se050-wireguard/include/se050_hkdf_blake2s.h

/**
 * @file se050_hkdf_blake2s.h
 * @brief HKDF Implementation using HMAC-BLAKE2s (RFC 586)
 */

#ifndef SE050_HKDF_BLAKE2S_H
#define SE050_HKDF_BLAKE2S_H

#include <stdint.h>
#include <stddef.h>

#ifdef __cplusplus
extern "C" {
#endif

/**
 * @brief HKDF-Extract (RFC 586 Section 2.2)
 * @param prk Output pseudorandom key (32 bytes)
 * @param salt Salt value (can be NULL for zero salt)
 * @param saltlen Salt length
 * @param ikm Input keying material
 * @param ikmlen Input keying material length
 * @return 0 on success, -1 on error
 */
int se050_hkdf_extract(uint8_t prk[32],
                       const uint8_t *salt, size_t saltlen,
                       const uint8_t *ikm, size_t ikmlen);

/**
 * @brief HKDF-Expand (RFC 586 Section 2.3)
 * @param okm Output keying material
 * @param okmlen Output keying material length (max 255 * 32 bytes)
 * @param prk Pseudorandom key from Extract
 * @param info Application-specific context
 * @param infolen Info length
 * @return 0 on success, -1 on error
 */
int se050_hkdf_expand(uint8_t *okm, size_t okmlen,
                      const uint8_t prk[32],
                      const uint8_t *info, size_t infolen);

/**
 * @brief HKDF (combined Extract + Expand)
 * @param okm Output keying material
 * @param okmlen Output keying material length
 * @param salt Salt value (can be NULL)
 * @param saltlen Salt length
 * @param ikm Input keying material
 * @param ikmlen Input keying material length
 * @param info Application-specific context
 * @param infolen Info length
 * @return 0 on success, -1 on error
 */
int se050_hkdf(uint8_t *okm, size_t okmlen,
               const uint8_t *salt, size_t saltlen,
               const uint8_t *ikm, size_t ikmlen,
               const uint8_t *info, size_t infolen);

#ifdef __cplusplus
}
#endif

#endif /* SE050_HKDF_BLAKE2S_H */