Contact
Support
Call For Price
Knowledgebase
Support
P11™ PKCS#11 Library
P11™ enables multi-vendor access to HSM's and KMIP servers using PKCS#11. Enables OEMs to quickly and easliy provide PKCS#11 for their offerings.
- Royalty Free License
- Available for Windows™ | Linux™ | Linux™ ARM (with source license)
Please contact our sales team if you have any questions.
P6R's P11 Library implements Version 2.40
and Version 3.0
of the PKCS#11 Specification. P11's modular and layered archititecture enable simultaneous use of tokens. This facilitates some
interesting applications. For example, an application could store millions of keys in a KMIP server (along with extensive meta data) yet use an HSM to
perform all encryption operations. In fact, the keys stored in the KMIP server could all be wrapped and only unwrapped once moved into an HSM. This can
be done from a single PKCS 11 API instance using our library.
P6R's P11 Library currently supports 10 different tokens and can be extended with Custom/User Created tokens that enable support for your particular hardware or software service.
Using the P11 Library, your application(s) can now leverage these tokens to communicate with any of these HSM's or any KMIP server.
P6R's P11 Library meets the requirements for conformance of a PKCS#11 Extended Provider and Authentication Token
(see
PKCS11 Cryptographic Token Interface Profiles Version 2.40, 14-Apr-2015, OASIS Committee Specification 01).
User Created Tokens
The P11 library provides a Token SDK which you can use to develop your own custom tokens. Our token SDK simplifies token development, allowing your team to focus on mapping your Service's or HSMs functions to PKCS#11.Custom Token Development
We also provide professional services for token development and can help create a custom token to fit your needs.Supported Platforms
P11™ is currently supported on the following platforms:- Windows 10 (32bit/64bit), Windows Server 2016+ (32bit/64bit)
- Linux x86 Kernel 2.6+ (32bit/64bit)
- Linux ARM Kernel 2.6+ (32bit/64bit) (with source license)
- FreeBSD 10.4 x86 (64bit)
P6R's P11 Library provides a KMIP token which allows applications written to the PKCS#11 standard to manage and access
data stored on any KMIP server.
This token uses the facilities of a remote KMIP server to implement the features of the PKCS#11 Version 2.40
and Version 3.0 API allowing
developers familiar with PKCS11 to store their keys on a KMIP server without having to learn about the KMIP protocol or
KMIP SDKs. Our PKCS11 library allows the definition of any number of KMIP tokens all pointing to the same or different KMIP servers.
PKCS11 Functions Implemented By The KMIP Token
- C_Initialize
- C_Finalize
- C_GetInfo
- C_GetFunctionList
- C_GetSlotList
- C_GetSlotInfo
- C_GetTokenInfo
- C_GetMechanismList
- C_GetMechanismInfo
- C_InitToken
- C_InitPIN
- C_SetPIN
- C_OpenSession
- C_CloseSession
- C_CloseAllSessions
- C_GetSessionInfo
- C_Login
- C_Logout
- C_CreateObject
- C_DestroyObject
- C_GetAttributeValue
- C_SetAttributeValue
- C_FindObjectsInit
- C_FindObjects
- C_MessageEncryptInit
- C_MessageEncryptFinal
- C_EncryptMessage
- C_EncryptMessageBegin
- C_EncryptMessageNext
- C_MessageDecryptInit
- C_MessageDecryptFinal
- C_DecryptMessage
- C_DecryptMessageBegin
- C_DecryptMessageNext
- C_FindObjectsFinal
- C_GenerateKey (not including domain parameters)
- C_GenerateKeyPair
- C_SeedRandom
- C_GenerateRandom
- C_SignInit
- C_Sign
- C_VerifyInit
- C_Verify
- C_EncryptInit
- C_Encrypt
- C_EncryptUpdate
- C_EncryptFinal
- C_DecryptInit
- C_Decrypt
- C_DecryptUpdate
- C_DecryptFinal
- C_DigestInit
- C_Digest
- C_DigestUpdate
- C_DigestKey
- C_DigestFinal
- C_WrapKey
- C_UnwrapKey (if the KMIP server supports unwrapping)
- C_MessageSignInit
- C_MessageSignFinal
- C_SignMessage
- C_SignMessageBegin
- C_SignMessageNext
- C_MessageVerifyInit
- C_MessageVerifyFinal
- C_VerifyMessage
- C_VerifyMessageBegin
- C_VerifyMessageNext
P6R is an OASIS member and a contributing member of the
OASIS Key Management Interoperability Protocol (KMIP) Technical Commitee
and of the OASIS PKCS 11 Technical Commitee.
The Keystore Software Token
This token uses P6Rs cryptographic API and local secure Keystore to implement the features of the PKCS 11 Version 2.40 API. Our PKCS11 library allows the definition of any number of Keystore software tokens where each token gets its own separate secure Keystore to manage PKCS 11 objects.PKCS11 Functions Implemented By The Keystore Token
- C_Initialize
- C_Finalize
- C_GetInfo
- C_GetFunctionList
- C_GetSlotList
- C_GetSlotInfo
- C_GetTokenInfo
- C_GetMechanismList
- C_GetMechanismInfo
- C_InitToken
- C_InitPIN
- C_SetPIN
- C_OpenSession
- C_FindObjectsFinal
- C_CloseSession
- C_CloseAllSessions
- C_GetSessionInfo
- C_Login
- C_Logout
- C_CreateObject
- C_DestroyObject
- C_GetAttributeValue
- C_SetAttributeValue
- C_FindObjectsInit
- C_FindObjects
- C_FindObjectsFinal
- C_GenerateKey (not including domain parameters)
- C_GenerateKeyPair
- C_GenerateRandom
- C_SignInit
- C_Sign
- C_VerifyInit
- C_Verify
- C_EncryptInit
- C_Encrypt
- C_EncryptUpdate
- C_EncryptFinal
- C_DecryptInit
- C_Decrypt
- C_DecryptUpdate
- C_DecryptFinal
- C_DigestInit
- C_Digest
- C_DigestUpdate
- C_DigestFinal
P6R is an OASIS contributing member of the
OASIS Key Management Interoperability Protocol (KMIP) Technical Commitee and of the OASIS PKCS 11 Technical Commitee.
Licensing and Upgrades
Our "Develop Anywhere / Deploy Anywhere"™ License Highlights
- Per-product license, no per developer costs.
- Royalty free runtime. The DLLs can be redistributed royalty free with your product on any supported platforms.
- One license covers all platforms. No need to purchase a license for each platform.
- Site licenses are also available.
- Contact Sales for licensing options.
Our products and this license are designed to enable you to develop, test and deploy your solutions on any platform or
platforms (that we support) without per-seat or per-platform restrictions.