MozillaWiki

VE 07KeyMgmt: Difference between revisions

Page Discussion

VE 07KeyMgmt (view source)

Revision as of 16:39, 6 May 2009

1 byte added ,  6 May 2009
→‎Key Generation
Line 35: Line 35:
The <code>FC_GenerateKey</code> and <code>FC_GenerateKeyPair</code> functions of the NSS cryptographic module perform key generation. <code>FC_GenerateKey</code> generates secret keys and domain parameters, and <code>FC_GenerateKeyPair</code> generates public/private key pairs.
The <code>FC_GenerateKey</code> and <code>FC_GenerateKeyPair</code> functions of the NSS cryptographic module perform key generation. <code>FC_GenerateKey</code> generates secret keys and domain parameters, and <code>FC_GenerateKeyPair</code> generates public/private key pairs.


'''Approved key generation method:''' The NSS cryptographic module uses the Approved RNG specified as Algorithm 1 of FIPS 186-2 Change Notice 1 to generate cryptographic keys used by the Approved and non-Approved security functions. The validation certificate for the Approved RNG is [http://csrc.nist.gov/cryptval/rng/rngval.html#208 Cert# 208].
'''Approved key generation method:''' The NSS cryptographic module uses the Approved RNG specified as Algorithm Algorithm Hash_DRBG of SP 800-90 to generate cryptographic keys used by the Approved and non-Approved security functions. The validation certificate for the Approved RNG is [http://csrc.nist.gov/cryptval/rng/rngval.html#208 Cert# 208].


Secret keys for symmetric key algorithms and HMAC are generated using the output of the Approved RNG.
Secret keys for symmetric key algorithms and HMAC are generated using the output of the Approved RNG.
Glenb
22

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/142823"