#[non_exhaustive]pub enum Mechanism<'a> {
Show 50 variants
AesKeyGen,
AesCbc([u8; 16]),
AesCbcPad([u8; 16]),
AesEcb,
AesKeyWrap,
AesKeyWrapPad,
AesGcm(GcmParams<'a>),
AesCbcEncryptData(AesCbcDeriveParams<'a>),
AesCMac,
RsaPkcsKeyPairGen,
RsaPkcs,
RsaPkcsPss(PkcsPssParams),
RsaPkcsOaep(PkcsOaepParams<'a>),
RsaX509,
DesKeyGen,
Des2KeyGen,
Des3KeyGen,
DesCbc([u8; 8]),
Des3Cbc([u8; 8]),
DesCbcPad([u8; 8]),
Des3CbcPad([u8; 8]),
DesEcb,
Des3Ecb,
EccKeyPairGen,
EccEdwardsKeyPairGen,
EccMontgomeryKeyPairGen,
Ecdh1Derive(Ecdh1DeriveParams<'a>),
Ecdsa,
EcdsaSha1,
EcdsaSha224,
EcdsaSha256,
EcdsaSha384,
EcdsaSha512,
Eddsa,
Sha1,
Sha224,
Sha256,
Sha384,
Sha512,
Sha1RsaPkcs,
Sha224RsaPkcs,
Sha256RsaPkcs,
Sha384RsaPkcs,
Sha512RsaPkcs,
Sha1RsaPkcsPss(PkcsPssParams),
Sha256RsaPkcsPss(PkcsPssParams),
Sha384RsaPkcsPss(PkcsPssParams),
Sha512RsaPkcsPss(PkcsPssParams),
Sha256Hmac,
GenericSecretKeyGen,
}
Expand description
Type defining a specific mechanism and its parameters
Variants (Non-exhaustive)§
This enum is marked as non-exhaustive
AesKeyGen
AES key gen mechanism
AesCbc([u8; 16])
AES-CBC mechanism
The parameter to this mechanism is the initialization vector.
For encryption, the message length must be a multiple of the block size. For wrapping, the mechanism encrypts the value of the key, padded on the trailing end with up to block size minus one null bytes. For unwrapping, the result is truncated according to the key type and the length provided by the template.
AesCbcPad([u8; 16])
AES-CBC with PKCS#7 padding mechanism
The parameter to this mechanism is the initialization vector.
The plaintext may be any size. The PKCS#7 padding allows the length of the plaintext to be recovered from the ciphertext. Therefore no length should be provided when unwrapping keys with this mechanism.
AesEcb
AES in ECB mode
AesKeyWrap
AES key wrap
AesKeyWrapPad
AES key wrap with padding block
AesGcm(GcmParams<'a>)
AES-GCM mechanism
AesCbcEncryptData(AesCbcDeriveParams<'a>)
AES-CBC-ENCRYPT-DATA mechanism
The parameter to this mechanism is the initialization vector and the message to encrypt. These mechanisms allow derivation of keys using the result of an encryption operation as the key value.
For derivation, the message length must be a multiple of the block size. See https://www.cryptsoft.com/pkcs11doc/v220/.
AesCMac
AES CMAC (RFC 4493)
RsaPkcsKeyPairGen
PKCS #1 RSA key pair generation mechanism
RsaPkcs
Multi-purpose mechanism based on the RSA public-key cryptosystem and the block formats initially defined in PKCS #1 v1.5
RsaPkcsPss(PkcsPssParams)
Mechanism based on the RSA public-key cryptosystem and the PSS block format defined in PKCS #1
RsaPkcsOaep(PkcsOaepParams<'a>)
Multi-purpose mechanism based on the RSA public-key cryptosystem and the OAEP block format defined in PKCS #1
RsaX509
Multi-purpose mechanism based on the RSA public-key cryptosystem. This is so-called “raw” RSA, as assumed in X.509.
DesKeyGen
DES
Des2KeyGen
DES2
Des3KeyGen
DES3
DesCbc([u8; 8])
DES-CBC mechanism
The parameter to this mechanism is the initialization vector.
For encryption, the message length must be a multiple of the block size. For wrapping, the mechanism encrypts the value of the key, padded on the trailing end with up to block size minus one null bytes. For unwrapping, the result is truncated according to the key type and the length provided by the template.
Des3Cbc([u8; 8])
DES3-CBC mechanism
The parameter to this mechanism is the initialization vector.
For encryption, the message length must be a multiple of the block size. For wrapping, the mechanism encrypts the value of the key, padded on the trailing end with up to block size minus one null bytes. For unwrapping, the result is truncated according to the key type and the length provided by the template.
DesCbcPad([u8; 8])
DES-CBC with PKCS#7 padding mechanism
The parameter to this mechanism is the initialization vector.
The plaintext may be any size. The PKCS#7 padding allows the length of the plaintext to be recovered from the ciphertext. Therefore no length should be provided when unwrapping keys with this mechanism.
Des3CbcPad([u8; 8])
DES3-CBC with PKCS#7 padding mechanism
The parameter to this mechanism is the initialization vector.
The plaintext may be any size. The PKCS#7 padding allows the length of the plaintext to be recovered from the ciphertext. Therefore no length should be provided when unwrapping keys with this mechanism.
DesEcb
DES ECB
Des3Ecb
DES3 ECB
EccKeyPairGen
EC key pair generation
EccEdwardsKeyPairGen
EC edwards key pair generation
EccMontgomeryKeyPairGen
EC montgomery key pair generation
Ecdh1Derive(Ecdh1DeriveParams<'a>)
ECDH
Ecdsa
ECDSA mechanism
EcdsaSha1
ECDSA with SHA-1 mechanism
EcdsaSha224
ECDSA with SHA-224 mechanism
EcdsaSha256
ECDSA with SHA-256 mechanism
EcdsaSha384
ECDSA with SHA-384 mechanism
EcdsaSha512
ECDSA with SHA-512 mechanism
Eddsa
EDDSA mechanism
Note: EdDSA is not part of the PKCS#11 v2.40 standard and as such may not be understood by the backend. It is included here because some vendor implementations support it through the v2.40 interface.
Sha1
SHA-1 mechanism
Sha224
SHA-224 mechanism
Sha256
SHA-256 mechanism
Sha384
SHA-384 mechanism
Sha512
SHA-512 mechanism
Sha1RsaPkcs
SHA1-RSA-PKCS mechanism
Sha224RsaPkcs
SHA224-RSA-PKCS mechanism
Sha256RsaPkcs
SHA256-RSA-PKCS mechanism
Sha384RsaPkcs
SHA384-RSA-PKCS mechanism
Sha512RsaPkcs
SHA512-RSA-PKCS mechanism
Sha1RsaPkcsPss(PkcsPssParams)
SHA1-RSA-PKCS-PSS mechanism
Sha256RsaPkcsPss(PkcsPssParams)
SHA256-RSA-PKCS-PSS mechanism
Sha384RsaPkcsPss(PkcsPssParams)
SHA256-RSA-PKCS-PSS mechanism
Sha512RsaPkcsPss(PkcsPssParams)
SHA256-RSA-PKCS-PSS mechanism
Sha256Hmac
SHA256-HMAC mechanism
GenericSecretKeyGen
GENERIC-SECRET-KEY-GEN mechanism
Implementations§
source§impl Mechanism<'_>
impl Mechanism<'_>
sourcepub fn mechanism_type(&self) -> MechanismType
pub fn mechanism_type(&self) -> MechanismType
Get the type of a mechanism