Cryptographic Token Interface Standard

PKCS#11


FIPS PUB XXX

This proposed standard defines a set of generic cryptographic service calls for application programs. It is at a level similar to Cryptoki. The following table lists the FIPS PUB XXX functions with the equivalent Cryptoki functions.

FIPS PUB XXX Equivalent Cryptoki Functions
VerifyUser C_Login
CreateUser C_InitToken, C_InitPIN
ChangeAuthent C_SetPIN
SetUserCommand No equivalent
ShowUserCommand No equivalent
DeleteUser C_InitToken
Logout C_Logout
Encipher C_EncryptInit, C_Encrypt, C_EncryptUpdate, C_EncryptFinal
Decipher C_DecryptInit, C_Decrypt, C_DecryptUpdate, C_DecryptFinal
ComputeDAC C_SignInit, C_Sign, C_SignUpdate, C_SignFinal
VerifyDAC C_VerifyInit, C_Verify, C_VerifyUpdate, C_VerifyFinal
GenRandNum C_SeedRandom, C_GenerateRandom
GenKey C_GenerateKey
DeleteKey C_DestroyObject
LoadKey C_CreateObject
ShowSecKey C_FindObjects
ExportKey C_WrapKey
ImportKey C_UnwrapKey
XorKeys No equivalent
SetCount No equivalent
ReadCount No equivalent
PubEncipher C_EncryptInit, C_Encrypt, C_EncryptUpdate, C_EncryptFinal
PubDecipher C_DecryptInit, C_Decrypt, C_DecryptUpdate, C_DecryptFinal
Hash C_DigestInit, C_Digest, C_DigestUpdate, C_DigestFinal
PreSign C_SignInit
SetPubParam C_GenerateKeyPair
ReadPubParam C_GetAttributeValue
Sign C_Sign
VerifySig C_VerifyInit, C_Verify
GenPubKey C_GenerateKeyPair
LoadPubKey C_CreateObject
ShowPubKey C_FindObjects
RetrvPubKey C_GetAttributeValue
DeletePubKey C_DestroyObject
LoadCert C_CreateObject
RetrvCert C_GetAttributeValue
PubExportKey C_WrapKey
PubImportKey C_UnwrapKey


RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v100