Add crypto_kdf_hkdf_sha{256,512}_extract_{init,update,final}

dist-build/emscripten-symbols.def

@@ -283,18 +283,26 @@ _crypto_kdf_bytes_max 1 1
 _crypto_kdf_bytes_min 1 1
 _crypto_kdf_contextbytes 1 1
 _crypto_kdf_derive_from_key 1 1
-_crypto_kdf_hkdf_sha256_bytes_max 0 1
-_crypto_kdf_hkdf_sha256_bytes_min 0 1
-_crypto_kdf_hkdf_sha256_expand 0 1
-_crypto_kdf_hkdf_sha256_extract 0 1
-_crypto_kdf_hkdf_sha256_keybytes 0 1
-_crypto_kdf_hkdf_sha256_keygen 0 1
-_crypto_kdf_hkdf_sha512_bytes_max 0 1
-_crypto_kdf_hkdf_sha512_bytes_min 0 1
-_crypto_kdf_hkdf_sha512_expand 0 1
-_crypto_kdf_hkdf_sha512_extract 0 1
-_crypto_kdf_hkdf_sha512_keybytes 0 1
-_crypto_kdf_hkdf_sha512_keygen 0 1
+_crypto_kdf_hkdf_sha256_bytes_max 1 1
+_crypto_kdf_hkdf_sha256_bytes_min 1 1
+_crypto_kdf_hkdf_sha256_expand 1 1
+_crypto_kdf_hkdf_sha256_extract 1 1
+_crypto_kdf_hkdf_sha256_extract_final 1 1
+_crypto_kdf_hkdf_sha256_extract_init 1 1
+_crypto_kdf_hkdf_sha256_statebytes 1 1
+_crypto_kdf_hkdf_sha256_extract_update 1 1
+_crypto_kdf_hkdf_sha256_keybytes 1 1
+_crypto_kdf_hkdf_sha256_keygen 1 1
+_crypto_kdf_hkdf_sha512_bytes_max 1 1
+_crypto_kdf_hkdf_sha512_bytes_min 1 1
+_crypto_kdf_hkdf_sha512_expand 1 1
+_crypto_kdf_hkdf_sha512_extract 1 1
+_crypto_kdf_hkdf_sha512_extract_final 1 1
+_crypto_kdf_hkdf_sha512_extract_init 1 1
+_crypto_kdf_hkdf_sha512_statebytes 1 1
+_crypto_kdf_hkdf_sha512_extract_update 1 1
+_crypto_kdf_hkdf_sha512_keybytes 1 1
+_crypto_kdf_hkdf_sha512_keygen 1 1
 _crypto_kdf_keybytes 1 1
 _crypto_kdf_keygen 1 1
 _crypto_kdf_primitive 0 1

src/libsodium/crypto_kdf/hkdf/kdf_hkdf_sha512.c

@@ -7,20 +7,42 @@
 #include "randombytes.h"
 #include "utils.h"
 
+int
+crypto_kdf_hkdf_sha512_extract_init(crypto_kdf_hkdf_sha512_state *state,
+                                    const unsigned char *salt, size_t salt_len)
+{
+    return crypto_auth_hmacsha512_init(&state->st, salt, salt_len);
+}
+
+int
+crypto_kdf_hkdf_sha512_extract_update(crypto_kdf_hkdf_sha512_state *state,
+                                      const unsigned char *ikm, size_t ikm_len)
+{
+    return crypto_auth_hmacsha512_update(&state->st, ikm, ikm_len);
+}
+
+int
+crypto_kdf_hkdf_sha512_extract_final(crypto_kdf_hkdf_sha512_state *state,
+                                     unsigned char prk[crypto_kdf_hkdf_sha512_KEYBYTES])
+{
+    crypto_auth_hmacsha512_final(&state->st, prk);
+    sodium_memzero(state, sizeof state);
+
+    return 0;
+}
+
 int
 crypto_kdf_hkdf_sha512_extract(
     unsigned char prk[crypto_kdf_hkdf_sha512_KEYBYTES],
     const unsigned char *salt, size_t salt_len, const unsigned char *ikm,
     size_t ikm_len)
 {
-    crypto_auth_hmacsha512_state st;
+    crypto_kdf_hkdf_sha512_state state;
 
-    crypto_auth_hmacsha512_init(&st, salt, salt_len);
-    crypto_auth_hmacsha512_update(&st, ikm, ikm_len);
-    crypto_auth_hmacsha512_final(&st, prk);
-    sodium_memzero(&st, sizeof st);
+    crypto_kdf_hkdf_sha512_extract_init(&state, salt, salt_len);
+    crypto_kdf_hkdf_sha512_extract_update(&state, ikm, ikm_len);
 
-    return 0;
+    return crypto_kdf_hkdf_sha512_extract_final(&state, prk);
 }
 
 void

src/libsodium/include/sodium/crypto_kdf_hkdf_sha512.h

@@ -44,6 +44,30 @@ int crypto_kdf_hkdf_sha512_expand(unsigned char *out, size_t out_len,
                                   const unsigned char prk[crypto_kdf_hkdf_sha512_KEYBYTES])
             __attribute__ ((nonnull(1)));
 
+/* ------------------------------------------------------------------------- */
+
+typedef struct crypto_kdf_hkdf_sha512_state {
+    crypto_auth_hmacsha512_state st;
+} crypto_kdf_hkdf_sha512_state;
+
+SODIUM_EXPORT
+size_t crypto_kdf_hkdf_sha512_statebytes(void);
+
+SODIUM_EXPORT
+int crypto_kdf_hkdf_sha512_extract_init(crypto_kdf_hkdf_sha512_state *state,
+                                        const unsigned char *salt, size_t salt_len)
+            __attribute__ ((nonnull(1)));
+
+SODIUM_EXPORT
+int crypto_kdf_hkdf_sha512_extract_update(crypto_kdf_hkdf_sha512_state *state,
+                                          const unsigned char *ikm, size_t ikm_len)
+            __attribute__ ((nonnull));
+
+SODIUM_EXPORT
+int crypto_kdf_hkdf_sha512_extract_final(crypto_kdf_hkdf_sha512_state *state,
+                                         unsigned char prk[crypto_kdf_hkdf_sha512_KEYBYTES])
+            __attribute__ ((nonnull));
+
 #ifdef __cplusplus
 }
 #endif

test/symbols/all-symbols.txt

@@ -322,12 +322,19 @@ crypto_kdf_hkdf_sha256_bytes_max
 crypto_kdf_hkdf_sha256_bytes_min
 crypto_kdf_hkdf_sha256_expand
 crypto_kdf_hkdf_sha256_extract
+crypto_kdf_hkdf_sha256_extract_final
+crypto_kdf_hkdf_sha256_extract_init
+crypto_kdf_hkdf_sha256_extract_update
 crypto_kdf_hkdf_sha256_keybytes
 crypto_kdf_hkdf_sha256_keygen
+crypto_kdf_hkdf_sha256_statebytes
 crypto_kdf_hkdf_sha512_bytes_max
 crypto_kdf_hkdf_sha512_bytes_min
 crypto_kdf_hkdf_sha512_expand
 crypto_kdf_hkdf_sha512_extract
+crypto_kdf_hkdf_sha512_extract_final
+crypto_kdf_hkdf_sha512_extract_init
+crypto_kdf_hkdf_sha512_extract_update
 crypto_kdf_hkdf_sha512_keybytes
 crypto_kdf_hkdf_sha512_keygen
 crypto_kdf_keybytes