Skip to content

Commit cb7a19b

Browse files
newpavlovnewpavlov
committed
update hmac
1 parent 5ba039f commit cb7a19b

File tree

3 files changed

+66
-29
lines changed

3 files changed

+66
-29
lines changed

Cargo.lock

+6-6
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

+3-3
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,8 @@ members = [
44
]
55

66
[patch.crates-io]
7-
digest = { git = "https://github.com/RustCrypto/traits/", branch = "new_traits" }
8-
block-buffer = { git = "https://github.com/RustCrypto/utils", branch = "pad_error" }
7+
digest = { git = "https://github.com/RustCrypto/traits/", branch = "digest/v0.10" }
8+
block-buffer = { git = "https://github.com/RustCrypto/utils", branch = "block-buffer/v0.10" }
99
sha-1 = { git = "https://github.com/RustCrypto/hashes/", branch = "digest/v0.10.0-pre" }
1010
sha2 = { git = "https://github.com/RustCrypto/hashes/", branch = "digest/v0.10.0-pre" }
11-
hmac = { git = "https://github.com/RustCrypto/MACs/", branch = "new_traits" }
11+
hmac = { git = "https://github.com/RustCrypto/MACs/", branch = "hmac/v0.12" }

hkdf/src/lib.rs

+57-20
Original file line numberDiff line numberDiff line change
@@ -95,18 +95,21 @@ extern crate std;
9595
use core::fmt;
9696
use hmac::digest::{
9797
block_buffer::Eager,
98-
core_api::{AlgorithmName, BufferKindUser, CoreProxy, FixedOutputCore, UpdateCore},
99-
generic_array::typenum::Unsigned,
100-
Digest, FixedOutput, KeyInit, Output, Update,
98+
core_api::{
99+
AlgorithmName, BlockSizeUser, BufferKindUser, CoreProxy, FixedOutputCore, OutputSizeUser,
100+
UpdateCore,
101+
},
102+
generic_array::typenum::{IsLess, Le, NonZero, Unsigned, U256},
103+
FixedOutput, HashMarker, KeyInit, Output, Update,
101104
};
102105
use hmac::Hmac;
103106

104107
/// Error that is returned when supplied pseudorandom key (PRK) is not long enough.
105-
#[derive(Copy, Clone, Eq, PartialEq, Debug)]
108+
#[derive(Copy, Clone, Debug)]
106109
pub struct InvalidPrkLength;
107110

108111
/// Structure for InvalidLength, used for output error handling.
109-
#[derive(Copy, Clone, Eq, PartialEq, Debug)]
112+
#[derive(Copy, Clone, Debug)]
110113
pub struct InvalidLength;
111114

112115
/// Structure representing the streaming context of an HKDF-Extract operation
@@ -124,20 +127,34 @@ pub struct InvalidLength;
124127
#[derive(Clone)]
125128
pub struct HkdfExtract<D>
126129
where
127-
D: CoreProxy + Digest,
128-
D::Core: UpdateCore + FixedOutputCore + BufferKindUser<BufferKind = Eager> + Default + Clone,
130+
D: CoreProxy,
131+
D::Core: HashMarker
132+
+ UpdateCore
133+
+ FixedOutputCore
134+
+ BufferKindUser<BufferKind = Eager>
135+
+ Default
136+
+ Clone,
137+
<D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
138+
Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
129139
{
130140
hmac: Hmac<D>,
131141
}
132142

133143
impl<D> HkdfExtract<D>
134144
where
135-
D: CoreProxy + Digest,
136-
D::Core: UpdateCore + FixedOutputCore + BufferKindUser<BufferKind = Eager> + Default + Clone,
145+
D: CoreProxy,
146+
D::Core: HashMarker
147+
+ UpdateCore
148+
+ FixedOutputCore
149+
+ BufferKindUser<BufferKind = Eager>
150+
+ Default
151+
+ Clone,
152+
<D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
153+
Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
137154
{
138155
/// Initiates the HKDF-Extract context with the given optional salt
139156
pub fn new(salt: Option<&[u8]>) -> HkdfExtract<D> {
140-
let default_salt = Output::<D>::default();
157+
let default_salt = Output::<D::Core>::default();
141158
let salt = salt.unwrap_or(&default_salt);
142159
let hmac = Hmac::<D>::new_from_slice(salt).expect("HMAC can take a key of any size");
143160
HkdfExtract { hmac }
@@ -159,13 +176,16 @@ where
159176

160177
impl<D> fmt::Debug for HkdfExtract<D>
161178
where
162-
D: CoreProxy + Digest,
163-
D::Core: AlgorithmName
179+
D: CoreProxy,
180+
D::Core: HashMarker
181+
+ AlgorithmName
164182
+ UpdateCore
165183
+ FixedOutputCore
166184
+ BufferKindUser<BufferKind = Eager>
167185
+ Default
168186
+ Clone,
187+
<D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
188+
Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
169189
{
170190
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
171191
f.write_str("HkdfExtract<")?;
@@ -178,16 +198,30 @@ where
178198
#[derive(Clone)]
179199
pub struct Hkdf<D>
180200
where
181-
D: CoreProxy + Digest,
182-
D::Core: UpdateCore + FixedOutputCore + BufferKindUser<BufferKind = Eager> + Default + Clone,
201+
D: CoreProxy,
202+
D::Core: HashMarker
203+
+ UpdateCore
204+
+ FixedOutputCore
205+
+ BufferKindUser<BufferKind = Eager>
206+
+ Default
207+
+ Clone,
208+
<D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
209+
Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
183210
{
184211
hmac: Hmac<D>,
185212
}
186213

187214
impl<D> Hkdf<D>
188215
where
189-
D: CoreProxy + Digest,
190-
D::Core: UpdateCore + FixedOutputCore + BufferKindUser<BufferKind = Eager> + Default + Clone,
216+
D: CoreProxy,
217+
D::Core: HashMarker
218+
+ UpdateCore
219+
+ FixedOutputCore
220+
+ BufferKindUser<BufferKind = Eager>
221+
+ Default
222+
+ Clone,
223+
<D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
224+
Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
191225
{
192226
/// Convenience method for [`extract`][Hkdf::extract] when the generated
193227
/// pseudorandom key can be ignored and only HKDF-Expand operation is needed. This is the most
@@ -201,7 +235,7 @@ where
201235
/// as per section 3.3 from RFC5869.
202236
pub fn from_prk(prk: &[u8]) -> Result<Hkdf<D>, InvalidPrkLength> {
203237
// section 2.3 specifies that prk must be "at least HashLen octets"
204-
if prk.len() < D::OutputSize::to_usize() {
238+
if prk.len() < <D::Core as OutputSizeUser>::OutputSize::to_usize() {
205239
return Err(InvalidPrkLength);
206240
}
207241

@@ -228,7 +262,7 @@ where
228262
) -> Result<(), InvalidLength> {
229263
let mut prev: Option<Output<D::Core>> = None;
230264

231-
let chunk_len = D::OutputSize::USIZE;
265+
let chunk_len = <D::Core as OutputSizeUser>::OutputSize::USIZE;
232266
if okm.len() > chunk_len * 255 {
233267
return Err(InvalidLength);
234268
}
@@ -269,13 +303,16 @@ where
269303

270304
impl<D> fmt::Debug for Hkdf<D>
271305
where
272-
D: CoreProxy + Digest,
273-
D::Core: AlgorithmName
306+
D: CoreProxy,
307+
D::Core: HashMarker
308+
+ AlgorithmName
274309
+ UpdateCore
275310
+ FixedOutputCore
276311
+ BufferKindUser<BufferKind = Eager>
277312
+ Default
278313
+ Clone,
314+
<D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
315+
Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
279316
{
280317
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
281318
f.write_str("Hkdf<")?;

0 commit comments

Comments
 (0)