kcapi_kdf_dpi - Man Page

Double Pipeline Mode Key Derivation Function

Synopsis

ssize_t kcapi_kdf_dpi(struct kcapi_handle * handle, const uint8_t * src, size_t slen, uint8_t * dst, size_t dlen);

Arguments

handle

[in] cipher handle allocated by caller. This cipher handle must be allocated with kcapi_md_init. If the caller is interested in a KDF using a keyed message digest, the caller should also call kcapi_md_setkey before invoking this function.

src

[in] Input data that should be transformed into a key (see below).

slen

[in] Length of the src input data.

dst

[out] Buffer to store the generated key in,

dlen

[in] Length of the dst buffer. This value defines the number of bytes generated by the KDF.

Description

This function is an implementation of the KDF in double pipeline iteration mode according with counter to SP800-108 section 5.3.

The caller must provide Label || 0x00 || Context in src. This src pointer may also be NULL if the caller wishes not to provide anything.

return 0 upon success; a negative errno-style error code if an error occurred

Author

Stephan Mueller <smueller@chronox.de>

Author.

Info

January 2024 libkcapi Manual 1.4.0 Programming Interface