1 /*
2 * Copyright 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #ifndef SYSTEM_KEYMASTER_CKDF_H_
18 #define SYSTEM_KEYMASTER_CKDF_H_
19
20 #include <keymaster/android_keymaster_utils.h>
21
22 namespace keymaster {
23
24 /**
25 * Implementation of CKDF, aka AES-CMAC KDF, from NIST SP 800-108. Uses 32-bit i and L, and
26 * prefixes with i. This version takes the context in an array of keymaster_blob_ts.
27 */
28 keymaster_error_t ckdf(const KeymasterKeyBlob& key, const KeymasterBlob& label,
29 const keymaster_blob_t* context_chunks, size_t num_chunks,
30 KeymasterKeyBlob* output);
31
32 /**
33 * Implementation of CKDF, aka AES-CMAC KDF, from NIST SP 800-108. Uses 32-bit i and L, and
34 * prefixes with i. This version takes the context as a single keymaster_blob_t&.
35 */
ckdf(const KeymasterKeyBlob & key,const KeymasterBlob & label,const keymaster_blob_t & context_chunks,KeymasterKeyBlob * output)36 inline keymaster_error_t ckdf(const KeymasterKeyBlob& key, const KeymasterBlob& label,
37 const keymaster_blob_t& context_chunks, KeymasterKeyBlob* output) {
38 return ckdf(key, label, &context_chunks, 1 /* num_chunks */, output);
39 }
40
41 } // namespace keymaster
42
43 #endif // SYSTEM_KEYMASTER_KDF_H_
44