Cryptoki: a cryptographic Token Interface
Download 360.55 Kb.
|
pkcs11-base-v2.40-cos01
- Navigate this page:
- 11.7. KEA mechanisms
11.6. KEA mechanism parametersCK_KEA_DERIVE_PARAMS; CK_KEA_DERIVE_PARAMS_PTRCK_KEA_DERIVE_PARAMS is a structure that provides the parameters to the CKM_KEA_DERIVE mechanism. It is defined as follows: typedef struct CK_KEA_DERIVE_PARAMS { CK_BBOOL isSender; CK_ULONG ulRandomLen; CK_BYTE_PTR pRandomA; CK_BYTE_PTR pRandomB; CK_ULONG ulPublicDataLen; CK_BYTE_PTR pPublicData; } CK_KEA_DERIVE_PARAMS; The fields of the structure have the following meanings: isSender Option for generating the key (called a TEK). The value is TRUE if the sender (originator) generates the TEK, FALSE if the recipient is regenerating the TEK. ulRandomLen size of random Ra and Rb, in bytes pRandomA pointer to Ra data pRandomB pointer to Rb data ulPublicDataLen other party’s KEA public key size pPublicData pointer to other party’s KEA public key value CK_KEA_DERIVE_PARAMS_PTR is a pointer to a CK_KEA_DERIVE_PARAMS. 11.7. KEA mechanisms11.7.1. KEA key pair generationThe KEA key pair generation mechanism, denoted CKM_KEA_KEY_PAIR_GEN, is a key pair generation mechanism It does not have a parameter. The mechanism generates KEA public/private key pairs with a particular prime, subprime and base, as specified in the CKA_PRIME, CKA_SUBPRIME, and CKA_BASE attributes of the template for the public key. Note that this version of Cryptoki does not include a mechanism for generating these KEA parameters. The mechanism contributes the CKA_CLASS, CKA_KEY_TYPE and CKA_VALUE attributes to the new public key and the CKA_CLASS, CKA_KEY_TYPE, CKA_PRIME, CKA_SUBPRIME, CKA_BASE, and CKA_VALUE attributes to the new private key. Other attributes supported by the KEA public and private key types (specifically, the flags indicating which functions the keys support) may also be specified in the templates for the keys, or else are assigned default initial values. For this mechanism, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure specify the supported range of KEA prime sizes, in bits. Download 360.55 Kb. Share with your friends:
|