DDS-SECURITY 1.2 RTF Avatar
  1. OMG Issue

DDSSEC12 — Clarify meaning of "bit array" and specify number of constant bytes in HMAC input when computing SessionKey

Open Closed All
  • Key: DDSSEC12-53
  • Status: open  
  • Source: Object Computing, Inc. - OCI ( Mr. Adam Mitz)
  • Summary:

    The string literal "SessionKey" (and "SessionReceiverKey") is used without additional context as part of the binary input to HMAC. Add to this section that the ASCII encoding of "SessionKey" without a nul terminator is required.

    Section 9.3.3.3.2 talks about a "bit array" type, clarify what that is.
  • Reported: DDS-SECURITY 1.1b1 — Wed, 11 Apr 2018 18:07 GMT
  • Updated: Mon, 25 Mar 2024 15:55 GMT