#include <kdf.h>

Inheritance diagram for Botan::KDF:

Public Member Functions
virtual KDF *	clone () const =0

secure_vector< uint8_t >	derive_key (size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[]=nullptr, size_t label_len=0) const

secure_vector< uint8_t >	derive_key (size_t key_len, const secure_vector< uint8_t > &secret, const std::string &salt="", const std::string &label="") const

template<typename Alloc , typename Alloc2 , typename Alloc3 >
secure_vector< uint8_t >	derive_key (size_t key_len, const std::vector< uint8_t, Alloc > &secret, const std::vector< uint8_t, Alloc2 > &salt, const std::vector< uint8_t, Alloc3 > &label) const

secure_vector< uint8_t >	derive_key (size_t key_len, const secure_vector< uint8_t > &secret, const uint8_t salt[], size_t salt_len, const std::string &label="") const

secure_vector< uint8_t >	derive_key (size_t key_len, const uint8_t secret[], size_t secret_len, const std::string &salt="", const std::string &label="") const

virtual size_t	kdf (uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const =0

virtual std::string	name () const =0

virtual	~KDF ()=default

Static Public Member Functions
static std::unique_ptr< KDF >	create (const std::string &algo_spec, const std::string &provider="")

static std::unique_ptr< KDF >	create_or_throw (const std::string &algo_spec, const std::string &provider="")

static std::vector< std::string >	providers (const std::string &algo_spec)

Detailed Description

Key Derivation Function

Definition at line 20 of file kdf.h.

Constructor & Destructor Documentation

◆ ~KDF()

virtual Botan::KDF::~KDF ( )

virtualdefault

Member Function Documentation

◆ clone()

virtual KDF* Botan::KDF::clone ( ) const

pure virtual

Returns: new object representing the same algorithm as *this

Implemented in Botan::SP800_108_Pipeline, Botan::HKDF_Expand, Botan::SP800_56A_HMAC, Botan::SP800_108_Feedback, Botan::HKDF_Extract, Botan::TLS_12_PRF, Botan::HKDF, Botan::SP800_56A_Hash, Botan::KDF1, Botan::KDF1_18033, Botan::KDF2, Botan::TLS_PRF, Botan::SP800_108_Counter, Botan::SP800_56C, and Botan::X942_PRF.

◆ create()

std::unique_ptr< KDF > Botan::KDF::create	(	const std::string &	algo_spec,
		const std::string &	provider = `""`
	)

static

Create an instance based on a name If provider is empty then best available is chosen.

Parameters

algo_spec	algorithm name
provider	provider implementation to choose

Returns: a null pointer if the algo/provider combination cannot be found

Definition at line 69 of file kdf.cpp.

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::HashFunction::create(), Botan::MessageAuthenticationCode::create(), and hash.

Referenced by create_or_throw(), and Botan::get_kdf().

    {
    const SCAN_Name req(algo_spec);
 
 #if defined(BOTAN_HAS_HKDF)
    if(req.algo_name() == "HKDF" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          return kdf_create_mac_or_hash<HKDF>(req.arg(0));
          }
       }
 
    if(req.algo_name() == "HKDF-Extract" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          return kdf_create_mac_or_hash<HKDF_Extract>(req.arg(0));
          }
       }
 
    if(req.algo_name() == "HKDF-Expand" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          return kdf_create_mac_or_hash<HKDF_Expand>(req.arg(0));
          }
       }
 #endif
 
 #if defined(BOTAN_HAS_KDF2)
    if(req.algo_name() == "KDF2" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          if(auto hash = HashFunction::create(req.arg(0)))
             return std::unique_ptr<KDF>(new KDF2(hash.release()));
          }
       }
 #endif
 
 #if defined(BOTAN_HAS_KDF1_18033)
    if(req.algo_name() == "KDF1-18033" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          if(auto hash = HashFunction::create(req.arg(0)))
             return std::unique_ptr<KDF>(new KDF1_18033(hash.release()));
          }
       }
 #endif
 
 #if defined(BOTAN_HAS_KDF1)
    if(req.algo_name() == "KDF1" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          if(auto hash = HashFunction::create(req.arg(0)))
             return std::unique_ptr<KDF>(new KDF1(hash.release()));
          }
       }
 #endif
 
 #if defined(BOTAN_HAS_TLS_V10_PRF)
    if(req.algo_name() == "TLS-PRF" && req.arg_count() == 0)
       {
       if(provider.empty() || provider == "base")
          {
          return std::unique_ptr<KDF>(new TLS_PRF);
          }
       }
 #endif
 
 #if defined(BOTAN_HAS_TLS_V12_PRF)
    if(req.algo_name() == "TLS-12-PRF" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          return kdf_create_mac_or_hash<TLS_12_PRF>(req.arg(0));
          }
       }
 #endif
 
 #if defined(BOTAN_HAS_X942_PRF)
    if(req.algo_name() == "X9.42-PRF" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          return std::unique_ptr<KDF>(new X942_PRF(req.arg(0)));
          }
       }
 #endif
 
 #if defined(BOTAN_HAS_SP800_108)
    if(req.algo_name() == "SP800-108-Counter" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          return kdf_create_mac_or_hash<SP800_108_Counter>(req.arg(0));
          }
       }
 
    if(req.algo_name() == "SP800-108-Feedback" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          return kdf_create_mac_or_hash<SP800_108_Feedback>(req.arg(0));
          }
       }
 
    if(req.algo_name() == "SP800-108-Pipeline" && req.arg_count() == 1)
       {
       if(provider.empty() || provider == "base")
          {
          return kdf_create_mac_or_hash<SP800_108_Pipeline>(req.arg(0));
          }
       }
 #endif
 
 #if defined(BOTAN_HAS_SP800_56A)
    if(req.algo_name() == "SP800-56A" && req.arg_count() == 1)
       {
       if(auto hash = HashFunction::create(req.arg(0)))
          return std::unique_ptr<KDF>(new SP800_56A_Hash(hash.release()));
       if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
          return std::unique_ptr<KDF>(new SP800_56A_HMAC(mac.release()));
       }
 #endif
 
 #if defined(BOTAN_HAS_SP800_56C)
    if(req.algo_name() == "SP800-56C" && req.arg_count() == 1)
       {
       std::unique_ptr<KDF> exp(kdf_create_mac_or_hash<SP800_108_Feedback>(req.arg(0)));
       if(exp)
          {
          if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
             return std::unique_ptr<KDF>(new SP800_56C(mac.release(), exp.release()));
 
          if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")"))
             return std::unique_ptr<KDF>(new SP800_56C(mac.release(), exp.release()));
          }
       }
 #endif
 
    BOTAN_UNUSED(req);
    BOTAN_UNUSED(provider);
 
    return nullptr;
    }

◆ create_or_throw()

std::unique_ptr< KDF > Botan::KDF::create_or_throw	(	const std::string &	algo_spec,
		const std::string &	provider = `""`
	)

static

Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.

Definition at line 222 of file kdf.cpp.

References create(), and kdf().

Referenced by Botan::ECIES_KA_Operation::derive_secret().

    {
    if(auto kdf = KDF::create(algo, provider))
       {
       return kdf;
       }
    throw Lookup_Error("KDF", algo, provider);
    }

◆ derive_key() [1/5]

secure_vector<uint8_t> Botan::KDF::derive_key	(	size_t	key_len,
		const uint8_t	secret[],
		size_t	secret_len,
		const uint8_t	salt[],
		size_t	salt_len,
		const uint8_t	label[] = `nullptr`,
		size_t	label_len = `0`
	)		const

inline

Derive a key

Parameters

key_len	the desired output length in bytes
secret	the secret input
secret_len	size of secret in bytes
salt	a diversifier
salt_len	size of salt in bytes
label	purpose for the derived keying material
label_len	size of label in bytes

Returns: the derived key

Definition at line 83 of file kdf.h.

References salt_len.

          {
          secure_vector<uint8_t> key(key_len);
          key.resize(kdf(key.data(), key.size(), secret, secret_len, salt, salt_len, label, label_len));
          return key;
          }

◆ derive_key() [2/5]

secure_vector<uint8_t> Botan::KDF::derive_key	(	size_t	key_len,
		const secure_vector< uint8_t > &	secret,
		const std::string &	salt = `""`,
		const std::string &	label = `""`
	)		const

inline

Derive a key

Parameters

key_len	the desired output length in bytes
secret	the secret input
salt	a diversifier
label	purpose for the derived keying material

Returns: the derived key

Definition at line 104 of file kdf.h.

References Botan::cast_char_ptr_to_uint8().

          {
          return derive_key(key_len, secret.data(), secret.size(),
                            cast_char_ptr_to_uint8(salt.data()),
                            salt.length(),
                            cast_char_ptr_to_uint8(label.data()),
                            label.length());
 
          }

◆ derive_key() [3/5]

template<typename Alloc , typename Alloc2 , typename Alloc3 >

secure_vector<uint8_t> Botan::KDF::derive_key	(	size_t	key_len,
		const std::vector< uint8_t, Alloc > &	secret,
		const std::vector< uint8_t, Alloc2 > &	salt,
		const std::vector< uint8_t, Alloc3 > &	label
	)		const

inline

Derive a key

Parameters

key_len	the desired output length in bytes
secret	the secret input
salt	a diversifier
label	purpose for the derived keying material

Returns: the derived key

Definition at line 126 of file kdf.h.

          {
          return derive_key(key_len,
                            secret.data(), secret.size(),
                            salt.data(), salt.size(),
                            label.data(), label.size());
          }

◆ derive_key() [4/5]

secure_vector<uint8_t> Botan::KDF::derive_key	(	size_t	key_len,
		const secure_vector< uint8_t > &	secret,
		const uint8_t	salt[],
		size_t	salt_len,
		const std::string &	label = `""`
	)		const

inline

Derive a key

Parameters

key_len	the desired output length in bytes
secret	the secret input
salt	a diversifier
salt_len	size of salt in bytes
label	purpose for the derived keying material

Returns: the derived key

Definition at line 146 of file kdf.h.

References Botan::cast_char_ptr_to_uint8(), and salt_len.

          {
          return derive_key(key_len,
                            secret.data(), secret.size(),
                            salt, salt_len,
                            cast_char_ptr_to_uint8(label.data()),
                            label.size());
          }

◆ derive_key() [5/5]

secure_vector<uint8_t> Botan::KDF::derive_key	(	size_t	key_len,
		const uint8_t	secret[],
		size_t	secret_len,
		const std::string &	salt = `""`,
		const std::string &	label = `""`
	)		const

inline

Derive a key

Parameters

key_len	the desired output length in bytes
secret	the secret input
secret_len	size of secret in bytes
salt	a diversifier
label	purpose for the derived keying material

Returns: the derived key

Definition at line 168 of file kdf.h.

References Botan::cast_char_ptr_to_uint8().

          {
          return derive_key(key_len, secret, secret_len,
                            cast_char_ptr_to_uint8(salt.data()),
                            salt.length(),
                            cast_char_ptr_to_uint8(label.data()),
                            label.length());
          }

◆ kdf()

virtual size_t Botan::KDF::kdf	(	uint8_t	key[],
		size_t	key_len,
		const uint8_t	secret[],
		size_t	secret_len,
		const uint8_t	salt[],
		size_t	salt_len,
		const uint8_t	label[],
		size_t	label_len
	)		const

pure virtual

Derive a key

Parameters

key	buffer holding the derived key, must be of length key_len
key_len	the desired output length in bytes
secret	the secret input
secret_len	size of secret in bytes
salt	a diversifier
salt_len	size of salt in bytes
label	purpose for the derived keying material
label_len	size of label in bytes

Returns: the derived key

Implemented in Botan::SP800_108_Pipeline, Botan::SP800_56A_HMAC, Botan::SP800_108_Feedback, Botan::HKDF_Expand, Botan::HKDF_Extract, Botan::TLS_12_PRF, Botan::SP800_56A_Hash, Botan::SP800_108_Counter, Botan::SP800_56C, Botan::HKDF, Botan::KDF1, Botan::KDF1_18033, Botan::KDF2, Botan::TLS_PRF, and Botan::X942_PRF.

Referenced by create_or_throw().

◆ name()

virtual std::string Botan::KDF::name ( ) const

pure virtual

Returns: KDF name

Implemented in Botan::SP800_108_Pipeline, Botan::HKDF_Expand, Botan::SP800_56A_HMAC, Botan::SP800_108_Feedback, Botan::HKDF_Extract, Botan::TLS_12_PRF, Botan::HKDF, Botan::SP800_56A_Hash, Botan::KDF1, Botan::KDF1_18033, Botan::KDF2, Botan::TLS_PRF, Botan::SP800_108_Counter, Botan::SP800_56C, and Botan::X942_PRF.

◆ providers()

std::vector< std::string > Botan::KDF::providers ( const std::string & algo_spec )

static

Returns: list of available providers for this algorithm, empty if not available

Definition at line 232 of file kdf.cpp.

    {
    return probe_providers_of<KDF>(algo_spec, { "base" });
    }

The documentation for this class was generated from the following files:

src/lib/kdf/kdf.h
src/lib/kdf/kdf.cpp

Public Member Functions

Static Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ ~KDF()

Member Function Documentation

◆ clone()

◆ create()

◆ create_or_throw()

◆ derive_key() [1/5]

◆ derive_key() [2/5]

◆ derive_key() [3/5]

◆ derive_key() [4/5]

◆ derive_key() [5/5]

◆ kdf()

◆ name()

◆ providers()