1 // Copyright 2018 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef QUICHE_QUIC_CORE_CRYPTO_QUIC_HKDF_H_ 6 #define QUICHE_QUIC_CORE_CRYPTO_QUIC_HKDF_H_ 7 8 #include <cstdint> 9 #include <vector> 10 11 #include "absl/strings/string_view.h" 12 #include "quiche/quic/platform/api/quic_export.h" 13 14 namespace quic { 15 16 // QuicHKDF implements the key derivation function specified in RFC 5869 17 // (using SHA-256) and outputs key material, as needed by QUIC. 18 // See https://tools.ietf.org/html/rfc5869 for details. 19 class QUICHE_EXPORT QuicHKDF { 20 public: 21 // |secret|: the input shared secret (or, from RFC 5869, the IKM). 22 // |salt|: an (optional) public salt / non-secret random value. While 23 // optional, callers are strongly recommended to provide a salt. There is no 24 // added security value in making this larger than the SHA-256 block size of 25 // 64 bytes. 26 // |info|: an (optional) label to distinguish different uses of HKDF. It is 27 // optional context and application specific information (can be a zero-length 28 // string). 29 // |key_bytes_to_generate|: the number of bytes of key material to generate 30 // for both client and server. 31 // |iv_bytes_to_generate|: the number of bytes of IV to generate for both 32 // client and server. 33 // |subkey_secret_bytes_to_generate|: the number of bytes of subkey secret to 34 // generate, shared between client and server. 35 QuicHKDF(absl::string_view secret, absl::string_view salt, 36 absl::string_view info, size_t key_bytes_to_generate, 37 size_t iv_bytes_to_generate, size_t subkey_secret_bytes_to_generate); 38 39 // An alternative constructor that allows the client and server key/IV 40 // lengths to be different. 41 QuicHKDF(absl::string_view secret, absl::string_view salt, 42 absl::string_view info, size_t client_key_bytes_to_generate, 43 size_t server_key_bytes_to_generate, 44 size_t client_iv_bytes_to_generate, 45 size_t server_iv_bytes_to_generate, 46 size_t subkey_secret_bytes_to_generate); 47 48 ~QuicHKDF(); 49 client_write_key()50 absl::string_view client_write_key() const { return client_write_key_; } client_write_iv()51 absl::string_view client_write_iv() const { return client_write_iv_; } server_write_key()52 absl::string_view server_write_key() const { return server_write_key_; } server_write_iv()53 absl::string_view server_write_iv() const { return server_write_iv_; } subkey_secret()54 absl::string_view subkey_secret() const { return subkey_secret_; } client_hp_key()55 absl::string_view client_hp_key() const { return client_hp_key_; } server_hp_key()56 absl::string_view server_hp_key() const { return server_hp_key_; } 57 58 private: 59 std::vector<uint8_t> output_; 60 61 absl::string_view client_write_key_; 62 absl::string_view server_write_key_; 63 absl::string_view client_write_iv_; 64 absl::string_view server_write_iv_; 65 absl::string_view subkey_secret_; 66 absl::string_view client_hp_key_; 67 absl::string_view server_hp_key_; 68 }; 69 70 } // namespace quic 71 72 #endif // QUICHE_QUIC_CORE_CRYPTO_QUIC_HKDF_H_ 73