search

aws / aws-lc

AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. It іs based on code from the Google BoringSSL project and the OpenSSL project.
Other
258 stars 105 forks source link

NIST SP 800-108r1-upd1: KDF Counter Implementation #1644

Open skmcgrail opened 2 weeks ago

skmcgrail commented 2 weeks ago

Description of changes:

This pull request implements the KDF in Counter Mode defined in Section 4 of NIST.SP.800-108r1-upd1

The abbreviation KBKDF stands for Key-based key derivation function. ctr is abbreviation for counter.

Call-outs:

Testing:

Test vectors are provided here

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

skmcgrail commented 2 weeks ago

As a note for the reviewers. I'm still on the fence with the proposed KBKDF_ctr for the one-shot function name. It may be clearer to call it KBKDF_counter or even KBKDF_hmac_counter (as the PRF function could be implemented with KMAC if we so ever wished). Open to suggestions / discussions around the name choice.