Blame - vendor/gopkg.in/jcmturner/gokrb5.v7/crypto/rfc3962/keyDerivation.go - voltha-go

blob: a5f45c1c5fead80563499859a69a0fc8551258f7 [file] [log] [blame]

Scott Baker	8461e15	2019-10-01 14:44:30 -0700	[diff] [blame]	1	package rfc3962
				2
				3	import (
				4	"encoding/binary"
				5	"encoding/hex"
				6	"errors"
				7
				8	"github.com/jcmturner/gofork/x/crypto/pbkdf2"
				9	"gopkg.in/jcmturner/gokrb5.v7/crypto/etype"
				10	)
				11
				12	const (
				13	s2kParamsZero = 4294967296
				14	)
				15
				16	// StringToKey returns a key derived from the string provided according to the definition in RFC 3961.
				17	func StringToKey(secret, salt, s2kparams string, e etype.EType) ([]byte, error) {
				18	i, err := S2KparamsToItertions(s2kparams)
				19	if err != nil {
				20	return nil, err
				21	}
				22	return StringToKeyIter(secret, salt, i, e)
				23	}
				24
				25	// StringToPBKDF2 generates an encryption key from a pass phrase and salt string using the PBKDF2 function from PKCS #5 v2.0
				26	func StringToPBKDF2(secret, salt string, iterations int64, e etype.EType) []byte {
				27	return pbkdf2.Key64([]byte(secret), []byte(salt), iterations, int64(e.GetKeyByteSize()), e.GetHashFunc())
				28	}
				29
				30	// StringToKeyIter returns a key derived from the string provided according to the definition in RFC 3961.
				31	func StringToKeyIter(secret, salt string, iterations int64, e etype.EType) ([]byte, error) {
				32	tkey := e.RandomToKey(StringToPBKDF2(secret, salt, iterations, e))
				33	return e.DeriveKey(tkey, []byte("kerberos"))
				34	}
				35
				36	// S2KparamsToItertions converts the string representation of iterations to an integer
				37	func S2KparamsToItertions(s2kparams string) (int64, error) {
				38	//process s2kparams string
				39	//The parameter string is four octets indicating an unsigned
				40	//number in big-endian order. This is the number of iterations to be
				41	//performed. If the value is 00 00 00 00, the number of iterations to
				42	//be performed is 4,294,967,296 (2**32).
				43	var i uint32
				44	if len(s2kparams) != 8 {
				45	return int64(s2kParamsZero), errors.New("invalid s2kparams length")
				46	}
				47	b, err := hex.DecodeString(s2kparams)
				48	if err != nil {
				49	return int64(s2kParamsZero), errors.New("invalid s2kparams, cannot decode string to bytes")
				50	}
				51	i = binary.BigEndian.Uint32(b)
				52	//buf := bytes.NewBuffer(b)
				53	//err = binary.Read(buf, binary.BigEndian, &i)
				54	if err != nil {
				55	return int64(s2kParamsZero), errors.New("invalid s2kparams, cannot convert to big endian int32")
				56	}
				57	return int64(i), nil
				58	}