diff options
author | Nils Durner <durner@gnunet.org> | 2010-10-03 13:29:09 +0000 |
---|---|---|
committer | Nils Durner <durner@gnunet.org> | 2010-10-03 13:29:09 +0000 |
commit | 9d9853441df5b565f6932fcf7fbb156b2d929392 (patch) | |
tree | 87d09554c804030a48fe33e46206c91dc312bf12 /src/util/crypto_kdf.c | |
parent | b7c95147188502651e4cb2b60c7062137f73e878 (diff) | |
download | gnunet-9d9853441df5b565f6932fcf7fbb156b2d929392.tar.gz gnunet-9d9853441df5b565f6932fcf7fbb156b2d929392.zip |
KDF code
Diffstat (limited to 'src/util/crypto_kdf.c')
-rw-r--r-- | src/util/crypto_kdf.c | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c new file mode 100644 index 000000000..785603c8c --- /dev/null +++ b/src/util/crypto_kdf.c | |||
@@ -0,0 +1,88 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | (C) 2010 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 2, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file src/util/crypto_kdf.c | ||
23 | * @brief Key derivation | ||
24 | * @author Nils Durner | ||
25 | */ | ||
26 | |||
27 | #include <gcrypt.h> | ||
28 | |||
29 | #include "platform.h" | ||
30 | #include "gnunet_crypto_lib.h" | ||
31 | |||
32 | /** | ||
33 | * @brief Derive key | ||
34 | * @param result buffer for the derived key, allocated by caller | ||
35 | * @param out_len desired length of the derived key | ||
36 | * @param xts salt | ||
37 | * @param xts_len length of xts | ||
38 | * @param skm source key material | ||
39 | * @param skm_len length of skm | ||
40 | * @param argp va_list of void * & size_t pairs for context chunks | ||
41 | * @return GNUNET_YES on success | ||
42 | */ | ||
43 | int | ||
44 | GNUNET_CRYPTO_kdf_v (void *result, const unsigned long long out_len, | ||
45 | const void *xts, const size_t xts_len, const void *skm, | ||
46 | const size_t skm_len, va_list argp) | ||
47 | { | ||
48 | /* | ||
49 | "Finally, we point out to a particularly advantageous instantiation using | ||
50 | HMAC-SHA512 as XTR and HMAC-SHA256 in PRF* (in which case the output from SHA-512 is | ||
51 | truncated to 256 bits). This makes sense in two ways: First, the extraction part is where we need a | ||
52 | stronger hash function due to the unconventional demand from the hash function in the extraction | ||
53 | setting. Second, as shown in Section 6, using HMAC with a truncated output as an extractor | ||
54 | allows to prove the security of HKDF under considerably weaker assumptions on the underlying | ||
55 | hash function." | ||
56 | |||
57 | http://eprint.iacr.org/2010/264 | ||
58 | */ | ||
59 | |||
60 | return GNUNET_CRYPTO_hkdf_v (result, out_len, GCRY_MD_SHA512, GCRY_MD_SHA256, | ||
61 | xts, xts_len, skm, skm_len, argp); | ||
62 | } | ||
63 | |||
64 | /** | ||
65 | * @brief Derive key | ||
66 | * @param result buffer for the derived key, allocated by caller | ||
67 | * @param out_len desired length of the derived key | ||
68 | * @param xts salt | ||
69 | * @param xts_len length of xts | ||
70 | * @param skm source key material | ||
71 | * @param skm_len length of skm | ||
72 | * @param ... void * & size_t pairs for context chunks | ||
73 | * @return GNUNET_YES on success | ||
74 | */ | ||
75 | int | ||
76 | GNUNET_CRYPTO_kdf (void *result, const unsigned long long out_len, | ||
77 | const void *xts, const size_t xts_len, const void *skm, | ||
78 | const size_t skm_len, ...) | ||
79 | { | ||
80 | va_list argp; | ||
81 | int ret; | ||
82 | |||
83 | va_start(argp, skm_len); | ||
84 | ret = GNUNET_CRYPTO_kdf_v (result, out_len, xts, xts_len, skm, skm_len, argp); | ||
85 | va_end(argp); | ||
86 | |||
87 | return ret; | ||
88 | } | ||