Struct orion::hkdf::Hkdf[][src]

pub struct Hkdf {
    pub salt: Vec<u8>,
    pub ikm: Vec<u8>,
    pub info: Vec<u8>,
    pub length: usize,
    pub hmac: ShaVariantOption,
}

HKDF (HMAC-based Extract-and-Expand Key Derivation Function) as specified in the RFC 5869.

Fields salt, ikm and info are zeroed out on drop.

Fields

Methods

impl Hkdf
[src]

HKDF (HMAC-based Extract-and-Expand Key Derivation Function) as specified in the RFC 5869.

Exceptions:

An exception will be thrown if:

  • The specified length is less than 1
  • The specified length is greater than 255 * hash_output_size_in_bytes

Note:

Salts should always be generated using a CSPRNG. The gen_rand_key function in util can be used for this.

Usage examples:

Generating derived key:

use orion::hkdf::Hkdf;
use orion::core::util::gen_rand_key;
use orion::core::options::ShaVariantOption;

let key = gen_rand_key(16).unwrap();
let salt = gen_rand_key(16).unwrap();
let info = gen_rand_key(16).unwrap();

let dk = Hkdf {
    salt: salt,
    ikm: key,
    info: info,
    length: 50,
    hmac: ShaVariantOption::SHA256,
};

let dk_final = dk.derive_key().unwrap();

Verifying derived key:

use orion::hkdf::Hkdf;
use orion::core::util::gen_rand_key;
use orion::core::options::ShaVariantOption;

let key = gen_rand_key(16).unwrap();
let salt = gen_rand_key(16).unwrap();
let info = gen_rand_key(16).unwrap();

let dk = Hkdf {
    salt: salt,
    ikm: key,
    info: info,
    length: 50,
    hmac: ShaVariantOption::SHA256,
};

let dk_final = dk.derive_key().unwrap();

assert_eq!(dk.verify(&dk_final).unwrap(), true);

The HKDF Etract step.

The HKDF Expand step.

Combine extract and expand to return a derived key.

Verify a derived key by comparing one from the current struct fields and the derived key passed to the function. Comparison is done in constant time. Both derived keys must be of equal length.

Trait Implementations

impl Drop for Hkdf
[src]

Executes the destructor for this type. Read more

Auto Trait Implementations

impl Send for Hkdf

impl Sync for Hkdf