Virtual Token
The Signing Automation Service uses “virtual tokens” as per the “physical” tokens described in the PKCS #11 standard. When your signing application connects to the server, the Signing Automation Client provides a virtual token with the following standard operations.
|
PKCS #11 Mechanism |
Supported operations |
|
CKM_ECDSA |
Sign and verify with NIST P256, NIST P384, or NIST P521 curves. |
|
CKM_ECDSA_KEY_PAIR_GEN |
Generate ECDSA key pairs with NIST P256, NIST P384, or NIST P521 curves. |
|
CKM_RSA_PKCS |
Sign and verify with PKCS1.5 padding (and software-based hashing) with 2048, 3072, or 4096 key sizes. |
|
CKM_RSA_PKCS_KEY_PAIR_GEN |
Generate RSA key pairs with 2048, 3072, or 4096 key sizes. |
|
CKM_SHA256_RSA_PKCS |
Sign and verify with PKCS1.5 and SHA 256 hashing with 2048, 3072, or 4096 key sizes. |
|
CKM_SHA384_RSA_PKCS |
Sign and verify with PKCS1.5 and SHA 384 hashing with 2048, 3072, or 4096 key sizes. |
|
CKM_SHA512_RSA_PKCS |
Sign and verify with PKCS1.5 and SHA 512 hashing with 2048, 3072, or 4096 key sizes. |