GNUnet 0.21.1
crypto_hkdf.c File Reference
#include "platform.h"
#include "gnunet_util_lib.h"
#include "benchmark.h"
#include <gcrypt.h>
Include dependency graph for crypto_hkdf.c:

Go to the source code of this file.

Macros

#define LOG(kind, ...)   GNUNET_log_from (kind, "util-crypto-hkdf", __VA_ARGS__)
 
#define GNUNET_BUILD   1
 Set this to 0 if you compile this code outside of GNUnet. More...
 
#define DEBUG_HKDF   0
 Enable debugging. More...
 

Functions

static const void * doHMAC (gcry_md_hd_t mac, const void *key, size_t key_len, const void *buf, size_t buf_len)
 Compute the HMAC. More...
 
static enum GNUNET_GenericReturnValue getPRK (gcry_md_hd_t mac, const void *xts, size_t xts_len, const void *skm, size_t skm_len, void *prk)
 Generate pseudo-random key. More...
 
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len, va_list argp)
 Derive key. More...
 
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_hkdf (void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
 Derive key. More...
 

Macro Definition Documentation

◆ LOG

#define LOG (   kind,
  ... 
)    GNUNET_log_from (kind, "util-crypto-hkdf", __VA_ARGS__)

Definition at line 39 of file crypto_hkdf.c.

◆ GNUNET_BUILD

#define GNUNET_BUILD   1

Set this to 0 if you compile this code outside of GNUnet.

Definition at line 44 of file crypto_hkdf.c.

◆ DEBUG_HKDF

#define DEBUG_HKDF   0

Enable debugging.

Definition at line 49 of file crypto_hkdf.c.

Function Documentation

◆ doHMAC()

static const void * doHMAC ( gcry_md_hd_t  mac,
const void *  key,
size_t  key_len,
const void *  buf,
size_t  buf_len 
)
static

Compute the HMAC.

Todo:
use chunked buffers
Parameters
macgcrypt MAC handle
keyHMAC key
key_lenlength of key
bufmessage to be processed
buf_lenlength of buf
Returns
HMAC, freed by caller via gcry_md_close/_reset

Definition at line 78 of file crypto_hkdf.c.

83{
84 if (GPG_ERR_NO_ERROR !=
85 gcry_md_setkey (mac, key, key_len))
86 {
87 GNUNET_break (0);
88 return NULL;
89 }
90 gcry_md_write (mac,
91 buf,
92 buf_len);
93 return (const void *) gcry_md_read (mac, 0);
94}
struct GNUNET_HashCode key
The key used in the DHT.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.

References GNUNET_break, and key.

Referenced by getPRK(), and GNUNET_CRYPTO_hkdf_v().

Here is the caller graph for this function:

◆ getPRK()

static enum GNUNET_GenericReturnValue getPRK ( gcry_md_hd_t  mac,
const void *  xts,
size_t  xts_len,
const void *  skm,
size_t  skm_len,
void *  prk 
)
static

Generate pseudo-random key.

Parameters
macgcrypt HMAC handle
xtssalt
xts_lenlength of the xts salt
skmsource key material
skm_lenlength of skm
prkresult buffer (allocated by caller; at least gcry_md_dlen() bytes)
Returns
GNUNET_YES on success

Definition at line 108 of file crypto_hkdf.c.

114{
115 const void *ret;
116 size_t dlen;
117
118 dlen = gcry_md_get_algo_dlen (gcry_md_get_algo (mac));
119
120 /* sanity check to bound stack allocation */
121 GNUNET_assert (dlen <= 512);
122
123 /* From RFC 5869:
124 * salt - optional salt value (a non-secret random value);
125 * if not provided, it is set to a string of HashLen zeros. */
126
127 if (0 == xts_len)
128 {
129 char zero_salt[dlen];
130
131 memset (zero_salt, 0, dlen);
132 ret = doHMAC (mac, zero_salt, dlen, skm, skm_len);
133 }
134 else
135 {
136 ret = doHMAC (mac, xts, xts_len, skm, skm_len);
137 }
138 if (NULL == ret)
139 return GNUNET_SYSERR;
140 GNUNET_memcpy (prk,
141 ret,
142 dlen);
143 return GNUNET_YES;
144}
static const void * doHMAC(gcry_md_hd_t mac, const void *key, size_t key_len, const void *buf, size_t buf_len)
Compute the HMAC.
Definition: crypto_hkdf.c:78
static int ret
Final status code.
Definition: gnunet-arm.c:94
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
@ GNUNET_YES
@ GNUNET_SYSERR
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.

References doHMAC(), GNUNET_assert, GNUNET_memcpy, GNUNET_SYSERR, GNUNET_YES, and ret.

Referenced by GNUNET_CRYPTO_hkdf_v().

Here is the call graph for this function:
Here is the caller graph for this function: