12805544433

Committed 16 Jan 2025 09:08AM UTC coverage: 90.876% (-0.4%) from 91.245%

Build # 12805544433

Build Type

Pull #4540

github

Committed by

web-flow

Commit Message

Merge cc1ceff51 into 9b798efbb

Pull Request Pull Request #4540: PKCS #11 Version 3.2 Support

Run Details

93425 of 102805 relevant lines covered (90.88%)

11409241.89 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

60.0

/src/lib/kdf/sp800_56a/sp800_56c_one_step.h

/*
* KDF defined in NIST SP 800-56a revision 2 (Single-step key-derivation function)
* or in NIST SP 800-56C revision 2 (Section 4 - One-Step KDM)
*
* (C) 2017 Ribose Inc. Written by Krzysztof Kwiatkowski.
* (C) 2024 Fabian Albert - Rohde & Schwarz Cybersecurity
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_SP800_56A_H_
#define BOTAN_SP800_56A_H_

#include <botan/hash.h>
#include <botan/kdf.h>
#include <botan/mac.h>

namespace Botan {

/**
 * NIST SP 800-56Cr2 One-Step KDF using hash function
 * @warning The salt for this KDF must be empty.
 */
class SP800_56C_One_Step_Hash final : public KDF {
   public:
      std::string name() const override;

      std::unique_ptr<KDF> new_object() const override;

      /**
      * @param hash the hash function to use as the auxiliary function
      */
      explicit SP800_56C_One_Step_Hash(std::unique_ptr<HashFunction> hash) : m_hash(std::move(hash)) {}

   private:
      /**
      * Derive a key using the SP800-56Cr2 One-Step KDF.
      *
      * @param key DerivedKeyingMaterial output buffer
      * @param secret shared secret Z
      * @param salt the salt. Ignored.
      * @param label FixedInfo
      *
      * @throws Invalid_Argument if key_len > (2^32 - 1) * Hash output bits.
      *         Or thrown if salt is non-empty
      */
      void perform_kdf(std::span<uint8_t> key,
                       std::span<const uint8_t> secret,
                       std::span<const uint8_t> salt,
                       std::span<const uint8_t> label) const override;

   private:
      std::unique_ptr<HashFunction> m_hash;
};

/**
 * NIST SP800-56Cr2 One-Step KDF using HMAC
 */
class SP800_56C_One_Step_HMAC final : public KDF {
   public:
      std::string name() const override;

      std::unique_ptr<KDF> new_object() const override;

      /**
      * @param mac the HMAC to use as the auxiliary function
      */
      explicit SP800_56C_One_Step_HMAC(std::unique_ptr<MessageAuthenticationCode> mac);

   private:
      /**
      * Derive a key using the SP800-56Cr2 One-Step KDF.
      *
      * @param key DerivedKeyingMaterial output buffer
      * @param secret shared secret Z
      * @param salt the salt. If empty the default_salt is used.
      * @param label FixedInfo
      *
      * @throws Invalid_Argument if key_len > (2^32 - 1) * HMAC output bits
      */
      void perform_kdf(std::span<uint8_t> key,
                       std::span<const uint8_t> secret,
                       std::span<const uint8_t> salt,
                       std::span<const uint8_t> label) const override;

   private:
      std::unique_ptr<MessageAuthenticationCode> m_mac;
};

/**
 * NIST SP800-56Cr2 One-Step KDF using KMAC (Abstract class)
 */
class SP800_56A_One_Step_KMAC_Abstract : public KDF {
   private:
      /**
      * Derive a key using the SP800-56Cr2 One-Step KDF.
      *
      * @param key DerivedKeyingMaterial output buffer
      * @param secret shared secret Z
      * @param salt the salt. If empty the default_salt is used.
      * @param label FixedInfo
      *
      * @throws Invalid_Argument if key_len > (2^32 - 1) * KMAC output bits
      */
      void perform_kdf(std::span<uint8_t> key,
                       std::span<const uint8_t> secret,
                       std::span<const uint8_t> salt,
                       std::span<const uint8_t> label) const final;

   protected:
      virtual std::unique_ptr<MessageAuthenticationCode> create_kmac_instance(size_t output_byte_len) const = 0;

      /// See SP800-56C Section 4.1 - Implementation-Dependent Parameters 3.
      virtual size_t default_salt_length() const = 0;
};

/**
 * NIST SP800-56Cr2 One-Step KDF using KMAC-128
 */
class SP800_56C_One_Step_KMAC128 final : public SP800_56A_One_Step_KMAC_Abstract {
   public:
      std::string name() const override { return "SP800-56A(KMAC-128)"; }

      std::unique_ptr<KDF> new_object() const override { return std::make_unique<SP800_56C_One_Step_KMAC128>(); }

   private:
      std::unique_ptr<MessageAuthenticationCode> create_kmac_instance(size_t output_byte_len) const override;

      size_t default_salt_length() const override { return 164; }
};

/**
 * NIST SP800-56Cr2 One-Step KDF using KMAC-256
 */
class SP800_56C_One_Step_KMAC256 final : public SP800_56A_One_Step_KMAC_Abstract {
   public:
      std::string name() const override { return "SP800-56A(KMAC-256)"; }

      std::unique_ptr<KDF> new_object() const override { return std::make_unique<SP800_56C_One_Step_KMAC256>(); }

   private:
      std::unique_ptr<MessageAuthenticationCode> create_kmac_instance(size_t output_byte_len) const override;

      size_t default_salt_length() const override { return 132; }
};

}  // namespace Botan

#endif

1	/*
2	* KDF defined in NIST SP 800-56a revision 2 (Single-step key-derivation function)
3	* or in NIST SP 800-56C revision 2 (Section 4 - One-Step KDM)
4	*
5	* (C) 2017 Ribose Inc. Written by Krzysztof Kwiatkowski.
6	* (C) 2024 Fabian Albert - Rohde & Schwarz Cybersecurity
7	*
8	* Botan is released under the Simplified BSD License (see license.txt)
9	*/
10
11	#ifndef BOTAN_SP800_56A_H_
12	#define BOTAN_SP800_56A_H_
13
14	#include <botan/hash.h>
15	#include <botan/kdf.h>
16	#include <botan/mac.h>
17
18	namespace Botan {
19
20	/**
21	* NIST SP 800-56Cr2 One-Step KDF using hash function
22	* @warning The salt for this KDF must be empty.
23	*/
24	class SP800_56C_One_Step_Hash final : public KDF {
25	public:
26	std::string name() const override;
27
28	std::unique_ptr<KDF> new_object() const override;
29
30	/**
31	* @param hash the hash function to use as the auxiliary function
32	*/
33	explicit SP800_56C_One_Step_Hash(std::unique_ptr<HashFunction> hash) : m_hash(std::move(hash)) {}	488✔
34
35	private:
36	/**
37	* Derive a key using the SP800-56Cr2 One-Step KDF.
38	*
39	* @param key DerivedKeyingMaterial output buffer
40	* @param secret shared secret Z
41	* @param salt the salt. Ignored.
42	* @param label FixedInfo
43	*
44	* @throws Invalid_Argument if key_len > (2^32 - 1) * Hash output bits.
45	* Or thrown if salt is non-empty
46	*/
47	void perform_kdf(std::span<uint8_t> key,
48	std::span<const uint8_t> secret,
49	std::span<const uint8_t> salt,
50	std::span<const uint8_t> label) const override;
51
52	private:
53	std::unique_ptr<HashFunction> m_hash;
54	};
55
56	/**
57	* NIST SP800-56Cr2 One-Step KDF using HMAC
58	*/
59	class SP800_56C_One_Step_HMAC final : public KDF {
60	public:
61	std::string name() const override;
62
63	std::unique_ptr<KDF> new_object() const override;
64
65	/**
66	* @param mac the HMAC to use as the auxiliary function
67	*/
68	explicit SP800_56C_One_Step_HMAC(std::unique_ptr<MessageAuthenticationCode> mac);
69
70	private:
71	/**
72	* Derive a key using the SP800-56Cr2 One-Step KDF.
73	*
74	* @param key DerivedKeyingMaterial output buffer
75	* @param secret shared secret Z
76	* @param salt the salt. If empty the default_salt is used.
77	* @param label FixedInfo
78	*
79	* @throws Invalid_Argument if key_len > (2^32 - 1) * HMAC output bits
80	*/
81	void perform_kdf(std::span<uint8_t> key,
82	std::span<const uint8_t> secret,
83	std::span<const uint8_t> salt,
84	std::span<const uint8_t> label) const override;
85
86	private:
87	std::unique_ptr<MessageAuthenticationCode> m_mac;
88	};
89
90	/**
91	* NIST SP800-56Cr2 One-Step KDF using KMAC (Abstract class)
92	*/
93	class SP800_56A_One_Step_KMAC_Abstract : public KDF {	18✔
94	private:
95	/**
96	* Derive a key using the SP800-56Cr2 One-Step KDF.
97	*
98	* @param key DerivedKeyingMaterial output buffer
99	* @param secret shared secret Z
100	* @param salt the salt. If empty the default_salt is used.
101	* @param label FixedInfo
102	*
103	* @throws Invalid_Argument if key_len > (2^32 - 1) * KMAC output bits
104	*/
105	void perform_kdf(std::span<uint8_t> key,
106	std::span<const uint8_t> secret,
107	std::span<const uint8_t> salt,
108	std::span<const uint8_t> label) const final;
109
110	protected:
111	virtual std::unique_ptr<MessageAuthenticationCode> create_kmac_instance(size_t output_byte_len) const = 0;
112
113	/// See SP800-56C Section 4.1 - Implementation-Dependent Parameters 3.
114	virtual size_t default_salt_length() const = 0;
115	};
116
117	/**
118	* NIST SP800-56Cr2 One-Step KDF using KMAC-128
119	*/
120	class SP800_56C_One_Step_KMAC128 final : public SP800_56A_One_Step_KMAC_Abstract {	18✔
121	public:
122	std::string name() const override { return "SP800-56A(KMAC-128)"; }	27✔
123
124	std::unique_ptr<KDF> new_object() const override { return std::make_unique<SP800_56C_One_Step_KMAC128>(); }	9✔
125
126	private:
127	std::unique_ptr<MessageAuthenticationCode> create_kmac_instance(size_t output_byte_len) const override;
128
129	size_t default_salt_length() const override { return 164; }	1✔
130	};
131
132	/**
133	* NIST SP800-56Cr2 One-Step KDF using KMAC-256
134	*/
135	class SP800_56C_One_Step_KMAC256 final : public SP800_56A_One_Step_KMAC_Abstract {	×
136	public:
137	std::string name() const override { return "SP800-56A(KMAC-256)"; }	×
138
139	std::unique_ptr<KDF> new_object() const override { return std::make_unique<SP800_56C_One_Step_KMAC256>(); }	×
140
141	private:
142	std::unique_ptr<MessageAuthenticationCode> create_kmac_instance(size_t output_byte_len) const override;
143
144	size_t default_salt_length() const override { return 132; }	×
145	};
146
147	} // namespace Botan
148
149	#endif

randombit / botan / 12805544433

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous