Cryptoki: a cryptographic Token Interface



Download 360.55 Kb.
Page135/196
Date22.12.2023
Size360.55 Kb.
#63026
1   ...   131   132   133   134   135   136   137   138   ...   196
v201-95
pkcs11-base-v2.40-cos01
Input length

Output length

Comments

C_Sign

RSA private key

any

k

block type 01

C_Verify

RSA public key

any, k2

N/A

block type 01

2 Data length, signature length.
For these mechanisms, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure specify the supported range of RSA modulus sizes, in bits.

11.2. DSA mechanisms

11.2.1. DSA key pair generation


The DSA key pair generation mechanism, denoted CKM_DSA_KEY_PAIR_GEN, is a key pair generation mechanism based on the Digital Signature Algorithm defined in FIPS PUB 186.
This mechanism does not have a parameter.
The mechanism generates DSA public/private key pairs with a particular prime, subprime and base, as specified in the CKA_PRIME, CKA_SUBPRIME, and CKA_BASE attributes of the template for the public key. Note that this version of Cryptoki does not include a mechanism for generating these DSA parameters.
The mechanism contributes the CKA_CLASS, CKA_KEY_TYPE, and CKA_VALUE attributes to the new public key and the CKA_CLASS, CKA_KEY_TYPE, CKA_PRIME, CKA_SUBPRIME, CKA_BASE, and CKA_VALUE attributes to the new private key. Other attributes supported by the DSA public and private key types (specifically, the flags indicating which functions the keys support) may also be specified in the templates for the keys, or else are assigned default initial values.
For this mechanism, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure specify the supported range of DSA prime sizes, in bits.

Download 360.55 Kb.

Share with your friends:
1   ...   131   132   133   134   135   136   137   138   ...   196



The database is protected by copyright ©ininet.org 2024
send message

    Main page
project coordinator