From 1336476233614de6068243e51e9377285443c05c Mon Sep 17 00:00:00 2001 From: Qi Zhang Date: Fri, 23 Sep 2022 14:25:06 +0800 Subject: CryptoPkg: add new Hkdf api definition in Crypt Lib. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4033 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Reviewed-by: Jiewen Yao --- CryptoPkg/Private/Protocol/Crypto.h | 139 +++++++++++++++++++++++++++++++++++- 1 file changed, 138 insertions(+), 1 deletion(-) (limited to 'CryptoPkg/Private') diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h index 23445cf1e8..da726e8381 100644 --- a/CryptoPkg/Private/Protocol/Crypto.h +++ b/CryptoPkg/Private/Protocol/Crypto.h @@ -21,7 +21,7 @@ /// the EDK II Crypto Protocol is extended, this version define must be /// increased. /// -#define EDKII_CRYPTO_VERSION 9 +#define EDKII_CRYPTO_VERSION 10 /// /// EDK II Crypto Protocol forward declaration @@ -2770,6 +2770,137 @@ BOOLEAN IN UINTN OutSize ); +/** + Derive SHA256 HMAC-based Extract key Derivation Function (HKDF). + + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize key size in bytes. + @param[in] Salt Pointer to the salt(non-secret) value. + @param[in] SaltSize salt size in bytes. + @param[out] PrkOut Pointer to buffer to receive hkdf value. + @param[in] PrkOutSize size of hkdf bytes to generate. + + @retval true Hkdf generated successfully. + @retval false Hkdf generation failed. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HKDF_SHA_256_EXTRACT)( + IN CONST UINT8 *Key, + IN UINTN KeySize, + IN CONST UINT8 *Salt, + IN UINTN SaltSize, + OUT UINT8 *PrkOut, + UINTN PrkOutSize + ); + +/** + Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF). + + @param[in] Prk Pointer to the user-supplied key. + @param[in] PrkSize Key size in bytes. + @param[in] Info Pointer to the application specific info. + @param[in] InfoSize Info size in bytes. + @param[out] Out Pointer to buffer to receive hkdf value. + @param[in] OutSize Size of hkdf bytes to generate. + + @retval TRUE Hkdf generated successfully. + @retval FALSE Hkdf generation failed. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HKDF_SHA_256_EXPAND)( + IN CONST UINT8 *Prk, + IN UINTN PrkSize, + IN CONST UINT8 *Info, + IN UINTN InfoSize, + OUT UINT8 *Out, + IN UINTN OutSize + ); + +/** + Derive SHA384 HMAC-based Extract-and-Expand Key Derivation Function (HKDF). + + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[in] Salt Pointer to the salt(non-secret) value. + @param[in] SaltSize Salt size in bytes. + @param[in] Info Pointer to the application specific info. + @param[in] InfoSize Info size in bytes. + @param[out] Out Pointer to buffer to receive hkdf value. + @param[in] OutSize Size of hkdf bytes to generate. + + @retval TRUE Hkdf generated successfully. + @retval FALSE Hkdf generation failed. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND)( + IN CONST UINT8 *Key, + IN UINTN KeySize, + IN CONST UINT8 *Salt, + IN UINTN SaltSize, + IN CONST UINT8 *Info, + IN UINTN InfoSize, + OUT UINT8 *Out, + IN UINTN OutSize + ); + +/** + Derive SHA384 HMAC-based Extract-and-Expand Key Derivation Function (HKDF). + + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[in] Salt Pointer to the salt(non-secret) value. + @param[in] SaltSize Salt size in bytes. + @param[in] Info Pointer to the application specific info. + @param[in] InfoSize Info size in bytes. + @param[out] Out Pointer to buffer to receive hkdf value. + @param[in] OutSize Size of hkdf bytes to generate. + + @retval TRUE Hkdf generated successfully. + @retval FALSE Hkdf generation failed. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HKDF_SHA_384_EXTRACT)( + IN CONST UINT8 *Key, + IN UINTN KeySize, + IN CONST UINT8 *Salt, + IN UINTN SaltSize, + OUT UINT8 *PrkOut, + UINTN PrkOutSize + ); + +/** + Derive SHA384 HMAC-based Expand Key Derivation Function (HKDF). + + @param[in] Prk Pointer to the user-supplied key. + @param[in] PrkSize Key size in bytes. + @param[in] Info Pointer to the application specific info. + @param[in] InfoSize Info size in bytes. + @param[out] Out Pointer to buffer to receive hkdf value. + @param[in] OutSize Size of hkdf bytes to generate. + + @retval TRUE Hkdf generated successfully. + @retval FALSE Hkdf generation failed. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HKDF_SHA_384_EXPAND)( + IN CONST UINT8 *Prk, + IN UINTN PrkSize, + IN CONST UINT8 *Info, + IN UINTN InfoSize, + OUT UINT8 *Out, + IN UINTN OutSize + ); + /** Initializes the OpenSSL library. @@ -3873,6 +4004,12 @@ struct _EDKII_CRYPTO_PROTOCOL { EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update; EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final; EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All; + /// HKDF (continued) + EDKII_CRYPTO_HKDF_SHA_256_EXTRACT HkdfSha256Extract; + EDKII_CRYPTO_HKDF_SHA_256_EXPAND HkdfSha256Expand; + EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND HkdfSha384ExtractAndExpand; + EDKII_CRYPTO_HKDF_SHA_384_EXTRACT HkdfSha384Extract; + EDKII_CRYPTO_HKDF_SHA_384_EXPAND HkdfSha384Expand; }; extern GUID gEdkiiCryptoProtocolGuid; -- cgit v1.2.3