Move lib into src

author: lloyd <[email protected]> 2014-01-10 03:41:59 +0000
committer: lloyd <[email protected]> 2014-01-10 03:41:59 +0000
commit: 6894dca64c04936d07048c0e8cbf7e25858548c3 (patch)
tree: 5d572bfde9fe667dab14e3f04b5285a85d8acd95 /src/lib/kdf/prf_tls
parent: 9efa3be92442afb3d0b69890a36c7f122df18eda (diff)
3 files changed, 183 insertions, 0 deletions
diff --git a/src/lib/kdf/prf_tls/info.txt b/src/lib/kdf/prf_tls/info.txt
new file mode 100644
index 000000000..505e1ff1e
--- /dev/null
+++ b/src/lib/kdf/prf_tls/info.txt
@@ -0,0 +1,8 @@
+define TLS_V10_PRF 20131128
+define TLS_V12_PRF 20131128
+
+<requires>
+hmac
+md5
+sha1
+</requires>
diff --git a/src/lib/kdf/prf_tls/prf_tls.cpp b/src/lib/kdf/prf_tls/prf_tls.cpp
new file mode 100644
index 000000000..006b418c9
--- /dev/null
+++ b/src/lib/kdf/prf_tls/prf_tls.cpp
@@ -0,0 +1,117 @@
+/*
+* TLS v1.0 and v1.2 PRFs
+* (C) 2004-2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/prf_tls.h>
+#include <botan/internal/xor_buf.h>
+#include <botan/hmac.h>
+#include <botan/md5.h>
+#include <botan/sha160.h>
+
+namespace Botan {
+
+namespace {
+
+/*
+* TLS PRF P_hash function
+*/
+void P_hash(secure_vector<byte>& output,
+            MessageAuthenticationCode* mac,
+            const byte secret[], size_t secret_len,
+            const byte seed[], size_t seed_len)
+   {
+   try
+      {
+      mac->set_key(secret, secret_len);
+      }
+   catch(Invalid_Key_Length)
+      {
+      throw Internal_Error("The premaster secret of " +
+                           std::to_string(secret_len) +
+                           " bytes is too long for the PRF");
+      }
+
+   secure_vector<byte> A(seed, seed + seed_len);
+
+   size_t offset = 0;
+
+   while(offset != output.size())
+      {
+      const size_t this_block_len =
+         std::min<size_t>(mac->output_length(), output.size() - offset);
+
+      A = mac->process(A);
+
+      mac->update(A);
+      mac->update(seed, seed_len);
+      secure_vector<byte> block = mac->final();
+
+      xor_buf(&output[offset], &block[0], this_block_len);
+      offset += this_block_len;
+      }
+   }
+
+}
+
+/*
+* TLS PRF Constructor and Destructor
+*/
+TLS_PRF::TLS_PRF()
+   {
+   hmac_md5 = new HMAC(new MD5);
+   hmac_sha1 = new HMAC(new SHA_160);
+   }
+
+TLS_PRF::~TLS_PRF()
+   {
+   delete hmac_md5;
+   delete hmac_sha1;
+   }
+
+/*
+* TLS PRF
+*/
+secure_vector<byte> TLS_PRF::derive(size_t key_len,
+                                   const byte secret[], size_t secret_len,
+                                   const byte seed[], size_t seed_len) const
+   {
+   secure_vector<byte> output(key_len);
+
+   size_t S1_len = (secret_len + 1) / 2,
+          S2_len = (secret_len + 1) / 2;
+   const byte* S1 = secret;
+   const byte* S2 = secret + (secret_len - S2_len);
+
+   P_hash(output, hmac_md5,  S1, S1_len, seed, seed_len);
+   P_hash(output, hmac_sha1, S2, S2_len, seed, seed_len);
+
+   return output;
+   }
+
+/*
+* TLS v1.2 PRF Constructor and Destructor
+*/
+TLS_12_PRF::TLS_12_PRF(MessageAuthenticationCode* mac) : hmac(mac)
+   {
+   }
+
+TLS_12_PRF::~TLS_12_PRF()
+   {
+   delete hmac;
+   }
+
+secure_vector<byte> TLS_12_PRF::derive(size_t key_len,
+                                      const byte secret[], size_t secret_len,
+                                      const byte seed[], size_t seed_len) const
+   {
+   secure_vector<byte> output(key_len);
+
+   P_hash(output, hmac, secret, secret_len, seed, seed_len);
+
+   return output;
+   }
+
+}
diff --git a/src/lib/kdf/prf_tls/prf_tls.h b/src/lib/kdf/prf_tls/prf_tls.h
new file mode 100644
index 000000000..fce11eae0
--- /dev/null
+++ b/src/lib/kdf/prf_tls/prf_tls.h
@@ -0,0 +1,58 @@
+/*
+* TLS v1.0 and v1.2 PRFs
+* (C) 2004-2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_TLS_PRF_H__
+#define BOTAN_TLS_PRF_H__
+
+#include <botan/kdf.h>
+#include <botan/mac.h>
+#include <botan/hash.h>
+
+namespace Botan {
+
+/**
+* PRF used in TLS 1.0/1.1
+*/
+class BOTAN_DLL TLS_PRF : public KDF
+   {
+   public:
+      secure_vector<byte> derive(size_t key_len,
+                                const byte secret[], size_t secret_len,
+                                const byte seed[], size_t seed_len) const;
+
+      std::string name() const { return "TLS-PRF"; }
+      KDF* clone() const { return new TLS_PRF; }
+
+      TLS_PRF();
+      ~TLS_PRF();
+   private:
+      MessageAuthenticationCode* hmac_md5;
+      MessageAuthenticationCode* hmac_sha1;
+   };
+
+/**
+* PRF used in TLS 1.2
+*/
+class BOTAN_DLL TLS_12_PRF : public KDF
+   {
+   public:
+      secure_vector<byte> derive(size_t key_len,
+                                const byte secret[], size_t secret_len,
+                                const byte seed[], size_t seed_len) const;
+
+      std::string name() const { return "TLSv12-PRF(" + hmac->name() + ")"; }
+      KDF* clone() const { return new TLS_12_PRF(hmac->clone()); }
+
+      TLS_12_PRF(MessageAuthenticationCode* hmac);
+      ~TLS_12_PRF();
+   private:
+      MessageAuthenticationCode* hmac;
+   };
+
+}
+
+#endif
author	lloyd <[email protected]>	2014-01-10 03:41:59 +0000
committer	lloyd <[email protected]>	2014-01-10 03:41:59 +0000
commit	6894dca64c04936d07048c0e8cbf7e25858548c3 (patch)
tree	5d572bfde9fe667dab14e3f04b5285a85d8acd95 /src/lib/kdf/prf_tls
parent	9efa3be92442afb3d0b69890a36c7f122df18eda (diff)