summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--cipher/kdf.c167
-rw-r--r--src/gcrypt.h.in3
-rw-r--r--tests/t-kdf.c67
3 files changed, 227 insertions, 10 deletions
diff --git a/cipher/kdf.c b/cipher/kdf.c
index 01a28667..dc6aaeb7 100644
--- a/cipher/kdf.c
+++ b/cipher/kdf.c
@@ -1499,6 +1499,149 @@ onestep_kdf_close (onestep_kdf_ctx_t o)
xfree (o);
}
+typedef struct onestep_kdf_mac_context *onestep_kdf_mac_ctx_t;
+
+/* OneStep_KDF_MAC context */
+struct onestep_kdf_mac_context {
+ int algo;
+ gcry_mac_hd_t md;
+ unsigned int blklen;
+ unsigned int outlen;
+ const void *input;
+ size_t inputlen;
+ const void *salt;
+ size_t saltlen;
+ const void *fixedinfo;
+ size_t fixedinfolen;
+};
+
+static gpg_err_code_t
+onestep_kdf_mac_open (gcry_kdf_hd_t *hd, int macalgo,
+ const unsigned long *param, unsigned int paramlen,
+ const void *input, size_t inputlen,
+ const void *key, size_t keylen,
+ const void *fixedinfo, size_t fixedinfolen)
+{
+ gpg_err_code_t ec;
+ unsigned int outlen;
+ onestep_kdf_mac_ctx_t o;
+ size_t n;
+
+ if (paramlen != 1)
+ return GPG_ERR_INV_VALUE;
+ else
+ outlen = (unsigned int)param[0];
+
+ n = sizeof (struct onestep_kdf_mac_context);
+ o = xtrymalloc (n);
+ if (!o)
+ return gpg_err_code_from_errno (errno);
+
+ o->blklen = _gcry_mac_get_algo_maclen (macalgo);
+ if (!o->blklen)
+ {
+ xfree (o);
+ return GPG_ERR_MAC_ALGO;
+ }
+ ec = _gcry_mac_open (&o->md, macalgo, 0, NULL);
+ if (ec)
+ {
+ xfree (o);
+ return ec;
+ }
+ o->algo = GCRY_KDF_ONESTEP_KDF_MAC;
+ o->outlen = outlen;
+ o->input = input;
+ o->inputlen = inputlen;
+ o->salt = key;
+ o->saltlen = keylen;
+ o->fixedinfo = fixedinfo;
+ o->fixedinfolen = fixedinfolen;
+
+ *hd = (void *)o;
+ return 0;
+}
+
+
+static gpg_err_code_t
+onestep_kdf_mac_compute (onestep_kdf_mac_ctx_t o,
+ const struct gcry_kdf_thread_ops *ops)
+{
+ (void)o;
+
+ if (ops != NULL)
+ return GPG_ERR_INV_VALUE;
+
+ return 0;
+}
+
+static gpg_err_code_t
+onestep_kdf_mac_final (onestep_kdf_mac_ctx_t o, size_t resultlen, void *result)
+{
+ u32 counter = 0;
+ unsigned char cnt[4];
+ int i;
+ gcry_err_code_t ec;
+ size_t len = o->blklen;
+
+ if (resultlen != o->outlen)
+ return GPG_ERR_INV_VALUE;
+
+ ec = _gcry_mac_setkey (o->md, o->salt, o->saltlen);
+ if (ec)
+ return ec;
+
+ for (i = 0; i < o->outlen / o->blklen; i++)
+ {
+ counter++;
+ buf_put_be32 (cnt, counter);
+ ec = _gcry_mac_write (o->md, cnt, sizeof (cnt));
+ if (ec)
+ return ec;
+ ec = _gcry_mac_write (o->md, o->input, o->inputlen);
+ if (ec)
+ return ec;
+ ec = _gcry_mac_write (o->md, o->fixedinfo, o->fixedinfolen);
+ if (ec)
+ return ec;
+ ec = _gcry_mac_read (o->md, (char *)result + o->blklen * i, &len);
+ if (ec)
+ return ec;
+ resultlen -= o->blklen;
+ ec = _gcry_mac_ctl (o->md, GCRYCTL_RESET, NULL, 0);
+ if (ec)
+ return ec;
+ }
+
+ if (resultlen)
+ {
+ counter++;
+ len = resultlen;
+ buf_put_be32 (cnt, counter);
+ ec = _gcry_mac_write (o->md, cnt, sizeof (cnt));
+ if (ec)
+ return ec;
+ ec = _gcry_mac_write (o->md, o->input, o->inputlen);
+ if (ec)
+ return ec;
+ ec =_gcry_mac_write (o->md, o->fixedinfo, o->fixedinfolen);
+ if (ec)
+ return ec;
+ ec = _gcry_mac_read (o->md, (char *)result + o->blklen * i, &len);
+ if (ec)
+ return ec;
+ }
+
+ return 0;
+}
+
+static void
+onestep_kdf_mac_close (onestep_kdf_mac_ctx_t o)
+{
+ _gcry_mac_close (o->md);
+ xfree (o);
+}
+
struct gcry_kdf_handle {
int algo;
/* And algo specific parts come. */
@@ -1549,6 +1692,17 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int subalgo,
}
break;
+ case GCRY_KDF_ONESTEP_KDF_MAC:
+ if (!inputlen || !paramlen || !keylen || !adlen)
+ ec = GPG_ERR_INV_VALUE;
+ else
+ {
+ (void)salt;
+ ec = onestep_kdf_mac_open (hd, subalgo, param, paramlen,
+ input, inputlen, key, keylen, ad, adlen);
+ }
+ break;
+
default:
ec = GPG_ERR_UNKNOWN_ALGORITHM;
break;
@@ -1576,6 +1730,10 @@ _gcry_kdf_compute (gcry_kdf_hd_t h, const struct gcry_kdf_thread_ops *ops)
ec = onestep_kdf_compute ((onestep_kdf_ctx_t)(void *)h, ops);
break;
+ case GCRY_KDF_ONESTEP_KDF_MAC:
+ ec = onestep_kdf_mac_compute ((onestep_kdf_mac_ctx_t)(void *)h, ops);
+ break;
+
default:
ec = GPG_ERR_UNKNOWN_ALGORITHM;
break;
@@ -1604,6 +1762,11 @@ _gcry_kdf_final (gcry_kdf_hd_t h, size_t resultlen, void *result)
ec = onestep_kdf_final ((onestep_kdf_ctx_t)(void *)h, resultlen, result);
break;
+ case GCRY_KDF_ONESTEP_KDF_MAC:
+ ec = onestep_kdf_mac_final ((onestep_kdf_mac_ctx_t)(void *)h,
+ resultlen, result);
+ break;
+
default:
ec = GPG_ERR_UNKNOWN_ALGORITHM;
break;
@@ -1629,6 +1792,10 @@ _gcry_kdf_close (gcry_kdf_hd_t h)
onestep_kdf_close ((onestep_kdf_ctx_t)(void *)h);
break;
+ case GCRY_KDF_ONESTEP_KDF_MAC:
+ onestep_kdf_mac_close ((onestep_kdf_mac_ctx_t)(void *)h);
+ break;
+
default:
break;
}
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
index 5879acaf..809848b7 100644
--- a/src/gcrypt.h.in
+++ b/src/gcrypt.h.in
@@ -1602,8 +1602,7 @@ enum gcry_kdf_algos
* "One-Step Key Derivation".
*/
GCRY_KDF_ONESTEP_KDF = 96, /* One-Step Key Derivation with hash */
- /* One-Step Key Derivation with HMAC */
- /* One-Step Key Derivation with KMAC */
+ GCRY_KDF_ONESTEP_KDF_MAC = 97, /* One-Step Key Derivation with MAC */
/* Two-Step Key Derivation with HMAC */
/* Two-Step Key Derivation with CMAC */
/* KDF PRF in SP 800-108r1 */
diff --git a/tests/t-kdf.c b/tests/t-kdf.c
index 49116d20..d10a0e34 100644
--- a/tests/t-kdf.c
+++ b/tests/t-kdf.c
@@ -1607,9 +1607,9 @@ static void
check_onestep_kdf (void)
{
gcry_error_t err;
- const unsigned long param[2] = { 38, 68 };
+ const unsigned long param[4] = { 38, 68, 44, 56 };
unsigned char out[68];
- unsigned char input[2][16] = {
+ const unsigned char input[4][16] = {
{
0x3f, 0x89, 0x2b, 0xd8, 0xb8, 0x4d, 0xae, 0x64,
0xa7, 0x82, 0xa3, 0x5f, 0x6e, 0xaa, 0x8f, 0x00
@@ -1617,9 +1617,17 @@ check_onestep_kdf (void)
{
0xe6, 0x5b, 0x19, 0x05, 0x87, 0x8b, 0x95, 0xf6,
0x8b, 0x55, 0x35, 0xbd, 0x3b, 0x2b, 0x10, 0x13
+ },
+ {
+ 0x02, 0xb4, 0x0d, 0x33, 0xe3, 0xf6, 0x85, 0xae,
+ 0xae, 0x67, 0x7a, 0xc3, 0x44, 0xee, 0xaf, 0x77
+ },
+ {
+ 0x8e, 0x5c, 0xd5, 0xf6, 0xae, 0x55, 0x8f, 0xfa,
+ 0x04, 0xcd, 0xa2, 0xfa, 0xd9, 0x4d, 0xd6, 0x16
}
};
- unsigned char other[2][12] = {
+ const unsigned char other[4][12] = {
{
0xec, 0x3f, 0x1c, 0xd8, 0x73, 0xd2, 0x88, 0x58,
0xa5, 0x8c, 0xc3, 0x9e
@@ -1627,9 +1635,28 @@ check_onestep_kdf (void)
{
0x83, 0x02, 0x21, 0xb1, 0x73, 0x0d, 0x91, 0x76,
0xf8, 0x07, 0xd4, 0x07
+ },
+ {
+ 0xc6, 0x7c, 0x38, 0x95, 0x80, 0x12, 0x8f, 0x18,
+ 0xf6, 0xcf, 0x85, 0x92
+ },
+ {
+ 0x4a, 0x43, 0x30, 0x18, 0xe5, 0x1c, 0x09, 0xbb,
+ 0xd6, 0x13, 0x26, 0xbb
}
};
- unsigned char expected[2][68] = {
+ const unsigned char key0[16] = {
+ 0x0a, 0xd5, 0x2c, 0x93, 0x57, 0xc8, 0x5e, 0x47,
+ 0x81, 0x29, 0x6a, 0x36, 0xca, 0x72, 0x03, 0x9c
+ };
+ const unsigned char key1[16] = {
+ 0x6e, 0xd9, 0x3b, 0x6f, 0xe5, 0xb3, 0x50, 0x2b,
+ 0xb4, 0x2b, 0x4c, 0x0f, 0xcb, 0x13, 0x36, 0x62
+ };
+ const unsigned char *key[4] = {
+ NULL, NULL, key0, key1
+ };
+ const unsigned char expected[4][68] = {
{
0xa7, 0xc0, 0x66, 0x52, 0x98, 0x25, 0x25, 0x31,
0xe0, 0xdb, 0x37, 0x73, 0x7a, 0x37, 0x46, 0x51,
@@ -1648,9 +1675,29 @@ check_onestep_kdf (void)
0x54, 0xb2, 0x38, 0x9e, 0x06, 0xec, 0x00, 0xfe,
0x31, 0x8c, 0xab, 0xd9
},
+ {
+ 0xbe, 0x32, 0xe7, 0xd3, 0x06, 0xd8, 0x91, 0x02,
+ 0x8b, 0xe0, 0x88, 0xf2, 0x13, 0xf9, 0xf9, 0x47,
+ 0xc5, 0x04, 0x20, 0xd9, 0xb5, 0xa1, 0x2c, 0xa6,
+ 0x98, 0x18, 0xdd, 0x99, 0x95, 0xde, 0xdd, 0x8e,
+ 0x61, 0x37, 0xc7, 0x10, 0x4d, 0x67, 0xf2, 0xca,
+ 0x90, 0x91, 0x5d, 0xda
+ },
+ {
+ 0x29, 0x5d, 0xfb, 0xeb, 0x54, 0xec, 0x0f, 0xe2,
+ 0x4e, 0xce, 0x32, 0xf5, 0xb8, 0x7c, 0x85, 0x3e,
+ 0x69, 0x9a, 0x62, 0xe3, 0x9d, 0x9c, 0x9e, 0xe6,
+ 0xee, 0x78, 0xf8, 0xb9, 0xa0, 0xee, 0x50, 0xa3,
+ 0x6a, 0x82, 0xe6, 0x06, 0x2c, 0x95, 0xed, 0x53,
+ 0xbc, 0x36, 0x67, 0x00, 0xe2, 0xd0, 0xe0, 0x93,
+ 0xbf, 0x75, 0x2e, 0xea, 0x42, 0x99, 0x47, 0x2e
+ }
};
int i;
- int hashalgo[2] = { GCRY_MD_SHA256, GCRY_MD_SHA512 };
+ int algo[4] = {
+ GCRY_MD_SHA256, GCRY_MD_SHA512,
+ GCRY_MAC_HMAC_SHA256, GCRY_MAC_HMAC_SHA512,
+ };
int count = 0;
again:
@@ -1659,8 +1706,12 @@ check_onestep_kdf (void)
fprintf (stderr, "checking OneStepKDF test vector %d\n", count);
err = my_kdf_derive (0,
- GCRY_KDF_ONESTEP_KDF, hashalgo[count], &param[count], 1,
- input[count], 16, NULL, 0, NULL, 0,
+ count < 2 ? GCRY_KDF_ONESTEP_KDF
+ : GCRY_KDF_ONESTEP_KDF_MAC,
+ algo[count], &param[count], 1,
+ input[count], 16, NULL, 0,
+ key[count],
+ key[count] == NULL? 0 : 16,
other[count], 12,
param[count], out);
if (err)
@@ -1676,7 +1727,7 @@ check_onestep_kdf (void)
/* Next test vector */
count++;
- if (count < 2)
+ if (count < 4)
goto again;
}
View Lorry Controller Status