ESP-IDF
Select one of the symbols to view example projects that use it.
 
Outline
#include "includes.h"
#include "common.h"
#include "sha256.h"
hmac_sha256_kdf(const u8 *, size_t, const char *, const u8 *, size_t, u8 *, size_t)
Files
loading (4/5)...
SourceVuESP-IDF Framework and ExamplesESP-IDFcomponents/wpa_supplicant/src/crypto/sha256-kdf.c
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
/* * HMAC-SHA256 KDF (RFC 5295) and HKDF-Expand(SHA256) (RFC 5869) * Copyright (c) 2014-2017, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. *//* ... */ #include "includes.h" #include "common.h" #include "sha256.h" /** * hmac_sha256_kdf - HMAC-SHA256 based KDF (RFC 5295) * @secret: Key for KDF * @secret_len: Length of the key in bytes * @label: A unique label for each purpose of the KDF or %NULL to select * RFC 5869 HKDF-Expand() with arbitrary seed (= info) * @seed: Seed value to bind into the key * @seed_len: Length of the seed * @out: Buffer for the generated pseudo-random key * @outlen: Number of bytes of key to generate * Returns: 0 on success, -1 on failure. * * This function is used to derive new, cryptographically separate keys from a * given key in ERP. This KDF is defined in RFC 5295, Chapter 3.1.2. When used * with label = NULL and seed = info, this matches HKDF-Expand() defined in * RFC 5869, Chapter 2.3. *//* ... */ int hmac_sha256_kdf(const u8 *secret, size_t secret_len, const char *label, const u8 *seed, size_t seed_len, u8 *out, size_t outlen) { u8 T[SHA256_MAC_LEN]; u8 iter = 1; const unsigned char *addr[4]; size_t len[4]; size_t pos, clen; addr[0] = T; len[0] = SHA256_MAC_LEN; if (label) { addr[1] = (const unsigned char *) label; len[1] = os_strlen(label) + 1; }{...} else { addr[1] = (const u8 *) ""; len[1] = 0; }{...} addr[2] = seed; len[2] = seed_len; addr[3] = &iter; len[3] = 1; if (hmac_sha256_vector(secret, secret_len, 3, &addr[1], &len[1], T) < 0) return -1; pos = 0; for (;;) { clen = outlen - pos; if (clen > SHA256_MAC_LEN) clen = SHA256_MAC_LEN; os_memcpy(out + pos, T, clen); pos += clen; if (pos == outlen) break; if (iter == 255) { os_memset(out, 0, outlen); forced_memzero(T, SHA256_MAC_LEN); return -1; }{...} iter++; if (hmac_sha256_vector(secret, secret_len, 4, addr, len, T) < 0) { os_memset(out, 0, outlen); forced_memzero(T, SHA256_MAC_LEN); return -1; }{...} }{...} forced_memzero(T, SHA256_MAC_LEN); return 0; }{ ... }
Details
Show:
from
Types: Columns: