pkcs11_kernel(5) plan9 man page | unix.com

Plan9 Man Pages Latest Topics

Man Page: pkcs11_kernel

Operating Environment: plan9

Section: 5

pkcs11_kernel(5)					Standards, Environments, and Macros					  pkcs11_kernel(5)


NAME

       pkcs11_kernel - PKCS#11 interface to Kernel Cryptographic Framework


SYNOPSIS

       /usr/lib/security/pkcs11_kernel.so
       /usr/lib/security/64/pkcs11_kernel.so


DESCRIPTION

       The  pkcs11_kernel.so  object  implements  the  RSA PKCS#11 v2.11 specification by using a private interface to communicate with the Kernel
       Cryptographic Framework.

       Each unique hardware provider is represented by a PKCS#11 slot. In a system with no hardware Kernel Cryptographic Framework providers, this
       PKCS#11 library presents no slots.

       The PKCS#11 mechanisms provided by this library is determined by the available hardware providers.

       Application developers should link to libpkcs11.so rather than link directly to pkcs11_kernel.so. See libpkcs11(3LIB).

       All of the Standard PKCS#11 functions listed on libpkcs11(3LIB) are implemented except for the following:

       C_DecryptDigestUpdate
       C_DecryptVerifyUpdate
       C_DigestEncryptUpdate
       C_GetOperationState
       C_InitToken
       C_InitPIN
       C_SetOperationState
       C_SignEncryptUpdate
       C_WaitForSlotEvent

       A call to these functions returns CKR_FUNCTION_NOT_SUPPORTED.

       Buffers	cannot	be greater than 2 megabytes. For example, C_Encrypt() can be called with a 2 megabyte buffer of plaintext and a 2 megabyte
       buffer for the ciphertext.

       The maximum number of object handles that can be returned by a call to C_FindObjects() is 512.

       The maximum amount of kernel memory that can be used for crypto operations is limited by the  project.max-crypto-memory	resource  control.
       Allocations in the kernel for buffers and session-related structures are charged against this resource control.


RETURN VALUES

       The return values of each of the implemented functions are defined and listed in the RSA PKCS#11 v2.11 specification. See http://www.rsase-
       curity.com/rsalabs/pkcs/pkcs-11.


ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Standard: PKCS#11 v2.11	   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |MT-Safe  with   exceptions.  |
       |			     |See  section  6.5.2  of RSA  |
       |			     |PKCS#11 v2.11		   |
       +-----------------------------+-----------------------------+


SEE ALSO

       cryptoadm(1M), rctladm(1M), libpkcs11(3LIB), attributes(5), pkcs11_softtoken(5)

       RSA PKCS#11 v2.11 http://www.rsasecurity.com


NOTES

       Applications that have an open session to a PKCS#11 slot make the corresponding hardware provider driver not unloadable.  An  administrator
       must close the applications that have an PKCS#11 session open to the hardware provider to make the driver unloadable.

SunOS 5.10							    17 Nov 2004 						  pkcs11_kernel(5)
Related Man Pages
pkcs11_kernel(5) - opensolaris
libpkcs11(3lib) - redhat
libpkcs11(3lib) - centos
libpkcs11(3lib) - x11r4
pkcs11_kernel(5) - debian
Similar Topics in the Unix Linux Community
Configuring Sun Java System Messaging Server 6.3 and Solaris Cryptographic Framework
SoftHSM 1.0.0-RC1 (Default branch)
cloud computing on (HP hardware?)