crypto::hkdf+x86_64 +linux

This module provides a HKDF implementation according to RFC 5869. A pesudorandom key is created using extract, which in turn is used to derive keys using expand. hkdf combines both extract and expand for deriving a single key.

See the RFC 5869 for detailed usage guidance on how to choose the parameters.

Index

Functions

fn expand(h: *hash::hash, dest: []u8, prk: []u8, info: []u8, buf: []u8) void;
fn extract(h: *hash::hash, prk: []u8, key: []u8, salt: ([]u8 | void), buf: []u8) void;
fn hkdf(h: *hash::hash, dest: []u8, key: []u8, info: []u8, salt: ([]u8 | void), buf: []u8) void;

Functions

fn expand[link]

fn expand(h: *hash::hash, dest: []u8, prk: []u8, info: []u8, buf: []u8) void;

Derives a new key form 'prk' using HMAC of given hash function 'h' and stores it into 'dest'. 'prk' must be created using extract. 'info' binds the resulting key to the context in where it is being used and therefore prevents the derivation of the same key for different contexts. 'buf' must be at least of the size hash::sz + hash::bsz of given hash function 'h'. The same hash function that was used at the extract step must also be used in expand.

fn extract[link]

fn extract(h: *hash::hash, prk: []u8, key: []u8, salt: ([]u8 | void), buf: []u8) void;

Extracts a pseudo random key (prk) from given 'key' and 'salt' and writes it to 'prk' using HMAC of given hash function 'h'. 'prk' must be the size of hash::sz of given hash. The resulting 'prk' can be used to derive keys using the expand function.

'salt' does not need to be secret and it's recommended to use a random or pseudo random value, ideally of the hash size of the given hash function. 'buf' must be of the size hash::bsz of given hash.

fn hkdf[link]

fn hkdf(h: *hash::hash, dest: []u8, key: []u8, info: []u8, salt: ([]u8 | void), buf: []u8) void;

Calls extract and expand to derive a single key from specified 'key' material using HMAC with 'h' as underlying hash function and writes it to 'dest'. The resulting key size is of the size of 'dest'.

'info' binds the resulting key to the context in where it is being used and therefore prevents the derivation of the same key for different contexts. It should be independent of the input key. 'salt' does not need to be secret and it's recommended to use a random or pseudo random value, ideally of the hash size of the given hash function. The 'salt' must be a fixed value or void between many different contexts.

'buf' must be of the size hash::bsz + hash::sz of given hash 'h'.