package kdf

sdk – github.com/hashicorp/vault/sdk/helper/kdf Index | Files

package kdf

import "github.com/hashicorp/vault/sdk/helper/kdf"

This package is used to implement Key Derivation Functions (KDF) based on the recommendations of NIST SP 800-108. These are useful for generating unique-per-transaction keys, or situations in which a key hierarchy may be useful.

Index ¶

Constants
func CounterMode(prf PRF, prfLen uint32, key []byte, context []byte, bits uint32) ([]byte, error)
func HMACSHA256PRF(key []byte, data []byte) ([]byte, error)
type PRF

Constants ¶

const (
	// HMACSHA256PRFLen is the length of output from HMACSHA256PRF
	HMACSHA256PRFLen uint32 = 256
)

Functions ¶

func CounterMode ¶

func CounterMode(prf PRF, prfLen uint32, key []byte, context []byte, bits uint32) ([]byte, error)

CounterMode implements the counter mode KDF that uses a pseudo-random-function (PRF) along with a counter to generate derived keys. The KDF takes a base key a derivation context, and the required number of output bits.

func HMACSHA256PRF ¶

func HMACSHA256PRF(key []byte, data []byte) ([]byte, error)

HMACSHA256PRF is a pseudo-random-function (PRF) that uses an HMAC-SHA256

Types ¶

type PRF ¶

type PRF func([]byte, []byte) ([]byte, error)

PRF is a pseudo-random function that takes a key or seed, as well as additional binary data and generates output that is indistinguishable from random. Examples are cryptographic hash functions or block ciphers.

Source Files ¶

kdf.go

Version: v0.18.0 (latest)
Published: Jun 5, 2025
Platform: linux/amd64
Imports: 5 packages
Last checked: 1 month ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples

package kdf

Index ¶

Constants ¶

Functions ¶

func CounterMode ¶

func HMACSHA256PRF ¶

Types ¶

type PRF ¶

Source Files ¶

Jump to identifier

Keyboard shortcuts