Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
hkdf.h File Reference
This file contains the HKDF interface. More...
Go to the source code of this file.
Functions | |
int | mbedtls_hkdf (const mbedtls_md_info_t *md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len) |
This is the HMAC-based Extract-and-Expand Key Derivation Function (HKDF). | |
int | mbedtls_hkdf_extract (const mbedtls_md_info_t *md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk) |
Take the input keying material ikm and extract from it a fixed-length pseudorandom key prk . | |
int | mbedtls_hkdf_expand (const mbedtls_md_info_t *md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len) |
Expand the supplied prk into several additional pseudorandom keys, which is the output of the HKDF. |
Detailed Description
This file contains the HKDF interface.
The HMAC-based Extract-and-Expand Key Derivation Function (HKDF) is specified by RFC 5869.
Definition in file hkdf.h.
Function Documentation
int mbedtls_hkdf | ( | const mbedtls_md_info_t * | md, |
const unsigned char * | salt, | ||
size_t | salt_len, | ||
const unsigned char * | ikm, | ||
size_t | ikm_len, | ||
const unsigned char * | info, | ||
size_t | info_len, | ||
unsigned char * | okm, | ||
size_t | okm_len | ||
) |
This is the HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
- Parameters:
-
md A hash function; md.size denotes the length of the hash function output in bytes. salt An optional salt value (a non-secret random value); if the salt is not provided, a string of all zeros of md.size length is used as the salt. salt_len The length in bytes of the optional salt
.ikm The input keying material. ikm_len The length in bytes of ikm
.info An optional context and application specific information string. This can be a zero-length string. info_len The length of info
in bytes.okm The output keying material of okm_len
bytes.okm_len The length of the output keying material in bytes. This must be less than or equal to 255 * md.size bytes.
- Returns:
- 0 on success.
- MBEDTLS_ERR_HKDF_BAD_INPUT_DATA when the parameters are invalid.
- An MBEDTLS_ERR_MD_* error for errors returned from the underlying MD layer.
int mbedtls_hkdf_expand | ( | const mbedtls_md_info_t * | md, |
const unsigned char * | prk, | ||
size_t | prk_len, | ||
const unsigned char * | info, | ||
size_t | info_len, | ||
unsigned char * | okm, | ||
size_t | okm_len | ||
) |
Expand the supplied prk
into several additional pseudorandom keys, which is the output of the HKDF.
- Warning:
- This function should only be used if the security of it has been studied and established in that particular context (eg. TLS 1.3 key schedule). For standard HKDF security guarantees use
mbedtls_hkdf
instead.
- Parameters:
-
md A hash function; md.size denotes the length of the hash function output in bytes. prk A pseudorandom key of at least md.size bytes. prk
is usually the output from the HKDF extract step.prk_len The length in bytes of prk
.info An optional context and application specific information string. This can be a zero-length string. info_len The length of info
in bytes.okm The output keying material of okm_len
bytes.okm_len The length of the output keying material in bytes. This must be less than or equal to 255 * md.size bytes.
- Returns:
- 0 on success.
- MBEDTLS_ERR_HKDF_BAD_INPUT_DATA when the parameters are invalid.
- An MBEDTLS_ERR_MD_* error for errors returned from the underlying MD layer.
int mbedtls_hkdf_extract | ( | const mbedtls_md_info_t * | md, |
const unsigned char * | salt, | ||
size_t | salt_len, | ||
const unsigned char * | ikm, | ||
size_t | ikm_len, | ||
unsigned char * | prk | ||
) |
Take the input keying material ikm
and extract from it a fixed-length pseudorandom key prk
.
- Warning:
- This function should only be used if the security of it has been studied and established in that particular context (eg. TLS 1.3 key schedule). For standard HKDF security guarantees use
mbedtls_hkdf
instead.
- Parameters:
-
md A hash function; md.size denotes the length of the hash function output in bytes. salt An optional salt value (a non-secret random value); if the salt is not provided, a string of all zeros of md.size length is used as the salt. salt_len The length in bytes of the optional salt
.ikm The input keying material. ikm_len The length in bytes of ikm
.[out] prk A pseudorandom key of at least md.size bytes.
- Returns:
- 0 on success.
- MBEDTLS_ERR_HKDF_BAD_INPUT_DATA when the parameters are invalid.
- An MBEDTLS_ERR_MD_* error for errors returned from the underlying MD layer.
Generated on Tue Jul 12 2022 13:55:12 by
