Ansi X9.63 is pretty trivial to implement using the OpenSSL libraries -
less than a days work.
The algorithm is defined in SEC1
§3.6.1.<http://www.secg.org/collateral/sec1.pdf>
>From memory, the main logic was only around 50LOC, with another 50-100LOC
wrapping various library calls. There's not much to it.
Matthew
On 3 July 2013 18:28, Aaron wrote:
> Hi All,
>
> I am working on a product using Certicom KDF function. In fact, we
> use HU_KDF_IEEE_KDF1_SHA1 and HU_KDF_ANSI_SHA256 only.
>
> The function hu_KDFDerive() has an argument specifying which KDF
> algorithm to use to compute a cryptographic key. This is referred to
> as a key derivation algorithm ID. The following constants are defined
> in hukdf.h:
> • HU_KDF_IEEE_KDF1_SHA1 (IEEE 1363-2000 KDF1 based on SHA-1)
> • HU_KDF_ANSI_SHA1 (ANSI X9.42/X9.63 KDF based on SHA-1)
> • HU_KDF_ANSI_SHA224 (ANSI X9.42/X9.63 KDF based on SHA-224)
> • HU_KDF_ANSI_SHA256 (ANSI X9.42/X9.63 KDF based on SHA-256)
> • HU_KDF_ANSI_SHA384 (ANSI X9.42/X9.63 KDF based on SHA-384)
> • HU_KDF_ANSI_SHA512 (ANSI X9.42/X9.63 KDF based on SHA-512)
> • HU_KDF_NIST_ALT1_SHA1 (SP 800-56A)
> • HU_KDF_NIST_ALT1_SHA224 (SP 800-56A)
> • HU_KDF_NIST_ALT1_SHA256 (SP 800-56A)
> • HU_KDF_NIST_ALT1_SHA384 (SP 800-56A)
> • HU_KDF_NIST_ALT1_SHA512 (SP 800-56A)
>
> Now my company is going to use OpenSSL instead. I checked OpenSSL
> and it seems to me that OpenSSL doesn't support these KDF algorithms.
>
> My question is - is there any way to implement these algorithms in OpenSSL?
>
> Thanks so much in advance,
> Aaron
>
>
>
> --
> View this message in context:
> http://openssl.6102.n7.nabble.com/KDF-algorithms-tp45762.html
> Sent from the OpenSSL - User mailing list archive at Nabble.com.
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing Listopenssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
