9#include <botan/internal/kdf1_iso18033.h>
11#include <botan/exceptn.h>
12#include <botan/internal/bit_ops.h>
13#include <botan/internal/fmt.h>
14#include <botan/internal/stl_util.h>
18void KDF1_18033::perform_kdf(std::span<uint8_t> key,
19 std::span<const uint8_t> secret,
20 std::span<const uint8_t> salt,
21 std::span<const uint8_t> label)
const {
26 const auto hash_output_length = m_hash->output_length();
27 const auto blocks_required =
ceil_division<uint64_t >(key.size(), hash_output_length);
32 BOTAN_ARG_CHECK(blocks_required <= 0xFFFFFFFF,
"KDF1-18033 maximum output length exceeeded");
35 for(uint32_t counter = 0; !k.full(); ++counter) {
36 m_hash->update(secret);
37 m_hash->update_be(counter);
38 m_hash->update(label);
43 if(k.remaining_capacity() >= hash_output_length) {
44 m_hash->final(k.next(hash_output_length));
46 const auto h = m_hash->final();
47 k.append(std::span{h}.first(k.remaining_capacity()));
53 return fmt(
"KDF1-18033({})", m_hash->name());
57 return std::make_unique<KDF1_18033>(m_hash->new_object());
#define BOTAN_ARG_CHECK(expr, msg)
std::unique_ptr< KDF > new_object() const override
std::string name() const override
std::string fmt(std::string_view format, const T &... args)
constexpr T ceil_division(T a, T b)