simo5
commented
5 months ago I changed a bit the code to remove Mechanism trait functions that the 1.78 compiler warned as unused anywhere.
Reorganized the kdf code to avoid some duplication, and added a guard to set and check finalized so the various functions can only be called in the correct order and the correct number of times.
No functional changes.
This creates the necessary infrastructure. Also gives an initial implementation of the SP800-108 KDF, which is one of the most complicated in the PCKCS#11 spec, and therefore was chosen to validate that the API would be able to handle all the quirks of this derivation API. The current SP800-108 implementation limits quite heavily how parameters can be used as it uses the OpenSSL interpretation of it which has substantial limitations compared to the what the NIST SPEC and PKCS#11 allow.