PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
Data Fields | |
| CK_CHAR_PTR | pInitVector |
| pointer to the location that receives the 8-byte initialization vector (IV);. More... | |
| CK_CHAR_PTR | pPassword |
| points to the password to be used in the PBE key generation;. More... | |
| CK_ULONG | ulPasswordLen |
| length in bytes of the password information;. More... | |
| CK_CHAR_PTR | pSalt |
| points to the salt to be used in the PBE key generation;. More... | |
| CK_ULONG | ulSaltLen |
| CK_ULONG | ulIteration |
| pInitVector | pointer to the location that receives the 8-byte initialization vector (IV); |
| pPassword | points to the password to be used in the PBE key generation; |
| ulPasswordLen | length in bytes of the password information; |
| pSalt | points to the salt to be used in the PBE key generation; |
| usSaltLen | length in bytes of the salt information; |
| usIteration | number of iterations required for the generation. CK_PBE_PARAMS_PTR |
CK_PBE_PARAMS_PTR points to a CK_PBE_PARAMS structure. It is implementation-dependent.
Password-based encryption mechanisms
MD2-PBE for DES-CBC
MD2-PBE for DES-CBC, denoted CKM_PBE_MD2_DES_CBC, is a mechanism used for generating a DES secret key and an initialization vector by using a password and a salt value and the MD2 digest algorithm. This functionality is defined in PKCS#5.
It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process and the location of the application-supplied buffer which will receive the 8-byte IV generated by the mechanism.
MD5-PBE for DES-CBC
MD5-PBE for DES-CBC, denoted CKM_PBE_MD5_DES_CBC, is a mechanism used for generating a DES secret key and an initialization vector by using a password and a salt value and the MD5 digest algorithm. This functionality is defined in PKCS#5.
It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process and the location of the application-supplied buffer which will receive the 8-byte IV generated by the mechanism.
MD5-PBE for CAST-CBC
MD5-PBE for CAST-CBC, denoted CKM_PBE_MD5_CAST_CBC, is a mechanism used for generating a CAST secret key and an initialization vector by using a password and a salt value and the MD5 digest algorithm. This functionality is essentially that defined in PKCS#5.
It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process and the location of the application-supplied buffer which will receive the 8-byte IV generated by the mechanism.
The CAST key generated by this mechanism is 8 bytes long.
MD5-PBE for CAST3-CBC
MD5-PBE for CAST3-CBC, denoted CKM_PBE_MD5_CAST3_CBC, is a mechanism used for generating a CAST3 secret key and an initialization vector by using a password and a salt value and the MD5 digest algorithm. This functionality is essentially that defined in PKCS#5.
It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process and the location of the application-supplied buffer which will receive the 8-byte IV generated by the mechanism.
The CAST3 key generated by this mechanism is 8 bytes long.
MD5-PBE for CAST5-CBC
MD5-PBE for CAST5-CBC, denoted CKM_PBE_MD5_CAST5_CBC, is a mechanism used for generating a CAST5 secret key and an initialization vector by using a password and a salt value and the MD5 digest algorithm. This functionality is essentially that defined in PKCS#5.
It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process and the location of the application-supplied buffer which will receive the 8-byte IV generated by the mechanism.
The CAST5 key generated by this mechanism is 8 bytes long.
SET mechanism parameters
|
|
pointer to the location that receives the 8-byte initialization vector (IV);. |
|
|
points to the password to be used in the PBE key generation;. |
|
|
length in bytes of the password information;. |
|
|
points to the salt to be used in the PBE key generation;. |