Profile

Contact Details

Ribbons

Badges

Mr. Darren Moffat


Contributions

1 to 5 of 19 total
Posted By Darren Moffat 12-10-2024 06:08
Found In Egroup: OASIS PKCS 11 TC
\ view thread
I have a feeling it was Solaris that requested CKM_AES_CTS be added to PKCS#11 2.40, if so it would have been for use by Kerberos. So according to SP800-38a-aad that suggests it would be CS3. Oracle Solaris 11.4 has CKM_AES_CTS implemented in pkcs11_softtoken and our kernel aes module. A quick ...
Posted By Darren Moffat 10-22-2021 12:11
Found In Egroup: OASIS PKCS 11 TC
\ view thread
On 22/10/2021 13:02, Daniel Minder wrote: Section 4.13.2: Definition of CKA_VALIDATION_LEVEL : an ULONG type fits well to specify a FIPS Level like 1,2, 3 or 4. It doesn t fit that well to specify a Common Criteria Evaluation Assurance Level which may be 4+ for example. A type CK_UTF8CHAR might fit better ...
Posted By Darren Moffat 05-28-2021 08:33
Found In Egroup: OASIS PKCS 11 TC
\ view thread
On 27/05/2021 22:50, Robert Relyea wrote: On 5/27/21 2:46 AM, Darren J Moffat wrote: Why would we need a new function for an FIPS indicator ? For a session could we use a flag that can be reported via the CK_SESSION_INFO ? Similarly a flag for CK_MECHANISM_INFO to indicate if the slot/token combination ...
Posted By Darren Moffat 05-27-2021 09:47
Found In Egroup: OASIS PKCS 11 TC
\ view thread
Why would we need a new function for an FIPS indicator ? For a session could we use a flag that can be reported via the CK_SESSION_INFO ? Similarly a flag for CK_MECHANISM_INFO to indicate if the slot/token combination allows it to provide services in a FIPS 140 compatible way. Then for keys an attribute ...
Posted By Darren Moffat 02-09-2017 10:18
Found In Egroup: OASIS PKCS 11 TC
\ view thread
On 09/02/2017 01:21, Tim Hudson wrote: A simple extension to C_Login to allow specification of a username for those devices which support multiple users. /* C_LoginUser logs a user into a token. */ CK_PKCS11_FUNCTION_INFO(C_LoginUser) #ifdef CK_NEED_ARG_LIST ( CK_SESSION_HANDLE hSession, /* the session's ...