[crypto] Add support for HKDF key derivation

Add support for the HMAC-based Extract-and-Expand Key Derivation
Function (HKDF) as used in TLS version 1.3 and defined in RFC 5869.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2026-04-28 12:32:12 +01:00
parent a42daf6e88
commit 8d2ebbf8a1
4 changed files with 450 additions and 0 deletions
+22
View File
@@ -0,0 +1,22 @@
#ifndef _IPXE_HKDF_H
#define _IPXE_HKDF_H
/** @file
*
* HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
*
*/
FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
FILE_SECBOOT ( PERMITTED );
#include <ipxe/crypto.h>
extern void hkdf_extract ( struct digest_algorithm *digest, const void *salt,
size_t salt_len, const void *ikm, size_t ikm_len,
void *prk );
extern void hkdf_expand ( struct digest_algorithm *digest, const void *prk,
const void *info, size_t info_len, void *out,
size_t len );
#endif /* _IPXE_HKDF_H */