3.5.3 HMAC-based key derivation function (HKDF)
The following predicate implements the Hashed Message Authentication Code (HMAC)-based key derivation function, abbreviated as HKDF. It supports a wide range of applications and requirements by concentrating possibly dispersed entropy of the input keying material and then expanding it to the desired length. The number and lengths of the output keys depend on the specific cryptographic algorithms for which the keys are needed.
- [det]crypto_data_hkdf(+Data, +Length, -Bytes, +Options)
- Concentrate possibly dispersed entropy of Data and then
expand it to the desired length. Bytes is unified with a list
of bytes of length Length, and is suitable as input
keying material and initialization vectors to the symmetric encryption
predicates.
Admissible options are:
- algorithm(+Algorithm)
- A hashing algorithm as specified to crypto_data_hash/3. The default is a cryptographically secure algorithm. If you specify a variable, then it is unified with the algorithm that was used.
- info(+Info)
- Optional context and application specific information, specified as an atom, string or list of bytes. The default is the zero length atom” .
- salt(+List)
- Optionally, a list of bytes that are used as salt. The default is all zeroes.
- encoding(+Atom)
- Either
utf8
(default) oroctet
, denoting the representation of Data as in crypto_data_hash/3.
The info/1 option can be used to generate multiple keys from a single master key, using for example values such as
key
andiv
, or the name of a file that is to be encrypted.This predicate requires OpenSSL 1.1.0 or greater.
- See also
- crypto_n_random_bytes/2 to obtain a suitable salt.