Logger Architecture and Functionality

Figure 1: PKCS#11 Logger Architecture Model

The logger is interposed between the application and the SafeNet ProtectToolkit-C host library. There, it intercepts PKCS#11 function calls and responses. Details are logged to the log file before the messages are passed through to their intended destination.

For each PKCS#11 call, the logger creates an entry in the log file. By default, these entries contain the following details:

>the calling process ID (PID)

>the thread ID (TID)

>the date and time of the call

>all numeric data

>buffer addresses

>contents of buffer addresses at the input and output of functions (excluding PIN values)

Optionally, the logger may be configured to:

>return the PIN values used to login to tokens that are provided to the C_Login function

>remove any or all of the following from the output:

>the calling process ID (PID)

>the thread ID (TID)

>the date and time of the call

>contents of buffer addresses at the input and output of functions


Customer Support Portal

SafeNet ProtectToolkit 5.9 Product Documentation  06 January 2020  Copyright 2009-2020 Thales. All rights reserved.