# Key management

Source: [https://docs.qualcomm.com/doc/80-70014-11/topic/key-management.html](https://docs.qualcomm.com/doc/80-70014-11/topic/key-management.html)

The Qualcomm security solution supports the public-key cryptography standards
        (PKCS#11) by implementing the PKCS#11 APIs. This allows applications to use keys and
        certificates in a platform-independent manner.

PKCS#11 is implemented as a global platform trusted application (GP TA) within Qualcomm
            TEE.There is also a corresponding rich execution environment (REE) implementation for
            these applications.

For more information, see the following documents:

| Document | Link |
| --- | --- |
| <cite class="cite">PKCS #11 Cryptographic Token Interface Base Specification<br>                                Version 2.40</cite> | [http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html](http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html) |
| <cite class="cite">PKCS #11 Cryptographic Token Interface Usage Guide Version<br>                                2.40</cite> | [https://docs.oasis-open.org/pkcs11/pkcs11-ug/v2.40/cnd01/pkcs11-ug-v2.40-cnd01.html](https://docs.oasis-open.org/pkcs11/pkcs11-ug/v2.40/cnd01/pkcs11-ug-v2.40-cnd01.html) |

## Limitations

The following known limitations are not supported:
- Random number generator functionality
- P-192 in CKM\_ECDSA
- RSA PKCS key generation and signing in CKM\_RSA\_PKCS mode
- EDDSA key genration and signing

**Parent Topic:** [Features](https://docs.qualcomm.com/doc/80-70014-11/topic/features.html)

Last Published: Aug 06, 2024

[Previous Topic
Cryptography](https://docs.qualcomm.com/bundle/publicresource/80-70014-11/topics/crypto-core.md) [Next Topic
Secure boot](https://docs.qualcomm.com/bundle/publicresource/80-70014-11/topics/secure-boot.md)