[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: PKCS11 base spec 3.0 WD 05 comments.
1. It looks like my feedback from 1/24 didn't quite get incorporated:
My comments are basically deficiencies with the original proposal (which becomes more clear with the proposals being added to the spec.Here's another attempt to describe the issue: The "New function proposal" got incorporated as a full cut and past into the document. I basically has 3 separate pieces: 1) The new structures (CK_INTERFACES and CK_FUNCTION_LISTS). Those have been incorporated in the correct point in the document, no changes there. 2) The descripton of the C_GetFunctionLists function. This runs
from "C_GetFunctionLists(" to the end of the spec (ending at "...
is only an example."), Excluding the <NOTE:....>. Moving
this to just behind the C_GetFunctionList and formatting properly
should be sufficient. There are bugs in this text which I will
point out in additional bullets. 3) <NOTE:...> is a note that section 2.5.2 of the pkcs11
User Guide (pkc11-ug) needs to be updated to point to the change
in semanatics id the CKF_FORK_SAFE_INTERFACE is defined. For this
spec it can be removed. Also the proposal implies: Âa. a new function table type: CK_FUNCTION_LIST_3_0 (there's a
bug in the proposal and it calls it CK_FUNCTION_LIST_2_42, but
that was a typo). That list should have all the functions in
CK_FUNCTION_LIST, plus all the new functions we added in 3.0. The
new functions should be at the end of the list. Those function are
C_GetFunctionLists, C_LoginUser,
C_MessageEncryptInit().....C_MessageVerifyFinal(). b. C_GetFunctionLists need to be added to the list of function in table 30. 2. CK_FUNCTION_LIST should not have the new v3.0 functions in it. The new functions should be added to a new CK_FUNCTION_LIST_3_0, and they should be added at the end.This is a C struct, so order matters from a compatibility point of view. 3. The original "New function proposal" is had some errors which were incorporated in this spec:a. CK_FUNCTION_LIST_2_42 should be CK_FUNCTION_LIST_3_0. b. C_LoginUser() should be added to the list of function between
C_GetFunctionLists and C_MessageEncryptInit(). 4. Typo:CKO_PRIFILE should be CKO_PROFILE in section 4.13.25. The heading for C_MessageEncryptFile has Message and Encrypt transposed.6. C_MessageSign* and C_MessageVerify* are missing from the body of the spec.7. Source Spec AEAD message was an older draft and missing an
update the the C_*Next functions, namely adding a parameter
pointers to the Next functions. The draft with these changes can
be found here:Â
https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60200/AEAD_proposal.docÂ
The changes are marked in the document with change bars, so it
should be relatively simple to pick up.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]