From nobody Mon Feb  9 03:19:58 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+94171+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+94171+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1663914323; cv=none;
	d=zohomail.com; s=zohoarc;
	b=lV/32ahr+KJPyAxsWZUFOV+/0PA+TeUuZVleH5Rx9FJHlUSxCeT8nTPHmuC9SzJEdkm3tP9XiE+Xui4K7yx8qk6TO5kpXRlzrnMsNO75L3rvtSn+NAYHHJ/+x6C+s1I6W7VDo7ZJ6gSQQI3uK/ZJ1QOn+K4JrmrnFqaulgjzgtw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1663914323;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=lP8Fc63CNHA9jedrtz3dCweaMjT/7ycHQVSbQ58fZ2o=;
	b=TTrzNj5jXaWg6A7O3czdLuQLtOdI4rVsla1Zuly7jyViUGLyK4Uug2vhRFx4L2yLqm1gYzVjU+MNeRWfqAVsfwSQHZh6eqq8S2Orv05AigiXOIt/Is4j6Qa9Mn9MiRU8XiKMGD83UjRMO0iZBtJa4xOfVkeTric0NZgWiWSqbg4=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+94171+1787277+3901457@groups.io;
	dmarc=fail header.from=<qi1.zhang@intel.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 166391432340523.464581325199447;
 Thu, 22 Sep 2022 23:25:23 -0700 (PDT)
Return-Path: <bounce+27952+94171+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id MTurYY1788612xxTZIzm8AeF;
 Thu, 22 Sep 2022 23:25:23 -0700
X-Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 by mx.groups.io with SMTP id smtpd.web08.4763.1663914316873603685
 for <devel@edk2.groups.io>;
 Thu, 22 Sep 2022 23:25:21 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10478"; a="287636089"
X-IronPort-AV: E=Sophos;i="5.93,337,1654585200";
   d="scan'208";a="287636089"
X-Received: from orsmga006.jf.intel.com ([10.7.209.51])
  by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 22 Sep 2022 23:25:21 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.93,337,1654585200";
   d="scan'208";a="597761504"
X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129])
  by orsmga006.jf.intel.com with ESMTP; 22 Sep 2022 23:25:18 -0700
From: "Qi Zhang" <qi1.zhang@intel.com>
To: devel@edk2.groups.io
Cc: Qi Zhang <qi1.zhang@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Xiaoyu Lu <xiaoyu1.lu@intel.com>,
	Guomin Jiang <guomin.jiang@intel.com>
Subject: [edk2-devel] [PATCH V2 2/4] CryptoPkg: add new Hkdf api in Crypt Lib.
Date: Fri, 23 Sep 2022 14:25:07 +0800
Message-Id: 
 <9b1ca1773460cf3c4db471af899cb82b7e0a57d2.1663913961.git.qi1.zhang@intel.com>
In-Reply-To: <cover.1663913961.git.qi1.zhang@intel.com>
References: <cover.1663913961.git.qi1.zhang@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com
X-Gm-Message-State: EMaHrI4QbCgEv3EwfdDAgHYFx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1663914323;
 bh=QHA1CgSvggw+aErx3sdrg5WfrsGMhVLelrIe+sTZRsE=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=Ofc/nWiejIetvfKxniowFuqkQ2+BCDouEucy5sl3O7ZRT1xJ5RzvNociuUo2MY3SdtV
 xxHgqDRlmkHaHkvw914KSZTkoeSBUiawjw/95aU7dB3B2ObBsJc9uOpj9y6hXsvfkrVeF
 7BdsCbdgWv228Dhg77iHn9CcD7Eg7UsNWIY=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1663914324947100001
Content-Type: text/plain; charset="utf-8"

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4033

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
---
 .../Library/BaseCryptLib/Kdf/CryptHkdf.c      | 362 +++++++++++++++++-
 .../Library/BaseCryptLib/Kdf/CryptHkdfNull.c  | 151 +++++++-
 .../BaseCryptLibNull/Kdf/CryptHkdfNull.c      | 151 +++++++-
 3 files changed, 650 insertions(+), 14 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c b/CryptoPkg/Lib=
rary/BaseCryptLib/Kdf/CryptHkdf.c
index 9457b04f72..ffaf5fb131 100644
--- a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c
+++ b/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c
@@ -1,7 +1,7 @@
 /** @file
   HMAC-SHA256 KDF Wrapper Implementation over OpenSSL.
=20
-Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018 - 2022, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
=20
 **/
@@ -13,6 +13,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 /**
   Derive HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
=20
+  @param[in]   Md               Message Digest.
   @param[in]   Key              Pointer to the user-supplied key.
   @param[in]   KeySize          Key size in bytes.
   @param[in]   Salt             Pointer to the salt(non-secret) value.
@@ -27,16 +28,16 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
=20
 **/
 BOOLEAN
-EFIAPI
-HkdfSha256ExtractAndExpand (
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeySize,
-  IN   CONST UINT8  *Salt,
-  IN   UINTN        SaltSize,
-  IN   CONST UINT8  *Info,
-  IN   UINTN        InfoSize,
-  OUT  UINT8        *Out,
-  IN   UINTN        OutSize
+HkdfMdExtractAndExpand (
+  IN   CONST EVP_MD  *Md,
+  IN   CONST UINT8   *Key,
+  IN   UINTN         KeySize,
+  IN   CONST UINT8   *Salt,
+  IN   UINTN         SaltSize,
+  IN   CONST UINT8   *Info,
+  IN   UINTN         InfoSize,
+  OUT  UINT8         *Out,
+  IN   UINTN         OutSize
   )
 {
   EVP_PKEY_CTX  *pHkdfCtx;
@@ -55,7 +56,7 @@ HkdfSha256ExtractAndExpand (
=20
   Result =3D EVP_PKEY_derive_init (pHkdfCtx) > 0;
   if (Result) {
-    Result =3D EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, EVP_sha256 ()) > 0;
+    Result =3D EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, Md) > 0;
   }
=20
   if (Result) {
@@ -78,3 +79,340 @@ HkdfSha256ExtractAndExpand (
   pHkdfCtx =3D NULL;
   return Result;
 }
+
+/**
+  Derive HMAC-based Extract key Derivation Function (HKDF).
+
+  @param[in]   Md               message digest.
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         salt size in bytes.
+  @param[out]  PrkOut           Pointer to buffer to receive hkdf value.
+  @param[in]   PrkOutSize       size of hkdf bytes to generate.
+
+  @retval true   Hkdf generated successfully.
+  @retval false  Hkdf generation failed.
+
+**/
+BOOLEAN
+HkdfMdExtract (
+  IN CONST EVP_MD  *Md,
+  IN CONST UINT8   *Key,
+  IN  UINTN        KeySize,
+  IN CONST UINT8   *Salt,
+  IN UINTN         SaltSize,
+  OUT UINT8        *PrkOut,
+  UINTN            PrkOutSize
+  )
+{
+  EVP_PKEY_CTX  *pHkdfCtx;
+  BOOLEAN       Result;
+
+  if ((Key =3D=3D NULL) || (Salt =3D=3D NULL) || (PrkOut =3D=3D NULL) ||
+      (KeySize > INT_MAX) || (SaltSize > INT_MAX) ||
+      (PrkOutSize > INT_MAX))
+  {
+    return FALSE;
+  }
+
+  pHkdfCtx =3D EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF, NULL);
+  if (pHkdfCtx =3D=3D NULL) {
+    return FALSE;
+  }
+
+  Result =3D EVP_PKEY_derive_init (pHkdfCtx) > 0;
+  if (Result) {
+    Result =3D EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, Md) > 0;
+  }
+
+  if (Result) {
+    Result =3D
+      EVP_PKEY_CTX_hkdf_mode (
+        pHkdfCtx,
+        EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY
+        ) > 0;
+  }
+
+  if (Result) {
+    Result =3D EVP_PKEY_CTX_set1_hkdf_salt (
+               pHkdfCtx,
+               Salt,
+               (uint32_t)SaltSize
+               ) > 0;
+  }
+
+  if (Result) {
+    Result =3D EVP_PKEY_CTX_set1_hkdf_key (
+               pHkdfCtx,
+               Key,
+               (uint32_t)KeySize
+               ) > 0;
+  }
+
+  if (Result) {
+    Result =3D EVP_PKEY_derive (pHkdfCtx, PrkOut, &PrkOutSize) > 0;
+  }
+
+  EVP_PKEY_CTX_free (pHkdfCtx);
+  pHkdfCtx =3D NULL;
+  return Result;
+}
+
+/**
+  Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF).
+
+  @param[in]   Md               Message Digest.
+  @param[in]   Prk              Pointer to the user-supplied key.
+  @param[in]   PrkSize          Key size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+HkdfMdExpand (
+  IN   CONST EVP_MD  *Md,
+  IN   CONST UINT8   *Prk,
+  IN   UINTN         PrkSize,
+  IN   CONST UINT8   *Info,
+  IN   UINTN         InfoSize,
+  OUT  UINT8         *Out,
+  IN   UINTN         OutSize
+  )
+{
+  EVP_PKEY_CTX  *pHkdfCtx;
+  BOOLEAN       Result;
+
+  if ((Prk =3D=3D NULL) || (Info =3D=3D NULL) || (Out =3D=3D NULL) ||
+      (PrkSize > INT_MAX) || (InfoSize > INT_MAX) || (OutSize > INT_MAX))
+  {
+    return FALSE;
+  }
+
+  pHkdfCtx =3D EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF, NULL);
+  if (pHkdfCtx =3D=3D NULL) {
+    return FALSE;
+  }
+
+  Result =3D EVP_PKEY_derive_init (pHkdfCtx) > 0;
+  if (Result) {
+    Result =3D EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, Md) > 0;
+  }
+
+  if (Result) {
+    Result =3D EVP_PKEY_CTX_hkdf_mode (pHkdfCtx, EVP_PKEY_HKDEF_MODE_EXPAN=
D_ONLY) > 0;
+  }
+
+  if (Result) {
+    Result =3D EVP_PKEY_CTX_set1_hkdf_key (pHkdfCtx, Prk, (UINT32)PrkSize)=
 > 0;
+  }
+
+  if (Result) {
+    Result =3D EVP_PKEY_CTX_add1_hkdf_info (pHkdfCtx, Info, (UINT32)InfoSi=
ze) > 0;
+  }
+
+  if (Result) {
+    Result =3D EVP_PKEY_derive (pHkdfCtx, Out, &OutSize) > 0;
+  }
+
+  EVP_PKEY_CTX_free (pHkdfCtx);
+  pHkdfCtx =3D NULL;
+  return Result;
+}
+
+/**
+  Derive HMAC-based Extract-and-Expand Key Derivation Function (HKDF).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          Key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         Salt size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha256ExtractAndExpand (
+  IN   CONST UINT8  *Key,
+  IN   UINTN        KeySize,
+  IN   CONST UINT8  *Salt,
+  IN   UINTN        SaltSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  return HkdfMdExtractAndExpand (EVP_sha256 (), Key, KeySize, Salt, SaltSi=
ze, Info, InfoSize, Out, OutSize);
+}
+
+/**
+  Derive SHA256 HMAC-based Extract key Derivation Function (HKDF).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         salt size in bytes.
+  @param[out]  PrkOut           Pointer to buffer to receive hkdf value.
+  @param[in]   PrkOutSize       size of hkdf bytes to generate.
+
+  @retval true   Hkdf generated successfully.
+  @retval false  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha256Extract (
+  IN CONST UINT8  *Key,
+  IN UINTN        KeySize,
+  IN CONST UINT8  *Salt,
+  IN UINTN        SaltSize,
+  OUT UINT8       *PrkOut,
+  UINTN           PrkOutSize
+  )
+{
+  return HkdfMdExtract (
+           EVP_sha256 (),
+           Key,
+           KeySize,
+           Salt,
+           SaltSize,
+           PrkOut,
+           PrkOutSize
+           );
+}
+
+/**
+  Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF).
+
+  @param[in]   Prk              Pointer to the user-supplied key.
+  @param[in]   PrkSize          Key size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha256Expand (
+  IN   CONST UINT8  *Prk,
+  IN   UINTN        PrkSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  return HkdfMdExpand (EVP_sha256 (), Prk, PrkSize, Info, InfoSize, Out, O=
utSize);
+}
+
+/**
+  Derive SHA384 HMAC-based Extract-and-Expand Key Derivation Function (HKD=
F).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          Key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         Salt size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384ExtractAndExpand (
+  IN   CONST UINT8  *Key,
+  IN   UINTN        KeySize,
+  IN   CONST UINT8  *Salt,
+  IN   UINTN        SaltSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  return HkdfMdExtractAndExpand (EVP_sha384 (), Key, KeySize, Salt, SaltSi=
ze, Info, InfoSize, Out, OutSize);
+}
+
+/**
+  Derive SHA384 HMAC-based Extract key Derivation Function (HKDF).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         salt size in bytes.
+  @param[out]  PrkOut           Pointer to buffer to receive hkdf value.
+  @param[in]   PrkOutSize       size of hkdf bytes to generate.
+
+  @retval true   Hkdf generated successfully.
+  @retval false  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384Extract (
+  IN CONST UINT8  *Key,
+  IN UINTN        KeySize,
+  IN CONST UINT8  *Salt,
+  IN UINTN        SaltSize,
+  OUT UINT8       *PrkOut,
+  UINTN           PrkOutSize
+  )
+{
+  return HkdfMdExtract (
+           EVP_sha384 (),
+           Key,
+           KeySize,
+           Salt,
+           SaltSize,
+           PrkOut,
+           PrkOutSize
+           );
+}
+
+/**
+  Derive SHA384 HMAC-based Expand Key Derivation Function (HKDF).
+
+  @param[in]   Prk              Pointer to the user-supplied key.
+  @param[in]   PrkSize          Key size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384Expand (
+  IN   CONST UINT8  *Prk,
+  IN   UINTN        PrkSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  return HkdfMdExpand (EVP_sha384 (), Prk, PrkSize, Info, InfoSize, Out, O=
utSize);
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdfNull.c b/CryptoPkg=
/Library/BaseCryptLib/Kdf/CryptHkdfNull.c
index 19d795a4cc..d8c967d669 100644
--- a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdfNull.c
+++ b/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdfNull.c
@@ -1,7 +1,7 @@
 /** @file
   HMAC-SHA256 KDF Wrapper Implementation which does not provide real capab=
ilities.
=20
-Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018 - 2022, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
=20
 **/
@@ -41,3 +41,152 @@ HkdfSha256ExtractAndExpand (
   ASSERT (FALSE);
   return FALSE;
 }
+
+/**
+  Derive SHA256 HMAC-based Extract key Derivation Function (HKDF).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         salt size in bytes.
+  @param[out]  PrkOut           Pointer to buffer to receive hkdf value.
+  @param[in]   PrkOutSize       size of hkdf bytes to generate.
+
+  @retval true   Hkdf generated successfully.
+  @retval false  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha256Extract (
+  IN CONST UINT8  *Key,
+  IN UINTN        KeySize,
+  IN CONST UINT8  *Salt,
+  IN UINTN        SaltSize,
+  OUT UINT8       *PrkOut,
+  UINTN           PrkOutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
+
+/**
+  Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF).
+
+  @param[in]   Prk              Pointer to the user-supplied key.
+  @param[in]   PrkSize          Key size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha256Expand (
+  IN   CONST UINT8  *Prk,
+  IN   UINTN        PrkSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
+
+/**
+  Derive SHA384 HMAC-based Extract-and-Expand Key Derivation Function (HKD=
F).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          Key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         Salt size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384ExtractAndExpand (
+  IN   CONST UINT8  *Key,
+  IN   UINTN        KeySize,
+  IN   CONST UINT8  *Salt,
+  IN   UINTN        SaltSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
+
+/**
+  Derive SHA384 HMAC-based Extract key Derivation Function (HKDF).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         salt size in bytes.
+  @param[out]  PrkOut           Pointer to buffer to receive hkdf value.
+  @param[in]   PrkOutSize       size of hkdf bytes to generate.
+
+  @retval true   Hkdf generated successfully.
+  @retval false  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384Extract (
+  IN CONST UINT8  *Key,
+  IN UINTN        KeySize,
+  IN CONST UINT8  *Salt,
+  IN UINTN        SaltSize,
+  OUT UINT8       *PrkOut,
+  UINTN           PrkOutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
+
+/**
+  Derive SHA384 HMAC-based Expand Key Derivation Function (HKDF).
+
+  @param[in]   Prk              Pointer to the user-supplied key.
+  @param[in]   PrkSize          Key size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384Expand (
+  IN   CONST UINT8  *Prk,
+  IN   UINTN        PrkSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Kdf/CryptHkdfNull.c b/Crypt=
oPkg/Library/BaseCryptLibNull/Kdf/CryptHkdfNull.c
index 19d795a4cc..d8c967d669 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/Kdf/CryptHkdfNull.c
+++ b/CryptoPkg/Library/BaseCryptLibNull/Kdf/CryptHkdfNull.c
@@ -1,7 +1,7 @@
 /** @file
   HMAC-SHA256 KDF Wrapper Implementation which does not provide real capab=
ilities.
=20
-Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018 - 2022, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
=20
 **/
@@ -41,3 +41,152 @@ HkdfSha256ExtractAndExpand (
   ASSERT (FALSE);
   return FALSE;
 }
+
+/**
+  Derive SHA256 HMAC-based Extract key Derivation Function (HKDF).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         salt size in bytes.
+  @param[out]  PrkOut           Pointer to buffer to receive hkdf value.
+  @param[in]   PrkOutSize       size of hkdf bytes to generate.
+
+  @retval true   Hkdf generated successfully.
+  @retval false  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha256Extract (
+  IN CONST UINT8  *Key,
+  IN UINTN        KeySize,
+  IN CONST UINT8  *Salt,
+  IN UINTN        SaltSize,
+  OUT UINT8       *PrkOut,
+  UINTN           PrkOutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
+
+/**
+  Derive SHA256 HMAC-based Expand Key Derivation Function (HKDF).
+
+  @param[in]   Prk              Pointer to the user-supplied key.
+  @param[in]   PrkSize          Key size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha256Expand (
+  IN   CONST UINT8  *Prk,
+  IN   UINTN        PrkSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
+
+/**
+  Derive SHA384 HMAC-based Extract-and-Expand Key Derivation Function (HKD=
F).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          Key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         Salt size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384ExtractAndExpand (
+  IN   CONST UINT8  *Key,
+  IN   UINTN        KeySize,
+  IN   CONST UINT8  *Salt,
+  IN   UINTN        SaltSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
+
+/**
+  Derive SHA384 HMAC-based Extract key Derivation Function (HKDF).
+
+  @param[in]   Key              Pointer to the user-supplied key.
+  @param[in]   KeySize          key size in bytes.
+  @param[in]   Salt             Pointer to the salt(non-secret) value.
+  @param[in]   SaltSize         salt size in bytes.
+  @param[out]  PrkOut           Pointer to buffer to receive hkdf value.
+  @param[in]   PrkOutSize       size of hkdf bytes to generate.
+
+  @retval true   Hkdf generated successfully.
+  @retval false  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384Extract (
+  IN CONST UINT8  *Key,
+  IN UINTN        KeySize,
+  IN CONST UINT8  *Salt,
+  IN UINTN        SaltSize,
+  OUT UINT8       *PrkOut,
+  UINTN           PrkOutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
+
+/**
+  Derive SHA384 HMAC-based Expand Key Derivation Function (HKDF).
+
+  @param[in]   Prk              Pointer to the user-supplied key.
+  @param[in]   PrkSize          Key size in bytes.
+  @param[in]   Info             Pointer to the application specific info.
+  @param[in]   InfoSize         Info size in bytes.
+  @param[out]  Out              Pointer to buffer to receive hkdf value.
+  @param[in]   OutSize          Size of hkdf bytes to generate.
+
+  @retval TRUE   Hkdf generated successfully.
+  @retval FALSE  Hkdf generation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HkdfSha384Expand (
+  IN   CONST UINT8  *Prk,
+  IN   UINTN        PrkSize,
+  IN   CONST UINT8  *Info,
+  IN   UINTN        InfoSize,
+  OUT  UINT8        *Out,
+  IN   UINTN        OutSize
+  )
+{
+  ASSERT (FALSE);
+  return FALSE;
+}
--=20
2.26.2.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94171): https://edk2.groups.io/g/devel/message/94171
Mute This Topic: https://groups.io/mt/93865232/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-