![]() | Cryptographic Token Interface Standard |
PKCS#11 |
The PKCS #1 RSA PSS signature with SHA-1 mechanism, denoted CKM_SHA1_RSA_PKCS_PSS, performs single- and multiple-part digital signatures and verification operations without message recovery. The operations performed are as described in PKCS #1 with the object identifier id-RSASSA-PSS.
It has a parameter, a CK_RSA_PKCS_PSS_PARAMS structure. The sLen field must be less than or equal to k-2-hLen, where k is the length in bytes of the RSA modulus and hLen is the length in bytes of the SHA-1 hash.
It has a parameter, a CK_RSA_PKCS_PSS_PARAMS structure. The sLen field must be less than or equal to k*-2-hLen where hLen is the length of a SHA-1 hash. k* is the length in bytes of the RSA modulus, except if the length in bits of the RSA modulus is one more than a multiple of 8, in which case k* is one less than the length in bytes of the RSA modulus.
Constraints on key types and the length of the data are summarized in the following table. In the table, k* is the length in bytes of the RSA modulus as described above.
Table 73, PKCS #1 RSA PSS Signatures with SHA-1: Key And Data Length
Function | Key type | ||
C_Sign | RSA private key | ||
C_Verify | RSA public key |
2 Data length, signature length.
For this mechanism, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure specify the supported range of RSA modulus sizes, in bits.