Feature/hkdf hsm (#6662)

* added HKDF HSM

* restyled

* extended pbkdf api with sha algorithm input
diff --git a/src/crypto/BUILD.gn b/src/crypto/BUILD.gn
index 188c78d..58a18f2 100644
--- a/src/crypto/BUILD.gn
+++ b/src/crypto/BUILD.gn
@@ -87,6 +87,7 @@
 
   if (chip_with_se05x == 1) {
     sources += [
+      "hsm/nxp/CHIPCryptoPALHsm_SE05X_HKDF.cpp",
       "hsm/nxp/CHIPCryptoPALHsm_SE05X_P256.cpp",
       "hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp",
       "hsm/nxp/CHIPCryptoPALHsm_SE05X_Spake2p.cpp",
diff --git a/src/crypto/CHIPCryptoPAL.cpp b/src/crypto/CHIPCryptoPAL.cpp
index 1160d24..dcc0ca3 100644
--- a/src/crypto/CHIPCryptoPAL.cpp
+++ b/src/crypto/CHIPCryptoPAL.cpp
@@ -27,6 +27,12 @@
 namespace chip {
 namespace Crypto {
 
+#ifdef ENABLE_HSM_HKDF
+using HKDF_sha_crypto = HKDF_shaHSM;
+#else
+using HKDF_sha_crypto = HKDF_sha;
+#endif
+
 CHIP_ERROR Spake2p::InternalHash(const uint8_t * in, size_t in_len)
 {
     CHIP_ERROR error = CHIP_ERROR_INTERNAL;
@@ -431,8 +437,9 @@
                                               size_t out_len)
 {
     CHIP_ERROR error = CHIP_ERROR_INTERNAL;
+    HKDF_sha_crypto mHKDF;
 
-    error = HKDF_SHA256(ikm, ikm_len, salt, salt_len, info, info_len, out, out_len);
+    error = mHKDF.HKDF_SHA256(ikm, ikm_len, salt, salt_len, info, info_len, out, out_len);
     VerifyOrExit(error == CHIP_NO_ERROR, error = CHIP_ERROR_INTERNAL);
 
     error = CHIP_NO_ERROR;
diff --git a/src/crypto/CHIPCryptoPAL.h b/src/crypto/CHIPCryptoPAL.h
index 2c1f388..157b12d 100644
--- a/src/crypto/CHIPCryptoPAL.h
+++ b/src/crypto/CHIPCryptoPAL.h
@@ -400,21 +400,28 @@
     HashSHA256OpaqueContext mContext;
 };
 
-/**
- * @brief A function that implements SHA-256 based HKDF
- * @param secret The secret to use as the key to the HKDF
- * @param secret_length Length of the secret
- * @param salt Optional salt to use as input to the HKDF
- * @param salt_length Length of the salt
- * @param info Optional info to use as input to the HKDF
- * @param info_length Length of the info
- * @param out_buffer Pointer to buffer to write output into.
- * @param out_length Resulting length of out_buffer
- * @return Returns a CHIP_ERROR on error, CHIP_NO_ERROR otherwise
- **/
+class HKDF_sha
+{
+public:
+    HKDF_sha() {}
+    virtual ~HKDF_sha() {}
 
-CHIP_ERROR HKDF_SHA256(const uint8_t * secret, size_t secret_length, const uint8_t * salt, size_t salt_length, const uint8_t * info,
-                       size_t info_length, uint8_t * out_buffer, size_t out_length);
+    /**
+     * @brief A function that implements SHA-256 based HKDF
+     * @param secret The secret to use as the key to the HKDF
+     * @param secret_length Length of the secret
+     * @param salt Optional salt to use as input to the HKDF
+     * @param salt_length Length of the salt
+     * @param info Optional info to use as input to the HKDF
+     * @param info_length Length of the info
+     * @param out_buffer Pointer to buffer to write output into.
+     * @param out_length Resulting length of out_buffer
+     * @return Returns a CHIP_ERROR on error, CHIP_NO_ERROR otherwise
+     **/
+
+    virtual CHIP_ERROR HKDF_SHA256(const uint8_t * secret, size_t secret_length, const uint8_t * salt, size_t salt_length,
+                                   const uint8_t * info, size_t info_length, uint8_t * out_buffer, size_t out_length);
+};
 
 /**
  * @brief A cryptographically secure random number generator based on NIST SP800-90A
diff --git a/src/crypto/CHIPCryptoPALOpenSSL.cpp b/src/crypto/CHIPCryptoPALOpenSSL.cpp
index f1e4886..c4f7bb5 100644
--- a/src/crypto/CHIPCryptoPALOpenSSL.cpp
+++ b/src/crypto/CHIPCryptoPALOpenSSL.cpp
@@ -361,8 +361,8 @@
     memset(this, 0, sizeof(*this));
 }
 
-CHIP_ERROR HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
-                       const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
+CHIP_ERROR HKDF_sha::HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
+                                 const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
 {
     EVP_PKEY_CTX * context;
     CHIP_ERROR error = CHIP_NO_ERROR;
diff --git a/src/crypto/CHIPCryptoPALmbedTLS.cpp b/src/crypto/CHIPCryptoPALmbedTLS.cpp
index 418682d..504ee01 100644
--- a/src/crypto/CHIPCryptoPALmbedTLS.cpp
+++ b/src/crypto/CHIPCryptoPALmbedTLS.cpp
@@ -259,8 +259,8 @@
     memset(this, 0, sizeof(*this));
 }
 
-CHIP_ERROR HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
-                       const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
+CHIP_ERROR HKDF_sha::HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
+                                 const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
 {
     CHIP_ERROR error = CHIP_NO_ERROR;
     int result       = 1;
diff --git a/src/crypto/hsm/CHIPCryptoPALHsm.h b/src/crypto/hsm/CHIPCryptoPALHsm.h
index ec846c3..bce797d 100644
--- a/src/crypto/hsm/CHIPCryptoPALHsm.h
+++ b/src/crypto/hsm/CHIPCryptoPALHsm.h
@@ -137,6 +137,28 @@
 
 #endif //#if ENABLE_HSM_PBKDF2_SHA256
 
+#if ENABLE_HSM_HKDF_SHA256
+
+class HKDF_shaHSM : public HKDF_sha
+{
+public:
+    HKDF_shaHSM();
+    ~HKDF_shaHSM();
+
+    virtual CHIP_ERROR HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt,
+                                   const size_t salt_length, const uint8_t * info, const size_t info_length, uint8_t * out_buffer,
+                                   size_t out_length) override;
+
+    void SetKeyId(uint32_t id) { keyid = id; }
+
+    uint32_t GetKeyId() { return keyid; }
+
+private:
+    uint32_t keyid;
+};
+
+#endif //#if ENABLE_HSM_HKDF_SHA256
+
 } // namespace Crypto
 } // namespace chip
 
diff --git a/src/crypto/hsm/CHIPCryptoPALHsm_config.h b/src/crypto/hsm/CHIPCryptoPALHsm_config.h
index 5bd8c0f..380a497 100644
--- a/src/crypto/hsm/CHIPCryptoPALHsm_config.h
+++ b/src/crypto/hsm/CHIPCryptoPALHsm_config.h
@@ -43,6 +43,11 @@
  */
 #define ENABLE_HSM_PBKDF2_SHA256 1
 
+/*
+ * Enable HSM for HKDF SHA256
+ */
+#define ENABLE_HSM_HKDF_SHA256 1
+
 #if ((CHIP_CRYPTO_HSM) && ((ENABLE_HSM_SPAKE_VERIFIER) || (ENABLE_HSM_SPAKE_PROVER)))
 #define ENABLE_HSM_SPAKE
 #endif
@@ -55,4 +60,8 @@
 #define ENABLE_HSM_PBKDF2
 #endif
 
+#if ((CHIP_CRYPTO_HSM) && (ENABLE_HSM_HKDF_SHA256))
+#define ENABLE_HSM_HKDF
+#endif
+
 #endif //#ifndef _CHIP_CRYPTO_PAL_HSM_CONFIG_H_
diff --git a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_HKDF.cpp b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_HKDF.cpp
new file mode 100644
index 0000000..baac68e
--- /dev/null
+++ b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_HKDF.cpp
@@ -0,0 +1,97 @@
+/*
+ *
+ *    Copyright (c) 2021 Project CHIP Authors
+ *
+ *    Licensed under the Apache License, Version 2.0 (the "License");
+ *    you may not use this file except in compliance with the License.
+ *    You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS,
+ *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *    See the License for the specific language governing permissions and
+ *    limitations under the License.
+ */
+
+/**
+ *    @file
+ *      HSM based implementation of CHIP crypto primitives
+ *      Based on configurations in CHIPCryptoPALHsm_config.h file,
+ *      chip crypto apis use either HSM or rollback to software implementation.
+ */
+
+#include "CHIPCryptoPALHsm_SE05X_utils.h"
+#include <core/CHIPEncoding.h>
+
+#if ENABLE_HSM_HKDF_SHA256
+
+namespace chip {
+namespace Crypto {
+
+HKDF_shaHSM::HKDF_shaHSM()
+{
+    keyid = kKeyId_hkdf_sha256_hmac_keyid;
+}
+HKDF_shaHSM::~HKDF_shaHSM() {}
+
+CHIP_ERROR HKDF_shaHSM::HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt,
+                                    const size_t salt_length, const uint8_t * info, const size_t info_length, uint8_t * out_buffer,
+                                    size_t out_length)
+{
+    CHIP_ERROR error       = CHIP_ERROR_INTERNAL;
+    sss_status_t status    = kStatus_SSS_Success;
+    smStatus_t smstatus    = SM_NOT_OK;
+    sss_object_t keyObject = { 0 };
+
+    if (salt_length > 64 || info_length > 80 || secret_length > 256 || out_length > 768)
+    {
+        /* Length not supported by se05x. Rollback to SW */
+        return HKDF_sha::HKDF_SHA256(secret, secret_length, salt, salt_length, info, info_length, out_buffer, out_length);
+    }
+
+    // Salt is optional
+    if (salt_length > 0)
+    {
+        VerifyOrExit(salt != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
+    }
+    VerifyOrExit(info_length > 0, error = CHIP_ERROR_INVALID_ARGUMENT);
+    VerifyOrExit(info != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
+    VerifyOrExit(out_length > 0, error = CHIP_ERROR_INVALID_ARGUMENT);
+    VerifyOrExit(out_buffer != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
+    VerifyOrExit(secret != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
+
+    VerifyOrExit(keyid != kKeyId_NotInitialized, error = CHIP_ERROR_HSM);
+
+    se05x_sessionOpen();
+
+    status = sss_key_object_init(&keyObject, &gex_sss_chip_ctx.ks);
+    VerifyOrExit(status == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL);
+
+    status = sss_key_object_allocate_handle(&keyObject, keyid, kSSS_KeyPart_Default, kSSS_CipherType_HMAC, secret_length,
+                                            kKeyObject_Mode_Transient);
+    VerifyOrExit(status == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL);
+
+    status = sss_key_store_set_key(&gex_sss_chip_ctx.ks, &keyObject, secret, secret_length, secret_length * 8, NULL, 0);
+    VerifyOrExit(status == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL);
+
+    VerifyOrExit(gex_sss_chip_ctx.ks.session != NULL, error = CHIP_ERROR_INTERNAL);
+
+    smstatus = Se05x_API_HKDF_Extended(&((sss_se05x_session_t *) &gex_sss_chip_ctx.session)->s_ctx, keyObject.keyId,
+                                       kSE05x_DigestMode_SHA256, kSE05x_HkdfMode_ExtractExpand, salt, salt_length, 0, info,
+                                       info_length, 0, (uint16_t) out_length, out_buffer, &out_length);
+    VerifyOrExit(smstatus == SM_OK, error = CHIP_ERROR_INTERNAL);
+
+    status = sss_key_store_erase_key(&gex_sss_chip_ctx.ks, &keyObject);
+    VerifyOrExit(status == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL);
+
+    error = CHIP_NO_ERROR;
+exit:
+    return error;
+}
+
+} // namespace Crypto
+} // namespace chip
+
+#endif //#if ENABLE_HSM_HKDF_SHA256
diff --git a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp
index 13a1f21..ba41628 100644
--- a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp
+++ b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp
@@ -70,8 +70,8 @@
 
     VerifyOrExit(gex_sss_chip_ctx.ks.session != NULL, error = CHIP_ERROR_INTERNAL);
 
-    smStatus = Se05x_API_PBKDF2(&((sss_se05x_session_t *) &gex_sss_chip_ctx.session)->s_ctx, keyid, salt, slen,
-                                (uint16_t) iteration_count, (uint16_t) key_length, output, (size_t *) &key_length);
+    smStatus = Se05x_API_PBKDF2(&((sss_se05x_session_t *) &gex_sss_chip_ctx.session)->s_ctx, keyid, kSE05x_Pbkdf2_HMAC_SHA256, salt,
+                                slen, (uint16_t) iteration_count, (uint16_t) key_length, output, (size_t *) &key_length);
 
     VerifyOrExit(smStatus == SM_OK, error = CHIP_ERROR_INTERNAL);
 
diff --git a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_utils.h b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_utils.h
index 1d137dc..d7d84c2 100644
--- a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_utils.h
+++ b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_utils.h
@@ -44,6 +44,7 @@
 {
     kKeyId_NotInitialized           = 0,
     kKeyId_pbkdf2_sha256_hmac_keyid = 0xBCBCBCBC,
+    kKeyId_hkdf_sha256_hmac_keyid,
 };
 
 // Enable the below macro to make spake HSM imlementation reentrant.
diff --git a/src/crypto/tests/CHIPCryptoPALTest.cpp b/src/crypto/tests/CHIPCryptoPALTest.cpp
index 6e61244..10c6dd3 100644
--- a/src/crypto/tests/CHIPCryptoPALTest.cpp
+++ b/src/crypto/tests/CHIPCryptoPALTest.cpp
@@ -77,6 +77,12 @@
 using TestPBKDF2_sha256                 = PBKDF2_sha256;
 #endif
 
+#ifdef ENABLE_HSM_HKDF
+using TestHKDF_sha = HKDF_shaHSM;
+#else
+using TestHKDF_sha                      = HKDF_sha;
+#endif
+
 static uint32_t gs_test_entropy_source_called = 0;
 static int test_entropy_source(void * data, uint8_t * output, size_t len, size_t * olen)
 {
@@ -643,6 +649,7 @@
 {
     int numOfTestCases     = ArraySize(hkdf_sha256_test_vectors);
     int numOfTestsExecuted = 0;
+    TestHKDF_sha mHKDF;
 
     for (numOfTestsExecuted = 0; numOfTestsExecuted < numOfTestCases; numOfTestsExecuted++)
     {
@@ -651,8 +658,8 @@
         chip::Platform::ScopedMemoryBuffer<uint8_t> out_buffer;
         out_buffer.Alloc(out_length);
         NL_TEST_ASSERT(inSuite, out_buffer);
-        HKDF_SHA256(v.initial_key_material, v.initial_key_material_length, v.salt, v.salt_length, v.info, v.info_length,
-                    out_buffer.Get(), v.output_key_material_length);
+        mHKDF.HKDF_SHA256(v.initial_key_material, v.initial_key_material_length, v.salt, v.salt_length, v.info, v.info_length,
+                          out_buffer.Get(), v.output_key_material_length);
         bool success = memcmp(v.output_key_material, out_buffer.Get(), out_length) == 0;
         NL_TEST_ASSERT(inSuite, success);
     }
diff --git a/src/protocols/secure_channel/CASESession.cpp b/src/protocols/secure_channel/CASESession.cpp
index 4e31912..043add4 100644
--- a/src/protocols/secure_channel/CASESession.cpp
+++ b/src/protocols/secure_channel/CASESession.cpp
@@ -61,6 +61,12 @@
 using namespace Credentials;
 using namespace Messaging;
 
+#ifdef ENABLE_HSM_HKDF
+using HKDF_sha_crypto = HKDF_shaHSM;
+#else
+using HKDF_sha_crypto = HKDF_sha;
+#endif
+
 // Wait at most 30 seconds for the response from the peer.
 // This timeout value assumes the underlying transport is reliable.
 // The session establishment fails if the response is not received within timeout window.
@@ -423,6 +429,8 @@
 
     uint8_t tag[kTAGSize];
 
+    HKDF_sha_crypto mHKDF;
+
     saltlen = kIPKSize + kSigmaParamRandomNumberSize + kP256_PublicKey_Length + kSHA256_Hash_Length;
 
     msg_salt = System::PacketBufferHandle::New(saltlen);
@@ -455,8 +463,8 @@
     err = ConstructSaltSigmaR2(msg_rand, mEphemeralKey.Pubkey(), mIPK, sizeof(mIPK), msg_salt);
     SuccessOrExit(err);
 
-    err = HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR2Info, kKDFInfoLength, sr2k,
-                      kAEADKeySize);
+    err = mHKDF.HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR2Info, kKDFInfoLength, sr2k,
+                            kAEADKeySize);
     SuccessOrExit(err);
 
     // Step 6
@@ -589,6 +597,8 @@
 
     uint16_t encryptionKeyId = 0;
 
+    HKDF_sha_crypto mHKDF;
+
     VerifyOrExit(buf != nullptr, err = CHIP_ERROR_MESSAGE_INCOMPLETE);
 
     ChipLogDetail(Inet, "Received SigmaR2 msg");
@@ -631,8 +641,8 @@
     err = ConstructSaltSigmaR2(msg, mRemotePubKey, mRemoteIPK, sizeof(mRemoteIPK), msg_salt);
     SuccessOrExit(err);
 
-    err = HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR2Info, kKDFInfoLength, sr2k,
-                      kAEADKeySize);
+    err = mHKDF.HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR2Info, kKDFInfoLength, sr2k,
+                            kAEADKeySize);
     SuccessOrExit(err);
 
     err = mCommissioningHash.AddData(msg->Start(), msg->DataLength());
@@ -706,6 +716,8 @@
 
     uint8_t tag[kTAGSize];
 
+    HKDF_sha_crypto mHKDF;
+
     // Step 1
     saltlen = kIPKSize + kSHA256_Hash_Length;
 
@@ -716,8 +728,8 @@
     err = ConstructSaltSigmaR3(mIPK, sizeof(mIPK), msg_salt);
     SuccessOrExit(err);
 
-    err = HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR3Info, kKDFInfoLength, sr3k,
-                      kAEADKeySize);
+    err = mHKDF.HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR3Info, kKDFInfoLength, sr3k,
+                            kAEADKeySize);
     SuccessOrExit(err);
 
     // Step 2
@@ -835,6 +847,8 @@
 
     uint8_t * tag = msg->Start() + msg->DataLength() - kTAGSize;
 
+    HKDF_sha_crypto mHKDF;
+
     ChipLogDetail(Inet, "Received SigmaR3 msg");
 
     mNextExpectedMsg = Protocols::SecureChannel::MsgType::CASE_SigmaErr;
@@ -852,8 +866,8 @@
     err = ConstructSaltSigmaR3(mRemoteIPK, sizeof(mRemoteIPK), msg_salt);
     SuccessOrExit(err);
 
-    err = HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR3Info, kKDFInfoLength, sr3k,
-                      kAEADKeySize);
+    err = mHKDF.HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR3Info, kKDFInfoLength, sr3k,
+                            kAEADKeySize);
     SuccessOrExit(err);
 
     err = mCommissioningHash.AddData(msg->Start(), msg->DataLength());
@@ -1044,8 +1058,9 @@
 
 CHIP_ERROR CASESession::ComputeIPK(const uint16_t sessionID, uint8_t * ipk, size_t ipkLen)
 {
-    ReturnErrorOnFailure(HKDF_SHA256(fabricSecret, fabricSecret.Length(), reinterpret_cast<const uint8_t *>(&sessionID),
-                                     sizeof(sessionID), kIPKInfo, sizeof(kIPKInfo), ipk, ipkLen));
+    HKDF_sha_crypto mHKDF;
+    ReturnErrorOnFailure(mHKDF.HKDF_SHA256(fabricSecret, fabricSecret.Length(), reinterpret_cast<const uint8_t *>(&sessionID),
+                                           sizeof(sessionID), kIPKInfo, sizeof(kIPKInfo), ipk, ipkLen));
 
     return CHIP_NO_ERROR;
 }
diff --git a/src/protocols/secure_channel/CASESession.h b/src/protocols/secure_channel/CASESession.h
index bc2ad16..0f4d897 100644
--- a/src/protocols/secure_channel/CASESession.h
+++ b/src/protocols/secure_channel/CASESession.h
@@ -28,6 +28,9 @@
 #include <credentials/CHIPCert.h>
 #include <credentials/CHIPOperationalCredentials.h>
 #include <crypto/CHIPCryptoPAL.h>
+#if CHIP_CRYPTO_HSM
+#include <crypto/hsm/CHIPCryptoPALHsm.h>
+#endif
 #include <messaging/ExchangeContext.h>
 #include <messaging/ExchangeDelegate.h>
 #include <protocols/secure_channel/Constants.h>
diff --git a/src/transport/SecureSession.cpp b/src/transport/SecureSession.cpp
index 68503e0..7035016 100644
--- a/src/transport/SecureSession.cpp
+++ b/src/transport/SecureSession.cpp
@@ -48,11 +48,17 @@
 
 using namespace Crypto;
 
+#ifdef ENABLE_HSM_HKDF
+using HKDF_sha_crypto = HKDF_shaHSM;
+#else
+using HKDF_sha_crypto = HKDF_sha;
+#endif
+
 SecureSession::SecureSession() : mKeyAvailable(false) {}
 
 CHIP_ERROR SecureSession::InitFromSecret(const ByteSpan & secret, const ByteSpan & salt, SessionInfoType infoType, SessionRole role)
 {
-
+    HKDF_sha_crypto mHKDF;
     VerifyOrReturnError(mKeyAvailable == false, CHIP_ERROR_INCORRECT_STATE);
     VerifyOrReturnError(secret.data() != nullptr, CHIP_ERROR_INVALID_ARGUMENT);
     VerifyOrReturnError(secret.size() > 0, CHIP_ERROR_INVALID_ARGUMENT);
@@ -68,7 +74,7 @@
     }
 
     ReturnErrorOnFailure(
-        HKDF_SHA256(secret.data(), secret.size(), salt.data(), salt.size(), info, infoLen, &mKeys[0][0], sizeof(mKeys)));
+        mHKDF.HKDF_SHA256(secret.data(), secret.size(), salt.data(), salt.size(), info, infoLen, &mKeys[0][0], sizeof(mKeys)));
 
     mKeyAvailable = true;
     mSessionRole  = role;