DDS-SECURITY 1.2 RTF Avatar
  1. OMG Issue

DDSSEC12 — Clarify meaning of "bit array" and specify number of constant bytes in HMAC input when computing SessionKey

  • Key: DDSSEC12-53
  • Status: closed  
  • Source: Object Computing, Inc. - OCI ( Mr. Adam Mitz)
  • Summary:

    The string literal "SessionKey" (and "SessionReceiverKey") is used without additional context as part of the binary input to HMAC. Add to this section that the ASCII encoding of "SessionKey" without a nul terminator is required.

    Section 9.3.3.3.2 talks about a "bit array" type, clarify what that is.

  • Reported: DDS-SECURITY 1.1b1 — Wed, 11 Apr 2018 18:07 GMT
  • Disposition: Resolved — DDS-SECURITY 1.2
  • Disposition Summary:

    Change "bit array" to "octet array" and clarify string concatenation in 9.5.3.3.3

    Add clarification regarding how the strings are concatenated to create teh input to the HMAC256 functions

  • Updated: Mon, 17 Jun 2024 13:36 GMT