Botan 3.6.1
Crypto and TLS for C&
sp800_108.h
Go to the documentation of this file.
1/*
2* KDFs defined in NIST SP 800-108
3* (C) 2016 Kai Michaelis
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#ifndef BOTAN_SP800_108_H_
9#define BOTAN_SP800_108_H_
10
11#include <botan/kdf.h>
12#include <botan/mac.h>
13
14namespace Botan {
15
16/**
17 * NIST SP 800-108 KDF in Counter Mode (5.1)
18 */
19class SP800_108_Counter final : public KDF {
20 public:
21 std::string name() const override;
22
23 std::unique_ptr<KDF> new_object() const override;
24
25 /**
26 * Derive a key using the SP800-108 KDF in Counter mode.
27 *
28 * The implementation hard codes the length of [L]_2
29 * and [i]_2 (the value r) to 32 bits.
30 *
31 * @param key resulting keying material
32 * @param key_len the desired output length in bytes
33 * @param secret K_I
34 * @param secret_len size of K_I in bytes
35 * @param salt Context
36 * @param salt_len size of Context in bytes
37 * @param label Label
38 * @param label_len size of Label in bytes
39 *
40 * @throws Invalid_Argument key_len > 2^32
41 */
42 void kdf(uint8_t key[],
43 size_t key_len,
44 const uint8_t secret[],
45 size_t secret_len,
46 const uint8_t salt[],
47 size_t salt_len,
48 const uint8_t label[],
49 size_t label_len) const override;
50
51 /**
52 * @param mac MAC algorithm to use
53 */
54 explicit SP800_108_Counter(std::unique_ptr<MessageAuthenticationCode> mac) : m_prf(std::move(mac)) {}
55
56 private:
57 std::unique_ptr<MessageAuthenticationCode> m_prf;
58};
59
60/**
61 * NIST SP 800-108 KDF in Feedback Mode (5.2)
62 */
63class SP800_108_Feedback final : public KDF {
64 public:
65 std::string name() const override;
66
67 std::unique_ptr<KDF> new_object() const override;
68
69 /**
70 * Derive a key using the SP800-108 KDF in Feedback mode.
71 *
72 * The implementation uses the optional counter i and hard
73 * codes the length of [L]_2 and [i]_2 (the value r) to 32 bits.
74 *
75 * @param key resulting keying material
76 * @param key_len the desired output length in bytes
77 * @param secret K_I
78 * @param secret_len size of K_I in bytes
79 * @param salt IV || Context
80 * @param salt_len size of Context plus IV in bytes
81 * @param label Label
82 * @param label_len size of Label in bytes
83 *
84 * @throws Invalid_Argument key_len > 2^32
85 */
86 void kdf(uint8_t key[],
87 size_t key_len,
88 const uint8_t secret[],
89 size_t secret_len,
90 const uint8_t salt[],
91 size_t salt_len,
92 const uint8_t label[],
93 size_t label_len) const override;
94
95 explicit SP800_108_Feedback(std::unique_ptr<MessageAuthenticationCode> mac) : m_prf(std::move(mac)) {}
96
97 private:
98 std::unique_ptr<MessageAuthenticationCode> m_prf;
99};
100
101/**
102 * NIST SP 800-108 KDF in Double Pipeline Mode (5.3)
103 */
104class SP800_108_Pipeline final : public KDF {
105 public:
106 std::string name() const override;
107
108 std::unique_ptr<KDF> new_object() const override;
109
110 /**
111 * Derive a key using the SP800-108 KDF in Double Pipeline mode.
112 *
113 * The implementation uses the optional counter i and hard
114 * codes the length of [L]_2 and [i]_2 (the value r) to 32 bits.
115 *
116 * @param key resulting keying material
117 * @param key_len the desired output length in bytes
118 * @param secret K_I
119 * @param secret_len size of K_I in bytes
120 * @param salt Context
121 * @param salt_len size of Context in bytes
122 * @param label Label
123 * @param label_len size of Label in bytes
124 *
125 * @throws Invalid_Argument key_len > 2^32
126 */
127 void kdf(uint8_t key[],
128 size_t key_len,
129 const uint8_t secret[],
130 size_t secret_len,
131 const uint8_t salt[],
132 size_t salt_len,
133 const uint8_t label[],
134 size_t label_len) const override;
135
136 explicit SP800_108_Pipeline(std::unique_ptr<MessageAuthenticationCode> mac) : m_prf(std::move(mac)) {}
137
138 private:
139 std::unique_ptr<MessageAuthenticationCode> m_prf;
140};
141
142} // namespace Botan
143
144#endif
Botan::SP800_108_Counter
Definition sp800_108.h:19
Botan::SP800_108_Counter::kdf
void kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
Definition sp800_108.cpp:25
Botan::SP800_108_Counter::SP800_108_Counter
SP800_108_Counter(std::unique_ptr< MessageAuthenticationCode > mac)
Definition sp800_108.h:54
Botan::SP800_108_Counter::name
std::string name() const override
Definition sp800_108.cpp:17
Botan::SP800_108_Counter::new_object
std::unique_ptr< KDF > new_object() const override
Definition sp800_108.cpp:21
Botan::SP800_108_Feedback
Definition sp800_108.h:63
Botan::SP800_108_Feedback::name
std::string name() const override
Definition sp800_108.cpp:73
Botan::SP800_108_Feedback::SP800_108_Feedback
SP800_108_Feedback(std::unique_ptr< MessageAuthenticationCode > mac)
Definition sp800_108.h:95
Botan::SP800_108_Feedback::kdf
void kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
Definition sp800_108.cpp:81
Botan::SP800_108_Feedback::new_object
std::unique_ptr< KDF > new_object() const override
Definition sp800_108.cpp:77
Botan::SP800_108_Pipeline
Definition sp800_108.h:104
Botan::SP800_108_Pipeline::new_object
std::unique_ptr< KDF > new_object() const override
Definition sp800_108.cpp:136
Botan::SP800_108_Pipeline::SP800_108_Pipeline
SP800_108_Pipeline(std::unique_ptr< MessageAuthenticationCode > mac)
Definition sp800_108.h:136
Botan::SP800_108_Pipeline::name
std::string name() const override
Definition sp800_108.cpp:132
Botan::SP800_108_Pipeline::kdf
void kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
Definition sp800_108.cpp:140
final
int(* final)(unsigned char *, CTX *)
Definition commoncrypto_hash.cpp:29
Generated by doxygen 1.12.0