Slot and token management functions
The following functions perform as described in the PKCS #11 specification:
C_GetSlotInfo
| Function | Supported in Security World | Performs as in PKCS #11 spec | PKCS #11 spec version |
|---|---|---|---|
|
tbc |
Without modifications |
2.40 |
C_GetTokenInfo
| Function | Supported in Security World | Performs as in PKCS #11 spec | PKCS #11 spec version |
|---|---|---|---|
|
tbc |
Without modifications |
2.40 |
C_GetMechanismList
| Function | Supported in Security World | Performs as in PKCS #11 spec | PKCS #11 spec version |
|---|---|---|---|
|
tbc |
Without modifications |
2.40 |
C_GetMechanismInfo
| Function | Supported in Security World | Performs as in PKCS #11 spec | PKCS #11 spec version |
|---|---|---|---|
|
tbc |
Without modifications |
2.40 |
C_GetSlotList
| Function | Supported in Security World | Performs as in PKCS #11 spec | PKCS #11 spec version |
|---|---|---|---|
|
tbc |
Without modifications |
2.40 |
Notes
This function returns an array of PKCS #11 slots. Within each module, the slots are in the order:
-
module(s)
-
smart card reader(s)
-
software tokens, if present.
Each module is listed in ascending order by nShield ModuleID.
C_GetSlotList returns an array of handles.
You cannot make any assumptions about the values of these handles.
In particular, these handles are not equivalent to the slot numbers returned by the nCore API command GetSlotList.
C_InitToken
| Function | Supported in Security World | Performs as in PKCS #11 spec | PKCS #11 spec version |
|---|---|---|---|
|
tbc |
Without modifications |
2.40 |
Notes
C_InitToken sets the card passphrase to the same value as the current token’s passphrase and sets the CKF_USER_PIN_INITIALIZED flag.
This function is supported in load-sharing mode only when using softcards.
To use C_InitToken in load-sharing mode, you must have created a softcard with the command ppmk -n before selecting the corresponding slot.
The C_InitToken function is not supported for use in non-load-sharing FIPS 140 Level 3 Security Worlds.
C_InitPIN
| Function | Supported in Security World | Performs as in PKCS #11 spec | PKCS #11 spec version |
|---|---|---|---|
|
tbc |
Without modifications |
2.40 |
Notes
There is usually no need to call C_InitPIN, because C_InitToken sets the card passphrase.
Because the nShield PKCS #11 library can only maintain a single passphrase, C_InitPIN has the effect of changing the current token’s passphrase.
This function is supported in load-sharing mode only when using softcards.
To use C_InitPIN in load-sharing mode, you must have created a softcard with the command ppmk -n before selecting the corresponding slot.
C_SetPIN
| Function | Supported in Security World | Performs as in PKCS #11 spec | PKCS #11 spec version |
|---|---|---|---|
|
tbc |
Without modifications |
2.40 |
Notes
The card passphrase may be any value.
Because the nShield PKCS #11 library can only maintain a single passphrase, C_SetPIN has the effect of changing the current token’s passphrase or, if called in a Security Officer session, the card passphrase.
This function is supported in load-sharing mode only when using softcards.
To use C_SetPIN in load-sharing mode, you must have created a Softcard with the command ppmk -n before selecting the corresponding slot.