## Nim-LibP2P ## Copyright (c) 2020 Status Research & Development GmbH ## Licensed under either of ## * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE)) ## * MIT license ([LICENSE-MIT](LICENSE-MIT)) ## at your option. ## This file may not be copied, modified, or distributed except according to ## those terms. # https://tools.ietf.org/html/rfc5869 {.push raises: [Defect].} import nimcrypto import bearssl/[kdf, rand, hash] type HkdfResult*[len: static int] = array[len, byte] proc hkdf*[T: sha256; len: static int](_: type[T]; salt, ikm, info: openArray[byte]; outputs: var openArray[HkdfResult[len]]) = var ctx: HkdfContext hkdfInit( ctx, addr sha256Vtable, if salt.len > 0: unsafeAddr salt[0] else: nil, csize_t(salt.len)) hkdfInject( ctx, if ikm.len > 0: unsafeAddr ikm[0] else: nil, csize_t(ikm.len)) hkdfFlip(ctx) for i in 0..outputs.high: discard hkdfProduce( ctx, if info.len > 0: unsafeAddr info[0] else: nil, csize_t(info.len), addr outputs[i][0], csize_t(outputs[i].len))