NSS support for RFC2898 / PBKDF2

Hi all,

Does NSS support RFC2898 (derivation of keys from a passphrase), and if
so, what set of functions should I be looking at to use this?

Regards,
Graham
--


_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@...
https://lists.mozilla.org/listinfo/dev-tech-crypto

Graham Leggett wrote:
> Hi all,
>
> Does NSS support RFC2898 (derivation of keys from a passphrase), and
> if so, what set of functions should I be looking at to use this?
Yes, The standard NSS PBE interface supports PBKDF2 automatically on
reading if the algid specifying the PBE is PBEDKF2. On generation, if
you specify a symmetric key algorithm the the standard
PK11_CreatePBEAlgorithmID rather than a PBE algorithm, NSS will generate
a PKCS #5 v2 algorithm id (using PBKDF2). There is also a new Create
algorithm ID called PK11_CreatePBEV2AlgorithmID which allows you to
fully specify each of the fields of the PBE.

_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@...
https://lists.mozilla.org/listinfo/dev-tech-crypto

Robert Relyea wrote:

>> Does NSS support RFC2898 (derivation of keys from a passphrase), and
>> if so, what set of functions should I be looking at to use this?
> Yes, The standard NSS PBE interface supports PBKDF2 automatically on
> reading if the algid specifying the PBE is PBEDKF2. On generation, if
> you specify a symmetric key algorithm the the standard
> PK11_CreatePBEAlgorithmID rather than a PBE algorithm, NSS will generate
> a PKCS #5 v2 algorithm id (using PBKDF2). There is also a new Create
> algorithm ID called PK11_CreatePBEV2AlgorithmID which allows you to
> fully specify each of the fields of the PBE.

Ok, so if I am understanding you correctly, would the following code do
the trick?

     slot = PK11_GetBestSlot(cipherMech, NULL);
     SECOidTag algorithm = PK11_MechanismToAlgtag(cipherMech);
     SECAlgorithmID * algid = PK11_CreatePBEAlgorithmID(algorithm, 0,
saltItem);
     key->symKey = PK11_PBEKeyGen(slot, algid,  passItem,
                    faulty3DES, wincx);

What value should I use for "cipherMech"? I found these two constants
that might do the trick, are either of these relevant?

/* CKM_PKCS5_PBKD2 is new for v2.10 */
#define CKM_PKCS5_PBKD2                0x000003B0

#define CKM_PBA_SHA1_WITH_SHA1_HMAC    0x000003C0

What does "faulty3DES" mean, and what value should I use for wincx?

I could find no reference to "PBEDKF2" in the header files, I am
interpreting this correctly?

Regards,
Graham
--


_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@...
https://lists.mozilla.org/listinfo/dev-tech-crypto

Robert Relyea wrote:

>> Does NSS support RFC2898 (derivation of keys from a passphrase), and
>> if so, what set of functions should I be looking at to use this?
> Yes, The standard NSS PBE interface supports PBKDF2 automatically on
> reading if the algid specifying the PBE is PBEDKF2. On generation, if
> you specify a symmetric key algorithm the the standard
> PK11_CreatePBEAlgorithmID rather than a PBE algorithm, NSS will generate
> a PKCS #5 v2 algorithm id (using PBKDF2). There is also a new Create
> algorithm ID called PK11_CreatePBEV2AlgorithmID which allows you to
> fully specify each of the fields of the PBE.

A further question - how do you specify the size of the key to be
generated by the PBKDF2 process?

Regards,
Graham
--


_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@...
https://lists.mozilla.org/listinfo/dev-tech-crypto

Graham Leggett wrote:
> ...

Quick note: you might look at some of the Weave code, which is using PKCS#5.

http://hg.mozilla.org/labs/weave/file/53e25c0c7e2e/src/WeaveCrypto.cpp#l462

Justin
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@...
https://lists.mozilla.org/listinfo/dev-tech-crypto