seal_crypto_wrapper::algorithms::kdf

Struct KdfAlgorithmBuilder

Source 
pub struct KdfAlgorithmBuilder;
Expand description

Builder for constructing KDF algorithm instances.

用于构建 KDF 算法实例的构建器。

§Design Pattern | 设计模式

This builder separates key-based and password-based derivation functions, ensuring that the appropriate algorithm is chosen for the input entropy level.

此构建器分离基于密钥和基于密码的派生函数, 确保为输入熵级别选择适当的算法。

§Security Guidance | 安全指导

  • Use .key() for high-entropy inputs (≥128 bits of entropy)

  • Use .passwd() for low-entropy inputs (user passwords, PINs)

  • 对高熵输入使用 .key()(≥128 位熵)

  • 对低熵输入使用 .passwd()(用户密码、PIN)

Implementations§

Source§

impl KdfAlgorithmBuilder

Source

pub fn key(self) -> KdfKeyAlgorithmBuilder

Creates a key-based KDF algorithm builder.

创建基于密钥的 KDF 算法构建器。

§Use Cases | 使用场景

  • Deriving multiple keys from a master key

  • Key expansion in cryptographic protocols

  • Deriving keys from shared secrets (ECDH, etc.)

  • Creating domain-separated keys

  • 从主密钥派生多个密钥

  • 密码协议中的密钥扩展

  • 从共享密钥派生密钥(ECDH 等)

  • 创建域分离的密钥

§Available Algorithms | 可用算法
  • HKDF-SHA256: Fast, widely supported
  • HKDF-SHA384: Higher security margin
  • HKDF-SHA512: Maximum security
§Examples | 示例
use seal_crypto_wrapper::algorithms::kdf::KdfAlgorithm;

let hkdf = KdfAlgorithm::build().key().hkdf_sha256();
Source

pub fn passwd(self) -> KdfPasswordAlgorithmBuilder

Creates a password-based KDF algorithm builder.

创建基于密码的 KDF 算法构建器。

§Use Cases | 使用场景

  • Deriving encryption keys from user passwords

  • Password-based authentication

  • Secure password storage

  • Key derivation for encrypted storage

  • 从用户密码派生加密密钥

  • 基于密码的认证

  • 安全密码存储

  • 加密存储的密钥派生

§Available Algorithms | 可用算法
  • PBKDF2: Widely supported, configurable iterations
  • Argon2: Memory-hard, resistant to specialized attacks
§Security Note | 安全注意

Always use sufficient iteration counts and random salts to protect against brute-force and rainbow table attacks.

始终使用足够的迭代次数和随机盐来防止暴力攻击和彩虹表攻击。

§Examples | 示例
use seal_crypto_wrapper::algorithms::kdf::KdfAlgorithm;

// PBKDF2 with 100,000 iterations
let pbkdf2 = KdfAlgorithm::build().passwd().pbkdf2_sha256_with_params(100000);

// Argon2 with memory cost, time cost, and parallelism
let argon2 = KdfAlgorithm::build().passwd().argon2_with_params(65536, 3, 4);

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V