[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Both are defined: CKM_TLS12_MAC and CKM_TLS_MAC
Hi, I find one interesting thing, we have the followings defined: #define CKM_TLS12_MAC 0x000003D8UL #define CKM_TLS_MAC 0x000003E4UL And, in the spec, we also refer to CKM_TLS_MAC in: 2.29.3 TLS MACThe TLS MAC mechanism is used to generate integrity tags for the TLS "finished" message. It replaces the use of the CKM_TLS_PRF function for TLS1.0 and 1.1 and that mechanism is deprecated.
CKM_TLS_MAC takes a parameter of CK_TLS_MAC_PARAMS. And, we refer to CKM_TLS12_MAC in: 2.29.4 Master key derivation Master key derivation ::::::::::::::::::::::::: :::::::::::::::::::::::::::::::::::::::::::::::The mechanism also contributes the CKA_ALLOWED_MECHANISMS attribute consisting only of CKM_TLS12_KEY_AND_MAC_DERIVE, CKM_TLS12_KEY_SAFE_DERIVE, CKM_TLS12_KDF and CKM_TLS12_MAC.
I think a long time back that Wan-Teh proposed CKM_TLS12_MAC, and then, we rename it to CKM_TLS_MAC, correct ?
So, we do NOT need CKM_TLS12_MAC. Please confirm.. Thanks, Oscar
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]