Trait HkdfPrkExtract

Help

pub(crate) trait HkdfPrkExtract: Hkdf {
    // Required method
    fn extract_prk_from_secret(
        &self,
        salt: Option<&[u8]>,
        secret: &[u8],
    ) -> Vec<u8>;
}

Expand description

An extended HKDF implementation that supports directly extracting a pseudo-random key (PRK).

The base Hkdf trait is tailored to the needs of TLS 1.3, where all extracted PRKs are expanded as-is, and so can be safely encapsulated without exposing the caller to the key material.

In other contexts (for example, hybrid public key encryption (HPKE)) it may be necessary to use the extracted PRK directly for purposes other than an immediate expansion. This trait can be implemented to offer this functionality when it is required.

Required Methods§

Source

fn extract_prk_from_secret(&self, salt: Option<&[u8]>, secret: &[u8]) -> Vec<u8>

HKDF-Extract(salt, secret)

A salt of None should be treated as a sequence of HashLen zero bytes.

In most cases you should prefer Hkdf::extract_from_secret and using the returned HkdfExpander instead of handling the PRK directly.

Implementors§

Source §

Trait HkdfPrkExtractCopy item path

Required Methods§

fn extract_prk_from_secret(&self, salt: Option<&[u8]>, secret: &[u8]) -> Vec<u8>

Implementors§

impl HkdfPrkExtract for HkdfUsingHmac<'_>

Trait HkdfPrkExtract