CKM_MILENAGE_SIGN

Supported Operations

Encrypt and Decrypt

 No

Sign and Verify

 Yes (single-part sign only)

SignRecover and VerifyRecover

 No

Digest

 No

Generate Key/Key-Pair

 No

Wrap and Unwrap

 No

Derive

 No

FIPS-approved

 No

Key Size Range (bytes) and Parameters

Minimum 16
FIPS Minimum N/A
Maximum 16
Parameter CK_MILENAGE_SIGN_PARAMS

Description

This mechanism is used to perform MAC calculation for MILENAGE functions F1, F1* and F2 as per the specification available at http://www.3gpp.org/specifications/60-confidentiality-algorithms, using the PKCS functions C_SignInit() and C_Sign().

The mechanism requires the 16-byte milenage key 'K' to be initialized as an AES key on the HSM slot. The key should have the CKA_SIGN attribute set to TRUE. The 16-byte Operator Variant key should be stored on the HSM slot as a Generic Secret key (CKK_GENERIC_SECRET).

The mechanism takes a parameter, CK_MILENAGE_SIGN_PARAMS. See ctvdef.h for description.

NOTE   Only a 16-byte AES key and a 16-byte Operator Variant are supported with this mechanism.

Return to SafeNet ProtectToolkit-C Mechanisms


Customer Support Portal

SafeNet ProtectToolkit 5.5 Product Documentation  08 January 2020  Copyright 2009-2020 Gemalto. All rights reserved.