Exemplo n.º 1
0
// hkdfExpand implements HKDF-Expand from RFC 5869.
func hkdfExpand(hash func() hash.Hash, prk, info []byte, length int) []byte {
	hashSize := hash().Size()
	if length > 255*hashSize {
		panic("hkdfExpand: length too long")
	}
	if len(prk) < hashSize {
		panic("hkdfExpand: prk too short")
	}
	var lastBlock []byte
	counter := byte(0)
	okm := make([]byte, length)
	hmac := hmac.New(hash, prk)
	for length > 0 {
		hmac.Reset()
		counter++
		hmac.Write(lastBlock)
		hmac.Write(info)
		hmac.Write([]byte{counter})
		block := hmac.Sum(nil)
		lastBlock = block
		copy(okm[(int(counter)-1)*hashSize:], block)
		length -= hashSize
	}
	return okm
}
Exemplo n.º 2
0
func (mp *MerkleProof) calcRootHash(seed []byte, lastNode []byte) []byte {
	hmac := hmac.New(sha256.New, seed)
	for i := len(mp.Level) - 1; i >= 0; i-- {
		hmac.Reset()
		if mp.Level[i].NodeHash != nil {
			if mp.Level[i].IsLeft {
				hmac.Write(mp.Level[i].NodeHash)
				hmac.Write(lastNode)
			} else {
				hmac.Write(lastNode)
				hmac.Write(mp.Level[i].NodeHash)
			}
			lastNode = hmac.Sum(nil)
		}
	}
	return lastNode
}
Exemplo n.º 3
0
// WithHMAC derives key of length outlen from the provided password, salt,
// and the number of iterations using PKCS#5 PBKDF2 with the provided
// hash function in HMAC.
//
// Caller is responsible to make sure that outlen < (2^32-1) * hash.Size().
func WithHMAC(hash func() hash.Hash, password []byte, salt []byte, iterations int, outlen int) []byte {
	out := make([]byte, outlen)
	hashSize := hash().Size()
	ibuf := make([]byte, 4)
	block := 1
	p := out
	for outlen > 0 {
		clen := outlen
		if clen > hashSize {
			clen = hashSize
		}

		ibuf[0] = byte((block >> 24) & 0xff)
		ibuf[1] = byte((block >> 16) & 0xff)
		ibuf[2] = byte((block >> 8) & 0xff)
		ibuf[3] = byte((block) & 0xff)

		hmac := hmac.New(hash, password)
		hmac.Write(salt)
		hmac.Write(ibuf)
		tmp := hmac.Sum()
		for i := 0; i < clen; i++ {
			p[i] = tmp[i]
		}

		for j := 1; j < iterations; j++ {
			hmac.Reset()
			hmac.Write(tmp)
			tmp = hmac.Sum()
			for k := 0; k < clen; k++ {
				p[k] ^= tmp[k]
			}
		}
		outlen -= clen
		block++
		p = p[clen:]
	}
	return out
}