]>
Commit | Line | Data |
---|---|---|
4b1b7c19 GW |
1 | /** @file\r |
2 | HMAC-SHA256 KDF Wrapper Implementation over OpenSSL.\r | |
3 | \r | |
4 | Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>\r | |
5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
6 | \r | |
7 | **/\r | |
8 | \r | |
9 | #include <Library/BaseCryptLib.h>\r | |
10 | #include <openssl/evp.h>\r | |
11 | #include <openssl/kdf.h>\r | |
12 | \r | |
13 | /**\r | |
14 | Derive HMAC-based Extract-and-Expand Key Derivation Function (HKDF).\r | |
15 | \r | |
16 | @param[in] Key Pointer to the user-supplied key.\r | |
17 | @param[in] KeySize Key size in bytes.\r | |
18 | @param[in] Salt Pointer to the salt(non-secret) value.\r | |
19 | @param[in] SaltSize Salt size in bytes.\r | |
20 | @param[in] Info Pointer to the application specific info.\r | |
21 | @param[in] InfoSize Info size in bytes.\r | |
944bd5cf | 22 | @param[out] Out Pointer to buffer to receive hkdf value.\r |
4b1b7c19 GW |
23 | @param[in] OutSize Size of hkdf bytes to generate.\r |
24 | \r | |
25 | @retval TRUE Hkdf generated successfully.\r | |
26 | @retval FALSE Hkdf generation failed.\r | |
27 | \r | |
28 | **/\r | |
29 | BOOLEAN\r | |
30 | EFIAPI\r | |
31 | HkdfSha256ExtractAndExpand (\r | |
32 | IN CONST UINT8 *Key,\r | |
33 | IN UINTN KeySize,\r | |
34 | IN CONST UINT8 *Salt,\r | |
35 | IN UINTN SaltSize,\r | |
36 | IN CONST UINT8 *Info,\r | |
37 | IN UINTN InfoSize,\r | |
38 | OUT UINT8 *Out,\r | |
39 | IN UINTN OutSize\r | |
40 | )\r | |
41 | {\r | |
7c342378 MK |
42 | EVP_PKEY_CTX *pHkdfCtx;\r |
43 | BOOLEAN Result;\r | |
4b1b7c19 | 44 | \r |
7c342378 MK |
45 | if ((Key == NULL) || (Salt == NULL) || (Info == NULL) || (Out == NULL) ||\r |
46 | (KeySize > INT_MAX) || (SaltSize > INT_MAX) || (InfoSize > INT_MAX) || (OutSize > INT_MAX))\r | |
47 | {\r | |
4b1b7c19 GW |
48 | return FALSE;\r |
49 | }\r | |
50 | \r | |
7c342378 | 51 | pHkdfCtx = EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF, NULL);\r |
4b1b7c19 GW |
52 | if (pHkdfCtx == NULL) {\r |
53 | return FALSE;\r | |
54 | }\r | |
55 | \r | |
7c342378 | 56 | Result = EVP_PKEY_derive_init (pHkdfCtx) > 0;\r |
4b1b7c19 | 57 | if (Result) {\r |
7c342378 | 58 | Result = EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, EVP_sha256 ()) > 0;\r |
4b1b7c19 | 59 | }\r |
7c342378 | 60 | \r |
4b1b7c19 | 61 | if (Result) {\r |
7c342378 | 62 | Result = EVP_PKEY_CTX_set1_hkdf_salt (pHkdfCtx, Salt, (UINT32)SaltSize) > 0;\r |
4b1b7c19 | 63 | }\r |
7c342378 | 64 | \r |
4b1b7c19 | 65 | if (Result) {\r |
7c342378 | 66 | Result = EVP_PKEY_CTX_set1_hkdf_key (pHkdfCtx, Key, (UINT32)KeySize) > 0;\r |
4b1b7c19 | 67 | }\r |
7c342378 | 68 | \r |
4b1b7c19 | 69 | if (Result) {\r |
7c342378 | 70 | Result = EVP_PKEY_CTX_add1_hkdf_info (pHkdfCtx, Info, (UINT32)InfoSize) > 0;\r |
4b1b7c19 | 71 | }\r |
7c342378 | 72 | \r |
4b1b7c19 | 73 | if (Result) {\r |
7c342378 | 74 | Result = EVP_PKEY_derive (pHkdfCtx, Out, &OutSize) > 0;\r |
4b1b7c19 GW |
75 | }\r |
76 | \r | |
7c342378 | 77 | EVP_PKEY_CTX_free (pHkdfCtx);\r |
4b1b7c19 GW |
78 | pHkdfCtx = NULL;\r |
79 | return Result;\r | |
80 | }\r |