Given a clear-text key and clear-text data (lots of it), I'm trying to compute a clear-text RFC 2104 HMAC aka IPSEC prf()
If the key was all FIPS secure in a PK11SymKey then I believe I could follow sample3 and kick things off with: context = PK11_CreateContextBySymKey(CKM_MD5_HMAC, CKA_SIGN, key, &noParams); Alas, it isn't :-( Short of implementing the RFC 2104 calculation, or fudging up some secret key material, is there a way to do this? BTW, it's probably worth pointing out that for libreswan I had similar problems but needed to keep the resulting HMAC secure. For instance, given a clear-text key and secure data, compute a secure hmac (SKEYSEED = prf(Ni | Nr, g^ir)). Andrew -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto