diff options
Diffstat (limited to 'src/lib/kdf')
-rw-r--r-- | src/lib/kdf/hkdf/hkdf.h | 8 | ||||
-rw-r--r-- | src/lib/kdf/kdf.h | 35 | ||||
-rw-r--r-- | src/lib/kdf/kdf1/kdf1.h | 3 | ||||
-rw-r--r-- | src/lib/kdf/kdf1_iso18033/kdf1_iso18033.h | 3 | ||||
-rw-r--r-- | src/lib/kdf/kdf2/kdf2.h | 3 | ||||
-rw-r--r-- | src/lib/kdf/prf_tls/prf_tls.h | 3 | ||||
-rw-r--r-- | src/lib/kdf/sp800_108/sp800_108.h | 3 | ||||
-rw-r--r-- | src/lib/kdf/sp800_56c/sp800_56c.h | 4 |
8 files changed, 54 insertions, 8 deletions
diff --git a/src/lib/kdf/hkdf/hkdf.h b/src/lib/kdf/hkdf/hkdf.h index 1dba82ee2..ea17f8c01 100644 --- a/src/lib/kdf/hkdf/hkdf.h +++ b/src/lib/kdf/hkdf/hkdf.h @@ -15,12 +15,16 @@ namespace Botan { /** -* HKDF, see @rfc 5869 for details -* This is only the expansion portion of HKDF +* HKDF, see RFC 5869 for details. +* This is only the expansion portion of HKDF. +* An appropriate extraction function should be used before. */ class BOTAN_DLL HKDF final : public KDF { public: + /** + * @param prf MAC algorithm to use + */ explicit HKDF(MessageAuthenticationCode* prf) : m_prf(prf) {} static HKDF* make(const Spec& spec); diff --git a/src/lib/kdf/kdf.h b/src/lib/kdf/kdf.h index 3c8a7a013..f9acb9d38 100644 --- a/src/lib/kdf/kdf.h +++ b/src/lib/kdf/kdf.h @@ -25,25 +25,41 @@ class BOTAN_DLL KDF /** * Create an instance based on a name - * Will return a null pointer if the algo/provider combination cannot - * be found. If provider is empty then best available is chosen. + * If provider is empty then best available is chosen. + * @param algo_spec algorithm name + * @param provider provider implementation to choose + * @return a null pointer if the algo/provider combination cannot be found */ static std::unique_ptr<KDF> create(const std::string& algo_spec, const std::string& provider = ""); /** - * Returns the list of available providers for this algorithm, empty if not available + * @return list of available providers for this algorithm, empty if not available */ static std::vector<std::string> providers(const std::string& algo_spec); + /** + * @return KDF name + */ virtual std::string name() const = 0; + /** + * Derive a key + * @param key buffer holding the derived key, must be of length key_len + * @param key_len the desired output length in bytes + * @param secret the secret input + * @param secret_len size of secret in bytes + * @param salt a diversifier + * @param salt_len size of salt in bytes + * @param label purpose for the derived keying material + * @param label_len size of label in bytes + * @return the derived key + */ virtual size_t kdf(byte key[], size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len, const byte label[], size_t label_len) const = 0; - /** * Derive a key * @param key_len the desired output length in bytes @@ -53,6 +69,7 @@ class BOTAN_DLL KDF * @param salt_len size of salt in bytes * @param label purpose for the derived keying material * @param label_len size of label in bytes + * @return the derived key */ secure_vector<byte> derive_key(size_t key_len, const byte secret[], @@ -73,6 +90,7 @@ class BOTAN_DLL KDF * @param secret the secret input * @param salt a diversifier * @param label purpose for the derived keying material + * @return the derived key */ secure_vector<byte> derive_key(size_t key_len, const secure_vector<byte>& secret, @@ -93,6 +111,7 @@ class BOTAN_DLL KDF * @param secret the secret input * @param salt a diversifier * @param label purpose for the derived keying material + * @return the derived key */ template<typename Alloc, typename Alloc2, typename Alloc3> secure_vector<byte> derive_key(size_t key_len, @@ -113,6 +132,7 @@ class BOTAN_DLL KDF * @param salt a diversifier * @param salt_len size of salt in bytes * @param label purpose for the derived keying material + * @return the derived key */ secure_vector<byte> derive_key(size_t key_len, const secure_vector<byte>& secret, @@ -134,6 +154,7 @@ class BOTAN_DLL KDF * @param secret_len size of secret in bytes * @param salt a diversifier * @param label purpose for the derived keying material + * @return the derived key */ secure_vector<byte> derive_key(size_t key_len, const byte secret[], @@ -148,10 +169,12 @@ class BOTAN_DLL KDF label.length()); } + /** + * @return new object representing the same algorithm as *this + */ virtual KDF* clone() const = 0; typedef SCAN_Name Spec; - }; /** @@ -159,7 +182,7 @@ class BOTAN_DLL KDF * @param algo_spec the name of the KDF to create * @return pointer to newly allocated object of that type */ -BOTAN_DLL KDF* get_kdf(const std::string& algo_spec); +BOTAN_DLL KDF* get_kdf(const std::string& algo_spec); } diff --git a/src/lib/kdf/kdf1/kdf1.h b/src/lib/kdf/kdf1/kdf1.h index 59bff4d8d..db8b3b062 100644 --- a/src/lib/kdf/kdf1/kdf1.h +++ b/src/lib/kdf/kdf1/kdf1.h @@ -28,6 +28,9 @@ class BOTAN_DLL KDF1 final : public KDF const byte salt[], size_t salt_len, const byte label[], size_t label_len) const override; + /** + * @param h hash function to use + */ explicit KDF1(HashFunction* h) : m_hash(h) {} private: std::unique_ptr<HashFunction> m_hash; diff --git a/src/lib/kdf/kdf1_iso18033/kdf1_iso18033.h b/src/lib/kdf/kdf1_iso18033/kdf1_iso18033.h index f61864d1f..08e2d5c61 100644 --- a/src/lib/kdf/kdf1_iso18033/kdf1_iso18033.h +++ b/src/lib/kdf/kdf1_iso18033/kdf1_iso18033.h @@ -28,6 +28,9 @@ class BOTAN_DLL KDF1_18033 : public KDF const byte salt[], size_t salt_len, const byte label[], size_t label_len) const override; + /** + * @param h hash function to use + */ KDF1_18033(HashFunction* h) : m_hash(h) {} private: std::unique_ptr<HashFunction> m_hash; diff --git a/src/lib/kdf/kdf2/kdf2.h b/src/lib/kdf/kdf2/kdf2.h index 600f7c91c..2ead49530 100644 --- a/src/lib/kdf/kdf2/kdf2.h +++ b/src/lib/kdf/kdf2/kdf2.h @@ -28,6 +28,9 @@ class BOTAN_DLL KDF2 final : public KDF const byte salt[], size_t salt_len, const byte label[], size_t label_len) const override; + /** + * @param h hash function to use + */ explicit KDF2(HashFunction* h) : m_hash(h) {} private: std::unique_ptr<HashFunction> m_hash; diff --git a/src/lib/kdf/prf_tls/prf_tls.h b/src/lib/kdf/prf_tls/prf_tls.h index 37a517125..58cd5758e 100644 --- a/src/lib/kdf/prf_tls/prf_tls.h +++ b/src/lib/kdf/prf_tls/prf_tls.h @@ -49,6 +49,9 @@ class BOTAN_DLL TLS_12_PRF final : public KDF const byte salt[], size_t salt_len, const byte label[], size_t label_len) const override; + /** + * @param mac MAC algorithm to use + */ explicit TLS_12_PRF(MessageAuthenticationCode* mac) : m_mac(mac) {} static TLS_12_PRF* make(const Spec& spec); diff --git a/src/lib/kdf/sp800_108/sp800_108.h b/src/lib/kdf/sp800_108/sp800_108.h index 71a918c15..2d4d028b2 100644 --- a/src/lib/kdf/sp800_108/sp800_108.h +++ b/src/lib/kdf/sp800_108/sp800_108.h @@ -45,6 +45,9 @@ class BOTAN_DLL SP800_108_Counter : public KDF const byte salt[], size_t salt_len, const byte label[], size_t label_len) const override; + /** + * @param mac MAC algorithm to use + */ SP800_108_Counter(MessageAuthenticationCode* mac) : m_prf(mac) {} static SP800_108_Counter* make(const Spec& spec); diff --git a/src/lib/kdf/sp800_56c/sp800_56c.h b/src/lib/kdf/sp800_56c/sp800_56c.h index 1281ed314..83f11906a 100644 --- a/src/lib/kdf/sp800_56c/sp800_56c.h +++ b/src/lib/kdf/sp800_56c/sp800_56c.h @@ -45,6 +45,10 @@ class BOTAN_DLL SP800_56C : public KDF const byte salt[], size_t salt_len, const byte label[], size_t label_len) const override; + /** + * @param mac MAC algorithm used for randomness extraction + * @param exp KDF used for key expansion + */ SP800_56C(MessageAuthenticationCode* mac, KDF* exp) : m_prf(mac), m_exp(exp) {} static SP800_56C* make(const Spec& spec); |