[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [pkcs11] Nonce in CCM mechanism parameter
Hi Valerie and Darren, Thanks for your feedback. I guess that would require updating the following sections of the "Current Mechanisms" spec: * Chapter 2.12.1, sections "Encrypt" and "Decrypt": Remove " pNonce may be NULL if ulNonceLen is 0. " in the 2nd bullet. * Chapter 2.12.3, section " •CK_CCM_PARAMS; CK_CCM_PARAMS_PTR ": specify that ulNonceLen must be > 0, e.g. "length of pNonce (0 < ulNonceLen <= 15-L) in bytes." * Chapter 2.12.5, sections "Encrypt" and "Decrypt": Remove " pNonce may be NULL if ulNonceLen is 0. " in the 2nd bullet. I hope I didn't miss any instance that needs adaptation. Best regards, Dieter -----Original Message----- From: pkcs11@lists.oasis-open.org [mailto:pkcs11@lists.oasis-open.org] On Behalf Of Valerie Fenwick Sent: Mittwoch, 9. November 2016 21:30 To: pkcs11@lists.oasis-open.org Subject: Re: [pkcs11] Nonce in CCM mechanism parameter Darren had the following thoughts on this: Same as any other mechanism that has requirements on its params, it should return CK_ARGUMENTS_BAD if ulNonceLen is 0 or pNonce is NULL. does that help? Valerie On 9/5/2016 6:25 AM, Dieter Bong wrote: > All, > > > > PKCS#11 spec V2.40 sections 2.12.1 and 2.12.5 state that „/pNonce /may > be NULL /if ulNonceLen /is 0.“ Yet both NIST SP800-38C and RFC36110 require a Nonce. > Thus how should C_Encrypt / C_Decrypt for CCM encryption react in case > that the nonce is omitted (ulNonceLen = 0) ? Shouldn’t it return an > error? And consequently NOT allow pNonce and ulNonceLen being NULL / 0 ? > > > > Any opinion? > > > > Thanks, > > Dieter > > > ---------------------------------------------------------------------- > ---------- > > Utimaco IS GmbH > Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, > www.utimaco.com > Seat: Aachen – Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 > 496 > Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen > CFO > > This communication is confidential. We only send and receive email on > the basis of the terms set out at > https://www.utimaco.com/en/e-mail-disclaimer/ -- Valerie Fenwick, http://bubbva.blogspot.com/ @bubbva Solaris Cryptographic & Key Management Technologies, Manager Oracle Corporation: 4180 Network Circle, Santa Clara, CA, 95054. --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php ________________________________ Utimaco IS GmbH Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com Seat: Aachen – Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 496 Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen CFO This communication is confidential. We only send and receive email on the basis of the terms set out at https://www.utimaco.com/en/e-mail-disclaimer/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]