Question about CK_EDDSA_PARAMS / phFlag

[Conrado GouvÃa <conradoplg@kryptus.com>]

Dear P11 TC:

I'm working on a P11 3.0 implementation and I have a question about EdDSA.

When phFlag is set to true inÂCK_EDDSA_PARAMS, what does that mean regarding the input to C_Sign?

Should the hash be computed outside, and provided as the input to C_Sign?

Or should the message itself must be used as input to C_Sign, and the token must compute the hash internally?

The first option makes more sense since the whole point of prehashed is to be able to compute the hash outside. However, from what I've read this is not explicitly mentioned in the spec, so it seems ambiguous. It would be good to clarify this in the next revision.

Also, a somewhat related question: in sections 2.3.5 and 2.3.6 regarding Edwards private/public objects, the spec says "Note that keys defined by RFC 8032 and RFC 8410 are incompatible." Why isÂthis so? RFC 8032 is a normative reference inÂ8410 and they do not contradict anywhere.

Best regards,

Conrado Gouvea Cryptography Specialist conradoplg@kryptus.com +55 (19) 3112-5000 www.kryptus.com

Este e-mail e quaisquer anexos podem conter informaÃÃo confidencial, proprietÃria, privilegiada, classificada ou protegida por Lei. A informaÃÃo aqui contida à destinada exclusivamente para os destinatÃrios nominados (ou para a pessoa responsÃvel por entregar a informaÃÃo para o destinatÃrio). Se vocà nÃo à o destinatÃrio pretendido desta mensagem entÃo vocà nÃo està autorizado a ler, imprimir, reter, copiar ou disseminar esta mensagem na Ãntegra ou mesmo parcialmente. Se vocà recebeu este e-mail erroneamente, por favor notifique o remetente e remova a mesma de sua caixa postal e dispositivos.

This e-mail and any attachments may contain information that is confidential, proprietary, privileged or otherwise protected by law. The information contained herein is solely intended for the named addressee (or a person responsible for delivering it to the addressee).If you are not the intended recipient of this message, you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete it from your computer.