static void ppk_recalc_one(PK11SymKey **sk /* updated */, PK11SymKey *ppk_key, const struct prf_desc *prf_desc, const char *name)
{
PK11SymKey *t = ikev2_prfplus(prf_desc, ppk_key, *sk, prf_desc->prf_key_size);
release_symkey(__func__, name, sk);
*sk = t;
DBG(DBG_PRIVATE, {
chunk_t chunk_sk = chunk_from_symkey("sk_chunk", *sk);
DBG_dump_chunk(name, chunk_sk);
freeanychunk(chunk_sk);
});
/*
* Compute: prf+ (SKEYSEED, Ni | Nr | SPIi | SPIr)
*/
PK11SymKey *ikev2_ike_sa_keymat(const struct hash_desc *hasher,
PK11SymKey *skeyseed,
const chunk_t Ni, const chunk_t Nr,
const chunk_t SPIi, const chunk_t SPIr,
size_t required_bytes)
{
PK11SymKey *data = symkey_from_chunk(skeyseed, Ni);
append_symkey_chunk(hasher, &data, Nr);
append_symkey_chunk(hasher, &data, SPIi);
append_symkey_chunk(hasher, &data, SPIr);
PK11SymKey *prfplus = ikev2_prfplus(hasher, skeyseed, data,
required_bytes);
free_any_symkey(__func__, &data);
return prfplus;
}
/*
* Compute: prf+(SK_d, [ g^ir (new) | ] Ni | Nr)
*/
PK11SymKey *ikev2_child_sa_keymat(const struct hash_desc *hasher,
PK11SymKey *SK_d,
PK11SymKey *new_dh_secret,
const chunk_t Ni, const chunk_t Nr,
size_t required_bytes)
{
PK11SymKey *data;
if (new_dh_secret == NULL) {
data = symkey_from_chunk(SK_d, Ni);
append_symkey_chunk(hasher, &data, Nr);
} else {
data = concat_symkey_chunk(hasher, new_dh_secret, Ni);
append_symkey_chunk(hasher, &data, Nr);
}
PK11SymKey *prfplus = ikev2_prfplus(hasher, SK_d, data,
required_bytes);
free_any_symkey(__func__, &data);
return prfplus;
}