ryru
commented
4 years ago Example HKDF Code from Tobias from 26.2.20:
#include <crypto/prf_plus.h>
prf_t *prf;
prf_plus_t *prf_plus;
chunk_t salt, IKM, PRK, info, OKM;
size_t L;
prf = lib->crypto->create_prf(lib->crypto, PRF_HMAC_SHA2_256);
/* HKDF-Extract(salt, IKM) -> PRK */
salt = chunk_from_chars(0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,);
IKM = chunk_from_chars(0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,);
prf->set_key(prf, salt);
prf->allocate_bytes(prf, IKM, &PRK);
DBG1(DBG_APP, "=== %B", &PRK);
/* HKDF-Expand(PRK, info, L) -> OKM */
info = chunk_from_chars(0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,0xf8,0xf9,);
L = 42;
prf->set_key(prf, PRK);
prf_plus = prf_plus_create(prf, TRUE, info);
prf_plus->allocate_bytes(prf_plus, L, &OKM);
DBG1(DBG_APP, "=== %B", &OKM);
chunk_clear(&PRK);
chunk_clear(&OKM);
prf_plus->destroy(prf_plus);
prf->destroy(prf);
Aufwandschätzung: soll=14 Stunden
The client now has the information to calculate the keys that used to encrypt the rest of the handshake. It uses the following information in this calculation:
First, the client finds the shared secret, which is the result of the key exchange that allows the client and server to agree on a number. The client multiplies the server's public key with the client's private key using the curve25519() algorithm.
Consider: