]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c
2 HMAC-SHA256 KDF Wrapper Implementation over OpenSSL.
4 Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include <Library/BaseCryptLib.h>
10 #include <openssl/evp.h>
11 #include <openssl/kdf.h>
14 Derive HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
16 @param[in] Key Pointer to the user-supplied key.
17 @param[in] KeySize Key size in bytes.
18 @param[in] Salt Pointer to the salt(non-secret) value.
19 @param[in] SaltSize Salt size in bytes.
20 @param[in] Info Pointer to the application specific info.
21 @param[in] InfoSize Info size in bytes.
22 @param[out] Out Pointer to buffer to receive hkdf value.
23 @param[in] OutSize Size of hkdf bytes to generate.
25 @retval TRUE Hkdf generated successfully.
26 @retval FALSE Hkdf generation failed.
31 HkdfSha256ExtractAndExpand (
42 EVP_PKEY_CTX
*pHkdfCtx
;
45 if ((Key
== NULL
) || (Salt
== NULL
) || (Info
== NULL
) || (Out
== NULL
) ||
46 (KeySize
> INT_MAX
) || (SaltSize
> INT_MAX
) || (InfoSize
> INT_MAX
) || (OutSize
> INT_MAX
))
51 pHkdfCtx
= EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF
, NULL
);
52 if (pHkdfCtx
== NULL
) {
56 Result
= EVP_PKEY_derive_init (pHkdfCtx
) > 0;
58 Result
= EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx
, EVP_sha256 ()) > 0;
62 Result
= EVP_PKEY_CTX_set1_hkdf_salt (pHkdfCtx
, Salt
, (UINT32
)SaltSize
) > 0;
66 Result
= EVP_PKEY_CTX_set1_hkdf_key (pHkdfCtx
, Key
, (UINT32
)KeySize
) > 0;
70 Result
= EVP_PKEY_CTX_add1_hkdf_info (pHkdfCtx
, Info
, (UINT32
)InfoSize
) > 0;
74 Result
= EVP_PKEY_derive (pHkdfCtx
, Out
, &OutSize
) > 0;
77 EVP_PKEY_CTX_free (pHkdfCtx
);