This section identifies the alternative algorithms and modes that
shall be used when symmetric key management is employed, to encrypt
data encryption keys (DEKs) and message integrity check (MIC) values.
Character string identifiers are assigned for incorporation in
encapsulated "Key-Info:" header fields to indicate the choice of
algorithm employed.
All alternatives presently defined in this category correspond to
different usage modes of the DES algorithm, rather than to other
algorithms.
When symmetric key management is employed, the symmetrically
encrypted DEK and MIC, carried in the third and fourth arguments of a
"Key-Info:" header field, respectively, are each represented as a
string of contiguous ASCII hexadecimal digits. The manner in which
to use the following symmetric encryption algorithms and the length
of the symmetrically encrypted DEK and MIC may vary depending on the
length of the underlying DEK and MIC. Section 1, Message Encryption
Algorithms, and Section 2, Message Integrity Check Algorithms,
provide information on the proper manner in which a DEK and MIC,
respectively, are symmetrically encrypted when the size of the DEK or
MIC is not equal to the symmetric encryption algorithm's input block
size. These sections also provide information on the proper format
and length of the symmetrically encrypted DEK and MIC, respectively.
