CryptoSys PKI Pro Manual

Hpke.LabeledExtract Method

Compute the output of the LabeledExtract function as defined in RFC9180.

Syntax

[C#]
public static byte[] LabeledExtract(
	byte[] salt,
	string label,
	byte[] ikm,
	Hpke.CurveName curveName,
	Hpke.AeadAlg aeadAlg
)
[VB.NET]
Public Shared Function LabeledExtract ( _
	salt As Byte(), _
	label As String, _
	ikm As Byte(), _
	curveName As Hpke.CurveName, _
	aeadAlg As Hpke.AeadAlg _
) As Byte()

Parameters

salt
Byte string salt
label
Label string
ikm
Input keying material (ikm)
curveName
Type: Hpke.CurveName
ECDH curve used in scheme
aeadAlg
Type: Hpke.AeadAlg
AEAD encryption algorithm used in the scheme or 0 (default) to indicate KDF is being used inside a KEM algorithm.

Return Value

A pseudorandom key of fixed length Nh bytes.

Remarks

The LabeledExtract function is defined in section 4 of [RFC9180]. It uses the "extract" stage of the HKDF function [RFC5869] and outputs a fixed value of bytes equal to the length (Nh) of the underlying HMAC function used by the KDF algorithm. The ECDH curve group used in the scheme must be specified, which automatically fixes the KDF and associated HMAC algorithm to be used.

Example

[C#]
// Used inside KEM
string ikmhex = "7268600d403fce431561aef583ee1613527cff655c1343f29812e66706df3234";
Console.WriteLine(Cnv.ToHex(Hpke.LabeledExtract(null, "dkp_prk", Cnv.FromHex(ikmhex), Hpke.CurveName.X25519)));
// 7B8BFE1D6F3D0CB45C585E133299C64AC998BF46CAF2DC13BA874F23413EC23A
// Used outside KEM
Console.WriteLine(Cnv.ToHex(Hpke.LabeledExtract(null, "psk_id_hash", null, Hpke.CurveName.X25519, Hpke.AeadAlg.Aes_128_Gcm)));
// 725611C9D98C07C03F60095CD32D400D8347D45ED67097BBAD50FC56DA742D07

See Also

VB6/C equivalent: HPKE_LabeledExtract

[Contents] [Index]

[PREV: Hpke.LabeledExpand Method...]   [Contents]   [Index]   
   [NEXT: Kdf.Bytes Method...]
Copyright © 2004-24 D.I. Management Services Pty Ltd. All rights reserved. Generated 2024-09-23T07:52:09Z.