PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
HOTP secret key objects (object class CKO_OTP_KEY, key type CKK_HOTP) hold generic secret keys and associated counter values.
The CKA_OTP_COUNTER value may be set at key generation; however, some tokens may set it to a fixed initial value. Depending on the token's security policy, this value may not be modified and/or may not be revealed if the object has its CKA_SENSITIVE attribute set to CK_TRUE or its CKA_EXTRACTABLE attribute set to CK_FALSE.
For HOTP keys, the CKA_OTP_COUNTER value shall be an 8 bytes unsigned integer in big endian (i.e. network byte order) form. The same holds true for a CK_OTP_COUNTER value in a CK_OTP_PARAM structure.
The following is a sample template for creating a HOTP secret key object:
CK_OBJECT_CLASS class = CKO_OTP_KEY; CK_KEY_TYPE keyType = CKK_HOTP; CK_UTF8CHAR label[] = "HOTP secret key object"; CK_BYTE keyId[]= {...}; CK_ULONG outputFormat = CK_OTP_FORMAT_DECIMAL; CK_ULONG outputLength = 6; CK_DATE endDate = {...}; CK_BYTE counterValue[8] = {0}; CK_BYTE value[] = {...}; CK_BBOOL true = CK_TRUE; CK_ATTRIBUTE template[] = { {CKA_CLASS, &class, sizeof(class)}, {CKA_KEY_TYPE, &keyType, sizeof(keyType)}, {CKA_END_DATE, &endDate, sizeof(endDate)}, {CKA_TOKEN, &true, sizeof(true)}, {CKA_SENSITIVE, &true, sizeof(true)}, {CKA_LABEL, label, sizeof(label)-1}, {CKA_SIGN, &true, sizeof(true)}, {CKA_VERIFY, &true, sizeof(true)}, {CKA_ID, keyId, sizeof(keyId)}, {CKA_OTP_FORMAT, &outputFormat, sizeof(outputFormat)}, {CKA_OTP_LENGTH, &outputLength, sizeof(outputLength)}, {CKA_OTP_COUNTER, counterValue, sizeof(counterValue)}, {CKA_VALUE, value, sizeof(value)} };
The HOTP key generation mechanism, denoted CKM_HOTP_KEY_GEN, is a key generation mechanism for the HOTP algorithm.
It does not have a parameter.
The mechanism generates HOTP keys with a particular set of attributes as specified in the template for the key.
The mechanism contributes at least the CKA_CLASS, CKA_KEY_TYPE, CKA_OTP_COUNTER, CKA_VALUE and CKA_VALUE_LEN attributes to the new key. Other attributes supported by the HOTP key type may be specified in the template for the key, or else are assigned default initial values.
For this mechanism, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure specify the supported range of HOTP key sizes, in bytes.
CKM_HOTP is the mechanism for the retrieval and verification of HOTP OTP values based on the current internal counter, or a provided counter.
The mechanism takes a pointer to a CK_OTP_PARAMS structure as a parameter.
As for the CKM_SECURID mechanism, when signing or verifying using the CKM_HOTP mechanism, pData shall be set to NULL_PTR and ulDataLen shall be set to 0.
For verify operations, the counter value CK_OTP_COUNTER must be provided as a CK_OTP_PARAM parameter to C_VerifyInit. When verifying an OTP value using the CKM_HOTP mechanism, pSignature shall be set to the OTP value itself, e.g. the value of the CK_OTP_VALUE component of a CK_OTP_PARAMS structure in the case of an earlier call to C_Sign.