LENGTH] = {0};
-      if( _cryptonite_blake2xs( hash, outlen, buf, BLAKE2_KAT_LENGTH, key, BLAKE2S_KEYBYTES ) < 0 ) {
+      if( blake2xs( hash, outlen, buf, BLAKE2_KAT_LENGTH, key, BLAKE2S_KEYBYTES ) < 0 ) {
        goto fail;
      }
@ -206,21 +206,21 @@ int main( void )
      size_t mlen = BLAKE2_KAT_LENGTH;
      int err = 0;
-      if( (err = _cryptonite_blake2xs_init_key(&S, outlen, key, BLAKE2S_KEYBYTES)) < 0 ) {
+      if( (err = blake2xs_init_key(&S, outlen, key, BLAKE2S_KEYBYTES)) < 0 ) {
        goto fail;
      }
      while (mlen >= step) {
-        if ( (err = _cryptonite_blake2xs_update(&S, p, step)) < 0 ) {
+        if ( (err = blake2xs_update(&S, p, step)) < 0 ) {
          goto fail;
        }
        mlen -= step;
        p += step;
      }
-      if ( (err = _cryptonite_blake2xs_update(&S, p, mlen)) < 0) {
+      if ( (err = blake2xs_update(&S, p, mlen)) < 0) {
        goto fail;
      }
-      if ( (err = _cryptonite_blake2xs_final(&S, hash, outlen)) < 0) {
+      if ( (err = blake2xs_final(&S, hash, outlen)) < 0) {
        goto fail;
      }
--- a/cbits/cryptonite_blake2b.c
+++ b/cbits/cryptonite_blake2b.c
@ -2,15 +2,15 @@
 void cryptonite_blake2b_init(blake2b_ctx *ctx, uint32_t hashlen)
 {
-	_cryptonite_blake2b_init(ctx, hashlen / 8);
+	blake2b_init(ctx, hashlen / 8);
 }
 void cryptonite_blake2b_update(blake2b_ctx *ctx, const uint8_t *data, uint32_t len)
 {
-	_cryptonite_blake2b_update(ctx, data, len);
+	blake2b_update(ctx, data, len);
 }
 void cryptonite_blake2b_finalize(blake2b_ctx *ctx, uint32_t hashlen, uint8_t *out)
 {
-	_cryptonite_blake2b_final(ctx, out, hashlen / 8);
+	blake2b_final(ctx, out, hashlen / 8);
 }
--- a/cbits/cryptonite_blake2bp.c
+++ b/cbits/cryptonite_blake2bp.c
@ -2,15 +2,15 @@
 void cryptonite_blake2bp_init(blake2bp_ctx *ctx, uint32_t hashlen)
 {
-	_cryptonite_blake2bp_init(ctx, hashlen / 8);
+	blake2bp_init(ctx, hashlen / 8);
 }
 void cryptonite_blake2bp_update(blake2bp_ctx *ctx, const uint8_t *data, uint32_t len)
 {
-	_cryptonite_blake2bp_update(ctx, data, len);
+	blake2bp_update(ctx, data, len);
 }
 void cryptonite_blake2bp_finalize(blake2bp_ctx *ctx, uint32_t hashlen, uint8_t *out)
 {
-	_cryptonite_blake2bp_final(ctx, out, hashlen / 8);
+	blake2bp_final(ctx, out, hashlen / 8);
 }
--- a/cbits/cryptonite_blake2s.c
+++ b/cbits/cryptonite_blake2s.c
@ -2,15 +2,15 @@
 void cryptonite_blake2s_init(blake2s_ctx *ctx, uint32_t hashlen)
 {
-	_cryptonite_blake2s_init(ctx, hashlen / 8);
+	blake2s_init(ctx, hashlen / 8);
 }
 void cryptonite_blake2s_update(blake2s_ctx *ctx, const uint8_t *data, uint32_t len)
 {
-	_cryptonite_blake2s_update(ctx, data, len);
+	blake2s_update(ctx, data, len);
 }
 void cryptonite_blake2s_finalize(blake2s_ctx *ctx, uint32_t hashlen, uint8_t *out)
 {
-	_cryptonite_blake2s_final(ctx, out, hashlen / 8);
+	blake2s_final(ctx, out, hashlen / 8);
 }
--- a/cbits/cryptonite_blake2sp.c
+++ b/cbits/cryptonite_blake2sp.c
@ -2,15 +2,15 @@
 void cryptonite_blake2sp_init(blake2sp_ctx *ctx, uint32_t hashlen)
 {
-	_cryptonite_blake2sp_init(ctx, hashlen / 8);
+	blake2sp_init(ctx, hashlen / 8);
 }
 void cryptonite_blake2sp_update(blake2sp_ctx *ctx, const uint8_t *data, uint32_t len)
 {
-	_cryptonite_blake2sp_update(ctx, data, len);
+	blake2sp_update(ctx, data, len);
 }
 void cryptonite_blake2sp_finalize(blake2sp_ctx *ctx, uint32_t hashlen, uint8_t *out)
 {
-	_cryptonite_blake2sp_final(ctx, out, hashlen / 8);
+	blake2sp_final(ctx, out, hashlen / 8);
 }
--- a/cbits/cryptonite_sha3.c
+++ b/cbits/cryptonite_sha3.c
@ -121,14 +121,14 @@ void cryptonite_sha3_update(struct sha3_ctx *ctx, const uint8_t *data, uint32_t
 	to_fill = ctx->bufsz - ctx->bufindex;
 	if (ctx->bufindex == ctx->bufsz) {
-		sha3_do_chunk(ctx->state, ctx->bufwords, ctx->bufsz / 8);
+		sha3_do_chunk(ctx->state, (uint64_t *) ctx->buf, ctx->bufsz / 8);
 		ctx->bufindex = 0;
 	}
 	/* process partial buffer if there's enough data to make a block */
 	if (ctx->bufindex && len >= to_fill) {
 		memcpy(ctx->buf + ctx->bufindex, data, to_fill);
-		sha3_do_chunk(ctx->state, ctx->bufwords, ctx->bufsz / 8);
+		sha3_do_chunk(ctx->state, (uint64_t *) ctx->buf, ctx->bufsz / 8);
 		len -= to_fill;
 		data += to_fill;
 		ctx->bufindex = 0;
@ -159,7 +159,7 @@ void cryptonite_sha3_finalize_with_pad_byte(struct sha3_ctx *ctx, uint8_t pad_by
 {
 	/* process full buffer if needed */
 	if (ctx->bufindex == ctx->bufsz) {
-		sha3_do_chunk(ctx->state, ctx->bufwords, ctx->bufsz / 8);
+		sha3_do_chunk(ctx->state, (uint64_t *) ctx->buf, ctx->bufsz / 8);
 		ctx->bufindex = 0;
 	}
@ -169,7 +169,7 @@ void cryptonite_sha3_finalize_with_pad_byte(struct sha3_ctx *ctx, uint8_t pad_by
 	ctx->buf[ctx->bufsz - 1] |= 0x80;
 	/* process */
-	sha3_do_chunk(ctx->state, ctx->bufwords, ctx->bufsz / 8);
+	sha3_do_chunk(ctx->state, (uint64_t *) ctx->buf, ctx->bufsz / 8);
 	ctx->bufindex = 0;
 }
@ -250,31 +250,3 @@ void cryptonite_keccak_finalize(struct sha3_ctx *ctx, uint32_t hashlen, uint8_t
 	cryptonite_sha3_finalize_with_pad_byte(ctx, 1);
 	cryptonite_sha3_output(ctx, out, hashlen / 8);
 }
 void cryptonite_sha3_ctx_to_be(struct sha3_ctx *ctx, uint8_t *out)
 {
 	void *ptr = out;
        const uint32_t bufindex_be = cpu_to_be32(ctx->bufindex);
 	memcpy(ptr, &bufindex_be, sizeof(uint32_t));
 	ptr += sizeof(uint32_t);
        const uint32_t bufsz_be = cpu_to_be32(ctx->bufsz);
 	memcpy(ptr, &bufsz_be, sizeof(uint32_t));
 	ptr += sizeof(uint32_t);
 	cpu_to_be64_array((uint64_t *) ptr, ctx->state, 25);
 	ptr += 25 * sizeof(uint64_t);
 	cpu_to_be64_array((uint64_t *) ptr, ctx->bufwords, ctx->bufsz / sizeof(uint64_t));
 }
 void cryptonite_sha3_be_to_ctx(uint8_t *in, struct sha3_ctx *ctx)
 {
  const uint32_t bufindex_cpu = be32_to_cpu(* (uint32_t *) in);
 	memcpy(&ctx->bufindex, &bufindex_cpu, sizeof(uint32_t));
 	in += sizeof(uint32_t);
 	const uint32_t bufsz_cpu = be32_to_cpu(* (uint32_t *) in);
 	memcpy(&ctx->bufsz, &bufsz_cpu, sizeof(uint32_t));
 	in += sizeof(uint32_t);
 	be64_to_cpu_array(ctx->state, (uint64_t *) in, 25);
 	in += 25 * sizeof(uint64_t);
 	be64_to_cpu_array(ctx->bufwords, (uint64_t *) in, ctx->bufsz / sizeof(uint64_t));
 }
--- a/cbits/cryptonite_sha3.h
+++ b/cbits/cryptonite_sha3.h
@ -29,12 +29,9 @@
 struct sha3_ctx
 {
 	uint32_t bufindex;
-        uint32_t bufsz; /* size of buf, i.e. in bytes */
+	uint32_t bufsz;
 	uint64_t state[25];
-        union { /* maximum SHAKE128 is 168 bytes, otherwise buffer can be decreased */
+	uint8_t  buf[0]; /* maximum SHAKE128 is 168 bytes, otherwise buffer can be decreased */
 	  uint8_t buf[0];
 	  uint64_t bufwords[0];
 	};
 };
 #define SHA3_CTX_SIZE		sizeof(struct sha3_ctx)
@ -67,7 +64,4 @@ void cryptonite_keccak_init(struct sha3_ctx *ctx, uint32_t hashlen);
 void cryptonite_keccak_update(struct sha3_ctx *ctx, uint8_t *data, uint32_t len);
 void cryptonite_keccak_finalize(struct sha3_ctx *ctx, uint32_t hashlen, uint8_t *out);
 void cryptonite_sha3_ctx_to_be(struct sha3_ctx *ctx, uint8_t *out);
 void cryptonite_sha3_be_to_ctx(uint8_t *in, struct sha3_ctx *ctx);
 #endif
--- a/cryptonite.cabal
+++ b/cryptonite.cabal
@ -1,5 +1,5 @@
 Name:                cryptonite
-version:             0.30
+version:             0.29
 Synopsis:            Cryptography Primitives sink
 Description:
    A repository of cryptographic primitives.
@ -36,7 +36,7 @@ Build-Type:          Simple
 Homepage:            https://github.com/haskell-crypto/cryptonite
 Bug-reports:         https://github.com/haskell-crypto/cryptonite/issues
 Cabal-Version:       1.18
-tested-with:         GHC==9.2.2, GHC==9.0.2, GHC==8.10.7, GHC==8.8.4
+tested-with:         GHC==8.8.2, GHC==8.6.5, GHC==8.4.4, GHC==8.2.2, GHC==8.0.2
 extra-doc-files:     README.md CHANGELOG.md
 extra-source-files:  cbits/*.h
                     cbits/aes/*.h
@ -245,7 +245,7 @@ Library
                     Crypto.Internal.Nat
                     Crypto.Internal.Words
                     Crypto.Internal.WordArray
-  if impl(ghc < 8.8)
+  if impl(ghc < 8.0)
    Buildable: False
  else
    Build-depends:   base
@ -412,7 +412,6 @@ Test-Suite test-cryptonite
                     ECC.Edwards25519
                     ECDSA
                     Hash
                     ResumableHash
                     Imports
                     KAT_AES.KATCBC
                     KAT_AES.KATECB
--- a/flake.lock
+++ b/flake.lock
@ -1,44 +0,0 @@
 {
  "nodes": {
    "flake-utils": {
      "locked": {
        "lastModified": 1619345332,
        "narHash": "sha256-qHnQkEp1uklKTpx3MvKtY6xzgcqXDsz5nLilbbuL+3A=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "2ebf2558e5bf978c7fb8ea927dfaed8fefab2e28",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "ref": "master",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1620323686,
        "narHash": "sha256-+gfcE3YTGl+Osc8HzOUXSFO8/0PAK4J8ZxCXZ4hjXHI=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "dfacb8329b2236688b9a1e705116203a213b283a",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "master",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "flake-utils": "flake-utils",
        "nixpkgs": "nixpkgs"
      }
    }
  },
  "root": "root",
  "version": 7
 }
--- a/flake.nix
+++ b/flake.nix
@ -1,30 +0,0 @@
 {
  inputs = {
    nixpkgs = {
      type = "github";
      owner = "NixOS";
      repo = "nixpkgs";
      ref = "master";
    };
    flake-utils = {
      type = "github";
      owner = "numtide";
      repo = "flake-utils";
      ref = "master";
    };
  };
  outputs = { self, nixpkgs, flake-utils, ... }: flake-utils.lib.eachDefaultSystem
    (system:
      let pkgs = import nixpkgs {
            inherit system;
            config.allowUnfree = true;
          };
      in {
        devShell = pkgs.mkShell {
          name = "uni2work-cryptonite";
          nativeBuildInputs = with pkgs.haskellPackages; [ stack ];
        };
      }
    );
 }
--- a/stack.yaml
+++ b/stack.yaml
@ -1,2 +1,3 @@
 # ~*~ auto-generated by haskell-ci with config : 4fdddfa41dd039e198b8d125a70471f7dd140fa01001d99126af56fb31429ece ~*~
-{ resolver: nightly-2022-03-12, packages: [ '.' ], extra-deps: [ memory-0.17.0 ], flags: {} }
+{ resolver: lts-14.27, packages: [ '.' ], extra-deps: [], flags: {} }
--- a/tests/ResumableHash.hs
+++ b/tests/ResumableHash.hs
@ -1,65 +0,0 @@
 {-# LANGUAGE DataKinds #-}
 {-# LANGUAGE ScopedTypeVariables #-}
 {-# LANGUAGE TupleSections #-}
 module ResumableHash (tests) where
 import Crypto.Hash ( SHAKE128(..), SHAKE256(..), SHA3_224(..), SHA3_256(..), SHA3_384(..), SHA3_512(..), Keccak_224(..), Keccak_256(..), Keccak_384(..), Keccak_512(..)
                   , HashAlgorithm, HashAlgorithmResumable, Context, hashPutContext, hashGetContext)
 import qualified Crypto.Hash as Hash
 import qualified Data.ByteString as B
 import qualified Data.ByteString.Lazy as LB
 import qualified Data.ByteString.Builder as Builder
 import Data.Maybe (fromMaybe)
 import Imports
 data HashResume a = HashResume [ByteString] [ByteString] (Hash.Digest a)
  deriving (Show, Eq)
 instance HashAlgorithm a => Arbitrary (HashResume a) where
  arbitrary = do
    (beforeChunks, afterChunks) <- oneof
      [ ([], ) <$> (choose (1,20) >>= \n -> replicateM n (arbitraryBSof 1 99))
      , (,) <$> (choose (1,20) >>= \n -> replicateM n (arbitraryBSof 1 99))
            <*> (choose (1,20) >>= \n -> replicateM n (arbitraryBSof 1 99))
      , (, []) <$> (choose (1,20) >>= \n -> replicateM n (arbitraryBSof 1 99))
      , pure ([], [])
      ]
    return $ HashResume beforeChunks afterChunks (Hash.hashlazy . LB.fromChunks $ beforeChunks ++ afterChunks)
 resumeTests =
    [ testResumeProperties "SHAKE128_256" (SHAKE128 :: SHAKE128 256)
    , testResumeProperties "SHAKE256_256" (SHAKE256 :: SHAKE256 512)
    , testResumeProperties "SHA3_224" SHA3_224
    , testResumeProperties "SHA3_256" SHA3_256
    , testResumeProperties "SHA3_384" SHA3_384
    , testResumeProperties "SHA3_512" SHA3_512
    , testResumeProperties "Keccak_224" Keccak_224
    , testResumeProperties "Keccak_256" Keccak_256
    , testResumeProperties "Keccak_384" Keccak_384
    , testResumeProperties "Keccak_512" Keccak_512
    , testCase "serializes big endian" $ test_is_be 168 (SHAKE128 :: SHAKE128 256)
    ]
  where
        testResumeProperties :: HashAlgorithmResumable a => TestName -> a -> TestTree
        testResumeProperties name a = testGroup name
          [ testProperty "resume" (prop_resume_start a)
          ]
        prop_resume_start :: forall a. HashAlgorithmResumable a => a -> HashResume a -> Bool
        prop_resume_start _ (HashResume beforeChunks afterChunks result) = fromMaybe False $ do
          let beforeCtx = Hash.hashUpdates (Hash.hashInit :: Context a) beforeChunks
          ctx <- hashGetContext (hashPutContext beforeCtx :: ByteString)
          let afterCtx = Hash.hashUpdates ctx afterChunks
          return $ result `assertEq` Hash.hashFinalize afterCtx
        test_is_be :: forall a. HashAlgorithmResumable a => Word32 -> a -> Assertion
        test_is_be size _ = slice @=? size_be
          where size_be = LB.toStrict $ Builder.toLazyByteString $ Builder.word32BE size
                serialized = hashPutContext (Hash.hashInit :: Context a) :: ByteString
                slice = B.take 4 $ B.drop 4 serialized
 tests = testGroup "ResumableHash" resumeTests
--- a/tests/Tests.hs
+++ b/tests/Tests.hs
@ -13,7 +13,6 @@ import qualified ECC
 import qualified ECC.Edwards25519
 import qualified ECDSA
 import qualified Hash
 import qualified ResumableHash
 import qualified Poly1305
 import qualified Salsa
 import qualified XSalsa
@ -55,7 +54,6 @@ tests = testGroup "cryptonite"
    , Number.tests
    , Number.F2m.tests
    , Hash.tests
    , ResumableHash.tests
    , Padding.tests
    , testGroup "ConstructHash"
        [ KAT_MiyaguchiPreneel.tests
`@ -1,2 +1,3 @@`
	`# ~~ auto-generated by haskell-ci with config : 4fdddfa41dd039e198b8d125a70471f7dd140fa01001d99126af56fb31429ece ~~`	`# ~~ auto-generated by haskell-ci with config : 4fdddfa41dd039e198b8d125a70471f7dd140fa01001d99126af56fb31429ece ~~`
	`{ resolver: nightly-2022-03-12, packages: [ '.' ], extra-deps: [ memory-0.17.0 ], flags: {} }`	`{ resolver: lts-14.27, packages: [ '.' ], extra-deps: [], flags: {} }`