1 /* 2 * COPYRIGHT (c) International Business Machines Corp. 2001-2017 3 * 4 * This program is provided under the terms of the Common Public License, 5 * version 1.0 (CPL-1.0). Any use, reproduction or distribution for this 6 * software constitutes recipient's acceptance of CPL-1.0 terms which can be 7 * found in the file LICENSE file or at 8 * https://opensource.org/licenses/cpl1.0.php 9 */ 10 11 //---------------------------------------------------------------------------- 12 // 13 // File: PKCS11Types.h 14 // 15 // 16 //---------------------------------------------------------------------------- 17 18 19 #ifndef _PKCS11TYPES_H_ 20 #define _PKCS11TYPES_H_ 21 22 23 #ifdef __cplusplus 24 extern "C" { 25 #endif 26 27 #define CK_TRUE 1 28 #define CK_FALSE 0 29 30 #ifndef CK_DISABLE_TRUE_FALSE 31 #ifndef FALSE 32 #define FALSE CK_FALSE 33 #endif 34 35 #ifndef TRUE 36 #define TRUE CK_TRUE 37 #endif 38 #endif 39 40 // AIX Addition for 64Bit work. 41 // All types are 32bit types, therefore the longs have to be 42 // typedefed to be 32bit values. 43 typedef unsigned int uint_32; 44 typedef int int_32; 45 46 #define CK_PTR * 47 48 #define CK_CALLBACK_FUNCTION(returnType, name) \ 49 returnType (* name) 50 51 #ifndef NULL_PTR 52 #define NULL_PTR NULL 53 #endif /* NULL_PTR */ 54 55 /* an unsigned 8-bit value */ 56 typedef unsigned char CK_BYTE; 57 58 /* an unsigned 8-bit character */ 59 typedef CK_BYTE CK_CHAR; 60 61 /* an 8-bit UTF-8 character */ 62 typedef CK_BYTE CK_UTF8CHAR; 63 64 /* a BYTE-sized Boolean flag */ 65 typedef CK_BYTE CK_BBOOL; 66 67 /* an unsigned value, at least 32 bits long */ 68 typedef unsigned long int CK_ULONG; 69 70 /* a signed value, the same size as a CK_ULONG */ 71 /* CK_LONG is new for v2.0 */ 72 typedef long int CK_LONG; 73 74 /* at least 32 bits; each bit is a Boolean flag */ 75 typedef CK_ULONG CK_FLAGS; 76 77 78 /* some special values for certain CK_ULONG variables */ 79 #define CK_UNAVAILABLE_INFORMATION (~0UL) 80 #define CK_EFFECTIVELY_INFINITE 0 81 82 83 typedef CK_BYTE CK_PTR CK_BYTE_PTR; 84 typedef CK_CHAR CK_PTR CK_CHAR_PTR; 85 typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; 86 typedef CK_ULONG CK_PTR CK_ULONG_PTR; 87 typedef void CK_PTR CK_VOID_PTR; 88 89 /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ 90 typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; 91 92 93 /* The following value is always invalid if used as a session */ 94 /* handle or object handle */ 95 #define CK_INVALID_HANDLE 0 96 97 98 typedef struct CK_VERSION { 99 CK_BYTE major; /* integer portion of version number */ 100 CK_BYTE minor; /* 1/100ths portion of version number */ 101 } CK_VERSION; 102 103 typedef CK_VERSION CK_PTR CK_VERSION_PTR; 104 105 106 typedef struct CK_INFO { 107 CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ 108 CK_CHAR manufacturerID[32]; /* blank padded */ 109 CK_FLAGS flags; /* must be zero */ 110 111 /* libraryDescription and libraryVersion are new for v2.0 */ 112 CK_CHAR libraryDescription[32]; /* blank padded */ 113 CK_VERSION libraryVersion; /* version of library */ 114 } CK_INFO; 115 116 typedef CK_INFO CK_PTR CK_INFO_PTR; 117 118 119 /* CK_NOTIFICATION enumerates the types of notifications that 120 * Cryptoki provides to an application */ 121 /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG 122 * for v2.0 */ 123 typedef CK_ULONG CK_NOTIFICATION; 124 #define CKN_SURRENDER 0 125 126 127 typedef CK_ULONG CK_SLOT_ID; 128 129 typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; 130 131 132 /* CK_SLOT_INFO provides information about a slot */ 133 typedef struct CK_SLOT_INFO { 134 CK_CHAR slotDescription[64]; /* blank padded */ 135 CK_CHAR manufacturerID[32]; /* blank padded */ 136 CK_FLAGS flags; 137 138 /* hardwareVersion and firmwareVersion are new for v2.0 */ 139 CK_VERSION hardwareVersion; /* version of hardware */ 140 CK_VERSION firmwareVersion; /* version of firmware */ 141 } CK_SLOT_INFO; 142 143 /* flags: bit flags that provide capabilities of the slot 144 * Bit Flag Mask Meaning 145 */ 146 #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ 147 #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices */ 148 #define CKF_HW_SLOT 0x00000004 /* hardware slot */ 149 150 typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; 151 152 153 /* CK_TOKEN_INFO provides information about a token */ 154 typedef struct CK_TOKEN_INFO { 155 CK_CHAR label[32]; /* blank padded */ 156 CK_CHAR manufacturerID[32]; /* blank padded */ 157 CK_CHAR model[16]; /* blank padded */ 158 CK_CHAR serialNumber[16]; /* blank padded */ 159 CK_FLAGS flags; /* see below */ 160 161 /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, 162 * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been 163 * changed from CK_USHORT to CK_ULONG for v2.0 */ 164 CK_ULONG ulMaxSessionCount; /* max open sessions */ 165 CK_ULONG ulSessionCount; /* sess. now open */ 166 CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ 167 CK_ULONG ulRwSessionCount; /* R/W sess. now open */ 168 CK_ULONG ulMaxPinLen; /* in bytes */ 169 CK_ULONG ulMinPinLen; /* in bytes */ 170 CK_ULONG ulTotalPublicMemory; /* in bytes */ 171 CK_ULONG ulFreePublicMemory; /* in bytes */ 172 CK_ULONG ulTotalPrivateMemory; /* in bytes */ 173 CK_ULONG ulFreePrivateMemory; /* in bytes */ 174 175 /* hardwareVersion, firmwareVersion, and time are new for 176 * v2.0 */ 177 CK_VERSION hardwareVersion; /* version of hardware */ 178 CK_VERSION firmwareVersion; /* version of firmware */ 179 CK_CHAR utcTime[16]; /* time */ 180 } CK_TOKEN_INFO; 181 182 /* The flags parameter is defined as follows: 183 * Bit Flag Mask Meaning 184 */ 185 #define CKF_RNG 0x00000001 /* has random # 186 * generator */ 187 #define CKF_WRITE_PROTECTED 0x00000002 /* token is 188 * write- 189 * protected */ 190 #define CKF_LOGIN_REQUIRED 0x00000004 /* user must 191 * login */ 192 #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's 193 * PIN is set */ 194 195 /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, 196 * that means that *every* time the state of cryptographic 197 * operations of a session is successfully saved, all keys 198 * needed to continue those operations are stored in the state */ 199 #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 200 201 /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means 202 * that the token has some sort of clock. The time on that 203 * clock is returned in the token info structure */ 204 #define CKF_CLOCK_ON_TOKEN 0x00000040 205 206 /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is 207 * set, that means that there is some way for the user to login 208 * without sending a PIN through the Cryptoki library itself */ 209 #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 210 211 /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, 212 * that means that a single session with the token can perform 213 * dual simultaneous cryptographic operations (digest and 214 * encrypt; decrypt and digest; sign and encrypt; and decrypt 215 * and sign) */ 216 #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 217 218 /* CKF_TOKEN_INITIALIZED is new for v2.11. If it is true, the 219 * token has been initialized using C_InitializeToken or an 220 * equivalent mechanism outside the scope of this standard. 221 * Calling C_InitializeToken when this flag is set will cause 222 * the token to be reinitialized. */ 223 #define CKF_TOKEN_INITIALIZED 0x00000400 224 225 /* CKF_SECONDARY_AUTHENTICATION is new for v2.11. If it is 226 * true, the token supports secondary authentication for private 227 * key objects. According to the 2.11 spec pg. 45, this flag 228 * is deprecated and this flags should never be true. */ 229 #define CKF_SECONDARY_AUTHENTICATION 0x00000800 230 231 /* CKF_USER_PIN_COUNT_LOW is new in v2.11. This flag is true 232 * is an incorrect user PIN has been entered at least once 233 * since the last successful authentication. */ 234 #define CKF_USER_PIN_COUNT_LOW 0x00010000 235 236 /* CKF_USER_PIN_FINAL_TRY is new in v2.11. This flag is true if 237 * supplying an incorrect user PIN will cause it to become 238 * locked. */ 239 #define CKF_USER_PIN_FINAL_TRY 0x00020000 240 241 /* CKF_USER_PIN_LOCKED is new in v2.11. This is true if the 242 * user PIN has been locked. User login to the token is not 243 * possible. */ 244 #define CKF_USER_PIN_LOCKED 0x00040000 245 246 /* CKF_USER_PIN_TO_BE_CHANGED is new in v2.11. This flag is 247 * true if the user PIN value is the default value set by 248 * token initialization of manufacturing, or the PIN has 249 * been expired by the card. */ 250 #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 251 252 /* CKF_SO_PIN_COUNT_LOW is new in v2.11. This flag is true if 253 * and incorrect SO login PIN has been entered at least once 254 * since the last successful authentication. */ 255 #define CKF_SO_PIN_COUNT_LOW 0x00100000 256 257 /* CKF_SO_PIN_FINAL_TRY is new in v2.11. This flag is true if 258 * supplying an incorrect SO PIN will cause it to become 259 * locked. */ 260 #define CKF_SO_PIN_FINAL_TRY 0x00200000 261 262 /* CKF_SO_PIN_LOCKED is new in v2.11. This flag is true if 263 * the SO PIN has been locked. User login to the token is not 264 * possible. */ 265 #define CKF_SO_PIN_LOCKED 0x00400000 266 267 /* CKF_SO_PIN_TO_BE_CHANGED is new in v2.11. This flag is true 268 * if the SO PIN calue is the default value set by token init- 269 * ialization of manufacturing, or the PIN has been expired by 270 * the card. */ 271 #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 272 273 #if 0 274 /* IBM extended Token Info Flags - defined by Michael Hamann */ 275 /* These Flags are not part of PKCS#11 Version 2.01 */ 276 277 /* This will be used to track the state of login retries */ 278 #define CKF_USER_PIN_COUNT_LOW 0x00010000 279 #define CKF_USER_PIN_FINAL_TRY 0x00020000 280 #define CKF_USER_PIN_LOCKED 0x00040000 281 #define CKF_USER_PIN_MANUFACT_VALUE 0x00080000 282 283 #define CKF_SO_PIN_COUNT_LOW 0x00100000 284 #define CKF_SO_PIN_FINAL_TRY 0x00200000 285 #define CKF_SO_PIN_LOCKED 0x00400000 286 #define CKF_SO_PIN_MANUFACT_VALUE 0x00800000 287 #endif 288 289 /* other IBM extended Token info Flags 05/29/99 */ 290 // Sec Officer pin on card is derived from card id 291 #define CKF_SO_PIN_DERIVED 0x01000000 292 // Security Officer Card 293 #define CKF_SO_CARD 0x02000000 294 /* End of IBM extented Token Info Flags */ 295 296 297 typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; 298 299 /* CK_SESSION_HANDLE is a Cryptoki-assigned value that 300 * identifies a session */ 301 typedef CK_ULONG CK_SESSION_HANDLE; 302 303 typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 304 305 306 /* CK_USER_TYPE enumerates the types of Cryptoki users */ 307 /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for 308 * v2.0 */ 309 typedef CK_ULONG CK_USER_TYPE; 310 /* Security Officer */ 311 #define CKU_SO 0 312 /* Normal user */ 313 #define CKU_USER 1 314 315 316 /* CK_STATE enumerates the session states */ 317 /* CK_STATE has been changed from an enum to a CK_ULONG for 318 * v2.0 */ 319 typedef CK_ULONG CK_STATE; 320 #define CKS_RO_PUBLIC_SESSION 0 321 #define CKS_RO_USER_FUNCTIONS 1 322 #define CKS_RW_PUBLIC_SESSION 2 323 #define CKS_RW_USER_FUNCTIONS 3 324 #define CKS_RW_SO_FUNCTIONS 4 325 326 327 /* CK_SESSION_INFO provides information about a session */ 328 typedef struct CK_SESSION_INFO { 329 CK_SLOT_ID slotID; 330 CK_STATE state; 331 CK_FLAGS flags; /* see below */ 332 333 /* ulDeviceError was changed from CK_USHORT to CK_ULONG for 334 * v2.0 */ 335 CK_ULONG ulDeviceError; /* device-dependent error code */ 336 } CK_SESSION_INFO; 337 338 /* The flags are defined in the following table: 339 * Bit Flag Mask Meaning 340 */ 341 #define CKF_RW_SESSION 0x00000002 /* session is r/w */ 342 #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ 343 344 typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; 345 346 347 /* CK_OBJECT_HANDLE is a token-specific identifier for an 348 * object */ 349 typedef CK_ULONG CK_OBJECT_HANDLE; 350 351 typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; 352 353 354 /* CK_OBJECT_CLASS is a value that identifies the classes (or 355 * types) of objects that Cryptoki recognizes. It is defined 356 * as follows: */ 357 /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for 358 * v2.0 */ 359 typedef CK_ULONG CK_OBJECT_CLASS; 360 361 /* The following classes of objects are defined: */ 362 #define CKO_DATA 0x00000000 363 #define CKO_CERTIFICATE 0x00000001 364 #define CKO_PUBLIC_KEY 0x00000002 365 #define CKO_PRIVATE_KEY 0x00000003 366 #define CKO_SECRET_KEY 0x00000004 367 /* CKO_HW_FEATURE and CKO_DOMAIN_PARAMETERS are new for v2.11 */ 368 #define CKO_HW_FEATURE 0x00000005 369 #define CKO_DOMAIN_PARAMETERS 0x00000006 370 #define CKO_VENDOR_DEFINED 0x80000000 371 372 typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; 373 374 /* CK_HW_FEATURE_TYPE is a value that identifies a hardware 375 * feature type of a device. This is new for v2.11. 376 */ 377 typedef CK_ULONG CK_HW_FEATURE_TYPE; 378 379 /* The following hardware feature types are defined: */ 380 #define CKH_MONOTONIC_COUNTER 0x00000001 381 #define CKH_CLOCK 0x00000002 382 #define CKH_VENDOR_DEFINED 0x80000000 383 384 385 /* CK_KEY_TYPE is a value that identifies a key type */ 386 /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ 387 typedef CK_ULONG CK_KEY_TYPE; 388 389 /* the following key types are defined: */ 390 #define CKK_RSA 0x00000000 391 #define CKK_DSA 0x00000001 392 #define CKK_DH 0x00000002 393 394 /* CKK_ECDSA and CKK_KEA are new for v2.0 */ 395 /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred */ 396 #define CKK_ECDSA 0x00000003 397 #define CKK_EC 0x00000003 398 #define CKK_X9_42_DH 0x00000004 399 #define CKK_KEA 0x00000005 400 401 #define CKK_GENERIC_SECRET 0x00000010 402 #define CKK_RC2 0x00000011 403 #define CKK_RC4 0x00000012 404 #define CKK_DES 0x00000013 405 #define CKK_DES2 0x00000014 406 #define CKK_DES3 0x00000015 407 408 /* all these key types are new for v2.0 */ 409 #define CKK_CAST 0x00000016 410 #define CKK_CAST3 0x00000017 411 /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred */ 412 #define CKK_CAST5 0x00000018 413 #define CKK_CAST128 0x00000018 /* CAST128=CAST5 */ 414 #define CKK_RC5 0x00000019 415 #define CKK_IDEA 0x0000001A 416 #define CKK_SKIPJACK 0x0000001B 417 #define CKK_BATON 0x0000001C 418 #define CKK_JUNIPER 0x0000001D 419 #define CKK_CDMF 0x0000001E 420 /* CKK_AES is new for v2.11 */ 421 #define CKK_AES 0x0000001F 422 423 #define CKK_VENDOR_DEFINED 0x80000000 424 425 426 /* CK_CERTIFICATE_TYPE is a value that identifies a certificate 427 * type */ 428 /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG 429 * for v2.0 */ 430 typedef CK_ULONG CK_CERTIFICATE_TYPE; 431 432 /* The following certificate types are defined: */ 433 #define CKC_X_509 0x00000000 434 /* CKC_X_509_ATTR_CERT is new for v2.11 */ 435 #define CKC_X_509_ATTR_CERT 0x00000001 436 #define CKC_VENDOR_DEFINED 0x80000000 437 438 439 /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute 440 * type */ 441 /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for 442 * v2.0 */ 443 typedef CK_ULONG CK_ATTRIBUTE_TYPE; 444 445 /* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which 446 * consists of an array of values. */ 447 #define CKF_ARRAY_ATTRIBUTE 0x40000000 448 449 /* The following attribute types are defined: */ 450 #define CKA_CLASS 0x00000000 451 #define CKA_TOKEN 0x00000001 452 #define CKA_PRIVATE 0x00000002 453 #define CKA_LABEL 0x00000003 454 #define CKA_APPLICATION 0x00000010 455 #define CKA_VALUE 0x00000011 456 /* CKA_OBJECT_ID is new for v2.11 */ 457 #define CKA_OBJECT_ID 0x00000012 458 #define CKA_CERTIFICATE_TYPE 0x00000080 459 #define CKA_ISSUER 0x00000081 460 #define CKA_SERIAL_NUMBER 0x00000082 461 /* CKA_AC_ISSUER, CKA_OWNER, CKA_ATTR_TYPES and CKA_TRUSTED 462 * are new for v2.11 */ 463 #define CKA_AC_ISSUER 0x00000083 464 #define CKA_OWNER 0x00000084 465 #define CKA_ATTR_TYPES 0x00000085 466 #define CKA_TRUSTED 0x00000086 467 468 #define CKA_KEY_TYPE 0x00000100 469 #define CKA_SUBJECT 0x00000101 470 #define CKA_ID 0x00000102 471 #define CKA_SENSITIVE 0x00000103 472 #define CKA_ENCRYPT 0x00000104 473 #define CKA_DECRYPT 0x00000105 474 #define CKA_WRAP 0x00000106 475 #define CKA_UNWRAP 0x00000107 476 #define CKA_SIGN 0x00000108 477 #define CKA_SIGN_RECOVER 0x00000109 478 #define CKA_VERIFY 0x0000010A 479 #define CKA_VERIFY_RECOVER 0x0000010B 480 #define CKA_DERIVE 0x0000010C 481 #define CKA_START_DATE 0x00000110 482 #define CKA_END_DATE 0x00000111 483 #define CKA_MODULUS 0x00000120 484 #define CKA_MODULUS_BITS 0x00000121 485 #define CKA_PUBLIC_EXPONENT 0x00000122 486 #define CKA_PRIVATE_EXPONENT 0x00000123 487 #define CKA_PRIME_1 0x00000124 488 #define CKA_PRIME_2 0x00000125 489 #define CKA_EXPONENT_1 0x00000126 490 #define CKA_EXPONENT_2 0x00000127 491 #define CKA_COEFFICIENT 0x00000128 492 #define CKA_PRIME 0x00000130 493 #define CKA_SUBPRIME 0x00000131 494 #define CKA_BASE 0x00000132 495 /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ 496 #define CKA_PRIME_BITS 0x00000133 497 #define CKA_SUBPRIME_BITS 0x00000134 498 499 #define CKA_VALUE_BITS 0x00000160 500 #define CKA_VALUE_LEN 0x00000161 501 502 /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, 503 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, 504 * and CKA_EC_POINT are new for v2.0 */ 505 #define CKA_EXTRACTABLE 0x00000162 506 #define CKA_LOCAL 0x00000163 507 #define CKA_NEVER_EXTRACTABLE 0x00000164 508 #define CKA_ALWAYS_SENSITIVE 0x00000165 509 /* CKA_KEY_GEN_MECHANISM is new for v2.11 */ 510 #define CKA_KEY_GEN_MECHANISM 0x00000166 511 #define CKA_MODIFIABLE 0x00000170 512 /* CKA_ECDSA_PARAMS is deprecated in v2.11, CKA_EC_PARAMS is preferred */ 513 #define CKA_ECDSA_PARAMS 0x00000180 514 #define CKA_EC_PARAMS 0x00000180 515 #define CKA_EC_POINT 0x00000181 516 /* The following are new for v2.11 */ 517 #define CKA_SECONDARY_AUTH 0x00000200 518 #define CKA_AUTH_PIN_FLAGS 0x00000201 519 #define CKA_ALWAYS_AUTHENTICATE 0x00000202 520 #define CKA_HW_FEATURE_TYPE 0x00000300 521 #define CKA_RESET_ON_INIT 0x00000301 522 #define CKA_HAS_RESET 0x00000302 523 524 #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211UL) 525 #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212UL) 526 527 #define CKA_VENDOR_DEFINED 0x80000000 528 529 /* For use in storing objects that have an encrypted or otherwise 530 * opaque attribute. Support has been added to use this attribute 531 * in key objects only. */ 532 #define CKA_IBM_OPAQUE CKA_VENDOR_DEFINED + 1 533 534 #define CKA_IBM_RESTRICTABLE (CKA_VENDOR_DEFINED +0x10001) 535 #define CKA_IBM_NEVER_MODIFIABLE (CKA_VENDOR_DEFINED +0x10002) 536 #define CKA_IBM_RETAINKEY (CKA_VENDOR_DEFINED +0x10003) 537 #define CKA_IBM_ATTRBOUND (CKA_VENDOR_DEFINED +0x10004) 538 #define CKA_IBM_KEYTYPE (CKA_VENDOR_DEFINED +0x10005) 539 #define CKA_IBM_CV (CKA_VENDOR_DEFINED +0x10006) 540 #define CKA_IBM_MACKEY (CKA_VENDOR_DEFINED +0x10007) 541 #define CKA_IBM_USE_AS_DATA (CKA_VENDOR_DEFINED +0x10008) 542 #define CKA_IBM_STRUCT_PARAMS (CKA_VENDOR_DEFINED +0x10009) 543 #define CKA_IBM_STD_COMPLIANCE1 (CKA_VENDOR_DEFINED +0x1000a) 544 545 /* For NSS 3.30: */ 546 #define NSSCK_VENDOR_NSS 0x4E534350 547 #define CKA_NSS (CKA_VENDOR_DEFINED | NSSCK_VENDOR_NSS) 548 #define CKA_NSS_MOZILLA_CA_POLICY (CKA_NSS + 34) 549 550 /* CK_ATTRIBUTE is a structure that includes the type, length 551 * and value of an attribute */ 552 typedef struct CK_ATTRIBUTE { 553 CK_ATTRIBUTE_TYPE type; 554 CK_VOID_PTR pValue; 555 556 /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ 557 CK_ULONG ulValueLen; /* in bytes */ 558 } CK_ATTRIBUTE; 559 560 typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; 561 562 563 /* CK_DATE is a structure that defines a date */ 564 typedef struct CK_DATE { 565 CK_CHAR year[4]; /* the year ("1900" - "9999") */ 566 CK_CHAR month[2]; /* the month ("01" - "12") */ 567 CK_CHAR day[2]; /* the day ("01" - "31") */ 568 } CK_DATE; 569 570 571 /* CK_MECHANISM_TYPE is a value that identifies a mechanism 572 * type */ 573 /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for 574 * v2.0 */ 575 typedef CK_ULONG CK_MECHANISM_TYPE; 576 577 /* the following mechanism types are defined: */ 578 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 579 #define CKM_RSA_PKCS 0x00000001 580 #define CKM_RSA_9796 0x00000002 581 #define CKM_RSA_X_509 0x00000003 582 583 /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS 584 * are new for v2.0. They are mechanisms which hash and sign */ 585 #define CKM_MD2_RSA_PKCS 0x00000004 586 #define CKM_MD5_RSA_PKCS 0x00000005 587 #define CKM_SHA1_RSA_PKCS 0x00000006 588 /* The following are new for v2.11: */ 589 #define CKM_RIPEMD128_RSA_PKCS 0x00000007 590 #define CKM_RIPEMD160_RSA_PKCS 0x00000008 591 #define CKM_RSA_PKCS_OAEP 0x00000009 592 #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A 593 #define CKM_RSA_X9_31 0x0000000B 594 #define CKM_SHA1_RSA_X9_31 0x0000000C 595 #define CKM_RSA_PKCS_PSS 0x0000000D 596 #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E 597 598 #define CKM_DSA_KEY_PAIR_GEN 0x00000010 599 #define CKM_DSA 0x00000011 600 #define CKM_DSA_SHA1 0x00000012 601 #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 602 #define CKM_DH_PKCS_DERIVE 0x00000021 603 /* The following are new for v2.11 */ 604 #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 605 #define CKM_X9_42_DH_DERIVE 0x00000031 606 #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 607 #define CKM_X9_42_MQV_DERIVE 0x00000033 608 609 #define CKM_SHA224_RSA_PKCS 0x00000046 610 #define CKM_SHA256_RSA_PKCS 0x00000040 611 #define CKM_SHA384_RSA_PKCS 0x00000041 612 #define CKM_SHA512_RSA_PKCS 0x00000042 613 614 #define CKM_SHA224_RSA_PKCS_PSS 0x00000047 615 #define CKM_SHA256_RSA_PKCS_PSS 0x00000043 616 #define CKM_SHA384_RSA_PKCS_PSS 0x00000044 617 #define CKM_SHA512_RSA_PKCS_PSS 0x00000045 618 619 #define CKM_RC2_KEY_GEN 0x00000100 620 #define CKM_RC2_ECB 0x00000101 621 #define CKM_RC2_CBC 0x00000102 622 #define CKM_RC2_MAC 0x00000103 623 624 /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ 625 #define CKM_RC2_MAC_GENERAL 0x00000104 626 #define CKM_RC2_CBC_PAD 0x00000105 627 628 #define CKM_RC4_KEY_GEN 0x00000110 629 #define CKM_RC4 0x00000111 630 #define CKM_DES_KEY_GEN 0x00000120 631 #define CKM_DES_ECB 0x00000121 632 #define CKM_DES_CBC 0x00000122 633 #define CKM_DES_MAC 0x00000123 634 635 /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ 636 #define CKM_DES_MAC_GENERAL 0x00000124 637 #define CKM_DES_CBC_PAD 0x00000125 638 639 #define CKM_DES2_KEY_GEN 0x00000130 640 #define CKM_DES3_KEY_GEN 0x00000131 641 #define CKM_DES3_ECB 0x00000132 642 #define CKM_DES3_CBC 0x00000133 643 #define CKM_DES3_MAC 0x00000134 644 645 /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, 646 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, 647 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ 648 #define CKM_DES3_MAC_GENERAL 0x00000135 649 #define CKM_DES3_CBC_PAD 0x00000136 650 #define CKM_CDMF_KEY_GEN 0x00000140 651 #define CKM_CDMF_ECB 0x00000141 652 #define CKM_CDMF_CBC 0x00000142 653 #define CKM_CDMF_MAC 0x00000143 654 #define CKM_CDMF_MAC_GENERAL 0x00000144 655 #define CKM_CDMF_CBC_PAD 0x00000145 656 657 #define CKM_DES_OFB64 0x00000150 658 #define CKM_DES_CFB64 0x00000152 659 #define CKM_DES_CFB8 0x00000153 660 661 #define CKM_MD2 0x00000200 662 663 /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ 664 #define CKM_MD2_HMAC 0x00000201 665 #define CKM_MD2_HMAC_GENERAL 0x00000202 666 667 #define CKM_MD5 0x00000210 668 669 /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ 670 #define CKM_MD5_HMAC 0x00000211 671 #define CKM_MD5_HMAC_GENERAL 0x00000212 672 673 #define CKM_SHA_1 0x00000220 674 675 /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ 676 #define CKM_SHA_1_HMAC 0x00000221 677 #define CKM_SHA_1_HMAC_GENERAL 0x00000222 678 679 /* The following are new for v2.11 */ 680 #define CKM_RIPEMD128 0x00000230 681 #define CKM_RIPEMD128_HMAC 0x00000231 682 #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 683 #define CKM_RIPEMD160 0x00000240 684 #define CKM_RIPEMD160_HMAC 0x00000241 685 #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 686 687 #define CKM_SHA256 0x00000250 688 #define CKM_SHA256_HMAC 0x00000251 689 #define CKM_SHA256_HMAC_GENERAL 0x00000252 690 #define CKM_SHA224 0x00000255 691 #define CKM_SHA224_HMAC 0x00000256 692 #define CKM_SHA224_HMAC_GENERAL 0x00000257 693 #define CKM_SHA384 0x00000260 694 #define CKM_SHA384_HMAC 0x00000261 695 #define CKM_SHA384_HMAC_GENERAL 0x00000262 696 #define CKM_SHA512 0x00000270 697 #define CKM_SHA512_HMAC 0x00000271 698 #define CKM_SHA512_HMAC_GENERAL 0x00000272 699 700 #define CKM_SHA512_224 0x00000048 701 #define CKM_SHA512_224_HMAC 0x00000049 702 #define CKM_SHA512_224_HMAC_GENERAL 0x0000004A 703 #define CKM_SHA512_256 0x0000004C 704 #define CKM_SHA512_256_HMAC 0x0000004D 705 #define CKM_SHA512_256_HMAC_GENERAL 0x0000004E 706 707 /* All of the following mechanisms are new for v2.0 */ 708 /* Note that CAST128 and CAST5 are the same algorithm */ 709 #define CKM_CAST_KEY_GEN 0x00000300 710 #define CKM_CAST_ECB 0x00000301 711 #define CKM_CAST_CBC 0x00000302 712 #define CKM_CAST_MAC 0x00000303 713 #define CKM_CAST_MAC_GENERAL 0x00000304 714 #define CKM_CAST_CBC_PAD 0x00000305 715 #define CKM_CAST3_KEY_GEN 0x00000310 716 #define CKM_CAST3_ECB 0x00000311 717 #define CKM_CAST3_CBC 0x00000312 718 #define CKM_CAST3_MAC 0x00000313 719 #define CKM_CAST3_MAC_GENERAL 0x00000314 720 #define CKM_CAST3_CBC_PAD 0x00000315 721 #define CKM_CAST5_KEY_GEN 0x00000320 722 #define CKM_CAST128_KEY_GEN 0x00000320 723 #define CKM_CAST5_ECB 0x00000321 724 #define CKM_CAST128_ECB 0x00000321 725 #define CKM_CAST5_CBC 0x00000322 726 #define CKM_CAST128_CBC 0x00000322 727 #define CKM_CAST5_MAC 0x00000323 728 #define CKM_CAST128_MAC 0x00000323 729 #define CKM_CAST5_MAC_GENERAL 0x00000324 730 #define CKM_CAST128_MAC_GENERAL 0x00000324 731 #define CKM_CAST5_CBC_PAD 0x00000325 732 #define CKM_CAST128_CBC_PAD 0x00000325 733 #define CKM_RC5_KEY_GEN 0x00000330 734 #define CKM_RC5_ECB 0x00000331 735 #define CKM_RC5_CBC 0x00000332 736 #define CKM_RC5_MAC 0x00000333 737 #define CKM_RC5_MAC_GENERAL 0x00000334 738 #define CKM_RC5_CBC_PAD 0x00000335 739 #define CKM_IDEA_KEY_GEN 0x00000340 740 #define CKM_IDEA_ECB 0x00000341 741 #define CKM_IDEA_CBC 0x00000342 742 #define CKM_IDEA_MAC 0x00000343 743 #define CKM_IDEA_MAC_GENERAL 0x00000344 744 #define CKM_IDEA_CBC_PAD 0x00000345 745 #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 746 #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 747 #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 748 #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 749 #define CKM_XOR_BASE_AND_DATA 0x00000364 750 #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 751 #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 752 #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 753 #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 754 /* The following are new for v2.11 */ 755 #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 756 #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 757 #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 758 #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 759 #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 760 761 #define CKM_SSL3_MD5_MAC 0x00000380 762 #define CKM_SSL3_SHA1_MAC 0x00000381 763 #define CKM_MD5_KEY_DERIVATION 0x00000390 764 #define CKM_MD2_KEY_DERIVATION 0x00000391 765 #define CKM_SHA1_KEY_DERIVATION 0x00000392 766 #define CKM_SHA224_KEY_DERIVATION 0x00000396 767 #define CKM_SHA256_KEY_DERIVATION 0x00000393 768 #define CKM_SHA384_KEY_DERIVATION 0x00000394 769 #define CKM_SHA512_KEY_DERIVATION 0x00000395 770 #define CKM_PBE_MD2_DES_CBC 0x000003A0 771 #define CKM_PBE_MD5_DES_CBC 0x000003A1 772 #define CKM_PBE_MD5_CAST_CBC 0x000003A2 773 #define CKM_PBE_MD5_CAST3_CBC 0x000003A3 774 #define CKM_PBE_MD5_CAST5_CBC 0x000003A4 775 #define CKM_PBE_MD5_CAST128_CBC 0x000003A4 776 #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 777 #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 778 #define CKM_PBE_SHA1_RC4_128 0x000003A6 779 #define CKM_PBE_SHA1_RC4_40 0x000003A7 780 #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 781 #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 782 #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA 783 #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB 784 /* CKM_PKCS5_PBKD2 is new for v2.11 */ 785 #define CKM_PKCS5_PBKD2 0x000003B0 786 #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 787 #define CKM_KEY_WRAP_LYNKS 0x00000400 788 #define CKM_KEY_WRAP_SET_OAEP 0x00000401 789 790 /* Fortezza mechanisms */ 791 #define CKM_SKIPJACK_KEY_GEN 0x00001000 792 #define CKM_SKIPJACK_ECB64 0x00001001 793 #define CKM_SKIPJACK_CBC64 0x00001002 794 #define CKM_SKIPJACK_OFB64 0x00001003 795 #define CKM_SKIPJACK_CFB64 0x00001004 796 #define CKM_SKIPJACK_CFB32 0x00001005 797 #define CKM_SKIPJACK_CFB16 0x00001006 798 #define CKM_SKIPJACK_CFB8 0x00001007 799 #define CKM_SKIPJACK_WRAP 0x00001008 800 #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 801 #define CKM_SKIPJACK_RELAYX 0x0000100a 802 #define CKM_KEA_KEY_PAIR_GEN 0x00001010 803 #define CKM_KEA_KEY_DERIVE 0x00001011 804 #define CKM_FORTEZZA_TIMESTAMP 0x00001020 805 #define CKM_BATON_KEY_GEN 0x00001030 806 #define CKM_BATON_ECB128 0x00001031 807 #define CKM_BATON_ECB96 0x00001032 808 #define CKM_BATON_CBC128 0x00001033 809 #define CKM_BATON_COUNTER 0x00001034 810 #define CKM_BATON_SHUFFLE 0x00001035 811 #define CKM_BATON_WRAP 0x00001036 812 813 /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, 814 * CKM_EC_KEY_PAIR_GEN is preferred. */ 815 #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 816 #define CKM_EC_KEY_PAIR_GEN 0x00001040 817 #define CKM_ECDSA 0x00001041 818 #define CKM_ECDSA_SHA1 0x00001042 819 /* The following are new for v2.3 */ 820 #define CKM_ECDSA_SHA224 0x00001043 821 #define CKM_ECDSA_SHA256 0x00001044 822 #define CKM_ECDSA_SHA384 0x00001045 823 #define CKM_ECDSA_SHA512 0x00001046 824 /* The following are new for v2.11 */ 825 #define CKM_ECDH1_DERIVE 0x00001050 826 #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 827 #define CKM_ECMQV_DERIVE 0x00001052 828 829 #define CKM_JUNIPER_KEY_GEN 0x00001060 830 #define CKM_JUNIPER_ECB128 0x00001061 831 #define CKM_JUNIPER_CBC128 0x00001062 832 #define CKM_JUNIPER_COUNTER 0x00001063 833 #define CKM_JUNIPER_SHUFFLE 0x00001064 834 #define CKM_JUNIPER_WRAP 0x00001065 835 #define CKM_FASTHASH 0x00001070 836 /* The following are new for v2.11 */ 837 #define CKM_AES_KEY_GEN 0x00001080 838 #define CKM_AES_ECB 0x00001081 839 #define CKM_AES_CBC 0x00001082 840 #define CKM_AES_MAC 0x00001083 841 #define CKM_AES_MAC_GENERAL 0x00001084 842 #define CKM_AES_CBC_PAD 0x00001085 843 #define CKM_AES_CTR 0x00001086 844 #define CKM_AES_GCM 0x00001087 845 #define CKM_DSA_PARAMETER_GEN 0x00002000 846 #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 847 #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 848 849 #define CKM_AES_OFB 0x00002104 850 #define CKM_AES_CFB64 0x00002105 851 #define CKM_AES_CFB8 0x00002106 852 #define CKM_AES_CFB128 0x00002107 853 854 #define CKM_VENDOR_DEFINED 0x80000000 855 856 typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; 857 858 859 /* CK_MECHANISM is a structure that specifies a particular 860 * mechanism */ 861 typedef struct CK_MECHANISM { 862 CK_MECHANISM_TYPE mechanism; 863 CK_VOID_PTR pParameter; 864 865 /* ulParameterLen was changed from CK_USHORT to CK_ULONG for 866 * v2.0 */ 867 CK_ULONG ulParameterLen; /* in bytes */ 868 } CK_MECHANISM; 869 870 typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; 871 872 873 /* CK_MECHANISM_INFO provides information about a particular 874 * mechanism */ 875 typedef struct CK_MECHANISM_INFO { 876 CK_ULONG ulMinKeySize; 877 CK_ULONG ulMaxKeySize; 878 CK_FLAGS flags; 879 } CK_MECHANISM_INFO; 880 881 /* The flags are defined as follows: 882 * Bit Flag Mask Meaning */ 883 #define CKF_HW 0x00000001 /* performed by HW */ 884 885 /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, 886 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, 887 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, 888 * and CKF_DERIVE are new for v2.0. They specify whether or not 889 * a mechanism can be used for a particular task */ 890 #define CKF_ENCRYPT 0x00000100 891 #define CKF_DECRYPT 0x00000200 892 #define CKF_DIGEST 0x00000400 893 #define CKF_SIGN 0x00000800 894 #define CKF_SIGN_RECOVER 0x00001000 895 #define CKF_VERIFY 0x00002000 896 #define CKF_VERIFY_RECOVER 0x00004000 897 #define CKF_GENERATE 0x00008000 898 #define CKF_GENERATE_KEY_PAIR 0x00010000 899 #define CKF_WRAP 0x00020000 900 #define CKF_UNWRAP 0x00040000 901 #define CKF_DERIVE 0x00080000 902 /* The following are new for v2.11 */ 903 #define CKF_EC_F_P 0x00100000 904 #define CKF_EC_F_2M 0x00200000 905 #define CKF_EC_ECPARAMETERS 0x00400000 906 #define CKF_EC_NAMEDCURVE 0x00800000 907 #define CKF_EC_UNCOMPRESS 0x01000000 908 #define CKF_EC_COMPRESS 0x02000000 909 910 #define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */ 911 912 typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; 913 914 915 /* CK_RV is a value that identifies the return value of a 916 * Cryptoki function */ 917 /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ 918 typedef CK_ULONG CK_RV; 919 920 #define CKR_OK 0x00000000 921 #define CKR_CANCEL 0x00000001 922 #define CKR_HOST_MEMORY 0x00000002 923 #define CKR_SLOT_ID_INVALID 0x00000003 924 925 /* CKR_FLAGS_INVALID was removed for v2.0 */ 926 927 /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ 928 #define CKR_GENERAL_ERROR 0x00000005 929 #define CKR_FUNCTION_FAILED 0x00000006 930 931 /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, 932 * and CKR_CANT_LOCK are new for v2.01 */ 933 #define CKR_ARGUMENTS_BAD 0x00000007 934 #define CKR_NO_EVENT 0x00000008 935 #define CKR_NEED_TO_CREATE_THREADS 0x00000009 936 #define CKR_CANT_LOCK 0x0000000A 937 938 #define CKR_ATTRIBUTE_READ_ONLY 0x00000010 939 #define CKR_ATTRIBUTE_SENSITIVE 0x00000011 940 #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 941 #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 942 #define CKR_DATA_INVALID 0x00000020 943 #define CKR_DATA_LEN_RANGE 0x00000021 944 #define CKR_DEVICE_ERROR 0x00000030 945 #define CKR_DEVICE_MEMORY 0x00000031 946 #define CKR_DEVICE_REMOVED 0x00000032 947 #define CKR_ENCRYPTED_DATA_INVALID 0x00000040 948 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 949 #define CKR_FUNCTION_CANCELED 0x00000050 950 #define CKR_FUNCTION_NOT_PARALLEL 0x00000051 951 952 /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ 953 #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 954 955 #define CKR_KEY_HANDLE_INVALID 0x00000060 956 957 /* CKR_KEY_SENSITIVE was removed for v2.0 */ 958 959 #define CKR_KEY_SIZE_RANGE 0x00000062 960 #define CKR_KEY_TYPE_INCONSISTENT 0x00000063 961 962 /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, 963 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, 964 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for 965 * v2.0 */ 966 #define CKR_KEY_NOT_NEEDED 0x00000064 967 #define CKR_KEY_CHANGED 0x00000065 968 #define CKR_KEY_NEEDED 0x00000066 969 #define CKR_KEY_INDIGESTIBLE 0x00000067 970 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 971 #define CKR_KEY_NOT_WRAPPABLE 0x00000069 972 #define CKR_KEY_UNEXTRACTABLE 0x0000006A 973 974 #define CKR_MECHANISM_INVALID 0x00000070 975 #define CKR_MECHANISM_PARAM_INVALID 0x00000071 976 977 /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID 978 * were removed for v2.0 */ 979 #define CKR_OBJECT_HANDLE_INVALID 0x00000082 980 #define CKR_OPERATION_ACTIVE 0x00000090 981 #define CKR_OPERATION_NOT_INITIALIZED 0x00000091 982 #define CKR_PIN_INCORRECT 0x000000A0 983 #define CKR_PIN_INVALID 0x000000A1 984 #define CKR_PIN_LEN_RANGE 0x000000A2 985 986 /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ 987 #define CKR_PIN_EXPIRED 0x000000A3 988 #define CKR_PIN_LOCKED 0x000000A4 989 990 #define CKR_SESSION_CLOSED 0x000000B0 991 #define CKR_SESSION_COUNT 0x000000B1 992 #define CKR_SESSION_HANDLE_INVALID 0x000000B3 993 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 994 #define CKR_SESSION_READ_ONLY 0x000000B5 995 #define CKR_SESSION_EXISTS 0x000000B6 996 997 /* CKR_SESSION_READ_ONLY_EXISTS and 998 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ 999 #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 1000 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 1001 1002 #define CKR_SIGNATURE_INVALID 0x000000C0 1003 #define CKR_SIGNATURE_LEN_RANGE 0x000000C1 1004 #define CKR_TEMPLATE_INCOMPLETE 0x000000D0 1005 #define CKR_TEMPLATE_INCONSISTENT 0x000000D1 1006 #define CKR_TOKEN_NOT_PRESENT 0x000000E0 1007 #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 1008 #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 1009 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 1010 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 1011 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 1012 #define CKR_USER_ALREADY_LOGGED_IN 0x00000100 1013 #define CKR_USER_NOT_LOGGED_IN 0x00000101 1014 #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 1015 #define CKR_USER_TYPE_INVALID 0x00000103 1016 1017 /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES 1018 * are new to v2.01 */ 1019 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 1020 #define CKR_USER_TOO_MANY_TYPES 0x00000105 1021 1022 #define CKR_WRAPPED_KEY_INVALID 0x00000110 1023 #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 1024 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 1025 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 1026 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 1027 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 1028 1029 /* These are new to v2.0 */ 1030 #define CKR_RANDOM_NO_RNG 0x00000121 1031 /* CKR_DOMAIN_PARAMS_INVALID is new for v2.11 */ 1032 #define CKR_DOMAIN_PARAMS_INVALID 0x00000130 1033 /* CKR_CURVE_NOT_SUPPORTED is new for v2.40 */ 1034 #define CKR_CURVE_NOT_SUPPORTED 0x00000140 1035 #define CKR_BUFFER_TOO_SMALL 0x00000150 1036 #define CKR_SAVED_STATE_INVALID 0x00000160 1037 #define CKR_INFORMATION_SENSITIVE 0x00000170 1038 #define CKR_STATE_UNSAVEABLE 0x00000180 1039 1040 /* These are new to v2.01 */ 1041 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 1042 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 1043 #define CKR_MUTEX_BAD 0x000001A0 1044 #define CKR_MUTEX_NOT_LOCKED 0x000001A1 1045 1046 /* CKR_FUNCTION_REJECTED is new for v2.20 */ 1047 #define CKR_FUNCTION_REJECTED 0x00000200 1048 1049 #define CKR_VENDOR_DEFINED 0x80000000 1050 1051 1052 /* CK_NOTIFY is an application callback that processes events */ 1053 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( 1054 CK_SESSION_HANDLE hSession, /* the session's handle */ 1055 CK_NOTIFICATION event, 1056 CK_VOID_PTR pApplication /* passed to C_OpenSession */ 1057 ); 1058 1059 /* CK_CREATEMUTEX is an application callback for creating a 1060 * mutex object */ 1061 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( 1062 CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ 1063 ); 1064 1065 1066 /* CK_DESTROYMUTEX is an application callback for destroying a 1067 * mutex object */ 1068 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( 1069 CK_VOID_PTR pMutex /* pointer to mutex */ 1070 ); 1071 1072 1073 /* CK_LOCKMUTEX is an application callback for locking a mutex */ 1074 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( 1075 CK_VOID_PTR pMutex /* pointer to mutex */ 1076 ); 1077 1078 1079 /* CK_UNLOCKMUTEX is an application callback for unlocking a 1080 * mutex */ 1081 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( 1082 CK_VOID_PTR pMutex /* pointer to mutex */ 1083 ); 1084 1085 1086 /* CK_C_INITIALIZE_ARGS provides the optional arguments to 1087 * C_Initialize */ 1088 // SAB the mutex ones had pf infront previously.. 1089 // The spec says otherwise. 1090 typedef struct CK_C_INITIALIZE_ARGS { 1091 CK_CREATEMUTEX CreateMutex; 1092 CK_DESTROYMUTEX DestroyMutex; 1093 CK_LOCKMUTEX LockMutex; 1094 CK_UNLOCKMUTEX UnlockMutex; 1095 CK_FLAGS flags; 1096 CK_VOID_PTR pReserved; 1097 } CK_C_INITIALIZE_ARGS; 1098 1099 /* flags: bit flags that provide capabilities of the slot 1100 * Bit Flag Mask Meaning 1101 */ 1102 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 1103 #define CKF_OS_LOCKING_OK 0x00000002 1104 1105 typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; 1106 1107 1108 /* additional flags for parameters to functions */ 1109 1110 /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ 1111 #define CKF_DONT_BLOCK 1 1112 1113 1114 /* CK_KEA_DERIVE_PARAMS provides the parameters to the 1115 * CKM_KEA_DERIVE mechanism */ 1116 /* CK_KEA_DERIVE_PARAMS is new for v2.0 */ 1117 typedef struct CK_KEA_DERIVE_PARAMS { 1118 CK_BBOOL isSender; 1119 CK_ULONG ulRandomLen; 1120 CK_BYTE_PTR pRandomA; 1121 CK_BYTE_PTR pRandomB; 1122 CK_ULONG ulPublicDataLen; 1123 CK_BYTE_PTR pPublicData; 1124 } CK_KEA_DERIVE_PARAMS; 1125 1126 typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; 1127 1128 1129 /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and 1130 * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just 1131 * holds the effective keysize */ 1132 typedef CK_ULONG CK_RC2_PARAMS; 1133 1134 typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; 1135 1136 1137 /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC 1138 * mechanism */ 1139 typedef struct CK_RC2_CBC_PARAMS { 1140 /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for 1141 * v2.0 */ 1142 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 1143 1144 CK_BYTE iv[8]; /* IV for CBC mode */ 1145 } CK_RC2_CBC_PARAMS; 1146 1147 typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; 1148 1149 1150 /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the 1151 * CKM_RC2_MAC_GENERAL mechanism */ 1152 /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ 1153 typedef struct CK_RC2_MAC_GENERAL_PARAMS { 1154 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 1155 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 1156 } CK_RC2_MAC_GENERAL_PARAMS; 1157 1158 typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR CK_RC2_MAC_GENERAL_PARAMS_PTR; 1159 1160 1161 /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and 1162 * CKM_RC5_MAC mechanisms */ 1163 /* CK_RC5_PARAMS is new for v2.0 */ 1164 typedef struct CK_RC5_PARAMS { 1165 CK_ULONG ulWordsize; /* wordsize in bits */ 1166 CK_ULONG ulRounds; /* number of rounds */ 1167 } CK_RC5_PARAMS; 1168 1169 typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; 1170 1171 /* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 1172 typedef struct CK_AES_CTR_PARAMS { 1173 CK_ULONG ulCounterBits; 1174 CK_BYTE cb[16]; 1175 } CK_AES_CTR_PARAMS; 1176 1177 typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; 1178 1179 typedef struct CK_GCM_PARAMS { 1180 CK_BYTE_PTR pIv; 1181 CK_ULONG ulIvLen; 1182 CK_BYTE_PTR pAAD; 1183 CK_ULONG ulAADLen; 1184 CK_ULONG ulTagBits; 1185 } CK_GCM_PARAMS; 1186 1187 typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR; 1188 1189 /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC 1190 * mechanism */ 1191 /* CK_RC5_CBC_PARAMS is new for v2.0 */ 1192 typedef struct CK_RC5_CBC_PARAMS { 1193 CK_ULONG ulWordsize; /* wordsize in bits */ 1194 CK_ULONG ulRounds; /* number of rounds */ 1195 CK_BYTE_PTR pIv; /* pointer to IV */ 1196 CK_ULONG ulIvLen; /* length of IV in bytes */ 1197 } CK_RC5_CBC_PARAMS; 1198 1199 typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; 1200 1201 1202 /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the 1203 * CKM_RC5_MAC_GENERAL mechanism */ 1204 /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ 1205 typedef struct CK_RC5_MAC_GENERAL_PARAMS { 1206 CK_ULONG ulWordsize; /* wordsize in bits */ 1207 CK_ULONG ulRounds; /* number of rounds */ 1208 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 1209 } CK_RC5_MAC_GENERAL_PARAMS; 1210 1211 typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR CK_RC5_MAC_GENERAL_PARAMS_PTR; 1212 1213 1214 /* CK_MAC_GENERAL_PARAMS provides the parameters to most block 1215 * ciphers' MAC_GENERAL mechanisms. Its value is the length of 1216 * the MAC */ 1217 /* CK_MAC_GENERAL_PARAMS is new for v2.0 */ 1218 typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 1219 1220 typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; 1221 1222 1223 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the 1224 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ 1225 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ 1226 typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { 1227 CK_ULONG ulPasswordLen; 1228 CK_BYTE_PTR pPassword; 1229 CK_ULONG ulPublicDataLen; 1230 CK_BYTE_PTR pPublicData; 1231 CK_ULONG ulPAndGLen; 1232 CK_ULONG ulQLen; 1233 CK_ULONG ulRandomLen; 1234 CK_BYTE_PTR pRandomA; 1235 CK_BYTE_PTR pPrimeP; 1236 CK_BYTE_PTR pBaseG; 1237 CK_BYTE_PTR pSubprimeQ; 1238 } CK_SKIPJACK_PRIVATE_WRAP_PARAMS; 1239 1240 typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR CK_SKIPJACK_PRIVATE_WRAP_PTR; 1241 1242 1243 /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the 1244 * CKM_SKIPJACK_RELAYX mechanism */ 1245 /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ 1246 typedef struct CK_SKIPJACK_RELAYX_PARAMS { 1247 CK_ULONG ulOldWrappedXLen; 1248 CK_BYTE_PTR pOldWrappedX; 1249 CK_ULONG ulOldPasswordLen; 1250 CK_BYTE_PTR pOldPassword; 1251 CK_ULONG ulOldPublicDataLen; 1252 CK_BYTE_PTR pOldPublicData; 1253 CK_ULONG ulOldRandomLen; 1254 CK_BYTE_PTR pOldRandomA; 1255 CK_ULONG ulNewPasswordLen; 1256 CK_BYTE_PTR pNewPassword; 1257 CK_ULONG ulNewPublicDataLen; 1258 CK_BYTE_PTR pNewPublicData; 1259 CK_ULONG ulNewRandomLen; 1260 CK_BYTE_PTR pNewRandomA; 1261 } CK_SKIPJACK_RELAYX_PARAMS; 1262 1263 typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR CK_SKIPJACK_RELAYX_PARAMS_PTR; 1264 1265 1266 typedef struct CK_PBE_PARAMS { 1267 CK_CHAR_PTR pInitVector; 1268 CK_CHAR_PTR pPassword; 1269 CK_ULONG ulPasswordLen; 1270 CK_CHAR_PTR pSalt; 1271 CK_ULONG ulSaltLen; 1272 CK_ULONG ulIteration; 1273 } CK_PBE_PARAMS; 1274 1275 typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; 1276 1277 1278 /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the 1279 * CKM_KEY_WRAP_SET_OAEP mechanism */ 1280 /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ 1281 typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { 1282 CK_BYTE bBC; /* block contents byte */ 1283 CK_BYTE_PTR pX; /* extra data */ 1284 CK_ULONG ulXLen; /* length of extra data in bytes */ 1285 } CK_KEY_WRAP_SET_OAEP_PARAMS; 1286 1287 typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; 1288 1289 1290 typedef struct CK_SSL3_RANDOM_DATA { 1291 CK_BYTE_PTR pClientRandom; 1292 CK_ULONG ulClientRandomLen; 1293 CK_BYTE_PTR pServerRandom; 1294 CK_ULONG ulServerRandomLen; 1295 } CK_SSL3_RANDOM_DATA; 1296 1297 1298 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { 1299 CK_SSL3_RANDOM_DATA RandomInfo; 1300 CK_VERSION_PTR pVersion; 1301 } CK_SSL3_MASTER_KEY_DERIVE_PARAMS; 1302 1303 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR 1304 CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; 1305 1306 1307 typedef struct CK_SSL3_KEY_MAT_OUT { 1308 CK_OBJECT_HANDLE hClientMacSecret; 1309 CK_OBJECT_HANDLE hServerMacSecret; 1310 CK_OBJECT_HANDLE hClientKey; 1311 CK_OBJECT_HANDLE hServerKey; 1312 CK_BYTE_PTR pIVClient; 1313 CK_BYTE_PTR pIVServer; 1314 } CK_SSL3_KEY_MAT_OUT; 1315 1316 typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; 1317 1318 1319 typedef struct CK_SSL3_KEY_MAT_PARAMS { 1320 CK_ULONG ulMacSizeInBits; 1321 CK_ULONG ulKeySizeInBits; 1322 CK_ULONG ulIVSizeInBits; 1323 CK_BBOOL bIsExport; 1324 CK_SSL3_RANDOM_DATA RandomInfo; 1325 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 1326 } CK_SSL3_KEY_MAT_PARAMS; 1327 1328 typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; 1329 1330 1331 typedef struct CK_KEY_DERIVATION_STRING_DATA { 1332 CK_BYTE_PTR pData; 1333 CK_ULONG ulLen; 1334 } CK_KEY_DERIVATION_STRING_DATA; 1335 1336 typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR CK_KEY_DERIVATION_STRING_DATA_PTR; 1337 1338 1339 /* The CK_EXTRACT_PARAMS is used for the 1340 * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit 1341 * of the base key should be used as the first bit of the 1342 * derived key */ 1343 /* CK_EXTRACT_PARAMS is new for v2.0 */ 1344 typedef CK_ULONG CK_EXTRACT_PARAMS; 1345 1346 typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; 1347 1348 /* RSA mechanism OAEP encoding */ 1349 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 1350 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 1351 typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; 1352 /* PKCS#1 RSA OAEP Encoding Parameter Sources */ 1353 #define CKZ_DATA_SPECIFIED 0x00000001 1354 1355 /* PKCS#1 Mask Generation Functions */ 1356 #define CKG_MGF1_SHA1 0x00000001 1357 #define CKG_MGF1_SHA224 0x00000005 1358 #define CKG_MGF1_SHA256 0x00000002 1359 #define CKG_MGF1_SHA384 0x00000003 1360 #define CKG_MGF1_SHA512 0x00000004 1361 1362 typedef struct CK_RSA_PKCS_OAEP_PARAMS { 1363 CK_MECHANISM_TYPE hashAlg; 1364 CK_RSA_PKCS_MGF_TYPE mgf; 1365 CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 1366 CK_VOID_PTR pSourceData; 1367 CK_ULONG ulSourceDataLen; 1368 } CK_RSA_PKCS_OAEP_PARAMS; 1369 1370 typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; 1371 1372 typedef struct CK_RSA_PKCS_PSS_PARAMS { 1373 CK_MECHANISM_TYPE hashAlg; 1374 CK_RSA_PKCS_MGF_TYPE mgf; 1375 CK_ULONG sLen; 1376 } CK_RSA_PKCS_PSS_PARAMS; 1377 1378 typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; 1379 1380 /* ECDH mechanisms */ 1381 typedef CK_ULONG CK_EC_KDF_TYPE; 1382 1383 typedef struct CK_ECDH1_DERIVE_PARAMS { 1384 CK_EC_KDF_TYPE kdf; 1385 CK_ULONG ulSharedDataLen; 1386 CK_BYTE_PTR pSharedData; 1387 CK_ULONG ulPublicDataLen; 1388 CK_BYTE_PTR pPublicData; 1389 } CK_ECDH1_DERIVE_PARAMS; 1390 1391 /* EC key derivation functions */ 1392 #define CKD_NULL 0x00000001UL 1393 #define CKD_SHA1_KDF 0x00000002UL 1394 1395 /* X9.42 DH key derivation functions */ 1396 #define CKD_SHA1_KDF_ASN1 0x00000003UL 1397 #define CKD_SHA1_KDF_CONCATENATE 0x00000004UL 1398 #define CKD_SHA224_KDF 0x00000005UL 1399 #define CKD_SHA256_KDF 0x00000006UL 1400 #define CKD_SHA384_KDF 0x00000007UL 1401 #define CKD_SHA512_KDF 0x00000008UL 1402 1403 /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec 1404 * version and pointers of appropriate types to all the 1405 * Cryptoki functions */ 1406 /* CK_FUNCTION_LIST is new for v2.0 */ 1407 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 1408 1409 typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; 1410 1411 typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; 1412 1413 typedef CK_RV (CK_PTR CK_C_Initialize) (CK_VOID_PTR pReserved); 1414 typedef CK_RV (CK_PTR CK_C_Finalize) (CK_VOID_PTR pReserved); 1415 typedef CK_RV (CK_PTR CK_C_Terminate) (void); 1416 typedef CK_RV (CK_PTR CK_C_GetInfo) (CK_INFO_PTR pInfo); 1417 typedef CK_RV (CK_PTR CK_C_GetFunctionList) (CK_FUNCTION_LIST_PTR_PTR 1418 ppFunctionList); 1419 typedef CK_RV (CK_PTR CK_C_GetSlotList) (CK_BBOOL tokenPresent, 1420 CK_SLOT_ID_PTR pSlotList, 1421 CK_ULONG_PTR pusCount); 1422 typedef CK_RV (CK_PTR CK_C_GetSlotInfo) (CK_SLOT_ID slotID, 1423 CK_SLOT_INFO_PTR pInfo); 1424 typedef CK_RV (CK_PTR CK_C_GetTokenInfo) (CK_SLOT_ID slotID, 1425 CK_TOKEN_INFO_PTR pInfo); 1426 typedef CK_RV (CK_PTR CK_C_GetMechanismList) (CK_SLOT_ID slotID, 1427 CK_MECHANISM_TYPE_PTR 1428 pMechanismList, 1429 CK_ULONG_PTR pusCount); 1430 typedef CK_RV (CK_PTR CK_C_GetMechanismInfo) (CK_SLOT_ID slotID, 1431 CK_MECHANISM_TYPE type, 1432 CK_MECHANISM_INFO_PTR pInfo); 1433 typedef CK_RV (CK_PTR CK_C_InitToken) (CK_SLOT_ID slotID, 1434 CK_CHAR_PTR pPin, 1435 CK_ULONG usPinLen, CK_CHAR_PTR pLabel); 1436 typedef CK_RV (CK_PTR CK_C_InitPIN) (CK_SESSION_HANDLE hSession, 1437 CK_CHAR_PTR pPin, CK_ULONG usPinLen); 1438 typedef CK_RV (CK_PTR CK_C_SetPIN) (CK_SESSION_HANDLE hSession, 1439 CK_CHAR_PTR pOldPin, 1440 CK_ULONG usOldLen, 1441 CK_CHAR_PTR pNewPin, CK_ULONG usNewLen); 1442 typedef CK_RV (CK_PTR CK_C_OpenSession) (CK_SLOT_ID slotID, CK_FLAGS flags, 1443 CK_VOID_PTR pApplication, 1444 CK_RV (*Notify) 1445 (CK_SESSION_HANDLE hSession, 1446 CK_NOTIFICATION event, 1447 CK_VOID_PTR pApplication), 1448 CK_SESSION_HANDLE_PTR phSession); 1449 typedef CK_RV (CK_PTR CK_C_CloseSession) (CK_SESSION_HANDLE hSession); 1450 typedef CK_RV (CK_PTR CK_C_CloseAllSessions) (CK_SLOT_ID slotID); 1451 typedef CK_RV (CK_PTR CK_C_GetSessionInfo) (CK_SESSION_HANDLE hSession, 1452 CK_SESSION_INFO_PTR pInfo); 1453 typedef CK_RV (CK_PTR CK_C_GetOperationState) (CK_SESSION_HANDLE hSession, 1454 CK_BYTE_PTR pOperationState, 1455 CK_ULONG_PTR 1456 pulOperationStateLen); 1457 typedef CK_RV (CK_PTR CK_C_SetOperationState) (CK_SESSION_HANDLE hSession, 1458 CK_BYTE_PTR pOperationState, 1459 CK_ULONG ulOperationStateLen, 1460 CK_OBJECT_HANDLE hEncryptionKey, 1461 CK_OBJECT_HANDLE 1462 hAuthenticationKey); 1463 typedef CK_RV (CK_PTR CK_C_Login) (CK_SESSION_HANDLE hSession, 1464 CK_USER_TYPE userType, 1465 CK_CHAR_PTR pPin, CK_ULONG usPinLen); 1466 typedef CK_RV (CK_PTR CK_C_Logout) (CK_SESSION_HANDLE hSession); 1467 typedef CK_RV (CK_PTR CK_C_CreateObject) (CK_SESSION_HANDLE hSession, 1468 CK_ATTRIBUTE_PTR pTemplate, 1469 CK_ULONG usCount, 1470 CK_OBJECT_HANDLE_PTR phObject); 1471 typedef CK_RV (CK_PTR CK_C_CopyObject) (CK_SESSION_HANDLE hSession, 1472 CK_OBJECT_HANDLE hObject, 1473 CK_ATTRIBUTE_PTR pTemplate, 1474 CK_ULONG usCount, 1475 CK_OBJECT_HANDLE_PTR phNewObject); 1476 typedef CK_RV (CK_PTR CK_C_DestroyObject) (CK_SESSION_HANDLE hSession, 1477 CK_OBJECT_HANDLE hObject); 1478 typedef CK_RV (CK_PTR CK_C_GetObjectSize) (CK_SESSION_HANDLE hSession, 1479 CK_OBJECT_HANDLE hObject, 1480 CK_ULONG_PTR pusSize); 1481 typedef CK_RV (CK_PTR CK_C_GetAttributeValue) (CK_SESSION_HANDLE hSession, 1482 CK_OBJECT_HANDLE hObject, 1483 CK_ATTRIBUTE_PTR pTemplate, 1484 CK_ULONG usCount); 1485 typedef CK_RV (CK_PTR CK_C_SetAttributeValue) (CK_SESSION_HANDLE hSession, 1486 CK_OBJECT_HANDLE hObject, 1487 CK_ATTRIBUTE_PTR pTemplate, 1488 CK_ULONG usCount); 1489 typedef CK_RV (CK_PTR CK_C_FindObjectsInit) (CK_SESSION_HANDLE hSession, 1490 CK_ATTRIBUTE_PTR pTemplate, 1491 CK_ULONG usCount); 1492 typedef CK_RV (CK_PTR CK_C_FindObjects) (CK_SESSION_HANDLE hSession, 1493 CK_OBJECT_HANDLE_PTR phObject, 1494 CK_ULONG usMaxObjectCount, 1495 CK_ULONG_PTR pusObjectCount); 1496 typedef CK_RV (CK_PTR CK_C_FindObjectsFinal) (CK_SESSION_HANDLE hSession); 1497 typedef CK_RV (CK_PTR CK_C_EncryptInit) (CK_SESSION_HANDLE hSession, 1498 CK_MECHANISM_PTR pMechanism, 1499 CK_OBJECT_HANDLE hKey); 1500 typedef CK_RV (CK_PTR CK_C_Encrypt) (CK_SESSION_HANDLE hSession, 1501 CK_BYTE_PTR pData, 1502 CK_ULONG usDataLen, 1503 CK_BYTE_PTR pEncryptedData, 1504 CK_ULONG_PTR pusEncryptedDataLen); 1505 typedef CK_RV (CK_PTR CK_C_EncryptUpdate) (CK_SESSION_HANDLE hSession, 1506 CK_BYTE_PTR pPart, 1507 CK_ULONG usPartLen, 1508 CK_BYTE_PTR pEncryptedPart, 1509 CK_ULONG_PTR pusEncryptedPartLen); 1510 typedef CK_RV (CK_PTR CK_C_EncryptFinal) (CK_SESSION_HANDLE hSession, 1511 CK_BYTE_PTR pLastEncryptedPart, 1512 CK_ULONG_PTR pusLastEncryptedPartLen); 1513 typedef CK_RV (CK_PTR CK_C_DecryptInit) (CK_SESSION_HANDLE hSession, 1514 CK_MECHANISM_PTR pMechanism, 1515 CK_OBJECT_HANDLE hKey); 1516 typedef CK_RV (CK_PTR CK_C_Decrypt) (CK_SESSION_HANDLE hSession, 1517 CK_BYTE_PTR pEncryptedData, 1518 CK_ULONG usEncryptedDataLen, 1519 CK_BYTE_PTR pData, 1520 CK_ULONG_PTR pusDataLen); 1521 typedef CK_RV (CK_PTR CK_C_DecryptUpdate) (CK_SESSION_HANDLE hSession, 1522 CK_BYTE_PTR pEncryptedPart, 1523 CK_ULONG usEncryptedPartLen, 1524 CK_BYTE_PTR pPart, 1525 CK_ULONG_PTR pusPartLen); 1526 typedef CK_RV (CK_PTR CK_C_DecryptFinal) (CK_SESSION_HANDLE hSession, 1527 CK_BYTE_PTR pLastPart, 1528 CK_ULONG_PTR pusLastPartLen); 1529 typedef CK_RV (CK_PTR CK_C_DigestInit) (CK_SESSION_HANDLE hSession, 1530 CK_MECHANISM_PTR pMechanism); 1531 typedef CK_RV (CK_PTR CK_C_Digest) (CK_SESSION_HANDLE hSession, 1532 CK_BYTE_PTR pData, 1533 CK_ULONG usDataLen, 1534 CK_BYTE_PTR pDigest, 1535 CK_ULONG_PTR pusDigestLen); 1536 typedef CK_RV (CK_PTR CK_C_DigestUpdate) (CK_SESSION_HANDLE hSession, 1537 CK_BYTE_PTR pPart, 1538 CK_ULONG usPartLen); 1539 typedef CK_RV (CK_PTR CK_C_DigestKey) (CK_SESSION_HANDLE hSession, 1540 CK_OBJECT_HANDLE hKey); 1541 typedef CK_RV (CK_PTR CK_C_DigestFinal) (CK_SESSION_HANDLE hSession, 1542 CK_BYTE_PTR pDigest, 1543 CK_ULONG_PTR pusDigestLen); 1544 typedef CK_RV (CK_PTR CK_C_SignInit) (CK_SESSION_HANDLE hSession, 1545 CK_MECHANISM_PTR pMechanism, 1546 CK_OBJECT_HANDLE hKey); 1547 typedef CK_RV (CK_PTR CK_C_Sign) (CK_SESSION_HANDLE hSession, 1548 CK_BYTE_PTR pData, 1549 CK_ULONG usDataLen, 1550 CK_BYTE_PTR pSignature, 1551 CK_ULONG_PTR pusSignatureLen); 1552 typedef CK_RV (CK_PTR CK_C_SignUpdate) (CK_SESSION_HANDLE hSession, 1553 CK_BYTE_PTR pPart, CK_ULONG usPartLen); 1554 typedef CK_RV (CK_PTR CK_C_SignFinal) (CK_SESSION_HANDLE hSession, 1555 CK_BYTE_PTR pSignature, 1556 CK_ULONG_PTR pusSignatureLen); 1557 typedef CK_RV (CK_PTR CK_C_SignRecoverInit) (CK_SESSION_HANDLE hSession, 1558 CK_MECHANISM_PTR pMechanism, 1559 CK_OBJECT_HANDLE hKey); 1560 typedef CK_RV (CK_PTR CK_C_SignRecover) (CK_SESSION_HANDLE hSession, 1561 CK_BYTE_PTR pData, 1562 CK_ULONG usDataLen, 1563 CK_BYTE_PTR pSignature, 1564 CK_ULONG_PTR pusSignatureLen); 1565 typedef CK_RV (CK_PTR CK_C_VerifyInit) (CK_SESSION_HANDLE hSession, 1566 CK_MECHANISM_PTR pMechanism, 1567 CK_OBJECT_HANDLE hKey); 1568 typedef CK_RV (CK_PTR CK_C_Verify) (CK_SESSION_HANDLE hSession, 1569 CK_BYTE_PTR pData, 1570 CK_ULONG usDataLen, 1571 CK_BYTE_PTR pSignature, 1572 CK_ULONG usSignatureLen); 1573 typedef CK_RV (CK_PTR CK_C_VerifyUpdate) (CK_SESSION_HANDLE hSession, 1574 CK_BYTE_PTR pPart, 1575 CK_ULONG usPartLen); 1576 typedef CK_RV (CK_PTR CK_C_VerifyFinal) (CK_SESSION_HANDLE hSession, 1577 CK_BYTE_PTR pSignature, 1578 CK_ULONG usSignatureLen); 1579 typedef CK_RV (CK_PTR CK_C_VerifyRecoverInit) (CK_SESSION_HANDLE hSession, 1580 CK_MECHANISM_PTR pMechanism, 1581 CK_OBJECT_HANDLE hKey); 1582 typedef CK_RV (CK_PTR CK_C_VerifyRecover) (CK_SESSION_HANDLE hSession, 1583 CK_BYTE_PTR pSignature, 1584 CK_ULONG usSignatureLen, 1585 CK_BYTE_PTR pData, 1586 CK_ULONG_PTR pusDataLen); 1587 typedef CK_RV (CK_PTR CK_C_DigestEncryptUpdate) (CK_SESSION_HANDLE hSession, 1588 CK_BYTE_PTR pPart, 1589 CK_ULONG ulPartLen, 1590 CK_BYTE_PTR pEncryptedPart, 1591 CK_ULONG_PTR 1592 pulEncryptedPartLen); 1593 typedef CK_RV (CK_PTR CK_C_DecryptDigestUpdate) (CK_SESSION_HANDLE hSession, 1594 CK_BYTE_PTR pEncryptedPart, 1595 CK_ULONG ulEncryptedPartLen, 1596 CK_BYTE_PTR pPart, 1597 CK_ULONG_PTR pulPartLen); 1598 typedef CK_RV (CK_PTR CK_C_SignEncryptUpdate) (CK_SESSION_HANDLE hSession, 1599 CK_BYTE_PTR pPart, 1600 CK_ULONG ulPartLen, 1601 CK_BYTE_PTR pEncryptedPart, 1602 CK_ULONG_PTR 1603 pulEncryptedPartLen); 1604 typedef CK_RV (CK_PTR CK_C_DecryptVerifyUpdate) (CK_SESSION_HANDLE hSession, 1605 CK_BYTE_PTR pEncryptedPart, 1606 CK_ULONG ulEncryptedPartLen, 1607 CK_BYTE_PTR pPart, 1608 CK_ULONG_PTR pulPartLen); 1609 typedef CK_RV (CK_PTR CK_C_GenerateKey) (CK_SESSION_HANDLE hSession, 1610 CK_MECHANISM_PTR pMechanism, 1611 CK_ATTRIBUTE_PTR pTemplate, 1612 CK_ULONG usCount, 1613 CK_OBJECT_HANDLE_PTR phKey); 1614 typedef CK_RV (CK_PTR CK_C_GenerateKeyPair) (CK_SESSION_HANDLE hSession, 1615 CK_MECHANISM_PTR pMechanism, 1616 CK_ATTRIBUTE_PTR 1617 pPublicKeyTemplate, 1618 CK_ULONG usPublicKeyAttributeCount, 1619 CK_ATTRIBUTE_PTR 1620 pPrivateKeyTemplate, 1621 CK_ULONG 1622 usPrivateKeyAttributeCount, 1623 CK_OBJECT_HANDLE_PTR phPrivateKey, 1624 CK_OBJECT_HANDLE_PTR phPublicKey); 1625 typedef CK_RV (CK_PTR CK_C_WrapKey) (CK_SESSION_HANDLE hSession, 1626 CK_MECHANISM_PTR pMechanism, 1627 CK_OBJECT_HANDLE hWrappingKey, 1628 CK_OBJECT_HANDLE hKey, 1629 CK_BYTE_PTR pWrappedKey, 1630 CK_ULONG_PTR pusWrappedKeyLen); 1631 typedef CK_RV (CK_PTR CK_C_UnwrapKey) (CK_SESSION_HANDLE hSession, 1632 CK_MECHANISM_PTR pMechanism, 1633 CK_OBJECT_HANDLE hUnwrappingKey, 1634 CK_BYTE_PTR pWrappedKey, 1635 CK_ULONG usWrappedKeyLen, 1636 CK_ATTRIBUTE_PTR pTemplate, 1637 CK_ULONG usAttributeCount, 1638 CK_OBJECT_HANDLE_PTR phKey); 1639 typedef CK_RV (CK_PTR CK_C_DeriveKey) (CK_SESSION_HANDLE hSession, 1640 CK_MECHANISM_PTR pMechanism, 1641 CK_OBJECT_HANDLE hBaseKey, 1642 CK_ATTRIBUTE_PTR pTemplate, 1643 CK_ULONG usAttributeCount, 1644 CK_OBJECT_HANDLE_PTR phKey); 1645 typedef CK_RV (CK_PTR CK_C_SeedRandom) (CK_SESSION_HANDLE hSession, 1646 CK_BYTE_PTR pSeed, CK_ULONG usSeedLen); 1647 typedef CK_RV (CK_PTR CK_C_GenerateRandom) (CK_SESSION_HANDLE hSession, 1648 CK_BYTE_PTR pRandomData, 1649 CK_ULONG usRandomLen); 1650 typedef CK_RV (CK_PTR CK_C_GetFunctionStatus) (CK_SESSION_HANDLE hSession); 1651 typedef CK_RV (CK_PTR CK_C_CancelFunction) (CK_SESSION_HANDLE hSession); 1652 typedef CK_RV (CK_PTR CK_Notify) (CK_SESSION_HANDLE hSession, 1653 CK_NOTIFICATION event, 1654 CK_VOID_PTR pApplication); 1655 typedef CK_RV (CK_PTR CK_C_WaitForSlotEvent) (CK_FLAGS flags, 1656 CK_SLOT_ID_PTR pSlot, 1657 CK_VOID_PTR pReserved); 1658 1659 struct CK_FUNCTION_LIST { 1660 CK_VERSION version; 1661 CK_C_Initialize C_Initialize; 1662 CK_C_Finalize C_Finalize; 1663 CK_C_GetInfo C_GetInfo; 1664 CK_C_GetFunctionList C_GetFunctionList; 1665 CK_C_GetSlotList C_GetSlotList; 1666 CK_C_GetSlotInfo C_GetSlotInfo; 1667 CK_C_GetTokenInfo C_GetTokenInfo; 1668 CK_C_GetMechanismList C_GetMechanismList; 1669 CK_C_GetMechanismInfo C_GetMechanismInfo; 1670 CK_C_InitToken C_InitToken; 1671 CK_C_InitPIN C_InitPIN; 1672 CK_C_SetPIN C_SetPIN; 1673 CK_C_OpenSession C_OpenSession; 1674 CK_C_CloseSession C_CloseSession; 1675 CK_C_CloseAllSessions C_CloseAllSessions; 1676 CK_C_GetSessionInfo C_GetSessionInfo; 1677 CK_C_GetOperationState C_GetOperationState; 1678 CK_C_SetOperationState C_SetOperationState; 1679 CK_C_Login C_Login; 1680 CK_C_Logout C_Logout; 1681 CK_C_CreateObject C_CreateObject; 1682 CK_C_CopyObject C_CopyObject; 1683 CK_C_DestroyObject C_DestroyObject; 1684 CK_C_GetObjectSize C_GetObjectSize; 1685 CK_C_GetAttributeValue C_GetAttributeValue; 1686 CK_C_SetAttributeValue C_SetAttributeValue; 1687 CK_C_FindObjectsInit C_FindObjectsInit; 1688 CK_C_FindObjects C_FindObjects; 1689 CK_C_FindObjectsFinal C_FindObjectsFinal; 1690 CK_C_EncryptInit C_EncryptInit; 1691 CK_C_Encrypt C_Encrypt; 1692 CK_C_EncryptUpdate C_EncryptUpdate; 1693 CK_C_EncryptFinal C_EncryptFinal; 1694 CK_C_DecryptInit C_DecryptInit; 1695 CK_C_Decrypt C_Decrypt; 1696 CK_C_DecryptUpdate C_DecryptUpdate; 1697 CK_C_DecryptFinal C_DecryptFinal; 1698 CK_C_DigestInit C_DigestInit; 1699 CK_C_Digest C_Digest; 1700 CK_C_DigestUpdate C_DigestUpdate; 1701 CK_C_DigestKey C_DigestKey; 1702 CK_C_DigestFinal C_DigestFinal; 1703 CK_C_SignInit C_SignInit; 1704 CK_C_Sign C_Sign; 1705 CK_C_SignUpdate C_SignUpdate; 1706 CK_C_SignFinal C_SignFinal; 1707 CK_C_SignRecoverInit C_SignRecoverInit; 1708 CK_C_SignRecover C_SignRecover; 1709 CK_C_VerifyInit C_VerifyInit; 1710 CK_C_Verify C_Verify; 1711 CK_C_VerifyUpdate C_VerifyUpdate; 1712 CK_C_VerifyFinal C_VerifyFinal; 1713 CK_C_VerifyRecoverInit C_VerifyRecoverInit; 1714 CK_C_VerifyRecover C_VerifyRecover; 1715 CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; 1716 CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; 1717 CK_C_SignEncryptUpdate C_SignEncryptUpdate; 1718 CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; 1719 CK_C_GenerateKey C_GenerateKey; 1720 CK_C_GenerateKeyPair C_GenerateKeyPair; 1721 CK_C_WrapKey C_WrapKey; 1722 CK_C_UnwrapKey C_UnwrapKey; 1723 CK_C_DeriveKey C_DeriveKey; 1724 CK_C_SeedRandom C_SeedRandom; 1725 CK_C_GenerateRandom C_GenerateRandom; 1726 CK_C_GetFunctionStatus C_GetFunctionStatus; 1727 CK_C_CancelFunction C_CancelFunction; 1728 CK_C_WaitForSlotEvent C_WaitForSlotEvent; 1729 }; 1730 1731 #ifdef __cplusplus 1732 } 1733 #endif 1734 1735 #endif // _PKCS11TYPES_H_ 1736