The PKCS #11 library supports the following algorithms:
Encryption and decryption: AES-CBC, AES-CTR, AES-ECB, AES-GCM, DES3-CBC, DES3-ECB, RSA-OAEP, and RSA-PKCS
Sign and verify: RSA, HMAC, and ECDSA; with and without hashing
Hash/digest: SHA1, SHA224, SHA256, SHA384, and SHA512
Key wrap: AES Key Wrap, AES-GCM, RSA-AES, and RSA-OAEP
Key derivation: ECDH
Supported key generation mechanisms
CKM_GENERIC_SECRET_KEY_GEN
CKM_DES3_KEY_GEN
CKM_AES_KEY_GEN
CKM_RSA_PKCS_KEY_PAIR_GEN
CKM_EC_KEY_PAIR_GEN
Supported sign and verify mechanisms
CKM_SHA1_RSA_PKCS
CKM_SHA224_RSA_PKCS
CKM_SHA256_RSA_PKCS
CKM_SHA384_RSA_PKCS
CKM_SHA512_RSA_PKCS
CKM_RSA_PKCS_PSS
CKM_SHA1_RSA_PKCS_PSS
CKM_SHA224_RSA_PKCS_PSS
CKM_SHA256_RSA_PKCS_PSS
CKM_SHA384_RSA_PKCS_PSS
CKM_SHA512_RSA_PKCS_PSS
CKM_ECDSA
CKM_ECDSA_SHA1
CKM_ECDSA_SHA224
CKM_ECDSA_SHA256
CKM_ECDSA_SHA384
CKM_ECDSA_SHA512
CKM_SHA_1_HMAC
CKM_SHA224_HMAC
CKM_SHA256_HMAC
CKM_SHA384_HMAC
CKM_SHA512_HMAC
Supported digest mechanisms
CKM_SHA_1
CKM_SHA224
CKM_SHA256
CKM_SHA384
CKM_SHA512
Supported encrypt and decrypt mechanisms
CKM_DES3_CBC
CKM_DES3_CBC_PAD
CKM_DES3_ECB
CKM_AES_CBC
CKM_AES_CBC_PAD
CKM_AES_ECB
CKM_AES_CTR
CKM_AES_GCM
CKM_CLOUDHSM_AES_GCM
CKM_AES_KEY_WRAP
CKM_AES_KEY_WRAP_PAD
CKM_AES_KEY_WRAP_NO_PAD
CKM_AES_KEY_WRAP_PKCS5_PAD
CKM_RSA_PKCS
CKM_RSA_PKCS_OAEP
Supported derive key mechanisms
CKM_ECDH1_DERIVE
Supported wrap and unwrap mechanisms
CKM_AES_GCM
CKM_CLOUDHSM_AES_GCM
CKM_AES_KEY_WRAP
CKM_AES_KEY_WRAP_PAD
CKM_AES_KEY_WRAP_NO_PAD
CKM_AES_KEY_WRAP_PKCS5_PAD
CKM_RSA_AES_KEY_WRAP
CKM_DES3_NIST_WRAP
CKM_RSA_PKCS
CKM_RSA_PKCS_OAEP