diff options
| -rw-r--r-- | lib/nettle/Makefile.am | 4 | ||||
| -rw-r--r-- | lib/nettle/int/hkdf.c | 94 | ||||
| -rw-r--r-- | lib/nettle/int/hkdf.h | 66 |
3 files changed, 164 insertions, 0 deletions
diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am index 182d7d9838..4c044c9f9b 100644 --- a/lib/nettle/Makefile.am +++ b/lib/nettle/Makefile.am @@ -65,4 +65,8 @@ libcrypto_la_SOURCES += int/pss-mgf1.c int/pss-mgf1.h int/pss.c int/pss.h \ int/rsa-pss.c int/rsa-pss.h \ int/rsa-pss-sha256-sign-tr.c int/rsa-pss-sha256-verify.c \ int/rsa-pss-sha512-sign-tr.c int/rsa-pss-sha512-verify.c + +# HKDF was introduced in the same version of nettle +libcrypto_la_SOURCES += int/hkdf.c int/hkdf.h + endif diff --git a/lib/nettle/int/hkdf.c b/lib/nettle/int/hkdf.c new file mode 100644 index 0000000000..3ff6c24eb0 --- /dev/null +++ b/lib/nettle/int/hkdf.c @@ -0,0 +1,94 @@ +/* hkdf.c + + HKDF key derivation function, see RFC 5869. + + Copyright (C) 2017 Red Hat, Inc. + + Author: Nikos Mavrogiannopoulos + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#if HAVE_CONFIG_H +#include "config.h" +#endif + +/* Needed for alloca on freebsd */ +#include <stdlib.h> +#include <string.h> + +#include <nettle/hmac.h> + +#include <nettle/memxor.h> +#include "hkdf.h" + +/* hkdf_extract: Outputs a PRK of digest_size + */ +void +hkdf_extract (void *mac_ctx, + nettle_hash_update_func * update, + nettle_hash_digest_func * digest, + size_t digest_size, + size_t secret_size, const uint8_t * secret, uint8_t * dst) +{ + update (mac_ctx, secret_size, secret); + digest (mac_ctx, digest_size, dst); +} + +/* hkdf_expand: Outputs an arbitrary key of size specified by length + */ +void +hkdf_expand (void *mac_ctx, + nettle_hash_update_func * update, + nettle_hash_digest_func * digest, + size_t digest_size, + size_t info_size, const uint8_t * info, + size_t length, uint8_t * dst) +{ + uint8_t i = 1; + ssize_t left = length; + + if (!left) + return; + + for (;; dst += digest_size, left -= digest_size, i++) + { + update (mac_ctx, info_size, info); + update (mac_ctx, 1, &i); + if (left <= (ssize_t)digest_size) + { + if (left > 0) + digest (mac_ctx, left, dst); + return; + } + + digest (mac_ctx, digest_size, dst); + update (mac_ctx, digest_size, dst); + } + + return; +} diff --git a/lib/nettle/int/hkdf.h b/lib/nettle/int/hkdf.h new file mode 100644 index 0000000000..a7101da3a8 --- /dev/null +++ b/lib/nettle/int/hkdf.h @@ -0,0 +1,66 @@ +/* hkdf.h + + HKDF key derivation function, see RFC 5869. + + Copyright (C) 2017 Red Hat, Inc. + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#ifndef _HKDF_H_INCLUDED +#define _HKDF_H_INCLUDED + +#include <nettle/nettle-meta.h> + +#ifdef __cplusplus +extern "C" { +#endif + +/* Namespace mangling */ +#define hkdf_extract gnutls_hkdf_extract +#define hkdf_expand gnutls_hkdf_expand + + void + hkdf_extract(void *mac_ctx, + nettle_hash_update_func * update, + nettle_hash_digest_func * digest, + size_t digest_size, + size_t secret_size, const uint8_t * secret, + uint8_t * dst); + + void + hkdf_expand(void *mac_ctx, + nettle_hash_update_func * update, + nettle_hash_digest_func * digest, + size_t digest_size, + size_t info_size, const uint8_t * info, + size_t length, uint8_t * dst); + +#ifdef __cplusplus +} +#endif +#endif /* NETTLE_HKDF_H_INCLUDED */ |