Add the NIST KDF

Author: zeroSteiner

lib/msf_autoload.rb

@@ -298,7 +298,9 @@ def custom_inflections
       'uds_errors' => 'UDSErrors',
       'smb_hash_capture' => 'SMBHashCapture',
       'rex_ntlm' => 'RexNTLM',
-      'teamcity' => 'TeamCity'
+      'teamcity' => 'TeamCity',
+      'kdf' => 'KDF',
+      'nist_sp_800_108_r1' => 'NIST_SP_800_108_R1'
     }
   end
 

lib/rex/crypto/kdf.rb

@@ -0,0 +1,3 @@
+module Rex::Crypto::KDF
+  require 'rex/crypto/kdf/nist_sp_800_108_r1'
+end

lib/rex/crypto/kdf/nist_sp_800_108_r1.rb

@@ -0,0 +1,25 @@
+require 'openssl'
+
+module Rex::Crypto::KDF::NIST_SP_800_108_R1
+
+  def self.counter(secret, length, prf, keys: 1, label: ''.b, context: ''.b)
+    key_block = ''
+
+    counter = 0
+    while key_block.length < (length * keys)
+      counter += 1
+      raise RangeError.new("counter overflow") if counter > 0xffffffff
+
+      info = [ counter ].pack('L>') + label.force_encoding('ASCII-8BIT') + "\x00".b + context.force_encoding('ASCII-8BIT') + [ length * keys * 8 ].pack('L>')
+      key_block << prf.call(secret, info)
+    end
+
+    key_block.bytes.each_slice(length).to_a[...keys].map { |slice| slice.pack('C*') }
+  end
+
+  def self.counter_hmac(secret, length, digest, keys: 1, label: ''.b, context: ''.b)
+    prf = -> (key, data) { OpenSSL::HMAC.digest(digest, key, data) }
+    counter(secret, length, prf, keys: keys, label: label, context: context)
+  end
+
+end