Macros
#define	LC_HKDF_CTX_ON_STACK(name, hashname)
	Allocate stack memory for the HKDF context.

Functions
int	lc_hkdf_extract (struct lc_hkdf_ctx hkdf_ctx, const uint8_t ikm, size_t ikmlen, const uint8_t *salt, size_t saltlen)
	HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Extract phase.

int	lc_hkdf_expand (struct lc_hkdf_ctx hkdf_ctx, const uint8_t info, size_t infolen, uint8_t *dst, size_t dlen)
	HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Expand phase.

static void	lc_hkdf_zero (struct lc_hkdf_ctx *hkdf_ctx)
	Zeroize HKDF context allocated with either LC_HKDF_CTX_ON_STACK or hkdf_alloc.

int	lc_hkdf_alloc (const struct lc_hash hash, struct lc_hkdf_ctx *hkdf_ctx)
	Allocate HKDF context on heap.

void	lc_hkdf_zero_free (struct lc_hkdf_ctx *hkdf_ctx)
	Zeroize and free HKDF context.

static int	lc_hkdf (const struct lc_hash hash, const uint8_t ikm, size_t ikmlen, const uint8_t salt, size_t saltlen, const uint8_t info, size_t infolen, uint8_t *dst, size_t dlen)
	HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Complete implementation.

int	lc_kdf_ctr_init (struct lc_hmac_ctx hmac_ctx, const uint8_t key, size_t keylen)
	Key-based Key Derivation in Counter Mode - SP800-108 - initialization.

int	lc_kdf_ctr_generate (struct lc_hmac_ctx hmac_ctx, const uint8_t label, size_t labellen, uint8_t *dst, size_t dlen)
	Key-based Key Derivation in Counter Mode - SP800-108 - data generation.

int	lc_kdf_ctr (const struct lc_hash hash, const uint8_t key, size_t keylen, const uint8_t label, size_t labellen, uint8_t dst, size_t dlen)
	One-shot Key-based Key Derivation in Counter Mode - SP800-108.

int	lc_kdf_dpi_init (struct lc_hmac_ctx hmac_ctx, const uint8_t key, size_t keylen)
	Key-based Key Derivation in Double-Pipeline Mode - SP800-108 - initialization.

int	lc_kdf_dpi_generate (struct lc_hmac_ctx hmac_ctx, const uint8_t label, size_t labellen, uint8_t *dst, size_t dlen)
	Key-based Key Derivation in Double-Pipeline Mode - SP800-108 - data generation.

int	lc_kdf_dpi (const struct lc_hash hash, const uint8_t key, size_t keylen, const uint8_t label, size_t labellen, uint8_t dst, size_t dlen)
	One-Shot Key-based Key Derivation in Double-Pipeline Mode - SP800-108.

int	lc_kdf_fb_init (struct lc_hmac_ctx hmac_ctx, const uint8_t key, size_t keylen)
	Key-based Key Derivation in Feedback Mode - SP800-108 - initialization.

int	lc_kdf_fb_generate (struct lc_hmac_ctx hmac_ctx, const uint8_t iv, size_t ivlen, const uint8_t label, size_t labellen, uint8_t dst, size_t dlen)
	Key-based Key Derivation in Feedback Mode - SP800-108 - data generation.

int	lc_kdf_fb (const struct lc_hash hash, const uint8_t key, size_t keylen, const uint8_t iv, size_t ivlen, const uint8_t label, size_t labellen, uint8_t *dst, size_t dlen)
	One-shot Key-based Key Derivation in Feedback Mode - SP800-108.

int	lc_pbkdf2 (const struct lc_hash hash, const uint8_t pw, size_t pwlen, const uint8_t salt, size_t saltlen, const uint32_t count, uint8_t key, size_t keylen)
	Password-based Key Derivation Function - SP800-132.

Detailed Description

Macro Definition Documentation

◆ LC_HKDF_CTX_ON_STACK

#define LC_HKDF_CTX_ON_STACK	(		name,
			hashname )

Value:

        _Pragma("GCC diagnostic push")                                              \
                _Pragma("GCC diagnostic ignored \"-Wvla\"") _Pragma(                \
                        "GCC diagnostic ignored \"-Wdeclaration-after-statement\"") \
                        LC_ALIGNED_BUFFER(name##_ctx_buf,                           \
                                          LC_HKDF_CTX_SIZE(hashname),               \
                                          LC_HASH_COMMON_ALIGNMENT);                \
        struct lc_hkdf_ctx *name = (struct lc_hkdf_ctx *)name##_ctx_buf;            \
        LC_HKDF_SET_CTX(name, hashname);                                            \
        lc_hkdf_zero(name);                                                         \
        _Pragma("GCC diagnostic pop")

Allocate stack memory for the HKDF context.

Parameters

[in]	name	Name of the stack variable
[in]	hashname	Reference to lc_hash implementation

Definition at line 142 of file lc_hkdf.h.

Function Documentation

◆ lc_hkdf()

static int lc_hkdf	(	const struct lc_hash *	hash,
		const uint8_t *	ikm,
		size_t	ikmlen,
		const uint8_t *	salt,
		size_t	saltlen,
		const uint8_t *	info,
		size_t	infolen,
		uint8_t *	dst,
		size_t	dlen )

inlinestatic

HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Complete implementation.

Parameters

[in]	hash	Reference to lc_hash implementation
[in]	ikm	Input Keying Material (see RFC5869)
[in]	ikmlen	Length of ikm buffer
[in]	salt	Optional salt value - if caller does not want to use a salt set NULL here.
[in]	saltlen	Length of salt value buffer.
[in]	info	Optional context and application specific information. This may be NULL.
[in]	infolen	Size of info buffer.
[out]	dst	Buffer to store the derived bits in
[in]	dlen	Size of the destination buffer.

Returns: 0 on success, < 0 on error

Definition at line 173 of file lc_hkdf.h.

◆ lc_hkdf_alloc()

int lc_hkdf_alloc	(	const struct lc_hash *	hash,
		struct lc_hkdf_ctx **	hkdf_ctx )

Allocate HKDF context on heap.

Parameters

[in]	hash	Reference to hash implementation to be used to perform HMAC calculation with.
[out]	hkdf_ctx	Allocated HKDF context

Returns: 0 on success, < 0 on error

◆ lc_hkdf_expand()

int lc_hkdf_expand	(	struct lc_hkdf_ctx *	hkdf_ctx,
		const uint8_t *	info,
		size_t	infolen,
		uint8_t *	dst,
		size_t	dlen )

HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Expand phase.

Parameters

[in]	hkdf_ctx	Cipher handle for the operation. This call expects the caller to hand in a HMAC cipher handle that has been initialized with hkdf_extract.
[in]	info	Optional context and application specific information. This may be NULL.
[in]	infolen	Size of info buffer.
[out]	dst	Buffer to store the derived bits in
[in]	dlen	Size of the destination buffer.

Returns: 0 on success, < 0 on error

◆ lc_hkdf_extract()

int lc_hkdf_extract	(	struct lc_hkdf_ctx *	hkdf_ctx,
		const uint8_t *	ikm,
		size_t	ikmlen,
		const uint8_t *	salt,
		size_t	saltlen )

HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Extract phase.

Parameters

[in,out]	hkdf_ctx	The caller is expected to provide an allocated HMAC cipher handle in. Yet, the caller does not need to perform any operations on the handle. The extract phase adjusts the HMAC cipher handle so that it is ready for the expand phase.
[in]	ikm	Input Keying Material (see RFC5869)
[in]	ikmlen	Length of ikm buffer
[in]	salt	Optional salt value - if caller does not want to use a salt set NULL here.
[in]	saltlen	Length of salt value buffer.

Returns: 0 on success, < 0 on error

◆ lc_hkdf_zero()

static void lc_hkdf_zero ( struct lc_hkdf_ctx * hkdf_ctx )

inlinestatic

Zeroize HKDF context allocated with either LC_HKDF_CTX_ON_STACK or hkdf_alloc.

Parameters

[in] hkdf_ctx HMAC context to be zeroized

Definition at line 102 of file lc_hkdf.h.

◆ lc_hkdf_zero_free()

void lc_hkdf_zero_free ( struct lc_hkdf_ctx * hkdf_ctx )

Zeroize and free HKDF context.

Parameters

[in] hkdf_ctx HKDF context to be zeroized and freed

◆ lc_kdf_ctr()

int lc_kdf_ctr	(	const struct lc_hash *	hash,
		const uint8_t *	key,
		size_t	keylen,
		const uint8_t *	label,
		size_t	labellen,
		uint8_t *	dst,
		size_t	dlen )

One-shot Key-based Key Derivation in Counter Mode - SP800-108.

Parameters

[in]	hash	Hash implementation to use for the KDF operation - this hash implementation is used for the HMAC calls.
[in]	key	Key from which the new key is to be derived from
[in]	keylen	Length of the key buffer.
[in]	label	Optional label string that is used to diversify the key
[in]	labellen	Length of the label buffer
[out]	dst	Buffer that is filled with the derived key. This buffer with the size of keylen must be allocated by the caller.
[in]	dlen	Length of the key that shall be derived.

Returns: 0 on success, < 0 on error

◆ lc_kdf_ctr_generate()

int lc_kdf_ctr_generate	(	struct lc_hmac_ctx *	hmac_ctx,
		const uint8_t *	label,
		size_t	labellen,
		uint8_t *	dst,
		size_t	dlen )

Key-based Key Derivation in Counter Mode - SP800-108 - data generation.

Parameters

[in]	hmac_ctx	Cipher handle for the operation. This call expects the caller to hand in a HMAC cipher handle that has been initialized with hkdf_extract.
[in]	label	Optional context and application specific information. This may be NULL.
[in]	labellen	Size of label buffer.
[out]	dst	Buffer to store the derived bits in
[in]	dlen	Size of the destination buffer.

Returns: 0 on success, < 0 on error

◆ lc_kdf_ctr_init()

int lc_kdf_ctr_init	(	struct lc_hmac_ctx *	hmac_ctx,
		const uint8_t *	key,
		size_t	keylen )

Key-based Key Derivation in Counter Mode - SP800-108 - initialization.

Parameters

[in,out]	hmac_ctx	The caller is expected to provide an allocated HMAC cipher handle in. Yet, the caller does not need to perform any operations on the handle. The extract phase adjusts the HMAC cipher handle so that it is ready for the expand phase.
[in]	key	Input Keying Material (see RFC5869)
[in]	keylen	Length of ikm buffer

Returns: 0 on success, < 0 on error

◆ lc_kdf_dpi()

int lc_kdf_dpi	(	const struct lc_hash *	hash,
		const uint8_t *	key,
		size_t	keylen,
		const uint8_t *	label,
		size_t	labellen,
		uint8_t *	dst,
		size_t	dlen )

One-Shot Key-based Key Derivation in Double-Pipeline Mode - SP800-108.

Parameters

[in]	hash	Hash implementation to use for the KDF operation - this hash implementation is used for the HMAC calls.
[in]	key	Key from which the new key is to be derived from
[in]	keylen	Length of the key buffer.
[in]	label	Optional label string that is used to diversify the key
[in]	labellen	Length of the label buffer
[out]	dst	Buffer that is filled with the derived key. This buffer with the size of keylen must be allocated by the caller.
[in]	dlen	Length of the key that shall be derived.

Returns: 0 on success, < 0 on error

◆ lc_kdf_dpi_generate()

int lc_kdf_dpi_generate	(	struct lc_hmac_ctx *	hmac_ctx,
		const uint8_t *	label,
		size_t	labellen,
		uint8_t *	dst,
		size_t	dlen )

Key-based Key Derivation in Double-Pipeline Mode - SP800-108 - data generation.

Parameters

[in]	hmac_ctx	Cipher handle for the operation. This call expects the caller to hand in a HMAC cipher handle that has been initialized with hkdf_extract.
[in]	label	Optional context and application specific information. This may be NULL.
[in]	labellen	Size of label buffer.
[out]	dst	Buffer to store the derived bits in
[in]	dlen	Size of the destination buffer.

Returns: 0 on success, < 0 on error

◆ lc_kdf_dpi_init()

int lc_kdf_dpi_init	(	struct lc_hmac_ctx *	hmac_ctx,
		const uint8_t *	key,
		size_t	keylen )

Key-based Key Derivation in Double-Pipeline Mode - SP800-108 - initialization.

Parameters

[in,out]	hmac_ctx	The caller is expected to provide an allocated HMAC cipher handle in. Yet, the caller does not need to perform any operations on the handle. The extract phase adjusts the HMAC cipher handle so that it is ready for the expand phase.
[in]	key	Input Keying Material (see RFC5869)
[in]	keylen	Length of ikm buffer

Returns: 0 on success, < 0 on error

◆ lc_kdf_fb()

int lc_kdf_fb	(	const struct lc_hash *	hash,
		const uint8_t *	key,
		size_t	keylen,
		const uint8_t *	iv,
		size_t	ivlen,
		const uint8_t *	label,
		size_t	labellen,
		uint8_t *	dst,
		size_t	dlen )

One-shot Key-based Key Derivation in Feedback Mode - SP800-108.

Parameters

[in]	hash	Hash implementation to use for the KDF operation - this hash implementation is used for the HMAC calls.
[in]	key	Key from which the new key is to be derived from
[in]	keylen	Length of the key buffer.
[in]	iv	Initialization vector which must be exactly as large as the message digest of the selected hash.
[in]	ivlen	Size of the IV buffer.
[in]	label	Optional label string that is used to diversify the key
[in]	labellen	Length of the label buffer
[out]	dst	Buffer that is filled with the derived key. This buffer with the size of keylen must be allocated by the caller.
[in]	dlen	Length of the key that shall be derived.

Returns: 0 on success, < 0 on error

◆ lc_kdf_fb_generate()

int lc_kdf_fb_generate	(	struct lc_hmac_ctx *	hmac_ctx,
		const uint8_t *	iv,
		size_t	ivlen,
		const uint8_t *	label,
		size_t	labellen,
		uint8_t *	dst,
		size_t	dlen )

Key-based Key Derivation in Feedback Mode - SP800-108 - data generation.

Parameters

[in]	hmac_ctx	Cipher handle for the operation. This call expects the caller to hand in a HMAC cipher handle that has been initialized with hkdf_extract.
[in]	iv	Initialization vector which must be exactly as large as the message digest of the selected hash.
[in]	ivlen	Size of the IV buffer.
[in]	label	Optional context and application specific information. This may be NULL.
[in]	labellen	Size of label buffer.
[out]	dst	Buffer to store the derived bits in
[in]	dlen	Size of the destination buffer.

Returns: 0 on success, < 0 on error

◆ lc_kdf_fb_init()

int lc_kdf_fb_init	(	struct lc_hmac_ctx *	hmac_ctx,
		const uint8_t *	key,
		size_t	keylen )

Key-based Key Derivation in Feedback Mode - SP800-108 - initialization.

Parameters

[in,out]	hmac_ctx	The caller is expected to provide an allocated HMAC cipher handle in. Yet, the caller does not need to perform any operations on the handle. The extract phase adjusts the HMAC cipher handle so that it is ready for the expand phase.
[in]	key	Input Keying Material (see RFC5869)
[in]	keylen	Length of ikm buffer

Returns: 0 on success, < 0 on error

◆ lc_pbkdf2()

int lc_pbkdf2	(	const struct lc_hash *	hash,
		const uint8_t *	pw,
		size_t	pwlen,
		const uint8_t *	salt,
		size_t	saltlen,
		const uint32_t	count,
		uint8_t *	key,
		size_t	keylen )

Password-based Key Derivation Function - SP800-132.

Parameters

[in]	hash	Hash implementation to use for the PBKDF2 operation - this hash implementation is used for the HMAC calls.
[in]	pw	Password from which to derive the key
[in]	pwlen	Length of the password buffer
[in]	salt	Optional salt value, may be NULL
[in]	saltlen	Length of the salt value
[in]	count	Number of iterations that shall be performed to derive the key.
[out]	key	Buffer that is filled with the derived key. This buffer with the size of keylen must be allocated by the caller.
[in]	keylen	Length of the key that shall be derived.

Returns: 0 on success, < 0 on error

Macros

Functions

Detailed Description

Macro Definition Documentation

◆ LC_HKDF_CTX_ON_STACK

Function Documentation

◆ lc_hkdf()

◆ lc_hkdf_alloc()

◆ lc_hkdf_expand()

◆ lc_hkdf_extract()

◆ lc_hkdf_zero()

◆ lc_hkdf_zero_free()

◆ lc_kdf_ctr()

◆ lc_kdf_ctr_generate()

◆ lc_kdf_ctr_init()

◆ lc_kdf_dpi()

◆ lc_kdf_dpi_generate()

◆ lc_kdf_dpi_init()

◆ lc_kdf_fb()

◆ lc_kdf_fb_generate()

◆ lc_kdf_fb_init()

◆ lc_pbkdf2()