aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/kdf/hkdf
diff options
context:
space:
mode:
authorlloyd <[email protected]>2015-02-16 20:12:38 +0000
committerlloyd <[email protected]>2015-02-16 20:12:38 +0000
commit3b9a0c1535e40f8f9fc4cfbc734144ee229df65d (patch)
tree30c1d4363b4c85561204d26344f40de3e78f6d9d /src/lib/kdf/hkdf
parent85caef829c9eeb7c224ad3b2e3ffbcfe981c2428 (diff)
Add new module `ffi` which provides a plain C interface, plus a new
ctypes Python wrapper that uses it. The API is intentionally designed to have a very simple ABI (extern "C", all structs are opaque, no memory ownership passing the FFI boundary, limited set of simple types as args) so the ctypes wrapper is quite simple. Currently ffi provides ciphers, hashes, MACs, RNGs, PBKDF, KDF, bcrypt, and most public key operations. Remove the old boost.python wrapper and all the build code for it.
Diffstat (limited to 'src/lib/kdf/hkdf')
-rw-r--r--src/lib/kdf/hkdf/hkdf.cpp67
-rw-r--r--src/lib/kdf/hkdf/hkdf.h51
-rw-r--r--src/lib/kdf/hkdf/info.txt1
3 files changed, 119 insertions, 0 deletions
diff --git a/src/lib/kdf/hkdf/hkdf.cpp b/src/lib/kdf/hkdf/hkdf.cpp
new file mode 100644
index 000000000..28f97cadb
--- /dev/null
+++ b/src/lib/kdf/hkdf/hkdf.cpp
@@ -0,0 +1,67 @@
+/*
+* HKDF
+* (C) 2013 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#include <botan/hkdf.h>
+
+namespace Botan {
+
+std::string HKDF::name() const
+ {
+ const std::string prf = m_prf->name();
+ const std::string ext = m_extractor->name();
+
+ if(prf == ext)
+ return "HKDF(" + prf + ")";
+ return "HKDF(" + ext + "," + prf + ")";
+ }
+
+void HKDF::clear()
+ {
+ m_extractor->clear();
+ m_prf->clear();
+ }
+
+void HKDF::start_extract(const byte salt[], size_t salt_len)
+ {
+ m_extractor->set_key(salt, salt_len);
+ }
+
+void HKDF::extract(const byte input[], size_t input_len)
+ {
+ m_extractor->update(input, input_len);
+ }
+
+void HKDF::finish_extract()
+ {
+ m_prf->set_key(m_extractor->final());
+ }
+
+void HKDF::expand(byte output[], size_t output_len,
+ const byte info[], size_t info_len)
+ {
+ if(output_len > m_prf->output_length() * 255)
+ throw std::invalid_argument("HKDF requested output too large");
+
+ byte counter = 1;
+
+ secure_vector<byte> T;
+
+ while(output_len)
+ {
+ m_prf->update(T);
+ m_prf->update(info, info_len);
+ m_prf->update(counter++);
+ m_prf->final(T);
+
+ const size_t to_write = std::min(T.size(), output_len);
+ copy_mem(&output[0], &T[0], to_write);
+ output += to_write;
+ output_len -= to_write;
+ }
+ }
+
+}
diff --git a/src/lib/kdf/hkdf/hkdf.h b/src/lib/kdf/hkdf/hkdf.h
new file mode 100644
index 000000000..f1ae61453
--- /dev/null
+++ b/src/lib/kdf/hkdf/hkdf.h
@@ -0,0 +1,51 @@
+/*
+* HKDF
+* (C) 2013 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#ifndef BOTAN_HKDF_H__
+#define BOTAN_HKDF_H__
+
+#include <botan/mac.h>
+#include <botan/hash.h>
+#include <botan/kdf.h>
+
+namespace Botan {
+
+/**
+* HKDF, see @rfc 5869 for details
+*/
+class BOTAN_DLL HKDF
+ {
+ public:
+ HKDF(MessageAuthenticationCode* extractor,
+ MessageAuthenticationCode* prf) :
+ m_extractor(extractor), m_prf(prf) {}
+
+ HKDF(MessageAuthenticationCode* prf) :
+ m_extractor(prf), m_prf(m_extractor->clone()) {}
+
+ void start_extract(const byte salt[], size_t salt_len);
+ void extract(const byte input[], size_t input_len);
+ void finish_extract();
+
+ /**
+ * Only call after extract
+ * @param output_len must be less than 256*hashlen
+ */
+ void expand(byte output[], size_t output_len,
+ const byte info[], size_t info_len);
+
+ std::string name() const;
+
+ void clear();
+ private:
+ std::unique_ptr<MessageAuthenticationCode> m_extractor;
+ std::unique_ptr<MessageAuthenticationCode> m_prf;
+ };
+
+}
+
+#endif
diff --git a/src/lib/kdf/hkdf/info.txt b/src/lib/kdf/hkdf/info.txt
new file mode 100644
index 000000000..7389e5bb1
--- /dev/null
+++ b/src/lib/kdf/hkdf/info.txt
@@ -0,0 +1 @@
+define HKDF 20131128