Cryptographic Token Interface Standard

PKCS#11


Token profiles


Sections

Privacy-Enhanced Mail
Government authentication-only
Cellular Digital Packet Data

Detailed Description

This appendix describes "profiles," i.e., sets of mechanisms, which a token should support for various common types of application. It is expected that these sets would be standardized as parts of the various applications, for instance within a list of requirements on the module that provides cryptographic services to the application (which may be a Cryptoki token in some cases). Thus, these profiles are intended for reference only at this point, and are not part of this standard.

The following table summarizes the mechanisms relevant to three common types of application.

Table A-1, Mechanisms vs. profiles
 
Application
   
Mechanism
Privacy-Enhanced Mail
Government Authentication-only
Cellular Digital Packet Data
CKM_RSA_PKCS_KEY_PAIR_GEN
X
   
CKM_RSA_PKCS
X
   
CKM_RSA_9796      
CMK_RSA_X_509      
CKM_DSA_KEY_PAIR_GEN  
X
 
CKM_DSA  
X
 
CKM_DH_PKCS_KEY_PAIR_GEN    
X
CKM_DH_PKCS_DERIVE    
X
CKM_RC2_KEY_GEN      
CKM_RC2_ECB      
CKM_RC2_CBC      
CKM_RC2_MAC      
CKM_RC4_KEY_GEN    
X
CKM_RC4    
X
CKM_DES_KEY_GEN
X
   
CKM_DES_ECB
X
   
CKM_DES_CBC
X
   
CKM_DES_MAC      
CKM_DES2_KEY_GEN
X
   
CKM_DES3_KEY_GEN      
CKM_DES3_ECB
X
   
CKM_DES3_CBC      
CKM_DES3_MAC      
CKM_MD2
X
   
CKM_MD5
X
   
CKM_SHA_1  
X
 
CKM_SHA_1_DERIVE      


RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v100