Hi, I'm trying to use CKA_SIGN to compute things like:
SKEYSEED = PRF(Ni | Nr, {g^ir}) SKEYSEED = PRF({SK_d (old)}, {g^ir (new)} | Ni | Nr) (PRF=HMAC_SHA1 say) where, with my current code: Ni|Nr is raw bytes (nonces put on the wire) {g^ir} and g^ir (new)} are the output from DH locked up in a symkey {SK_d (old)} is a symkey obtained from earlier PRF++ calculations However I'm finding: - PK11_CreateContextBySymKey(CKM_SHA_1_HMAC, CKA_SIGN, ...) requires a PK11SymKey, but for the first equation I've only got bytes (Ni|Nr) So I made a PK11SymKey from NI|Nr (magic) and then used PK11_CreateContextBySymKey(). Is there an interface that accepts raw bytes? - PK11_DigestKey({g^ir}} fails; it seems it only works for CKA_DIGEST? So I converted {g^ir} to raw bytes (more magic) and then used PK11_Digest() Should PK11_DigestKey() work here? - PK11_Final() returns raw bytes, but here I'd prefer to keep the result locked up in a PK11SymKey - the value is likely going to be fed into a further PRF call. So I turned the raw bytes into a key (magic). Is there a way to get the final output as a PK11SymKey? After that the output seems to match the existing code. Andrew -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto