On 11 March 2016 at 13:23, Andrew Cagney <andrew.cag...@gmail.com> wrote:
> Given a clear-text key and clear-text data (lots of it), I'm trying to
> compute a clear-text RFC 2104 HMAC aka IPSEC prf()
>
> If the key was all FIPS secure in a PK11SymKey then I believe I could
> follow sample3 and kick things off with:
>
> context = PK11_CreateContextBySymKey(CKM_MD5_HMAC, CKA_SIGN, key,
> &noParams);
>
> Alas, it isn't :-( Short of implementing the RFC 2104 calculation, or
> fudging up some secret key material, is there a way to do this?
To make my question more concrete. Contrast how OpenSSL vs NSS need
to be initialized:
const char hmackey[33] = ".....";
#if defined(WITH_OPENSSL)
HMAC_Init(&c, hmackey, sizeof(hmackey)-1, EVP_sha256());
#elif defined(WITH_NSS)
PK11Context *c = NULL;
{
PK11SymKey *key = nss_hmackey();
if (key == NULL) {
goto end;
}
SECItem noParams = { .data = 0, .len = 0, };
c = PK11_CreateContextBySymKey(CKM_SHA256_HMAC, CKA_SIGN,
key, &noParams);
if (c == NULL) {
debug_log("PK11_CreateContextBySymKey() failed");
goto end;
}
}
PK11_DigestBegin(c);
#endif
where nss_hmackey() uses "magic" to convert the string into a PK11SymKey.
> BTW, it's probably worth pointing out that for libreswan I had similar
> problems but needed to keep the resulting HMAC secure. For instance,
> given a clear-text key and secure data, compute a secure hmac
> (SKEYSEED = prf(Ni | Nr, g^ir)).
>
> Andrew
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
