vault: github.com/hashicorp/vault/sdk/helper/kdf Index | Files

package kdf

import "github.com/hashicorp/vault/sdk/helper/kdf"

This package is used to implement Key Derivation Functions (KDF) based on the recommendations of NIST SP 800-108. These are useful for generating unique-per-transaction keys, or situations in which a key hierarchy may be useful.

Index

Package Files

kdf.go

Constants

const (
    // HMACSHA256PRFLen is the length of output from HMACSHA256PRF
    HMACSHA256PRFLen uint32 = 256
)

func CounterMode Uses

func CounterMode(prf PRF, prfLen uint32, key []byte, context []byte, bits uint32) ([]byte, error)

CounterMode implements the counter mode KDF that uses a pseudo-random-function (PRF) along with a counter to generate derived keys. The KDF takes a base key a derivation context, and the required number of output bits.

func HMACSHA256PRF Uses

func HMACSHA256PRF(key []byte, data []byte) ([]byte, error)

HMACSHA256PRF is a pseudo-random-function (PRF) that uses an HMAC-SHA256

type PRF Uses

type PRF func([]byte, []byte) ([]byte, error)

PRF is a pseudo-random function that takes a key or seed, as well as additional binary data and generates output that is indistinguishable from random. Examples are cryptographic hash functions or block ciphers.

Package kdf imports 4 packages (graph) and is imported by 1 packages. Updated 2019-04-12. Refresh now. Tools for package owners.