I am trying to implement pkcs 11 standard using pkcs11interop
I have some des2 keys (16 byte) and i want use sign method
my problem is that sign method returns only four bytes. but I want 8 byte sign.
what should i do?
PS 1: the four byte result is correct. that is first bytes of my expected result.
PS 2: I know sign method is same as encrypt method. so one of my solutions is that encrypt input and get first 8 bytes of result (that is what i am already doing). but I feel bad about it and I think it is better to use Sign method itself.
PS 3: there is a "ICkMacGeneralParams" interface that can be use to select MAC size. but seems to doesnt effect AT ALL! i set it to UInt32.MaxValue and 0 and result was not different.
PS 4: I know Sign method usually used with public and private keys. but I need to use it with one key
var data = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, };
//macParams seems not to work at all! result remains same with any input of CreateCkMacGeneralParams method
var macParams = session.Factories.MechanismParamsFactory.CreateCkMacGeneralParams(8);
var signMechanism = session.Factories.MechanismFactory.Create(CKM.CKM_DES3_MAC, macParams);
//handle references to some 16 byte key with CKK_DES2
var signResult = session.Sign(signMechanism, handle, data);
//result is always 4 bytes
