-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing KDFs #75
Comments
Hi, It seems the kdf algo from libsodium is missing. It would be pretty trivial to add it given it's basically a bit of cooking on top of blake2b: pub fn kdf_blake2b_derive_from_key::<OutSize>(subkey_id: u64, context: &[u8;8], key: &GenericArray<u8, U32>) -> [u8;OutSize] {
let mut personal: [u8;16] = [0u8;16];
personal[..8].copy_from_slice(context);
let mut salt: [u8;16] = [0u8;16];
salt[..8].copy_from_slice(&subkey_id.to_le_bytes());
Blake2bMac<OutSize>::new_with_salt_and_personal(&key, &salt, &personal)
.expect("subkey has always a valid size")
.finalize().into()
} |
Hello, |
I found #87, but it's a draft and hasn't had any updates for the last year. Do you accept external contributions? Maybe I'll consider implementing it in the future. |
cc @baloo |
@TheBestTvarynka Feel free to take over or redo the PR :) This is something I hoped to get back to, but I haven't got time to yet. My use-case for it was for TPM activate credential with RSA keys. I got bogged down by the CAVS test vectors. I implemented them as a procmacro that will generate rust test code, but that ended being the wrong approach, it's too slow to iterate. |
I want to take over the @baloo, I already read the specification and your draft PR (#87). The code looks good but I have a few questions. Where is the best place to ask these questions? I'll implement the rest and address all comments.
I looked through those test vectors. Are we going to turn all of them into tests? You wanted to do testing like in the Thank you! |
This is a tracking issue for KDF algorithms we should potentially implement.
Please leave a comment with your requests!
The text was updated successfully, but these errors were encountered: