CryptPkcs5Pbkdf2.c

Go to the documentation of this file.

 
#include "InternalCryptLib.h"
#include <mbedtls/pkcs5.h>
 
BOOLEAN
EFIAPI
Pkcs5HashPassword (
  IN UINTN        PasswordLength,
  IN CONST CHAR8  *Password,
  IN UINTN        SaltLength,
  IN CONST UINT8  *Salt,
  IN UINTN        IterationCount,
  IN UINTN        DigestSize,
  IN UINTN        KeyLength,
  OUT UINT8       *OutKey
  )
{
  mbedtls_md_type_t  HashAlg;
 
  //
  // Parameter Checking.
  //
  if ((Password == NULL) || (Salt == NULL) || (OutKey == NULL)) {
    return FALSE;
  }
 
  if ((PasswordLength == 0) || (PasswordLength > INT_MAX) ||
      (SaltLength == 0) || (SaltLength > INT_MAX) ||
      (KeyLength == 0) || (KeyLength > INT_MAX) ||
      (IterationCount < 1) || (IterationCount > INT_MAX))
  {
    return FALSE;
  }
 
  //
  // Make sure the digest algorithm is supported.
  //
  switch (DigestSize) {
    case SHA1_DIGEST_SIZE:
      HashAlg = MBEDTLS_MD_SHA1;
      break;
    case SHA256_DIGEST_SIZE:
      HashAlg = MBEDTLS_MD_SHA256;
      break;
    default:
      return FALSE;
      break;
  }
 
  //
  // Perform password-based key derivation routines.
  //
  if (mbedtls_pkcs5_pbkdf2_hmac_ext (
        HashAlg,
        (CONST UINT8 *)Password,
        (int)PasswordLength,
        (CONST UINT8 *)Salt,
        (int)SaltLength,
        (int)IterationCount,
        (int)KeyLength,
        (UINT8 *)OutKey
        ) != 0)
  {
    return FALSE;
  } else {
    return TRUE;
  }
}