`new_aead` function that can be used to build QUIC draft-11 AEAD https://github.com/h2o/picotls/pull/138

gistfile1.c

static int qhkdf_expand(ptls_hash_algorithm_t *algo, void *output, size_t outlen, const void *secret, const char *label)
{
    ptls_buffer_t hkdf_label;
    uint8_t hkdf_label_buf[16];
    int ret;

    ptls_buffer_init(&hkdf_label, hkdf_label_buf, sizeof(hkdf_label_buf));

    ptls_buffer_push16(&hkdf_label, (uint16_t)outlen);
    ptls_buffer_push_block(&hkdf_label, 1, {
        const char *base_label = "QUIC ";
        ptls_buffer_pushv(&hkdf_label, base_label, strlen(base_label));
        ptls_buffer_pushv(&hkdf_label, label, strlen(label));
    });

    ret = ptls_hkdf_expand(algo, output, outlen, ptls_iovec_init(secret, algo->digest_size), ptls_iovec_init(hkdf_label.base, hkdf_label.off));

Exit:
    ptls_buffer_dispose(&hkdf_label);
    return ret;
}

static ptls_aead_context_t *new_aead(ptls_aead_algorithm_t *aead, ptls_hash_algorithm_t *hash, int is_enc, const void *secret)
{
    ptls_aead_context_t *ctx = NULL;
    uint8_t key[PTLS_MAX_SECRET_SIZE];
    int ret;

    if ((ret = qhkdf_expand(hash, key, aead->key_size, secret, "key")) != 0)
        goto Exit;
    if ((ctx = ptls_aead_new(aead, is_enc, key)) == NULL) {
        ret = PTLS_ERROR_NO_MEMORY;
        goto Exit;
    }
    if ((ret = qhkdf_expand(hash, ctx->static_iv, aead->iv_size, secret, "iv")) != 0)
        goto Exit;

    ret = 0;
Exit:
    if (ret != 0 && ctx != NULL) {
        ptls_aead_free(ctx);
        ctx = NULL;
    }
    ptls_clear_memory(key, sizeof(key));
    return ctx;
}