Alternative TLS implementation in Go
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

59 lines
1.3 KiB

  1. // Copyright 2014 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. package tls
  5. // Mostly derived from golang.org/x/crypto/hkdf, but with an exposed
  6. // Extract API.
  7. //
  8. // HKDF is a cryptographic key derivation function (KDF) with the goal of
  9. // expanding limited input keying material into one or more cryptographically
  10. // strong secret keys.
  11. //
  12. // RFC 5869: https://tools.ietf.org/html/rfc5869
  13. import (
  14. "crypto"
  15. "crypto/hmac"
  16. )
  17. func hkdfExpand(hash crypto.Hash, prk, info []byte, l int) []byte {
  18. var (
  19. expander = hmac.New(hash.New, prk)
  20. res = make([]byte, l)
  21. counter = byte(1)
  22. prev []byte
  23. )
  24. if l > 255*expander.Size() {
  25. panic("hkdf: requested too much output")
  26. }
  27. p := res
  28. for len(p) > 0 {
  29. expander.Reset()
  30. expander.Write(prev)
  31. expander.Write(info)
  32. expander.Write([]byte{counter})
  33. prev = expander.Sum(prev[:0])
  34. counter++
  35. n := copy(p, prev)
  36. p = p[n:]
  37. }
  38. return res
  39. }
  40. func hkdfExtract(hash crypto.Hash, secret, salt []byte) []byte {
  41. if salt == nil {
  42. salt = make([]byte, hash.Size())
  43. }
  44. if secret == nil {
  45. secret = make([]byte, hash.Size())
  46. }
  47. extractor := hmac.New(hash.New, salt)
  48. extractor.Write(secret)
  49. return extractor.Sum(nil)
  50. }