libraries/libpcscxx
1
0
Fork 0
Code Issues Releases Activity

no more crash (on linux)

Browse Source
This commit is contained in:
Marc Wäckerlin
2009-09-01 13:12:44 +00:00
parent 4340be6ceb
commit 3664f2344a
7 changed files with 1511 additions and 2030 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/cryptoki.hxx
View File

@@ -8,7 +8,7 @@
// 45678901234567890123456789012345678901234567890123456789012345678901234567890 // 45678901234567890123456789012345678901234567890123456789012345678901234567890
// interface // interface
#include <pkcs11/cryptoki.h> #include <pkcs11/apiclient.h>
#include <string> #include <string>
#include <vector> #include <vector>
#include <map> #include <map>

5
src/makefile.am
View File

@@ -6,13 +6,12 @@
## 45678901234567890123456789012345678901234567890123456789012345678901234567890 ## 45678901234567890123456789012345678901234567890123456789012345678901234567890
include_HEADERS = pcsc.hxx cryptoki.hxx include_HEADERS = pcsc.hxx cryptoki.hxx
pkcs11_HEADERS = pkcs11/cryptoki.h pkcs11/pkcs11.h pkcs11/pkcs11f.h \ pkcs11_HEADERS = pkcs11/pkcs11.h pkcs11/pkcs11types.h pkcs11/apiclient.h
pkcs11/pkcs11t.h
pkcs11dir = ${includedir}/pkcs11 pkcs11dir = ${includedir}/pkcs11
lib_LTLIBRARIES = libcryptoki++.la lib_LTLIBRARIES = libcryptoki++.la
libcryptoki___la_SOURCES = cryptoki.cxx cryptoki.hxx libcryptoki___la_SOURCES = cryptoki.cxx cryptoki.hxx ${pkcs11_HEADERS}
if BUILD_WIN if BUILD_WIN
else else

481
src/pkcs11/apiclient.h Normal file
View File

@@ -0,0 +1,481 @@
/*
* $Header: /cvsroot/opencryptoki/opencryptoki/usr/include/pkcs11/apiclient.h,v 1.2 2005/02/22 20:47:32 mhalcrow Exp $
*/
/*
Common Public License Version 0.5
THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF
THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE,
REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES
RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
1. DEFINITIONS
"Contribution" means:
a) in the case of the initial Contributor, the
initial code and documentation distributed under
this Agreement, and
b) in the case of each subsequent Contributor:
i) changes to the Program, and
ii) additions to the Program;
where such changes and/or additions to the Program
originate from and are distributed by that
particular Contributor. A Contribution 'originates'
from a Contributor if it was added to the Program
by such Contributor itself or anyone acting on such
Contributor's behalf. Contributions do not include
additions to the Program which: (i) are separate
modules of software distributed in conjunction with
the Program under their own license agreement, and
(ii) are not derivative works of the Program.
"Contributor" means any person or entity that distributes
the Program.
"Licensed Patents " mean patent claims licensable by a
Contributor which are necessarily infringed by the use or
sale of its Contribution alone or when combined with the
Program.
"Program" means the Contributions distributed in
accordance with this Agreement.
"Recipient" means anyone who receives the Program under
this Agreement, including all Contributors.
2. GRANT OF RIGHTS
a) Subject to the terms of this Agreement, each
Contributor hereby grants Recipient a
non-exclusive, worldwide, royalty-free copyright
license to reproduce, prepare derivative works of,
publicly display, publicly perform, distribute and
sublicense the Contribution of such Contributor, if
any, and such derivative works, in source code and
object code form.
b) Subject to the terms of this Agreement, each
Contributor hereby grants Recipient a
non-exclusive, worldwide, royalty-free patent
license under Licensed Patents to make, use, sell,
offer to sell, import and otherwise transfer the
Contribution of such Contributor, if any, in source
code and object code form. This patent license
shall apply to the combination of the Contribution
and the Program if, at the time the Contribution is
added by the Contributor, such addition of the
Contribution causes such combination to be covered
by the Licensed Patents. The patent license shall
not apply to any other combinations which include
the Contribution. No hardware per se is licensed
hereunder.
c) Recipient understands that although each
Contributor grants the licenses to its
Contributions set forth herein, no assurances are
provided by any Contributor that the Program does
not infringe the patent or other intellectual
property rights of any other entity. Each
Contributor disclaims any liability to Recipient
for claims brought by any other entity based on
infringement of intellectual property rights or
otherwise. As a condition to exercising the rights
and licenses granted hereunder, each Recipient
hereby assumes sole responsibility to secure any
other intellectual property rights needed, if any.
For example, if a third party patent license is
required to allow Recipient to distribute the
Program, it is Recipient's responsibility to
acquire that license before distributing the
Program.
d) Each Contributor represents that to its
knowledge it has sufficient copyright rights in its
Contribution, if any, to grant the copyright
license set forth in this Agreement.
3. REQUIREMENTS
A Contributor may choose to distribute the Program in
object code form under its own license agreement, provided
that:
a) it complies with the terms and conditions of
this Agreement; and
b) its license agreement:
i) effectively disclaims on behalf of all
Contributors all warranties and conditions, express
and implied, including warranties or conditions of
title and non-infringement, and implied warranties
or conditions of merchantability and fitness for a
particular purpose;
ii) effectively excludes on behalf of all
Contributors all liability for damages, including
direct, indirect, special, incidental and
consequential damages, such as lost profits;
iii) states that any provisions which differ from
this Agreement are offered by that Contributor
alone and not by any other party; and
iv) states that source code for the Program is
available from such Contributor, and informs
licensees how to obtain it in a reasonable manner
on or through a medium customarily used for
software exchange.
When the Program is made available in source code form:
a) it must be made available under this Agreement;
and
b) a copy of this Agreement must be included with
each copy of the Program.
Contributors may not remove or alter any copyright notices
contained within the Program.
Each Contributor must identify itself as the originator of
its Contribution, if any, in a manner that reasonably
allows subsequent Recipients to identify the originator of
the Contribution.
4. COMMERCIAL DISTRIBUTION
Commercial distributors of software may accept certain
responsibilities with respect to end users, business
partners and the like. While this license is intended to
facilitate the commercial use of the Program, the
Contributor who includes the Program in a commercial
product offering should do so in a manner which does not
create potential liability for other Contributors.
Therefore, if a Contributor includes the Program in a
commercial product offering, such Contributor ("Commercial
Contributor") hereby agrees to defend and indemnify every
other Contributor ("Indemnified Contributor") against any
losses, damages and costs (collectively "Losses") arising
from claims, lawsuits and other legal actions brought by a
third party against the Indemnified Contributor to the
extent caused by the acts or omissions of such Commercial
Contributor in connection with its distribution of the
Program in a commercial product offering. The obligations
in this section do not apply to any claims or Losses
relating to any actual or alleged intellectual property
infringement. In order to qualify, an Indemnified
Contributor must: a) promptly notify the Commercial
Contributor in writing of such claim, and b) allow the
Commercial Contributor to control, and cooperate with the
Commercial Contributor in, the defense and any related
settlement negotiations. The Indemnified Contributor may
participate in any such claim at its own expense.
For example, a Contributor might include the Program in a
commercial product offering, Product X. That Contributor
is then a Commercial Contributor. If that Commercial
Contributor then makes performance claims, or offers
warranties related to Product X, those performance claims
and warranties are such Commercial Contributor's
responsibility alone. Under this section, the Commercial
Contributor would have to defend claims against the other
Contributors related to those performance claims and
warranties, and if a court requires any other Contributor
to pay any damages as a result, the Commercial Contributor
must pay those damages.
5. NO WARRANTY
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE
PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR
IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR
CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
responsible for determining the appropriateness of using
and distributing the Program and assumes all risks
associated with its exercise of rights under this
Agreement, including but not limited to the risks and
costs of program errors, compliance with applicable laws,
damage to or loss of data, programs or equipment, and
unavailability or interruption of operations.
6. DISCLAIMER OF LIABILITY
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER
RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION
LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE
OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
7. GENERAL
If any provision of this Agreement is invalid or
unenforceable under applicable law, it shall not affect
the validity or enforceability of the remainder of the
terms of this Agreement, and without further action by the
parties hereto, such provision shall be reformed to the
minimum extent necessary to make such provision valid and
enforceable.
If Recipient institutes patent litigation against a
Contributor with respect to a patent applicable to
software (including a cross-claim or counterclaim in a
lawsuit), then any patent licenses granted by that
Contributor to such Recipient under this Agreement shall
terminate as of the date such litigation is filed. In
addition, If Recipient institutes patent litigation
against any entity (including a cross-claim or
counterclaim in a lawsuit) alleging that the Program
itself (excluding combinations of the Program with other
software or hardware) infringes such Recipient's
patent(s), then such Recipient's rights granted under
Section 2(b) shall terminate as of the date such
litigation is filed.
All Recipient's rights under this Agreement shall
terminate if it fails to comply with any of the material
terms or conditions of this Agreement and does not cure
such failure in a reasonable period of time after becoming
aware of such noncompliance. If all Recipient's rights
under this Agreement terminate, Recipient agrees to cease
use and distribution of the Program as soon as reasonably
practicable. However, Recipient's obligations under this
Agreement and any licenses granted by Recipient relating
to the Program shall continue and survive.
Everyone is permitted to copy and distribute copies of
this Agreement, but in order to avoid inconsistency the
Agreement is copyrighted and may only be modified in the
following manner. The Agreement Steward reserves the right
to publish new versions (including revisions) of this
Agreement from time to time. No one other than the
Agreement Steward has the right to modify this Agreement.
IBM is the initial Agreement Steward. IBM may assign the
responsibility to serve as the Agreement Steward to a
suitable separate entity. Each new version of the
Agreement will be given a distinguishing version number.
The Program (including Contributions) may always be
distributed subject to the version of the Agreement under
which it was received. In addition, after a new version of
the Agreement is published, Contributor may elect to
distribute the Program (including its Contributions) under
the new version. Except as expressly stated in Sections
2(a) and 2(b) above, Recipient receives no rights or
licenses to the intellectual property of any Contributor
under this Agreement, whether expressly, by implication,
estoppel or otherwise. All rights in the Program not
expressly granted under this Agreement are reserved.
This Agreement is governed by the laws of the State of New
York and the intellectual property laws of the United
States of America. No party to this Agreement will bring a
legal action under this Agreement more than one year after
the cause of action arose. Each party waives its rights to
a jury trial in any resulting litigation.
*/
/* (C) COPYRIGHT International Business Machines Corp. 2001 */
#ifndef _APICLIENT_H
#define _APICLIENT_H
#include "pkcs11types.h"
#define VERSION_MAJOR 2 // Version 2 of the PKCS library
#define VERSION_MINOR 01 // minor revision .10 of PKCS11
#ifdef __cplusplus
extern "C"
{
#endif
CK_RV C_CancelFunction ( CK_SESSION_HANDLE );
CK_RV C_CloseAllSessions ( CK_SLOT_ID );
CK_RV C_CloseSession ( CK_SESSION_HANDLE );
CK_RV C_CopyObject ( CK_SESSION_HANDLE, CK_OBJECT_HANDLE,
CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR );
CK_RV C_CreateObject ( CK_SESSION_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG,
CK_OBJECT_HANDLE_PTR );
CK_RV C_Decrypt ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR,
CK_ULONG_PTR );
CK_RV C_DecryptDigestUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_DecryptFinal ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_DecryptInit ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE );
CK_RV C_DecryptUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR,
CK_ULONG_PTR );
CK_RV C_DecryptVerifyUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_DeriveKey ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE,
CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR );
CK_RV C_DestroyObject ( CK_SESSION_HANDLE, CK_OBJECT_HANDLE );
CK_RV C_Digest ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR,
CK_ULONG_PTR );
CK_RV C_DigestEncryptUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_DigestFinal ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_DigestInit ( CK_SESSION_HANDLE, CK_MECHANISM_PTR );
CK_RV C_DigestKey ( CK_SESSION_HANDLE, CK_OBJECT_HANDLE );
CK_RV C_DigestUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG );
CK_RV C_Encrypt ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR,
CK_ULONG_PTR );
CK_RV C_EncryptFinal ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_EncryptInit ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE );
CK_RV C_EncryptUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR,
CK_ULONG_PTR );
CK_RV C_Finalize ( CK_VOID_PTR );
CK_RV C_FindObjects ( CK_SESSION_HANDLE, CK_OBJECT_HANDLE_PTR, CK_ULONG,
CK_ULONG_PTR );
CK_RV C_FindObjectsFinal ( CK_SESSION_HANDLE );
CK_RV C_FindObjectsInit ( CK_SESSION_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG );
CK_RV C_GenerateKey ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR,
CK_ULONG, CK_OBJECT_HANDLE_PTR );
CK_RV C_GenerateKeyPair ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR,
CK_ULONG, CK_ATTRIBUTE_PTR, CK_ULONG,
CK_OBJECT_HANDLE_PTR, CK_OBJECT_HANDLE_PTR );
CK_RV C_GenerateRandom ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG );
CK_RV C_GetAttributeValue ( CK_SESSION_HANDLE, CK_OBJECT_HANDLE,
CK_ATTRIBUTE_PTR, CK_ULONG );
CK_RV C_GetFunctionList ( CK_FUNCTION_LIST_PTR_PTR );
CK_RV C_GetFunctionStatus ( CK_SESSION_HANDLE );
CK_RV C_GetInfo ( CK_INFO_PTR );
CK_RV C_GetMechanismInfo ( CK_SLOT_ID, CK_MECHANISM_TYPE, CK_MECHANISM_INFO_PTR );
CK_RV C_GetMechanismList ( CK_SLOT_ID, CK_MECHANISM_TYPE_PTR, CK_ULONG_PTR );
CK_RV C_GetObjectSize ( CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ULONG_PTR );
CK_RV C_GetOperationState ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_GetSessionInfo ( CK_SESSION_HANDLE, CK_SESSION_INFO_PTR );
CK_RV C_GetSlotInfo ( CK_SLOT_ID, CK_SLOT_INFO_PTR );
CK_RV C_GetSlotList ( CK_BBOOL, CK_SLOT_ID_PTR, CK_ULONG_PTR );
CK_RV C_GetTokenInfo ( CK_SLOT_ID, CK_TOKEN_INFO_PTR );
CK_RV C_Initialize ( CK_VOID_PTR );
CK_RV C_InitPIN ( CK_SESSION_HANDLE, CK_CHAR_PTR, CK_ULONG );
CK_RV C_InitToken ( CK_SLOT_ID, CK_CHAR_PTR, CK_ULONG, CK_CHAR_PTR );
CK_RV C_Login ( CK_SESSION_HANDLE, CK_USER_TYPE, CK_CHAR_PTR, CK_ULONG );
CK_RV C_Logout ( CK_SESSION_HANDLE );
CK_RV C_OpenSession ( CK_SLOT_ID, CK_FLAGS, CK_VOID_PTR, CK_NOTIFY,
CK_SESSION_HANDLE_PTR );
CK_RV C_SeedRandom ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG );
CK_RV C_SetAttributeValue ( CK_SESSION_HANDLE, CK_OBJECT_HANDLE,
CK_ATTRIBUTE_PTR, CK_ULONG );
CK_RV C_SetOperationState ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG,
CK_OBJECT_HANDLE, CK_OBJECT_HANDLE );
CK_RV C_SetPIN ( CK_SESSION_HANDLE, CK_CHAR_PTR, CK_ULONG, CK_CHAR_PTR, CK_ULONG );
CK_RV C_Sign ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR,
CK_ULONG_PTR );
CK_RV C_SignEncryptUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_SignFinal ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR );
CK_RV C_SignInit ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE );
CK_RV C_SignRecover ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR,
CK_ULONG_PTR );
CK_RV C_SignRecoverInit ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE );
CK_RV C_SignUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG );
CK_RV C_UnwrapKey ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE,
CK_BYTE_PTR, CK_ULONG, CK_ATTRIBUTE_PTR, CK_ULONG,
CK_OBJECT_HANDLE_PTR );
CK_RV C_Verify ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG );
CK_RV C_VerifyFinal ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG );
CK_RV C_VerifyInit ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE );
CK_RV C_VerifyRecover ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR,
CK_ULONG_PTR );
CK_RV C_VerifyRecoverInit ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE );
CK_RV C_VerifyUpdate ( CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG );
CK_RV C_WaitForSlotEvent ( CK_FLAGS, CK_SLOT_ID_PTR, CK_VOID_PTR );
CK_RV C_WrapKey ( CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE,
CK_OBJECT_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR );
#ifdef __cplusplus
}
#endif
#endif // _APICLIENT_H

65
src/pkcs11/cryptoki.h
View File

@@ -1,65 +0,0 @@
/* cryptoki.h include file for PKCS #11. */
/* $Revision: 1.4 $ */
/* License to copy and use this software is granted provided that it is
* identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
* (Cryptoki)" in all material mentioning or referencing this software.
* License is also granted to make and use derivative works provided that
* such works are identified as "derived from the RSA Security Inc. PKCS #11
* Cryptographic Token Interface (Cryptoki)" in all material mentioning or
* referencing the derived work.
* RSA Security Inc. makes no representations concerning either the
* merchantability of this software or the suitability of this software for
* any particular purpose. It is provided "as is" without express or implied
* warranty of any kind.
*/
/* This is a sample file containing the top level include directives
* for building Win32 Cryptoki libraries and applications.
*/
#ifndef ___CRYPTOKI_H_INC___
#define ___CRYPTOKI_H_INC___
#pragma pack(push, cryptoki, 1)
/* Specifies that the function is a DLL entry point. */
#define CK_IMPORT_SPEC
/* Define CRYPTOKI_EXPORTS during the build of cryptoki libraries. Do
* not define it in applications.
*/
#ifdef CRYPTOKI_EXPORTS
/* Specified that the function is an exported DLL entry point. */
#define CK_EXPORT_SPEC
#else
#define CK_EXPORT_SPEC CK_IMPORT_SPEC
#endif
#define CK_CALL_SPEC
#define CK_PTR *
#define CK_DEFINE_FUNCTION(returnType, name) \
returnType CK_EXPORT_SPEC CK_CALL_SPEC name
#define CK_DECLARE_FUNCTION(returnType, name) \
returnType CK_EXPORT_SPEC CK_CALL_SPEC name
#define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
returnType CK_IMPORT_SPEC (CK_CALL_SPEC CK_PTR name)
#define CK_CALLBACK_FUNCTION(returnType, name) \
returnType (CK_CALL_SPEC CK_PTR name)
#ifndef NULL_PTR
#define NULL_PTR 0
#endif
#include <pkcs11/pkcs11.h>
#pragma pack(pop, cryptoki)
#endif /* ___CRYPTOKI_H_INC___ */

548
src/pkcs11/pkcs11.h
View File

@@ -1,299 +1,297 @@
/* pkcs11.h include file for PKCS #11. */ /*
/* $Revision: 1.4 $ */ Common Public License Version 0.5
/* License to copy and use this software is granted provided that it is THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF
* identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE,
* (Cryptoki)" in all material mentioning or referencing this software. REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES
RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
* License is also granted to make and use derivative works provided that 1. DEFINITIONS
* such works are identified as "derived from the RSA Security Inc. PKCS #11
* Cryptographic Token Interface (Cryptoki)" in all material mentioning or
* referencing the derived work.
* RSA Security Inc. makes no representations concerning either the "Contribution" means:
* merchantability of this software or the suitability of this software for a) in the case of the initial Contributor, the
* any particular purpose. It is provided "as is" without express or implied initial code and documentation distributed under
* warranty of any kind. this Agreement, and
*/
#ifndef _PKCS11_H_ b) in the case of each subsequent Contributor:
#define _PKCS11_H_ 1 i) changes to the Program, and
ii) additions to the Program;
#ifdef __cplusplus where such changes and/or additions to the Program
extern "C" { originate from and are distributed by that
#endif particular Contributor. A Contribution 'originates'
from a Contributor if it was added to the Program
/* Before including this file (pkcs11.h) (or pkcs11t.h by by such Contributor itself or anyone acting on such
* itself), 6 platform-specific macros must be defined. These Contributor's behalf. Contributions do not include
* macros are described below, and typical definitions for them additions to the Program which: (i) are separate
* are also given. Be advised that these definitions can depend modules of software distributed in conjunction with
* on both the platform and the compiler used (and possibly also the Program under their own license agreement, and
* on whether a Cryptoki library is linked statically or (ii) are not derivative works of the Program.
* dynamically).
*
* In addition to defining these 6 macros, the packing convention
* for Cryptoki structures should be set. The Cryptoki
* convention on packing is that structures should be 1-byte
* aligned.
*
* If you're using Microsoft Developer Studio 5.0 to produce
* Win32 stuff, this might be done by using the following
* preprocessor directive before including pkcs11.h or pkcs11t.h:
*
* #pragma pack(push, cryptoki, 1)
*
* and using the following preprocessor directive after including
* pkcs11.h or pkcs11t.h:
*
* #pragma pack(pop, cryptoki)
*
* If you're using an earlier version of Microsoft Developer
* Studio to produce Win16 stuff, this might be done by using
* the following preprocessor directive before including
* pkcs11.h or pkcs11t.h:
*
* #pragma pack(1)
*
* In a UNIX environment, you're on your own for this. You might
* not need to do (or be able to do!) anything.
*
*
* Now for the macros:
*
*
* 1. CK_PTR: The indirection string for making a pointer to an
* object. It can be used like this:
*
* typedef CK_BYTE CK_PTR CK_BYTE_PTR;
*
* If you're using Microsoft Developer Studio 5.0 to produce
* Win32 stuff, it might be defined by:
*
* #define CK_PTR *
*
* If you're using an earlier version of Microsoft Developer
* Studio to produce Win16 stuff, it might be defined by:
*
* #define CK_PTR far *
*
* In a typical UNIX environment, it might be defined by:
*
* #define CK_PTR *
*
*
* 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
* an exportable Cryptoki library function definition out of a
* return type and a function name. It should be used in the
* following fashion to define the exposed Cryptoki functions in
* a Cryptoki library:
*
* CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
* CK_VOID_PTR pReserved
* )
* {
* ...
* }
*
* If you're using Microsoft Developer Studio 5.0 to define a
* function in a Win32 Cryptoki .dll, it might be defined by:
*
* #define CK_DEFINE_FUNCTION(returnType, name) \
* returnType __declspec(dllexport) name
*
* If you're using an earlier version of Microsoft Developer
* Studio to define a function in a Win16 Cryptoki .dll, it
* might be defined by:
*
* #define CK_DEFINE_FUNCTION(returnType, name) \
* returnType __export _far _pascal name
*
* In a UNIX environment, it might be defined by:
*
* #define CK_DEFINE_FUNCTION(returnType, name) \
* returnType name
*
*
* 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
* an importable Cryptoki library function declaration out of a
* return type and a function name. It should be used in the
* following fashion:
*
* extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
* CK_VOID_PTR pReserved
* );
*
* If you're using Microsoft Developer Studio 5.0 to declare a
* function in a Win32 Cryptoki .dll, it might be defined by:
*
* #define CK_DECLARE_FUNCTION(returnType, name) \
* returnType __declspec(dllimport) name
*
* If you're using an earlier version of Microsoft Developer
* Studio to declare a function in a Win16 Cryptoki .dll, it
* might be defined by:
*
* #define CK_DECLARE_FUNCTION(returnType, name) \
* returnType __export _far _pascal name
*
* In a UNIX environment, it might be defined by:
*
* #define CK_DECLARE_FUNCTION(returnType, name) \
* returnType name
*
*
* 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
* which makes a Cryptoki API function pointer declaration or
* function pointer type declaration out of a return type and a
* function name. It should be used in the following fashion:
*
* // Define funcPtr to be a pointer to a Cryptoki API function
* // taking arguments args and returning CK_RV.
* CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
*
* or
*
* // Define funcPtrType to be the type of a pointer to a
* // Cryptoki API function taking arguments args and returning
* // CK_RV, and then define funcPtr to be a variable of type
* // funcPtrType.
* typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
* funcPtrType funcPtr;
*
* If you're using Microsoft Developer Studio 5.0 to access
* functions in a Win32 Cryptoki .dll, in might be defined by:
*
* #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
* returnType __declspec(dllimport) (* name)
*
* If you're using an earlier version of Microsoft Developer
* Studio to access functions in a Win16 Cryptoki .dll, it might
* be defined by:
*
* #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
* returnType __export _far _pascal (* name)
*
* In a UNIX environment, it might be defined by:
*
* #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
* returnType (* name)
*
*
* 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
* a function pointer type for an application callback out of
* a return type for the callback and a name for the callback.
* It should be used in the following fashion:
*
* CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
*
* to declare a function pointer, myCallback, to a callback
* which takes arguments args and returns a CK_RV. It can also
* be used like this:
*
* typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
* myCallbackType myCallback;
*
* If you're using Microsoft Developer Studio 5.0 to do Win32
* Cryptoki development, it might be defined by:
*
* #define CK_CALLBACK_FUNCTION(returnType, name) \
* returnType (* name)
*
* If you're using an earlier version of Microsoft Developer
* Studio to do Win16 development, it might be defined by:
*
* #define CK_CALLBACK_FUNCTION(returnType, name) \
* returnType _far _pascal (* name)
*
* In a UNIX environment, it might be defined by:
*
* #define CK_CALLBACK_FUNCTION(returnType, name) \
* returnType (* name)
*
*
* 6. NULL_PTR: This macro is the value of a NULL pointer.
*
* In any ANSI/ISO C environment (and in many others as well),
* this should best be defined by
*
* #ifndef NULL_PTR
* #define NULL_PTR 0
* #endif
*/
/* All the various Cryptoki types and #define'd values are in the "Contributor" means any person or entity that distributes
* file pkcs11t.h. */ the Program.
#include <pkcs11/pkcs11t.h>
#define __PASTE(x,y) x##y "Licensed Patents " mean patent claims licensable by a
Contributor which are necessarily infringed by the use or
sale of its Contribution alone or when combined with the
Program.
"Program" means the Contributions distributed in
accordance with this Agreement.
"Recipient" means anyone who receives the Program under
this Agreement, including all Contributors.
2. GRANT OF RIGHTS
a) Subject to the terms of this Agreement, each
Contributor hereby grants Recipient a
non-exclusive, worldwide, royalty-free copyright
license to reproduce, prepare derivative works of,
publicly display, publicly perform, distribute and
sublicense the Contribution of such Contributor, if
any, and such derivative works, in source code and
object code form.
b) Subject to the terms of this Agreement, each
Contributor hereby grants Recipient a
non-exclusive, worldwide, royalty-free patent
license under Licensed Patents to make, use, sell,
offer to sell, import and otherwise transfer the
Contribution of such Contributor, if any, in source
code and object code form. This patent license
shall apply to the combination of the Contribution
and the Program if, at the time the Contribution is
added by the Contributor, such addition of the
Contribution causes such combination to be covered
by the Licensed Patents. The patent license shall
not apply to any other combinations which include
the Contribution. No hardware per se is licensed
hereunder.
c) Recipient understands that although each
Contributor grants the licenses to its
Contributions set forth herein, no assurances are
provided by any Contributor that the Program does
not infringe the patent or other intellectual
property rights of any other entity. Each
Contributor disclaims any liability to Recipient
for claims brought by any other entity based on
infringement of intellectual property rights or
otherwise. As a condition to exercising the rights
and licenses granted hereunder, each Recipient
hereby assumes sole responsibility to secure any
other intellectual property rights needed, if any.
For example, if a third party patent license is
required to allow Recipient to distribute the
Program, it is Recipient's responsibility to
acquire that license before distributing the
Program.
d) Each Contributor represents that to its
knowledge it has sufficient copyright rights in its
Contribution, if any, to grant the copyright
license set forth in this Agreement.
3. REQUIREMENTS
A Contributor may choose to distribute the Program in
object code form under its own license agreement, provided
that:
a) it complies with the terms and conditions of
this Agreement; and
b) its license agreement:
i) effectively disclaims on behalf of all
Contributors all warranties and conditions, express
and implied, including warranties or conditions of
title and non-infringement, and implied warranties
or conditions of merchantability and fitness for a
particular purpose;
ii) effectively excludes on behalf of all
Contributors all liability for damages, including
direct, indirect, special, incidental and
consequential damages, such as lost profits;
iii) states that any provisions which differ from
this Agreement are offered by that Contributor
alone and not by any other party; and
iv) states that source code for the Program is
available from such Contributor, and informs
licensees how to obtain it in a reasonable manner
on or through a medium customarily used for
software exchange.
When the Program is made available in source code form:
a) it must be made available under this Agreement;
and
b) a copy of this Agreement must be included with
each copy of the Program.
Contributors may not remove or alter any copyright notices
contained within the Program.
Each Contributor must identify itself as the originator of
its Contribution, if any, in a manner that reasonably
allows subsequent Recipients to identify the originator of
the Contribution.
/* ============================================================== 4. COMMERCIAL DISTRIBUTION
* Define the "extern" form of all the entry points.
* ==============================================================
*/
#define CK_NEED_ARG_LIST 1 Commercial distributors of software may accept certain
#define CK_PKCS11_FUNCTION_INFO(name) \ responsibilities with respect to end users, business
extern CK_DECLARE_FUNCTION(CK_RV, name) partners and the like. While this license is intended to
facilitate the commercial use of the Program, the
/* pkcs11f.h has all the information about the Cryptoki Contributor who includes the Program in a commercial
* function prototypes. */ product offering should do so in a manner which does not
#include <pkcs11/pkcs11f.h> create potential liability for other Contributors.
Therefore, if a Contributor includes the Program in a
#undef CK_NEED_ARG_LIST commercial product offering, such Contributor ("Commercial
#undef CK_PKCS11_FUNCTION_INFO Contributor") hereby agrees to defend and indemnify every
other Contributor ("Indemnified Contributor") against any
losses, damages and costs (collectively "Losses") arising
from claims, lawsuits and other legal actions brought by a
third party against the Indemnified Contributor to the
extent caused by the acts or omissions of such Commercial
Contributor in connection with its distribution of the
Program in a commercial product offering. The obligations
in this section do not apply to any claims or Losses
relating to any actual or alleged intellectual property
infringement. In order to qualify, an Indemnified
Contributor must: a) promptly notify the Commercial
Contributor in writing of such claim, and b) allow the
Commercial Contributor to control, and cooperate with the
Commercial Contributor in, the defense and any related
settlement negotiations. The Indemnified Contributor may
participate in any such claim at its own expense.
/* ============================================================== For example, a Contributor might include the Program in a
* Define the typedef form of all the entry points. That is, for commercial product offering, Product X. That Contributor
* each Cryptoki function C_XXX, define a type CK_C_XXX which is is then a Commercial Contributor. If that Commercial
* a pointer to that kind of function. Contributor then makes performance claims, or offers
* ============================================================== warranties related to Product X, those performance claims
*/ and warranties are such Commercial Contributor's
responsibility alone. Under this section, the Commercial
#define CK_NEED_ARG_LIST 1 Contributor would have to defend claims against the other
#define CK_PKCS11_FUNCTION_INFO(name) \ Contributors related to those performance claims and
typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name)) warranties, and if a court requires any other Contributor
to pay any damages as a result, the Commercial Contributor
/* pkcs11f.h has all the information about the Cryptoki must pay those damages.
* function prototypes. */
#include <pkcs11/pkcs11f.h>
#undef CK_NEED_ARG_LIST
#undef CK_PKCS11_FUNCTION_INFO
/* ============================================================== 5. NO WARRANTY
* Define structed vector of entry points. A CK_FUNCTION_LIST
* contains a CK_VERSION indicating a library's Cryptoki version
* and then a whole slew of function pointers to the routines in
* the library. This type was declared, but not defined, in
* pkcs11t.h.
* ==============================================================
*/
#define CK_PKCS11_FUNCTION_INFO(name) \ EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE
__PASTE(CK_,name) name; PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR
struct CK_FUNCTION_LIST { IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR
CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
responsible for determining the appropriateness of using
and distributing the Program and assumes all risks
associated with its exercise of rights under this
Agreement, including but not limited to the risks and
costs of program errors, compliance with applicable laws,
damage to or loss of data, programs or equipment, and
unavailability or interruption of operations.
CK_VERSION version; /* Cryptoki version */ 6. DISCLAIMER OF LIABILITY
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER
RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION
LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE
OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
/* Pile all the function pointers into the CK_FUNCTION_LIST. */ 7. GENERAL
/* pkcs11f.h has all the information about the Cryptoki
* function prototypes. */
#include <pkcs11/pkcs11f.h>
}; If any provision of this Agreement is invalid or
unenforceable under applicable law, it shall not affect
#undef CK_PKCS11_FUNCTION_INFO the validity or enforceability of the remainder of the
terms of this Agreement, and without further action by the
parties hereto, such provision shall be reformed to the
minimum extent necessary to make such provision valid and
enforceable.
#undef __PASTE If Recipient institutes patent litigation against a
Contributor with respect to a patent applicable to
software (including a cross-claim or counterclaim in a
lawsuit), then any patent licenses granted by that
Contributor to such Recipient under this Agreement shall
terminate as of the date such litigation is filed. In
addition, If Recipient institutes patent litigation
against any entity (including a cross-claim or
counterclaim in a lawsuit) alleging that the Program
itself (excluding combinations of the Program with other
software or hardware) infringes such Recipient's
patent(s), then such Recipient's rights granted under
Section 2(b) shall terminate as of the date such
litigation is filed.
#ifdef __cplusplus All Recipient's rights under this Agreement shall
} terminate if it fails to comply with any of the material
#endif terms or conditions of this Agreement and does not cure
such failure in a reasonable period of time after becoming
aware of such noncompliance. If all Recipient's rights
under this Agreement terminate, Recipient agrees to cease
use and distribution of the Program as soon as reasonably
practicable. However, Recipient's obligations under this
Agreement and any licenses granted by Recipient relating
to the Program shall continue and survive.
Everyone is permitted to copy and distribute copies of
this Agreement, but in order to avoid inconsistency the
Agreement is copyrighted and may only be modified in the
following manner. The Agreement Steward reserves the right
to publish new versions (including revisions) of this
Agreement from time to time. No one other than the
Agreement Steward has the right to modify this Agreement.
IBM is the initial Agreement Steward. IBM may assign the
responsibility to serve as the Agreement Steward to a
suitable separate entity. Each new version of the
Agreement will be given a distinguishing version number.
The Program (including Contributions) may always be
distributed subject to the version of the Agreement under
which it was received. In addition, after a new version of
the Agreement is published, Contributor may elect to
distribute the Program (including its Contributions) under
the new version. Except as expressly stated in Sections
2(a) and 2(b) above, Recipient receives no rights or
licenses to the intellectual property of any Contributor
under this Agreement, whether expressly, by implication,
estoppel or otherwise. All rights in the Program not
expressly granted under this Agreement are reserved.
This Agreement is governed by the laws of the State of New
York and the intellectual property laws of the United
States of America. No party to this Agreement will bring a
legal action under this Agreement more than one year after
the cause of action arose. Each party waives its rights to
a jury trial in any resulting litigation.
*/
/* (c) COPYRIGHT International Business Machines Corp. 2001 */
#ifndef OPENCRYPTOKI_PKCS11_H
#define OPENCRYPTOKI_PKCS11_H
#include <opencryptoki/pkcs11types.h>
#include <opencryptoki/apiclient.h>
#endif #endif

912
src/pkcs11/pkcs11f.h
View File

@@ -1,912 +0,0 @@
/* pkcs11f.h include file for PKCS #11. */
/* $Revision: 1.4 $ */
/* License to copy and use this software is granted provided that it is
* identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
* (Cryptoki)" in all material mentioning or referencing this software.
* License is also granted to make and use derivative works provided that
* such works are identified as "derived from the RSA Security Inc. PKCS #11
* Cryptographic Token Interface (Cryptoki)" in all material mentioning or
* referencing the derived work.
* RSA Security Inc. makes no representations concerning either the
* merchantability of this software or the suitability of this software for
* any particular purpose. It is provided "as is" without express or implied
* warranty of any kind.
*/
/* This header file contains pretty much everything about all the */
/* Cryptoki function prototypes. Because this information is */
/* used for more than just declaring function prototypes, the */
/* order of the functions appearing herein is important, and */
/* should not be altered. */
/* General-purpose */
/* C_Initialize initializes the Cryptoki library. */
CK_PKCS11_FUNCTION_INFO(C_Initialize)
#ifdef CK_NEED_ARG_LIST
(
CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
* cast to CK_C_INITIALIZE_ARGS_PTR
* and dereferenced */
);
#endif
/* C_Finalize indicates that an application is done with the
* Cryptoki library. */
CK_PKCS11_FUNCTION_INFO(C_Finalize)
#ifdef CK_NEED_ARG_LIST
(
CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
);
#endif
/* C_GetInfo returns general information about Cryptoki. */
CK_PKCS11_FUNCTION_INFO(C_GetInfo)
#ifdef CK_NEED_ARG_LIST
(
CK_INFO_PTR pInfo /* location that receives information */
);
#endif
/* C_GetFunctionList returns the function list. */
CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
#ifdef CK_NEED_ARG_LIST
(
CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
* function list */
);
#endif
/* Slot and token management */
/* C_GetSlotList obtains a list of slots in the system. */
CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
#ifdef CK_NEED_ARG_LIST
(
CK_BBOOL tokenPresent, /* only slots with tokens? */
CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
CK_ULONG_PTR pulCount /* receives number of slots */
);
#endif
/* C_GetSlotInfo obtains information about a particular slot in
* the system. */
CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
#ifdef CK_NEED_ARG_LIST
(
CK_SLOT_ID slotID, /* the ID of the slot */
CK_SLOT_INFO_PTR pInfo /* receives the slot information */
);
#endif
/* C_GetTokenInfo obtains information about a particular token
* in the system. */
CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
#ifdef CK_NEED_ARG_LIST
(
CK_SLOT_ID slotID, /* ID of the token's slot */
CK_TOKEN_INFO_PTR pInfo /* receives the token information */
);
#endif
/* C_GetMechanismList obtains a list of mechanism types
* supported by a token. */
CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
#ifdef CK_NEED_ARG_LIST
(
CK_SLOT_ID slotID, /* ID of token's slot */
CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
CK_ULONG_PTR pulCount /* gets # of mechs. */
);
#endif
/* C_GetMechanismInfo obtains information about a particular
* mechanism possibly supported by a token. */
CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
#ifdef CK_NEED_ARG_LIST
(
CK_SLOT_ID slotID, /* ID of the token's slot */
CK_MECHANISM_TYPE type, /* type of mechanism */
CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
);
#endif
/* C_InitToken initializes a token. */
CK_PKCS11_FUNCTION_INFO(C_InitToken)
#ifdef CK_NEED_ARG_LIST
/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
(
CK_SLOT_ID slotID, /* ID of the token's slot */
CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
CK_ULONG ulPinLen, /* length in bytes of the PIN */
CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
);
#endif
/* C_InitPIN initializes the normal user's PIN. */
CK_PKCS11_FUNCTION_INFO(C_InitPIN)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
CK_ULONG ulPinLen /* length in bytes of the PIN */
);
#endif
/* C_SetPIN modifies the PIN of the user who is logged in. */
CK_PKCS11_FUNCTION_INFO(C_SetPIN)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
CK_ULONG ulOldLen, /* length of the old PIN */
CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
CK_ULONG ulNewLen /* length of the new PIN */
);
#endif
/* Session management */
/* C_OpenSession opens a session between an application and a
* token. */
CK_PKCS11_FUNCTION_INFO(C_OpenSession)
#ifdef CK_NEED_ARG_LIST
(
CK_SLOT_ID slotID, /* the slot's ID */
CK_FLAGS flags, /* from CK_SESSION_INFO */
CK_VOID_PTR pApplication, /* passed to callback */
CK_NOTIFY Notify, /* callback function */
CK_SESSION_HANDLE_PTR phSession /* gets session handle */
);
#endif
/* C_CloseSession closes a session between an application and a
* token. */
CK_PKCS11_FUNCTION_INFO(C_CloseSession)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession /* the session's handle */
);
#endif
/* C_CloseAllSessions closes all sessions with a token. */
CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
#ifdef CK_NEED_ARG_LIST
(
CK_SLOT_ID slotID /* the token's slot */
);
#endif
/* C_GetSessionInfo obtains information about the session. */
CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_SESSION_INFO_PTR pInfo /* receives session info */
);
#endif
/* C_GetOperationState obtains the state of the cryptographic operation
* in a session. */
CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pOperationState, /* gets state */
CK_ULONG_PTR pulOperationStateLen /* gets state length */
);
#endif
/* C_SetOperationState restores the state of the cryptographic
* operation in a session. */
CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pOperationState, /* holds state */
CK_ULONG ulOperationStateLen, /* holds state length */
CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
);
#endif
/* C_Login logs a user into a token. */
CK_PKCS11_FUNCTION_INFO(C_Login)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_USER_TYPE userType, /* the user type */
CK_UTF8CHAR_PTR pPin, /* the user's PIN */
CK_ULONG ulPinLen /* the length of the PIN */
);
#endif
/* C_Logout logs a user out from a token. */
CK_PKCS11_FUNCTION_INFO(C_Logout)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession /* the session's handle */
);
#endif
/* Object management */
/* C_CreateObject creates a new object. */
CK_PKCS11_FUNCTION_INFO(C_CreateObject)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
CK_ULONG ulCount, /* attributes in template */
CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
);
#endif
/* C_CopyObject copies an object, creating a new object for the
* copy. */
CK_PKCS11_FUNCTION_INFO(C_CopyObject)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_OBJECT_HANDLE hObject, /* the object's handle */
CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
CK_ULONG ulCount, /* attributes in template */
CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
);
#endif
/* C_DestroyObject destroys an object. */
CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_OBJECT_HANDLE hObject /* the object's handle */
);
#endif
/* C_GetObjectSize gets the size of an object in bytes. */
CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_OBJECT_HANDLE hObject, /* the object's handle */
CK_ULONG_PTR pulSize /* receives size of object */
);
#endif
/* C_GetAttributeValue obtains the value of one or more object
* attributes. */
CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_OBJECT_HANDLE hObject, /* the object's handle */
CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
CK_ULONG ulCount /* attributes in template */
);
#endif
/* C_SetAttributeValue modifies the value of one or more object
* attributes */
CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_OBJECT_HANDLE hObject, /* the object's handle */
CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
CK_ULONG ulCount /* attributes in template */
);
#endif
/* C_FindObjectsInit initializes a search for token and session
* objects that match a template. */
CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
CK_ULONG ulCount /* attrs in search template */
);
#endif
/* C_FindObjects continues a search for token and session
* objects that match a template, obtaining additional object
* handles. */
CK_PKCS11_FUNCTION_INFO(C_FindObjects)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
CK_ULONG ulMaxObjectCount, /* max handles to get */
CK_ULONG_PTR pulObjectCount /* actual # returned */
);
#endif
/* C_FindObjectsFinal finishes a search for token and session
* objects. */
CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession /* the session's handle */
);
#endif
/* Encryption and decryption */
/* C_EncryptInit initializes an encryption operation. */
CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
CK_OBJECT_HANDLE hKey /* handle of encryption key */
);
#endif
/* C_Encrypt encrypts single-part data. */
CK_PKCS11_FUNCTION_INFO(C_Encrypt)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pData, /* the plaintext data */
CK_ULONG ulDataLen, /* bytes of plaintext */
CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
);
#endif
/* C_EncryptUpdate continues a multiple-part encryption
* operation. */
CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pPart, /* the plaintext data */
CK_ULONG ulPartLen, /* plaintext data len */
CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
);
#endif
/* C_EncryptFinal finishes a multiple-part encryption
* operation. */
CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session handle */
CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
);
#endif
/* C_DecryptInit initializes a decryption operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
CK_OBJECT_HANDLE hKey /* handle of decryption key */
);
#endif
/* C_Decrypt decrypts encrypted data in a single part. */
CK_PKCS11_FUNCTION_INFO(C_Decrypt)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pEncryptedData, /* ciphertext */
CK_ULONG ulEncryptedDataLen, /* ciphertext length */
CK_BYTE_PTR pData, /* gets plaintext */
CK_ULONG_PTR pulDataLen /* gets p-text size */
);
#endif
/* C_DecryptUpdate continues a multiple-part decryption
* operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pEncryptedPart, /* encrypted data */
CK_ULONG ulEncryptedPartLen, /* input length */
CK_BYTE_PTR pPart, /* gets plaintext */
CK_ULONG_PTR pulPartLen /* p-text size */
);
#endif
/* C_DecryptFinal finishes a multiple-part decryption
* operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pLastPart, /* gets plaintext */
CK_ULONG_PTR pulLastPartLen /* p-text size */
);
#endif
/* Message digesting */
/* C_DigestInit initializes a message-digesting operation. */
CK_PKCS11_FUNCTION_INFO(C_DigestInit)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
);
#endif
/* C_Digest digests data in a single part. */
CK_PKCS11_FUNCTION_INFO(C_Digest)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pData, /* data to be digested */
CK_ULONG ulDataLen, /* bytes of data to digest */
CK_BYTE_PTR pDigest, /* gets the message digest */
CK_ULONG_PTR pulDigestLen /* gets digest length */
);
#endif
/* C_DigestUpdate continues a multiple-part message-digesting
* operation. */
CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pPart, /* data to be digested */
CK_ULONG ulPartLen /* bytes of data to be digested */
);
#endif
/* C_DigestKey continues a multi-part message-digesting
* operation, by digesting the value of a secret key as part of
* the data already digested. */
CK_PKCS11_FUNCTION_INFO(C_DigestKey)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_OBJECT_HANDLE hKey /* secret key to digest */
);
#endif
/* C_DigestFinal finishes a multiple-part message-digesting
* operation. */
CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pDigest, /* gets the message digest */
CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
);
#endif
/* Signing and MACing */
/* C_SignInit initializes a signature (private key encryption)
* operation, where the signature is (will be) an appendix to
* the data, and plaintext cannot be recovered from the
*signature. */
CK_PKCS11_FUNCTION_INFO(C_SignInit)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
CK_OBJECT_HANDLE hKey /* handle of signature key */
);
#endif
/* C_Sign signs (encrypts with private key) data in a single
* part, where the signature is (will be) an appendix to the
* data, and plaintext cannot be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_Sign)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pData, /* the data to sign */
CK_ULONG ulDataLen, /* count of bytes to sign */
CK_BYTE_PTR pSignature, /* gets the signature */
CK_ULONG_PTR pulSignatureLen /* gets signature length */
);
#endif
/* C_SignUpdate continues a multiple-part signature operation,
* where the signature is (will be) an appendix to the data,
* and plaintext cannot be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pPart, /* the data to sign */
CK_ULONG ulPartLen /* count of bytes to sign */
);
#endif
/* C_SignFinal finishes a multiple-part signature operation,
* returning the signature. */
CK_PKCS11_FUNCTION_INFO(C_SignFinal)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pSignature, /* gets the signature */
CK_ULONG_PTR pulSignatureLen /* gets signature length */
);
#endif
/* C_SignRecoverInit initializes a signature operation, where
* the data can be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
CK_OBJECT_HANDLE hKey /* handle of the signature key */
);
#endif
/* C_SignRecover signs data in a single operation, where the
* data can be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_SignRecover)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pData, /* the data to sign */
CK_ULONG ulDataLen, /* count of bytes to sign */
CK_BYTE_PTR pSignature, /* gets the signature */
CK_ULONG_PTR pulSignatureLen /* gets signature length */
);
#endif
/* Verifying signatures and MACs */
/* C_VerifyInit initializes a verification operation, where the
* signature is an appendix to the data, and plaintext cannot
* cannot be recovered from the signature (e.g. DSA). */
CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
CK_OBJECT_HANDLE hKey /* verification key */
);
#endif
/* C_Verify verifies a signature in a single-part operation,
* where the signature is an appendix to the data, and plaintext
* cannot be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_Verify)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pData, /* signed data */
CK_ULONG ulDataLen, /* length of signed data */
CK_BYTE_PTR pSignature, /* signature */
CK_ULONG ulSignatureLen /* signature length*/
);
#endif
/* C_VerifyUpdate continues a multiple-part verification
* operation, where the signature is an appendix to the data,
* and plaintext cannot be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pPart, /* signed data */
CK_ULONG ulPartLen /* length of signed data */
);
#endif
/* C_VerifyFinal finishes a multiple-part verification
* operation, checking the signature. */
CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pSignature, /* signature to verify */
CK_ULONG ulSignatureLen /* signature length */
);
#endif
/* C_VerifyRecoverInit initializes a signature verification
* operation, where the data is recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
CK_OBJECT_HANDLE hKey /* verification key */
);
#endif
/* C_VerifyRecover verifies a signature in a single-part
* operation, where the data is recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pSignature, /* signature to verify */
CK_ULONG ulSignatureLen, /* signature length */
CK_BYTE_PTR pData, /* gets signed data */
CK_ULONG_PTR pulDataLen /* gets signed data len */
);
#endif
/* Dual-function cryptographic operations */
/* C_DigestEncryptUpdate continues a multiple-part digesting
* and encryption operation. */
CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pPart, /* the plaintext data */
CK_ULONG ulPartLen, /* plaintext length */
CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
);
#endif
/* C_DecryptDigestUpdate continues a multiple-part decryption and
* digesting operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pEncryptedPart, /* ciphertext */
CK_ULONG ulEncryptedPartLen, /* ciphertext length */
CK_BYTE_PTR pPart, /* gets plaintext */
CK_ULONG_PTR pulPartLen /* gets plaintext len */
);
#endif
/* C_SignEncryptUpdate continues a multiple-part signing and
* encryption operation. */
CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pPart, /* the plaintext data */
CK_ULONG ulPartLen, /* plaintext length */
CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
);
#endif
/* C_DecryptVerifyUpdate continues a multiple-part decryption and
* verify operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_BYTE_PTR pEncryptedPart, /* ciphertext */
CK_ULONG ulEncryptedPartLen, /* ciphertext length */
CK_BYTE_PTR pPart, /* gets plaintext */
CK_ULONG_PTR pulPartLen /* gets p-text length */
);
#endif
/* Key management */
/* C_GenerateKey generates a secret key, creating a new key
* object. */
CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism, /* key generation mech. */
CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
CK_ULONG ulCount, /* # of attrs in template */
CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
);
#endif
/* C_GenerateKeyPair generates a public-key/private-key pair,
* creating new key objects. */
CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session
* handle */
CK_MECHANISM_PTR pMechanism, /* key-gen
* mech. */
CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template
* for pub.
* key */
CK_ULONG ulPublicKeyAttributeCount, /* # pub.
* attrs. */
CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template
* for priv.
* key */
CK_ULONG ulPrivateKeyAttributeCount, /* # priv.
* attrs. */
CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub.
* key
* handle */
CK_OBJECT_HANDLE_PTR phPrivateKey /* gets
* priv. key
* handle */
);
#endif
/* C_WrapKey wraps (i.e., encrypts) a key. */
CK_PKCS11_FUNCTION_INFO(C_WrapKey)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
CK_OBJECT_HANDLE hKey, /* key to be wrapped */
CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
);
#endif
/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
* key object. */
CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
CK_BYTE_PTR pWrappedKey, /* the wrapped key */
CK_ULONG ulWrappedKeyLen, /* wrapped key len */
CK_ATTRIBUTE_PTR pTemplate, /* new key template */
CK_ULONG ulAttributeCount, /* template length */
CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
);
#endif
/* C_DeriveKey derives a key from a base key, creating a new key
* object. */
CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* session's handle */
CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
CK_OBJECT_HANDLE hBaseKey, /* base key */
CK_ATTRIBUTE_PTR pTemplate, /* new key template */
CK_ULONG ulAttributeCount, /* template length */
CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
);
#endif
/* Random number generation */
/* C_SeedRandom mixes additional seed material into the token's
* random number generator. */
CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR pSeed, /* the seed material */
CK_ULONG ulSeedLen /* length of seed material */
);
#endif
/* C_GenerateRandom generates random data. */
CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession, /* the session's handle */
CK_BYTE_PTR RandomData, /* receives the random data */
CK_ULONG ulRandomLen /* # of bytes to generate */
);
#endif
/* Parallel function management */
/* C_GetFunctionStatus is a legacy function; it obtains an
* updated status of a function running in parallel with an
* application. */
CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession /* the session's handle */
);
#endif
/* C_CancelFunction is a legacy function; it cancels a function
* running in parallel. */
CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
#ifdef CK_NEED_ARG_LIST
(
CK_SESSION_HANDLE hSession /* the session's handle */
);
#endif
/* Functions added in for Cryptoki Version 2.01 or later */
/* C_WaitForSlotEvent waits for a slot event (token insertion,
* removal, etc.) to occur. */
CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
#ifdef CK_NEED_ARG_LIST
(
CK_FLAGS flags, /* blocking/nonblocking flag */
CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
);
#endif

1528
src/pkcs11/pkcs11t.h → src/pkcs11/pkcs11types.h
View File

@@ -1,45 +1,338 @@
/* pkcs11t.h include file for PKCS #11. */ /*
/* $Revision: 1.10 $ */ * $Header: /cvsroot/opencryptoki/opencryptoki/usr/include/pkcs11/pkcs11types.h,v 1.5 2007/12/05 22:52:01 mhalcrow Exp $
/* License to copy and use this software is granted provided that it is
* identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
* (Cryptoki)" in all material mentioning or referencing this software.
* License is also granted to make and use derivative works provided that
* such works are identified as "derived from the RSA Security Inc. PKCS #11
* Cryptographic Token Interface (Cryptoki)" in all material mentioning or
* referencing the derived work.
* RSA Security Inc. makes no representations concerning either the
* merchantability of this software or the suitability of this software for
* any particular purpose. It is provided "as is" without express or implied
* warranty of any kind.
*/ */
/* See top of pkcs11.h for information about the macros that /*
* must be defined and the structure-packing conventions that Common Public License Version 0.5
* must be set before including this file. */
#ifndef _PKCS11T_H_ THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF
#define _PKCS11T_H_ 1 THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE,
REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES
RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
#define CRYPTOKI_VERSION_MAJOR 2 1. DEFINITIONS
#define CRYPTOKI_VERSION_MINOR 20
#define CRYPTOKI_VERSION_AMENDMENT 3
#define CK_TRUE 1 "Contribution" means:
#define CK_FALSE 0 a) in the case of the initial Contributor, the
initial code and documentation distributed under
this Agreement, and
b) in the case of each subsequent Contributor:
i) changes to the Program, and
ii) additions to the Program;
where such changes and/or additions to the Program
originate from and are distributed by that
particular Contributor. A Contribution 'originates'
from a Contributor if it was added to the Program
by such Contributor itself or anyone acting on such
Contributor's behalf. Contributions do not include
additions to the Program which: (i) are separate
modules of software distributed in conjunction with
the Program under their own license agreement, and
(ii) are not derivative works of the Program.
"Contributor" means any person or entity that distributes
the Program.
"Licensed Patents " mean patent claims licensable by a
Contributor which are necessarily infringed by the use or
sale of its Contribution alone or when combined with the
Program.
"Program" means the Contributions distributed in
accordance with this Agreement.
"Recipient" means anyone who receives the Program under
this Agreement, including all Contributors.
2. GRANT OF RIGHTS
a) Subject to the terms of this Agreement, each
Contributor hereby grants Recipient a
non-exclusive, worldwide, royalty-free copyright
license to reproduce, prepare derivative works of,
publicly display, publicly perform, distribute and
sublicense the Contribution of such Contributor, if
any, and such derivative works, in source code and
object code form.
b) Subject to the terms of this Agreement, each
Contributor hereby grants Recipient a
non-exclusive, worldwide, royalty-free patent
license under Licensed Patents to make, use, sell,
offer to sell, import and otherwise transfer the
Contribution of such Contributor, if any, in source
code and object code form. This patent license
shall apply to the combination of the Contribution
and the Program if, at the time the Contribution is
added by the Contributor, such addition of the
Contribution causes such combination to be covered
by the Licensed Patents. The patent license shall
not apply to any other combinations which include
the Contribution. No hardware per se is licensed
hereunder.
c) Recipient understands that although each
Contributor grants the licenses to its
Contributions set forth herein, no assurances are
provided by any Contributor that the Program does
not infringe the patent or other intellectual
property rights of any other entity. Each
Contributor disclaims any liability to Recipient
for claims brought by any other entity based on
infringement of intellectual property rights or
otherwise. As a condition to exercising the rights
and licenses granted hereunder, each Recipient
hereby assumes sole responsibility to secure any
other intellectual property rights needed, if any.
For example, if a third party patent license is
required to allow Recipient to distribute the
Program, it is Recipient's responsibility to
acquire that license before distributing the
Program.
d) Each Contributor represents that to its
knowledge it has sufficient copyright rights in its
Contribution, if any, to grant the copyright
license set forth in this Agreement.
3. REQUIREMENTS
A Contributor may choose to distribute the Program in
object code form under its own license agreement, provided
that:
a) it complies with the terms and conditions of
this Agreement; and
b) its license agreement:
i) effectively disclaims on behalf of all
Contributors all warranties and conditions, express
and implied, including warranties or conditions of
title and non-infringement, and implied warranties
or conditions of merchantability and fitness for a
particular purpose;
ii) effectively excludes on behalf of all
Contributors all liability for damages, including
direct, indirect, special, incidental and
consequential damages, such as lost profits;
iii) states that any provisions which differ from
this Agreement are offered by that Contributor
alone and not by any other party; and
iv) states that source code for the Program is
available from such Contributor, and informs
licensees how to obtain it in a reasonable manner
on or through a medium customarily used for
software exchange.
When the Program is made available in source code form:
a) it must be made available under this Agreement;
and
b) a copy of this Agreement must be included with
each copy of the Program.
Contributors may not remove or alter any copyright notices
contained within the Program.
Each Contributor must identify itself as the originator of
its Contribution, if any, in a manner that reasonably
allows subsequent Recipients to identify the originator of
the Contribution.
4. COMMERCIAL DISTRIBUTION
Commercial distributors of software may accept certain
responsibilities with respect to end users, business
partners and the like. While this license is intended to
facilitate the commercial use of the Program, the
Contributor who includes the Program in a commercial
product offering should do so in a manner which does not
create potential liability for other Contributors.
Therefore, if a Contributor includes the Program in a
commercial product offering, such Contributor ("Commercial
Contributor") hereby agrees to defend and indemnify every
other Contributor ("Indemnified Contributor") against any
losses, damages and costs (collectively "Losses") arising
from claims, lawsuits and other legal actions brought by a
third party against the Indemnified Contributor to the
extent caused by the acts or omissions of such Commercial
Contributor in connection with its distribution of the
Program in a commercial product offering. The obligations
in this section do not apply to any claims or Losses
relating to any actual or alleged intellectual property
infringement. In order to qualify, an Indemnified
Contributor must: a) promptly notify the Commercial
Contributor in writing of such claim, and b) allow the
Commercial Contributor to control, and cooperate with the
Commercial Contributor in, the defense and any related
settlement negotiations. The Indemnified Contributor may
participate in any such claim at its own expense.
For example, a Contributor might include the Program in a
commercial product offering, Product X. That Contributor
is then a Commercial Contributor. If that Commercial
Contributor then makes performance claims, or offers
warranties related to Product X, those performance claims
and warranties are such Commercial Contributor's
responsibility alone. Under this section, the Commercial
Contributor would have to defend claims against the other
Contributors related to those performance claims and
warranties, and if a court requires any other Contributor
to pay any damages as a result, the Commercial Contributor
must pay those damages.
5. NO WARRANTY
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE
PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR
IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR
CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
responsible for determining the appropriateness of using
and distributing the Program and assumes all risks
associated with its exercise of rights under this
Agreement, including but not limited to the risks and
costs of program errors, compliance with applicable laws,
damage to or loss of data, programs or equipment, and
unavailability or interruption of operations.
6. DISCLAIMER OF LIABILITY
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER
RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION
LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE
OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
7. GENERAL
If any provision of this Agreement is invalid or
unenforceable under applicable law, it shall not affect
the validity or enforceability of the remainder of the
terms of this Agreement, and without further action by the
parties hereto, such provision shall be reformed to the
minimum extent necessary to make such provision valid and
enforceable.
If Recipient institutes patent litigation against a
Contributor with respect to a patent applicable to
software (including a cross-claim or counterclaim in a
lawsuit), then any patent licenses granted by that
Contributor to such Recipient under this Agreement shall
terminate as of the date such litigation is filed. In
addition, If Recipient institutes patent litigation
against any entity (including a cross-claim or
counterclaim in a lawsuit) alleging that the Program
itself (excluding combinations of the Program with other
software or hardware) infringes such Recipient's
patent(s), then such Recipient's rights granted under
Section 2(b) shall terminate as of the date such
litigation is filed.
All Recipient's rights under this Agreement shall
terminate if it fails to comply with any of the material
terms or conditions of this Agreement and does not cure
such failure in a reasonable period of time after becoming
aware of such noncompliance. If all Recipient's rights
under this Agreement terminate, Recipient agrees to cease
use and distribution of the Program as soon as reasonably
practicable. However, Recipient's obligations under this
Agreement and any licenses granted by Recipient relating
to the Program shall continue and survive.
Everyone is permitted to copy and distribute copies of
this Agreement, but in order to avoid inconsistency the
Agreement is copyrighted and may only be modified in the
following manner. The Agreement Steward reserves the right
to publish new versions (including revisions) of this
Agreement from time to time. No one other than the
Agreement Steward has the right to modify this Agreement.
IBM is the initial Agreement Steward. IBM may assign the
responsibility to serve as the Agreement Steward to a
suitable separate entity. Each new version of the
Agreement will be given a distinguishing version number.
The Program (including Contributions) may always be
distributed subject to the version of the Agreement under
which it was received. In addition, after a new version of
the Agreement is published, Contributor may elect to
distribute the Program (including its Contributions) under
the new version. Except as expressly stated in Sections
2(a) and 2(b) above, Recipient receives no rights or
licenses to the intellectual property of any Contributor
under this Agreement, whether expressly, by implication,
estoppel or otherwise. All rights in the Program not
expressly granted under this Agreement are reserved.
This Agreement is governed by the laws of the State of New
York and the intellectual property laws of the United
States of America. No party to this Agreement will bring a
legal action under this Agreement more than one year after
the cause of action arose. Each party waives its rights to
a jury trial in any resulting litigation.
*/
/* (C) COPYRIGHT International Business Machines Corp. 2001 */
//----------------------------------------------------------------------------
//
// File: PKCS11Types.h
//
//
//----------------------------------------------------------------------------
#ifndef _PKCS11TYPES_H_
#define _PKCS11TYPES_H_
#ifdef __cplusplus
extern "C"
{
#endif
#ifndef CK_DISABLE_TRUE_FALSE
#ifndef FALSE #ifndef FALSE
#define FALSE CK_FALSE #define FALSE 0
#endif #endif
#ifndef TRUE #ifndef TRUE
#define TRUE CK_TRUE #define TRUE (!FALSE)
#endif
#endif #endif
// AIX Addition for 64Bit work.
// All types are 32bit types, therefore the longs have to be
// typedefed to be 32bit values.
typedef unsigned int uint_32;
typedef int int_32;
#define CK_PTR *
#define CK_CALLBACK_FUNCTION(returnType, name) \
returnType (* name)
#ifndef NULL_PTR
#define NULL_PTR ((void *) NULL)
#endif /* NULL_PTR */
/* an unsigned 8-bit value */ /* an unsigned 8-bit value */
typedef unsigned char CK_BYTE; typedef unsigned char CK_BYTE;
@@ -92,14 +385,12 @@ typedef CK_VERSION CK_PTR CK_VERSION_PTR;
typedef struct CK_INFO { typedef struct CK_INFO {
/* manufacturerID and libraryDecription have been changed from
* CK_CHAR to CK_UTF8CHAR for v2.10 */
CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ CK_VERSION cryptokiVersion; /* Cryptoki interface ver */
CK_UTF8CHAR manufacturerID[32]; /* blank padded */ CK_CHAR manufacturerID[32]; /* blank padded */
CK_FLAGS flags; /* must be zero */ CK_FLAGS flags; /* must be zero */
/* libraryDescription and libraryVersion are new for v2.0 */ /* libraryDescription and libraryVersion are new for v2.0 */
CK_UTF8CHAR libraryDescription[32]; /* blank padded */ CK_CHAR libraryDescription[32]; /* blank padded */
CK_VERSION libraryVersion; /* version of library */ CK_VERSION libraryVersion; /* version of library */
} CK_INFO; } CK_INFO;
@@ -113,9 +404,6 @@ typedef CK_INFO CK_PTR CK_INFO_PTR;
typedef CK_ULONG CK_NOTIFICATION; typedef CK_ULONG CK_NOTIFICATION;
#define CKN_SURRENDER 0 #define CKN_SURRENDER 0
/* The following notification is new for PKCS #11 v2.20 amendment 3 */
#define CKN_OTP_CHANGED 1
typedef CK_ULONG CK_SLOT_ID; typedef CK_ULONG CK_SLOT_ID;
@@ -124,10 +412,8 @@ typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
/* CK_SLOT_INFO provides information about a slot */ /* CK_SLOT_INFO provides information about a slot */
typedef struct CK_SLOT_INFO { typedef struct CK_SLOT_INFO {
/* slotDescription and manufacturerID have been changed from CK_CHAR slotDescription[64]; /* blank padded */
* CK_CHAR to CK_UTF8CHAR for v2.10 */ CK_CHAR manufacturerID[32]; /* blank padded */
CK_UTF8CHAR slotDescription[64]; /* blank padded */
CK_UTF8CHAR manufacturerID[32]; /* blank padded */
CK_FLAGS flags; CK_FLAGS flags;
/* hardwareVersion and firmwareVersion are new for v2.0 */ /* hardwareVersion and firmwareVersion are new for v2.0 */
@@ -147,11 +433,9 @@ typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
/* CK_TOKEN_INFO provides information about a token */ /* CK_TOKEN_INFO provides information about a token */
typedef struct CK_TOKEN_INFO { typedef struct CK_TOKEN_INFO {
/* label, manufacturerID, and model have been changed from CK_CHAR label[32]; /* blank padded */
* CK_CHAR to CK_UTF8CHAR for v2.10 */ CK_CHAR manufacturerID[32]; /* blank padded */
CK_UTF8CHAR label[32]; /* blank padded */ CK_CHAR model[16]; /* blank padded */
CK_UTF8CHAR manufacturerID[32]; /* blank padded */
CK_UTF8CHAR model[16]; /* blank padded */
CK_CHAR serialNumber[16]; /* blank padded */ CK_CHAR serialNumber[16]; /* blank padded */
CK_FLAGS flags; /* see below */ CK_FLAGS flags; /* see below */
@@ -212,62 +496,85 @@ typedef struct CK_TOKEN_INFO {
* and sign) */ * and sign) */
#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200
/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the /* CKF_TOKEN_INITIALIZED is new for v2.11. If it is true, the
* token has been initialized using C_InitializeToken or an * token has been initialized using C_InitializeToken or an
* equivalent mechanism outside the scope of PKCS #11. * equivalent mechanism outside the scope of this standard.
* Calling C_InitializeToken when this flag is set will cause * Calling C_InitializeToken when this flag is set will cause
* the token to be reinitialized. */ * the token to be reinitialized. */
#define CKF_TOKEN_INITIALIZED 0x00000400 #define CKF_TOKEN_INITIALIZED 0x00000400
/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is /* CKF_SECONDARY_AUTHENTICATION is new for v2.11. If it is
* true, the token supports secondary authentication for * true, the token supports secondary authentication for private
* private key objects. This flag is deprecated in v2.11 and * key objects. According to the 2.11 spec pg. 45, this flag
onwards. */ * is deprecated and this flags should never be true. */
#define CKF_SECONDARY_AUTHENTICATION 0x00000800 #define CKF_SECONDARY_AUTHENTICATION 0x00000800
/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an /* CKF_USER_PIN_COUNT_LOW is new in v2.11. This flag is true
* incorrect user login PIN has been entered at least once * is an incorrect user PIN has been entered at least once
* since the last successful authentication. */ * since the last successful authentication. */
#define CKF_USER_PIN_COUNT_LOW 0x00010000 #define CKF_USER_PIN_COUNT_LOW 0x00010000
/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, /* CKF_USER_PIN_FINAL_TRY is new in v2.11. This flag is true if
* supplying an incorrect user PIN will it to become locked. */ * supplying an incorrect user PIN will cause it to become
#define CKF_USER_PIN_FINAL_TRY 0x00020000 * locked. */
#define CKF_USER_PIN_FINAL_TRY 0x00020000
/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the /* CKF_USER_PIN_LOCKED is new in v2.11. This is true if the
* user PIN has been locked. User login to the token is not * user PIN has been locked. User login to the token is not
* possible. */ * possible. */
#define CKF_USER_PIN_LOCKED 0x00040000 #define CKF_USER_PIN_LOCKED 0x00040000
/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, /* CKF_USER_PIN_TO_BE_CHANGED is new in v2.11. This flag is
* the user PIN value is the default value set by token * true if the user PIN value is the default value set by
* initialization or manufacturing, or the PIN has been * token initialization of manufacturing, or the PIN has
* expired by the card. */ * been expired by the card. */
#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000
/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an /* CKF_SO_PIN_COUNT_LOW is new in v2.11. This flag is true if
* incorrect SO login PIN has been entered at least once since * and incorrect SO login PIN has been entered at least once
* the last successful authentication. */ * since the last successful authentication. */
#define CKF_SO_PIN_COUNT_LOW 0x00100000 #define CKF_SO_PIN_COUNT_LOW 0x00100000
/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, /* CKF_SO_PIN_FINAL_TRY is new in v2.11. This flag is true if
* supplying an incorrect SO PIN will it to become locked. */ * supplying an incorrect SO PIN will cause it to become
#define CKF_SO_PIN_FINAL_TRY 0x00200000 * locked. */
#define CKF_SO_PIN_FINAL_TRY 0x00200000
/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO /* CKF_SO_PIN_LOCKED is new in v2.11. This flag is true if
* PIN has been locked. SO login to the token is not possible. * the SO PIN has been locked. User login to the token is not
*/ * possible. */
#define CKF_SO_PIN_LOCKED 0x00400000 #define CKF_SO_PIN_LOCKED 0x00400000
/* CKF_SO_PIN_TO_BE_CHANGED is new in v2.11. This flag is true
* if the SO PIN calue is the default value set by token init-
* ialization of manufacturing, or the PIN has been expired by
* the card. */
#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
#if 0
/* IBM extended Token Info Flags - defined by Michael Hamann */
/* These Flags are not part of PKCS#11 Version 2.01 */
/* This will be used to track the state of login retries */
#define CKF_USER_PIN_COUNT_LOW 0x00010000
#define CKF_USER_PIN_FINAL_TRY 0x00020000
#define CKF_USER_PIN_LOCKED 0x00040000
#define CKF_USER_PIN_MANUFACT_VALUE 0x00080000
#define CKF_SO_PIN_COUNT_LOW 0x00100000
#define CKF_SO_PIN_FINAL_TRY 0x00200000
#define CKF_SO_PIN_LOCKED 0x00400000
#define CKF_SO_PIN_MANUFACT_VALUE 0x00800000
#endif
/* other IBM extended Token info Flags 05/29/99 */
#define CKF_SO_PIN_DERIVED 0x01000000 // Sec Officer pin on card is derived from card id
#define CKF_SO_CARD 0x02000000 // Security Officer Card
/* End of IBM extented Token Info Flags */
/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
* the SO PIN value is the default value set by token
* initialization or manufacturing, or the PIN has been
* expired by the card. */
#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
/* CK_SESSION_HANDLE is a Cryptoki-assigned value that /* CK_SESSION_HANDLE is a Cryptoki-assigned value that
* identifies a session */ * identifies a session */
typedef CK_ULONG CK_SESSION_HANDLE; typedef CK_ULONG CK_SESSION_HANDLE;
@@ -283,8 +590,7 @@ typedef CK_ULONG CK_USER_TYPE;
#define CKU_SO 0 #define CKU_SO 0
/* Normal user */ /* Normal user */
#define CKU_USER 1 #define CKU_USER 1
/* Context specific (added in v2.20) */
#define CKU_CONTEXT_SPECIFIC 2
/* CK_STATE enumerates the session states */ /* CK_STATE enumerates the session states */
/* CK_STATE has been changed from an enum to a CK_ULONG for /* CK_STATE has been changed from an enum to a CK_ULONG for
@@ -332,36 +638,28 @@ typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
typedef CK_ULONG CK_OBJECT_CLASS; typedef CK_ULONG CK_OBJECT_CLASS;
/* The following classes of objects are defined: */ /* The following classes of objects are defined: */
/* CKO_HW_FEATURE is new for v2.10 */
/* CKO_DOMAIN_PARAMETERS is new for v2.11 */
/* CKO_MECHANISM is new for v2.20 */
#define CKO_DATA 0x00000000 #define CKO_DATA 0x00000000
#define CKO_CERTIFICATE 0x00000001 #define CKO_CERTIFICATE 0x00000001
#define CKO_PUBLIC_KEY 0x00000002 #define CKO_PUBLIC_KEY 0x00000002
#define CKO_PRIVATE_KEY 0x00000003 #define CKO_PRIVATE_KEY 0x00000003
#define CKO_SECRET_KEY 0x00000004 #define CKO_SECRET_KEY 0x00000004
/* CKO_HW_FEATURE and CKO_DOMAIN_PARAMETERS are new for v2.11 */
#define CKO_HW_FEATURE 0x00000005 #define CKO_HW_FEATURE 0x00000005
#define CKO_DOMAIN_PARAMETERS 0x00000006 #define CKO_DOMAIN_PARAMETERS 0x00000006
#define CKO_MECHANISM 0x00000007
/* CKO_OTP_KEY is new for PKCS #11 v2.20 amendment 1 */
#define CKO_OTP_KEY 0x00000008
#define CKO_VENDOR_DEFINED 0x80000000 #define CKO_VENDOR_DEFINED 0x80000000
typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a /* CK_HW_FEATURE_TYPE is a value that identifies a hardware
* value that identifies the hardware feature type of an object * feature type of a device. This is new for v2.11.
* with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ */
typedef CK_ULONG CK_HW_FEATURE_TYPE; typedef CK_ULONG CK_HW_FEATURE_TYPE;
/* The following hardware feature types are defined */ /* The following hardware feature types are defined: */
/* CKH_USER_INTERFACE is new for v2.20 */ #define CKH_MONOTONIC_COUNTER 0x00000001
#define CKH_MONOTONIC_COUNTER 0x00000001 #define CKH_CLOCK 0x00000002
#define CKH_CLOCK 0x00000002 #define CKH_VENDOR_DEFINED 0x80000000
#define CKH_USER_INTERFACE 0x00000003
#define CKH_VENDOR_DEFINED 0x80000000
/* CK_KEY_TYPE is a value that identifies a key type */ /* CK_KEY_TYPE is a value that identifies a key type */
/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
@@ -373,7 +671,7 @@ typedef CK_ULONG CK_KEY_TYPE;
#define CKK_DH 0x00000002 #define CKK_DH 0x00000002
/* CKK_ECDSA and CKK_KEA are new for v2.0 */ /* CKK_ECDSA and CKK_KEA are new for v2.0 */
/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred */
#define CKK_ECDSA 0x00000003 #define CKK_ECDSA 0x00000003
#define CKK_EC 0x00000003 #define CKK_EC 0x00000003
#define CKK_X9_42_DH 0x00000004 #define CKK_X9_42_DH 0x00000004
@@ -389,32 +687,18 @@ typedef CK_ULONG CK_KEY_TYPE;
/* all these key types are new for v2.0 */ /* all these key types are new for v2.0 */
#define CKK_CAST 0x00000016 #define CKK_CAST 0x00000016
#define CKK_CAST3 0x00000017 #define CKK_CAST3 0x00000017
/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred */
#define CKK_CAST5 0x00000018 #define CKK_CAST5 0x00000018
#define CKK_CAST128 0x00000018 #define CKK_CAST128 0x00000018 /* CAST128=CAST5 */
#define CKK_RC5 0x00000019 #define CKK_RC5 0x00000019
#define CKK_IDEA 0x0000001A #define CKK_IDEA 0x0000001A
#define CKK_SKIPJACK 0x0000001B #define CKK_SKIPJACK 0x0000001B
#define CKK_BATON 0x0000001C #define CKK_BATON 0x0000001C
#define CKK_JUNIPER 0x0000001D #define CKK_JUNIPER 0x0000001D
#define CKK_CDMF 0x0000001E #define CKK_CDMF 0x0000001E
/* CKK_AES is new for v2.11 */
#define CKK_AES 0x0000001F #define CKK_AES 0x0000001F
/* BlowFish and TwoFish are new for v2.20 */
#define CKK_BLOWFISH 0x00000020
#define CKK_TWOFISH 0x00000021
/* SecurID, HOTP, and ACTI are new for PKCS #11 v2.20 amendment 1 */
#define CKK_SECURID 0x00000022
#define CKK_HOTP 0x00000023
#define CKK_ACTI 0x00000024
/* Camellia is new for PKCS #11 v2.20 amendment 3 */
#define CKK_CAMELLIA 0x00000025
/* ARIA is new for PKCS #11 v2.20 amendment 3 */
#define CKK_ARIA 0x00000026
#define CKK_VENDOR_DEFINED 0x80000000 #define CKK_VENDOR_DEFINED 0x80000000
@@ -425,11 +709,9 @@ typedef CK_ULONG CK_KEY_TYPE;
typedef CK_ULONG CK_CERTIFICATE_TYPE; typedef CK_ULONG CK_CERTIFICATE_TYPE;
/* The following certificate types are defined: */ /* The following certificate types are defined: */
/* CKC_X_509_ATTR_CERT is new for v2.10 */
/* CKC_WTLS is new for v2.20 */
#define CKC_X_509 0x00000000 #define CKC_X_509 0x00000000
/* CKC_X_509_ATTR_CERT is new for v2.11 */
#define CKC_X_509_ATTR_CERT 0x00000001 #define CKC_X_509_ATTR_CERT 0x00000001
#define CKC_WTLS 0x00000002
#define CKC_VENDOR_DEFINED 0x80000000 #define CKC_VENDOR_DEFINED 0x80000000
@@ -439,23 +721,6 @@ typedef CK_ULONG CK_CERTIFICATE_TYPE;
* v2.0 */ * v2.0 */
typedef CK_ULONG CK_ATTRIBUTE_TYPE; typedef CK_ULONG CK_ATTRIBUTE_TYPE;
/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which
consists of an array of values. */
#define CKF_ARRAY_ATTRIBUTE 0x40000000
/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1
and relates to the CKA_OTP_FORMAT attribute */
#define CK_OTP_FORMAT_DECIMAL 0
#define CK_OTP_FORMAT_HEXADECIMAL 1
#define CK_OTP_FORMAT_ALPHANUMERIC 2
#define CK_OTP_FORMAT_BINARY 3
/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1
and relates to the CKA_OTP_..._REQUIREMENT attributes */
#define CK_OTP_PARAM_IGNORED 0
#define CK_OTP_PARAM_OPTIONAL 1
#define CK_OTP_PARAM_MANDATORY 2
/* The following attribute types are defined: */ /* The following attribute types are defined: */
#define CKA_CLASS 0x00000000 #define CKA_CLASS 0x00000000
#define CKA_TOKEN 0x00000001 #define CKA_TOKEN 0x00000001
@@ -463,32 +728,18 @@ typedef CK_ULONG CK_ATTRIBUTE_TYPE;
#define CKA_LABEL 0x00000003 #define CKA_LABEL 0x00000003
#define CKA_APPLICATION 0x00000010 #define CKA_APPLICATION 0x00000010
#define CKA_VALUE 0x00000011 #define CKA_VALUE 0x00000011
/* CKA_OBJECT_ID is new for v2.11 */
/* CKA_OBJECT_ID is new for v2.10 */
#define CKA_OBJECT_ID 0x00000012 #define CKA_OBJECT_ID 0x00000012
#define CKA_CERTIFICATE_TYPE 0x00000080 #define CKA_CERTIFICATE_TYPE 0x00000080
#define CKA_ISSUER 0x00000081 #define CKA_ISSUER 0x00000081
#define CKA_SERIAL_NUMBER 0x00000082 #define CKA_SERIAL_NUMBER 0x00000082
/* CKA_AC_ISSUER, CKA_OWNER, CKA_ATTR_TYPES and CKA_TRUSTED
/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new * are new for v2.11 */
* for v2.10 */
#define CKA_AC_ISSUER 0x00000083 #define CKA_AC_ISSUER 0x00000083
#define CKA_OWNER 0x00000084 #define CKA_OWNER 0x00000084
#define CKA_ATTR_TYPES 0x00000085 #define CKA_ATTR_TYPES 0x00000085
/* CKA_TRUSTED is new for v2.11 */
#define CKA_TRUSTED 0x00000086 #define CKA_TRUSTED 0x00000086
/* CKA_CERTIFICATE_CATEGORY ...
* CKA_CHECK_VALUE are new for v2.20 */
#define CKA_CERTIFICATE_CATEGORY 0x00000087
#define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088
#define CKA_URL 0x00000089
#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A
#define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B
#define CKA_CHECK_VALUE 0x00000090
#define CKA_KEY_TYPE 0x00000100 #define CKA_KEY_TYPE 0x00000100
#define CKA_SUBJECT 0x00000101 #define CKA_SUBJECT 0x00000101
#define CKA_ID 0x00000102 #define CKA_ID 0x00000102
@@ -516,12 +767,9 @@ typedef CK_ULONG CK_ATTRIBUTE_TYPE;
#define CKA_PRIME 0x00000130 #define CKA_PRIME 0x00000130
#define CKA_SUBPRIME 0x00000131 #define CKA_SUBPRIME 0x00000131
#define CKA_BASE 0x00000132 #define CKA_BASE 0x00000132
/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
#define CKA_PRIME_BITS 0x00000133 #define CKA_PRIME_BITS 0x00000133
#define CKA_SUBPRIME_BITS 0x00000134 #define CKA_SUBPRIME_BITS 0x00000134
#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS
/* (To retain backwards-compatibility) */
#define CKA_VALUE_BITS 0x00000160 #define CKA_VALUE_BITS 0x00000160
#define CKA_VALUE_LEN 0x00000161 #define CKA_VALUE_LEN 0x00000161
@@ -533,74 +781,28 @@ typedef CK_ULONG CK_ATTRIBUTE_TYPE;
#define CKA_LOCAL 0x00000163 #define CKA_LOCAL 0x00000163
#define CKA_NEVER_EXTRACTABLE 0x00000164 #define CKA_NEVER_EXTRACTABLE 0x00000164
#define CKA_ALWAYS_SENSITIVE 0x00000165 #define CKA_ALWAYS_SENSITIVE 0x00000165
/* CKA_KEY_GEN_MECHANISM is new for v2.11 */ /* CKA_KEY_GEN_MECHANISM is new for v2.11 */
#define CKA_KEY_GEN_MECHANISM 0x00000166 #define CKA_KEY_GEN_MECHANISM 0x00000166
#define CKA_MODIFIABLE 0x00000170 #define CKA_MODIFIABLE 0x00000170
/* CKA_ECDSA_PARAMS is deprecated in v2.11, CKA_EC_PARAMS is preferred */
/* CKA_ECDSA_PARAMS is deprecated in v2.11,
* CKA_EC_PARAMS is preferred. */
#define CKA_ECDSA_PARAMS 0x00000180 #define CKA_ECDSA_PARAMS 0x00000180
#define CKA_EC_PARAMS 0x00000180 #define CKA_EC_PARAMS 0x00000180
#define CKA_EC_POINT 0x00000181 #define CKA_EC_POINT 0x00000181
/* The following are new for v2.11 */
/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
* are new for v2.10. Deprecated in v2.11 and onwards. */
#define CKA_SECONDARY_AUTH 0x00000200 #define CKA_SECONDARY_AUTH 0x00000200
#define CKA_AUTH_PIN_FLAGS 0x00000201 #define CKA_AUTH_PIN_FLAGS 0x00000201
/* CKA_ALWAYS_AUTHENTICATE ...
* CKA_UNWRAP_TEMPLATE are new for v2.20 */
#define CKA_ALWAYS_AUTHENTICATE 0x00000202
#define CKA_WRAP_WITH_TRUSTED 0x00000210
#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211)
#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212)
/* CKA_OTP... atttributes are new for PKCS #11 v2.20 amendment 3. */
#define CKA_OTP_FORMAT 0x00000220
#define CKA_OTP_LENGTH 0x00000221
#define CKA_OTP_TIME_INTERVAL 0x00000222
#define CKA_OTP_USER_FRIENDLY_MODE 0x00000223
#define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224
#define CKA_OTP_TIME_REQUIREMENT 0x00000225
#define CKA_OTP_COUNTER_REQUIREMENT 0x00000226
#define CKA_OTP_PIN_REQUIREMENT 0x00000227
#define CKA_OTP_COUNTER 0x0000022E
#define CKA_OTP_TIME 0x0000022F
#define CKA_OTP_USER_IDENTIFIER 0x0000022A
#define CKA_OTP_SERVICE_IDENTIFIER 0x0000022B
#define CKA_OTP_SERVICE_LOGO 0x0000022C
#define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022D
/* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
* are new for v2.10 */
#define CKA_HW_FEATURE_TYPE 0x00000300 #define CKA_HW_FEATURE_TYPE 0x00000300
#define CKA_RESET_ON_INIT 0x00000301 #define CKA_RESET_ON_INIT 0x00000301
#define CKA_HAS_RESET 0x00000302 #define CKA_HAS_RESET 0x00000302
/* The following attributes are new for v2.20 */
#define CKA_PIXEL_X 0x00000400
#define CKA_PIXEL_Y 0x00000401
#define CKA_RESOLUTION 0x00000402
#define CKA_CHAR_ROWS 0x00000403
#define CKA_CHAR_COLUMNS 0x00000404
#define CKA_COLOR 0x00000405
#define CKA_BITS_PER_PIXEL 0x00000406
#define CKA_CHAR_SETS 0x00000480
#define CKA_ENCODING_METHODS 0x00000481
#define CKA_MIME_TYPES 0x00000482
#define CKA_MECHANISM_TYPE 0x00000500
#define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501
#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502
#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503
#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600)
#define CKA_VENDOR_DEFINED 0x80000000 #define CKA_VENDOR_DEFINED 0x80000000
/* For use in storing objects that have an encrypted or otherwise
* opaque attribute. Support has been added to use this attribute
* in key objects only. */
#define CKA_IBM_OPAQUE CKA_VENDOR_DEFINED + 1
/* CK_ATTRIBUTE is a structure that includes the type, length /* CK_ATTRIBUTE is a structure that includes the type, length
* and value of an attribute */ * and value of an attribute */
typedef struct CK_ATTRIBUTE { typedef struct CK_ATTRIBUTE {
@@ -639,15 +841,10 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_MD2_RSA_PKCS 0x00000004 #define CKM_MD2_RSA_PKCS 0x00000004
#define CKM_MD5_RSA_PKCS 0x00000005 #define CKM_MD5_RSA_PKCS 0x00000005
#define CKM_SHA1_RSA_PKCS 0x00000006 #define CKM_SHA1_RSA_PKCS 0x00000006
/* The following are new for v2.11: */
/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and
* CKM_RSA_PKCS_OAEP are new for v2.10 */
#define CKM_RIPEMD128_RSA_PKCS 0x00000007 #define CKM_RIPEMD128_RSA_PKCS 0x00000007
#define CKM_RIPEMD160_RSA_PKCS 0x00000008 #define CKM_RIPEMD160_RSA_PKCS 0x00000008
#define CKM_RSA_PKCS_OAEP 0x00000009 #define CKM_RSA_PKCS_OAEP 0x00000009
/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
* CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A
#define CKM_RSA_X9_31 0x0000000B #define CKM_RSA_X9_31 0x0000000B
#define CKM_SHA1_RSA_X9_31 0x0000000C #define CKM_SHA1_RSA_X9_31 0x0000000C
@@ -659,26 +856,13 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_DSA_SHA1 0x00000012 #define CKM_DSA_SHA1 0x00000012
#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
#define CKM_DH_PKCS_DERIVE 0x00000021 #define CKM_DH_PKCS_DERIVE 0x00000021
/* The following are new for v2.11 */
/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
* CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for
* v2.11 */
#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030
#define CKM_X9_42_DH_DERIVE 0x00000031 #define CKM_X9_42_DH_DERIVE 0x00000031
#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032
#define CKM_X9_42_MQV_DERIVE 0x00000033 #define CKM_X9_42_MQV_DERIVE 0x00000033
/* CKM_SHA256/384/512 are new for v2.20 */ #define CKM_SHA256_RSA_PKCS 0x00000043
#define CKM_SHA256_RSA_PKCS 0x00000040
#define CKM_SHA384_RSA_PKCS 0x00000041
#define CKM_SHA512_RSA_PKCS 0x00000042
#define CKM_SHA256_RSA_PKCS_PSS 0x00000043
#define CKM_SHA384_RSA_PKCS_PSS 0x00000044
#define CKM_SHA512_RSA_PKCS_PSS 0x00000045
/* SHA-224 RSA mechanisms are new for PKCS #11 v2.20 amendment 3 */
#define CKM_SHA224_RSA_PKCS 0x00000046
#define CKM_SHA224_RSA_PKCS_PSS 0x00000047
#define CKM_RC2_KEY_GEN 0x00000100 #define CKM_RC2_KEY_GEN 0x00000100
#define CKM_RC2_ECB 0x00000101 #define CKM_RC2_ECB 0x00000101
@@ -718,12 +902,6 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_CDMF_MAC_GENERAL 0x00000144 #define CKM_CDMF_MAC_GENERAL 0x00000144
#define CKM_CDMF_CBC_PAD 0x00000145 #define CKM_CDMF_CBC_PAD 0x00000145
/* the following four DES mechanisms are new for v2.20 */
#define CKM_DES_OFB64 0x00000150
#define CKM_DES_OFB8 0x00000151
#define CKM_DES_CFB64 0x00000152
#define CKM_DES_CFB8 0x00000153
#define CKM_MD2 0x00000200 #define CKM_MD2 0x00000200
/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
@@ -742,9 +920,7 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_SHA_1_HMAC 0x00000221 #define CKM_SHA_1_HMAC 0x00000221
#define CKM_SHA_1_HMAC_GENERAL 0x00000222 #define CKM_SHA_1_HMAC_GENERAL 0x00000222
/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, /* The following are new for v2.11 */
* CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
* and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
#define CKM_RIPEMD128 0x00000230 #define CKM_RIPEMD128 0x00000230
#define CKM_RIPEMD128_HMAC 0x00000231 #define CKM_RIPEMD128_HMAC 0x00000231
#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232
@@ -752,16 +928,9 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_RIPEMD160_HMAC 0x00000241 #define CKM_RIPEMD160_HMAC 0x00000241
#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242
/* CKM_SHA256/384/512 are new for v2.20 */
#define CKM_SHA256 0x00000250 #define CKM_SHA256 0x00000250
#define CKM_SHA256_HMAC 0x00000251 #define CKM_SHA256_HMAC 0x00000251
#define CKM_SHA256_HMAC_GENERAL 0x00000252 #define CKM_SHA256_HMAC_GENERAL 0x00000252
/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */
#define CKM_SHA224 0x00000255
#define CKM_SHA224_HMAC 0x00000256
#define CKM_SHA224_HMAC_GENERAL 0x00000257
#define CKM_SHA384 0x00000260 #define CKM_SHA384 0x00000260
#define CKM_SHA384_HMAC 0x00000261 #define CKM_SHA384_HMAC 0x00000261
#define CKM_SHA384_HMAC_GENERAL 0x00000262 #define CKM_SHA384_HMAC_GENERAL 0x00000262
@@ -769,18 +938,6 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_SHA512_HMAC 0x00000271 #define CKM_SHA512_HMAC 0x00000271
#define CKM_SHA512_HMAC_GENERAL 0x00000272 #define CKM_SHA512_HMAC_GENERAL 0x00000272
/* SecurID is new for PKCS #11 v2.20 amendment 1 */
#define CKM_SECURID_KEY_GEN 0x00000280
#define CKM_SECURID 0x00000282
/* HOTP is new for PKCS #11 v2.20 amendment 1 */
#define CKM_HOTP_KEY_GEN 0x00000290
#define CKM_HOTP 0x00000291
/* ACTI is new for PKCS #11 v2.20 amendment 1 */
#define CKM_ACTI 0x000002A0
#define CKM_ACTI_KEY_GEN 0x000002A1
/* All of the following mechanisms are new for v2.0 */ /* All of the following mechanisms are new for v2.0 */
/* Note that CAST128 and CAST5 are the same algorithm */ /* Note that CAST128 and CAST5 are the same algorithm */
#define CKM_CAST_KEY_GEN 0x00000300 #define CKM_CAST_KEY_GEN 0x00000300
@@ -828,33 +985,19 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
/* The following are new for v2.11 */
/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
* CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and
* CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */
#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373
#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374
#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375
#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376
#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377
/* CKM_TLS_PRF is new for v2.20 */
#define CKM_TLS_PRF 0x00000378
#define CKM_SSL3_MD5_MAC 0x00000380 #define CKM_SSL3_MD5_MAC 0x00000380
#define CKM_SSL3_SHA1_MAC 0x00000381 #define CKM_SSL3_SHA1_MAC 0x00000381
#define CKM_MD5_KEY_DERIVATION 0x00000390 #define CKM_MD5_KEY_DERIVATION 0x00000390
#define CKM_MD2_KEY_DERIVATION 0x00000391 #define CKM_MD2_KEY_DERIVATION 0x00000391
#define CKM_SHA1_KEY_DERIVATION 0x00000392 #define CKM_SHA1_KEY_DERIVATION 0x00000392
/* CKM_SHA256/384/512 are new for v2.20 */
#define CKM_SHA256_KEY_DERIVATION 0x00000393 #define CKM_SHA256_KEY_DERIVATION 0x00000393
#define CKM_SHA384_KEY_DERIVATION 0x00000394
#define CKM_SHA512_KEY_DERIVATION 0x00000395
/* SHA-224 key derivation is new for PKCS #11 v2.20 amendment 3 */
#define CKM_SHA224_KEY_DERIVATION 0x00000396
#define CKM_PBE_MD2_DES_CBC 0x000003A0 #define CKM_PBE_MD2_DES_CBC 0x000003A0
#define CKM_PBE_MD5_DES_CBC 0x000003A1 #define CKM_PBE_MD5_DES_CBC 0x000003A1
#define CKM_PBE_MD5_CAST_CBC 0x000003A2 #define CKM_PBE_MD5_CAST_CBC 0x000003A2
@@ -869,52 +1012,12 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
/* CKM_PKCS5_PBKD2 is new for v2.11 */
/* CKM_PKCS5_PBKD2 is new for v2.10 */
#define CKM_PKCS5_PBKD2 0x000003B0 #define CKM_PKCS5_PBKD2 0x000003B0
#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
/* WTLS mechanisms are new for v2.20 */
#define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0
#define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1
#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2
#define CKM_WTLS_PRF 0x000003D3
#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4
#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5
#define CKM_KEY_WRAP_LYNKS 0x00000400 #define CKM_KEY_WRAP_LYNKS 0x00000400
#define CKM_KEY_WRAP_SET_OAEP 0x00000401 #define CKM_KEY_WRAP_SET_OAEP 0x00000401
/* CKM_CMS_SIG is new for v2.20 */
#define CKM_CMS_SIG 0x00000500
/* CKM_KIP mechanisms are new for PKCS #11 v2.20 amendment 2 */
#define CKM_KIP_DERIVE 0x00000510
#define CKM_KIP_WRAP 0x00000511
#define CKM_KIP_MAC 0x00000512
/* Camellia is new for PKCS #11 v2.20 amendment 3 */
#define CKM_CAMELLIA_KEY_GEN 0x00000550
#define CKM_CAMELLIA_ECB 0x00000551
#define CKM_CAMELLIA_CBC 0x00000552
#define CKM_CAMELLIA_MAC 0x00000553
#define CKM_CAMELLIA_MAC_GENERAL 0x00000554
#define CKM_CAMELLIA_CBC_PAD 0x00000555
#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556
#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557
#define CKM_CAMELLIA_CTR 0x00000558
/* ARIA is new for PKCS #11 v2.20 amendment 3 */
#define CKM_ARIA_KEY_GEN 0x00000560
#define CKM_ARIA_ECB 0x00000561
#define CKM_ARIA_CBC 0x00000562
#define CKM_ARIA_MAC 0x00000563
#define CKM_ARIA_MAC_GENERAL 0x00000564
#define CKM_ARIA_CBC_PAD 0x00000565
#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566
#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567
/* Fortezza mechanisms */ /* Fortezza mechanisms */
#define CKM_SKIPJACK_KEY_GEN 0x00001000 #define CKM_SKIPJACK_KEY_GEN 0x00001000
#define CKM_SKIPJACK_ECB64 0x00001001 #define CKM_SKIPJACK_ECB64 0x00001001
@@ -938,16 +1041,13 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_BATON_SHUFFLE 0x00001035 #define CKM_BATON_SHUFFLE 0x00001035
#define CKM_BATON_WRAP 0x00001036 #define CKM_BATON_WRAP 0x00001036
/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,
* CKM_EC_KEY_PAIR_GEN is preferred */ * CKM_EC_KEY_PAIR_GEN is preferred. */
#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040
#define CKM_EC_KEY_PAIR_GEN 0x00001040 #define CKM_EC_KEY_PAIR_GEN 0x00001040
#define CKM_ECDSA 0x00001041 #define CKM_ECDSA 0x00001041
#define CKM_ECDSA_SHA1 0x00001042 #define CKM_ECDSA_SHA1 0x00001042
/* The following are new for v2.11 */
/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE
* are new for v2.11 */
#define CKM_ECDH1_DERIVE 0x00001050 #define CKM_ECDH1_DERIVE 0x00001050
#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051
#define CKM_ECMQV_DERIVE 0x00001052 #define CKM_ECMQV_DERIVE 0x00001052
@@ -959,36 +1059,13 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
#define CKM_JUNIPER_SHUFFLE 0x00001064 #define CKM_JUNIPER_SHUFFLE 0x00001064
#define CKM_JUNIPER_WRAP 0x00001065 #define CKM_JUNIPER_WRAP 0x00001065
#define CKM_FASTHASH 0x00001070 #define CKM_FASTHASH 0x00001070
/* The following are new for v2.11 */
/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC,
* CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN,
* CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are
* new for v2.11 */
#define CKM_AES_KEY_GEN 0x00001080 #define CKM_AES_KEY_GEN 0x00001080
#define CKM_AES_ECB 0x00001081 #define CKM_AES_ECB 0x00001081
#define CKM_AES_CBC 0x00001082 #define CKM_AES_CBC 0x00001082
#define CKM_AES_MAC 0x00001083 #define CKM_AES_MAC 0x00001083
#define CKM_AES_MAC_GENERAL 0x00001084 #define CKM_AES_MAC_GENERAL 0x00001084
#define CKM_AES_CBC_PAD 0x00001085 #define CKM_AES_CBC_PAD 0x00001085
/* AES counter mode is new for PKCS #11 v2.20 amendment 3 */
#define CKM_AES_CTR 0x00001086
/* BlowFish and TwoFish are new for v2.20 */
#define CKM_BLOWFISH_KEY_GEN 0x00001090
#define CKM_BLOWFISH_CBC 0x00001091
#define CKM_TWOFISH_KEY_GEN 0x00001092
#define CKM_TWOFISH_CBC 0x00001093
/* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */
#define CKM_DES_ECB_ENCRYPT_DATA 0x00001100
#define CKM_DES_CBC_ENCRYPT_DATA 0x00001101
#define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102
#define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103
#define CKM_AES_ECB_ENCRYPT_DATA 0x00001104
#define CKM_AES_CBC_ENCRYPT_DATA 0x00001105
#define CKM_DSA_PARAMETER_GEN 0x00002000 #define CKM_DSA_PARAMETER_GEN 0x00002000
#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002
@@ -1041,11 +1118,7 @@ typedef struct CK_MECHANISM_INFO {
#define CKF_WRAP 0x00020000 #define CKF_WRAP 0x00020000
#define CKF_UNWRAP 0x00040000 #define CKF_UNWRAP 0x00040000
#define CKF_DERIVE 0x00080000 #define CKF_DERIVE 0x00080000
/* The following are new for v2.11 */
/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
* CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They
* describe a token's EC capabilities not available in mechanism
* information. */
#define CKF_EC_F_P 0x00100000 #define CKF_EC_F_P 0x00100000
#define CKF_EC_F_2M 0x00200000 #define CKF_EC_F_2M 0x00200000
#define CKF_EC_ECPARAMETERS 0x00400000 #define CKF_EC_ECPARAMETERS 0x00400000
@@ -1053,7 +1126,7 @@ typedef struct CK_MECHANISM_INFO {
#define CKF_EC_UNCOMPRESS 0x01000000 #define CKF_EC_UNCOMPRESS 0x01000000
#define CKF_EC_COMPRESS 0x02000000 #define CKF_EC_COMPRESS 0x02000000
#define CKF_EXTENSION 0x80000000 /* FALSE for this version */ #define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */
typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
@@ -1174,11 +1247,8 @@ typedef CK_ULONG CK_RV;
/* These are new to v2.0 */ /* These are new to v2.0 */
#define CKR_RANDOM_NO_RNG 0x00000121 #define CKR_RANDOM_NO_RNG 0x00000121
/* CKR_DOMAIN_PARAMS_INVALID is new for v2.11 */
/* These are new to v2.11 */
#define CKR_DOMAIN_PARAMS_INVALID 0x00000130 #define CKR_DOMAIN_PARAMS_INVALID 0x00000130
/* These are new to v2.0 */
#define CKR_BUFFER_TOO_SMALL 0x00000150 #define CKR_BUFFER_TOO_SMALL 0x00000150
#define CKR_SAVED_STATE_INVALID 0x00000160 #define CKR_SAVED_STATE_INVALID 0x00000160
#define CKR_INFORMATION_SENSITIVE 0x00000170 #define CKR_INFORMATION_SENSITIVE 0x00000170
@@ -1190,13 +1260,6 @@ typedef CK_ULONG CK_RV;
#define CKR_MUTEX_BAD 0x000001A0 #define CKR_MUTEX_BAD 0x000001A0
#define CKR_MUTEX_NOT_LOCKED 0x000001A1 #define CKR_MUTEX_NOT_LOCKED 0x000001A1
/* The following return values are new for PKCS #11 v2.20 amendment 3 */
#define CKR_NEW_PIN_MODE 0x000001B0
#define CKR_NEXT_OTP 0x000001B1
/* This is new to v2.20 */
#define CKR_FUNCTION_REJECTED 0x00000200
#define CKR_VENDOR_DEFINED 0x80000000 #define CKR_VENDOR_DEFINED 0x80000000
@@ -1207,18 +1270,6 @@ typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
CK_VOID_PTR pApplication /* passed to C_OpenSession */ CK_VOID_PTR pApplication /* passed to C_OpenSession */
); );
/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec
* version and pointers of appropriate types to all the
* Cryptoki functions */
/* CK_FUNCTION_LIST is new for v2.0 */
typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
/* CK_CREATEMUTEX is an application callback for creating a /* CK_CREATEMUTEX is an application callback for creating a
* mutex object */ * mutex object */
typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
@@ -1248,13 +1299,15 @@ typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
/* CK_C_INITIALIZE_ARGS provides the optional arguments to /* CK_C_INITIALIZE_ARGS provides the optional arguments to
* C_Initialize */ * C_Initialize */
// SAB the mutex ones had pf infront previously..
// The spec says otherwise.
typedef struct CK_C_INITIALIZE_ARGS { typedef struct CK_C_INITIALIZE_ARGS {
CK_CREATEMUTEX CreateMutex; CK_CREATEMUTEX CreateMutex;
CK_DESTROYMUTEX DestroyMutex; CK_DESTROYMUTEX DestroyMutex;
CK_LOCKMUTEX LockMutex; CK_LOCKMUTEX LockMutex;
CK_UNLOCKMUTEX UnlockMutex; CK_UNLOCKMUTEX UnlockMutex;
CK_FLAGS flags; CK_FLAGS flags;
CK_VOID_PTR pReserved; CK_VOID_PTR pReserved;
} CK_C_INITIALIZE_ARGS; } CK_C_INITIALIZE_ARGS;
/* flags: bit flags that provide capabilities of the slot /* flags: bit flags that provide capabilities of the slot
@@ -1271,171 +1324,6 @@ typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
#define CKF_DONT_BLOCK 1 #define CKF_DONT_BLOCK 1
/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
* CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message
* Generation Function (MGF) applied to a message block when
* formatting a message block for the PKCS #1 OAEP encryption
* scheme. */
typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;
/* The following MGFs are defined */
/* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512
* are new for v2.20 */
#define CKG_MGF1_SHA1 0x00000001
#define CKG_MGF1_SHA256 0x00000002
#define CKG_MGF1_SHA384 0x00000003
#define CKG_MGF1_SHA512 0x00000004
/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */
#define CKG_MGF1_SHA224 0x00000005
/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
* CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
* of the encoding parameter when formatting a message block
* for the PKCS #1 OAEP encryption scheme. */
typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
/* The following encoding parameter sources are defined */
#define CKZ_DATA_SPECIFIED 0x00000001
/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
* CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
* CKM_RSA_PKCS_OAEP mechanism. */
typedef struct CK_RSA_PKCS_OAEP_PARAMS {
CK_MECHANISM_TYPE hashAlg;
CK_RSA_PKCS_MGF_TYPE mgf;
CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
CK_VOID_PTR pSourceData;
CK_ULONG ulSourceDataLen;
} CK_RSA_PKCS_OAEP_PARAMS;
typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11.
* CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
* CKM_RSA_PKCS_PSS mechanism(s). */
typedef struct CK_RSA_PKCS_PSS_PARAMS {
CK_MECHANISM_TYPE hashAlg;
CK_RSA_PKCS_MGF_TYPE mgf;
CK_ULONG sLen;
} CK_RSA_PKCS_PSS_PARAMS;
typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;
/* CK_EC_KDF_TYPE is new for v2.11. */
typedef CK_ULONG CK_EC_KDF_TYPE;
/* The following EC Key Derivation Functions are defined */
#define CKD_NULL 0x00000001
#define CKD_SHA1_KDF 0x00000002
/* CK_ECDH1_DERIVE_PARAMS is new for v2.11.
* CK_ECDH1_DERIVE_PARAMS provides the parameters to the
* CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,
* where each party contributes one key pair.
*/
typedef struct CK_ECDH1_DERIVE_PARAMS {
CK_EC_KDF_TYPE kdf;
CK_ULONG ulSharedDataLen;
CK_BYTE_PTR pSharedData;
CK_ULONG ulPublicDataLen;
CK_BYTE_PTR pPublicData;
} CK_ECDH1_DERIVE_PARAMS;
typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;
/* CK_ECDH2_DERIVE_PARAMS is new for v2.11.
* CK_ECDH2_DERIVE_PARAMS provides the parameters to the
* CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */
typedef struct CK_ECDH2_DERIVE_PARAMS {
CK_EC_KDF_TYPE kdf;
CK_ULONG ulSharedDataLen;
CK_BYTE_PTR pSharedData;
CK_ULONG ulPublicDataLen;
CK_BYTE_PTR pPublicData;
CK_ULONG ulPrivateDataLen;
CK_OBJECT_HANDLE hPrivateData;
CK_ULONG ulPublicDataLen2;
CK_BYTE_PTR pPublicData2;
} CK_ECDH2_DERIVE_PARAMS;
typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR;
typedef struct CK_ECMQV_DERIVE_PARAMS {
CK_EC_KDF_TYPE kdf;
CK_ULONG ulSharedDataLen;
CK_BYTE_PTR pSharedData;
CK_ULONG ulPublicDataLen;
CK_BYTE_PTR pPublicData;
CK_ULONG ulPrivateDataLen;
CK_OBJECT_HANDLE hPrivateData;
CK_ULONG ulPublicDataLen2;
CK_BYTE_PTR pPublicData2;
CK_OBJECT_HANDLE publicKey;
} CK_ECMQV_DERIVE_PARAMS;
typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR;
/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the
* CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */
typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;
typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;
/* The following X9.42 DH key derivation functions are defined
(besides CKD_NULL already defined : */
#define CKD_SHA1_KDF_ASN1 0x00000003
#define CKD_SHA1_KDF_CONCATENATE 0x00000004
/* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11.
* CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the
* CKM_X9_42_DH_DERIVE key derivation mechanism, where each party
* contributes one key pair */
typedef struct CK_X9_42_DH1_DERIVE_PARAMS {
CK_X9_42_DH_KDF_TYPE kdf;
CK_ULONG ulOtherInfoLen;
CK_BYTE_PTR pOtherInfo;
CK_ULONG ulPublicDataLen;
CK_BYTE_PTR pPublicData;
} CK_X9_42_DH1_DERIVE_PARAMS;
typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;
/* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11.
* CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the
* CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation
* mechanisms, where each party contributes two key pairs */
typedef struct CK_X9_42_DH2_DERIVE_PARAMS {
CK_X9_42_DH_KDF_TYPE kdf;
CK_ULONG ulOtherInfoLen;
CK_BYTE_PTR pOtherInfo;
CK_ULONG ulPublicDataLen;
CK_BYTE_PTR pPublicData;
CK_ULONG ulPrivateDataLen;
CK_OBJECT_HANDLE hPrivateData;
CK_ULONG ulPublicDataLen2;
CK_BYTE_PTR pPublicData2;
} CK_X9_42_DH2_DERIVE_PARAMS;
typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;
typedef struct CK_X9_42_MQV_DERIVE_PARAMS {
CK_X9_42_DH_KDF_TYPE kdf;
CK_ULONG ulOtherInfoLen;
CK_BYTE_PTR pOtherInfo;
CK_ULONG ulPublicDataLen;
CK_BYTE_PTR pPublicData;
CK_ULONG ulPrivateDataLen;
CK_OBJECT_HANDLE hPrivateData;
CK_ULONG ulPublicDataLen2;
CK_BYTE_PTR pPublicData2;
CK_OBJECT_HANDLE publicKey;
} CK_X9_42_MQV_DERIVE_PARAMS;
typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR;
/* CK_KEA_DERIVE_PARAMS provides the parameters to the /* CK_KEA_DERIVE_PARAMS provides the parameters to the
* CKM_KEA_DERIVE mechanism */ * CKM_KEA_DERIVE mechanism */
@@ -1530,22 +1418,6 @@ typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
/* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */
typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS {
CK_BYTE iv[8];
CK_BYTE_PTR pData;
CK_ULONG length;
} CK_DES_CBC_ENCRYPT_DATA_PARAMS;
typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR;
typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS {
CK_BYTE iv[16];
CK_BYTE_PTR pData;
CK_ULONG length;
} CK_AES_CBC_ENCRYPT_DATA_PARAMS;
typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;
/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
* CKM_SKIPJACK_PRIVATE_WRAP mechanism */ * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
@@ -1593,12 +1465,12 @@ typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
typedef struct CK_PBE_PARAMS { typedef struct CK_PBE_PARAMS {
CK_BYTE_PTR pInitVector; CK_CHAR_PTR pInitVector;
CK_UTF8CHAR_PTR pPassword; CK_CHAR_PTR pPassword;
CK_ULONG ulPasswordLen; CK_ULONG ulPasswordLen;
CK_BYTE_PTR pSalt; CK_CHAR_PTR pSalt;
CK_ULONG ulSaltLen; CK_ULONG ulSaltLen;
CK_ULONG ulIteration; CK_ULONG ulIteration;
} CK_PBE_PARAMS; } CK_PBE_PARAMS;
typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
@@ -1657,83 +1529,6 @@ typedef struct CK_SSL3_KEY_MAT_PARAMS {
typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
/* CK_TLS_PRF_PARAMS is new for version 2.20 */
typedef struct CK_TLS_PRF_PARAMS {
CK_BYTE_PTR pSeed;
CK_ULONG ulSeedLen;
CK_BYTE_PTR pLabel;
CK_ULONG ulLabelLen;
CK_BYTE_PTR pOutput;
CK_ULONG_PTR pulOutputLen;
} CK_TLS_PRF_PARAMS;
typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR;
/* WTLS is new for version 2.20 */
typedef struct CK_WTLS_RANDOM_DATA {
CK_BYTE_PTR pClientRandom;
CK_ULONG ulClientRandomLen;
CK_BYTE_PTR pServerRandom;
CK_ULONG ulServerRandomLen;
} CK_WTLS_RANDOM_DATA;
typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR;
typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS {
CK_MECHANISM_TYPE DigestMechanism;
CK_WTLS_RANDOM_DATA RandomInfo;
CK_BYTE_PTR pVersion;
} CK_WTLS_MASTER_KEY_DERIVE_PARAMS;
typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \
CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR;
typedef struct CK_WTLS_PRF_PARAMS {
CK_MECHANISM_TYPE DigestMechanism;
CK_BYTE_PTR pSeed;
CK_ULONG ulSeedLen;
CK_BYTE_PTR pLabel;
CK_ULONG ulLabelLen;
CK_BYTE_PTR pOutput;
CK_ULONG_PTR pulOutputLen;
} CK_WTLS_PRF_PARAMS;
typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR;
typedef struct CK_WTLS_KEY_MAT_OUT {
CK_OBJECT_HANDLE hMacSecret;
CK_OBJECT_HANDLE hKey;
CK_BYTE_PTR pIV;
} CK_WTLS_KEY_MAT_OUT;
typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR;
typedef struct CK_WTLS_KEY_MAT_PARAMS {
CK_MECHANISM_TYPE DigestMechanism;
CK_ULONG ulMacSizeInBits;
CK_ULONG ulKeySizeInBits;
CK_ULONG ulIVSizeInBits;
CK_ULONG ulSequenceNumber;
CK_BBOOL bIsExport;
CK_WTLS_RANDOM_DATA RandomInfo;
CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
} CK_WTLS_KEY_MAT_PARAMS;
typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR;
/* CMS is new for version 2.20 */
typedef struct CK_CMS_SIG_PARAMS {
CK_OBJECT_HANDLE certificateHandle;
CK_MECHANISM_PTR pSigningMechanism;
CK_MECHANISM_PTR pDigestMechanism;
CK_UTF8CHAR_PTR pContentType;
CK_BYTE_PTR pRequestedAttributes;
CK_ULONG ulRequestedAttributesLen;
CK_BYTE_PTR pRequiredAttributes;
CK_ULONG ulRequiredAttributesLen;
} CK_CMS_SIG_PARAMS;
typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR;
typedef struct CK_KEY_DERIVATION_STRING_DATA { typedef struct CK_KEY_DERIVATION_STRING_DATA {
CK_BYTE_PTR pData; CK_BYTE_PTR pData;
@@ -1753,133 +1548,318 @@ typedef CK_ULONG CK_EXTRACT_PARAMS;
typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
* indicate the Pseudo-Random Function (PRF) used to generate
* key bits using PKCS #5 PBKDF2. */
typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec
* version and pointers of appropriate types to all the
* Cryptoki functions */
/* CK_FUNCTION_LIST is new for v2.0 */
typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
/* The following PRFs are defined in PKCS #5 v2.0. */ typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
typedef CK_RV (CK_PTR CK_C_Initialize)
(CK_VOID_PTR pReserved);
typedef CK_RV (CK_PTR CK_C_Finalize)
(CK_VOID_PTR pReserved);
typedef CK_RV (CK_PTR CK_C_Terminate)
(void);
typedef CK_RV (CK_PTR CK_C_GetInfo)
(CK_INFO_PTR pInfo);
typedef CK_RV (CK_PTR CK_C_GetFunctionList)
(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
typedef CK_RV (CK_PTR CK_C_GetSlotList)
(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList,
CK_ULONG_PTR pusCount);
typedef CK_RV (CK_PTR CK_C_GetSlotInfo)
(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo);
typedef CK_RV (CK_PTR CK_C_GetTokenInfo)
(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo);
typedef CK_RV (CK_PTR CK_C_GetMechanismList)
(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList,
CK_ULONG_PTR pusCount);
typedef CK_RV (CK_PTR CK_C_GetMechanismInfo)
(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
CK_MECHANISM_INFO_PTR pInfo);
typedef CK_RV (CK_PTR CK_C_InitToken)
(CK_SLOT_ID slotID, CK_CHAR_PTR pPin, CK_ULONG usPinLen,
CK_CHAR_PTR pLabel);
typedef CK_RV (CK_PTR CK_C_InitPIN)
(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pPin,
CK_ULONG usPinLen);
typedef CK_RV (CK_PTR CK_C_SetPIN)
(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
CK_ULONG usOldLen, CK_CHAR_PTR pNewPin,
CK_ULONG usNewLen);
typedef CK_RV (CK_PTR CK_C_OpenSession)
(CK_SLOT_ID slotID, CK_FLAGS flags,
CK_VOID_PTR pApplication,
CK_RV (*Notify) (CK_SESSION_HANDLE hSession,
CK_NOTIFICATION event, CK_VOID_PTR pApplication),
CK_SESSION_HANDLE_PTR phSession);
typedef CK_RV (CK_PTR CK_C_CloseSession)
(CK_SESSION_HANDLE hSession);
typedef CK_RV (CK_PTR CK_C_CloseAllSessions)
(CK_SLOT_ID slotID);
typedef CK_RV (CK_PTR CK_C_GetSessionInfo)
(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo);
typedef CK_RV (CK_PTR CK_C_GetOperationState)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState,
CK_ULONG_PTR pulOperationStateLen);
typedef CK_RV (CK_PTR CK_C_SetOperationState)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState,
CK_ULONG ulOperationStateLen,
CK_OBJECT_HANDLE hEncryptionKey,
CK_OBJECT_HANDLE hAuthenticationKey);
typedef CK_RV (CK_PTR CK_C_Login)(CK_SESSION_HANDLE hSession,
CK_USER_TYPE userType, CK_CHAR_PTR pPin,
CK_ULONG usPinLen);
typedef CK_RV (CK_PTR CK_C_Logout)(CK_SESSION_HANDLE hSession);
typedef CK_RV (CK_PTR CK_C_CreateObject)
(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG usCount, CK_OBJECT_HANDLE_PTR phObject);
typedef CK_RV (CK_PTR CK_C_CopyObject)
(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
CK_OBJECT_HANDLE_PTR phNewObject);
typedef CK_RV (CK_PTR CK_C_DestroyObject)
(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject);
typedef CK_RV(CK_PTR CK_C_GetObjectSize)
(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
CK_ULONG_PTR pusSize);
typedef CK_RV(CK_PTR CK_C_GetAttributeValue)
(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount);
typedef CK_RV(CK_PTR CK_C_SetAttributeValue)
(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount);
typedef CK_RV (CK_PTR CK_C_FindObjectsInit)
(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG usCount);
typedef CK_RV (CK_PTR CK_C_FindObjects)
(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE_PTR phObject, CK_ULONG usMaxObjectCount,
CK_ULONG_PTR pusObjectCount);
typedef CK_RV (CK_PTR CK_C_FindObjectsFinal)
(CK_SESSION_HANDLE hSession);
typedef CK_RV (CK_PTR CK_C_EncryptInit)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
typedef CK_RV (CK_PTR CK_C_Encrypt)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
CK_ULONG_PTR pusEncryptedDataLen);
typedef CK_RV (CK_PTR CK_C_EncryptUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pusEncryptedPartLen);
typedef CK_RV (CK_PTR CK_C_EncryptFinal)
(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pLastEncryptedPart,
CK_ULONG_PTR pusLastEncryptedPartLen);
typedef CK_RV (CK_PTR CK_C_DecryptInit)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
typedef CK_RV (CK_PTR CK_C_Decrypt)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
CK_ULONG usEncryptedDataLen, CK_BYTE_PTR pData,
CK_ULONG_PTR pusDataLen);
typedef CK_RV (CK_PTR CK_C_DecryptUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart,
CK_ULONG usEncryptedPartLen, CK_BYTE_PTR pPart,
CK_ULONG_PTR pusPartLen);
typedef CK_RV (CK_PTR CK_C_DecryptFinal)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart,
CK_ULONG_PTR pusLastPartLen);
typedef CK_RV (CK_PTR CK_C_DigestInit)
(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism);
typedef CK_RV (CK_PTR CK_C_Digest)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
CK_ULONG_PTR pusDigestLen);
typedef CK_RV (CK_PTR CK_C_DigestUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG usPartLen);
typedef CK_RV (CK_PTR CK_C_DigestKey)
(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey);
typedef CK_RV (CK_PTR CK_C_DigestFinal)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest,
CK_ULONG_PTR pusDigestLen);
typedef CK_RV (CK_PTR CK_C_SignInit)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
typedef CK_RV (CK_PTR CK_C_Sign)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
CK_ULONG_PTR pusSignatureLen);
typedef CK_RV (CK_PTR CK_C_SignUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG usPartLen);
typedef CK_RV (CK_PTR CK_C_SignFinal)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
CK_ULONG_PTR pusSignatureLen);
typedef CK_RV (CK_PTR CK_C_SignRecoverInit)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
typedef CK_RV (CK_PTR CK_C_SignRecover)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
CK_ULONG_PTR pusSignatureLen);
typedef CK_RV (CK_PTR CK_C_VerifyInit)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
typedef CK_RV (CK_PTR CK_C_Verify)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
CK_ULONG usSignatureLen);
typedef CK_RV (CK_PTR CK_C_VerifyUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG usPartLen);
typedef CK_RV (CK_PTR CK_C_VerifyFinal)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
CK_ULONG usSignatureLen);
typedef CK_RV (CK_PTR CK_C_VerifyRecoverInit)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hKey);
typedef CK_RV (CK_PTR CK_C_VerifyRecover)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
CK_ULONG usSignatureLen, CK_BYTE_PTR pData,
CK_ULONG_PTR pusDataLen);
typedef CK_RV (CK_PTR CK_C_DigestEncryptUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pulEncryptedPartLen);
typedef CK_RV (CK_PTR CK_C_DecryptDigestUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart,
CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
CK_ULONG_PTR pulPartLen);
typedef CK_RV (CK_PTR CK_C_SignEncryptUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pulEncryptedPartLen);
typedef CK_RV (CK_PTR CK_C_DecryptVerifyUpdate)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart,
CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
CK_ULONG_PTR pulPartLen);
typedef CK_RV (CK_PTR CK_C_GenerateKey)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
CK_OBJECT_HANDLE_PTR phKey);
typedef CK_RV (CK_PTR CK_C_GenerateKeyPair)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pPublicKeyTemplate,
CK_ULONG usPublicKeyAttributeCount,
CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
CK_ULONG usPrivateKeyAttributeCount,
CK_OBJECT_HANDLE_PTR phPrivateKey,
CK_OBJECT_HANDLE_PTR phPublicKey);
typedef CK_RV (CK_PTR CK_C_WrapKey)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pusWrappedKeyLen);
typedef CK_RV (CK_PTR CK_C_UnwrapKey)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey,
CK_ULONG usWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG usAttributeCount, CK_OBJECT_HANDLE_PTR phKey);
typedef CK_RV (CK_PTR CK_C_DeriveKey)
(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG usAttributeCount, CK_OBJECT_HANDLE_PTR phKey);
typedef CK_RV (CK_PTR CK_C_SeedRandom)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
CK_ULONG usSeedLen);
typedef CK_RV (CK_PTR CK_C_GenerateRandom)
(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomData,
CK_ULONG usRandomLen);
typedef CK_RV (CK_PTR CK_C_GetFunctionStatus)
(CK_SESSION_HANDLE hSession);
typedef CK_RV (CK_PTR CK_C_CancelFunction)
(CK_SESSION_HANDLE hSession);
typedef CK_RV (CK_PTR CK_Notify)
(CK_SESSION_HANDLE hSession, CK_NOTIFICATION event,
CK_VOID_PTR pApplication);
typedef CK_RV (CK_PTR CK_C_WaitForSlotEvent)
(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
CK_VOID_PTR pReserved);
struct CK_FUNCTION_LIST {
CK_VERSION version;
CK_C_Initialize C_Initialize;
CK_C_Finalize C_Finalize;
CK_C_GetInfo C_GetInfo;
CK_C_GetFunctionList C_GetFunctionList;
CK_C_GetSlotList C_GetSlotList;
CK_C_GetSlotInfo C_GetSlotInfo;
CK_C_GetTokenInfo C_GetTokenInfo;
CK_C_GetMechanismList C_GetMechanismList;
CK_C_GetMechanismInfo C_GetMechanismInfo;
CK_C_InitToken C_InitToken;
CK_C_InitPIN C_InitPIN;
CK_C_SetPIN C_SetPIN;
CK_C_OpenSession C_OpenSession;
CK_C_CloseSession C_CloseSession;
CK_C_CloseAllSessions C_CloseAllSessions;
CK_C_GetSessionInfo C_GetSessionInfo;
CK_C_GetOperationState C_GetOperationState;
CK_C_SetOperationState C_SetOperationState;
CK_C_Login C_Login;
CK_C_Logout C_Logout;
CK_C_CreateObject C_CreateObject;
CK_C_CopyObject C_CopyObject;
CK_C_DestroyObject C_DestroyObject;
CK_C_GetObjectSize C_GetObjectSize;
CK_C_GetAttributeValue C_GetAttributeValue;
CK_C_SetAttributeValue C_SetAttributeValue;
CK_C_FindObjectsInit C_FindObjectsInit;
CK_C_FindObjects C_FindObjects;
CK_C_FindObjectsFinal C_FindObjectsFinal;
CK_C_EncryptInit C_EncryptInit;
CK_C_Encrypt C_Encrypt;
CK_C_EncryptUpdate C_EncryptUpdate;
CK_C_EncryptFinal C_EncryptFinal;
CK_C_DecryptInit C_DecryptInit;
CK_C_Decrypt C_Decrypt;
CK_C_DecryptUpdate C_DecryptUpdate;
CK_C_DecryptFinal C_DecryptFinal;
CK_C_DigestInit C_DigestInit;
CK_C_Digest C_Digest;
CK_C_DigestUpdate C_DigestUpdate;
CK_C_DigestKey C_DigestKey;
CK_C_DigestFinal C_DigestFinal;
CK_C_SignInit C_SignInit;
CK_C_Sign C_Sign;
CK_C_SignUpdate C_SignUpdate;
CK_C_SignFinal C_SignFinal;
CK_C_SignRecoverInit C_SignRecoverInit;
CK_C_SignRecover C_SignRecover;
CK_C_VerifyInit C_VerifyInit;
CK_C_Verify C_Verify;
CK_C_VerifyUpdate C_VerifyUpdate;
CK_C_VerifyFinal C_VerifyFinal;
CK_C_VerifyRecoverInit C_VerifyRecoverInit;
CK_C_VerifyRecover C_VerifyRecover;
CK_C_DigestEncryptUpdate C_DigestEncryptUpdate;
CK_C_DecryptDigestUpdate C_DecryptDigestUpdate;
CK_C_SignEncryptUpdate C_SignEncryptUpdate;
CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate;
CK_C_GenerateKey C_GenerateKey;
CK_C_GenerateKeyPair C_GenerateKeyPair;
CK_C_WrapKey C_WrapKey;
CK_C_UnwrapKey C_UnwrapKey;
CK_C_DeriveKey C_DeriveKey;
CK_C_SeedRandom C_SeedRandom;
CK_C_GenerateRandom C_GenerateRandom;
CK_C_GetFunctionStatus C_GetFunctionStatus;
CK_C_CancelFunction C_CancelFunction;
CK_C_WaitForSlotEvent C_WaitForSlotEvent;
};
/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. #ifdef __cplusplus
* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the }
* source of the salt value when deriving a key using PKCS #5
* PBKDF2. */
typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
/* The following salt value sources are defined in PKCS #5 v2.0. */
#define CKZ_SALT_SPECIFIED 0x00000001
/* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
* CK_PKCS5_PBKD2_PARAMS is a structure that provides the
* parameters to the CKM_PKCS5_PBKD2 mechanism. */
typedef struct CK_PKCS5_PBKD2_PARAMS {
CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
CK_VOID_PTR pSaltSourceData;
CK_ULONG ulSaltSourceDataLen;
CK_ULONG iterations;
CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
CK_VOID_PTR pPrfData;
CK_ULONG ulPrfDataLen;
CK_UTF8CHAR_PTR pPassword;
CK_ULONG_PTR ulPasswordLen;
} CK_PKCS5_PBKD2_PARAMS;
typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
/* All CK_OTP structs are new for PKCS #11 v2.20 amendment 3 */
typedef CK_ULONG CK_OTP_PARAM_TYPE;
typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* B/w compatibility */
typedef struct CK_OTP_PARAM {
CK_OTP_PARAM_TYPE type;
CK_VOID_PTR pValue;
CK_ULONG ulValueLen;
} CK_OTP_PARAM;
typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR;
typedef struct CK_OTP_PARAMS {
CK_OTP_PARAM_PTR pParams;
CK_ULONG ulCount;
} CK_OTP_PARAMS;
typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR;
typedef struct CK_OTP_SIGNATURE_INFO {
CK_OTP_PARAM_PTR pParams;
CK_ULONG ulCount;
} CK_OTP_SIGNATURE_INFO;
typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR;
/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */
#define CK_OTP_VALUE 0
#define CK_OTP_PIN 1
#define CK_OTP_CHALLENGE 2
#define CK_OTP_TIME 3
#define CK_OTP_COUNTER 4
#define CK_OTP_FLAGS 5
#define CK_OTP_OUTPUT_LENGTH 6
#define CK_OTP_OUTPUT_FORMAT 7
/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */
#define CKF_NEXT_OTP 0x00000001
#define CKF_EXCLUDE_TIME 0x00000002
#define CKF_EXCLUDE_COUNTER 0x00000004
#define CKF_EXCLUDE_CHALLENGE 0x00000008
#define CKF_EXCLUDE_PIN 0x00000010
#define CKF_USER_FRIENDLY_OTP 0x00000020
/* CK_KIP_PARAMS is new for PKCS #11 v2.20 amendment 2 */
typedef struct CK_KIP_PARAMS {
CK_MECHANISM_PTR pMechanism;
CK_OBJECT_HANDLE hKey;
CK_BYTE_PTR pSeed;
CK_ULONG ulSeedLen;
} CK_KIP_PARAMS;
typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR;
/* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */
typedef struct CK_AES_CTR_PARAMS {
CK_ULONG ulCounterBits;
CK_BYTE cb[16];
} CK_AES_CTR_PARAMS;
typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR;
/* CK_CAMELLIA_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */
typedef struct CK_CAMELLIA_CTR_PARAMS {
CK_ULONG ulCounterBits;
CK_BYTE cb[16];
} CK_CAMELLIA_CTR_PARAMS;
typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR;
/* CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */
typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS {
CK_BYTE iv[16];
CK_BYTE_PTR pData;
CK_ULONG length;
} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS;
typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
/* CK_ARIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */
typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS {
CK_BYTE iv[16];
CK_BYTE_PTR pData;
CK_ULONG length;
} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS;
typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
#endif #endif
#endif // _PKCS11TYPES_H_