[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Review of IKE (section 2.64)
In 2.64.2 in CK_IKE2_PRF_PLUS_DERIVE_PARAMS: SeedData should be pSeedData(it's correct in the header file and in the description below and the original proposal).
In section 2.64.6, the follow paragraph is missing from both the original proposal and the spec. (I think it was found after the proposal)
If CKA_VALUE_LEN is less then or equal to the prf length and bHasKeygxy is FALSE, then the new key is simply the base key truncated to CKA_VALUE_LEN (specified in RFC2409 appendix B). Otherwise the prf below is executed and the derived keys value is CKA_VALUE_LEN bytes of the resulting prf.
bob
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]