Botan::HKDF Class Reference
| Botan 3.10.0 Crypto and TLS for C& |
- Botan
- HKDF
#include <hkdf.h>
Inheritance diagram for Botan::HKDF:
Public Member Functions | |
| KDF * | clone () const |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | derive_key (size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[]=nullptr, size_t label_len=0) const |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | derive_key (size_t key_len, const uint8_t secret[], size_t secret_len, std::string_view salt="", std::string_view label="") const |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | derive_key (size_t key_len, std::span< const uint8_t > secret, const uint8_t salt[], size_t salt_len, std::string_view label="") const |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | derive_key (size_t key_len, std::span< const uint8_t > secret, std::span< const uint8_t > salt, std::span< const uint8_t > label) const |
| template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>> | |
| T | derive_key (size_t key_len, std::span< const uint8_t > secret, std::string_view salt="", std::string_view label="") const |
| template<size_t key_len> | |
| std::array< uint8_t, key_len > | derive_key (std::span< const uint8_t > secret, std::span< const uint8_t > salt={}, std::span< const uint8_t > label={}) |
| template<size_t key_len> | |
| std::array< uint8_t, key_len > | derive_key (std::span< const uint8_t > secret, std::span< const uint8_t > salt={}, std::string_view label="") |
| template<size_t key_len> | |
| std::array< uint8_t, key_len > | derive_key (std::span< const uint8_t > secret, std::string_view salt="", std::string_view label="") |
| void | derive_key (std::span< uint8_t > key, std::span< const uint8_t > secret, std::span< const uint8_t > salt, std::span< const uint8_t > label) const |
| HKDF (std::unique_ptr< MessageAuthenticationCode > prf) | |
| void | kdf (uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const |
| std::string | name () const override |
| std::unique_ptr< KDF > | new_object () const override |
Static Public Member Functions | |
| static std::unique_ptr< KDF > | create (std::string_view algo_spec, std::string_view provider="") |
| static std::unique_ptr< KDF > | create_or_throw (std::string_view algo_spec, std::string_view provider="") |
| static std::vector< std::string > | providers (std::string_view algo_spec) |
Detailed Description
HKDF from RFC 5869.
Definition at line 20 of file hkdf.h.
Constructor & Destructor Documentation
◆ HKDF()
| inlineexplicit |
| prf | MAC algorithm to use |
Definition at line 25 of file hkdf.h.
25: m_prf(std::move(prf)) {}Member Function Documentation
◆ clone()
| inlineinherited |
Definition at line 242 of file kdf.h.
242{ return this->new_object().release(); } Botan::KDF::new_objectvirtual std::unique_ptr< KDF > new_object() const =0References new_object().
◆ create()
| staticinherited |
Create an instance based on a name If provider is empty then best available is chosen.
Parameters| algo_spec | algorithm name |
| provider | provider implementation to choose |
Definition at line 73 of file kdf.cpp.
73 { 74 const SCAN_Name req(algo_spec); 75 76#if defined(BOTAN_HAS_HKDF) 77 if(req.algo_name() == "HKDF" && req.arg_count() == 1) { 78 if(provider.empty() || provider == "base") { 79 return kdf_create_mac_or_hash<HKDF>(req.arg(0)); 80 } 81 } 82 83 if(req.algo_name() == "HKDF-Extract" && req.arg_count() == 1) { 84 if(provider.empty() || provider == "base") { 85 return kdf_create_mac_or_hash<HKDF_Extract>(req.arg(0)); 86 } 87 } 88 89 if(req.algo_name() == "HKDF-Expand" && req.arg_count() == 1) { 90 if(provider.empty() || provider == "base") { 91 return kdf_create_mac_or_hash<HKDF_Expand>(req.arg(0)); 92 } 93 } 94#endif 95 96#if defined(BOTAN_HAS_KDF2) 97 if(req.algo_name() == "KDF2" && req.arg_count() == 1) { 98 if(provider.empty() || provider == "base") { 99 if(auto hash = HashFunction::create(req.arg(0))) { 100 return std::make_unique<KDF2>(std::move(hash)); 101 } 102 } 103 } 104#endif 105 106#if defined(BOTAN_HAS_KDF1_18033) 107 if(req.algo_name() == "KDF1-18033" && req.arg_count() == 1) { 108 if(provider.empty() || provider == "base") { 109 if(auto hash = HashFunction::create(req.arg(0))) { 110 return std::make_unique<KDF1_18033>(std::move(hash)); 111 } 112 } 113 } 114#endif 115 116#if defined(BOTAN_HAS_KDF1) 117 if(req.algo_name() == "KDF1" && req.arg_count() == 1) { 118 if(provider.empty() || provider == "base") { 119 if(auto hash = HashFunction::create(req.arg(0))) { 120 return std::make_unique<KDF1>(std::move(hash)); 121 } 122 } 123 } 124#endif 125 126#if defined(BOTAN_HAS_TLS_V12_PRF) 127 if(req.algo_name() == "TLS-12-PRF" && req.arg_count() == 1) { 128 if(provider.empty() || provider == "base") { 129 return kdf_create_mac_or_hash<TLS_12_PRF>(req.arg(0)); 130 } 131 } 132#endif 133 134#if defined(BOTAN_HAS_X942_PRF) 135 if(req.algo_name() == "X9.42-PRF" && req.arg_count() == 1) { 136 if(provider.empty() || provider == "base") { 137 return std::make_unique<X942_PRF>(req.arg(0)); 138 } 139 } 140#endif 141 142#if defined(BOTAN_HAS_SP800_108) 143 if(req.algo_name() == "SP800-108-Counter" && req.arg_count_between(1, 3)) { 144 if(provider.empty() || provider == "base") { 145 return kdf_create_mac_or_hash<SP800_108_Counter>( 146 req.arg(0), req.arg_as_integer(1, 32), req.arg_as_integer(2, 32)); 147 } 148 } 149 150 if(req.algo_name() == "SP800-108-Feedback" && req.arg_count_between(1, 3)) { 151 if(provider.empty() || provider == "base") { 152 return kdf_create_mac_or_hash<SP800_108_Feedback>( 153 req.arg(0), req.arg_as_integer(1, 32), req.arg_as_integer(2, 32)); 154 } 155 } 156 157 if(req.algo_name() == "SP800-108-Pipeline" && req.arg_count_between(1, 3)) { 158 if(provider.empty() || provider == "base") { 159 return kdf_create_mac_or_hash<SP800_108_Pipeline>( 160 req.arg(0), req.arg_as_integer(1, 32), req.arg_as_integer(2, 32)); 161 } 162 } 163#endif 164 165#if defined(BOTAN_HAS_SP800_56A) 166 if(req.algo_name() == "SP800-56A" && req.arg_count() == 1) { 167 if(auto hash = HashFunction::create(req.arg(0))) { 168 return std::make_unique<SP800_56C_One_Step_Hash>(std::move(hash)); 169 } 170 if(req.arg(0) == "KMAC-128") { 171 return std::make_unique<SP800_56C_One_Step_KMAC128>(); 172 } 173 if(req.arg(0) == "KMAC-256") { 174 return std::make_unique<SP800_56C_One_Step_KMAC256>(); 175 } 176 if(auto mac = MessageAuthenticationCode::create(req.arg(0))) { 177 return std::make_unique<SP800_56C_One_Step_HMAC>(std::move(mac)); 178 } 179 } 180#endif 181 182#if defined(BOTAN_HAS_SP800_56C) 183 if(req.algo_name() == "SP800-56C" && req.arg_count() == 1) { 184 std::unique_ptr<KDF> exp(kdf_create_mac_or_hash<SP800_108_Feedback>(req.arg(0), 32, 32)); 185 if(exp) { 186 if(auto mac = MessageAuthenticationCode::create(req.arg(0))) { 187 return std::make_unique<SP800_56C_Two_Step>(std::move(mac), std::move(exp)); 188 } 189 190 if(auto mac = MessageAuthenticationCode::create(fmt("HMAC({})", req.arg(0)))) { 191 return std::make_unique<SP800_56C_Two_Step>(std::move(mac), std::move(exp)); 192 } 193 } 194 } 195#endif 196 197 BOTAN_UNUSED(req); 198 BOTAN_UNUSED(provider); 199 200 return nullptr; 201} BOTAN_UNUSED#define BOTAN_UNUSEDDefinition assert.h:144 Botan::HashFunction::createstatic std::unique_ptr< HashFunction > create(std::string_view algo_spec, std::string_view provider="")Definition hash.cpp:111 Botan::MessageAuthenticationCode::createstatic std::unique_ptr< MessageAuthenticationCode > create(std::string_view algo_spec, std::string_view provider="")Definition mac.cpp:50 Botan::fmtstd::string fmt(std::string_view format, const T &... args)Definition fmt.h:53References Botan::SCAN_Name::algo_name(), Botan::SCAN_Name::arg(), Botan::SCAN_Name::arg_as_integer(), Botan::SCAN_Name::arg_count(), Botan::SCAN_Name::arg_count_between(), BOTAN_UNUSED, Botan::HashFunction::create(), Botan::MessageAuthenticationCode::create(), and Botan::fmt().
Referenced by create_or_throw(), and ~KDF().
◆ create_or_throw()
| staticinherited |
Create an instance based on a name, or throw if the algo/provider combination cannot be found. If provider is empty then best available is chosen.
Definition at line 204 of file kdf.cpp.
204 { 205 if(auto kdf = KDF::create(algo, provider)) { 206 return kdf; 207 } 208 throw Lookup_Error("KDF", algo, provider); 209} Botan::KDF::createstatic std::unique_ptr< KDF > create(std::string_view algo_spec, std::string_view provider="")Definition kdf.cpp:73 Botan::KDF::kdfvoid kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) constDefinition kdf.h:67References create(), and kdf().
Referenced by botan_kdf(), Botan::ECIES_KA_Operation::derive_secret(), Botan::get_kdf(), Botan::PK_Ops::KEM_Decryption_with_KDF::KEM_Decryption_with_KDF(), Botan::PK_Ops::KEM_Encryption_with_KDF::KEM_Encryption_with_KDF(), Botan::PK_Ops::Key_Agreement_with_KDF::Key_Agreement_with_KDF(), Botan::TLS::Handshake_State::protocol_specific_prf(), and ~KDF().
◆ derive_key() [1/9]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
| inlineinherited |
Derive a key
Parameters| key_len | the desired output length in bytes |
| secret | the secret input |
| secret_len | size of secret in bytes |
| salt | a diversifier |
| salt_len | size of salt in bytes |
| label | purpose for the derived keying material |
| label_len | size of label in bytes |
Definition at line 91 of file kdf.h.
97 { 98 return derive_key<T>(key_len, {secret, secret_len}, {salt, salt_len}, {label, label_len}); 99 } Botan::KDF::derive_keyT derive_key(size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[]=nullptr, size_t label_len=0) constDefinition kdf.h:91References derive_key().
Referenced by derive_key(), derive_key(), derive_key(), derive_key(), derive_key(), Botan::hkdf_expand_label(), and kdf().
◆ derive_key() [2/9]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
| inlineinherited |
Derive a key
Parameters| key_len | the desired output length in bytes |
| secret | the secret input |
| secret_len | size of secret in bytes |
| salt | a diversifier |
| label | purpose for the derived keying material |
Definition at line 179 of file kdf.h.
183 { 184 return derive_key<T>(key_len, {secret, secret_len}, _as_span(salt), _as_span(label)); 185 }References derive_key().
◆ derive_key() [3/9]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
| inlineinherited |
Derive a key
Parameters| key_len | the desired output length in bytes |
| secret | the secret input |
| salt | a diversifier |
| salt_len | size of salt in bytes |
| label | purpose for the derived keying material |
Definition at line 160 of file kdf.h.
164 { 165 return derive_key<T>(key_len, secret, {salt, salt_len}, _as_span(label)); 166 }References derive_key().
◆ derive_key() [4/9]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
| inlineinherited |
Derive a key
Parameters| key_len | the desired output length in bytes |
| secret | the secret input |
| salt | a diversifier |
| label | purpose for the derived keying material |
Definition at line 140 of file kdf.h.
143 { 144 T key(key_len); 145 perform_kdf(key, secret, salt, label); 146 return key; 147 } Botan::KDF::perform_kdfvirtual void perform_kdf(std::span< uint8_t > key, std::span< const uint8_t > secret, std::span< const uint8_t > salt, std::span< const uint8_t > label) const =0References perform_kdf().
◆ derive_key() [5/9]
template<concepts::resizable_byte_buffer T = secure_vector<uint8_t>>
| inlineinherited |
Derive a key
Parameters| key_len | the desired output length in bytes |
| secret | the secret input |
| salt | a diversifier |
| label | purpose for the derived keying material |
Definition at line 110 of file kdf.h.
113 { 114 return derive_key<T>(key_len, secret, _as_span(salt), _as_span(label)); 115 }References derive_key().
◆ derive_key() [6/9]
template<size_t key_len>
| inlineinherited |
Derive a key
Template Parameters| key_len | the desired output length in bytes |
| secret | the secret input |
| salt | a diversifier |
| label | purpose for the derived keying material |
Definition at line 196 of file kdf.h.
197 {}, 198 std::span<const uint8_t> label = {}) { 199 std::array<uint8_t, key_len> key{}; 200 perform_kdf(key, secret, salt, label); 201 return key; 202 }◆ derive_key() [7/9]
template<size_t key_len>
| inlineinherited |
Derive a key
Template Parameters| key_len | the desired output length in bytes |
| secret | the secret input |
| salt | a diversifier |
| label | purpose for the derived keying material |
Definition at line 213 of file kdf.h.
214 {}, 215 std::string_view label = "") { 216 return derive_key<key_len>(secret, salt, _as_span(label)); 217 }◆ derive_key() [8/9]
template<size_t key_len>
| inlineinherited |
Derive a key
Template Parameters| key_len | the desired output length in bytes |
| secret | the secret input |
| salt | a diversifier |
| label | purpose for the derived keying material |
Definition at line 228 of file kdf.h.
230 { 231 return derive_key<key_len>(secret, _as_span(salt), _as_span(label)); 232 }References derive_key().
◆ derive_key() [9/9]
| inlineinherited |
Derive a key
Parameters| key | the output buffer for the to-be-derived key |
| secret | the secret input |
| salt | a diversifier |
| label | purpose for the derived keying material |
Definition at line 124 of file kdf.h.
127 { 128 perform_kdf(key, secret, salt, label); 129 }References perform_kdf().
◆ kdf()
| inlineinherited |
Derive a key
Parameters| key | buffer holding the derived key, must be of length key_len |
| key_len | the desired output length in bytes |
| secret | the secret input |
| secret_len | size of secret in bytes |
| salt | a diversifier |
| salt_len | size of salt in bytes |
| label | purpose for the derived keying material |
| label_len | size of label in bytes |
Definition at line 67 of file kdf.h.
74 { 75 derive_key({key, key_len}, {secret, secret_len}, {salt, salt_len}, {label, label_len}); 76 }References derive_key(), and kdf().
Referenced by create_or_throw(), and kdf().
◆ name()
| overridevirtual |
Implements Botan::KDF.
Definition at line 23 of file hkdf.cpp.
23 { 24 return fmt("HKDF({})", m_prf->name()); 25}References Botan::fmt().
◆ new_object()
| overridevirtual |
Implements Botan::KDF.
Definition at line 19 of file hkdf.cpp.
19 { 20 return std::make_unique<HKDF>(m_prf->new_object()); 21}◆ providers()
| staticinherited |
Definition at line 211 of file kdf.cpp.
211 { 212 return probe_providers_of<KDF>(algo_spec); 213} Botan::probe_providers_ofstd::vector< std::string > probe_providers_of(std::string_view algo_spec, const std::vector< std::string > &possible={"base"})Definition scan_name.h:105References Botan::probe_providers_of().
Referenced by ~KDF().
The documentation for this class was generated from the following files:- src/lib/kdf/hkdf/hkdf.h
- src/lib/kdf/hkdf/hkdf.cpp
1.15.0 Từ khóa » C Hkdf
-
Rfc6234/hkdf.c At Master - GitHub
-
Hkdf.c Source Code - HKDF (HMAC-based Key Derivation Function)
-
HKDF (HMAC-based Key Derivation Function) - ORYX EMBEDDED
-
Fs/crypto/hkdf.c - Linux Source Code (v5.19) - Elixir Bootlin
-
HKDF - Wikipedia
-
HKDF | Apple Developer Documentation
-
OpenSSL: Crypto/kdf/hkdf.c - Fossies
-
Key Derivation Functions — Cryptography 38.0.v1 Documentation
-
How To Implement HKDF With The Cryptographic Library - ST Wiki
-
HMAC-based Extract-then-expand Key Derivation Function (HKDF)
-
HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
-
Hkdf - : Rust Package Registry
-
Src/lib/kdf/hkdf/hkdf.cpp Source File - Botan