pierrelf.com / we

we (web engine): Experimental web browser project to understand the limits of Claude

HKDF: HMAC-based key derivation function (RFC 5869) #48

open opened by

pierrelf.com 1 week ago

Phase 5: Pure Rust Crypto#

Implement HKDF (HMAC-based Extract-and-Expand Key Derivation Function) per RFC 5869 in the crypto crate.

Dependencies#

Requires HMAC implementation

Requirements#

HKDF-Extract(salt, IKM) -> PRK
HKDF-Expand(PRK, info, L) -> OKM
HKDF(salt, IKM, info, L) -> OKM (combined extract+expand)
Generic over hash function (HKDF-SHA-256, HKDF-SHA-384, HKDF-SHA-512)
Output length L must be <= 255 * HashLen

Acceptance Criteria#

hkdf_extract and hkdf_expand functions
Combined hkdf convenience function
Pass RFC 5869 test vectors (Test Cases 1-3 for SHA-256, 4-5 for SHA-1 optional)
Validates output length constraint
cargo test -p we-crypto passes
cargo clippy -p we-crypto -- -D warnings clean

sign up or login to add to the discussion

Labels

None yet.

assignee

None yet.

Participants 1

AT URI

at://did:plc:meotu43t6usg4qdwzenk4s2t/sh.tangled.repo.issue/3mgemstq4qj23