User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
Steps to reproduce:
As I hinted in a previous bug I'd like to submit changes necessary for SCP 03 to be implemented via NSS. When I started that bug, I didn't have a copy of the spec, hence some confusion. Now I do!
There's two parts to working SCP03 support in NSS:
- CMAC (done) -- necessary for MACing as hinted, but also for the KDF.
- the SCP03 KDF, a NIST SP800-108 KBKDF variant.
I've been working on the latter in my fork on GitHub. That's not ready yet, but in the process I realized there's a bit of code that needs "a" MAC and could support HMAC, CMAC, or XCBC MAC.
- The HMACs/CMACs themselves
- Softoken's IKE implementation
- The new KBKDF implementation (sans XCBC).
- I'm sure others I've forgotten about.
So, I'd like to get this started with a cleanup attempt: unify HMAC+CMAC into a mechanism-switched interface. Call it with the mechanism type of the MAC (not the hash!) and get something usable, with common semantics, out.
This opens the doors for other improvements in the future:
- Return code could be checked when updating the MAC, if desired. This requires updating
sftk_doMACInit to condition around whether or not the function could be called and its return code checked. I'm not sure if it is worth it. I've left it alone for now.
- Bringing XCBC into the fold and updating softoken IKE to use the common interface.
I don't have much interest now in working on that (I'd prefer to get the KBKDF cleaned up so I can submit it), but I'm mentioning it in case someone else wishes to do that. I'd consider that out of scope currently.
More work to support both HMAC+CMAC.
Unified MAC interface.