diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
index 8766fb5f..8fb3e5af 100644
--- a/src/pkcs11/pkcs11-object.c
+++ b/src/pkcs11/pkcs11-object.c
@@ -1463,6 +1463,181 @@ CK_RV C_VerifyRecover(CK_SESSION_HANDLE hSession,	/* the session's handle */
 	return CKR_FUNCTION_NOT_SUPPORTED;
 }
 
+/* PKCS #11 3.0 only */
+CK_RV C_MessageEncryptInit(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			   CK_MECHANISM_PTR pMechanism,  /* the encryption mechanism */
+			   CK_OBJECT_HANDLE hKey)         /* handle of encryption key */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_EncryptMessage(CK_SESSION_HANDLE hSession,   /* the session's handle */
+		       CK_VOID_PTR pParameter,       /* message specific parameter */
+		       CK_ULONG ulParameterLen,      /* length of message specific parameter */
+		       CK_BYTE_PTR pAssociatedData,  /* AEAD Associated data */
+		       CK_ULONG ulAssociatedDataLen, /* AEAD Associated data length */
+		       CK_BYTE_PTR pPlaintext,       /* plain text  */
+		       CK_ULONG ulPlaintextLen,      /* plain text length */
+		       CK_BYTE_PTR pCiphertext,      /* gets cipher text */
+		       CK_ULONG_PTR pulCiphertextLen) /* gets cipher text length */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_EncryptMessageBegin(CK_SESSION_HANDLE hSession,   /* the session's handle */
+			    CK_VOID_PTR pParameter,       /* message specific parameter */
+			    CK_ULONG ulParameterLen,      /* length of message specific parameter */
+			    CK_BYTE_PTR pAssociatedData,  /* AEAD Associated data */
+			    CK_ULONG ulAssociatedDataLen)  /* AEAD Associated data length */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_EncryptMessageNext(CK_SESSION_HANDLE hSession,        /* the session's handle */
+			   CK_VOID_PTR pParameter,            /* message specific parameter */
+			   CK_ULONG ulParameterLen,           /* length of message specific parameter */
+			   CK_BYTE_PTR pPlaintextPart,        /* plain text */
+			   CK_ULONG ulPlaintextPartLen,       /* plain text length */
+			   CK_BYTE_PTR pCiphertextPart,       /* gets cipher text */
+			   CK_ULONG_PTR pulCiphertextPartLen, /* gets cipher text length */
+			   CK_FLAGS flags)                     /* multi mode flag */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_MessageEncryptFinal(CK_SESSION_HANDLE hSession)        /* the session's handle */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_MessageDecryptInit(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			   CK_MECHANISM_PTR pMechanism,  /* the decryption mechanism */
+			   CK_OBJECT_HANDLE hKey)         /* handle of decryption key */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_DecryptMessage(CK_SESSION_HANDLE hSession,    /* the session's handle */
+		       CK_VOID_PTR pParameter,       /* message specific parameter */
+		       CK_ULONG ulParameterLen,      /* length of message specific parameter */
+		       CK_BYTE_PTR pAssociatedData,  /* AEAD Associated data */
+		       CK_ULONG ulAssociatedDataLen, /* AEAD Associated data length */
+		       CK_BYTE_PTR pCiphertext,      /* cipher text */
+		       CK_ULONG ulCiphertextLen,     /* cipher text length */
+		       CK_BYTE_PTR pPlaintext,       /* gets plain text */
+		       CK_ULONG_PTR pulPlaintextLen)  /* gets plain text length */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_DecryptMessageBegin(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			    CK_VOID_PTR pParameter,       /* message specific parameter */
+			    CK_ULONG ulParameterLen,      /* length of message specific parameter */
+			    CK_BYTE_PTR pAssociatedData,  /* AEAD Associated data */
+			    CK_ULONG ulAssociatedDataLen)  /* AEAD Associated data length */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_DecryptMessageNext(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			   CK_VOID_PTR pParameter,            /* message specific parameter */
+			   CK_ULONG ulParameterLen,           /* length of message specific parameter */
+			   CK_BYTE_PTR pCiphertextPart,       /* cipher text */
+			   CK_ULONG ulCiphertextPartLen,      /* cipher text length */
+			   CK_BYTE_PTR pPlaintextPart,        /* gets plain text */
+			   CK_ULONG_PTR pulPlaintextPartLen,  /* gets plain text length */
+			   CK_FLAGS flags)                     /* multi mode flag */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_MessageDecryptFinal(CK_SESSION_HANDLE hSession)    /* the session's handle */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_MessageSignInit(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			CK_MECHANISM_PTR pMechanism,  /* the signing mechanism */
+			CK_OBJECT_HANDLE hKey)         /* handle of signing key */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_SignMessage(CK_SESSION_HANDLE hSession,    /* the session's handle */
+		    CK_VOID_PTR pParameter,       /* message specific parameter */
+		    CK_ULONG ulParameterLen,      /* length of message specific parameter */
+		    CK_BYTE_PTR pData,            /* data to sign */
+		    CK_ULONG ulDataLen,           /* data to sign length */
+		    CK_BYTE_PTR pSignature,       /* gets signature */
+		    CK_ULONG_PTR pulSignatureLen)  /* gets signature length */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_SignMessageBegin(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			 CK_VOID_PTR pParameter,       /* message specific parameter */
+			 CK_ULONG ulParameterLen)      /* length of message specific parameter */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_SignMessageNext(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			CK_VOID_PTR pParameter,       /* message specific parameter */
+			CK_ULONG ulParameterLen,      /* length of message specific parameter */
+			CK_BYTE_PTR pData,            /* data to sign */
+			CK_ULONG ulDataLen,           /* data to sign length */
+			CK_BYTE_PTR pSignature,       /* gets signature */
+			CK_ULONG_PTR pulSignatureLen)  /* gets signature length */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_MessageSignFinal(CK_SESSION_HANDLE hSession)    /* the session's handle */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_MessageVerifyInit(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			  CK_MECHANISM_PTR  pMechanism,  /* the signing mechanism */
+			  CK_OBJECT_HANDLE  hKey)         /* handle of signing key */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_VerifyMessage(CK_SESSION_HANDLE hSession,    /* the session's handle */
+		      CK_VOID_PTR pParameter,       /* message specific parameter */
+		      CK_ULONG ulParameterLen,      /* length of message specific parameter */
+		      CK_BYTE_PTR pData,            /* data to sign */
+		      CK_ULONG ulDataLen,           /* data to sign length */
+		      CK_BYTE_PTR pSignature,       /* signature */
+		      CK_ULONG ulSignatureLen)       /* signature length */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_VerifyMessageBegin(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			   CK_VOID_PTR pParameter,       /* message specific parameter */
+			   CK_ULONG ulParameterLen)      /* length of message specific parameter */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_VerifyMessageNext(CK_SESSION_HANDLE hSession,    /* the session's handle */
+			  CK_VOID_PTR pParameter,       /* message specific parameter */
+			  CK_ULONG ulParameterLen,      /* length of message specific parameter */
+			  CK_BYTE_PTR pData,            /* data to sign */
+			  CK_ULONG ulDataLen,           /* data to sign length */
+			  CK_BYTE_PTR pSignature,       /* signature */
+			  CK_ULONG ulSignatureLen)       /* signature length */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+CK_RV C_MessageVerifyFinal(CK_SESSION_HANDLE hSession)    /* the session's handle */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
 /*
  * Helper function to compare attributes on any sort of object
  */
diff --git a/src/pkcs11/pkcs11-session.c b/src/pkcs11/pkcs11-session.c
index c6b271b7..00ee05fc 100644
--- a/src/pkcs11/pkcs11-session.c
+++ b/src/pkcs11/pkcs11-session.c
@@ -188,6 +188,13 @@ out:
 	return rv;
 }
 
+/* PKCS #11 3.0 only */
+CK_RV C_SessionCancel(CK_SESSION_HANDLE hSession,  /* the session's handle */
+		      CK_FLAGS flags)      /* flags control which sessions are cancelled */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
 CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession,	/* the session's handle */
 		       CK_SESSION_INFO_PTR pInfo)
 {				/* receives session information */
@@ -334,6 +341,17 @@ out:
 	return rv;
 }
 
+/* PKCS #11 3.0 only */
+CK_RV C_LoginUser(CK_SESSION_HANDLE hSession,	/* the session's handle */
+		  CK_USER_TYPE userType,	/* the user type */
+		  CK_CHAR_PTR pPin,	/* the user's PIN */
+		  CK_ULONG ulPinLen, /* the length of the PIN */
+		  CK_UTF8CHAR_PTR pUsername, /* the user's name */
+		  CK_ULONG ulUsernameLen) /*the length of the user's name */
+{
+	return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
 CK_RV C_Logout(CK_SESSION_HANDLE hSession)
 {				/* the session's handle */
 	CK_RV rv;
diff --git a/src/pkcs11/pkcs11.exports b/src/pkcs11/pkcs11.exports
index 920f5faa..1965b5bc 100644
--- a/src/pkcs11/pkcs11.exports
+++ b/src/pkcs11/pkcs11.exports
@@ -66,3 +66,27 @@ C_GenerateRandom
 C_GetFunctionStatus
 C_CancelFunction
 C_WaitForSlotEvent
+C_GetInterfaceList
+C_GetInterface
+C_LoginUser
+C_SessionCancel
+C_MessageEncryptInit
+C_EncryptMessage
+C_EncryptMessageBegin
+C_EncryptMessageNext
+C_MessageEncryptFinal
+C_MessageDecryptInit
+C_DecryptMessage
+C_DecryptMessageBegin
+C_DecryptMessageNext
+C_MessageDecryptFinal
+C_MessageSignInit
+C_SignMessage
+C_SignMessageBegin
+C_SignMessageNext
+C_MessageSignFinal
+C_MessageVerifyInit
+C_VerifyMessage
+C_VerifyMessageBegin
+C_VerifyMessageNext
+C_MessageVerifyFinal