haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[HKDF] document a bit better extractSkip

Browse Source
This commit is contained in:
Vincent Hanquez 2016-03-29 07:17:24 +01:00
parent 93fad940e4
commit 149bfa6010
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Crypto/KDF/HKDF.hs
View File

@ -7,10 +7,9 @@
-- --
-- Key Derivation Function based on HMAC -- Key Derivation Function based on HMAC
-- --
-- See rfc5869 -- See RFC5869
-- --
{-# LANGUAGE BangPatterns #-} {-# LANGUAGE BangPatterns #-}
{-# LANGUAGE GeneralizedNewtypeDeriving #-}
module Crypto.KDF.HKDF module Crypto.KDF.HKDF
( PRK ( PRK
, extract , extract
@ -35,7 +34,10 @@ extract :: (HashAlgorithm a, ByteArrayAccess salt, ByteArrayAccess ikm)
-> PRK a -- ^ Pseudo random key -> PRK a -- ^ Pseudo random key
extract salt ikm = PRK $ hmac salt ikm extract salt ikm = PRK $ hmac salt ikm
-- | Create a PRK directly from the input key material, skipping any hmacing -- | Create a PRK directly from the input key material.
--
-- Only use when guaranteed to have a good quality and random data to use directly as key.
-- This effectively skip a HMAC with key=salt and data=key.
extractSkip :: (HashAlgorithm a, ByteArrayAccess ikm) extractSkip :: (HashAlgorithm a, ByteArrayAccess ikm)
=> ikm => ikm
-> PRK a -> PRK a
@ -74,4 +76,3 @@ expand prkAt infoAt outputLength =
r = n - hashLen r = n - hashLen
in (if n >= hashLen then ti else B.take n ti) in (if n >= hashLen then ti else B.take n ti)
: loop hF ti r (i+1) : loop hF ti r (i+1)