hkdf

package

v1.3.0 Latest Latest Go to latest Published: Jan 20, 2024 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ldclabs/cose

Links

Open Source Insights

Documentation ¶

Overview ¶

Package hkdf implements key derivation function HKDF for COSE as defined in RFC9053. https://datatracker.ietf.org/doc/html/rfc9053#name-key-derivation-functions-kd

Index ¶

func HKDF256(secret, salt, info []byte, keySize int) ([]byte, error)
func HKDF512(secret, salt, info []byte, keySize int) ([]byte, error)
func HKDFAES(secret, info []byte, keySize int) ([]byte, error)
func NewAES(block cipher.Block, info []byte) io.Reader

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func HKDF256 ¶

func HKDF256(secret, salt, info []byte, keySize int) ([]byte, error)

HKDF256 derives a key from the given secret, salt, info and key size, using HKDF-SHA-256.

Example ¶

package main

import (
	"fmt"

	"github.com/ldclabs/cose/cose"
	"github.com/ldclabs/cose/iana"
	"github.com/ldclabs/cose/key"

	"github.com/ldclabs/cose/key/hkdf"
)

func main() {
	// Create a KDF Context
	kdfContext := cose.KDFContext{
		AlgorithmID: iana.AlgorithmA128GCM,
		SuppPubInfo: cose.SuppPubInfo{
			KeyDataLength: 128,
			Protected: cose.Headers{
				iana.HeaderParameterAlg: iana.AlgorithmECDH_ES_HKDF_256,
			},
		},
	}
	ctxData, err := key.MarshalCBOR(kdfContext)
	if err != nil {
		panic(err)
	}

	// Derive a key
	secret := key.HexBytesify("4B31712E096E5F20B4ECF9790FD8CC7C8B7E2C8AD90BDA81CB224F62C0E7B9A6")
	k, err := hkdf.HKDF256(secret, nil, ctxData, 128/8)
	if err != nil {
		panic(err)
	}
	fmt.Printf("key: %X\n", k)
	// key: 56074D506729CA40C4B4FE50C6439893

}

Output:

key: 56074D506729CA40C4B4FE50C6439893

func HKDF512 ¶

func HKDF512(secret, salt, info []byte, keySize int) ([]byte, error)

HKDF512 derives a key from the given secret, salt, info and key size, using HKDF-SHA-512.

func HKDFAES ¶

func HKDFAES(secret, info []byte, keySize int) ([]byte, error)

HKDFAES derives a key from the given secret, info and key size. The secret should be the AES key, either 16, or 32 bytes to select HKDF-AES-128, or HKDF-AES-256.

Example ¶

package main

import (
	"fmt"

	"github.com/ldclabs/cose/cose"
	"github.com/ldclabs/cose/iana"
	"github.com/ldclabs/cose/key"

	"github.com/ldclabs/cose/key/hkdf"
)

func main() {
	// Create a KDF Context
	kdfContext := cose.KDFContext{
		AlgorithmID: iana.AlgorithmAES_CCM_16_64_128,
		SuppPubInfo: cose.SuppPubInfo{
			KeyDataLength: 128,
			Protected: cose.Headers{
				iana.HeaderParameterAlg: iana.AlgorithmDirect_HKDF_AES_128,
			},
		},
	}
	ctxData, err := key.MarshalCBOR(kdfContext)
	if err != nil {
		panic(err)
	}

	// Derive a key
	secret := key.Base64Bytesify("hJtXIZ2uSN5kbQfbtTNWbg")
	k, err := hkdf.HKDFAES(secret, ctxData, 128/8)
	if err != nil {
		panic(err)
	}
	fmt.Printf("key: %X\n", k)
	// key: F0CCBAF836D73DA63ED8508EF966EEC9

}

Output:

key: F0CCBAF836D73DA63ED8508EF966EEC9

func NewAES ¶

func NewAES(block cipher.Block, info []byte) io.Reader

NewAES returns a Reader, from which keys can be read, using the given cipher.Block (as AES-CBC-MAC PRF) and context info. Context info can be nil.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL