Open Jakuje opened 1 month ago
Describe the feature The SSH KDF is almost like the SP 800 108 Feedback mode, but does not contain the 0x00 separator byte, see
https://datatracker.ietf.org/doc/html/rfc4253#section-7.2
My reading is that this KDF can not be constructed from the SP800-108 KDF itself:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1-upd1.pdf
OTOH, the PKCS#11 flexibility of the KDF API should allow to implement the SSH KDF with something like the example in the specs:
https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/os/pkcs11-curr-v3.0-os.html#_Toc30061457
Therefore I do not think we need separate implementation in the pkcs11 module, but just the wiring in the
Expected behavior The SSH applications should be able to delegate the KDF to the PKCS#11 module through the provider API.
Sounds easy enough if the PKCS#11 module support SP800-108 fully
Describe the feature The SSH KDF is almost like the SP 800 108 Feedback mode, but does not contain the 0x00 separator byte, see
https://datatracker.ietf.org/doc/html/rfc4253#section-7.2
My reading is that this KDF can not be constructed from the SP800-108 KDF itself:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1-upd1.pdf
OTOH, the PKCS#11 flexibility of the KDF API should allow to implement the SSH KDF with something like the example in the specs:
https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/os/pkcs11-curr-v3.0-os.html#_Toc30061457
Therefore I do not think we need separate implementation in the pkcs11 module, but just the wiring in the
Expected behavior The SSH applications should be able to delegate the KDF to the PKCS#11 module through the provider API.