Cryptographic Token Interface Standard |
PKCS#11 |
typedef CK_ULONG CK_EC_KDF_TYPE;
The following table lists the defined functions.
Table 227, EC: Key Derivation Functions
Source Identifier |
CKD_NULL |
CKD_SHA1_KDF |
CKD_SHA224_KDF |
CKD_SHA256_KDF |
CKD_SHA384_KDF |
CKD_SHA512_KDF |
The key derivation function CKD_NULL produces a raw shared secret value without applying any key derivation function whereas the key derivation function CKD_SHA1_KDF, which is based on SHA-1, derives keying data from the shared secret value as defined in ANSI X9.63.
CK_EC_KDF_TYPE_PTR is a pointer to a CK_EC_KDF_TYPE.
typedef struct CK_ECDH1_DERIVE_PARAMS { CK_EC_KDF_TYPE kdf; CK_ULONG ulSharedDataLen; CK_BYTE_PTR pSharedData; CK_ULONG ulPublicDataLen; CK_BYTE_PTR pPublicData; } CK_ECDH1_DERIVE_PARAMS;
kdf | key derivation function used on the shared secret value |
ulSharedDataLen | the length in bytes of the shared info |
pSharedData | some data shared between the two parties |
ulPublicDataLen | the length in bytes of the other party's EC public key |
pPublicData | ''The encoding in V2.20 was not specified and resulted in different implementations choosing different encodings. Applications relying only on a V2.20 encoding (e.g. the DER variant) other than the one specified now (raw) may not work with all V2.30 compliant tokens.'' pointer to other party's EC public key value. A token MUST be able to accept this value encoded as a raw octet string (as per section A.5.2 of [ANSI X9.62]). A token MAY, in addition, support accepting this value as a DER-encoded ECPoint (as per section E.6 of [ANSI X9.62]) i.e. the same as a CKA_EC_POINT encoding. The calling application is responsible for converting the offered public key to the compressed or uncompressed forms of these encodings if the token does not support the offered form.'' '' |
With the key derivation function CKD_NULL, pSharedData must be NULL and ulSharedDataLen must be zero. With the key derivation function CKD_SHA1_KDF, an optional pSharedData may be supplied, which consists of some data shared by the two parties intending to share the shared secret. Otherwise, pSharedData must be NULL and ulSharedDataLen must be zero.
CK_ECDH1_DERIVE_PARAMS_PTR is a pointer to a CK_ECDH1_DERIVE_PARAMS.
typedef struct CK_ECMQV_DERIVE_PARAMS { CK_EC_KDF_TYPE kdf; CK_ULONG ulSharedDataLen; CK_BYTE_PTR pSharedData; CK_ULONG ulPublicDataLen; CK_BYTE_PTR pPublicData; CK_ULONG ulPrivateDataLen; CK_OBJECT_HANDLE hPrivateData; CK_ULONG ulPublicDataLen2; CK_BYTE_PTR pPublicData2; CK_OBJECT_HANDLE publicKey; } CK_ECMQV_DERIVE_PARAMS;
kdf | key derivation function used on the shared secret value |
ulSharedDataLen | the length in bytes of the shared info |
pSharedData | some data shared between the two parties |
ulPublicDataLen | the length in bytes of the other party's first EC public key |
pPublicData | pointer to other party's first EC public key value. Encoding rules are as per ''pPublicData'' of CK_ECDH1_DERIVE_PARAMS |
ulPrivateDataLen | the length in bytes of the second EC private key |
hPrivateData | key handle for second EC private key value |
ulPublicDataLen2 | the length in bytes of the other party's second EC public key |
pPublicData2 | pointer to other party's second EC public key value. Encoding rules are as per ''pPublicData'' of CK_ECDH1_DERIVE_PARAMS |
publicKey | Handle to the first party's ephemeral public key |
With the key derivation function CKD_NULL, pSharedData must be NULL and ulSharedDataLen must be zero. With the key derivation function CKD_SHA1_KDF, an optional pSharedData may be supplied, which consists of some data shared by the two parties intending to share the shared secret. Otherwise, pSharedData must be NULL and ulSharedDataLen must be zero.
CK_ECMQV_DERIVE_PARAMS_PTR is a pointer to a CK_ECMQV_DERIVE_PARAMS.