Home  » Software  » SKC
SKC™ Secure KMIP Client
SKC™ enables the easy addition of KMIP based interoperable key management to your application.
  • Royalty Free License
  • Available for Windows™ | Linux™ | Linux™ ARM (with source license)
Please contact our sales team if you have any questions.

What's New

  • New KMIP command line utility lets you script KMIP commands.
  • New examples.
  • Many bug fixes and optimizations.
  • Experimental KMIP 1.4 support.
  • GCC v5+ compiler support.
  • ARM processor Support (with source license).
The SKC™ SDK provides a full implementation of the OASIS KMIP 1.0, 1.1, 1.2 and 1.3 standards. Online documentation and examples are available.
  • Layered, Interface Based C/C++ API
  • PKCS11 v2.40 compliant C based API
  • Full Client Implementation (TTLV, XML and JSON).
  • Single API for All protocol flavors (TTLV, XML, and JSON)
  • Extensive Protocol Logging (TTLV, XML and JSON)
  • Limited UEFI Platform Suport (TTLV encoder/decoder).
  • Suite B support.
  • Many New Examples (we are always adding more)
  • High level crypto API
  • Cross Platform/Single Codebase - Windows and Linux x86/ARM
  • Standards Compliant (see the Standards and Conformance tabs)
  • Support for KMIP put and notify.

Interoperability

P6R is committed to ensuring interoperability of its KMIP client SDK with all KMIP servers and we are continually working with server vendors to ensure interoperability.
  • January 2016 - P6R Inc. participated in the OASIS KMIP Interop and tested with all participating KMIP servers:
    • Cryptsoft KMIP C Server SDK
    • Cryptsoft KMIP Java Server SDK
    • Fornetix Key Orchestration Server
    • HPE ESKM Server
    • IBM SKLM Server
    • QuintessenceLabs qCrypt Server
    • SafeNet KeySecure Server
    • Townsend Security Alliance Key Manager
    • Utimaco KeyServer
  • March 2015 - P6R Inc. participated in the OASIS KMIP Interop and tested with all participating KMIP servers:
    • Cryptsoft C KMIP Server
    • Cryptsoft Java KMIP Server
    • Dell KMIP Server
    • HP KMIP Server
    • IBM KMIP Server
    • Fornetix KMIP Server
    • Thales KMIP Server
    • Vormetric KMIP Server
  • Nov 2014 - P6R Integration with HP Enterprise Secure Key Manager
  • Jan 2014 - P6R Inc. participated in the OASIS KMIP Interop and tested with all participating KMIP servers:
    • Cryptsoft C KMIP Server
    • Cryptsoft Java KMIP Server
    • Dell KMIP Server
    • HP KMIP Server
    • IBM KMIP Server
    • SafeNet KMIP Server
    • Thales KMIP Server
    • Vormetric KMIP Server
  • Oct 2013 - QuintessenceLabs Announces Interoperability Partnership With P6R - Project 6 Research

UEFI Support

The SKC™ SDK provides limited support for UEFI platforms using the Tianocore UDK2014.SP1.P1 Release. The library provides access our low-level KMIP TTLV encoder/decoder interfaces. When used in combination with the native networking library and OpenSSL provided in the Tianocore UDK 2014 distribution, developers can more easily perform basic KMIP operations from within their UEFI drivers.

Layered API

The SKC™ SDK provides several different layers of abstraction, each building on the previous, enabling developers to use whichever layer or layers best suit their needs.

Layer 0 - Protocol Parser/Generator

This layer of the API provides full binary KMIP protocol message parsing and message generation. It is used to parse existing (already received) KMIP protocol messages or generate KMIP protocol message to be sent.

Layer 1 - Functional API

Layer 1 implements a slight higher level API that is more functional in nature, providing the base functionality for the various KMIP protocol interactions (connect to the server, create key, delete key, etc).

Layer 2 - DOM Tree

Layer 2 provides our DOM-tree API. Our DOM-tree has been enhanced to efficiently support binary data types. Utilizing a plugin it populates the DOM-tree with KMIP messages using the layer 1 APIs. Since a KMIP message is essentially a tree of nested structures this translation is straight forward. Once in the DOM tree, the data can be output in any supported format (XML, JSON, JsonML and a KMIP binary messages).

Layer 3 - XSLT/XPATH

This layer uses P6R's XSLT 2.0 and XPath 2.0 components. These components are now able to interact with the KMIP binary data in the DOM-tree, allowing it to be search, transformed, modified, etc using standard XSLT and XPath. For example, XSLT could be used to take just out part of a KMIP message, create a new message, or transform the entire message into yet another format (eg. SOAP or XML-RPC).

Full Client Implementation

The SKC™ SDK implements:
  • TTLV (Tag, Type, Length, Value) over SSL/TLS
  • TTLV over HTTPS
  • XML over HTTPS
  • JSON over HTTPS

KMIP 1.0 Operations Supported (both synchronous and asynchronous)

Create, Create Key Pair, Register, Re-key, Derive Key, Certify, Re-certify, Locate, Check, Get, Get Attributes, Get Attribute List, Add Attribute, Modify Attribute, Delete Attribute, Obtain Lease, Get Usage Allocation, Activate, Revoke, Destroy, Archive, Recover, Validate, Query (synch only), Cancel, Poll, and Server to Client operations: Notify, Put.

KMIP 1.1 Operations Supported (both synchronous and asynchronous):

Create, Create Key Pair, Register, Re-key, Derive Key, Certify, Re-certify, Locate, Check, Get, Get Attributes Get Attribute List, Add Attribute, Modify Attribute, Delete Attribute, Obtain Lease, Get Usage Allocation, Activate, Revoke, Destroy, Archive, Recover, Validate, Query (synch only), Cancel, Poll, Re-key Key Pair, Discover Versions (synch only), and Server to Client operations: Notify, Put.

KMIP 1.2 Operations Supported (both synchronous and asynchronous):

Create, Create Key Pair, Register, Re-key, Derive Key, Certify, Re-certify, Locate, Check, Get, Get Attributes Get Attribute List, Add Attribute, Modify Attribute, Delete Attribute, Obtain Lease, Get Usage Allocation, Activate, Revoke, Destroy, Archive, Recover, Validate, Query (synch only), Cancel, Poll, Re-key Key Pair, Discover Versions (synch only), Encrypt, Decrypt, Sign, Signature Verify, MAC, MAC Verify, RNG Retrieve, RNG Seed, Hash, Create Split Key, Join Split Key, and Server to Client operations: Notify, Put.

KMIP 1.3 Operations Supported (both synchronous and asynchronous):

Create, Create Key Pair, Register, Re-key, Derive Key, Certify, Re-certify, Locate (extended), Check, Get, Get Attributes Get Attribute List, Add Attribute, Modify Attribute, Delete Attribute, Obtain Lease, Get Usage Allocation, Activate, Revoke, Destroy, Archive, Recover, Validate, Query (synch only), Cancel, Poll, Re-key Key Pair, Discover Versions (synch only), Encrypt (streaming/non-streaming), Decrypt (streaming/non-streaming), Sign (streaming/non-streaming), Signature Verify (streaming/non-streaming), MAC (streaming/non-streaming), MAC Verify (streaming/non-streaming), RNG Retrieve, RNG Seed, Hash (streaming/non-streaming), Create Split Key, Join Split Key, and Server to Client operations: Notify, Put, Discover Versions (new), Query (new)

Managed Objects Supported

  • Certificate
  • Symmetric Key
  • Public Key
  • Private Key
  • Split Key
  • Template
  • Secret Data
  • Opaque Object
  • PGP Key

Cryptographic Algorithms

  • DES
  • 3DES
  • DES-X
  • AES (including counter mode)
  • RSA
  • DSA
  • Blowfish
  • CAST5
  • RC2
  • IDEA
  • EC
  • ECDSA
  • ECMQV
  • ECDH
  • DH
  • HMAC-SHA1
  • HMAC-SHA224
  • HMAC-SHA256
  • HMAC-SHA384
  • HMAC-SHA512
  • HMAC-MD2
  • HMAC-MD4
  • HMAC-MD5

Supported Key Formats

  • Raw
  • Opaque
  • PKCS#1
  • PKCS#8
  • X.509
  • Transparent ECDSA Private Key
  • Transparent ECDSA Public Key
  • Transparent ECDH Private Key
  • Transparent ECDH Public Key
  • Transparent ECMQV Private Key
  • Transparent ECMQV Public Key
  • Transparent Symmetric Key
  • Transparent DSA Public Key
  • Transparent DSA Private Key
  • Transparent RSA Public Key
  • Transparent RSA Private Key

Supported Platforms

SKC™ is currently supported on the following platforms:

  • Windows 7/8+ (32bit/64bit), Windows Server 2008R2+ (32bit/64bit)
  • Linux x86 Kernel 2.6+ (32bit/64bit)
  • Linux ARM Kernel 2.6+ (32bit/64bit) (with source license)
  • UEFI 64bit Tianocore Native PE Format (KMIP TTLV encoder/decoder only)
Included in the SKC Secure KMIP Client SDK, is our PKCS11 library that meets the requirements for conformance of a PKCS 11 Extended Provider and Authentication Token (see PKCS11 Cryptographic Token Interface Profiles Version 2.40, 14-Apr-2015, OASIS Committee Specification 01). The library currently provides two tokens (The "KMIP" and "Keystore" tokens) and may be extended by customers to provide their own token types via a plugin interface.

The KMIP Token

This token uses the facilities of a remote KMIP server to implement the features of the PKCS 11 Version 2.40 API allowing developers familiar with PKCS11 to store their keys on a KMIP server without having to learn about the KMIP protocol or KMIP SDKs. Our PKCS11 library allows the definition of any number of KMIP tokens all pointing to the same or different KMIP servers.

The Keystore Software Token

This token uses P6Rs cryptographic API and local secure Keystore to implement the features of the PKCS 11 Version 2.40 API. Our PKCS11 library allows the definition of any number of Keystore software tokens where each token gets its own separate secure Keystore to manage PKCS 11 objects.

HSM Tokens

We have added tokens for these popular HSM's:
  • DocuSign ARX PrivateServer HSM
  • FutureX HSM
  • HPE Atalla HSM (Network Security Processor)
  • Thales nShield Connect HSM
  • Utimaco CryptoServer HSM
Using our PKCS11 library which included as part of the SKC Secure KMIP Client SDK, your applications can now leverage these tokens to communicate with any of these HSM's.

PKCS11 Functions Implemented By The KMIP Token

  • C_Initialize
  • C_Finalize
  • C_GetInfo
  • C_GetFunctionList
  • C_GetSlotList
  • C_GetSlotInfo
  • C_GetTokenInfo
  • C_GetMechanismList
  • C_GetMechanismInfo
  • C_InitToken
  • C_InitPIN
  • C_SetPIN
  • C_OpenSession
  • C_CloseSession
  • C_CloseAllSessions
  • C_GetSessionInfo
  • C_Login
  • C_Logout
  • C_CreateObject
  • C_DestroyObject
  • C_GetAttributeValue
  • C_SetAttributeValue
  • C_FindObjectsInit
  • C_FindObjects
  • C_FindObjectsFinal
  • C_GenerateKey (not including domain parameters)
  • C_GenerateKeyPair
  • C_SeedRandom
  • C_GenerateRandom
  • C_SignInit
  • C_Sign
  • C_VerifyInit
  • C_Verify
  • C_EncryptInit
  • C_Encrypt
  • C_EncryptUpdate
  • C_EncryptFinal
  • C_DecryptInit
  • C_Decrypt
  • C_DecryptUpdate
  • C_DecryptFinal
  • C_DigestInit
  • C_Digest
  • C_DigestUpdate
  • C_DigestKey
  • C_DigestFinal
  • C_WrapKey
  • C_UnwrapKey (if the KMIP server supports unwrapping)

PKCS11 Functions Implemented By The Keystore Token

  • C_Initialize
  • C_Finalize
  • C_GetInfo
  • C_GetFunctionList
  • C_GetSlotList
  • C_GetSlotInfo
  • C_GetTokenInfo
  • C_GetMechanismList
  • C_GetMechanismInfo
  • C_InitToken
  • C_InitPIN
  • C_SetPIN
  • C_OpenSession
  • C_FindObjectsFinal
  • C_CloseSession
  • C_CloseAllSessions
  • C_GetSessionInfo
  • C_Login
  • C_Logout
  • C_CreateObject
  • C_DestroyObject
  • C_GetAttributeValue
  • C_SetAttributeValue
  • C_FindObjectsInit
  • C_FindObjects
  • C_FindObjectsFinal
  • C_GenerateKey (not including domain parameters)
  • C_GenerateKeyPair
  • C_GenerateRandom
  • C_SignInit
  • C_Sign
  • C_VerifyInit
  • C_Verify
  • C_EncryptInit
  • C_Encrypt
  • C_EncryptUpdate
  • C_EncryptFinal
  • C_DecryptInit
  • C_Decrypt
  • C_DecryptUpdate
  • C_DecryptFinal
  • C_DigestInit
  • C_Digest
  • C_DigestUpdate
  • C_DigestFinal
The SKC KMIP Client SDK follows the standards defined in these documents.
The OASIS Key management Interoperability Protocol (KMIP) defines a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. Go to OASIS Key Management Interoperability Protocol (KMIP) Technical Committee to learn more about the KMIP standard.
OASIS PKCS #11 is a standard for cryptographic tokens controlling authentication information (personal identity, cryptographic keys, certificates, digital signatures, biometric data). Go to OASIS PKCS #11 Technical Committee to learn more about the PKCS #11 standard.

Standards Reference Documents

OASIS, "Key Management Interoperabilty Protocol Specification 1.0", OASIS Standard, 15 June 2010.
OASIS, "Key Management Interoperabilty Protocol Specification 1.1", OASIS Standard, 24 January 2013.
OASIS, "Key Management Interoperabilty Protocol Specification 1.2", Candidate OASIS Standard 01, 13 January 2015.
OASIS, "Key Management Interoperability Protocol Test Cases Version 1.1", Working Draft 10, 27 April 2012.
OASIS, "Key Management Interoperability Protocol Test Cases Version 1.2", Committee Note 01, 11 November 2014.
OASIS, "KMIP Opaque Managed Object Store Profile Version 1.0", Candidate OASIS Standard 01, 03 Feburary 2015.
OASIS, "KMIP Additional Message Encodings Version 1.0", Candidate OASIS Standard 01, 13 January 2015.
OASIS, "KMIP Asymmetric Key Lifecycle Profile Version 1.0", Candidate OASIS Standard 01, 13 January 2015.
OASIS, "KMIP Cryptographic Services Profile Version 1.0", Candidate OASIS Standard 01, 03 Feburary 2015.
OASIS, "KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0", Candidate OASIS Standard 01, 13 January 2015.
OASIS, "KMIP Symmetric Key Lifecycle Profile Version 1.0", Candidate OASIS Standard 01, 13 January 2015.
OASIS, "KMIP Opaque Managed Object Store Profile Version 1.0", Candidate OASIS Standard 01, 03 Feburary 2015.
OASIS, "KMIP Tape Library Profile Version 1.0", Candidate OASIS Standard 01, 13 January 2015.
OASIS, "KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0", Candidate OASIS Standard 01, 13 January 2015.
OASIS, "KMIP Suite B Profile Version 1.0, Candidate OASIS Standard 01, 03 Feburary 2015.
OASIS, "Key Management Interoperability Protocol Test Cases Version 1.3", Working Draft 2, 26 January 2015.
OASIS, PKCS #11 Cryptofraphic Token Interface Base Specification Version 2.40, Candidate OASIS Standard 01, 23 December 2014.
OASIS, PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40, Candidate OASIS Standard 01, 23 December 2014.
OASIS, PKCS #11 Cryptographic Token Interfaces Historical Mechamisms Specification Version 2.40, Candidate OASIS Standard 01, 23 December 2014.
The SKC™ Secure KMIP Client SDK conforms to the following standard defined test cases using Tag Type Length Value (TTLV), XML, and JSON message encodings for all tests.

KMIP Version 1.0 Test Cases Supported

Test CaseDescription
TC-311-10Create / Destroy
TC-312-10Register / Create / Get attributes / Destroy
TC-313-10Create / Locate / Get / Destroy
TC-314-10Dual Client Test Case, ID Placeholder-linked Locate & Get Batch
TC-315-10Register / Destroy Secret Data
TC-32-10Asynchronous Locate
TC-41-10Revoke Scenario
TC-51-10Get Usage Allocation Scenario
TC-61-10Import of a Third-party Key
TC-71-10Unrecognized Message Extension with Criticality Indicator False
TC-72-10Unrecognized Message Extension with Criticality Indicator True
TC-81-10Create a Key Pair
TC-82-10Register Both Halves of a Key Pair
TC-91-10Create a Key, Re-key
TC-92-10Existing Key Expired, Re-key with Same Life-cycle
TC-93-10Existing Key Compromised, Re-key with Same Life-cycle
TC-94-10Create Key, Re-key with New Life-cycle
TC-95-10Obtain Lease for Expired Key
TC-101-10Create a Key, Archive and Recover it
TC-111-10Credential, Operation Policy, Destroy Date
TC-121-10Query, Maximum Response Size
TC-131-10Register an Asymmetric Key Pair in PKCS1 Format
TC-132-10Register an Asymmetric Key Pair and a Corresponding X509 Certificate
TC-134-10Register Key Pair, Certify and Re-certify Public Key
TC-NP-1-10Put
TC-NP-2-10Notify & Put
TC-ECC-1-10Register an ECC Key Pai
TC-ECC-2-10Register an ECC Key Pair in PKCS8 Format
TC-ECC-3-10Register an ECC Key Pair and ECDSA Certificate
TC-DERIVEKEY-1-10Derive Symmetric Key HASH
TC-DERIVEKEY-2-10Derive Symmetric Key HMAC
TC-DERIVEKEY-3-10Derive Symmetric Key with secret data
TC-DERIVEKEY-4-10Derive Symmetric Key with secret data
TC-DERIVEKEY-5-10Derive Symmetric Key with secret data
TC-REKEY-1-10Rekey multiple times
TC-AESXTS-1-10Two key encryption
TC-I18N-1-10Unicode characters in attributes values
TC-I18N-2-10Unicode characters in attributes values
TC-I18N-3-10Unicode characters in attributes values and custom attribute names

KMIP Version 1.0 Symmetric Key Lifecycle Profile

Test CaseDescription
SKLC-M-1-10Create, GetAttributes, Destroy
SKLC-M-2-10Create, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
SKLC-M-3-10Create, GetAttributes, Activate, GetAttributes, ModifyAttribute, Revoke, GetAttributes, Destroy
SKLC-O-1-10Create, GetAttributes, Destroy, GetAttributes

KMIP Version 1.0 Symmetric Key Foundry for FIPS 140-2 Profile

Test CaseDescription
SKFF-M-1-10 Create, Destroy AES-128
SKFF-M-2-10 Create, Destroy AES-192
SKFF-M-3-10 Create, Destroy AES-256
SKFF-M-4-10 Create, Destroy DES3-168
SKFF-M-5-10 Create, Locate, Get, Destroy, Locate AES-128
SKFF-M-6-10 Create, Locate, Get, Destroy, Locate AES-192
SKFF-M-7-10 Create, Locate, Get, Destroy, Locate AES-256
SKFF-M-8-10 Create, Locate, Get, Destroy, Locate DES3-168
SKFF-M-9-10 Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-128
SKFF-M-10-10 Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-192
SKFF-M-11-10 Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-256
SKFF-M-12-10 Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy DES3-168
SKFF-O-1-10 Create, Destroy SKIPJACK-80
SKFF-O-2-10 Create, Locate, Get, Destroy, Locate SKIPJACK-80
SKFF-O-3-10 Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy SKIPJACK-80
SKFF-O-4-10 Create, Destroy DES3-112
SKFF-O-5-10 Create, Locate, Get, Destroy, Locate DES3-112
SKFF-O-6-10 Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy DES3-112

KMIP Version 1.0 Asymmetric Key Lifecycle Profile Supported

Test CaseDescription
AKLC-M-1-10CreateKeyPair, GetAttributes, GetAttributes, Destroy
AKLC-M-2-10CreateKeyPair, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
AKLC-M-3-10CreateKeyPair, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
AKLC-O-1-10CreateKeyPair, GetAttributes, Destroy, GetAttributes

KMIP Version 1.0 Opaque Managed Object Store Profile

Test CaseDescription
OMOS-M-1-10Register small opaque objecty
OMOS-O-1-10Register large (>10k) opaque objecty

KMIP Version 1.0 KMIP Tape Library Profile Version 1.0

Test CaseDescription
TL-M-1-10Configuration
TL-M-2-10Write with new (created) key
TL-M-3-10Read an encrypted tape

KMIP Version 1.0 Key Management Interoperability Protocol Storage Array with Self-Encrypting Drives Profile Version 1.0

Test CaseDescription
SASED-M-1-10Configuration
SASED-M-2-10Register the authentication key
SASED-M-3-10Retrieve Authentication Key

SEPATON Profile Version 1.0

Test CaseDescription
SEPATON-1-10Query
SEPATON-2-10Locate, Create
SEPATON-3-10Locate, Get, GetAttributes, Activate, GetAttributes

KMIP Version 1.1 Test Cases Supported

Test CaseDescription
TC-311-11Create / Destroy
TC-312-11Register / Create / Get attributes / Destroy
TC-313-11Create / Locate / Get / Destroy
TC-314-11Dual Client Test Case, ID Placeholder-linked Locate & Get Batch
TC-315-11Register / Destroy Secret Data
TC-32-11Asynchronous Locate
TC-41-11Revoke Scenario
TC-51-11Get Usage Allocation Scenario
TC-61-11Import of a Third-party Key
TC-71-11Unrecognized Message Extension with Criticality Indicator False
TC-72-11Unrecognized Message Extension with Criticality Indicator True
TC-81-11Create a Key Pair
TC-82-11Register Both Halves of a Key Pair
TC-91-11Create a Key, Re-key
TC-92-11Existing Key Expired, Re-key with Same Life-cycle
TC-93-11Existing Key Compromised, Re-key with Same Life-cycle
TC-94-11Create Key, Re-key with New Life-cycle
TC-95-11Obtain Lease for Expired Key
TC-101-11Create a Key, Archive and Recover it
TC-111-11Credential, Operation Policy, Destroy Date
TC-112-11Device Credential, Operation Policy, Destroy Date
TC-121-11Query, Maximum Response Size
TC-122-11Query Vendor Extensions
TC-131-11Register an Asymmetric Key Pair in PKCS1 Format
TC-132-11Register an Asymmetric Key Pair and a Corresponding X509 Certificate
TC-133-11Create, Re-key Key Pair
TC-134-11Register Key Pair, Certify and Re-certify Public Key
TC-141-11Key Wrapping using AES Key Wrap and No Encoding
TC-142-11Key Wrapping using AES Key Wrap with Attributes
TC-151-11Locate a Fresh Object from the Default Group
TC-152-11Client-side Group Management
TC-153-11Default Object Group Member
TC-161-11Discover Versions
TC-171-11Handling of Attributes and Attribute Index Values
TC-181-11Digests of Symmetric Keys
TC-182-11Digests of RSA Private Keys
TC-NP-1-11Put
TC-NP-2-11Notify & Put
TC-ECC-1-11Register an ECC Key Pair
TC-ECC-2-11Register an ECC Key Pair in PKCS8 Format
TC-ECC-3-11Register an ECC Key Pair and ECDSA Certificate
TC-DERIVEKEY-1-11Derive Symmetric Key HASH
TC-DERIVEKEY-2-11Derive Symmetric Key HMAC
TC-DERIVEKEY-3-11Derive Symmetric Key with secret data
TC-DERIVEKEY-4-11Derive Symmetric Key with secret data
TC-DERIVEKEY-5-11Derive Symmetric Key with secret data
TC-REKEY-1-11Rekey multiple times
TC-AESXTS-1-11Two key encryption
TC-I18N-1-11Unicode characters in attributes values
TC-I18N-2-11Unicode characters in attributes values
TC-I18N-3-11Unicode characters in attributes values and custom attribute names

KMIP Version 1.1 - Symmetric Key Lifecycle Profile

Test CaseDescription
SKLC-M-1-11Create, GetAttributes, Destroy
SKLC-M-2-11Create, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
SKLC-M-3-11Create, GetAttributes, Activate, GetAttributes, ModifyAttribute, Revoke, GetAttributes, Destroy
SKLC-O-1-11Create, GetAttributes, Destroy, GetAttributes

KMIP Version 1.1 - Symmetric Key Foundry for FIPS 140-2 Profile

Test CaseDescription
SKFF-M-1-11Create, Destroy AES-128
SKFF-M-2-11Create, Destroy AES-192
SKFF-M-3-11Create, Destroy AES-256
SKFF-M-4-11Create, Destroy DES3-168
SKFF-M-5-11Create, Locate, Get, Destroy, Locate AES-128
SKFF-M-6-11Create, Locate, Get, Destroy, Locate AES-192
SKFF-M-7-11Create, Locate, Get, Destroy, Locate AES-256
SKFF-M-8-11Create, Locate, Get, Destroy, Locate DES3-168
SKFF-M-9-11Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-128
SKFF-M-10-11Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-192
SKFF-M-11-11Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-256
SKFF-M-12-11Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy DES3-168
SKFF-O-1-11Create, Destroy SKIPJACK-80
SKFF-O-2-11Create, Locate, Get, Destroy, Locate SKIPJACK-80
SKFF-O-3-11Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy SKIPJACK-80
SKFF-O-4-11Create, Destroy DES3-112
SKFF-O-5-11Create, Locate, Get, Destroy, Locate DES3-112
SKFF-O-6-11Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy DES3-112

KMIP Version 1.1 - Asymmetric Key Lifecycle Profile Supported

Test CaseDescription
AKLC-M-1-11CreateKeyPair, GetAttributes, GetAttributes, Destroy
AKLC-M-2-11CreateKeyPair, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
AKLC-M-3-11CreateKeyPair, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
AKLC-O-1-11CreateKeyPair, GetAttributes, Destroy, GetAttributes

KMIP Version 1.1 - KMIP Opaque Managed Object Store Profile

Test CaseDescription
OMOS-M-1-11Register small opaque object
OMOS-O-1-11Register large (>10k) opaque object

KMIP Version 1.1 - KMIP Tape Library Profile Version 1.0

Test CaseDescription
TL-M-1-11Configuration
TL-M-2-11Write with new (created) key
TL-M-3-11Read an encrypted tape

KMIP Version 1.1 - Key Management Interoperability Protocol Storage Array with Self-Encrypting Drives Profile Version 1.0

Test CaseDescription
SASED-M-1-11Configuration
SASED-M-2-11Register the authentication key
SASED-M-3-11Retrieve Authentication Key

KMIP Version 1.2 Test Cases Supported

Test CaseDescription
TC-311-12Create / Destroy
TC-312-12Register / Create / Get attributes / Destroy
TC-313-12Create / Locate / Get / Destroy
TC-314-12Dual Client Test Case, ID Placeholder-linked Locate & Get Batch
TC-315-12Register / Destroy Secret Data
TC-32-12Asynchronous Locate
TC-41-12Revoke Scenario
TC-51-12Get Usage Allocation Scenario
TC-61-12Import of a Third-party Key
TC-71-12Unrecognized Message Extension with Criticality Indicator False
TC-72-12Unrecognized Message Extension with Criticality Indicator True
TC-81-12Create a Key Pair
TC-82-12Register Both Halves of a Key Pair
TC-91-12Create a Key, Re-key
TC-92-12Existing Key Expired, Re-key with Same Life-cycle
TC-93-12Existing Key Compromised, Re-key with Same Life-cycle
TC-94-12Create Key, Re-key with New Life-cycle
TC-95-12Obtain Lease for Expired Key
TC-101-12Create a Key, Archive and Recover it
TC-111-12Credential, Operation Policy, Destroy Date
TC-112-12Device Credential, Operation Policy, Destroy Date
TC-121-12Query, Maximum Response Size
TC-122-12Query Vendor Extensions
TC-131-12Register an Asymmetric Key Pair in PKCS1 Format
TC-132-12Register an Asymmetric Key Pair and a Corresponding X509 Certificate
TC-133-12Create, Re-key Key Pair
TC-134-12Register Key Pair, Certify and Re-certify Public Key
TC-141-12Key Wrapping using AES Key Wrap and No Encoding
TC-142-12Key Wrapping using AES Key Wrap with Attributes
TC-151-12Locate a Fresh Object from the Default Group
TC-152-12Client-side Group Management
TC-153-12Default Object Group Member
TC-161-12Discover Versions
TC-171-12Handling of Attributes and Attribute Index Values
TC-181-12Digests of Symmetric Keys
TC-182-12Digests of RSA Private Keys
TC-PGP-1-12Register PGP Key - RSA
TC-MDO-1-12Register MDO Key
TC-MDO-2-12Locate MDO keys by Key Value Present
TC-MDO-3-12Register MDO Key using PKCS11 URI
TC-SJ-1-12Create and Split/Join
TC-SJ-2-12Register and Split / Join
TC-SJ-3-12Join Split Keys
TC-SJ-4-12Register and Split / Join with XOR
TC-NP-1-12Put
TC-NP-2-12Notify & Put
TC-ECC-1-12Register an ECC Key Pair
TC-ECC-2-12Register an ECC Key Pair in PKCS8 Format
TC-ECC-3-12Register an ECC Key Pair and ECDSA Certificate
TC-DERIVEKEY-1-12Derive Symmetric Key HASH
TC-DERIVEKEY-2-12Derive Symmetric Key HMAC
TC-DERIVEKEY-3-12Derive Symmetric Key with secret data
TC-DERIVEKEY-4-12Derive Symmetric Key with secret data
TC-DERIVEKEY-5-12Derive Symmetric Key with secret data
TC-REKEY-1-12Rekey multiple times
TC-AESXTS-1-12Two key encryption
TC-I18N-1-12Unicode characters in attributes values
TC-I18N-2-12Unicode characters in attributes values
TC-I18N-3-12Unicode characters in attributes values and custom attribute names

KMIP Version 1.2 - Symmetric Key Lifecycle Profile

Test CaseDescription
SKLC-M-1-12Create, GetAttributes, Destroy
SKLC-M-2-12Create, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
SKLC-M-3-12Create, GetAttributes, Activate, GetAttributes, ModifyAttribute, Revoke, GetAttributes, Destroy
SKLC-O-1-12Create, GetAttributes, Destroy, GetAttributes

KMIP Version 1.2 - Symmetric Key Foundry for FIPS 140-2 Profile

Test CaseDescription
SKFF-M-1-12Create, Destroy AES-128
SKFF-M-2-12Create, Destroy AES-192
SKFF-M-3-12Create, Destroy AES-256
SKFF-M-4-12Create, Destroy DES3-168
SKFF-M-5-12Create, Locate, Get, Destroy, Locate AES-128
SKFF-M-6-12Create, Locate, Get, Destroy, Locate AES-192
SKFF-M-7-12Create, Locate, Get, Destroy, Locate AES-256
SKFF-M-8-12Create, Locate, Get, Destroy, Locate DES3-168
SKFF-M-9-12Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-128
SKFF-M-10-12Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-192
SKFF-M-11-12Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-256
SKFF-M-12-12Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy DES3-168
SKFF-O-1-12Create, Destroy SKIPJACK-80
SKFF-O-2-12Create, Locate, Get, Destroy, Locate SKIPJACK-80
SKFF-O-3-12Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy SKIPJACK-80
SKFF-O-4-12Create, Destroy DES3-112
SKFF-O-5-12Create, Locate, Get, Destroy, Locate DES3-112
SKFF-O-6-12Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy DES3-112

KMIP Version 1.2 - Asymmetric Key Lifecycle Profile Supported

Test CaseDescription
AKLC-M-1-12CreateKeyPair, GetAttributes, GetAttributes, Destroy
AKLC-M-2-12CreateKeyPair, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
AKLC-M-3-12CreateKeyPair, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
AKLC-O-1-12CreateKeyPair, GetAttributes, Destroy, GetAttributes

KMIP Version 1.2 - KMIP Opaque Managed Object Store Profile

Test CaseDescription
OMOS-M-1-12Register small opaque object
OMOS-O-1-12Register large (>10k) opaque object

KMIP Version 1.2 - KMIP Tape Library Profile Version 1.0

Test CaseDescription
TL-M-1-12Configuration
TL-M-2-12Write with new (created) key
TL-M-3-12Read an encrypted tape

KMIP Version 1.2 - Key Management Interoperability Protocol Storage Array with Self-Encrypting Drives Profile Version 1.0

Test CaseDescription
SASED-M-1-12Configuration
SASED-M-2-12Register the authentication key
SASED-M-3-12Retrieve Authentication Key

KMIP Version 1.2 - KMIP Cryptographic Services Profile Supported

Test CaseDescription
CS-BC-M-1-12Encrypt with New Symmetric Key
CS-BC-M-2-12Decrypt with New Symmetric Key
CS-BC-M-3-12Encrypt and Decrypt with New Symmetric Key
CS-BC-M-4-12Encrypt with Known Symmetric Key
CS-BC-M-5-12Decrypt with Known Symmetric Key
CS-BC-M-6-12Encrypt and Decrypt with Known Symmetric Key
CS-BC-M-7-12Encrypt with Known Symmetric Key with Usage Limits
CS-BC-M-8-12Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding
CS-BC-M-9-12Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding
CS-BC-M-10-12Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC
CS-BC-M-11-12Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC and IV
CS-BC-M-12-12Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC and IV
CS-BC-M-13-12Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC and Random IV
CS-BC-M-14-12Encrypt and Decrypt with Known Symmetric Key Date Checks
CS-RNG-M-1-12RNG Retrieve
CS-RNG-O-1-12Seed RNG with Server Accept
CS-RNG-O-2-12Seed RNG with Server Partial Acceptt
CS-RNG-O-3-12Seed RNG with Server Ignoret
CS-RNG-O-4-12Seed RNG with Server Denyt
CS-AC-M-1-12Sign with Known Asymmetric Key
CS_AC-M-2-12Signature Verify with Known Asymmetric Key
CS-AC-M-3-12Sign and Signature Verify with Known Asymmetric Key
CS-AC-M-4-12MAC with Known Key
CS_AC-M-5-12MAC Verify with Known Key
CS-AC-M-6-12MAC and MAC Verify with Known Key
CS-AC-M-7-12Hash
CS-AC-M-8-12Sign and Signature Verify with Known Asymmetric Key Date Checks

KMIP 1.0, 1.1, 1.2 and 1.3 - KMIP Additional Message Encodings Supported

Test CaseDescription
MSGENC-HTTPS-1-10HTTPS POST: Query, Maximum Response Size
MSGENC-XML-1-10Message Encoding XML: Query, Maximum Response Size (In addition, we have run all above test cases in XML mode.)
MSGENC-JSON-1-10Message Encoding JSON: Query, Maximum Response Size (In addition, we have run all above test cases in JSON mode.)

KMIP 1.0, 1.1, 1.2, and 1.3 - KMIP Suite B Profile Version 1.0

Test CaseDescription
SUITEB_128-M-1-10 Query
SUITEB_192-M-1-10 Query
SUITEB_128-M-1-11 Query
SUITEB_192-M-1-11 Query
SUITEB_128-M-1-12 Query
SUITEB_192-M-1-12 Query

KMIP Version 1.3 Test Cases Supported

Test CaseDescription
TC-CREG-2-13Retrieve Initial Client Credentials
TC-OTP-1-13One Time Pad support
TC-OTP-2-13One Time Pad support
TC-OTP-3-13One Time Pad support
TC-OTP-4-13One Time Pad support
TC-Q-CAP-1-13Query Server Capabilities
TC-Q-CAP-2-13Query Server Capabilities
TC-Q-CREG_1-13Query Server Client Registration Methods
TC-Q-PROF-1-13Query Server supported profiles
TC-Q-PROF-2-13Query Server supported profiles
TC-Q-PROF-3-13Query Server supported profiles
TC-Q-RNGS-1-13Query Server supported RNG
TC-Q-RNGS-2-13Query Server supported RNG
TC-Q-RNGS-3-13Query Server supported RNG
TC-Q-RNGS-4-13Query Server supported RNG
TC-Q-RNGS-5-13Query Server supported RNG
TC-Q-S2C-1-13Server to Client Query client capabilities
TC-Q-S2C-2-13Server to Client Query client supported KMIP protocol versions
TC-Q-S2C-PROF-1-13Server to Client Query client supported profiles
TC-Q-S2C-PROF-2-13Server to Client Query client supported profiles
TC-Q-VAL-1-13Query Server Validations
TC-Q-VAL-2-13Query Server Validations
TC-RNG-ATTR-1-13Register / Get Attributes / Destroy
TC-RNG-ATTR-2-13Register / Get Attributes / Destroy
TC-STREAM-HASH-1-13Streaming) Hash
TC-STREAM-HASH-2-13Streaming) Hash
TC-STREAM-HASH-3-13Streaming) Hash
TC-STREAM-ENC-1-13Streaming) Encrypt with New Symmetric Key
TC-STREAM-ENC-2-13Streaming) Encrypt with Known Symmetric Key
TC-STREAM-ENCDEC-1-13Streaming) Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC
TC-OFFSET-1-13Locate with offset
TC-OFFSET-2-13Locate with offset
TC-DERIVEKEY-1-13Derive Symmetric Key HASH
TC-DERIVEKEY-2-13Derive Symmetric Key HMAC
TC-DERIVEKEY-3-13Derive Symmetric Key with secret data
TC-DERIVEKEY-4-13Derive Symmetric Key with secret data
TC-DERIVEKEY-5-13Derive Symmetric Key with secret data
TC-REKEY-1-13Rekey multiple times
TC-AESXTS-1-13Two key encryption
TC-I18N-1-13Unicode characters in attributes values
TC-I18N-2-13Unicode characters in attributes values
TC-I18N-3-13Unicode characters in attributes values and custom attribute names

KMIP Version 1.3 - Asymmetric Key Lifecycle Profile Supported

Test CaseDescription
AKLC-M-1-13CreateKeyPair, GetAttributes, GetAttributes, Destroy
AKLC-M-2-13CreateKeyPair, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
AKLC-M-3-13CreateKeyPair, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
AKLC-O-1-13CreateKeyPair, GetAttributes, Destroy, GetAttributes

KMIP Version 1.3 - KMIP Opaque Managed Object Store Profile

Test CaseDescription
OMOS-M-1-13Register small opaque object
OMOS-O-1-13Register large (>10k) opaque object

KMIP Version 1.3 - KMIP Tape Library Profile Version 1.0

Test CaseDescription
TL-M-1-13Configuration
TL-M-2-13Write with new (created) key
TL-M-3-13Read an encrypted tape

KMIP Version 1.3 - Symmetric Key Foundry for FIPS 140-2 Profile

Test CaseDescription
SKFF-M-1-13Create, Destroy AES-128
SKFF-M-2-13Create, Destroy AES-192
SKFF-M-3-13Create, Destroy AES-256
SKFF-M-4-13Create, Destroy DES3-168
SKFF-M-5-13Create, Locate, Get, Destroy, Locate AES-128
SKFF-M-6-13Create, Locate, Get, Destroy, Locate AES-192
SKFF-M-7-13Create, Locate, Get, Destroy, Locate AES-256
SKFF-M-8-13Create, Locate, Get, Destroy, Locate DES3-168
SKFF-M-9-13Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-128
SKFF-M-10-13Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-192
SKFF-M-11-13Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy AES-256
SKFF-M-12-13Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy DES3-168
SKFF-O-1-13Create, Destroy SKIPJACK-80
SKFF-O-2-13Create, Locate, Get, Destroy, Locate SKIPJACK-80
SKFF-O-3-13Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy SKIPJACK-80
SKFF-O-4-13Create, Destroy DES3-112
SKFF-O-5-13Create, Locate, Get, Destroy, Locate DES3-112
SKFF-O-6-13Create, Get, Activate, Revoke, Locate, Add/Mod/Del Attributes, Destroy DES3-112

KMIP Version 1.3 - Symmetric Key Lifecycle Profile

Test CaseDescription
SKLC-M-1-13Create, GetAttributes, Destroy
SKLC-M-2-13Create, GetAttributes, Activate, GetAttributes, Destroy, Revoke, GetAttributes, Destroy
SKLC-M-3-13Create, GetAttributes, Activate, GetAttributes, ModifyAttribute, Revoke, GetAttributes, Destroy
SKLC-O-1-13Create, GetAttributes, Destroy, GetAttributes

KMIP Version 1.3 - Key Management Interoperability Protocol Storage Array with Self-Encrypting Drives Profile Version 1.0

Test CaseDescription
SASED-M-1-13Configuration
SASED-M-2-13Register the authentication key
SASED-M-3-13Retrieve Authentication Key

KMIP Version 1.3 - KMIP Cryptographic Services Profile Supported

Test CaseDescription
CS-BC-M-1-13Encrypt with New Symmetric Key
CS-BC-M-2-13Decrypt with New Symmetric Key
CS-BC-M-3-13Encrypt and Decrypt with New Symmetric Key
CS-BC-M-4-13Encrypt with Known Symmetric Key
CS-BC-M-5-13Decrypt with Known Symmetric Key
CS-BC-M-6-13Encrypt and Decrypt with Known Symmetric Key
CS-BC-M-7-13Encrypt with Known Symmetric Key with Usage Limits
CS-BC-M-8-13Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding
CS-BC-M-9-13Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding
CS-BC-M-10-13Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC
CS-BC-M-11-13Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC and IV
CS-BC-M-12-13Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC and IV
CS-BC-M-13-13Encrypt and Decrypt with Known Symmetric Key and PKCS5 Padding and CBC and Random IV
CS-BC-M-14-13Encrypt and Decrypt with Known Symmetric Key Date Checks
CS-RNG-M-1-13RNG Retrieve
CS-RNG-O-1-13Seed RNG with Server Accept
CS-RNG-O-2-13Seed RNG with Server Partial Acceptt
CS-RNG-O-3-13Seed RNG with Server Ignoret
CS-RNG-O-4-13Seed RNG with Server Denyt
CS-AC-M-1-13Sign with Known Asymmetric Key
CS_AC-M-2-13Signature Verify with Known Asymmetric Key
CS-AC-M-3-13Sign and Signature Verify with Known Asymmetric Key
CS-AC-M-4-13MAC with Known Key
CS_AC-M-5-13MAC Verify with Known Key
CS-AC-M-6-13MAC and MAC Verify with Known Key
CS-AC-M-7-13Hash
CS-AC-M-8-13Sign and Signature Verify with Known Asymmetric Key Date Checks
Secure KMIP Client SDK Export Compliance
We have some good news regarding compliance with U.S. export controls!
P6R has obtained a Commodity Classification (Form BIS-6002L ~ CCATS No. G154787) from the Commerce Department's Bureau of Industry and Security confirming that the SKC Secure KMIP Client SDK is classified under Export Control Classification Number 5D002.c.1 on the Commerce Control List of the Export Administration Regulations (EAR).
As a result, SKC Secure KMIP Client SDK software now is eligible for export under the provisions of License Exception ENC/Unrestricted, pursuant to Section 740.17(b)(3) of the EAR. As such, SKC Secure KMIP Client SDK software may be exported and reexported to all countries except Cuba, Iran, North Korea, Syria and Sudan, subject to the standard restrictions on end-user and end-use described in the EAR. For more information regarding the use of License Exception ENC and other requirements of the EAR, please visit the Bureau of Industry and Security's website www.bis.doc.gov or contact their offices directly: Bureau of Industry and Security, Washington, D.C. (202) 482-4811
If you need further assistance or have more questions about SKC Secure KMIP Client SDK's export compliance, please Contact Us.

Licensing and Upgrades


Our "Develop Anywhere / Deploy Anywhere"™ License Highlights

  • Per-product license, no per developer costs.
  • Royalty free runtime. The DLLs can be redistributed royalty free with your product on any supported platforms.
  • One license covers all platforms. No need to purchase a license for each platform.
  • Includes 1 year of support and upgrade maintenance (support through our Helpdesk)
Our products and this license are designed to enable you to develop, test and deploy your solutions on any platform or platforms (that we support) without per-seat or per-platform restrictions.
                        P6R Software Library License Agreement v2.2

                        PLEASE READ THIS SOFTWARE LICENSE AGREEMENT CAREFULLY BEFORE  
                        DOWNLOADING OR USING THE SOFTWARE.

                        BY DOWNLOADING, INSTALLING, COPYING, CLICKING ON THE "I ACCEPT  
                        THE AGREEMENT" BUTTON DURING INSTALLATION, OR OTHERWISE USING  
                        THE SOFTWARE, YOU ARE CONSENTING TO BE BOUND BY THIS AGREEMENT.
                        IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, CLICK 
                        THE "I DO NOT ACCEPT THE AGREEMENT" BUTTON AND THE INSTALLATION 
                        PROCESS WILL NOT CONTINUE.  DESTROY ALL COPIES OF THE SOFTWARE 
                        (INCLUDING THE ORIGINAL) PROVIDED TO THE LICENSEE AND CONTACT P6R 
                        INC, FOR A FULL REFUND, OR DO NOT DOWNLOAD THE PRODUCT.

                        1. Definitions

                        a) "Software" is defined as all materials in the 
                        product distribution, including, but not limited to: 
                        documentation, source code, header files, dynamic-link libraries, 
                        shared libraries, static libraries, object code, executables,
                        makefiles, scripts, example source code, and license files.

                        b) "Redistributable Software" are files listed in the redist.txt        
                        file included with the Software.  The files listed in 
                        redist.txt comprise the binary runtime components and support files
                        necessary to deploy applications built with the Software into 
                        an end user environment.

                        c) "Licensee" shall refer to the individual licensee, either 
                        individual programmer or company or other organization.

                        d) "Documentation" is any explanatory written material included 
                        with the Software or available on P6R Inc's website in relation 
                        to the Software.


                        2. General

                        The Software is owned by P6R, Inc. and is protected under US  
                        copyright laws and international treaties. The Software is 
                        licensed not sold, and P6R, Inc. reserves all rights not 
                        expressly granted to the Licensee in this Agreement.  Ownership 
                        of intellectual property rights in the Software shall at all 
                        times remain with P6R, Inc.


                        3. License.

                        a) Software License. 
                        Subject to payment of the fee required for the license and the 
                        terms and conditions set forth in this Agreement, P6R, Inc. hereby  
                        grants to Licensee a perpetual, non-exclusive, non-transferable,  
                        limited worldwide license (a) to use the Software in a single
                        product and, (b) to use the Documentation (on and off-line).

                        c) Redistribution
                        Licensee's are also granted the right to reproduce and redistribute 
                        the Redistributable Software only as part of Licensee's product
                        on a royalty-free basis to any number of end users as well as 
                        Licensee's authorized distributers, worldwide, subject to the 
                        restrictions set forth in section (4) "License Restrictions" below. 

                        d) Example Code License
                        In addition, P6R, Inc. hereby grants to Licensee a perpetual, 
                        non-exclusive, non-transferable, limited worldwide license
                        to use, modify, and redistribute the example code only when 
                        incorporated into the Licensee's product(s) in binary form.

                        e) Trial License
                        Copies of the Software downloaded or otherwise obtained for
                        evaluation are subject to the following conditions:  The 
                        Licensee may install one copy of the Software for the purpose
                        of evaluation for a period of thirty (30) days from the 
                        initial download date.  Upon expiration of the evaluation 
                        time, the Software must be erased from the computer.  Under 
                        no circumstances may the trial software be used for 
                        commercial/production purposes. The Software may include
                        mechanisms to enforce the license terms and stop functioning
                        when the 30 day evaluation period has been completed.

                        4. License Restrictions

                        a) Licensee may not reverse engineer, decompile, or disassemble, 
                        any binary form of any portion of the Software.

                        b) Licensee can not transfer, rent, lease, or sublicense the  
                        Software, or any portions thereof.

                        c) Licensee can not change or remove the copyright notice from  
                        any of the files included in the Software.

                        d) Licensee may only distribute the Redistributable Software as 
                        part of a software application or development library produced 
                        by the Licensee that adds significant primary functionality to 
                        the Redistributable Software. LICENSEE MAY NOT, UNDER ANY 
                        CIRCUMSTANCES, DISTRIBUTE THE SOFTWARE AS PART OF A PRODUCT 
                        WHICH CONTAINS THE SAME, OR SUBSTANTIALLY THE SAME, 
                        FUNCTIONALITY AS THE SOFTWARE.

                        e) Licensee may not distribute the Redistributable Software in 
                        any software development product or toolkit meant for use by other 
                        developers other than the Licensee(s) that contains the same, or
                        substantially the same, functionality as the Software.

                        f) Applications created by the Licensee that include the  
                        Redistributable Software must be distributed with terms no less 
                        protective of the Software and Redistributable Software than 
                        those contained herein.
                        
                        5. DISCLAIMER OF EXPRESS AND IMPLIED WARRANTIES

                        THE SOFTWARE IS LICENSED "AS IS", WITH ALL FAULTS. THERE ARE NO 
                        WARRANTIES, EXPRESS OR IMPLIED. THE ENTIRE RISK AS TO THE QUALITY 
                        AND PERFORMANCE OF THE SOFTWARE IS WITH THE LICENSEE. SHOULD THE
                        SOFTWARE PROVE DEFECTIVE, THE LICENSEE AND NOT P6R, INC. ASSUMES 
                        THE ENTIRE COST OF ALL NECESSARY REVISION, MODIFICATION OR OTHER 
                        CORRECTIVE MEASURES. IN PARTICULAR AND WITHOUT LIMITATION, THE 
                        SOFTWARE IS LICENSED WITH NO IMPLIED WARRANTY OF MERCHANTABILITY, 
                        NO IMPLIED WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, NO 
                        IMPLIED WARRANTY OF NON-INFRINGEMENT OF INTELLECTUAL PROPERTY 
                        RIGHTS,	NO IMPLIED WARRANTY BASED UPON COURSE OF PRIOR DEALING, 
                        AND NO IMPLIED WARRANTY BASED UPON USAGE OF TRADE. FURTHER, 
                        P6R, INC. DOES NOT WARRANT THAT THE OPERATION OF THE SOFTWARE 
                        WILL BE UNINTERRUPTED OR ERROR-FREE, AND THE LICENSEE 
                        ACKNOWLEDGES THAT IT IS NOT TECHNOLOGICALLY PRACTICABLE FOR 
                        P6R, INC. TO DO SO.


                        6.	  LIMITATION OF DAMAGES AND REMEDIES

                        IF A LICENSEE IS FOR ANY REASON DISSATISFIED WITH THE SOFTWARE, 
                        THAT LICENSEE MAY GIVE NOTICE TO P6R, INC. WITHIN 30 DAYS OF 
                        LICENSURE AND OBTAIN A FULL REFUND OF THE LICENSE FEE ACTUALLY 
                        PAID TO AND RECEIVED BY P6R, INC.  THIS RIGHT TO GIVE NOTICE 
                        EXPIRES 30 DAYS FROM LICENSURE, REGARDLESS WHETHER THE 30TH 
                        DAY FALLS ON A SATURDAY, SUNDAY OR HOLIDAY.  IMMEDIATELY UPON 
                        GIVING SUCH NOTICE, LICENSEE SHALL DESTROY OR RETURN TO 
                        P6R, INC. ALL COPIES OF THE SOFTWARE, EXCEPT INSOFAR AS 
                        PORTIONS OF THE SOFTWARE HAVE ALREADY BEEN LAWFULLY 
                        INCORPORATED IN LICENSEE'S OWN WORK PRODUCT WHICH HAS BEEN 
                        SOLD AND DELIVERED TO THIRD PARTIES.  EXCEPT AS EXPRESSLY 
                        PROVIDED IN THIS PARAGRAPH, P6R, INC. SHALL NOT BE LIABLE FOR 
                        ANY CLAIM, ASSERTED BY THE LICENSEE OR BY THIRD PARTIES, 
                        ARISING UNDER BREACH OF WARRANTY OR ANY OTHER LEGAL OR 
                        EQUITABLE THEORY, WHETHER FOR INCIDENTAL OR CONSEQUENTIAL 
                        DAMAGES, LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS 
                        OF BUSINESS INFORMATION, PERSONAL INJURY, OR OTHERWISE, ARISING 
                        OUT OF THE LICENSE, THE USE OF THE SOFTWARE, OR THE INABILITY TO 
                        USE THE SOFTWARE, EVEN IF P6R, INC. HAS BEEN ADVISED OF THE 
                        POSSIBILITY OF SUCH CLAIM OR DAMAGES.  LICENSEE'S AND THIRD 
                        PARTIES' EXCLUSIVE REMEDY FOR ANY AND ALL CLAIMS ARISING IN 
                        CONNECTION WITH THE LICENSE OR THE SOFTWARE SHALL BE RECOVERY OF 
                        THE LICENSE FEE ACTUALLY PAID TO AND RECEIVED BY P6R, INC.  THIS 
                        LICENSE PROVIDES SPECIFIC LEGAL RIGHTS, AND THE LICENSEE MAY ALSO 
                        HAVE OTHER RIGHTS THAT VARY FROM STATE TO STATE.


                        7. UNAUTHORIZED USE

                        THE SOFTWARE IS NOT DESIGNED, AUTHORIZED OR INTENDED FOR USE IN 
                        ANY TYPE OF SYSTEM OR APPLICATION IN WHICH THE FAILURE OF THE 
                        SOFTWARE COULD CAUSE PERSONAL INJURY OR DEATH (EG. ANY 
                        TYPE OF MEDICAL SYSTEMS, IN THE DESIGN, CONSTRUCTION, OPERATION 
                        OR MAINTENANCE OF ANY NUCLEAR FACILITY OR WEAPONS SYSTEMS, IN 
                        THE CONTROL OF AIRCRAFT, AIRCRAFT COMMUNICATION, AIR-TRAFFIC,
                        AND AIRCRAFT NAVIGATION).  THE LICENCEE REPRESENTS AND WARRANTS
                        THAT IT WILL NOT USE OR REDISTRIBUTE THE SOFTWARE FOR SUCH 
                        PURPOSES.


                        8. Promotional Materials and Publicity

                        You authorize P6R Inc. to use Your name and trademarks 
                        in P6R's promotional materials and for publicity purposes. 
                        You can opt-out at any time by writing to:.


                        9. Export Controls

                        It is the Licensee's responsibility to comply with all United 
                        States Department of Commerce regulations and with the United  
                        States Export Administration Act to insure that the Software is  
                        not exported in violation of United States law.
                                       

                        10. Termination

                        P6R, Inc. may terminate this agreement at any time if the Licensee
                        is in breach of any of its terms and conditions.  Upon termination 
                        the Licensee will immediately return to P6R, Inc. or destroy all 
                        copies of the Software, except insofar as portions of the Software 
                        have already been lawfully incorporated in licensee's own work 
                        product which has been sold and delivered to third parties.  The 
                        provisions of sections 1, 2, 4, 5, 6, 7, 8, and 9 will survive any 
                        termination of this License Agreement.


                        11. Miscellaneous

                        a) Governing Laws. 
                        This Agreement shall be governed by the laws  of the United States
                        of America and of the State of California without regard to 
                        California's conflicts of law rules.

                        b) Assignability. 
                        Except as otherwise provided in this Agreement, 
                        Licensee may not sell, assign or delegate any rights or  
                        obligations under this Agreement.

                        c) Headings. 
                        Headings are used in this Agreement for reference and convenience 
                        only and shall not be considered when interpreting this Agreement.

                        g) Severability. 
                        If any provision of this Agreement is found to 
                        be illegal or unenforceable, the other provisions shall remain  
                        effective and enforceable to the greatest extent permitted by law.

                        h) Interpretation
                        Each term of this Agreement shall be interpreted in accordance with
                        its fair and natural meaning, without regard to any rule of strict
                        construction against the party who drafted it.

                        i) Entire Agreement

                        This Software License Agreement sets forth the entire agreement 
                        between the parties with regard to the subject matter hereof.  All 
                        agreements, covenants, representations and warranties of the parties, 
                        express and implied, oral and written, with regard to the subject 
                        matter hereof are contained herein.  No other agreement, covenants, 
                        representations or warranties, express or implied, oral or written, 
                        have been made by any party to another with regard to the subject 
                        matter hereof.  All prior and contemporaneous conversations, 
                        negotiations, possible and alleged agreements and representations, 
                        covenants and warranties with respect to the subject matter hereof 
                        are hereby waived, merged herein and superseded by this Software 
                        License Agreement.  This is an integrated Software License Agreement.