[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [kmip] Split Key proposal
[<[Bob]>] The check value should be considered a read-only value which is immutable. It can either be fixed, or calculated on the fly each time it is requested. My thought is that it can be retrieved via a 'Get Attributes' call. The type of data could be string as it is generally shown as 6 ASCII characters which is the HEXASCII encoding of the 3 MSB resulting from ECB encrypting a plaintext block of all zeros (e.g. for DES, ECB encrypt 64 bit buffer of all zeros, and return bytes[0-2], then convert to HEXASCII).
How about a new attribute Check Value similar to Digest? A structure consisting of Encryption algorithm, Check value, and Key format type. It could be applied to symmetric key or split key.
Kelley
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]