rust-openssl-kdf
Wrappers for the EVP_KDF functionality of OpenSSL.
NOTE: Once OpenSSL 3.0 has been released and support for KDF has been added to rust-openssl, this crate will likely be deprecated.
This implements Rust wrappers for the EVP_KDF functionality in OpenSSL, among which is KBKDF, as specified in NIST SP800-108.
This functionality is currently only available in OpenSSL 3.0, and has been backported to Fedora/RHEL. Unfortunately, the API is somewhat different between those two versions: right now, this crate is aimed at the backported API.
Example use (KBKDF in Counter mode with HMAC-SHA256 as PRF)
use openssl_kdf::{Kdf, KdfKbMode, KdfMacType, KdfType};
use openssl::hash::MessageDigest;
let kdf = Kdf::new(KdfType::KeyBased).unwrap();
kdf.set_kb_mode(KdfKbMode::Counter).unwrap();
// Use Hmac-SHA256
kdf.set_kb_mac_type(KdfMacType::Hmac).unwrap();
kdf.set_digest(MessageDigest::sha256()).unwrap();
// Set the salt (called "Label" in SP800-108)
kdf.set_salt(&[0x12, 0x34]).unwrap();
// Set the kb info (called "Context" in SP800-108)
kdf.set_kb_info(&[0x56, 0x78]).unwrap();
// Set the key (called "Ki" in SP800-108)
kdf.set_key(&[0x9a, 0xbc]).unwrap();
// Derive 20 bytes worth of key material
let key_out = kdf.derive(20).unwrap();