Move some V1-specific stuff into hypervisor code base.

crypto/src/kbkdf.rs

@@ -1,21 +0,0 @@
-// (c) 2020-2022 ZeroTier, Inc. -- currently propritery pending actual release and licensing. See LICENSE.md.
-
-use crate::hash::*;
-use crate::secret::Secret;
-
-/*
- * HMAC'd message is: preface | iteration[4], preface[2], label, 0x00, context, hash size[4]
- *
- * Iteration and context are always zero here. Preface is 'ZT'. Hash size is in bits. Integers
- * larger than one byte are big-endian.
- *
- * See: https://csrc.nist.gov/publications/detail/sp/800-108/final (page 12)
- */
-
-pub fn zt_kbkdf_hmac_sha384(key: &[u8], label: u8) -> Secret<48> {
-    Secret(hmac_sha384(key, &[0, 0, 0, 0, b'Z', b'T', label, 0, 0, 0, 0, 0x01, 0x80]))
-}
-
-//pub fn zt_kbkdf_hmac_sha512(key: &[u8], label: u8) -> Secret<64> {
-//    Secret(hmac_sha512(key, &[0, 0, 0, 0, b'Z', b'T', label, 0, 0, 0, 0, 0x02, 0x00]))
-//}

crypto/src/lib.rs

@@ -3,7 +3,6 @@
 pub mod aes;
 pub mod aes_gmac_siv;
 pub mod hash;
-pub mod kbkdf;
 pub mod p384;
 pub mod poly1305;
 pub mod random;

network-hypervisor/src/vl1/symmetricsecret.rs

@@ -1,7 +1,7 @@
 // (c) 2020-2022 ZeroTier, Inc. -- currently propritery pending actual release and licensing. See LICENSE.md.
 
 use zerotier_crypto::aes_gmac_siv::AesGmacSiv;
-use zerotier_crypto::kbkdf::zt_kbkdf_hmac_sha384;
+use zerotier_crypto::hash::hmac_sha384;
 use zerotier_crypto::secret::Secret;
 
 use crate::vl1::protocol::*;
@@ -19,6 +19,10 @@ pub(crate) struct SymmetricSecret {
     pub aes_gmac_siv: Pool<AesGmacSiv, AesGmacSivPoolFactory>,
 }
 
+fn zt_kbkdf_hmac_sha384(key: &[u8], label: u8) -> Secret<48> {
+    Secret(hmac_sha384(key, &[0, 0, 0, 0, b'Z', b'T', label, 0, 0, 0, 0, 0x01, 0x80]))
+}
+
 impl SymmetricSecret {
     /// Create a new symmetric secret, deriving all sub-keys and such.
     pub fn new(key: Secret<64>) -> SymmetricSecret {