simo5
commented
2 months ago @Jakuje discussed with Bob, and I think I will make change to this code also to always return IVs (type A and B) as CKO_DATA object instead of CKO_SECRET_KEY, as IVs do not make sense as keys
SSH's KDF (RFC 4253 Section 7.2) is different enough from other KDF's (notably is uses a Hash instead of a proper HMAC) that none of the existing KDFs can be used, so we need a new mechanism for it.
This is a vendor implementation so we can test that the interface is good enough and make it available for SSH implementations to use if they so desire.
Fixes: #78