/*
* Turn the raw key into SymKey.
*/
PK11SymKey *decode_to_key(const struct encrypt_desc *encrypt_desc,
const char *encoded_key)
{
chunk_t raw_key = decode_to_chunk("raw_key", encoded_key);
PK11SymKey *symkey = symkey_from_chunk("symkey", DBG_CRYPT,
&encrypt_desc->common,
raw_key);
freeanychunk(raw_key);
return symkey;
}
/*
* Compute: prf+ (SKEYSEED, Ni | Nr | SPIi | SPIr)
*/
PK11SymKey *ikev2_ike_sa_keymat(const struct hash_desc *hasher,
PK11SymKey *skeyseed,
const chunk_t Ni, const chunk_t Nr,
const chunk_t SPIi, const chunk_t SPIr,
size_t required_bytes)
{
PK11SymKey *data = symkey_from_chunk(skeyseed, Ni);
append_symkey_chunk(hasher, &data, Nr);
append_symkey_chunk(hasher, &data, SPIi);
append_symkey_chunk(hasher, &data, SPIr);
PK11SymKey *prfplus = ikev2_prfplus(hasher, skeyseed, data,
required_bytes);
free_any_symkey(__func__, &data);
return prfplus;
}
/*
* Compute: prf+(SK_d, [ g^ir (new) | ] Ni | Nr)
*/
PK11SymKey *ikev2_child_sa_keymat(const struct hash_desc *hasher,
PK11SymKey *SK_d,
PK11SymKey *new_dh_secret,
const chunk_t Ni, const chunk_t Nr,
size_t required_bytes)
{
PK11SymKey *data;
if (new_dh_secret == NULL) {
data = symkey_from_chunk(SK_d, Ni);
append_symkey_chunk(hasher, &data, Nr);
} else {
data = concat_symkey_chunk(hasher, new_dh_secret, Ni);
append_symkey_chunk(hasher, &data, Nr);
}
PK11SymKey *prfplus = ikev2_prfplus(hasher, SK_d, data,
required_bytes);
free_any_symkey(__func__, &data);
return prfplus;
}
