Cryptographic Token Interface Standard
PKCS#11
Cryptographic Token Interface Standard Sections
Here is a list of all sections:
Scope
References
Definitions
General overview
Mechanisms
RSA
RSA public key objects
RSA private key objects
PKCS #1 RSA key pair generation
X9.31 RSA key pair generation
PKCS #1 v1.5 RSA
PKCS #1 RSA OAEP mechanism parameters
PKCS #1 RSA OAEP
PKCS #1 RSA PSS mechanism parameters
PKCS #1 RSA PSS
ISO/IEC 9796 RSA
X.509 (raw) RSA
ANSI X9.31 RSA
PKCS #1 v1.5 RSA signature with MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512, RIPE-MD 128 or RIPE-MD 160
PKCS #1 v1.5 RSA signature with SHA-224
PKCS #1 RSA PSS signature with SHA-224
PKCS #1 RSA PSS signature with SHA-1, SHA-256, SHA-384 or SHA-512
ANSI X9.31 RSA signature with SHA-1
TPM 1.1 PKCS #1 v1.5 RSA
TPM 1.1 PKCS #1 RSA OAEP
DSA
DSA public key objects
DSA private key objects
DSA domain parameter objects
DSA key pair generation
DSA domain parameter generation
DSA without hashing
DSA with SHA-1
Elliptic Curve
EC Signatures
ECDSA public key objects
Elliptic curve private key objects
Elliptic curve key pair generation
ECDSA without hashing
ECDSA with SHA-1
EC mechanism parameters
Elliptic curve Diffie-Hellman key derivation
Elliptic curve Diffie-Hellman with cofactor key derivation
Elliptic curve Menezes-Qu-Vanstone key derivation
Diffie-Hellman
Diffie-Hellman public key objects
X9.42 Diffie-Hellman public key objects
Diffie-Hellman private key objects
X9.42 Diffie-Hellman private key objects
Diffie-Hellman domain parameter objects
X9.42 Diffie-Hellman domain parameters objects
PKCS #3 Diffie-Hellman key pair generation
PKCS #3 Diffie-Hellman domain parameter generation
PKCS #3 Diffie-Hellman key derivation
X9.42 Diffie-Hellman mechanism parameters
X9.42 Diffie-Hellman key pair generation
X9.42 Diffie-Hellman domain parameter generation
X9.42 Diffie-Hellman key derivation
X9.42 Diffie-Hellman hybrid key derivation
X9.42 Diffie-Hellman Menezes-Qu-Vanstone key derivation
Wrapping/unwrapping private keys
Generic secret key
Generic secret key objects
Generic secret key generation
HMAC mechanisms
AES
AES secret key objects
AES key generation
AES-ECB
AES-CBC
AES-CBC with PKCS padding
AES-OFB
AES-CFB
General-length AES-MAC
AES-MAC
AES with Counter
AES with Counter mechanism parameters
AES with Counter Encryption / Decryption
AES CBC with Cipher Text Stealing CTS
AES CTS mechanism parameters
Additional AES Mechanisms
AES GCM and CCM Mechanism parameters
AES-GCM authenticated Encryption / Decryption
AES-CCM authenticated Encryption / Decryption
AES CMAC
Mechanism parameters
General-length AES-CMAC
AES-CMAC
AES Key Wrap
AES Key Wrap Mechanism parameters
AES Key Wrap
Key derivation by data encryption - DES & AES
Mechanism Parameters
Mechanism Description
Double and Triple-length DES
DES2 secret key objects
DES3 secret key objects
Double-length DES key generation
Triple-length DES Order of Operations
Triple-length DES in CBC Mode
DES and Triple length DES in OFB Mode
DES and Triple length DES in CFB Mode
Double and Triple-length DES CMAC
Mechanism parameters
General-length DES3-MAC
DES3-CMAC
SHA-1
SHA-1 digest
General-length SHA-1-HMAC
SHA-1-HMAC
SHA-1 key derivation
SHA-224
SHA-224 digest
General-length SHA-224-HMAC
SHA-224-HMAC
SHA-224 key derivation
SHA-256
SHA-256 digest
General-length SHA-256-HMAC
SHA-256-HMAC
SHA-256 key derivation
SHA-384
SHA-384 digest
General-length SHA-384-HMAC
SHA-384-HMAC
SHA-384 key derivation
SHA-512
SHA-512 digest
General-length SHA-512-HMAC
SHA-512-HMAC
SHA-512 key derivation
PKCS #5 and PKCS #5-style password-based encryption (PBE)
Password-based encryption/authentication mechanism parameters
PKCS #5 PBKDF2 key generation mechanism parameters
PKCS #5 PBKD2 key generation
PKCS #12 password-based encryption/authentication mechanisms
SHA-1-PBE for 3-key triple-DES-CBC
SHA-1-PBE for 2-key triple-DES-CBC
SHA-1-PBA for SHA-1-HMAC
SSL
SSL mechanism parameters
Pre_master key generation
Master key derivation
Master key derivation for Diffie-Hellman
Key and MAC derivation
MD5 MACing in SSL 3.0
SHA-1 MACing in SSL 3.0
TLS
TLS mechanism parameters
TLS PRF (pseudorandom function)
Pre_master key generation
Master key derivation
Master key derivation for Diffie-Hellman
Key and MAC derivation
WTLS
WTLS mechanism parameters
Pre master secret key generation for RSA key exchange suite
Master secret key derivation
Master secret key derivation for Diffie-Hellman and Elliptic Curve Cryptography
WTLS PRF (pseudorandom function)
Server Key and MAC derivation
Client key and MAC derivation
Miscellaneous simple key derivation mechanisms
Parameters for miscellaneous simple key derivation mechanisms
Concatenation of a base key and another key
Concatenation of a base key and data
Concatenation of data and a base key
XORing of a key and data
Extraction of one key from another key
CMS
CMS Signature Mechanism Objects
CMS mechanism parameters
CMS signatures
Blowfish
BLOWFISH secret key objects
Blowfish key generation
Blowfish -CBC
Blowfish -CBC with PKCS padding
Twofish
Twofish secret key objects
Twofish key generation
Twofish -CBC
Towfish -CBC with PKCS padding
CAMELLIA
Camellia secret key objects
Camellia key generation
Camellia-ECB
Camellia-CBC
Camellia-CBC with PKCS padding
General-length Camellia-MAC
Camellia-MAC
Key derivation by data encryption - Camellia
Mechanism Parameters
ARIA
Aria secret key objects
ARIA key generation
ARIA-ECB
ARIA-CBC
ARIA-CBC with PKCS padding
General-length ARIA-MAC
ARIA-MAC
Key derivation by data encryption - ARIA
Mechanism Parameters
SEED
SEED secret key objects
SEED key generation
SEED-ECB
SEED-CBC
SEED-CBC with PKCS padding
General-length SEED-MAC
SEED-MAC
Key derivation by data encryption - SEED
Mechanism Parameters
OTP
Usage overview
Case 1: Generation of OTP values
Case 2: Verification of provided OTP values
Case 3: Generation of OTP keys
OTP objects
OTP-related notifications
OTP mechanisms
RSA SecurID
RSA SecurID key generation
RSA SecurID OTP generation and validation
Return values
OATH HOTP
ActivIdentity ACTI
ACTI OTP generation and validation
CT-KIP
Principles of Operation
Mechanisms
CT-KIP Mechanism parameters
CT-KIP key derivation
CT-KIP key wrap and key unwrap
CT-KIP signature generation
GOST
GOST 28147-89
GOST 28147-89 secret key objects
GOST 28147-89 domain parameter objects
GOST 28147-89 key generation
GOST 28147-89-ECB
GOST 28147-89 encryption mode except ECB
GOST 28147-89-MAC
GOST R 34.11-94 domain parameter objects
GOST R 34.11-94 digest
GOST R 34.11-94 HMAC
GOST R 34.10-2001
GOST R 34.10-2001 public key objects
GOST R 34.10-2001 private key objects
GOST R 34.10-2001 domain parameter objects
GOST R 34.10-2001 mechanism parameters
GOST R 34.10-2001 key pair generation
GOST R 34.10-2001 without hashing
GOST R 34.10-2001 with GOST R 34.11-94
GOST 28147-89 keys wrapping/unwrapping with GOST R 34.10-2001
Manifest constants
Intellectual property considerations
Revision History
RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v230mechanism1