cryptography-core/dev.whyoleg.cryptography.algorithms/HKDF

HKDF

@SubclassOptInRequired(markerClass = [CryptographyProviderApi::class])
interface HKDF : CryptographyAlgorithm(source)

HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869.

HKDF follows a two-stage extract-then-expand paradigm: the extract step concentrates entropy from input keying material into a pseudorandom key, and the expand step derives an output key of the desired length from that pseudorandom key.

val derivation = provider.get(HKDF).secretDerivation(SHA256, outputSize = 32.bytes, salt = salt)
val derivedKey = derivation.deriveSecret(inputKeyingMaterial)
Content copied to clipboard

For password-based key derivation, see PBKDF2.

Types

Link copied to clipboard

Properties

Link copied to clipboard
open override val id: CryptographyAlgorithmId<HKDF>

The typed identifier that uniquely distinguishes this algorithm and is used to look it up from a CryptographyProvider.

Functions

Link copied to clipboard
abstract fun secretDerivation(digest: CryptographyAlgorithmId<Digest>, outputSize: BinarySize, salt: ByteArray?, info: ByteArray? = null): SecretDerivation
open fun secretDerivation(digest: CryptographyAlgorithmId<Digest>, outputSize: BinarySize, salt: ByteString?, info: ByteString? = null): SecretDerivation

Returns a SecretDerivation that derives secrets of the given outputSize from input keying material using the digest hash function as the underlying PRF.

Generated by Dokka
© 2026 Copyright