[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] Nonce in CCM mechanism parameter
Darren had the following thoughts on this:Same as any other mechanism that has requirements on its params, it should return CK_ARGUMENTS_BAD if ulNonceLen is 0 or pNonce is NULL.
does that help? Valerie On 9/5/2016 6:25 AM, Dieter Bong wrote:
All, PKCS#11 spec V2.40 sections 2.12.1 and 2.12.5 state that „/pNonce /may be NULL /if ulNonceLen /is 0.“ Yet both NIST SP800-38C and RFC36110 require a Nonce. Thus how should C_Encrypt / C_Decrypt for CCM encryption react in case that the nonce is omitted (ulNonceLen = 0) ? Shouldn’t it return an error? And consequently NOT allow pNonce and ulNonceLen being NULL / 0 ? Any opinion? Thanks, Dieter -------------------------------------------------------------------------------- Utimaco IS GmbH Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com Seat: Aachen – Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 496 Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen CFO This communication is confidential. We only send and receive email on the basis of the terms set out at https://www.utimaco.com/en/e-mail-disclaimer/
-- Valerie Fenwick, http://bubbva.blogspot.com/ @bubbva Solaris Cryptographic & Key Management Technologies, Manager Oracle Corporation: 4180 Network Circle, Santa Clara, CA, 95054.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]