/* * Key Derivation Function interfaces * (C) 1999-2007 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ #ifndef BOTAN_KDF_BASE_H_ #define BOTAN_KDF_BASE_H_ #include #include #include namespace Botan { /** * Key Derivation Function */ class BOTAN_PUBLIC_API(2,0) KDF { public: virtual ~KDF() = default; /** * Create an instance based on a name * If provider is empty then best available is chosen. * @param algo_spec algorithm name * @param provider provider implementation to choose * @return a null pointer if the algo/provider combination cannot be found */ static std::unique_ptr create(const std::string& algo_spec, const std::string& provider = ""); /** * Create an instance based on a name, or throw if the * algo/provider combination cannot be found. If provider is * empty then best available is chosen. */ static std::unique_ptr create_or_throw(const std::string& algo_spec, const std::string& provider = ""); /** * @return list of available providers for this algorithm, empty if not available */ static std::vector providers(const std::string& algo_spec); /** * @return KDF name */ virtual std::string name() const = 0; /** * Derive a key * @param key buffer holding the derived key, must be of length key_len * @param key_len the desired output length in bytes * @param secret the secret input * @param secret_len size of secret in bytes * @param salt a diversifier * @param salt_len size of salt in bytes * @param label purpose for the derived keying material * @param label_len size of label in bytes */ virtual void kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const = 0; /** * Derive a key * @param key_len the desired output length in bytes * @param secret the secret input * @param secret_len size of secret in bytes * @param salt a diversifier * @param salt_len size of salt in bytes * @param label purpose for the derived keying material * @param label_len size of label in bytes * @return the derived key */ secure_vector derive_key(size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[] = nullptr, size_t label_len = 0) const { secure_vector key(key_len); kdf(key.data(), key.size(), secret, secret_len, salt, salt_len, label, label_len); return key; } /** * Derive a key * @param key_len the desired output length in bytes * @param secret the secret input * @param salt a diversifier * @param label purpose for the derived keying material * @return the derived key */ secure_vector derive_key(size_t key_len, const secure_vector& secret, const std::string& salt = "", const std::string& label = "") const { return derive_key(key_len, secret.data(), secret.size(), cast_char_ptr_to_uint8(salt.data()), salt.length(), cast_char_ptr_to_uint8(label.data()), label.length()); } /** * Derive a key * @param key_len the desired output length in bytes * @param secret the secret input * @param salt a diversifier * @param label purpose for the derived keying material * @return the derived key */ template secure_vector derive_key(size_t key_len, const std::vector& secret, const std::vector& salt, const std::vector& label) const { return derive_key(key_len, secret.data(), secret.size(), salt.data(), salt.size(), label.data(), label.size()); } /** * Derive a key * @param key_len the desired output length in bytes * @param secret the secret input * @param salt a diversifier * @param salt_len size of salt in bytes * @param label purpose for the derived keying material * @return the derived key */ secure_vector derive_key(size_t key_len, const secure_vector& secret, const uint8_t salt[], size_t salt_len, const std::string& label = "") const { return derive_key(key_len, secret.data(), secret.size(), salt, salt_len, cast_char_ptr_to_uint8(label.data()), label.size()); } /** * Derive a key * @param key_len the desired output length in bytes * @param secret the secret input * @param secret_len size of secret in bytes * @param salt a diversifier * @param label purpose for the derived keying material * @return the derived key */ secure_vector derive_key(size_t key_len, const uint8_t secret[], size_t secret_len, const std::string& salt = "", const std::string& label = "") const { return derive_key(key_len, secret, secret_len, cast_char_ptr_to_uint8(salt.data()), salt.length(), cast_char_ptr_to_uint8(label.data()), label.length()); } /** * @return new object representing the same algorithm as *this */ virtual std::unique_ptr new_object() const = 0; /** * @return new object representing the same algorithm as *this */ KDF* clone() const { return this->new_object().release(); } }; /** * Factory method for KDF (key derivation function) * @param algo_spec the name of the KDF to create * @return pointer to newly allocated object of that type * * Prefer KDF::create */ inline KDF* get_kdf(const std::string& algo_spec) { auto kdf = KDF::create(algo_spec); if(kdf) return kdf.release(); if(algo_spec == "Raw") return nullptr; throw Algorithm_Not_Found(algo_spec); } } #endif