1KCAPI_KDF_CTR(3)             Programming Interface            KCAPI_KDF_CTR(3)
2
3
4

NAME

6       kcapi_kdf_ctr - Counter Mode Key Derivation Function
7

SYNOPSIS

9       ssize_t kcapi_kdf_ctr(struct kcapi_handle * handle,
10                             const uint8_t * src, size_t slen, uint8_t * dst,
11                             size_t dlen);
12

ARGUMENTS

14       handle
15           [in] cipher handle allocated by caller. This cipher handle must be
16           allocated with kcapi_md_init. If the caller is interested in a KDF
17           using a keyed message digest, the caller should also call
18           kcapi_md_setkey before invoking this function.
19
20       src
21           [in] Input data that should be transformed into a key (see below).
22
23       slen
24           [in] Length of the src input data.
25
26       dst
27           [out] Buffer to store the generated key in,
28
29       dlen
30           [in] Length of the dst buffer. This value defines the number of
31           bytes generated by the KDF.
32

DESCRIPTION

34       This function is an implementation of the KDF in counter mode according
35       to SP800-108 section 5.1 as well as SP800-56A section 5.8.1
36       (Single-step KDF).
37
38       SP800-108: The caller must provide Label || 0x00 || Context in src.
39       This src pointer may also be NULL if the caller wishes not to provide
40       anything.
41
42       SP800-56A: If a keyed MAC is used, the key shall NOT be the shared
43       secret from the DH operation, but an independently generated key. The
44       src pointer is defined as Z || other info where Z is the shared secret
45       from DH and other info is an arbitrary string (see SP800-56A section
46       5.8.1.2).
47
48       return 0 upon success; a negative errno-style error code if an error
49       occurred
50

AUTHOR

52       Stephan Mueller <smueller@chronox.de>
53           Author.
54
56libkcapi Manual 1.3.1            January 2022                 KCAPI_KDF_CTR(3)
Impressum