From d225c857d0f445a9842a197d9796925555e0ece5 Mon Sep 17 00:00:00 2001 From: Benjamin Barenblat Date: Thu, 23 Aug 2018 12:24:31 -0400 Subject: Codec.Crypto.HKDF: Implement `hkdf` convenience function --- src/Codec/Crypto/HKDF.hs | 6 +++++- tests/Codec/Crypto/HKDFTests.hs | 3 ++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/Codec/Crypto/HKDF.hs b/src/Codec/Crypto/HKDF.hs index bd2d7a5..ac86bcc 100644 --- a/src/Codec/Crypto/HKDF.hs +++ b/src/Codec/Crypto/HKDF.hs @@ -14,7 +14,7 @@ module Codec.Crypto.HKDF ( AssociatedData(AssociatedData), Salt(Salt), SecretKey(SecretKey), noSalt - , extract, expand + , hkdf, extract, expand ) where import qualified Data.ByteString as ByteString @@ -31,6 +31,10 @@ import BTLS.Types , SecretKey(SecretKey), noSalt ) +-- | Computes an HKDF as specified by RFC 5869. +hkdf :: Algorithm -> Salt -> AssociatedData -> Int -> SecretKey -> SecretKey +hkdf md salt info outLen = expand md info outLen . extract md salt + -- | Computes an HKDF pseudorandom key (PRK) as specified by RFC 5869. extract :: Algorithm -> Salt -> SecretKey -> SecretKey extract (Algorithm md) (Salt salt) (SecretKey secret) = diff --git a/tests/Codec/Crypto/HKDFTests.hs b/tests/Codec/Crypto/HKDFTests.hs index b3b2a28..44a41cd 100644 --- a/tests/Codec/Crypto/HKDFTests.hs +++ b/tests/Codec/Crypto/HKDFTests.hs @@ -91,7 +91,8 @@ testRFC5869 = testGroup "RFC 5869 examples" ] where t name hash ikm salt info len prk okm = - testGroup name [ testCase "extract" $ HKDF.extract hash salt ikm @?= prk + testGroup name [ testCase "hkdf" $ HKDF.hkdf hash salt info len ikm @?= okm + , testCase "extract" $ HKDF.extract hash salt ikm @?= prk , testCase "expand" $ HKDF.expand hash info len prk @?= okm ] -- cgit v1.2.3