1 files changed, 45 insertions, 0 deletions

diff --git a/src/lib/kdf/sp800_56c/sp800_56c.cpp b/src/lib/kdf/sp800_56c/sp800_56c.cpp
new file mode 100644
index 000000000..664d32b30
--- /dev/null
+++ b/src/lib/kdf/sp800_56c/sp800_56c.cpp
@@ -0,0 +1,45 @@
+/*
+* KDF defined in NIST SP 800-56c
+* (C) 2016 Kai Michaelis
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#include <botan/sp800_108.h>
+#include <botan/sp800_56c.h>
+#include <botan/hmac.h>
+
+namespace Botan {
+
+SP800_56C* SP800_56C::make(const Spec& spec)
+   {
+   if(auto exp = SP800_108_Feedback::make(spec))
+      {
+      if(auto mac = MessageAuthenticationCode::create(spec.arg(0)))
+         return new SP800_56C(mac.release(), exp);
+
+      if(auto mac = MessageAuthenticationCode::create("HMAC(" + spec.arg(0) + ")"))
+         return new SP800_56C(mac.release(), exp);
+      }
+
+   return nullptr;
+   }
+
+size_t SP800_56C::kdf(byte key[], size_t key_len,
+                      const byte secret[], size_t secret_len,
+                      const byte salt[], size_t salt_len) const
+   {
+      // Randomness Extraction
+      secure_vector< byte > k_dk, context;
+
+      m_prf->set_key(salt, salt_len);
+      m_prf->update(secret, secret_len);
+      m_prf->final(k_dk);
+
+      // Key Expansion
+      m_exp->kdf(key, key_len, k_dk.data(), k_dk.size(), context.data(), context.size());
+
+   return key_len;
+   }
+
+}