hkdf: impl kdf::Kdf for GenericHkdfExtract (#173)

Due to the `&self` requirement in the `Kdf` trait, this seems like the
only existing type that a `Kdf` impl makes sense for, since `derive_key`
needs to be able to input IKM.

The "salt" parameter of `Kdf::derive_key` has been mapped to the HKDF
`info` parameter, as what HKDF calls the "salt" (the non-secret value
that goes into the extract step) has already been (potentially)
configured via `&self`, whereas the "info" parameter (the non-secret
value that goes into the expand step) is the one we can actually
configure through this API.

Author: tarcieri

Cargo.lock

@@ -15,6 +15,9 @@ rust-version = "1.85"
 [dependencies]
 hmac = "0.13.0-rc.3"
 
+# optional dependencies
+kdf = { version = "0.1.0-pre.1", optional = true }
+
 [dev-dependencies]
 blobby = "0.4"
 hex-literal = "1"

hkdf/Cargo.toml

@@ -20,6 +20,9 @@ pub use errors::{InvalidLength, InvalidPrkLength};
 pub use hmac;
 pub use hmac_impl::HmacImpl;
 
+#[cfg(feature = "kdf")]
+pub use kdf::{self, Kdf};
+
 /// [`GenericHkdfExtract`] variant which uses [`Hmac`] for the underlying HMAC implementation.
 pub type HkdfExtract<H> = GenericHkdfExtract<Hmac<H>>;
 /// [`GenericHkdf`] variant which uses [`Hmac`] for the underlying HMAC implementation.
@@ -62,6 +65,16 @@ impl<H: HmacImpl> GenericHkdfExtract<H> {
     }
 }
 
+#[cfg(feature = "kdf")]
+impl<H: HmacImpl> Kdf for GenericHkdfExtract<H> {
+    fn derive_key(&self, secret: &[u8], info: &[u8], out: &mut [u8]) -> kdf::Result<()> {
+        let mut extract = self.clone();
+        extract.input_ikm(secret);
+        let (_, hkdf) = extract.finalize();
+        hkdf.expand(info, out).map_err(|_| kdf::Error)
+    }
+}
+
 /// Structure representing the HKDF, capable of HKDF-Expand and HKDF-Extract operations.
 /// Recommendations for the correct usage of the parameters can be found in the
 /// [crate root](index.html#usage).