CKM_AES_GCM
Supported Operations
Encrypt and Decrypt | Yes (Single-part operation only) |
Sign and Verify | No |
SignRecover and VerifyRecover | No |
Digest | No |
Generate Key/Key-Pair | No |
Wrap and Unwrap | No |
Derive | No |
Available in FIPS Mode | Yes |
Restrictions in FIPS Mode | None |
Key Size Range (bytes) and Parameters
Minimum | 16 |
FIPS Minimum | 16 |
Maximum | 32 |
Parameter | CK_GCM_PARAMS
|
Description
For a full description of this mechanism, refer to the PKCS#11 version 2.30 documentation from RSA Laboratories.
AES GCM is a single part encrypt/decrypt operation; the following sequence of PKCS#11 function calls may be used in applications:
C_EncryptInit(...)
C_Encrypt(...)
...
C_DecryptInit(...)
C_Decrypt(...)
C_Encrypt() returns the cipher text, followed by the IV. With FIPS Mode enabled, the IV is randomly generated.
The caller must pass an initialized buffer of length specified in the IV field of CK_GCM_PARAMS
. Passing NULL as the IV returns an error.
PTK's implementation of AES GCM assumes the following limitations:
>IV maximum length is 128 octets (max value from NIST test vectors),
>AAD maximum length is 90 octets(max value from NIST test vectors),
>message maximum length is 126K (129024) octets.
Return to ProtectToolkit-C Mechanisms