Module dryoc::kdf [−][src]
Key derivation functions
Kdf
implements libsodium’s key derivation functions, based on the
Blake2b hash function.
You should use Kdf
when you want to:
- create many subkeys from a main key, without having to risk leaking the main key
- ensure that if a subkey were to become compromised, one could not derive the main key
Rustaceous API example
use base64::encode; use dryoc::kdf::*; // Randomly generate a main key and context, using the default stack-allocated // types let key = Kdf::gen_with_defaults(); let subkey_id = 0; let subkey = key.derive_subkey_to_vec(subkey_id).expect("derive failed"); println!("Subkey {}: {}", subkey_id, encode(&subkey));
Additional resources
- See https://doc.libsodium.org/key_derivation for additional details on key derivation
Modules
protected | nightly Protected memory type aliases for |
Structs
Kdf | Key derivation implementation based on Blake2b, compatible with libsodium’s
|
Type Definitions
Context | Stack-allocated context type alias for key derivation with |
Key | Stack-allocated key type alias for key derivation with |
StackKdf | Stack-allocated type alias for |