1730767 – JSS: Wrap NSS CMAC + KDF implementations

Bug 1730767 - JSS: Wrap NSS CMAC + KDF implementations

Summary: JSS: Wrap NSS CMAC + KDF implementations

Keywords:
Status:	ASSIGNED
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	jss
Sub Component:
Version:	8.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	8.2
Assignee:	Alex Scheel
QA Contact:	PKI QE
Docs Contact:
URL:
Whiteboard:
Depends On:	1730765
Blocks:	1730769
TreeView+	depends on / blocked

Reported:	2019-07-17 14:53 UTC by Alex Scheel
Modified:	2020-02-12 21:51 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	Bug
Target Upstream Version:
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Comment 3 Alex Scheel 2019-10-29 15:12:26 UTC

CMAC is checked into upstream, release v4.6.2+:

> commit bf65e0f80fc0ac0349f888860035d7b95117df25
> Author: Alexander Scheel <ascheel@redhat.com>
> Date:   Wed Sep 25 12:09:06 2019 -0400
> 
>     Add tests for CMAC via JSS Provider
>     
>     These tests are from NIST's Examples with Intermediate Values page:
>     https://csrc.nist.gov/projects/cryptographic-standards-and-guidelines/example-values
>     
>     Signed-off-by: Alexander Scheel <ascheel@redhat.com>
> 
> commit 69cefe1ef489ff498750fe78cb112c94ee5d85b5
> Author: Alexander Scheel <ascheel@redhat.com>
> Date:   Wed Sep 18 14:06:30 2019 -0400
> 
>     Add CMAC algorithm to JSSProvider
>     
>     CMAC is a form of MAC that utilizes a block cipher instead of a hash
>     function. Support for CMAC via PKCS#11 was recently introduced to NSS
>     allowing us to add support for it here.
>     
>     Related: https://bugzilla.mozilla.org/show_bug.cgi?id=1570501
>     
>     Signed-off-by: Alexander Scheel <ascheel@redhat.com>

Note You need to log in before you can comment on or make changes to this bug.