[PATCH 3/4] lib: sha256: add support of key derivation

Philippe Reynes philippe.reynes at softathome.com
Tue Jul 16 17:06:15 CEST 2024 

Adds the support of key derivation using the scheme hkdf.
This scheme is defined in rfc5869.

Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com>
---
 include/u-boot/sha256.h |  8 ++++++++
 lib/sha256.c            | 42 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+)

diff --git a/include/u-boot/sha256.h b/include/u-boot/sha256.h
index 7aa4c54d0d4..46d20bf9b79 100644
--- a/include/u-boot/sha256.h
+++ b/include/u-boot/sha256.h
@@ -6,6 +6,9 @@
 #define SHA256_SUM_LEN	32
 #define SHA256_DER_LEN	19
 
+#define SHA256_HKDF_MAX_INFO_LEN 256
+#define SHA256_HKDF_MAX_DATA_LEN (SHA256_HKDF_MAX_INFO_LEN + SHA256_SUM_LEN + 1)
+
 extern const uint8_t sha256_der_prefix[];
 
 /* Reset watchdog each time we process this many bytes */
@@ -28,4 +31,9 @@ void sha256_hmac(const unsigned char *key, int keylen,
 		 const unsigned char *input, unsigned int ilen,
 		 unsigned char *output);
 
+void sha256_hkdf(const unsigned char *salt, int saltlen,
+		 const unsigned char *ikm, int ikmlen,
+		 const unsigned char *info, int infolen,
+		 unsigned char *output, int outputlen);
+
 #endif /* _SHA256_H */
diff --git a/lib/sha256.c b/lib/sha256.c
index 64f6b48974b..9a4fd452cd8 100644
--- a/lib/sha256.c
+++ b/lib/sha256.c
@@ -338,3 +338,45 @@ void sha256_hmac(const unsigned char *key, int keylen,
 	memset(tmpbuf, 0, 32);
 	memset(&ctx, 0, sizeof(sha256_context));
 }
+
+static void sha256_hkdf_expand(const unsigned char *prk, int prklen,
+			       const unsigned char *info, int infolen,
+			       unsigned char *okm, int okmlen)
+{
+	unsigned char t[SHA256_SUM_LEN];
+	unsigned char data[SHA256_HKDF_MAX_DATA_LEN];
+	int i, l = (okmlen + SHA256_SUM_LEN - 1) / SHA256_SUM_LEN;
+	int tlen, datalen, len, offset = 0;
+
+	for (i = 1; i <= l; i++) {
+		tlen = (i == 1) ? 0 : SHA256_SUM_LEN;
+		memcpy(&data[0], &t[0], tlen);
+		datalen = tlen;
+		memcpy(&data[datalen], info, infolen);
+		datalen += infolen;
+		data[datalen] = i;
+		datalen++;
+
+		sha256_hmac(prk, prklen, data, datalen, t);
+
+		len = (okmlen > SHA256_SUM_LEN) ? SHA256_SUM_LEN : okmlen;
+		memcpy(&okm[offset], t, len);
+		offset += len;
+		okmlen -= len;
+	}
+}
+
+void sha256_hkdf(const unsigned char *salt, int saltlen,
+		 const unsigned char *ikm, int ikmlen,
+		 const unsigned char *info, int infolen,
+		 unsigned char *output, int outputlen)
+{
+	unsigned char prk[SHA256_SUM_LEN];
+
+	/* Step 1: Extract */
+	sha256_hmac(salt, saltlen, ikm, ikmlen, prk);
+
+	/* Step 2: Expand */
+	sha256_hkdf_expand(prk, SHA256_SUM_LEN, info, infolen,
+			   output, outputlen);
+}
-- 
2.25.1

More information about the U-Boot mailing list