11.12.3.4.97. Function Se05x_API_HKDF

11.12.3.4.97.1. Function Documentation

smStatus_t Se05x_API_HKDF(pSe05xSession_t session_ctx, uint32_t hmacID, SE05x_DigestMode_t digestMode, const uint8_t *salt, size_t saltLen, const uint8_t *info, size_t infoLen, uint16_t deriveDataLen, uint8_t *hkdfOuput, size_t *phkdfOuputLen)

Se05x_API_HKDF

Note that this KDF is equal to the KDF in Feedback Mode described in [NIST SP800-108] with the PRF being HMAC with SHA256 and with an 8-bit counter at the end of the iteration variable.

The full HKDF algorithm is executed, i.e. Extract-And-Expand.

The caller must provide a salt length (0 up to 64 bytes). If salt length equals 0 or salt is not provided as input, the default salt will be used.

The output of the HKDF functions can be either:

  • send back to the caller => precondition : none of the input Secure Objects -if present- shall have a policy POLICY_OBJ_FORBID_DERIVED_OUTPUT set.

  • be stored in a Secure Object => precondition : the Secure Object must be created upfront and the size must exactly match the expected length.

Command to Applet

Field

Value

Description

CLA

0x80

INS

INS_CRYPTO

SE05x_INS_t

P1

P1_DEFAULT

See SE05x_P1_t

P2

P2_HKDF

See SE05x_P2_t

Lc

#(Payload)

Payload

TLV[TAG_1]

4-byte HMACKey identifier (= IKM)

TLV[TAG_2]

1-byte DigestMode (except DIGEST_NO_HASH)

TLV[TAG_3]

Byte array (0-64 bytes) containing salt. [Optional] [Conditional: only when TLV[TAG_6] is absent.]

TLV[TAG_4]

Info: The context and information to apply (1 to 80 bytes). [Optional]

TLV[TAG_5]

2-byte requested length (L): 1 up to MAX_APDU_PAYLOAD_LENGTH

TLV[TAG_6]

4-byte HMACKey identifier containing salt. [Optional] [Conditional: only when TLV[TAG_3] is absent]

TLV[TAG_7]

4-byte HMACKey identifier to store output. [Optional]

Le

0x00

R-APDU Body

Value

Description

TLV[TAG_1]

HKDF output. [Conditional: only when the input does not contain TLV[TAG-7]]

R-APDU Trailer

SW

Description

SW_NO_ERROR

The HKDF is executed successfully.

Parameters
  • [in] session_ctx: Session Context [0:kSE05x_pSession]

  • [in] hmacID: hmacID [1:kSE05x_TAG_1]

  • [in] digestMode: digestMode [2:kSE05x_TAG_2]

  • [in] salt: salt [3:kSE05x_TAG_3]

  • [in] saltLen: Length of salt

  • [in] info: info [4:kSE05x_TAG_4]

  • [in] infoLen: Length of info

  • [in] deriveDataLen: 2-byte requested length (L) [5:kSE05x_TAG_5]

  • [out] hkdfOuput: [0:kSE05x_TAG_1]

  • [inout] phkdfOuputLen: Length for hkdfOuput