Changes related to key regeneration
-
Key: DDSSEC13-84
-
Status: open
-
Source: Real-Time Innovations ( Dr. Gerardo Pardo-Castellote, Ph.D.)
-
Summary:
Use of CryptoTransformKeyRevisionIntHolder alias in operation parameters
The DDS Security Specification 1.2 defines the CryptoTransformKeyRevisionIntHolder type as:
typedef int32 CryptoTransformKeyRevisionIntHolder;
The SPIs should use this type consistently where appropriate.
For example, activate_key_revision SPI uses CryptoTransformKeyRevisionIntHolder to type its key_revision parameter. However, the key_revision parameter of create_local_datawriter_crypto_tokens, create_local_datareader_crypto_tokens and create_local_datareader_crypto_tokens is an int32.This should be changed so all these operations use CryptoTransformKeyRevisionIntHolder
Clarify section “9.8.10.2 Key Exchange with remote DataReader
The description in page 182 should clarify that that the participant can call create_local_datawriter_crypto_tokens multiple times (to get a crypto token sequence for different revisions).
-
Reported: DDS-SECURITY 1.2 — Thu, 10 Oct 2024 19:00 GMT
-
Updated: Thu, 21 Nov 2024 13:21 GMT