Hi,
I have a problem with the PKCS11 test sign_and_verify for CKM_SHA256_HMAC_GENERAL. the C_Verify function fails with Invalid Signature. In fact, the function C_Verify uses the GlobalPlatoform function TEE_MACCompareFinal to compute the MAC and compare with the one provided in argument.
However with the CKM_SHA256_HMAC_GENERAL mechanism, the truncated MAC is provided to the TEE_MACCompareFinal which cause a failure because calculated MAC and the truncated MAC will be different.
Is this a problem in the test or am I missing something ?
Thank you very much.
Hi,
I have a problem with the PKCS11 test sign_and_verify for CKM_SHA256_HMAC_GENERAL. the C_Verify function fails with Invalid Signature. In fact, the function C_Verify uses the GlobalPlatoform function TEE_MACCompareFinal to compute the MAC and compare with the one provided in argument.
However with the CKM_SHA256_HMAC_GENERAL mechanism, the truncated MAC is provided to the TEE_MACCompareFinal which cause a failure because calculated MAC and the truncated MAC will be different.
Is this a problem in the test or am I missing something ?
Thank you very much.