Searched hist:c30337082546dc37283ff83f727252f860acb4aa (Results 1 – 1 of 1) sorted by relevance
| /optee_os/ta/pkcs11/src/ |
| H A D | pkcs11_attributes.c | c30337082546dc37283ff83f727252f860acb4aa Tue Feb 23 09:24:53 UTC 2021 Ruchika Gupta <ruchika.gupta@linaro.org> ta: pkcs11: Forbid derivation by encryption from AES encryption keys
Enforce that AES keys should not be allowed for both 'derivation by
encryption' and ciphering. This is not explicitly mentioned in
the PKCS#11 specifications v2.4 and v3.0 but is essential to avoid
attacks where derived key can be revealed by doing data encryption
using parent key.
Suggested-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
|