CKM_AES_GCM

Supported Operations

Encrypt and Decrypt Yes
Sign and Verify No
SignRecover and VerifyRecover No
Digest No
Generate Key/Key-Pair No
Wrap and Unwrap No
Derive No
Available in FIPS Mode Yes
Restrictions in FIPS Mode None

Key Size Range (bytes) and Parameters

Minimum 16
FIPS Minimum 16
Maximum 32
Parameter CK_GCM_PARAMS

Description

For a full description of this mechanism, refer to the PKCS#11 version 2.30 documentation from RSA Laboratories.

AES GCM is a single part encrypt/decrypt operation; the following sequence of PKCS#11 function calls may be used in applications:

C_EncryptInit(...)
C_Encrypt(...)
...
C_DecryptInit(...)
C_Decrypt(...)
 

C_Encrypt() returns the cipher text, followed by the IV. With FIPS Mode enabled, the IV is randomly generated.

The caller must pass an initialized buffer of length specified in the IV field of CK_GCM_PARAMS. Passing NULL as the IV returns an error.

PTK's implementation of AES GCM assumes the following limitations:

>IV maximum length is 128 octets (max value from NIST test vectors),

>AAD maximum length is 90 octets(max value from NIST test vectors),

>message maximum length is 126K (129024) octets.

Return to SafeNet ProtectToolkit-C Mechanisms