123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 |
- /* kdf.h
- *
- * Copyright (C) 2006-2022 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- /*!
- \file wolfssl/wolfcrypt/kdf.h
- */
- #ifndef NO_KDF
- #ifndef WOLF_CRYPT_KDF_H
- #define WOLF_CRYPT_KDF_H
- #if defined(HAVE_FIPS) && \
- defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
- #include <wolfssl/wolfcrypt/fips.h>
- #endif
- #include <wolfssl/wolfcrypt/hmac.h>
- #ifdef __cplusplus
- extern "C" {
- #endif
- enum max_prf {
- #ifdef HAVE_FFDHE_8192
- MAX_PRF_HALF = 516, /* Maximum half secret len */
- #elif defined(HAVE_FFDHE_6144)
- MAX_PRF_HALF = 388, /* Maximum half secret len */
- #else
- MAX_PRF_HALF = 260, /* Maximum half secret len */
- #endif
- MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
- MAX_PRF_DIG = 224 /* Maximum digest len */
- };
- #ifdef WOLFSSL_HAVE_PRF
- WOLFSSL_API int wc_PRF(byte* result, word32 resLen, const byte* secret,
- word32 secLen, const byte* seed, word32 seedLen, int hash,
- void* heap, int devId);
- WOLFSSL_API int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret,
- word32 secLen, const byte* label, word32 labLen,
- const byte* seed, word32 seedLen, void* heap, int devId);
- WOLFSSL_API int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret,
- word32 secLen, const byte* label, word32 labLen,
- const byte* seed, word32 seedLen, int useAtLeastSha256,
- int hash_type, void* heap, int devId);
- #endif /* WOLFSSL_HAVE_PRF */
- #ifdef HAVE_HKDF
- enum {
- /*
- MAX_HKDF_LABEL_SZ = OPAQUE16_LEN +
- OPAQUE8_LEN + PROTOCOL_LABEL_SZ + MAX_LABEL_SZ +
- OPAQUE8_LEN + WC_MAX_DIGEST_SIZE
- */
- MAX_TLS13_HKDF_LABEL_SZ = 47 + WC_MAX_DIGEST_SIZE
- };
- WOLFSSL_API int wc_Tls13_HKDF_Extract(byte* prk, const byte* salt, int saltLen,
- byte* ikm, int ikmLen, int digest);
- WOLFSSL_API int wc_Tls13_HKDF_Expand_Label(byte* okm, word32 okmLen,
- const byte* prk, word32 prkLen,
- const byte* protocol, word32 protocolLen,
- const byte* label, word32 labelLen,
- const byte* info, word32 infoLen,
- int digest);
- #endif /* HAVE_HKDF */
- #ifdef WOLFSSL_WOLFSSH
- WOLFSSL_API int wc_SSH_KDF(byte hashId, byte keyId,
- byte* key, word32 keySz,
- const byte* k, word32 kSz,
- const byte* h, word32 hSz,
- const byte* sessionId, word32 sessionIdSz);
- #endif /* WOLFSSL_WOLFSSH */
- #ifdef __cplusplus
- } /* extern "C" */
- #endif
- #endif /* WOLF_CRYPT_KDF_H */
- #endif /* NO_KDF */
|