Botan  2.8.0
Crypto and TLS for C++11
prf_x942.cpp
Go to the documentation of this file.
1 /*
2 * X9.42 PRF
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/prf_x942.h>
9 #include <botan/der_enc.h>
10 #include <botan/oids.h>
11 #include <botan/hash.h>
12 #include <botan/loadstor.h>
13 #include <algorithm>
14 
15 namespace Botan {
16 
17 namespace {
18 
19 /*
20 * Encode an integer as an OCTET STRING
21 */
22 std::vector<uint8_t> encode_x942_int(uint32_t n)
23  {
24  uint8_t n_buf[4] = { 0 };
25  store_be(n, n_buf);
26 
27  std::vector<uint8_t> output;
28  DER_Encoder(output).encode(n_buf, 4, OCTET_STRING);
29  return output;
30  }
31 
32 }
33 
34 size_t X942_PRF::kdf(uint8_t key[], size_t key_len,
35  const uint8_t secret[], size_t secret_len,
36  const uint8_t salt[], size_t salt_len,
37  const uint8_t label[], size_t label_len) const
38  {
39  std::unique_ptr<HashFunction> hash(HashFunction::create("SHA-160"));
40  const OID kek_algo(m_key_wrap_oid);
41 
44  size_t offset = 0;
45  uint32_t counter = 1;
46 
47  in.reserve(salt_len + label_len);
48  in += std::make_pair(label,label_len);
49  in += std::make_pair(salt,salt_len);
50 
51  while(offset != key_len && counter)
52  {
53  hash->update(secret, secret_len);
54 
55  hash->update(
56  DER_Encoder().start_cons(SEQUENCE)
57 
58  .start_cons(SEQUENCE)
59  .encode(kek_algo)
60  .raw_bytes(encode_x942_int(counter))
61  .end_cons()
62 
63  .encode_if(salt_len != 0,
64  DER_Encoder()
65  .start_explicit(0)
66  .encode(in, OCTET_STRING)
67  .end_explicit()
68  )
69 
70  .start_explicit(2)
71  .raw_bytes(encode_x942_int(static_cast<uint32_t>(8 * key_len)))
72  .end_explicit()
73 
74  .end_cons().get_contents()
75  );
76 
77  hash->final(h);
78  const size_t copied = std::min(h.size(), key_len - offset);
79  copy_mem(&key[offset], h.data(), copied);
80  offset += copied;
81 
82  ++counter;
83  }
84 
85  return offset;
86  }
87 
88 /*
89 * X9.42 Constructor
90 */
91 X942_PRF::X942_PRF(const std::string& oid)
92  {
93  if(OIDS::have_oid(oid))
94  m_key_wrap_oid = OIDS::lookup(oid).as_string();
95  else
96  m_key_wrap_oid = oid;
97  }
98 
99 }
void store_be(uint16_t in, uint8_t out[2])
Definition: loadstor.h:434
size_t kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
Definition: prf_x942.cpp:34
bool have_oid(const std::string &name)
Definition: oids.cpp:123
std::string encode(const uint8_t der[], size_t length, const std::string &label, size_t width)
Definition: pem.cpp:43
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
Definition: hash.cpp:110
X942_PRF(const std::string &oid)
Definition: prf_x942.cpp:91
size_t salt_len
Definition: x509_obj.cpp:26
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:108
Definition: alg_id.cpp:13
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
std::string lookup(const OID &oid)
Definition: oids.cpp:113
MechanismType hash