DeterministicESPAsyncWebServer v6.27.1
Zero-allocation, bounded-execution async HTTP server for ESP32
Loading...
Searching...
No Matches
quic_hkdf.h File Reference

HKDF-SHA256 (RFC 5869) and TLS 1.3 HKDF-Expand-Label (RFC 8446 sec 7.1). More...

#include "ServerConfig.h"

Go to the source code of this file.

Detailed Description

HKDF-SHA256 (RFC 5869) and TLS 1.3 HKDF-Expand-Label (RFC 8446 sec 7.1).

QUIC packet protection keys are derived with the TLS 1.3 key schedule (RFC 9001 sec 5.2): an Initial secret is HKDF-Extract'd from a fixed salt and the client's Destination Connection ID, and every packet-protection value (key / iv / hp) is an HKDF-Expand-Label of a traffic secret. This is the same HMAC-SHA256 the SSH transport already ships, so these two routines are a thin layer over ssh_hmac_sha256 rather than a second HMAC.

Pure, zero heap, host-tested against the RFC 9001 Appendix A worked examples (the HkdfLabel byte strings and the derived client/server secrets).

Author
Douglas Quigg (dstroy0)
Date
2026

Definition in file quic_hkdf.h.