CKM_DSA_SHA1_PKCS

Supported Operations

Encrypt and Decrypt

No

Sign and Verify

Yes

SignRecover and VerifyRecover

No

Digest

No

Generate Key/Key-Pair

No

Wrap and Unwrap

No

Derive

No

Available in FIPS Mode

Yes

Restrictions in FIPS Mode

No Signing

Minimum 2048-bit modulus for all operations

Key Size Range (bytes) and Parameters

Minimum 512
FIPS Minimum 2048
Maximum 4096
Parameter None

Description

The PKCS #1 DSA signature with SHA-1 mechanism, denoted CKM_DSA_SHA1_PKCS, performs single and multiple-part digital signature and verification operations without message recovery. The operations performed are as described in PKCS #1 with the object identifier sha1WithDSAEncryption.

It is similar to the PKCS#11 mechanism CKM_RSA_SHA1_PKCS except DSA is used instead of RSA. This mechanism has no parameter.

Return to SafeNet ProtectToolkit-C Mechanisms