diff options
author | lloyd <[email protected]> | 2015-02-16 20:12:38 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2015-02-16 20:12:38 +0000 |
commit | 3b9a0c1535e40f8f9fc4cfbc734144ee229df65d (patch) | |
tree | 30c1d4363b4c85561204d26344f40de3e78f6d9d /src/lib/kdf/hkdf | |
parent | 85caef829c9eeb7c224ad3b2e3ffbcfe981c2428 (diff) |
Add new module `ffi` which provides a plain C interface, plus a new
ctypes Python wrapper that uses it. The API is intentionally designed
to have a very simple ABI (extern "C", all structs are opaque, no
memory ownership passing the FFI boundary, limited set of simple types
as args) so the ctypes wrapper is quite simple.
Currently ffi provides ciphers, hashes, MACs, RNGs, PBKDF, KDF,
bcrypt, and most public key operations.
Remove the old boost.python wrapper and all the build code for it.
Diffstat (limited to 'src/lib/kdf/hkdf')
-rw-r--r-- | src/lib/kdf/hkdf/hkdf.cpp | 67 | ||||
-rw-r--r-- | src/lib/kdf/hkdf/hkdf.h | 51 | ||||
-rw-r--r-- | src/lib/kdf/hkdf/info.txt | 1 |
3 files changed, 119 insertions, 0 deletions
diff --git a/src/lib/kdf/hkdf/hkdf.cpp b/src/lib/kdf/hkdf/hkdf.cpp new file mode 100644 index 000000000..28f97cadb --- /dev/null +++ b/src/lib/kdf/hkdf/hkdf.cpp @@ -0,0 +1,67 @@ +/* +* HKDF +* (C) 2013 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include <botan/hkdf.h> + +namespace Botan { + +std::string HKDF::name() const + { + const std::string prf = m_prf->name(); + const std::string ext = m_extractor->name(); + + if(prf == ext) + return "HKDF(" + prf + ")"; + return "HKDF(" + ext + "," + prf + ")"; + } + +void HKDF::clear() + { + m_extractor->clear(); + m_prf->clear(); + } + +void HKDF::start_extract(const byte salt[], size_t salt_len) + { + m_extractor->set_key(salt, salt_len); + } + +void HKDF::extract(const byte input[], size_t input_len) + { + m_extractor->update(input, input_len); + } + +void HKDF::finish_extract() + { + m_prf->set_key(m_extractor->final()); + } + +void HKDF::expand(byte output[], size_t output_len, + const byte info[], size_t info_len) + { + if(output_len > m_prf->output_length() * 255) + throw std::invalid_argument("HKDF requested output too large"); + + byte counter = 1; + + secure_vector<byte> T; + + while(output_len) + { + m_prf->update(T); + m_prf->update(info, info_len); + m_prf->update(counter++); + m_prf->final(T); + + const size_t to_write = std::min(T.size(), output_len); + copy_mem(&output[0], &T[0], to_write); + output += to_write; + output_len -= to_write; + } + } + +} diff --git a/src/lib/kdf/hkdf/hkdf.h b/src/lib/kdf/hkdf/hkdf.h new file mode 100644 index 000000000..f1ae61453 --- /dev/null +++ b/src/lib/kdf/hkdf/hkdf.h @@ -0,0 +1,51 @@ +/* +* HKDF +* (C) 2013 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#ifndef BOTAN_HKDF_H__ +#define BOTAN_HKDF_H__ + +#include <botan/mac.h> +#include <botan/hash.h> +#include <botan/kdf.h> + +namespace Botan { + +/** +* HKDF, see @rfc 5869 for details +*/ +class BOTAN_DLL HKDF + { + public: + HKDF(MessageAuthenticationCode* extractor, + MessageAuthenticationCode* prf) : + m_extractor(extractor), m_prf(prf) {} + + HKDF(MessageAuthenticationCode* prf) : + m_extractor(prf), m_prf(m_extractor->clone()) {} + + void start_extract(const byte salt[], size_t salt_len); + void extract(const byte input[], size_t input_len); + void finish_extract(); + + /** + * Only call after extract + * @param output_len must be less than 256*hashlen + */ + void expand(byte output[], size_t output_len, + const byte info[], size_t info_len); + + std::string name() const; + + void clear(); + private: + std::unique_ptr<MessageAuthenticationCode> m_extractor; + std::unique_ptr<MessageAuthenticationCode> m_prf; + }; + +} + +#endif diff --git a/src/lib/kdf/hkdf/info.txt b/src/lib/kdf/hkdf/info.txt new file mode 100644 index 000000000..7389e5bb1 --- /dev/null +++ b/src/lib/kdf/hkdf/info.txt @@ -0,0 +1 @@ +define HKDF 20131128 |