I seem to be having trouble receiving all emails sent via the reflector. In particular, Bob’s don’t come through for some reason. I apologize if anyone else has mentioned these.
- I prefer C_Encapsulate and C_Decapsulate over C_EncapsulateKey/C_DecapsulateKey. My understanding is that the value encapsulated, and the value output from decapsulation, should not
be directly used as a key.
- pkcs11_kem_algs_draft2.pdf section 1.1.4: I think this should, somehow, make it clear that the paragraph following “This mechanism can encapsulate and decapsulate keys according to
RSASVE…” doesn’t apply to encapsulation/decapsulation. Moving that RSASVE sentence before the wrap and unwrap paragraph might do it.
- pkcs11_kem_algs_draft2.pdf section 1.4.3, pkcs11_pq_sig_algs_2 sections 1.1.3, 1.2.3, and 1.3.3: Our applications start most operations in PKCS#11 with a certificate. They then attempt
to find a private key on the device matching the certificate. For RSA this can be done by extracting the public key information from the certificate and then finding a RSA private key with matching public key information. For ECC, it’s a mess because there’s
nothing linking the public key to the private key other than the seldom used, and optional, CKA_PUBLIC_KEY_INFO. Please include enough information in the private key object for an application to find it with only the public key.
- I’m probably in the minority, but I prefer pkcs11_pq_sig_verify_multi_1’s approach.
Sincerely,
Jonathan
|