Function orion::default::hkdf [−][src]
pub fn hkdf(
salt: &[u8],
input: &[u8],
info: &[u8],
len: usize
) -> Result<Vec<u8>, UnknownCryptoError>
HKDF-HMAC-SHA512/256.
Parameters:
salt
: Optional salt valueinput
: Input keying materialinfo
: Optional context and application specific information (can be a zero-length string)len
: Length of output keying material
See RFC for more information.
Exceptions:
An exception will be thrown if:
- The length of the salt is less than 16 bytes.
Security:
Salts should always be generated using a CSPRNG. The gen_rand_key
function
in util
can be used for this. The recommended length for a salt is 16 bytes as a minimum.
HKDF is not suitable for password storage. Even though a salt value is optional, it is strongly
recommended to use one.
Example:
use orion::default; use orion::core::util; let salt = util::gen_rand_key(32).unwrap(); let data = "Some data.".as_bytes(); let info = "Some info.".as_bytes(); let hkdf = default::hkdf(&salt, data, info, 32).unwrap();