1Metadata-Version: 1.1
2Name: hkdf
3Version: 0.0.3
4Summary: HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
5Home-page: https://github.com/casebeer/python-hkdf
6Author: Christopher H. Casebeer
7Author-email: UNKNOWN
8License: UNKNOWN
9Description: HKDF - HMAC Key Derivation Function
10        ===================================
11
12        This module implements the HMAC Key Derivation function, defined at
13
14            http://tools.ietf.org/html/draft-krawczyk-hkdf-01
15
16        There are two interfaces: a functional interface, with separate extract
17        and expand functions as defined in the draft RFC, and a wrapper class for
18        these functions.
19
20        Functional interface
21        --------------------
22
23        To use the functional interface, pass the pseudorandom key generated
24        by hmac_extract([salt], [input key material]) to hmac_expand(...).
25        ``salt`` should be a random, non-secret, site-specific string, but may be
26        set to None. See section 3.1 of the HKDF draft for more details.
27
28        In addition to the PRK output by hmac_extract, hmac_expand takes an
29        ``info`` argument, which permits generating multiple keys based on the
30        same PRK, and a ``length`` argument, which defines the number of bytes
31        of output key material to generate. ``length`` must be less than or equal
32        to 255 time the block size, in bytes, of the hash function being used.
33        See section 3.2 of the HKDF draft for more information on using the ``info``
34        argument.
35
36        The hash function to use can be specified for both hmac_extract and
37        hmac_expand as the ``hash`` kw argument, and defaults to SHA-256 as implemented
38        by the hashlib module. It must be the same for both extracting and expanding.
39
40        Example::
41
42            prk = hkdf_extract("8e94ef805b93e683ff18".decode("hex"), "asecretpassword")
43            key = hkdf_expand(prk, "context1", 16)
44
45        ``Hkdf`` wrapper class
46        ----------------------
47
48        To use the wrapper class, instantiate the Hkdf() class with a salt, input
49        key material, and optionally, a hash function. You may then call
50        expand([info], [length]) on the Hkdf instance to generate output key
51        material::
52
53            kdf = Hkdf("8e94ef805b93e683ff18".decode("hex"), "asecretpassword")
54            key = kdf.expand("context1", 16)
55
56        HKDF-Extract and HKDF-Expand definitions from the draft RFC
57        -----------------------------------------------------------
58
59        > Step 1: Extract
60        >
61        > PRK = HKDF-Extract(salt, IKM)
62        >
63        > Options:
64        > 	Hash     a hash function; HashLen denotes the length of the
65        > 				hash function output in octets
66        > Inputs:
67        > 	salt     optional salt value (a non-secret random value);
68        > 				if not provided, it is set to a string of HashLen zeros.
69        > 	IKM      input keying material
70        > Output:
71        > 	PRK      a pseudo-random key (of HashLen octets)
72        >
73        > The output PRK is calculated as follows:
74        >
75        > PRK = HMAC-Hash(salt, IKM)
76        >
77        > Step 2: Expand
78        >
79        > OKM = HKDF-Expand(PRK, info, L)
80        >
81        > Options:
82        > 	Hash     a hash function; HashLen denotes the length of the
83        > 				hash function output in octets
84        > Inputs:
85        > 	PRK      a pseudo-random key of at least HashLen octets
86        > 				(usually, the output from the Extract step)
87        > 	info     optional context and application specific information
88        > 				(can be a zero-length string)
89        > 	L        length of output keying material in octets
90        > 				(<= 255*HashLen)
91        > Output:
92        > 	OKM      output keying material (of L octets)
93        >
94        > The output OKM is calculated as follows:
95        >
96        > N = ceil(L/HashLen)
97        > T = T(1) | T(2) | T(3) | ... | T(N)
98        > OKM = first L octets of T
99        >
100        > where:
101        > T(0) = empty string (zero length)
102        > T(1) = HMAC-Hash(PRK, T(0) | info | 0x01)
103        > T(2) = HMAC-Hash(PRK, T(1) | info | 0x02)
104        > T(3) = HMAC-Hash(PRK, T(2) | info | 0x03)
105        > ...
106        >
107        > (where the constant concatenated to the end of each T(n) is a
108        > single octet.)
109
110        Changelog
111        ---------
112
113        - 0.0.3 – Move documentation from module docstring to README.rst
114        - 0.0.2 – Python 3.3, 3.4 support
115        - 0.0.1 – Initial release
116
117        Please report any bugs at
118
119            https://www.github.com/casebeer/python-hkdf
120
121
122
123Platform: UNKNOWN
124Classifier: License :: OSI Approved :: BSD License
125Classifier: Intended Audience :: Developers
126Classifier: Programming Language :: Python :: 2.6
127Classifier: Programming Language :: Python :: 2.7
128Classifier: Programming Language :: Python :: 3.3
129Classifier: Programming Language :: Python :: 3.4
130