Supported features of PKCS #11 3.0 through 3.2
The contained sections describe enhancements of openCryptoki that support new versions of PKCS #11, starting with version 3.0.
Post-quantum support in PKCS #11 3.2
- Soft token support for ML-DSA and ML-KEM
- PKCS #11 version 3.2 introduces new key types and mechanisms for the openCryptoki Soft token . These updates include new functions, attributes and flags.
- Beschreibung SEC2560 - CCA token (nur ML-DSA): generelle Info
- Beschreibung SEC2560 - EP11 token: generelle Info
AES XTS support
The AES XTS mechanisms and the AES XTS key type are new for PKCS #11 version 3.0. The AES XTS support of PKCS #11 3.0 is described in detail in How to enable AES XTS support for CCA and EP11 tokens.
C_SessionCancel()
PKCS #11 Cryptographic Token Interface Base Specification Version 3.0.
After a successful C_SessionCancel() invocation for an operation, the operation is no longer active, and a new operation can be initialized on that session, if wanted. The C_SessionCancel() function is new with PKCS #11 version 3.0, and thus is contained in function list CK_FUNCTION_LIST_3_0 which must be explicitly obtained via C_GetInterface() with interface name PKCS 11 and version 3.0. The function list returned by the regular C_GetFunctionList() function does not contain the C_SessionCancel() function.
CKA_DERIVE_TEMPLATE
The CKA_DERIVE_TEMPLATE attribute of a base key contains a template (an array of attributes) that is applied to the derived key in addition to the user supplied derive template. Applications can use the CKA_DERIVE_TEMPLATE attribute on base keys to control the attributes of the keys that are to be derived from that base keys.
A private or secret key that is used as base key to derive other keys from can contain attribute CKA_DERIVE_TEMPLATE, which contains an array of attributes that are to be applied to the derived key. The number of array elements is determined by the ulValueLen component of the attribute divided by the size of CK_ATTRIBUTE.
Attribute CKA_DERIVE_TEMPLATE is allowed for private and secret keys only. It defaults to an empty array. If the attributes specified by the CKA_DERIVE_TEMPLATE conflict with those attributes that are explicitly specified in the derive template with the C_DeriveKey() function, then CKR_TEMPLATE_INCONSISTENT is returned.
The CKA_DERIVE_TEMPLATE attribute as such is not stored within the base key’s secure key blobs of EP11 or CCA, but only in the openCryptoki key object.
For more information, read PKCS #11 Specification Version 3.1.
Miscellaneous features
Further miscellaneous features are supported for applicable tokens for Linux® on IBM® Z and IBM LinuxONE with PKCS #11 version 3.0 and 3.1 and may have an impact on your applications. Also read the token-specific sections and Part 5. IBM-specific mechanisms and features for openCryptoki for further information.
- The CKF_EC_OID flag is the same as flag CKF_EC_NAMEDCURVE, which is deprecated since PKCS #11 3.0. The pkcsconf -m command now displays the CKF_EC_NAMEDCURVE flag as CKF_EC_OID (starting with openCryptoki 3.24).
- Support for the following PKCS #11 3.0 mechanisms, mask generation and key derivation functions is provided starting with openCryptoki 3.24:
- CKM_SHA3_nnn
- CKM_SHA3_nnn_HMAC
- CKM_SHA3_nnn_HMAC_GENERAL
- CKM_SHA3_nnn_KEY_DERIVE
- CKM_ECDSA_SHA3_nnn
- CKM_SHA3_nnn_RSA_PKCS
- CKM_SHA3_nnn_RSA_PKCS_PSS
- CKG_MGF1_SHA3_nnn (mask generation functions)
- CKD_SHA3_nnn_KDF (key derivation functions)
- Support of PKCS #11 mechanisms like CKM_SHAKE_nnn_KEY_DERIVATION for applicable tokens (starting with openCryptoki 3.25).
- Support of mechanisms like CKM_SHA3_nnn_KEY_DERIVATION for SHA3 based key derivation (starting with openCryptoki 3.24).
PKCS #11 3.0 adds mechanisms like CKM_SHA3_nnn_KEY_DERIVE for SHA3-based key derivation. The SHA3 variants of those mechanisms are called like ..._KEY_DERIVE, while the SHA1 and SHA2 variants are called like ..._KEY_DERIVATION.
In PKCS #11 3.1 this has been aligned and these mechanisms are now called CKM_SHA3_nnn_KEY_DERIVATION, but there are aliases for the old mechanism names like CKM_SHA3_nnn_KEY_DERIVE to map to the new names.
- Starting with openCryptoki 3.25, the EP11 token supports the PKCS #11 3.0 SHA3 and HMAC-SHA3 mechanisms and MGFs (in addition to the already supported IBM-specific mechanisms and MGFs).
- Starting with openCryptoki 3.25, mechanism CKM_AES_KEY_WRAP_PAD is deprecated since PKCS #11 3.1, and mechanism CKM_AES_KEY_WRAP_PKCS7 is new with PKCS #11 3.1.
- PKCS #11 mechanisms CKM_SHA<nnn>_KEY_GEN are added with openCryptoki 3.26.