Module hkdf

HMAC-based Extract-and-Expand Key Derivation Function.

HKDF is specified in RFC 5869.

Example

use aws_lc_rs::{aead, hkdf, hmac, rand};

// Generate a (non-secret) salt value
let mut salt_bytes = [0u8; 32];
rand::fill(&mut salt_bytes).unwrap();

// Extract pseudo-random key from secret keying materials
let salt = hkdf::Salt::new(hkdf::HKDF_SHA256, &salt_bytes);
let pseudo_random_key = salt.extract(b"secret input keying material");

// Derive HMAC key
let hmac_key_material = pseudo_random_key
    .expand(
        &[b"hmac contextual info"],
        hkdf::HKDF_SHA256.hmac_algorithm(),
    )
    .unwrap();
let hmac_key = hmac::Key::from(hmac_key_material);

// Derive UnboundKey for AES-128-GCM
let aes_keying_material = pseudo_random_key
    .expand(&[b"aes contextual info"], &aead::AES_128_GCM)
    .unwrap();
let aead_unbound_key = aead::UnboundKey::from(aes_keying_material);

Structs

• Algorithm
  An HKDF algorithm.
• Okm
  An HKDF OKM (Output Keying Material)
• Prk
  A HKDF PRK (pseudorandom key).
• Salt
  A salt for HKDF operations.
• ZeroizeBoxSlice 🔒

Enums

• PrkMode 🔒

Constants

• HKDF_INFO_DEFAULT_CAPACITY_LEN 🔒
  General Info length’s for HKDF don’t normally exceed 256 bits. We set the default capacity to a value larger than should be needed so that the value passed to |HKDF_expand| is only allocated once.
• MAX_HKDF_PRK_LEN 🔒
  The maximum output size of a PRK computed by |HKDF_extract| is the maximum digest size that can be outputted by AWS-LC.
• MAX_HKDF_SALT_LEN 🔒
  General Salt length’s for HKDF don’t normally exceed 256 bits. We set the limit to something tolerable, so that the Salt structure can be stack allocatable.

Statics

• HKDF_SHA1_FOR_LEGACY_USE_ONLY
  HKDF using HMAC-SHA-1. Obsolete.
• HKDF_SHA256
  HKDF using HMAC-SHA-256.
• HKDF_SHA384
  HKDF using HMAC-SHA-384.
• HKDF_SHA512
  HKDF using HMAC-SHA-512.

Traits

• KeyType
  The length of the OKM (Output Keying Material) for a Prk::expand() call.