| Copyright | (c) 2024 Jared Tobin |
|---|---|
| License | MIT |
| Maintainer | Jared Tobin <jared@ppad.tech> |
| Safe Haskell | None |
| Language | Haskell2010 |
Crypto.KDF.HMAC
Contents
Description
A pure HKDF implementation, as specified by RFC5869.
Synopsis
- type HMAC = ByteString -> ByteString -> ByteString
- derive :: HMAC -> ByteString -> ByteString -> Word64 -> ByteString -> Maybe ByteString
HMAC synonym
type HMAC = ByteString -> ByteString -> ByteString Source #
A HMAC function, taking a key as the first argument and the input value as the second, producing a MAC digest.
>>>import qualified Crypto.Hash.SHA256 as SHA256>>>:t SHA256.hmacSHA256.hmac :: BS.ByteString -> BS.ByteString -> BS.ByteString>>>SHA256.hmac "my HMAC key" "my HMAC input"<256-bit MAC>
HMAC-based KDF
Arguments
| :: HMAC | HMAC function |
| -> ByteString | salt |
| -> ByteString | optional context and application-specific info |
| -> Word64 | bytelength of output keying material (<= 255 * hashlen) |
| -> ByteString | input keying material |
| -> Maybe ByteString | output keying material |
Derive a key from a secret, via a HMAC-based key derivation function.
The salt and info arguments are optional to the KDF, and may
be simply passed as mempty. An empty salt will be replaced by
hashlen zero bytes.
>>>import qualified Crypto.Hash.SHA256 as SHA256>>>derive SHA256.hmac "my public salt" mempty 64 "my secret input"<64-byte output keying material>