crypto_hkdf.c File Reference

#include "sodium/utils.h"
#include <stdio.h>
#include "platform.h"
#include "gnunet_common.h"
#include "gnunet_util_lib.h"
#include "sodium/crypto_auth_hmacsha256.h"

Include dependency graph for crypto_hkdf.c:

Go to the source code of this file.

Macros
#define	LOG(kind, ...)   GNUNET_log_from (kind, "util-crypto-hkdf", __VA_ARGS__)

Functions
static enum GNUNET_GenericReturnValue	hkdf_expand_fixed (void *result, size_t out_len, const unsigned char *prk, size_t prk_len, size_t hkdf_args_len, const struct GNUNET_CRYPTO_KdfInputArgument *hkdf_args)
enum GNUNET_GenericReturnValue	GNUNET_CRYPTO_hkdf_gnunet_v (void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len, size_t hkdf_args_len, const struct GNUNET_CRYPTO_KdfInputArgument hkdf_args[hkdf_args_len])
enum GNUNET_GenericReturnValue	GNUNET_CRYPTO_hkdf_expand_v (void *result, size_t out_len, const struct GNUNET_ShortHashCode *prk, size_t hkdf_args_len, const struct GNUNET_CRYPTO_KdfInputArgument hkdf_args[hkdf_args_len])
enum GNUNET_GenericReturnValue	GNUNET_CRYPTO_hkdf_extract (struct GNUNET_ShortHashCode *prk, const void *xts, size_t xts_len, const void *skm, size_t skm_len)
	HKDF-Extract using SHA256.

Macro Definition Documentation

LOG

#define LOG	(		kind,
			...
	)		GNUNET_log_from (kind, "util-crypto-hkdf", __VA_ARGS__)

Definition at line 41 of file crypto_hkdf.c.

Function Documentation

hkdf_expand_fixed()

static enum GNUNET_GenericReturnValue hkdf_expand_fixed ( void *  result, size_t  out_len, const unsigned char *  prk, size_t  prk_len, size_t  hkdf_args_len, const struct GNUNET_CRYPTO_KdfInputArgument *  hkdf_args  )

static

Definition at line 50 of file crypto_hkdf.c.

{
  unsigned char *outbuf = (unsigned char*) result;
  size_t i;
  size_t ctx_len;
 
  if (out_len > (0xff * crypto_auth_hmacsha256_BYTES))
    return GNUNET_SYSERR;
 
  ctx_len = 0;
  for (i = 0; i < hkdf_args_len; i++)
  {
    size_t nxt = hkdf_args[i].data_length;
    if (nxt + ctx_len < nxt)
    {
      /* integer overflow */
      GNUNET_break (0);
      return GNUNET_SYSERR;
    }
    ctx_len += nxt;
  }
 
  if ( (crypto_auth_hmacsha256_BYTES + ctx_len < ctx_len) ||
       (crypto_auth_hmacsha256_BYTES + ctx_len + 1 < ctx_len) )
  {
    /* integer overflow */
    GNUNET_break (0);
    return GNUNET_SYSERR;
  }
 
  memset (result, 0, out_len);
 
  {
    size_t left = out_len;
    unsigned char tmp[crypto_auth_hmacsha256_BYTES];
    unsigned char ctx[ctx_len];
    unsigned char *dst = ctx;
    crypto_auth_hmacsha256_state st;
    unsigned char counter = 1U;
 
    sodium_memzero (ctx, sizeof ctx);
    for (i = 0; i < hkdf_args_len; i++)
    {
      GNUNET_memcpy (dst, hkdf_args[i].data, hkdf_args[i].data_length);
      dst += hkdf_args[i].data_length;
    }
 
    for (i = 0; left > 0; i += crypto_auth_hmacsha256_BYTES)
    {
      crypto_auth_hmacsha256_init (&st, prk, prk_len);
      if (0 != i)
      {
        crypto_auth_hmacsha256_update (&st,
                                       &outbuf[i - crypto_auth_hmacsha256_BYTES]
                                       ,
                                       crypto_auth_hmacsha256_BYTES);
      }
      crypto_auth_hmacsha256_update (&st, ctx, ctx_len);
      crypto_auth_hmacsha256_update (&st, &counter, 1);
      if (left >= crypto_auth_hmacsha256_BYTES)
      {
        crypto_auth_hmacsha256_final (&st, &outbuf[i]);
        left -= crypto_auth_hmacsha256_BYTES;
      }
      else
      {
        crypto_auth_hmacsha256_final (&st, tmp);
        memcpy (&outbuf[i], tmp, left);
        sodium_memzero (tmp, sizeof tmp);
        left = 0;
      }
      counter++;
    }
    sodium_memzero (&st, sizeof st);
  }
  return GNUNET_YES;
}

References ctx, data, GNUNET_CRYPTO_KdfInputArgument::data_length, GNUNET_break, GNUNET_memcpy, GNUNET_SYSERR, GNUNET_YES, result, and st.

Referenced by GNUNET_CRYPTO_hkdf_expand_v(), and GNUNET_CRYPTO_hkdf_gnunet_v().

Here is the caller graph for this function:

GNUNET_CRYPTO_hkdf_gnunet_v()

enum GNUNET_GenericReturnValue GNUNET_CRYPTO_hkdf_gnunet_v	(	void *	result,
		size_t	out_len,
		const void *	xts,
		size_t	xts_len,
		const void *	skm,
		size_t	skm_len,
		size_t	hkdf_args_len,
		const struct GNUNET_CRYPTO_KdfInputArgument	hkdf_args[hkdf_args_len]
	)

Definition at line 135 of file crypto_hkdf.c.

{
  unsigned char prk[crypto_auth_hmacsha512_BYTES];
  crypto_auth_hmacsha512_state st;
 
  memset (result, 0, out_len);
  if (crypto_auth_hmacsha512_init (&st, xts, xts_len))
    return GNUNET_SYSERR;
  if (crypto_auth_hmacsha512_update (&st, skm, skm_len))
    return GNUNET_SYSERR;
  crypto_auth_hmacsha512_final (&st, (unsigned char*) prk);
  sodium_memzero (&st, sizeof st);
 
  return hkdf_expand_fixed (result, out_len,
                            prk,
                            sizeof prk,
                            hkdf_args_len,
                            hkdf_args);
}

References GNUNET_SYSERR, hkdf_expand_fixed(), result, and st.

Here is the call graph for this function:

GNUNET_CRYPTO_hkdf_expand_v()

enum GNUNET_GenericReturnValue GNUNET_CRYPTO_hkdf_expand_v	(	void *	result,
		size_t	out_len,
		const struct GNUNET_ShortHashCode *	prk,
		size_t	hkdf_args_len,
		const struct GNUNET_CRYPTO_KdfInputArgument	hkdf_args[hkdf_args_len]
	)

Definition at line 166 of file crypto_hkdf.c.

{
  return hkdf_expand_fixed (result, out_len,
                            (unsigned char*) prk, sizeof *prk,
                            hkdf_args_len,
                            hkdf_args);
}

References hkdf_expand_fixed(), and result.

Here is the call graph for this function: