[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Need Guidelines for IKE key generation (SKEYID, KEYMAT and their variants)
My Machine
----------
Linux venkat 2.4.18-14 #1 Wed Sep 4 13:35:50 EDT 2002 i686 i686 i386
GNU/Linux
This is i386 arch machine with a little-endian arch
I am using the GNU Mathematical Precision Library (gmp) for DH
exponentiation, but i seem to have to some problems
(1). To use the g^xy variable in the gmp lib I access the internals of
the gmp variable, the gmp stores the variable in little endian way.
Can I just memcpy the contents of the gmp variable into a buffer and run
my prf() on it?
SKEYID_d = prf(SKEYID, g^xy | CKY-I | CKY-R | 0)
SKEYID_a = prf(SKEYID, SKEYID_d | g^xy | CKY-I | CKY-R | 1)
SKEYID_e = prf(SKEYID, SKEYID_a | g^xy | CKY-I | CKY-R | 2)
(2) Or should I convert the variable into Big endian and then memcpy it
into my buffer to run prf()
(3) What about the 64 bit Cookie field should I convert it to network
order before any mathematical(crypto) operations and I use the values
directly as it is stored in the memory. (Ignoring any arch features)
I think this is a critical features for interop. and doing anything
wrong can really put my ike to the trash.
Is there any standard test cases or any documents at all which verifies
the SKEYID, KEYMAT generation, some thing like take these inputs and
verify them with the standard set results
Anything of this sort a test document could be of great help
--------------------------------------------------------------
Dexcel Electronics Designs (P) Ltd., Bangalore, India