Botan  2.7.0
Crypto and TLS for C++11
sp800_56a.h
Go to the documentation of this file.
1 /*
2 * KDF defined in NIST SP 800-56a revision 2 (Single-step key-derivation function)
3 *
4 * (C) 2017 Ribose Inc. Written by Krzysztof Kwiatkowski.
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_SP800_56A_H_
10 #define BOTAN_SP800_56A_H_
11 
12 #include <botan/kdf.h>
13 #include <botan/hash.h>
14 #include <botan/mac.h>
15 
16 namespace Botan {
17 
18 /**
19  * NIST SP 800-56A KDF using hash function
20  * @warning This KDF ignores the provided salt value
21  */
22 class BOTAN_PUBLIC_API(2,2) SP800_56A_Hash final : public KDF
23  {
24  public:
25  std::string name() const override { return "SP800-56A(" + m_hash->name() + ")"; }
26 
27  KDF* clone() const override { return new SP800_56A_Hash(m_hash->clone()); }
28 
29  /**
30  * Derive a key using the SP800-56A KDF.
31  *
32  * The implementation hard codes the context value for the
33  * expansion step to the empty string.
34  *
35  * @param key derived keying material K_M
36  * @param key_len the desired output length in bytes
37  * @param secret shared secret Z
38  * @param secret_len size of Z in bytes
39  * @param salt ignored
40  * @param salt_len ignored
41  * @param label label for the expansion step
42  * @param label_len size of label in bytes
43  *
44  * @throws Invalid_Argument key_len > 2^32
45  */
46  size_t kdf(uint8_t key[], size_t key_len,
47  const uint8_t secret[], size_t secret_len,
48  const uint8_t salt[], size_t salt_len,
49  const uint8_t label[], size_t label_len) const override;
50 
51  /**
52  * @param hash the hash function to use as the auxiliary function
53  */
54  explicit SP800_56A_Hash(HashFunction* hash) : m_hash(hash) {}
55  private:
56  std::unique_ptr<HashFunction> m_hash;
57  };
58 
59 /**
60  * NIST SP 800-56A KDF using HMAC
61  */
62 class BOTAN_PUBLIC_API(2,2) SP800_56A_HMAC final : public KDF
63  {
64  public:
65  std::string name() const override { return "SP800-56A(" + m_mac->name() + ")"; }
66 
67  KDF* clone() const override { return new SP800_56A_HMAC(m_mac->clone()); }
68 
69  /**
70  * Derive a key using the SP800-56A KDF.
71  *
72  * The implementation hard codes the context value for the
73  * expansion step to the empty string.
74  *
75  * @param key derived keying material K_M
76  * @param key_len the desired output length in bytes
77  * @param secret shared secret Z
78  * @param secret_len size of Z in bytes
79  * @param salt ignored
80  * @param salt_len ignored
81  * @param label label for the expansion step
82  * @param label_len size of label in bytes
83  *
84  * @throws Invalid_Argument key_len > 2^32 or MAC is not a HMAC
85  */
86  size_t kdf(uint8_t key[], size_t key_len,
87  const uint8_t secret[], size_t secret_len,
88  const uint8_t salt[], size_t salt_len,
89  const uint8_t label[], size_t label_len) const override;
90 
91  /**
92  * @param mac the HMAC to use as the auxiliary function
93  */
95  private:
96  std::unique_ptr<MessageAuthenticationCode> m_mac;
97  };
98 
99 }
100 
101 #endif
SP800_56A_Hash(HashFunction *hash)
Definition: sp800_56a.h:54
std::string name() const override
Definition: sp800_56a.h:65
KDF * clone() const override
Definition: sp800_56a.h:27
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
size_t salt_len
Definition: x509_obj.cpp:26
Definition: alg_id.cpp:13
Definition: kdf.h:20
std::string name() const override
Definition: sp800_56a.h:25
KDF * clone() const override
Definition: sp800_56a.h:67
MechanismType hash