se050-wireguard/include/se050_hkdf_blake2s.h

/**
 * @file se050_hkdf_blake2s.h
 * @brief HKDF Implementation using HMAC-BLAKE2s (RFC 5861)
 */

#ifndef SE050_HKDF_BLAKE2S_H
#define SE050_HKDF_BLAKE2S_H

#include <stdint.h>
#include <stddef.h>

#ifdef __cplusplus
extern "C" {
#endif

#define HKDF_BLAKE2S_MAX_OUTPUT (255 * 32)

/**
 * @brief HKDF-Extract: Extract a pseudorandom key from input keying material
 * @param prk Output pseudorandom key (32 bytes)
 * @param salt Salt value (can be NULL for default)
 * @param saltlen Salt length
 * @param ikm Input keying material
 * @param ikmlen Input keying material length
 * @return 0 on success, -1 on error
 */
int se050_hkdf_extract(uint8_t prk[32],
                       const uint8_t *salt, size_t saltlen,
                       const uint8_t *ikm, size_t ikmlen);

/**
 * @brief HKDF-Expand: Expand PRK into output keying material
 * @param okm Output keying material
 * @param okmlen Output length (1 to 255*32 bytes)
 * @param prk Pseudorandom key from Extract
 * @param info Context/application-specific info
 * @param infolen Info length
 * @return 0 on success, -1 on error
 */
int se050_hkdf_expand(uint8_t *okm, size_t okmlen,
                      const uint8_t prk[32],
                      const uint8_t *info, size_t infolen);

/**
 * @brief HKDF: Combined Extract-and-Expand
 * @param okm Output keying material
 * @param okmlen Output length
 * @param salt Salt value (can be NULL)
 * @param saltlen Salt length
 * @param ikm Input keying material
 * @param ikmlen Input keying material length
 * @param info Context/application-specific info
 * @param infolen Info length
 * @return 0 on success, -1 on error
 */
int se050_hkdf(uint8_t *okm, size_t okmlen,
               const uint8_t *salt, size_t saltlen,
               const uint8_t *ikm, size_t ikmlen,
               const uint8_t *info, size_t infolen);

#ifdef __cplusplus
}
#endif

#endif /* SE050_HKDF_BLAKE2S_H */