From 4f9ecfc25922e10a720e84f8a779f782193152ff Mon Sep 17 00:00:00 2001 From: "Jan Winkelmann (keks)" Date: Mon, 18 Nov 2024 10:44:47 +0100 Subject: [PATCH] Move trait to crate root --- libcrux-hkdf/src/hkdf.rs | 64 ++++++++++++++++++++++++++++++++++- libcrux-hkdf/src/impl_hacl.rs | 64 +---------------------------------- 2 files changed, 64 insertions(+), 64 deletions(-) diff --git a/libcrux-hkdf/src/hkdf.rs b/libcrux-hkdf/src/hkdf.rs index ebb8453a4..4b6cd4ac0 100644 --- a/libcrux-hkdf/src/hkdf.rs +++ b/libcrux-hkdf/src/hkdf.rs @@ -8,7 +8,69 @@ pub mod hacl; #[cfg(feature = "hacl")] mod impl_hacl; -pub use impl_hacl::{HkdfMode, HkdfSha2_256, HkdfSha2_384, HkdfSha2_512}; +pub use impl_hacl::{HkdfSha2_256, HkdfSha2_384, HkdfSha2_512}; + +pub trait HkdfMode { + /// The hash algorithm used in this HKDF mode. + const MODE: Algorithm; + + /// HKDF extract using the `salt` and the input key material `ikm`. + /// The result is written to `prk`. + /// + /// Note that this function panics if `salt` or `ikm` is longer than (2**32 - 1) bytes. + fn extract(prk: &mut [u8; HASH_LEN], salt: &[u8], ikm: &[u8]) -> Result<(), Error>; + + /// HKDF expand using the pre-key material `prk` and `info`. The output length + /// is defined through the type of the `okm` parameter, that the output is written to. + /// + /// Returns nothing on success. + /// Returns [`Error::OkmTooLarge`] if the requested `okm_len` is too large. + /// Returns [`Error::ArgumentsTooLarge`] if one of `salt` or `ikm` are longer than, or + /// `OKM_LEN` is larger than (2**32 - 1) bytes. + fn expand( + okm: &mut [u8; OKM_LEN], + prk: &[u8], + info: &[u8], + ) -> Result<(), Error>; + + /// HKDF expand using the pre-key material `prk` and `info`. The output length + /// is defined by the parameter `okm_len`. + /// + /// Returns the key material in an array of length `okm_len` on success. + /// Returns [`Error::OkmTooLarge`] if the requested `okm_len` is too large. + /// Returns [`Error::ArgumentsTooLarge`] if `salt` or `ikm` is longer than + /// (2**32 - 1) bytes. + fn expand_vec(prk: &[u8], info: &[u8], okm_len: usize) -> Result, Error>; + + /// HKDF using the `salt`, input key material `ikm`, `info`. The output length + /// is defined through the result type. + /// Calls `extract` and `expand` with the given input. + /// + /// Returns the key material in an array of length `okm_len`. + /// Note that this function panics if `salt` or `ikm` is longer than (2**32 - 1) bytes. + fn hkdf( + okm: &mut [u8; OKM_LEN], + salt: &[u8], + ikm: &[u8], + info: &[u8], + ) -> Result<(), Error> { + let mut prk = [0u8; HASH_LEN]; + Self::extract(&mut prk, salt, ikm)?; + Self::expand(okm, &prk, info) + } + + /// HKDF using the `salt`, input key material `ikm`, `info`. The output length + /// is defined by the parameter `okm_len`. + /// Calls `extract` and `expand` with the given input. + /// + /// Returns the key material in an array of length `okm_len`. + /// Note that this function panics if `salt` or `ikm` is longer than (2**32 - 1) bytes. + fn hkdf_vec(salt: &[u8], ikm: &[u8], info: &[u8], okm_len: usize) -> Result, Error> { + let mut prk = [0u8; HASH_LEN]; + Self::extract(&mut prk, salt, ikm)?; + Self::expand_vec(&prk, info, okm_len) + } +} /// The HKDF algorithm defining the used hash function. #[derive(Copy, Clone, Debug, PartialEq)] diff --git a/libcrux-hkdf/src/impl_hacl.rs b/libcrux-hkdf/src/impl_hacl.rs index a296a72ff..3f2af22ef 100644 --- a/libcrux-hkdf/src/impl_hacl.rs +++ b/libcrux-hkdf/src/impl_hacl.rs @@ -1,68 +1,6 @@ #![allow(dead_code)] -use crate::{Algorithm, Error}; - -pub trait HkdfMode { - /// The hash algorithm used in this HKDF mode. - const MODE: Algorithm; - - /// HKDF extract using the `salt` and the input key material `ikm`. - /// The result is written to `prk`. - /// - /// Note that this function panics if `salt` or `ikm` is longer than (2**32 - 1) bytes. - fn extract(prk: &mut [u8; HASH_LEN], salt: &[u8], ikm: &[u8]) -> Result<(), Error>; - - /// HKDF expand using the pre-key material `prk` and `info`. The output length - /// is defined through the type of the `okm` parameter, that the output is written to. - /// - /// Returns nothing on success. - /// Returns [`Error::OkmTooLarge`] if the requested `okm_len` is too large. - /// Returns [`Error::ArgumentsTooLarge`] if one of `salt` or `ikm` are longer than, or - /// `OKM_LEN` is larger than (2**32 - 1) bytes. - fn expand( - okm: &mut [u8; OKM_LEN], - prk: &[u8], - info: &[u8], - ) -> Result<(), Error>; - - /// HKDF expand using the pre-key material `prk` and `info`. The output length - /// is defined by the parameter `okm_len`. - /// - /// Returns the key material in an array of length `okm_len` on success. - /// Returns [`Error::OkmTooLarge`] if the requested `okm_len` is too large. - /// Returns [`Error::ArgumentsTooLarge`] if `salt` or `ikm` is longer than - /// (2**32 - 1) bytes. - fn expand_vec(prk: &[u8], info: &[u8], okm_len: usize) -> Result, Error>; - - /// HKDF using the `salt`, input key material `ikm`, `info`. The output length - /// is defined through the result type. - /// Calls `extract` and `expand` with the given input. - /// - /// Returns the key material in an array of length `okm_len`. - /// Note that this function panics if `salt` or `ikm` is longer than (2**32 - 1) bytes. - fn hkdf( - okm: &mut [u8; OKM_LEN], - salt: &[u8], - ikm: &[u8], - info: &[u8], - ) -> Result<(), Error> { - let mut prk = [0u8; HASH_LEN]; - Self::extract(&mut prk, salt, ikm)?; - Self::expand(okm, &prk, info) - } - - /// HKDF using the `salt`, input key material `ikm`, `info`. The output length - /// is defined by the parameter `okm_len`. - /// Calls `extract` and `expand` with the given input. - /// - /// Returns the key material in an array of length `okm_len`. - /// Note that this function panics if `salt` or `ikm` is longer than (2**32 - 1) bytes. - fn hkdf_vec(salt: &[u8], ikm: &[u8], info: &[u8], okm_len: usize) -> Result, Error> { - let mut prk = [0u8; HASH_LEN]; - Self::extract(&mut prk, salt, ikm)?; - Self::expand_vec(&prk, info, okm_len) - } -} +use crate::{Algorithm, Error, HkdfMode}; macro_rules! impl_hkdf { ($sname:ident,$name:ident, $mode:path, $extract:ident, $expand:ident,$hash_len:literal) => {