RE: [pkcs11] Review of IKE (section 2.64)

[Dieter Bong <Dieter.Bong@utimaco.com>]

Hi Bob,

Thank you for your review. I have fixed the typo and added the wording wrt. CKA_VALUE_LEN, in PKCS#11 3.1 WD04 sections 6.64.2 and 6.64.6.

Best regards,
Dieter

-----Original Message-----
From: pkcs11@lists.oasis-open.org <pkcs11@lists.oasis-open.org> On Behalf Of Robert Relyea
Sent: Wednesday, April 14, 2021 12:19 AM
To: OASIS PKCS11 Technical Committee <pkcs11@lists.oasis-open.org>
Subject: [pkcs11] Review of IKE (section 2.64)

I found two types. One was in the original proposal, the other seems to happen in transcription.

In 2.64.2
in CK_IKE2_PRF_PLUS_DERIVE_PARAMS:
SeedData should be pSeedData
(it's correct in the header file and in the description below and the original proposal).



In section 2.64.6, the follow paragraph is missing from both the
original proposal and the spec. (I think it was found after the proposal)

If CKA_VALUE_LEN is less then or equal to the prf length and bHasKeygxy
is FALSE, then the new key is simply the base key truncated to
CKA_VALUE_LEN (specified in RFC2409 appendix B). Otherwise the prf below
is executed and the derived keys value is CKA_VALUE_LEN bytes of the
resulting prf.

bob


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php



________________________________

Utimaco IS GmbH
Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com
Seat: Aachen â Registergericht Aachen HRB 18922
VAT ID No.: DE 815 496 496
Managementboard: Stefan Auerbach (Chairman) CEO, Malte Pollmann CSO, Martin Stamm CFO

This communication is confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Please inform us immediately and destroy the email.