1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 /* License to copy and use this software is granted provided that it is 5 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 6 * (Cryptoki)" in all material mentioning or referencing this software. 7 8 * License is also granted to make and use derivative works provided that 9 * such works are identified as "derived from the RSA Security Inc. PKCS #11 10 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 11 * referencing the derived work. 12 13 * RSA Security Inc. makes no representations concerning either the 14 * merchantability of this software or the suitability of this software for 15 * any particular purpose. It is provided "as is" without express or implied 16 * warranty of any kind. 17 */ 18 19 #ifndef _PKCS11T_H_ 20 #define _PKCS11T_H_ 1 21 22 #define CK_TRUE 1 23 #define CK_FALSE 0 24 25 #include "prtypes.h" 26 27 #define CK_PTR * 28 #define CK_NULL_PTR 0 29 #define CK_CALLBACK_FUNCTION(rtype, func) rtype(PR_CALLBACK *func) 30 #define CK_DECLARE_FUNCTION(rtype, func) extern rtype func 31 #define CK_DECLARE_FUNCTION_POINTER(rtype, func) rtype(PR_CALLBACK *func) 32 33 #define CK_INVALID_SESSION 0 34 35 /* an unsigned 8-bit value */ 36 typedef unsigned char CK_BYTE; 37 38 /* an unsigned 8-bit character */ 39 typedef CK_BYTE CK_CHAR; 40 41 /* an 8-bit UTF-8 character */ 42 typedef CK_BYTE CK_UTF8CHAR; 43 44 /* a BYTE-sized Boolean flag */ 45 typedef CK_BYTE CK_BBOOL; 46 47 /* an unsigned value, at least 32 bits long */ 48 typedef unsigned long int CK_ULONG; 49 50 /* a signed value, the same size as a CK_ULONG */ 51 /* CK_LONG is new for v2.0 */ 52 typedef long int CK_LONG; 53 54 /* at least 32 bits; each bit is a Boolean flag */ 55 typedef CK_ULONG CK_FLAGS; 56 57 /* some special values for certain CK_ULONG variables */ 58 #define CK_UNAVAILABLE_INFORMATION (~0UL) 59 #define CK_EFFECTIVELY_INFINITE 0 60 61 typedef CK_BYTE CK_PTR CK_BYTE_PTR; 62 typedef CK_CHAR CK_PTR CK_CHAR_PTR; 63 typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; 64 typedef CK_ULONG CK_PTR CK_ULONG_PTR; 65 typedef void CK_PTR CK_VOID_PTR; 66 67 /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ 68 typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; 69 70 /* The following value is always invalid if used as a session */ 71 /* handle or object handle */ 72 #define CK_INVALID_HANDLE 0 73 74 /* pack */ 75 #include "pkcs11p.h" 76 77 typedef struct CK_VERSION { 78 CK_BYTE major; /* integer portion of version number */ 79 CK_BYTE minor; /* 1/100ths portion of version number */ 80 } CK_VERSION; 81 82 typedef CK_VERSION CK_PTR CK_VERSION_PTR; 83 84 typedef struct CK_INFO { 85 /* manufacturerID and libraryDecription have been changed from 86 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 87 CK_VERSION cryptokiVersion; /* PKCS #11 interface ver */ 88 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 89 CK_FLAGS flags; /* must be zero */ 90 91 /* libraryDescription and libraryVersion are new for v2.0 */ 92 CK_UTF8CHAR libraryDescription[32]; /* blank padded */ 93 CK_VERSION libraryVersion; /* version of library */ 94 } CK_INFO; 95 96 typedef CK_INFO CK_PTR CK_INFO_PTR; 97 98 /* CK_NOTIFICATION enumerates the types of notifications that 99 * PKCS #11 provides to an application */ 100 /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG 101 * for v2.0 */ 102 typedef CK_ULONG CK_NOTIFICATION; 103 #define CKN_SURRENDER 0 104 105 typedef CK_ULONG CK_SLOT_ID; 106 107 typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; 108 109 /* CK_SLOT_INFO provides information about a slot */ 110 typedef struct CK_SLOT_INFO { 111 /* slotDescription and manufacturerID have been changed from 112 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 113 CK_UTF8CHAR slotDescription[64]; /* blank padded */ 114 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 115 CK_FLAGS flags; 116 117 /* hardwareVersion and firmwareVersion are new for v2.0 */ 118 CK_VERSION hardwareVersion; /* version of hardware */ 119 CK_VERSION firmwareVersion; /* version of firmware */ 120 } CK_SLOT_INFO; 121 122 /* flags: bit flags that provide capabilities of the slot 123 * Bit Flag Mask Meaning 124 */ 125 #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ 126 #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ 127 #define CKF_HW_SLOT 0x00000004 /* hardware slot */ 128 129 typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; 130 131 /* CK_TOKEN_INFO provides information about a token */ 132 typedef struct CK_TOKEN_INFO { 133 /* label, manufacturerID, and model have been changed from 134 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 135 CK_UTF8CHAR label[32]; /* blank padded */ 136 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 137 CK_UTF8CHAR model[16]; /* blank padded */ 138 CK_CHAR serialNumber[16]; /* blank padded */ 139 CK_FLAGS flags; /* see below */ 140 141 /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, 142 * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been 143 * changed from CK_USHORT to CK_ULONG for v2.0 */ 144 CK_ULONG ulMaxSessionCount; /* max open sessions */ 145 CK_ULONG ulSessionCount; /* sess. now open */ 146 CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ 147 CK_ULONG ulRwSessionCount; /* R/W sess. now open */ 148 CK_ULONG ulMaxPinLen; /* in bytes */ 149 CK_ULONG ulMinPinLen; /* in bytes */ 150 CK_ULONG ulTotalPublicMemory; /* in bytes */ 151 CK_ULONG ulFreePublicMemory; /* in bytes */ 152 CK_ULONG ulTotalPrivateMemory; /* in bytes */ 153 CK_ULONG ulFreePrivateMemory; /* in bytes */ 154 155 /* hardwareVersion, firmwareVersion, and time are new for 156 * v2.0 */ 157 CK_VERSION hardwareVersion; /* version of hardware */ 158 CK_VERSION firmwareVersion; /* version of firmware */ 159 CK_CHAR utcTime[16]; /* time */ 160 } CK_TOKEN_INFO; 161 162 /* The flags parameter is defined as follows: 163 * Bit Flag Mask Meaning 164 */ 165 #define CKF_RNG 0x00000001 /* has random # \ 166 * generator */ 167 #define CKF_WRITE_PROTECTED 0x00000002 /* token is \ 168 * write- \ 169 * protected */ 170 #define CKF_LOGIN_REQUIRED 0x00000004 /* user must \ 171 * login */ 172 #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's \ 173 * PIN is set */ 174 175 /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, 176 * that means that *every* time the state of cryptographic 177 * operations of a session is successfully saved, all keys 178 * needed to continue those operations are stored in the state */ 179 #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 180 181 /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means 182 * that the token has some sort of clock. The time on that 183 * clock is returned in the token info structure */ 184 #define CKF_CLOCK_ON_TOKEN 0x00000040 185 186 /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is 187 * set, that means that there is some way for the user to login 188 * without sending a PIN through the PKCS #11 library itself */ 189 #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 190 191 /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, 192 * that means that a single session with the token can perform 193 * dual simultaneous cryptographic operations (digest and 194 * encrypt; decrypt and digest; sign and encrypt; and decrypt 195 * and sign) */ 196 #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 197 198 /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the 199 * token has been initialized using C_InitializeToken or an 200 * equivalent mechanism outside the scope of PKCS #11. 201 * Calling C_InitializeToken when this flag is set will cause 202 * the token to be reinitialized. */ 203 #define CKF_TOKEN_INITIALIZED 0x00000400 204 205 /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is 206 * true, the token supports secondary authentication for 207 * private key objects. This flag is deprecated in v2.11 and 208 onwards. */ 209 #define CKF_SECONDARY_AUTHENTICATION 0x00000800 210 211 /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an 212 * incorrect user login PIN has been entered at least once 213 * since the last successful authentication. */ 214 #define CKF_USER_PIN_COUNT_LOW 0x00010000 215 216 /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, 217 * supplying an incorrect user PIN will it to become locked. */ 218 #define CKF_USER_PIN_FINAL_TRY 0x00020000 219 220 /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the 221 * user PIN has been locked. User login to the token is not 222 * possible. */ 223 #define CKF_USER_PIN_LOCKED 0x00040000 224 225 /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 226 * the user PIN value is the default value set by token 227 * initialization or manufacturing, or the PIN has been 228 * expired by the card. */ 229 #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 230 231 /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an 232 * incorrect SO login PIN has been entered at least once since 233 * the last successful authentication. */ 234 #define CKF_SO_PIN_COUNT_LOW 0x00100000 235 236 /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, 237 * supplying an incorrect SO PIN will it to become locked. */ 238 #define CKF_SO_PIN_FINAL_TRY 0x00200000 239 240 /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO 241 * PIN has been locked. SO login to the token is not possible. 242 */ 243 #define CKF_SO_PIN_LOCKED 0x00400000 244 245 /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 246 * the SO PIN value is the default value set by token 247 * initialization or manufacturing, or the PIN has been 248 * expired by the card. */ 249 #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 250 251 typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; 252 253 /* CK_SESSION_HANDLE is a PKCS #11-assigned value that 254 * identifies a session */ 255 typedef CK_ULONG CK_SESSION_HANDLE; 256 257 typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 258 259 /* CK_USER_TYPE enumerates the types of PKCS #11 users */ 260 /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for 261 * v2.0 */ 262 typedef CK_ULONG CK_USER_TYPE; 263 /* Security Officer */ 264 #define CKU_SO 0 265 /* Normal user */ 266 #define CKU_USER 1 267 /* Context specific (added in v2.20) */ 268 #define CKU_CONTEXT_SPECIFIC 2 269 270 /* CK_STATE enumerates the session states */ 271 /* CK_STATE has been changed from an enum to a CK_ULONG for 272 * v2.0 */ 273 typedef CK_ULONG CK_STATE; 274 #define CKS_RO_PUBLIC_SESSION 0 275 #define CKS_RO_USER_FUNCTIONS 1 276 #define CKS_RW_PUBLIC_SESSION 2 277 #define CKS_RW_USER_FUNCTIONS 3 278 #define CKS_RW_SO_FUNCTIONS 4 279 280 /* CK_SESSION_INFO provides information about a session */ 281 typedef struct CK_SESSION_INFO { 282 CK_SLOT_ID slotID; 283 CK_STATE state; 284 CK_FLAGS flags; /* see below */ 285 286 /* ulDeviceError was changed from CK_USHORT to CK_ULONG for 287 * v2.0 */ 288 CK_ULONG ulDeviceError; /* device-dependent error code */ 289 } CK_SESSION_INFO; 290 291 /* The flags are defined in the following table: 292 * Bit Flag Mask Meaning 293 */ 294 #define CKF_RW_SESSION 0x00000002 /* session is r/w */ 295 #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ 296 297 typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; 298 299 /* CK_OBJECT_HANDLE is a token-specific identifier for an 300 * object */ 301 typedef CK_ULONG CK_OBJECT_HANDLE; 302 303 typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; 304 305 /* CK_OBJECT_CLASS is a value that identifies the classes (or 306 * types) of objects that PKCS #11 recognizes. It is defined 307 * as follows: */ 308 /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for 309 * v2.0 */ 310 typedef CK_ULONG CK_OBJECT_CLASS; 311 312 /* The following classes of objects are defined: */ 313 /* CKO_HW_FEATURE is new for v2.10 */ 314 /* CKO_DOMAIN_PARAMETERS is new for v2.11 */ 315 /* CKO_MECHANISM is new for v2.20 */ 316 #define CKO_DATA 0x00000000 317 #define CKO_CERTIFICATE 0x00000001 318 #define CKO_PUBLIC_KEY 0x00000002 319 #define CKO_PRIVATE_KEY 0x00000003 320 #define CKO_SECRET_KEY 0x00000004 321 #define CKO_HW_FEATURE 0x00000005 322 #define CKO_DOMAIN_PARAMETERS 0x00000006 323 #define CKO_MECHANISM 0x00000007 324 #define CKO_VENDOR_DEFINED 0x80000000 325 326 typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; 327 328 /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a 329 * value that identifies the hardware feature type of an object 330 * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ 331 typedef CK_ULONG CK_HW_FEATURE_TYPE; 332 333 /* The following hardware feature types are defined */ 334 /* CKH_USER_INTERFACE is new for v2.20 */ 335 #define CKH_MONOTONIC_COUNTER 0x00000001 336 #define CKH_CLOCK 0x00000002 337 #define CKH_USER_INTERFACE 0x00000003 338 #define CKH_VENDOR_DEFINED 0x80000000 339 340 /* CK_KEY_TYPE is a value that identifies a key type */ 341 /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ 342 typedef CK_ULONG CK_KEY_TYPE; 343 344 /* the following key types are defined: */ 345 #define CKK_RSA 0x00000000 346 #define CKK_DSA 0x00000001 347 #define CKK_DH 0x00000002 348 349 /* CKK_ECDSA and CKK_KEA are new for v2.0 */ 350 /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ 351 #define CKK_ECDSA 0x00000003 352 #define CKK_EC 0x00000003 353 #define CKK_X9_42_DH 0x00000004 354 #define CKK_KEA 0x00000005 355 356 #define CKK_GENERIC_SECRET 0x00000010 357 #define CKK_RC2 0x00000011 358 #define CKK_RC4 0x00000012 359 #define CKK_DES 0x00000013 360 #define CKK_DES2 0x00000014 361 #define CKK_DES3 0x00000015 362 363 /* all these key types are new for v2.0 */ 364 #define CKK_CAST 0x00000016 365 #define CKK_CAST3 0x00000017 366 /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ 367 #define CKK_CAST5 0x00000018 368 #define CKK_CAST128 0x00000018 369 #define CKK_RC5 0x00000019 370 #define CKK_IDEA 0x0000001A 371 #define CKK_SKIPJACK 0x0000001B 372 #define CKK_BATON 0x0000001C 373 #define CKK_JUNIPER 0x0000001D 374 #define CKK_CDMF 0x0000001E 375 #define CKK_AES 0x0000001F 376 377 /* BlowFish and TwoFish are new for v2.20 */ 378 #define CKK_BLOWFISH 0x00000020 379 #define CKK_TWOFISH 0x00000021 380 381 /* Camellia is proposed for v2.20 Amendment 3 */ 382 #define CKK_CAMELLIA 0x00000025 383 384 #define CKK_SEED 0x00000026 385 386 #define CKK_VENDOR_DEFINED 0x80000000 387 388 /* CK_CERTIFICATE_TYPE is a value that identifies a certificate 389 * type */ 390 /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG 391 * for v2.0 */ 392 typedef CK_ULONG CK_CERTIFICATE_TYPE; 393 394 /* The following certificate types are defined: */ 395 /* CKC_X_509_ATTR_CERT is new for v2.10 */ 396 /* CKC_WTLS is new for v2.20 */ 397 #define CKC_X_509 0x00000000 398 #define CKC_X_509_ATTR_CERT 0x00000001 399 #define CKC_WTLS 0x00000002 400 #define CKC_VENDOR_DEFINED 0x80000000 401 402 /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute 403 * type */ 404 /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for 405 * v2.0 */ 406 typedef CK_ULONG CK_ATTRIBUTE_TYPE; 407 408 /* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which 409 consists of an array of values. */ 410 #define CKF_ARRAY_ATTRIBUTE 0x40000000 411 412 /* The following attribute types are defined: */ 413 #define CKA_CLASS 0x00000000 414 #define CKA_TOKEN 0x00000001 415 #define CKA_PRIVATE 0x00000002 416 #define CKA_LABEL 0x00000003 417 #define CKA_APPLICATION 0x00000010 418 #define CKA_VALUE 0x00000011 419 420 /* CKA_OBJECT_ID is new for v2.10 */ 421 #define CKA_OBJECT_ID 0x00000012 422 423 #define CKA_CERTIFICATE_TYPE 0x00000080 424 #define CKA_ISSUER 0x00000081 425 #define CKA_SERIAL_NUMBER 0x00000082 426 427 /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new 428 * for v2.10 */ 429 #define CKA_AC_ISSUER 0x00000083 430 #define CKA_OWNER 0x00000084 431 #define CKA_ATTR_TYPES 0x00000085 432 433 /* CKA_TRUSTED is new for v2.11 */ 434 #define CKA_TRUSTED 0x00000086 435 436 /* CKA_CERTIFICATE_CATEGORY ... 437 * CKA_CHECK_VALUE are new for v2.20 */ 438 #define CKA_CERTIFICATE_CATEGORY 0x00000087 439 #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088 440 #define CKA_URL 0x00000089 441 #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A 442 #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B 443 #define CKA_CHECK_VALUE 0x00000090 444 445 #define CKA_KEY_TYPE 0x00000100 446 #define CKA_SUBJECT 0x00000101 447 #define CKA_ID 0x00000102 448 #define CKA_SENSITIVE 0x00000103 449 #define CKA_ENCRYPT 0x00000104 450 #define CKA_DECRYPT 0x00000105 451 #define CKA_WRAP 0x00000106 452 #define CKA_UNWRAP 0x00000107 453 #define CKA_SIGN 0x00000108 454 #define CKA_SIGN_RECOVER 0x00000109 455 #define CKA_VERIFY 0x0000010A 456 #define CKA_VERIFY_RECOVER 0x0000010B 457 #define CKA_DERIVE 0x0000010C 458 #define CKA_START_DATE 0x00000110 459 #define CKA_END_DATE 0x00000111 460 #define CKA_MODULUS 0x00000120 461 #define CKA_MODULUS_BITS 0x00000121 462 #define CKA_PUBLIC_EXPONENT 0x00000122 463 #define CKA_PRIVATE_EXPONENT 0x00000123 464 #define CKA_PRIME_1 0x00000124 465 #define CKA_PRIME_2 0x00000125 466 #define CKA_EXPONENT_1 0x00000126 467 #define CKA_EXPONENT_2 0x00000127 468 #define CKA_COEFFICIENT 0x00000128 469 #define CKA_PRIME 0x00000130 470 #define CKA_SUBPRIME 0x00000131 471 #define CKA_BASE 0x00000132 472 473 /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ 474 #define CKA_PRIME_BITS 0x00000133 475 #define CKA_SUBPRIME_BITS 0x00000134 476 #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS 477 /* (To retain backwards-compatibility) */ 478 479 #define CKA_VALUE_BITS 0x00000160 480 #define CKA_VALUE_LEN 0x00000161 481 482 /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, 483 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, 484 * and CKA_EC_POINT are new for v2.0 */ 485 #define CKA_EXTRACTABLE 0x00000162 486 #define CKA_LOCAL 0x00000163 487 #define CKA_NEVER_EXTRACTABLE 0x00000164 488 #define CKA_ALWAYS_SENSITIVE 0x00000165 489 490 /* CKA_KEY_GEN_MECHANISM is new for v2.11 */ 491 #define CKA_KEY_GEN_MECHANISM 0x00000166 492 493 #define CKA_MODIFIABLE 0x00000170 494 495 /* CKA_ECDSA_PARAMS is deprecated in v2.11, 496 * CKA_EC_PARAMS is preferred. */ 497 #define CKA_ECDSA_PARAMS 0x00000180 498 #define CKA_EC_PARAMS 0x00000180 499 500 #define CKA_EC_POINT 0x00000181 501 502 /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, 503 * are new for v2.10. Deprecated in v2.11 and onwards. */ 504 #define CKA_SECONDARY_AUTH 0x00000200 505 #define CKA_AUTH_PIN_FLAGS 0x00000201 506 507 /* CKA_ALWAYS_AUTHENTICATE ... 508 * CKA_UNWRAP_TEMPLATE are new for v2.20 */ 509 #define CKA_ALWAYS_AUTHENTICATE 0x00000202 510 511 #define CKA_WRAP_WITH_TRUSTED 0x00000210 512 #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x00000211) 513 #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x00000212) 514 515 /* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET 516 * are new for v2.10 */ 517 #define CKA_HW_FEATURE_TYPE 0x00000300 518 #define CKA_RESET_ON_INIT 0x00000301 519 #define CKA_HAS_RESET 0x00000302 520 521 /* The following attributes are new for v2.20 */ 522 #define CKA_PIXEL_X 0x00000400 523 #define CKA_PIXEL_Y 0x00000401 524 #define CKA_RESOLUTION 0x00000402 525 #define CKA_CHAR_ROWS 0x00000403 526 #define CKA_CHAR_COLUMNS 0x00000404 527 #define CKA_COLOR 0x00000405 528 #define CKA_BITS_PER_PIXEL 0x00000406 529 #define CKA_CHAR_SETS 0x00000480 530 #define CKA_ENCODING_METHODS 0x00000481 531 #define CKA_MIME_TYPES 0x00000482 532 #define CKA_MECHANISM_TYPE 0x00000500 533 #define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501 534 #define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502 535 #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503 536 #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x00000600) 537 538 #define CKA_VENDOR_DEFINED 0x80000000 539 540 /* CK_ATTRIBUTE is a structure that includes the type, length 541 * and value of an attribute */ 542 typedef struct CK_ATTRIBUTE { 543 CK_ATTRIBUTE_TYPE type; 544 CK_VOID_PTR pValue; 545 546 /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ 547 CK_ULONG ulValueLen; /* in bytes */ 548 } CK_ATTRIBUTE; 549 550 typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; 551 552 /* CK_DATE is a structure that defines a date */ 553 typedef struct CK_DATE { 554 CK_CHAR year[4]; /* the year ("1900" - "9999") */ 555 CK_CHAR month[2]; /* the month ("01" - "12") */ 556 CK_CHAR day[2]; /* the day ("01" - "31") */ 557 } CK_DATE; 558 559 /* CK_MECHANISM_TYPE is a value that identifies a mechanism 560 * type */ 561 /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for 562 * v2.0 */ 563 typedef CK_ULONG CK_MECHANISM_TYPE; 564 565 /* the following mechanism types are defined: */ 566 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 567 #define CKM_RSA_PKCS 0x00000001 568 #define CKM_RSA_9796 0x00000002 569 #define CKM_RSA_X_509 0x00000003 570 571 /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS 572 * are new for v2.0. They are mechanisms which hash and sign */ 573 #define CKM_MD2_RSA_PKCS 0x00000004 574 #define CKM_MD5_RSA_PKCS 0x00000005 575 #define CKM_SHA1_RSA_PKCS 0x00000006 576 577 /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and 578 * CKM_RSA_PKCS_OAEP are new for v2.10 */ 579 #define CKM_RIPEMD128_RSA_PKCS 0x00000007 580 #define CKM_RIPEMD160_RSA_PKCS 0x00000008 581 #define CKM_RSA_PKCS_OAEP 0x00000009 582 583 /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, 584 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ 585 #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A 586 #define CKM_RSA_X9_31 0x0000000B 587 #define CKM_SHA1_RSA_X9_31 0x0000000C 588 #define CKM_RSA_PKCS_PSS 0x0000000D 589 #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E 590 591 #define CKM_DSA_KEY_PAIR_GEN 0x00000010 592 #define CKM_DSA 0x00000011 593 #define CKM_DSA_SHA1 0x00000012 594 #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 595 #define CKM_DH_PKCS_DERIVE 0x00000021 596 597 /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, 598 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for 599 * v2.11 */ 600 #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 601 #define CKM_X9_42_DH_DERIVE 0x00000031 602 #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 603 #define CKM_X9_42_MQV_DERIVE 0x00000033 604 605 /* CKM_SHA256/384/512 are new for v2.20 */ 606 #define CKM_SHA256_RSA_PKCS 0x00000040 607 #define CKM_SHA384_RSA_PKCS 0x00000041 608 #define CKM_SHA512_RSA_PKCS 0x00000042 609 #define CKM_SHA256_RSA_PKCS_PSS 0x00000043 610 #define CKM_SHA384_RSA_PKCS_PSS 0x00000044 611 #define CKM_SHA512_RSA_PKCS_PSS 0x00000045 612 613 /* CKM_SHA224 new for v2.20 amendment 3 */ 614 #define CKM_SHA224_RSA_PKCS 0x00000046 615 #define CKM_SHA224_RSA_PKCS_PSS 0x00000047 616 617 #define CKM_RC2_KEY_GEN 0x00000100 618 #define CKM_RC2_ECB 0x00000101 619 #define CKM_RC2_CBC 0x00000102 620 #define CKM_RC2_MAC 0x00000103 621 622 /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ 623 #define CKM_RC2_MAC_GENERAL 0x00000104 624 #define CKM_RC2_CBC_PAD 0x00000105 625 626 #define CKM_RC4_KEY_GEN 0x00000110 627 #define CKM_RC4 0x00000111 628 #define CKM_DES_KEY_GEN 0x00000120 629 #define CKM_DES_ECB 0x00000121 630 #define CKM_DES_CBC 0x00000122 631 #define CKM_DES_MAC 0x00000123 632 633 /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ 634 #define CKM_DES_MAC_GENERAL 0x00000124 635 #define CKM_DES_CBC_PAD 0x00000125 636 637 #define CKM_DES2_KEY_GEN 0x00000130 638 #define CKM_DES3_KEY_GEN 0x00000131 639 #define CKM_DES3_ECB 0x00000132 640 #define CKM_DES3_CBC 0x00000133 641 #define CKM_DES3_MAC 0x00000134 642 643 /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, 644 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, 645 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ 646 #define CKM_DES3_MAC_GENERAL 0x00000135 647 #define CKM_DES3_CBC_PAD 0x00000136 648 #define CKM_CDMF_KEY_GEN 0x00000140 649 #define CKM_CDMF_ECB 0x00000141 650 #define CKM_CDMF_CBC 0x00000142 651 #define CKM_CDMF_MAC 0x00000143 652 #define CKM_CDMF_MAC_GENERAL 0x00000144 653 #define CKM_CDMF_CBC_PAD 0x00000145 654 655 /* the following four DES mechanisms are new for v2.20 */ 656 #define CKM_DES_OFB64 0x00000150 657 #define CKM_DES_OFB8 0x00000151 658 #define CKM_DES_CFB64 0x00000152 659 #define CKM_DES_CFB8 0x00000153 660 661 #define CKM_MD2 0x00000200 662 663 /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ 664 #define CKM_MD2_HMAC 0x00000201 665 #define CKM_MD2_HMAC_GENERAL 0x00000202 666 667 #define CKM_MD5 0x00000210 668 669 /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ 670 #define CKM_MD5_HMAC 0x00000211 671 #define CKM_MD5_HMAC_GENERAL 0x00000212 672 673 #define CKM_SHA_1 0x00000220 674 675 /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ 676 #define CKM_SHA_1_HMAC 0x00000221 677 #define CKM_SHA_1_HMAC_GENERAL 0x00000222 678 679 /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, 680 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, 681 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ 682 #define CKM_RIPEMD128 0x00000230 683 #define CKM_RIPEMD128_HMAC 0x00000231 684 #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 685 #define CKM_RIPEMD160 0x00000240 686 #define CKM_RIPEMD160_HMAC 0x00000241 687 #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 688 689 /* CKM_SHA256/384/512 are new for v2.20 */ 690 #define CKM_SHA256 0x00000250 691 #define CKM_SHA256_HMAC 0x00000251 692 #define CKM_SHA256_HMAC_GENERAL 0x00000252 693 #define CKM_SHA384 0x00000260 694 #define CKM_SHA384_HMAC 0x00000261 695 #define CKM_SHA384_HMAC_GENERAL 0x00000262 696 #define CKM_SHA512 0x00000270 697 #define CKM_SHA512_HMAC 0x00000271 698 #define CKM_SHA512_HMAC_GENERAL 0x00000272 699 700 /* CKM_SHA224 new for v2.20 amendment 3 */ 701 #define CKM_SHA224 0x00000255 702 #define CKM_SHA224_HMAC 0x00000256 703 #define CKM_SHA224_HMAC_GENERAL 0x00000257 704 705 /* All of the following mechanisms are new for v2.0 */ 706 /* Note that CAST128 and CAST5 are the same algorithm */ 707 #define CKM_CAST_KEY_GEN 0x00000300 708 #define CKM_CAST_ECB 0x00000301 709 #define CKM_CAST_CBC 0x00000302 710 #define CKM_CAST_MAC 0x00000303 711 #define CKM_CAST_MAC_GENERAL 0x00000304 712 #define CKM_CAST_CBC_PAD 0x00000305 713 #define CKM_CAST3_KEY_GEN 0x00000310 714 #define CKM_CAST3_ECB 0x00000311 715 #define CKM_CAST3_CBC 0x00000312 716 #define CKM_CAST3_MAC 0x00000313 717 #define CKM_CAST3_MAC_GENERAL 0x00000314 718 #define CKM_CAST3_CBC_PAD 0x00000315 719 #define CKM_CAST5_KEY_GEN 0x00000320 720 #define CKM_CAST128_KEY_GEN 0x00000320 721 #define CKM_CAST5_ECB 0x00000321 722 #define CKM_CAST128_ECB 0x00000321 723 #define CKM_CAST5_CBC 0x00000322 724 #define CKM_CAST128_CBC 0x00000322 725 #define CKM_CAST5_MAC 0x00000323 726 #define CKM_CAST128_MAC 0x00000323 727 #define CKM_CAST5_MAC_GENERAL 0x00000324 728 #define CKM_CAST128_MAC_GENERAL 0x00000324 729 #define CKM_CAST5_CBC_PAD 0x00000325 730 #define CKM_CAST128_CBC_PAD 0x00000325 731 #define CKM_RC5_KEY_GEN 0x00000330 732 #define CKM_RC5_ECB 0x00000331 733 #define CKM_RC5_CBC 0x00000332 734 #define CKM_RC5_MAC 0x00000333 735 #define CKM_RC5_MAC_GENERAL 0x00000334 736 #define CKM_RC5_CBC_PAD 0x00000335 737 #define CKM_IDEA_KEY_GEN 0x00000340 738 #define CKM_IDEA_ECB 0x00000341 739 #define CKM_IDEA_CBC 0x00000342 740 #define CKM_IDEA_MAC 0x00000343 741 #define CKM_IDEA_MAC_GENERAL 0x00000344 742 #define CKM_IDEA_CBC_PAD 0x00000345 743 #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 744 #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 745 #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 746 #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 747 #define CKM_XOR_BASE_AND_DATA 0x00000364 748 #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 749 #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 750 #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 751 #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 752 753 /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, 754 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and 755 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ 756 #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 757 #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 758 #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 759 #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 760 #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 761 762 /* CKM_TLS_PRF is new for v2.20 */ 763 #define CKM_TLS_PRF 0x00000378 764 765 #define CKM_SSL3_MD5_MAC 0x00000380 766 #define CKM_SSL3_SHA1_MAC 0x00000381 767 #define CKM_MD5_KEY_DERIVATION 0x00000390 768 #define CKM_MD2_KEY_DERIVATION 0x00000391 769 #define CKM_SHA1_KEY_DERIVATION 0x00000392 770 771 /* CKM_SHA256/384/512 are new for v2.20 */ 772 #define CKM_SHA256_KEY_DERIVATION 0x00000393 773 #define CKM_SHA384_KEY_DERIVATION 0x00000394 774 #define CKM_SHA512_KEY_DERIVATION 0x00000395 775 776 /* CKM_SHA224 new for v2.20 amendment 3 */ 777 #define CKM_SHA224_KEY_DERIVATION 0x00000396 778 779 #define CKM_PBE_MD2_DES_CBC 0x000003A0 780 #define CKM_PBE_MD5_DES_CBC 0x000003A1 781 #define CKM_PBE_MD5_CAST_CBC 0x000003A2 782 #define CKM_PBE_MD5_CAST3_CBC 0x000003A3 783 #define CKM_PBE_MD5_CAST5_CBC 0x000003A4 784 #define CKM_PBE_MD5_CAST128_CBC 0x000003A4 785 #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 786 #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 787 #define CKM_PBE_SHA1_RC4_128 0x000003A6 788 #define CKM_PBE_SHA1_RC4_40 0x000003A7 789 #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 790 #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 791 #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA 792 #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB 793 794 /* CKM_PKCS5_PBKD2 is new for v2.10 */ 795 #define CKM_PKCS5_PBKD2 0x000003B0 796 797 #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 798 799 /* WTLS mechanisms are new for v2.20 */ 800 #define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0 801 #define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1 802 #define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2 803 #define CKM_WTLS_PRF 0x000003D3 804 #define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4 805 #define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5 806 807 /* TLS 1.2 mechanisms are new for v2.40 */ 808 #define CKM_TLS12_MASTER_KEY_DERIVE 0x000003E0 809 #define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003E1 810 #define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003E2 811 #define CKM_TLS12_KEY_SAFE_DERIVE 0x000003E3 812 #define CKM_TLS12_MAC 0x000003E4 813 #define CKM_TLS_MAC 0x000003E4 814 #define CKM_TLS_KDF 0x000003E5 815 816 #define CKM_KEY_WRAP_LYNKS 0x00000400 817 #define CKM_KEY_WRAP_SET_OAEP 0x00000401 818 819 /* CKM_CMS_SIG is new for v2.20 */ 820 #define CKM_CMS_SIG 0x00000500 821 822 /* Fortezza mechanisms */ 823 #define CKM_SKIPJACK_KEY_GEN 0x00001000 824 #define CKM_SKIPJACK_ECB64 0x00001001 825 #define CKM_SKIPJACK_CBC64 0x00001002 826 #define CKM_SKIPJACK_OFB64 0x00001003 827 #define CKM_SKIPJACK_CFB64 0x00001004 828 #define CKM_SKIPJACK_CFB32 0x00001005 829 #define CKM_SKIPJACK_CFB16 0x00001006 830 #define CKM_SKIPJACK_CFB8 0x00001007 831 #define CKM_SKIPJACK_WRAP 0x00001008 832 #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 833 #define CKM_SKIPJACK_RELAYX 0x0000100a 834 #define CKM_KEA_KEY_PAIR_GEN 0x00001010 835 #define CKM_KEA_KEY_DERIVE 0x00001011 836 #define CKM_FORTEZZA_TIMESTAMP 0x00001020 837 #define CKM_BATON_KEY_GEN 0x00001030 838 #define CKM_BATON_ECB128 0x00001031 839 #define CKM_BATON_ECB96 0x00001032 840 #define CKM_BATON_CBC128 0x00001033 841 #define CKM_BATON_COUNTER 0x00001034 842 #define CKM_BATON_SHUFFLE 0x00001035 843 #define CKM_BATON_WRAP 0x00001036 844 845 /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, 846 * CKM_EC_KEY_PAIR_GEN is preferred */ 847 #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 848 #define CKM_EC_KEY_PAIR_GEN 0x00001040 849 850 #define CKM_ECDSA 0x00001041 851 #define CKM_ECDSA_SHA1 0x00001042 852 853 /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE 854 * are new for v2.11 */ 855 #define CKM_ECDH1_DERIVE 0x00001050 856 #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 857 #define CKM_ECMQV_DERIVE 0x00001052 858 859 #define CKM_JUNIPER_KEY_GEN 0x00001060 860 #define CKM_JUNIPER_ECB128 0x00001061 861 #define CKM_JUNIPER_CBC128 0x00001062 862 #define CKM_JUNIPER_COUNTER 0x00001063 863 #define CKM_JUNIPER_SHUFFLE 0x00001064 864 #define CKM_JUNIPER_WRAP 0x00001065 865 #define CKM_FASTHASH 0x00001070 866 867 /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, 868 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, 869 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are 870 * new for v2.11 */ 871 #define CKM_AES_KEY_GEN 0x00001080 872 #define CKM_AES_ECB 0x00001081 873 #define CKM_AES_CBC 0x00001082 874 #define CKM_AES_MAC 0x00001083 875 #define CKM_AES_MAC_GENERAL 0x00001084 876 #define CKM_AES_CBC_PAD 0x00001085 877 /* new for v2.20 amendment 3 */ 878 #define CKM_AES_CTR 0x00001086 879 /* new for v2.30 */ 880 #define CKM_AES_GCM 0x00001087 881 #define CKM_AES_CCM 0x00001088 882 #define CKM_AES_CTS 0x00001089 883 884 /* BlowFish and TwoFish are new for v2.20 */ 885 #define CKM_BLOWFISH_KEY_GEN 0x00001090 886 #define CKM_BLOWFISH_CBC 0x00001091 887 #define CKM_TWOFISH_KEY_GEN 0x00001092 888 #define CKM_TWOFISH_CBC 0x00001093 889 890 /* Camellia is proposed for v2.20 Amendment 3 */ 891 #define CKM_CAMELLIA_KEY_GEN 0x00000550 892 #define CKM_CAMELLIA_ECB 0x00000551 893 #define CKM_CAMELLIA_CBC 0x00000552 894 #define CKM_CAMELLIA_MAC 0x00000553 895 #define CKM_CAMELLIA_MAC_GENERAL 0x00000554 896 #define CKM_CAMELLIA_CBC_PAD 0x00000555 897 #define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556 898 #define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557 899 900 #define CKM_SEED_KEY_GEN 0x00000650 901 #define CKM_SEED_ECB 0x00000651 902 #define CKM_SEED_CBC 0x00000652 903 #define CKM_SEED_MAC 0x00000653 904 #define CKM_SEED_MAC_GENERAL 0x00000654 905 #define CKM_SEED_CBC_PAD 0x00000655 906 #define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656 907 #define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657 908 909 /* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */ 910 #define CKM_DES_ECB_ENCRYPT_DATA 0x00001100 911 #define CKM_DES_CBC_ENCRYPT_DATA 0x00001101 912 #define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102 913 #define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103 914 #define CKM_AES_ECB_ENCRYPT_DATA 0x00001104 915 #define CKM_AES_CBC_ENCRYPT_DATA 0x00001105 916 917 #define CKM_DSA_PARAMETER_GEN 0x00002000 918 #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 919 #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 920 921 #define CKM_VENDOR_DEFINED 0x80000000 922 923 typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; 924 925 /* CK_MECHANISM is a structure that specifies a particular 926 * mechanism */ 927 typedef struct CK_MECHANISM { 928 CK_MECHANISM_TYPE mechanism; 929 CK_VOID_PTR pParameter; 930 931 /* ulParameterLen was changed from CK_USHORT to CK_ULONG for 932 * v2.0 */ 933 CK_ULONG ulParameterLen; /* in bytes */ 934 } CK_MECHANISM; 935 936 typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; 937 938 /* CK_MECHANISM_INFO provides information about a particular 939 * mechanism */ 940 typedef struct CK_MECHANISM_INFO { 941 CK_ULONG ulMinKeySize; 942 CK_ULONG ulMaxKeySize; 943 CK_FLAGS flags; 944 } CK_MECHANISM_INFO; 945 946 /* The flags are defined as follows: 947 * Bit Flag Mask Meaning */ 948 #define CKF_HW 0x00000001 /* performed by HW */ 949 950 /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, 951 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, 952 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, 953 * and CKF_DERIVE are new for v2.0. They specify whether or not 954 * a mechanism can be used for a particular task */ 955 #define CKF_ENCRYPT 0x00000100 956 #define CKF_DECRYPT 0x00000200 957 #define CKF_DIGEST 0x00000400 958 #define CKF_SIGN 0x00000800 959 #define CKF_SIGN_RECOVER 0x00001000 960 #define CKF_VERIFY 0x00002000 961 #define CKF_VERIFY_RECOVER 0x00004000 962 #define CKF_GENERATE 0x00008000 963 #define CKF_GENERATE_KEY_PAIR 0x00010000 964 #define CKF_WRAP 0x00020000 965 #define CKF_UNWRAP 0x00040000 966 #define CKF_DERIVE 0x00080000 967 968 /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, 969 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They 970 * describe a token's EC capabilities not available in mechanism 971 * information. */ 972 #define CKF_EC_F_P 0x00100000 973 #define CKF_EC_F_2M 0x00200000 974 #define CKF_EC_ECPARAMETERS 0x00400000 975 #define CKF_EC_NAMEDCURVE 0x00800000 976 #define CKF_EC_UNCOMPRESS 0x01000000 977 #define CKF_EC_COMPRESS 0x02000000 978 979 #define CKF_EXTENSION 0x80000000 /* FALSE for this version */ 980 981 typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; 982 983 /* CK_RV is a value that identifies the return value of a 984 * PKCS #11 function */ 985 /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ 986 typedef CK_ULONG CK_RV; 987 988 #define CKR_OK 0x00000000 989 #define CKR_CANCEL 0x00000001 990 #define CKR_HOST_MEMORY 0x00000002 991 #define CKR_SLOT_ID_INVALID 0x00000003 992 993 /* CKR_FLAGS_INVALID was removed for v2.0 */ 994 995 /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ 996 #define CKR_GENERAL_ERROR 0x00000005 997 #define CKR_FUNCTION_FAILED 0x00000006 998 999 /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, 1000 * and CKR_CANT_LOCK are new for v2.01 */ 1001 #define CKR_ARGUMENTS_BAD 0x00000007 1002 #define CKR_NO_EVENT 0x00000008 1003 #define CKR_NEED_TO_CREATE_THREADS 0x00000009 1004 #define CKR_CANT_LOCK 0x0000000A 1005 1006 #define CKR_ATTRIBUTE_READ_ONLY 0x00000010 1007 #define CKR_ATTRIBUTE_SENSITIVE 0x00000011 1008 #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 1009 #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 1010 #define CKR_DATA_INVALID 0x00000020 1011 #define CKR_DATA_LEN_RANGE 0x00000021 1012 #define CKR_DEVICE_ERROR 0x00000030 1013 #define CKR_DEVICE_MEMORY 0x00000031 1014 #define CKR_DEVICE_REMOVED 0x00000032 1015 #define CKR_ENCRYPTED_DATA_INVALID 0x00000040 1016 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 1017 #define CKR_FUNCTION_CANCELED 0x00000050 1018 #define CKR_FUNCTION_NOT_PARALLEL 0x00000051 1019 1020 /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ 1021 #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 1022 1023 #define CKR_KEY_HANDLE_INVALID 0x00000060 1024 1025 /* CKR_KEY_SENSITIVE was removed for v2.0 */ 1026 1027 #define CKR_KEY_SIZE_RANGE 0x00000062 1028 #define CKR_KEY_TYPE_INCONSISTENT 0x00000063 1029 1030 /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, 1031 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, 1032 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for 1033 * v2.0 */ 1034 #define CKR_KEY_NOT_NEEDED 0x00000064 1035 #define CKR_KEY_CHANGED 0x00000065 1036 #define CKR_KEY_NEEDED 0x00000066 1037 #define CKR_KEY_INDIGESTIBLE 0x00000067 1038 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 1039 #define CKR_KEY_NOT_WRAPPABLE 0x00000069 1040 #define CKR_KEY_UNEXTRACTABLE 0x0000006A 1041 1042 #define CKR_MECHANISM_INVALID 0x00000070 1043 #define CKR_MECHANISM_PARAM_INVALID 0x00000071 1044 1045 /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID 1046 * were removed for v2.0 */ 1047 #define CKR_OBJECT_HANDLE_INVALID 0x00000082 1048 #define CKR_OPERATION_ACTIVE 0x00000090 1049 #define CKR_OPERATION_NOT_INITIALIZED 0x00000091 1050 #define CKR_PIN_INCORRECT 0x000000A0 1051 #define CKR_PIN_INVALID 0x000000A1 1052 #define CKR_PIN_LEN_RANGE 0x000000A2 1053 1054 /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ 1055 #define CKR_PIN_EXPIRED 0x000000A3 1056 #define CKR_PIN_LOCKED 0x000000A4 1057 1058 #define CKR_SESSION_CLOSED 0x000000B0 1059 #define CKR_SESSION_COUNT 0x000000B1 1060 #define CKR_SESSION_HANDLE_INVALID 0x000000B3 1061 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 1062 #define CKR_SESSION_READ_ONLY 0x000000B5 1063 #define CKR_SESSION_EXISTS 0x000000B6 1064 1065 /* CKR_SESSION_READ_ONLY_EXISTS and 1066 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ 1067 #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 1068 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 1069 1070 #define CKR_SIGNATURE_INVALID 0x000000C0 1071 #define CKR_SIGNATURE_LEN_RANGE 0x000000C1 1072 #define CKR_TEMPLATE_INCOMPLETE 0x000000D0 1073 #define CKR_TEMPLATE_INCONSISTENT 0x000000D1 1074 #define CKR_TOKEN_NOT_PRESENT 0x000000E0 1075 #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 1076 #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 1077 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 1078 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 1079 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 1080 #define CKR_USER_ALREADY_LOGGED_IN 0x00000100 1081 #define CKR_USER_NOT_LOGGED_IN 0x00000101 1082 #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 1083 #define CKR_USER_TYPE_INVALID 0x00000103 1084 1085 /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES 1086 * are new to v2.01 */ 1087 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 1088 #define CKR_USER_TOO_MANY_TYPES 0x00000105 1089 1090 #define CKR_WRAPPED_KEY_INVALID 0x00000110 1091 #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 1092 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 1093 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 1094 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 1095 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 1096 1097 /* These are new to v2.0 */ 1098 #define CKR_RANDOM_NO_RNG 0x00000121 1099 1100 /* These are new to v2.11 */ 1101 #define CKR_DOMAIN_PARAMS_INVALID 0x00000130 1102 1103 /* These are new to v2.0 */ 1104 #define CKR_BUFFER_TOO_SMALL 0x00000150 1105 #define CKR_SAVED_STATE_INVALID 0x00000160 1106 #define CKR_INFORMATION_SENSITIVE 0x00000170 1107 #define CKR_STATE_UNSAVEABLE 0x00000180 1108 1109 /* These are new to v2.01 */ 1110 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 1111 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 1112 #define CKR_MUTEX_BAD 0x000001A0 1113 #define CKR_MUTEX_NOT_LOCKED 0x000001A1 1114 1115 /* This is new to v2.20 */ 1116 #define CKR_FUNCTION_REJECTED 0x00000200 1117 1118 #define CKR_VENDOR_DEFINED 0x80000000 1119 1120 /* CK_NOTIFY is an application callback that processes events */ 1121 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( 1122 CK_SESSION_HANDLE hSession, /* the session's handle */ 1123 CK_NOTIFICATION event, 1124 CK_VOID_PTR pApplication /* passed to C_OpenSession */ 1125 ); 1126 1127 /* CK_FUNCTION_LIST is a structure holding a PKCS #11 spec 1128 * version and pointers of appropriate types to all the 1129 * PKCS #11 functions */ 1130 /* CK_FUNCTION_LIST is new for v2.0 */ 1131 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 1132 1133 typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; 1134 1135 typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; 1136 1137 /* CK_CREATEMUTEX is an application callback for creating a 1138 * mutex object */ 1139 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( 1140 CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ 1141 ); 1142 1143 /* CK_DESTROYMUTEX is an application callback for destroying a 1144 * mutex object */ 1145 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( 1146 CK_VOID_PTR pMutex /* pointer to mutex */ 1147 ); 1148 1149 /* CK_LOCKMUTEX is an application callback for locking a mutex */ 1150 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( 1151 CK_VOID_PTR pMutex /* pointer to mutex */ 1152 ); 1153 1154 /* CK_UNLOCKMUTEX is an application callback for unlocking a 1155 * mutex */ 1156 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( 1157 CK_VOID_PTR pMutex /* pointer to mutex */ 1158 ); 1159 1160 /* CK_C_INITIALIZE_ARGS provides the optional arguments to 1161 * C_Initialize */ 1162 typedef struct CK_C_INITIALIZE_ARGS { 1163 CK_CREATEMUTEX CreateMutex; 1164 CK_DESTROYMUTEX DestroyMutex; 1165 CK_LOCKMUTEX LockMutex; 1166 CK_UNLOCKMUTEX UnlockMutex; 1167 CK_FLAGS flags; 1168 /* The official PKCS #11 spec does not have a 'LibraryParameters' field, but 1169 * a reserved field. NSS needs a way to pass instance-specific information 1170 * to the library (like where to find its config files, etc). This 1171 * information is usually provided by the installer and passed uninterpreted 1172 * by NSS to the library, though NSS does know the specifics of the softoken 1173 * version of this parameter. Most compliant PKCS#11 modules expect this 1174 * parameter to be NULL, and will return CKR_ARGUMENTS_BAD from 1175 * C_Initialize if Library parameters is supplied. */ 1176 CK_CHAR_PTR *LibraryParameters; 1177 /* This field is only present if the LibraryParameters is not NULL. It must 1178 * be NULL in all cases */ 1179 CK_VOID_PTR pReserved; 1180 } CK_C_INITIALIZE_ARGS; 1181 1182 /* flags: bit flags that provide capabilities of the slot 1183 * Bit Flag Mask Meaning 1184 */ 1185 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 1186 #define CKF_OS_LOCKING_OK 0x00000002 1187 1188 typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; 1189 1190 /* additional flags for parameters to functions */ 1191 1192 /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ 1193 #define CKF_DONT_BLOCK 1 1194 1195 /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. 1196 * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message 1197 * Generation Function (MGF) applied to a message block when 1198 * formatting a message block for the PKCS #1 OAEP encryption 1199 * scheme. */ 1200 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 1201 1202 typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; 1203 1204 /* The following MGFs are defined */ 1205 /* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512 1206 * are new for v2.20 */ 1207 #define CKG_MGF1_SHA1 0x00000001 1208 #define CKG_MGF1_SHA256 0x00000002 1209 #define CKG_MGF1_SHA384 0x00000003 1210 #define CKG_MGF1_SHA512 0x00000004 1211 1212 /* v2.20 amendment 3 */ 1213 #define CKG_MGF1_SHA224 0x00000005 1214 1215 /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. 1216 * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source 1217 * of the encoding parameter when formatting a message block 1218 * for the PKCS #1 OAEP encryption scheme. */ 1219 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 1220 1221 typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; 1222 1223 /* The following encoding parameter sources are defined */ 1224 #define CKZ_DATA_SPECIFIED 0x00000001 1225 1226 /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. 1227 * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the 1228 * CKM_RSA_PKCS_OAEP mechanism. */ 1229 typedef struct CK_RSA_PKCS_OAEP_PARAMS { 1230 CK_MECHANISM_TYPE hashAlg; 1231 CK_RSA_PKCS_MGF_TYPE mgf; 1232 CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 1233 CK_VOID_PTR pSourceData; 1234 CK_ULONG ulSourceDataLen; 1235 } CK_RSA_PKCS_OAEP_PARAMS; 1236 1237 typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; 1238 1239 /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. 1240 * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the 1241 * CKM_RSA_PKCS_PSS mechanism(s). */ 1242 typedef struct CK_RSA_PKCS_PSS_PARAMS { 1243 CK_MECHANISM_TYPE hashAlg; 1244 CK_RSA_PKCS_MGF_TYPE mgf; 1245 CK_ULONG sLen; 1246 } CK_RSA_PKCS_PSS_PARAMS; 1247 1248 typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; 1249 1250 /* CK_EC_KDF_TYPE is new for v2.11. */ 1251 typedef CK_ULONG CK_EC_KDF_TYPE; 1252 1253 /* The following EC Key Derivation Functions are defined */ 1254 #define CKD_NULL 0x00000001 1255 #define CKD_SHA1_KDF 0x00000002 1256 #define CKD_SHA224_KDF 0x00000005 1257 #define CKD_SHA256_KDF 0x00000006 1258 #define CKD_SHA384_KDF 0x00000007 1259 #define CKD_SHA512_KDF 0x00000008 1260 1261 /* CK_ECDH1_DERIVE_PARAMS is new for v2.11. 1262 * CK_ECDH1_DERIVE_PARAMS provides the parameters to the 1263 * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, 1264 * where each party contributes one key pair. 1265 */ 1266 typedef struct CK_ECDH1_DERIVE_PARAMS { 1267 CK_EC_KDF_TYPE kdf; 1268 CK_ULONG ulSharedDataLen; 1269 CK_BYTE_PTR pSharedData; 1270 CK_ULONG ulPublicDataLen; 1271 CK_BYTE_PTR pPublicData; 1272 } CK_ECDH1_DERIVE_PARAMS; 1273 1274 typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; 1275 1276 /* CK_ECDH2_DERIVE_PARAMS is new for v2.11. 1277 * CK_ECDH2_DERIVE_PARAMS provides the parameters to the 1278 * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */ 1279 typedef struct CK_ECDH2_DERIVE_PARAMS { 1280 CK_EC_KDF_TYPE kdf; 1281 CK_ULONG ulSharedDataLen; 1282 CK_BYTE_PTR pSharedData; 1283 CK_ULONG ulPublicDataLen; 1284 CK_BYTE_PTR pPublicData; 1285 CK_ULONG ulPrivateDataLen; 1286 CK_OBJECT_HANDLE hPrivateData; 1287 CK_ULONG ulPublicDataLen2; 1288 CK_BYTE_PTR pPublicData2; 1289 } CK_ECDH2_DERIVE_PARAMS; 1290 1291 typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; 1292 1293 typedef struct CK_ECMQV_DERIVE_PARAMS { 1294 CK_EC_KDF_TYPE kdf; 1295 CK_ULONG ulSharedDataLen; 1296 CK_BYTE_PTR pSharedData; 1297 CK_ULONG ulPublicDataLen; 1298 CK_BYTE_PTR pPublicData; 1299 CK_ULONG ulPrivateDataLen; 1300 CK_OBJECT_HANDLE hPrivateData; 1301 CK_ULONG ulPublicDataLen2; 1302 CK_BYTE_PTR pPublicData2; 1303 CK_OBJECT_HANDLE publicKey; 1304 } CK_ECMQV_DERIVE_PARAMS; 1305 1306 typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR; 1307 1308 /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the 1309 * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */ 1310 typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; 1311 typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; 1312 1313 /* The following X9.42 DH key derivation functions are defined 1314 (besides CKD_NULL already defined : */ 1315 #define CKD_SHA1_KDF_ASN1 0x00000003 1316 #define CKD_SHA1_KDF_CONCATENATE 0x00000004 1317 1318 /* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11. 1319 * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the 1320 * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party 1321 * contributes one key pair */ 1322 typedef struct CK_X9_42_DH1_DERIVE_PARAMS { 1323 CK_X9_42_DH_KDF_TYPE kdf; 1324 CK_ULONG ulOtherInfoLen; 1325 CK_BYTE_PTR pOtherInfo; 1326 CK_ULONG ulPublicDataLen; 1327 CK_BYTE_PTR pPublicData; 1328 } CK_X9_42_DH1_DERIVE_PARAMS; 1329 1330 typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; 1331 1332 /* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11. 1333 * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the 1334 * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation 1335 * mechanisms, where each party contributes two key pairs */ 1336 typedef struct CK_X9_42_DH2_DERIVE_PARAMS { 1337 CK_X9_42_DH_KDF_TYPE kdf; 1338 CK_ULONG ulOtherInfoLen; 1339 CK_BYTE_PTR pOtherInfo; 1340 CK_ULONG ulPublicDataLen; 1341 CK_BYTE_PTR pPublicData; 1342 CK_ULONG ulPrivateDataLen; 1343 CK_OBJECT_HANDLE hPrivateData; 1344 CK_ULONG ulPublicDataLen2; 1345 CK_BYTE_PTR pPublicData2; 1346 } CK_X9_42_DH2_DERIVE_PARAMS; 1347 1348 typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; 1349 1350 typedef struct CK_X9_42_MQV_DERIVE_PARAMS { 1351 CK_X9_42_DH_KDF_TYPE kdf; 1352 CK_ULONG ulOtherInfoLen; 1353 CK_BYTE_PTR pOtherInfo; 1354 CK_ULONG ulPublicDataLen; 1355 CK_BYTE_PTR pPublicData; 1356 CK_ULONG ulPrivateDataLen; 1357 CK_OBJECT_HANDLE hPrivateData; 1358 CK_ULONG ulPublicDataLen2; 1359 CK_BYTE_PTR pPublicData2; 1360 CK_OBJECT_HANDLE publicKey; 1361 } CK_X9_42_MQV_DERIVE_PARAMS; 1362 1363 typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR; 1364 1365 /* CK_KEA_DERIVE_PARAMS provides the parameters to the 1366 * CKM_KEA_DERIVE mechanism */ 1367 /* CK_KEA_DERIVE_PARAMS is new for v2.0 */ 1368 typedef struct CK_KEA_DERIVE_PARAMS { 1369 CK_BBOOL isSender; 1370 CK_ULONG ulRandomLen; 1371 CK_BYTE_PTR pRandomA; 1372 CK_BYTE_PTR pRandomB; 1373 CK_ULONG ulPublicDataLen; 1374 CK_BYTE_PTR pPublicData; 1375 } CK_KEA_DERIVE_PARAMS; 1376 1377 typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; 1378 1379 /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and 1380 * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just 1381 * holds the effective keysize */ 1382 typedef CK_ULONG CK_RC2_PARAMS; 1383 1384 typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; 1385 1386 /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC 1387 * mechanism */ 1388 typedef struct CK_RC2_CBC_PARAMS { 1389 /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for 1390 * v2.0 */ 1391 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 1392 1393 CK_BYTE iv[8]; /* IV for CBC mode */ 1394 } CK_RC2_CBC_PARAMS; 1395 1396 typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; 1397 1398 /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the 1399 * CKM_RC2_MAC_GENERAL mechanism */ 1400 /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ 1401 typedef struct CK_RC2_MAC_GENERAL_PARAMS { 1402 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 1403 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 1404 } CK_RC2_MAC_GENERAL_PARAMS; 1405 1406 typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR 1407 CK_RC2_MAC_GENERAL_PARAMS_PTR; 1408 1409 /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and 1410 * CKM_RC5_MAC mechanisms */ 1411 /* CK_RC5_PARAMS is new for v2.0 */ 1412 typedef struct CK_RC5_PARAMS { 1413 CK_ULONG ulWordsize; /* wordsize in bits */ 1414 CK_ULONG ulRounds; /* number of rounds */ 1415 } CK_RC5_PARAMS; 1416 1417 typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; 1418 1419 /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC 1420 * mechanism */ 1421 /* CK_RC5_CBC_PARAMS is new for v2.0 */ 1422 typedef struct CK_RC5_CBC_PARAMS { 1423 CK_ULONG ulWordsize; /* wordsize in bits */ 1424 CK_ULONG ulRounds; /* number of rounds */ 1425 CK_BYTE_PTR pIv; /* pointer to IV */ 1426 CK_ULONG ulIvLen; /* length of IV in bytes */ 1427 } CK_RC5_CBC_PARAMS; 1428 1429 typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; 1430 1431 /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the 1432 * CKM_RC5_MAC_GENERAL mechanism */ 1433 /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ 1434 typedef struct CK_RC5_MAC_GENERAL_PARAMS { 1435 CK_ULONG ulWordsize; /* wordsize in bits */ 1436 CK_ULONG ulRounds; /* number of rounds */ 1437 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 1438 } CK_RC5_MAC_GENERAL_PARAMS; 1439 1440 typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR 1441 CK_RC5_MAC_GENERAL_PARAMS_PTR; 1442 1443 /* CK_MAC_GENERAL_PARAMS provides the parameters to most block 1444 * ciphers' MAC_GENERAL mechanisms. Its value is the length of 1445 * the MAC */ 1446 /* CK_MAC_GENERAL_PARAMS is new for v2.0 */ 1447 typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 1448 1449 typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; 1450 1451 /* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */ 1452 typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS { 1453 CK_BYTE iv[8]; 1454 CK_BYTE_PTR pData; 1455 CK_ULONG length; 1456 } CK_DES_CBC_ENCRYPT_DATA_PARAMS; 1457 1458 typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; 1459 1460 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { 1461 CK_BYTE iv[16]; 1462 CK_BYTE_PTR pData; 1463 CK_ULONG length; 1464 } CK_AES_CBC_ENCRYPT_DATA_PARAMS; 1465 1466 typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; 1467 1468 /* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 1469 typedef struct CK_AES_CTR_PARAMS { 1470 CK_ULONG ulCounterBits; 1471 CK_BYTE cb[16]; 1472 } CK_AES_CTR_PARAMS; 1473 1474 typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; 1475 1476 /* CK_GCM_PARAMS is new for version 2.30 */ 1477 typedef struct CK_GCM_PARAMS { 1478 CK_BYTE_PTR pIv; 1479 CK_ULONG ulIvLen; 1480 CK_BYTE_PTR pAAD; 1481 CK_ULONG ulAADLen; 1482 CK_ULONG ulTagBits; 1483 } CK_GCM_PARAMS; 1484 1485 typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR; 1486 1487 /* CK_CCM_PARAMS is new for version 2.30 */ 1488 typedef struct CK_CCM_PARAMS { 1489 CK_ULONG ulDataLen; 1490 CK_BYTE_PTR pNonce; 1491 CK_ULONG ulNonceLen; 1492 CK_BYTE_PTR pAAD; 1493 CK_ULONG ulAADLen; 1494 CK_ULONG ulMACLen; 1495 } CK_CCM_PARAMS; 1496 1497 typedef CK_CCM_PARAMS CK_PTR CK_CCM_PARAMS_PTR; 1498 1499 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the 1500 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ 1501 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ 1502 typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { 1503 CK_ULONG ulPasswordLen; 1504 CK_BYTE_PTR pPassword; 1505 CK_ULONG ulPublicDataLen; 1506 CK_BYTE_PTR pPublicData; 1507 CK_ULONG ulPAndGLen; 1508 CK_ULONG ulQLen; 1509 CK_ULONG ulRandomLen; 1510 CK_BYTE_PTR pRandomA; 1511 CK_BYTE_PTR pPrimeP; 1512 CK_BYTE_PTR pBaseG; 1513 CK_BYTE_PTR pSubprimeQ; 1514 } CK_SKIPJACK_PRIVATE_WRAP_PARAMS; 1515 1516 typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR 1517 CK_SKIPJACK_PRIVATE_WRAP_PTR; 1518 1519 /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the 1520 * CKM_SKIPJACK_RELAYX mechanism */ 1521 /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ 1522 typedef struct CK_SKIPJACK_RELAYX_PARAMS { 1523 CK_ULONG ulOldWrappedXLen; 1524 CK_BYTE_PTR pOldWrappedX; 1525 CK_ULONG ulOldPasswordLen; 1526 CK_BYTE_PTR pOldPassword; 1527 CK_ULONG ulOldPublicDataLen; 1528 CK_BYTE_PTR pOldPublicData; 1529 CK_ULONG ulOldRandomLen; 1530 CK_BYTE_PTR pOldRandomA; 1531 CK_ULONG ulNewPasswordLen; 1532 CK_BYTE_PTR pNewPassword; 1533 CK_ULONG ulNewPublicDataLen; 1534 CK_BYTE_PTR pNewPublicData; 1535 CK_ULONG ulNewRandomLen; 1536 CK_BYTE_PTR pNewRandomA; 1537 } CK_SKIPJACK_RELAYX_PARAMS; 1538 1539 typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR 1540 CK_SKIPJACK_RELAYX_PARAMS_PTR; 1541 1542 typedef struct CK_PBE_PARAMS { 1543 CK_BYTE_PTR pInitVector; 1544 CK_UTF8CHAR_PTR pPassword; 1545 CK_ULONG ulPasswordLen; 1546 CK_BYTE_PTR pSalt; 1547 CK_ULONG ulSaltLen; 1548 CK_ULONG ulIteration; 1549 } CK_PBE_PARAMS; 1550 1551 typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; 1552 1553 /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the 1554 * CKM_KEY_WRAP_SET_OAEP mechanism */ 1555 /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ 1556 typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { 1557 CK_BYTE bBC; /* block contents byte */ 1558 CK_BYTE_PTR pX; /* extra data */ 1559 CK_ULONG ulXLen; /* length of extra data in bytes */ 1560 } CK_KEY_WRAP_SET_OAEP_PARAMS; 1561 1562 typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR 1563 CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; 1564 1565 typedef struct CK_SSL3_RANDOM_DATA { 1566 CK_BYTE_PTR pClientRandom; 1567 CK_ULONG ulClientRandomLen; 1568 CK_BYTE_PTR pServerRandom; 1569 CK_ULONG ulServerRandomLen; 1570 } CK_SSL3_RANDOM_DATA; 1571 1572 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { 1573 CK_SSL3_RANDOM_DATA RandomInfo; 1574 CK_VERSION_PTR pVersion; 1575 } CK_SSL3_MASTER_KEY_DERIVE_PARAMS; 1576 1577 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR 1578 CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; 1579 1580 typedef struct CK_SSL3_KEY_MAT_OUT { 1581 CK_OBJECT_HANDLE hClientMacSecret; 1582 CK_OBJECT_HANDLE hServerMacSecret; 1583 CK_OBJECT_HANDLE hClientKey; 1584 CK_OBJECT_HANDLE hServerKey; 1585 CK_BYTE_PTR pIVClient; 1586 CK_BYTE_PTR pIVServer; 1587 } CK_SSL3_KEY_MAT_OUT; 1588 1589 typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; 1590 1591 typedef struct CK_SSL3_KEY_MAT_PARAMS { 1592 CK_ULONG ulMacSizeInBits; 1593 CK_ULONG ulKeySizeInBits; 1594 CK_ULONG ulIVSizeInBits; 1595 CK_BBOOL bIsExport; /* Unused. Must be set to CK_FALSE. */ 1596 CK_SSL3_RANDOM_DATA RandomInfo; 1597 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 1598 } CK_SSL3_KEY_MAT_PARAMS; 1599 1600 typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; 1601 1602 /* CK_TLS_PRF_PARAMS is new for version 2.20 */ 1603 typedef struct CK_TLS_PRF_PARAMS { 1604 CK_BYTE_PTR pSeed; 1605 CK_ULONG ulSeedLen; 1606 CK_BYTE_PTR pLabel; 1607 CK_ULONG ulLabelLen; 1608 CK_BYTE_PTR pOutput; 1609 CK_ULONG_PTR pulOutputLen; 1610 } CK_TLS_PRF_PARAMS; 1611 1612 typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; 1613 1614 /* TLS 1.2 is new for version 2.40 */ 1615 typedef struct CK_TLS12_MASTER_KEY_DERIVE_PARAMS { 1616 CK_SSL3_RANDOM_DATA RandomInfo; 1617 CK_VERSION_PTR pVersion; 1618 CK_MECHANISM_TYPE prfHashMechanism; 1619 } CK_TLS12_MASTER_KEY_DERIVE_PARAMS; 1620 1621 typedef CK_TLS12_MASTER_KEY_DERIVE_PARAMS CK_PTR 1622 CK_TLS12_MASTER_KEY_DERIVE_PARAMS_PTR; 1623 1624 typedef struct CK_TLS12_KEY_MAT_PARAMS { 1625 CK_ULONG ulMacSizeInBits; 1626 CK_ULONG ulKeySizeInBits; 1627 CK_ULONG ulIVSizeInBits; 1628 CK_BBOOL bIsExport; /* Unused. Must be set to CK_FALSE. */ 1629 CK_SSL3_RANDOM_DATA RandomInfo; 1630 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 1631 CK_MECHANISM_TYPE prfHashMechanism; 1632 } CK_TLS12_KEY_MAT_PARAMS; 1633 1634 typedef CK_TLS12_KEY_MAT_PARAMS CK_PTR CK_TLS12_KEY_MAT_PARAMS_PTR; 1635 1636 typedef struct CK_TLS_KDF_PARAMS { 1637 CK_MECHANISM_TYPE prfMechanism; 1638 CK_BYTE_PTR pLabel; 1639 CK_ULONG ulLabelLength; 1640 CK_SSL3_RANDOM_DATA RandomInfo; 1641 CK_BYTE_PTR pContextData; 1642 CK_ULONG ulContextDataLength; 1643 } CK_TLS_KDF_PARAMS; 1644 1645 typedef struct CK_TLS_MAC_PARAMS { 1646 CK_MECHANISM_TYPE prfMechanism; 1647 CK_ULONG ulMacLength; 1648 CK_ULONG ulServerOrClient; 1649 } CK_TLS_MAC_PARAMS; 1650 1651 typedef CK_TLS_MAC_PARAMS CK_PTR CK_TLS_MAC_PARAMS_PTR; 1652 1653 /* WTLS is new for version 2.20 */ 1654 typedef struct CK_WTLS_RANDOM_DATA { 1655 CK_BYTE_PTR pClientRandom; 1656 CK_ULONG ulClientRandomLen; 1657 CK_BYTE_PTR pServerRandom; 1658 CK_ULONG ulServerRandomLen; 1659 } CK_WTLS_RANDOM_DATA; 1660 1661 typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR; 1662 1663 typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { 1664 CK_MECHANISM_TYPE DigestMechanism; 1665 CK_WTLS_RANDOM_DATA RandomInfo; 1666 CK_BYTE_PTR pVersion; 1667 } CK_WTLS_MASTER_KEY_DERIVE_PARAMS; 1668 1669 typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR 1670 CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR; 1671 1672 typedef struct CK_WTLS_PRF_PARAMS { 1673 CK_MECHANISM_TYPE DigestMechanism; 1674 CK_BYTE_PTR pSeed; 1675 CK_ULONG ulSeedLen; 1676 CK_BYTE_PTR pLabel; 1677 CK_ULONG ulLabelLen; 1678 CK_BYTE_PTR pOutput; 1679 CK_ULONG_PTR pulOutputLen; 1680 } CK_WTLS_PRF_PARAMS; 1681 1682 typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR; 1683 1684 typedef struct CK_WTLS_KEY_MAT_OUT { 1685 CK_OBJECT_HANDLE hMacSecret; 1686 CK_OBJECT_HANDLE hKey; 1687 CK_BYTE_PTR pIV; 1688 } CK_WTLS_KEY_MAT_OUT; 1689 1690 typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR; 1691 1692 typedef struct CK_WTLS_KEY_MAT_PARAMS { 1693 CK_MECHANISM_TYPE DigestMechanism; 1694 CK_ULONG ulMacSizeInBits; 1695 CK_ULONG ulKeySizeInBits; 1696 CK_ULONG ulIVSizeInBits; 1697 CK_ULONG ulSequenceNumber; 1698 CK_BBOOL bIsExport; /* Unused. Must be set to CK_FALSE. */ 1699 CK_WTLS_RANDOM_DATA RandomInfo; 1700 CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 1701 } CK_WTLS_KEY_MAT_PARAMS; 1702 1703 typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR; 1704 1705 /* CMS is new for version 2.20 */ 1706 typedef struct CK_CMS_SIG_PARAMS { 1707 CK_OBJECT_HANDLE certificateHandle; 1708 CK_MECHANISM_PTR pSigningMechanism; 1709 CK_MECHANISM_PTR pDigestMechanism; 1710 CK_UTF8CHAR_PTR pContentType; 1711 CK_BYTE_PTR pRequestedAttributes; 1712 CK_ULONG ulRequestedAttributesLen; 1713 CK_BYTE_PTR pRequiredAttributes; 1714 CK_ULONG ulRequiredAttributesLen; 1715 } CK_CMS_SIG_PARAMS; 1716 1717 typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR; 1718 1719 typedef struct CK_KEY_DERIVATION_STRING_DATA { 1720 CK_BYTE_PTR pData; 1721 CK_ULONG ulLen; 1722 } CK_KEY_DERIVATION_STRING_DATA; 1723 1724 typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR 1725 CK_KEY_DERIVATION_STRING_DATA_PTR; 1726 1727 /* The CK_EXTRACT_PARAMS is used for the 1728 * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit 1729 * of the base key should be used as the first bit of the 1730 * derived key */ 1731 /* CK_EXTRACT_PARAMS is new for v2.0 */ 1732 typedef CK_ULONG CK_EXTRACT_PARAMS; 1733 1734 typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; 1735 1736 /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. 1737 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to 1738 * indicate the Pseudo-Random Function (PRF) used to generate 1739 * key bits using PKCS #5 PBKDF2. */ 1740 typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; 1741 1742 typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; 1743 1744 /* The following PRFs are defined in PKCS #5 v2.1. */ 1745 #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 1746 #define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 0x00000002 1747 #define CKP_PKCS5_PBKD2_HMAC_SHA224 0x00000003 1748 #define CKP_PKCS5_PBKD2_HMAC_SHA256 0x00000004 1749 #define CKP_PKCS5_PBKD2_HMAC_SHA384 0x00000005 1750 #define CKP_PKCS5_PBKD2_HMAC_SHA512 0x00000006 1751 #define CKP_PKCS5_PBKD2_HMAC_SHA512_224 0x00000007 1752 #define CKP_PKCS5_PBKD2_HMAC_SHA512_256 0x00000008 1753 1754 /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. 1755 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the 1756 * source of the salt value when deriving a key using PKCS #5 1757 * PBKDF2. */ 1758 typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; 1759 1760 typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; 1761 1762 /* The following salt value sources are defined in PKCS #5 v2.0. */ 1763 #define CKZ_SALT_SPECIFIED 0x00000001 1764 1765 /* CK_PKCS5_PBKD2_PARAMS is new for v2.10. 1766 * CK_PKCS5_PBKD2_PARAMS is a structure that provides the 1767 * parameters to the CKM_PKCS5_PBKD2 mechanism. */ 1768 typedef struct CK_PKCS5_PBKD2_PARAMS { 1769 CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; 1770 CK_VOID_PTR pSaltSourceData; 1771 CK_ULONG ulSaltSourceDataLen; 1772 CK_ULONG iterations; 1773 CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; 1774 CK_VOID_PTR pPrfData; 1775 CK_ULONG ulPrfDataLen; 1776 CK_UTF8CHAR_PTR pPassword; 1777 CK_ULONG_PTR ulPasswordLen; 1778 } CK_PKCS5_PBKD2_PARAMS; 1779 1780 typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; 1781 1782 /* NSS Specific defines */ 1783 1784 /* defines that have been deprecated in 2.20, but maintained in our 1785 * header file for backward compatibility */ 1786 #define CKO_KG_PARAMETERS CKO_DOMAIN_PARAMETERS 1787 #define CKF_EC_FP CKF_EC_F_P 1788 /* new in v2.11 deprecated by 2.20 */ 1789 #define CKR_KEY_PARAMS_INVALID 0x0000006B 1790 1791 /* stuff that for historic reasons is in this header file but should have 1792 * been in pkcs11n.h */ 1793 #define CKK_INVALID_KEY_TYPE 0xffffffff 1794 1795 #include "pkcs11n.h" 1796 1797 /* undo packing */ 1798 #include "pkcs11u.h" 1799 1800 #endif 1801