Botan  2.12.1
Crypto and TLS for C++11
prf_x942.cpp
Go to the documentation of this file.
1 /*
2 * X9.42 PRF
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/prf_x942.h>
9 #include <botan/der_enc.h>
10 #include <botan/hash.h>
11 #include <botan/loadstor.h>
12 #include <algorithm>
13 
14 namespace Botan {
15 
16 namespace {
17 
18 /*
19 * Encode an integer as an OCTET STRING
20 */
21 std::vector<uint8_t> encode_x942_int(uint32_t n)
22  {
23  uint8_t n_buf[4] = { 0 };
24  store_be(n, n_buf);
25 
26  std::vector<uint8_t> output;
27  DER_Encoder(output).encode(n_buf, 4, OCTET_STRING);
28  return output;
29  }
30 
31 }
32 
33 size_t X942_PRF::kdf(uint8_t key[], size_t key_len,
34  const uint8_t secret[], size_t secret_len,
35  const uint8_t salt[], size_t salt_len,
36  const uint8_t label[], size_t label_len) const
37  {
38  std::unique_ptr<HashFunction> hash(HashFunction::create("SHA-160"));
39 
42  size_t offset = 0;
43  uint32_t counter = 1;
44 
45  in.reserve(salt_len + label_len);
46  in += std::make_pair(label,label_len);
47  in += std::make_pair(salt,salt_len);
48 
49  while(offset != key_len && counter)
50  {
51  hash->update(secret, secret_len);
52 
53  hash->update(
54  DER_Encoder().start_cons(SEQUENCE)
55 
56  .start_cons(SEQUENCE)
57  .encode(m_key_wrap_oid)
58  .raw_bytes(encode_x942_int(counter))
59  .end_cons()
60 
61  .encode_if(salt_len != 0,
62  DER_Encoder()
63  .start_explicit(0)
64  .encode(in, OCTET_STRING)
65  .end_explicit()
66  )
67 
68  .start_explicit(2)
69  .raw_bytes(encode_x942_int(static_cast<uint32_t>(8 * key_len)))
70  .end_explicit()
71 
72  .end_cons().get_contents()
73  );
74 
75  hash->final(h);
76  const size_t copied = std::min(h.size(), key_len - offset);
77  copy_mem(&key[offset], h.data(), copied);
78  offset += copied;
79 
80  ++counter;
81  }
82 
83  return offset;
84  }
85 
86 std::string X942_PRF::name() const
87  {
88  return "X9.42-PRF(" + m_key_wrap_oid.to_formatted_string() + ")";
89  }
90 
91 }
void store_be(uint16_t in, uint8_t out[2])
Definition: loadstor.h:438
size_t kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
Definition: prf_x942.cpp:33
std::string name() const override
Definition: prf_x942.cpp:86
std::string encode(const uint8_t der[], size_t length, const std::string &label, size_t width)
Definition: pem.cpp:43
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
Definition: hash.cpp:106
size_t salt_len
Definition: x509_obj.cpp:25
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:122
Definition: alg_id.cpp:13
std::string to_formatted_string() const
Definition: asn1_oid.cpp:110
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
MechanismType hash