Botan 2.19.2
Crypto and TLS for C&
sp800_56a.h
Go to the documentation of this file.
1/*
2* KDF defined in NIST SP 800-56a revision 2 (Single-step key-derivation function)
3*
4* (C) 2017 Ribose Inc. Written by Krzysztof Kwiatkowski.
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_SP800_56A_H_
10#define BOTAN_SP800_56A_H_
11
12#include <botan/kdf.h>
13#include <botan/hash.h>
14#include <botan/mac.h>
15
17
18namespace Botan {
19
20/**
21 * NIST SP 800-56A KDF using hash function
22 * @warning This KDF ignores the provided salt value
23 */
25 {
26 public:
27 std::string name() const override { return "SP800-56A(" + m_hash->name() + ")"; }
28
29 KDF* clone() const override { return new SP800_56A_Hash(m_hash->clone()); }
30
31 /**
32 * Derive a key using the SP800-56A KDF.
33 *
34 * The implementation hard codes the context value for the
35 * expansion step to the empty string.
36 *
37 * @param key derived keying material K_M
38 * @param key_len the desired output length in bytes
39 * @param secret shared secret Z
40 * @param secret_len size of Z in bytes
41 * @param salt ignored
42 * @param salt_len ignored
43 * @param label label for the expansion step
44 * @param label_len size of label in bytes
45 *
46 * @throws Invalid_Argument key_len > 2^32
47 */
48 size_t kdf(uint8_t key[], size_t key_len,
49 const uint8_t secret[], size_t secret_len,
50 const uint8_t salt[], size_t salt_len,
51 const uint8_t label[], size_t label_len) const override;
52
53 /**
54 * @param hash the hash function to use as the auxiliary function
55 */
56 explicit SP800_56A_Hash(HashFunction* hash) : m_hash(hash) {}
57 private:
58 std::unique_ptr<HashFunction> m_hash;
59 };
60
61/**
62 * NIST SP 800-56A KDF using HMAC
63 */
65 {
66 public:
67 std::string name() const override { return "SP800-56A(" + m_mac->name() + ")"; }
68
69 KDF* clone() const override { return new SP800_56A_HMAC(m_mac->clone()); }
70
71 /**
72 * Derive a key using the SP800-56A KDF.
73 *
74 * The implementation hard codes the context value for the
75 * expansion step to the empty string.
76 *
77 * @param key derived keying material K_M
78 * @param key_len the desired output length in bytes
79 * @param secret shared secret Z
80 * @param secret_len size of Z in bytes
81 * @param salt ignored
82 * @param salt_len ignored
83 * @param label label for the expansion step
84 * @param label_len size of label in bytes
85 *
86 * @throws Invalid_Argument key_len > 2^32 or MAC is not a HMAC
87 */
88 size_t kdf(uint8_t key[], size_t key_len,
89 const uint8_t secret[], size_t secret_len,
90 const uint8_t salt[], size_t salt_len,
91 const uint8_t label[], size_t label_len) const override;
92
93 /**
94 * @param mac the HMAC to use as the auxiliary function
95 */
97 private:
98 std::unique_ptr<MessageAuthenticationCode> m_mac;
99 };
100
101}
102
103#endif
Definition: kdf.h:21
virtual size_t kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const =0
std::string name() const override
Definition: sp800_56a.h:67
KDF * clone() const override
Definition: sp800_56a.h:69
SP800_56A_Hash(HashFunction *hash)
Definition: sp800_56a.h:56
std::string name() const override
Definition: sp800_56a.h:27
KDF * clone() const override
Definition: sp800_56a.h:29
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
#define BOTAN_FUTURE_INTERNAL_HEADER(hdr)
Definition: compiler.h:136
Definition: alg_id.cpp:13
MechanismType hash
size_t salt_len
Definition: x509_obj.cpp:25