ngtcp2_crypto_derive_and_install_tx_key ======================================= Synopsis -------- *#include * .. function:: int ngtcp2_crypto_derive_and_install_tx_key( ngtcp2_conn *conn, uint8_t *key, uint8_t *iv, uint8_t *hp, ngtcp2_encryption_level level, const uint8_t *secret, size_t secretlen) `ngtcp2_crypto_derive_and_install_tx_key` derives the encryption keying materials from *secret*, and installs new keys to *conn*. If *key* is not NULL, the derived packet protection key is written to the buffer pointed by *key*. If *iv* is not NULL, the derived packet protection IV is written to the buffer pointed by *iv*. If *hp* is not NULL, the derived header protection key is written to the buffer pointed by *hp*. *secretlen* specifies the length of *secret*. The length of packet protection key and header protection key is `ngtcp2_crypto_aead_keylen(ctx->aead) `, and the length of packet protection IV is `ngtcp2_crypto_packet_protection_ivlen(ctx->aead) ` where ctx is obtained by `ngtcp2_crypto_ctx_tls` (or `ngtcp2_crypto_ctx_tls_early` if *level* == :enum:`ngtcp2_encryption_level.NGTCP2_ENCRYPTION_LEVEL_0RTT`). In the first call of this function, it calls `ngtcp2_conn_set_crypto_ctx` (or `ngtcp2_conn_set_early_crypto_ctx` if *level* == :enum:`ngtcp2_encryption_level.NGTCP2_ENCRYPTION_LEVEL_0RTT`) to set negotiated AEAD and message digest algorithm. After the successful call of this function, application can use `ngtcp2_conn_get_crypto_ctx` (or `ngtcp2_conn_get_early_crypto_ctx` if *level* == :enum:`ngtcp2_encryption_level.NGTCP2_ENCRYPTION_LEVEL_0RTT`) to get :type:`ngtcp2_crypto_ctx`. If *conn* is initialized as server, and *level* is :enum:`ngtcp2_encryption_level.NGTCP2_ENCRYPTION_LEVEL_1RTT`, this function retrieves a remote QUIC transport parameters extension from an object obtained by `ngtcp2_conn_get_tls_native_handle`, and sets it to *conn* by calling `ngtcp2_conn_decode_and_set_remote_transport_params`. This function returns 0 if it succeeds, or -1.