In this chapter we focus on the supported features and functions implemented by our library. For a proper implementation of cryptoki all of the standard's specified functions have to be implemented where function stubs are allowed. These stubs shall return with CKR_FUNCTION_NOT_SUPPORTED. We first start with listing these functions followed by our requirement specification for the ones which are implemented. At the end of this chapter we give an overview about the mechanisms currently implemented.

Unsupported functions

The following functions return with CKR_FUNCTION_NOT_SUPPORTED as long as no other error has higher priority (e.g. CK_CRYPTOKI_NOT_INITIALIZED).

Function Name

Reason (optional)

changed in version

C_InitToken


-

C_GetOperationState


-

C_SetOperationState


-

C_CopyObject

secret and private keys can not be copied, copying certificates and data objects is currently out of scope

-

C_EncryptUpdate

stream ciphers are currently not supported, use C_Encrypt instead (block cipher)

-

C_EncryptFinal

stream ciphers are currently not supported, use C_Encrypt instead (block cipher)

-

C_DecryptUpdate

stream ciphers are currently not supported, use C_Decrypt instead (block cipher)

-

C_DecryptFinal

stream ciphers are currently not supported, use C_Decrypt instead (block cipher)

-

C_DigestUpdate

use C_Digest instead

-

C_DigestKey

would only apply for session objects since a secret or private key can never leave the card again – out of scope

-

C_DigestFinal

use C_Digest instead

-

C_SignUpdate

MACs are currently not supported, use C_Sign instead (block cipher, sign / verify only cipher)

-

C_SignFinal

MACs are currently not supported, use C_Sign instead (block cipher, sign / verify only cipher)

-

C_SignRecoverInit


-

C_SignRevocer


-

C_VerifyUpdate

MACs are currently not supported, use C_Verify instead (block cipher, sign / verify only cipher)

-

C_VerifyFinal

MACs are currently not supported, use C_Verify instead (block cipher, sign / verify only cipher)

-

C_VerifyRecoverInit


-

C_VerifyRecover


-

C_DecryptEncryptUpdate


-

C_DecryptDigestUpdate


-

C_SignEncryptUpdate


-

C_DecryptVerifyUpdate


-

C_GenerateKey

secret keys are currently not supported

-

C_WrapKey

would only apply for session objects since a secret or private key can never leave the card again – out of scope

-

C_UnwrapKey


-

C_DeriveKey


-

C_SeedRandom

the hardware random number generator does not support seeding

-

C_GetFunctionStatus


-

C_CancelFunction


-

PKCS#11 function callback


-

Table 1: unsupported functions

Supported functions & requirement specification

For quality purposes we analysed cryptoki and engineered requirements in accordance with the specification. Each requirement has an unique ID which was used for tagging our code wherever the requirement fulfilled cryptoki's needs. This allows us to track all implemented features and easyli maintain our code. The syntax of the IDs is as follows:


@CTXXX, where X is a number between 0-9


Green fields mean the requirement is completely implemented.
Red fields mean the requirement is not implemented.
Orange fields mean the requirement is partially implemented.


Not all functions have requirements specified.

C_Initialize

The function supports additional return values of:

  • CKR_GENERAL_ERROR

    req id

    requirement description

    changed in version

    CT001

    pInitArgs shall have value NULL or shall point to a structure of type CK_C_INITIALIZE_ARGS

    -

    CT002

    pInitArgs shall be casted to a CK_C_INITIALIZE_ARGS_PTR when value is != NULL

    -

    CT003

    pInitArgs->pReserved shall be NULL when pInitArgs has a value != NULL

    -

    CT004

    when pInitArgs->pReserved and pInitArgs are both != NULL function shall return with CKR_ARGUMENTS_BAD

    -

    CT005

    when CKF_LIBRARY_CANT_CREATE_OS_THREADS flag is set and application expects P11 lib beeing capable of multithreading function shall return CKR_NEED_TO_CREATE_THREADS

    -

    CT006

    when CKF_OS_LOCKING_OK is not set and fields CreateMutex, DestroyMutex, LockMutex and UnlockMutex have value NULL P11 lib shall not use any multithreading

    -

    CT007

    when CKF_OS_LOCKING_OK is set and fields CreateMutex, DestroyMutex, LockMutex and UnlockMutex have value NULL P11 lib shall use OS primitives to ensure multithreaded safety

    -

    CT008

    when CKF_OS_LOCKING_OK is not set and fields CreateMutex, DestroyMutex, LockMutex and UnlockMutex have value != NULL P11 lib shall use these function pointers to ensure mutithreaded safety

    -

    CT009

    when CKF_OS_LOCKING_OK is set and fields CreateMutex, DestroyMutex, LockMutex and UnlockMutex have value != NULL P11 lib shall use either OS primitives or these function pointers to ensure multithreaded safety

    -

    CT010

    when P11 lib is unable to ensure desired safe multithreaded access level function shall return CKR_CANT_LOCK

    -

    CT011

    when CreateMutex, DestroyMutex, LockMutex and UnlockMutex partially have values != NULL function shall return CKR_ARGUMENTS_BAD

    -

    CT012

    when pInitArgs is NULL function shall behave like CreateMutex, DestroyMutex, LockMutex, UnlockMutex, pReserved having value NULL and no flag being set

    -

    CT013

    when function is called again and previously returned CKR_OK to the same application CKR_CRYPTOKI_ALREADY_INITIALIZED shall be returned

    -

    CT999

    the function shall clear all currently available slots event states

    -

    C_Finalize

    The function supports additional return values of:
  • CKR_GENERAL_ERROR

    req id

    requirement description

    changed in version

    CT014

    when pReserved parameter has value != NULL function shall return CKR_ARGUMENTS_BAD

    -

    CT015

    when function is called without a preceding call of C_Initialize function shall return CKR_CRYPTOKI_NOT_INITIALIZED

    -

    CT016

    when function is called all potentially waiting threads (which may called C_WaitForSlotEvent with enabled blocking) shall be unlocked

    -


    C_GetInfo

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_GENERAL_ERROR
  • CKR_ARGUMENTS_BAD


C_GetFunctionList

The function supports additional return values of:

  • CKR_GENERAL_ERROR
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT017

    ppFunctionList shall receive the P11s references to the implemented api functions

    -


    C_GetSlotList

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_GENERAL_ERROR
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT018

    when pSlotList is NULL function shall set the number of current slots to out parameter pulCount and return with CKR_OK

    -

    CT019

    when pSlotList is != NULL function shall return CKR_CKR_BUFFER_TO_SMALL when in parameter pulCount indicates that the out parameter pSlotList is not capable of storing all current slots and write the neccessary size to pulCount

    -

    CT020

    when pSlotList is != NULL function shall insert all currently available slots to out parameter pSlotList, write the size to out parameter pulCount and return with CKR_OK

    -

    CT021

    when tokenPresent is set to CK_TRUE function shall only return / count currently available slots that have a token present

    -

    CT022

    unless function is called again with pSlotList = NULL all formerly reported slots shall be seen as valid slots (newly added slots are only accessible after calling this function with pSlotList = NULL again, slots which have been removed shall be still seen as valid as long as this function is called with pSlotList = NULL again)

    -


    C_GetSlotInfo

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_GENERAL_ERROR
  • CKR_SLOT_ID_INVALID
  • CKR_ARGUMENTS_BAD


C_GetTokenInfo

The function supports additional return values of:

  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_GENERAL_ERROR
  • CKR_SLOT_ID_INVALID
  • CKR_TOKEN_NOT_PRESENT
  • CKR_ARGUMENTS_BAD


C_WaitForSlotEvent

The function supports additional return values of:

  • CKR_GENERAL_ERROR

    req id

    requirement description

    changed in version

    CT023

    when pReserved has a value != NULL function shall return with CKR_ARGUMENTS_BAD

    -

    CT024

    when in parameter flag is set with CKF_DONT_BLOCK then the function shall set the ID of the reader where the most current event occured to the out parameter pSlot and return with CKR_OK

    -

    CT025

    when in parameter flag is set with CKF_DONT_BLOCK and there are no pending events the function shall return with CKR_NO_EVENT

    -

    CT026

    when in parameter flag has not set CKF_DONT_BLOCK the function shall wait until an event occurs

    -

    CT027

    when the function is in waiting state and C_Finalize is called the function shall stop waiting for an event and return with CKR_CRYPTOKI_NOT_INITIALIZED

    -

    CT028

    each currently accessable slot shall have an internal event flag which is set as soon as an event occurs

    -

    CT029

    this function shall clear a slot's event state whenever it reports the slot's ID to the caller

    -

    CT030

    this function shall react on token insertion event

    -

    CT031

    this function shall react on token removal events

    -


    C_GetMechanismList

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_GENERAL_ERROR
  • CKR_SLOT_ID_INVALID
  • CKR_TOKEN_NOT_PRESENT
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT032

    when pMechanismList is = NULL the function shall set the amount of the tokens supported mechanisms to pulCount out parameter and return with CKR_OK

    -

    CT033

    when pMechanismList is != NULL function shall return CKR_CKR_BUFFER_TO_SMALL when in parameter pulCount indicates that the out parameter pMechanismList is not capable of storing all mechanisms supported by the token and write the neccessary size to pulCount

    -

    CT034

    when pMechanismList is != NULL function shall insert all of the tokens supported mechanisms to out parameter pMechanismList and write its size to out parameter pulCount returning with CKR_OK

    -


    C_GetMechanismInfo

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_GENERAL_ERROR
  • CKR_MECHANISM_INVALID
  • CKR_SLOT_ID_INVALID
  • CKR_TOKEN_NOT_PRESENT
  • CKR_ARGUMENTS_BAD


C_InitPin

The function supports additional return values of:

  • CKR_ CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_GENERAL_ERROR
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT035

    the function shall initialize a normal users PIN

    -

    CT036

    whenever the function is called not being in R/W SO Session state it shall return CKR_USER_NOT_LOGGED_IN

    -

    CT037

    when the token has CKF_PROTECTED_AUTHENTICATION_PATH flag set parameter pPin shall have value = NULL

    -


    C_SetPin

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_GENERAL_ERROR
  • CKR_PIN_INCORRECT
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT038

    the function shall set the PIN of the currently logged in user

    -

    CT039

    when no user is logged in at the moment and session is in R/W Public Session state the user PIN shall be set

    -

    CT040

    whenever the function is called not being in a write state it shall return CKR_SESSION_READ_ONLY

    -

    CT041

    when the token has CKF_PROTECTED_AUTHENTICATION_PATH flag set in parameters pOldPin and pNewPin shall have value = NULL

    -


    C_OpenSession

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_SLOT_ID_INVALID
  • CKR_TOKEN_NOT_PRESENT
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT042

    whenever the function is called without CKF_SERIAL_SESSION being set in flags input parameter the function shall return with CKR_SESSION_PARALLEL_NOT_SUPPORTED

    -

    CT043

    whenever the function is called and the maximum amount of sessions is reached (token dependant) the function shall return with CKR_SESSION_COUNT

    -

    CT044

    whenever a R/W SO Session is already open and a R Session is requested the function shall return with CKR_SESSION_READ_WRITE_SO_EXISTS

    -


    C_CloseSession

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_ DEVICE_REMOVED
  • CKR_ FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID

    req id

    requirement description

    changed in version

    CT045

    all objects created during the session indicated by hSession shall be destroyed even when they are still be used by other sessions

    -

    C_CloseAllSessions

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_ FUNCTION_FAILED
  • CKR_ GENERAL_ERROR
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT199

    whenever the function is called all sessions opened for the slot indicated in slotID shall be closed

    -

    CT200

    whenever the function is called all session objects created for that slot shall be destroyed

    -

    CT201

    on successful call of this function the login state shall return to public i.e. potential new sessions are created in public state

    -


    C_GetSessionInfo

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_ FUNCTION_FAILED
  • CKR_ GENERAL_ERROR
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD


C_Login

The function supports additional return values of:

  • CKR_ARGUMENTS_BAD
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_PIN_LOCKED
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_USER_ALREADY_LOGGED_IN
  • CKR_USER_ANOTHER_ALREADY_LOGGED_IN
  • CKR_USER_TYPE_INVALID

    req id

    requirement description

    changed in version

    CT046

    on successful login all existing sessions shall be upgraded from public sessions to private sessions (user specific)

    -

    CT047

    when trying to login with CKR_CONTEXT_SPECIFIC the function shall return CKR_OPERATION_NOT_INITIALIZED on improper use

    -

    CT048

    when trying to login the SO and there is a read only session the function shall return CKR_SESSION_READ_ONLY_EXISTS

    -

    CT049

    when CKF_PROTECTED_AUTHENTICATION_PATH flag is set the input parameter pPin shall be NULL

    -

    CT050

    on successful login the function shall return with CKR_OK

    -

    CT051

    the function shall return with CKR_PIN_INCORRECT when access can not be granted

    -

    CT052

    logging in shall only succeed when no active operation is ongoing (no crypto operation, no object finding operations, ...)

    -

    CT053

    the function shall only be called once unless a logout occurs or a key is post-accessed flagged with CKA_ALWAYS_AUTHENTICATE

    -


    C_Logout

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_USER_NOT_LOGGED_IN

    req id

    requirement description

    changed in version

    CT054

    on successful logout all existing sessions shall be downgraded from private sessions to public sessions (user specific)

    -

    CT055

    on successful logout all private object handles shall be invalid even on re-login

    -

    CT056

    on successful logout all privatly created non-token objects shall be destroyed

    -

    CT057

    logging out shall only succeed when no active operation is ongoing (no crypto operation, no object finding operations, ...)

    -


    C_CreateObject

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_USER_NOT_LOGGED_IN

    req id

    requirement description

    changed in version

    CT058

    whenever a template is unsupported the function shall return without creating an object

    -

    CT059

    when creating key-objects the CKA_LOCAL attribute shall be set to CK_FALSE (create object is always an import -> not generated by token)

    -

    CT060

    when creating private- or secret-key objects the CKA_ALWAYS_SENSITIVE attribute shall be set to CK_FALSE

    -

    CT061

    when creating private- or secret-key objects the CKA_NEVER_EXTRACTABLE attribute shall be set to CK_FALSE

    -

    CT062

    during a read only session only session objects shall be createable

    -

    CT063

    during a public session only public objects shall be createable

    -


    C_DestroyObject

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OBJECT_HANDLE_INVALID
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_SESSION_READ_ONLY

    req id

    requirement description

    changed in version

    CT069

    during a read only session only session objects shall be destroyed

    -

    CT070

    during a public session only public objects shall be destroyed

    -


    C_GetObjectSize

    The function supports additional return values of:
  • CKR_ARGUMENTS_BAD
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OBJECT_HANDLE_INVALID
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID


C_GetAttributeValue

The function supports additional return values of:

  • CKR_ARGUMENTS_BAD
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OBJECT_HANDLE_INVALID
  • CKR_SESSION_HANDLE_INVALID

    req id

    requirement description

    changed in version

    CT071

    in / out parameter pTemplate shall point to attributes described by type, value and length

    -

    CT072

    when an objects is flagged as SENSITIVE or UNEXTRACTABLE the attributes out length shall be set to -1 and return value shall be set to CKR_ATTRIBUTE_SENSITIVE

    -

    CT073

    when an object does not contain the specified attribute the attributes out length shall be set to -1 and return value shall be set to CKR_ATTRIBUTE_INVALID

    -

    CT074

    when an objects attribute is extractable but the attributes in parameter value is NULL then the exact length shall be set to the attributes out length

    -

    CT075

    when an objects attribute is extractable and the attributes out value field is large enough (indicated by length) the value shall be copied to out value and the exact length value shall be written to out length

    -

    CT076

    when an objects attribute is extractable and the attributes out value field is not large enough the attributes out length shall be set to -1 and return value shall be set to CKR_BUFFER_TO_SMALL

    -

    CT077

    whenever the return value is modified the function shall go on with the next attribute

    -

    CT078

    whenever an objects attribute is flagged with CKF_ARRAY_ATTRIBUTE and consists of attributes (an attribute contains an array of attributes) the function shall treat each attribute like specified (CT072-CT077)

    -


    C_SetAttributeValue

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_ATTRIBUTE_READ_ONLY
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OBJECT_HANDLE_INVALID
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_SESSION_READ_ONLY
  • CKR_USER_NOT_LOGGED_IN
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT079

    during a read only session only session objects shall be modified

    -

    CT080

    whenever the template includes attributes which are not compatible with the object or existing attributes the function shall return with CKR_TEMPLATE_INCONSISTENT

    -


    C_FindObjectsInit

    The function supports additional return values of:
  • CKR_ARGUMENTS_BAD
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_ACTIVE
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID

    req id

    requirement description

    changed in version

    CT081

    when in parameter ulCount has value 0 all objects shall be "found"

    -

    CT082

    objects shall be found in a session specific manner (public session -> only public objects)

    -


    C_FindObjects

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_NOT_INITIALIZED
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT083

    the function shall compare the search patterns bytewise

    -

    CT084

    object finding shall be initialized with preceding call of C_FindObjectsInit

    -

    CT085

    when there are no more objects to find pulObjectCount parameter shall receive value 0 - when objects where found pulObjectCount shall receive the amount of found objects

    -


    C_FindObjectsFinal

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_NOT_INITIALIZED
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID

    req id

    requirement description

    changed in version

    CT086

    function shall finalize objects search in order to start a potentially new one

    -


    C_EncryptInit

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_KEY_FUNCTION_NOT_PERMITTED
  • CKR_KEY_HANDLE_INVALID
  • CKR_KEY_TYPE_INCONSISTENT
  • CKR_MECHANISM_INVALID
  • CKR_OPERATION_ACTIVE
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_USER_NOT_LOGGED_IN

    req id

    requirement description

    changed in version

    CT087

    in parameter hKey, being used as encryption key, shall have a valid (CK_TRUE) CKA_ENCRYPT attribute

    -


    C_Encrypt

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_NOT_INITIALIZED
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT088

    when out parameter pEncryptedData is NULL the function shall set parameter pulEncryptedDataLen to the number of bytes which would suffice to hold the output and return with CKR_OK

    -

    CT089

    when out parameter pEncryptedData is != NULL and pulEncrypedDataLen indicates that the buffer is large enough to hold the output the function shall copy the output to pEncryptedData, set the exact size to pulEncryptedDataLen and return with CKR_OK

    -

    CT090

    when out parameter pEncryptedData is != NULL and pulEncrypedDataLen indicates that the buffer is NOT large enough to hold the output the function shall set the exact size of the output to pulEncryptedDataLen and return with CKR_BUFFER_TO_SMALL

    -

    CT091

    the function shall be precalled by C_EncryptInit in order to initialize an encryption process

    -

    CT092

    the function shall always terminate an encryption process except it returns with CKR_BUFFER_TO_SMALL or was just used for a length call (CT088)

    -

    CT093

    the function shall only support single-part-operations and cannot be called to finish multi-part-operations

    -

    CT094

    when mechanism specific input length constraints are not satisfied the function shall return with CKR_DATA_LEN_RANGE

    -

    C_DecryptInit

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_KEY_FUNCTION_NOT_PERMITTED
  • CKR_KEY_HANDLE_INVALID
  • CKR_KEY_TYPE_INCONSISTENT
  • CKR_MECHANISM_INVALID
  • CKR_OPERATION_ACTIVE
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_USER_NOT_LOGGED_IN
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT106

    in parameter hKey, being used as decryption key, shall have a valid (CK_TRUE) CKA_DECRYPT attribute

    -


    C_Decrypt

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_NOT_INITIALIZED
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_USER_NOT_LOGGED_IN
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT107

    when out parameter pData is NULL the function shall set parameter pulDataLen to the number of bytes which would suffice to hold the output and return with CKR_OK

    -

    CT108

    when out parameter pData is != NULL and pulDataLen indicates that the buffer is large enough to hold the output the function shall copy the output to pData set the exact size to pulDataLen and return with CKR_OK

    -

    CT109

    when out parameter pData is != NULL and pulDataLen indicates that the buffer is NOT large enough to hold the output the function shall set the exact size of the output to pulDataLen and return with CKR_BUFFER_TO_SMALL

    -

    CT110

    the function shall be precalled by C_DecryptInit in order to initialize an decryption process

    -

    CT111

    the function shall always terminate an decryption process except it returns with CKR_BUFFER_TO_SMALL or was just used for a length call (CT107)

    -

    CT112

    the function shall only support single-part-operations and cannot be called to finish multi-part-operations

    -

    CT113

    when the ciphertext cannot be decrypted because it has inappropriate length the function shall either return CKR_ENCRYPTED_DATA_INVALID or CKR_ENCRYPTED_DATA_LEN_RANGE

    -


    C_DigestInit

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_MECHANISM_INVALID
  • CKR_OPERATION_ACTIVE
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BA


C_Digest

The function supports additional return values of:

  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_NOT_INITIALIZED
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT125

    when out parameter pDigest is NULL the function shall set parameter pulDigestLen to the number of bytes which would suffice to hold the output and return with CKR_OK

    -

    CT126

    when out parameter pDigest is != NULL and pulDigestLen indicates that the buffer is large enough to hold the output the function shall copy the output to pDigest set the exact size to pulDigestLen and return with CKR_OK

    -

    CT127

    when out parameter pDigest is != NULL and pulDigestLen indicates that the buffer is NOT large enough to hold the output the function shall set the exact size of the output to pulDigestLen and return with CKR_BUFFER_TO_SMALL

    -

    CT128

    the function shall be precalled by C_DigestInit in order to initialize a hash process

    -

    CT129

    the function shall always terminate a hash process except it returns with CKR_BUFFER_TO_SMALL or was just used for a length call (CT125)

    -

    CT130

    the function shall only support single-part-operations and cannot be called to finish multi-part-operations

    -


    C_SignInit

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_KEY_FUNCTION_NOT_PERMITTED
  • CKR_KEY_HANDLE_INVALID
  • CKR_KEY_TYPE_INCONSISTENT
  • CKR_MECHANISM_INVALID
  • CKR_OPERATION_ACTIVE
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_USER_NOT_LOGGED_IN

    req id

    requirement description

    changed in version

    CT138

    in parameter hKey, being used as signing key, shall have a valid (CK_TRUE) CKA_SIGN attribute

    -

    C_Sign

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_NOT_INITIALIZED
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_USER_NOT_LOGGED_IN
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT139

    when out parameter pSignature is NULL the function shall set parameter pulDataLen to the number of bytes which would suffice to hold the output and return with CKR_OK

    -

    CT140

    when out parameter pSignature is != NULL and pulSignatureLen indicates that the buffer is large enough to hold the output the function shall copy the output to pSignature set the exact size to pulSignatureLen and return with CKR_OK

    -

    CT141

    when out parameter pSignature is != NULL and pulSignatureLen indicates that the buffer is NOT large enough to hold the output the function shall set the exact size of the output to pulSignatureLen and return with CKR_BUFFER_TO_SMALL

    -

    CT142

    the function shall be precalled by C_SignInit in order to initialize an decryption process

    -

    CT143

    the function shall always terminate a signing process except it returns with CKR_BUFFER_TO_SMALL or was just used for a length call (CT139)

    -

    CT144

    the function shall only support single-part-operations and cannot be called to finish multi-part-operations

    -


    C_VerifyInit

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_KEY_FUNCTION_NOT_PERMITTED
  • CKR_KEY_HANDLE_INVALID
  • CKR_KEY_TYPE_INCONSISTENT
  • CKR_MECHANISM_INVALID
  • CKR_OPERATION_ACTIVE
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT152

    in parameter hKey, being used as verifying key, shall have a valid (CK_TRUE) CKA_VERIFY attribute

    -


    C_Verify

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_NOT_INITIALIZED
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT153

    the function shall be precalled by C_VerifyInit in order to initialize a verification process

    -

    CT154

    the function shall always terminate a verification process

    -

    CT155

    the function shall only support single-part-operations and cannot be called to finish multi-part-operations

    -

    CT156

    whenever a signature can be seen as invalid purely on the basis of its length the function shall return CKR_SIGNATURE_LEN_RANGE

    -

    CT157

    whenever a signature is invalid (verification fails) the funtion shall return CKR_SIGNATURE_INVALID

    -

    CT158

    whenever a signature is valid the function shall return with CKR_OK

    -

    C_GenerateKeyPair

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_MECHANISM_INVALID
  • CKR_OPERATION_ACTIVE
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_SESSION_READ_ONLY
  • CKR_TEMPLATE_INCOMPLETE
  • CKR_USER_NOT_LOGGED_IN
  • CKR_ARGUMENTS_BAD

    req id

    requirement description

    changed in version

    CT173

    the function shall be able to generate two new objects on a token

    -

    CT174

    the function shall never generate a single public or private key

    -

    CT175

    whenever the function succeeds it shall always generate a public AND a private key

    -

    CT176

    the function shall read the type of the objects being created from in parameter pMechanism carried in the CKA_KEY_TYPE attribute

    -

    CT177

    whenever one of the in parameter templates supplies a CKA_KEY_TYPE attribute other than specified in CKA_KEY_TYPE attribute of in parameter pMechanism the function shall return with CKR_TEMPLATE_INCONSISTENT

    -

    CT178

    whenever one of the in parameter templates supplies a CKA_CLASS attribute other than specified in CKA_CLASS attribute of in parameter pMechanism the function shall return with CKR_TEMPLATE_INCONSISTENT

    -

    CT179

    whenever one of the in parameter templates is not supported the function shall fail and do not create any object

    -

    CT180

    objects created by this function shall always receive the CKA_LOCAL attribute with a value of CK_TRUE

    -


    C_GenerateRandom

    The function supports additional return values of:
  • CKR_CRYPTOKI_NOT_INITIALIZED
  • CKR_DEVICE_REMOVED
  • CKR_FUNCTION_FAILED
  • CKR_GENERAL_ERROR
  • CKR_OPERATION_ACTIVE
  • CKR_SESSION_CLOSED
  • CKR_SESSION_HANDLE_INVALID
  • CKR_ARGUMENTS_BAD


Supported mechanisms

Currently we support the mechanisms listed in Table 2.

Some mechanisms are completely in hardware – some others use software for public key cryptography. Private key operations are always in hardware.
Hardware-only operations such as key generation are not supported for session objects!

Mechanism Type

Mechanism

Supported Sizes

Hardware / Software

since Version

Cipher, Signature

CKM_RSA_PKCS

KeySizes:
512 – 2048

Token objects:
private key operations in hardware, public key operations in software
Session objects:
software

1.0

Signature

CKM_ECDSA_SHA1
supported curves:
see KeyPairGen
CKM_EC_KEY_PAIR_GEN

KeySizes:
160 – 320

Token objects:
private key operations in hardware, public key operations in software
Session objects:
software

1.0

Signature

CKM_SHA1_RSA_PKCS

KeySizes:
512 – 2048

Token objects:
private key operations in hardware, public key operations in software
Session objects:
Software

1.0

Signature

CKM_SHA256_RSA_PKCS

KeySizes:
512 – 2048

Token objects:
private key operations in hardware, public key operations in software
Session objects:
Software

1.0

Signature

CKM_SHA512_RSA_PKCS

KeySizes:
768 – 2048

Token objects:
private key operations in hardware, public key operations in software
Session objects:
software

1.0

KeyPairGen

CKM_RSA_PKCS_KEY_PAIR_GEN

512 – 2048

hardware

1.0

KeyPairGen

CKM_EC_KEY_PAIR_GEN
supported curves:
brainpoolP160r1
brainpoolP192r1
brainpoolP224r1
brainpoolP256r1
brainpoolP320r1
ansi-x962 prime192v1
ansip224r1
ansi-x962 prime256v1

160 – 320

hardware

1.0

Digest

CKM_MD5

-

software

1.0

Digest

CKM_SHA_1

-

software

1.0

Table 2: supported mechanisms

  • No labels