Cryptoki: a cryptographic Token Interface
SHA-1-PBE for 128-bit RC4
Download 360.55 Kb.
|
pkcs11-base-v2.40-cos01
- Navigate this page:
- 11.30.2. SHA-1-PBE for 40-bit RC4
- 11.30.3. SHA-1-PBE for 3-key triple-DES-CBC
11.30.1. SHA-1-PBE for 128-bit RC4SHA-1-PBE for 128-bit RC4, denoted CKM_PBE_SHA1_RC4_128, is a mechanism used for generating a 128-bit RC4 secret key from a password and a salt value by using the SHA-1 digest algorithm and an iteration count. The method used to generate the key is described above on page 251. It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process. The parameter also has a field to hold the location of an application-supplied buffer which will receive an IV; for this mechanism, the contents of this field are ignored, since RC4 does not require an IV. The key produced by this mechanism will typically be used for performing password-based encryption. 11.30.2. SHA-1-PBE for 40-bit RC4SHA-1-PBE for 40-bit RC4, denoted CKM_PBE_SHA1_RC4_40, is a mechanism used for generating a 40-bit RC4 secret key from a password and a salt value by using the SHA-1 digest algorithm and an iteration count. The method used to generate the key is described above on page 251. It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process. The parameter also has a field to hold the location of an application-supplied buffer which will receive an IV; for this mechanism, the contents of this field are ignored, since RC4 does not require an IV. The key produced by this mechanism will typically be used for performing password-based encryption. 11.30.3. SHA-1-PBE for 3-key triple-DES-CBCSHA-1-PBE for 3-key triple-DES-CBC, denoted CKM_PBE_SHA1_DES3_EDE_CBC, is a mechanism used for generating a 3-key triple-DES secret key and IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count. The method used to generate the key and IV is described above on page 251. Each byte of the key produced will have its low-order bit adjusted, if necessary, so that a valid 3-key triple-DES key with proper parity bits is obtained. It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process and the location of the application-supplied buffer which will receive the 8-byte IV generated by the mechanism. The key and IV produced by this mechanism will typically be used for performing password-based encryption. Download 360.55 Kb. Share with your friends:
|