Hi,
here are a few things I missed when we removed some of the singlepart limitations or ML-DSA
In Table 279,CKM_ML_DSA has footnote 1 which states that multipart verification is only possible if C_VerifySignatureInit is used. But this limitation was removed. The footnote should be removed.
In Table 282, C_Verify still has footnote 1 which states that it is for singlepart only. That limitation no longer applies.
In Table 282 and 285, input limitations are defined for the various functions. For C_VerifySignature, it states "any, k", where "k" is the limitation of the input signature. The signature isn't passed in for this API, rather it is passed in with C_VerifySignatureInit. There is an implicit requirement that for C_VerifySignature, C_VerifySignatureInit is used, so I'm personally fine with the way it is documented. But as this question was brought to my attention, I'm echo'ing it here. The current draft does follow the convention throughout the document where only some APIs are listed in this tables; we don't list the input restrictions for each API that can be used with a mechanism. The reader should be able to extrapolate the information they need and apply it to the other APIS. If were wanted to make these tables more explicit, we would probably need to update these tables in the entire document.
Thanks
Darren
------------------------------
Darren Johnson
THALES
------------------------------