CKM_RSA_PKCS_OAEP

The RSA PKCS OAEP mechanism can now use a supplied hashing mechanism. Previously RSA OAEP would always use SHA1 and returned an error if another was attempted.

With current firmware, PKCS#11 API and ckdemo now accept a new mechanism.

Allowed mechanisms are:

CKM_SHA1

CKM_SHA224

CKM_SHA256

CKM_SHA384

CKM_SHA512

0 (use the firmware's default engine, which is currently SHA1)

In ckdemo menu option 98 has a new value 17 - OAEP Hash Params, which can be set to use either default (CKM_SHA1) or selectable. When it is set to selectable the user is prompted for a hash mechanism when using the OAEP mechanism.

Summary

FIPS approved? Yes
Supported functions Encrypt | Decrypt | Wrap | Unwrap
Functions restricted from FIPS use None | Cannot legacy decrypt | Cannot legacy unwrap
Minimum key length (bits) 256
Minimum key length for FIPS use (bits) 2048
Minimum legacy key length for FIPS use (bits) 1024
Maximum key length (bits) 8192
Block size 0
Digest size 0
Key types RSA
Algorithms None
Modes None
Flags None