diff options
| author | Philippe Reynes <[email protected]> | 2024-12-19 14:05:48 +0100 |
|---|---|---|
| committer | Tom Rini <[email protected]> | 2025-01-18 17:12:47 -0600 |
| commit | 70a42bf2170eadd2b8b99175785435f209faca0a (patch) | |
| tree | e9280a75f5730725032f41d4119d8e04e0c3bb98 /lib/mbedtls | |
| parent | f88ccd32b5e566104c9e65f1c576125895214f10 (diff) | |
mbedtls: enable support of hkdf
Adds the support of key derivation using
the scheme hkdf.
Reviewed-by: Raymond Mao <[email protected]>
Signed-off-by: Philippe Reynes <[email protected]>
Diffstat (limited to 'lib/mbedtls')
| -rw-r--r-- | lib/mbedtls/Kconfig | 14 | ||||
| -rw-r--r-- | lib/mbedtls/Makefile | 2 | ||||
| -rw-r--r-- | lib/mbedtls/mbedtls_def_config.h | 4 |
3 files changed, 20 insertions, 0 deletions
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig index 78167ffa252..aa82336ef14 100644 --- a/lib/mbedtls/Kconfig +++ b/lib/mbedtls/Kconfig @@ -297,6 +297,13 @@ config MD5_MBEDTLS This option enables support of hashing using MD5 algorithm with MbedTLS crypto library. +config HKDF_MBEDTLS + bool "Enable HKDF support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO + help + This option enables support of key derivation using HKDF algorithm + with MbedTLS crypto library. + if SPL config SPL_SHA1_MBEDTLS @@ -335,6 +342,13 @@ config SPL_MD5_MBEDTLS This option enables support of hashing using MD5 algorithm with MbedTLS crypto library. +config SPL_HKDF_MBEDTLS + bool "Enable HKDF support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO + help + This option enables support of key derivation using HKDF algorithm + with MbedTLS crypto library. + endif # SPL endif # MBEDTLS_LIB_CRYPTO diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile index ce0a61e4054..e66c2018d97 100644 --- a/lib/mbedtls/Makefile +++ b/lib/mbedtls/Makefile @@ -33,6 +33,8 @@ mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += \ $(MBEDTLS_LIB_DIR)/sha256.o mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += \ $(MBEDTLS_LIB_DIR)/sha512.o +mbedtls_lib_crypto-$(CONFIG_$(SPL_)HKDF_MBEDTLS) += \ + $(MBEDTLS_LIB_DIR)/hkdf.o # MbedTLS X509 library obj-$(CONFIG_MBEDTLS_LIB_X509) += mbedtls_lib_x509.o diff --git a/lib/mbedtls/mbedtls_def_config.h b/lib/mbedtls/mbedtls_def_config.h index 1d2314e90e4..fd440c392f9 100644 --- a/lib/mbedtls/mbedtls_def_config.h +++ b/lib/mbedtls/mbedtls_def_config.h @@ -56,6 +56,10 @@ #endif #endif +#if CONFIG_IS_ENABLED(HKDF_MBEDTLS) +#define MBEDTLS_HKDF_C +#endif + #if defined CONFIG_MBEDTLS_LIB_X509 #if CONFIG_IS_ENABLED(X509_CERTIFICATE_PARSER) |