PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
The CT-KIP signature (MAC) mechanism, denoted CKM_KIP_MAC, is a mechanism used to produce a message authentication code of arbitrary length. The keys it uses are secret keys.
It takes a parameter of type CK_KIP_PARAMS, which allows for the passing of the desired underlying cryptographic mechanism as well as some other data. The mechanism does not make use of the pSeed and the ulSeedLen parameters of CT_KIP_PARAMS.
This mechanism produces a MAC of the length specified by pulSignatureLen parameter in calls to C_Sign.
If a call to C_Sign with this mechanism fails, then no output will be generated.