CryptoSys PKI Pro Manual

hpkeDerivePrivateKey

Derive an EC private key in a deterministic manner from input keying material using the DeriveKeyPair algorithm in RFC9180.

Syntax

[VBA]
Public Function hpkeDerivePrivateKey ( _
    lpIkm() As Byte, _
    szCurveName As String, _
    Optional nOptions As Long = 0 _
) As String

Parameters

lpIkm
Input key material (ikm). This must have length in bytes at least as long as the key to be produced.
szCurveName
ECDH curve name. Select one from 
 "P-256" | "P-384" | "P-521" | "X25519" | "X448"
nOptions
Option flags. Select one of: Zero (0) to output the private key in ephemeral "internal" key format (default); or PKI_ENCODE_HEX to output the private key in serialized hex form.

Return Value

String: Derived private key in string form or an empty string on error.

Remarks

The KDF to be used is fixed by the EC curve group. By default the key is output as an ephemeral "internal" key string, which can be used directly with eccSaveKey, eccSaveEncKey, eccPublicKeyFromPrivate, eccDHSharedSecret and eccQueryKey. If nOptions is set to PKI_ENCODE_HEX then the key is output in serialized hexadecimal form in the same manner as the test vectors in [RFC9180] (without the clamping).
[PREV: hmacHexFromHex...]   [Contents]   [Index]   
   [NEXT: hpkeLabeledExpand...]
Copyright © 2004-24 D.I. Management Services Pty Ltd. All rights reserved. Generated 2024-09-23T07:52:09Z.