1 // GoGOST -- Pure Go GOST cryptographic functions library
2 // Copyright (C) 2015-2020 Sergey Matveev <stargrave@stargrave.org>
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, version 3 of the License.
8 // This program is distributed in the hope that it will be useful,
9 // but WITHOUT ANY WARRANTY; without even the implied warranty of
10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 // GNU General Public License for more details.
13 // You should have received a copy of the GNU General Public License
14 // along with this program. If not, see <http://www.gnu.org/licenses/>.
18 type PRFForPlus interface {
20 Derive(salt []byte) []byte
23 // prf+ function as defined in RFC 7296 (IKEv2)
24 func PRFPlus(prf PRFForPlus, dst, salt []byte) {
25 in := make([]byte, prf.BlockSize()+len(salt)+1)
26 in[len(in)-1] = byte(0x01)
27 copy(in[prf.BlockSize():], salt)
28 copy(in[:prf.BlockSize()], prf.Derive(in[prf.BlockSize():]))
29 copy(dst, in[:prf.BlockSize()])
30 n := len(dst) / prf.BlockSize()
34 if n*prf.BlockSize() != len(dst) {
38 out := dst[prf.BlockSize():]
39 for i := 0; i < n; i++ {
40 in[len(in)-1] = byte(i + 2)
41 copy(in[:prf.BlockSize()], prf.Derive(in))
42 copy(out, in[:prf.BlockSize()])
44 out = out[prf.BlockSize():]