| /system/keymaster/tests/ |
| D | kdf_test.cpp | 32 ForTestAbstractKdf kdf; in TEST() local
35 ASSERT_TRUE(kdf.Init(KM_DIGEST_SHA1, key, 128, salt, 128)); in TEST()
36 ASSERT_TRUE(kdf.Init(KM_DIGEST_SHA_2_256, key, 128, salt, 128)); in TEST()
37 ASSERT_TRUE(kdf.Init(KM_DIGEST_SHA1, key, 128, nullptr, 0)); in TEST()
38 ASSERT_FALSE(kdf.Init(KM_DIGEST_MD5, key, 128, salt, 128)); in TEST()
39 ASSERT_FALSE(kdf.Init(KM_DIGEST_SHA1, nullptr, 0, salt, 128)); in TEST()
40 ASSERT_FALSE(kdf.Init(KM_DIGEST_SHA1, nullptr, 128, salt, 128)); in TEST()
41 ASSERT_FALSE(kdf.Init(KM_DIGEST_SHA1, key, 0, salt, 128)); in TEST()
|
| /system/security/mls/mls-rs-crypto-boringssl/src/ |
| D | kdf.rs | 160 let kdf = Kdf::new(CipherSuite::CURVE25519_AES128).unwrap(); in sha256() localVariable
161 let prk = kdf.extract(&salt, &ikm).unwrap(); in sha256()
163 assert_eq!(kdf.expand(&prk, &info, 42).unwrap(), expected_okm); in sha256()
176 let kdf = Kdf::new(CipherSuite::CURVE448_CHACHA).unwrap(); in sha512() localVariable
177 let prk = kdf.extract(&salt, &ikm).unwrap(); in sha512()
178 assert_eq!(kdf.expand(&prk, &info, 42).unwrap(), expected_okm); in sha512()
183 let kdf = Kdf::new(CipherSuite::CURVE25519_AES128).unwrap(); in sha256_extract_short_ikm() localVariable
184 assert_matches!(kdf.extract(b"salty", b""), Err(KdfError::TooShortIkm { .. })); in sha256_extract_short_ikm()
192 let kdf = Kdf::new(CipherSuite::CURVE25519_AES128).unwrap(); in sha256_expand_short_prk() localVariable
193 assert_matches!(kdf.expand(&prk_short, &info, 42), Err(KdfError::TooShortPrk { .. })); in sha256_expand_short_prk()
[all …]
|
| D | hpke.rs | 52 kdf: KDF, field
56 pub fn new(suite_id: Vec<u8>, kdf: KDF) -> Self { in new()
57 Self { suite_id, kdf } in new()
68 self.kdf.extract(salt, &[b"HPKE-v1" as &[u8], &self.suite_id, label, ikm].concat()).await in labeled_extract()
83 self.kdf.expand(key, &labeled_info, len).await in labeled_expand()
91 kdf: KdfWrapper<KDF>, field
98 pub fn new(cipher_suite: CipherSuite, dh: DH, kdf: KDF) -> Option<Self> { in new()
103 let kdf = KdfWrapper::new(suite_id, kdf); in new() localVariable
105 Some(Self { dh, kdf, kem_id, n_secret: kem_id.n_secret() }) in new()
131 let dkp_prk = match self.kdf.labeled_extract(&[], b"dkp_prk", ikm).await { in derive()
[all …]
|
| D | lib.rs | 22 pub mod kdf; module
41 use kdf::Kdf;
119 let kdf = Kdf::new(cipher_suite)?; in cipher_suite_provider() localVariable
120 let kem = DhKem::new(cipher_suite, ecdh, kdf.clone())?; in cipher_suite_provider()
123 BoringsslCipherSuite::new(cipher_suite, kem, kdf, aead) in cipher_suite_provider()
138 kdf: KDF, field
151 pub fn new(cipher_suite: CipherSuite, kem: KEM, kdf: KDF, aead: AEAD) -> Option<Self> { in new()
156 kdf, in new()
218 self.kdf in kdf_extract()
231 self.kdf in kdf_expand()
[all …]
|
| /system/keymaster/km_openssl/ |
| D | ecies_kem.cpp | 45 keymaster_kdf_t kdf; in EciesKem() local
46 if (!authorizations.GetTagValue(TAG_KDF, &kdf)) { in EciesKem()
51 switch (kdf) { in EciesKem()
56 LOG_E("Kdf %d is unsupported", kdf); in EciesKem()
|
| /system/keymint/common/src/ |
| D | keyblob.rs | 291 kdf: &dyn crypto::Hkdf, in derive_kek()
305 crypto::OpaqueOr::Explicit(key_material) => kdf.hkdf(&[], &key_material.0, &info, 32)?,
306 key @ crypto::OpaqueOr::Opaque(_) => kdf.expand(key, &info, 32)?,
343 kdf: &dyn crypto::Hkdf, in encrypt()
384 derive_kek(kdf, root_key, &key_derivation_input, characteristics.clone(), hidden, sdd)?; in encrypt()
419 kdf: &dyn crypto::Hkdf, in decrypt()
441 kdf, in decrypt()
|
| /system/keymaster/include/keymaster/km_openssl/ |
| D | attestation_record.h | 86 ASN1_INTEGER_SET* kdf; member
136 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, kdf, ASN1_INTEGER, TAG_KDF.masked_tag()),
|
| /system/keymint/tests/src/ |
| D | lib.rs | 369 pub fn test_ckdf<T: Ckdf>(kdf: T) { in test_ckdf()
378 let result = kdf.ckdf(&key.into(), label, &[&v0, &v1, &v2, &v3], 32).unwrap(); in test_ckdf()
|
| /system/keymaster/ |
| D | Android.bp | 147 "km_openssl/kdf.cpp",
|