From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web08.4763.1663914316873603685 for ; Thu, 22 Sep 2022 23:25:21 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=Yb4XvjgI; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: qi1.zhang@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1663914321; x=1695450321; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=eMAqhZjEFOy4SJnb7veDARgz496NB0P47OUYtiPLG6g=; b=Yb4XvjgIgdTeAIpjFUJcbP4Unlcg9ZV4RRdLfK2mGweaC7TXeniO6Q40 93yiglTDUVbexBzd6qLQDenbCgaLYZjQCO0P+3KLKLgQ6FeUfMHU6J6hH 9mgi9fIW4iPhKTo6q478ScH8TcdmAnEJhHpB+cIiR+uQkhiTJaomBVsqR bZIzUrKEolkLFyEPvRosDFIZST7BPB+YeQxr9qMeeRTWv9mRHA6zHujou I9NPO7rzl5Ql5mXhBxXg13js4PV5QEdJ4tMVcaTdJX+G0QnYQ38F8Dv2s pm6wfBBf4uNsCshE7nqwvVsCcK2MKgjFlrht8j21L9YQbNEYzHp07efhF Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10478"; a="287636089" X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="287636089" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Sep 2022 23:25:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="597761504" Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by orsmga006.jf.intel.com with ESMTP; 22 Sep 2022 23:25:18 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [PATCH V2 2/4] CryptoPkg: add new Hkdf api in Crypt Lib. Date: Fri, 23 Sep 2022 14:25:07 +0800 Message-Id: <9b1ca1773460cf3c4db471af899cb82b7e0a57d2.1663913961.git.qi1.zhang@intel.com> X-Mailer: git-send-email 2.26.2.windows.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4033 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Reviewed-by: Jiewen Yao --- .../Library/BaseCryptLib/Kdf/CryptHkdf.c | 362 +++++++++++++++++- .../Library/BaseCryptLib/Kdf/CryptHkdfNull.c | 151 +++++++- .../BaseCryptLibNull/Kdf/CryptHkdfNull.c | 151 +++++++- 3 files changed, 650 insertions(+), 14 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c b/CryptoPkg/Lib= rary/BaseCryptLib/Kdf/CryptHkdf.c index 9457b04f72..ffaf5fb131 100644 --- a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c +++ b/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c @@ -1,7 +1,7 @@ /** @file=0D HMAC-SHA256 KDF Wrapper Implementation over OpenSSL.=0D =0D -Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2018 - 2022, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -13,6 +13,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent /**=0D Derive HMAC-based Extract-and-Expand Key Derivation Function (HKDF).=0D =0D + @param[in] Md Message Digest.=0D @param[in] Key Pointer to the user-supplied key.=0D @param[in] KeySize Key size in bytes.=0D @param[in] Salt Pointer to the salt(non-secret) value.=0D @@ -27,16 +28,16 @@ SPDX-License-Identifier: BSD-2-Clause-Patent =0D **/=0D BOOLEAN=0D -EFIAPI=0D -HkdfSha256ExtractAndExpand (=0D - IN CONST UINT8 *Key,=0D - IN UINTN KeySize,=0D - IN CONST UINT8 *Salt,=0D - IN UINTN SaltSize,=0D - IN CONST UINT8 *Info,=0D - IN UINTN InfoSize,=0D - OUT UINT8 *Out,=0D - IN UINTN OutSize=0D +HkdfMdExtractAndExpand (=0D + IN CONST EVP_MD *Md,=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D )=0D {=0D EVP_PKEY_CTX *pHkdfCtx;=0D @@ -55,7 +56,7 @@ HkdfSha256ExtractAndExpand ( =0D Result =3D EVP_PKEY_derive_init (pHkdfCtx) > 0;=0D if (Result) {=0D - Result =3D EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, EVP_sha256 ()) > 0;=0D + Result =3D EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, Md) > 0;=0D }=0D =0D if (Result) {=0D @@ -78,3 +79,340 @@ HkdfSha256ExtractAndExpand ( pHkdfCtx =3D NULL;=0D return Result;=0D }=0D +=0D +/**=0D + Derive HMAC-based Extract key Derivation Function (HKDF).=0D +=0D + @param[in] Md message digest.=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize salt size in bytes.=0D + @param[out] PrkOut Pointer to buffer to receive hkdf value.=0D + @param[in] PrkOutSize size of hkdf bytes to generate.=0D +=0D + @retval true Hkdf generated successfully.=0D + @retval false Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +HkdfMdExtract (=0D + IN CONST EVP_MD *Md,=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + OUT UINT8 *PrkOut,=0D + UINTN PrkOutSize=0D + )=0D +{=0D + EVP_PKEY_CTX *pHkdfCtx;=0D + BOOLEAN Result;=0D +=0D + if ((Key =3D=3D NULL) || (Salt =3D=3D NULL) || (PrkOut =3D=3D NULL) ||=0D + (KeySize > INT_MAX) || (SaltSize > INT_MAX) ||=0D + (PrkOutSize > INT_MAX))=0D + {=0D + return FALSE;=0D + }=0D +=0D + pHkdfCtx =3D EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF, NULL);=0D + if (pHkdfCtx =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + Result =3D EVP_PKEY_derive_init (pHkdfCtx) > 0;=0D + if (Result) {=0D + Result =3D EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, Md) > 0;=0D + }=0D +=0D + if (Result) {=0D + Result =3D=0D + EVP_PKEY_CTX_hkdf_mode (=0D + pHkdfCtx,=0D + EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY=0D + ) > 0;=0D + }=0D +=0D + if (Result) {=0D + Result =3D EVP_PKEY_CTX_set1_hkdf_salt (=0D + pHkdfCtx,=0D + Salt,=0D + (uint32_t)SaltSize=0D + ) > 0;=0D + }=0D +=0D + if (Result) {=0D + Result =3D EVP_PKEY_CTX_set1_hkdf_key (=0D + pHkdfCtx,=0D + Key,=0D + (uint32_t)KeySize=0D + ) > 0;=0D + }=0D +=0D + if (Result) {=0D + Result =3D EVP_PKEY_derive (pHkdfCtx, PrkOut, &PrkOutSize) > 0;=0D + }=0D +=0D + EVP_PKEY_CTX_free (pHkdfCtx);=0D + pHkdfCtx =3D NULL;=0D + return Result;=0D +}=0D +=0D +/**=0D + Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF).=0D +=0D + @param[in] Md Message Digest.=0D + @param[in] Prk Pointer to the user-supplied key.=0D + @param[in] PrkSize Key size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +HkdfMdExpand (=0D + IN CONST EVP_MD *Md,=0D + IN CONST UINT8 *Prk,=0D + IN UINTN PrkSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + EVP_PKEY_CTX *pHkdfCtx;=0D + BOOLEAN Result;=0D +=0D + if ((Prk =3D=3D NULL) || (Info =3D=3D NULL) || (Out =3D=3D NULL) ||=0D + (PrkSize > INT_MAX) || (InfoSize > INT_MAX) || (OutSize > INT_MAX))= =0D + {=0D + return FALSE;=0D + }=0D +=0D + pHkdfCtx =3D EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF, NULL);=0D + if (pHkdfCtx =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + Result =3D EVP_PKEY_derive_init (pHkdfCtx) > 0;=0D + if (Result) {=0D + Result =3D EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, Md) > 0;=0D + }=0D +=0D + if (Result) {=0D + Result =3D EVP_PKEY_CTX_hkdf_mode (pHkdfCtx, EVP_PKEY_HKDEF_MODE_EXPAN= D_ONLY) > 0;=0D + }=0D +=0D + if (Result) {=0D + Result =3D EVP_PKEY_CTX_set1_hkdf_key (pHkdfCtx, Prk, (UINT32)PrkSize)= > 0;=0D + }=0D +=0D + if (Result) {=0D + Result =3D EVP_PKEY_CTX_add1_hkdf_info (pHkdfCtx, Info, (UINT32)InfoSi= ze) > 0;=0D + }=0D +=0D + if (Result) {=0D + Result =3D EVP_PKEY_derive (pHkdfCtx, Out, &OutSize) > 0;=0D + }=0D +=0D + EVP_PKEY_CTX_free (pHkdfCtx);=0D + pHkdfCtx =3D NULL;=0D + return Result;=0D +}=0D +=0D +/**=0D + Derive HMAC-based Extract-and-Expand Key Derivation Function (HKDF).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize Key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize Salt size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha256ExtractAndExpand (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + return HkdfMdExtractAndExpand (EVP_sha256 (), Key, KeySize, Salt, SaltSi= ze, Info, InfoSize, Out, OutSize);=0D +}=0D +=0D +/**=0D + Derive SHA256 HMAC-based Extract key Derivation Function (HKDF).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize salt size in bytes.=0D + @param[out] PrkOut Pointer to buffer to receive hkdf value.=0D + @param[in] PrkOutSize size of hkdf bytes to generate.=0D +=0D + @retval true Hkdf generated successfully.=0D + @retval false Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha256Extract (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + OUT UINT8 *PrkOut,=0D + UINTN PrkOutSize=0D + )=0D +{=0D + return HkdfMdExtract (=0D + EVP_sha256 (),=0D + Key,=0D + KeySize,=0D + Salt,=0D + SaltSize,=0D + PrkOut,=0D + PrkOutSize=0D + );=0D +}=0D +=0D +/**=0D + Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF).=0D +=0D + @param[in] Prk Pointer to the user-supplied key.=0D + @param[in] PrkSize Key size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha256Expand (=0D + IN CONST UINT8 *Prk,=0D + IN UINTN PrkSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + return HkdfMdExpand (EVP_sha256 (), Prk, PrkSize, Info, InfoSize, Out, O= utSize);=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Extract-and-Expand Key Derivation Function (HKD= F).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize Key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize Salt size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384ExtractAndExpand (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + return HkdfMdExtractAndExpand (EVP_sha384 (), Key, KeySize, Salt, SaltSi= ze, Info, InfoSize, Out, OutSize);=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Extract key Derivation Function (HKDF).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize salt size in bytes.=0D + @param[out] PrkOut Pointer to buffer to receive hkdf value.=0D + @param[in] PrkOutSize size of hkdf bytes to generate.=0D +=0D + @retval true Hkdf generated successfully.=0D + @retval false Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384Extract (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + OUT UINT8 *PrkOut,=0D + UINTN PrkOutSize=0D + )=0D +{=0D + return HkdfMdExtract (=0D + EVP_sha384 (),=0D + Key,=0D + KeySize,=0D + Salt,=0D + SaltSize,=0D + PrkOut,=0D + PrkOutSize=0D + );=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Expand Key Derivation Function (HKDF).=0D +=0D + @param[in] Prk Pointer to the user-supplied key.=0D + @param[in] PrkSize Key size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384Expand (=0D + IN CONST UINT8 *Prk,=0D + IN UINTN PrkSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + return HkdfMdExpand (EVP_sha384 (), Prk, PrkSize, Info, InfoSize, Out, O= utSize);=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdfNull.c b/CryptoPkg= /Library/BaseCryptLib/Kdf/CryptHkdfNull.c index 19d795a4cc..d8c967d669 100644 --- a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdfNull.c +++ b/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdfNull.c @@ -1,7 +1,7 @@ /** @file=0D HMAC-SHA256 KDF Wrapper Implementation which does not provide real capab= ilities.=0D =0D -Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2018 - 2022, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -41,3 +41,152 @@ HkdfSha256ExtractAndExpand ( ASSERT (FALSE);=0D return FALSE;=0D }=0D +=0D +/**=0D + Derive SHA256 HMAC-based Extract key Derivation Function (HKDF).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize salt size in bytes.=0D + @param[out] PrkOut Pointer to buffer to receive hkdf value.=0D + @param[in] PrkOutSize size of hkdf bytes to generate.=0D +=0D + @retval true Hkdf generated successfully.=0D + @retval false Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha256Extract (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + OUT UINT8 *PrkOut,=0D + UINTN PrkOutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D +=0D +/**=0D + Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF).=0D +=0D + @param[in] Prk Pointer to the user-supplied key.=0D + @param[in] PrkSize Key size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha256Expand (=0D + IN CONST UINT8 *Prk,=0D + IN UINTN PrkSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Extract-and-Expand Key Derivation Function (HKD= F).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize Key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize Salt size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384ExtractAndExpand (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Extract key Derivation Function (HKDF).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize salt size in bytes.=0D + @param[out] PrkOut Pointer to buffer to receive hkdf value.=0D + @param[in] PrkOutSize size of hkdf bytes to generate.=0D +=0D + @retval true Hkdf generated successfully.=0D + @retval false Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384Extract (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + OUT UINT8 *PrkOut,=0D + UINTN PrkOutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Expand Key Derivation Function (HKDF).=0D +=0D + @param[in] Prk Pointer to the user-supplied key.=0D + @param[in] PrkSize Key size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384Expand (=0D + IN CONST UINT8 *Prk,=0D + IN UINTN PrkSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibNull/Kdf/CryptHkdfNull.c b/Crypt= oPkg/Library/BaseCryptLibNull/Kdf/CryptHkdfNull.c index 19d795a4cc..d8c967d669 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/Kdf/CryptHkdfNull.c +++ b/CryptoPkg/Library/BaseCryptLibNull/Kdf/CryptHkdfNull.c @@ -1,7 +1,7 @@ /** @file=0D HMAC-SHA256 KDF Wrapper Implementation which does not provide real capab= ilities.=0D =0D -Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2018 - 2022, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -41,3 +41,152 @@ HkdfSha256ExtractAndExpand ( ASSERT (FALSE);=0D return FALSE;=0D }=0D +=0D +/**=0D + Derive SHA256 HMAC-based Extract key Derivation Function (HKDF).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize salt size in bytes.=0D + @param[out] PrkOut Pointer to buffer to receive hkdf value.=0D + @param[in] PrkOutSize size of hkdf bytes to generate.=0D +=0D + @retval true Hkdf generated successfully.=0D + @retval false Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha256Extract (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + OUT UINT8 *PrkOut,=0D + UINTN PrkOutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D +=0D +/**=0D + Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF).=0D +=0D + @param[in] Prk Pointer to the user-supplied key.=0D + @param[in] PrkSize Key size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha256Expand (=0D + IN CONST UINT8 *Prk,=0D + IN UINTN PrkSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Extract-and-Expand Key Derivation Function (HKD= F).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize Key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize Salt size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384ExtractAndExpand (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Extract key Derivation Function (HKDF).=0D +=0D + @param[in] Key Pointer to the user-supplied key.=0D + @param[in] KeySize key size in bytes.=0D + @param[in] Salt Pointer to the salt(non-secret) value.=0D + @param[in] SaltSize salt size in bytes.=0D + @param[out] PrkOut Pointer to buffer to receive hkdf value.=0D + @param[in] PrkOutSize size of hkdf bytes to generate.=0D +=0D + @retval true Hkdf generated successfully.=0D + @retval false Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384Extract (=0D + IN CONST UINT8 *Key,=0D + IN UINTN KeySize,=0D + IN CONST UINT8 *Salt,=0D + IN UINTN SaltSize,=0D + OUT UINT8 *PrkOut,=0D + UINTN PrkOutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D +=0D +/**=0D + Derive SHA384 HMAC-based Expand Key Derivation Function (HKDF).=0D +=0D + @param[in] Prk Pointer to the user-supplied key.=0D + @param[in] PrkSize Key size in bytes.=0D + @param[in] Info Pointer to the application specific info.= =0D + @param[in] InfoSize Info size in bytes.=0D + @param[out] Out Pointer to buffer to receive hkdf value.=0D + @param[in] OutSize Size of hkdf bytes to generate.=0D +=0D + @retval TRUE Hkdf generated successfully.=0D + @retval FALSE Hkdf generation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +HkdfSha384Expand (=0D + IN CONST UINT8 *Prk,=0D + IN UINTN PrkSize,=0D + IN CONST UINT8 *Info,=0D + IN UINTN InfoSize,=0D + OUT UINT8 *Out,=0D + IN UINTN OutSize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return FALSE;=0D +}=0D --=20 2.26.2.windows.1