class OpenSSL::HPKE::Context

Abstract class for HPKE contexts to be used in subsequent HPKE operations. Depending on the actor in the protocol, either Sender or Receiver will be used.

Public Instance Methods

export(secretlen, label) → secret

Source

static VALUE
ossl_hpke_export(VALUE self, VALUE secretlen, VALUE label)
{
    VALUE secret_obj;
    ossl_hpke_ctx_t *data;
    size_t labellen;
    int outlen = NUM2INT(secretlen);

    StringValue(label);
    labellen = RSTRING_LEN(label);

    secret_obj = rb_str_new(0, outlen);

    GetHpke(self, data);
    if (OSSL_HPKE_export(data->ctx, (unsigned char *)RSTRING_PTR(secret_obj),
                         outlen, (unsigned char *)RSTRING_PTR(label),
                         labellen) != 1) {
        ossl_raise(eHPKEError, "could not export");
    }

    return secret_obj;
}

Derives and returns a secretlen-byte exporter secret bound to label, as a String. Both parties obtain the same secret only after the shared context has been established: the sender via Sender#encap and the receiver via Receiver#decap. Different label values yield independent secrets.