On Thu, 18 Oct 2007, Durga Prasad wrote:
hi Durga,
>In general RC4 is variable key length algorithm. But in openssl pkcs#11
>engine, it is implemented like other fixed length algorithms and its key
>length is limited to 128 bit.
correct, the engine doesn't support many ciphers or different key
lengths:
static PK11_CIPHER ciphers[] =
{
{PK11_DES_CBC, NID_des_cbc, 8, 8, CKK_DES, CKM_DES_CBC, },
{PK11_DES3_CBC, NID_des_ede3_cbc, 8, 24, CKK_DES3, CKM_DES3_CBC, },
{PK11_AES_CBC, NID_aes_128_cbc, 16, 16, CKK_AES, CKM_AES_CBC, },
{PK11_RC4, NID_rc4, 0, 16, CKK_RC4, CKM_RC4, },
};
we might probably add support for longer keys for RC4 and also AES
with 256 key.
--
Jan Pechanec
