crypto::hkdf +linux +x86_64

This module provides a HKDF implementation according to RFC 5869.



fn hkdf(*hash::hash, []u8, []u8, []u8, ([]u8 | void), []u8) void;


fn hkdf[link]

fn hkdf(
	h: *hash::hash,
	dest: []u8,
	key: []u8,
	info: []u8,
	salt: ([]u8 | void),
	buf: []u8,
) void;

Derives a new key from specified 'key' material using HMAC with 'h' as underlying hash function and writes it to 'dest'. The resulting key size is of the size of 'dest'.

'info' binds the resulting key to the context in where it is being used and therefore prevents the derivation of the same key for different contexts. It should be independent of the input key. 'salt' does not need to be secret and it's recommended to use a random or pseudo random value, ideally of the hash size of the given hash function. The 'salt' must be a fixed value or void between many different contexts.

'buf' must be of the size hash::bsz + hash::sz of given hash 'h'.

See the RFC 5869 for detailed usage guidance.