Expand description
§HKDF
This crate implements HKDF (RFC 5869) on SHA2-256, SHA2-384, and SHA2-512. The implementation is based on code extracted from verified crypto code from the HACL* project.
§Examples
§Using the typed SHA2-256 API
use libcrux_hkdf::{Hkdf, Sha2_256};
use libcrux_secrets::{U8, Classify, ClassifyRef, DeclassifyRef};
// Input key material and salt
let ikm = &[0x0b; 22].classify(); // 22 bytes of 0x0b
let salt = b"salt".classify_ref();
// Extract phase: derive pseudorandom key
let mut prk = [0u8; 32].classify(); // SHA2-256 output length
Hkdf::<Sha2_256>::extract(&mut prk, salt, ikm).unwrap();
// Expand phase: derive keys for different purposes
let mut encrypt_key = [0u8; 16].classify();
let mut mac_key = [0u8; 16].classify();
Hkdf::<Sha2_256>::expand(&mut encrypt_key, &prk, b"encrypt").unwrap();
Hkdf::<Sha2_256>::expand(&mut mac_key, &prk, b"mac").unwrap();§Using the dynamic API
use libcrux_hkdf::{extract, expand, Algorithm};
use libcrux_secrets::{U8, Classify, ClassifyRef, DeclassifyRef};
// Input key material and salt
let ikm = &[0x0b; 22].classify();
let salt = b"salt".classify_ref();
// Extract phase using SHA2-512
let mut prk = [0u8; 64].classify(); // SHA2-512 output length
extract(Algorithm::Sha512, &mut prk, salt, ikm).unwrap();
// Expand phase: derive keys for different purposes
let mut encrypt_key = [0u8; 32].classify();
let mut mac_key = [0u8; 32].classify();
expand(Algorithm::Sha512, &mut encrypt_key, &prk, b"encrypt").unwrap();
expand(Algorithm::Sha512, &mut mac_key, &prk, b"mac").unwrap();Modules§
- hacl
- This module contains generated hacl code.
- sha2_
256 - HKDF implementation for SHA2-256.
- sha2_
384 - HKDF implementation for SHA2-384.
- sha2_
512 - HKDF implementation for SHA2-512.
Structs§
- Hkdf
- HKDF implementation with compile-time algorithm selection.
- Sha2_
256 - Type marker for SHA2-256 hash algorithm.
- Sha2_
384 - Type marker for SHA2-384 hash algorithm.
- Sha2_
512 - Type marker for SHA2-512 hash algorithm.
Enums§
- Algorithm
- The HKDF algorithm defining the used hash function. Only needed for the functions with dynamic algorithm selection.
- Array
Reference Expand Error - Array
Reference Extract Error - Expand
Error - Extract
Error
Functions§
- expand
- HKDF expand. The argument names match the specification.
The result is written to
okm. Thealgoargument is used for dynamic algorithm selection. - extract
- HKDF extract using the
saltand the input key materialikm. The result is written toprk. Thealgoargument is used for dynamic algorithm selection. - hkdf
- Full HKDF, i.e. both extract and expand, using the
saltand the input key materialikm. The argument names match the specification. The result is written tookm. Thealgoargument is used for dynamic algorithm selection.