OASIS PKCS 11 TC

 View Only

  • 1.  Feedback on work item #2

    Posted 02-17-2025 21:21
    HI Dieter & TC

    While reviewing work item #2 in wd08, I found a few discrepancies. I used this link, which I believe is the migrated document for the proposal: https://groups.oasis-open.org/higherlogic/ws/groups/922ef643-1e10-4d65-a5ea-018dc7d3f0a4/documents/working_drafts/document?document_id=69547 . Some of these discrepancies could be due to later proposals, or I'm looking at the wrong version of the proposal.

    1. Table 84 7 86. The functions are now listed as CK_WrapKey (vs CK_Wrap).  Same with unwrap. I believe this was due to another proposal, but I can't find it.
    2. Page 240, in the wrapping and unwrapping sections : the key was called "CKK_MONTGOMERY" in original proposal. In WD08 you have CKK_EC_MONTGOMERY (again, I think this was a follow-on proposal)
    3. Section 6.3.23 has the following text:
      1. "CK_ECDH_AES_KEY_WRAP_PARAMS is a structure that provides the parameters to the CKM_ECDH_AES_KEY_WRAP, CKM_ECDH_COF_AES_KEY_WRAP and CKM_ECDH_X_AES_KEY_WRAP mechanism. It is defined as follows:"

      2. The proposal: "CK_ECDH_AES_KEY_WRAP_PARAMS is a structure that provides the parameters to the CKM_ECDH_COF_AES_KEY_WRAPand CKM_ECDH_X_AES_KEY_WRAP mechanisms. It is defined as follows:"

      3. THe highlighted CKM_ECDH_AES_KEY_WRAP, seems extra (in the proposal that text was changing, not being added to)

    The other "differences" I could find proposals for (Like getting rid of the abbreviation of SR & VR in all the tables)

    Otherwise, this looks like the approved proposal was added to the specification as intended.

    Thank you,

    Valerie


  • 2.  RE: Feedback on work item #2

    Posted 02-18-2025 06:38

    Hi Valerie,

    you have in fact used the same proposal for review as I have used for integration into the spec.

    To your findings:

    1. C_Wrap / C_Unwrap: these are mistakes in the proposal. The functions have in fact been named C_WrapKey / C_UnwrapKey since their introduction. I believe this has been reported but I have unfortunately also not (yet) found by whom and when.
    2. CKK_MONTGOMERY: When comparing the spec. with header files, Bob's script found several inconsistencies, including the one between CKK_MONTGOMERY in the proposal and working draft, and CKK_EC_MONTGOMERY in header files. See Automated review of our document. | OASIS PKCS 11 TC . Specification was then updated to follow the naming in the header file.
    3. CK_ECDH_AES_KEY_WRAP_PARAMS:
      1. The original text in PKCS#11 v3.1, and in PKCS#11 v3.2 up to and including WD02, has been "CK_ECDH_AES_KEY_WRAP_PARAMS is a structure that provides the parameters to the CKM_ECDH_AES_KEY_WRAP mechanism.".
      2. The mechanism CKM_ECDH_AES_KEY_WRAP gets deprecated with PKCS#11 v3.2 but is nevertheless still included in the spec (section 6.3.20), and the text states "It has a parameter, a CK_ECDH_AES_KEY_WRAP_PARAMS structure."
      3. Thus CKM_ECDH_AES_KEY_WRAP must still be mentioned in the description of CK_ECDH_AES_KEY_WRAP_PARAMS. The omission of CKM_ECDH_AES_KEY_WRAP in the proposal seems to be a mistake in this proposal. I have not found any discussion item or meeting minutes about this inconsistency. It may thus be that I have changed the text in the specification to make it fit with section 6.3.20, but without bringing this up.



    ------------------------------
    Best regards,
    Dieter
    ------------------------------

    Original Message


  • 3.  RE: Feedback on work item #2

    Posted 02-18-2025 13:24
    Thank you, Dieter, for your review of my feedback.  I am happy to sign off on the changes now.

    Valerie

    On Feb 18, 2025, at 3:38 AM, Dieter Bong via OASIS <Mail@mail.groups.oasis-open.org> wrote:





    Original Message


  • 4.  RE: Feedback on work item #2

    Posted 02-19-2025 02:56

    Thank you, Valerie.

     

    Best regards,

    Dieter

     



    Utimaco IS GmbH
    Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com
    Seat: Aachen – Registergericht Aachen HRB 18922
    VAT ID No.: DE 815 496 496
    Managing Directors: Stefan Auerbach, Hacan Tiwemark
    You will find our data protection information for customers and business partners here.

    This communication is confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Please inform us immediately and destroy the email.



    Original Message


Related Content