package kdf

You can search for identifiers within the package.

in-package search v0.2.0

Key Derivation Functions: HKDF RFC 5869, PBKDF RFC 2898, SCRYPT RFC 7914

Install

Dune Dependency

github.com Readme Changelog BSD-2-Clause License Edit opam file Versions (1)

Authors

Maintainers

Sources

kdf-1.0.0.tbz

sha256=d161582b0efe66d958dd6b8c9c21068e9f6454ce218377d6cf87823dec62e0ce

sha512=8c518494a7c2e030c079a22fc0d27e4dccd1b2d6edb8fcd2ee7121cdd3d56ff416a37876b6bb13b8be015922c3487536038373bfa0934a165055c1cb5dd3c2e1

doc/src/kdf.hkdf/hkdf.ml.html

Source file `hkdf.ml`

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

module type S = sig
  val extract : ?salt:string -> string -> string
  val expand : prk:string -> ?info:string -> int -> string
end

module Make (H : Digestif.S) : S = struct
  let extract ?salt ikm =
    let key = match salt with
      | None -> String.make H.digest_size '\x00'
      | Some x -> x
    in
    H.(to_raw_string (hmac_string ~key ikm))

  let expand ~prk ?info len =
    let info = match info with
      | None -> ""
      | Some x -> x
    in
    let t n last =
      let nc = String.make 1 (Char.unsafe_chr n) in
      H.(to_raw_string (hmac_string ~key:prk (String.concat "" [last ; info ; nc])))
    in
    let n = succ (len / H.digest_size) in
    let rec compute acc count = match count, acc with
      | c, xs when c > n -> String.concat "" (List.rev xs)
      | c, x::_ -> compute (t c x :: acc) (succ c)
      | _, [] -> invalid_arg "can not happen"
    in
    let buf = compute [""] 1 in
    String.sub buf 0 len
end

let extract ~hash ?salt ikm =
  let module H = (val (Digestif.module_of_hash' hash)) in
  let module HKDF = Make (H) in
  HKDF.extract ?salt ikm

let expand ~hash ~prk ?info len =
  let module H = (val (Digestif.module_of_hash' hash)) in
  let module HKDF = Make (H) in
  HKDF.expand ~prk ?info len