devela::_dep::orion::hazardous::kdf

Module hkdf

Help

Available on crate feature dep_orion only.

Expand description

HKDF (HMAC-based Extract-and-Expand Key Derivation Function) as specified in the RFC 5869.

§Parameters:

salt: Salt value.
ikm: Input keying material.
info: Optional context and application-specific information. If None then it’s an empty string.
dst_out: Destination buffer for the derived key. The length of the derived key is implied by the length of okm_out.

§Errors:

An error will be returned if:

The length of dst_out is less than 1.
The length of dst_out is greater than 255 * SHA(256/384/512)_OUTSIZE.

§Security:

Salts should always be generated using a CSPRNG. secure_rand_bytes() can be used for this.
The recommended length for a salt is 64 bytes.
Even though a salt value is optional, it is strongly recommended to use one.
HKDF is not suitable for password storage.

§Example:

use orion::{hazardous::kdf::hkdf, util};

let mut salt = [0u8; 64];
util::secure_rand_bytes(&mut salt)?;
let mut okm_out = [0u8; 32];

hkdf::sha512::derive_key(&salt, "IKM".as_bytes(), None, &mut okm_out)?;

Modules§

sha256: HKDF-HMAC-SHA256 (HMAC-based Extract-and-Expand Key Derivation Function) as specified in the RFC 5869.
sha384: HKDF-HMAC-SHA384 (HMAC-based Extract-and-Expand Key Derivation Function) as specified in the RFC 5869.
sha512: HKDF-HMAC-SHA512 (HMAC-based Extract-and-Expand Key Derivation Function) as specified in the RFC 5869.