canmove, Confirmed users
937
edits
VE 07KeyMgmt: Difference between revisions
→Key Generation
| Line 19: | Line 19: | ||
=Key Generation= | =Key Generation= | ||
The <code>FC_GenerateKey</code> and <code>FC_GenerateKeyPair</code> functions of the NSS cryptographic module perform key generation. <code>FC_GenerateKey</code> generates secret keys and domain parameters, and <code>FC_GenerateKeyPair</code> generates public/private key pairs. | |||
Approved Security Functions | |||
* Symmetric key | |||
** AES: FIPS 197 | |||
** Triple DES | |||
* Asymmetric key | |||
** DSA, RSA and ECDSA: FIPS 186-2 with Change Notice 1, PKCS #1 v2.1 (algorithm RSASSA-PKCS1-v1_5) | |||
* Keyed hash | |||
** HMAC: FIPS 198 | |||
The prime numbers that are generated for both RSA and DSA are tested using FIPS 186-2 [APPENDIX 2.1. A PROBABILISTIC PRIMALITY TEST] -- | The prime numbers that are generated for both RSA and DSA are tested using FIPS 186-2 [APPENDIX 2.1. A PROBABILISTIC PRIMALITY TEST] -- | ||