[inline] On 5 May 2015 at 13:18, Robert Relyea <rrel...@redhat.com> wrote:
The target Mechanism is the operation you are going to use the target key > for, It shouldn't match the mechanism used to derive the key. It is > basically used to set the appropriate key type and flags on the resultant > key. Example psuedo code: > > key1 = derive(keybase, mech=CKM_XOR_BASE_AND_DATA, > target=CKM_SHA1_KEY_DERIVATION, data); > key2 = derive(key1, mech=CKM_SHA1_KEY_DERIVATION, target=CKM_AES_CBC, > NULL); > decrypt(key2, mech=CKM_AES_CBC, input, output); > > Ideally you should try to keep it consistent with how your are planning > on using the key, but in practice as long as the key is basically the same > kind of key, the extact value of target is not necessary (You can use a key > generated with target CKM_AES_CBC on an CKM_AES_ECB operation, for > instance). Target may also be used to try to set the appropriate key length > (if key length isn't supplied). > > Thanks for the clarification; my reading of the documentation wasn't too far off. For the intermediate values I think I'll try something like CKM_VENDOR_DEFINED; and, to your point, ensure all the final keys have meaningful values. Andrew Most of these key derive operations either ignore keyType or take > CKK_GENERIC_SECRET keys, so bad things aren't likely to happen if you mix > up target a bit, but certainly the final resultant keys should target the > proper crypto targets our your decrypt operation will fail with an > inappropriate key type. > > bob > >> >> Andrew >> >> PS: If there's documentation I've missed, please let me know :-) >> >> -- >> >> (1): It's computing the hash using calls like PK11_Derive >> (derive=CKM_SHA1_KEY_DERIVATION) rather than the lower level hash >> interface. This is because PK11_Derive returns a PK11SymKey, hopefully >> keeping the result secure. >> >> (2): Once the keying material has been created things become more sane, >> for >> instance when extracting (CKM_EXTRACT_KEY_FROM_KEY) an AES_GCM key the >> target is CKM_AES_GCM; and when extracting IV that ends up on the wire the >> target is CKM_VENDOR_DEFINED. >> > > > > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
