CKM_DES3_CMAC

Supported Operations

Encrypt and Decrypt No
Sign and Verify Yes
SignRecover and VerifyRecover No
Digest No
Generate Key/Key-Pair No
Wrap and Unwrap No
Derive No
Available in FIPS Mode Yes
Restrictions in FIPS Mode Sign/Verify: A maximum limit of 228 64-bit packets can be processed by a single key. Once this limit is reached, an error (CKR_KEY_NOT_ACTIVE) occurs.

Key Size Range (bytes) and Parameters

Minimum 16
FIPS Minimum 16
Maximum 24
Parameter 8 bytes

Description

For a full description of this mechanism, refer to the PKCS#11 version 2.30 documentation from RSA Laboratories.

Return to ProtectToolkit-C Mechanisms