SHA-1-PBE for 40-bit RC2-CBC

SHA-1-PBE for 40-bit RC2-CBC, denoted CKM_PBE_SHA1_RC2_40_CBC, is a mechanism used for generating a 40-bit RC2 secret key and IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count. The method used to generate the key and IV is described above.

It has a parameter, a CK_PBE_PARAMS structure. The parameter specifies the input information for the key generation process and the location of the application-supplied buffer which will receive the 8-byte IV generated by the mechanism.

When the key and IV generated by this mechanism are used to encrypt or decrypt, the effective number of bits in the RC2 search space should be set to 40. This ensures compatibility with the ASN.1 Object Identifier pbeWithSHA1And40BitRC2-CBC.

The key and IV produced by this mechanism will typically be used for performing password-based encryption.

RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v220