Thanks for the reply. I've captured the issue here: https://github.com/opendnssec/SoftHSMv2/issues/280
On Thu, Jan 12, 2017 at 2:23 AM Roland van Rijswijk - Deij < roland.vanrijsw...@surfnet.nl> wrote: > Hi Dave, > > Dave Fine wrote: > > I have a question regarding something I saw in C_GetMechanismInfo() in > > the SoftHSMv2 code. In this function, I see that the min and max key > > sizes are set to 0 for all of the SHA HMAC functions (see here: > > > https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/SoftHSM.cpp#L857 > ). > > I find this odd, because the HMAC algorithm requires a key size greater > > than zero to use properly. Is there a reason why the Mechanism Info key > > size fields are not set to 20 for CKM_SHA_1_HMAC, 28 for > > CKM_SHA224_HMAC, 32 for CKM_SHA256_HMAC, etc ? > > The short answer: probably because we did not focus specifically on > implementing these mechanisms, but rather they are there to satisfy > compatibility tests. > > Can I ask you to open an issue for this via GitHub? If you do this > yourself you will receive notifications of responses and (if required) > updates to the code. Thanks! (if you do not wish to do this, let me > know, and I will open the issue for you) > > https://github.com/opendnssec/SoftHSMv2/issues > > Cheers, > > Roland > > -- > -- Roland M. van Rijswijk - Deij > -- SURFnet bv > -- w: http://www.surf.nl/en/about-surf/subsidiaries/surfnet > -- e: roland.vanrijsw...@surfnet.nl >
_______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
