From 3b9a0c1535e40f8f9fc4cfbc734144ee229df65d Mon Sep 17 00:00:00 2001 From: lloyd Date: Mon, 16 Feb 2015 20:12:38 +0000 Subject: Add new module `ffi` which provides a plain C interface, plus a new ctypes Python wrapper that uses it. The API is intentionally designed to have a very simple ABI (extern "C", all structs are opaque, no memory ownership passing the FFI boundary, limited set of simple types as args) so the ctypes wrapper is quite simple. Currently ffi provides ciphers, hashes, MACs, RNGs, PBKDF, KDF, bcrypt, and most public key operations. Remove the old boost.python wrapper and all the build code for it. --- src/lib/kdf/hkdf/hkdf.cpp | 67 +++++++++++++++++++++++++++++++++++++++++++++++ src/lib/kdf/hkdf/hkdf.h | 51 ++++++++++++++++++++++++++++++++++++ src/lib/kdf/hkdf/info.txt | 1 + 3 files changed, 119 insertions(+) create mode 100644 src/lib/kdf/hkdf/hkdf.cpp create mode 100644 src/lib/kdf/hkdf/hkdf.h create mode 100644 src/lib/kdf/hkdf/info.txt (limited to 'src/lib/kdf/hkdf') diff --git a/src/lib/kdf/hkdf/hkdf.cpp b/src/lib/kdf/hkdf/hkdf.cpp new file mode 100644 index 000000000..28f97cadb --- /dev/null +++ b/src/lib/kdf/hkdf/hkdf.cpp @@ -0,0 +1,67 @@ +/* +* HKDF +* (C) 2013 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include + +namespace Botan { + +std::string HKDF::name() const + { + const std::string prf = m_prf->name(); + const std::string ext = m_extractor->name(); + + if(prf == ext) + return "HKDF(" + prf + ")"; + return "HKDF(" + ext + "," + prf + ")"; + } + +void HKDF::clear() + { + m_extractor->clear(); + m_prf->clear(); + } + +void HKDF::start_extract(const byte salt[], size_t salt_len) + { + m_extractor->set_key(salt, salt_len); + } + +void HKDF::extract(const byte input[], size_t input_len) + { + m_extractor->update(input, input_len); + } + +void HKDF::finish_extract() + { + m_prf->set_key(m_extractor->final()); + } + +void HKDF::expand(byte output[], size_t output_len, + const byte info[], size_t info_len) + { + if(output_len > m_prf->output_length() * 255) + throw std::invalid_argument("HKDF requested output too large"); + + byte counter = 1; + + secure_vector T; + + while(output_len) + { + m_prf->update(T); + m_prf->update(info, info_len); + m_prf->update(counter++); + m_prf->final(T); + + const size_t to_write = std::min(T.size(), output_len); + copy_mem(&output[0], &T[0], to_write); + output += to_write; + output_len -= to_write; + } + } + +} diff --git a/src/lib/kdf/hkdf/hkdf.h b/src/lib/kdf/hkdf/hkdf.h new file mode 100644 index 000000000..f1ae61453 --- /dev/null +++ b/src/lib/kdf/hkdf/hkdf.h @@ -0,0 +1,51 @@ +/* +* HKDF +* (C) 2013 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#ifndef BOTAN_HKDF_H__ +#define BOTAN_HKDF_H__ + +#include +#include +#include + +namespace Botan { + +/** +* HKDF, see @rfc 5869 for details +*/ +class BOTAN_DLL HKDF + { + public: + HKDF(MessageAuthenticationCode* extractor, + MessageAuthenticationCode* prf) : + m_extractor(extractor), m_prf(prf) {} + + HKDF(MessageAuthenticationCode* prf) : + m_extractor(prf), m_prf(m_extractor->clone()) {} + + void start_extract(const byte salt[], size_t salt_len); + void extract(const byte input[], size_t input_len); + void finish_extract(); + + /** + * Only call after extract + * @param output_len must be less than 256*hashlen + */ + void expand(byte output[], size_t output_len, + const byte info[], size_t info_len); + + std::string name() const; + + void clear(); + private: + std::unique_ptr m_extractor; + std::unique_ptr m_prf; + }; + +} + +#endif diff --git a/src/lib/kdf/hkdf/info.txt b/src/lib/kdf/hkdf/info.txt new file mode 100644 index 000000000..7389e5bb1 --- /dev/null +++ b/src/lib/kdf/hkdf/info.txt @@ -0,0 +1 @@ +define HKDF 20131128 -- cgit v1.2.3