crypto_hkdf.h File Reference

Headers for crypto_hkdf.h. More...

#include "lib/cc/torint.h"

Go to the source code of this file.


int crypto_expand_key_material_TAP (const uint8_t *key_in, size_t key_in_len, uint8_t *key_out, size_t key_out_len)
int crypto_expand_key_material_rfc5869_sha256 (const uint8_t *key_in, size_t key_in_len, const uint8_t *salt_in, size_t salt_in_len, const uint8_t *info_in, size_t info_in_len, uint8_t *key_out, size_t key_out_len)

Detailed Description

Headers for crypto_hkdf.h.

Definition in file crypto_hkdf.h.

Function Documentation

◆ crypto_expand_key_material_rfc5869_sha256()

int crypto_expand_key_material_rfc5869_sha256 ( const uint8_t *  key_in,
size_t  key_in_len,
const uint8_t *  salt_in,
size_t  salt_in_len,
const uint8_t *  info_in,
size_t  info_in_len,
uint8_t *  key_out,
size_t  key_out_len 

Expand some secret key material according to RFC5869, using SHA256 as the underlying hash. The key_in_len bytes at key_in are the secret key material; the salt_in_len bytes at salt_in and the info_in_len bytes in info_in_len are the algorithm's "salt" and "info" parameters respectively. On success, write key_out_len bytes to key_out and return 0. Assert on failure.

Definition at line 179 of file crypto_hkdf.c.

◆ crypto_expand_key_material_TAP()

int crypto_expand_key_material_TAP ( const uint8_t *  key_in,
size_t  key_in_len,
uint8_t *  key_out,
size_t  key_out_len 

Given key_in_len bytes of negotiated randomness in key_in ("K"), expand it into key_out_len bytes of negotiated key material in key_out by taking the first key_out_len bytes of H(K | [00]) | H(K | [01]) | ....

This is the key expansion algorithm used in the "TAP" circuit extension mechanism; it shouldn't be used for new protocols.

Return 0 on success, -1 on failure.

Definition at line 43 of file crypto_hkdf.c.