Calculate Parameter Value for CK_RSA_PKCS_PSS_PARAMS

A new mechanism parameter structure was created, CK_RSA_PKCS_PSS_PARAMS, for use by RSA_PKCS_PSS mechanisms. When RSA_PKCS_PSS mechanisms are selected as signing mechanisms in ctbrowse, the parameter value must be properly configured. Providing an incorrect parameter value will result in ctbrowse reporting a Mechanism Invalid error.

To calculate the parameter value for CK_RSA_PKCS_PSS_PARAMS:

1.To calculate the parameter value for CKM_RSA_PKCS_PSS mechanisms you must determine the value of hashAlg, mgf, and sLen.

Field Value
hashAlg The value for hashAlg is based on the mechanism selected from the Mechanism Field in ctbrowse. For example if the selected mechanism is SHA265_RSA_PKCS_PSS then the value for hashAlg would be CKM_SHA256.
mgf The value for mgf is based on the mechanism selected from the Mechanism Field in ctbrowse. For example if the selected mechanism is SHA265_RSA_PKCS_PSS then the value for mgf would be CKG_MGF1_SHA256.
sLen

The length, in bytes, of the salt value used in the PSS encoding; typical values are the length of the message hash and zero. For example, if hashAlg, mgf, and sLen are 4 bytes each, the salt length value would be 0x0000000C.

2.Convert the value of hashAlg, mgf, and sLen to network byte order using htonl.

3.Enter the values in network byte order into the Parameter field in ctbrowse without any delimiters in the order of hashAlg, mgf, and sLen.

4.Select the Init button.