CKM_NIST_PRF_KDF
NA FIPS
| FIPS approved? | Yes |
| Supported functions | Derive |
| Functions restricted from FIPS use | None |
| Minimum key length (bits) | 64 |
| Minimum key length for FIPS use (bits) | 128 |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 4096 |
| Block size | 0 |
| Digest size | 0 |
| Key types | Symmetric |
| Algorithms | None |
| Modes | None |
| Flags | None |
NA non-FIPS
| FIPS approved? | Yes |
| Supported functions | Derive |
| Functions restricted from FIPS use | None |
| Minimum key length (bits) | 64 |
| Minimum key length for FIPS use (bits) | 128 |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 4096 |
| Block size | 0 |
| Digest size | 0 |
| Key types | Symmetric |
| Algorithms | None |
| Modes | None |
| Flags | None |
EU FIPS
| FIPS approved? | Yes |
| Supported functions | Derive |
| Functions restricted from FIPS use | None |
| Minimum key length (bits) | 64 |
| Minimum key length for FIPS use (bits) | 128 |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 4096 |
| Block size | 0 |
| Digest size | 0 |
| Key types | Symmetric |
| Algorithms | None |
| Modes | None |
| Flags | None |
EU non-FIPS
| FIPS approved? | Yes |
| Supported functions | Derive |
| Functions restricted from FIPS use | None |
| Minimum key length (bits) | 64 |
| Minimum key length for FIPS use (bits) | 128 |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 4096 |
| Block size | 0 |
| Digest size | 0 |
| Key types | Symmetric |
| Algorithms | None |
| Modes | None |
| Flags | None |
Usage
The CKM_NIST_PRF_KDF mechanism only supports counter mode. This mechanism can only be used with DES3_CMAC or AES_CMAC as the PRF. DES3_CMAC is not available in FIPS mode.
The SP 800-108 allows for some variation on how the information is encoded and describes some fields as optional. To accommodate that, there are two encoding schemes you can specify:
> LUNA_PRF_KDF_ENCODING_SCHEME_2: the separator byte and the length of the derived key are not encoded in the input data for the PRF.
> LUNA_PRF_KDF_ENCODING_SCHEME_1: both fields are included.
Example
/* Parameter and values used with CKM_PRF_KDF and CKM_NIST_PRF_KDF. */
typedef CK_ULONG CK_KDF_PRF_TYPE;
typedef CK_ULONG CK_KDF_PRF_ENCODING_SCHEME;
/** PRF KDF schemes */
#define CK_NIST_PRF_KDF_DES3_CMAC 0x00000001
#define CK_NIST_PRF_KDF_AES_CMAC 0x00000002
#define CK_PRF_KDF_ARIA_CMAC 0x00000003
#define CK_PRF_KDF_SEED_CMAC 0x00000004
#define LUNA_PRF_KDF_ENCODING_SCHEME_1 0x00000000
#define LUNA_PRF_KDF_ENCODING_SCHEME_2 0x00000001
typedef struct CK_KDF_PRF_PARAMS {CK_KDF_PRF_TYPE prfType;
CK_BYTE_PTR pLabel;
CK_ULONG ulLabelLen;
CK_BYTE_PTR pContext;
CK_ULONG ulContextLen;
CK_ULONG ulCounter;
CK_KDF_PRF_ENCODING_SCHEME ulEncodingScheme;
} CK_PRF_KDF_PARAMS;
typedef CK_PRF_KDF_PARAMS CK_PTR CK_KDF_PRF_PARAMS_PTR;
