Categorygithub.com/miekg/pkcs11

modulepackage

1.1.1

Repository: https://github.com/miekg/pkcs11.git

Documentation: pkg.go.dev

# README

PKCS#11

This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom where it makes sense. It has been tested with SoftHSM.

SoftHSM

Make it use a custom configuration file export SOFTHSM_CONF=$PWD/softhsm.conf

Then use softhsm to init it

softhsm --init-token --slot 0 --label test --pin 1234

Then use libsofthsm2.so as the pkcs11 module:

p := pkcs11.New("/usr/lib/softhsm/libsofthsm2.so")

Examples

A skeleton program would look somewhat like this (yes, pkcs#11 is verbose):

p := pkcs11.New("/usr/lib/softhsm/libsofthsm2.so")
err := p.Initialize()
if err != nil {
    panic(err)
}

defer p.Destroy()
defer p.Finalize()

slots, err := p.GetSlotList(true)
if err != nil {
    panic(err)
}

session, err := p.OpenSession(slots[0], pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION)
if err != nil {
    panic(err)
}
defer p.CloseSession(session)

err = p.Login(session, pkcs11.CKU_USER, "1234")
if err != nil {
    panic(err)
}
defer p.Logout(session)

p.DigestInit(session, []*pkcs11.Mechanism{pkcs11.NewMechanism(pkcs11.CKM_SHA_1, nil)})
hash, err := p.Digest(session, []byte("this is a string"))
if err != nil {
    panic(err)
}

for _, d := range hash {
        fmt.Printf("%x", d)
}
fmt.Println()

Further examples are included in the tests.

To expose PKCS#11 keys using the crypto.Signer interface, please see github.com/thalesignite/crypto11.

# Packages

Package p11 wraps `miekg/pkcs11` to make it easier to use and more idiomatic to Go, as compared with the more straightforward C wrapper that `miekg/pkcs11` presents.

# Constants

CK_CERTIFICATE_CATEGORY_AUTHORITY

CK_CERTIFICATE_CATEGORY_OTHER_ENTITY

CK_CERTIFICATE_CATEGORY_TOKEN_USER

CK_CERTIFICATE_CATEGORY_UNSPECIFIED

CK_EFFECTIVELY_INFINITE

CK_INVALID_HANDLE

CK_OTP_CHALLENGE

CK_OTP_FORMAT_ALPHANUMERIC

CK_OTP_FORMAT_BINARY

CK_OTP_FORMAT_DECIMAL

CK_OTP_FORMAT_HEXADECIMAL

CK_OTP_OUTPUT_FORMAT

CK_OTP_OUTPUT_LENGTH

CK_OTP_PARAM_IGNORED

CK_OTP_PARAM_MANDATORY

CK_OTP_PARAM_OPTIONAL

CK_SECURITY_DOMAIN_MANUFACTURER

CK_SECURITY_DOMAIN_OPERATOR

CK_SECURITY_DOMAIN_THIRD_PARTY

CK_SECURITY_DOMAIN_UNSPECIFIED

CK_UNAVAILABLE_INFORMATION

CKA_ALLOWED_MECHANISMS

CKA_ALWAYS_AUTHENTICATE

CKA_ALWAYS_SENSITIVE

CKA_APPLICATION

CKA_AUTH_PIN_FLAGS

Deprecated.

CKA_BITS_PER_PIXEL

CKA_CERT_MD5_HASH

Vendor specific values for Mozilla NSS.

CKA_CERT_SHA1_HASH

Vendor specific values for Mozilla NSS.

CKA_CERTIFICATE_CATEGORY

CKA_CERTIFICATE_TYPE

CKA_CHAR_COLUMNS

CKA_CHECK_VALUE

CKA_COEFFICIENT

CKA_DEFAULT_CMS_ATTRIBUTES

CKA_DERIVE_TEMPLATE

CKA_DESTROYABLE

CKA_ECDSA_PARAMS

Deprecated.

CKA_ENCODING_METHODS

CKA_EXTRACTABLE

CKA_GOST28147_PARAMS

CKA_GOSTR3410_PARAMS

CKA_GOSTR3411_PARAMS

CKA_HASH_OF_ISSUER_PUBLIC_KEY

CKA_HASH_OF_SUBJECT_PUBLIC_KEY

CKA_HW_FEATURE_TYPE

CKA_JAVA_MIDP_SECURITY_DOMAIN

CKA_KEY_GEN_MECHANISM

CKA_MECHANISM_TYPE

CKA_MODULUS_BITS

CKA_NAME_HASH_ALGORITHM

Vendor specific range for Ncipher network HSM.

CKA_NEVER_EXTRACTABLE

Vendor specific range for Mozilla NSS.

Vendor specific values for Mozilla NSS.

CKA_NSS_EXPIRES

Vendor specific values for Mozilla NSS.

CKA_NSS_JPAKE_GX1

Vendor specific values for Mozilla NSS.

CKA_NSS_JPAKE_GX2

Vendor specific values for Mozilla NSS.

CKA_NSS_JPAKE_GX3

Vendor specific values for Mozilla NSS.

CKA_NSS_JPAKE_GX4

Vendor specific values for Mozilla NSS.

CKA_NSS_JPAKE_PEERID

Vendor specific values for Mozilla NSS.

CKA_NSS_JPAKE_SIGNERID

Vendor specific values for Mozilla NSS.

CKA_NSS_JPAKE_X2

Vendor specific values for Mozilla NSS.

CKA_NSS_JPAKE_X2S

Vendor specific values for Mozilla NSS.

Vendor specific values for Mozilla NSS.

CKA_NSS_MODULE_SPEC

Vendor specific values for Mozilla NSS.

CKA_NSS_MOZILLA_CA_POLICY

Vendor specific values for Mozilla NSS.

CKA_NSS_OVERRIDE_EXTENSIONS

Vendor specific values for Mozilla NSS.

CKA_NSS_PASSWORD_CHECK

Vendor specific values for Mozilla NSS.

CKA_NSS_PKCS8_SALT

Vendor specific values for Mozilla NSS.

CKA_NSS_PQG_COUNTER

Vendor specific values for Mozilla NSS.

Vendor specific values for Mozilla NSS.

CKA_NSS_PQG_SEED

Vendor specific values for Mozilla NSS.

CKA_NSS_PQG_SEED_BITS

Vendor specific values for Mozilla NSS.

CKA_NSS_SMIME_INFO

Vendor specific values for Mozilla NSS.

CKA_NSS_SMIME_TIMESTAMP

Vendor specific values for Mozilla NSS.

Vendor specific values for Mozilla NSS.

CKA_OTP_CHALLENGE_REQUIREMENT

CKA_OTP_COUNTER

CKA_OTP_COUNTER_REQUIREMENT

CKA_OTP_PIN_REQUIREMENT

CKA_OTP_SERVICE_IDENTIFIER

CKA_OTP_SERVICE_LOGO

CKA_OTP_SERVICE_LOGO_TYPE

CKA_OTP_TIME_INTERVAL

CKA_OTP_TIME_REQUIREMENT

CKA_OTP_USER_FRIENDLY_MODE

CKA_OTP_USER_IDENTIFIER

CKA_PRIVATE_EXPONENT

CKA_PUBLIC_EXPONENT

CKA_PUBLIC_KEY_INFO

CKA_REQUIRED_CMS_ATTRIBUTES

CKA_RESET_ON_INIT

CKA_SECONDARY_AUTH

Deprecated.

CKA_SERIAL_NUMBER

CKA_SIGN_RECOVER

CKA_SUB_PRIME_BITS

CKA_SUBPRIME_BITS

CKA_SUPPORTED_CMS_ATTRIBUTES

Vendor specific range for Mozilla NSS.

CKA_TRUST_CLIENT_AUTH

Vendor specific values for Mozilla NSS.

CKA_TRUST_CODE_SIGNING

Vendor specific values for Mozilla NSS.

CKA_TRUST_CRL_SIGN

Vendor specific values for Mozilla NSS.

CKA_TRUST_DATA_ENCIPHERMENT

Vendor specific values for Mozilla NSS.

CKA_TRUST_DIGITAL_SIGNATURE

Vendor specific values for Mozilla NSS.

CKA_TRUST_EMAIL_PROTECTION

Vendor specific values for Mozilla NSS.

CKA_TRUST_IPSEC_END_SYSTEM

Vendor specific values for Mozilla NSS.

CKA_TRUST_IPSEC_TUNNEL

Vendor specific values for Mozilla NSS.

CKA_TRUST_IPSEC_USER

Vendor specific values for Mozilla NSS.

CKA_TRUST_KEY_AGREEMENT

Vendor specific values for Mozilla NSS.

CKA_TRUST_KEY_CERT_SIGN

Vendor specific values for Mozilla NSS.

CKA_TRUST_KEY_ENCIPHERMENT

Vendor specific values for Mozilla NSS.

CKA_TRUST_NON_REPUDIATION

Vendor specific values for Mozilla NSS.

CKA_TRUST_SERVER_AUTH

Vendor specific values for Mozilla NSS.

CKA_TRUST_STEP_UP_APPROVED

Vendor specific values for Mozilla NSS.

CKA_TRUST_TIME_STAMPING

Vendor specific values for Mozilla NSS.

CKA_UNWRAP_TEMPLATE

CKA_VENDOR_DEFINED

CKA_VERIFY_RECOVER

CKA_WRAP_TEMPLATE

CKA_WRAP_WITH_TRUSTED

Vendor specific range for Mozilla NSS.

CKC_VENDOR_DEFINED

CKC_X_509_ATTR_CERT

CKD_CPDIVERSIFY_KDF

CKD_SHA1_KDF_ASN1

CKD_SHA1_KDF_CONCATENATE

CKD_SHA3_224_KDF

CKD_SHA3_256_KDF

CKD_SHA3_384_KDF

CKD_SHA3_512_KDF

CKF_ARRAY_ATTRIBUTE

CKF_CLOCK_ON_TOKEN

CKF_DUAL_CRYPTO_OPERATIONS

CKF_EC_COMPRESS

CKF_EC_ECPARAMETERS

CKF_EC_NAMEDCURVE

CKF_EC_UNCOMPRESS

CKF_ERROR_STATE

CKF_EXCLUDE_CHALLENGE

CKF_EXCLUDE_COUNTER

CKF_EXCLUDE_PIN

CKF_EXCLUDE_TIME

CKF_GENERATE_KEY_PAIR

CKF_LIBRARY_CANT_CREATE_OS_THREADS

CKF_LOGIN_REQUIRED

CKF_OS_LOCKING_OK

CKF_PROTECTED_AUTHENTICATION_PATH

CKF_REMOVABLE_DEVICE

CKF_RESTORE_KEY_NOT_NEEDED

CKF_SECONDARY_AUTHENTICATION

CKF_SERIAL_SESSION

CKF_SIGN_RECOVER

CKF_SO_PIN_COUNT_LOW

CKF_SO_PIN_FINAL_TRY

CKF_SO_PIN_LOCKED

CKF_SO_PIN_TO_BE_CHANGED

CKF_TOKEN_INITIALIZED

CKF_TOKEN_PRESENT

CKF_USER_FRIENDLY_OTP

CKF_USER_PIN_COUNT_LOW

CKF_USER_PIN_FINAL_TRY

CKF_USER_PIN_INITIALIZED

CKF_USER_PIN_LOCKED

CKF_USER_PIN_TO_BE_CHANGED

CKF_VERIFY_RECOVER

CKF_WRITE_PROTECTED

CKG_MGF1_SHA224

CKG_MGF1_SHA256

CKG_MGF1_SHA384

CKG_MGF1_SHA512

CKH_MONOTONIC_COUNTER

CKH_USER_INTERFACE

CKH_VENDOR_DEFINED

Deprecated.

Deprecated.

CKK_GENERIC_SECRET

Vendor specific range for Ncipher network HSM.

Vendor specific range for Mozilla NSS.

CKK_NSS_CHACHA20

Vendor specific values for Mozilla NSS.

CKK_NSS_JPAKE_ROUND1

Vendor specific values for Mozilla NSS.

CKK_NSS_JPAKE_ROUND2

Vendor specific values for Mozilla NSS.

Vendor specific values for Mozilla NSS.

CKK_RIPEMD128_HMAC

CKK_RIPEMD160_HMAC

CKK_SHA224_HMAC

CKK_SHA256_HMAC

CKK_SHA3_224_HMAC

CKK_SHA3_256_HMAC

CKK_SHA3_384_HMAC

CKK_SHA3_512_HMAC

CKK_SHA384_HMAC

CKK_SHA512_HMAC

CKK_VENDOR_DEFINED

CKM_ACTI_KEY_GEN

CKM_AES_CBC_ENCRYPT_DATA

CKM_AES_CBC_PAD

CKM_AES_CMAC_GENERAL

CKM_AES_ECB_ENCRYPT_DATA

CKM_AES_KEY_GEN

CKM_AES_KEY_WRAP

CKM_AES_KEY_WRAP_PAD

CKM_AES_MAC_GENERAL

CKM_AES_XCBC_MAC

CKM_AES_XCBC_MAC_96

CKM_ARIA_CBC_ENCRYPT_DATA

CKM_ARIA_CBC_PAD

CKM_ARIA_ECB_ENCRYPT_DATA

CKM_ARIA_KEY_GEN

CKM_ARIA_MAC_GENERAL

CKM_BATON_CBC128

CKM_BATON_COUNTER

CKM_BATON_ECB128

CKM_BATON_ECB96

CKM_BATON_KEY_GEN

CKM_BATON_SHUFFLE

CKM_BLOWFISH_CBC

CKM_BLOWFISH_CBC_PAD

CKM_BLOWFISH_KEY_GEN

CKM_CAMELLIA_CBC

CKM_CAMELLIA_CBC_ENCRYPT_DATA

CKM_CAMELLIA_CBC_PAD

CKM_CAMELLIA_CTR

CKM_CAMELLIA_ECB

CKM_CAMELLIA_ECB_ENCRYPT_DATA

CKM_CAMELLIA_KEY_GEN

CKM_CAMELLIA_MAC

CKM_CAMELLIA_MAC_GENERAL

CKM_CAST_CBC_PAD

CKM_CAST_KEY_GEN

CKM_CAST_MAC_GENERAL

CKM_CAST128_CBC

CKM_CAST128_CBC_PAD

CKM_CAST128_ECB

CKM_CAST128_KEY_GEN

CKM_CAST128_MAC

CKM_CAST128_MAC_GENERAL

CKM_CAST3_CBC_PAD

CKM_CAST3_KEY_GEN

CKM_CAST3_MAC_GENERAL

Deprecated.

CKM_CAST5_CBC_PAD

Deprecated.

CKM_CAST5_KEY_GEN

Deprecated.

CKM_CAST5_MAC_GENERAL

Deprecated.

CKM_CDMF_CBC_PAD

CKM_CDMF_KEY_GEN

CKM_CDMF_MAC_GENERAL

CKM_CONCATENATE_BASE_AND_DATA

CKM_CONCATENATE_BASE_AND_KEY

CKM_CONCATENATE_DATA_AND_BASE

CKM_DES_CBC_ENCRYPT_DATA

CKM_DES_CBC_PAD

CKM_DES_ECB_ENCRYPT_DATA

CKM_DES_KEY_GEN

CKM_DES_MAC_GENERAL

CKM_DES2_KEY_GEN

CKM_DES3_CBC_ENCRYPT_DATA

CKM_DES3_CBC_PAD

CKM_DES3_CMAC_GENERAL

CKM_DES3_ECB_ENCRYPT_DATA

CKM_DES3_KEY_GEN

CKM_DES3_MAC_GENERAL

CKM_DH_PKCS_DERIVE

CKM_DH_PKCS_KEY_PAIR_GEN

CKM_DH_PKCS_PARAMETER_GEN

CKM_DSA_KEY_PAIR_GEN

CKM_DSA_PARAMETER_GEN

CKM_DSA_PROBABLISTIC_PARAMETER_GEN

CKM_DSA_SHA3_224

CKM_DSA_SHA3_256

CKM_DSA_SHA3_384

CKM_DSA_SHA3_512

CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN

CKM_EC_KEY_PAIR_GEN

CKM_ECDH_AES_KEY_WRAP

CKM_ECDH1_COFACTOR_DERIVE

CKM_ECDH1_DERIVE

CKM_ECDSA_KEY_PAIR_GEN

Deprecated.

CKM_ECDSA_SHA224

CKM_ECDSA_SHA256

CKM_ECDSA_SHA384

CKM_ECDSA_SHA512

CKM_ECMQV_DERIVE

CKM_EXTRACT_KEY_FROM_KEY

CKM_FORTEZZA_TIMESTAMP

CKM_GENERIC_SECRET_KEY_GEN

CKM_GOST28147_ECB

CKM_GOST28147_KEY_GEN

CKM_GOST28147_KEY_WRAP

CKM_GOST28147_MAC

CKM_GOSTR3410_DERIVE

CKM_GOSTR3410_KEY_PAIR_GEN

CKM_GOSTR3410_KEY_WRAP

CKM_GOSTR3410_WITH_GOSTR3411

CKM_GOSTR3411_HMAC

CKM_HOTP_KEY_GEN

CKM_IDEA_CBC_PAD

CKM_IDEA_KEY_GEN

CKM_IDEA_MAC_GENERAL

CKM_JUNIPER_CBC128

CKM_JUNIPER_COUNTER

CKM_JUNIPER_ECB128

CKM_JUNIPER_KEY_GEN

CKM_JUNIPER_SHUFFLE

CKM_JUNIPER_WRAP

CKM_KEA_KEY_DERIVE

CKM_KEA_KEY_PAIR_GEN

CKM_KEY_WRAP_LYNKS

CKM_KEY_WRAP_SET_OAEP

CKM_MD2_HMAC_GENERAL

CKM_MD2_KEY_DERIVATION

CKM_MD2_RSA_PKCS

CKM_MD5_HMAC_GENERAL

CKM_MD5_KEY_DERIVATION

CKM_MD5_RSA_PKCS

CKM_NC_MD5_HMAC_KEY_GEN

no params */.

CKM_NC_SHA_1_HMAC_KEY_GEN

no params */.

CKM_NC_SHA224_HMAC_KEY_GEN

no params */.

CKM_NC_SHA256_HMAC_KEY_GEN

no params */.

CKM_NC_SHA384_HMAC_KEY_GEN

no params */.

CKM_NC_SHA512_HMAC_KEY_GEN

no params */.

Vendor specific range for Ncipher network HSM.

Vendor specific range for Mozilla NSS.

CKM_NSS_AES_KEY_WRAP

Vendor specific values for Mozilla NSS.

CKM_NSS_AES_KEY_WRAP_PAD

Vendor specific values for Mozilla NSS.

CKM_NSS_CHACHA20_KEY_GEN

Vendor specific values for Mozilla NSS.

CKM_NSS_CHACHA20_POLY1305

Vendor specific values for Mozilla NSS.

CKM_NSS_HKDF_SHA1

Vendor specific values for Mozilla NSS.

CKM_NSS_HKDF_SHA256

Vendor specific values for Mozilla NSS.

CKM_NSS_HKDF_SHA384

Vendor specific values for Mozilla NSS.

CKM_NSS_HKDF_SHA512

Vendor specific values for Mozilla NSS.

CKM_NSS_HMAC_CONSTANT_TIME

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_FINAL_SHA1

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_FINAL_SHA256

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_FINAL_SHA384

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_FINAL_SHA512

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_ROUND1_SHA1

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_ROUND1_SHA256

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_ROUND1_SHA384

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_ROUND1_SHA512

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_ROUND2_SHA1

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_ROUND2_SHA256

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_ROUND2_SHA384

Vendor specific values for Mozilla NSS.

CKM_NSS_JPAKE_ROUND2_SHA512

Vendor specific values for Mozilla NSS.

CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN

Vendor specific values for Mozilla NSS.

CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN

Vendor specific values for Mozilla NSS.

CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN

Vendor specific values for Mozilla NSS.

CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN

Vendor specific values for Mozilla NSS.

CKM_NSS_SSL3_MAC_CONSTANT_TIME

Vendor specific values for Mozilla NSS.

CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE

Vendor specific values for Mozilla NSS.

CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH

Vendor specific values for Mozilla NSS.

CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256

Vendor specific values for Mozilla NSS.

CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256

Vendor specific values for Mozilla NSS.

CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256

Vendor specific values for Mozilla NSS.

CKM_NSS_TLS_PRF_GENERAL_SHA256

Vendor specific values for Mozilla NSS.

CKM_PBA_SHA1_WITH_SHA1_HMAC

CKM_PBE_MD2_DES_CBC

CKM_PBE_MD5_CAST_CBC

CKM_PBE_MD5_CAST128_CBC

CKM_PBE_MD5_CAST3_CBC

CKM_PBE_MD5_CAST5_CBC

Deprecated.

CKM_PBE_MD5_DES_CBC

CKM_PBE_SHA1_CAST128_CBC

CKM_PBE_SHA1_CAST5_CBC

Deprecated.

CKM_PBE_SHA1_DES2_EDE_CBC

CKM_PBE_SHA1_DES3_EDE_CBC

CKM_PBE_SHA1_RC2_128_CBC

CKM_PBE_SHA1_RC2_40_CBC

CKM_PBE_SHA1_RC4_128

CKM_PBE_SHA1_RC4_40

CKM_PKCS5_PBKD2

CKM_RC2_CBC_PAD

CKM_RC2_KEY_GEN

CKM_RC2_MAC_GENERAL

CKM_RC4_KEY_GEN

CKM_RC5_CBC_PAD

CKM_RC5_KEY_GEN

CKM_RC5_MAC_GENERAL

CKM_RIPEMD128_HMAC

CKM_RIPEMD128_HMAC_GENERAL

CKM_RIPEMD128_RSA_PKCS

CKM_RIPEMD160_HMAC

CKM_RIPEMD160_HMAC_GENERAL

CKM_RIPEMD160_RSA_PKCS

CKM_RSA_AES_KEY_WRAP

CKM_RSA_PKCS_KEY_PAIR_GEN

CKM_RSA_PKCS_OAEP

CKM_RSA_PKCS_OAEP_TPM_1_1

CKM_RSA_PKCS_PSS

CKM_RSA_PKCS_TPM_1_1

CKM_RSA_X9_31_KEY_PAIR_GEN

CKM_SECURID_KEY_GEN

CKM_SEED_CBC_ENCRYPT_DATA

CKM_SEED_CBC_PAD

CKM_SEED_ECB_ENCRYPT_DATA

CKM_SEED_KEY_GEN

CKM_SEED_MAC_GENERAL

CKM_SHA_1_HMAC_GENERAL

CKM_SHA1_KEY_DERIVATION

CKM_SHA1_RSA_PKCS

CKM_SHA1_RSA_PKCS_PSS

CKM_SHA1_RSA_X9_31

CKM_SHA224_HMAC

CKM_SHA224_HMAC_GENERAL

CKM_SHA224_KEY_DERIVATION

CKM_SHA224_RSA_PKCS

CKM_SHA224_RSA_PKCS_PSS

CKM_SHA256_HMAC

CKM_SHA256_HMAC_GENERAL

CKM_SHA256_KEY_DERIVATION

CKM_SHA256_RSA_PKCS

CKM_SHA256_RSA_PKCS_PSS

CKM_SHA3_224_HMAC

CKM_SHA3_224_HMAC_GENERAL

CKM_SHA3_224_KEY_DERIVE

CKM_SHA3_224_KEY_GEN

CKM_SHA3_224_RSA_PKCS

CKM_SHA3_224_RSA_PKCS_PSS

CKM_SHA3_256_HMAC

CKM_SHA3_256_HMAC_GENERAL

CKM_SHA3_256_KEY_DERIVE

CKM_SHA3_256_KEY_GEN

CKM_SHA3_256_RSA_PKCS

CKM_SHA3_256_RSA_PKCS_PSS

CKM_SHA3_384_HMAC

CKM_SHA3_384_HMAC_GENERAL

CKM_SHA3_384_KEY_DERIVE

CKM_SHA3_384_KEY_GEN

CKM_SHA3_384_RSA_PKCS

CKM_SHA3_384_RSA_PKCS_PSS

CKM_SHA3_512_HMAC

CKM_SHA3_512_HMAC_GENERAL

CKM_SHA3_512_KEY_DERIVE

CKM_SHA3_512_KEY_GEN

CKM_SHA3_512_RSA_PKCS

CKM_SHA3_512_RSA_PKCS_PSS

CKM_SHA384_HMAC

CKM_SHA384_HMAC_GENERAL

CKM_SHA384_KEY_DERIVATION

CKM_SHA384_RSA_PKCS

CKM_SHA384_RSA_PKCS_PSS

CKM_SHA512_224_HMAC

CKM_SHA512_224_HMAC_GENERAL

CKM_SHA512_224_KEY_DERIVATION

CKM_SHA512_256_HMAC

CKM_SHA512_256_HMAC_GENERAL

CKM_SHA512_256_KEY_DERIVATION

CKM_SHA512_HMAC

CKM_SHA512_HMAC_GENERAL

CKM_SHA512_KEY_DERIVATION

CKM_SHA512_RSA_PKCS

CKM_SHA512_RSA_PKCS_PSS

CKM_SHA512_T_HMAC

CKM_SHA512_T_HMAC_GENERAL

CKM_SHA512_T_KEY_DERIVATION

CKM_SHAKE_128_KEY_DERIVE

CKM_SHAKE_256_KEY_DERIVE

CKM_SKIPJACK_CBC64

CKM_SKIPJACK_CFB16

CKM_SKIPJACK_CFB32

CKM_SKIPJACK_CFB64

CKM_SKIPJACK_CFB8

CKM_SKIPJACK_ECB64

CKM_SKIPJACK_KEY_GEN

CKM_SKIPJACK_OFB64

CKM_SKIPJACK_PRIVATE_WRAP

CKM_SKIPJACK_RELAYX

CKM_SKIPJACK_WRAP

CKM_SSL3_KEY_AND_MAC_DERIVE

CKM_SSL3_MASTER_KEY_DERIVE

CKM_SSL3_MASTER_KEY_DERIVE_DH

CKM_SSL3_MD5_MAC

CKM_SSL3_PRE_MASTER_KEY_GEN

CKM_SSL3_SHA1_MAC

CKM_TLS_KEY_AND_MAC_DERIVE

CKM_TLS_MASTER_KEY_DERIVE

CKM_TLS_MASTER_KEY_DERIVE_DH

CKM_TLS_PRE_MASTER_KEY_GEN

CKM_TLS10_MAC_CLIENT

CKM_TLS10_MAC_SERVER

CKM_TLS12_KEY_AND_MAC_DERIVE

CKM_TLS12_KEY_SAFE_DERIVE

CKM_TLS12_MASTER_KEY_DERIVE

CKM_TLS12_MASTER_KEY_DERIVE_DH

CKM_TWOFISH_CBC

CKM_TWOFISH_CBC_PAD

CKM_TWOFISH_KEY_GEN

CKM_VENDOR_DEFINED

CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE

CKM_WTLS_MASTER_KEY_DERIVE

CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC

CKM_WTLS_PRE_MASTER_KEY_GEN

CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE

CKM_X9_42_DH_DERIVE

CKM_X9_42_DH_HYBRID_DERIVE

CKM_X9_42_DH_KEY_PAIR_GEN

CKM_X9_42_DH_PARAMETER_GEN

CKM_X9_42_MQV_DERIVE

CKM_XOR_BASE_AND_DATA

CKN_OTP_CHANGED

CKO_CERTIFICATE

CKO_DOMAIN_PARAMETERS

Vendor specific range for Mozilla NSS.

CKO_NSS_BUILTIN_ROOT_LIST

Vendor specific values for Mozilla NSS.

Vendor specific values for Mozilla NSS.

CKO_NSS_DELSLOT

Vendor specific values for Mozilla NSS.

CKO_NSS_NEWSLOT

Vendor specific values for Mozilla NSS.

Vendor specific values for Mozilla NSS.

Vendor specific values for Mozilla NSS.

CKO_PRIVATE_KEY

CKO_VENDOR_DEFINED

CKP_PKCS5_PBKD2_HMAC_GOSTR3411

CKP_PKCS5_PBKD2_HMAC_SHA1

CKP_PKCS5_PBKD2_HMAC_SHA224

CKP_PKCS5_PBKD2_HMAC_SHA256

CKP_PKCS5_PBKD2_HMAC_SHA384

CKP_PKCS5_PBKD2_HMAC_SHA512

CKP_PKCS5_PBKD2_HMAC_SHA512_224

CKP_PKCS5_PBKD2_HMAC_SHA512_256

CKR_ACTION_PROHIBITED

CKR_ARGUMENTS_BAD

CKR_ATTRIBUTE_READ_ONLY

CKR_ATTRIBUTE_SENSITIVE

CKR_ATTRIBUTE_TYPE_INVALID

CKR_ATTRIBUTE_VALUE_INVALID

CKR_BUFFER_TOO_SMALL

CKR_CRYPTOKI_ALREADY_INITIALIZED

CKR_CRYPTOKI_NOT_INITIALIZED

CKR_CURVE_NOT_SUPPORTED

CKR_DATA_INVALID

CKR_DATA_LEN_RANGE

CKR_DEVICE_ERROR

CKR_DEVICE_MEMORY

CKR_DEVICE_REMOVED

CKR_DOMAIN_PARAMS_INVALID

CKR_ENCRYPTED_DATA_INVALID

CKR_ENCRYPTED_DATA_LEN_RANGE

CKR_EXCEEDED_MAX_ITERATIONS

CKR_FIPS_SELF_TEST_FAILED

CKR_FUNCTION_CANCELED

CKR_FUNCTION_FAILED

CKR_FUNCTION_NOT_PARALLEL

CKR_FUNCTION_NOT_SUPPORTED

CKR_FUNCTION_REJECTED

CKR_GENERAL_ERROR

CKR_HOST_MEMORY

CKR_INFORMATION_SENSITIVE

CKR_KEY_CHANGED

CKR_KEY_FUNCTION_NOT_PERMITTED

CKR_KEY_HANDLE_INVALID

CKR_KEY_INDIGESTIBLE

CKR_KEY_NOT_NEEDED

CKR_KEY_NOT_WRAPPABLE

CKR_KEY_SIZE_RANGE

CKR_KEY_TYPE_INCONSISTENT

CKR_KEY_UNEXTRACTABLE

CKR_LIBRARY_LOAD_FAILED

CKR_MECHANISM_INVALID

CKR_MECHANISM_PARAM_INVALID

CKR_MUTEX_NOT_LOCKED

CKR_NEED_TO_CREATE_THREADS

CKR_NEW_PIN_MODE

Vendor specific range for Mozilla NSS.

CKR_NSS_CERTDB_FAILED

Vendor specific values for Mozilla NSS.

CKR_NSS_KEYDB_FAILED

Vendor specific values for Mozilla NSS.

CKR_OBJECT_HANDLE_INVALID

CKR_OPERATION_ACTIVE

CKR_OPERATION_NOT_INITIALIZED

CKR_PIN_EXPIRED

CKR_PIN_INCORRECT

CKR_PIN_INVALID

CKR_PIN_LEN_RANGE

CKR_PIN_TOO_WEAK

CKR_PUBLIC_KEY_INVALID

CKR_RANDOM_NO_RNG

CKR_RANDOM_SEED_NOT_SUPPORTED

CKR_SAVED_STATE_INVALID

CKR_SESSION_CLOSED

CKR_SESSION_COUNT

CKR_SESSION_EXISTS

CKR_SESSION_HANDLE_INVALID

CKR_SESSION_PARALLEL_NOT_SUPPORTED

CKR_SESSION_READ_ONLY

CKR_SESSION_READ_ONLY_EXISTS

CKR_SESSION_READ_WRITE_SO_EXISTS

CKR_SIGNATURE_INVALID

CKR_SIGNATURE_LEN_RANGE

CKR_SLOT_ID_INVALID

CKR_STATE_UNSAVEABLE

CKR_TEMPLATE_INCOMPLETE

CKR_TEMPLATE_INCONSISTENT

CKR_TOKEN_NOT_PRESENT

CKR_TOKEN_NOT_RECOGNIZED

CKR_TOKEN_WRITE_PROTECTED

CKR_UNWRAPPING_KEY_HANDLE_INVALID

CKR_UNWRAPPING_KEY_SIZE_RANGE

CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT

CKR_USER_ALREADY_LOGGED_IN

CKR_USER_ANOTHER_ALREADY_LOGGED_IN

CKR_USER_NOT_LOGGED_IN

CKR_USER_PIN_NOT_INITIALIZED

CKR_USER_TOO_MANY_TYPES

CKR_USER_TYPE_INVALID

CKR_VENDOR_DEFINED

CKR_WRAPPED_KEY_INVALID

CKR_WRAPPED_KEY_LEN_RANGE

CKR_WRAPPING_KEY_HANDLE_INVALID

CKR_WRAPPING_KEY_SIZE_RANGE

CKR_WRAPPING_KEY_TYPE_INCONSISTENT

CKS_RO_PUBLIC_SESSION

CKS_RO_USER_FUNCTIONS

CKS_RW_PUBLIC_SESSION

CKS_RW_SO_FUNCTIONS

CKS_RW_USER_FUNCTIONS

Vendor specific range for Mozilla NSS.

CKT_NSS_MUST_VERIFY_TRUST

Vendor specific values for Mozilla NSS.

CKT_NSS_NOT_TRUSTED

Vendor specific values for Mozilla NSS.

CKT_NSS_TRUST_UNKNOWN

Vendor specific values for Mozilla NSS.

CKT_NSS_TRUSTED

Vendor specific values for Mozilla NSS.

CKT_NSS_TRUSTED_DELEGATOR

Vendor specific values for Mozilla NSS.

CKT_VENDOR_DEFINED

Vendor specific range for Mozilla NSS.

CKU_CONTEXT_SPECIFIC

CKZ_DATA_SPECIFIED

CKZ_SALT_SPECIFIED

NFCK_VENDOR_NCIPHER

Vendor specific range for Ncipher network HSM.

NSSCK_VENDOR_NSS

Vendor specific range for Mozilla NSS.