Cryptographic Token Interface Standard

PKCS#11


General-length DES3-MAC

General-length DES3-CMAC, denoted CKM_DES3_CMAC_GENERAL, is a mechanism for single- and multiple-part signatures and verification with DES3 or DES2 keys, based on [NIST sp800-38b].

It has a parameter, a CK_MAC_GENERAL_PARAMS structure, which specifies the output length desired from the mechanism.

The output bytes from this mechanism are taken from the start of the final DES3 cipher block produced in the MACing process.

Constraints on key types and the length of data are summarized in the following table:

Table 53, General-length DES3-CMAC: Key And Data Length
Function Key type
Data length
Signature length
C_Sign CKK_DES3CKK_DES2
any
0-block size, as specified in parameters
C_Verify CKK_DES3CKK_DES2
any
0-block size, as specified in parameters

Reference [NIST sp800-38b] recommends that the output MAC is not truncated to less than 64 bits (which means using the entire block for DES). The MAC length must be specified before the communication starts, and must not be changed during the lifetime of the key. It is the caller's responsibility to follow these rules.

For this mechanism, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure.are not used


RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v230mechanism1