CKM_RSA_PKCS_PSS
Supported Operations
|
Encrypt and Decrypt |
No |
|
Sign and Verify |
Yes |
|
SignRecover and VerifyRecover |
No |
|
Digest |
No |
|
Generate Key/Key-Pair |
No |
|
Wrap and Unwrap |
No |
|
Derive |
No |
|
FIPS-approved |
Yes* |
* All RSA signing operations performed under FIPS mode are carried out only if the specified key has a modulus of 2048 bits or greater. Any attempt to create an RSA key smaller than 2048 bits while running in FIPS mode results in a CKR_KEY_SIZE_RANGE or CKA_TEMPLATE_INCONSISTENT error.
Key Size Range (bytes) and Parameters
| Minimum | 512 |
| FIPS Minimum | 2048 |
| Maximum | 4096 |
| Parameter | CK_RSA_PKCS_PSS_PARAMS
|
Description
For a full description of this mechanism, refer to the PKCS#11 version 2.20 documentation from RSA Laboratories.
Return to SafeNet ProtectToolkit-C Mechanisms
