| Copyright | (c) Leo D 2023 |
|---|---|
| License | BSD-3-Clause |
| Maintainer | leo@apotheca.io |
| Stability | experimental |
| Portability | POSIX |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Botan.Low.KDF
Description
Key derivation functions are used to turn some amount of shared secret material into uniform random keys suitable for use with symmetric algorithms. An example of an input which is useful for a KDF is a shared secret created using Diffie-Hellman key agreement.
Typically a KDF is also used with a salt and a label. The salt should be some random information which is available to all of the parties that would need to use the KDF; this could be performed by setting the salt to some kind of session identifier, or by having one of the parties generate a random salt and including it in a message.
The label is used to bind the KDF output to some specific context. For instance if you were using the KDF to derive a specific key referred to as the “message key” in the protocol description, you might use a label of “FooProtocol v2 MessageKey”. This labeling ensures that if you accidentally use the same input key and salt in some other context, you still use different keys in the two contexts.
Synopsis
- type KDFName = ByteString
- kdf :: KDFName -> Int -> ByteString -> ByteString -> ByteString -> IO ByteString
- pattern HKDF :: KDFName
- hkdf :: HashName -> KDFName
- pattern HKDF_Extract :: KDFName
- hkdf_extract :: KDFName -> KDFName
- pattern HKDF_Expand :: KDFName
- hkdf_expand :: KDFName -> KDFName
- pattern KDF2 :: KDFName
- kdf2 :: KDFName -> KDFName
- pattern KDF1_18033 :: KDFName
- kdf1_18033 :: KDFName -> KDFName
- pattern KDF1 :: KDFName
- kdf1 :: KDFName -> KDFName
- pattern TLS_12_PRF :: KDFName
- tls_12_prf :: KDFName -> KDFName
- pattern X9_42_PRF :: KDFName
- x9_42_prf :: KDFName -> KDFName
- pattern SP800_108_Counter :: KDFName
- sp800_108_counter :: KDFName -> KDFName
- pattern SP800_108_Feedback :: KDFName
- sp800_108_feedback :: KDFName -> KDFName
- pattern SP800_108_Pipeline :: KDFName
- sp800_108_pipeline :: KDFName -> KDFName
- pattern SP800_56A :: KDFName
- sp800_56A :: KDFName -> KDFName
- pattern SP800_56C :: KDFName
- sp800_56C :: KDFName -> KDFName
- kdfs :: [KDFName]
Key derivation function
type KDFName = ByteString Source #
Arguments
| :: KDFName | kdf_algo: KDF algorithm, e.g., "SP800-56C" |
| -> Int | out_len: the desired output length in bytes |
| -> ByteString | secret[]: the secret input |
| -> ByteString | salt[]: a diversifier |
| -> ByteString | label[]: purpose for the derived keying material |
| -> IO ByteString | out[]: buffer holding the derived key |
KDF algorithms
pattern HKDF_Extract :: KDFName Source #
hkdf_extract :: KDFName -> KDFName Source #
pattern HKDF_Expand :: KDFName Source #
hkdf_expand :: KDFName -> KDFName Source #
pattern KDF1_18033 :: KDFName Source #
kdf1_18033 :: KDFName -> KDFName Source #
pattern TLS_12_PRF :: KDFName Source #
tls_12_prf :: KDFName -> KDFName Source #
pattern SP800_108_Counter :: KDFName Source #
sp800_108_counter :: KDFName -> KDFName Source #
pattern SP800_108_Feedback :: KDFName Source #
sp800_108_feedback :: KDFName -> KDFName Source #
pattern SP800_108_Pipeline :: KDFName Source #
sp800_108_pipeline :: KDFName -> KDFName Source #