--- /dev/null
+/*
+ Key Derivation Functions
+ [SP800-108] section 5.1
+
+ Copyright (C) Stefan Metzmacher 2012
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "replace.h"
+#include "../lib/crypto/crypto.h"
+
+struct HMACSHA256Context {
+ SHA256_CTX ctx;
+ uint8_t k_ipad[65];
+ uint8_t k_opad[65];
+};
+
+void hmac_sha256_init(const uint8_t *key, size_t key_len, struct HMACSHA256Context *ctx);
+void hmac_sha256_update(const uint8_t *data, size_t data_len, struct HMACSHA256Context *ctx);
+void hmac_sha256_final(uint8_t digest[20], struct HMACSHA256Context *ctx);
+
+void hmac_sha256_kdf_cnt_h128_r32(const uint8_t *KI, size_t KI_len,
+ const uint8_t *Label, size_t Label_len,
+ const uint8_t *Context, size_z Context_len,
+ uint32_t L, uint8_t KO)
+{
+#define _H 256
+#define _R 32
+ uint32_t n = L/_H;
+ uint32_t i;
+
+ assert(n <= ((2^_R) - 1));
+
+ result
+
+ for (i = 1; i <= n; i++) {
+ struct HMACSHA256Context ctx;
+ uint8_t buf[4];
+ static const uint8_t zero = 0;
+ uint8_t digest[SHA256_DIGEST_LENGTH];
+
+ hmac_sha256_init(KI, KI_len, &ctx);
+
+ SIVAL(buf, 0, i);//TODO
+ hmac_sha256_update(buf, sizeof(buf), &ctx);
+ hmac_sha256_update(Label, Label_len, &ctx);
+ hmac_sha256_update(&zero, 1, &ctx);
+ hmac_sha256_update(Context, Context_len, &ctx);
+ SIVAL(buf, 0, L);//TODO
+ hmac_sha256_update(buf, sizeof(buf), &ctx);
+
+ hmac_sha256_final(digest, &ctx);
+
+ }
+
+}
+