SWI-Prolog -- crypto_data

Documentation
- Reference manual
- Packages
  - SWI-Prolog SSL Interface
    - library(crypto): Cryptography and authentication library
      - Hashes
        
        HMAC-based key derivation function (HKDF)
        
        crypto_data_hkdf/4

Availability::- use_module(library(crypto)).(can be autoloaded)

[det]crypto_data_hkdf(+Data, +Length, -Bytes, +Options)

Concentrate possibly dispersed entropy of Data and then expand it to the desired length. Bytes is unified with a list of bytes of length Length, and is suitable as input keying material and initialization vectors to the symmetric encryption predicates.

Admissible options are:

algorithm(+Algorithm): A hashing algorithm as specified to crypto_data_hash/3. The default is a cryptographically secure algorithm. If you specify a variable, then it is unified with the algorithm that was used.
info(+Info): Optional context and application specific information, specified as an atom, string or list of bytes. The default is the zero length atom” .
salt(+List): Optionally, a list of bytes that are used as salt. The default is all zeroes.
encoding(+Atom): Either utf8 (default) or octet, denoting the representation of Data as in crypto_data_hash/3.

The info/1 option can be used to generate multiple keys from a single master key, using for example values such as key and iv, or the name of a file that is to be encrypted.

This predicate requires OpenSSL 1.1.0 or greater.

See also: - crypto_n_random_bytes/2 to obtain a suitable salt.
- crypto_data_hash/3 to compute a HMAC signature.