[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Inconsistencies in KMIP Test Cases v1.2: TC-141-11, TC-142-11; Test Cases v1.4: TC-Wrap-X-14.xml
Greetings In regard to the KMIP Test Cases v1.2 document [11 November, 2014]: 1. It appears that *all* of the preamble text for TC-141-11 was intended for TC-142-11 and vice versa. For example, TC-141-11’s preamble states that “The Encoding Option field is omitted, …”, but in fact the Encoding Option field is present: <KeyWrappingSpecification> <WrappingMethod type="Enumeration" value="Encrypt"/> <EncryptionKeyInformation> <UniqueIdentifier type="TextString" value="$UNIQUE_IDENTIFIER_0"/> <CryptographicParameters> <BlockCipherMode type="Enumeration" value="NISTKeyWrap"/> </CryptographicParameters> </EncryptionKeyInformation> <EncodingOption type="Enumeration" value="NoEncoding"/> # TIME-2@Line=0141 </KeyWrappingSpecification> 2. Conversely, TC-142-11’s preamble states that “The Encoding Option is set to No Encoding, …”, but in fact the Encoding Option is omitted: <KeyWrappingSpecification> <WrappingMethod type="Enumeration" value="Encrypt"/> <EncryptionKeyInformation> <UniqueIdentifier type="TextString" value="$UNIQUE_IDENTIFIER_0"/> <CryptographicParameters> <BlockCipherMode type="Enumeration" value="NISTKeyWrap"/> </CryptographicParameters> </EncryptionKeyInformation> <AttributeName type="TextString" value="Cryptographic Usage Mask"/> </KeyWrappingSpecification> The following issue may have been detected during recent KMIP Interop testing … In the case of TC-Wrap-1-14.xml, the KEK [i.e. TC-WRAP-1-14-KEK] is Register’d with a Usage Mask of ‘WrapKey’: <TemplateAttribute> <Attribute> <AttributeName type="TextString" value="x-ID"/> <AttributeValue> <NameValue type="TextString" value="TC-WRAP-1-14-KEK"/> <NameType type="Enumeration" value="UninterpretedTextString"/> </AttributeValue> </Attribute> <Attribute> <AttributeName type="TextString" value="Cryptographic Usage Mask"/> <AttributeValue type="Integer" value="WrapKey"/> </Attribute> ** However ** - The above KEK is used by the KMIP client to wrap the DEK [i.e. TC-WRAP-1-14-key2] that the client Register’s with the server. It follows that when the server attempts to /unwrap/ the given key, the server would expect the KEK’s Usage Mask to include ‘UnwrapKey’, which it does not. I think this issue repeats itself in TC-Wrap-2-14.xml and TC-Wrap-3-14.xml. Cheers, … Dave The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]