Hi Dave, Dave Fine wrote: > I have a question regarding something I saw in C_GetMechanismInfo() in > the SoftHSMv2 code. In this function, I see that the min and max key > sizes are set to 0 for all of the SHA HMAC functions (see here: > https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L857). > I find this odd, because the HMAC algorithm requires a key size greater > than zero to use properly. Is there a reason why the Mechanism Info key > size fields are not set to 20 for CKM_SHA_1_HMAC, 28 for > CKM_SHA224_HMAC, 32 for CKM_SHA256_HMAC, etc ?
The short answer: probably because we did not focus specifically on implementing these mechanisms, but rather they are there to satisfy compatibility tests. Can I ask you to open an issue for this via GitHub? If you do this yourself you will receive notifications of responses and (if required) updates to the code. Thanks! (if you do not wish to do this, let me know, and I will open the issue for you) https://github.com/opendnssec/SoftHSMv2/issues Cheers, Roland -- -- Roland M. van Rijswijk - Deij -- SURFnet bv -- w: http://www.surf.nl/en/about-surf/subsidiaries/surfnet -- e: [email protected] _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
