sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
f22feb0e3b3f08b95201b258b104c45a2acef71f
system76-edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
Michael D Kinney 2009f6b4c5 CryptoPkg: Replace BSD License with BSD+Patent License 
https://bugzilla.tianocore.org/show_bug.cgi?id=1373

Replace BSD 2-Clause License with BSD+Patent License.  This change is
based on the following emails:

  https://lists.01.org/pipermail/edk2-devel/2019-February/036260.html
  https://lists.01.org/pipermail/edk2-devel/2018-October/030385.html

RFCs with detailed process for the license change:

  V3: https://lists.01.org/pipermail/edk2-devel/2019-March/038116.html
  V2: https://lists.01.org/pipermail/edk2-devel/2019-March/037669.html
  V1: https://lists.01.org/pipermail/edk2-devel/2019-March/037500.html

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2019-04-09 09:10:22 -07:00

96 lines
3.1 KiB
C
Raw Blame History

/** @file
PBKDF2 Key Derivation Function Wrapper Implementation over OpenSSL.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include "InternalCryptLib.h"
#include <openssl/evp.h>
#include <openssl/hmac.h>
/**
Derives a key from a password using a salt and iteration count, based on PKCS#5 v2.0
password based encryption key derivation function PBKDF2, as specified in RFC 2898.
If Password or Salt or OutKey is NULL, then return FALSE.
If the hash algorithm could not be determined, then return FALSE.
@param[in] PasswordLength Length of input password in bytes.
@param[in] Password Pointer to the array for the password.
@param[in] SaltLength Size of the Salt in bytes.
@param[in] Salt Pointer to the Salt.
@param[in] IterationCount Number of iterations to perform. Its value should be
greater than or equal to 1.
@param[in] DigestSize Size of the message digest to be used (eg. SHA256_DIGEST_SIZE).
NOTE: DigestSize will be used to determine the hash algorithm.
Only SHA1_DIGEST_SIZE or SHA256_DIGEST_SIZE is supported.
@param[in] KeyLength Size of the derived key buffer in bytes.
@param[out] OutKey Pointer to the output derived key buffer.
@retval TRUE A key was derived successfully.
@retval FALSE One of the pointers was NULL or one of the sizes was too large.
@retval FALSE The hash algorithm could not be determined from the digest size.
@retval FALSE The key derivation operation failed.
**/
BOOLEAN
EFIAPI
Pkcs5HashPassword (
IN UINTN PasswordLength,
IN CONST CHAR8 *Password,
IN UINTN SaltLength,
IN CONST UINT8 *Salt,
IN UINTN IterationCount,
IN UINTN DigestSize,
IN UINTN KeyLength,
OUT UINT8 *OutKey
)
{
CONST EVP_MD *HashAlg;
HashAlg = NULL;
//
// Parameter Checking.
//
if ((Password == NULL) || (Salt == NULL) || (OutKey == NULL)) {
return FALSE;
}
if ((PasswordLength == 0) || (PasswordLength > INT_MAX) ||
(SaltLength == 0) || (SaltLength > INT_MAX) ||
(KeyLength == 0) || (KeyLength > INT_MAX) ||
(IterationCount < 1) || (IterationCount > INT_MAX)) {
return FALSE;
}
//
// Make sure the digest algorithm is supported.
//
switch (DigestSize) {
case SHA1_DIGEST_SIZE:
HashAlg = EVP_sha1();
break;
case SHA256_DIGEST_SIZE:
HashAlg = EVP_sha256();
break;
default:
return FALSE;
break;
}
//
// Perform password-based key derivation routines.
//
return (BOOLEAN)PKCS5_PBKDF2_HMAC (
(const char *)Password,
(int)PasswordLength,
(const unsigned char *)Salt,
(int)SaltLength,
(int)IterationCount,
HashAlg,
(int)KeyLength,
(unsigned char *)OutKey
);
}
Reference in New Issue View Git Blame Copy Permalink