blob: 5c5acb0752f1e7d44a91cf8378659288414ee5bf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
/*
* KDF defined in NIST SP 800-56c
* (C) 2016 Kai Michaelis
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#ifndef BOTAN_SP800_56C_H__
#define BOTAN_SP800_56C_H__
#include <botan/kdf.h>
#include <botan/mac.h>
namespace Botan {
/**
* NIST SP 800-56C KDF
*/
class BOTAN_DLL SP800_56C : public KDF
{
public:
std::string name() const override { return "SP800-56C(" + m_prf->name() + ")"; }
KDF* clone() const override { return new SP800_56C(m_prf->clone(), m_exp->clone()); }
/**
* Derive a key using the SP800-56C KDF.
*
* The implementation hard codes the context value for the
* expansion step to the empty string.
*
* @param key derived keying material K_M
* @param key_len the desired output length in bytes
* @param secret shared secret Z
* @param secret_len size of Z in bytes
* @param salt salt s of the extraction step
* @param salt_len size of s in bytes
* @param label label for the expansion step
* @param label_len size of label in bytes
*
* @throws Invalid_Argument key_len > 2^32
*/
size_t kdf(byte key[], size_t key_len,
const byte secret[], size_t secret_len,
const byte salt[], size_t salt_len,
const byte label[], size_t label_len) const override;
/**
* @param mac MAC algorithm used for randomness extraction
* @param exp KDF used for key expansion
*/
SP800_56C(MessageAuthenticationCode* mac, KDF* exp) : m_prf(mac), m_exp(exp) {}
private:
std::unique_ptr<MessageAuthenticationCode> m_prf;
std::unique_ptr<KDF> m_exp;
};
}
#endif
|