1 /* 2 * sc-pkcs11.h: OpenSC project's PKCS#11 implementation header 3 * 4 * Copyright (C) 2002 Timo Teräs <timo.teras@iki.fi> 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 */ 20 21 #ifndef __sc_pkcs11_h__ 22 #define __sc_pkcs11_h__ 23 24 #include "config.h" 25 26 #include "libopensc/opensc.h" 27 #include "libopensc/pkcs15.h" 28 #include "libopensc/log.h" 29 30 #define CRYPTOKI_EXPORTS 31 #include "pkcs11.h" 32 #include "pkcs11-opensc.h" 33 #include "pkcs11-display.h" 34 35 #ifdef __cplusplus 36 extern "C" { 37 #endif 38 39 #define SC_PKCS11_PIN_UNBLOCK_NOT_ALLOWED 0 40 #define SC_PKCS11_PIN_UNBLOCK_UNLOGGED_SETPIN 1 41 #define SC_PKCS11_PIN_UNBLOCK_SCONTEXT_SETPIN 2 42 #define SC_PKCS11_PIN_UNBLOCK_SO_LOGGED_INITPIN 3 43 44 #define SC_PKCS11_SLOT_FOR_PIN_USER 1 45 #define SC_PKCS11_SLOT_FOR_PIN_SIGN 2 46 #define SC_PKCS11_SLOT_CREATE_ALL 8 47 48 #define SC_PKCS11_SLOT_FOR_PINS (SC_PKCS11_SLOT_FOR_PIN_USER | SC_PKCS11_SLOT_FOR_PIN_SIGN) 49 50 #ifdef __cplusplus 51 } 52 #endif 53 54 /* Decide whether to use pkcs11 for initialization support */ 55 #ifdef ENABLE_OPENSSL 56 #define USE_PKCS15_INIT 57 #endif 58 59 #ifdef __cplusplus 60 extern "C" { 61 #endif 62 63 struct sc_pkcs11_session; 64 struct sc_pkcs11_slot; 65 struct sc_pkcs11_card; 66 67 struct sc_pkcs11_config { 68 unsigned int max_virtual_slots; 69 unsigned int slots_per_card; 70 unsigned char lock_login; 71 unsigned char atomic; 72 unsigned char init_sloppy; 73 unsigned int pin_unblock_style; 74 unsigned int create_puk_slot; 75 unsigned int create_slots_flags; 76 unsigned char ignore_pin_length; 77 }; 78 79 /* 80 * PKCS#11 Object abstraction layer 81 */ 82 83 struct sc_pkcs11_object_ops { 84 /* Generic operations */ 85 void (*release)(void *); 86 87 /* Management methods */ 88 CK_RV (*set_attribute)(struct sc_pkcs11_session *, void *, CK_ATTRIBUTE_PTR); 89 CK_RV (*get_attribute)(struct sc_pkcs11_session *, void *, CK_ATTRIBUTE_PTR); 90 CK_RV (*cmp_attribute)(struct sc_pkcs11_session *, void *, CK_ATTRIBUTE_PTR); 91 92 CK_RV (*destroy_object)(struct sc_pkcs11_session *, void *); 93 CK_RV (*get_size)(struct sc_pkcs11_session *, void *); 94 95 /* Cryptographic methods */ 96 CK_RV (*sign)(struct sc_pkcs11_session *, void *, 97 CK_MECHANISM_PTR, 98 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 99 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulDataLen); 100 CK_RV (*unwrap_key)(struct sc_pkcs11_session *, void *, 101 CK_MECHANISM_PTR, 102 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 103 void *targetKey); 104 CK_RV (*decrypt)(struct sc_pkcs11_session *, void *, 105 CK_MECHANISM_PTR, 106 CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, 107 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 108 109 CK_RV (*derive)(struct sc_pkcs11_session *, void *, 110 CK_MECHANISM_PTR, 111 CK_BYTE_PTR pSeedData, CK_ULONG ulSeedDataLen, 112 CK_BYTE_PTR pDerived, CK_ULONG_PTR pulDerivedLen); 113 114 /* Check compatibility of PKCS#15 object usage and an asked PKCS#11 mechanism. */ 115 CK_RV (*can_do)(struct sc_pkcs11_session *, void *, CK_MECHANISM_TYPE, unsigned int); 116 117 /* General validation of mechanism parameters (sign, encrypt, etc) */ 118 CK_RV (*init_params)(struct sc_pkcs11_session *, CK_MECHANISM_PTR); 119 120 CK_RV (*wrap_key)(struct sc_pkcs11_session *, void *, 121 CK_MECHANISM_PTR, 122 void*, 123 CK_BYTE_PTR pData, CK_ULONG_PTR ulDataLen); 124 125 /* Others to be added when implemented */ 126 }; 127 128 struct sc_pkcs11_object { 129 CK_OBJECT_HANDLE handle; 130 int flags; 131 struct sc_pkcs11_object_ops *ops; 132 }; 133 134 #define SC_PKCS11_OBJECT_SEEN 0x0001 135 #define SC_PKCS11_OBJECT_HIDDEN 0x0002 136 #define SC_PKCS11_OBJECT_RECURS 0x8000 137 138 139 /* 140 * PKCS#11 smart card Framework abstraction 141 */ 142 143 struct sc_pkcs11_framework_ops { 144 /* Detect and bind card to framework */ 145 CK_RV (*bind)(struct sc_pkcs11_card *, struct sc_app_info *); 146 /* Unbind and release allocated resources */ 147 CK_RV (*unbind)(struct sc_pkcs11_card *); 148 149 /* Create tokens to virtual slots and 150 * objects in tokens; called after bind */ 151 CK_RV (*create_tokens)(struct sc_pkcs11_card *, struct sc_app_info *); 152 CK_RV (*release_token)(struct sc_pkcs11_card *, void *); 153 154 /* Login and logout */ 155 CK_RV (*login)(struct sc_pkcs11_slot *, 156 CK_USER_TYPE, CK_CHAR_PTR, CK_ULONG); 157 CK_RV (*logout)(struct sc_pkcs11_slot *); 158 CK_RV (*change_pin)(struct sc_pkcs11_slot *, 159 CK_CHAR_PTR, CK_ULONG, 160 CK_CHAR_PTR, CK_ULONG); 161 /* 162 * In future: functions to create new objects (i.e. certificates, private keys) 163 */ 164 CK_RV (*init_token)(struct sc_pkcs11_slot *, void *, 165 CK_UTF8CHAR_PTR, CK_ULONG, 166 CK_UTF8CHAR_PTR); 167 CK_RV (*init_pin)(struct sc_pkcs11_slot *, 168 CK_UTF8CHAR_PTR, CK_ULONG); 169 CK_RV (*create_object)(struct sc_pkcs11_slot *, 170 CK_ATTRIBUTE_PTR, CK_ULONG, 171 CK_OBJECT_HANDLE_PTR); 172 CK_RV (*gen_keypair)(struct sc_pkcs11_slot *, 173 CK_MECHANISM_PTR, 174 CK_ATTRIBUTE_PTR, CK_ULONG, 175 CK_ATTRIBUTE_PTR, CK_ULONG, 176 CK_OBJECT_HANDLE_PTR, CK_OBJECT_HANDLE_PTR); 177 CK_RV (*get_random)(struct sc_pkcs11_slot *, 178 CK_BYTE_PTR, CK_ULONG); 179 }; 180 181 /* 182 * PKCS#11 Slot (used to access card with specific framework data) 183 */ 184 185 #ifndef _WIN32 186 typedef unsigned long long sc_timestamp_t; 187 #else 188 typedef unsigned __int64 sc_timestamp_t; 189 #endif 190 191 #define SC_PKCS11_FRAMEWORK_DATA_MAX_NUM 4 192 struct sc_pkcs11_card { 193 sc_reader_t *reader; 194 sc_card_t *card; 195 struct sc_pkcs11_framework_ops *framework; 196 void *fws_data[SC_PKCS11_FRAMEWORK_DATA_MAX_NUM]; 197 198 /* List of supported mechanisms */ 199 struct sc_pkcs11_mechanism_type **mechanisms; 200 unsigned int nmechanisms; 201 }; 202 203 /* If the slot did already show with `C_GetSlotList`, then we need to keep this 204 * slot alive. PKCS#11 2.30 allows allows adding but not removing slots until 205 * the application calls `C_GetSlotList` with `NULL`. This flag tracks the 206 * visibility to the application */ 207 #define SC_PKCS11_SLOT_FLAG_SEEN 1 208 209 struct sc_pkcs11_slot { 210 CK_SLOT_ID id; /* ID of the slot */ 211 int login_user; /* Currently logged in user */ 212 CK_SLOT_INFO slot_info; /* Slot specific information (information about reader) */ 213 CK_TOKEN_INFO token_info; /* Token specific information (information about card) */ 214 sc_reader_t *reader; /* same as card->reader if there's a card present */ 215 struct sc_pkcs11_card *p11card; /* The card associated with this slot */ 216 unsigned int events; /* Card events SC_EVENT_CARD_{INSERTED,REMOVED} */ 217 void *fw_data; /* Framework specific data */ /* TODO: get know how it used */ 218 list_t objects; /* Objects in this slot */ 219 unsigned int nsessions; /* Number of sessions using this slot */ 220 sc_timestamp_t slot_state_expires; 221 222 int fw_data_idx; /* Index of framework data */ 223 struct sc_app_info *app_info; /* Application associated to slot */ 224 list_t logins; /* tracks all calls to C_Login if atomic operations are requested */ 225 int flags; 226 }; 227 typedef struct sc_pkcs11_slot sc_pkcs11_slot_t; 228 229 /* Debug virtual slots. S is slot to be highlighted or NULL 230 * C is a comment format string and args It will be preceded by "VSS " */ 231 #define DEBUG_VSS(S, ...) do { sc_log(context,"VSS " __VA_ARGS__); _debug_virtual_slots(S); } while (0) 232 233 /* called by DEBUG_VSS to print table of virtual slots */ 234 void _debug_virtual_slots(sc_pkcs11_slot_t *p); 235 236 /* Forward decl */ 237 typedef struct sc_pkcs11_operation sc_pkcs11_operation_t; 238 239 enum { 240 SC_PKCS11_OPERATION_FIND = 0, 241 SC_PKCS11_OPERATION_SIGN, 242 SC_PKCS11_OPERATION_VERIFY, 243 SC_PKCS11_OPERATION_DIGEST, 244 SC_PKCS11_OPERATION_DECRYPT, 245 SC_PKCS11_OPERATION_DERIVE, 246 SC_PKCS11_OPERATION_WRAP, 247 SC_PKCS11_OPERATION_UNWRAP, 248 SC_PKCS11_OPERATION_MAX 249 }; 250 251 /* This describes a PKCS11 mechanism */ 252 struct sc_pkcs11_mechanism_type { 253 CK_MECHANISM_TYPE mech; /* algorithm: md5, sha1, ... */ 254 CK_MECHANISM_INFO mech_info; /* mechanism info */ 255 CK_MECHANISM_TYPE key_type; /* for sign/decipher ops */ 256 unsigned int obj_size; 257 258 /* General management */ 259 void (*release)(sc_pkcs11_operation_t *); 260 261 /* Digest/sign Operations */ 262 CK_RV (*md_init)(sc_pkcs11_operation_t *); 263 CK_RV (*md_update)(sc_pkcs11_operation_t *, 264 CK_BYTE_PTR, CK_ULONG); 265 CK_RV (*md_final)(sc_pkcs11_operation_t *, 266 CK_BYTE_PTR, CK_ULONG_PTR); 267 268 CK_RV (*sign_init)(sc_pkcs11_operation_t *, 269 struct sc_pkcs11_object *); 270 CK_RV (*sign_update)(sc_pkcs11_operation_t *, 271 CK_BYTE_PTR, CK_ULONG); 272 CK_RV (*sign_final)(sc_pkcs11_operation_t *, 273 CK_BYTE_PTR, CK_ULONG_PTR); 274 CK_RV (*sign_size)(sc_pkcs11_operation_t *, 275 CK_ULONG_PTR); 276 CK_RV (*verif_init)(sc_pkcs11_operation_t *, 277 struct sc_pkcs11_object *); 278 CK_RV (*verif_update)(sc_pkcs11_operation_t *, 279 CK_BYTE_PTR, CK_ULONG); 280 CK_RV (*verif_final)(sc_pkcs11_operation_t *, 281 CK_BYTE_PTR, CK_ULONG); 282 CK_RV (*decrypt_init)(sc_pkcs11_operation_t *, 283 struct sc_pkcs11_object *); 284 CK_RV (*decrypt)(sc_pkcs11_operation_t *, 285 CK_BYTE_PTR, CK_ULONG, 286 CK_BYTE_PTR, CK_ULONG_PTR); 287 CK_RV (*derive)(sc_pkcs11_operation_t *, 288 struct sc_pkcs11_object *, 289 CK_BYTE_PTR, CK_ULONG, 290 CK_BYTE_PTR, CK_ULONG_PTR); 291 CK_RV (*wrap)(sc_pkcs11_operation_t *, 292 struct sc_pkcs11_object *, 293 struct sc_pkcs11_object *, 294 CK_BYTE_PTR, CK_ULONG_PTR); 295 CK_RV (*unwrap)(sc_pkcs11_operation_t *, 296 struct sc_pkcs11_object *, 297 CK_BYTE_PTR, CK_ULONG, 298 struct sc_pkcs11_object *); 299 300 /* mechanism specific data */ 301 const void * mech_data; 302 /* free mechanism specific data */ 303 void (*free_mech_data)(const void *mech_data); 304 }; 305 typedef struct sc_pkcs11_mechanism_type sc_pkcs11_mechanism_type_t; 306 307 /* 308 * Generic operation 309 */ 310 struct sc_pkcs11_operation { 311 sc_pkcs11_mechanism_type_t *type; 312 CK_MECHANISM mechanism; 313 union { 314 CK_RSA_PKCS_PSS_PARAMS pss; 315 CK_RSA_PKCS_OAEP_PARAMS oaep; 316 } mechanism_params; 317 struct sc_pkcs11_session *session; 318 void * priv_data; 319 }; 320 321 /* Find Operation */ 322 #define SC_PKCS11_FIND_INC_HANDLES 32 323 struct sc_pkcs11_find_operation { 324 struct sc_pkcs11_operation operation; 325 int num_handles, current_handle, allocated_handles; 326 CK_OBJECT_HANDLE *handles; 327 }; 328 329 /* 330 * PKCS#11 Session 331 */ 332 333 struct sc_pkcs11_session { 334 CK_SESSION_HANDLE handle; 335 /* Session to this slot */ 336 struct sc_pkcs11_slot *slot; 337 CK_FLAGS flags; 338 /* Notifications */ 339 CK_NOTIFY notify_callback; 340 CK_VOID_PTR notify_data; 341 /* Active operations - one per type */ 342 struct sc_pkcs11_operation *operation[SC_PKCS11_OPERATION_MAX]; 343 }; 344 typedef struct sc_pkcs11_session sc_pkcs11_session_t; 345 346 /* Module variables */ 347 extern struct sc_context *context; 348 extern struct sc_pkcs11_config sc_pkcs11_conf; 349 extern list_t sessions; 350 extern list_t virtual_slots; 351 extern list_t cards; 352 353 /* Framework definitions */ 354 extern struct sc_pkcs11_framework_ops framework_pkcs15; 355 extern struct sc_pkcs11_framework_ops framework_pkcs15init; 356 357 void strcpy_bp(u8 *dst, const char *src, size_t dstsize); 358 CK_RV sc_to_cryptoki_error(int rc, const char *ctx); 359 void sc_pkcs11_print_attrs(int level, const char *file, unsigned int line, const char *function, 360 const char *info, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 361 #define dump_template(level, info, pTemplate, ulCount) \ 362 sc_pkcs11_print_attrs(level, __FILE__, __LINE__, __FUNCTION__, \ 363 info, pTemplate, ulCount) 364 365 /* Slot and card handling functions */ 366 CK_RV card_removed(sc_reader_t *reader); 367 CK_RV card_detect_all(void); 368 CK_RV create_slot(sc_reader_t *reader); 369 void init_slot_info(CK_SLOT_INFO_PTR pInfo, sc_reader_t *reader); 370 CK_RV card_detect(sc_reader_t *reader); 371 CK_RV slot_get_slot(CK_SLOT_ID id, struct sc_pkcs11_slot **); 372 CK_RV slot_get_token(CK_SLOT_ID id, struct sc_pkcs11_slot **); 373 CK_RV slot_token_removed(CK_SLOT_ID id); 374 CK_RV slot_allocate(struct sc_pkcs11_slot **, struct sc_pkcs11_card *); 375 CK_RV slot_find_changed(CK_SLOT_ID_PTR idp, int mask); 376 int slot_get_logged_in_state(struct sc_pkcs11_slot *slot); 377 378 /* Login tracking functions */ 379 CK_RV restore_login_state(struct sc_pkcs11_slot *slot); 380 CK_RV reset_login_state(struct sc_pkcs11_slot *slot, CK_RV rv); 381 CK_RV push_login_state(struct sc_pkcs11_slot *slot, 382 CK_USER_TYPE userType, CK_CHAR_PTR pPin, CK_ULONG ulPinLen); 383 void pop_login_state(struct sc_pkcs11_slot *slot); 384 void pop_all_login_states(struct sc_pkcs11_slot *slot); 385 386 /* Session manipulation */ 387 CK_RV get_session(CK_SESSION_HANDLE hSession, struct sc_pkcs11_session ** session); 388 CK_RV session_start_operation(struct sc_pkcs11_session *, 389 int, sc_pkcs11_mechanism_type_t *, 390 struct sc_pkcs11_operation **); 391 CK_RV session_get_operation(struct sc_pkcs11_session *, int, 392 struct sc_pkcs11_operation **); 393 CK_RV session_stop_operation(struct sc_pkcs11_session *, int); 394 CK_RV sc_pkcs11_close_all_sessions(CK_SLOT_ID); 395 396 /* Generic secret key stuff */ 397 CK_RV sc_pkcs11_create_secret_key(struct sc_pkcs11_session *, 398 const u8 *, size_t, 399 CK_ATTRIBUTE_PTR, CK_ULONG, 400 struct sc_pkcs11_object **); 401 /* Generic object handling */ 402 CK_RV sc_pkcs11_any_cmp_attribute(struct sc_pkcs11_session *, 403 void *, CK_ATTRIBUTE_PTR); 404 405 /* Get attributes from template (misc.c) */ 406 CK_RV attr_find(CK_ATTRIBUTE_PTR, CK_ULONG, CK_ULONG, void *, size_t *); 407 CK_RV attr_find2(CK_ATTRIBUTE_PTR, CK_ULONG, CK_ATTRIBUTE_PTR, CK_ULONG, 408 CK_ULONG, void *, size_t *); 409 CK_RV attr_find_ptr(CK_ATTRIBUTE_PTR, CK_ULONG, CK_ULONG, void **, size_t *); 410 CK_RV attr_find_ptr2(CK_ATTRIBUTE_PTR pTemp1, CK_ULONG ulCount1, 411 CK_ATTRIBUTE_PTR pTemp2, CK_ULONG ulCount2, CK_ULONG type, void **ptr, size_t * sizep); 412 CK_RV attr_find_and_allocate_ptr(CK_ATTRIBUTE_PTR, CK_ULONG, CK_ULONG, void **, size_t *); 413 CK_RV attr_find_var(CK_ATTRIBUTE_PTR, CK_ULONG, CK_ULONG, void *, size_t *); 414 CK_RV attr_extract(CK_ATTRIBUTE_PTR, void *, size_t *); 415 416 /* Generic Mechanism functions */ 417 CK_RV sc_pkcs11_register_mechanism(struct sc_pkcs11_card *, 418 sc_pkcs11_mechanism_type_t *); 419 CK_RV sc_pkcs11_get_mechanism_list(struct sc_pkcs11_card *, 420 CK_MECHANISM_TYPE_PTR, CK_ULONG_PTR); 421 CK_RV sc_pkcs11_get_mechanism_info(struct sc_pkcs11_card *, CK_MECHANISM_TYPE, 422 CK_MECHANISM_INFO_PTR); 423 CK_RV sc_pkcs11_md_init(struct sc_pkcs11_session *, CK_MECHANISM_PTR); 424 CK_RV sc_pkcs11_md_update(struct sc_pkcs11_session *, CK_BYTE_PTR, CK_ULONG); 425 CK_RV sc_pkcs11_md_final(struct sc_pkcs11_session *, CK_BYTE_PTR, CK_ULONG_PTR); 426 CK_RV sc_pkcs11_sign_init(struct sc_pkcs11_session *, CK_MECHANISM_PTR, 427 struct sc_pkcs11_object *, CK_MECHANISM_TYPE); 428 CK_RV sc_pkcs11_sign_update(struct sc_pkcs11_session *, CK_BYTE_PTR, CK_ULONG); 429 CK_RV sc_pkcs11_sign_final(struct sc_pkcs11_session *, CK_BYTE_PTR, CK_ULONG_PTR); 430 CK_RV sc_pkcs11_sign_size(struct sc_pkcs11_session *, CK_ULONG_PTR); 431 #ifdef ENABLE_OPENSSL 432 CK_RV sc_pkcs11_verif_init(struct sc_pkcs11_session *, CK_MECHANISM_PTR, 433 struct sc_pkcs11_object *, CK_MECHANISM_TYPE); 434 CK_RV sc_pkcs11_verif_update(struct sc_pkcs11_session *, CK_BYTE_PTR, CK_ULONG); 435 CK_RV sc_pkcs11_verif_final(struct sc_pkcs11_session *, CK_BYTE_PTR, CK_ULONG); 436 #endif 437 CK_RV sc_pkcs11_decr_init(struct sc_pkcs11_session *, CK_MECHANISM_PTR, struct sc_pkcs11_object *, CK_MECHANISM_TYPE); 438 CK_RV sc_pkcs11_decr(struct sc_pkcs11_session *, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR); 439 CK_RV sc_pkcs11_wrap(struct sc_pkcs11_session *,CK_MECHANISM_PTR, struct sc_pkcs11_object *, CK_KEY_TYPE, struct sc_pkcs11_object *, CK_BYTE_PTR, CK_ULONG_PTR); 440 CK_RV sc_pkcs11_unwrap(struct sc_pkcs11_session *,CK_MECHANISM_PTR, struct sc_pkcs11_object *, CK_KEY_TYPE, CK_BYTE_PTR, CK_ULONG, struct sc_pkcs11_object *); 441 CK_RV sc_pkcs11_deri(struct sc_pkcs11_session *, CK_MECHANISM_PTR, 442 struct sc_pkcs11_object *, CK_KEY_TYPE, 443 CK_SESSION_HANDLE, CK_OBJECT_HANDLE, struct sc_pkcs11_object *); 444 sc_pkcs11_mechanism_type_t *sc_pkcs11_find_mechanism(struct sc_pkcs11_card *, 445 CK_MECHANISM_TYPE, unsigned int); 446 sc_pkcs11_mechanism_type_t *sc_pkcs11_new_fw_mechanism(CK_MECHANISM_TYPE, 447 CK_MECHANISM_INFO_PTR, CK_KEY_TYPE, 448 const void *, void (*)(const void *)); 449 sc_pkcs11_operation_t *sc_pkcs11_new_operation(sc_pkcs11_session_t *, 450 sc_pkcs11_mechanism_type_t *); 451 void sc_pkcs11_release_operation(sc_pkcs11_operation_t **); 452 CK_RV sc_pkcs11_register_generic_mechanisms(struct sc_pkcs11_card *); 453 #ifdef ENABLE_OPENSSL 454 void sc_pkcs11_register_openssl_mechanisms(struct sc_pkcs11_card *); 455 #endif 456 CK_RV sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *, 457 CK_MECHANISM_TYPE, CK_MECHANISM_TYPE, 458 sc_pkcs11_mechanism_type_t *); 459 460 #ifdef ENABLE_OPENSSL 461 CK_RV sc_pkcs11_verify_data(const unsigned char *pubkey, unsigned int pubkey_len, 462 const unsigned char *pubkey_params, unsigned int pubkey_params_len, 463 CK_MECHANISM_PTR mech, sc_pkcs11_operation_t *md, 464 unsigned char *inp, unsigned int inp_len, 465 unsigned char *signat, unsigned int signat_len); 466 #endif 467 468 /* Load configuration defaults */ 469 void load_pkcs11_parameters(struct sc_pkcs11_config *, struct sc_context *); 470 471 /* Locking primitives at the pkcs11 level */ 472 CK_RV sc_pkcs11_init_lock(CK_C_INITIALIZE_ARGS_PTR); 473 CK_RV sc_pkcs11_lock(void); 474 void sc_pkcs11_unlock(void); 475 void sc_pkcs11_free_lock(void); 476 477 #ifdef __cplusplus 478 } 479 #endif 480 481 #endif /* __sc_pkcs11_h__ */ 482