1 /* 2 * Copyright 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef SYSTEM_KEYMASTER_CKDF_H_ 18 #define SYSTEM_KEYMASTER_CKDF_H_ 19 20 #include <keymaster/android_keymaster_utils.h> 21 22 namespace keymaster { 23 24 /** 25 * Implementation of CKDF, aka AES-CMAC KDF, from NIST SP 800-108. Uses 32-bit i and L, and 26 * prefixes with i. This version takes the context in an array of keymaster_blob_ts. 27 */ 28 keymaster_error_t ckdf(const KeymasterKeyBlob& key, const KeymasterBlob& label, 29 const keymaster_blob_t* context_chunks, size_t num_chunks, 30 KeymasterKeyBlob* output); 31 32 /** 33 * Implementation of CKDF, aka AES-CMAC KDF, from NIST SP 800-108. Uses 32-bit i and L, and 34 * prefixes with i. This version takes the context as a single keymaster_blob_t&. 35 */ 36 inline keymaster_error_t ckdf(const KeymasterKeyBlob& key, const KeymasterBlob& label, 37 const keymaster_blob_t& context_chunks, KeymasterKeyBlob* output) { 38 return ckdf(key, label, &context_chunks, 1 /* num_chunks */, output); 39 } 40 41 } // namespace keymaster 42 43 #endif // SYSTEM_KEYMASTER_KDF_H_ 44