CKM_DSA_SHA1_PKCS
Supported Operations
Encrypt and Decrypt |
No |
Sign and Verify |
Yes |
SignRecover and VerifyRecover |
No |
Digest |
No |
Generate Key/Key-Pair |
No |
Wrap and Unwrap |
No |
Derive |
No |
Available in FIPS Mode |
Yes |
Restrictions in FIPS Mode |
No Signing Minimum 2048-bit modulus for all operations |
Key Size Range (bytes) and Parameters
Minimum | 512 |
FIPS Minimum | 2048 |
Maximum | 4096 |
Parameter | None |
Description
The PKCS #1 DSA signature with SHA-1 mechanism, denoted CKM_DSA_SHA1_PKCS
, performs single and multiple-part digital signature and verification operations without message recovery. The operations performed are as described in PKCS #1 with the object identifier sha1WithDSAEncryption
.
It is similar to the PKCS#11 mechanism CKM_RSA_SHA1_PKCS
except DSA is used instead of RSA. This mechanism has no parameter.
Return to SafeNet ProtectToolkit-C Mechanisms