Lib.rs

Cryptography
#openssl #kdf #nist #wrapper #abstraction #evp-kdf #sp800-108

openssl-kdf

OpenSSL KDF function abstraction

by Patrick Uiterwijk

6 releases (3 breaking)

0.4.2 Oct 26, 2023
0.4.1 Dec 10, 2021
0.3.0 Nov 18, 2021
0.2.0 Nov 18, 2021
0.1.0 Mar 31, 2021

#823 in Cryptography

Download history 170/week @ 2024-11-16 802/week @ 2024-11-23 224/week @ 2024-11-30 368/week @ 2024-12-07 213/week @ 2024-12-14 62/week @ 2024-12-21 61/week @ 2024-12-28 333/week @ 2025-01-04 213/week @ 2025-01-11 143/week @ 2025-01-18 306/week @ 2025-01-25 366/week @ 2025-02-01 254/week @ 2025-02-08 357/week @ 2025-02-15 300/week @ 2025-02-22 337/week @ 2025-03-01

1,359 downloads per month
Used in 3 crates (2 directly)

MIT license

720KB
1.5K SLoC

rust-openssl-kdf

Wrappers for the KDF functionality of OpenSSL.

This is a wrapper around difference KDF implementations in OpenSSL. At this moment, it supports the EVP_KDF functionality as backported into Fedora/RHEL.

This implements Rust wrappers for the EVP_KDF functionality in OpenSSL, among which is KBKDF, as specified in NIST SP800-108.

Example use (KBKDF in Counter mode with HMAC-SHA256 as PRF)

use openssl_kdf::{KdfArgument, KdfKbMode, KdfMacType, KdfType, perform_kdf};
use openssl::hash::MessageDigest;

let args = [
    &KdfArgument::KbMode(KdfKbMode::Counter),
    &KdfArgument::Mac(KdfMacType::Hmac(MessageDigest::sha256())),
    // Set the salt (called "Label" in SP800-108)
    &KdfArgument::Salt(&[0x12, 0x34]),
    // Set the kb info (called "Context" in SP800-108)
    &KdfArgument::KbInfo(&[0x9a, 0xbc]),
    // Set the key (called "Ki" in SP800-108)
    &KdfArgument::Key(&[0x56, 0x78]),
];

let key_out = perform_kdf(KdfType::KeyBased, &args, 20).unwrap();

Dependencies

~1.8–2.7MB
~61K SLoC