|
Home > |
|---|
This section shows the compliance of Luna Software Development Kit HSM products to the PKCS#11 standard, with reference to particular versions of the standard. The text of the standard is not reproduced here.
The table below identifies which PKCS#11 services this version of Luna Software Development Kit supports. The table following lists other features of PKCS#11 and identifies the compliance of this version of the Luna Software Development Kit to these features.
| Category | Function | Supported SafeNet ver 2.20 |
|---|---|---|
|
General purpose functions
|
C_Initialize |
Yes |
|
C_Finalize |
Yes |
|
|
C_GetInfo |
Yes |
|
|
C_GetFunctionList |
Yes |
|
|
C_Terminate |
Yes |
|
|
Slot and token management functions
|
C_GetSlotList |
Yes |
|
C_GetSlotInfo |
Yes |
|
|
C_GetTokenInfo |
Yes |
|
|
C_WaitForSlotEvent |
No |
|
|
C_GetMechanismList |
Yes |
|
|
C_GetMechanismInfo |
Yes |
|
|
C_InitToken |
Yes |
|
|
C_InitPIN |
Yes |
|
|
C_SetPIN |
Yes |
|
|
Session management functions
|
C_OpenSession |
Yes |
|
C_CloseSession |
Yes |
|
|
C_CloseAllSessions |
Yes |
|
|
C_GetSessionInfo |
Yes |
|
|
C_GetOperationState |
Yes |
|
|
C_SetOperationState |
Yes |
|
|
C_Login |
Yes |
|
|
C_Logout |
Yes |
|
|
Object management functions
|
C_CreateObject |
Yes |
|
C_CopyObject |
Yes |
|
|
C_DestroyObject |
Yes |
|
|
C_GetObjectSize |
Yes |
|
|
C_GetAttributeValue |
Yes |
|
|
C_SetAttributeValue |
Yes |
|
|
C_FindObjectsInit |
Yes |
|
|
C_FindObjects |
Yes |
|
|
C_FindObjectsFinal |
Yes |
|
|
Encryption functions
|
C_EncryptInit |
Yes |
|
C_Encrypt |
Yes |
|
|
C_EncryptUpdate |
Yes |
|
|
C_EncryptFinal |
Yes |
|
|
Decryption functions
|
C_DecryptInit |
Yes |
|
C_Decrypt |
Yes |
|
|
C_DecryptUpdate |
Yes |
|
|
C_DecryptFinal |
Yes |
|
|
Message digesting functions
|
C_DigestInit |
Yes |
|
C_Digest |
Yes |
|
|
C_DigestUpdate |
Yes |
|
|
C_DigestKey |
Yes |
|
|
C_DigestFinal |
Yes |
|
|
Signing and MACing functions
|
C_SignInit |
Yes |
|
C_Sign |
Yes |
|
|
C_SignUpdate |
Yes |
|
|
C_SignFinal |
Yes |
|
|
C_SignRecoverInit |
No |
|
|
C_SignRecover |
No |
|
|
Functions for verifying signatures and MACs
|
C_VerifyInit |
Yes |
|
C_Verify |
Yes |
|
|
C_VerifyUpdate |
Yes |
|
|
C_VerifyFinal |
Yes |
|
|
C_VerifyRecoverInit |
No |
|
|
C_VerifyRecover |
No |
|
|
Dual-purpose cryptographic functions
|
C_DigestEncryptUpdate |
No |
|
C_DecryptDigestUpdate |
No |
|
|
C_SignEncryptUpdate |
No |
|
|
C_DecryptVerifyUpdate |
No |
|
|
Key management functions
|
C_GenerateKey |
Yes |
|
C_GenerateKeyPair |
Yes |
|
|
C_WrapKey |
Yes |
|
|
C_UnwrapKey |
Yes |
|
|
C_DeriveKey |
Yes |
|
|
Random number generation functions
|
C_SeedRandom |
Yes |
|
C_GenerateRandom |
Yes |
|
|
Parallel function management functions
|
C_GetFunctionStatus |
No |
|
C_CancelFunction |
No |
|
|
Callback function |
|
No |
| Feature | Supported? |
|---|---|
|
Exclusive sessions |
Yes |
|
Parallel sessions |
No |
Please note that certain additional functions have been implemented by SafeNet as extensions to the standard. These include aspects of object cloning, and are described in detail in "SafeNet Extensions to PKCS#11"