Pkcs11Interop  4.0.0
Classes | Enumerations
Net.Pkcs11Interop.Common Namespace Reference

Components shared by all the LowLevelAPIs and HighLevelAPIs. More...

Classes

class  AttributeValueException
 Exception with the name of PKCS#11 attribute whose value could not be read or converted More...
 
class  CK
 General constants More...
 
class  CKF
 Bit flags More...
 
class  CKZ
 Salt/Encoding parameter sources More...
 
class  ConvertUtils
 Utility class that helps with data type conversions. More...
 
class  ElevatedPermissionsMissingException
 Exception indicating that Silverlight version of Pkcs11Interop is missing elevated trust More...
 
interface  IMechanismParams
 Interface for mechanism parameters More...
 
class  LibraryArchitectureException
 Exception indicating an attempt to load unmanaged PKCS#11 library designated for a different architecture More...
 
class  NativeMethods
 Imported native methods
 
class  Pkcs11Exception
 Exception with the name of PKCS#11 method that failed and its return value More...
 
class  Pkcs11Uri
 PKCS#11 URI parser More...
 
class  Pkcs11UriBuilder
 PKCS#11 URI builder More...
 
class  Pkcs11UriException
 Exception that indicates error in PKCS#11 URI parsing or building process More...
 
class  Pkcs11UriSharedUtils
 Utility class connecting PKCS#11 URI and Pkcs11Interop types
 
class  Pkcs11UriSpec
 Definitions from the PKCS#11 URI scheme specification
 
class  Platform
 Utility class for runtime platform detection More...
 
class  UnmanagedException
 Exception indicating that unmanaged function has returned error More...
 
class  UnmanagedLibrary
 Utility class that helps to manage unmanaged dynamic libraries More...
 
class  UnmanagedMemory
 Utility class that helps to manage unmanaged memory More...
 
class  UnsupportedPlatformException
 Exception indicating that Pkcs11Interop is being used on an unsupported platform More...
 

Enumerations

enum  AppType {
  AppType.MultiThreaded,
  AppType.SingleThreaded
}
 Type of application that will be using PKCS#11 library More...
 
enum  CKA : uint {
  CKA.CKA_CLASS = 0x00000000,
  CKA.CKA_TOKEN = 0x00000001,
  CKA.CKA_PRIVATE = 0x00000002,
  CKA.CKA_LABEL = 0x00000003,
  CKA.CKA_APPLICATION = 0x00000010,
  CKA.CKA_VALUE = 0x00000011,
  CKA.CKA_OBJECT_ID = 0x00000012,
  CKA.CKA_CERTIFICATE_TYPE = 0x00000080,
  CKA.CKA_ISSUER = 0x00000081,
  CKA.CKA_SERIAL_NUMBER = 0x00000082,
  CKA.CKA_AC_ISSUER = 0x00000083,
  CKA.CKA_OWNER = 0x00000084,
  CKA.CKA_ATTR_TYPES = 0x00000085,
  CKA.CKA_TRUSTED = 0x00000086,
  CKA.CKA_CERTIFICATE_CATEGORY = 0x00000087,
  CKA.CKA_JAVA_MIDP_SECURITY_DOMAIN = 0x00000088,
  CKA.CKA_URL = 0x00000089,
  CKA.CKA_HASH_OF_SUBJECT_PUBLIC_KEY = 0x0000008A,
  CKA.CKA_HASH_OF_ISSUER_PUBLIC_KEY = 0x0000008B,
  CKA.CKA_CHECK_VALUE = 0x00000090,
  CKA.CKA_KEY_TYPE = 0x00000100,
  CKA.CKA_SUBJECT = 0x00000101,
  CKA.CKA_ID = 0x00000102,
  CKA.CKA_SENSITIVE = 0x00000103,
  CKA.CKA_ENCRYPT = 0x00000104,
  CKA.CKA_DECRYPT = 0x00000105,
  CKA.CKA_WRAP = 0x00000106,
  CKA.CKA_UNWRAP = 0x00000107,
  CKA.CKA_SIGN = 0x00000108,
  CKA.CKA_SIGN_RECOVER = 0x00000109,
  CKA.CKA_VERIFY = 0x0000010A,
  CKA.CKA_VERIFY_RECOVER = 0x0000010B,
  CKA.CKA_DERIVE = 0x0000010C,
  CKA.CKA_START_DATE = 0x00000110,
  CKA.CKA_END_DATE = 0x00000111,
  CKA.CKA_MODULUS = 0x00000120,
  CKA.CKA_MODULUS_BITS = 0x00000121,
  CKA.CKA_PUBLIC_EXPONENT = 0x00000122,
  CKA.CKA_PRIVATE_EXPONENT = 0x00000123,
  CKA.CKA_PRIME_1 = 0x00000124,
  CKA.CKA_PRIME_2 = 0x00000125,
  CKA.CKA_EXPONENT_1 = 0x00000126,
  CKA.CKA_EXPONENT_2 = 0x00000127,
  CKA.CKA_COEFFICIENT = 0x00000128,
  CKA.CKA_PUBLIC_KEY_INFO = 0x00000129,
  CKA.CKA_PRIME = 0x00000130,
  CKA.CKA_SUBPRIME = 0x00000131,
  CKA.CKA_BASE = 0x00000132,
  CKA.CKA_PRIME_BITS = 0x00000133,
  CKA.CKA_SUBPRIME_BITS = 0x00000134,
  CKA.CKA_VALUE_BITS = 0x00000160,
  CKA.CKA_VALUE_LEN = 0x00000161,
  CKA.CKA_EXTRACTABLE = 0x00000162,
  CKA.CKA_LOCAL = 0x00000163,
  CKA.CKA_NEVER_EXTRACTABLE = 0x00000164,
  CKA.CKA_ALWAYS_SENSITIVE = 0x00000165,
  CKA.CKA_KEY_GEN_MECHANISM = 0x00000166,
  CKA.CKA_MODIFIABLE = 0x00000170,
  CKA.CKA_COPYABLE = 0x00000171,
  CKA.CKA_DESTROYABLE = 0x00000172,
  CKA.CKA_ECDSA_PARAMS = 0x00000180,
  CKA.CKA_EC_PARAMS = 0x00000180,
  CKA.CKA_EC_POINT = 0x00000181,
  CKA.CKA_SECONDARY_AUTH = 0x00000200,
  CKA.CKA_AUTH_PIN_FLAGS = 0x00000201,
  CKA.CKA_ALWAYS_AUTHENTICATE = 0x00000202,
  CKA.CKA_WRAP_WITH_TRUSTED = 0x00000210,
  CKA.CKA_WRAP_TEMPLATE = (CKF.CKF_ARRAY_ATTRIBUTE | 0x00000211),
  CKA.CKA_UNWRAP_TEMPLATE = (CKF.CKF_ARRAY_ATTRIBUTE | 0x00000212),
  CKA.CKA_DERIVE_TEMPLATE = (CKF.CKF_ARRAY_ATTRIBUTE | 0x00000213),
  CKA.CKA_OTP_FORMAT = 0x00000220,
  CKA.CKA_OTP_LENGTH = 0x00000221,
  CKA.CKA_OTP_TIME_INTERVAL = 0x00000222,
  CKA.CKA_OTP_USER_FRIENDLY_MODE = 0x00000223,
  CKA.CKA_OTP_CHALLENGE_REQUIREMENT = 0x00000224,
  CKA.CKA_OTP_TIME_REQUIREMENT = 0x00000225,
  CKA.CKA_OTP_COUNTER_REQUIREMENT = 0x00000226,
  CKA.CKA_OTP_PIN_REQUIREMENT = 0x00000227,
  CKA.CKA_OTP_COUNTER = 0x0000022E,
  CKA.CKA_OTP_TIME = 0x0000022F,
  CKA.CKA_OTP_USER_IDENTIFIER = 0x0000022A,
  CKA.CKA_OTP_SERVICE_IDENTIFIER = 0x0000022B,
  CKA.CKA_OTP_SERVICE_LOGO = 0x0000022C,
  CKA.CKA_OTP_SERVICE_LOGO_TYPE = 0x0000022D,
  CKA.CKA_GOSTR3410_PARAMS = 0x00000250,
  CKA.CKA_GOSTR3411_PARAMS = 0x00000251,
  CKA.CKA_GOST28147_PARAMS = 0x00000252,
  CKA.CKA_HW_FEATURE_TYPE = 0x00000300,
  CKA.CKA_RESET_ON_INIT = 0x00000301,
  CKA.CKA_HAS_RESET = 0x00000302,
  CKA.CKA_PIXEL_X = 0x00000400,
  CKA.CKA_PIXEL_Y = 0x00000401,
  CKA.CKA_RESOLUTION = 0x00000402,
  CKA.CKA_CHAR_ROWS = 0x00000403,
  CKA.CKA_CHAR_COLUMNS = 0x00000404,
  CKA.CKA_COLOR = 0x00000405,
  CKA.CKA_BITS_PER_PIXEL = 0x00000406,
  CKA.CKA_CHAR_SETS = 0x00000480,
  CKA.CKA_ENCODING_METHODS = 0x00000481,
  CKA.CKA_MIME_TYPES = 0x00000482,
  CKA.CKA_MECHANISM_TYPE = 0x00000500,
  CKA.CKA_REQUIRED_CMS_ATTRIBUTES = 0x00000501,
  CKA.CKA_DEFAULT_CMS_ATTRIBUTES = 0x00000502,
  CKA.CKA_SUPPORTED_CMS_ATTRIBUTES = 0x00000503,
  CKA.CKA_ALLOWED_MECHANISMS = (CKF.CKF_ARRAY_ATTRIBUTE | 0x00000600),
  CKA.CKA_VENDOR_DEFINED = 0x80000000
}
 Attributes More...
 
enum  CKC : uint {
  CKC.CKC_X_509 = 0x00000000,
  CKC.CKC_X_509_ATTR_CERT = 0x00000001,
  CKC.CKC_WTLS = 0x00000002,
  CKC.CKC_VENDOR_DEFINED = 0x80000000
}
 Certificate types More...
 
enum  CKD : uint {
  CKD.CKD_NULL = 0x00000001,
  CKD.CKD_SHA1_KDF = 0x00000002,
  CKD.CKD_SHA1_KDF_ASN1 = 0x00000003,
  CKD.CKD_SHA1_KDF_CONCATENATE = 0x00000004,
  CKD.CKD_SHA224_KDF = 0x00000005,
  CKD.CKD_SHA256_KDF = 0x00000006,
  CKD.CKD_SHA384_KDF = 0x00000007,
  CKD.CKD_SHA512_KDF = 0x00000008,
  CKD.CKD_CPDIVERSIFY_KDF = 0x00000009
}
 Key derivation functions More...
 
enum  CKG : uint {
  CKG.CKG_MGF1_SHA1 = 0x00000001,
  CKG.CKG_MGF1_SHA256 = 0x00000002,
  CKG.CKG_MGF1_SHA384 = 0x00000003,
  CKG.CKG_MGF1_SHA512 = 0x00000004,
  CKG.CKG_MGF1_SHA224 = 0x00000005
}
 Mask generation functions More...
 
enum  CKH : uint {
  CKH.CKH_MONOTONIC_COUNTER = 0x00000001,
  CKH.CKH_CLOCK = 0x00000002,
  CKH.CKH_USER_INTERFACE = 0x00000003,
  CKH.CKH_VENDOR_DEFINED = 0x80000000
}
 Hardware feature types More...
 
enum  CKK : uint {
  CKK.CKK_RSA = 0x00000000,
  CKK.CKK_DSA = 0x00000001,
  CKK.CKK_DH = 0x00000002,
  CKK.CKK_ECDSA = 0x00000003,
  CKK.CKK_EC = 0x00000003,
  CKK.CKK_X9_42_DH = 0x00000004,
  CKK.CKK_KEA = 0x00000005,
  CKK.CKK_GENERIC_SECRET = 0x00000010,
  CKK.CKK_RC2 = 0x00000011,
  CKK.CKK_RC4 = 0x00000012,
  CKK.CKK_DES = 0x00000013,
  CKK.CKK_DES2 = 0x00000014,
  CKK.CKK_DES3 = 0x00000015,
  CKK.CKK_CAST = 0x00000016,
  CKK.CKK_CAST3 = 0x00000017,
  CKK.CKK_CAST5 = 0x00000018,
  CKK.CKK_CAST128 = 0x00000018,
  CKK.CKK_RC5 = 0x00000019,
  CKK.CKK_IDEA = 0x0000001A,
  CKK.CKK_SKIPJACK = 0x0000001B,
  CKK.CKK_BATON = 0x0000001C,
  CKK.CKK_JUNIPER = 0x0000001D,
  CKK.CKK_CDMF = 0x0000001E,
  CKK.CKK_AES = 0x0000001F,
  CKK.CKK_BLOWFISH = 0x00000020,
  CKK.CKK_TWOFISH = 0x00000021,
  CKK.CKK_SECURID = 0x00000022,
  CKK.CKK_HOTP = 0x00000023,
  CKK.CKK_ACTI = 0x00000024,
  CKK.CKK_CAMELLIA = 0x00000025,
  CKK.CKK_ARIA = 0x00000026,
  CKK.CKK_MD5_HMAC = 0x00000027,
  CKK.CKK_SHA_1_HMAC = 0x00000028,
  CKK.CKK_RIPEMD128_HMAC = 0x00000029,
  CKK.CKK_RIPEMD160_HMAC = 0x0000002A,
  CKK.CKK_SHA256_HMAC = 0x0000002B,
  CKK.CKK_SHA384_HMAC = 0x0000002C,
  CKK.CKK_SHA512_HMAC = 0x0000002D,
  CKK.CKK_SHA224_HMAC = 0x0000002E,
  CKK.CKK_SEED = 0x0000002F,
  CKK.CKK_GOSTR3410 = 0x00000030,
  CKK.CKK_GOSTR3411 = 0x00000031,
  CKK.CKK_GOST28147 = 0x00000032,
  CKK.CKK_VENDOR_DEFINED = 0x80000000
}
 Key types More...
 
enum  CKM : uint {
  CKM.CKM_RSA_PKCS_KEY_PAIR_GEN = 0x00000000,
  CKM.CKM_RSA_PKCS = 0x00000001,
  CKM.CKM_RSA_9796 = 0x00000002,
  CKM.CKM_RSA_X_509 = 0x00000003,
  CKM.CKM_MD2_RSA_PKCS = 0x00000004,
  CKM.CKM_MD5_RSA_PKCS = 0x00000005,
  CKM.CKM_SHA1_RSA_PKCS = 0x00000006,
  CKM.CKM_RIPEMD128_RSA_PKCS = 0x00000007,
  CKM.CKM_RIPEMD160_RSA_PKCS = 0x00000008,
  CKM.CKM_RSA_PKCS_OAEP = 0x00000009,
  CKM.CKM_RSA_X9_31_KEY_PAIR_GEN = 0x0000000A,
  CKM.CKM_RSA_X9_31 = 0x0000000B,
  CKM.CKM_SHA1_RSA_X9_31 = 0x0000000C,
  CKM.CKM_RSA_PKCS_PSS = 0x0000000D,
  CKM.CKM_SHA1_RSA_PKCS_PSS = 0x0000000E,
  CKM.CKM_DSA_KEY_PAIR_GEN = 0x00000010,
  CKM.CKM_DSA = 0x00000011,
  CKM.CKM_DSA_SHA1 = 0x00000012,
  CKM.CKM_DSA_SHA224 = 0x00000013,
  CKM.CKM_DSA_SHA256 = 0x00000014,
  CKM.CKM_DSA_SHA384 = 0x00000015,
  CKM.CKM_DSA_SHA512 = 0x00000016,
  CKM.CKM_DH_PKCS_KEY_PAIR_GEN = 0x00000020,
  CKM.CKM_DH_PKCS_DERIVE = 0x00000021,
  CKM.CKM_X9_42_DH_KEY_PAIR_GEN = 0x00000030,
  CKM.CKM_X9_42_DH_DERIVE = 0x00000031,
  CKM.CKM_X9_42_DH_HYBRID_DERIVE = 0x00000032,
  CKM.CKM_X9_42_MQV_DERIVE = 0x00000033,
  CKM.CKM_SHA256_RSA_PKCS = 0x00000040,
  CKM.CKM_SHA384_RSA_PKCS = 0x00000041,
  CKM.CKM_SHA512_RSA_PKCS = 0x00000042,
  CKM.CKM_SHA256_RSA_PKCS_PSS = 0x00000043,
  CKM.CKM_SHA384_RSA_PKCS_PSS = 0x00000044,
  CKM.CKM_SHA512_RSA_PKCS_PSS = 0x00000045,
  CKM.CKM_SHA224_RSA_PKCS = 0x00000046,
  CKM.CKM_SHA224_RSA_PKCS_PSS = 0x00000047,
  CKM.CKM_SHA512_224 = 0x00000048,
  CKM.CKM_SHA512_224_HMAC = 0x00000049,
  CKM.CKM_SHA512_224_HMAC_GENERAL = 0x0000004A,
  CKM.CKM_SHA512_224_KEY_DERIVATION = 0x0000004B,
  CKM.CKM_SHA512_256 = 0x0000004C,
  CKM.CKM_SHA512_256_HMAC = 0x0000004D,
  CKM.CKM_SHA512_256_HMAC_GENERAL = 0x0000004E,
  CKM.CKM_SHA512_256_KEY_DERIVATION = 0x0000004F,
  CKM.CKM_SHA512_T = 0x00000050,
  CKM.CKM_SHA512_T_HMAC = 0x00000051,
  CKM.CKM_SHA512_T_HMAC_GENERAL = 0x00000052,
  CKM.CKM_SHA512_T_KEY_DERIVATION = 0x00000053,
  CKM.CKM_RC2_KEY_GEN = 0x00000100,
  CKM.CKM_RC2_ECB = 0x00000101,
  CKM.CKM_RC2_CBC = 0x00000102,
  CKM.CKM_RC2_MAC = 0x00000103,
  CKM.CKM_RC2_MAC_GENERAL = 0x00000104,
  CKM.CKM_RC2_CBC_PAD = 0x00000105,
  CKM.CKM_RC4_KEY_GEN = 0x00000110,
  CKM.CKM_RC4 = 0x00000111,
  CKM.CKM_DES_KEY_GEN = 0x00000120,
  CKM.CKM_DES_ECB = 0x00000121,
  CKM.CKM_DES_CBC = 0x00000122,
  CKM.CKM_DES_MAC = 0x00000123,
  CKM.CKM_DES_MAC_GENERAL = 0x00000124,
  CKM.CKM_DES_CBC_PAD = 0x00000125,
  CKM.CKM_DES2_KEY_GEN = 0x00000130,
  CKM.CKM_DES3_KEY_GEN = 0x00000131,
  CKM.CKM_DES3_ECB = 0x00000132,
  CKM.CKM_DES3_CBC = 0x00000133,
  CKM.CKM_DES3_MAC = 0x00000134,
  CKM.CKM_DES3_MAC_GENERAL = 0x00000135,
  CKM.CKM_DES3_CBC_PAD = 0x00000136,
  CKM.CKM_DES3_CMAC_GENERAL = 0x00000137,
  CKM.CKM_DES3_CMAC = 0x00000138,
  CKM.CKM_CDMF_KEY_GEN = 0x00000140,
  CKM.CKM_CDMF_ECB = 0x00000141,
  CKM.CKM_CDMF_CBC = 0x00000142,
  CKM.CKM_CDMF_MAC = 0x00000143,
  CKM.CKM_CDMF_MAC_GENERAL = 0x00000144,
  CKM.CKM_CDMF_CBC_PAD = 0x00000145,
  CKM.CKM_DES_OFB64 = 0x00000150,
  CKM.CKM_DES_OFB8 = 0x00000151,
  CKM.CKM_DES_CFB64 = 0x00000152,
  CKM.CKM_DES_CFB8 = 0x00000153,
  CKM.CKM_MD2 = 0x00000200,
  CKM.CKM_MD2_HMAC = 0x00000201,
  CKM.CKM_MD2_HMAC_GENERAL = 0x00000202,
  CKM.CKM_MD5 = 0x00000210,
  CKM.CKM_MD5_HMAC = 0x00000211,
  CKM.CKM_MD5_HMAC_GENERAL = 0x00000212,
  CKM.CKM_SHA_1 = 0x00000220,
  CKM.CKM_SHA_1_HMAC = 0x00000221,
  CKM.CKM_SHA_1_HMAC_GENERAL = 0x00000222,
  CKM.CKM_RIPEMD128 = 0x00000230,
  CKM.CKM_RIPEMD128_HMAC = 0x00000231,
  CKM.CKM_RIPEMD128_HMAC_GENERAL = 0x00000232,
  CKM.CKM_RIPEMD160 = 0x00000240,
  CKM.CKM_RIPEMD160_HMAC = 0x00000241,
  CKM.CKM_RIPEMD160_HMAC_GENERAL = 0x00000242,
  CKM.CKM_SHA256 = 0x00000250,
  CKM.CKM_SHA256_HMAC = 0x00000251,
  CKM.CKM_SHA256_HMAC_GENERAL = 0x00000252,
  CKM.CKM_SHA224 = 0x00000255,
  CKM.CKM_SHA224_HMAC = 0x00000256,
  CKM.CKM_SHA224_HMAC_GENERAL = 0x00000257,
  CKM.CKM_SHA384 = 0x00000260,
  CKM.CKM_SHA384_HMAC = 0x00000261,
  CKM.CKM_SHA384_HMAC_GENERAL = 0x00000262,
  CKM.CKM_SHA512 = 0x00000270,
  CKM.CKM_SHA512_HMAC = 0x00000271,
  CKM.CKM_SHA512_HMAC_GENERAL = 0x00000272,
  CKM.CKM_SECURID_KEY_GEN = 0x00000280,
  CKM.CKM_SECURID = 0x00000282,
  CKM.CKM_HOTP_KEY_GEN = 0x00000290,
  CKM.CKM_HOTP = 0x00000291,
  CKM.CKM_ACTI = 0x000002A0,
  CKM.CKM_ACTI_KEY_GEN = 0x000002A1,
  CKM.CKM_CAST_KEY_GEN = 0x00000300,
  CKM.CKM_CAST_ECB = 0x00000301,
  CKM.CKM_CAST_CBC = 0x00000302,
  CKM.CKM_CAST_MAC = 0x00000303,
  CKM.CKM_CAST_MAC_GENERAL = 0x00000304,
  CKM.CKM_CAST_CBC_PAD = 0x00000305,
  CKM.CKM_CAST3_KEY_GEN = 0x00000310,
  CKM.CKM_CAST3_ECB = 0x00000311,
  CKM.CKM_CAST3_CBC = 0x00000312,
  CKM.CKM_CAST3_MAC = 0x00000313,
  CKM.CKM_CAST3_MAC_GENERAL = 0x00000314,
  CKM.CKM_CAST3_CBC_PAD = 0x00000315,
  CKM.CKM_CAST5_KEY_GEN = 0x00000320,
  CKM.CKM_CAST128_KEY_GEN = 0x00000320,
  CKM.CKM_CAST5_ECB = 0x00000321,
  CKM.CKM_CAST128_ECB = 0x00000321,
  CKM.CKM_CAST5_CBC = 0x00000322,
  CKM.CKM_CAST128_CBC = 0x00000322,
  CKM.CKM_CAST5_MAC = 0x00000323,
  CKM.CKM_CAST128_MAC = 0x00000323,
  CKM.CKM_CAST5_MAC_GENERAL = 0x00000324,
  CKM.CKM_CAST128_MAC_GENERAL = 0x00000324,
  CKM.CKM_CAST5_CBC_PAD = 0x00000325,
  CKM.CKM_CAST128_CBC_PAD = 0x00000325,
  CKM.CKM_RC5_KEY_GEN = 0x00000330,
  CKM.CKM_RC5_ECB = 0x00000331,
  CKM.CKM_RC5_CBC = 0x00000332,
  CKM.CKM_RC5_MAC = 0x00000333,
  CKM.CKM_RC5_MAC_GENERAL = 0x00000334,
  CKM.CKM_RC5_CBC_PAD = 0x00000335,
  CKM.CKM_IDEA_KEY_GEN = 0x00000340,
  CKM.CKM_IDEA_ECB = 0x00000341,
  CKM.CKM_IDEA_CBC = 0x00000342,
  CKM.CKM_IDEA_MAC = 0x00000343,
  CKM.CKM_IDEA_MAC_GENERAL = 0x00000344,
  CKM.CKM_IDEA_CBC_PAD = 0x00000345,
  CKM.CKM_GENERIC_SECRET_KEY_GEN = 0x00000350,
  CKM.CKM_CONCATENATE_BASE_AND_KEY = 0x00000360,
  CKM.CKM_CONCATENATE_BASE_AND_DATA = 0x00000362,
  CKM.CKM_CONCATENATE_DATA_AND_BASE = 0x00000363,
  CKM.CKM_XOR_BASE_AND_DATA = 0x00000364,
  CKM.CKM_EXTRACT_KEY_FROM_KEY = 0x00000365,
  CKM.CKM_SSL3_PRE_MASTER_KEY_GEN = 0x00000370,
  CKM.CKM_SSL3_MASTER_KEY_DERIVE = 0x00000371,
  CKM.CKM_SSL3_KEY_AND_MAC_DERIVE = 0x00000372,
  CKM.CKM_SSL3_MASTER_KEY_DERIVE_DH = 0x00000373,
  CKM.CKM_TLS_PRE_MASTER_KEY_GEN = 0x00000374,
  CKM.CKM_TLS_MASTER_KEY_DERIVE = 0x00000375,
  CKM.CKM_TLS_KEY_AND_MAC_DERIVE = 0x00000376,
  CKM.CKM_TLS_MASTER_KEY_DERIVE_DH = 0x00000377,
  CKM.CKM_TLS_PRF = 0x00000378,
  CKM.CKM_SSL3_MD5_MAC = 0x00000380,
  CKM.CKM_SSL3_SHA1_MAC = 0x00000381,
  CKM.CKM_MD5_KEY_DERIVATION = 0x00000390,
  CKM.CKM_MD2_KEY_DERIVATION = 0x00000391,
  CKM.CKM_SHA1_KEY_DERIVATION = 0x00000392,
  CKM.CKM_SHA256_KEY_DERIVATION = 0x00000393,
  CKM.CKM_SHA384_KEY_DERIVATION = 0x00000394,
  CKM.CKM_SHA512_KEY_DERIVATION = 0x00000395,
  CKM.CKM_SHA224_KEY_DERIVATION = 0x00000396,
  CKM.CKM_PBE_MD2_DES_CBC = 0x000003A0,
  CKM.CKM_PBE_MD5_DES_CBC = 0x000003A1,
  CKM.CKM_PBE_MD5_CAST_CBC = 0x000003A2,
  CKM.CKM_PBE_MD5_CAST3_CBC = 0x000003A3,
  CKM.CKM_PBE_MD5_CAST5_CBC = 0x000003A4,
  CKM.CKM_PBE_MD5_CAST128_CBC = 0x000003A4,
  CKM.CKM_PBE_SHA1_CAST5_CBC = 0x000003A5,
  CKM.CKM_PBE_SHA1_CAST128_CBC = 0x000003A5,
  CKM.CKM_PBE_SHA1_RC4_128 = 0x000003A6,
  CKM.CKM_PBE_SHA1_RC4_40 = 0x000003A7,
  CKM.CKM_PBE_SHA1_DES3_EDE_CBC = 0x000003A8,
  CKM.CKM_PBE_SHA1_DES2_EDE_CBC = 0x000003A9,
  CKM.CKM_PBE_SHA1_RC2_128_CBC = 0x000003AA,
  CKM.CKM_PBE_SHA1_RC2_40_CBC = 0x000003AB,
  CKM.CKM_PKCS5_PBKD2 = 0x000003B0,
  CKM.CKM_PBA_SHA1_WITH_SHA1_HMAC = 0x000003C0,
  CKM.CKM_WTLS_PRE_MASTER_KEY_GEN = 0x000003D0,
  CKM.CKM_WTLS_MASTER_KEY_DERIVE = 0x000003D1,
  CKM.CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC = 0x000003D2,
  CKM.CKM_WTLS_PRF = 0x000003D3,
  CKM.CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE = 0x000003D4,
  CKM.CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE = 0x000003D5,
  CKM.CKM_TLS10_MAC_SERVER = 0x000003D6,
  CKM.CKM_TLS10_MAC_CLIENT = 0x000003D7,
  CKM.CKM_TLS12_MAC = 0x000003D8,
  CKM.CKM_TLS12_KDF = 0x000003D9,
  CKM.CKM_TLS12_MASTER_KEY_DERIVE = 0x000003E0,
  CKM.CKM_TLS12_KEY_AND_MAC_DERIVE = 0x000003E1,
  CKM.CKM_TLS12_MASTER_KEY_DERIVE_DH = 0x000003E2,
  CKM.CKM_TLS12_KEY_SAFE_DERIVE = 0x000003E3,
  CKM.CKM_TLS_MAC = 0x000003E4,
  CKM.CKM_TLS_KDF = 0x000003E5,
  CKM.CKM_KEY_WRAP_LYNKS = 0x00000400,
  CKM.CKM_KEY_WRAP_SET_OAEP = 0x00000401,
  CKM.CKM_CMS_SIG = 0x00000500,
  CKM.CKM_KIP_DERIVE = 0x00000510,
  CKM.CKM_KIP_WRAP = 0x00000511,
  CKM.CKM_KIP_MAC = 0x00000512,
  CKM.CKM_CAMELLIA_KEY_GEN = 0x00000550,
  CKM.CKM_CAMELLIA_ECB = 0x00000551,
  CKM.CKM_CAMELLIA_CBC = 0x00000552,
  CKM.CKM_CAMELLIA_MAC = 0x00000553,
  CKM.CKM_CAMELLIA_MAC_GENERAL = 0x00000554,
  CKM.CKM_CAMELLIA_CBC_PAD = 0x00000555,
  CKM.CKM_CAMELLIA_ECB_ENCRYPT_DATA = 0x00000556,
  CKM.CKM_CAMELLIA_CBC_ENCRYPT_DATA = 0x00000557,
  CKM.CKM_CAMELLIA_CTR = 0x00000558,
  CKM.CKM_ARIA_KEY_GEN = 0x00000560,
  CKM.CKM_ARIA_ECB = 0x00000561,
  CKM.CKM_ARIA_CBC = 0x00000562,
  CKM.CKM_ARIA_MAC = 0x00000563,
  CKM.CKM_ARIA_MAC_GENERAL = 0x00000564,
  CKM.CKM_ARIA_CBC_PAD = 0x00000565,
  CKM.CKM_ARIA_ECB_ENCRYPT_DATA = 0x00000566,
  CKM.CKM_ARIA_CBC_ENCRYPT_DATA = 0x00000567,
  CKM.CKM_SEED_KEY_GEN = 0x00000650,
  CKM.CKM_SEED_ECB = 0x00000651,
  CKM.CKM_SEED_CBC = 0x00000652,
  CKM.CKM_SEED_MAC = 0x00000653,
  CKM.CKM_SEED_MAC_GENERAL = 0x00000654,
  CKM.CKM_SEED_CBC_PAD = 0x00000655,
  CKM.CKM_SEED_ECB_ENCRYPT_DATA = 0x00000656,
  CKM.CKM_SEED_CBC_ENCRYPT_DATA = 0x00000657,
  CKM.CKM_SKIPJACK_KEY_GEN = 0x00001000,
  CKM.CKM_SKIPJACK_ECB64 = 0x00001001,
  CKM.CKM_SKIPJACK_CBC64 = 0x00001002,
  CKM.CKM_SKIPJACK_OFB64 = 0x00001003,
  CKM.CKM_SKIPJACK_CFB64 = 0x00001004,
  CKM.CKM_SKIPJACK_CFB32 = 0x00001005,
  CKM.CKM_SKIPJACK_CFB16 = 0x00001006,
  CKM.CKM_SKIPJACK_CFB8 = 0x00001007,
  CKM.CKM_SKIPJACK_WRAP = 0x00001008,
  CKM.CKM_SKIPJACK_PRIVATE_WRAP = 0x00001009,
  CKM.CKM_SKIPJACK_RELAYX = 0x0000100a,
  CKM.CKM_KEA_KEY_PAIR_GEN = 0x00001010,
  CKM.CKM_KEA_KEY_DERIVE = 0x00001011,
  CKM.CKM_KEA_DERIVE = 0x00001012,
  CKM.CKM_FORTEZZA_TIMESTAMP = 0x00001020,
  CKM.CKM_BATON_KEY_GEN = 0x00001030,
  CKM.CKM_BATON_ECB128 = 0x00001031,
  CKM.CKM_BATON_ECB96 = 0x00001032,
  CKM.CKM_BATON_CBC128 = 0x00001033,
  CKM.CKM_BATON_COUNTER = 0x00001034,
  CKM.CKM_BATON_SHUFFLE = 0x00001035,
  CKM.CKM_BATON_WRAP = 0x00001036,
  CKM.CKM_ECDSA_KEY_PAIR_GEN = 0x00001040,
  CKM.CKM_EC_KEY_PAIR_GEN = 0x00001040,
  CKM.CKM_ECDSA = 0x00001041,
  CKM.CKM_ECDSA_SHA1 = 0x00001042,
  CKM.CKM_ECDSA_SHA224 = 0x00001043,
  CKM.CKM_ECDSA_SHA256 = 0x00001044,
  CKM.CKM_ECDSA_SHA384 = 0x00001045,
  CKM.CKM_ECDSA_SHA512 = 0x00001046,
  CKM.CKM_ECDH1_DERIVE = 0x00001050,
  CKM.CKM_ECDH1_COFACTOR_DERIVE = 0x00001051,
  CKM.CKM_ECMQV_DERIVE = 0x00001052,
  CKM.CKM_ECDH_AES_KEY_WRAP = 0x00001053,
  CKM.CKM_RSA_AES_KEY_WRAP = 0x00001054,
  CKM.CKM_JUNIPER_KEY_GEN = 0x00001060,
  CKM.CKM_JUNIPER_ECB128 = 0x00001061,
  CKM.CKM_JUNIPER_CBC128 = 0x00001062,
  CKM.CKM_JUNIPER_COUNTER = 0x00001063,
  CKM.CKM_JUNIPER_SHUFFLE = 0x00001064,
  CKM.CKM_JUNIPER_WRAP = 0x00001065,
  CKM.CKM_FASTHASH = 0x00001070,
  CKM.CKM_AES_KEY_GEN = 0x00001080,
  CKM.CKM_AES_ECB = 0x00001081,
  CKM.CKM_AES_CBC = 0x00001082,
  CKM.CKM_AES_MAC = 0x00001083,
  CKM.CKM_AES_MAC_GENERAL = 0x00001084,
  CKM.CKM_AES_CBC_PAD = 0x00001085,
  CKM.CKM_AES_CTR = 0x00001086,
  CKM.CKM_AES_GCM = 0x00001087,
  CKM.CKM_AES_CCM = 0x00001088,
  CKM.CKM_AES_CTS = 0x00001089,
  CKM.CKM_AES_CMAC = 0x0000108A,
  CKM.CKM_AES_CMAC_GENERAL = 0x0000108B,
  CKM.CKM_AES_XCBC_MAC = 0x0000108C,
  CKM.CKM_AES_XCBC_MAC_96 = 0x0000108D,
  CKM.CKM_AES_GMAC = 0x0000108E,
  CKM.CKM_BLOWFISH_KEY_GEN = 0x00001090,
  CKM.CKM_BLOWFISH_CBC = 0x00001091,
  CKM.CKM_TWOFISH_KEY_GEN = 0x00001092,
  CKM.CKM_TWOFISH_CBC = 0x00001093,
  CKM.CKM_BLOWFISH_CBC_PAD = 0x00001094,
  CKM.CKM_TWOFISH_CBC_PAD = 0x00001095,
  CKM.CKM_DES_ECB_ENCRYPT_DATA = 0x00001100,
  CKM.CKM_DES_CBC_ENCRYPT_DATA = 0x00001101,
  CKM.CKM_DES3_ECB_ENCRYPT_DATA = 0x00001102,
  CKM.CKM_DES3_CBC_ENCRYPT_DATA = 0x00001103,
  CKM.CKM_AES_ECB_ENCRYPT_DATA = 0x00001104,
  CKM.CKM_AES_CBC_ENCRYPT_DATA = 0x00001105,
  CKM.CKM_GOSTR3410_KEY_PAIR_GEN = 0x00001200,
  CKM.CKM_GOSTR3410 = 0x00001201,
  CKM.CKM_GOSTR3410_WITH_GOSTR3411 = 0x00001202,
  CKM.CKM_GOSTR3410_KEY_WRAP = 0x00001203,
  CKM.CKM_GOSTR3410_DERIVE = 0x00001204,
  CKM.CKM_GOSTR3411 = 0x00001210,
  CKM.CKM_GOSTR3411_HMAC = 0x00001211,
  CKM.CKM_GOST28147_KEY_GEN = 0x00001220,
  CKM.CKM_GOST28147_ECB = 0x00001221,
  CKM.CKM_GOST28147 = 0x00001222,
  CKM.CKM_GOST28147_MAC = 0x00001223,
  CKM.CKM_GOST28147_KEY_WRAP = 0x00001224,
  CKM.CKM_DSA_PARAMETER_GEN = 0x00002000,
  CKM.CKM_DH_PKCS_PARAMETER_GEN = 0x00002001,
  CKM.CKM_X9_42_DH_PARAMETER_GEN = 0x00002002,
  CKM.CKM_DSA_PROBABLISTIC_PARAMETER_GEN = 0x00002003,
  CKM.CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN = 0x00002004,
  CKM.CKM_AES_OFB = 0x00002104,
  CKM.CKM_AES_CFB64 = 0x00002105,
  CKM.CKM_AES_CFB8 = 0x00002106,
  CKM.CKM_AES_CFB128 = 0x00002107,
  CKM.CKM_AES_CFB1 = 0x00002108,
  CKM.CKM_AES_KEY_WRAP = 0x00002109,
  CKM.CKM_AES_KEY_WRAP_PAD = 0x0000210A,
  CKM.CKM_RSA_PKCS_TPM_1_1 = 0x00004001,
  CKM.CKM_RSA_PKCS_OAEP_TPM_1_1 = 0x00004002,
  CKM.CKM_VENDOR_DEFINED = 0x80000000
}
 Mechanism type More...
 
enum  CKN : uint {
  CKN.CKN_SURRENDER = 0,
  CKN.CKN_OTP_CHANGED = 1
}
 Notifications More...
 
enum  CKO : uint {
  CKO.CKO_DATA = 0x00000000,
  CKO.CKO_CERTIFICATE = 0x00000001,
  CKO.CKO_PUBLIC_KEY = 0x00000002,
  CKO.CKO_PRIVATE_KEY = 0x00000003,
  CKO.CKO_SECRET_KEY = 0x00000004,
  CKO.CKO_HW_FEATURE = 0x00000005,
  CKO.CKO_DOMAIN_PARAMETERS = 0x00000006,
  CKO.CKO_MECHANISM = 0x00000007,
  CKO.CKO_OTP_KEY = 0x00000008,
  CKO.CKO_VENDOR_DEFINED = 0x80000000
}
 Object class More...
 
enum  CKP : uint {
  CKP.CKP_PKCS5_PBKD2_HMAC_SHA1 = 0x00000001,
  CKP.CKP_PKCS5_PBKD2_HMAC_GOSTR3411 = 0x00000002,
  CKP.CKP_PKCS5_PBKD2_HMAC_SHA224 = 0x00000003,
  CKP.CKP_PKCS5_PBKD2_HMAC_SHA256 = 0x00000004,
  CKP.CKP_PKCS5_PBKD2_HMAC_SHA384 = 0x00000005,
  CKP.CKP_PKCS5_PBKD2_HMAC_SHA512 = 0x00000006,
  CKP.CKP_PKCS5_PBKD2_HMAC_SHA512_224 = 0x00000007,
  CKP.CKP_PKCS5_PBKD2_HMAC_SHA512_256 = 0x00000008
}
 Pseudo-random functions More...
 
enum  CKR : uint {
  CKR.CKR_OK = 0x00000000,
  CKR.CKR_CANCEL = 0x00000001,
  CKR.CKR_HOST_MEMORY = 0x00000002,
  CKR.CKR_SLOT_ID_INVALID = 0x00000003,
  CKR.CKR_GENERAL_ERROR = 0x00000005,
  CKR.CKR_FUNCTION_FAILED = 0x00000006,
  CKR.CKR_ARGUMENTS_BAD = 0x00000007,
  CKR.CKR_NO_EVENT = 0x00000008,
  CKR.CKR_NEED_TO_CREATE_THREADS = 0x00000009,
  CKR.CKR_CANT_LOCK = 0x0000000A,
  CKR.CKR_ATTRIBUTE_READ_ONLY = 0x00000010,
  CKR.CKR_ATTRIBUTE_SENSITIVE = 0x00000011,
  CKR.CKR_ATTRIBUTE_TYPE_INVALID = 0x00000012,
  CKR.CKR_ATTRIBUTE_VALUE_INVALID = 0x00000013,
  CKR.CKR_ACTION_PROHIBITED = 0x0000001B,
  CKR.CKR_DATA_INVALID = 0x00000020,
  CKR.CKR_DATA_LEN_RANGE = 0x00000021,
  CKR.CKR_DEVICE_ERROR = 0x00000030,
  CKR.CKR_DEVICE_MEMORY = 0x00000031,
  CKR.CKR_DEVICE_REMOVED = 0x00000032,
  CKR.CKR_ENCRYPTED_DATA_INVALID = 0x00000040,
  CKR.CKR_ENCRYPTED_DATA_LEN_RANGE = 0x00000041,
  CKR.CKR_FUNCTION_CANCELED = 0x00000050,
  CKR.CKR_FUNCTION_NOT_PARALLEL = 0x00000051,
  CKR.CKR_FUNCTION_NOT_SUPPORTED = 0x00000054,
  CKR.CKR_KEY_HANDLE_INVALID = 0x00000060,
  CKR.CKR_KEY_SIZE_RANGE = 0x00000062,
  CKR.CKR_KEY_TYPE_INCONSISTENT = 0x00000063,
  CKR.CKR_KEY_NOT_NEEDED = 0x00000064,
  CKR.CKR_KEY_CHANGED = 0x00000065,
  CKR.CKR_KEY_NEEDED = 0x00000066,
  CKR.CKR_KEY_INDIGESTIBLE = 0x00000067,
  CKR.CKR_KEY_FUNCTION_NOT_PERMITTED = 0x00000068,
  CKR.CKR_KEY_NOT_WRAPPABLE = 0x00000069,
  CKR.CKR_KEY_UNEXTRACTABLE = 0x0000006A,
  CKR.CKR_MECHANISM_INVALID = 0x00000070,
  CKR.CKR_MECHANISM_PARAM_INVALID = 0x00000071,
  CKR.CKR_OBJECT_HANDLE_INVALID = 0x00000082,
  CKR.CKR_OPERATION_ACTIVE = 0x00000090,
  CKR.CKR_OPERATION_NOT_INITIALIZED = 0x00000091,
  CKR.CKR_PIN_INCORRECT = 0x000000A0,
  CKR.CKR_PIN_INVALID = 0x000000A1,
  CKR.CKR_PIN_LEN_RANGE = 0x000000A2,
  CKR.CKR_PIN_EXPIRED = 0x000000A3,
  CKR.CKR_PIN_LOCKED = 0x000000A4,
  CKR.CKR_SESSION_CLOSED = 0x000000B0,
  CKR.CKR_SESSION_COUNT = 0x000000B1,
  CKR.CKR_SESSION_HANDLE_INVALID = 0x000000B3,
  CKR.CKR_SESSION_PARALLEL_NOT_SUPPORTED = 0x000000B4,
  CKR.CKR_SESSION_READ_ONLY = 0x000000B5,
  CKR.CKR_SESSION_EXISTS = 0x000000B6,
  CKR.CKR_SESSION_READ_ONLY_EXISTS = 0x000000B7,
  CKR.CKR_SESSION_READ_WRITE_SO_EXISTS = 0x000000B8,
  CKR.CKR_SIGNATURE_INVALID = 0x000000C0,
  CKR.CKR_SIGNATURE_LEN_RANGE = 0x000000C1,
  CKR.CKR_TEMPLATE_INCOMPLETE = 0x000000D0,
  CKR.CKR_TEMPLATE_INCONSISTENT = 0x000000D1,
  CKR.CKR_TOKEN_NOT_PRESENT = 0x000000E0,
  CKR.CKR_TOKEN_NOT_RECOGNIZED = 0x000000E1,
  CKR.CKR_TOKEN_WRITE_PROTECTED = 0x000000E2,
  CKR.CKR_UNWRAPPING_KEY_HANDLE_INVALID = 0x000000F0,
  CKR.CKR_UNWRAPPING_KEY_SIZE_RANGE = 0x000000F1,
  CKR.CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT = 0x000000F2,
  CKR.CKR_USER_ALREADY_LOGGED_IN = 0x00000100,
  CKR.CKR_USER_NOT_LOGGED_IN = 0x00000101,
  CKR.CKR_USER_PIN_NOT_INITIALIZED = 0x00000102,
  CKR.CKR_USER_TYPE_INVALID = 0x00000103,
  CKR.CKR_USER_ANOTHER_ALREADY_LOGGED_IN = 0x00000104,
  CKR.CKR_USER_TOO_MANY_TYPES = 0x00000105,
  CKR.CKR_WRAPPED_KEY_INVALID = 0x00000110,
  CKR.CKR_WRAPPED_KEY_LEN_RANGE = 0x00000112,
  CKR.CKR_WRAPPING_KEY_HANDLE_INVALID = 0x00000113,
  CKR.CKR_WRAPPING_KEY_SIZE_RANGE = 0x00000114,
  CKR.CKR_WRAPPING_KEY_TYPE_INCONSISTENT = 0x00000115,
  CKR.CKR_RANDOM_SEED_NOT_SUPPORTED = 0x00000120,
  CKR.CKR_RANDOM_NO_RNG = 0x00000121,
  CKR.CKR_DOMAIN_PARAMS_INVALID = 0x00000130,
  CKR.CKR_CURVE_NOT_SUPPORTED = 0x00000140,
  CKR.CKR_BUFFER_TOO_SMALL = 0x00000150,
  CKR.CKR_SAVED_STATE_INVALID = 0x00000160,
  CKR.CKR_INFORMATION_SENSITIVE = 0x00000170,
  CKR.CKR_STATE_UNSAVEABLE = 0x00000180,
  CKR.CKR_CRYPTOKI_NOT_INITIALIZED = 0x00000190,
  CKR.CKR_CRYPTOKI_ALREADY_INITIALIZED = 0x00000191,
  CKR.CKR_MUTEX_BAD = 0x000001A0,
  CKR.CKR_MUTEX_NOT_LOCKED = 0x000001A1,
  CKR.CKR_NEW_PIN_MODE = 0x000001B0,
  CKR.CKR_NEXT_OTP = 0x000001B1,
  CKR.CKR_EXCEEDED_MAX_ITERATIONS = 0x000001B5,
  CKR.CKR_FIPS_SELF_TEST_FAILED = 0x000001B6,
  CKR.CKR_LIBRARY_LOAD_FAILED = 0x000001B7,
  CKR.CKR_PIN_TOO_WEAK = 0x000001B8,
  CKR.CKR_PUBLIC_KEY_INVALID = 0x000001B9,
  CKR.CKR_FUNCTION_REJECTED = 0x00000200,
  CKR.CKR_VENDOR_DEFINED = 0x80000000
}
 Return values More...
 
enum  CKS : uint {
  CKS.CKS_RO_PUBLIC_SESSION = 0,
  CKS.CKS_RO_USER_FUNCTIONS = 1,
  CKS.CKS_RW_PUBLIC_SESSION = 2,
  CKS.CKS_RW_USER_FUNCTIONS = 3,
  CKS.CKS_RW_SO_FUNCTIONS = 4
}
 Session States More...
 
enum  CKU : uint {
  CKU.CKU_SO = 0,
  CKU.CKU_USER = 1,
  CKU.CKU_CONTEXT_SPECIFIC = 2
}
 Types of Cryptoki users More...
 
enum  InitType {
  InitType.WithFunctionList,
  InitType.WithoutFunctionList
}
 Source of PKCS#11 function pointers More...
 
enum  SessionType {
  SessionType.ReadOnly,
  SessionType.ReadWrite
}
 Type of session More...
 
enum  SlotsType {
  SlotsType.WithTokenPresent,
  SlotsType.WithOrWithoutTokenPresent
}
 Type of slots to be obtained by PKCS#11 library More...
 
enum  WaitType {
  WaitType.Blocking,
  WaitType.NonBlocking
}
 Type of waiting for a slot event More...
 

Detailed Description

Components shared by all the LowLevelAPIs and HighLevelAPIs.

Enumeration Type Documentation

Type of application that will be using PKCS#11 library

Enumerator
MultiThreaded 

Recommended option: PKCS#11 library will be used from multi-threaded application and needs to perform locking with native OS threading model (CKF_OS_LOCKING_OK)

SingleThreaded 

PKCS#11 library will be used from single-threaded application and does not need to perform any kind of locking

enum Net.Pkcs11Interop.Common.CKA : uint
strong

Attributes

Enumerator
CKA_CLASS 

Object class (type) [CKO/uint]

CKA_TOKEN 

True if object is a token object; false if object is a session object [bool]

CKA_PRIVATE 

True if object is a private object; false if object is a public object. [bool]

CKA_LABEL 

Description of the object [string]

CKA_APPLICATION 

Description of the application that manages the object [string]

CKA_VALUE 

Value of the object [byte array]

CKA_OBJECT_ID 

DER-encoding of the object identifier indicating the data object type [byte array]

CKA_CERTIFICATE_TYPE 

Type of certificate [CKC/uint]

CKA_ISSUER 

DER-encoding of the certificate issuer name [byte array]

CKA_SERIAL_NUMBER 

DER-encoding of the certificate serial number [byte array]

CKA_AC_ISSUER 

DER-encoding of the attribute certificate's issuer field. [byte array]

CKA_OWNER 

DER-encoding of the attribute certificate's subject field. [byte array]

CKA_ATTR_TYPES 

BER-encoding of a sequence of object identifier values corresponding to the attribute types contained in the certificate. [byte array]

CKA_TRUSTED 

The certificate can be trusted for the application that it was created. [bool]

CKA_CERTIFICATE_CATEGORY 

Categorization of the certificate [uint]

CKA_JAVA_MIDP_SECURITY_DOMAIN 

Java MIDP security domain [uint]

CKA_URL 

If not empty this attribute gives the URL where the complete certificate can be obtained [string]

CKA_HASH_OF_SUBJECT_PUBLIC_KEY 

SHA-1 hash of the subject public key [byte array]

CKA_HASH_OF_ISSUER_PUBLIC_KEY 

SHA-1 hash of the issuer public key [byte array]

CKA_CHECK_VALUE 

Checksum [byte array]

CKA_KEY_TYPE 

Type of key [CKK/uint]

CKA_SUBJECT 

DER-encoding of the key subject name [byte array]

CKA_ID 

Key identifier for public/private key pair [byte array]

CKA_SENSITIVE 

True if key is sensitive [bool]

CKA_ENCRYPT 

True if key supports encryption [bool]

CKA_DECRYPT 

True if key supports decryption [bool]

CKA_WRAP 

True if key supports wrapping (i.e., can be used to wrap other keys) [bool]

CKA_UNWRAP 

True if key supports unwrapping (i.e., can be used to unwrap other keys) [bool]

CKA_SIGN 

True if key supports signatures (i.e., authentication codes) where the signature is an appendix to the data [bool]

CKA_SIGN_RECOVER 

True if key supports signatures where the data can be recovered from the signature [bool]

CKA_VERIFY 

True if key supports verification (i.e., of authentication codes) where the signature is an appendix to the data [bool]

CKA_VERIFY_RECOVER 

True if key supports verification where the data is recovered from the signature [bool]

CKA_DERIVE 

True if key supports key derivation (i.e., if other keys can be derived from this one) [bool]

CKA_START_DATE 

Start date for the certificate/key [DateTime]

CKA_END_DATE 

End date for the certificate/key [DateTime]

CKA_MODULUS 

Modulus n [byte array]

CKA_MODULUS_BITS 

Length in bits of modulus n [uint]

CKA_PUBLIC_EXPONENT 

Public exponent e [byte array]

CKA_PRIVATE_EXPONENT 

Private exponent d [byte array]

CKA_PRIME_1 

Prime p [byte array]

CKA_PRIME_2 

Prime q [byte array]

CKA_EXPONENT_1 

Private exponent d modulo p-1 [byte array]

CKA_EXPONENT_2 

Private exponent d modulo q-1 [byte array]

CKA_COEFFICIENT 

CRT coefficient q^-1 mod p [byte array]

CKA_PUBLIC_KEY_INFO 

DER-encoding of the SubjectPublicKeyInfo [byte array]

CKA_PRIME 

Prime p (512 to 1024 bits, in steps of 64 bits) [byte array]

CKA_SUBPRIME 

Subprime q (160 bits) [byte array]

CKA_BASE 

Base g [byte array]

CKA_PRIME_BITS 

Length of the prime value [uint]

CKA_SUBPRIME_BITS 

Length of the subprime value [uint]

CKA_VALUE_BITS 

Length in bits of private value x [uint]

CKA_VALUE_LEN 

Length in bytes of key value [uint]

CKA_EXTRACTABLE 

True if key is extractable and can be wrapped [bool]

CKA_LOCAL 

True only if key was either generated locally (i.e., on the token) or created as a copy of a key which had its CKA_LOCAL attribute set to true [bool]

CKA_NEVER_EXTRACTABLE 

True if key has never had the CKA_EXTRACTABLE attribute set to true [bool]

CKA_ALWAYS_SENSITIVE 

True if key has always had the CKA_SENSITIVE attribute set to true [bool]

CKA_KEY_GEN_MECHANISM 

Identifier of the mechanism used to generate the key material [CKM/uint]

CKA_MODIFIABLE 

True if object can be modified [bool]

CKA_COPYABLE 

True if object can be copied [bool]

CKA_DESTROYABLE 

True if object can be destroyed [bool]

CKA_ECDSA_PARAMS 

DER-encoding of an ANSI X9.62 Parameters value [byte array]

CKA_EC_PARAMS 

DER-encoding of an ANSI X9.62 Parameters value [byte array]

CKA_EC_POINT 

DER-encoding of ANSI X9.62 ECPoint value Q [byte array]

CKA_SECONDARY_AUTH 

True if the key requires a secondary authentication to take place before its use it allowed [bool]

CKA_AUTH_PIN_FLAGS 

Mask indicating the current state of the secondary authentication PIN [uint]

CKA_ALWAYS_AUTHENTICATE 

If true, the user has to supply the PIN for each use (sign or decrypt) with the key [bool]

CKA_WRAP_WITH_TRUSTED 

True if the key can only be wrapped with a wrapping key that has CKA_TRUSTED set to true [bool]

CKA_WRAP_TEMPLATE 

The attribute template to match against any keys wrapped using this wrapping key. Keys that do not match cannot be wrapped. [List of ObjectAttribute / CK_ATTRIBUTE array]

CKA_UNWRAP_TEMPLATE 

The attribute template to apply to any keys unwrapped using this wrapping key. Any user supplied template is applied after this template as if the object has already been created. [List of ObjectAttribute / CK_ATTRIBUTE array]

CKA_DERIVE_TEMPLATE 

The attribute template to apply to any keys derived using this key. Any user supplied template is applied after this template as if the object has already been created. [List of ObjectAttribute / CK_ATTRIBUTE array]

CKA_OTP_FORMAT 

Format of OTP values produced with this key: CK_OTP_FORMAT_DECIMAL = Decimal, CK_OTP_FORMAT_HEXADECIMAL = Hexadecimal, CK_OTP_FORMAT_ALPHANUMERIC = Alphanumeric, CK_OTP_FORMAT_BINARY = Only binary values [uint]

CKA_OTP_LENGTH 

Default length of OTP values (in the CKA_OTP_FORMAT) produced with this key [uint]

CKA_OTP_TIME_INTERVAL 

Interval between OTP values produced with this key, in seconds. [uint]

CKA_OTP_USER_FRIENDLY_MODE 

Set to true when the token is capable of returning OTPs suitable for human consumption [bool]

CKA_OTP_CHALLENGE_REQUIREMENT 

Parameter requirements when generating or verifying OTP values with this key: CK_OTP_PARAM_MANDATORY = A challenge must be supplied. CK_OTP_PARAM_OPTIONAL = A challenge may be supplied but need not be. CK_OTP_PARAM_IGNORED = A challenge, if supplied, will be ignored. [uint]

CKA_OTP_TIME_REQUIREMENT 

Parameter requirements when generating or verifying OTP values with this key: CK_OTP_PARAM_MANDATORY = A time value must be supplied. CK_OTP_PARAM_OPTIONAL = A time value may be supplied but need not be. CK_OTP_PARAM_IGNORED = A time value, if supplied, will be ignored. [uint]

CKA_OTP_COUNTER_REQUIREMENT 

Parameter requirements when generating or verifying OTP values with this key: CK_OTP_PARAM_MANDATORY = A counter value must be supplied. CK_OTP_PARAM_OPTIONAL = A counter value may be supplied but need not be. CK_OTP_PARAM_IGNORED = A counter value, if supplied, will be ignored. [uint]

CKA_OTP_PIN_REQUIREMENT 

Parameter requirements when generating or verifying OTP values with this key: CK_OTP_PARAM_MANDATORY = A PIN value must be supplied. CK_OTP_PARAM_OPTIONAL = A PIN value may be supplied but need not be. CK_OTP_PARAM_IGNORED = A PIN value, if supplied, will be ignored. [uint]

CKA_OTP_COUNTER 

Value of the associated internal counter [byte array]

CKA_OTP_TIME 

Value of the associated internal UTC time in the form YYYYMMDDhhmmss [string]

CKA_OTP_USER_IDENTIFIER 

Text string that identifies a user associated with the OTP key (may be used to enhance the user experience). [string]

CKA_OTP_SERVICE_IDENTIFIER 

Text string that identifies a service that may validate OTPs generated by this key [string]

CKA_OTP_SERVICE_LOGO 

Logotype image that identifies a service that may validate OTPs generated by this key. [byte array]

CKA_OTP_SERVICE_LOGO_TYPE 

MIME type of the CKA_OTP_SERVICE_LOGO attribute value [string]

CKA_GOSTR3410_PARAMS 

DER-encoding of the object identifier indicating the data object type of GOST R 34.10-2001. [byte array]

CKA_GOSTR3411_PARAMS 

DER-encoding of the object identifier indicating the data object type of GOST R 34.11-94. [byte array]

CKA_GOST28147_PARAMS 

DER-encoding of the object identifier indicating the data object type of GOST 28147-89. [byte array]

CKA_HW_FEATURE_TYPE 

Hardware feature (type) [CKH/uint]

CKA_RESET_ON_INIT 

The value of the counter will reset to a previously returned value if the token is initialized [bool]

CKA_HAS_RESET 

The value of the counter has been reset at least once at some point in time [bool]

CKA_PIXEL_X 

Screen resolution (in pixels) in X-axis [uint]

CKA_PIXEL_Y 

Screen resolution (in pixels) in Y-axis [uint]

CKA_RESOLUTION 

DPI, pixels per inch [uint]

CKA_CHAR_ROWS 

Number of character rows for character-oriented displays [uint]

CKA_CHAR_COLUMNS 

Number of character columns for character-oriented displays [uint]

CKA_COLOR 

Color support [bool]

CKA_BITS_PER_PIXEL 

The number of bits of color or grayscale information per pixel. [uint]

CKA_CHAR_SETS 

String indicating supported character sets, as defined by IANA MIBenum sets (www.iana.org). Supported character sets are separated with ";" e.g. a token supporting iso-8859-1 and us-ascii would set the attribute value to "4;3". [string]

CKA_ENCODING_METHODS 

String indicating supported content transfer encoding methods, as defined by IANA (www.iana.org). Supported methods are separated with ";" e.g. a token supporting 7bit, 8bit and base64 could set the attribute value to "7bit;8bit;base64". [string]

CKA_MIME_TYPES 

String indicating supported (presentable) MIME-types, as defined by IANA (www.iana.org). Supported types are separated with ";" e.g. a token supporting MIME types "a/b", "a/c" and "a/d" would set the attribute value to "a/b;a/c;a/d". [string]

CKA_MECHANISM_TYPE 

The type of mechanism object [CKM/uint]

CKA_REQUIRED_CMS_ATTRIBUTES 

Attributes the token always will include in the set of CMS signed attributes [byte array]

CKA_DEFAULT_CMS_ATTRIBUTES 

Attributes the token will include in the set of CMS signed attributes in the absence of any attributes specified by the application [byte array]

CKA_SUPPORTED_CMS_ATTRIBUTES 

Attributes the token may include in the set of CMS signed attributes upon request by the application [byte array]

CKA_ALLOWED_MECHANISMS 

A list of mechanisms allowed to be used with this key [List of CKM / List of uint / CKM array / uint array]

CKA_VENDOR_DEFINED 

Permanently reserved for token vendors

enum Net.Pkcs11Interop.Common.CKC : uint
strong

Certificate types

Enumerator
CKC_X_509 

X.509 public key certificate

CKC_X_509_ATTR_CERT 

X.509 attribute certificate

CKC_WTLS 

WTLS public key certificate

CKC_VENDOR_DEFINED 

Permanently reserved for token vendors

enum Net.Pkcs11Interop.Common.CKD : uint
strong

Key derivation functions

Enumerator
CKD_NULL 

No derivation function

CKD_SHA1_KDF 

ANSI X9.63 key derivation function based on SHA-1

CKD_SHA1_KDF_ASN1 

ANSI X9.42 key derivation function based on SHA-1

CKD_SHA1_KDF_CONCATENATE 

ANSI X9.42 key derivation function based on SHA-1

CKD_SHA224_KDF 

ANSI X9.63 key derivation function based on SHA-224

CKD_SHA256_KDF 

ANSI X9.63 key derivation function based on SHA-256

CKD_SHA384_KDF 

ANSI X9.63 key derivation function based on SHA-384

CKD_SHA512_KDF 

ANSI X9.63 key derivation function based on SHA-512

CKD_CPDIVERSIFY_KDF 

CryptoPro KEK Diversification Algorithm described in section 6.5 of RFC 4357

enum Net.Pkcs11Interop.Common.CKG : uint
strong

Mask generation functions

Enumerator
CKG_MGF1_SHA1 

PKCS #1 Mask Generation Function with SHA-1 digest algorithm

CKG_MGF1_SHA256 

PKCS #1 Mask Generation Function with SHA-256 digest algorithm

CKG_MGF1_SHA384 

PKCS #1 Mask Generation Function with SHA-384 digest algorithm

CKG_MGF1_SHA512 

PKCS #1 Mask Generation Function with SHA-512 digest algorithm

CKG_MGF1_SHA224 

PKCS #1 Mask Generation Function with SHA-224 digest algorithm

enum Net.Pkcs11Interop.Common.CKH : uint
strong

Hardware feature types

Enumerator
CKH_MONOTONIC_COUNTER 

Monotonic counter objects represent hardware counters that exist on the device.

CKH_CLOCK 

Clock objects represent real-time clocks that exist on the device.

CKH_USER_INTERFACE 

User interface objects represent the presentation capabilities of the device.

CKH_VENDOR_DEFINED 

Permanently reserved for token vendors.

enum Net.Pkcs11Interop.Common.CKK : uint
strong

Key types

Enumerator
CKK_RSA 

RSA key

CKK_DSA 

DSA key

CKK_DH 

DH (Diffie-Hellman) key

CKK_ECDSA 

EC (Elliptic Curve) key

CKK_EC 

EC (Elliptic Curve) key

CKK_X9_42_DH 

X9.42 Diffie-Hellman public keys

CKK_KEA 

KEA keys

CKK_GENERIC_SECRET 

Generic secret key

CKK_RC2 

RC2 key

CKK_RC4 

RC4 key

CKK_DES 

Single-length DES key

CKK_DES2 

Double-length DES key

CKK_DES3 

Triple-length DES key

CKK_CAST 

CAST key

CKK_CAST3 

CAST3 key

CKK_CAST5 

CAST128 key

CKK_CAST128 

CAST128 key

CKK_RC5 

RC5 key

CKK_IDEA 

IDEA key

CKK_SKIPJACK 

Single-length MEK or a TEK

CKK_BATON 

Single-length BATON key

CKK_JUNIPER 

Single-length JUNIPER key

CKK_CDMF 

Single-length CDMF key

CKK_AES 

AES key

CKK_BLOWFISH 

Blowfish key

CKK_TWOFISH 

Twofish key

CKK_SECURID 

RSA SecurID secret key

CKK_HOTP 

Generic secret key and associated counter value

CKK_ACTI 

ActivIdentity ACTI secret key

CKK_CAMELLIA 

Camellia key

CKK_ARIA 

ARIA key

CKK_MD5_HMAC 

MD5 HMAC key

CKK_SHA_1_HMAC 

SHA-1 HMAC key

CKK_RIPEMD128_HMAC 

RIPE-MD 128 HMAC key

CKK_RIPEMD160_HMAC 

RIPE-MD 160 HMAC key

CKK_SHA256_HMAC 

SHA-256 HMAC key

CKK_SHA384_HMAC 

SHA-384 HMAC key

CKK_SHA512_HMAC 

SHA-512 HMAC key

CKK_SHA224_HMAC 

SHA-224 HMAC key

CKK_SEED 

SEED secret key

CKK_GOSTR3410 

GOST R 34.10-2001 key

CKK_GOSTR3411 

GOST R 34.11-94 key or domain parameter

CKK_GOST28147 

GOST 28147-89 key or domain parameter

CKK_VENDOR_DEFINED 

Permanently reserved for token vendors

enum Net.Pkcs11Interop.Common.CKM : uint
strong

Mechanism type

Enumerator
CKM_RSA_PKCS_KEY_PAIR_GEN 

Key pair generation mechanism based on the RSA public-key cryptosystem, as defined in PKCS #1

CKM_RSA_PKCS 

Multi-purpose mechanism based on the RSA public-key cryptosystem and the block formats initially defined in PKCS #1 v1.5.

CKM_RSA_9796 

Mechanism for single-part signatures and verification with and without message recovery based on the RSA public-key cryptosystem and the block formats defined in ISO/IEC 9796 and its annex A

CKM_RSA_X_509 

Multi-purpose mechanism based on the RSA public-key cryptosystem ("raw" RSA, as assumed in X.509)

CKM_MD2_RSA_PKCS 

The PKCS #1 v1.5 RSA signature with MD2 mechanism

CKM_MD5_RSA_PKCS 

The PKCS #1 v1.5 RSA signature with MD5 mechanism

CKM_SHA1_RSA_PKCS 

The PKCS #1 v1.5 RSA signature with SHA-1 mechanism

CKM_RIPEMD128_RSA_PKCS 

The PKCS #1 v1.5 RSA signature with RIPEMD-128

CKM_RIPEMD160_RSA_PKCS 

The PKCS #1 v1.5 RSA signature with RIPEMD-160

CKM_RSA_PKCS_OAEP 

The PKCS #1 RSA OAEP mechanism based on the RSA public-key cryptosystem and the OAEP block format defined in PKCS #1

CKM_RSA_X9_31_KEY_PAIR_GEN 

The X9.31 RSA key pair generation mechanism

CKM_RSA_X9_31 

The ANSI X9.31 RSA mechanism

CKM_SHA1_RSA_X9_31 

The ANSI X9.31 RSA signature with SHA-1 mechanism

CKM_RSA_PKCS_PSS 

The PKCS #1 RSA PSS mechanism based on the RSA public-key cryptosystem and the PSS block format defined in PKCS#1

CKM_SHA1_RSA_PKCS_PSS 

The PKCS #1 RSA PSS signature with SHA-1 mechanism

CKM_DSA_KEY_PAIR_GEN 

The DSA key pair generation mechanism

CKM_DSA 

The DSA without hashing mechanism

CKM_DSA_SHA1 

The DSA with SHA-1 mechanism

CKM_DSA_SHA224 

The DSA with SHA-224 mechanism

CKM_DSA_SHA256 

The DSA with SHA-256 mechanism

CKM_DSA_SHA384 

The DSA with SHA-384 mechanism

CKM_DSA_SHA512 

The DSA with SHA-512 mechanism

CKM_DH_PKCS_KEY_PAIR_GEN 

The PKCS #3 Diffie-Hellman key pair generation mechanism

CKM_DH_PKCS_DERIVE 

The PKCS #3 Diffie-Hellman key derivation mechanism

CKM_X9_42_DH_KEY_PAIR_GEN 

The X9.42 Diffie-Hellman key pair generation mechanism

CKM_X9_42_DH_DERIVE 

The X9.42 Diffie-Hellman key derivation mechanism

CKM_X9_42_DH_HYBRID_DERIVE 

The X9.42 Diffie-Hellman hybrid key derivation mechanism

CKM_X9_42_MQV_DERIVE 

The X9.42 Diffie-Hellman Menezes-Qu-Vanstone (MQV) key derivation mechanism

CKM_SHA256_RSA_PKCS 

PKCS #1 v1.5 RSA signature with SHA-256 mechanism

CKM_SHA384_RSA_PKCS 

PKCS #1 v1.5 RSA signature with SHA-384 mechanism

CKM_SHA512_RSA_PKCS 

PKCS #1 v1.5 RSA signature with SHA-512 mechanism

CKM_SHA256_RSA_PKCS_PSS 

The PKCS #1 RSA PSS signature with SHA-256 mechanism

CKM_SHA384_RSA_PKCS_PSS 

The PKCS #1 RSA PSS signature with SHA-384 mechanism

CKM_SHA512_RSA_PKCS_PSS 

The PKCS #1 RSA PSS signature with SHA-512 mechanism

CKM_SHA224_RSA_PKCS 

The PKCS #1 v1.5 RSA signature with SHA-224 mechanism

CKM_SHA224_RSA_PKCS_PSS 

The PKCS #1 RSA PSS signature with SHA-224 mechanism

CKM_SHA512_224 

The SHA-512/224 digesting mechanism

CKM_SHA512_224_HMAC 

Special case of the general-length SHA-512/224-HMAC mechanism

CKM_SHA512_224_HMAC_GENERAL 

The general-length SHA-512/224-HMAC mechanism that uses the HMAC construction, based on the SHA-512/224 hash function

CKM_SHA512_224_KEY_DERIVATION 

Key derivation based on the SHA-512/224 hash function

CKM_SHA512_256 

The SHA-512/256 digesting mechanism

CKM_SHA512_256_HMAC 

Special case of the general-length SHA-512/256-HMAC mechanism

CKM_SHA512_256_HMAC_GENERAL 

The general-length SHA-512/256-HMAC mechanism that uses the HMAC construction, based on the SHA-512/256 hash function

CKM_SHA512_256_KEY_DERIVATION 

Key derivation based on the SHA-512/256 hash function

CKM_SHA512_T 

The SHA-512/t digesting mechanism

CKM_SHA512_T_HMAC 

Special case of the general-length SHA-512/t-HMAC mechanism

CKM_SHA512_T_HMAC_GENERAL 

The general-length SHA-512/t-HMAC mechanism that uses the HMAC construction, based on the SHA-512/t hash function

CKM_SHA512_T_KEY_DERIVATION 

Key derivation based on the SHA-512/t hash function

CKM_RC2_KEY_GEN 

The RC2 key generation mechanism

CKM_RC2_ECB 

RC2-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_RC2_CBC 

RC2-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_RC2_MAC 

Special case of general-length RC2-MAC mechanism

CKM_RC2_MAC_GENERAL 

General-length RC2-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_RC2_CBC_PAD 

RC2-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_RC4_KEY_GEN 

The RC4 key generation mechanism

CKM_RC4 

RC4 encryption mechanism

CKM_DES_KEY_GEN 

Single-length DES key generation mechanism

CKM_DES_ECB 

DES-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_DES_CBC 

DES-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_DES_MAC 

Special case of general-length DES-MAC mechanism

CKM_DES_MAC_GENERAL 

General-length DES-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_DES_CBC_PAD 

DES-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_DES2_KEY_GEN 

Double-length DES key generation mechanism

CKM_DES3_KEY_GEN 

Triple-length DES key generation mechanism

CKM_DES3_ECB 

DES3-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_DES3_CBC 

DES3-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_DES3_MAC 

Special case of general-length DES3-MAC mechanism

CKM_DES3_MAC_GENERAL 

General-length DES3-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_DES3_CBC_PAD 

DES3-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_DES3_CMAC_GENERAL 

General-length DES3-CMAC mechanism based on Cipher-based Message Authenticate Code as defined in NIST SP 800-38B and RFC 4493

CKM_DES3_CMAC 

Special case of general-length DES3-CMAC mechanism based on Cipher-based Message Authenticate Code as defined in NIST SP 800-38B and RFC 4493

CKM_CDMF_KEY_GEN 

Single-length CDMF key generation mechanism

CKM_CDMF_ECB 

CDMF-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_CDMF_CBC 

CDMF-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_CDMF_MAC 

Special case of general-length CDMF-MAC mechanism

CKM_CDMF_MAC_GENERAL 

General-length CDMF-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_CDMF_CBC_PAD 

CDMF-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_DES_OFB64 

DES-OFB64 encryption mechanism with output feedback mode (OFB)

CKM_DES_OFB8 

DES-OFB8 encryption mechanism with output feedback mode (OFB)

CKM_DES_CFB64 

DES-CFB64 encryption mechanism with cipher feedback mode (CFB)

CKM_DES_CFB8 

DES-CFB8 encryption mechanism with cipher feedback mode (CFB)

CKM_MD2 

The MD2 digesting mechanism

CKM_MD2_HMAC 

Special case of the general-length MD2-HMAC mechanism

CKM_MD2_HMAC_GENERAL 

The general-length MD2-HMAC mechanism that uses the HMAC construction, based on the MD2 hash function

CKM_MD5 

The MD5 digesting mechanism

CKM_MD5_HMAC 

Special case of the general-length MD5-HMAC mechanism

CKM_MD5_HMAC_GENERAL 

The general-length MD5-HMAC mechanism that uses the HMAC construction, based on the MD5 hash function

CKM_SHA_1 

The SHA-1 digesting mechanism

CKM_SHA_1_HMAC 

Special case of the general-length SHA1-HMAC mechanism

CKM_SHA_1_HMAC_GENERAL 

The general-length SHA1-HMAC mechanism that uses the HMAC construction, based on the SHA1 hash function

CKM_RIPEMD128 

The RIPE-MD 128 digesting mechanism

CKM_RIPEMD128_HMAC 

Special case of the general-length RIPE-MD 128-HMAC mechanism

CKM_RIPEMD128_HMAC_GENERAL 

The general-length RIPE-MD 128-HMAC mechanism that uses the HMAC construction, based on the RIPE-MD 128 hash function

CKM_RIPEMD160 

The RIPE-MD 160 digesting mechanism

CKM_RIPEMD160_HMAC 

Special case of the general-length RIPE-MD 160-HMAC mechanism

CKM_RIPEMD160_HMAC_GENERAL 

The general-length RIPE-MD 160-HMAC mechanism that uses the HMAC construction, based on the RIPE-MD 160 hash function

CKM_SHA256 

The SHA-256 digesting mechanism

CKM_SHA256_HMAC 

Special case of the general-length SHA-256-HMAC mechanism

CKM_SHA256_HMAC_GENERAL 

The general-length SHA-256-HMAC mechanism that uses the HMAC construction, based on the SHA-256 hash function

CKM_SHA224 

The SHA-224 digesting mechanism

CKM_SHA224_HMAC 

Special case of the general-length SHA-224-HMAC mechanism

CKM_SHA224_HMAC_GENERAL 

The general-length SHA-224-HMAC mechanism that uses the HMAC construction, based on the SHA-224 hash function

CKM_SHA384 

The SHA-384 digesting mechanism

CKM_SHA384_HMAC 

Special case of the general-length SHA-384-HMAC mechanism

CKM_SHA384_HMAC_GENERAL 

The general-length SHA-384-HMAC mechanism that uses the HMAC construction, based on the SHA-384 hash function

CKM_SHA512 

The SHA-512 digesting mechanism

CKM_SHA512_HMAC 

Special case of the general-length SHA-512-HMAC mechanism

CKM_SHA512_HMAC_GENERAL 

The general-length SHA-512-HMAC mechanism that uses the HMAC construction, based on the SHA-512 hash function

CKM_SECURID_KEY_GEN 

Key generation mechanism for the RSA SecurID algorithm

CKM_SECURID 

Mechanism for the retrieval and verification of RSA SecurID OTP values

CKM_HOTP_KEY_GEN 

Key generation mechanism for the HOTP algorithm

CKM_HOTP 

Mechanism for the retrieval and verification of HOTP OTP values

CKM_ACTI 

Mechanism for the retrieval and verification of ACTI OTP values

CKM_ACTI_KEY_GEN 

Key generation mechanism for the ACTI algorithm

CKM_CAST_KEY_GEN 

CAST key generation mechanism

CKM_CAST_ECB 

CAST-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_CAST_CBC 

CAST-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_CAST_MAC 

Special case of general-length CAST-MAC mechanism

CKM_CAST_MAC_GENERAL 

General-length CAST-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_CAST_CBC_PAD 

CAST-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_CAST3_KEY_GEN 

CAST3 key generation mechanism

CKM_CAST3_ECB 

CAST3-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_CAST3_CBC 

CAST3-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_CAST3_MAC 

Special case of general-length CAST3-MAC mechanism

CKM_CAST3_MAC_GENERAL 

General-length CAST3-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_CAST3_CBC_PAD 

CAST3-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_CAST5_KEY_GEN 

CAST128 key generation mechanism

CKM_CAST128_KEY_GEN 

CAST128 key generation mechanism

CKM_CAST5_ECB 

CAST128-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_CAST128_ECB 

CAST128-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_CAST5_CBC 

CAST128-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_CAST128_CBC 

CAST128-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_CAST5_MAC 

Special case of general-length CAST128-MAC mechanism

CKM_CAST128_MAC 

Special case of general-length CAST128-MAC mechanism

CKM_CAST5_MAC_GENERAL 

General-length CAST128-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_CAST128_MAC_GENERAL 

General-length CAST128-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_CAST5_CBC_PAD 

CAST128-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_CAST128_CBC_PAD 

CAST128-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_RC5_KEY_GEN 

RC5 key generation mechanism

CKM_RC5_ECB 

RC5-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_RC5_CBC 

RC5-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_RC5_MAC 

Special case of general-length RC5-MAC mechanism

CKM_RC5_MAC_GENERAL 

General-length RC5-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_RC5_CBC_PAD 

RC5-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_IDEA_KEY_GEN 

IDEA key generation mechanism

CKM_IDEA_ECB 

IDEA-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_IDEA_CBC 

IDEA-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_IDEA_MAC 

Special case of general-length IDEA-MAC mechanism

CKM_IDEA_MAC_GENERAL 

General-length IDEA-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_IDEA_CBC_PAD 

IDEA-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_GENERIC_SECRET_KEY_GEN 

The generic secret key generation mechanism

CKM_CONCATENATE_BASE_AND_KEY 

Key derivation mechanism that derives a secret key from the concatenation of two existing secret keys

CKM_CONCATENATE_BASE_AND_DATA 

Key derivation mechanism that derives a secret key by concatenating data onto the end of a specified secret key

CKM_CONCATENATE_DATA_AND_BASE 

Key derivation mechanism that derives a secret key by prepending data to the start of a specified secret key

CKM_XOR_BASE_AND_DATA 

Key derivation mechanism that

CKM_EXTRACT_KEY_FROM_KEY 

Mechanism which provides the capability of creating one secret key from the bits of another secret key

CKM_SSL3_PRE_MASTER_KEY_GEN 

Mechanism for pre_master key generation in SSL 3.0

CKM_SSL3_MASTER_KEY_DERIVE 

Mechanism for master key derivation in SSL 3.0

CKM_SSL3_KEY_AND_MAC_DERIVE 

Mechanism for key, MAC and IV derivation in SSL 3.0

CKM_SSL3_MASTER_KEY_DERIVE_DH 

Mechanism for master key derivation for Diffie-Hellman in SSL 3.0

CKM_TLS_PRE_MASTER_KEY_GEN 

Mechanism for pre-master key generation in TLS 1.0,

CKM_TLS_MASTER_KEY_DERIVE 

Mechanism for master key derivation in TLS 1.0

CKM_TLS_KEY_AND_MAC_DERIVE 

Mechanism for key, MAC and IV derivation in TLS 1.0

CKM_TLS_MASTER_KEY_DERIVE_DH 

Mechanism for master key derivation for Diffie-Hellman in TLS 1.0

CKM_TLS_PRF 

PRF (pseudo random function) in TLS

CKM_SSL3_MD5_MAC 

Mechanism for MD5 MACing in SSL3.0

CKM_SSL3_SHA1_MAC 

Mechanism for SHA-1 MACing in SSL3.0

CKM_MD5_KEY_DERIVATION 

MD5 key derivation mechanism

CKM_MD2_KEY_DERIVATION 

MD2 key derivation mechanism

CKM_SHA1_KEY_DERIVATION 

SHA-1 key derivation mechanism

CKM_SHA256_KEY_DERIVATION 

SHA-256 key derivation mechanism

CKM_SHA384_KEY_DERIVATION 

SHA-384 key derivation mechanism

CKM_SHA512_KEY_DERIVATION 

SHA-512 key derivation mechanism

CKM_SHA224_KEY_DERIVATION 

SHA-224 key derivation mechanism

CKM_PBE_MD2_DES_CBC 

MD2-PBE for DES-CBC mechanism used for generating a DES secret key and an IV from a password and a salt value by using the MD2 digest algorithm and an iteration count. This functionality is defined in PKCS#5 as PBKDF1.

CKM_PBE_MD5_DES_CBC 

MD5-PBE for DES-CBC mechanism used for generating a DES secret key and an IV from a password and a salt value by using the MD5 digest algorithm and an iteration count. This functionality is defined in PKCS#5 as PBKDF1.

CKM_PBE_MD5_CAST_CBC 

MD5-PBE for CAST-CBC mechanism used for generating a CAST secret key and an IV from a password and a salt value by using the MD5 digest algorithm and an iteration count.

CKM_PBE_MD5_CAST3_CBC 

MD5-PBE for CAST3-CBC mechanism used for generating a CAST3 secret key and an IV from a password and a salt value by using the MD5 digest algorithm and an iteration count.

CKM_PBE_MD5_CAST5_CBC 

MD5-PBE for CAST128-CBC (CAST5-CBC) mechanism used for generating a CAST128 (CAST5) secret key and an IV from a password and a salt value by using the MD5 digest algorithm and an iteration count.

CKM_PBE_MD5_CAST128_CBC 

MD5-PBE for CAST128-CBC mechanism used for generating a CAST128 secret key and an IV from a password and a salt value by using the MD5 digest algorithm and an iteration count.

CKM_PBE_SHA1_CAST5_CBC 

SHA-1-PBE for CAST128-CBC (CAST5-CBC) mechanism used for generating a CAST128 (CAST5) secret key and an IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count.

CKM_PBE_SHA1_CAST128_CBC 

SHA-1-PBE for CAST128-CBC mechanism used for generating a CAST128 secret key and an IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count.

CKM_PBE_SHA1_RC4_128 

SHA-1-PBE for 128-bit RC4 mechanism used for generating a 128-bit RC4 secret key from a password and a salt value by using the SHA-1 digest algorithm and an iteration count.

CKM_PBE_SHA1_RC4_40 

SHA-1-PBE for 40-bit RC4 mechanism used for generating a 40-bit RC4 secret key from a password and a salt value by using the SHA-1 digest algorithm and an iteration count.

CKM_PBE_SHA1_DES3_EDE_CBC 

SHA-1-PBE for 3-key triple-DES-CBC mechanism used for generating a 3-key triple-DES secret key and IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count.

CKM_PBE_SHA1_DES2_EDE_CBC 

SHA-1-PBE for 2-key triple-DES-CBC mechanism used for generating a 2-key triple-DES secret key and IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count.

CKM_PBE_SHA1_RC2_128_CBC 

SHA-1-PBE for 128-bit RC2-CBC mechanism used for generating a 128-bit RC2 secret key and IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count.

CKM_PBE_SHA1_RC2_40_CBC 

SHA-1-PBE for 40-bit RC2-CBC mechanism used for generating a 40-bit RC2 secret key and IV from a password and a salt value by using the SHA-1 digest algorithm and an iteration count.

CKM_PKCS5_PBKD2 

PKCS #5 PBKDF2 key generation mechanism used for generating a secret key from a password and a salt value

CKM_PBA_SHA1_WITH_SHA1_HMAC 

SHA-1-PBA for SHA-1-HMAC mechanism used for generating a 160-bit generic secret key from a password and a salt value by using the SHA-1 digest algorithm and an iteration count

CKM_WTLS_PRE_MASTER_KEY_GEN 

Mechanism for pre-master secret key generation for the RSA key exchange suite in WTLS

CKM_WTLS_MASTER_KEY_DERIVE 

Mechanism for master secret derivation in WTLS

CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 

Mechanism for master secret derivation for Diffie-Hellman and Elliptic Curve Cryptography in WTLS

CKM_WTLS_PRF 

PRF (pseudo random function) in WTLS

CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 

Mechanism for server key, MAC and IV derivation in WTLS

CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 

Mechanism for client key, MAC and IV derivation in WTLS

CKM_TLS10_MAC_SERVER 

Mechanism is defined in PKCS#11 v2.40e1 headers but the description is not present in the specification

CKM_TLS10_MAC_CLIENT 

Mechanism is defined in PKCS#11 v2.40e1 headers but the description is not present in the specification

CKM_TLS12_MAC 

Mechanism is defined in PKCS#11 v2.40e1 headers but the description is not present in the specification

CKM_TLS12_KDF 

Mechanism is defined in PKCS#11 v2.40e1 headers but the description is not present in the specification

CKM_TLS12_MASTER_KEY_DERIVE 

Mechanism for master key derivation in TLS 1.2

CKM_TLS12_KEY_AND_MAC_DERIVE 

Mechanism for key, MAC and IV derivation in TLS 1.2

CKM_TLS12_MASTER_KEY_DERIVE_DH 

Mechanism for master key derivation for Diffie-Hellman in TLS 1.2

CKM_TLS12_KEY_SAFE_DERIVE 

Mechanism that is identical to CKM_TLS12_KEY_AND_MAC_DERIVE except that it shall never produce IV data

CKM_TLS_MAC 

Mechanism for generation of integrity tags for the TLS "finished" message

CKM_TLS_KDF 

Mechanism that uses the TLS key material and TLS PRF function to produce additional key material for protocols that want to leverage the TLS key negotiation mechanism

CKM_KEY_WRAP_LYNKS 

The LYNKS key wrapping mechanism

CKM_KEY_WRAP_SET_OAEP 

The OAEP key wrapping for SET mechanism

CKM_CMS_SIG 

The CMS mechanism

CKM_KIP_DERIVE 

The CT-KIP key derivation mechanism

CKM_KIP_WRAP 

The CT-KIP key wrap and unwrap mechanism

CKM_KIP_MAC 

The CT-KIP signature (MAC) mechanism

CKM_CAMELLIA_KEY_GEN 

The Camellia key generation mechanism

CKM_CAMELLIA_ECB 

Camellia-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_CAMELLIA_CBC 

Camellia-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_CAMELLIA_MAC 

Special case of general-length Camellia-MAC mechanism

CKM_CAMELLIA_MAC_GENERAL 

General-length Camellia-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_CAMELLIA_CBC_PAD 

Camellia-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_CAMELLIA_ECB_ENCRYPT_DATA 

Key derivation mechanism based on Camellia-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_CAMELLIA_CBC_ENCRYPT_DATA 

Key derivation mechanism based on Camellia-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_CAMELLIA_CTR 

Camellia-CTR mechanism for encryption and decryption with CAMELLIA in counter mode

CKM_ARIA_KEY_GEN 

The ARIA key generation mechanism

CKM_ARIA_ECB 

ARIA-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_ARIA_CBC 

ARIA-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_ARIA_MAC 

Special case of general-length ARIA-MAC mechanism

CKM_ARIA_MAC_GENERAL 

General-length ARIA-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_ARIA_CBC_PAD 

ARIA-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_ARIA_ECB_ENCRYPT_DATA 

Key derivation mechanism based on ARIA-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_ARIA_CBC_ENCRYPT_DATA 

Key derivation mechanism based on ARIA-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_SEED_KEY_GEN 

The SEED key generation mechanism

CKM_SEED_ECB 

SEED-ECB encryption mechanims with electronic codebook mode (ECB)

CKM_SEED_CBC 

SEED-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_SEED_MAC 

Special case of general-length SEED-MAC mechanism

CKM_SEED_MAC_GENERAL 

General-length SEED-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_SEED_CBC_PAD 

SEED-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_SEED_ECB_ENCRYPT_DATA 

Key derivation mechanism based on SEED-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_SEED_CBC_ENCRYPT_DATA 

Key derivation mechanism based on SEED-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_SKIPJACK_KEY_GEN 

The SKIPJACK key generation mechanism

CKM_SKIPJACK_ECB64 

SKIPJACK-ECB64 mechanism for encryption and decryption with SKIPJACK in 64-bit electronic codebook mode (ECB)

CKM_SKIPJACK_CBC64 

SKIPJACK-CBC64 mechanism for encryption and decryption with SKIPJACK in 64-bit cipher-block chaining mode (CBC)

CKM_SKIPJACK_OFB64 

SKIPJACK-OFB64 mechanism for encryption and decryption with SKIPJACK in 64-bit output feedback mode (OFB)

CKM_SKIPJACK_CFB64 

SKIPJACK-CFB64 mechanism for encryption and decryption with SKIPJACK in 64-bit cipher feedback mode (CFB)

CKM_SKIPJACK_CFB32 

SKIPJACK-CFB32 mechanism for encryption and decryption with SKIPJACK in 32-bit cipher feedback mode (CFB)

CKM_SKIPJACK_CFB16 

SKIPJACK-CFB16 mechanism for encryption and decryption with SKIPJACK in 16-bit cipher feedback mode (CFB)

CKM_SKIPJACK_CFB8 

SKIPJACK-CFB8 mechanism for encryption and decryption with SKIPJACK in 8-bit cipher feedback mode (CFB)

CKM_SKIPJACK_WRAP 

SKIPJACK mechanism for wrapping and unwrapping of secret keys (MEK)

CKM_SKIPJACK_PRIVATE_WRAP 

Mechanism for wrapping and unwrapping KEA and DSA private keys

CKM_SKIPJACK_RELAYX 

Mechanism for "change of wrapping" on a private key which was wrapped with the SKIPJACK-PRIVATE-WRAP mechanism

CKM_KEA_KEY_PAIR_GEN 

The KEA key pair generation mechanism

CKM_KEA_KEY_DERIVE 

The KEA key derivation mechanism

CKM_KEA_DERIVE 

The KEA key derivation mechanism

CKM_FORTEZZA_TIMESTAMP 

The FORTEZZA timestamp mechanism

CKM_BATON_KEY_GEN 

The BATON key generation mechanism

CKM_BATON_ECB128 

BATON-ECB128 mechanism for encryption and decryption with BATON in 128-bit electronic codebook mode (ECB)

CKM_BATON_ECB96 

BATON-ECB96 mechanism for encryption and decryption with BATON in 96-bit electronic codebook mode (ECB)

CKM_BATON_CBC128 

BATON-CBC128 mechanism for encryption and decryption with BATON in 128-bit cipher-block chaining mode (CBC)

CKM_BATON_COUNTER 

BATON-COUNTER mechanism encryption and decryption with BATON in counter mode

CKM_BATON_SHUFFLE 

BATON-SHUFFLE mechanism for encryption and decryption with BATON in shuffle mode

CKM_BATON_WRAP 

BATON mechanism for wrapping and unwrapping of secret keys (MEK)

CKM_ECDSA_KEY_PAIR_GEN 

The EC (also related to ECDSA) key pair generation mechanism

CKM_EC_KEY_PAIR_GEN 

The EC (also related to ECDSA) key pair generation mechanism

CKM_ECDSA 

The ECDSA without hashing mechanism

CKM_ECDSA_SHA1 

The ECDSA with SHA-1 mechanism

CKM_ECDSA_SHA224 

The ECDSA with SHA-224 mechanism

CKM_ECDSA_SHA256 

The ECDSA with SHA-256 mechanism

CKM_ECDSA_SHA384 

The ECDSA with SHA-384 mechanism

CKM_ECDSA_SHA512 

The ECDSA with SHA-512 mechanism

CKM_ECDH1_DERIVE 

The elliptic curve Diffie-Hellman (ECDH) key derivation mechanism

CKM_ECDH1_COFACTOR_DERIVE 

The elliptic curve Diffie-Hellman (ECDH) with cofactor key derivation mechanism

CKM_ECMQV_DERIVE 

The elliptic curve Menezes-Qu-Vanstone (ECMQV) key derivation mechanism

CKM_ECDH_AES_KEY_WRAP 

Mechanism based on the EC public-key cryptosystem and the AES key wrap mechanism

CKM_RSA_AES_KEY_WRAP 

Mechanism based on the RSA public-key cryptosystem and the AES key wrap mechanism

CKM_JUNIPER_KEY_GEN 

The JUNIPER key generation mechanism

CKM_JUNIPER_ECB128 

JUNIPER-ECB128 mechanism for encryption and decryption with JUNIPER in 128-bit electronic codebook mode (ECB)

CKM_JUNIPER_CBC128 

JUNIPER-CBC128 mechanism for encryption and decryption with JUNIPER in 128-bit cipher-block chaining mode (CBC)

CKM_JUNIPER_COUNTER 

JUNIPER COUNTER mechanism for encryption and decryption with JUNIPER in counter mode

CKM_JUNIPER_SHUFFLE 

JUNIPER-SHUFFLE mechanism for encryption and decryption with JUNIPER in shuffle mode

CKM_JUNIPER_WRAP 

The JUNIPER wrap and unwrap mechanism used to wrap and unwrap an MEK

CKM_FASTHASH 

The FASTHASH digesting mechanism

CKM_AES_KEY_GEN 

The AES key generation mechanism

CKM_AES_ECB 

AES-ECB encryption mechanism with electronic codebook mode (ECB)

CKM_AES_CBC 

AES-CBC encryption mechanism with cipher-block chaining mode (CBC)

CKM_AES_MAC 

Special case of general-length AES-MAC mechanism

CKM_AES_MAC_GENERAL 

General-length AES-MAC mechanism based on data authentication as defined in FIPS PUB 113

CKM_AES_CBC_PAD 

AES-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_AES_CTR 

AES-CTR encryption mechanism with AES in counter mode

CKM_AES_GCM 

AES-GCM authenticated encryption

CKM_AES_CCM 

AES-CCM authenticated encryption

CKM_AES_CTS 

AES CBC encryption with Cipher Text Stealing CTS

CKM_AES_CMAC 

Special case of general-length AES-CMAC mechanism based on Cipher-based Message Authenticate Code as defined in NIST SP 800-38B and RFC 4493

CKM_AES_CMAC_GENERAL 

General-length AES-CMAC mechanism based on Cipher-based Message Authenticate Code as defined in NIST SP 800-38B and RFC 4493

CKM_AES_XCBC_MAC 

AES-XCBC-MAC signing and verification mechanism based on NIST AES and RFC 3566

CKM_AES_XCBC_MAC_96 

AES-XCBC-MAC-96 signing and verification mechanism based on NIST AES and RFC 3566

CKM_AES_GMAC 

AES-GMAC signing and verification mechanism described in NIST SP 800-38D

CKM_BLOWFISH_KEY_GEN 

The Blowfish key generation mechanism

CKM_BLOWFISH_CBC 

Blowfish-CBC mechanism for encryption and decryption; key wrapping; and key unwrapping

CKM_TWOFISH_KEY_GEN 

The Twofish key generation mechanism

CKM_TWOFISH_CBC 

Twofish-CBC mechanism for encryption and decryption; key wrapping; and key unwrapping

CKM_BLOWFISH_CBC_PAD 

Blowfish-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_TWOFISH_CBC_PAD 

Twofish-CBC encryption mechanism with cipher-block chaining mode (CBC) and PKCS#7 padding

CKM_DES_ECB_ENCRYPT_DATA 

Key derivation mechanism that uses the result of an DES-ECB encryption operation as the key value

CKM_DES_CBC_ENCRYPT_DATA 

Key derivation mechanism that uses the result of an DES-CBC encryption operation as the key value

CKM_DES3_ECB_ENCRYPT_DATA 

Key derivation mechanism that uses the result of an DES3-ECB encryption operation as the key value

CKM_DES3_CBC_ENCRYPT_DATA 

Key derivation mechanism that uses the result of an DES3-CBC encryption operation as the key value

CKM_AES_ECB_ENCRYPT_DATA 

Key derivation mechanism that uses the result of an AES-ECB encryption operation as the key value

CKM_AES_CBC_ENCRYPT_DATA 

Key derivation mechanism that uses the result of an AES-CBC encryption operation as the key value

CKM_GOSTR3410_KEY_PAIR_GEN 

GOST R 34.10-2001 key generation

CKM_GOSTR3410 

GOST R 34.10-2001 signing and verification without hashing

CKM_GOSTR3410_WITH_GOSTR3411 

GOST R 34.10-2001 signing and verification with GOST R 34.11-94 hashing

CKM_GOSTR3410_KEY_WRAP 

GOST R 34.10-2001 based mechanims for GOST 28147-89 key wrapping

CKM_GOSTR3410_DERIVE 

GOST R 34.10-2001 based key derivation mechanim

CKM_GOSTR3411 

GOST R 34.11-94 digesting mechanism

CKM_GOSTR3411_HMAC 

GOST R 34.11-94 based mechanism for HMAC construction

CKM_GOST28147_KEY_GEN 

GOST 28147-89 key generation

CKM_GOST28147_ECB 

GOST 28147-89 encryption mechanism with electronic codebook mode (ECB)

CKM_GOST28147 

GOST 28147-89 encryption mechanism with with cipher feedback mode (CFB) and additional CBC mode defined in section 2 of RFC 4357

CKM_GOST28147_MAC 

GOST 28147-89-MAC mechanism for data integrity and authentication based on GOST 28147-89 and key meshing algorithms defined in section 2.3 of RFC 4357

CKM_GOST28147_KEY_WRAP 

GOST 28147-89 based mechanims for GOST 28147-89 key wrapping

CKM_DSA_PARAMETER_GEN 

The DSA domain parameter generation mechanism

CKM_DH_PKCS_PARAMETER_GEN 

The PKCS #3 Diffie-Hellman domain parameter generation mechanism

CKM_X9_42_DH_PARAMETER_GEN 

The X9.42 Diffie-Hellman domain parameter generation mechanism

CKM_DSA_PROBABLISTIC_PARAMETER_GEN 

The DSA probabilistic domain parameter generation mechanism based on the DSA defined in Appendix A.1.1 of FIPS PUB 186-4

CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN 

The DSA Shawe-Taylor domain parameter generation mechanism based on the DSA defined in Appendix A.1.2 of FIPS PUB 186-4

CKM_AES_OFB 

AES-OFB encryption mechanism with output feedback mode (OFB)

CKM_AES_CFB64 

AES-CFB64 encryption mechanism with cipher feedback mode (CFB)

CKM_AES_CFB8 

AES-CFB8 encryption mechanism with cipher feedback mode (CFB)

CKM_AES_CFB128 

AES-CFB128 encryption mechanism with cipher feedback mode (CFB)

CKM_AES_CFB1 

AES-CFB1 encryption mechanism with cipher feedback mode (CFB)

CKM_AES_KEY_WRAP 

AES key wrapping mechanism without padding

CKM_AES_KEY_WRAP_PAD 

AES key wrapping mechanism with padding

CKM_RSA_PKCS_TPM_1_1 

Multi-purpose mechanism based on the RSA public-key cryptosystem and the block formats initially defined in PKCS#1 v1.5, with additional formatting rules defined in TCPA TPM Specification Version 1.1b

CKM_RSA_PKCS_OAEP_TPM_1_1 

Multi-purpose mechanism based on the RSA public-key cryptosystem and the OAEP block format defined in PKCS #1, with additional formatting defined in TCPA TPM Specification Version 1.1b

CKM_VENDOR_DEFINED 

Permanently reserved for token vendors

enum Net.Pkcs11Interop.Common.CKN : uint
strong

Notifications

Enumerator
CKN_SURRENDER 

Cryptoki is surrendering the execution of a function executing in a session so that the application may perform other operations

CKN_OTP_CHANGED 

Cryptoki is informing the application that the OTP for a key on a connected token just changed

enum Net.Pkcs11Interop.Common.CKO : uint
strong

Object class

Enumerator
CKO_DATA 

Data object that holds information defined by an application.

CKO_CERTIFICATE 

Certificate object that holds public-key or attribute certificates.

CKO_PUBLIC_KEY 

Public key object that holds public keys.

CKO_PRIVATE_KEY 

Private key object that holds private keys.

CKO_SECRET_KEY 

Secret key object that holds secret keys.

CKO_HW_FEATURE 

Hardware feature object that represent features of the device.

CKO_DOMAIN_PARAMETERS 

Domain parameter object that holds public domain parameters.

CKO_MECHANISM 

Mechanism object that provides information about mechanisms supported by a device beyond that given by the CK_MECHANISM_INFO structure.

CKO_OTP_KEY 

OTP key object that holds secret keys used by OTP tokens.

CKO_VENDOR_DEFINED 

Reserved for token vendors.

enum Net.Pkcs11Interop.Common.CKP : uint
strong

Pseudo-random functions

Enumerator
CKP_PKCS5_PBKD2_HMAC_SHA1 

PKCS#5 PBKDF2 with HMAC-SHA-1 pseudorandom function

CKP_PKCS5_PBKD2_HMAC_GOSTR3411 

PKCS#5 PBKDF2 with GOST R34.11-94 pseudorandom function

CKP_PKCS5_PBKD2_HMAC_SHA224 

PKCS#5 PBKDF2 with HMAC-SHA-224 pseudorandom function

CKP_PKCS5_PBKD2_HMAC_SHA256 

PKCS#5 PBKDF2 with HMAC-SHA-256 pseudorandom function

CKP_PKCS5_PBKD2_HMAC_SHA384 

PKCS#5 PBKDF2 with HMAC-SHA-384 pseudorandom function

CKP_PKCS5_PBKD2_HMAC_SHA512 

PKCS#5 PBKDF2 with HMAC-SHA-512 pseudorandom function

CKP_PKCS5_PBKD2_HMAC_SHA512_224 

PKCS#5 PBKDF2 with HMAC-SHA-512/224 pseudorandom function

CKP_PKCS5_PBKD2_HMAC_SHA512_256 

PKCS#5 PBKDF2 with HMAC-SHA-512/256 pseudorandom function

enum Net.Pkcs11Interop.Common.CKR : uint
strong

Return values

Enumerator
CKR_OK 

The function executed successfully

CKR_CANCEL 

Cryptoki function aborts and returns CKR_FUNCTION_CANCELED, when CKR_CANCEL is returned by CKN_SURRENDER callback

CKR_HOST_MEMORY 

The computer that the Cryptoki library is running on has insufficient memory to perform the requested function

CKR_SLOT_ID_INVALID 

The specified slot ID is not valid

CKR_GENERAL_ERROR 

Some horrible, unrecoverable error has occurred

CKR_FUNCTION_FAILED 

The requested function could not be performed

CKR_ARGUMENTS_BAD 

Generic error code which indicates that the arguments supplied to the Cryptoki function were in some way not appropriate

CKR_NO_EVENT 

Returned when C_GetSlotEvent is called in non-blocking mode and there are no new slot events to return

CKR_NEED_TO_CREATE_THREADS 

Returned by C_Initialize when application did not allow library to use the native operation system threading model for locking and the library cannot function properly without being able to spawn new threads

CKR_CANT_LOCK 

Returned by C_Initialize when the type of locking requested by the application for thread-safety is not available in this library

CKR_ATTRIBUTE_READ_ONLY 

An attempt was made to set a value for an attribute which may not be set by the application, or which may not be modified by the application

CKR_ATTRIBUTE_SENSITIVE 

An attempt was made to obtain the value of an attribute of an object which cannot be satisfied because the object is either sensitive or unextractable

CKR_ATTRIBUTE_TYPE_INVALID 

An invalid attribute type was specified in a template

CKR_ATTRIBUTE_VALUE_INVALID 

An invalid value was specified for a particular attribute in a template

CKR_ACTION_PROHIBITED 

The action may not be taken

CKR_DATA_INVALID 

The plaintext input data to a cryptographic operation is invalid

CKR_DATA_LEN_RANGE 

The plaintext input data to a cryptographic operation has a bad length

CKR_DEVICE_ERROR 

Some problem has occurred with the token and/or slot

CKR_DEVICE_MEMORY 

The token does not have sufficient memory to perform the requested function

CKR_DEVICE_REMOVED 

The token was removed from its slot during the execution of the function

CKR_ENCRYPTED_DATA_INVALID 

The encrypted input to a decryption operation has been determined to be invalid ciphertext

CKR_ENCRYPTED_DATA_LEN_RANGE 

The ciphertext input to a decryption operation has been determined to be invalid ciphertext solely on the basis of its length

CKR_FUNCTION_CANCELED 

The function was canceled in mid-execution

CKR_FUNCTION_NOT_PARALLEL 

There is currently no function executing in parallel in the specified session

CKR_FUNCTION_NOT_SUPPORTED 

The requested function is not supported by this Cryptoki library

CKR_KEY_HANDLE_INVALID 

The specified key handle is not valid

CKR_KEY_SIZE_RANGE 

Size of supplied key is outside the range of supported key sizes

CKR_KEY_TYPE_INCONSISTENT 

The specified key is not the correct type of key to use with the specified mechanism

CKR_KEY_NOT_NEEDED 

An extraneous key was supplied to C_SetOperationState

CKR_KEY_CHANGED 

One of the keys supplied to C_SetOperationState is not the same key that was being used in the original saved session

CKR_KEY_NEEDED 

Session state cannot be restored because C_SetOperationState needs to be supplied with one or more keys that were being used in the original saved session

CKR_KEY_INDIGESTIBLE 

Value of the specified key cannot be digested

CKR_KEY_FUNCTION_NOT_PERMITTED 

An attempt has been made to use a key for a cryptographic purpose that the key's attributes are not set to allow it to do

CKR_KEY_NOT_WRAPPABLE 

Library is unable to wrap the key in the requested way

CKR_KEY_UNEXTRACTABLE 

The specified private or secret key can't be wrapped

CKR_MECHANISM_INVALID 

An invalid mechanism was specified to the cryptographic operation

CKR_MECHANISM_PARAM_INVALID 

Invalid parameters were supplied to the mechanism specified to the cryptographic operation

CKR_OBJECT_HANDLE_INVALID 

The specified object handle is not valid

CKR_OPERATION_ACTIVE 

There is already an active operation which prevents Cryptoki from activating the specified operation

CKR_OPERATION_NOT_INITIALIZED 

There is no active operation of an appropriate type in the specified session

CKR_PIN_INCORRECT 

The specified PIN is incorrect

CKR_PIN_INVALID 

The specified PIN has invalid characters in it

CKR_PIN_LEN_RANGE 

The specified PIN is too long or too short

CKR_PIN_EXPIRED 

The specified PIN has expired

CKR_PIN_LOCKED 

The specified PIN is locked and cannot be used

CKR_SESSION_CLOSED 

The session was closed during the execution of the function

CKR_SESSION_COUNT 

Attempt to open a session failed because the token has too many sessions already open

CKR_SESSION_HANDLE_INVALID 

The specified session handle was invalid at the time that the function was invoked

CKR_SESSION_PARALLEL_NOT_SUPPORTED 

The specified token does not support parallel sessions

CKR_SESSION_READ_ONLY 

The specified session was unable to accomplish the desired action because it is a read-only session

CKR_SESSION_EXISTS 

Returned by C_InitToken when session with the token is open that prevents the token initialization

CKR_SESSION_READ_ONLY_EXISTS 

A read-only session already exists, and so the SO cannot be logged in

CKR_SESSION_READ_WRITE_SO_EXISTS 

A read/write SO session already exists, and so a read-only session cannot be opened

CKR_SIGNATURE_INVALID 

The provided signature/MAC is invalid

CKR_SIGNATURE_LEN_RANGE 

The provided signature/MAC can be seen to be invalid solely on the basis of its length

CKR_TEMPLATE_INCOMPLETE 

The template specified for creating an object is incomplete, and lacks some necessary attributes

CKR_TEMPLATE_INCONSISTENT 

The template specified for creating an object has conflicting attributes

CKR_TOKEN_NOT_PRESENT 

The token was not present in its slot at the time that the function was invoked

CKR_TOKEN_NOT_RECOGNIZED 

The Cryptoki library and/or slot does not recognize the token in the slot

CKR_TOKEN_WRITE_PROTECTED 

The requested action could not be performed because the token is write-protected

CKR_UNWRAPPING_KEY_HANDLE_INVALID 

Key handle specified to be used to unwrap another key is not valid

CKR_UNWRAPPING_KEY_SIZE_RANGE 

Unwrapping opration cannot be carried out because the supplied key's size is outside the range of supported key sizes

CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 

Type of the key specified to unwrap another key is not consistent with the mechanism specified for unwrapping

CKR_USER_ALREADY_LOGGED_IN 

User cannot be logged into the session because it is already logged into the session

CKR_USER_NOT_LOGGED_IN 

The desired action cannot be performed because the appropriate user is not logged in

CKR_USER_PIN_NOT_INITIALIZED 

Normal user's PIN has not yet been initialized

CKR_USER_TYPE_INVALID 

Invalid user type specified

CKR_USER_ANOTHER_ALREADY_LOGGED_IN 

User cannot be logged into the session because another user is already logged into the session

CKR_USER_TOO_MANY_TYPES 

An attempt was made to have more distinct users simultaneously logged into the token than the token and/or library permits

CKR_WRAPPED_KEY_INVALID 

Provided wrapped key is not valid

CKR_WRAPPED_KEY_LEN_RANGE 

Provided wrapped key can be seen to be invalid solely on the basis of its length

CKR_WRAPPING_KEY_HANDLE_INVALID 

Key handle specified to be used to wrap another key is not valid

CKR_WRAPPING_KEY_SIZE_RANGE 

Wrapping operation cannot be carried out because the supplied wrapping key's size is outside the range of supported key sizes

CKR_WRAPPING_KEY_TYPE_INCONSISTENT 

Type of the key specified to wrap another key is not consistent with the mechanism specified for wrapping

CKR_RANDOM_SEED_NOT_SUPPORTED 

Token's random number generator does not accept seeding from an application

CKR_RANDOM_NO_RNG 

Token doesn't have a random number generator

CKR_DOMAIN_PARAMS_INVALID 

Invalid or unsupported domain parameters were supplied to the function

CKR_CURVE_NOT_SUPPORTED 

Curve is not supported by the token

CKR_BUFFER_TOO_SMALL 

The output of the function is too large to fit in the supplied buffer

CKR_SAVED_STATE_INVALID 

Supplied saved cryptographic operations state is invalid, and so it cannot be restored to the specified session

CKR_INFORMATION_SENSITIVE 

The information requested could not be obtained because the token considers it sensitive, and is not able or willing to reveal it

CKR_STATE_UNSAVEABLE 

The cryptographic operations state of the specified session cannot be saved

CKR_CRYPTOKI_NOT_INITIALIZED 

Function cannot be executed because the Cryptoki library has not yet been initialized

CKR_CRYPTOKI_ALREADY_INITIALIZED 

Cryptoki library has already been initialized

CKR_MUTEX_BAD 

Returned by mutex-handling functions who are passed a bad mutex object as an argument

CKR_MUTEX_NOT_LOCKED 

Mutex supplied to the mutex-unlocking function was not locked

CKR_NEW_PIN_MODE 

The supplied OTP was not accepted and the library requests a new OTP computed using a new PIN

CKR_NEXT_OTP 

The supplied OTP was correct but indicated a larger than normal drift in the token's internal state. Application should provide the next one-time password to the library for verification.

CKR_EXCEEDED_MAX_ITERATIONS 

An iterative algorithm failed because the maximum number of iterations has been exceeded

CKR_FIPS_SELF_TEST_FAILED 

A FIPS 140-2 power-up self-test or conditional self-test failed

CKR_LIBRARY_LOAD_FAILED 

The Cryptoki library could not load a dependent shared library

CKR_PIN_TOO_WEAK 

The specified PIN is too weak so that it could be easy to guess

CKR_PUBLIC_KEY_INVALID 

The public key fails a public key validation

CKR_FUNCTION_REJECTED 

The signature request is rejected by the user

CKR_VENDOR_DEFINED 

Permanently reserved for token vendors

enum Net.Pkcs11Interop.Common.CKS : uint
strong

Session States

Enumerator
CKS_RO_PUBLIC_SESSION 

The application has opened a read-only session. The application has read-only access to public token objects and read/write access to public session objects.

CKS_RO_USER_FUNCTIONS 

The normal user has been authenticated to the token. The application has read-only access to all token objects (public or private) and read/write access to all session objects (public or private).

CKS_RW_PUBLIC_SESSION 

The application has opened a read/write session. The application has read/write access to all public objects.

CKS_RW_USER_FUNCTIONS 

The normal user has been authenticated to the token. The application has read/write access to all objects.

CKS_RW_SO_FUNCTIONS 

The Security Officer has been authenticated to the token. The application has read/write access only to public objects on the token, not to private objects. The SO can set the normal user's PIN.

enum Net.Pkcs11Interop.Common.CKU : uint
strong

Types of Cryptoki users

Enumerator
CKU_SO 

Security Officer

CKU_USER 

Normal user

CKU_CONTEXT_SPECIFIC 

Context specific

Source of PKCS#11 function pointers

Enumerator
WithFunctionList 

Recommended option: PKCS#11 function pointers will be acquired with single call of C_GetFunctionList function

WithoutFunctionList 

PKCS#11 function pointers will be acquired with multiple calls of GetProcAddress or dlsym function

Type of session

Enumerator
ReadOnly 

Read-only session

ReadWrite 

Read-write session

Type of slots to be obtained by PKCS#11 library

Enumerator
WithTokenPresent 

Only slots with a token present

WithOrWithoutTokenPresent 

All slots regardless of token presence

Type of waiting for a slot event

Enumerator
Blocking 

Method should block until an event occurs

NonBlocking 

Method should not block until an event occurs