-
Notifications
You must be signed in to change notification settings - Fork 94
Contexts
Many functions from this library require the presence of a context.
Similar to a type, a context is a 8 characters string describing what the function is going to be used for.
Its purpose is to mitigate accidental bugs by separating domains. The same function used with the same key but in two distinct contexts is likely to generate two different outputs.
Therefore, a key designed to encrypt data used in a specific context will not be able to decrypt data if accidentally used in another context.
Contexts don't have to be secret and can have a low entropy. Examples of contexts include UserName, __auth__, pictures and userdata.
If more convenient, it is also fine to use a single global context for a whole application. This will still prevent the same key from being mistakenly used by another application.
Although the library defines a macro for the length of a context for each API set, contexts are guaranteed to have the same length (8 characters) everywhere.
uint8_t k[hydro_hash_KEYBYTES];
uint8_t h1[hydro_hash_BYTES], h2[hydro_hash_BYTES];
hydro_hash_keygen(k);
hydro_hash_hash(h1, "test", 4, "context1", k);
hydro_hash_hash(h2, "test", 4, "context2", k);
/* h1 != h2 even if the key and input are the same */