libFenrir/src/enc/hkdf.rs

//! Hash-based Key Derivation Function
//! We just repackage other crates

use ::hkdf::Hkdf;
use ::sha3::Sha3_256;
use ::zeroize::Zeroize;

use crate::enc::sym::Secret;

// Hack & tricks:
// HKDF are pretty important, but they don't zero out the data.
// we can't user #[derive(Zeroing)] either.
// So we craete a union with a Zeroing object, and drop manually both.

#[derive(Zeroize)]
#[zeroize(drop)]
struct Zeroable([u8; ::core::mem::size_of::<Hkdf<Sha3_256>>()]);

union HkdfInner {
    hkdf: ::core::mem::ManuallyDrop<Hkdf<Sha3_256>>,
    zeroable: ::core::mem::ManuallyDrop<Zeroable>,
}

impl Drop for HkdfInner {
    fn drop(&mut self) {
        #[allow(unsafe_code)]
        unsafe {
            drop(&mut self.hkdf);
            drop(&mut self.zeroable);
        }
    }
}

/// Sha3 based HKDF
#[allow(missing_debug_implementations)]
pub struct HkdfSha3 {
    _inner: Hkdf<Sha3_256>,
}

impl HkdfSha3 {
    /// Instantiate a new HKDF with Sha3-256
    pub fn new(salt: Option<&[u8]>, key: Secret) -> Self {
        Self {
            _inner: Hkdf::<Sha3_256>::new(salt, key.as_ref()),
        }
    }
}
More work on ciphers and hkdf Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com> 2023-02-17 13:59:02 +00:00			`//! Hash-based Key Derivation Function`
			`//! We just repackage other crates`

			`use ::hkdf::Hkdf;`
			`use ::sha3::Sha3_256;`
			`use ::zeroize::Zeroize;`

			`use crate::enc::sym::Secret;`

			`// Hack & tricks:`
			`// HKDF are pretty important, but they don't zero out the data.`
			`// we can't user #[derive(Zeroing)] either.`
			`// So we craete a union with a Zeroing object, and drop manually both.`

			`#[derive(Zeroize)]`
			`#[zeroize(drop)]`
			`struct Zeroable([u8; ::core::mem::size_of::<Hkdf<Sha3_256>>()]);`

			`union HkdfInner {`
			`hkdf: ::core::mem::ManuallyDrop<Hkdf<Sha3_256>>,`
			`zeroable: ::core::mem::ManuallyDrop<Zeroable>,`
			`}`

			`impl Drop for HkdfInner {`
			`fn drop(&mut self) {`
			`#[allow(unsafe_code)]`
			`unsafe {`
			`drop(&mut self.hkdf);`
			`drop(&mut self.zeroable);`
			`}`
			`}`
			`}`

			`/// Sha3 based HKDF`
			`#[allow(missing_debug_implementations)]`
			`pub struct HkdfSha3 {`
			`_inner: Hkdf<Sha3_256>,`
			`}`

			`impl HkdfSha3 {`
			`/// Instantiate a new HKDF with Sha3-256`
			`pub fn new(salt: Option<&[u8]>, key: Secret) -> Self {`
			`Self {`
			`_inner: Hkdf::<Sha3_256>::new(salt, key.as_ref()),`
			`}`
			`}`
			`}`