Skip to content

Commit 27c6ee4

Browse files
cconloncconlon
authored
Merge pull request #7068 from SparkiDev/srtp_kdf_label
SRTP/SRTCP KDF: add APIs that derives one key from a label
2 parents fb6b022 + f2e4360 commit 27c6ee4

File tree

4 files changed

+370
-24
lines changed

4 files changed

+370
-24
lines changed

doc/dox_comments/header_files/kdf.h

Lines changed: 101 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
55
\brief This function derives keys using SRTP KDF algorithm.
66
7-
\return 0 Returned upon successful key derviation.
7+
\return 0 Returned upon successful key derivation.
88
\return BAD_FUNC_ARG Returned when key or salt is NULL
99
\return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
1010
\return BAD_FUNC_ARG Returned when saltSz is larger than 14.
@@ -44,6 +44,8 @@
4444
\endcode
4545
4646
\sa wc_SRTCP_KDF
47+
\sa wc_SRTP_KDF_label
48+
\sa wc_SRTCP_KDF_label
4749
\sa wc_SRTP_KDF_kdr_to_idx
4850
*/
4951
int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
@@ -55,7 +57,7 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
5557
5658
\brief This function derives keys using SRTCP KDF algorithm.
5759
58-
\return 0 Returned upon successful key derviation.
60+
\return 0 Returned upon successful key derivation.
5961
\return BAD_FUNC_ARG Returned when key or salt is NULL
6062
\return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
6163
\return BAD_FUNC_ARG Returned when saltSz is larger than 14.
@@ -95,12 +97,107 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
9597
\endcode
9698
9799
\sa wc_SRTP_KDF
100+
\sa wc_SRTP_KDF_label
101+
\sa wc_SRTCP_KDF_label
98102
\sa wc_SRTP_KDF_kdr_to_idx
99103
*/
100104
int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
101105
int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
102106
word32 key2Sz, byte* key3, word32 key3Sz);
107+
/*!
108+
\ingroup SrtpKdf
109+
110+
\brief This function derives a key with label using SRTP KDF algorithm.
111+
112+
\return 0 Returned upon successful key derivation.
113+
\return BAD_FUNC_ARG Returned when key, salt or outKey is NULL
114+
\return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
115+
\return BAD_FUNC_ARG Returned when saltSz is larger than 14.
116+
\return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
117+
\return MEMORY_E on dynamic memory allocation failure.
118+
119+
\param [in] key Key to use with encryption.
120+
\param [in] keySz Size of key in bytes.
121+
\param [in] salt Random non-secret value.
122+
\param [in] saltSz Size of random in bytes.
123+
\param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
124+
\param [in] index Index value to XOR in.
125+
\param [in] label Label to use when deriving key.
126+
\param [out] outKey Derived key.
127+
\param [in] outKeySz Size of derived key in bytes.
128+
103129
130+
_Example_
131+
\code
132+
unsigned char key[16] = { ... };
133+
unsigned char salt[14] = { ... };
134+
unsigned char index[6] = { ... };
135+
unsigned char keyE[16];
136+
int kdrIdx = 0; // Use all of index
137+
int ret;
138+
139+
ret = wc_SRTP_KDF_label(key, sizeof(key), salt, sizeof(salt), kdrIdx, index,
140+
WC_SRTP_LABEL_ENCRYPTION, keyE, sizeof(keyE));
141+
if (ret != 0) {
142+
WOLFSSL_MSG("wc_SRTP_KDF failed");
143+
}
144+
\endcode
145+
146+
\sa wc_SRTP_KDF
147+
\sa wc_SRTCP_KDF
148+
\sa wc_SRTCP_KDF_label
149+
\sa wc_SRTP_KDF_kdr_to_idx
150+
*/
151+
int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
152+
word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
153+
word32 outKeySz);
154+
/*!
155+
\ingroup SrtpKdf
156+
157+
\brief This function derives key with label using SRTCP KDF algorithm.
158+
159+
\return 0 Returned upon successful key derivation.
160+
\return BAD_FUNC_ARG Returned when key, salt or outKey is NULL
161+
\return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
162+
\return BAD_FUNC_ARG Returned when saltSz is larger than 14.
163+
\return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
164+
\return MEMORY_E on dynamic memory allocation failure.
165+
166+
\param [in] key Key to use with encryption.
167+
\param [in] keySz Size of key in bytes.
168+
\param [in] salt Random non-secret value.
169+
\param [in] saltSz Size of random in bytes.
170+
\param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
171+
\param [in] index Index value to XOR in.
172+
\param [in] label Label to use when deriving key.
173+
\param [out] outKey Derived key.
174+
\param [in] outKeySz Size of derived key in bytes.
175+
176+
177+
_Example_
178+
\code
179+
unsigned char key[16] = { ... };
180+
unsigned char salt[14] = { ... };
181+
unsigned char index[4] = { ... };
182+
unsigned char keyE[16];
183+
int kdrIdx = 0; // Use all of index
184+
int ret;
185+
186+
ret = wc_SRTCP_KDF_label(key, sizeof(key), salt, sizeof(salt), kdrIdx,
187+
index, WC_SRTCP_LABEL_ENCRYPTION, keyE, sizeof(keyE));
188+
if (ret != 0) {
189+
WOLFSSL_MSG("wc_SRTP_KDF failed");
190+
}
191+
\endcode
192+
193+
\sa wc_SRTP_KDF
194+
\sa wc_SRTCP_KDF
195+
\sa wc_SRTP_KDF_label
196+
\sa wc_SRTP_KDF_kdr_to_idx
197+
*/
198+
int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
199+
word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
200+
word32 outKeySz);
104201
/*!
105202
\ingroup SrtpKdf
106203
@@ -121,6 +218,8 @@ int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
121218
122219
\sa wc_SRTP_KDF
123220
\sa wc_SRTCP_KDF
221+
\sa wc_SRTP_KDF_label
222+
\sa wc_SRTCP_KDF_label
124223
*/
125224
int wc_SRTP_KDF_kdr_to_idx(word32 kdr);
126225

0 commit comments

Comments
 (0)