aboutsummaryrefslogtreecommitdiffstats
path: root/src/kdf/prf_tls
diff options
context:
space:
mode:
Diffstat (limited to 'src/kdf/prf_tls')
-rw-r--r--src/kdf/prf_tls/info.txt7
-rw-r--r--src/kdf/prf_tls/prf_tls.cpp108
-rw-r--r--src/kdf/prf_tls/prf_tls.h58
3 files changed, 173 insertions, 0 deletions
diff --git a/src/kdf/prf_tls/info.txt b/src/kdf/prf_tls/info.txt
new file mode 100644
index 000000000..9531a6a83
--- /dev/null
+++ b/src/kdf/prf_tls/info.txt
@@ -0,0 +1,7 @@
+define TLS_V10_PRF
+
+<requires>
+hmac
+md5
+sha1
+</requires>
diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp
new file mode 100644
index 000000000..2b57cdd25
--- /dev/null
+++ b/src/kdf/prf_tls/prf_tls.cpp
@@ -0,0 +1,108 @@
+/*
+* TLS v1.0 and v1.2 PRFs
+* (C) 2004-2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/prf_tls.h>
+#include <botan/internal/xor_buf.h>
+#include <botan/hmac.h>
+#include <botan/md5.h>
+#include <botan/sha160.h>
+
+namespace Botan {
+
+namespace {
+
+/*
+* TLS PRF P_hash function
+*/
+void P_hash(MemoryRegion<byte>& output,
+ MessageAuthenticationCode* mac,
+ const byte secret[], size_t secret_len,
+ const byte seed[], size_t seed_len)
+ {
+ mac->set_key(secret, secret_len);
+
+ SecureVector<byte> A(seed, seed_len);
+
+ size_t offset = 0;
+
+ while(offset != output.size())
+ {
+ const size_t this_block_len =
+ std::min<size_t>(mac->output_length(), output.size() - offset);
+
+ A = mac->process(A);
+
+ mac->update(A);
+ mac->update(seed, seed_len);
+ SecureVector<byte> block = mac->final();
+
+ xor_buf(&output[offset], &block[0], this_block_len);
+ offset += this_block_len;
+ }
+ }
+
+}
+
+/*
+* TLS PRF Constructor and Destructor
+*/
+TLS_PRF::TLS_PRF()
+ {
+ hmac_md5 = new HMAC(new MD5);
+ hmac_sha1 = new HMAC(new SHA_160);
+ }
+
+TLS_PRF::~TLS_PRF()
+ {
+ delete hmac_md5;
+ delete hmac_sha1;
+ }
+
+/*
+* TLS PRF
+*/
+SecureVector<byte> TLS_PRF::derive(size_t key_len,
+ const byte secret[], size_t secret_len,
+ const byte seed[], size_t seed_len) const
+ {
+ SecureVector<byte> output(key_len);
+
+ size_t S1_len = (secret_len + 1) / 2,
+ S2_len = (secret_len + 1) / 2;
+ const byte* S1 = secret;
+ const byte* S2 = secret + (secret_len - S2_len);
+
+ P_hash(output, hmac_md5, S1, S1_len, seed, seed_len);
+ P_hash(output, hmac_sha1, S2, S2_len, seed, seed_len);
+
+ return output;
+ }
+
+/*
+* TLS v1.2 PRF Constructor and Destructor
+*/
+TLS_12_PRF::TLS_12_PRF(MessageAuthenticationCode* mac) : hmac(mac)
+ {
+ }
+
+TLS_12_PRF::~TLS_12_PRF()
+ {
+ delete hmac;
+ }
+
+SecureVector<byte> TLS_12_PRF::derive(size_t key_len,
+ const byte secret[], size_t secret_len,
+ const byte seed[], size_t seed_len) const
+ {
+ SecureVector<byte> output(key_len);
+
+ P_hash(output, hmac, secret, secret_len, seed, seed_len);
+
+ return output;
+ }
+
+}
diff --git a/src/kdf/prf_tls/prf_tls.h b/src/kdf/prf_tls/prf_tls.h
new file mode 100644
index 000000000..5237f17c0
--- /dev/null
+++ b/src/kdf/prf_tls/prf_tls.h
@@ -0,0 +1,58 @@
+/*
+* TLS v1.0 and v1.2 PRFs
+* (C) 2004-2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_TLS_PRF_H__
+#define BOTAN_TLS_PRF_H__
+
+#include <botan/kdf.h>
+#include <botan/mac.h>
+#include <botan/hash.h>
+
+namespace Botan {
+
+/**
+* PRF used in TLS 1.0/1.1
+*/
+class BOTAN_DLL TLS_PRF : public KDF
+ {
+ public:
+ SecureVector<byte> derive(size_t key_len,
+ const byte secret[], size_t secret_len,
+ const byte seed[], size_t seed_len) const;
+
+ std::string name() const { return "TLS-PRF"; }
+ KDF* clone() const { return new TLS_PRF; }
+
+ TLS_PRF();
+ ~TLS_PRF();
+ private:
+ MessageAuthenticationCode* hmac_md5;
+ MessageAuthenticationCode* hmac_sha1;
+ };
+
+/**
+* PRF used in TLS 1.2
+*/
+class BOTAN_DLL TLS_12_PRF : public KDF
+ {
+ public:
+ SecureVector<byte> derive(size_t key_len,
+ const byte secret[], size_t secret_len,
+ const byte seed[], size_t seed_len) const;
+
+ std::string name() const { return "TLSv12-PRF(" + hmac->name() + ")"; }
+ KDF* clone() const { return new TLS_12_PRF(hmac->clone()); }
+
+ TLS_12_PRF(MessageAuthenticationCode* hmac);
+ ~TLS_12_PRF();
+ private:
+ MessageAuthenticationCode* hmac;
+ };
+
+}
+
+#endif