Extract-and-Expand Key Derivation Function (HKDF)
More...
#include <hkdf.h>
|
std::string | AlgorithmName () const |
| Provides the name of this algorithm.
|
|
size_t | MaxDerivedKeyLength () const |
| Determine maximum number of bytes.
|
|
size_t | GetValidDerivedLength (size_t keylength) const |
| Returns a valid key length for the derivation function.
|
|
size_t | DeriveKey (byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, const NameValuePairs ¶ms) const |
| Derive a key from a seed.
|
|
size_t | DeriveKey (byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, const byte *salt, size_t saltLen, const byte *info, size_t infoLen) const |
| Derive a key from a seed.
|
|
virtual size_t | MinDerivedKeyLength () const |
| Determine minimum number of bytes.
|
|
virtual bool | IsValidDerivedLength (size_t keylength) const |
| Returns whether keylength is a valid key length.
|
|
virtual void | SetParameters (const NameValuePairs ¶ms) |
| Set or change parameters.
|
|
| Algorithm (bool checkSelfTestStatus=true) |
| Interface for all crypto algorithms.
|
|
virtual std::string | AlgorithmProvider () const |
| Retrieve the provider of this algorithm.
|
|
virtual Clonable * | Clone () const |
| Copies this object.
|
|
template<class T>
class HKDF< T >
Extract-and-Expand Key Derivation Function (HKDF)
- Template Parameters
-
- See also
- Cryptographic Extraction and Key Derivation: The HKDF Scheme and HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
- Since
- Crypto++ 5.6.3
Definition at line 25 of file hkdf.h.
◆ NullVectorType
template<class T >
typedef byte HKDF< T >::NullVectorType[T::DIGESTSIZE] |
|
protected |
◆ ~HKDF()
◆ AlgorithmName()
template<class T >
std::string HKDF< T >::AlgorithmName |
( |
| ) |
const |
|
inlinevirtual |
◆ DeriveKey() [1/2]
template<class T >
size_t HKDF< T >::DeriveKey |
( |
byte * |
derived, |
|
|
size_t |
derivedLen, |
|
|
const byte * |
secret, |
|
|
size_t |
secretLen, |
|
|
const byte * |
salt, |
|
|
size_t |
saltLen, |
|
|
const byte * |
info, |
|
|
size_t |
infoLen |
|
) |
| const |
Derive a key from a seed.
- Parameters
-
derived | the derived output buffer |
derivedLen | the size of the derived buffer, in bytes |
secret | the seed input buffer |
secretLen | the size of the secret buffer, in bytes |
salt | the salt input buffer |
saltLen | the size of the salt buffer, in bytes |
info | the additional input buffer |
infoLen | the size of the info buffer, in bytes |
- Returns
- the number of iterations performed
- Exceptions
-
DeriveKey() provides a standard interface to derive a key from a seed and other parameters. Each class that derives from KeyDerivationFunction provides an overload that accepts most parameters used by the derivation function.
salt
and info
can be nullptr
with 0 length. HKDF is unusual in that a non-NULL salt with length 0 is different than a NULL salt
. A NULL salt
causes HKDF to use a string of 0's of length T::DIGESTSIZE
for the salt
.
HKDF always returns 1 because it only performs 1 iteration. Other derivation functions, like PBKDF's, will return more interesting values.
Definition at line 125 of file hkdf.h.
◆ DeriveKey() [2/2]
template<class T >
size_t HKDF< T >::DeriveKey |
( |
byte * |
derived, |
|
|
size_t |
derivedLen, |
|
|
const byte * |
secret, |
|
|
size_t |
secretLen, |
|
|
const NameValuePairs & |
params |
|
) |
| const |
|
virtual |
Derive a key from a seed.
- Parameters
-
derived | the derived output buffer |
derivedLen | the size of the derived buffer, in bytes |
secret | the seed input buffer |
secretLen | the size of the secret buffer, in bytes |
params | additional initialization parameters to configure this object |
- Returns
- the number of iterations performed
- Exceptions
-
DeriveKey() provides a standard interface to derive a key from a secret seed and other parameters. Each class that derives from KeyDerivationFunction provides an overload that accepts most parameters used by the derivation function.
the number of iterations performed by DeriveKey() may be 1. For example, a scheme like HKDF does not use the iteration count so it returns 1.
Implements KeyDerivationFunction.
Definition at line 101 of file hkdf.h.
◆ GetAlgorithm()
◆ GetNullVector()
template<class T >
static const NullVectorType & HKDF< T >::GetNullVector |
( |
| ) |
|
|
inlinestaticprotected |
◆ GetValidDerivedLength()
template<class T >
size_t HKDF< T >::GetValidDerivedLength |
( |
size_t |
keylength | ) |
const |
|
virtual |
Returns a valid key length for the derivation function.
- Parameters
-
keylength | the size of the derived key, in bytes |
- Returns
- the valid key length, in bytes
Implements KeyDerivationFunction.
Definition at line 93 of file hkdf.h.
◆ MaxDerivedKeyLength()
template<class T >
size_t HKDF< T >::MaxDerivedKeyLength |
( |
| ) |
const |
|
inlinevirtual |
Determine maximum number of bytes.
- Returns
- Maximum number of bytes which can be derived
Reimplemented from KeyDerivationFunction.
Definition at line 42 of file hkdf.h.
◆ StaticAlgorithmName()
template<class T >
static std::string HKDF< T >::StaticAlgorithmName |
( |
| ) |
|
|
inlinestatic |
The documentation for this class was generated from the following file:
- G:/work/subversion/scol-technologies/trunk/scol/plugins/security/cryptopp/hkdf.h