kcapi_kdf_fb — Feedback Mode Key Derivation Function
int32_t kcapi_kdf_fb ( | struct kcapi_handle * handle, |
| const uint8_t * src, | |
| uint32_t slen, | |
| uint8_t * dst, | |
uint32_t dlen); |
handle
[in] cipher handle allocated by caller. This cipher handle
must be allocated with kcapi_md_init. If the caller is interested in
a KDF using a keyed message digest, the caller should also call
kcapi_md_setkey before invoking this function.
src[in] Input data that should be transformed into a key (see below).
slen[in] Length of the src input data.
dst[out] Buffer to store the generated key in,
dlen[in] Length of the dst buffer. This value defines the number of bytes generated by the KDF.
This function is an implementation of the KDF in feedback mode with a non-NULL IV and with counter according to SP800-108 section 5.2. The IV is supplied with src and must be equal to the digestsize of the used cipher.
In addition, the caller must provide Label || 0x00 || Context in src. This src pointer must not be NULL as the IV is required. The ultimate format of the src pointer is IV || Label || 0x00 || Context where the length of the IV is equal to the block size (i.e. the digest size of the underlying hash) of the PRF.
return 0 upon success;
a negative errno-style error code if an error occurred