Botan 2.19.1
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::SP800_56A_HMAC Class Referencefinal

#include <sp800_56a.h>

Inheritance diagram for Botan::SP800_56A_HMAC:
Botan::KDF

Public Member Functions

KDFclone () const override
 
secure_vector< uint8_t > derive_key (size_t key_len, const secure_vector< uint8_t > &secret, const std::string &salt="", const std::string &label="") const
 
secure_vector< uint8_t > derive_key (size_t key_len, const secure_vector< uint8_t > &secret, const uint8_t salt[], size_t salt_len, const std::string &label="") const
 
template<typename Alloc , typename Alloc2 , typename Alloc3 >
secure_vector< uint8_t > derive_key (size_t key_len, const std::vector< uint8_t, Alloc > &secret, const std::vector< uint8_t, Alloc2 > &salt, const std::vector< uint8_t, Alloc3 > &label) const
 
secure_vector< uint8_t > derive_key (size_t key_len, const uint8_t secret[], size_t secret_len, const std::string &salt="", const std::string &label="") const
 
secure_vector< uint8_t > derive_key (size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[]=nullptr, size_t label_len=0) const
 
size_t kdf (uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
 
std::string name () const override
 
 SP800_56A_HMAC (MessageAuthenticationCode *mac)
 

Static Public Member Functions

static std::unique_ptr< KDFcreate (const std::string &algo_spec, const std::string &provider="")
 
static std::unique_ptr< KDFcreate_or_throw (const std::string &algo_spec, const std::string &provider="")
 
static std::vector< std::string > providers (const std::string &algo_spec)
 

Detailed Description

NIST SP 800-56A KDF using HMAC

Definition at line 64 of file sp800_56a.h.

Constructor & Destructor Documentation

◆ SP800_56A_HMAC()

Botan::SP800_56A_HMAC::SP800_56A_HMAC ( MessageAuthenticationCode mac)
explicit
Parameters
macthe HMAC to use as the auxiliary function

Definition at line 70 of file sp800_56a.cpp.

70 : m_mac(mac)
71 {
72 // TODO: we need a MessageAuthenticationCode::is_hmac
73 const SCAN_Name req(m_mac->name());
74 if(req.algo_name() != "HMAC")
75 {
76 throw Algorithm_Not_Found("Only HMAC can be used with KDF SP800-56A");
77 }
78 }

References Botan::SCAN_Name::algo_name().

Member Function Documentation

◆ clone()

KDF * Botan::SP800_56A_HMAC::clone ( ) const
inlineoverridevirtual
Returns
new object representing the same algorithm as *this

Implements Botan::KDF.

Definition at line 69 of file sp800_56a.h.

69{ return new SP800_56A_HMAC(m_mac->clone()); }
SP800_56A_HMAC(MessageAuthenticationCode *mac)
Definition: sp800_56a.cpp:70

◆ create()

std::unique_ptr< KDF > Botan::KDF::create ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to choose
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 69 of file kdf.cpp.

71 {
72 const SCAN_Name req(algo_spec);
73
74#if defined(BOTAN_HAS_HKDF)
75 if(req.algo_name() == "HKDF" && req.arg_count() == 1)
76 {
77 if(provider.empty() || provider == "base")
78 {
79 return kdf_create_mac_or_hash<HKDF>(req.arg(0));
80 }
81 }
82
83 if(req.algo_name() == "HKDF-Extract" && req.arg_count() == 1)
84 {
85 if(provider.empty() || provider == "base")
86 {
87 return kdf_create_mac_or_hash<HKDF_Extract>(req.arg(0));
88 }
89 }
90
91 if(req.algo_name() == "HKDF-Expand" && req.arg_count() == 1)
92 {
93 if(provider.empty() || provider == "base")
94 {
95 return kdf_create_mac_or_hash<HKDF_Expand>(req.arg(0));
96 }
97 }
98#endif
99
100#if defined(BOTAN_HAS_KDF2)
101 if(req.algo_name() == "KDF2" && req.arg_count() == 1)
102 {
103 if(provider.empty() || provider == "base")
104 {
105 if(auto hash = HashFunction::create(req.arg(0)))
106 return std::unique_ptr<KDF>(new KDF2(hash.release()));
107 }
108 }
109#endif
110
111#if defined(BOTAN_HAS_KDF1_18033)
112 if(req.algo_name() == "KDF1-18033" && req.arg_count() == 1)
113 {
114 if(provider.empty() || provider == "base")
115 {
116 if(auto hash = HashFunction::create(req.arg(0)))
117 return std::unique_ptr<KDF>(new KDF1_18033(hash.release()));
118 }
119 }
120#endif
121
122#if defined(BOTAN_HAS_KDF1)
123 if(req.algo_name() == "KDF1" && req.arg_count() == 1)
124 {
125 if(provider.empty() || provider == "base")
126 {
127 if(auto hash = HashFunction::create(req.arg(0)))
128 return std::unique_ptr<KDF>(new KDF1(hash.release()));
129 }
130 }
131#endif
132
133#if defined(BOTAN_HAS_TLS_V10_PRF)
134 if(req.algo_name() == "TLS-PRF" && req.arg_count() == 0)
135 {
136 if(provider.empty() || provider == "base")
137 {
138 auto hmac_md5 = MessageAuthenticationCode::create("HMAC(MD5)");
139 auto hmac_sha1 = MessageAuthenticationCode::create("HMAC(SHA-1)");
140
141 if(hmac_md5 && hmac_sha1)
142 return std::unique_ptr<KDF>(new TLS_PRF(std::move(hmac_md5), std::move(hmac_sha1)));
143 }
144 }
145#endif
146
147#if defined(BOTAN_HAS_TLS_V12_PRF)
148 if(req.algo_name() == "TLS-12-PRF" && req.arg_count() == 1)
149 {
150 if(provider.empty() || provider == "base")
151 {
152 return kdf_create_mac_or_hash<TLS_12_PRF>(req.arg(0));
153 }
154 }
155#endif
156
157#if defined(BOTAN_HAS_X942_PRF)
158 if(req.algo_name() == "X9.42-PRF" && req.arg_count() == 1)
159 {
160 if(provider.empty() || provider == "base")
161 {
162 return std::unique_ptr<KDF>(new X942_PRF(req.arg(0)));
163 }
164 }
165#endif
166
167#if defined(BOTAN_HAS_SP800_108)
168 if(req.algo_name() == "SP800-108-Counter" && req.arg_count() == 1)
169 {
170 if(provider.empty() || provider == "base")
171 {
172 return kdf_create_mac_or_hash<SP800_108_Counter>(req.arg(0));
173 }
174 }
175
176 if(req.algo_name() == "SP800-108-Feedback" && req.arg_count() == 1)
177 {
178 if(provider.empty() || provider == "base")
179 {
180 return kdf_create_mac_or_hash<SP800_108_Feedback>(req.arg(0));
181 }
182 }
183
184 if(req.algo_name() == "SP800-108-Pipeline" && req.arg_count() == 1)
185 {
186 if(provider.empty() || provider == "base")
187 {
188 return kdf_create_mac_or_hash<SP800_108_Pipeline>(req.arg(0));
189 }
190 }
191#endif
192
193#if defined(BOTAN_HAS_SP800_56A)
194 if(req.algo_name() == "SP800-56A" && req.arg_count() == 1)
195 {
196 if(auto hash = HashFunction::create(req.arg(0)))
197 return std::unique_ptr<KDF>(new SP800_56A_Hash(hash.release()));
198 if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
199 return std::unique_ptr<KDF>(new SP800_56A_HMAC(mac.release()));
200 }
201#endif
202
203#if defined(BOTAN_HAS_SP800_56C)
204 if(req.algo_name() == "SP800-56C" && req.arg_count() == 1)
205 {
206 std::unique_ptr<KDF> exp(kdf_create_mac_or_hash<SP800_108_Feedback>(req.arg(0)));
207 if(exp)
208 {
209 if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
210 return std::unique_ptr<KDF>(new SP800_56C(mac.release(), exp.release()));
211
212 if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")"))
213 return std::unique_ptr<KDF>(new SP800_56C(mac.release(), exp.release()));
214 }
215 }
216#endif
217
218 BOTAN_UNUSED(req);
219 BOTAN_UNUSED(provider);
220
221 return nullptr;
222 }
#define BOTAN_UNUSED(...)
Definition: assert.h:142
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
Definition: hash.cpp:106
static std::unique_ptr< MessageAuthenticationCode > create(const std::string &algo_spec, const std::string &provider="")
Definition: mac.cpp:46
MechanismType hash

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), BOTAN_UNUSED, Botan::HashFunction::create(), Botan::MessageAuthenticationCode::create(), and hash.

Referenced by Botan::KDF::create_or_throw(), and Botan::get_kdf().

◆ create_or_throw()

std::unique_ptr< KDF > Botan::KDF::create_or_throw ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.

Definition at line 226 of file kdf.cpp.

228 {
229 if(auto kdf = KDF::create(algo, provider))
230 {
231 return kdf;
232 }
233 throw Lookup_Error("KDF", algo, provider);
234 }
virtual size_t kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const =0
static std::unique_ptr< KDF > create(const std::string &algo_spec, const std::string &provider="")
Definition: kdf.cpp:69

References Botan::KDF::create(), and Botan::KDF::kdf().

Referenced by Botan::ECIES_KA_Operation::derive_secret().

◆ derive_key() [1/5]

secure_vector< uint8_t > Botan::KDF::derive_key ( size_t  key_len,
const secure_vector< uint8_t > &  secret,
const std::string &  salt = "",
const std::string &  label = "" 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
salta diversifier
labelpurpose for the derived keying material
Returns
the derived key

Definition at line 104 of file kdf.h.

108 {
109 return derive_key(key_len, secret.data(), secret.size(),
110 cast_char_ptr_to_uint8(salt.data()),
111 salt.length(),
112 cast_char_ptr_to_uint8(label.data()),
113 label.length());
114
115 }
secure_vector< uint8_t > derive_key(size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[]=nullptr, size_t label_len=0) const
Definition: kdf.h:83
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition: mem_ops.h:190

References Botan::cast_char_ptr_to_uint8().

◆ derive_key() [2/5]

secure_vector< uint8_t > Botan::KDF::derive_key ( size_t  key_len,
const secure_vector< uint8_t > &  secret,
const uint8_t  salt[],
size_t  salt_len,
const std::string &  label = "" 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
salta diversifier
salt_lensize of salt in bytes
labelpurpose for the derived keying material
Returns
the derived key

Definition at line 146 of file kdf.h.

151 {
152 return derive_key(key_len,
153 secret.data(), secret.size(),
154 salt, salt_len,
155 cast_char_ptr_to_uint8(label.data()),
156 label.size());
157 }
size_t salt_len
Definition: x509_obj.cpp:25

References Botan::cast_char_ptr_to_uint8(), and salt_len.

◆ derive_key() [3/5]

template<typename Alloc , typename Alloc2 , typename Alloc3 >
secure_vector< uint8_t > Botan::KDF::derive_key ( size_t  key_len,
const std::vector< uint8_t, Alloc > &  secret,
const std::vector< uint8_t, Alloc2 > &  salt,
const std::vector< uint8_t, Alloc3 > &  label 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
salta diversifier
labelpurpose for the derived keying material
Returns
the derived key

Definition at line 126 of file kdf.h.

130 {
131 return derive_key(key_len,
132 secret.data(), secret.size(),
133 salt.data(), salt.size(),
134 label.data(), label.size());
135 }

◆ derive_key() [4/5]

secure_vector< uint8_t > Botan::KDF::derive_key ( size_t  key_len,
const uint8_t  secret[],
size_t  secret_len,
const std::string &  salt = "",
const std::string &  label = "" 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
secret_lensize of secret in bytes
salta diversifier
labelpurpose for the derived keying material
Returns
the derived key

Definition at line 168 of file kdf.h.

173 {
174 return derive_key(key_len, secret, secret_len,
175 cast_char_ptr_to_uint8(salt.data()),
176 salt.length(),
177 cast_char_ptr_to_uint8(label.data()),
178 label.length());
179 }

References Botan::cast_char_ptr_to_uint8().

◆ derive_key() [5/5]

secure_vector< uint8_t > Botan::KDF::derive_key ( size_t  key_len,
const uint8_t  secret[],
size_t  secret_len,
const uint8_t  salt[],
size_t  salt_len,
const uint8_t  label[] = nullptr,
size_t  label_len = 0 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
secret_lensize of secret in bytes
salta diversifier
salt_lensize of salt in bytes
labelpurpose for the derived keying material
label_lensize of label in bytes
Returns
the derived key

Definition at line 83 of file kdf.h.

90 {
91 secure_vector<uint8_t> key(key_len);
92 key.resize(kdf(key.data(), key.size(), secret, secret_len, salt, salt_len, label, label_len));
93 return key;
94 }

References salt_len.

◆ kdf()

size_t Botan::SP800_56A_HMAC::kdf ( uint8_t  key[],
size_t  key_len,
const uint8_t  secret[],
size_t  secret_len,
const uint8_t  salt[],
size_t  salt_len,
const uint8_t  label[],
size_t  label_len 
) const
overridevirtual

Derive a key using the SP800-56A KDF.

The implementation hard codes the context value for the expansion step to the empty string.

Parameters
keyderived keying material K_M
key_lenthe desired output length in bytes
secretshared secret Z
secret_lensize of Z in bytes
saltignored
salt_lenignored
labellabel for the expansion step
label_lensize of label in bytes
Exceptions
Invalid_Argumentkey_len > 2^32 or MAC is not a HMAC

Implements Botan::KDF.

Definition at line 80 of file sp800_56a.cpp.

84 {
85 /*
86 * SP 800-56A specifies if the salt is empty then a block of zeros
87 * equal to the hash's underlying block size are used. However this
88 * is equivalent to setting a zero-length key, so the same call
89 * works for either case.
90 */
91 m_mac->set_key(salt, salt_len);
92
93 return SP800_56A_kdf(*m_mac, key, key_len, secret, secret_len, label, label_len);
94 }

References salt_len.

◆ name()

std::string Botan::SP800_56A_HMAC::name ( ) const
inlineoverridevirtual
Returns
KDF name

Implements Botan::KDF.

Definition at line 67 of file sp800_56a.h.

67{ return "SP800-56A(" + m_mac->name() + ")"; }

◆ providers()

std::vector< std::string > Botan::KDF::providers ( const std::string &  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available

Definition at line 236 of file kdf.cpp.

237 {
238 return probe_providers_of<KDF>(algo_spec, { "base" });
239 }

The documentation for this class was generated from the following files: