8#include <botan/prf_tls.h>
9#include <botan/exceptn.h>
24void P_hash(uint8_t out[],
size_t out_len,
26 const uint8_t secret[],
size_t secret_len,
27 const uint8_t salt[],
size_t salt_len)
31 mac.
set_key(secret, secret_len);
33 catch(Invalid_Key_Length&)
35 throw Internal_Error(
"The premaster secret of " +
36 std::to_string(secret_len) +
37 " bytes is too long for the PRF");
40 secure_vector<uint8_t> A(salt, salt +
salt_len);
41 secure_vector<uint8_t> h;
45 while(offset != out_len)
53 const size_t writing = std::min(h.size(), out_len - offset);
54 xor_buf(&out[offset], h.data(), writing);
62 const uint8_t secret[],
size_t secret_len,
63 const uint8_t salt[],
size_t salt_len,
64 const uint8_t label[],
size_t label_len)
const
66 const size_t S1_len = (secret_len + 1) / 2,
67 S2_len = (secret_len + 1) / 2;
68 const uint8_t* S1 = secret;
69 const uint8_t* S2 = secret + (secret_len - S2_len);
73 msg += std::make_pair(label, label_len);
74 msg += std::make_pair(salt,
salt_len);
76 P_hash(key, key_len, *m_hmac_md5, S1, S1_len, msg.data(), msg.size());
77 P_hash(key, key_len, *m_hmac_sha1, S2, S2_len, msg.data(), msg.size());
82 const uint8_t secret[],
size_t secret_len,
83 const uint8_t salt[],
size_t salt_len,
84 const uint8_t label[],
size_t label_len)
const
89 msg += std::make_pair(label, label_len);
90 msg += std::make_pair(salt,
salt_len);
92 P_hash(key, key_len, *m_mac, secret, secret_len, msg.data(), msg.size());
void update(const uint8_t in[], size_t length)
secure_vector< uint8_t > process(const uint8_t in[], size_t length)
void final(uint8_t out[])
void set_key(const SymmetricKey &key)
size_t kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
size_t kdf(uint8_t key[], size_t key_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len) const override
void xor_buf(uint8_t out[], const uint8_t in[], size_t length)
std::vector< T, secure_allocator< T > > secure_vector