[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: stackoverflow question: CKA_VALUE_LEN attribute and Unwrap key
All, maybe you’ve seen this already, if not have a look:
https://crypto.stackexchange.com/questions/86011/pkcs11-cka-value-len-attribute-and-unwrap-key The inquirer seems to be right. If an AES key is wrapped with a mechanisms employing zero-padding (which is not only AES-ECB or CBC but also CKM_RSA_X_509 or BLOWFISH-CBC) the unwrapped key might contain zeros. The question
is how an implementation should proceed now: try to figure out if the AES key has 128, 192 or 256 bits by removing as many zeros as possible (from the end where padding took place during wrap) and rounding up to 128, 192, 256 bits again? Or requiring CKA_VALUE_LEN? Requiring CKA_VALUE_LEN would violate footnote 6 in table 70. Maybe this footnote is just wrong here? There is no footnote with the meaning “must only be given if padding does not encode original length information”… Regards, Daniel Utimaco IS GmbH Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com Seat: Aachen – Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 496 Managementboard: Stefan Auerbach (Chairman) CEO, Malte Pollmann CSO, Martin Stamm CFO This communication is confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Please inform us immediately and destroy the email. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]