5869 Need AES CMAC support in KCF+PKCS11

Review Request #445 - Created April 25, 2017 and updated

Information
Jason King
illumos-gate
5869
Reviewers
general
mbarden

5869 Need AES CMAC support in KCF+PKCS11. From Matt Barden matt.barden@nexenta.com

Ran test suite and was successful for all implemented modes (userland CCM and GCM modes are not yet implemented, so they failed with CKR_MECHANISM_INVALID as expected).

Issues

  • 3
  • 42
  • 4
  • 49
Description From Last Updated
I have not reviewed that this correctly implements the RFC algorithm. I'd appreciate getting someone else to do that. Robert Mustacchi Robert Mustacchi
Hi, perhaps condense the duplication of the if-block and else-block's last three statements? Or perhaps to align explicitly with the ... C Fraire C Fraire
Maybe this comment goes better with the XOR below since the next two lines are strictly concerning K2 from K1? C Fraire C Fraire
Jason King
Jason King
Robert Mustacchi
Robert Mustacchi
Robert Mustacchi
Jason King
Robert Mustacchi
Dan McDonald
Robert Mustacchi
Dan McDonald
C Fraire
Robert Mustacchi
Robert Mustacchi

Thanks for fixing that. The updated assert looks right.

Dan McDonald
Ship It!
Loading...