opensolaris man page for pkcs11_kernel

Opensolaris Man Pages All Man Pages Latest Topics Forum Categories

Query: pkcs11_kernel

OS: opensolaris

Section: 5

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

pkcs11_kernel(5)					Standards, Environments, and Macros					  pkcs11_kernel(5)


NAME

       pkcs11_kernel - PKCS#11 interface to Kernel Cryptographic Framework


SYNOPSIS

       /usr/lib/security/pkcs11_kernel.so
       /usr/lib/security/64/pkcs11_kernel.so


DESCRIPTION

       The  pkcs11_kernel.so  object  implements  the  RSA PKCS#11 v2.20 specification by using a private interface to communicate with the Kernel
       Cryptographic Framework.

       Each unique hardware provider is represented by a PKCS#11 slot. In a system with no hardware Kernel Cryptographic Framework providers, this
       PKCS#11 library presents no slots.

       The PKCS#11 mechanisms provided by this library is determined by the available hardware providers.

       Application developers should link to libpkcs11.so rather than link directly to pkcs11_kernel.so. See libpkcs11(3LIB).

       All of the Standard PKCS#11 functions listed on libpkcs11(3LIB) are implemented except for the following:

	 C_DecryptDigestUpdate
	 C_DecryptVerifyUpdate
	 C_DigestEncryptUpdate
	 C_GetOperationState
	 C_InitToken
	 C_InitPIN
	 C_SetOperationState
	 C_SignEncryptUpdate
	 C_WaitForSlotEvent

       A call to these functions returns CKR_FUNCTION_NOT_SUPPORTED.

       Buffers	cannot	be greater than 2 megabytes. For example, C_Encrypt() can be called with a 2 megabyte buffer of plaintext and a 2 megabyte
       buffer for the ciphertext.

       The maximum number of object handles that can be returned by a call to C_FindObjects() is 512.

       The maximum amount of kernel memory that can be used for crypto operations is limited by the  project.max-crypto-memory	resource  control.
       Allocations in the kernel for buffers and session-related structures are charged against this resource control.


RETURN VALUES

       The return values of each of the implemented functions are defined and listed in the RSA PKCS#11 v2.20 specification. See http://www.rsase-
       curity.com.


ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Standard: PKCS#11 v2.20	   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |MT-Safe  with   exceptions.  |
       |			     |See  section  6.5.2  of RSA  |
       |			     |PKCS#11 v2.20		   |
       +-----------------------------+-----------------------------+


SEE ALSO

       cryptoadm(1M), rctladm(1M), libpkcs11(3LIB), attributes(5), pkcs11_softtoken(5)

       RSA PKCS#11 v2.20 http://www.rsasecurity.com


NOTES

       Applications that have an open session to a PKCS#11 slot make the corresponding hardware provider driver not unloadable.  An  administrator
       must close the applications that have an PKCS#11 session open to the hardware provider to make the driver unloadable.

SunOS 5.11							    27 Oct 2005 						  pkcs11_kernel(5)
Related Man Pages
pkcs11_kernel(5) - sunos
libpkcs11(3lib) - linux
libpkcs11(3lib) - x11r4
pkcs11_kernel(5) - osx
pkcs11_kernel(5) - hpux
Similar Topics in the Unix Linux Community
Baldrick Application Framework 0.84 (Default branch)
Baldrick Application Framework 0.85 (Default branch)
Configuring Sun Java System Messaging Server 6.3 and Solaris Cryptographic Framework
SoftHSM 1.0.0-RC1 (Default branch)
cloud computing on (HP hardware?)