Lunatik

• Index

Contents

• Functions

Classes

• crypto.hkdf
• crypto_aead
• crypto_comp
• crypto_rng
• crypto_shash
• crypto_skcipher

Modules

• byteorder
• completion
• cpu
• crypto
• darken
• data
• device
• fib
• fifo
• hid
• lighten
• linux
• lunatik
• lunatik.runner
• mailbox
• net
• netfilter
• notifier
• probe
• rcu
• signal
• skb
• socket
• socket.inet
• socket.raw
• socket.unix
• syscall
• syscall.table
• thread
• xdp

Topics

• README

Class crypto.hkdf

HMAC-based Extract-and-Expand Key Derivation Function (HKDF) based on RFC 5869.

This module provides functions to perform HKDF operations, utilizing the underlying crypto C module for HMAC calculations.

Functions

HKDF.new (alg)	Creates a new HKDF instance for a given hash algorithm.
HKDF:close ()	Closes the HKDF instance and releases the underlying HMAC transform.
HKDF:expand (prk[, info], length)	Performs the HKDF Expand step.
HKDF:extract ([salt], ikm)	Performs the HKDF Extract step.
HKDF:hkdf ([salt], ikm[, info], length)	Performs the full HKDF (Extract and Expand) operation.
HKDF:hmac (key, data)	Performs an HMAC calculation using the instance's algorithm.

Functions

HKDF.new (alg)

Creates a new HKDF instance for a given hash algorithm.

Parameters:

• alg string base hash algorithm name (e.g., "sha256", "sha512"). The "hmac(" prefix will be added automatically.

Returns:

HKDF An HKDF instance table with methods for key derivation.

Usage:

local hkdf_sha256 = require("crypto.hkdf").new("sha256")

HKDF:close ()

Closes the HKDF instance and releases the underlying HMAC transform. This method is also called by the garbage collector.

HKDF:expand (prk[, info], length)

Performs the HKDF Expand step.

Parameters:

• prk string Pseudorandom Key.
• info string Optional context and application-specific information. Defaults to an empty string if nil. (optional)
• length number desired length in bytes for the Output Keying Material (OKM).

Returns:

string Output Keying Material of the specified length.

HKDF:extract ([salt], ikm)

Performs the HKDF Extract step.

Parameters:

• salt string Optional salt value. If nil or not provided, a salt of hash_len zeros is used. (optional)
• ikm string Input Keying Material.

Returns:

string Pseudorandom Key (PRK).

HKDF:hkdf ([salt], ikm[, info], length)

Performs the full HKDF (Extract and Expand) operation.

Parameters:

• salt string Optional salt value. (optional)
• ikm string Input Keying Material.
• info string Optional context and application-specific information. (optional)
• length number desired length in bytes for the Output Keying Material.

Returns:

string Output Keying Material.

HKDF:hmac (key, data)

Performs an HMAC calculation using the instance's algorithm.

Parameters:

• key string HMAC key.
• data string data to hash.

Returns:

string HMAC digest.