CKM_DECODE_X_509
This section provides a summary of CKM_DECODE_X_509.
Supported operations
Operation | Support |
---|---|
Encrypt and Decrypt | No |
Sign and Verify | No |
SignRecover and VerifyRecover | No |
Digest | No |
Generate Key/Key-Pair | No |
Wrap and Unwrap | No |
Derive | Yes |
FIPS Mode support
Available in FIPS Mode | Restrictions in FIPS Mode |
---|---|
Yes | None |
Key Size Range and Parameters
Key size minimum/maximum | Value |
---|---|
Minimum | 0 |
FIPS Minimum | 0 |
Maximum | None |
Parameter
None
Mechanism description
This mechanism is used with the C_DeriveKey function to derive a public key object from an X.509 certificate or a PKCS#10 certification request. This mechanism does not perform a certificate validation.
The base key object handle should refer to the X.509 certificate or PKCS#10 certificate request. This mechanism has no parameter
Return to ProtectToolkit-C mechanisms.