view release on metacpan or  search on metacpan

lib/Crypt/HSM/Slot.pm  view on Meta::CPAN

=item * C<model>

Model of the device.

=item * C<serial-number>

Serial number of the device.

=item * C<flags>

Flags on the slot, this hash contains the following entries:

=over 4

=item * C<rng>

True if the token has its own random number generator

=item * C<write-protected>

True if the token is write-protected (see below)

=item * C<login-required>

True if there are some cryptographic functions that a user MUST be logged in to perform

=item * C<user-pin-initialized>

True if the normal user’s PIN has been initialized

=item * C<restore-key-not-needed>

True if a successful save of a session’s cryptographic operations state always contains all keys needed to restore the state of the session

=item * C<clock-on-token>

True if token has its own hardware clock

=item * C<protected-authentication-path>

True if token has a “protected authentication path”, whereby a user can log into the token without passing a PIN through the Cryptoki library

=item * C<dual-crypto-operations>

True if a single session with the token can perform dual cryptographic operations

=item * C<token-initialized>

True if the token has been initialized using C<init_token> or an equivalent mechanism outside the scope of this standard. Calling C<init_token> when this flag is set will cause the token to be reinitialized.

=item * C<secondary-authentication>

True if the token supports secondary authentication for private key objects (deprecated).

=item * C<user-pin-count-low>

True if an incorrect user login PIN has been entered at least once since the last successful authentication.

=item * C<user-pin-final-try>

True if supplying an incorrect user PIN will cause it to become locked.

=item * C<user-pin-locked>

True if the user PIN has been locked. User login to the token is not possible.

=item * C<user-pin-to-be-changed>

True if the user PIN value is the default value set by token initialization or manufacturing, or the PIN has been expired by the card.

=item * C<so-pin-count-low>

True if an incorrect SO login PIN has been entered at least once since the last successful authentication.

=item * C<so-pin-final-try>

True if supplying an incorrect SO PIN will cause it to become locked.

=item * C<so-pin-locked>

True if the SO PIN has been locked. SO login to the token is not possible.

=item * C<so-pin-to-be-changed>

True if the SO PIN value is the default value set by token initialization or manufacturing, or the PIN has been expired by the card.

=item * C<error-state>

True if the token failed a FIPS 140-2 self-test and entered an error state.

=back

=item * C<max-session-count>

Maximum number of sessions that can be opened with the token at one time by a single application

=item * C<session-count>

Number of sessions that this application currently has open with the token

=item * C<max-rw-session-count>

Maximum number of read/write sessions that can be opened with the token at one time by a single application

=item * C<rw-session-count>

Number of read/write sessions that this application currently has open with the token

=item * C<max-pin-len>

Maximum length in bytes of the PIN

=item * C<min-pin-len>

Minimum length in bytes of the PIN

=item * C<total-public-memory>

The total amount of memory on the token in bytes in which public objects may be stored

=item * C<free-public-memory>

The amount of free (unused) memory on the token in bytes for public objects

=item * C<total-private-memory>

The total amount of memory on the token in bytes in which private objects may be stored

=item * C<free-private-memory>

The amount of free (unused) memory on the token in bytes for private objects

=item * C<hardware-version>

Version number of the slot’s hardware

=item * C<firmware-version>

Version number of the slot’s firmware

=item * C<utc-time>