Merge pull request #4121 from Rohde-Schwarz/sp800-56c-one-step

One-Step Key Derivation Method with KMAC
randombit · Jun 18, 2024 · a902bba · a902bba
2 parents 8f43122 + 2e8c045
commit a902bba
Show file tree

Hide file tree

Showing 11 changed files with 680 additions and 275 deletions.
diff --git a/doc/api_ref/kdf.rst b/doc/api_ref/kdf.rst
@@ -158,19 +158,20 @@ e.g. ``X9.42-PRF(KeyWrap.TripleDES)``, ``X9.42-PRF(1.2.840.113549.1.9.16.3.7)``
 SP800-56A
 ~~~~~~~~~~
 
-KDF from NIST SP 800-56A.
+KDF from NIST SP 800-56Ar2 or One-Step KDF of SP 800-56Cr2.
 
 Available if ``BOTAN_HAS_SP800_56A`` is defined.
 
 Algorithm specification names:
 
 - ``SP800-56A(<HashFunction>)``, e.g. ``SP800-56A(SHA-256)``
 - ``SP800-56A(HMAC(<HashFunction>))``, e.g. ``SP800-56A(HMAC(SHA-256))``
+- ``SP800-56A(KMAC-128)`` or ``SP800-56A(KMAC-256)``
 
 SP800-56C
 ~~~~~~~~~~
 
-KDF from NIST SP 800-56C.
+Two-Step KDF from NIST SP 800-56Cr2.
 
 Available if ``BOTAN_HAS_SP800_56C`` is defined.
 

diff --git a/src/lib/kdf/kdf.cpp b/src/lib/kdf/kdf.cpp
@@ -42,11 +42,11 @@
 #endif
 
 #if defined(BOTAN_HAS_SP800_56A)
-   #include <botan/internal/sp800_56a.h>
+   #include <botan/internal/sp800_56c_one_step.h>
 #endif
 
 #if defined(BOTAN_HAS_SP800_56C)
-   #include <botan/internal/sp800_56c.h>
+   #include <botan/internal/sp800_56c_two_step.h>
 #endif
 
 namespace Botan {
@@ -160,10 +160,16 @@ std::unique_ptr<KDF> KDF::create(std::string_view algo_spec, std::string_view pr
 #if defined(BOTAN_HAS_SP800_56A)
    if(req.algo_name() == "SP800-56A" && req.arg_count() == 1) {
       if(auto hash = HashFunction::create(req.arg(0))) {
-         return std::make_unique<SP800_56A_Hash>(std::move(hash));
+         return std::make_unique<SP800_56C_One_Step_Hash>(std::move(hash));
+      }
+      if(req.arg(0) == "KMAC-128") {
+         return std::make_unique<SP800_56C_One_Step_KMAC128>();
+      }
+      if(req.arg(0) == "KMAC-256") {
+         return std::make_unique<SP800_56C_One_Step_KMAC256>();
       }
       if(auto mac = MessageAuthenticationCode::create(req.arg(0))) {
-         return std::make_unique<SP800_56A_HMAC>(std::move(mac));
+         return std::make_unique<SP800_56C_One_Step_HMAC>(std::move(mac));
       }
    }
 #endif
@@ -173,11 +179,11 @@ std::unique_ptr<KDF> KDF::create(std::string_view algo_spec, std::string_view pr
       std::unique_ptr<KDF> exp(kdf_create_mac_or_hash<SP800_108_Feedback>(req.arg(0)));
       if(exp) {
          if(auto mac = MessageAuthenticationCode::create(req.arg(0))) {
-            return std::make_unique<SP800_56C>(std::move(mac), std::move(exp));
+            return std::make_unique<SP800_56C_Two_Step>(std::move(mac), std::move(exp));
          }
 
          if(auto mac = MessageAuthenticationCode::create(fmt("HMAC({})", req.arg(0)))) {
-            return std::make_unique<SP800_56C>(std::move(mac), std::move(exp));
+            return std::make_unique<SP800_56C_Two_Step>(std::move(mac), std::move(exp));
          }
       }
    }

diff --git a/src/lib/kdf/sp800_56a/info.txt b/src/lib/kdf/sp800_56a/info.txt
@@ -8,4 +8,5 @@ name -> "NIST SP800-56A"
 
 <requires>
 hmac
+kmac
 </requires>
diff --git a/src/lib/kdf/sp800_56a/sp800_56a.cpp b/src/lib/kdf/sp800_56a/sp800_56a.cpp
diff --git a/src/lib/kdf/sp800_56a/sp800_56a.h b/src/lib/kdf/sp800_56a/sp800_56a.h