| 1 | import crypto.hkdf |
| 2 | import crypto.rand |
| 3 | import crypto.sha256 |
| 4 | |
| 5 | // Usage example that expands one master secret into three other |
| 6 | // cryptographically secure keys. |
| 7 | fn test_usage() { |
| 8 | // Underlying hash function for HMAC. |
| 9 | key_len := sha256.new().size() |
| 10 | |
| 11 | // Cryptographically secure master secret. |
| 12 | secret := [u8(0x00), 0x01, 0x02, 0x03] // i.e. NOT this. |
| 13 | |
| 14 | // Non-secret salt, optional (can be empty). |
| 15 | // Recommended: hash-length random value. |
| 16 | salt := rand.read(sha256.new().size())! |
| 17 | |
| 18 | // Non-secret context info prefix, optional (can be empty). |
| 19 | info_prefix := 'hkdf example' |
| 20 | |
| 21 | // Generate three derived keys. |
| 22 | mut keys := [][]u8{} |
| 23 | for i in 0 .. 3 { |
| 24 | info := '${info_prefix} key ${i + 1}' |
| 25 | keys << hkdf.key(sha256.new, secret, salt, info, key_len)! |
| 26 | } |
| 27 | |
| 28 | for derived_key in keys { |
| 29 | assert derived_key != []u8{len: key_len} |
| 30 | } |
| 31 | assert keys[0] != keys[1] |
| 32 | assert keys[1] != keys[2] |
| 33 | assert keys[0] != keys[2] |
| 34 | } |
| 35 | |