General-length general block cipher MAC

Cipher <NAME> has a general-length MACing mode, "General-length <NAME>-MAC", denoted CKM_<NAME>_MAC_GENERAL. It is a mechanism for single- and multiple-part signatures and verification.

It has a parameter, a CK_MAC_GENERAL_PARAMS, which specifies the size of the output.

The output bytes from this mechanism are taken from the start of the final cipher block produced in the MACing process.

Constraints on key types and the length of input and output data are summarized in the following table:

Table 83, General-length General Block Cipher MAC: Key And Data Length
Function Key type Data length Signature length

C_Sign <NAME> any 0-blocksize, depending on parameters

C_Verify <NAME> any 0-blocksize, depending on parameters

RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v210

Function	Key type	Data length	Signature length
C_Sign	<NAME>	any	0-blocksize, depending on parameters
C_Verify	<NAME>	any	0-blocksize, depending on parameters