Move hkdf_extract to wsgcrypt.h

HKDF-Extract is not used in TLS, but in QUIC. For reuse in OSCORE, move
it to wsutil. Adjust comments slightly to emphasize precondition.

Change-Id: I5105e7416037697b383ad58f62be285c2b7ab8b7
Reviewed-on: https://code.wireshark.org/review/25802
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Mališa Vučinić <malishav@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

epan/dissectors/packet-ssl-utils.h

@@ -634,17 +634,6 @@ ssl_decrypt_record(SslDecryptSession *ssl, SslDecoder *decoder, guint8 ct, guint
 tls13_cipher *
 tls13_cipher_create(guint8 tls13_draft_version, int cipher_algo, int cipher_mode, int hash_algo, const StringInfo *secret, const gchar **error);
 
-/*
- * Calculate HKDF-Extract(salt, IKM) -> PRK according to RFC 5869.
- * Caller must ensure that 'prk' is large enough to store the digest.
- */
-static inline gcry_error_t
-hkdf_extract(int algo, const guint8 *salt, size_t salt_len, const guint8 *ikm, size_t ikm_len, guint8 *prk)
-{
-    /* PRK = HMAC-Hash(salt, IKM) where salt is key, and IKM is input. */
-    return ws_hmac_buffer(algo, prk, ikm, ikm_len, salt, salt_len);
-}
-
 
 /* Common part bitween SSL and DTLS dissectors */
 /* Hash Functions for RSA private keys table */

wsutil/wsgcrypt.h

@@ -63,5 +63,17 @@ WS_DLL_PUBLIC gcry_error_t
 hkdf_expand(int hashalgo, const guint8 *prk, guint prk_len, const guint8 *info, guint info_len,
             guint8 *out, guint out_len);
 
+/*
+ * Calculate HKDF-Extract(salt, IKM) -> PRK according to RFC 5869.
+ * Caller MUST ensure that 'prk' is large enough to store the digest from hash
+ * algorithm 'hashalgo' (e.g. 32 bytes for SHA-256).
+ */
+static inline gcry_error_t
+hkdf_extract(int hashalgo, const guint8 *salt, size_t salt_len, const guint8 *ikm, size_t ikm_len, guint8 *prk)
+{
+    /* PRK = HMAC-Hash(salt, IKM) where salt is key, and IKM is input. */
+    return ws_hmac_buffer(hashalgo, prk, ikm, ikm_len, salt, salt_len);
+}
+
 
 #endif /* __WSGCRYPT_H__ */