Botan 3.0.0
Crypto and TLS for C&
sp800_108.h
Go to the documentation of this file.
1/*
2* KDFs defined in NIST SP 800-108
3* (C) 2016 Kai Michaelis
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#ifndef BOTAN_SP800_108_H_
9#define BOTAN_SP800_108_H_
10
11#include <botan/kdf.h>
12#include <botan/mac.h>
13
14namespace Botan {
15
16/**
17 * NIST SP 800-108 KDF in Counter Mode (5.1)
18 */
19class SP800_108_Counter final : public KDF
20 {
21 public:
22 std::string name() const override;
23
24 std::unique_ptr<KDF> new_object() const override;
25
26 /**
27 * Derive a key using the SP800-108 KDF in Counter mode.
28 *
29 * The implementation hard codes the length of [L]_2
30 * and [i]_2 (the value r) to 32 bits.
31 *
32 * @param key resulting keying material
33 * @param key_len the desired output length in bytes
34 * @param secret K_I
35 * @param secret_len size of K_I in bytes
36 * @param salt Context
37 * @param salt_len size of Context in bytes
38 * @param label Label
39 * @param label_len size of Label in bytes
40 *
41 * @throws Invalid_Argument key_len > 2^32
42 */
43 void kdf(uint8_t key[], size_t key_len,
44 const uint8_t secret[], size_t secret_len,
45 const uint8_t salt[], size_t salt_len,
46 const uint8_t label[], size_t label_len) const override;
47
48 /**
49 * @param mac MAC algorithm to use
50 */
51 explicit SP800_108_Counter(std::unique_ptr<MessageAuthenticationCode> mac) : m_prf(std::move(mac)) {}
52 private:
53 std::unique_ptr<MessageAuthenticationCode> m_prf;
54 };
55
56/**
57 * NIST SP 800-108 KDF in Feedback Mode (5.2)
58 */
59class SP800_108_Feedback final : public KDF
60 {
61 public:
62 std::string name() const override;
63
64 std::unique_ptr<KDF> new_object() const override;
65
66 /**
67 * Derive a key using the SP800-108 KDF in Feedback mode.
68 *
69 * The implementation uses the optional counter i and hard
70 * codes the length of [L]_2 and [i]_2 (the value r) to 32 bits.
71 *
72 * @param key resulting keying material
73 * @param key_len the desired output length in bytes
74 * @param secret K_I
75 * @param secret_len size of K_I in bytes
76 * @param salt IV || Context
77 * @param salt_len size of Context plus IV in bytes
78 * @param label Label
79 * @param label_len size of Label in bytes
80 *
81 * @throws Invalid_Argument key_len > 2^32
82 */
83 void kdf(uint8_t key[], size_t key_len,
84 const uint8_t secret[], size_t secret_len,
85 const uint8_t salt[], size_t salt_len,
86 const uint8_t label[], size_t label_len) const override;
87
88 explicit SP800_108_Feedback(std::unique_ptr<MessageAuthenticationCode> mac) : m_prf(std::move(mac)) {}
89 private:
90 std::unique_ptr<MessageAuthenticationCode> m_prf;
91 };
92
93/**
94 * NIST SP 800-108 KDF in Double Pipeline Mode (5.3)
95 */
96class SP800_108_Pipeline final : public KDF
97 {
98 public:
99 std::string name() const override;
100
101 std::unique_ptr<KDF> new_object() const override;
102
103 /**
104 * Derive a key using the SP800-108 KDF in Double Pipeline mode.
105 *
106 * The implementation uses the optional counter i and hard
107 * codes the length of [L]_2 and [i]_2 (the value r) to 32 bits.
108 *
109 * @param key resulting keying material
110 * @param key_len the desired output length in bytes
111 * @param secret K_I
112 * @param secret_len size of K_I in bytes
113 * @param salt Context
114 * @param salt_len size of Context in bytes
115 * @param label Label
116 * @param label_len size of Label in bytes
117 *
118 * @throws Invalid_Argument key_len > 2^32
119 */
120 void kdf(uint8_t key[], size_t key_len,
121 const uint8_t secret[], size_t secret_len,
122 const uint8_t salt[], size_t salt_len,
123 const uint8_t label[], size_t label_len) const override;
124
125 explicit SP800_108_Pipeline(std::unique_ptr<MessageAuthenticationCode> mac) : m_prf(std::move(mac)) {}
126
127 private:
128 std::unique_ptr<MessageAuthenticationCode> m_prf;
129 };
130
131}
132
133#endif
Botan::KDF
Definition: kdf.h:24
Botan::SP800_108_Counter
Definition: sp800_108.h:20
Botan::SP800_108_Counter::kdf
void kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
Definition: sp800_108.cpp:26
Botan::SP800_108_Counter::SP800_108_Counter
SP800_108_Counter(std::unique_ptr< MessageAuthenticationCode > mac)
Definition: sp800_108.h:51
Botan::SP800_108_Counter::name
std::string name() const override
Definition: sp800_108.cpp:16
Botan::SP800_108_Counter::new_object
std::unique_ptr< KDF > new_object() const override
Definition: sp800_108.cpp:21
Botan::SP800_108_Feedback
Definition: sp800_108.h:60
Botan::SP800_108_Feedback::name
std::string name() const override
Definition: sp800_108.cpp:71
Botan::SP800_108_Feedback::SP800_108_Feedback
SP800_108_Feedback(std::unique_ptr< MessageAuthenticationCode > mac)
Definition: sp800_108.h:88
Botan::SP800_108_Feedback::kdf
void kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
Definition: sp800_108.cpp:81
Botan::SP800_108_Feedback::new_object
std::unique_ptr< KDF > new_object() const override
Definition: sp800_108.cpp:76
Botan::SP800_108_Pipeline
Definition: sp800_108.h:97
Botan::SP800_108_Pipeline::new_object
std::unique_ptr< KDF > new_object() const override
Definition: sp800_108.cpp:134
Botan::SP800_108_Pipeline::SP800_108_Pipeline
SP800_108_Pipeline(std::unique_ptr< MessageAuthenticationCode > mac)
Definition: sp800_108.h:125
Botan::SP800_108_Pipeline::name
std::string name() const override
Definition: sp800_108.cpp:129
Botan::SP800_108_Pipeline::kdf
void kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
Definition: sp800_108.cpp:139
final
int(* final)(unsigned char *, CTX *)
Definition: commoncrypto_hash.cpp:29
Botan
Definition: alg_id.cpp:12
std
Definition: bigint.h:1092
Generated by doxygen 1.9.6