Nelson B Bolyard wrote:
Graham Leggett wrote, On 2008-09-06 12:51:
I think a big source of confusion is that everything is an OID, or
everything is a mechanism, but not all OID or mechanisms are relevant
for every situation, and this isn't clear from each function call.
I think this
Graham Leggett wrote:
Completeness I guess - xml-security's API allowed you to choose both
CBC and ECB modes, so I was trying to emulate the same thing.
The only mechanism that I cannot find an oid for is CKM_DES3_ECB - do
you know which SEC_OID_* macro I should be using?
The PK11_Mechanis
Nelson B Bolyard wrote:
I think this may only be true because of the involvement of PKCS5v2.
If PKCS5v2 was not part of the problem space, I would have said that
there was no need to use OIDs at all, none whatsoever. I would have
said that PK11_ interfaces exist that can do everything you need
Wan-Teh Chang wrote:
I don't know either. Does anyone know?
Does the lack of a SECOidTag for CKM_DES3_ECB prevent
you from using some NSS functionality?
I did some web searches for the OID. The OID for DES-EDE is
"1.3.14.3.2.17":
http://www.alvestrand.no/objectid/1.3.14.3.2.17.html
But I'm
Graham Leggett wrote, On 2008-09-06 12:51:
> I think a big source of confusion is that everything is an OID, or
> everything is a mechanism, but not all OID or mechanisms are relevant
> for every situation, and this isn't clear from each function call.
I think this may only be true because of t
2008/9/6 Graham Leggett <[EMAIL PROTECTED]>:
>
> Hmmm - I spent last weekend going through the PKCS #11 standard, which
> defines an API that seems different to the PK11_CipherOp and friends that I
> was seeing in the examples.
Right. Each crypto module exports the PKCS #11 API, with function nam
Wan-Teh Chang wrote:
For questions like this, you can sometimes find the answers in
the PKCS #11 standard.
Searching for the string "CKM_AES_ECB" in PKCS #11 v2.20,
I found Section 12.12.4 AES-ECB on page 270, and its Table
86 shows that for C_Encrypt, the input must be a multiple of
block size
2008/9/6 Graham Leggett <[EMAIL PROTECTED]>:
> Hi all,
>
> Using PK11_GetPadMechanism(), and passing it a cipher mechanism, it as I
> understand returns a variation of the mechanism capable of supporting
> padding.
>
> Is this understanding correct?
>
> I have noticed that when CKM_AES_ECB is passe
Hi all,
Using PK11_GetPadMechanism(), and passing it a cipher mechanism, it as I
understand returns a variation of the mechanism capable of supporting
padding.
Is this understanding correct?
I have noticed that when CKM_AES_ECB is passed to PK11_GetPadMechanism,
I get the same mechanism in
9 matches
Mail list logo