CKM_DES3_DERIVE_CBC

NOTE   The CKM_DES3_DERIVE_CBC mechanism is deprecated in this release. Use of CKM_DES3_DERIVE_CBC is no longer recommended.

Supported Operations

Encrypt and Decrypt

No

Sign and Verify

No

SignRecover and VerifyRecover

No

Digest

No

Generate Key/Key-Pair

No

Wrap and Unwrap

No

Derive

Yes

FIPS-approved

No

Key Size Range (bytes) and Parameters

Minimum 16
FIPS Minimum

N/A

Maximum 24
Parameter CK_DES2_CBC_PARAMS
CK_DES3_CBC_PARAMS

Description

The CKM_DES_DERIVE_CBC and CKM_DES3_DERIVE_CBC mechanisms are used with the C_DeriveKey function to derive a secret key by performing a CBC (no padding) encryption. They create a new secret key whose value is generated by encrypting the provided data with the provided Single, Double or Triple length DES key.

Three new mechanism Parameter structures are created, CK_DES_CBC_PARAMS, CK_DES2_CBC_PARAMS and CK_DES3_CBC_PARAMS, for use by these mechanisms. These structures consists of 2-byte arrays, the first array contains the IV (must be 8 bytes) and the second array contains the data to be encrypted, being 8, 16 or 24 bytes in length, for each PARAMS structure respectively.

These mechanisms require the pParameter in the CK_MECHANISM structure to be a pointer to one of the above new Parameter structures and the parameterLen to be the size of the provided Parameter structure.

If the length of data to be encrypted by the CBC mechanism does not fit into one of the above PARAMS structures, the developer must produce their own byte array with the following layout.  The first 8 bytes must be the IV, then the data to be encrypted.  To use this array, the pParameter in the CK_MECHANISM structure must be a pointer to this array and the parameterLen is the length of the IV (must be 8 bytes) plus the length of the provided data, which must be a multiple of 8 bytes.

The following rules apply to the provided attribute template:

>If no length or key type is provided in the template, then the key produced by these mechanisms is a generic secret key. Its length is equal to the length of the provided data.

>If no key type is provided in the template, but a length is, then the key produced by these mechanisms is a generic secret key of the specified length, extracted from the left bytes of the cipher text.

>If no length is provided in the template, but a key type is, then that key type must have a well-defined length. If it does, then the key produced by these mechanisms is of the type specified in the template. If it doesn’t, an error is returned.

>If both a key type and a length are provided in the template, the length must be compatible with that key type. The key produced by these mechanisms is of the specified type and length, extracted from the left bytes of the cipher text.

If a DES key is derived with these mechanisms, the parity bits of the key are set properly. If the requested type of key requires more bytes than the length of the provided data, an error is generated.

These mechanisms have the following rules about key sensitivity and extractability:

>If the base key has its CKA_SENSITIVE attribute set to TRUE, so does the derived key. If not, then the derived key’s CKA_SENSITIVE attribute is set either from the supplied template or else it defaults to TRUE.

>Similarly, the derived key’s CKA_EXTRACTABLE attribute is set either from the supplied template or else it defaults to the value of the CKA_EXTRACTABLE of the base key.

>The derived key’s CKA_ALWAYS_SENSITIVE attribute is set to TRUE if and only if the base key has its CKA_ALWAYS_SENSITIVE attribute set to TRUE.

>Similarly, the derived key’s CKA_NEVER_EXTRACTABLE attribute is set to TRUE if and only if the base key has its CKA_NEVER_EXTRACTABLE attribute set to TRUE.

Return to SafeNet ProtectToolkit-C Mechanisms