CKM_DSA_SHA1_PKCS

Supported Operations

Encrypt and Decrypt No
Sign and Verify Yes
SignRecover and VerifyRecover No
Digest No
Generate Key/Key-Pair No
Wrap and Unwrap No
Derive No
Available in FIPS Mode Yes
Restrictions in FIPS Mode

No Signing

Minimum 2048-bit modulus for all operations

Key Size Range (bits) and Parameters

Minimum 512
FIPS Minimum 2048
Maximum 3072
Parameter None

Description

The PKCS #1 DSA signature with SHA-1 mechanism, denoted CKM_DSA_SHA1_PKCS, performs single and multiple-part digital signature and verification operations without message recovery. The operations performed are as described in PKCS #1 with the object identifier sha1WithDSAEncryption.

It is similar to the PKCS#11 mechanism CKM_RSA_SHA1_PKCS except DSA is used instead of RSA. This mechanism has no parameter.

Return to ProtectToolkit-C Mechanisms