blob: 7f882527e2d780f38b5bfe7d2fbbf0da0ee88045 [file] [log] [blame]
* Copyright 2018 The WebRTC Project Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
#include "rtc_base/constructor_magic.h"
#include "rtc_base/key_derivation.h"
namespace rtc {
// OpenSSLKeyDerivationHKDF provides a concrete implementation of the
// KeyDerivation interface to support the HKDF algorithm using the
// OpenSSL/BoringSSL internal implementation.
class OpenSSLKeyDerivationHKDF final : public KeyDerivation {
~OpenSSLKeyDerivationHKDF() override;
// General users shouldn't be generating keys smaller than 128 bits.
static const size_t kMinKeyByteSize;
// The maximum available derivation size 255*DIGEST_LENGTH
static const size_t kMaxKeyByteSize;
// The minimum acceptable secret size.
static const size_t kMinSecretByteSize;
// Derives a new key from existing key material using HKDF.
// secret - The random secret value you wish to derive a key from.
// salt - Optional (non secret) cryptographically random value.
// label - A non secret but unique label value to determine the derivation.
// derived_key_byte_size - The size of the derived key.
// return - A ZeroOnFreeBuffer containing the derived key or an error
// condition. Checking error codes is explicit in the API and error should
// never be ignored.
absl::optional<ZeroOnFreeBuffer<uint8_t>> DeriveKey(
rtc::ArrayView<const uint8_t> secret,
rtc::ArrayView<const uint8_t> salt,
rtc::ArrayView<const uint8_t> label,
size_t derived_key_byte_size) override;
} // namespace rtc