Block of functions related with HKDF utilities and operations. More...

#include "lib/crypt_ops/crypto_hkdf.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_openssl_mgt.h"
#include "lib/intmath/cmp.h"
#include "lib/log/util_bug.h"
#include <string.h>

Functions
int	crypto_expand_key_material_TAP (const uint8_t key_in, size_t key_in_len, uint8_t key_out, size_t key_out_len)

static int	crypto_expand_key_material_rfc5869_sha256_legacy (const uint8_t key_in, size_t key_in_len, const uint8_t salt_in, size_t salt_in_len, const uint8_t info_in, size_t info_in_len, uint8_t key_out, size_t key_out_len)

int	crypto_expand_key_material_rfc5869_sha256 (const uint8_t key_in, size_t key_in_len, const uint8_t salt_in, size_t salt_in_len, const uint8_t info_in, size_t info_in_len, uint8_t key_out, size_t key_out_len)

Detailed Description

Block of functions related with HKDF utilities and operations.

Definition in file crypto_hkdf.c.

Function Documentation

◆ crypto_expand_key_material_rfc5869_sha256()

int crypto_expand_key_material_rfc5869_sha256	(	const uint8_t *	key_in,
		size_t	key_in_len,
		const uint8_t *	salt_in,
		size_t	salt_in_len,
		const uint8_t *	info_in,
		size_t	info_in_len,
		uint8_t *	key_out,
		size_t	key_out_len )

Expand some secret key material according to RFC5869, using SHA256 as the underlying hash. The key_in_len bytes at key_in are the secret key material; the salt_in_len bytes at salt_in and the info_in_len bytes in info_in_len are the algorithm's "salt" and "info" parameters respectively. On success, write key_out_len bytes to key_out and return 0. Assert on failure.

Definition at line 176 of file crypto_hkdf.c.

Referenced by onion_skin_ntor_client_handshake(), onion_skin_ntor_server_handshake(), and secret_to_key_rfc2440().

◆ crypto_expand_key_material_rfc5869_sha256_legacy()

static int crypto_expand_key_material_rfc5869_sha256_legacy	(	const uint8_t *	key_in,
		size_t	key_in_len,
		const uint8_t *	salt_in,
		size_t	salt_in_len,
		const uint8_t *	info_in,
		size_t	info_in_len,
		uint8_t *	key_out,
		size_t	key_out_len )

static

Perform RFC5869 HKDF computation using our own legacy implementation. Only to be called from crypto_expand_key_material_rfc5869_sha256_openssl.

Definition at line 116 of file crypto_hkdf.c.

Referenced by crypto_expand_key_material_rfc5869_sha256().

◆ crypto_expand_key_material_TAP()

int crypto_expand_key_material_TAP	(	const uint8_t *	key_in,
		size_t	key_in_len,
		uint8_t *	key_out,
		size_t	key_out_len )

Given key_in_len bytes of negotiated randomness in key_in ("K"), expand it into key_out_len bytes of negotiated key material in key_out by taking the first key_out_len bytes of H(K | [00]) | H(K | [01]) | ....

This is the key expansion algorithm used in the "TAP" circuit extension mechanism; it shouldn't be used for new protocols.

Return 0 on success, -1 on failure.

Definition at line 40 of file crypto_hkdf.c.

Referenced by crypto_dh_compute_secret(), fast_client_handshake(), and fast_server_handshake().

Functions

Detailed Description

Function Documentation

◆ crypto_expand_key_material_rfc5869_sha256()

◆ crypto_expand_key_material_rfc5869_sha256_legacy()

◆ crypto_expand_key_material_TAP()