1 /* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * Copyright 2006 Andreas Jellinghaus 4 * Copyright 2006, 2007 g10 Code GmbH 5 * Copyright 2017 Red Hat, Inc. 6 * 7 * SPDX-License-Identifier: MPL-2.0 8 * 9 * This Source Code Form is subject to the terms of the Mozilla Public 10 * License, v. 2.0. If a copy of the MPL was not distributed with this 11 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 12 * 13 * See the COPYRIGHT file distributed with this work for additional 14 * information regarding copyright ownership. 15 */ 16 17 /* Please submit any changes back to the p11-kit project at 18 * https://github.com/p11-glue/p11-kit/, so that 19 * they can be picked up by other projects from there as well. */ 20 21 /* This file is a modified implementation of the PKCS #11 standard by 22 * OASIS group. It is mostly a drop-in replacement, with the 23 * following change: 24 * 25 * This header file does not require any macro definitions by the user 26 * (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros 27 * for you (if useful, some are missing, let me know if you need 28 * more). 29 * 30 * There is an additional API available that does comply better to the 31 * GNU coding standard. It can be switched on by defining 32 * CRYPTOKI_GNU before including this header file. For this, the 33 * following changes are made to the specification: 34 * 35 * All structure types are changed to a "struct ck_foo" where CK_FOO 36 * is the type name in PKCS #11. 37 * 38 * All non-structure types are changed to ck_foo_t where CK_FOO is the 39 * lowercase version of the type name in PKCS #11. The basic types 40 * (CK_ULONG et al.) are removed without substitute. 41 * 42 * All members of structures are modified in the following way: Type 43 * indication prefixes are removed, and underscore characters are 44 * inserted before words. Then the result is lowercased. 45 * 46 * Note that function names are still in the original case, as they 47 * need for ABI compatibility. 48 * 49 * CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use 50 * <stdbool.h>. 51 * 52 * If CRYPTOKI_COMPAT is defined before including this header file, 53 * then none of the API changes above take place, and the API is the 54 * one defined by the PKCS #11 standard. */ 55 56 #ifndef PKCS11_H 57 #define PKCS11_H 1 58 59 #if defined(__cplusplus) 60 extern "C" { 61 #endif /* if defined(__cplusplus) */ 62 63 /* The version of cryptoki we implement. The revision is changed with 64 * each modification of this file. */ 65 #define CRYPTOKI_VERSION_MAJOR 2 66 #define CRYPTOKI_VERSION_MINOR 40 67 #define P11_KIT_CRYPTOKI_VERSION_REVISION 0 68 69 /* Compatibility interface is default, unless CRYPTOKI_GNU is 70 * given. */ 71 #ifndef CRYPTOKI_GNU 72 #ifndef CRYPTOKI_COMPAT 73 #define CRYPTOKI_COMPAT 1 74 #endif /* ifndef CRYPTOKI_COMPAT */ 75 #endif /* ifndef CRYPTOKI_GNU */ 76 77 /* System dependencies. */ 78 79 #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) 80 81 /* There is a matching pop below. */ 82 #pragma pack(push, cryptoki, 1) 83 84 #ifdef CRYPTOKI_EXPORTS 85 #define CK_SPEC __declspec(dllexport) 86 #else /* ifdef CRYPTOKI_EXPORTS */ 87 #define CK_SPEC __declspec(dllimport) 88 #endif /* ifdef CRYPTOKI_EXPORTS */ 89 90 #else /* if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) */ 91 92 #define CK_SPEC 93 94 #endif /* if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) */ 95 96 #ifdef CRYPTOKI_COMPAT 97 /* If we are in compatibility mode, switch all exposed names to the 98 * PKCS #11 variant. There are corresponding #undefs below. */ 99 100 #define ck_flags_t CK_FLAGS 101 #define ck_version _CK_VERSION 102 103 #define ck_info _CK_INFO 104 #define cryptoki_version cryptokiVersion 105 #define manufacturer_id manufacturerID 106 #define library_description libraryDescription 107 #define library_version libraryVersion 108 109 #define ck_notification_t CK_NOTIFICATION 110 #define ck_slot_id_t CK_SLOT_ID 111 112 #define ck_slot_info _CK_SLOT_INFO 113 #define slot_description slotDescription 114 #define hardware_version hardwareVersion 115 #define firmware_version firmwareVersion 116 117 #define ck_token_info _CK_TOKEN_INFO 118 #define serial_number serialNumber 119 #define max_session_count ulMaxSessionCount 120 #define session_count ulSessionCount 121 #define max_rw_session_count ulMaxRwSessionCount 122 #define rw_session_count ulRwSessionCount 123 #define max_pin_len ulMaxPinLen 124 #define min_pin_len ulMinPinLen 125 #define total_public_memory ulTotalPublicMemory 126 #define free_public_memory ulFreePublicMemory 127 #define total_private_memory ulTotalPrivateMemory 128 #define free_private_memory ulFreePrivateMemory 129 #define utc_time utcTime 130 131 #define ck_session_handle_t CK_SESSION_HANDLE 132 #define ck_user_type_t CK_USER_TYPE 133 #define ck_state_t CK_STATE 134 135 #define ck_session_info _CK_SESSION_INFO 136 #define slot_id slotID 137 #define device_error ulDeviceError 138 139 #define ck_object_handle_t CK_OBJECT_HANDLE 140 #define ck_object_class_t CK_OBJECT_CLASS 141 #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE 142 #define ck_key_type_t CK_KEY_TYPE 143 #define ck_certificate_type_t CK_CERTIFICATE_TYPE 144 #define ck_attribute_type_t CK_ATTRIBUTE_TYPE 145 146 #define ck_attribute _CK_ATTRIBUTE 147 #define value pValue 148 #define value_len ulValueLen 149 150 #define count ulCount 151 152 #define ck_date _CK_DATE 153 154 #define ck_mechanism_type_t CK_MECHANISM_TYPE 155 156 #define ck_mechanism _CK_MECHANISM 157 #define parameter pParameter 158 #define parameter_len ulParameterLen 159 160 #define params pParams 161 162 #define ck_mechanism_info _CK_MECHANISM_INFO 163 #define min_key_size ulMinKeySize 164 #define max_key_size ulMaxKeySize 165 166 #define ck_param_type CK_PARAM_TYPE 167 #define ck_otp_param CK_OTP_PARAM 168 #define ck_otp_params CK_OTP_PARAMS 169 #define ck_otp_signature_info CK_OTP_SIGNATURE_INFO 170 171 #define ck_rv_t CK_RV 172 #define ck_notify_t CK_NOTIFY 173 174 #define ck_function_list _CK_FUNCTION_LIST 175 176 #define ck_createmutex_t CK_CREATEMUTEX 177 #define ck_destroymutex_t CK_DESTROYMUTEX 178 #define ck_lockmutex_t CK_LOCKMUTEX 179 #define ck_unlockmutex_t CK_UNLOCKMUTEX 180 181 #define ck_c_initialize_args _CK_C_INITIALIZE_ARGS 182 #define create_mutex CreateMutex 183 #define destroy_mutex DestroyMutex 184 #define lock_mutex LockMutex 185 #define unlock_mutex UnlockMutex 186 #define reserved pReserved 187 188 #define ck_rsa_pkcs_mgf_type_t CK_RSA_PKCS_MGF_TYPE 189 #define ck_rsa_pkcs_oaep_source_type_t CK_RSA_PKCS_OAEP_SOURCE_TYPE 190 #define hash_alg hashAlg 191 #define s_len sLen 192 #define source_data pSourceData 193 #define source_data_len ulSourceDataLen 194 195 #define counter_bits ulCounterBits 196 #define iv_ptr pIv 197 #define iv_len ulIvLen 198 #define iv_bits ulIvBits 199 #define aad_ptr pAAD 200 #define aad_len ulAADLen 201 #define tag_bits ulTagBits 202 #define shared_data_len ulSharedDataLen 203 #define shared_data pSharedData 204 #define public_data_len ulPublicDataLen 205 #define public_data pPublicData 206 #define string_data pData 207 #define string_data_len ulLen 208 #define data_params pData 209 #endif /* CRYPTOKI_COMPAT */ 210 211 typedef unsigned long ck_flags_t; 212 213 struct ck_version { 214 unsigned char major; 215 unsigned char minor; 216 }; 217 218 struct ck_info { 219 struct ck_version cryptoki_version; 220 unsigned char manufacturer_id[32]; 221 ck_flags_t flags; 222 unsigned char library_description[32]; 223 struct ck_version library_version; 224 }; 225 226 typedef unsigned long ck_notification_t; 227 228 #define CKN_SURRENDER (0UL) 229 230 typedef unsigned long ck_slot_id_t; 231 232 struct ck_slot_info { 233 unsigned char slot_description[64]; 234 unsigned char manufacturer_id[32]; 235 ck_flags_t flags; 236 struct ck_version hardware_version; 237 struct ck_version firmware_version; 238 }; 239 240 #define CKF_TOKEN_PRESENT (1UL << 0) 241 #define CKF_REMOVABLE_DEVICE (1UL << 1) 242 #define CKF_HW_SLOT (1UL << 2) 243 #define CKF_ARRAY_ATTRIBUTE (1UL << 30) 244 245 struct ck_token_info { 246 unsigned char label[32]; 247 unsigned char manufacturer_id[32]; 248 unsigned char model[16]; 249 unsigned char serial_number[16]; 250 ck_flags_t flags; 251 unsigned long max_session_count; 252 unsigned long session_count; 253 unsigned long max_rw_session_count; 254 unsigned long rw_session_count; 255 unsigned long max_pin_len; 256 unsigned long min_pin_len; 257 unsigned long total_public_memory; 258 unsigned long free_public_memory; 259 unsigned long total_private_memory; 260 unsigned long free_private_memory; 261 struct ck_version hardware_version; 262 struct ck_version firmware_version; 263 unsigned char utc_time[16]; 264 }; 265 266 #define CKF_RNG (1UL << 0) 267 #define CKF_WRITE_PROTECTED (1UL << 1) 268 #define CKF_LOGIN_REQUIRED (1UL << 2) 269 #define CKF_USER_PIN_INITIALIZED (1UL << 3) 270 #define CKF_RESTORE_KEY_NOT_NEEDED (1UL << 5) 271 #define CKF_CLOCK_ON_TOKEN (1UL << 6) 272 #define CKF_PROTECTED_AUTHENTICATION_PATH (1UL << 8) 273 #define CKF_DUAL_CRYPTO_OPERATIONS (1UL << 9) 274 #define CKF_TOKEN_INITIALIZED (1UL << 10) 275 #define CKF_SECONDARY_AUTHENTICATION (1UL << 11) 276 #define CKF_USER_PIN_COUNT_LOW (1UL << 16) 277 #define CKF_USER_PIN_FINAL_TRY (1UL << 17) 278 #define CKF_USER_PIN_LOCKED (1UL << 18) 279 #define CKF_USER_PIN_TO_BE_CHANGED (1UL << 19) 280 #define CKF_SO_PIN_COUNT_LOW (1UL << 20) 281 #define CKF_SO_PIN_FINAL_TRY (1UL << 21) 282 #define CKF_SO_PIN_LOCKED (1UL << 22) 283 #define CKF_SO_PIN_TO_BE_CHANGED (1UL << 23) 284 285 #define CK_UNAVAILABLE_INFORMATION ((unsigned long)-1L) 286 #define CK_EFFECTIVELY_INFINITE (0UL) 287 288 typedef unsigned long ck_session_handle_t; 289 290 #define CK_INVALID_HANDLE (0UL) 291 292 typedef unsigned long ck_user_type_t; 293 294 #define CKU_SO (0UL) 295 #define CKU_USER (1UL) 296 #define CKU_CONTEXT_SPECIFIC (2UL) 297 298 typedef unsigned long ck_state_t; 299 300 #define CKS_RO_PUBLIC_SESSION (0UL) 301 #define CKS_RO_USER_FUNCTIONS (1UL) 302 #define CKS_RW_PUBLIC_SESSION (2UL) 303 #define CKS_RW_USER_FUNCTIONS (3UL) 304 #define CKS_RW_SO_FUNCTIONS (4UL) 305 306 struct ck_session_info { 307 ck_slot_id_t slot_id; 308 ck_state_t state; 309 ck_flags_t flags; 310 unsigned long device_error; 311 }; 312 313 #define CKF_RW_SESSION (1UL << 1) 314 #define CKF_SERIAL_SESSION (1UL << 2) 315 316 typedef unsigned long ck_object_handle_t; 317 318 typedef unsigned long ck_object_class_t; 319 320 #define CKO_DATA (0UL) 321 #define CKO_CERTIFICATE (1UL) 322 #define CKO_PUBLIC_KEY (2UL) 323 #define CKO_PRIVATE_KEY (3UL) 324 #define CKO_SECRET_KEY (4UL) 325 #define CKO_HW_FEATURE (5UL) 326 #define CKO_DOMAIN_PARAMETERS (6UL) 327 #define CKO_MECHANISM (7UL) 328 #define CKO_OTP_KEY (8UL) 329 #define CKO_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 330 331 typedef unsigned long ck_hw_feature_type_t; 332 333 #define CKH_MONOTONIC_COUNTER (1UL) 334 #define CKH_CLOCK (2UL) 335 #define CKH_USER_INTERFACE (3UL) 336 #define CKH_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 337 338 typedef unsigned long ck_key_type_t; 339 340 #define CKK_RSA (0UL) 341 #define CKK_DSA (1UL) 342 #define CKK_DH (2UL) 343 #define CKK_ECDSA (3UL) 344 #define CKK_EC (3UL) 345 #define CKK_X9_42_DH (4UL) 346 #define CKK_KEA (5UL) 347 #define CKK_GENERIC_SECRET (0x10UL) 348 #define CKK_RC2 (0x11UL) 349 #define CKK_RC4 (0x12UL) 350 #define CKK_DES (0x13UL) 351 #define CKK_DES2 (0x14UL) 352 #define CKK_DES3 (0x15UL) 353 #define CKK_CAST (0x16UL) 354 #define CKK_CAST3 (0x17UL) 355 #define CKK_CAST128 (0x18UL) 356 #define CKK_RC5 (0x19UL) 357 #define CKK_IDEA (0x1aUL) 358 #define CKK_SKIPJACK (0x1bUL) 359 #define CKK_BATON (0x1cUL) 360 #define CKK_JUNIPER (0x1dUL) 361 #define CKK_CDMF (0x1eUL) 362 #define CKK_AES (0x1fUL) 363 #define CKK_BLOWFISH (0x20UL) 364 #define CKK_TWOFISH (0x21UL) 365 #define CKK_SECURID (0x22UL) 366 #define CKK_HOTP (0x23UL) 367 #define CKK_ACTI (0x24UL) 368 #define CKK_CAMELLIA (0x25UL) 369 #define CKK_ARIA (0x26UL) 370 #define CKK_MD5_HMAC (0x27UL) 371 #define CKK_SHA_1_HMAC (0x28UL) 372 #define CKK_RIPEMD128_HMAC (0x29UL) 373 #define CKK_RIPEMD160_HMAC (0x2aUL) 374 #define CKK_SHA256_HMAC (0x2bUL) 375 #define CKK_SHA384_HMAC (0x2cUL) 376 #define CKK_SHA512_HMAC (0x2dUL) 377 #define CKK_SHA224_HMAC (0x2eUL) 378 #define CKK_SEED (0x2fUL) 379 #define CKK_GOSTR3410 (0x30UL) 380 #define CKK_GOSTR3411 (0x31UL) 381 #define CKK_GOST28147 (0x32UL) 382 #define CKK_EC_EDWARDS (0x40UL) 383 #define CKK_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 384 385 typedef unsigned long ck_certificate_type_t; 386 387 #define CKC_X_509 (0UL) 388 #define CKC_X_509_ATTR_CERT (1UL) 389 #define CKC_WTLS (2UL) 390 #define CKC_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 391 392 #define CKC_OPENPGP (CKC_VENDOR_DEFINED | 0x504750UL) 393 394 typedef unsigned long ck_attribute_type_t; 395 396 #define CKA_CLASS (0UL) 397 #define CKA_TOKEN (1UL) 398 #define CKA_PRIVATE (2UL) 399 #define CKA_LABEL (3UL) 400 #define CKA_APPLICATION (0x10UL) 401 #define CKA_VALUE (0x11UL) 402 #define CKA_OBJECT_ID (0x12UL) 403 #define CKA_CERTIFICATE_TYPE (0x80UL) 404 #define CKA_ISSUER (0x81UL) 405 #define CKA_SERIAL_NUMBER (0x82UL) 406 #define CKA_AC_ISSUER (0x83UL) 407 #define CKA_OWNER (0x84UL) 408 #define CKA_ATTR_TYPES (0x85UL) 409 #define CKA_TRUSTED (0x86UL) 410 #define CKA_CERTIFICATE_CATEGORY (0x87UL) 411 #define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) 412 #define CKA_URL (0x89UL) 413 #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) 414 #define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) 415 #define CKA_NAME_HASH_ALGORITHM (0x8cUL) 416 #define CKA_CHECK_VALUE (0x90UL) 417 #define CKA_KEY_TYPE (0x100UL) 418 #define CKA_SUBJECT (0x101UL) 419 #define CKA_ID (0x102UL) 420 #define CKA_SENSITIVE (0x103UL) 421 #define CKA_ENCRYPT (0x104UL) 422 #define CKA_DECRYPT (0x105UL) 423 #define CKA_WRAP (0x106UL) 424 #define CKA_UNWRAP (0x107UL) 425 #define CKA_SIGN (0x108UL) 426 #define CKA_SIGN_RECOVER (0x109UL) 427 #define CKA_VERIFY (0x10aUL) 428 #define CKA_VERIFY_RECOVER (0x10bUL) 429 #define CKA_DERIVE (0x10cUL) 430 #define CKA_START_DATE (0x110UL) 431 #define CKA_END_DATE (0x111UL) 432 #define CKA_MODULUS (0x120UL) 433 #define CKA_MODULUS_BITS (0x121UL) 434 #define CKA_PUBLIC_EXPONENT (0x122UL) 435 #define CKA_PRIVATE_EXPONENT (0x123UL) 436 #define CKA_PRIME_1 (0x124UL) 437 #define CKA_PRIME_2 (0x125UL) 438 #define CKA_EXPONENT_1 (0x126UL) 439 #define CKA_EXPONENT_2 (0x127UL) 440 #define CKA_COEFFICIENT (0x128UL) 441 #define CKA_PUBLIC_KEY_INFO (0x129UL) 442 #define CKA_PRIME (0x130UL) 443 #define CKA_SUBPRIME (0x131UL) 444 #define CKA_BASE (0x132UL) 445 #define CKA_PRIME_BITS (0x133UL) 446 #define CKA_SUB_PRIME_BITS (0x134UL) 447 #define CKA_VALUE_BITS (0x160UL) 448 #define CKA_VALUE_LEN (0x161UL) 449 #define CKA_EXTRACTABLE (0x162UL) 450 #define CKA_LOCAL (0x163UL) 451 #define CKA_NEVER_EXTRACTABLE (0x164UL) 452 #define CKA_ALWAYS_SENSITIVE (0x165UL) 453 #define CKA_KEY_GEN_MECHANISM (0x166UL) 454 #define CKA_MODIFIABLE (0x170UL) 455 #define CKA_COPYABLE (0x171UL) 456 #define CKA_DESTROYABLE (0x172UL) 457 #define CKA_ECDSA_PARAMS (0x180UL) 458 #define CKA_EC_PARAMS (0x180UL) 459 #define CKA_EC_POINT (0x181UL) 460 #define CKA_SECONDARY_AUTH (0x200UL) 461 #define CKA_AUTH_PIN_FLAGS (0x201UL) 462 #define CKA_ALWAYS_AUTHENTICATE (0x202UL) 463 #define CKA_WRAP_WITH_TRUSTED (0x210UL) 464 #define CKA_OTP_FORMAT (0x220UL) 465 #define CKA_OTP_LENGTH (0x221UL) 466 #define CKA_OTP_TIME_INTERVAL (0x222UL) 467 #define CKA_OTP_USER_FRIENDLY_MODE (0x223UL) 468 #define CKA_OTP_CHALLENGE_REQUIREMENT (0x224UL) 469 #define CKA_OTP_TIME_REQUIREMENT (0x225UL) 470 #define CKA_OTP_COUNTER_REQUIREMENT (0x226UL) 471 #define CKA_OTP_PIN_REQUIREMENT (0x227UL) 472 #define CKA_OTP_USER_IDENTIFIER (0x22AUL) 473 #define CKA_OTP_SERVICE_IDENTIFIER (0x22BUL) 474 #define CKA_OTP_SERVICE_LOGO (0x22CUL) 475 #define CKA_OTP_SERVICE_LOGO_TYPE (0x22DUL) 476 #define CKA_OTP_COUNTER (0x22EUL) 477 #define CKA_OTP_TIME (0x22FUL) 478 #define CKA_GOSTR3410_PARAMS (0x250UL) 479 #define CKA_GOSTR3411_PARAMS (0x251UL) 480 #define CKA_GOST28147_PARAMS (0x252UL) 481 #define CKA_HW_FEATURE_TYPE (0x300UL) 482 #define CKA_RESET_ON_INIT (0x301UL) 483 #define CKA_HAS_RESET (0x302UL) 484 #define CKA_PIXEL_X (0x400UL) 485 #define CKA_PIXEL_Y (0x401UL) 486 #define CKA_RESOLUTION (0x402UL) 487 #define CKA_CHAR_ROWS (0x403UL) 488 #define CKA_CHAR_COLUMNS (0x404UL) 489 #define CKA_COLOR (0x405UL) 490 #define CKA_BITS_PER_PIXEL (0x406UL) 491 #define CKA_CHAR_SETS (0x480UL) 492 #define CKA_ENCODING_METHODS (0x481UL) 493 #define CKA_MIME_TYPES (0x482UL) 494 #define CKA_MECHANISM_TYPE (0x500UL) 495 #define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) 496 #define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) 497 #define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) 498 #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) 499 #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) 500 #define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x213UL) 501 #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) 502 #define CKA_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 503 504 struct ck_attribute { 505 ck_attribute_type_t type; 506 void *value; 507 unsigned long value_len; 508 }; 509 510 struct ck_date { 511 unsigned char year[4]; 512 unsigned char month[2]; 513 unsigned char day[2]; 514 }; 515 516 typedef unsigned long ck_mechanism_type_t; 517 518 #define CKM_RSA_PKCS_KEY_PAIR_GEN (0UL) 519 #define CKM_RSA_PKCS (1UL) 520 #define CKM_RSA_9796 (2UL) 521 #define CKM_RSA_X_509 (3UL) 522 #define CKM_MD2_RSA_PKCS (4UL) 523 #define CKM_MD5_RSA_PKCS (5UL) 524 #define CKM_SHA1_RSA_PKCS (6UL) 525 #define CKM_RIPEMD128_RSA_PKCS (7UL) 526 #define CKM_RIPEMD160_RSA_PKCS (8UL) 527 #define CKM_RSA_PKCS_OAEP (9UL) 528 #define CKM_RSA_X9_31_KEY_PAIR_GEN (0xaUL) 529 #define CKM_RSA_X9_31 (0xbUL) 530 #define CKM_SHA1_RSA_X9_31 (0xcUL) 531 #define CKM_RSA_PKCS_PSS (0xdUL) 532 #define CKM_SHA1_RSA_PKCS_PSS (0xeUL) 533 #define CKM_DSA_KEY_PAIR_GEN (0x10UL) 534 #define CKM_DSA (0x11UL) 535 #define CKM_DSA_SHA1 (0x12UL) 536 #define CKM_DSA_SHA224 (0x13UL) 537 #define CKM_DSA_SHA256 (0x14UL) 538 #define CKM_DSA_SHA384 (0x15UL) 539 #define CKM_DSA_SHA512 (0x16UL) 540 #define CKM_DH_PKCS_KEY_PAIR_GEN (0x20UL) 541 #define CKM_DH_PKCS_DERIVE (0x21UL) 542 #define CKM_X9_42_DH_KEY_PAIR_GEN (0x30UL) 543 #define CKM_X9_42_DH_DERIVE (0x31UL) 544 #define CKM_X9_42_DH_HYBRID_DERIVE (0x32UL) 545 #define CKM_X9_42_MQV_DERIVE (0x33UL) 546 #define CKM_SHA256_RSA_PKCS (0x40UL) 547 #define CKM_SHA384_RSA_PKCS (0x41UL) 548 #define CKM_SHA512_RSA_PKCS (0x42UL) 549 #define CKM_SHA256_RSA_PKCS_PSS (0x43UL) 550 #define CKM_SHA384_RSA_PKCS_PSS (0x44UL) 551 #define CKM_SHA512_RSA_PKCS_PSS (0x45UL) 552 #define CKM_SHA512_224 (0x48UL) 553 #define CKM_SHA512_224_HMAC (0x49UL) 554 #define CKM_SHA512_224_HMAC_GENERAL (0x4aUL) 555 #define CKM_SHA512_224_KEY_DERIVATION (0x4bUL) 556 #define CKM_SHA512_256 (0x4cUL) 557 #define CKM_SHA512_256_HMAC (0x4dUL) 558 #define CKM_SHA512_256_HMAC_GENERAL (0x4eUL) 559 #define CKM_SHA512_256_KEY_DERIVATION (0x4fUL) 560 #define CKM_SHA512_T (0x50UL) 561 #define CKM_SHA512_T_HMAC (0x51UL) 562 #define CKM_SHA512_T_HMAC_GENERAL (0x52UL) 563 #define CKM_SHA512_T_KEY_DERIVATION (0x53UL) 564 #define CKM_RC2_KEY_GEN (0x100UL) 565 #define CKM_RC2_ECB (0x101UL) 566 #define CKM_RC2_CBC (0x102UL) 567 #define CKM_RC2_MAC (0x103UL) 568 #define CKM_RC2_MAC_GENERAL (0x104UL) 569 #define CKM_RC2_CBC_PAD (0x105UL) 570 #define CKM_RC4_KEY_GEN (0x110UL) 571 #define CKM_RC4 (0x111UL) 572 #define CKM_DES_KEY_GEN (0x120UL) 573 #define CKM_DES_ECB (0x121UL) 574 #define CKM_DES_CBC (0x122UL) 575 #define CKM_DES_MAC (0x123UL) 576 #define CKM_DES_MAC_GENERAL (0x124UL) 577 #define CKM_DES_CBC_PAD (0x125UL) 578 #define CKM_DES2_KEY_GEN (0x130UL) 579 #define CKM_DES3_KEY_GEN (0x131UL) 580 #define CKM_DES3_ECB (0x132UL) 581 #define CKM_DES3_CBC (0x133UL) 582 #define CKM_DES3_MAC (0x134UL) 583 #define CKM_DES3_MAC_GENERAL (0x135UL) 584 #define CKM_DES3_CBC_PAD (0x136UL) 585 #define CKM_DES3_CMAC_GENERAL (0x137UL) 586 #define CKM_DES3_CMAC (0x138UL) 587 #define CKM_CDMF_KEY_GEN (0x140UL) 588 #define CKM_CDMF_ECB (0x141UL) 589 #define CKM_CDMF_CBC (0x142UL) 590 #define CKM_CDMF_MAC (0x143UL) 591 #define CKM_CDMF_MAC_GENERAL (0x144UL) 592 #define CKM_CDMF_CBC_PAD (0x145UL) 593 #define CKM_DES_OFB64 (0x150UL) 594 #define CKM_DES_OFB8 (0x151UL) 595 #define CKM_DES_CFB64 (0x152UL) 596 #define CKM_DES_CFB8 (0x153UL) 597 #define CKM_MD2 (0x200UL) 598 #define CKM_MD2_HMAC (0x201UL) 599 #define CKM_MD2_HMAC_GENERAL (0x202UL) 600 #define CKM_MD5 (0x210UL) 601 #define CKM_MD5_HMAC (0x211UL) 602 #define CKM_MD5_HMAC_GENERAL (0x212UL) 603 #define CKM_SHA_1 (0x220UL) 604 #define CKM_SHA_1_HMAC (0x221UL) 605 #define CKM_SHA_1_HMAC_GENERAL (0x222UL) 606 #define CKM_RIPEMD128 (0x230UL) 607 #define CKM_RIPEMD128_HMAC (0x231UL) 608 #define CKM_RIPEMD128_HMAC_GENERAL (0x232UL) 609 #define CKM_RIPEMD160 (0x240UL) 610 #define CKM_RIPEMD160_HMAC (0x241UL) 611 #define CKM_RIPEMD160_HMAC_GENERAL (0x242UL) 612 #define CKM_SHA256 (0x250UL) 613 #define CKM_SHA256_HMAC (0x251UL) 614 #define CKM_SHA256_HMAC_GENERAL (0x252UL) 615 #define CKM_SHA384 (0x260UL) 616 #define CKM_SHA384_HMAC (0x261UL) 617 #define CKM_SHA384_HMAC_GENERAL (0x262UL) 618 #define CKM_SHA512 (0x270UL) 619 #define CKM_SHA512_HMAC (0x271UL) 620 #define CKM_SHA512_HMAC_GENERAL (0x272UL) 621 #define CKM_SECURID_KEY_GEN (0x280UL) 622 #define CKM_SECURID (0x282UL) 623 #define CKM_HOTP_KEY_GEN (0x290UL) 624 #define CKM_HOTP (0x291UL) 625 #define CKM_ACTI (0x2a0UL) 626 #define CKM_ACTI_KEY_GEN (0x2a1UL) 627 #define CKM_CAST_KEY_GEN (0x300UL) 628 #define CKM_CAST_ECB (0x301UL) 629 #define CKM_CAST_CBC (0x302UL) 630 #define CKM_CAST_MAC (0x303UL) 631 #define CKM_CAST_MAC_GENERAL (0x304UL) 632 #define CKM_CAST_CBC_PAD (0x305UL) 633 #define CKM_CAST3_KEY_GEN (0x310UL) 634 #define CKM_CAST3_ECB (0x311UL) 635 #define CKM_CAST3_CBC (0x312UL) 636 #define CKM_CAST3_MAC (0x313UL) 637 #define CKM_CAST3_MAC_GENERAL (0x314UL) 638 #define CKM_CAST3_CBC_PAD (0x315UL) 639 #define CKM_CAST5_KEY_GEN (0x320UL) 640 #define CKM_CAST128_KEY_GEN (0x320UL) 641 #define CKM_CAST5_ECB (0x321UL) 642 #define CKM_CAST128_ECB (0x321UL) 643 #define CKM_CAST5_CBC (0x322UL) 644 #define CKM_CAST128_CBC (0x322UL) 645 #define CKM_CAST5_MAC (0x323UL) 646 #define CKM_CAST128_MAC (0x323UL) 647 #define CKM_CAST5_MAC_GENERAL (0x324UL) 648 #define CKM_CAST128_MAC_GENERAL (0x324UL) 649 #define CKM_CAST5_CBC_PAD (0x325UL) 650 #define CKM_CAST128_CBC_PAD (0x325UL) 651 #define CKM_RC5_KEY_GEN (0x330UL) 652 #define CKM_RC5_ECB (0x331UL) 653 #define CKM_RC5_CBC (0x332UL) 654 #define CKM_RC5_MAC (0x333UL) 655 #define CKM_RC5_MAC_GENERAL (0x334UL) 656 #define CKM_RC5_CBC_PAD (0x335UL) 657 #define CKM_IDEA_KEY_GEN (0x340UL) 658 #define CKM_IDEA_ECB (0x341UL) 659 #define CKM_IDEA_CBC (0x342UL) 660 #define CKM_IDEA_MAC (0x343UL) 661 #define CKM_IDEA_MAC_GENERAL (0x344UL) 662 #define CKM_IDEA_CBC_PAD (0x345UL) 663 #define CKM_GENERIC_SECRET_KEY_GEN (0x350UL) 664 #define CKM_CONCATENATE_BASE_AND_KEY (0x360UL) 665 #define CKM_CONCATENATE_BASE_AND_DATA (0x362UL) 666 #define CKM_CONCATENATE_DATA_AND_BASE (0x363UL) 667 #define CKM_XOR_BASE_AND_DATA (0x364UL) 668 #define CKM_EXTRACT_KEY_FROM_KEY (0x365UL) 669 #define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370UL) 670 #define CKM_SSL3_MASTER_KEY_DERIVE (0x371UL) 671 #define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372UL) 672 #define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373UL) 673 #define CKM_TLS_PRE_MASTER_KEY_GEN (0x374UL) 674 #define CKM_TLS_MASTER_KEY_DERIVE (0x375UL) 675 #define CKM_TLS_KEY_AND_MAC_DERIVE (0x376UL) 676 #define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377UL) 677 #define CKM_TLS_PRF (0x378UL) 678 #define CKM_SSL3_MD5_MAC (0x380UL) 679 #define CKM_SSL3_SHA1_MAC (0x381UL) 680 #define CKM_MD5_KEY_DERIVATION (0x390UL) 681 #define CKM_MD2_KEY_DERIVATION (0x391UL) 682 #define CKM_SHA1_KEY_DERIVATION (0x392UL) 683 #define CKM_SHA256_KEY_DERIVATION (0x393UL) 684 #define CKM_SHA384_KEY_DERIVATION (0x394UL) 685 #define CKM_SHA512_KEY_DERIVATION (0x395UL) 686 #define CKM_PBE_MD2_DES_CBC (0x3a0UL) 687 #define CKM_PBE_MD5_DES_CBC (0x3a1UL) 688 #define CKM_PBE_MD5_CAST_CBC (0x3a2UL) 689 #define CKM_PBE_MD5_CAST3_CBC (0x3a3UL) 690 #define CKM_PBE_MD5_CAST5_CBC (0x3a4UL) 691 #define CKM_PBE_MD5_CAST128_CBC (0x3a4UL) 692 #define CKM_PBE_SHA1_CAST5_CBC (0x3a5UL) 693 #define CKM_PBE_SHA1_CAST128_CBC (0x3a5UL) 694 #define CKM_PBE_SHA1_RC4_128 (0x3a6UL) 695 #define CKM_PBE_SHA1_RC4_40 (0x3a7UL) 696 #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8UL) 697 #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9UL) 698 #define CKM_PBE_SHA1_RC2_128_CBC (0x3aaUL) 699 #define CKM_PBE_SHA1_RC2_40_CBC (0x3abUL) 700 #define CKM_PKCS5_PBKD2 (0x3b0UL) 701 #define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0UL) 702 #define CKM_WTLS_PRE_MASTER_KEY_GEN (0x3d0UL) 703 #define CKM_WTLS_MASTER_KEY_DERIVE (0x3d1UL) 704 #define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC (0x3d2UL) 705 #define CKM_WTLS_PRF (0x3d3UL) 706 #define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE (0x3d4UL) 707 #define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE (0x3d5UL) 708 #define CKM_TLS10_MAC_SERVER (0x3d6UL) 709 #define CKM_TLS10_MAC_CLIENT (0x3d7UL) 710 #define CKM_TLS12_MAC (0x3d8UL) 711 #define CKM_TLS12_KDF (0x3d9UL) 712 #define CKM_TLS12_MASTER_KEY_DERIVE (0x3e0UL) 713 #define CKM_TLS12_KEY_AND_MAC_DERIVE (0x3e1UL) 714 #define CKM_TLS12_MASTER_KEY_DERIVE_DH (0x3e2UL) 715 #define CKM_TLS12_KEY_SAFE_DERIVE (0x3e3UL) 716 #define CKM_TLS_MAC (0x3e4UL) 717 #define CKM_TLS_KDF (0x3e5UL) 718 #define CKM_KEY_WRAP_LYNKS (0x400UL) 719 #define CKM_KEY_WRAP_SET_OAEP (0x401UL) 720 #define CKM_CMS_SIG (0x500UL) 721 #define CKM_KIP_DERIVE (0x510UL) 722 #define CKM_KIP_WRAP (0x511UL) 723 #define CKM_KIP_MAC (0x512UL) 724 #define CKM_ARIA_KEY_GEN (0x560UL) 725 #define CKM_ARIA_ECB (0x561UL) 726 #define CKM_ARIA_CBC (0x562UL) 727 #define CKM_ARIA_MAC (0x563UL) 728 #define CKM_ARIA_MAC_GENERAL (0x564UL) 729 #define CKM_ARIA_CBC_PAD (0x565UL) 730 #define CKM_ARIA_ECB_ENCRYPT_DATA (0x566UL) 731 #define CKM_ARIA_CBC_ENCRYPT_DATA (0x567UL) 732 #define CKM_SEED_KEY_GEN (0x650UL) 733 #define CKM_SEED_ECB (0x651UL) 734 #define CKM_SEED_CBC (0x652UL) 735 #define CKM_SEED_MAC (0x653UL) 736 #define CKM_SEED_MAC_GENERAL (0x654UL) 737 #define CKM_SEED_CBC_PAD (0x655UL) 738 #define CKM_SEED_ECB_ENCRYPT_DATA (0x656UL) 739 #define CKM_SEED_CBC_ENCRYPT_DATA (0x657UL) 740 #define CKM_SKIPJACK_KEY_GEN (0x1000UL) 741 #define CKM_SKIPJACK_ECB64 (0x1001UL) 742 #define CKM_SKIPJACK_CBC64 (0x1002UL) 743 #define CKM_SKIPJACK_OFB64 (0x1003UL) 744 #define CKM_SKIPJACK_CFB64 (0x1004UL) 745 #define CKM_SKIPJACK_CFB32 (0x1005UL) 746 #define CKM_SKIPJACK_CFB16 (0x1006UL) 747 #define CKM_SKIPJACK_CFB8 (0x1007UL) 748 #define CKM_SKIPJACK_WRAP (0x1008UL) 749 #define CKM_SKIPJACK_PRIVATE_WRAP (0x1009UL) 750 #define CKM_SKIPJACK_RELAYX (0x100aUL) 751 #define CKM_KEA_KEY_PAIR_GEN (0x1010UL) 752 #define CKM_KEA_KEY_DERIVE (0x1011UL) 753 #define CKM_FORTEZZA_TIMESTAMP (0x1020UL) 754 #define CKM_BATON_KEY_GEN (0x1030UL) 755 #define CKM_BATON_ECB128 (0x1031UL) 756 #define CKM_BATON_ECB96 (0x1032UL) 757 #define CKM_BATON_CBC128 (0x1033UL) 758 #define CKM_BATON_COUNTER (0x1034UL) 759 #define CKM_BATON_SHUFFLE (0x1035UL) 760 #define CKM_BATON_WRAP (0x1036UL) 761 #define CKM_ECDSA_KEY_PAIR_GEN (0x1040UL) 762 #define CKM_EC_KEY_PAIR_GEN (0x1040UL) 763 #define CKM_ECDSA (0x1041UL) 764 #define CKM_ECDSA_SHA1 (0x1042UL) 765 #define CKM_ECDSA_SHA224 (0x1043UL) 766 #define CKM_ECDSA_SHA256 (0x1044UL) 767 #define CKM_ECDSA_SHA384 (0x1045UL) 768 #define CKM_ECDSA_SHA512 (0x1046UL) 769 #define CKM_ECDH1_DERIVE (0x1050UL) 770 #define CKM_ECDH1_COFACTOR_DERIVE (0x1051UL) 771 #define CKM_ECMQV_DERIVE (0x1052UL) 772 #define CKM_ECDH_AES_KEY_WRAP (0x1053UL) 773 #define CKM_RSA_AES_KEY_WRAP (0x1054UL) 774 #define CKM_JUNIPER_KEY_GEN (0x1060UL) 775 #define CKM_JUNIPER_ECB128 (0x1061UL) 776 #define CKM_JUNIPER_CBC128 (0x1062UL) 777 #define CKM_JUNIPER_COUNTER (0x1063UL) 778 #define CKM_JUNIPER_SHUFFLE (0x1064UL) 779 #define CKM_JUNIPER_WRAP (0x1065UL) 780 #define CKM_FASTHASH (0x1070UL) 781 #define CKM_AES_KEY_GEN (0x1080UL) 782 #define CKM_AES_ECB (0x1081UL) 783 #define CKM_AES_CBC (0x1082UL) 784 #define CKM_AES_MAC (0x1083UL) 785 #define CKM_AES_MAC_GENERAL (0x1084UL) 786 #define CKM_AES_CBC_PAD (0x1085UL) 787 #define CKM_AES_CTR (0x1086UL) 788 #define CKM_AES_GCM (0x1087UL) 789 #define CKM_AES_CCM (0x1088UL) 790 #define CKM_AES_CTS (0x1089UL) 791 #define CKM_AES_CMAC (0x108aUL) 792 #define CKM_AES_CMAC_GENERAL (0x108bUL) 793 #define CKM_AES_XCBC_MAC (0x108cUL) 794 #define CKM_AES_XCBC_MAC_96 (0x108dUL) 795 #define CKM_AES_GMAC (0x108eUL) 796 #define CKM_BLOWFISH_KEY_GEN (0x1090UL) 797 #define CKM_BLOWFISH_CBC (0x1091UL) 798 #define CKM_TWOFISH_KEY_GEN (0x1092UL) 799 #define CKM_TWOFISH_CBC (0x1093UL) 800 #define CKM_BLOWFISH_CBC_PAD (0x1094UL) 801 #define CKM_TWOFISH_CBC_PAD (0x1095UL) 802 #define CKM_DES_ECB_ENCRYPT_DATA (0x1100UL) 803 #define CKM_DES_CBC_ENCRYPT_DATA (0x1101UL) 804 #define CKM_DES3_ECB_ENCRYPT_DATA (0x1102UL) 805 #define CKM_DES3_CBC_ENCRYPT_DATA (0x1103UL) 806 #define CKM_AES_ECB_ENCRYPT_DATA (0x1104UL) 807 #define CKM_AES_CBC_ENCRYPT_DATA (0x1105UL) 808 #define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200UL) 809 #define CKM_GOSTR3410 (0x1201UL) 810 #define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202UL) 811 #define CKM_GOSTR3410_KEY_WRAP (0x1203UL) 812 #define CKM_GOSTR3410_DERIVE (0x1204UL) 813 #define CKM_GOSTR3411 (0x1210UL) 814 #define CKM_GOSTR3411_HMAC (0x1211UL) 815 #define CKM_GOST28147_KEY_GEN (0x1220UL) 816 #define CKM_GOST28147_ECB (0x1221UL) 817 #define CKM_GOST28147 (0x1222UL) 818 #define CKM_GOST28147_MAC (0x1223UL) 819 #define CKM_GOST28147_KEY_WRAP (0x1224UL) 820 #define CKM_DSA_PARAMETER_GEN (0x2000UL) 821 #define CKM_DH_PKCS_PARAMETER_GEN (0x2001UL) 822 #define CKM_X9_42_DH_PARAMETER_GEN (0x2002UL) 823 #define CKM_DSA_PROBABLISTIC_PARAMETER_GEN (0x2003UL) 824 #define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN (0x2004UL) 825 #define CKM_AES_OFB (0x2104UL) 826 #define CKM_AES_CFB64 (0x2105UL) 827 #define CKM_AES_CFB8 (0x2106UL) 828 #define CKM_AES_CFB128 (0x2107UL) 829 #define CKM_AES_CFB1 (0x2108UL) 830 831 #define CKM_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 832 833 /* Amendments */ 834 #define CKM_SHA224 (0x255UL) 835 #define CKM_SHA224_HMAC (0x256UL) 836 #define CKM_SHA224_HMAC_GENERAL (0x257UL) 837 #define CKM_SHA224_RSA_PKCS (0x46UL) 838 #define CKM_SHA224_RSA_PKCS_PSS (0x47UL) 839 #define CKM_SHA224_KEY_DERIVATION (0x396UL) 840 841 #define CKM_CAMELLIA_KEY_GEN (0x550UL) 842 #define CKM_CAMELLIA_ECB (0x551UL) 843 #define CKM_CAMELLIA_CBC (0x552UL) 844 #define CKM_CAMELLIA_MAC (0x553UL) 845 #define CKM_CAMELLIA_MAC_GENERAL (0x554UL) 846 #define CKM_CAMELLIA_CBC_PAD (0x555UL) 847 #define CKM_CAMELLIA_ECB_ENCRYPT_DATA (0x556UL) 848 #define CKM_CAMELLIA_CBC_ENCRYPT_DATA (0x557UL) 849 #define CKM_CAMELLIA_CTR (0x558UL) 850 851 #define CKM_AES_KEY_WRAP (0x2109UL) 852 #define CKM_AES_KEY_WRAP_PAD (0x210aUL) 853 854 #define CKM_RSA_PKCS_TPM_1_1 (0x4001UL) 855 #define CKM_RSA_PKCS_OAEP_TPM_1_1 (0x4002UL) 856 857 /* From version 3.0 */ 858 #define CKM_EC_EDWARDS_KEY_PAIR_GEN (0x1055UL) 859 #define CKM_EDDSA (0x1057UL) 860 861 /* Attribute and other constants related to OTP */ 862 #define CK_OTP_FORMAT_DECIMAL (0UL) 863 #define CK_OTP_FORMAT_HEXADECIMAL (1UL) 864 #define CK_OTP_FORMAT_ALPHANUMERIC (2UL) 865 #define CK_OTP_FORMAT_BINARY (3UL) 866 #define CK_OTP_PARAM_IGNORED (0UL) 867 #define CK_OTP_PARAM_OPTIONAL (1UL) 868 #define CK_OTP_PARAM_MANDATORY (2UL) 869 870 #define CK_OTP_VALUE (0UL) 871 #define CK_OTP_PIN (1UL) 872 #define CK_OTP_CHALLENGE (2UL) 873 #define CK_OTP_TIME (3UL) 874 #define CK_OTP_COUNTER (4UL) 875 #define CK_OTP_FLAGS (5UL) 876 #define CK_OTP_OUTPUT_LENGTH (6UL) 877 #define CK_OTP_FORMAT (7UL) 878 879 /* OTP mechanism flags */ 880 #define CKF_NEXT_OTP (0x01UL) 881 #define CKF_EXCLUDE_TIME (0x02UL) 882 #define CKF_EXCLUDE_COUNTER (0x04UL) 883 #define CKF_EXCLUDE_CHALLENGE (0x08UL) 884 #define CKF_EXCLUDE_PIN (0x10UL) 885 #define CKF_USER_FRIENDLY_OTP (0x20UL) 886 887 #define CKN_OTP_CHANGED (0x01UL) 888 889 struct ck_mechanism { 890 ck_mechanism_type_t mechanism; 891 void *parameter; 892 unsigned long parameter_len; 893 }; 894 895 struct ck_mechanism_info { 896 unsigned long min_key_size; 897 unsigned long max_key_size; 898 ck_flags_t flags; 899 }; 900 901 typedef unsigned long ck_param_type; 902 903 typedef struct ck_otp_param { 904 ck_param_type type; 905 void *value; 906 unsigned long value_len; 907 } ck_otp_param; 908 909 typedef struct ck_otp_params { 910 struct ck_otp_param *params; 911 unsigned long count; 912 } ck_otp_params; 913 914 typedef struct ck_otp_signature_info { 915 struct ck_otp_param *params; 916 unsigned long count; 917 } ck_otp_signature_info; 918 919 #define CKG_MGF1_SHA1 0x00000001UL 920 #define CKG_MGF1_SHA224 0x00000005UL 921 #define CKG_MGF1_SHA256 0x00000002UL 922 #define CKG_MGF1_SHA384 0x00000003UL 923 #define CKG_MGF1_SHA512 0x00000004UL 924 925 typedef unsigned long ck_rsa_pkcs_mgf_type_t; 926 927 struct ck_rsa_pkcs_pss_params { 928 ck_mechanism_type_t hash_alg; 929 ck_rsa_pkcs_mgf_type_t mgf; 930 unsigned long s_len; 931 }; 932 933 typedef unsigned long ck_rsa_pkcs_oaep_source_type_t; 934 935 struct ck_rsa_pkcs_oaep_params { 936 ck_mechanism_type_t hash_alg; 937 ck_rsa_pkcs_mgf_type_t mgf; 938 ck_rsa_pkcs_oaep_source_type_t source; 939 void *source_data; 940 unsigned long source_data_len; 941 }; 942 943 struct ck_aes_ctr_params { 944 unsigned long counter_bits; 945 unsigned char cb[16]; 946 }; 947 948 struct ck_gcm_params { 949 unsigned char *iv_ptr; 950 unsigned long iv_len; 951 unsigned long iv_bits; 952 unsigned char *aad_ptr; 953 unsigned long aad_len; 954 unsigned long tag_bits; 955 }; 956 957 /* The following EC Key Derivation Functions are defined */ 958 #define CKD_NULL (0x01UL) 959 #define CKD_SHA1_KDF (0x02UL) 960 961 /* The following X9.42 DH key derivation functions are defined */ 962 #define CKD_SHA1_KDF_ASN1 (0x03UL) 963 #define CKD_SHA1_KDF_CONCATENATE (0x04UL) 964 #define CKD_SHA224_KDF (0x05UL) 965 #define CKD_SHA256_KDF (0x06UL) 966 #define CKD_SHA384_KDF (0x07UL) 967 #define CKD_SHA512_KDF (0x08UL) 968 #define CKD_CPDIVERSIFY_KDF (0x09UL) 969 970 typedef unsigned long ck_ec_kdf_t; 971 972 struct ck_ecdh1_derive_params { 973 ck_ec_kdf_t kdf; 974 unsigned long shared_data_len; 975 unsigned char *shared_data; 976 unsigned long public_data_len; 977 unsigned char *public_data; 978 }; 979 980 struct ck_key_derivation_string_data { 981 unsigned char *string_data; 982 unsigned long string_data_len; 983 }; 984 985 struct ck_des_cbc_encrypt_data_params { 986 unsigned char iv[8]; 987 unsigned char *data_params; 988 unsigned long length; 989 }; 990 991 struct ck_aes_cbc_encrypt_data_params { 992 unsigned char iv[16]; 993 unsigned char *data_params; 994 unsigned long length; 995 }; 996 997 #define CKF_HW (1UL << 0) 998 #define CKF_ENCRYPT (1UL << 8) 999 #define CKF_DECRYPT (1UL << 9) 1000 #define CKF_DIGEST (1UL << 10) 1001 #define CKF_SIGN (1UL << 11) 1002 #define CKF_SIGN_RECOVER (1UL << 12) 1003 #define CKF_VERIFY (1UL << 13) 1004 #define CKF_VERIFY_RECOVER (1UL << 14) 1005 #define CKF_GENERATE (1UL << 15) 1006 #define CKF_GENERATE_KEY_PAIR (1UL << 16) 1007 #define CKF_WRAP (1UL << 17) 1008 #define CKF_UNWRAP (1UL << 18) 1009 #define CKF_DERIVE (1UL << 19) 1010 #define CKF_EXTENSION ((unsigned long)(1UL << 31)) 1011 1012 #define CKF_EC_F_P (1UL << 20) 1013 #define CKF_EC_NAMEDCURVE (1UL << 23) 1014 #define CKF_EC_UNCOMPRESS (1UL << 24) 1015 #define CKF_EC_COMPRESS (1UL << 25) 1016 1017 /* Flags for C_WaitForSlotEvent. */ 1018 #define CKF_DONT_BLOCK (1UL) 1019 1020 typedef unsigned long ck_rv_t; 1021 1022 typedef ck_rv_t (*ck_notify_t)(ck_session_handle_t session, 1023 ck_notification_t event, void *application); 1024 1025 /* Forward reference. */ 1026 struct ck_function_list; 1027 1028 #define _CK_DECLARE_FUNCTION(name, args) \ 1029 typedef ck_rv_t(*CK_##name) args; \ 1030 ck_rv_t CK_SPEC name args 1031 1032 _CK_DECLARE_FUNCTION(C_Initialize, (void *init_args)); 1033 _CK_DECLARE_FUNCTION(C_Finalize, (void *reserved)); 1034 _CK_DECLARE_FUNCTION(C_GetInfo, (struct ck_info * info)); 1035 _CK_DECLARE_FUNCTION(C_GetFunctionList, 1036 (struct ck_function_list * *function_list)); 1037 1038 _CK_DECLARE_FUNCTION(C_GetSlotList, 1039 (unsigned char token_present, ck_slot_id_t *slot_list, 1040 unsigned long *count)); 1041 _CK_DECLARE_FUNCTION(C_GetSlotInfo, 1042 (ck_slot_id_t slot_id, struct ck_slot_info *info)); 1043 _CK_DECLARE_FUNCTION(C_GetTokenInfo, 1044 (ck_slot_id_t slot_id, struct ck_token_info *info)); 1045 _CK_DECLARE_FUNCTION(C_WaitForSlotEvent, 1046 (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); 1047 _CK_DECLARE_FUNCTION(C_GetMechanismList, 1048 (ck_slot_id_t slot_id, ck_mechanism_type_t *mechanism_list, 1049 unsigned long *count)); 1050 _CK_DECLARE_FUNCTION(C_GetMechanismInfo, 1051 (ck_slot_id_t slot_id, ck_mechanism_type_t type, 1052 struct ck_mechanism_info *info)); 1053 _CK_DECLARE_FUNCTION(C_InitToken, 1054 (ck_slot_id_t slot_id, unsigned char *pin, 1055 unsigned long pin_len, unsigned char *label)); 1056 _CK_DECLARE_FUNCTION(C_InitPIN, (ck_session_handle_t session, 1057 unsigned char *pin, unsigned long pin_len)); 1058 _CK_DECLARE_FUNCTION(C_SetPIN, (ck_session_handle_t session, 1059 unsigned char *old_pin, unsigned long old_len, 1060 unsigned char *new_pin, unsigned long new_len)); 1061 1062 _CK_DECLARE_FUNCTION(C_OpenSession, 1063 (ck_slot_id_t slot_id, ck_flags_t flags, void *application, 1064 ck_notify_t notify, ck_session_handle_t *session)); 1065 _CK_DECLARE_FUNCTION(C_CloseSession, (ck_session_handle_t session)); 1066 _CK_DECLARE_FUNCTION(C_CloseAllSessions, (ck_slot_id_t slot_id)); 1067 _CK_DECLARE_FUNCTION(C_GetSessionInfo, (ck_session_handle_t session, 1068 struct ck_session_info *info)); 1069 _CK_DECLARE_FUNCTION(C_GetOperationState, (ck_session_handle_t session, 1070 unsigned char *operation_state, 1071 unsigned long *operation_state_len)); 1072 _CK_DECLARE_FUNCTION(C_SetOperationState, 1073 (ck_session_handle_t session, 1074 unsigned char *operation_state, 1075 unsigned long operation_state_len, 1076 ck_object_handle_t encryption_key, 1077 ck_object_handle_t authentiation_key)); 1078 _CK_DECLARE_FUNCTION(C_Login, 1079 (ck_session_handle_t session, ck_user_type_t user_type, 1080 unsigned char *pin, unsigned long pin_len)); 1081 _CK_DECLARE_FUNCTION(C_Logout, (ck_session_handle_t session)); 1082 1083 _CK_DECLARE_FUNCTION(C_CreateObject, 1084 (ck_session_handle_t session, struct ck_attribute *templ, 1085 unsigned long count, ck_object_handle_t *object)); 1086 _CK_DECLARE_FUNCTION(C_CopyObject, 1087 (ck_session_handle_t session, ck_object_handle_t object, 1088 struct ck_attribute *templ, unsigned long count, 1089 ck_object_handle_t *new_object)); 1090 _CK_DECLARE_FUNCTION(C_DestroyObject, 1091 (ck_session_handle_t session, ck_object_handle_t object)); 1092 _CK_DECLARE_FUNCTION(C_GetObjectSize, 1093 (ck_session_handle_t session, ck_object_handle_t object, 1094 unsigned long *size)); 1095 _CK_DECLARE_FUNCTION(C_GetAttributeValue, 1096 (ck_session_handle_t session, ck_object_handle_t object, 1097 struct ck_attribute *templ, unsigned long count)); 1098 _CK_DECLARE_FUNCTION(C_SetAttributeValue, 1099 (ck_session_handle_t session, ck_object_handle_t object, 1100 struct ck_attribute *templ, unsigned long count)); 1101 _CK_DECLARE_FUNCTION(C_FindObjectsInit, 1102 (ck_session_handle_t session, struct ck_attribute *templ, 1103 unsigned long count)); 1104 _CK_DECLARE_FUNCTION(C_FindObjects, 1105 (ck_session_handle_t session, ck_object_handle_t *object, 1106 unsigned long max_object_count, 1107 unsigned long *object_count)); 1108 _CK_DECLARE_FUNCTION(C_FindObjectsFinal, (ck_session_handle_t session)); 1109 1110 _CK_DECLARE_FUNCTION(C_EncryptInit, 1111 (ck_session_handle_t session, 1112 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1113 _CK_DECLARE_FUNCTION(C_Encrypt, 1114 (ck_session_handle_t session, unsigned char *data, 1115 unsigned long data_len, unsigned char *encrypted_data, 1116 unsigned long *encrypted_data_len)); 1117 _CK_DECLARE_FUNCTION(C_EncryptUpdate, 1118 (ck_session_handle_t session, unsigned char *part, 1119 unsigned long part_len, unsigned char *encrypted_part, 1120 unsigned long *encrypted_part_len)); 1121 _CK_DECLARE_FUNCTION(C_EncryptFinal, (ck_session_handle_t session, 1122 unsigned char *last_encrypted_part, 1123 unsigned long *last_encrypted_part_len)); 1124 1125 _CK_DECLARE_FUNCTION(C_DecryptInit, 1126 (ck_session_handle_t session, 1127 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1128 _CK_DECLARE_FUNCTION(C_Decrypt, (ck_session_handle_t session, 1129 unsigned char *encrypted_data, 1130 unsigned long encrypted_data_len, 1131 unsigned char *data, unsigned long *data_len)); 1132 _CK_DECLARE_FUNCTION(C_DecryptUpdate, 1133 (ck_session_handle_t session, 1134 unsigned char *encrypted_part, 1135 unsigned long encrypted_part_len, unsigned char *part, 1136 unsigned long *part_len)); 1137 _CK_DECLARE_FUNCTION(C_DecryptFinal, 1138 (ck_session_handle_t session, unsigned char *last_part, 1139 unsigned long *last_part_len)); 1140 1141 _CK_DECLARE_FUNCTION(C_DigestInit, (ck_session_handle_t session, 1142 struct ck_mechanism *mechanism)); 1143 _CK_DECLARE_FUNCTION(C_Digest, 1144 (ck_session_handle_t session, unsigned char *data, 1145 unsigned long data_len, unsigned char *digest, 1146 unsigned long *digest_len)); 1147 _CK_DECLARE_FUNCTION(C_DigestUpdate, 1148 (ck_session_handle_t session, unsigned char *part, 1149 unsigned long part_len)); 1150 _CK_DECLARE_FUNCTION(C_DigestKey, 1151 (ck_session_handle_t session, ck_object_handle_t key)); 1152 _CK_DECLARE_FUNCTION(C_DigestFinal, 1153 (ck_session_handle_t session, unsigned char *digest, 1154 unsigned long *digest_len)); 1155 1156 _CK_DECLARE_FUNCTION(C_SignInit, 1157 (ck_session_handle_t session, 1158 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1159 _CK_DECLARE_FUNCTION(C_Sign, (ck_session_handle_t session, unsigned char *data, 1160 unsigned long data_len, unsigned char *signature, 1161 unsigned long *signature_len)); 1162 _CK_DECLARE_FUNCTION(C_SignUpdate, 1163 (ck_session_handle_t session, unsigned char *part, 1164 unsigned long part_len)); 1165 _CK_DECLARE_FUNCTION(C_SignFinal, 1166 (ck_session_handle_t session, unsigned char *signature, 1167 unsigned long *signature_len)); 1168 _CK_DECLARE_FUNCTION(C_SignRecoverInit, 1169 (ck_session_handle_t session, 1170 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1171 _CK_DECLARE_FUNCTION(C_SignRecover, 1172 (ck_session_handle_t session, unsigned char *data, 1173 unsigned long data_len, unsigned char *signature, 1174 unsigned long *signature_len)); 1175 1176 _CK_DECLARE_FUNCTION(C_VerifyInit, 1177 (ck_session_handle_t session, 1178 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1179 _CK_DECLARE_FUNCTION(C_Verify, 1180 (ck_session_handle_t session, unsigned char *data, 1181 unsigned long data_len, unsigned char *signature, 1182 unsigned long signature_len)); 1183 _CK_DECLARE_FUNCTION(C_VerifyUpdate, 1184 (ck_session_handle_t session, unsigned char *part, 1185 unsigned long part_len)); 1186 _CK_DECLARE_FUNCTION(C_VerifyFinal, 1187 (ck_session_handle_t session, unsigned char *signature, 1188 unsigned long signature_len)); 1189 _CK_DECLARE_FUNCTION(C_VerifyRecoverInit, 1190 (ck_session_handle_t session, 1191 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1192 _CK_DECLARE_FUNCTION(C_VerifyRecover, 1193 (ck_session_handle_t session, unsigned char *signature, 1194 unsigned long signature_len, unsigned char *data, 1195 unsigned long *data_len)); 1196 1197 _CK_DECLARE_FUNCTION(C_DigestEncryptUpdate, 1198 (ck_session_handle_t session, unsigned char *part, 1199 unsigned long part_len, unsigned char *encrypted_part, 1200 unsigned long *encrypted_part_len)); 1201 _CK_DECLARE_FUNCTION(C_DecryptDigestUpdate, 1202 (ck_session_handle_t session, 1203 unsigned char *encrypted_part, 1204 unsigned long encrypted_part_len, unsigned char *part, 1205 unsigned long *part_len)); 1206 _CK_DECLARE_FUNCTION(C_SignEncryptUpdate, 1207 (ck_session_handle_t session, unsigned char *part, 1208 unsigned long part_len, unsigned char *encrypted_part, 1209 unsigned long *encrypted_part_len)); 1210 _CK_DECLARE_FUNCTION(C_DecryptVerifyUpdate, 1211 (ck_session_handle_t session, 1212 unsigned char *encrypted_part, 1213 unsigned long encrypted_part_len, unsigned char *part, 1214 unsigned long *part_len)); 1215 1216 _CK_DECLARE_FUNCTION(C_GenerateKey, 1217 (ck_session_handle_t session, 1218 struct ck_mechanism *mechanism, 1219 struct ck_attribute *templ, unsigned long count, 1220 ck_object_handle_t *key)); 1221 _CK_DECLARE_FUNCTION(C_GenerateKeyPair, 1222 (ck_session_handle_t session, 1223 struct ck_mechanism *mechanism, 1224 struct ck_attribute *public_key_template, 1225 unsigned long public_key_attribute_count, 1226 struct ck_attribute *private_key_template, 1227 unsigned long private_key_attribute_count, 1228 ck_object_handle_t *public_key, 1229 ck_object_handle_t *private_key)); 1230 _CK_DECLARE_FUNCTION(C_WrapKey, 1231 (ck_session_handle_t session, 1232 struct ck_mechanism *mechanism, 1233 ck_object_handle_t wrapping_key, ck_object_handle_t key, 1234 unsigned char *wrapped_key, 1235 unsigned long *wrapped_key_len)); 1236 _CK_DECLARE_FUNCTION(C_UnwrapKey, 1237 (ck_session_handle_t session, 1238 struct ck_mechanism *mechanism, 1239 ck_object_handle_t unwrapping_key, 1240 unsigned char *wrapped_key, unsigned long wrapped_key_len, 1241 struct ck_attribute *templ, unsigned long attribute_count, 1242 ck_object_handle_t *key)); 1243 _CK_DECLARE_FUNCTION(C_DeriveKey, 1244 (ck_session_handle_t session, 1245 struct ck_mechanism *mechanism, 1246 ck_object_handle_t base_key, struct ck_attribute *templ, 1247 unsigned long attribute_count, ck_object_handle_t *key)); 1248 1249 _CK_DECLARE_FUNCTION(C_SeedRandom, 1250 (ck_session_handle_t session, unsigned char *seed, 1251 unsigned long seed_len)); 1252 _CK_DECLARE_FUNCTION(C_GenerateRandom, 1253 (ck_session_handle_t session, unsigned char *random_data, 1254 unsigned long random_len)); 1255 1256 _CK_DECLARE_FUNCTION(C_GetFunctionStatus, (ck_session_handle_t session)); 1257 _CK_DECLARE_FUNCTION(C_CancelFunction, (ck_session_handle_t session)); 1258 1259 struct ck_function_list { 1260 struct ck_version version; 1261 CK_C_Initialize C_Initialize; 1262 CK_C_Finalize C_Finalize; 1263 CK_C_GetInfo C_GetInfo; 1264 CK_C_GetFunctionList C_GetFunctionList; 1265 CK_C_GetSlotList C_GetSlotList; 1266 CK_C_GetSlotInfo C_GetSlotInfo; 1267 CK_C_GetTokenInfo C_GetTokenInfo; 1268 CK_C_GetMechanismList C_GetMechanismList; 1269 CK_C_GetMechanismInfo C_GetMechanismInfo; 1270 CK_C_InitToken C_InitToken; 1271 CK_C_InitPIN C_InitPIN; 1272 CK_C_SetPIN C_SetPIN; 1273 CK_C_OpenSession C_OpenSession; 1274 CK_C_CloseSession C_CloseSession; 1275 CK_C_CloseAllSessions C_CloseAllSessions; 1276 CK_C_GetSessionInfo C_GetSessionInfo; 1277 CK_C_GetOperationState C_GetOperationState; 1278 CK_C_SetOperationState C_SetOperationState; 1279 CK_C_Login C_Login; 1280 CK_C_Logout C_Logout; 1281 CK_C_CreateObject C_CreateObject; 1282 CK_C_CopyObject C_CopyObject; 1283 CK_C_DestroyObject C_DestroyObject; 1284 CK_C_GetObjectSize C_GetObjectSize; 1285 CK_C_GetAttributeValue C_GetAttributeValue; 1286 CK_C_SetAttributeValue C_SetAttributeValue; 1287 CK_C_FindObjectsInit C_FindObjectsInit; 1288 CK_C_FindObjects C_FindObjects; 1289 CK_C_FindObjectsFinal C_FindObjectsFinal; 1290 CK_C_EncryptInit C_EncryptInit; 1291 CK_C_Encrypt C_Encrypt; 1292 CK_C_EncryptUpdate C_EncryptUpdate; 1293 CK_C_EncryptFinal C_EncryptFinal; 1294 CK_C_DecryptInit C_DecryptInit; 1295 CK_C_Decrypt C_Decrypt; 1296 CK_C_DecryptUpdate C_DecryptUpdate; 1297 CK_C_DecryptFinal C_DecryptFinal; 1298 CK_C_DigestInit C_DigestInit; 1299 CK_C_Digest C_Digest; 1300 CK_C_DigestUpdate C_DigestUpdate; 1301 CK_C_DigestKey C_DigestKey; 1302 CK_C_DigestFinal C_DigestFinal; 1303 CK_C_SignInit C_SignInit; 1304 CK_C_Sign C_Sign; 1305 CK_C_SignUpdate C_SignUpdate; 1306 CK_C_SignFinal C_SignFinal; 1307 CK_C_SignRecoverInit C_SignRecoverInit; 1308 CK_C_SignRecover C_SignRecover; 1309 CK_C_VerifyInit C_VerifyInit; 1310 CK_C_Verify C_Verify; 1311 CK_C_VerifyUpdate C_VerifyUpdate; 1312 CK_C_VerifyFinal C_VerifyFinal; 1313 CK_C_VerifyRecoverInit C_VerifyRecoverInit; 1314 CK_C_VerifyRecover C_VerifyRecover; 1315 CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; 1316 CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; 1317 CK_C_SignEncryptUpdate C_SignEncryptUpdate; 1318 CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; 1319 CK_C_GenerateKey C_GenerateKey; 1320 CK_C_GenerateKeyPair C_GenerateKeyPair; 1321 CK_C_WrapKey C_WrapKey; 1322 CK_C_UnwrapKey C_UnwrapKey; 1323 CK_C_DeriveKey C_DeriveKey; 1324 CK_C_SeedRandom C_SeedRandom; 1325 CK_C_GenerateRandom C_GenerateRandom; 1326 CK_C_GetFunctionStatus C_GetFunctionStatus; 1327 CK_C_CancelFunction C_CancelFunction; 1328 CK_C_WaitForSlotEvent C_WaitForSlotEvent; 1329 }; 1330 1331 typedef ck_rv_t (*ck_createmutex_t)(void **mutex); 1332 typedef ck_rv_t (*ck_destroymutex_t)(void *mutex); 1333 typedef ck_rv_t (*ck_lockmutex_t)(void *mutex); 1334 typedef ck_rv_t (*ck_unlockmutex_t)(void *mutex); 1335 1336 struct ck_c_initialize_args { 1337 ck_createmutex_t create_mutex; 1338 ck_destroymutex_t destroy_mutex; 1339 ck_lockmutex_t lock_mutex; 1340 ck_unlockmutex_t unlock_mutex; 1341 ck_flags_t flags; 1342 void *reserved; 1343 }; 1344 1345 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1UL << 0) 1346 #define CKF_OS_LOCKING_OK (1UL << 1) 1347 1348 #define CKR_OK (0UL) 1349 #define CKR_CANCEL (1UL) 1350 #define CKR_HOST_MEMORY (2UL) 1351 #define CKR_SLOT_ID_INVALID (3UL) 1352 #define CKR_GENERAL_ERROR (5UL) 1353 #define CKR_FUNCTION_FAILED (6UL) 1354 #define CKR_ARGUMENTS_BAD (7UL) 1355 #define CKR_NO_EVENT (8UL) 1356 #define CKR_NEED_TO_CREATE_THREADS (9UL) 1357 #define CKR_CANT_LOCK (0xaUL) 1358 #define CKR_ATTRIBUTE_READ_ONLY (0x10UL) 1359 #define CKR_ATTRIBUTE_SENSITIVE (0x11UL) 1360 #define CKR_ATTRIBUTE_TYPE_INVALID (0x12UL) 1361 #define CKR_ATTRIBUTE_VALUE_INVALID (0x13UL) 1362 #define CKR_ACTION_PROHIBITED (0x1BUL) 1363 #define CKR_DATA_INVALID (0x20UL) 1364 #define CKR_DATA_LEN_RANGE (0x21UL) 1365 #define CKR_DEVICE_ERROR (0x30UL) 1366 #define CKR_DEVICE_MEMORY (0x31UL) 1367 #define CKR_DEVICE_REMOVED (0x32UL) 1368 #define CKR_ENCRYPTED_DATA_INVALID (0x40UL) 1369 #define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41UL) 1370 #define CKR_FUNCTION_CANCELED (0x50UL) 1371 #define CKR_FUNCTION_NOT_PARALLEL (0x51UL) 1372 #define CKR_FUNCTION_NOT_SUPPORTED (0x54UL) 1373 #define CKR_KEY_HANDLE_INVALID (0x60UL) 1374 #define CKR_KEY_SIZE_RANGE (0x62UL) 1375 #define CKR_KEY_TYPE_INCONSISTENT (0x63UL) 1376 #define CKR_KEY_NOT_NEEDED (0x64UL) 1377 #define CKR_KEY_CHANGED (0x65UL) 1378 #define CKR_KEY_NEEDED (0x66UL) 1379 #define CKR_KEY_INDIGESTIBLE (0x67UL) 1380 #define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68UL) 1381 #define CKR_KEY_NOT_WRAPPABLE (0x69UL) 1382 #define CKR_KEY_UNEXTRACTABLE (0x6aUL) 1383 #define CKR_MECHANISM_INVALID (0x70UL) 1384 #define CKR_MECHANISM_PARAM_INVALID (0x71UL) 1385 #define CKR_OBJECT_HANDLE_INVALID (0x82UL) 1386 #define CKR_OPERATION_ACTIVE (0x90UL) 1387 #define CKR_OPERATION_NOT_INITIALIZED (0x91UL) 1388 #define CKR_PIN_INCORRECT (0xa0UL) 1389 #define CKR_PIN_INVALID (0xa1UL) 1390 #define CKR_PIN_LEN_RANGE (0xa2UL) 1391 #define CKR_PIN_EXPIRED (0xa3UL) 1392 #define CKR_PIN_LOCKED (0xa4UL) 1393 #define CKR_SESSION_CLOSED (0xb0UL) 1394 #define CKR_SESSION_COUNT (0xb1UL) 1395 #define CKR_SESSION_HANDLE_INVALID (0xb3UL) 1396 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4UL) 1397 #define CKR_SESSION_READ_ONLY (0xb5UL) 1398 #define CKR_SESSION_EXISTS (0xb6UL) 1399 #define CKR_SESSION_READ_ONLY_EXISTS (0xb7UL) 1400 #define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8UL) 1401 #define CKR_SIGNATURE_INVALID (0xc0UL) 1402 #define CKR_SIGNATURE_LEN_RANGE (0xc1UL) 1403 #define CKR_TEMPLATE_INCOMPLETE (0xd0UL) 1404 #define CKR_TEMPLATE_INCONSISTENT (0xd1UL) 1405 #define CKR_TOKEN_NOT_PRESENT (0xe0UL) 1406 #define CKR_TOKEN_NOT_RECOGNIZED (0xe1UL) 1407 #define CKR_TOKEN_WRITE_PROTECTED (0xe2UL) 1408 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0UL) 1409 #define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1UL) 1410 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2UL) 1411 #define CKR_USER_ALREADY_LOGGED_IN (0x100UL) 1412 #define CKR_USER_NOT_LOGGED_IN (0x101UL) 1413 #define CKR_USER_PIN_NOT_INITIALIZED (0x102UL) 1414 #define CKR_USER_TYPE_INVALID (0x103UL) 1415 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104UL) 1416 #define CKR_USER_TOO_MANY_TYPES (0x105UL) 1417 #define CKR_WRAPPED_KEY_INVALID (0x110UL) 1418 #define CKR_WRAPPED_KEY_LEN_RANGE (0x112UL) 1419 #define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113UL) 1420 #define CKR_WRAPPING_KEY_SIZE_RANGE (0x114UL) 1421 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115UL) 1422 #define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120UL) 1423 #define CKR_RANDOM_NO_RNG (0x121UL) 1424 #define CKR_DOMAIN_PARAMS_INVALID (0x130UL) 1425 #define CKR_BUFFER_TOO_SMALL (0x150UL) 1426 #define CKR_SAVED_STATE_INVALID (0x160UL) 1427 #define CKR_INFORMATION_SENSITIVE (0x170UL) 1428 #define CKR_STATE_UNSAVEABLE (0x180UL) 1429 #define CKR_CRYPTOKI_NOT_INITIALIZED (0x190UL) 1430 #define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191UL) 1431 #define CKR_MUTEX_BAD (0x1a0UL) 1432 #define CKR_MUTEX_NOT_LOCKED (0x1a1UL) 1433 #define CKR_NEW_PIN_MODE (0x1b0UL) 1434 #define CKR_NEXT_OTP (0x1b1UL) 1435 #define CKR_EXCEEDED_MAX_ITERATIONS (0x1c0UL) 1436 #define CKR_FIPS_SELF_TEST_FAILED (0x1c1UL) 1437 #define CKR_LIBRARY_LOAD_FAILED (0x1c2UL) 1438 #define CKR_PIN_TOO_WEAK (0x1c3UL) 1439 #define CKR_PUBLIC_KEY_INVALID (0x1c4UL) 1440 #define CKR_FUNCTION_REJECTED (0x200UL) 1441 #define CKR_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 1442 1443 #define CKZ_DATA_SPECIFIED (0x01UL) 1444 1445 /* Compatibility layer. */ 1446 1447 #ifdef CRYPTOKI_COMPAT 1448 1449 #undef CK_DEFINE_FUNCTION 1450 #define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name 1451 1452 /* For NULL. */ 1453 #include <stddef.h> 1454 1455 typedef unsigned char CK_BYTE; 1456 typedef unsigned char CK_CHAR; 1457 typedef unsigned char CK_UTF8CHAR; 1458 typedef unsigned char CK_BBOOL; 1459 typedef unsigned long int CK_ULONG; 1460 typedef long int CK_LONG; 1461 typedef CK_BYTE *CK_BYTE_PTR; 1462 typedef CK_CHAR *CK_CHAR_PTR; 1463 typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; 1464 typedef CK_ULONG *CK_ULONG_PTR; 1465 typedef void *CK_VOID_PTR; 1466 typedef void **CK_VOID_PTR_PTR; 1467 #define CK_FALSE 0 1468 #define CK_TRUE 1 1469 #ifndef CK_DISABLE_TRUE_FALSE 1470 #ifndef FALSE 1471 #define FALSE 0 1472 #endif /* ifndef FALSE */ 1473 #ifndef TRUE 1474 #define TRUE 1 1475 #endif /* ifndef TRUE */ 1476 #endif /* ifndef CK_DISABLE_TRUE_FALSE */ 1477 1478 typedef struct ck_version CK_VERSION; 1479 typedef struct ck_version *CK_VERSION_PTR; 1480 1481 typedef struct ck_info CK_INFO; 1482 typedef struct ck_info *CK_INFO_PTR; 1483 1484 typedef ck_slot_id_t *CK_SLOT_ID_PTR; 1485 1486 typedef struct ck_slot_info CK_SLOT_INFO; 1487 typedef struct ck_slot_info *CK_SLOT_INFO_PTR; 1488 1489 typedef struct ck_token_info CK_TOKEN_INFO; 1490 typedef struct ck_token_info *CK_TOKEN_INFO_PTR; 1491 1492 typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR; 1493 1494 typedef struct ck_session_info CK_SESSION_INFO; 1495 typedef struct ck_session_info *CK_SESSION_INFO_PTR; 1496 1497 typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR; 1498 1499 typedef ck_object_class_t *CK_OBJECT_CLASS_PTR; 1500 1501 typedef struct ck_attribute CK_ATTRIBUTE; 1502 typedef struct ck_attribute *CK_ATTRIBUTE_PTR; 1503 1504 typedef struct ck_date CK_DATE; 1505 typedef struct ck_date *CK_DATE_PTR; 1506 1507 typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; 1508 1509 typedef struct ck_mechanism CK_MECHANISM; 1510 typedef struct ck_mechanism *CK_MECHANISM_PTR; 1511 1512 typedef struct ck_mechanism_info CK_MECHANISM_INFO; 1513 typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; 1514 1515 typedef struct ck_otp_mechanism_info CK_OTP_MECHANISM_INFO; 1516 typedef struct ck_otp_mechanism_info *CK_OTP_MECHANISM_INFO_PTR; 1517 1518 typedef struct ck_function_list CK_FUNCTION_LIST; 1519 typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; 1520 typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; 1521 1522 typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; 1523 typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; 1524 1525 typedef struct ck_rsa_pkcs_pss_params CK_RSA_PKCS_PSS_PARAMS; 1526 typedef struct ck_rsa_pkcs_pss_params *CK_RSA_PKCS_PSS_PARAMS_PTR; 1527 1528 typedef struct ck_rsa_pkcs_oaep_params CK_RSA_PKCS_OAEP_PARAMS; 1529 typedef struct ck_rsa_pkcs_oaep_params *CK_RSA_PKCS_OAEP_PARAMS_PTR; 1530 1531 typedef struct ck_aes_ctr_params CK_AES_CTR_PARAMS; 1532 typedef struct ck_aes_ctr_params *CK_AES_CTR_PARAMS_PTR; 1533 1534 typedef struct ck_gcm_params CK_GCM_PARAMS; 1535 typedef struct ck_gcm_params *CK_GCM_PARAMS_PTR; 1536 1537 typedef struct ck_ecdh1_derive_params CK_ECDH1_DERIVE_PARAMS; 1538 typedef struct ck_ecdh1_derive_params *CK_ECDH1_DERIVE_PARAMS_PTR; 1539 1540 typedef struct ck_key_derivation_string_data CK_KEY_DERIVATION_STRING_DATA; 1541 typedef struct ck_key_derivation_string_data *CK_KEY_DERIVATION_STRING_DATA_PTR; 1542 1543 typedef struct ck_des_cbc_encrypt_data_params CK_DES_CBC_ENCRYPT_DATA_PARAMS; 1544 typedef struct ck_des_cbc_encrypt_data_params 1545 *CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; 1546 1547 typedef struct ck_aes_cbc_encrypt_data_params CK_AES_CBC_ENCRYPT_DATA_PARAMS; 1548 typedef struct ck_aes_cbc_encrypt_data_params 1549 *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; 1550 1551 #ifndef NULL_PTR 1552 #define NULL_PTR NULL 1553 #endif /* ifndef NULL_PTR */ 1554 1555 /* Delete the helper macros defined at the top of the file. */ 1556 #undef ck_flags_t 1557 #undef ck_version 1558 1559 #undef ck_info 1560 #undef cryptoki_version 1561 #undef manufacturer_id 1562 #undef library_description 1563 #undef library_version 1564 1565 #undef ck_notification_t 1566 #undef ck_slot_id_t 1567 1568 #undef ck_slot_info 1569 #undef slot_description 1570 #undef hardware_version 1571 #undef firmware_version 1572 1573 #undef ck_token_info 1574 #undef serial_number 1575 #undef max_session_count 1576 #undef session_count 1577 #undef max_rw_session_count 1578 #undef rw_session_count 1579 #undef max_pin_len 1580 #undef min_pin_len 1581 #undef total_public_memory 1582 #undef free_public_memory 1583 #undef total_private_memory 1584 #undef free_private_memory 1585 #undef utc_time 1586 1587 #undef ck_session_handle_t 1588 #undef ck_user_type_t 1589 #undef ck_state_t 1590 1591 #undef ck_session_info 1592 #undef slot_id 1593 #undef device_error 1594 1595 #undef ck_object_handle_t 1596 #undef ck_object_class_t 1597 #undef ck_hw_feature_type_t 1598 #undef ck_key_type_t 1599 #undef ck_certificate_type_t 1600 #undef ck_attribute_type_t 1601 1602 #undef ck_attribute 1603 #undef value 1604 #undef value_len 1605 1606 #undef params 1607 #undef count 1608 1609 #undef ck_date 1610 1611 #undef ck_mechanism_type_t 1612 1613 #undef ck_mechanism 1614 #undef parameter 1615 #undef parameter_len 1616 1617 #undef ck_mechanism_info 1618 1619 #undef ck_param_type 1620 #undef ck_otp_param 1621 #undef ck_otp_params 1622 #undef ck_otp_signature_info 1623 1624 #undef min_key_size 1625 #undef max_key_size 1626 1627 #undef ck_rv_t 1628 #undef ck_notify_t 1629 1630 #undef ck_function_list 1631 1632 #undef ck_createmutex_t 1633 #undef ck_destroymutex_t 1634 #undef ck_lockmutex_t 1635 #undef ck_unlockmutex_t 1636 1637 #undef ck_c_initialize_args 1638 #undef create_mutex 1639 #undef destroy_mutex 1640 #undef lock_mutex 1641 #undef unlock_mutex 1642 #undef reserved 1643 1644 #endif /* CRYPTOKI_COMPAT */ 1645 1646 /* System dependencies. */ 1647 #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) 1648 #pragma pack(pop, cryptoki) 1649 #endif /* if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) */ 1650 1651 #if defined(__cplusplus) 1652 } 1653 #endif /* if defined(__cplusplus) */ 1654 1655 #endif /* PKCS11_H */ 1656