1// Copyright (c) 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CRYPTO_HKDF_H_ 6#define CRYPTO_HKDF_H_ 7 8#include <vector> 9 10#include "base/basictypes.h" 11#include "base/strings/string_piece.h" 12#include "crypto/crypto_export.h" 13 14namespace crypto { 15 16// HKDF implements the key derivation function specified in RFC 5869 (using 17// SHA-256) and outputs key material, as needed by QUIC. 18// See https://tools.ietf.org/html/rfc5869 for details. 19class CRYPTO_EXPORT HKDF { 20 public: 21 // |secret|: the input shared secret (or, from RFC 5869, the IKM). 22 // |salt|: an (optional) public salt / non-secret random value. While 23 // optional, callers are strongly recommended to provide a salt. There is no 24 // added security value in making this larger than the SHA-256 block size of 25 // 64 bytes. 26 // |info|: an (optional) label to distinguish different uses of HKDF. It is 27 // optional context and application specific information (can be a zero-length 28 // string). 29 // |key_bytes_to_generate|: the number of bytes of key material to generate 30 // for both client and server. 31 // |iv_bytes_to_generate|: the number of bytes of IV to generate for both 32 // client and server. 33 // |subkey_secret_bytes_to_generate|: the number of bytes of subkey secret to 34 // generate, shared between client and server. 35 HKDF(const base::StringPiece& secret, 36 const base::StringPiece& salt, 37 const base::StringPiece& info, 38 size_t key_bytes_to_generate, 39 size_t iv_bytes_to_generate, 40 size_t subkey_secret_bytes_to_generate); 41 ~HKDF(); 42 43 base::StringPiece client_write_key() const { 44 return client_write_key_; 45 } 46 base::StringPiece client_write_iv() const { 47 return client_write_iv_; 48 } 49 base::StringPiece server_write_key() const { 50 return server_write_key_; 51 } 52 base::StringPiece server_write_iv() const { 53 return server_write_iv_; 54 } 55 base::StringPiece subkey_secret() const { 56 return subkey_secret_; 57 } 58 59 private: 60 std::vector<uint8> output_; 61 62 base::StringPiece client_write_key_; 63 base::StringPiece server_write_key_; 64 base::StringPiece client_write_iv_; 65 base::StringPiece server_write_iv_; 66 base::StringPiece subkey_secret_; 67}; 68 69} // namespace crypto 70 71#endif // CRYPTO_HKDF_H_ 72