PKCS#11 Interface
The Security Services PKCS#11 library is a user space library available to DRIVE OS applications running on the Guest OS that provides a sub-set of the PKCS#11 interface as specified by the PKCS#11 v3.00 specification. In addition, some NVIDIA extensions are included.
It exposes interfaces for cryptographic hardware offload using the Security Engine for typical cryptography operations like symmetric-key/asymmetric-key cryptography, message authentication code generation, and pseudo random number generation.
Additionally, it also exposes interfaces for key management operations, including key generation, key derivation, and access to the dedicated secure key storage solution.
All cryptographic and key management operations are tightly coupled and securely implemented in SoC hardware, and the hardware-backed Trusted Execution Environment.