1KCAPI_KDF_FB(3) Programming Interface KCAPI_KDF_FB(3)
2
3
4
6 kcapi_kdf_fb - Feedback Mode Key Derivation Function
7
9 ssize_t kcapi_kdf_fb(struct kcapi_handle * handle, const uint8_t * src,
10 size_t slen, uint8_t * dst, size_t dlen);
11
13 handle
14 [in] cipher handle allocated by caller. This cipher handle must be
15 allocated with kcapi_md_init. If the caller is interested in a KDF
16 using a keyed message digest, the caller should also call
17 kcapi_md_setkey before invoking this function.
18
19 src
20 [in] Input data that should be transformed into a key (see below).
21
22 slen
23 [in] Length of the src input data.
24
25 dst
26 [out] Buffer to store the generated key in,
27
28 dlen
29 [in] Length of the dst buffer. This value defines the number of
30 bytes generated by the KDF.
31
33 This function is an implementation of the KDF in feedback mode with a
34 non-NULL IV and with counter according to SP800-108 section 5.2. The IV
35 is supplied with src and must be equal to the digestsize of the used
36 cipher.
37
38 In addition, the caller must provide Label || 0x00 || Context in src.
39 This src pointer must not be NULL as the IV is required. The ultimate
40 format of the src pointer is IV || Label || 0x00 || Context where the
41 length of the IV is equal to the block size (i.e. the digest size of
42 the underlying hash) of the PRF.
43
44 return 0 upon success; a negative errno-style error code if an error
45 occurred
46
48 Stephan Mueller <smueller@chronox.de>
49 Author.
50
52libkcapi Manual 1.4.0 July 2023 KCAPI_KDF_FB(3)