corePKCS11  V3.0.0
PKCS #11 Cryptoki Library
PKCS #11 Configuration Macros

These are the configuration macros used by the PKCS #11 Library.

configPKCS11_DEFAULT_USER_PIN

The default user pin for PKCS #11. This feature is generally not used for microcontroller based applications.

Possible values: Any four digit code Default value (if undefined): "0000"

pkcs11configMAX_LABEL_LENGTH

Max length of a PKCS #11 Label attribute

PKCS #11 uses labels to map human readable strings to a PKCS #11 object. This defines the maximum allowable length for such a string.

Possible values: Any positive integer.
Default value (if undefined): 32

pkcs11configMAX_NUM_OBJECTS

Maximum number of token objects that can be stored by the PKCS #11 module.

Possible values: Any positive integer.
Default value (if undefined): 6

pkcs11configMAX_SESSIONS

Maximum number of sessions that can be stored by the PKCS #11 module.
The more sessions created, the higher RAM used by the PKCS #11 module.
Possible values: Any positive integer.
Default value (if undefined): 10

pkcs11testIMPORT_PRIVATE_KEY_SUPPORT

Set to 1 if the PKCS #11 stack or device/hsm can load objects from an external source.

Possible values: 0 or 1
Default value (if undefined): 0

pkcs11testGENERATE_KEYPAIR_SUPPORT

Set to 1 if the PKCS #11 stack or device/hsm can generate a key pair.

Note
The device should be able to store certificate onboard as well.

Possible values: 0 or 1
Default value (if undefined): 0

pkcs11testPREPROVISIONED_SUPPORT

Set to 1 if the PKCS #11 stack or device/hsm is pre-provisioned with all objects necessary to connect to AWS IoT Core.
Possible values: 0 or 1
Default value (if undefined): 0

pkcs11configPAL_DESTROY_SUPPORTED

Set to 1 if a PAL destroy object is implemented.

Set to 1 if a PAL destroy object is implemented. If not implemented PKCS #11 will not be able to destroy existing objects.

Possible values: Any positive integer.
Default value (if undefined): 0

pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS

The PKCS #11 label for device private key.

The PKCS #11 label for device private key. Private key for connection to AWS IoT endpoint. The corresponding public key should be registered with the AWS IoT endpoint.

Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value (if undefined): Device Priv TLS Key

pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS

The PKCS #11 label for device private key.

The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS.

Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value (if undefined): Device Pub TLS Key

pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS

The PKCS #11 label for the device certificate. Device certificate corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS.

Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value (if undefined): Device Cert

pkcs11configLABEL_ROOT_CERTIFICATE

The PKCS #11 label for the AWS Trusted Root Certificate.

The PKCS #11 label for the AWS Trusted Root Certificate.

Possible values: Any String smaller then pkcs11configMAX_LABEL_LENGTH.
Default value (if undefined): Root Cert