rustls::crypto::tls13

Trait Hkdf

Source
pub trait Hkdf: Send + Sync {
    // Required methods
    fn extract_from_zero_ikm(
        &self,
        salt: Option<&[u8]>,
    ) -> Box<dyn HkdfExpander>;
    fn extract_from_secret(
        &self,
        salt: Option<&[u8]>,
        secret: &[u8],
    ) -> Box<dyn HkdfExpander>;
    fn expander_for_okm(&self, okm: &OkmBlock) -> Box<dyn HkdfExpander>;
    fn hmac_sign(&self, key: &OkmBlock, message: &[u8]) -> Tag;

    // Provided methods
    fn extract_from_kx_shared_secret(
        &self,
        salt: Option<&[u8]>,
        kx: Box<dyn ActiveKeyExchange>,
        peer_pub_key: &[u8],
    ) -> Result<Box<dyn HkdfExpander>, Error> { ... }
    fn fips(&self) -> bool { ... }
}
Expand description

A HKDF implementation oriented to the needs of TLS1.3.

See RFC5869 for the terminology used in this definition.

You can use HkdfUsingHmac which implements this trait on top of an implementation of hmac::Hmac.

Required Methods§

Source

fn extract_from_zero_ikm(&self, salt: Option<&[u8]>) -> Box<dyn HkdfExpander>

HKDF-Extract(salt, 0_HashLen)

0_HashLen is a string of HashLen zero bytes.

A salt of None should be treated as a sequence of HashLen zero bytes.

Source

fn extract_from_secret( &self, salt: Option<&[u8]>, secret: &[u8], ) -> Box<dyn HkdfExpander>

HKDF-Extract(salt, secret)

A salt of None should be treated as a sequence of HashLen zero bytes.

Source

fn expander_for_okm(&self, okm: &OkmBlock) -> Box<dyn HkdfExpander>

Build a HkdfExpander using okm as the secret PRK.

Source

fn hmac_sign(&self, key: &OkmBlock, message: &[u8]) -> Tag

Signs message using key viewed as a HMAC key.

This should use the same hash function as the HKDF functions in this trait.

See RFC2104 for the definition of HMAC.

Provided Methods§

Source

fn extract_from_kx_shared_secret( &self, salt: Option<&[u8]>, kx: Box<dyn ActiveKeyExchange>, peer_pub_key: &[u8], ) -> Result<Box<dyn HkdfExpander>, Error>

HKDF-Extract(salt, shared_secret) where shared_secret is the result of a key exchange.

Custom implementations should complete the key exchange by calling kx.complete(peer_pub_key) and then using this as the input keying material to HKDF-Extract.

A salt of None should be treated as a sequence of HashLen zero bytes.

Source

fn fips(&self) -> bool

Return true if this is backed by a FIPS-approved implementation.

Implementors§