30 static std::string StaticAlgorithmName () {
31 const std::string name(std::string(
"HKDF(") +
32 std::string(T::StaticAlgorithmName()) + std::string(
")"));
38 return StaticAlgorithmName();
43 return static_cast<size_t>(T::DIGESTSIZE) * 255;
50 size_t DeriveKey(
byte *derived,
size_t derivedLen,
const byte *secret,
size_t secretLen,
73 size_t DeriveKey(
byte *derived,
size_t derivedLen,
const byte *secret,
size_t secretLen,
74 const byte *salt,
size_t saltLen,
const byte* info,
size_t infoLen)
const;
85 typedef byte NullVectorType[T::DIGESTSIZE];
86 static const NullVectorType& GetNullVector() {
87 static const NullVectorType s_NullVector = {0};
95 if (keylength > MaxDerivedKeyLength())
96 return MaxDerivedKeyLength();
102 const byte *secret,
size_t secretLen,
const NameValuePairs& params)
const
114 salt.
Assign(GetNullVector(), T::DIGESTSIZE);
119 info.
Assign(GetNullVector(), 0);
121 return DeriveKey(derived, derivedLen, secret, secretLen, salt.
begin(), salt.
size(), info.
begin(), info.
size());
126 const byte *salt,
size_t saltLen,
const byte* info,
size_t infoLen)
const
132 ThrowIfInvalidDerivedKeyLength(derivedLen);
137 salt = GetNullVector();
138 saltLen = T::DIGESTSIZE;
146 hmac.SetKey(salt, saltLen);
147 hmac.CalculateDigest(key, secret, secretLen);
150 hmac.SetKey(key.begin(), key.size());
154 while (derivedLen > 0)
156 if (block++) {hmac.Update(buffer, buffer.
size());}
157 if (infoLen) {hmac.Update(info, infoLen);}
158 hmac.CalculateDigest(buffer, &block, 1);
160#if CRYPTOPP_MSC_VERSION
161 const size_t digestSize =
static_cast<size_t>(T::DIGESTSIZE);
162 const size_t segmentLen =
STDMIN(derivedLen, digestSize);
163 memcpy_s(derived, segmentLen, buffer, segmentLen);
165 const size_t digestSize =
static_cast<size_t>(T::DIGESTSIZE);
166 const size_t segmentLen =
STDMIN(derivedLen, digestSize);
167 std::memcpy(derived, buffer, segmentLen);
170 derived += segmentLen;
171 derivedLen -= segmentLen;
Classes for working with NameValuePairs.
Interface for all crypto algorithms.
Used to pass byte array input as part of a NameValuePairs object.
const byte * begin() const
Pointer to the first byte in the memory block.
size_t size() const
Length of the memory block.
Extract-and-Expand Key Derivation Function (HKDF)
size_t DeriveKey(byte *derived, size_t derivedLen, const byte *secret, size_t secretLen, const NameValuePairs ¶ms) const
Derive a key from a seed.
size_t GetValidDerivedLength(size_t keylength) const
Returns a valid key length for the derivation function.
size_t MaxDerivedKeyLength() const
Determine maximum number of bytes.
std::string AlgorithmName() const
Provides the name of this algorithm.
Interface for key derivation functions.
Interface for retrieving values given their names.
bool GetValue(const char *name, T &value) const
Get a named value.
iterator begin()
Provides an iterator pointing to the first element in the memory block.
void Assign(const T *ptr, size_type len)
Set contents and size from an array.
size_type size() const
Provides the count of elements in the SecBlock.
Abstract base classes that provide a uniform interface to this library.
Classes for HMAC message authentication codes.
void memcpy_s(void *dest, size_t sizeInBytes, const void *src, size_t count)
Bounds checking replacement for memcpy()
const T & STDMIN(const T &a, const T &b)
Replacement function for std::min.
Crypto++ library namespace.
Classes and functions for secure memory allocations.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.