Cryptoki: a cryptographic Token Interface


SHA-1-PBE for 128-bit RC4



Download 360.55 Kb.
Page179/196
Date22.12.2023
Size360.55 Kb.
#63026
1   ...   175   176   177   178   179   180   181   182   ...   196
v201-95
pkcs11-base-v2.40-cos01

11.30.1. SHA-1-PBE for 128-bit RC4


SHA-1-PBE for 128-bit RC4, denoted CKM_PBE_SHA1_RC4_128, is a mechanism used for generating a 128-bit RC4 secret key from a password and a salt value by using the SHA-1 digest algorithm and an iteration count. The method used to generate the key is described above on page 251.
It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process. The parameter also has a field to hold the location of an application-supplied buffer which will receive an IV; for this mechanism, the contents of this field are ignored, since RC4 does not require an IV.
The key produced by this mechanism will typically be used for performing password-based encryption.

11.30.2. SHA-1-PBE for 40-bit RC4


SHA-1-PBE for 40-bit RC4, denoted CKM_PBE_SHA1_RC4_40, is a mechanism used for generating a 40-bit RC4 secret key from a password and a salt value by using the SHA-1 digest algorithm and an iteration count. The method used to generate the key is described above on page 251.
It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process. The parameter also has a field to hold the location of an application-supplied buffer which will receive an IV; for this mechanism, the contents of this field are ignored, since RC4 does not require an IV.
The key produced by this mechanism will typically be used for performing password-based encryption.

11.30.3. SHA-1-PBE for 3-key triple-DES-CBC


SHA-1-PBE for 3-key triple-DES-CBC, denoted CKM_PBE_SHA1_DES3_EDE_CBC, is a mechanism used for generating a 3-key triple-DES secret key and IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count. The method used to generate the key and IV is described above on page 251. Each byte of the key produced will have its low-order bit adjusted, if necessary, so that a valid 3-key triple-DES key with proper parity bits is obtained.
It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process and the location of the application-supplied buffer which will receive the 8-byte IV generated by the mechanism.
The key and IV produced by this mechanism will typically be used for performing password-based encryption.

Download 360.55 Kb.

Share with your friends:
1   ...   175   176   177   178   179   180   181   182   ...   196




The database is protected by copyright ©ininet.org 2024
send message

    Main page