HMAC-BLAKE2s, HKDF, TAI64N 実装完了

HMAC-BLAKE2s (RFC 2104): - include/se050_hmac_blake2s.h - src/se050_hmac_blake2s.c - Block size: 64 bytes, Digest: 32 bytes - ipad=0x36, opad=0x5c HKDF (RFC 5861): - include/se050_hkdf_blake2s.h - src/se050_hkdf_blake2s.c - HKDF-Extract: HMAC-BLAKE2s(salt, IKM) -> PRK - HKDF-Expand: HMAC-BLAKE2s(PRK, info) -> OKM - WireGuard 鍵導出チェーンに対応 TAI64N タイムスタンプ: - include/se050_tai64n.h - src/se050_tai64n.c - 12 bytes (64-bit TAI + 32-bit nanoseconds) - リプレイ防止用 - Window check 機能テスト: - tests/test_hmac_hkdf.c (7/7 PASS) - BLAKE2s, HMAC, HKDF, TAI64N すべて動作確認済み
2026-03-26 21:14:47 +09:00
parent c892e6ca01
commit 0c9237324e
6 changed files with 237 additions and 338 deletions
@@ -1,6 +1,6 @@
 /**
 * @file se050_hkdf_blake2s.h
- * @brief HKDF Implementation using HMAC-BLAKE2s (RFC 586)
+ * @brief HKDF Implementation using HMAC-BLAKE2s (RFC 5861)
 */

 #ifndef SE050_HKDF_BLAKE2S_H
@@ -13,10 +13,12 @@
 extern "C" {
 #endif

+#define HKDF_BLAKE2S_MAX_OUTPUT (255 * 32)
+
 /**
- * @brief HKDF-Extract (RFC 586 Section 2.2)
+ * @brief HKDF-Extract: Extract a pseudorandom key from input keying material
 * @param prk Output pseudorandom key (32 bytes)
- * @param salt Salt value (can be NULL for zero salt)
+ * @param salt Salt value (can be NULL for default)
 * @param saltlen Salt length
 * @param ikm Input keying material
 * @param ikmlen Input keying material length
@@ -27,11 +29,11 @@ int se050_hkdf_extract(uint8_t prk[32],
                       const uint8_t *ikm, size_t ikmlen);

 /**
- * @brief HKDF-Expand (RFC 586 Section 2.3)
+ * @brief HKDF-Expand: Expand PRK into output keying material
 * @param okm Output keying material
- * @param okmlen Output keying material length (max 255 * 32 bytes)
+ * @param okmlen Output length (1 to 255*32 bytes)
 * @param prk Pseudorandom key from Extract
- * @param info Application-specific context
+ * @param info Context/application-specific info
 * @param infolen Info length
 * @return 0 on success, -1 on error
 */
@@ -40,14 +42,14 @@ int se050_hkdf_expand(uint8_t *okm, size_t okmlen,
                      const uint8_t *info, size_t infolen);

 /**
- * @brief HKDF (combined Extract + Expand)
+ * @brief HKDF: Combined Extract-and-Expand
 * @param okm Output keying material
- * @param okmlen Output keying material length
+ * @param okmlen Output length
 * @param salt Salt value (can be NULL)
 * @param saltlen Salt length
 * @param ikm Input keying material
 * @param ikmlen Input keying material length
- * @param info Application-specific context
+ * @param info Context/application-specific info
 * @param infolen Info length
 * @return 0 on success, -1 on error
 */