On 12 March 2016 at 20:11, Andrew Cagney <andrew.cag...@gmail.com> wrote:
> On 11 March 2016 at 13:23, Andrew Cagney <andrew.cag...@gmail.com> wrote:
> > Given a clear-text key and clear-text data (lots of it), I'm trying to
> > compute a clear-text RFC 2104 HMAC aka IPSEC prf()
> >
> > If the key was all FIPS secure in a PK11SymKey then I believe I could
> > follow sample3 and kick things off with:
> >
> > context = PK11_CreateContextBySymKey(CKM_MD5_HMAC, CKA_SIGN, key,
> > &noParams);
> >
> > Alas, it isn't :-( Short of implementing the RFC 2104 calculation, or
> > fudging up some secret key material, is there a way to do this?
>
>
Reading the, er, documentation in /usr/include/nss3, I found <alghmac.c>
which seems to work for this specific case.
(It doesn't work in general though, as it lacks HMAC_Update(key) and key =
HMAC_Finish()).
Andrew
> To make my question more concrete. Contrast how OpenSSL vs NSS need
> to be initialized:
>
> const char hmackey[33] = ".....";
> #if defined(WITH_OPENSSL)
> HMAC_Init(&c, hmackey, sizeof(hmackey)-1, EVP_sha256());
> #elif defined(WITH_NSS)
> PK11Context *c = NULL;
> {
> PK11SymKey *key = nss_hmackey();
> if (key == NULL) {
> goto end;
> }
> SECItem noParams = { .data = 0, .len = 0, };
> c = PK11_CreateContextBySymKey(CKM_SHA256_HMAC, CKA_SIGN,
> key, &noParams);
> if (c == NULL) {
> debug_log("PK11_CreateContextBySymKey() failed");
> goto end;
> }
> }
> PK11_DigestBegin(c);
> #endif
>
> where nss_hmackey() uses "magic" to convert the string into a PK11SymKey.
>
>
> > BTW, it's probably worth pointing out that for libreswan I had similar
> > problems but needed to keep the resulting HMAC secure. For instance,
> > given a clear-text key and secure data, compute a secure hmac
> > (SKEYSEED = prf(Ni | Nr, g^ir)).
> >
> > Andrew
>
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
