Provided by: libkcapi-dev_1.4.0-1_amd64 bug

NAME

       kcapi_kdf_ctr - Counter Mode Key Derivation Function

SYNOPSIS

       ssize_t kcapi_kdf_ctr(struct kcapi_handle * handle, const uint8_t * src, size_t slen,
                             uint8_t * dst, size_t dlen);

ARGUMENTS

       handle
           [in] cipher handle allocated by caller. This cipher handle must be allocated with
           kcapi_md_init. If the caller is interested in a KDF using a keyed message digest, the
           caller should also call kcapi_md_setkey before invoking this function.

       src
           [in] Input data that should be transformed into a key (see below).

       slen
           [in] Length of the src input data.

       dst
           [out] Buffer to store the generated key in,

       dlen
           [in] Length of the dst buffer. This value defines the number of bytes generated by the
           KDF.

DESCRIPTION

       This function is an implementation of the KDF in counter mode according to SP800-108
       section 5.1 as well as SP800-56A section 5.8.1 (Single-step KDF).

       SP800-108: The caller must provide Label || 0x00 || Context in src. This src pointer may
       also be NULL if the caller wishes not to provide anything.

       SP800-56A: If a keyed MAC is used, the key shall NOT be the shared secret from the DH
       operation, but an independently generated key. The src pointer is defined as Z || other
       info where Z is the shared secret from DH and other info is an arbitrary string (see
       SP800-56A section 5.8.1.2).

       return 0 upon success; a negative errno-style error code if an error occurred

AUTHOR

       Stephan Mueller <smueller@chronox.de>
           Author.

COPYRIGHT