Botan  1.11.34
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | List of all members
Botan::TLS_PRF Class Referencefinal

#include <prf_tls.h>

Inheritance diagram for Botan::TLS_PRF:
Botan::KDF

Public Member Functions

KDFclone () const override
 
secure_vector< bytederive_key (size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len, const byte label[]=nullptr, size_t label_len=0) const
 
secure_vector< bytederive_key (size_t key_len, const secure_vector< byte > &secret, const std::string &salt="", const std::string &label="") const
 
template<typename Alloc , typename Alloc2 , typename Alloc3 >
secure_vector< bytederive_key (size_t key_len, const std::vector< byte, Alloc > &secret, const std::vector< byte, Alloc2 > &salt, const std::vector< byte, Alloc3 > &label) const
 
secure_vector< bytederive_key (size_t key_len, const secure_vector< byte > &secret, const byte salt[], size_t salt_len, const std::string &label="") const
 
secure_vector< bytederive_key (size_t key_len, const byte secret[], size_t secret_len, const std::string &salt="", const std::string &label="") const
 
size_t kdf (byte key[], size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len, const byte label[], size_t label_len) const override
 
std::string name () const override
 
 TLS_PRF ()
 

Static Public Member Functions

static std::unique_ptr< KDFcreate (const std::string &algo_spec, const std::string &provider="")
 
static std::unique_ptr< KDFcreate_or_throw (const std::string &algo_spec, const std::string &provider="")
 
static std::vector< std::string > providers (const std::string &algo_spec)
 

Detailed Description

PRF used in TLS 1.0/1.1

Definition at line 19 of file prf_tls.h.

Constructor & Destructor Documentation

§ TLS_PRF()

Botan::TLS_PRF::TLS_PRF ( )

Definition at line 13 of file prf_tls.cpp.

References Botan::Buffered_Computation::final(), Botan::CT::min(), Botan::Buffered_Computation::process(), Botan::SymmetricAlgorithm::set_key(), Botan::ASN1::to_string(), Botan::Buffered_Computation::update(), and Botan::xor_buf().

13  :
14  m_hmac_md5(MessageAuthenticationCode::create_or_throw("HMAC(MD5)")),
15  m_hmac_sha1(MessageAuthenticationCode::create_or_throw("HMAC(SHA-1)"))
16  {
17  }
static std::unique_ptr< MessageAuthenticationCode > create_or_throw(const std::string &algo_spec, const std::string &provider="")
Definition: mac.cpp:135

Member Function Documentation

§ clone()

KDF* Botan::TLS_PRF::clone ( ) const
inlineoverridevirtual
Returns
new object representing the same algorithm as *this

Implements Botan::KDF.

Definition at line 24 of file prf_tls.h.

24 { return new TLS_PRF; }

§ create()

std::unique_ptr< KDF > Botan::KDF::create ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name If provider is empty then best available is chosen.

Parameters
algo_specalgorithm name
providerprovider implementation to choose
Returns
a null pointer if the algo/provider combination cannot be found

Definition at line 67 of file kdf.cpp.

References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_count(), Botan::HashFunction::create(), Botan::MessageAuthenticationCode::create(), and hash.

Referenced by Botan::KDF::create_or_throw(), and Botan::get_kdf().

69  {
70  const SCAN_Name req(algo_spec);
71 
72 #if defined(BOTAN_HAS_HKDF)
73  if(req.algo_name() == "HKDF" && req.arg_count() == 1)
74  {
75  if(provider.empty() || provider == "base")
76  {
77  return kdf_create_mac_or_hash<HKDF>(req.arg(0));
78  }
79  }
80 
81  if(req.algo_name() == "HKDF-Extract" && req.arg_count() == 1)
82  {
83  if(provider.empty() || provider == "base")
84  {
85  return kdf_create_mac_or_hash<HKDF_Extract>(req.arg(0));
86  }
87  }
88 
89  if(req.algo_name() == "HKDF-Expand" && req.arg_count() == 1)
90  {
91  if(provider.empty() || provider == "base")
92  {
93  return kdf_create_mac_or_hash<HKDF_Expand>(req.arg(0));
94  }
95  }
96 #endif
97 
98 #if defined(BOTAN_HAS_KDF2)
99  if(req.algo_name() == "KDF2" && req.arg_count() == 1)
100  {
101  if(provider.empty() || provider == "base")
102  {
103  if(auto hash = HashFunction::create(req.arg(0)))
104  return std::unique_ptr<KDF>(new KDF2(hash.release()));
105  }
106  }
107 #endif
108 
109 #if defined(BOTAN_HAS_KDF1_18033)
110  if(req.algo_name() == "KDF1-18033" && req.arg_count() == 1)
111  {
112  if(provider.empty() || provider == "base")
113  {
114  if(auto hash = HashFunction::create(req.arg(0)))
115  return std::unique_ptr<KDF>(new KDF1_18033(hash.release()));
116  }
117  }
118 #endif
119 
120 #if defined(BOTAN_HAS_KDF1)
121  if(req.algo_name() == "KDF1" && req.arg_count() == 1)
122  {
123  if(provider.empty() || provider == "base")
124  {
125  if(auto hash = HashFunction::create(req.arg(0)))
126  return std::unique_ptr<KDF>(new KDF1(hash.release()));
127  }
128  }
129 #endif
130 
131 #if defined(BOTAN_HAS_TLS_V10_PRF)
132  if(req.algo_name() == "TLS-PRF" && req.arg_count() == 0)
133  {
134  if(provider.empty() || provider == "base")
135  {
136  return std::unique_ptr<KDF>(new TLS_PRF);
137  }
138  }
139 #endif
140 
141 #if defined(BOTAN_HAS_TLS_V12_PRF)
142  if(req.algo_name() == "TLS-12-PRF" && req.arg_count() == 1)
143  {
144  if(provider.empty() || provider == "base")
145  {
146  return kdf_create_mac_or_hash<TLS_12_PRF>(req.arg(0));
147  }
148  }
149 #endif
150 
151 #if defined(BOTAN_HAS_X942_PRF)
152  if(req.algo_name() == "X9.42-PRF" && req.arg_count() == 1)
153  {
154  if(provider.empty() || provider == "base")
155  {
156  return std::unique_ptr<KDF>(new X942_PRF(req.arg(0)));
157  }
158  }
159 #endif
160 
161 #if defined(BOTAN_HAS_SP800_108)
162  if(req.algo_name() == "SP800-108-Counter" && req.arg_count() == 1)
163  {
164  if(provider.empty() || provider == "base")
165  {
166  return kdf_create_mac_or_hash<SP800_108_Counter>(req.arg(0));
167  }
168  }
169 
170  if(req.algo_name() == "SP800-108-Feedback" && req.arg_count() == 1)
171  {
172  if(provider.empty() || provider == "base")
173  {
174  return kdf_create_mac_or_hash<SP800_108_Feedback>(req.arg(0));
175  }
176  }
177 
178  if(req.algo_name() == "SP800-108-Pipeline" && req.arg_count() == 1)
179  {
180  if(provider.empty() || provider == "base")
181  {
182  return kdf_create_mac_or_hash<SP800_108_Pipeline>(req.arg(0));
183  }
184  }
185 #endif
186 
187 #if defined(BOTAN_HAS_SP800_56C)
188  if(req.algo_name() == "SP800-56C" && req.arg_count() == 1)
189  {
190  std::unique_ptr<KDF> exp(kdf_create_mac_or_hash<SP800_108_Feedback>(req.arg(0)));
191  if(exp)
192  {
193  if(auto mac = MessageAuthenticationCode::create(req.arg(0)))
194  return std::unique_ptr<KDF>(new SP800_56C(mac.release(), exp.release()));
195 
196  if(auto mac = MessageAuthenticationCode::create("HMAC(" + req.arg(0) + ")"))
197  return std::unique_ptr<KDF>(new SP800_56C(mac.release(), exp.release()));
198  }
199  }
200 #endif
201 
202  return nullptr;
203  }
static std::unique_ptr< MessageAuthenticationCode > create(const std::string &algo_spec, const std::string &provider="")
Definition: mac.cpp:43
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
Definition: hash.cpp:93
MechanismType hash

§ create_or_throw()

std::unique_ptr< KDF > Botan::KDF::create_or_throw ( const std::string &  algo_spec,
const std::string &  provider = "" 
)
staticinherited

Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.

Definition at line 207 of file kdf.cpp.

References Botan::KDF::create().

Referenced by Botan::ECIES_KA_Operation::derive_secret().

209  {
210  if(auto bc = KDF::create(algo, provider))
211  {
212  return bc;
213  }
214  throw Lookup_Error("KDF", algo, provider);
215  }
static std::unique_ptr< KDF > create(const std::string &algo_spec, const std::string &provider="")
Definition: kdf.cpp:67

§ derive_key() [1/5]

secure_vector<byte> Botan::KDF::derive_key ( size_t  key_len,
const byte  secret[],
size_t  secret_len,
const byte  salt[],
size_t  salt_len,
const byte  label[] = nullptr,
size_t  label_len = 0 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
secret_lensize of secret in bytes
salta diversifier
salt_lensize of salt in bytes
labelpurpose for the derived keying material
label_lensize of label in bytes
Returns
the derived key

Definition at line 83 of file kdf.h.

90  {
91  secure_vector<byte> key(key_len);
92  key.resize(kdf(key.data(), key.size(), secret, secret_len, salt, salt_len, label, label_len));
93  return key;
94  }
virtual size_t kdf(byte key[], size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len, const byte label[], size_t label_len) const =0

§ derive_key() [2/5]

secure_vector<byte> Botan::KDF::derive_key ( size_t  key_len,
const secure_vector< byte > &  secret,
const std::string &  salt = "",
const std::string &  label = "" 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
salta diversifier
labelpurpose for the derived keying material
Returns
the derived key

Definition at line 104 of file kdf.h.

108  {
109  return derive_key(key_len, secret.data(), secret.size(),
110  reinterpret_cast<const byte*>(salt.data()),
111  salt.length(),
112  reinterpret_cast<const byte*>(label.data()),
113  label.length());
114 
115  }
secure_vector< byte > derive_key(size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len, const byte label[]=nullptr, size_t label_len=0) const
Definition: kdf.h:83
std::uint8_t byte
Definition: types.h:31

§ derive_key() [3/5]

template<typename Alloc , typename Alloc2 , typename Alloc3 >
secure_vector<byte> Botan::KDF::derive_key ( size_t  key_len,
const std::vector< byte, Alloc > &  secret,
const std::vector< byte, Alloc2 > &  salt,
const std::vector< byte, Alloc3 > &  label 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
salta diversifier
labelpurpose for the derived keying material
Returns
the derived key

Definition at line 126 of file kdf.h.

130  {
131  return derive_key(key_len,
132  secret.data(), secret.size(),
133  salt.data(), salt.size(),
134  label.data(), label.size());
135  }
secure_vector< byte > derive_key(size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len, const byte label[]=nullptr, size_t label_len=0) const
Definition: kdf.h:83

§ derive_key() [4/5]

secure_vector<byte> Botan::KDF::derive_key ( size_t  key_len,
const secure_vector< byte > &  secret,
const byte  salt[],
size_t  salt_len,
const std::string &  label = "" 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
salta diversifier
salt_lensize of salt in bytes
labelpurpose for the derived keying material
Returns
the derived key

Definition at line 146 of file kdf.h.

151  {
152  return derive_key(key_len,
153  secret.data(), secret.size(),
154  salt, salt_len,
155  reinterpret_cast<const byte*>(label.data()),
156  label.size());
157  }
secure_vector< byte > derive_key(size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len, const byte label[]=nullptr, size_t label_len=0) const
Definition: kdf.h:83
std::uint8_t byte
Definition: types.h:31

§ derive_key() [5/5]

secure_vector<byte> Botan::KDF::derive_key ( size_t  key_len,
const byte  secret[],
size_t  secret_len,
const std::string &  salt = "",
const std::string &  label = "" 
) const
inlineinherited

Derive a key

Parameters
key_lenthe desired output length in bytes
secretthe secret input
secret_lensize of secret in bytes
salta diversifier
labelpurpose for the derived keying material
Returns
the derived key

Definition at line 168 of file kdf.h.

References Botan::get_kdf().

173  {
174  return derive_key(key_len, secret, secret_len,
175  reinterpret_cast<const byte*>(salt.data()),
176  salt.length(),
177  reinterpret_cast<const byte*>(label.data()),
178  label.length());
179  }
secure_vector< byte > derive_key(size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len, const byte label[]=nullptr, size_t label_len=0) const
Definition: kdf.h:83
std::uint8_t byte
Definition: types.h:31

§ kdf()

size_t Botan::TLS_PRF::kdf ( byte  key[],
size_t  key_len,
const byte  secret[],
size_t  secret_len,
const byte  salt[],
size_t  salt_len,
const byte  label[],
size_t  label_len 
) const
overridevirtual

Derive a key

Parameters
keybuffer holding the derived key, must be of length key_len
key_lenthe desired output length in bytes
secretthe secret input
secret_lensize of secret in bytes
salta diversifier
salt_lensize of salt in bytes
labelpurpose for the derived keying material
label_lensize of label in bytes
Returns
the derived key

Implements Botan::KDF.

Definition at line 61 of file prf_tls.cpp.

65  {
66  const size_t S1_len = (secret_len + 1) / 2,
67  S2_len = (secret_len + 1) / 2;
68  const byte* S1 = secret;
69  const byte* S2 = secret + (secret_len - S2_len);
70  secure_vector<byte> msg;
71 
72  msg.reserve(label_len + salt_len);
73  msg += std::make_pair(label, label_len);
74  msg += std::make_pair(salt, salt_len);
75 
76  P_hash(key, key_len, *m_hmac_md5, S1, S1_len, msg.data(), msg.size());
77  P_hash(key, key_len, *m_hmac_sha1, S2, S2_len, msg.data(), msg.size());
78  return key_len;
79  }
std::uint8_t byte
Definition: types.h:31

§ name()

std::string Botan::TLS_PRF::name ( ) const
inlineoverridevirtual
Returns
KDF name

Implements Botan::KDF.

Definition at line 22 of file prf_tls.h.

22 { return "TLS-PRF"; }

§ providers()

std::vector< std::string > Botan::KDF::providers ( const std::string &  algo_spec)
staticinherited
Returns
list of available providers for this algorithm, empty if not available

Definition at line 217 of file kdf.cpp.

218  {
219  return probe_providers_of<KDF>(algo_spec, { "base" });
220  }

The documentation for this class was generated from the following files: