Lib.rs

Cryptography
#openssl #kdf #nist #wrapper #abstraction #evp-kdf #sp800-108

openssl-kdf

OpenSSL KDF function abstraction

by Patrick Uiterwijk

6 releases (3 breaking)

0.4.2 Oct 26, 2023
0.4.1 Dec 10, 2021
0.3.0 Nov 18, 2021
0.2.0 Nov 18, 2021
0.1.0 Mar 31, 2021

#574 in Cryptography

Download history 10/week @ 2024-07-21 30/week @ 2024-07-28 34/week @ 2024-08-04 173/week @ 2024-08-11 70/week @ 2024-08-18 72/week @ 2024-08-25 81/week @ 2024-09-01 68/week @ 2024-09-08 70/week @ 2024-09-15 87/week @ 2024-09-22 258/week @ 2024-09-29 328/week @ 2024-10-06 151/week @ 2024-10-13 154/week @ 2024-10-20 106/week @ 2024-10-27 256/week @ 2024-11-03

672 downloads per month
Used in 3 crates (2 directly)

MIT license

720KB
1.5K SLoC

rust-openssl-kdf

Wrappers for the KDF functionality of OpenSSL.

This is a wrapper around difference KDF implementations in OpenSSL. At this moment, it supports the EVP_KDF functionality as backported into Fedora/RHEL.

This implements Rust wrappers for the EVP_KDF functionality in OpenSSL, among which is KBKDF, as specified in NIST SP800-108.

Example use (KBKDF in Counter mode with HMAC-SHA256 as PRF)

use openssl_kdf::{KdfArgument, KdfKbMode, KdfMacType, KdfType, perform_kdf};
use openssl::hash::MessageDigest;

let args = [
    &KdfArgument::KbMode(KdfKbMode::Counter),
    &KdfArgument::Mac(KdfMacType::Hmac(MessageDigest::sha256())),
    // Set the salt (called "Label" in SP800-108)
    &KdfArgument::Salt(&[0x12, 0x34]),
    // Set the kb info (called "Context" in SP800-108)
    &KdfArgument::KbInfo(&[0x9a, 0xbc]),
    // Set the key (called "Ki" in SP800-108)
    &KdfArgument::Key(&[0x56, 0x78]),
];

let key_out = perform_kdf(KdfType::KeyBased, &args, 20).unwrap();

Dependencies

~1.8–2.7MB
~62K SLoC