Leancrypto 0.12.0
Post-Quantum Cryptographic Library
|
Macros | |
#define | LC_HKDF_CTX_ON_STACK(name, hashname) |
Allocate stack memory for the HKDF context. | |
Functions | |
int | lc_hkdf_extract (struct lc_hkdf_ctx *hkdf_ctx, const uint8_t *ikm, size_t ikmlen, const uint8_t *salt, size_t saltlen) |
HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Extract phase. | |
int | lc_hkdf_expand (struct lc_hkdf_ctx *hkdf_ctx, const uint8_t *info, size_t infolen, uint8_t *dst, size_t dlen) |
HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Expand phase. | |
static void | lc_hkdf_zero (struct lc_hkdf_ctx *hkdf_ctx) |
Zeroize HKDF context allocated with either LC_HKDF_CTX_ON_STACK or hkdf_alloc. | |
int | lc_hkdf_alloc (const struct lc_hash *hash, struct lc_hkdf_ctx **hkdf_ctx) |
Allocate HKDF context on heap. | |
void | lc_hkdf_zero_free (struct lc_hkdf_ctx *hkdf_ctx) |
Zeroize and free HKDF context. | |
static int | lc_hkdf (const struct lc_hash *hash, const uint8_t *ikm, size_t ikmlen, const uint8_t *salt, size_t saltlen, const uint8_t *info, size_t infolen, uint8_t *dst, size_t dlen) |
HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Complete implementation. | |
int | lc_kdf_ctr_init (struct lc_hmac_ctx *hmac_ctx, const uint8_t *key, size_t keylen) |
Key-based Key Derivation in Counter Mode - SP800-108 - initialization. | |
int | lc_kdf_ctr_generate (struct lc_hmac_ctx *hmac_ctx, const uint8_t *label, size_t labellen, uint8_t *dst, size_t dlen) |
Key-based Key Derivation in Counter Mode - SP800-108 - data generation. | |
int | lc_kdf_ctr (const struct lc_hash *hash, const uint8_t *key, size_t keylen, const uint8_t *label, size_t labellen, uint8_t *dst, size_t dlen) |
One-shot Key-based Key Derivation in Counter Mode - SP800-108. | |
int | lc_kdf_dpi_init (struct lc_hmac_ctx *hmac_ctx, const uint8_t *key, size_t keylen) |
Key-based Key Derivation in Double-Pipeline Mode - SP800-108 - initialization. | |
int | lc_kdf_dpi_generate (struct lc_hmac_ctx *hmac_ctx, const uint8_t *label, size_t labellen, uint8_t *dst, size_t dlen) |
Key-based Key Derivation in Double-Pipeline Mode - SP800-108 - data generation. | |
int | lc_kdf_dpi (const struct lc_hash *hash, const uint8_t *key, size_t keylen, const uint8_t *label, size_t labellen, uint8_t *dst, size_t dlen) |
One-Shot Key-based Key Derivation in Double-Pipeline Mode - SP800-108. | |
int | lc_kdf_fb_init (struct lc_hmac_ctx *hmac_ctx, const uint8_t *key, size_t keylen) |
Key-based Key Derivation in Feedback Mode - SP800-108 - initialization. | |
int | lc_kdf_fb_generate (struct lc_hmac_ctx *hmac_ctx, const uint8_t *iv, size_t ivlen, const uint8_t *label, size_t labellen, uint8_t *dst, size_t dlen) |
Key-based Key Derivation in Feedback Mode - SP800-108 - data generation. | |
int | lc_kdf_fb (const struct lc_hash *hash, const uint8_t *key, size_t keylen, const uint8_t *iv, size_t ivlen, const uint8_t *label, size_t labellen, uint8_t *dst, size_t dlen) |
One-shot Key-based Key Derivation in Feedback Mode - SP800-108. | |
int | lc_pbkdf2 (const struct lc_hash *hash, const uint8_t *pw, size_t pwlen, const uint8_t *salt, size_t saltlen, const uint32_t count, uint8_t *key, size_t keylen) |
Password-based Key Derivation Function - SP800-132. | |
#define LC_HKDF_CTX_ON_STACK | ( | name, | |
hashname ) |
Allocate stack memory for the HKDF context.
[in] | name | Name of the stack variable |
[in] | hashname | Reference to lc_hash implementation |
|
inlinestatic |
HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Complete implementation.
[in] | hash | Reference to lc_hash implementation |
[in] | ikm | Input Keying Material (see RFC5869) |
[in] | ikmlen | Length of ikm buffer |
[in] | salt | Optional salt value - if caller does not want to use a salt set NULL here. |
[in] | saltlen | Length of salt value buffer. |
[in] | info | Optional context and application specific information. This may be NULL. |
[in] | infolen | Size of info buffer. |
[out] | dst | Buffer to store the derived bits in |
[in] | dlen | Size of the destination buffer. |
int lc_hkdf_alloc | ( | const struct lc_hash * | hash, |
struct lc_hkdf_ctx ** | hkdf_ctx ) |
Allocate HKDF context on heap.
[in] | hash | Reference to hash implementation to be used to perform HMAC calculation with. |
[out] | hkdf_ctx | Allocated HKDF context |
int lc_hkdf_expand | ( | struct lc_hkdf_ctx * | hkdf_ctx, |
const uint8_t * | info, | ||
size_t | infolen, | ||
uint8_t * | dst, | ||
size_t | dlen ) |
HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Expand phase.
[in] | hkdf_ctx | Cipher handle for the operation. This call expects the caller to hand in a HMAC cipher handle that has been initialized with hkdf_extract. |
[in] | info | Optional context and application specific information. This may be NULL. |
[in] | infolen | Size of info buffer. |
[out] | dst | Buffer to store the derived bits in |
[in] | dlen | Size of the destination buffer. |
int lc_hkdf_extract | ( | struct lc_hkdf_ctx * | hkdf_ctx, |
const uint8_t * | ikm, | ||
size_t | ikmlen, | ||
const uint8_t * | salt, | ||
size_t | saltlen ) |
HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - RFC5869 Extract phase.
[in,out] | hkdf_ctx | The caller is expected to provide an allocated HMAC cipher handle in. Yet, the caller does not need to perform any operations on the handle. The extract phase adjusts the HMAC cipher handle so that it is ready for the expand phase. |
[in] | ikm | Input Keying Material (see RFC5869) |
[in] | ikmlen | Length of ikm buffer |
[in] | salt | Optional salt value - if caller does not want to use a salt set NULL here. |
[in] | saltlen | Length of salt value buffer. |
|
inlinestatic |
void lc_hkdf_zero_free | ( | struct lc_hkdf_ctx * | hkdf_ctx | ) |
Zeroize and free HKDF context.
[in] | hkdf_ctx | HKDF context to be zeroized and freed |
int lc_kdf_ctr | ( | const struct lc_hash * | hash, |
const uint8_t * | key, | ||
size_t | keylen, | ||
const uint8_t * | label, | ||
size_t | labellen, | ||
uint8_t * | dst, | ||
size_t | dlen ) |
One-shot Key-based Key Derivation in Counter Mode - SP800-108.
[in] | hash | Hash implementation to use for the KDF operation - this hash implementation is used for the HMAC calls. |
[in] | key | Key from which the new key is to be derived from |
[in] | keylen | Length of the key buffer. |
[in] | label | Optional label string that is used to diversify the key |
[in] | labellen | Length of the label buffer |
[out] | dst | Buffer that is filled with the derived key. This buffer with the size of keylen must be allocated by the caller. |
[in] | dlen | Length of the key that shall be derived. |
int lc_kdf_ctr_generate | ( | struct lc_hmac_ctx * | hmac_ctx, |
const uint8_t * | label, | ||
size_t | labellen, | ||
uint8_t * | dst, | ||
size_t | dlen ) |
Key-based Key Derivation in Counter Mode - SP800-108 - data generation.
[in] | hmac_ctx | Cipher handle for the operation. This call expects the caller to hand in a HMAC cipher handle that has been initialized with hkdf_extract. |
[in] | label | Optional context and application specific information. This may be NULL. |
[in] | labellen | Size of label buffer. |
[out] | dst | Buffer to store the derived bits in |
[in] | dlen | Size of the destination buffer. |
int lc_kdf_ctr_init | ( | struct lc_hmac_ctx * | hmac_ctx, |
const uint8_t * | key, | ||
size_t | keylen ) |
Key-based Key Derivation in Counter Mode - SP800-108 - initialization.
[in,out] | hmac_ctx | The caller is expected to provide an allocated HMAC cipher handle in. Yet, the caller does not need to perform any operations on the handle. The extract phase adjusts the HMAC cipher handle so that it is ready for the expand phase. |
[in] | key | Input Keying Material (see RFC5869) |
[in] | keylen | Length of ikm buffer |
int lc_kdf_dpi | ( | const struct lc_hash * | hash, |
const uint8_t * | key, | ||
size_t | keylen, | ||
const uint8_t * | label, | ||
size_t | labellen, | ||
uint8_t * | dst, | ||
size_t | dlen ) |
One-Shot Key-based Key Derivation in Double-Pipeline Mode - SP800-108.
[in] | hash | Hash implementation to use for the KDF operation - this hash implementation is used for the HMAC calls. |
[in] | key | Key from which the new key is to be derived from |
[in] | keylen | Length of the key buffer. |
[in] | label | Optional label string that is used to diversify the key |
[in] | labellen | Length of the label buffer |
[out] | dst | Buffer that is filled with the derived key. This buffer with the size of keylen must be allocated by the caller. |
[in] | dlen | Length of the key that shall be derived. |
int lc_kdf_dpi_generate | ( | struct lc_hmac_ctx * | hmac_ctx, |
const uint8_t * | label, | ||
size_t | labellen, | ||
uint8_t * | dst, | ||
size_t | dlen ) |
Key-based Key Derivation in Double-Pipeline Mode - SP800-108 - data generation.
[in] | hmac_ctx | Cipher handle for the operation. This call expects the caller to hand in a HMAC cipher handle that has been initialized with hkdf_extract. |
[in] | label | Optional context and application specific information. This may be NULL. |
[in] | labellen | Size of label buffer. |
[out] | dst | Buffer to store the derived bits in |
[in] | dlen | Size of the destination buffer. |
int lc_kdf_dpi_init | ( | struct lc_hmac_ctx * | hmac_ctx, |
const uint8_t * | key, | ||
size_t | keylen ) |
Key-based Key Derivation in Double-Pipeline Mode - SP800-108 - initialization.
[in,out] | hmac_ctx | The caller is expected to provide an allocated HMAC cipher handle in. Yet, the caller does not need to perform any operations on the handle. The extract phase adjusts the HMAC cipher handle so that it is ready for the expand phase. |
[in] | key | Input Keying Material (see RFC5869) |
[in] | keylen | Length of ikm buffer |
int lc_kdf_fb | ( | const struct lc_hash * | hash, |
const uint8_t * | key, | ||
size_t | keylen, | ||
const uint8_t * | iv, | ||
size_t | ivlen, | ||
const uint8_t * | label, | ||
size_t | labellen, | ||
uint8_t * | dst, | ||
size_t | dlen ) |
One-shot Key-based Key Derivation in Feedback Mode - SP800-108.
[in] | hash | Hash implementation to use for the KDF operation - this hash implementation is used for the HMAC calls. |
[in] | key | Key from which the new key is to be derived from |
[in] | keylen | Length of the key buffer. |
[in] | iv | Initialization vector which must be exactly as large as the message digest of the selected hash. |
[in] | ivlen | Size of the IV buffer. |
[in] | label | Optional label string that is used to diversify the key |
[in] | labellen | Length of the label buffer |
[out] | dst | Buffer that is filled with the derived key. This buffer with the size of keylen must be allocated by the caller. |
[in] | dlen | Length of the key that shall be derived. |
int lc_kdf_fb_generate | ( | struct lc_hmac_ctx * | hmac_ctx, |
const uint8_t * | iv, | ||
size_t | ivlen, | ||
const uint8_t * | label, | ||
size_t | labellen, | ||
uint8_t * | dst, | ||
size_t | dlen ) |
Key-based Key Derivation in Feedback Mode - SP800-108 - data generation.
[in] | hmac_ctx | Cipher handle for the operation. This call expects the caller to hand in a HMAC cipher handle that has been initialized with hkdf_extract. |
[in] | iv | Initialization vector which must be exactly as large as the message digest of the selected hash. |
[in] | ivlen | Size of the IV buffer. |
[in] | label | Optional context and application specific information. This may be NULL. |
[in] | labellen | Size of label buffer. |
[out] | dst | Buffer to store the derived bits in |
[in] | dlen | Size of the destination buffer. |
int lc_kdf_fb_init | ( | struct lc_hmac_ctx * | hmac_ctx, |
const uint8_t * | key, | ||
size_t | keylen ) |
Key-based Key Derivation in Feedback Mode - SP800-108 - initialization.
[in,out] | hmac_ctx | The caller is expected to provide an allocated HMAC cipher handle in. Yet, the caller does not need to perform any operations on the handle. The extract phase adjusts the HMAC cipher handle so that it is ready for the expand phase. |
[in] | key | Input Keying Material (see RFC5869) |
[in] | keylen | Length of ikm buffer |
int lc_pbkdf2 | ( | const struct lc_hash * | hash, |
const uint8_t * | pw, | ||
size_t | pwlen, | ||
const uint8_t * | salt, | ||
size_t | saltlen, | ||
const uint32_t | count, | ||
uint8_t * | key, | ||
size_t | keylen ) |
Password-based Key Derivation Function - SP800-132.
[in] | hash | Hash implementation to use for the PBKDF2 operation - this hash implementation is used for the HMAC calls. |
[in] | pw | Password from which to derive the key |
[in] | pwlen | Length of the password buffer |
[in] | salt | Optional salt value, may be NULL |
[in] | saltlen | Length of the salt value |
[in] | count | Number of iterations that shall be performed to derive the key. |
[out] | key | Buffer that is filled with the derived key. This buffer with the size of keylen must be allocated by the caller. |
[in] | keylen | Length of the key that shall be derived. |