SHA-3 Mechanisms
This section describes the PKCS#11 interface to the SHA-3 mechanisms in the HSM firmware for the digest bit lengths of 224, 256, 384 and 512.
NOTE This feature requires minimum firmware version 7.4.2 and client version 10.2 (or a patched client 7.4). See Version Dependencies by Feature for more information.
>Signature/Verification Mechanisms
>Key Derivation Function (KDF) Mechanisms
Digest Mechanisms
Mechanism Type | Description |
---|---|
SHA-3 |
The following mechanisms for performing a SHA-3 hash have been added: >CKM_SHA3_224 >CKM_SHA3_256 >CKM_SHA3_384 >CKM_SHA3_512 |
SHAKE |
The following mechanisms for performing a SHAKE XOF have been added: >CKM_SHAKE_128 >CKM_SHAKE_256 These mechanisms require a CK_SHAKE_PARAMS mechanism parameters structure defined as follows:
typedef struct CK_SHAKE_PARAMS {
CK_ULONG ulOutputLen;
} CK_SHAKE_PARAMS
The output length of the digest can be specified using the ulOutputLen field with a maximum value of 2048. |
KECCAK |
There are variants of the SHA-3 mechanisms that are included for compatibility with implementations that preceded the publication of FIPS PUB 202 where there is a difference in a single padding byte. These mechanisms are: >CKM_KECCAK_224 >CKM_KECCAK_256 >CKM_KECCAK_384 >CKM_KECCAK_512 |
HMAC Mechanisms
The following mechanisms for performing an HMAC with SHA-3 have been added:
>CKM_SHA3_224_HMAC
>CKM_SHA3_224_HMAC_GENERAL
>CKM_SHA3_256_HMAC
>CKM_SHA3_256_HMAC_GENERAL
>CKM_SHA3_384_HMAC
>CKM_SHA3_384_HMAC_GENERAL
>CKM_SHA3_512_HMAC
>CKM_SHA3_512_HMAC_GENERAL
Signature/Verification Mechanisms
Mechanism Type | Description |
---|---|
RSA PKCS |
The following mechanisms for performing a RSA PKCS #1 v1.5 signature/verification with a SHA-3 digest have been added: >CKM_SHA3_224_RSA_PKCS >CKM_SHA3_256_RSA_PKCS >CKM_SHA3_384_RSA_PKCS >CKM_SHA3_512_RSA_PKCS |
RSA PSS |
The following mechanisms for performing a RSA signature/verification with PSS encoding with a SHA-3 digest have been added: >CKM_SHA3_224_RSA_PKCS_PSS >CKM_SHA3_256_RSA_PKCS_PSS >CKM_SHA3_384_RSA_PKCS_PSS >CKM_SHA3_512_RSA_PKCS_PSS The following MGF1 constants have been defined with corresponding support: >CKG_MGF1_SHA3_224 >CKG_MGF1_SHA3_256 >CKG_MGF1_SHA3_384 >CKG_MGF1_SHA3_512 These values can be specified via the mgf field of the CK_RSA_PKCS_PSS_PARAMS mechanism parameters. The hashAlg field of the CK_RSA_PKCS_PSS_PARAMS mechanism parameters can be given the new values of CKM_SHA3_224, CKM_SHA3_256, CKM_SHA3_384 or CKM_SHA3_512. |
DSA |
The following mechanisms for performing a DSA signature/verification with a SHA-3 digest have been added: >CKM_DSA_SHA3_224 >CKM_DSA_SHA3_256 >CKM_DSA_SHA3_384 >CKM_DSA_SHA3_512 |
ECDSA |
The following mechanisms for performing an ECDSA signature/verification with a SHA-3 digest have been added: >CKM_ECDSA_SHA3_224 >CKM_ECDSA_SHA3_256 >CKM_ECDSA_SHA3_384 >CKM_ECDSA_SHA3_512 |
EDDSA |
The following mechanisms for performing an EDDSA signature/verification with a SHA-3 digest have been added: >CKM_SHA3_224_EDDSA >CKM_SHA3_256_EDDSA >CKM_SHA3_384_EDDSA >CKM_SHA3_512_EDDSA |
Encrypt/Decrypt Mechanisms
CKM_RSA_PKCS_OAEP
For the CKM_RSA_PKCS_OAEP mechanism, the following values can be specified for the mgf field of the CK_RSA_PKCS_OAEP_PARAMS mechanism parameters:
>CKG_MGF1_SHA3_224
>CKG_MGF1_SHA3_256
>CKG_MGF1_SHA3_384
>CKG_MGF1_SHA3_512
For the hashAlg field of the CK_RSA_PKCS_OAEP_PARAMS mechanism parameters, the following hash algorithms can be specified:
>CKM_SHA3_224
>CKM_SHA3_256
>CKM_SHA3_384
>CKM_SHA3_512
Digest Key Derive Mechanisms
Mechanism Type | Description |
---|---|
SHA-3 |
The following mechanisms can be used to derive a key using SHA-3: >CKM_SHA3_224_KEY_DERIVE >CKM_SHA3_256_KEY_DERIVE >CKM_SHA3_384_KEY_DERIVE >CKM_SHA3_512_KEY_DERIVE |
SHAKE |
The following mechanisms can be used to derive a key using SHAKE: >CKM_SHAKE_128_KEY_DERIVE >CKM_SHAKE_256_KEY_DERIVE |
Key Derivation Function (KDF) Mechanisms
Mechanism Type | Description |
---|---|
CKM_X9_42_DH_DERIVE CKM_ECDH1_DERIVE |
The following values can be specified for the kdf field of the CK_X9_42_DH1_DERIVE_PARAMS and CK_ECDH1_DERIVE_PARAMS mechanism parameters to make use of the SHA-3 variants: >CKD_SHA3_224_KDF >CKD_SHA3_256_KDF >CKD_SHA3_384_KDF >CKD_SHA3_512_KDF >CKD_SHA3_224_NIST_KDF >CKD_SHA3_256_NIST_KDF >CKD_SHA3_384_NIST_KDF >CKD_SHA3_512_NIST_KDF >CKD_SHA3_224_SES_KDF >CKD_SHA3_256_SES_KDF >CKD_SHA3_384_SES_KDF >CKD_SHA3_512_SES_KDF |
CKM_PRF_KDF |
The following values can be specified for the prfType field of the CK_PRF_KDF_PARAMS mechanism parameters to make use of the SHA-3 variants: >CK_NIST_PRF_KDF_HMAC_SHA3_224 >CK_NIST_PRF_KDF_HMAC_SHA3_256 >CK_NIST_PRF_KDF_HMAC_SHA3_384 >CK_NIST_PRF_KDF_HMAC_SHA3_512 |