Struct ring::hmac::SigningKey [] [src]

pub struct SigningKey { /* fields omitted */ }

A key to use for HMAC signing.

Methods

impl SigningKey
[src]

[src]

Generate an HMAC signing key using the given digest algorithm with a random value generated from rng.

The key will be recommended_key_len(digest_alg) bytes long.

[src]

Generate an HMAC signing key using the given digest algorithm with a random value generated from rng, and puts the raw key value in key_bytes.

The key will be recommended_key_len(digest_alg) bytes long. The raw value of the random key is put in key_bytes so that it can be serialized for later use, so key_bytes must be exactly recommended_key_len(digest_alg). This serialized value can be deserialized with SigningKey::new().

[src]

Construct an HMAC signing key using the given digest algorithm and key value.

key_value should be a value generated using a secure random number generator (e.g. the key_value output by SealingKey::generate_serializable()) or derived from a random key by a key derivation function (e.g. ring::hkdf). In particular, key_value shouldn't be a password.

As specified in RFC 2104, if key_value is shorter than the digest algorithm's block length (as returned by digest::Algorithm::block_len, not the digest length returned by digest::Algorithm::output_len) then it will be padded with zeros. Similarly, if it is longer than the block length then it will be compressed using the digest algorithm.

You should not use keys larger than the digest_alg.block_len because the truncation described above reduces their strength to only digest_alg.output_len * 8 bits. Support for such keys is likely to be removed in a future version of ring.

[src]

The digest algorithm for the key.