From 12e841114db54bd2021b7c96002a0d2bd24fa646 Mon Sep 17 00:00:00 2001
From: Philippe Reynes <philippe.reynes@softathome.com>
Date: Thu, 19 Dec 2024 14:05:52 +0100
Subject: lib: mbedtls: sha256: add support of key derivation

Adds the support of key derivation using the scheme hkdf.
This scheme is defined in rfc5869.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Raymond Mao <raymond.mao@linaro.org>
---
 include/u-boot/sha256.h | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'include')

diff --git a/include/u-boot/sha256.h b/include/u-boot/sha256.h
index 99cf78e204c..d7a3403270b 100644
--- a/include/u-boot/sha256.h
+++ b/include/u-boot/sha256.h
@@ -1,6 +1,8 @@
 #ifndef _SHA256_H
 #define _SHA256_H
 
+#include <linux/compiler_attributes.h>
+#include <linux/errno.h>
 #include <linux/kconfig.h>
 #include <linux/types.h>
 
@@ -49,4 +51,22 @@ int sha256_hmac(const unsigned char *key, int keylen,
 		const unsigned char *input, unsigned int ilen,
 		unsigned char *output);
 
+#if CONFIG_IS_ENABLED(HKDF_MBEDTLS)
+int sha256_hkdf(const unsigned char *salt, int saltlen,
+		const unsigned char *ikm, int ikmlen,
+		const unsigned char *info, int infolen,
+		unsigned char *output, int outputlen);
+#else
+static inline int sha256_hkdf(const unsigned char __always_unused *salt,
+			      int __always_unused saltlen,
+			      const unsigned char __always_unused *ikm,
+			      int __always_unused ikmlen,
+			      const unsigned char __always_unused *info,
+			      int __always_unused infolen,
+			      unsigned char __always_unused *output,
+			      int __always_unused outputlen) {
+	return -EOPNOTSUPP;
+}
+#endif
+
 #endif /* _SHA256_H */
-- 
cgit v1.2.3