3.1.5.5 Crypto checksum generation
This section describes the algorithm used to generate a crypto checksum using a Key Derivation Function ([SP800-108]). The algorithm accepts the following inputs:
Key: An array of bytes.
Label: An array of bytes.
Context: An array of bytes.
Message: An array of bytes.
The checksum generation algorithm is defined as follows:
-
 K = KDF(Key, Label, Context)  CryptoChecksum = HMACSHA512(K, Message)
Where:
KDF is an execution of the algorithm specified in [SP800-108] section 5.1.
Key, Label, and Context are inputs to the checksum algorithm as specified previously; Key corresponds to the parameter KI in [SP800-108] section 5.1; Label and Context correspond to the parameters by the same names in [SP800-108] section 5.1.
Message is an input to the checksum algorithm as specified previously.
HMACSHA512 is an invocation of the Hash-based Message Authentication Mode (HMAC) function with hash function SHA512 (defined in [FIPS180-3]).
The resulting 512-bit CryptoChecksum value is returned to the caller upon completion.