OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: New work item: CKD_SHA*_KDF



New work items:

Deprecate the current CKD_SHA*_KDFs as being under specified. These are from X9.63 which actually has two versions for each of these - counter starts at 0 and counter starts at 1. The text doesn't indicate which is used.

Add new X9.63 KDF(s). Either two KDFs (KDF1 and KDF2) with a mechanism info which says which hash, or enough KDFs to cover the entire set.


Add new NIST SP800-56A KDFs (mostly the same as X9.63, except for inverse order of counter and public data).

Add any other EC used KDFs? (Other standards bodies?)

Deprecate the current ECDH mechanisms (any that use CK_ECDH1_DERIVE_PARAMS) and replace with mechanisms that use a fixed CK_ECDH1_DERIVE_PARAMS (by a new name) which uses a mechanism structure for the KDF rather than the bare KDF type. (We should have done this for 2.30 rather than mucking with the pPublicData format).





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]