Considering adding support for CKM_CONCATENATE_DATA_AND_BASE

In order to implement [OpenPGP's X25519 decryption](https://www.rfc-editor.org/rfc/rfc9580.html#name-algorithm-specific-fields-for-) completely on the token, we need `CKM_CONCATENATE_DATA_AND_BASE`.  RFC 9580 says:

> See [Section 6.1](https://rfc-editor.org/rfc/rfc7748#section-6.1) of [[RFC7748](https://www.rfc-editor.org/rfc/rfc9580.html#RFC7748)] for more details on the computation of the ephemeral public key and the shared secret. The HMAC-based Key Derivation Function (HKDF) [[RFC5869](https://www.rfc-editor.org/rfc/rfc9580.html#RFC5869)] is then used with SHA256 [[RFC6234](https://www.rfc-editor.org/rfc/rfc9580.html#RFC6234)] and an info parameter of "OpenPGP X25519" and no salt. The input of HKDF is the concatenation of the following three values:
>
> - 32 octets of the ephemeral X25519 public key from this packet.
>
> - 32 octets of the recipient public key material.
>
> - 32 octets of the shared secret.

Right now, [we extract the shared secret, prepend the public keys and load the result back onto the token](https://gitlab.com/sequoia-pgp/sequoia-cryptoki/-/blob/c27ae2ef/lib/src/decrypt.rs#L279-293).  Using `CKM_CONCATENATE_DATA_AND_BASE`, this could be done entirely on token.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Considering adding support for CKM_CONCATENATE_DATA_AND_BASE #308

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Considering adding support for CKM_CONCATENATE_DATA_AND_BASE #308

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions