CKM_XOR_BASE_AND_DATA

**WARNING**   This mechanism contains vulnerabilities that could compromise security. It has been disabled in the factory settings for new HSMs. To enable it, the Weak PKCS#11 Mechanisms flag must be set. See "Weak PKCS#11 Mechanisms" in SafeNet ProtectToolkit-C Administration Guide for more information.

Supported Operations

Encrypt and Decrypt

No

Sign and Verify

No

SignRecover and VerifyRecover

No

Digest

No

Generate Key/Key-Pair

No

Wrap and Unwrap

No

Derive

Yes

FIPS-approved

Yes (but disabled in FIPS mode due to vulnerabilities)

Key Size Range (bytes) and Parameters

Minimum 0
FIPS Minimum

N/A

Maximum None
Parameter CK_KEY_DERIVATION_STRING_DATA

Description

For a full description of this mechanism, refer to the PKCS#11 version 2.20 documentation from RSA Laboratories.

Return to SafeNet ProtectToolkit-C Mechanisms