RE: [pkcs11] Groups - GCM and CCM iv/nonce token generated for wrapping

Hi Hamish,

Is there a standard or specification that this is intended to help meet. For example, section 4.7 of RFC 7518 defines “Key Encryption with AES GCM” as a JSON Web Algorithm. If so, adding a reference to the standard would be helpful for context. As of now I don’t have a good handle on why I would implement this, which algorithms it would support, etc.

Section 1.2.1 states that it can be used to wrap with a public key that supports encryption and decryption? What public key algorithm supports authenticated key wrap?

Section 1.2.1 states that it can be used to wrap with any secret key? Is that true? Someone can wrap with 3DES or some other key for which there is no authenticated encryption algorithm defined?

Nits:

1.2.1 paragraph one starts with C_WrapMessageKey (the old name)
1.2.1 paragraph four’s first sentence misspells C_WrapKeyAuthenticated as C_WrapKeAuthenticated

Sincerely,

Jonathan

From: pkcs11@lists.oasis-open.org <pkcs11@lists.oasis-open.org> On Behalf Of Hamish Cameron
Sent: Tuesday, April 25, 2023 3:50 PM
To: pkcs11@lists.oasis-open.org
Subject: [EXT][pkcs11] Groups - GCM and CCM iv/nonce token generated for wrapping v2 uploaded

THIS MESSAGE COMES FROM AN EXTERNAL SOURCE. PLEASE VERIFY THE CONTENTS OF THIS MESSAGE BEFORE PROCEEDING.

Document Name: GCM and CCM iv/nonce token generated for wrapping v2

Description
Updated Proposal for allowing the token to choose/generate the IV (GCM) or
nonce (CCM)internally when wrapping in GCM and CCM two proposals here:
1. New Authenticated wrapping functions
2. New wrap params structure to be able to be used with the current
C_WrapKey and C_UnWrapKey.

Description of how to actually use new functions and existing with GCM and
CCM.
Download Latest Revision
Public Download Link

Submitter: Hamish Cameron
Group: OASIS PKCS 11 TC
Folder: Working Drafts
Date submitted: 2023-04-25 13:50:23

pkcs11 message