crypto_hkdf.c File Reference

Hash-based KDF as defined in RFC 5869. More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "benchmark.h"
#include <gcrypt.h>

Include dependency graph for crypto_hkdf.c:

Go to the source code of this file.

Macros
#define	LOG(kind, ...)   GNUNET_log_from (kind, "util-crypto-hkdf", __VA_ARGS__)
#define	GNUNET_BUILD   1
	Set this to 0 if you compile this code outside of GNUnet. More...
#define	DEBUG_HKDF   0
	Enable debugging. More...

Functions
static const void *	doHMAC (gcry_md_hd_t mac, const void *key, size_t key_len, const void *buf, size_t buf_len)
	Compute the HMAC. More...
static enum GNUNET_GenericReturnValue	getPRK (gcry_md_hd_t mac, const void *xts, size_t xts_len, const void *skm, size_t skm_len, void *prk)
	Generate pseudo-random key. More...
enum GNUNET_GenericReturnValue	GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len, va_list argp)
	Derive key. More...
enum GNUNET_GenericReturnValue	GNUNET_CRYPTO_hkdf (void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
	Derive key. More...

Detailed Description

Hash-based KDF as defined in RFC 5869.

See also

http://www.rfc-editor.org/rfc/rfc5869.txt

Todo:

remove GNUNET references

Author

Nils Durner

The following list of people have reviewed this code and considered it correct on the date given (if you reviewed it, please have your name added to the list):

• Christian Grothoff (08.10.2010)
• Nathan Evans (08.10.2010)
• Matthias Wachs (08.10.2010)

Definition in file crypto_hkdf.c.

Macro Definition Documentation

LOG

#define LOG	(		kind,
			...
	)		GNUNET_log_from (kind, "util-crypto-hkdf", __VA_ARGS__)

Definition at line 39 of file crypto_hkdf.c.

GNUNET_BUILD

#define GNUNET_BUILD   1

Set this to 0 if you compile this code outside of GNUnet.

Definition at line 44 of file crypto_hkdf.c.

DEBUG_HKDF

#define DEBUG_HKDF   0

Enable debugging.

Definition at line 49 of file crypto_hkdf.c.

Function Documentation

doHMAC()

static const void* doHMAC ( gcry_md_hd_t  mac, const void *  key, size_t  key_len, const void *  buf, size_t  buf_len  )

static

Compute the HMAC.

Todo:

use chunked buffers

Parameters

mac	gcrypt MAC handle
key	HMAC key
key_len	length of key
buf	message to be processed
buf_len	length of buf

Returns

HMAC, freed by caller via gcry_md_close/_reset

Definition at line 78 of file crypto_hkdf.c.

{
  if (GPG_ERR_NO_ERROR !=
      gcry_md_setkey (mac, key, key_len))
  {
    GNUNET_break (0);
    return NULL;
  }
  gcry_md_write (mac,
                 buf,
                 buf_len);
  return (const void *) gcry_md_read (mac, 0);
}

getPRK()

static enum GNUNET_GenericReturnValue getPRK ( gcry_md_hd_t  mac, const void *  xts, size_t  xts_len, const void *  skm, size_t  skm_len, void *  prk  )

static

Generate pseudo-random key.

Parameters

mac	gcrypt HMAC handle
xts	salt
xts_len	length of the xts salt
skm	source key material
skm_len	length of skm
prk	result buffer (allocated by caller; at least gcry_md_dlen() bytes)

Returns

GNUNET_YES on success

Definition at line 78 of file crypto_hkdf.c.

{
  const void *ret;
  size_t dlen;
 
  dlen = gcry_md_get_algo_dlen (gcry_md_get_algo (mac));
 
  /* sanity check to bound stack allocation */
  GNUNET_assert (dlen <= 512);
 
  /* From RFC 5869:
   * salt - optional salt value (a non-secret random value);
   * if not provided, it is set to a string of HashLen zeros. */
 
  if (0 == xts_len)
  {
    char zero_salt[dlen];
 
    memset (zero_salt, 0, dlen);
    ret = doHMAC (mac, zero_salt, dlen, skm, skm_len);
  }
  else
  {
    ret = doHMAC (mac, xts, xts_len, skm, skm_len);
  }
  if (NULL == ret)
    return GNUNET_SYSERR;
  GNUNET_memcpy (prk,
                 ret,
                 dlen);
  return GNUNET_YES;
}