OASIS PKCS 11 TC

 View Only

  • 1.  pkcs11-spec-v3.2-wd08.docx uploaded

    Posted 01-14-2025 04:31
    Submitter's message
    This working draft 08 incorporates the following updates and extensions:
    Updated from V3.2 Wiki:
    • Work Item 22

    Other Updates:
    • Section 5.18.7: fix “wrap” -> “unwrap” as per Darren's comment wd07-review-comments-related-to-public-comments-item-1-gcm-ccmwrapivnonceupdate-wd8
    • Updates as per Bob’s comment draft-07-review...
    • Bolding unbolded CKR_*, CKT_* (except when used in definitions, tables, sample code and list of return values)
    -- Mr. Dieter Bong
    Document Name: pkcs11-spec-v3.2-wd08.docx
    Description
    PKCS #11 specification v3.2 working draft 08
    Download Latest Revision
    Public Download Link
    Submitter: Mr. Dieter Bong
    Group: OASIS PKCS 11 TC
    Folder: Working Drafts
    Date submitted: 2025-01-14 09:31:16


    ---------------------------------
    Best regards,
    Dieter
    ---------------------------------


  • 2.  RE: pkcs11-spec-v3.2-wd08.docx uploaded

    Posted 01-15-2025 06:36

    THALES GROUP LIMITED DISTRIBUTION to email recipients

     

    Hi,

    Here are some small comments on the ML-DSA and ML-KEM sections.

    For both ML-DSA and ML-KEM, I think the attribute footnotes are wrong for CKA_SEED.  In WD08 it lists 4,5,7 but I think it should be 4,6,7.

    5=must be specified with unwrap

    6=must not be specified with unwrap

    The seed, if provided, will be part of the unwrapped blob.

     

    I know that we'll be discussion seeds this week, and depending on how extreme the resulting changes are this comment may no longer be relevant.  But I'll make it anyway.  I don't think we make it clear how CKA_SEED is handled on key-pair generation.  I think we need to state not all tokens will support this, and that the key generation mechanism may contribute the CKA_SEED attribute. Or some other similar supporting text.

     

    My next comment is related to ML-DSA (CKM_ML_DSA specifically) and the requirement to use C_VerifySignatureInit.  We discussed this on Oct 8/2024.  There is no requirement to use this. The tradition C_VerifyInit+C_VerifyUpdate+C_VerifyFinal APIs will work fine.  The signature value is not required as it doesn't provide any input into the hash of the message.

     

    Thanks

    Darren

     




    Original Message


  • 3.  RE: pkcs11-spec-v3.2-wd08.docx uploaded

    Posted 01-21-2025 20:11
    Submitter's message
    This working draft 08 incorporates the following updates and extensions:
    Updated from V3.2 Wiki:
    • Work Item 22

    Other Updates:
    • Section 5.18.7: fix "wrap" -> "unwrap" as per Darren's comment wd07-review-comments-related-to-public-comments-item-1-gcm-ccmwrapivnonceupdate-wd8
    • Updates as per Bob's comment draft-07-review...

    I've reviewed -08 and all my review issues from -07 have been fixed. I'll mark the wiki appropriately. The only missing things are the items we approved last wednesday.

    bob

    • Bolding unbolded CKR_*, CKT_* (except when used in definitions, tables, sample code and list of return values)




    Original Message


Related Content