Struct ring::hmac::SigningKey [−][src]
pub struct SigningKey { /* fields omitted */ }
A key to use for HMAC signing.
Methods
impl SigningKey
[src]
impl SigningKey
pub fn generate(
digest_alg: &'static Algorithm,
rng: &SecureRandom
) -> Result<SigningKey, Unspecified>
[src]
pub fn generate(
digest_alg: &'static Algorithm,
rng: &SecureRandom
) -> Result<SigningKey, Unspecified>
Generate an HMAC signing key using the given digest algorithm with a
random value generated from rng
.
The key will be recommended_key_len(digest_alg)
bytes long.
pub fn generate_serializable(
digest_alg: &'static Algorithm,
rng: &SecureRandom,
key_bytes: &mut [u8]
) -> Result<SigningKey, Unspecified>
[src]
pub fn generate_serializable(
digest_alg: &'static Algorithm,
rng: &SecureRandom,
key_bytes: &mut [u8]
) -> Result<SigningKey, Unspecified>
Generate an HMAC signing key using the given digest algorithm with a
random value generated from rng
, and puts the raw key value in
key_bytes
.
The key will be recommended_key_len(digest_alg)
bytes long. The raw
value of the random key is put in key_bytes
so that it can be
serialized for later use, so key_bytes
must be exactly
recommended_key_len(digest_alg)
. This serialized value can be
deserialized with SigningKey::new()
.
pub fn new(digest_alg: &'static Algorithm, key_value: &[u8]) -> SigningKey
[src]
pub fn new(digest_alg: &'static Algorithm, key_value: &[u8]) -> SigningKey
Construct an HMAC signing key using the given digest algorithm and key value.
key_value
should be a value generated using a secure random number
generator (e.g. the key_value
output by
SealingKey::generate_serializable()
) or derived from a random key by
a key derivation function (e.g. ring::hkdf
). In particular,
key_value
shouldn't be a password.
As specified in RFC 2104, if key_value
is shorter than the digest
algorithm's block length (as returned by digest::Algorithm::block_len
,
not the digest length returned by digest::Algorithm::output_len
) then
it will be padded with zeros. Similarly, if it is longer than the block
length then it will be compressed using the digest algorithm.
You should not use keys larger than the digest_alg.block_len
because
the truncation described above reduces their strength to only
digest_alg.output_len * 8
bits. Support for such keys is likely to be
removed in a future version of ring.
pub fn digest_algorithm(&self) -> &'static Algorithm
[src]
pub fn digest_algorithm(&self) -> &'static Algorithm
The digest algorithm for the key.
Auto Trait Implementations
impl Send for SigningKey
impl Send for SigningKey
impl Sync for SigningKey
impl Sync for SigningKey