pkcs11_kernel man page on SmartOS

Printed from http://www.polarhome.com/service/man/?qf=pkcs11_kernel&af=0&tf=2&of=SmartOS

PKCS11_KERNEL(5)					      PKCS11_KERNEL(5)

NAME
       pkcs11_kernel - PKCS#11 interface to Kernel Cryptographic Framework

SYNOPSIS
       /usr/lib/security/pkcs11_kernel.so
       /usr/lib/security/64/pkcs11_kernel.so

DESCRIPTION
       The pkcs11_kernel.so object implements the RSA PKCS#11 v2.20 specifica‐
       tion by using a private interface to communicate with the Kernel	 Cryp‐
       tographic Framework.

       Each  unique  hardware  provider is represented by a PKCS#11 slot. In a
       system with no hardware Kernel Cryptographic Framework providers,  this
       PKCS#11 library presents no slots.

       The  PKCS#11  mechanisms	 provided by this library is determined by the
       available hardware providers.

       Application developers should link to  libpkcs11.so  rather  than  link
       directly to pkcs11_kernel.so. See libpkcs11(3LIB).

       All  of	the  Standard  PKCS#11 functions listed on libpkcs11(3LIB) are
       implemented except for the following:

	 C_DecryptDigestUpdate
	 C_DecryptVerifyUpdate
	 C_DigestEncryptUpdate
	 C_GetOperationState
	 C_InitToken
	 C_InitPIN
	 C_SetOperationState
	 C_SignEncryptUpdate
	 C_WaitForSlotEvent

       A call to these functions returns CKR_FUNCTION_NOT_SUPPORTED.

       Buffers cannot be greater than 2 megabytes.  For	 example,  C_Encrypt()
       can  be	called	with a 2 megabyte buffer of plaintext and a 2 megabyte
       buffer for the ciphertext.

       The maximum number of object handles that can be returned by a call  to
       C_FindObjects() is 512.

       The  maximum amount of kernel memory that can be used for crypto opera‐
       tions is limited by  the	 project.max-crypto-memory  resource  control.
       Allocations  in	the  kernel for buffers and session-related structures
       are charged against this resource control.

RETURN VALUES
       The return values of each of the implemented functions are defined  and
       listed  in the RSA PKCS#11 v2.20 specification. See http://www.rsasecu‐
       rity.com.

ATTRIBUTES
       See attributes(5) for a description of the following attributes:

       ┌────────────────────┬────────────────────────────┐
       │  ATTRIBUTE TYPE    │	   ATTRIBUTE VALUE	 │
       ├────────────────────┼────────────────────────────┤
       │Interface Stability │ Standard: PKCS#11 v2.20	 │
       ├────────────────────┼────────────────────────────┤
       │MT-Level	    │ MT-Safe  with  exceptions. │
       │		    │ See  section  6.5.2 of RSA │
       │		    │ PKCS#11 v2.20		 │
       └────────────────────┴────────────────────────────┘

SEE ALSO
       cryptoadm(1M),	  rctladm(1M),	   libpkcs11(3LIB),	attributes(5),
       pkcs11_softtoken(5)

       RSA PKCS#11 v2.20 http://www.rsasecurity.com

NOTES
       Applications  that have an open session to a PKCS#11 slot make the cor‐
       responding hardware provider driver not	unloadable.  An	 administrator
       must  close  the	 applications that have an PKCS#11 session open to the
       hardware provider to make the driver unloadable.

				 Oct 27, 2005		      PKCS11_KERNEL(5)
[top]

List of man pages available for SmartOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net