9#include <botan/internal/kdf2.h>
11#include <botan/exceptn.h>
12#include <botan/internal/bit_ops.h>
13#include <botan/internal/fmt.h>
14#include <botan/internal/stl_util.h>
19 return fmt(
"KDF2({})", m_hash->name());
23 return std::make_unique<KDF2>(m_hash->new_object());
26void KDF2::perform_kdf(std::span<uint8_t> key,
27 std::span<const uint8_t> secret,
28 std::span<const uint8_t> salt,
29 std::span<const uint8_t> label)
const {
34 const size_t hash_output_length = m_hash->output_length();
35 const auto blocks_required =
ceil_division<uint64_t >(key.size(), hash_output_length);
40 BOTAN_ARG_CHECK(blocks_required <= 0xFFFFFFFE,
"KDF2 maximum output length exceeeded");
43 for(uint32_t counter = 1; !k.full(); ++counter) {
46 m_hash->update(secret);
47 m_hash->update_be(counter);
48 m_hash->update(label);
53 if(k.remaining_capacity() >= hash_output_length) {
54 m_hash->final(k.next(hash_output_length));
56 const auto h = m_hash->final();
57 k.append(std::span{h}.first(k.remaining_capacity()));
#define BOTAN_ASSERT_NOMSG(expr)
#define BOTAN_ARG_CHECK(expr, msg)
std::unique_ptr< KDF > new_object() const override
std::string name() const override
std::string fmt(std::string_view format, const T &... args)
constexpr T ceil_division(T a, T b)