pub trait Hkdf: Send + Sync {
// Required methods
fn extract_from_zero_ikm(
&self,
salt: Option<&[u8]>,
) -> Box<dyn HkdfExpander>;
fn extract_from_secret(
&self,
salt: Option<&[u8]>,
secret: &[u8],
) -> Box<dyn HkdfExpander>;
fn expander_for_okm(&self, okm: &OkmBlock) -> Box<dyn HkdfExpander>;
fn hmac_sign(&self, key: &OkmBlock, message: &[u8]) -> Tag;
// Provided methods
fn extract_from_kx_shared_secret(
&self,
salt: Option<&[u8]>,
kx: Box<dyn ActiveKeyExchange>,
peer_pub_key: &[u8],
) -> Result<Box<dyn HkdfExpander>, Error> { ... }
fn fips(&self) -> bool { ... }
}
Expand description
A HKDF implementation oriented to the needs of TLS1.3.
See RFC5869 for the terminology used in this definition.
You can use HkdfUsingHmac
which implements this trait on top of an implementation
of hmac::Hmac
.
Required Methods§
Sourcefn extract_from_zero_ikm(&self, salt: Option<&[u8]>) -> Box<dyn HkdfExpander>
fn extract_from_zero_ikm(&self, salt: Option<&[u8]>) -> Box<dyn HkdfExpander>
HKDF-Extract(salt, 0_HashLen)
0_HashLen
is a string of HashLen
zero bytes.
A salt
of None
should be treated as a sequence of HashLen
zero bytes.
Sourcefn extract_from_secret(
&self,
salt: Option<&[u8]>,
secret: &[u8],
) -> Box<dyn HkdfExpander>
fn extract_from_secret( &self, salt: Option<&[u8]>, secret: &[u8], ) -> Box<dyn HkdfExpander>
HKDF-Extract(salt, secret)
A salt
of None
should be treated as a sequence of HashLen
zero bytes.
Sourcefn expander_for_okm(&self, okm: &OkmBlock) -> Box<dyn HkdfExpander>
fn expander_for_okm(&self, okm: &OkmBlock) -> Box<dyn HkdfExpander>
Build a HkdfExpander
using okm
as the secret PRK.
Provided Methods§
HKDF-Extract(salt, shared_secret)
where shared_secret
is the result of a key exchange.
Custom implementations should complete the key exchange by calling
kx.complete(peer_pub_key)
and then using this as the input keying material to
HKDF-Extract
.
A salt
of None
should be treated as a sequence of HashLen
zero bytes.