MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


Standards, Environments, and Macros              pkcs11kernel(5)



NAME
     pkcs11kernel - PKCS#11 interface  to  Kernel  Cryptographic
     Framework

SYNOPSIS
     /usr/lib/security/pkcs11kernel.so
     /usr/lib/security/64/pkcs11kernel.so


DESCRIPTION
     The pkcs11kernel.so object implements the RSA PKCS#11 v2.20
     specification  by  using  a private interface to communicate
     with the Kernel Cryptographic Framework.


     Each unique hardware provider is represented  by  a  PKCS#11
     slot.  In  a  system  with  no hardware Kernel Cryptographic
     Framework providers, this PKCS#11 library presents no slots.


     The PKCS#11 mechanisms provided by this  library  is  deter-
     mined by the available hardware providers.


     Application developers should link  to  libpkcs11.so  rather
     than link directly to pkcs11kernel.so. See libpkcs11(3LIB).


     All  of   the   Standard   PKCS#11   functions   listed   on
     libpkcs11(3LIB) are implemented except for the following:

       CDecryptDigestUpdate
       CDecryptVerifyUpdate
       CDigestEncryptUpdate
       CGetOperationState
       CInitToken
       CInitPIN
       CSetOperationState
       CSignEncryptUpdate
       CWaitForSlotEvent



     A      call      to      these       functions       returns
     CKRFUNCTIONOTSUPORTED.


     Buffers cannot be greater than  2  megabytes.  For  example,
     CEncrypt() can be called with a 2 megabyte buffer of plain-
     text and a 2 megabyte buffer for the ciphertext.





SunOS 5.11          Last change: 27 Oct 2005                    1






Standards, Environments, and Macros              pkcs11kernel(5)



     The maximum number of object handles that can be returned by
     a call to CFindObjects() is 512.


     The maximum amount of kernel memory that  can  be  used  for
     crypto  operations  is  limited  by  the project.max-crypto-
     memory resource  control.  Allocations  in  the  kernel  for
     buffers  and  session-related structures are charged against
     this resource control.

RETURN VALUES
     The return values of each of the implemented  functions  are
     defined  and  listed in the RSA PKCS#11 v2.20 specification.
     See http:/www.rsasecurity.com.

ATRIBUTES
     See attributes(5) for a description of the following  attri-
     butes:



     
           ATRIBUTE TYPE               ATRIBUTE VALUE      
    
     Interface Stability          Standard: PKCS#11 v2.20    
    
     MT-Level                     MT-Safe  with   exceptions.
                                  See  section  6.5.2  of RSA
                                  PKCS#11 v2.20              
   


SEE ALSO
     cryptoadm(1M), rctladm(1M), libpkcs11(3LIB),  attributes(5),
     pkcs11softtoken(5)


     RSA PKCS#11 v2.20 http:/www.rsasecurity.com

NOTES
     Applications that have an open session  to  a  PKCS#11  slot
     make  the corresponding hardware provider driver not unload-
     able. An administrator must close the applications that have
     an PKCS#11 session open to the hardware provider to make the
     driver unloadable.










SunOS 5.11          Last change: 27 Oct 2005                    2
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™