2008/9/5 Graham Leggett <[EMAIL PROTECTED]>: > Hi all, > > I am struggling to understand the relationship between a CK_MECHANISM_TYPE > and a SECOidTag and how they relate to one another. > > For example, CKM_AES_ECB and SEC_OID_AES_[128|192|256]_ECB constants seem to > be related to one another.
These are related to one another, but they are in two different name spaces. The CKM_xxx macros specify "mechanisms" (roughly equivalent to the type of algorithm or operation to perform) in PKCS #11 (also known as Cryptoki, hence the CK prefix). SECOidTag is an enumeration type NSS defines to represent the ASN.1 OIDs. (OIDs can represent more than crypto algorithms. OIDs are often written in a dotted notation such as "1.3.14.3.2.29".) > Another thing I don't fully understand is that in the case of > CK_MECHANISM_TYPE, some types support padding, like CKM_DES3_CBC_PAD, while > other types don't, like CKM_DES3_ECB. > > Is there an external way to specify padding without using the _PAD > variation? No. All the CKM_ macros are defined in the PKCS #11 standard, and padding is considered an integral part of a mechanism rather than an external parameter of a mechanism. Wan-Teh _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
