hkdf: automatically switch between Hmac and SimpleHmac
#96
Conversation
| impl<C, K> Sealed for CoreWrapper<C> | ||
| where | ||
| H: EagerHash + OutputSizeUser, | ||
| K: HmacKind<Self> + BufferKind, | ||
| C: BufferKindUser<BufferKind = K> + OutputSizeUser, |
There was a problem hiding this comment.
Seems like this would preclude switching to newtypes of CoreWrapper for the hash crates.
Could this blanket impl be based around the requisite traits instead?
There was a problem hiding this comment.
I don't think it's possible to do automatically without specialization. Alternatively, we could introduce yet another trait which would regulate switching between those two HMAC implementations, i.e. we would move this burden to all hash implementation crates.
There was a problem hiding this comment.
Then I would personally rather have newtypes than this automatic switching.
Have you benchmarked how much SimpleHmac actually degrades performance for the short inputs in HKDF usage?
There was a problem hiding this comment.
We already have the SimpleHkdf type aliases, which do the job just fine.
It's more about structure size, depending on hash, SimpleHmac can be twice bigger, especially if the reset feature is enabled for hmac.
With this change the implementation automatically selects
Hmacfor "eager" hashes andSimpleHmacfor "lazy" ones.The main disadvantage of this approach is that new
Hkdfwill work only for hash functions defined usingCoreWrapper. Ideally, we would use specialization here, but we probably can work around this by tweakingdigestandhmac. We need to distinguish between eager hashes which can return hash "core" and other hashes. Plus, it should be done in a way which allows compiler to see that implementations in this crate do not overlap.