Supporting the BSICC2017 compliance mode
The EP11 token provides an access control point (ACP) to enable the BSICC2017 compliance mode. When enabled, this compliance mode disables the RSA PKCS #1 v1.5 mechanisms.
The EP11 host library supports access control point 61 which is related to the BSICC2017 compliance mode.
61 XCP_CPB_ALG_NBSI2017 enable the BSICC2017 compliance mode
This ACP can be used to disable the following RSA PKCS #1 v1.5 mechanisms:
- CKM_RSA_PKCS
- CKM_SHA1_RSA_PKCS
- CKM_SHA224_RSA_PKCS
- CKM_SHA256_RSA_PKCS
- CKM_SHA384_RSA_PKCS
- CKM_SHA512_RSA_PKCS