Hi Dieter, Thanks for the input. An updated the document is attached to this message. Changes are in RED . Enum 6: Correct, it would not be possible to start multiple async operations for the same function in a single session. The token would return CKR_OPERATION_ACTIVE. An application could, in a single thread, open multiple async sessions and ask each one to generate a key. No threads required ( by the application )! Thanks again for the feedback. It is greatly appreciated! Sincerely, Jonathan From: Dieter Bong <
Dieter.Bong@utimaco.com> Sent: Friday, July 29, 2022 7:05 AM To: Jonathan Schulze-Hewett <
schulze-hewett@infoseccorp.com>;
pkcs11@lists.oasis-open.org Subject: [EXT]RE: [pkcs11] Async Proposal THIS MESSAGE COMES FROM AN EXTERNAL SOURCE. PLEASE VERIFY THE CONTENTS OF THIS MESSAGE BEFORE PROCEEDING. Hi Jonathan, Thank you for your proposal for asynchronous operations. I have summarized below my comments/questions an those of some colleague in R&D. For easy reference to your proposal, I have introduced every comment with “enum” and the numbered item in your proposal. Best regards, Dieter Enum 1 Should we add some wording about behavior during session setup in case 1) application supports async operations but provider does not, and 2) application does not support async operations but provider does? Enum 5 Please add typedef for CK_ASYNC_DATA_PTR* Enum 6 My understanding is that it is possible to start multiple async operations for different functions, e.g. one key generation (e.g. RSA 16 kbit) and one signature creation (e.g. SPHINCS+), while encrypting data as synchronous operations. But it is not possible multiple to start multiple async operations for the same functions, e.g. one RSA key generation and one SPHINCS+ key generation, or multiple RSA key generations. Correct? Question goes to the TC: is that a relevant limitation? Multiple key generations could be handled by independent threads of an applications, each opening their own session. Should we add some wording about such multi-threaded approach? From:
pkcs11@lists.oasis-open.org <
pkcs11@lists.oasis-open.org > On Behalf Of Jonathan Schulze-Hewett Sent: Thursday, July 7, 2022 9:37 PM To:
pkcs11@lists.oasis-open.org Subject: [pkcs11] Async Proposal (WARNING!!! S/MIME with incorrect signature) Hi TC, Attached is my attempt at adding support for asynchronous operations to PKCS#11. Sincerely, Jonathan Jonathan Schulze-Hewett Director of Development Information Security Corp 708-445-1704 (o) 708-822-2926 (m)
schulze-hewett@infoseccorp.com Utimaco IS GmbH Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0,
www.utimaco.com Seat: Aachen – Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 496 Managementboard: Stefan Auerbach (Chairman) CEO, Malte Pollmann CSO, Martin Stamm CFO This communication is confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Please inform us immediately and destroy the email. Attachment: AsyncOperations.docx Description: application/vnd.openxmlformats-officedocument.wordprocessingml.document Attachment: smime.p7s Description: S/MIME cryptographic signature