]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c
f0fcef211d3f04c00b2ee79038ef2e3f53354207
2 HMAC-SHA256 KDF Wrapper Implementation over OpenSSL.
4 Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include <Library/BaseCryptLib.h>
10 #include <openssl/evp.h>
11 #include <openssl/kdf.h>
14 Derive HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
16 @param[in] Key Pointer to the user-supplied key.
17 @param[in] KeySize Key size in bytes.
18 @param[in] Salt Pointer to the salt(non-secret) value.
19 @param[in] SaltSize Salt size in bytes.
20 @param[in] Info Pointer to the application specific info.
21 @param[in] InfoSize Info size in bytes.
22 @param[Out] Out Pointer to buffer to receive hkdf value.
23 @param[in] OutSize Size of hkdf bytes to generate.
25 @retval TRUE Hkdf generated successfully.
26 @retval FALSE Hkdf generation failed.
31 HkdfSha256ExtractAndExpand (
42 EVP_PKEY_CTX
*pHkdfCtx
;
45 if (Key
== NULL
|| Salt
== NULL
|| Info
== NULL
|| Out
== NULL
||
46 KeySize
> INT_MAX
|| SaltSize
> INT_MAX
|| InfoSize
> INT_MAX
|| OutSize
> INT_MAX
) {
50 pHkdfCtx
= EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF
, NULL
);
51 if (pHkdfCtx
== NULL
) {
55 Result
= EVP_PKEY_derive_init(pHkdfCtx
) > 0;
57 Result
= EVP_PKEY_CTX_set_hkdf_md(pHkdfCtx
, EVP_sha256()) > 0;
60 Result
= EVP_PKEY_CTX_set1_hkdf_salt(pHkdfCtx
, Salt
, (UINT32
)SaltSize
) > 0;
63 Result
= EVP_PKEY_CTX_set1_hkdf_key(pHkdfCtx
, Key
, (UINT32
)KeySize
) > 0;
66 Result
= EVP_PKEY_CTX_add1_hkdf_info(pHkdfCtx
, Info
, (UINT32
)InfoSize
) > 0;
69 Result
= EVP_PKEY_derive(pHkdfCtx
, Out
, &OutSize
) > 0;
72 EVP_PKEY_CTX_free(pHkdfCtx
);