# Key management

Source: [https://docs.qualcomm.com/doc/80-70015-11/topic/key-management.html](https://docs.qualcomm.com/doc/80-70015-11/topic/key-management.html)

The Qualcomm Linux Security solution supports the public-key cryptography standards
        by implementing the PKCS#11 APIs. This feature allows applications to use keys and
        certificates in a platform-independent manner.

PKCS#11 is implemented as a global platform for running trusted applications within
            Qualcomm TEE. There is also a corresponding rich execution environment (REE)
            implementation for these applications.

For more information, see the following documents:
- [PKCS #11 Cryptographic Token Interface Base
                        Specification](http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html)
- [PKCS #11 Cryptographic Token Interface Usage
                        Guide](https://docs.oasis-open.org/pkcs11/pkcs11-ug/v2.40/cnd01/pkcs11-ug-v2.40-cnd01.html)

## Limitations

The following functionalities are not supported:
- Random number generator functionality
- P-192 in CKM\_ECDSA
- RSA PKCS key generation and signing in CKM\_RSA\_PKCS mode
- EDDSA key generation and signing

**Parent Topic:** [Features](https://docs.qualcomm.com/doc/80-70015-11/topic/features.html)

Last Published: Oct 14, 2024

[Previous Topic
Cryptography](https://docs.qualcomm.com/bundle/publicresource/80-70015-11/topics/crypto-core.md) [Next Topic
Secure boot](https://docs.qualcomm.com/bundle/publicresource/80-70015-11/topics/secure-boot.md)