CKM_SECRET_SHARE_WITH_ATTRIBUTES
Supported Operations
| Encrypt and Decrypt | No |
| Sign and Verify | No |
| SignRecover and VerifyRecover | No |
| Digest | No |
| Generate Key/Key-Pair | No |
| Wrap and Unwrap | No |
| Derive | Yes |
| Available in FIPS Mode | Yes |
| Restrictions in FIPS Mode | None |
Key Size Range and Parameters
| Minimum | 0 |
| FIPS Minimum | 0 |
| Maximum | None |
| Parameter | None |
Description
The Secret Share Mechanism denoted CKM_SECRET_SHARE_WITH_ATTRIBUTES is a derive mechanism to create M shares of a key such that N shares are required to recover the secret, where N is less than or equal to M.
The mechanism creates a secret value by combining all the attributes of the base key and then shares that secret into M shares.
The algorithm used is according to A. Shamir - How to Share a Secret, Communications of the ACM vol. 22, no. 11, November 1979, pp. 612-613
It has a parameter, a CK_SECRET_SHARE_PARAMS, which specifies the number of shares M and the recovery threshold N. See below for the definition.
The mechanism will create M data objects and return the object handle of one of them. It is expected that the data objects would be copied to a smart card token for storage.
The template supplied is used to specify the CKA_LABEL attribute of each new data object. If the CKA_LABEL attribute is not provided in the template then a CKR_TEMPLATE_INCOMPLETE error is returned.
The mechanism contributes the CKA_VALUE attribute of each data object. Any attempt to specify a CKA_VALUE attribute in the template will cause the mechanism to return the error: CKR_TEMPLATE_INCONSISTENT.
The default value of the CKA_TOKEN, CKA_PRIVATE attribute of the new objects is false. The new data objects will have a CKA_SENSITIVE attribute. If the CKA_SENSITIVE attribute of the base key is true then the data objects is sensitive. If the base key is not sensitive then the data objects take the value of CKA_SENSITIVE from the template or it is defaulted to false.
Usage Note
To avoid shares getting mixed up between different uses of this mechanism the developer should ensure that there are no data objects with the same label already on the token before attempting to use this mechanism. If objects are found then these objects should be deleted or a different label chosen.
Security Note
The key to be exported with this mechanism requires the CKA_DERIVE attribute to be true. This has the effect of enabling other key derive mechanisms to be performed with the key. If this is not desired then the CKA_MECHANISM_LIST attribute may be used with the key to restrict its derive operations to this mechanism.
For further information about secure key backup and restoration see the SafeNet ProtectToolkit-C Administration Manual.
Secret Share Mechanism Parameter
CK_SECRET_SHARE_PARAMS is used to specify the number of shares M and the recovery threshold N for secret sharing mechanisms. It is defined as follows:
typedef struct CK_SECRET_SHARE_PARAMS {
CK_ULONG n;
CK_ULONG m;} CK_SECRET_SHARE_PARAMS;
The fields of the structure have the following meanings:
>N=Number of shares required to recover the secret. Must be at least 2 and not greater than the number of shares
>M=Total number of shares. Must be at least 2 and not greater than 64.
CK_SECRET_SHARE_PARAMS_PTR is a pointer to a CK_SECRET_SHARE_PARAMS.
Return to SafeNet ProtectToolkit-C Mechanisms
