DOKK / manpages / debian 12 / libkcapi-dev / kcapi_kdf_ctr.3.en
KCAPI_KDF_CTR(3) Programming Interface KCAPI_KDF_CTR(3)

kcapi_kdf_ctr - Counter Mode Key Derivation Function

ssize_t kcapi_kdf_ctr(struct kcapi_handle * handle, const uint8_t * src, size_t slen, uint8_t * dst, size_t dlen);

handle

[in] cipher handle allocated by caller. This cipher handle must be allocated with kcapi_md_init. If the caller is interested in a KDF using a keyed message digest, the caller should also call kcapi_md_setkey before invoking this function.

src

[in] Input data that should be transformed into a key (see below).

slen

[in] Length of the src input data.

dst

[out] Buffer to store the generated key in,

dlen

[in] Length of the dst buffer. This value defines the number of bytes generated by the KDF.

This function is an implementation of the KDF in counter mode according to SP800-108 section 5.1 as well as SP800-56A section 5.8.1 (Single-step KDF).

SP800-108: The caller must provide Label || 0x00 || Context in src. This src pointer may also be NULL if the caller wishes not to provide anything.

SP800-56A: If a keyed MAC is used, the key shall NOT be the shared secret from the DH operation, but an independently generated key. The src pointer is defined as Z || other info where Z is the shared secret from DH and other info is an arbitrary string (see SP800-56A section 5.8.1.2).

return 0 upon success; a negative errno-style error code if an error occurred

Stephan Mueller <smueller@chronox.de>

Author.

February 2022 libkcapi Manual 1.4.0