[kmip] TC-REKEY-9-30 ~ TC-REKEY-12-30 issue

[Sun-Ho Lee ìì(CSêëí) <sunho.lee@mdsit.co.kr>]

Hi Tim,

I have found an issue with TC-REKEY-9-30 ~ TC-REKEY-12-30 and would like to share it with you.

The error is expected due to a mismatch between the public key of the key pair generated at 'step=0' and the public key inside the 'step=2' CertificateRequestValue.

I think should do Register operation instead of CreateKeyPair at 'step=0' as shown below.

<RequestMessage>

<RequestHeader>

<ProtocolVersion>

<ProtocolVersionMajor type="Integer" value="3" />

<ProtocolVersionMinor type="Integer" value="0" />

</ProtocolVersion>

<ClientCorrelationValue type="TextString" value="TC-REKEY-9-30 step=0" />

</RequestHeader>

<BatchItem>

<Operation type="Enumeration" value="Register" />

<RequestPayload>

<ObjectType type="Enumeration" value="PublicKey" />

<Attributes>

<CryptographicAlgorithm type="Enumeration" value="RSA" />

<CryptographicLength type="Integer" value="2048" />

<RotateAutomatic type="Boolean" value="true" />

<ActivationDate type="DateTime" value="$NOW-3600" />

<Name type="TextString" value="TC-REKEY-9-30-Public-Name" />

<CryptographicUsageMask type="Integer" value="Decrypt Verify" />

<Attribute>

<VendorIdentification type="TextString" value="x" />

<AttributeName type="TextString" value="Name" />

<AttributeValue type="TextString" value="TC-REKEY-9-30-Name" />

</Attribute>

</Attributes>

<PublicKey>

<KeyBlock>

<KeyFormatType type="Enumeration" value="PKCS_1" />

<KeyValue>

<KeyMaterial type="ByteString"

value="3082010a0282010100ab7f161c0042496ccd6c6d4dadb919973435357776003acf54b7af1e440afb80b64a8755f8002cfeba6b184540a2d66086d74648346d75b8d71812b205387c0f6583bc4d7dc7ec114f3b176b7957c422e7d03fc6267fa2a6f89b9bee9e60a1d7c2d833e5a5f4bb0b1434f4e795a41100f8aa214900df8b65089f98135b1c67b701675abdbc7d5721aac9d14a7f081fcec80b64e8a0ecc8295353c795328abf70e1b42e7bb8b7f4e8ac8c810cdb66e3d21126eba8da7d0ca34142cb76f91f013da809e9c1b7ae64c54130fbc21d80e9c2cb06c5c8d7cce8946a9ac99b1c2815c3612a29a82d73a1f99374fe30e54951662a6eda29c6fc411335d5dc7426b0f6050203010001" />

</KeyValue>

<CryptographicAlgorithm type="Enumeration" value="RSA" />

<CryptographicLength type="Integer" value="2048" />

</KeyBlock>

</PublicKey>

</RequestPayload>

</BatchItem>

</RequestMessage>

The UID for step=4 also needs to be modified to match the above.

Best regards,

Sun-Ho

ììí / êíëì  Sun-ho Lee / Ph.D.

ìììêì / ëëììììëë ëììêì CSêëí   Senior Research Engineer / CyberSecurity Development Team

T +82-31-601-4358   M +82-10-9123-6173   F +82-31-601-4013   E sunho.lee@mdsit.co.kr

(ì)MDSìíëìì (ê (ì)íììíëìì)  www.mdsit.co.kr

13487 êêë ìëì ëëê íêë 228ëê 17 íêìëëìëë 2ëì 1ë 9ì

MDS Intelligence Inc. (Former Hancom Intelligence Inc.)

9F Pangyo Seven Venture Valley, 17, Pangyo-ro 228 beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do, 

Republic of Korea 13487

ë ëìê ìëëìë ììì ëì ìí êìë 'ëìêìëì ë ììëëëíì êí ëë'ì ìí ëíì ëìì ëë MDSìíëììëì ëëìëë íííê ìì ì ììëë. ëëì ë ëìê ìë ëìì ííë ìëì ìë ëë ìëë ëëìë ì3ììê êê ëë ëííë íìë ìêí êìíëë. ëì êíê ëìì ìììì ìë êì ë ëìì ëìíê ììí ììê ëëëë.
This mail and attachments contain confidential information of MDS Intelligence Inc. which has its own authority. It is not allowed to disclose or transmit this confidential information to the third parties without the prior written consent of MDS Intelligence Inc. by any form or means. If you are not the intended recipient, please notify the sender immediately and destroy all copies of the original message.