Remove lookup from Randpool, HMAC, CMAC, CBC-MAC, TLS-PRF, and PBKDF2

author: lloyd <[email protected]> 2008-09-30 06:20:10 +0000
committer: lloyd <[email protected]> 2008-09-30 06:20:10 +0000
commit: 33bb3dca54ecef2599b756d27b66781e14d06ae3 (patch)
tree: 4c7b07a1b1b3f40e82202570c7aec298a672339c /src/kdf
parent: c9749d5d4693b5d93171f6085b29fc72c1e12ba0 (diff)
4 files changed, 63 insertions, 36 deletions
diff --git a/src/kdf/pbkdf2/pbkdf2.cpp b/src/kdf/pbkdf2/pbkdf2.cpp
index 09d51d2a6..baa227526 100644
--- a/src/kdf/pbkdf2/pbkdf2.cpp
+++ b/src/kdf/pbkdf2/pbkdf2.cpp
@@ -5,8 +5,6 @@
 
 #include <botan/pbkdf2.h>
 #include <botan/loadstor.h>
-#include <botan/hmac.h>
-#include <botan/lookup.h>
 #include <botan/xor_buf.h>
 
 namespace Botan {
@@ -25,9 +23,7 @@ OctetString PKCS5_PBKDF2::derive(u32bit key_len,
    if(passphrase.length() == 0)
       throw Invalid_Argument("PKCS#5 PBKDF2: Empty passphrase is invalid");
 
-   HMAC hmac(hash_name);
-
-   hmac.set_key(reinterpret_cast<const byte*>(passphrase.data()),
+   mac->set_key(reinterpret_cast<const byte*>(passphrase.data()),
                 passphrase.length());
 
    SecureVector<byte> key(key_len);
@@ -37,19 +33,19 @@ OctetString PKCS5_PBKDF2::derive(u32bit key_len,
    u32bit counter = 1;
    while(key_len)
       {
-      u32bit T_size = std::min(hmac.OUTPUT_LENGTH, key_len);
-      SecureVector<byte> U(hmac.OUTPUT_LENGTH);
+      u32bit T_size = std::min(mac->OUTPUT_LENGTH, key_len);
+      SecureVector<byte> U(mac->OUTPUT_LENGTH);
 
-      hmac.update(salt, salt_size);
+      mac->update(salt, salt_size);
       for(u32bit j = 0; j != 4; ++j)
-         hmac.update(get_byte(j, counter));
-      hmac.final(U);
+         mac->update(get_byte(j, counter));
+      mac->final(U);
       xor_buf(T, U, T_size);
 
       for(u32bit j = 1; j != iterations; ++j)
          {
-         hmac.update(U);
-         hmac.final(U);
+         mac->update(U);
+         mac->final(U);
          xor_buf(T, U, T_size);
          }
 
@@ -66,16 +62,19 @@ OctetString PKCS5_PBKDF2::derive(u32bit key_len,
 *************************************************/
 std::string PKCS5_PBKDF2::name() const
    {
-   return "PBKDF2(" + hash_name + ")";
+   return "PBKDF2(" + mac->name() + ")";
+   }
+
+S2K* PKCS5_PBKDF2::clone() const
+   {
+   return new PKCS5_PBKDF2(mac->clone());
    }
 
 /*************************************************
 * PKCS5_PBKDF2 Constructor                       *
 *************************************************/
-PKCS5_PBKDF2::PKCS5_PBKDF2(const std::string& h_name) : hash_name(h_name)
-   {
-   if(!have_hash(hash_name))
-      throw Algorithm_Not_Found(hash_name);
-   }
+PKCS5_PBKDF2::PKCS5_PBKDF2(MessageAuthenticationCode* m) : mac(m) {}
+
+PKCS5_PBKDF2::~PKCS5_PBKDF2() { delete mac; }
 
 }
diff --git a/src/kdf/pbkdf2/pbkdf2.h b/src/kdf/pbkdf2/pbkdf2.h
index dc6e41b9e..c0f0229ff 100644
--- a/src/kdf/pbkdf2/pbkdf2.h
+++ b/src/kdf/pbkdf2/pbkdf2.h
@@ -7,6 +7,7 @@
 #define BOTAN_PBKDF2_H__
 
 #include <botan/s2k.h>
+#include <botan/base.h>
 
 namespace Botan {
 
@@ -17,12 +18,15 @@ class BOTAN_DLL PKCS5_PBKDF2 : public S2K
    {
    public:
       std::string name() const;
-      S2K* clone() const { return new PKCS5_PBKDF2(hash_name); }
-      PKCS5_PBKDF2(const std::string&);
+      S2K* clone() const;
+
+      PKCS5_PBKDF2(MessageAuthenticationCode* m);
+      ~PKCS5_PBKDF2();
    private:
       OctetString derive(u32bit, const std::string&,
                           const byte[], u32bit, u32bit) const;
-      const std::string hash_name;
+
+      MessageAuthenticationCode* mac;
    };
 
 }
diff --git a/src/kdf/tlsv1/prf_tls.cpp b/src/kdf/tlsv1/prf_tls.cpp
index e035ac85e..8f7063f9f 100644
--- a/src/kdf/tlsv1/prf_tls.cpp
+++ b/src/kdf/tlsv1/prf_tls.cpp
@@ -4,13 +4,29 @@
 *************************************************/
 
 #include <botan/prf_tls.h>
-#include <botan/lookup.h>
 #include <botan/xor_buf.h>
 #include <botan/hmac.h>
+#include <botan/md5.h>
+#include <botan/sha160.h>
 
 namespace Botan {
 
 /*************************************************
+* TLS PRF Constructor and Destructor             *
+*************************************************/
+TLS_PRF::TLS_PRF()
+   {
+   hmac_md5 = new HMAC(new MD5);
+   hmac_sha1 = new HMAC(new SHA_160);
+   }
+
+TLS_PRF::~TLS_PRF()
+   {
+   delete hmac_md5;
+   delete hmac_sha1;
+   }
+
+/*************************************************
 * TLS PRF                                        *
 *************************************************/
 SecureVector<byte> TLS_PRF::derive(u32bit key_len,
@@ -23,8 +39,8 @@ SecureVector<byte> TLS_PRF::derive(u32bit key_len,
    const byte* S2 = secret + (secret_len - S2_len);
 
    SecureVector<byte> key1, key2;
-   key1 = P_hash("MD5",   key_len, S1, S1_len, seed, seed_len);
-   key2 = P_hash("SHA-1", key_len, S2, S2_len, seed, seed_len);
+   key1 = P_hash(hmac_md5,  key_len, S1, S1_len, seed, seed_len);
+   key2 = P_hash(hmac_sha1, key_len, S2, S2_len, seed, seed_len);
 
    xor_buf(key1.begin(), key2.begin(), key2.size());
 
@@ -34,25 +50,25 @@ SecureVector<byte> TLS_PRF::derive(u32bit key_len,
 /*************************************************
 * TLS PRF P_hash function                        *
 *************************************************/
-SecureVector<byte> TLS_PRF::P_hash(const std::string& hash, u32bit len,
+SecureVector<byte> TLS_PRF::P_hash(MessageAuthenticationCode* mac,
+                                   u32bit len,
                                    const byte secret[], u32bit secret_len,
-                                   const byte seed[], u32bit seed_len) const
+                                   const byte seed[], u32bit seed_len)
    {
    SecureVector<byte> out;
 
-   HMAC hmac(hash);
-   hmac.set_key(secret, secret_len);
+   mac->set_key(secret, secret_len);
 
    SecureVector<byte> A(seed, seed_len);
    while(len)
       {
-      const u32bit this_block_len = std::min(hmac.OUTPUT_LENGTH, len);
+      const u32bit this_block_len = std::min(mac->OUTPUT_LENGTH, len);
 
-      A = hmac.process(A);
+      A = mac->process(A);
 
-      hmac.update(A);
-      hmac.update(seed, seed_len);
-      SecureVector<byte> block = hmac.final();
+      mac->update(A);
+      mac->update(seed, seed_len);
+      SecureVector<byte> block = mac->final();
 
       out.append(block, this_block_len);
       len -= this_block_len;
diff --git a/src/kdf/tlsv1/prf_tls.h b/src/kdf/tlsv1/prf_tls.h
index 7d7134740..9bd221ca4 100644
--- a/src/kdf/tlsv1/prf_tls.h
+++ b/src/kdf/tlsv1/prf_tls.h
@@ -7,6 +7,7 @@
 #define BOTAN_TLS_PRF__
 
 #include <botan/kdf.h>
+#include <botan/base.h>
 
 namespace Botan {
 
@@ -18,10 +19,17 @@ class BOTAN_DLL TLS_PRF : public KDF
    public:
       SecureVector<byte> derive(u32bit, const byte[], u32bit,
                                 const byte[], u32bit) const;
+
+      TLS_PRF();
+      ~TLS_PRF();
    private:
-      SecureVector<byte> P_hash(const std::string&, u32bit,
-                                const byte[], u32bit,
-                                const byte[], u32bit) const;
+      static SecureVector<byte> P_hash(MessageAuthenticationCode*,
+                                       u32bit,
+                                       const byte[], u32bit,
+                                       const byte[], u32bit);
+
+      MessageAuthenticationCode* hmac_md5;
+      MessageAuthenticationCode* hmac_sha1;
    };
 
 }
author	lloyd <[email protected]>	2008-09-30 06:20:10 +0000
committer	lloyd <[email protected]>	2008-09-30 06:20:10 +0000
commit	33bb3dca54ecef2599b756d27b66781e14d06ae3 (patch)
tree	4c7b07a1b1b3f40e82202570c7aec298a672339c /src/kdf
parent	c9749d5d4693b5d93171f6085b29fc72c1e12ba0 (diff)