RE: [pkcs11] Async Proposal

Hi Jonathan,

Thank you for your proposal for asynchronous operations. I have summarized below my comments/questions an those of some colleague in R&D. For easy reference to your proposal, I have introduced every comment with “enum” and the numbered item in your proposal.

Best regards,

Dieter

Enum 1

Should we add some wording about behavior during session setup in case 1) application supports async operations but provider does not, and 2) application does not support async operations but provider does?

Enum 5

Please add typedef for CK_ASYNC_DATA_PTR*

Enum 6

My understanding is that it is possible to start multiple async operations for different functions, e.g. one key generation (e.g. RSA 16 kbit) and one signature creation (e.g. SPHINCS+), while encrypting data as synchronous operations. But it is not possible multiple to start multiple async operations for the same functions, e.g. one RSA key generation and one SPHINCS+ key generation, or multiple RSA key generations. Correct?
Question goes to the TC: is that a relevant limitation? Multiple key generations could be handled by independent threads of an applications, each opening their own session. Should we add some wording about such multi-threaded approach?

From: pkcs11@lists.oasis-open.org <pkcs11@lists.oasis-open.org> On Behalf Of Jonathan Schulze-Hewett
Sent: Thursday, July 7, 2022 9:37 PM
To: pkcs11@lists.oasis-open.org
Subject: [pkcs11] Async Proposal (WARNING!!! S/MIME with incorrect signature)

Hi TC,

Attached is my attempt at adding support for asynchronous operations to PKCS#11.

Sincerely,

Jonathan

Jonathan Schulze-Hewett

Director of Development

Information Security Corp

708-445-1704 (o) | 708-822-2926 (m)

schulze-hewett@infoseccorp.com

pkcs11 message