Cryptographic Token Interface Standard

PKCS#11


GOST R 34.10-2001 without hashing

The GOST R 34.10-2001 without hashing mechanism, denoted CKM_GOSTR3410, is a mechanism for single-part signatures and verification for GOST R 34.10-2001. (This mechanism corresponds only to the part of GOST R 34.10-2001 that processes the 32-bytes hash value; it does not compute the hash value.)

This mechanism does not have a parameter.

For the purposes of these mechanisms, a GOST R 34.10-2001 signature is an octet string of 64 bytes long. The signature octets correspond to the concatenation of the GOST R 34.10-2001 values s and r ', both represented as a 32 bytes octet string in big endian order with the most significant byte first [RFC 4490] section 3.2, and [RFC 4491] section 2.2.2.

The input for the mechanism is an octet string of 32 bytes long with digest has computed by means of GOST R 34.11-94 hash algorithm in the context of signed or should be signed message.

Table 14, GOST R 34.10-2001 without hashing: Key And Data Length
Function Key type
Input length
Output length
C_Sign1 CKK_GOSTR3410
32 bytes
64 bytes
C_Verify1 CKK_GOSTR3410
32 bytes
64 bytes

1 Single-part operations only.

For this mechanism, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure are not used.


RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v230mechanism1