Define CKD_SHA256_KDF transformation

I was unable to test rust-cryptoki on some vendor HSM with FIPS restriction that refuses to derive keys with CKD_NULL. I was successful however with CKD_SHA256_KDF. Unfortunately this is not implemented on softHSM (softhsm/SoftHSMv2#599) so I provide no test. This was tested fine on Thales DPOD. Signed-off-by: François Rigault <rigault.francois@gmail.com>
freedge · Aug 9, 2024 · 2fb8919 · 2fb8919
1 parent b2839f5
commit 2fb8919
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/cryptoki/src/mechanism/elliptic_curve.rs b/cryptoki/src/mechanism/elliptic_curve.rs
@@ -93,6 +93,17 @@ impl<'a> EcKdf<'a> {
         }
     }
 
+    /// The sha256 transformation as defined in the x9 standard. The
+    /// derived key is produced by concatenating hashes of the shared
+    /// value followed by 00000001, 00000002, etc. until we find
+    /// enough bytes to feel the CKA_VALUE_LEN of the derived key.
+    pub fn sha256_x9() -> Self {
+        Self {
+            kdf_type: CKD_SHA256_KDF,
+            shared_data: None,
+        }
+    }
+
     // The intention here is to be able to support other methods with
     // shared data, without it being a breaking change, by just adding
     // additional constructors here.