[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: inconsistency: public exponent in RSA private key required for C_CreateObject
All, I’ve asked this already in March 2019, but nobody has replied. So, another try. Both the base and the current mechanisms specification contain a definition of the RSA private key objects (sections 4.9.1 and sections 2.1.3, respectively). However, both in the table and in the following text there
is an inconsistency concerning CKA_PUBLIC_EXPONENT. In the base spec, table 27 has footnotes 1,4,6 for attribute CKA_PUBLIC_EXPONENT, while in the mech spec, table 3 only contains footnotes 4,6. Footnote 1 is: “MUST be specified when object is created with C_CreateObject.” The same discrepancy exists in the text. Base spec lines 1644-1646 read: “The only attributes from Table 27 for which a Cryptoki implementation is required to be able to return values are CKA_MODULUS, CKA_PRIVATE_EXPONENT, and CKA_PUBLIC_EXPONENT.” Mech spec lines 383-384 read: “The only attributes from Table 3 for which a Cryptoki implementation is required to be able to return values are CKA_MODULUS and CKA_PRIVATE_EXPONENT.” Please also note that the last sentence of the definition in base spec (lines 1646-1647 “A token SHOULD also be able to return CKA_PUBLIC_KEY_INFO for an RSA private key. See the general guidance for Private Keys above.)
is missing completely in the mech spec. Searching in the mail archive (https://markmail.org/message/wkbpbn7ugdzoukd4) it seems that this was a change back in 2.40 and the intention is better reflected
in the base spec. This should be copied to the mech spec. In fact, I think the RSA private key definition should be removed completely from the base spec. Regards, Daniel Utimaco IS GmbH Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com Seat: Aachen – Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 496 Managementboard: Stefan Auerbach (Chairman) CEO, Malte Pollmann CSO, Martin Stamm CFO This communication is confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Please inform us immediately and destroy the email. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]