pierrelf.com / we
we (web engine): Experimental web browser project to understand the limits of Claude
fork atom

HMAC: keyed-hash message authentication code (RFC 2104) #47

open opened by pierrelf.com

Phase 5: Pure Rust Crypto#

Implement HMAC (Hash-based Message Authentication Code) per RFC 2104 in the crypto crate.

Dependencies#

  • Requires SHA-2 implementation (SHA-256, SHA-384, SHA-512)

Requirements#

  • Generic over hash function (HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512)
  • Hmac::new(key), update(&[u8]), finalize() -> Vec<u8>
  • One-shot: hmac_sha256(key, data) -> [u8; 32], etc.
  • Key handling: keys longer than block size are hashed; shorter keys are zero-padded
  • Inner and outer padding (ipad/opad) per RFC 2104 ยง2

Acceptance Criteria#

  • Generic HMAC implementation parameterized over hash function
  • HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512 variants
  • Pass RFC 4231 test vectors (Test Cases 1-7)
  • Handles keys shorter than, equal to, and longer than block size
  • cargo test -p we-crypto passes
  • cargo clippy -p we-crypto -- -D warnings clean
sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:plc:meotu43t6usg4qdwzenk4s2t/sh.tangled.repo.issue/3mgemslt5et2u