diff options
| author | rtenneti@chromium.org <rtenneti@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-02-22 18:28:14 +0000 |
|---|---|---|
| committer | rtenneti@chromium.org <rtenneti@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-02-22 18:28:14 +0000 |
| commit | 1b69310c260d4aa120ed13c38ad8294da422b155 (patch) | |
| tree | 74e9c68c6971b1d42dd48ba3059c7164b26ffaee /crypto/hkdf.h | |
| parent | f5b961b5e485d4dd826d12e715c349018b53a85c (diff) | |
| download | chromium_src-1b69310c260d4aa120ed13c38ad8294da422b155.zip chromium_src-1b69310c260d4aa120ed13c38ad8294da422b155.tar.gz chromium_src-1b69310c260d4aa120ed13c38ad8294da422b155.tar.bz2 | |
Porting of HKDF changes from server.
Merge internal CL: 40300624
Review URL: https://chromiumcodereview.appspot.com/12326029
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184133 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto/hkdf.h')
| -rw-r--r-- | crypto/hkdf.h | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/crypto/hkdf.h b/crypto/hkdf.h new file mode 100644 index 0000000..4306d3f --- /dev/null +++ b/crypto/hkdf.h @@ -0,0 +1,64 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CRYPTO_HKDF_H_ +#define CRYPTO_HKDF_H_ + +#include <vector> + +#include "base/basictypes.h" +#include "base/memory/scoped_ptr.h" +#include "base/string_piece.h" +#include "build/build_config.h" +#include "crypto/crypto_export.h" + +namespace crypto { + +// HKDF implements the key derivation function specified in RFC 5869 (using +// SHA-256) and outputs key material, as needed by QUIC. +// See https://tools.ietf.org/html/rfc5869 for details. +class CRYPTO_EXPORT HKDF { + public: + // |secret|: The input shared secret (or, from RFC 5869, the IKM). + // |salt|: an (optional) public salt / non-secret random value. While + // optional, callers are strongly recommended to provide a salt. There is no + // added security value in making this larger than the SHA-256 block size of + // 64 bytes. + // |info|: an (optional) label to distinguish different uses of HKDF. It is + // optional context and application specific information (can be a zero-length + // string). + // |key_bytes_to_generate|: the number of bytes of key material to generate. + // |iv_bytes_to_generate|: the number of bytes of IV to generate. + HKDF(const base::StringPiece& secret, + const base::StringPiece& salt, + const base::StringPiece& info, + size_t key_bytes_to_generate, + size_t iv_bytes_to_generate); + virtual ~HKDF(); + + base::StringPiece client_write_key() const { + return client_write_key_; + } + base::StringPiece client_write_iv() const { + return client_write_iv_; + } + base::StringPiece server_write_key() const { + return server_write_key_; + } + base::StringPiece server_write_iv() const { + return server_write_iv_; + } + + private: + std::vector<uint8> output_; + + base::StringPiece client_write_key_; + base::StringPiece server_write_key_; + base::StringPiece client_write_iv_; + base::StringPiece server_write_iv_; +}; + +} // namespace crypto + +#endif // CRYPTO_HKDF_H_ |