Extract-and-Expand Key Derivation Function (HKDF) More...
Inheritance diagram for HKDF< T >:
Public Member Functions | |
| std::string | AlgorithmName () const |
| Provides the name of this algorithm. More... | |
| size_t | MaxDerivedKeyLength () const |
| Determine maximum number of bytes. More... | |
| size_t | GetValidDerivedLength (size_t keylength) const |
| Returns a valid key length for the derivation function. More... | |
| size_t | DeriveKey (byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, const NameValuePairs ¶ms) const |
| Derive a key from a seed. More... | |
| size_t | DeriveKey (byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, const byte *salt, size_t saltLen, const byte *info, size_t infoLen) const |
| Derive a key from a seed. More... | |
| Public Member Functions inherited from KeyDerivationFunction | |
| virtual size_t | MinDerivedKeyLength () const |
| Determine minimum number of bytes. More... | |
| virtual bool | IsValidDerivedLength (size_t keylength) const |
| Returns whether keylength is a valid key length. More... | |
| virtual void | SetParameters (const NameValuePairs ¶ms) |
| Set or change parameters. More... | |
| Public Member Functions inherited from Algorithm | |
| Algorithm (bool checkSelfTestStatus=true) | |
| Interface for all crypto algorithms. More... | |
| virtual std::string | AlgorithmProvider () const |
| Retrieve the provider of this algorithm. More... | |
| Public Member Functions inherited from Clonable | |
| virtual Clonable * | Clone () const |
| Copies this object. More... | |
Static Public Member Functions | |
| static std::string | StaticAlgorithmName () |
Detailed Description
template<class T>
class HKDF< T >
Extract-and-Expand Key Derivation Function (HKDF)
- Template Parameters
-
T HashTransformation class
- See also
- Cryptographic Extraction and Key Derivation: The HKDF Scheme and HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
- Since
- Crypto++ 5.6.3
Member Function Documentation
◆ AlgorithmName()
|
inlinevirtual |
Provides the name of this algorithm.
- Returns
- the standard algorithm name
Implements KeyDerivationFunction.
◆ MaxDerivedKeyLength()
|
inlinevirtual |
Determine maximum number of bytes.
- Returns
- Maximum number of bytes which can be derived
Reimplemented from KeyDerivationFunction.
◆ GetValidDerivedLength()
|
virtual |
Returns a valid key length for the derivation function.
- Parameters
-
keylength the size of the derived key, in bytes
- Returns
- the valid key length, in bytes
Implements KeyDerivationFunction.
◆ DeriveKey() [1/2]
|
virtual |
Derive a key from a seed.
- Parameters
-
derived the derived output buffer derivedLen the size of the derived buffer, in bytes secret the seed input buffer secretLen the size of the secret buffer, in bytes params additional initialization parameters to configure this object
- Returns
- the number of iterations performed
- Exceptions
-
InvalidDerivedKeyLength if derivedLenis invalid for the scheme
DeriveKey() provides a standard interface to derive a key from a secret seed and other parameters. Each class that derives from KeyDerivationFunction provides an overload that accepts most parameters used by the derivation function.
the number of iterations performed by DeriveKey() may be 1. For example, a scheme like HKDF does not use the iteration count so it returns 1.
Implements KeyDerivationFunction.
◆ DeriveKey() [2/2]
| size_t HKDF< T >::DeriveKey | ( | byte * | derived, |
| size_t | derivedLen, | ||
| const byte * | secret, | ||
| size_t | secretLen, | ||
| const byte * | salt, | ||
| size_t | saltLen, | ||
| const byte * | info, | ||
| size_t | infoLen | ||
| ) | const |
Derive a key from a seed.
- Parameters
-
derived the derived output buffer derivedLen the size of the derived buffer, in bytes secret the seed input buffer secretLen the size of the secret buffer, in bytes salt the salt input buffer saltLen the size of the salt buffer, in bytes info the additional input buffer infoLen the size of the info buffer, in bytes
- Returns
- the number of iterations performed
- Exceptions
-
InvalidDerivedKeyLength if derivedLenis invalid for the scheme
DeriveKey() provides a standard interface to derive a key from a seed and other parameters. Each class that derives from KeyDerivationFunction provides an overload that accepts most parameters used by the derivation function.
salt and info can be nullptr with 0 length. HKDF is unusual in that a non-NULL salt with length 0 is different than a NULL salt. A NULL salt causes HKDF to use a string of 0's of length T::DIGESTSIZE for the salt.
HKDF always returns 1 because it only performs 1 iteration. Other derivation functions, like PBKDF's, will return more interesting values.
The documentation for this class was generated from the following file:
