Initial commit for KBKDF #87
Conversation
| const FEEDBACK_KI: bool = false; | ||
| } | ||
|
|
||
| pub struct Counter<Prf, K, R = U32> { |
There was a problem hiding this comment.
not so fan of the default values for R. I wonder if maybe a type alias might not be better. (ala x509-cert::Certificate)
|
|
||
| // Fixed input data | ||
| h.update(label); | ||
| if use_separator { |
There was a problem hiding this comment.
This behavior is not standard, but TPM specification relies on KBKDF and calls for separator to be optional (https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part1_Architecture_pub.pdf#page=73).
Added only if Label is not present or if the last octet of Label is not zero.
For a time I intended to provide that behavior as a type parameter, but I'm not sure now. I'd love opinion.
baloo
force-pushed
the
baloo/kbkdf/init
branch
from
9002671 to
013eec6
Compare
|
Nist has test vectors http://csrc.nist.gov/groups/STM/cavp/index.html |
kbkdf/src/lib.rs
Outdated
| /// Derives `key` from `kin` and other parameters. | ||
| fn derive( | ||
| &self, | ||
| kin: &GenericArray<u8, Prf::KeySize>, |
There was a problem hiding this comment.
This is incorrect and doesn't work with hmac.
I think I'll need for it to pass in the Prf and reset it.
baloo
force-pushed
the
baloo/kbkdf/init
branch
from
847ceb0 to
9df77b4
Compare
|
Closing in favor of #108 |
1 participant
This implements KBKDF as defined in https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf
This also implements non-standards behavior like
use-landuse-separator. Those are used in TPMs for the KDFa method for example. See comments below for questions about that.Missing: