qemu
diff --git a/‎src/crypto/hkdf.c‎
Lines changed: 108 additions & 0 deletions b/‎src/crypto/hkdf.c‎
Lines changed: 108 additions & 0 deletions
diff --git a/‎src/include/ipxe/hkdf.h‎
Lines changed: 22 additions & 0 deletions b/‎src/include/ipxe/hkdf.h‎
Lines changed: 22 additions & 0 deletions
@@ -0,0 +1,108 @@
+/*
+ * Copyright (C) 2026 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
+
+/** @file
+ *
+ * HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
+ *
+ * The algorithm is defined in RFC 5869, with its usage by TLS 1.3
+ * documented in RFC 8446 section 7.1.
+ *
+ */
+
+#include <stdint.h>
+#include <string.h>
+#include <assert.h>
+#include <ipxe/crypto.h>
+#include <ipxe/hmac.h>
+#include <ipxe/hkdf.h>
+
+/**
+ * Extract fixed-length pseudorandom key
+ *
+ * @v digest		Digest algorithm
+ * @v salt		Salt value (or NULL)
+ * @v salt_len		Length of salt value
+ * @v ikm		Input keying material
+ * @v ikm_len		Length of input keying material
+ * @v prk		Pseudorandom key to fill in
+ */
+void hkdf_extract ( struct digest_algorithm *digest, const void *salt,
+		    size_t salt_len, const void *ikm, size_t ikm_len,
+		    void *prk ) {
+	uint8_t ctx[ hmac_ctxsize ( digest ) ];
+
+	/* Use all-zero salt if not specified */
+	if ( ! salt ) {
+		assert ( salt_len == 0 );
+		salt_len = digest->digestsize;
+		memset ( prk, 0, salt_len );
+		salt = prk;
+	}
+
+	/* Calculate pseudorandom key */
+	hmac_init ( digest, ctx, salt, salt_len );
+	hmac_update ( digest, ctx, ikm, ikm_len );
+	hmac_final ( digest, ctx, prk );
+}
+
+/**
+ * Expand pseudorandom key
+ *
+ * @v digest		Digest algorithm
+ * @v prk		Pseudorandom key
+ * @v info		Additional information (or NULL)
+ * @v info_len		Length of additional information
+ * @v out		Output keying material
+ * @v len		Length of output keying material
+ */
+void hkdf_expand ( struct digest_algorithm *digest, const void *prk,
+		   const void *info, size_t info_len, void *out, size_t len ) {
+	size_t digestsize = digest->digestsize;
+	uint8_t ctx[ hmac_ctxsize ( digest ) ];
+	uint8_t hash[digestsize];
+	uint8_t index = 0;
+	size_t frag_len;
+
+	while ( len ) {
+
+		/* Calculate T(n) */
+		hmac_init ( digest, ctx, prk, digestsize );
+		if ( index++ )
+			hmac_update ( digest, ctx, hash, digestsize );
+		hmac_update ( digest, ctx, info, info_len );
+		hmac_update ( digest, ctx, &index, sizeof ( index ) );
+		hmac_final ( digest, ctx, hash );
+
+		/* Copy to output buffer */
+		frag_len = len;
+		if ( frag_len > digestsize )
+			frag_len = digestsize;
+		memcpy ( out, hash, frag_len );
+		out += frag_len;
+		len -= frag_len;
+	}
+}
@@ -0,0 +1,22 @@
+#ifndef _IPXE_HKDF_H
+#define _IPXE_HKDF_H
+
+/** @file
+ *
+ * HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
+ *
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
+
+#include <ipxe/crypto.h>
+
+extern void hkdf_extract ( struct digest_algorithm *digest, const void *salt,
+			   size_t salt_len, const void *ikm, size_t ikm_len,
+			   void *prk );
+extern void hkdf_expand ( struct digest_algorithm *digest, const void *prk,
+			  const void *info, size_t info_len, void *out,
+			  size_t len );
+
+#endif /* _IPXE_HKDF_H */