50 likes | 105 Views
Proposals. BF, TF, DES OFB and CFB Mechanism, Token, Session Objects etc. Derive key by encryption of data KCVs PKCS #11 module management Auth objects & ACLs C_ReEncrypt Attribute template inheritance. Clarifications. resolve CKA_KEY_TYPE contradiction Delphi header files
E N D
Proposals • BF, TF, DES OFB and CFB • Mechanism, Token, Session Objects etc. • Derive key by encryption of data • KCVs • PKCS #11 module management • Auth objects & ACLs • C_ReEncrypt • Attribute template inheritance
Clarifications • resolve CKA_KEY_TYPE contradiction • Delphi header files • non-MS developer tools • key generation for HMAC • Domain parameters relevance to key-pair gen • C_CopyObject – CKM_MODIFIABLE change constraints
Other Issues • Document Re-org
Auth Objects & ACLs K CKA_CLASS=CKO_SECRET_KEY CKA_KEY_TYPE=CKK_DES2 CKA_UNWRAP=1 CKA_ACL= enc,U1 dec,0 sign,U2 modify=SO U1 CKA_CLASS=CKO_AUTHENTICATION CKA_AUTH_TYPE=CKAT_PIN CKA_VALUE=***** CKA_AUTHENTICATED=0 CKA_ACL= modify=so U2 CKA_CLASS=CKO_AUTHENTICATION CKA_AUTH_TYPE=CKAT_PIN CKA_VALUE=***** CKA_AUTHENTICATED=0 CKA_COUNT=1 CKA_ACL= modify=so SO CKA_CLASS=CKO_AUTHENTICATION CKA_AUTH_TYPE=CKAT_PIN CKA_VALUE=***** CKA_AUTHENTICATED=0 CKA_ACL= modify=so AclSet ::= Sequence { Acl ::= Sequence { AccessType ::= INTEGER AclValue ::= ObjectHandle } }
Attribute Template Inheritence MK CKA_CLASS=CKO_SECRET_KEY CKA_KEY_TYPE=CKK_DES2 CKA_UNWRAP=1 CKK_ATTR_MASK= CKA_KEY_TYPE=CKK_DES CKA_SENSITIVE=1 CKA_ENCRYPT=1 CKA_UNWRAP=0 C_UnWrapKey(MK,…) User attribute template CKA_SIGN=1 or CKA_ UNWRAP =1 X K CKA_CLASS=CKO_SECRET_KEY CKA_KEY_TYPE=CKK_DES CKA_SENSITIVE=1 CKA_ENCRYPT=1 CKA_UNWRAP=0 + CKA_SIGN=1 AttrSet ::= Sequence { AttrSet ::= Sequence { AttrType ::= INTEGER AttrValue ::= OCTET STRING } }