OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [pkcs11] Outdated header files are becoming official!

The diffs between what we reviewed and what is included is:

--- pkcs11t.h  2020-01-20 21:33:45.588997185 +1000
+++ x/pkcs11t.h 2020-03-28 02:00:00.000000000 +1000
@@ -1,13 +1,10 @@
-/* Copyright (c) OASIS Open 2016, 2019. All Rights Reserved./
- * /Distributed under the terms of the OASIS IPR Policy,
+/* Copyright (c) OASIS Open 2016-2020. All Rights Reserved.
+ * Distributed under the terms of the OASIS IPR Policy,
 * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
 * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
 * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
 */
    Â
-/* Latest version of the specification:
- * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
- */
Â
Â/* See top of pkcs11.h for information about the macros that
 * must be defined and the structure-packing conventions that
@@ -410,10 +407,6 @@
Â#define CKK_EC_MONTGOMERY Â Â Â 0x00000041UL
Â#define CKK_HKDF Â Â Â Â Â Â Â Â0x00000042UL
Â
-#define CKK_SHA512_224_HMAC Â Â 0x00000043UL
-#define CKK_SHA512_256_HMAC Â Â 0x00000044UL
-#define CKK_SHA512_T_HMAC Â Â Â 0x00000045UL
-
Â#define CKK_VENDOR_DEFINED Â Â Â0x80000000UL
Â
Â
@@ -588,24 +581,6 @@
Â#define CKA_ALLOWED_MECHANISMS Â Â Â Â Â(CKF_ARRAY_ATTRIBUTE|0x00000600UL)
Â#define CKA_PROFILE_ID Â Â Â Â Â Â Â Â Â0x00000601UL
Â
-#define CKA_X2RATCHET_BAG Â Â Â Â Â Â Â 0x00000602UL
-#define CKA_X2RATCHET_BAGSIZE Â Â Â Â Â 0x00000603UL
-#define CKA_X2RATCHET_BOBS1STMSG Â Â Â Â0x00000604UL
-#define CKA_X2RATCHET_CKR Â Â Â Â Â Â Â 0x00000605UL
-#define CKA_X2RATCHET_CKS Â Â Â Â Â Â Â 0x00000606UL
-#define CKA_X2RATCHET_DHP Â Â Â Â Â Â Â 0x00000607UL
-#define CKA_X2RATCHET_DHR Â Â Â Â Â Â Â 0x00000608UL
-#define CKA_X2RATCHET_DHS Â Â Â Â Â Â Â 0x00000609UL
-#define CKA_X2RATCHET_HKR Â Â Â Â Â Â Â 0x0000060aUL
-#define CKA_X2RATCHET_HKS Â Â Â Â Â Â Â 0x0000060bUL
-#define CKA_X2RATCHET_ISALICE Â Â Â Â Â 0x0000060cUL
-#define CKA_X2RATCHET_NHKR Â Â Â Â Â Â Â0x0000060dUL
-#define CKA_X2RATCHET_NHKS Â Â Â Â Â Â Â0x0000060eUL
-#define CKA_X2RATCHET_NR Â Â Â Â Â Â Â Â0x0000060fUL
-#define CKA_X2RATCHET_NS Â Â Â Â Â Â Â Â0x00000610UL
-#define CKA_X2RATCHET_PNS Â Â Â Â Â Â Â 0x00000611UL
-#define CKA_X2RATCHET_RK Â Â Â Â Â Â Â Â0x00000612UL
-
Â#define CKA_VENDOR_DEFINED Â Â Â Â Â Â Â0x80000000UL
Â
Â/* CK_ATTRIBUTE is a structure that includes the type, length
@@ -869,18 +844,12 @@
Â#define CKM_SHA384_KEY_DERIVATION Â Â Â0x00000394UL
Â#define CKM_SHA512_KEY_DERIVATION Â Â Â0x00000395UL
Â#define CKM_SHA224_KEY_DERIVATION Â Â Â0x00000396UL
-#define CKM_SHA3_256_KEY_DERIVATION Â Â0x00000397UL
-#define CKM_SHA3_224_KEY_DERIVATION Â Â0x00000398UL
-#define CKM_SHA3_384_KEY_DERIVATION Â Â0x00000399UL
-#define CKM_SHA3_512_KEY_DERIVATION Â Â0x0000039AUL
-#define CKM_SHAKE_128_KEY_DERIVATION Â 0x0000039BUL
-#define CKM_SHAKE_256_KEY_DERIVATION Â 0x0000039CUL
-#define CKM_SHA3_256_KEY_DERIVE ÂCKM_SHA3_256_KEY_DERIVATION
-#define CKM_SHA3_224_KEY_DERIVE ÂCKM_SHA3_224_KEY_DERIVATION
-#define CKM_SHA3_384_KEY_DERIVE ÂCKM_SHA3_384_KEY_DERIVATION
-#define CKM_SHA3_512_KEY_DERIVE ÂCKM_SHA3_512_KEY_DERIVATION
-#define CKM_SHAKE_128_KEY_DERIVE CKM_SHAKE_128_KEY_DERIVATION
-#define CKM_SHAKE_256_KEY_DERIVE CKM_SHAKE_256_KEY_DERIVATION
+#define CKM_SHA3_256_KEY_DERIVE Â Â Â Â0x00000397UL
+#define CKM_SHA3_224_KEY_DERIVE Â Â Â Â0x00000398UL
+#define CKM_SHA3_384_KEY_DERIVE Â Â Â Â0x00000399UL
+#define CKM_SHA3_512_KEY_DERIVE Â Â Â Â0x0000039AUL
+#define CKM_SHAKE_128_KEY_DERIVE Â Â Â 0x0000039BUL
+#define CKM_SHAKE_256_KEY_DERIVE Â Â Â 0x0000039CUL
Â
Â#define CKM_PBE_MD2_DES_CBC Â Â Â Â Â Â0x000003A0UL
Â#define CKM_PBE_MD5_DES_CBC Â Â Â Â Â Â0x000003A1UL
@@ -908,6 +877,8 @@
Â#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE Â0x000003D4UL
Â#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE Â0x000003D5UL
Â
+#define CKM_TLS10_MAC_SERVER Â Â Â Â Â Â Â Â0x000003D6UL
+#define CKM_TLS10_MAC_CLIENT Â Â Â Â Â Â Â Â0x000003D7UL
Â#define CKM_TLS12_MAC Â Â Â Â Â Â Â Â Â Â Â 0x000003D8UL
Â#define CKM_TLS12_KDF Â Â Â Â Â Â Â Â Â Â Â 0x000003D9UL
Â#define CKM_TLS12_MASTER_KEY_DERIVE Â Â Â Â 0x000003E0UL
@@ -985,7 +956,6 @@
Â#define CKM_ECDSA_SHA256 Â Â Â Â Â Â Â 0x00001044UL
Â#define CKM_ECDSA_SHA384 Â Â Â Â Â Â Â 0x00001045UL
Â#define CKM_ECDSA_SHA512 Â Â Â Â Â Â Â 0x00001046UL
-#define CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS 0x0000140BUL
Â
Â#define CKM_ECDH1_DERIVE Â Â Â Â Â Â Â 0x00001050UL
Â#define CKM_ECDH1_COFACTOR_DERIVE Â Â Â0x00001051UL
@@ -1054,10 +1024,8 @@
Â#define CKM_DSA_PARAMETER_GEN Â Â Â Â Â0x00002000UL
Â#define CKM_DH_PKCS_PARAMETER_GEN Â Â Â0x00002001UL
Â#define CKM_X9_42_DH_PARAMETER_GEN Â Â 0x00002002UL
-#define CKM_DSA_PROBABILISTIC_PARAMETER_GEN 0x00002003UL
-#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN CKM_DSA_PROBABILISTIC_PARAMETER_GEN
+#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN Â Â0x00002003UL
Â#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN Â Â0x00002004UL
-#define CKM_DSA_FIPS_G_GEN Â Â Â Â Â Â Â 0x00002005UL
Â
Â#define CKM_AES_OFB Â Â Â Â Â Â Â Â Â Â0x00002104UL
Â#define CKM_AES_CFB64 Â Â Â Â Â Â Â Â Â0x00002105UL
@@ -1114,7 +1082,6 @@
Â#define CKM_HKDF_DERIVE Â Â Â Â Â Â Â Â0x0000402aUL
Â#define CKM_HKDF_DATA Â Â Â Â Â Â Â Â Â0x0000402bUL
Â#define CKM_HKDF_KEY_GEN Â Â Â Â Â Â Â 0x0000402cUL
-#define CKM_SALSA20_KEY_GEN Â Â Â Â Â Â0x0000402dUL
Â
Â#define CKM_ECDSA_SHA3_224 Â Â Â Â Â Â 0x00001047UL
Â#define CKM_ECDSA_SHA3_256 Â Â Â Â Â Â 0x00001048UL
@@ -1162,8 +1129,7 @@
Â#define CKF_MESSAGE_DECRYPT Â Â0x00000004UL
Â#define CKF_MESSAGE_SIGN Â Â Â 0x00000008UL
Â#define CKF_MESSAGE_VERIFY Â Â 0x00000010UL
-#define CKF_MULTI_MESSAGE Â Â Â0x00000020UL
-#define CKF_MULTI_MESSGE Â Â Â CKF_MULTI_MESSAGE
+#define CKF_MULTI_MESSGE Â Â Â 0x00000020UL
Â#define CKF_FIND_OBJECTS Â Â Â 0x00000040UL
Â
Â#define CKF_ENCRYPT Â Â Â Â Â Â0x00000100UL
@@ -1321,7 +1287,6 @@
Â
Â#define CKR_FUNCTION_REJECTED Â Â Â Â Â Â Â Â 0x00000200UL
Â#define CKR_TOKEN_RESOURCE_EXCEEDED Â Â Â Â Â 0x00000201UL
-#define CKR_OPERATION_CANCEL_FAILED Â Â Â Â Â 0x00000202UL
Â
Â#define CKR_VENDOR_DEFINED Â Â Â Â Â Â Â Â Â Â0x80000000UL
Â
@@ -1433,11 +1398,6 @@
Â#define CKG_MGF1_SHA384 Â Â Â 0x00000003UL
Â#define CKG_MGF1_SHA512 Â Â Â 0x00000004UL
Â#define CKG_MGF1_SHA224 Â Â Â 0x00000005UL
-#define CKG_MGF1_SHA3_224 Â Â 0x00000006UL
-#define CKG_MGF1_SHA3_256 Â Â 0x00000007UL
-#define CKG_MGF1_SHA3_384 Â Â 0x00000008UL
-#define CKG_MGF1_SHA3_512 Â Â 0x00000009UL
-
Â
Â/* CK_RSA_PKCS_OAEP_SOURCE_TYPE Âis used to indicate the source
 * of the encoding parameter when formatting a message block
@@ -1475,7 +1435,6 @@
Âtypedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;
Â
Âtypedef CK_ULONG CK_EC_KDF_TYPE;
-typedef CK_EC_KDF_TYPE CK_PTR CK_EC_KDF_TYPE_PTR;
Â
Â/* The following EC Key Derivation Functions are defined */
Â#define CKD_NULL Â Â Â Â Â Â Â Â 0x00000001UL
@@ -2239,7 +2198,6 @@
 */
Â
Âtypedef CK_ULONG CK_PROFILE_ID;
-typedef CK_PROFILE_ID CK_PTR CK_PROFILE_ID_PTR;
Â
Â/* Typedefs for Flexible KDF */
Âtypedef CK_ULONG CK_PRF_DATA_TYPE;
@@ -2248,7 +2206,6 @@
Â#define CK_SP800_108_OPTIONAL_COUNTER Â 0x00000002UL
Â#define CK_SP800_108_DKM_LENGTH Â Â Â Â 0x00000003UL
Â#define CK_SP800_108_BYTE_ARRAY Â Â Â Â 0x00000004UL
-#define CK_SP800_108_COUNTER Â Â Â Â Â ÂCK_SP800_108_OPTIONAL_COUNTER
Â
Âtypedef struct CK_PRF_DATA_PARAM
Â{
@@ -2269,8 +2226,6 @@
Âtypedef CK_SP800_108_COUNTER_FORMAT CK_PTR CK_SP800_108_COUNTER_FORMAT_PTR;
Â
Âtypedef CK_ULONG CK_SP800_108_DKM_LENGTH_METHOD;
-#define CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS Â Â 0x00000001UL
-#define CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS 0x00000002UL
Â
Âtypedef struct CK_SP800_108_DKM_LENGTH_FORMAT
Â{
@@ -2297,7 +2252,7 @@
  CK_ULONG        ulNumberOfDataParams;
  CK_PRF_DATA_PARAM_PTR ÂpDataParams;
  CK_ULONG       ulAdditionalDerivedKeys;
- Â CK_DERIVED_KEY_PTR Â pAdditionalDerivedKeys;
+ Â CK_DERIVED_KEY Â Â Â pAdditionalDerivedKeys;
Â} CK_SP800_108_KDF_PARAMS;
Â
Âtypedef CK_SP800_108_KDF_PARAMS CK_PTR CK_SP800_108_KDF_PARAMS_PTR;
@@ -2310,7 +2265,7 @@
  CK_ULONG        ulIVLen;
  CK_BYTE_PTR      ÂpIV;
  CK_ULONG       ulAdditionalDerivedKeys;
- Â CK_DERIVED_KEY_PTR Â pAdditionalDerivedKeys;
+ Â CK_DERIVED_KEY Â Â Â pAdditionalDerivedKeys;
Â} CK_SP800_108_FEEDBACK_KDF_PARAMS;
Â
Âtypedef CK_SP800_108_FEEDBACK_KDF_PARAMS \
@@ -2333,14 +2288,15 @@
    CK_ULONG    ÂulNonceBits;
Â} CK_CHACHA20_PARAMS;
Â
-typedef CK_CHACHA20_PARAMS CK_PTR CK_CHACHA20_PARAMS_PTR;
+/* need typedef CK_CHACHA20_PARAMS CK_PTR CK_CHACHA20_PARAMS_PTR? */
Â
Âtypedef struct CK_SALSA20_PARAMS {
    CK_BYTE_PTR   pBlockCounter;
    CK_BYTE_PTR   pNonce;
    CK_ULONG    ÂulNonceBits;
Â} CK_SALSA20_PARAMS;
-typedef CK_SALSA20_PARAMS CK_PTR CK_SALSA20_PARAMS_PTR;
+
+/* need typedef CK_CHACHA20_PARAMS CK_PTR CK_CHACHA20_PARAMS_PTR? */
Â
Âtypedef struct CK_SALSA20_CHACHA20_POLY1305_PARAMS {
 ÂCK_BYTE_PTR ÂpNonce;
@@ -2424,17 +2380,16 @@
Âtypedef CK_XEDDSA_PARAMS CK_PTR CK_XEDDSA_PARAMS_PTR;
Â
Âtypedef struct CK_HKDF_PARAMS {
- Â CK_BBOOL bExtract;
- Â CK_BBOOL bExpand;
+ Â CK_BOOL bExtract;
+ Â CK_BOOL bExpand;
  CK_MECHANISM_TYPE prfHashMechanism;
  CK_ULONG ulSaltType;
  CK_BYTE_PTR pSalt;
  CK_ULONG ulSaltLen;
- Â CK_OBJECT_HANDLE hSaltKey;
+ Â CK_HANDLE hSaltKey;
  CK_BYTE_PTR pInfo;
  CK_ULONG ulInfoLen;
Â} CK_HKDF_PARAMS;
-typedef CK_HKDF_PARAMS CK_PTR CK_HKDF_PARAMS_PTR;
Â
Â#define CKF_HKDF_SALT_NULL Â 0x00000001UL
Â#define CKF_HKDF_SALT_DATA Â 0x00000002UL


On Wed, Jun 24, 2020 at 10:36 PM Daniel Minder <Daniel.Minder@utimaco.com> wrote:

All,

Â

I was wondering why Oscar found some TODOs for definitions where I was sure that I had found them during my review and Bob had created new identifier.

The reason is: the header files that will become official soon are an outdated version!

Â

Please compare https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/cos01/include/pkcs11-v3.0/ and https://github.com/oasis-tcs/pkcs11/tree/master/working/3-00-current

In pkcs11t.h MANY definitions are missing. Also some things just donât work with it, for example CK_SP800_108_KDF_PARAMS.pAdditionalDerivedKeys is still a struct instead of a pointer there. Or CK_HKDF_PARAMS doesnât compile.

Renaming the parameters of C_DecryptMessageNext in pkcs11f.h is just a minor issue.

Â

Is there any way to stop publication NOW?

Â

Moreover, Iâve discovered that the author lists in all specification documents is still marked as TODO.

Â

We really need to work on our processesâ

Â

Daniel



Utimaco IS GmbH
Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com
Seat: Aachen â Registergericht Aachen HRB 18922
VAT ID No.: DE 815 496 496
Managementboard: Stefan Auerbach (Chairman) CEO, Malte Pollmann CSO, Martin Stamm CFO

This communication is confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Please inform us immediately and destroy the email.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]