19671441278

Committed 25 Nov 2025 01:37PM UTC coverage: 90.358% (-0.3%) from 90.668%

Build # 19671441278

Build Type

Pull #4540

github

Committed by

web-flow

Commit Message

Merge 438f4f7dd into 222c91120

Pull Request Pull Request #4540: PKCS #11 Version 3.2 Support

Run Details

100942 of 111713 relevant lines covered (90.36%)

12822105.04 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

95.65

/src/lib/kdf/kdf2/kdf2.cpp

/*
* KDF2
* (C) 1999-2007 Jack Lloyd
* (C) 2024      René Meusel, Rohde & Schwarz Cybersecurity
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/internal/kdf2.h>

#include <botan/internal/bit_ops.h>
#include <botan/internal/fmt.h>
#include <botan/internal/stl_util.h>

namespace Botan {

std::string KDF2::name() const {
   return fmt("KDF2({})", m_hash->name());
}

std::unique_ptr<KDF> KDF2::new_object() const {
   return std::make_unique<KDF2>(m_hash->new_object());
}

void KDF2::perform_kdf(std::span<uint8_t> key,
                       std::span<const uint8_t> secret,
                       std::span<const uint8_t> salt,
                       std::span<const uint8_t> label) const {
   if(key.empty()) {
      return;
   }

   const size_t hash_output_length = m_hash->output_length();
   const auto blocks_required = ceil_division<uint64_t /* for 32bit systems */>(key.size(), hash_output_length);

   // This KDF uses a 32-bit counter for the hash blocks, initialized at 1.
   // It will wrap around after 2^32 - 1 iterations limiting the theoretically
   // possible output to 2^32 - 1 blocks.
   BOTAN_ARG_CHECK(blocks_required <= 0xFFFFFFFE, "KDF2 maximum output length exceeded");

   BufferStuffer k(key);
   for(uint32_t counter = 1; !k.full(); ++counter) {
      BOTAN_ASSERT_NOMSG(counter != 0);  // no overflow

      m_hash->update(secret);
      m_hash->update_be(counter);
      m_hash->update(label);
      m_hash->update(salt);

      // Write straight into the output buffer, except if the hash output needs
      // a truncation in the final iteration.
      if(k.remaining_capacity() >= hash_output_length) {
         m_hash->final(k.next(hash_output_length));
      } else {
         const auto h = m_hash->final();
         k.append(std::span{h}.first(k.remaining_capacity()));
      }
   }
}

}  // namespace Botan

1	/*
2	* KDF2
3	* (C) 1999-2007 Jack Lloyd
4	* (C) 2024 René Meusel, Rohde & Schwarz Cybersecurity
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include <botan/internal/kdf2.h>
10
11	#include <botan/internal/bit_ops.h>
12	#include <botan/internal/fmt.h>
13	#include <botan/internal/stl_util.h>
14
15	namespace Botan {
16
17	std::string KDF2::name() const {	240✔
18	return fmt("KDF2({})", m_hash->name());	240✔
19	}
20
21	std::unique_ptr<KDF> KDF2::new_object() const {	119✔
22	return std::make_unique<KDF2>(m_hash->new_object());	238✔
23	}
24
25	void KDF2::perform_kdf(std::span<uint8_t> key,	6,330✔
26	std::span<const uint8_t> secret,
27	std::span<const uint8_t> salt,
28	std::span<const uint8_t> label) const {
29	if(key.empty()) {	6,330✔
30	return;	×
31	}
32
33	const size_t hash_output_length = m_hash->output_length();	6,330✔
34	const auto blocks_required = ceil_division<uint64_t /* for 32bit systems */>(key.size(), hash_output_length);	6,330✔
35
36	// This KDF uses a 32-bit counter for the hash blocks, initialized at 1.
37	// It will wrap around after 2^32 - 1 iterations limiting the theoretically
38	// possible output to 2^32 - 1 blocks.
39	BOTAN_ARG_CHECK(blocks_required <= 0xFFFFFFFE, "KDF2 maximum output length exceeded");	6,330✔
40
41	BufferStuffer k(key);	6,330✔
42	for(uint32_t counter = 1; !k.full(); ++counter) {	19,025✔
43	BOTAN_ASSERT_NOMSG(counter != 0); // no overflow	12,695✔
44
45	m_hash->update(secret);	12,695✔
46	m_hash->update_be(counter);	12,695✔
47	m_hash->update(label);	12,695✔
48	m_hash->update(salt);	12,695✔
49
50	// Write straight into the output buffer, except if the hash output needs
51	// a truncation in the final iteration.
52	if(k.remaining_capacity() >= hash_output_length) {	12,695✔
53	m_hash->final(k.next(hash_output_length));	11,882✔
54	} else {
55	const auto h = m_hash->final();	813✔
56	k.append(std::span{h}.first(k.remaining_capacity()));	813✔
57	}	813✔
58	}
59	}	813✔
60
61	} // namespace Botan

randombit / botan / 19671441278

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous