{ "mode": "man", "parameter": "EVP_KDF-TLS13_KDF", "section": "7SSL", "url": "https://www.chedong.com/phpMan.php/man/EVP_KDF-TLS13_KDF/7SSL/json", "generated": "2026-06-03T02:50:51Z", "sections": { "NAME": { "content": "EVPKDF-TLS13KDF - The TLS 1.3 EVPKDF implementation\n", "subsections": [] }, "DESCRIPTION": { "content": "Support for computing the TLS 1.3 version of the HKDF KDF through the EVPKDF API.\n\nThe EVPKDF-TLS13KDF algorithm implements the HKDF key derivation function as used by TLS\n1.3.\n", "subsections": [ { "name": "Identity", "content": "\"TLS13-KDF\" is the name for this implementation; it can be used with the EVPKDFfetch()\nfunction.\n" }, { "name": "Supported parameters", "content": "The supported parameters are:\n\n\"properties\" (OSSLKDFPARAMPROPERTIES) \n\"digest\" (OSSLKDFPARAMDIGEST) \n\"key\" (OSSLKDFPARAMKEY) \n\"salt\" (OSSLKDFPARAMSALT) \nThese parameters work as described in \"PARAMETERS\" in EVPKDF(3).\n\n\"prefix\" (OSSLKDFPARAMPREFIX) \nThis parameter sets the label prefix on the specified TLS 1.3 KDF context. For TLS 1.3\nthis should be set to the ASCII string \"tls13 \" without a trailing zero byte. Refer to\nRFC 8446 section 7.1 \"Key Schedule\" for details.\n\n\"label\" (OSSLKDFPARAMLABEL) \nThis parameter sets the label on the specified TLS 1.3 KDF context. Refer to RFC 8446\nsection 7.1 \"Key Schedule\" for details.\n\n\"data\" (OSSLKDFPARAMDATA) \nThis parameter sets the context data on the specified TLS 1.3 KDF context. Refer to RFC\n8446 section 7.1 \"Key Schedule\" for details.\n\n\"mode\" (OSSLKDFPARAMMODE) or \nThis parameter sets the mode for the TLS 1.3 KDF operation. There are two modes that are\ncurrently defined:\n\n\"EXTRACTONLY\" or EVPKDFHKDFMODEEXTRACTONLY\nIn this mode calling EVPKDFderive(3) will just perform the extract operation. The\nvalue returned will be the intermediate fixed-length pseudorandom key K. The keylen\nparameter must match the size of K, which can be looked up by calling\nEVPKDFCTXgetkdfsize() after setting the mode and digest.\n\nThe digest, key and salt values must be set before a key is derived otherwise an\nerror will occur.\n\n\"EXPANDONLY\" or EVPKDFHKDFMODEEXPANDONLY\nIn this mode calling EVPKDFderive(3) will just perform the expand operation. The\ninput key should be set to the intermediate fixed-length pseudorandom key K returned\nfrom a previous extract operation.\n\nThe digest, key and info values must be set before a key is derived otherwise an\nerror will occur.\n" } ] }, "NOTES": { "content": "This KDF is intended for use by the TLS 1.3 implementation in libssl. It does not support\nall the options and capabilities that HKDF does.\n\nThe OSSLPARAM array passed to EVPKDFderive(3) or EVPKDFCTXsetparams(3) must specify\nall of the parameters required. This KDF does not support a piecemeal approach to providing\nthese.\n\nA context for a TLS 1.3 KDF can be obtained by calling:\n\nEVPKDF *kdf = EVPKDFfetch(NULL, \"TLS13-KDF\", NULL);\nEVPKDFCTX *kctx = EVPKDFCTXnew(kdf);\n\nThe output length of a TLS 1.3 KDF expand operation is specified via the keylen parameter to\nthe EVPKDFderive(3) function. When using EVPKDFHKDFMODEEXTRACTONLY the keylen\nparameter must equal the size of the intermediate fixed-length pseudorandom key otherwise an\nerror will occur. For that mode, the fixed output size can be looked up by calling\nEVPKDFCTXgetkdfsize() after setting the mode and digest on the EVPKDFCTX.\n", "subsections": [] }, "CONFORMING TO": { "content": "RFC 8446\n", "subsections": [] }, "SEE ALSO": { "content": "EVPKDF(3), EVPKDFCTXnew(3), EVPKDFCTXfree(3), EVPKDFCTXgetkdfsize(3),\nEVPKDFCTXsetparams(3), EVPKDFderive(3), \"PARAMETERS\" in EVPKDF(3), EVPKDF-HKDF(7)\n", "subsections": [] }, "COPYRIGHT": { "content": "Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.\n\nLicensed under the Apache License 2.0 (the \"License\"). You may not use this file except in\ncompliance with the License. You can obtain a copy in the file LICENSE in the source\ndistribution or at .\n\n\n\n3.0.2 2026-04-07 EVPKDF-TLS13KDF(7SSL)", "subsections": [] } }, "summary": "EVPKDF-TLS13KDF - The TLS 1.3 EVPKDF implementation", "flags": [], "examples": [], "see_also": [ { "name": "EVPKDF", "section": "3", "url": "https://www.chedong.com/phpMan.php/man/EVPKDF/3/json" }, { "name": "EVPKDFCTXnew", "section": "3", "url": "https://www.chedong.com/phpMan.php/man/EVPKDFCTXnew/3/json" }, { "name": "EVPKDFCTXfree", "section": "3", "url": "https://www.chedong.com/phpMan.php/man/EVPKDFCTXfree/3/json" }, { "name": "EVPKDFCTXgetkdfsize", "section": "3", "url": "https://www.chedong.com/phpMan.php/man/EVPKDFCTXgetkdfsize/3/json" }, { "name": "EVPKDFCTXsetparams", "section": "3", "url": "https://www.chedong.com/phpMan.php/man/EVPKDFCTXsetparams/3/json" }, { "name": "EVPKDFderive", "section": "3", "url": "https://www.chedong.com/phpMan.php/man/EVPKDFderive/3/json" }, { "name": "EVPKDF", "section": "3", "url": "https://www.chedong.com/phpMan.php/man/EVPKDF/3/json" }, { "name": "EVPKDF-HKDF", "section": "7", "url": "https://www.chedong.com/phpMan.php/man/EVPKDF-HKDF/7/json" } ] }