Crypto++  8.8
Free C++ class library of cryptographic schemes
Public Member Functions | Static Public Member Functions | List of all members
HKDF< T > Class Template Reference

Extract-and-Expand Key Derivation Function (HKDF) More...

+ Inheritance diagram for HKDF< T >:

Public Member Functions

std::string AlgorithmName () const
 Provides the name of this algorithm. More...
 
size_t MaxDerivedKeyLength () const
 Determine maximum number of bytes. More...
 
size_t GetValidDerivedLength (size_t keylength) const
 Returns a valid key length for the derivation function. More...
 
size_t DeriveKey (byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, const NameValuePairs &params) const
 Derive a key from a seed. More...
 
size_t DeriveKey (byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, const byte *salt, size_t saltLen, const byte *info, size_t infoLen) const
 Derive a key from a seed. More...
 
- Public Member Functions inherited from KeyDerivationFunction
virtual size_t MinDerivedKeyLength () const
 Determine minimum number of bytes. More...
 
virtual bool IsValidDerivedLength (size_t keylength) const
 Returns whether keylength is a valid key length. More...
 
virtual void SetParameters (const NameValuePairs &params)
 Set or change parameters. More...
 
- Public Member Functions inherited from Algorithm
 Algorithm (bool checkSelfTestStatus=true)
 Interface for all crypto algorithms. More...
 
virtual std::string AlgorithmProvider () const
 Retrieve the provider of this algorithm. More...
 
- Public Member Functions inherited from Clonable
virtual ClonableClone () const
 Copies this object. More...
 

Static Public Member Functions

static std::string StaticAlgorithmName ()
 

Detailed Description

template<class T>
class HKDF< T >

Extract-and-Expand Key Derivation Function (HKDF)

Template Parameters
THashTransformation class
See also
Cryptographic Extraction and Key Derivation: The HKDF Scheme and HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
Since
Crypto++ 5.6.3

Definition at line 25 of file hkdf.h.

Member Function Documentation

◆ AlgorithmName()

template<class T >
std::string HKDF< T >::AlgorithmName ( ) const
inlinevirtual

Provides the name of this algorithm.

Returns
the standard algorithm name

Implements KeyDerivationFunction.

Definition at line 37 of file hkdf.h.

◆ MaxDerivedKeyLength()

template<class T >
size_t HKDF< T >::MaxDerivedKeyLength ( ) const
inlinevirtual

Determine maximum number of bytes.

Returns
Maximum number of bytes which can be derived

Reimplemented from KeyDerivationFunction.

Definition at line 42 of file hkdf.h.

◆ GetValidDerivedLength()

template<class T >
size_t HKDF< T >::GetValidDerivedLength ( size_t  keylength) const
virtual

Returns a valid key length for the derivation function.

Parameters
keylengththe size of the derived key, in bytes
Returns
the valid key length, in bytes

Implements KeyDerivationFunction.

Definition at line 93 of file hkdf.h.

◆ DeriveKey() [1/2]

template<class T >
size_t HKDF< T >::DeriveKey ( byte derived,
size_t  derivedLen,
const byte secret,
size_t  secretLen,
const NameValuePairs params 
) const
virtual

Derive a key from a seed.

Parameters
derivedthe derived output buffer
derivedLenthe size of the derived buffer, in bytes
secretthe seed input buffer
secretLenthe size of the secret buffer, in bytes
paramsadditional initialization parameters to configure this object
Returns
the number of iterations performed
Exceptions
InvalidDerivedKeyLengthif derivedLen is invalid for the scheme

DeriveKey() provides a standard interface to derive a key from a secret seed and other parameters. Each class that derives from KeyDerivationFunction provides an overload that accepts most parameters used by the derivation function.

the number of iterations performed by DeriveKey() may be 1. For example, a scheme like HKDF does not use the iteration count so it returns 1.

Implements KeyDerivationFunction.

Definition at line 101 of file hkdf.h.

◆ DeriveKey() [2/2]

template<class T >
size_t HKDF< T >::DeriveKey ( byte derived,
size_t  derivedLen,
const byte secret,
size_t  secretLen,
const byte salt,
size_t  saltLen,
const byte info,
size_t  infoLen 
) const

Derive a key from a seed.

Parameters
derivedthe derived output buffer
derivedLenthe size of the derived buffer, in bytes
secretthe seed input buffer
secretLenthe size of the secret buffer, in bytes
saltthe salt input buffer
saltLenthe size of the salt buffer, in bytes
infothe additional input buffer
infoLenthe size of the info buffer, in bytes
Returns
the number of iterations performed
Exceptions
InvalidDerivedKeyLengthif derivedLen is invalid for the scheme

DeriveKey() provides a standard interface to derive a key from a seed and other parameters. Each class that derives from KeyDerivationFunction provides an overload that accepts most parameters used by the derivation function.

salt and info can be nullptr with 0 length. HKDF is unusual in that a non-NULL salt with length 0 is different than a NULL salt. A NULL salt causes HKDF to use a string of 0's of length T::DIGESTSIZE for the salt.

HKDF always returns 1 because it only performs 1 iteration. Other derivation functions, like PBKDF's, will return more interesting values.

Definition at line 125 of file hkdf.h.


The documentation for this class was generated from the following file: