NAME

Crypt::Bear::HKDF - hkdf implementations in BearSSL

VERSION

version 0.002

SYNOPSIS

my $hkdf = Crypt::Bear::HKDF->new('sha256', $salt);
$hkdf->inject($data);
$hkdf->flip;
say unpack 'H*', $hkdf->produce(512, '');

DESCRIPTION

HKDF is a Key Derivation Function defined by [RFC 5869](https://tools.ietf.org/html/rfc5869). It is based on HMAC, itself using an underlying hash function. Any hash function can be used, as long as it is compatible with the rules for the HMAC implementation (i.e. output size is 64 bytes or less, hash internal state size is 64 bytes or less, and the internal block length is a power of 2 between 16 and 256 bytes). HKDF has two phases:

HKDF-Extract: The input data in ingested, along with a "salt" value.
HKDF-Expand: The output is produced, from the result of processing the input and salt, and using an extra non-secret parameter called "info".

The "salt" and "info" strings are non-secret and can be empty. Their role is normally to bind the input and output, respectively, to conventional identifiers that qualify them within the used protocol or application.

Note that the HKDF total output size (the number of bytes that HKDF-Expand is willing to produce) is limited: if the hash output size is n bytes, then the maximum output size is 255*n.

METHODS

new($digest, $salt)

Initialize an HKDF context, with a hash function, and the salt. This starts the HKDF-Extract process.

inject($data)

Inject more input bytes. This function may be called repeatedly if the input data is provided by chunks.

flip()

End the HKDF-Extract process, and start the HKDF-Expand process.

produce($output_size, $info)

Get the next bytes of output. This function may be called several times to obtain the full output by chunks. For correct HKDF processing, the same "info" string must be provided for each call.

AUTHOR

Leon Timmermans <fawaka@gmail.com>

COPYRIGHT AND LICENSE

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

To install Crypt::Bear, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Crypt::Bear

CPAN shell

perl -MCPAN -e shell
install Crypt::Bear

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)