canmove, Confirmed users
937
edits
VE 07KeyMgmt: Difference between revisions
→Key Generation
| Line 22: | Line 22: | ||
The <code>FC_GenerateKey</code> and <code>FC_GenerateKeyPair</code> functions of the NSS cryptographic module perform key generation. <code>FC_GenerateKey</code> generates secret keys and domain parameters, and <code>FC_GenerateKeyPair</code> generates public/private key pairs. | The <code>FC_GenerateKey</code> and <code>FC_GenerateKeyPair</code> functions of the NSS cryptographic module perform key generation. <code>FC_GenerateKey</code> generates secret keys and domain parameters, and <code>FC_GenerateKeyPair</code> generates public/private key pairs. | ||
'''Approved key generation method:''' The NSS cryptographic module uses the Approved RNG specified as Algorithm 1 of FIPS 186-2 Change Notice 1 to generate cryptographic keys used by the | '''Approved key generation method:''' The NSS cryptographic module uses the Approved RNG specified as Algorithm 1 of FIPS 186-2 Change Notice 1 to generate cryptographic keys used by the Approved and non-Approved security functions. | ||
The prime numbers that are generated for both RSA and DSA are tested using Miller-Rabin test (FIPS 186-2 Appendix 2.1. A Probabilistic Primality Test). | The prime numbers that are generated for both RSA and DSA are tested using Miller-Rabin test (FIPS 186-2 Appendix 2.1. A Probabilistic Primality Test). | ||