1 /* $NetBSD: pkcs11f.h,v 1.1.1.3 2014/12/10 03:34:44 christos Exp $ */ 2 3 /* pkcs11f.h include file for PKCS #11. */ 4 /* Revision: 1.2 */ 5 6 /* License to copy and use this software is granted provided that it is 7 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 8 * (Cryptoki)" in all material mentioning or referencing this software. 9 10 * License is also granted to make and use derivative works provided that 11 * such works are identified as "derived from the RSA Security Inc. PKCS #11 12 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 13 * referencing the derived work. 14 15 * RSA Security Inc. makes no representations concerning either the 16 * merchantability of this software or the suitability of this software for 17 * any particular purpose. It is provided "as is" without express or implied 18 * warranty of any kind. 19 */ 20 21 /* This header file contains pretty much everything about all the */ 22 /* Cryptoki function prototypes. Because this information is */ 23 /* used for more than just declaring function prototypes, the */ 24 /* order of the functions appearing herein is important, and */ 25 /* should not be altered. */ 26 27 /* General-purpose */ 28 29 /* C_Initialize initializes the Cryptoki library. */ 30 CK_PKCS11_FUNCTION_INFO(C_Initialize) 31 #ifdef CK_NEED_ARG_LIST 32 ( 33 CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets 34 * cast to CK_C_INITIALIZE_ARGS_PTR 35 * and dereferenced */ 36 ); 37 #endif 38 39 40 /* C_Finalize indicates that an application is done with the 41 * Cryptoki library. */ 42 CK_PKCS11_FUNCTION_INFO(C_Finalize) 43 #ifdef CK_NEED_ARG_LIST 44 ( 45 CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ 46 ); 47 #endif 48 49 50 /* C_GetInfo returns general information about Cryptoki. */ 51 CK_PKCS11_FUNCTION_INFO(C_GetInfo) 52 #ifdef CK_NEED_ARG_LIST 53 ( 54 CK_INFO_PTR pInfo /* location that receives information */ 55 ); 56 #endif 57 58 59 /* C_GetFunctionList returns the function list. */ 60 CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) 61 #ifdef CK_NEED_ARG_LIST 62 ( 63 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to 64 * function list */ 65 ); 66 #endif 67 68 69 70 /* Slot and token management */ 71 72 /* C_GetSlotList obtains a list of slots in the system. */ 73 CK_PKCS11_FUNCTION_INFO(C_GetSlotList) 74 #ifdef CK_NEED_ARG_LIST 75 ( 76 CK_BBOOL tokenPresent, /* only slots with tokens? */ 77 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ 78 CK_ULONG_PTR pulCount /* receives number of slots */ 79 ); 80 #endif 81 82 83 /* C_GetSlotInfo obtains information about a particular slot in 84 * the system. */ 85 CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) 86 #ifdef CK_NEED_ARG_LIST 87 ( 88 CK_SLOT_ID slotID, /* the ID of the slot */ 89 CK_SLOT_INFO_PTR pInfo /* receives the slot information */ 90 ); 91 #endif 92 93 94 /* C_GetTokenInfo obtains information about a particular token 95 * in the system. */ 96 CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) 97 #ifdef CK_NEED_ARG_LIST 98 ( 99 CK_SLOT_ID slotID, /* ID of the token's slot */ 100 CK_TOKEN_INFO_PTR pInfo /* receives the token information */ 101 ); 102 #endif 103 104 105 /* C_GetMechanismList obtains a list of mechanism types 106 * supported by a token. */ 107 CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) 108 #ifdef CK_NEED_ARG_LIST 109 ( 110 CK_SLOT_ID slotID, /* ID of token's slot */ 111 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ 112 CK_ULONG_PTR pulCount /* gets # of mechs. */ 113 ); 114 #endif 115 116 117 /* C_GetMechanismInfo obtains information about a particular 118 * mechanism possibly supported by a token. */ 119 CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) 120 #ifdef CK_NEED_ARG_LIST 121 ( 122 CK_SLOT_ID slotID, /* ID of the token's slot */ 123 CK_MECHANISM_TYPE type, /* type of mechanism */ 124 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ 125 ); 126 #endif 127 128 129 /* C_InitToken initializes a token. */ 130 CK_PKCS11_FUNCTION_INFO(C_InitToken) 131 #ifdef CK_NEED_ARG_LIST 132 /* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ 133 ( 134 CK_SLOT_ID slotID, /* ID of the token's slot */ 135 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ 136 CK_ULONG ulPinLen, /* length in bytes of the PIN */ 137 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ 138 ); 139 #endif 140 141 142 /* C_InitPIN initializes the normal user's PIN. */ 143 CK_PKCS11_FUNCTION_INFO(C_InitPIN) 144 #ifdef CK_NEED_ARG_LIST 145 ( 146 CK_SESSION_HANDLE hSession, /* the session's handle */ 147 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ 148 CK_ULONG ulPinLen /* length in bytes of the PIN */ 149 ); 150 #endif 151 152 153 /* C_SetPIN modifies the PIN of the user who is logged in. */ 154 CK_PKCS11_FUNCTION_INFO(C_SetPIN) 155 #ifdef CK_NEED_ARG_LIST 156 ( 157 CK_SESSION_HANDLE hSession, /* the session's handle */ 158 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ 159 CK_ULONG ulOldLen, /* length of the old PIN */ 160 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ 161 CK_ULONG ulNewLen /* length of the new PIN */ 162 ); 163 #endif 164 165 166 167 /* Session management */ 168 169 /* C_OpenSession opens a session between an application and a 170 * token. */ 171 CK_PKCS11_FUNCTION_INFO(C_OpenSession) 172 #ifdef CK_NEED_ARG_LIST 173 ( 174 CK_SLOT_ID slotID, /* the slot's ID */ 175 CK_FLAGS flags, /* from CK_SESSION_INFO */ 176 CK_VOID_PTR pApplication, /* passed to callback */ 177 CK_NOTIFY Notify, /* callback function */ 178 CK_SESSION_HANDLE_PTR phSession /* gets session handle */ 179 ); 180 #endif 181 182 183 /* C_CloseSession closes a session between an application and a 184 * token. */ 185 CK_PKCS11_FUNCTION_INFO(C_CloseSession) 186 #ifdef CK_NEED_ARG_LIST 187 ( 188 CK_SESSION_HANDLE hSession /* the session's handle */ 189 ); 190 #endif 191 192 193 /* C_CloseAllSessions closes all sessions with a token. */ 194 CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) 195 #ifdef CK_NEED_ARG_LIST 196 ( 197 CK_SLOT_ID slotID /* the token's slot */ 198 ); 199 #endif 200 201 202 /* C_GetSessionInfo obtains information about the session. */ 203 CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) 204 #ifdef CK_NEED_ARG_LIST 205 ( 206 CK_SESSION_HANDLE hSession, /* the session's handle */ 207 CK_SESSION_INFO_PTR pInfo /* receives session info */ 208 ); 209 #endif 210 211 212 /* C_GetOperationState obtains the state of the cryptographic operation 213 * in a session. */ 214 CK_PKCS11_FUNCTION_INFO(C_GetOperationState) 215 #ifdef CK_NEED_ARG_LIST 216 ( 217 CK_SESSION_HANDLE hSession, /* session's handle */ 218 CK_BYTE_PTR pOperationState, /* gets state */ 219 CK_ULONG_PTR pulOperationStateLen /* gets state length */ 220 ); 221 #endif 222 223 224 /* C_SetOperationState restores the state of the cryptographic 225 * operation in a session. */ 226 CK_PKCS11_FUNCTION_INFO(C_SetOperationState) 227 #ifdef CK_NEED_ARG_LIST 228 ( 229 CK_SESSION_HANDLE hSession, /* session's handle */ 230 CK_BYTE_PTR pOperationState, /* holds state */ 231 CK_ULONG ulOperationStateLen, /* holds state length */ 232 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ 233 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ 234 ); 235 #endif 236 237 238 /* C_Login logs a user into a token. */ 239 CK_PKCS11_FUNCTION_INFO(C_Login) 240 #ifdef CK_NEED_ARG_LIST 241 ( 242 CK_SESSION_HANDLE hSession, /* the session's handle */ 243 CK_USER_TYPE userType, /* the user type */ 244 CK_UTF8CHAR_PTR pPin, /* the user's PIN */ 245 CK_ULONG ulPinLen /* the length of the PIN */ 246 ); 247 #endif 248 249 250 /* C_Logout logs a user out from a token. */ 251 CK_PKCS11_FUNCTION_INFO(C_Logout) 252 #ifdef CK_NEED_ARG_LIST 253 ( 254 CK_SESSION_HANDLE hSession /* the session's handle */ 255 ); 256 #endif 257 258 259 260 /* Object management */ 261 262 /* C_CreateObject creates a new object. */ 263 CK_PKCS11_FUNCTION_INFO(C_CreateObject) 264 #ifdef CK_NEED_ARG_LIST 265 ( 266 CK_SESSION_HANDLE hSession, /* the session's handle */ 267 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ 268 CK_ULONG ulCount, /* attributes in template */ 269 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ 270 ); 271 #endif 272 273 274 /* C_CopyObject copies an object, creating a new object for the 275 * copy. */ 276 CK_PKCS11_FUNCTION_INFO(C_CopyObject) 277 #ifdef CK_NEED_ARG_LIST 278 ( 279 CK_SESSION_HANDLE hSession, /* the session's handle */ 280 CK_OBJECT_HANDLE hObject, /* the object's handle */ 281 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ 282 CK_ULONG ulCount, /* attributes in template */ 283 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ 284 ); 285 #endif 286 287 288 /* C_DestroyObject destroys an object. */ 289 CK_PKCS11_FUNCTION_INFO(C_DestroyObject) 290 #ifdef CK_NEED_ARG_LIST 291 ( 292 CK_SESSION_HANDLE hSession, /* the session's handle */ 293 CK_OBJECT_HANDLE hObject /* the object's handle */ 294 ); 295 #endif 296 297 298 /* C_GetObjectSize gets the size of an object in bytes. */ 299 CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) 300 #ifdef CK_NEED_ARG_LIST 301 ( 302 CK_SESSION_HANDLE hSession, /* the session's handle */ 303 CK_OBJECT_HANDLE hObject, /* the object's handle */ 304 CK_ULONG_PTR pulSize /* receives size of object */ 305 ); 306 #endif 307 308 309 /* C_GetAttributeValue obtains the value of one or more object 310 * attributes. */ 311 CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) 312 #ifdef CK_NEED_ARG_LIST 313 ( 314 CK_SESSION_HANDLE hSession, /* the session's handle */ 315 CK_OBJECT_HANDLE hObject, /* the object's handle */ 316 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ 317 CK_ULONG ulCount /* attributes in template */ 318 ); 319 #endif 320 321 322 /* C_SetAttributeValue modifies the value of one or more object 323 * attributes */ 324 CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) 325 #ifdef CK_NEED_ARG_LIST 326 ( 327 CK_SESSION_HANDLE hSession, /* the session's handle */ 328 CK_OBJECT_HANDLE hObject, /* the object's handle */ 329 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ 330 CK_ULONG ulCount /* attributes in template */ 331 ); 332 #endif 333 334 335 /* C_FindObjectsInit initializes a search for token and session 336 * objects that match a template. */ 337 CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) 338 #ifdef CK_NEED_ARG_LIST 339 ( 340 CK_SESSION_HANDLE hSession, /* the session's handle */ 341 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ 342 CK_ULONG ulCount /* attrs in search template */ 343 ); 344 #endif 345 346 347 /* C_FindObjects continues a search for token and session 348 * objects that match a template, obtaining additional object 349 * handles. */ 350 CK_PKCS11_FUNCTION_INFO(C_FindObjects) 351 #ifdef CK_NEED_ARG_LIST 352 ( 353 CK_SESSION_HANDLE hSession, /* session's handle */ 354 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ 355 CK_ULONG ulMaxObjectCount, /* max handles to get */ 356 CK_ULONG_PTR pulObjectCount /* actual # returned */ 357 ); 358 #endif 359 360 361 /* C_FindObjectsFinal finishes a search for token and session 362 * objects. */ 363 CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) 364 #ifdef CK_NEED_ARG_LIST 365 ( 366 CK_SESSION_HANDLE hSession /* the session's handle */ 367 ); 368 #endif 369 370 371 372 /* Encryption and decryption */ 373 374 /* C_EncryptInit initializes an encryption operation. */ 375 CK_PKCS11_FUNCTION_INFO(C_EncryptInit) 376 #ifdef CK_NEED_ARG_LIST 377 ( 378 CK_SESSION_HANDLE hSession, /* the session's handle */ 379 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ 380 CK_OBJECT_HANDLE hKey /* handle of encryption key */ 381 ); 382 #endif 383 384 385 /* C_Encrypt encrypts single-part data. */ 386 CK_PKCS11_FUNCTION_INFO(C_Encrypt) 387 #ifdef CK_NEED_ARG_LIST 388 ( 389 CK_SESSION_HANDLE hSession, /* session's handle */ 390 CK_BYTE_PTR pData, /* the plaintext data */ 391 CK_ULONG ulDataLen, /* bytes of plaintext */ 392 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ 393 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ 394 ); 395 #endif 396 397 398 /* C_EncryptUpdate continues a multiple-part encryption 399 * operation. */ 400 CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) 401 #ifdef CK_NEED_ARG_LIST 402 ( 403 CK_SESSION_HANDLE hSession, /* session's handle */ 404 CK_BYTE_PTR pPart, /* the plaintext data */ 405 CK_ULONG ulPartLen, /* plaintext data len */ 406 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 407 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ 408 ); 409 #endif 410 411 412 /* C_EncryptFinal finishes a multiple-part encryption 413 * operation. */ 414 CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) 415 #ifdef CK_NEED_ARG_LIST 416 ( 417 CK_SESSION_HANDLE hSession, /* session handle */ 418 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ 419 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ 420 ); 421 #endif 422 423 424 /* C_DecryptInit initializes a decryption operation. */ 425 CK_PKCS11_FUNCTION_INFO(C_DecryptInit) 426 #ifdef CK_NEED_ARG_LIST 427 ( 428 CK_SESSION_HANDLE hSession, /* the session's handle */ 429 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ 430 CK_OBJECT_HANDLE hKey /* handle of decryption key */ 431 ); 432 #endif 433 434 435 /* C_Decrypt decrypts encrypted data in a single part. */ 436 CK_PKCS11_FUNCTION_INFO(C_Decrypt) 437 #ifdef CK_NEED_ARG_LIST 438 ( 439 CK_SESSION_HANDLE hSession, /* session's handle */ 440 CK_BYTE_PTR pEncryptedData, /* ciphertext */ 441 CK_ULONG ulEncryptedDataLen, /* ciphertext length */ 442 CK_BYTE_PTR pData, /* gets plaintext */ 443 CK_ULONG_PTR pulDataLen /* gets p-text size */ 444 ); 445 #endif 446 447 448 /* C_DecryptUpdate continues a multiple-part decryption 449 * operation. */ 450 CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) 451 #ifdef CK_NEED_ARG_LIST 452 ( 453 CK_SESSION_HANDLE hSession, /* session's handle */ 454 CK_BYTE_PTR pEncryptedPart, /* encrypted data */ 455 CK_ULONG ulEncryptedPartLen, /* input length */ 456 CK_BYTE_PTR pPart, /* gets plaintext */ 457 CK_ULONG_PTR pulPartLen /* p-text size */ 458 ); 459 #endif 460 461 462 /* C_DecryptFinal finishes a multiple-part decryption 463 * operation. */ 464 CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) 465 #ifdef CK_NEED_ARG_LIST 466 ( 467 CK_SESSION_HANDLE hSession, /* the session's handle */ 468 CK_BYTE_PTR pLastPart, /* gets plaintext */ 469 CK_ULONG_PTR pulLastPartLen /* p-text size */ 470 ); 471 #endif 472 473 474 475 /* Message digesting */ 476 477 /* C_DigestInit initializes a message-digesting operation. */ 478 CK_PKCS11_FUNCTION_INFO(C_DigestInit) 479 #ifdef CK_NEED_ARG_LIST 480 ( 481 CK_SESSION_HANDLE hSession, /* the session's handle */ 482 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ 483 ); 484 #endif 485 486 487 /* C_Digest digests data in a single part. */ 488 CK_PKCS11_FUNCTION_INFO(C_Digest) 489 #ifdef CK_NEED_ARG_LIST 490 ( 491 CK_SESSION_HANDLE hSession, /* the session's handle */ 492 CK_BYTE_PTR pData, /* data to be digested */ 493 CK_ULONG ulDataLen, /* bytes of data to digest */ 494 CK_BYTE_PTR pDigest, /* gets the message digest */ 495 CK_ULONG_PTR pulDigestLen /* gets digest length */ 496 ); 497 #endif 498 499 500 /* C_DigestUpdate continues a multiple-part message-digesting 501 * operation. */ 502 CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) 503 #ifdef CK_NEED_ARG_LIST 504 ( 505 CK_SESSION_HANDLE hSession, /* the session's handle */ 506 CK_BYTE_PTR pPart, /* data to be digested */ 507 CK_ULONG ulPartLen /* bytes of data to be digested */ 508 ); 509 #endif 510 511 512 /* C_DigestKey continues a multi-part message-digesting 513 * operation, by digesting the value of a secret key as part of 514 * the data already digested. */ 515 CK_PKCS11_FUNCTION_INFO(C_DigestKey) 516 #ifdef CK_NEED_ARG_LIST 517 ( 518 CK_SESSION_HANDLE hSession, /* the session's handle */ 519 CK_OBJECT_HANDLE hKey /* secret key to digest */ 520 ); 521 #endif 522 523 524 /* C_DigestFinal finishes a multiple-part message-digesting 525 * operation. */ 526 CK_PKCS11_FUNCTION_INFO(C_DigestFinal) 527 #ifdef CK_NEED_ARG_LIST 528 ( 529 CK_SESSION_HANDLE hSession, /* the session's handle */ 530 CK_BYTE_PTR pDigest, /* gets the message digest */ 531 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ 532 ); 533 #endif 534 535 536 537 /* Signing and MACing */ 538 539 /* C_SignInit initializes a signature (private key encryption) 540 * operation, where the signature is (will be) an appendix to 541 * the data, and plaintext cannot be recovered from the 542 *signature. */ 543 CK_PKCS11_FUNCTION_INFO(C_SignInit) 544 #ifdef CK_NEED_ARG_LIST 545 ( 546 CK_SESSION_HANDLE hSession, /* the session's handle */ 547 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 548 CK_OBJECT_HANDLE hKey /* handle of signature key */ 549 ); 550 #endif 551 552 553 /* C_Sign signs (encrypts with private key) data in a single 554 * part, where the signature is (will be) an appendix to the 555 * data, and plaintext cannot be recovered from the signature. */ 556 CK_PKCS11_FUNCTION_INFO(C_Sign) 557 #ifdef CK_NEED_ARG_LIST 558 ( 559 CK_SESSION_HANDLE hSession, /* the session's handle */ 560 CK_BYTE_PTR pData, /* the data to sign */ 561 CK_ULONG ulDataLen, /* count of bytes to sign */ 562 CK_BYTE_PTR pSignature, /* gets the signature */ 563 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 564 ); 565 #endif 566 567 568 /* C_SignUpdate continues a multiple-part signature operation, 569 * where the signature is (will be) an appendix to the data, 570 * and plaintext cannot be recovered from the signature. */ 571 CK_PKCS11_FUNCTION_INFO(C_SignUpdate) 572 #ifdef CK_NEED_ARG_LIST 573 ( 574 CK_SESSION_HANDLE hSession, /* the session's handle */ 575 CK_BYTE_PTR pPart, /* the data to sign */ 576 CK_ULONG ulPartLen /* count of bytes to sign */ 577 ); 578 #endif 579 580 581 /* C_SignFinal finishes a multiple-part signature operation, 582 * returning the signature. */ 583 CK_PKCS11_FUNCTION_INFO(C_SignFinal) 584 #ifdef CK_NEED_ARG_LIST 585 ( 586 CK_SESSION_HANDLE hSession, /* the session's handle */ 587 CK_BYTE_PTR pSignature, /* gets the signature */ 588 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 589 ); 590 #endif 591 592 593 /* C_SignRecoverInit initializes a signature operation, where 594 * the data can be recovered from the signature. */ 595 CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) 596 #ifdef CK_NEED_ARG_LIST 597 ( 598 CK_SESSION_HANDLE hSession, /* the session's handle */ 599 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 600 CK_OBJECT_HANDLE hKey /* handle of the signature key */ 601 ); 602 #endif 603 604 605 /* C_SignRecover signs data in a single operation, where the 606 * data can be recovered from the signature. */ 607 CK_PKCS11_FUNCTION_INFO(C_SignRecover) 608 #ifdef CK_NEED_ARG_LIST 609 ( 610 CK_SESSION_HANDLE hSession, /* the session's handle */ 611 CK_BYTE_PTR pData, /* the data to sign */ 612 CK_ULONG ulDataLen, /* count of bytes to sign */ 613 CK_BYTE_PTR pSignature, /* gets the signature */ 614 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 615 ); 616 #endif 617 618 619 620 /* Verifying signatures and MACs */ 621 622 /* C_VerifyInit initializes a verification operation, where the 623 * signature is an appendix to the data, and plaintext cannot 624 * cannot be recovered from the signature (e.g. DSA). */ 625 CK_PKCS11_FUNCTION_INFO(C_VerifyInit) 626 #ifdef CK_NEED_ARG_LIST 627 ( 628 CK_SESSION_HANDLE hSession, /* the session's handle */ 629 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 630 CK_OBJECT_HANDLE hKey /* verification key */ 631 ); 632 #endif 633 634 635 /* C_Verify verifies a signature in a single-part operation, 636 * where the signature is an appendix to the data, and plaintext 637 * cannot be recovered from the signature. */ 638 CK_PKCS11_FUNCTION_INFO(C_Verify) 639 #ifdef CK_NEED_ARG_LIST 640 ( 641 CK_SESSION_HANDLE hSession, /* the session's handle */ 642 CK_BYTE_PTR pData, /* signed data */ 643 CK_ULONG ulDataLen, /* length of signed data */ 644 CK_BYTE_PTR pSignature, /* signature */ 645 CK_ULONG ulSignatureLen /* signature length*/ 646 ); 647 #endif 648 649 650 /* C_VerifyUpdate continues a multiple-part verification 651 * operation, where the signature is an appendix to the data, 652 * and plaintext cannot be recovered from the signature. */ 653 CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) 654 #ifdef CK_NEED_ARG_LIST 655 ( 656 CK_SESSION_HANDLE hSession, /* the session's handle */ 657 CK_BYTE_PTR pPart, /* signed data */ 658 CK_ULONG ulPartLen /* length of signed data */ 659 ); 660 #endif 661 662 663 /* C_VerifyFinal finishes a multiple-part verification 664 * operation, checking the signature. */ 665 CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) 666 #ifdef CK_NEED_ARG_LIST 667 ( 668 CK_SESSION_HANDLE hSession, /* the session's handle */ 669 CK_BYTE_PTR pSignature, /* signature to verify */ 670 CK_ULONG ulSignatureLen /* signature length */ 671 ); 672 #endif 673 674 675 /* C_VerifyRecoverInit initializes a signature verification 676 * operation, where the data is recovered from the signature. */ 677 CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) 678 #ifdef CK_NEED_ARG_LIST 679 ( 680 CK_SESSION_HANDLE hSession, /* the session's handle */ 681 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 682 CK_OBJECT_HANDLE hKey /* verification key */ 683 ); 684 #endif 685 686 687 /* C_VerifyRecover verifies a signature in a single-part 688 * operation, where the data is recovered from the signature. */ 689 CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) 690 #ifdef CK_NEED_ARG_LIST 691 ( 692 CK_SESSION_HANDLE hSession, /* the session's handle */ 693 CK_BYTE_PTR pSignature, /* signature to verify */ 694 CK_ULONG ulSignatureLen, /* signature length */ 695 CK_BYTE_PTR pData, /* gets signed data */ 696 CK_ULONG_PTR pulDataLen /* gets signed data len */ 697 ); 698 #endif 699 700 701 702 /* Dual-function cryptographic operations */ 703 704 /* C_DigestEncryptUpdate continues a multiple-part digesting 705 * and encryption operation. */ 706 CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) 707 #ifdef CK_NEED_ARG_LIST 708 ( 709 CK_SESSION_HANDLE hSession, /* session's handle */ 710 CK_BYTE_PTR pPart, /* the plaintext data */ 711 CK_ULONG ulPartLen, /* plaintext length */ 712 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 713 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 714 ); 715 #endif 716 717 718 /* C_DecryptDigestUpdate continues a multiple-part decryption and 719 * digesting operation. */ 720 CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) 721 #ifdef CK_NEED_ARG_LIST 722 ( 723 CK_SESSION_HANDLE hSession, /* session's handle */ 724 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 725 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 726 CK_BYTE_PTR pPart, /* gets plaintext */ 727 CK_ULONG_PTR pulPartLen /* gets plaintext len */ 728 ); 729 #endif 730 731 732 /* C_SignEncryptUpdate continues a multiple-part signing and 733 * encryption operation. */ 734 CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) 735 #ifdef CK_NEED_ARG_LIST 736 ( 737 CK_SESSION_HANDLE hSession, /* session's handle */ 738 CK_BYTE_PTR pPart, /* the plaintext data */ 739 CK_ULONG ulPartLen, /* plaintext length */ 740 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 741 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 742 ); 743 #endif 744 745 746 /* C_DecryptVerifyUpdate continues a multiple-part decryption and 747 * verify operation. */ 748 CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) 749 #ifdef CK_NEED_ARG_LIST 750 ( 751 CK_SESSION_HANDLE hSession, /* session's handle */ 752 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 753 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 754 CK_BYTE_PTR pPart, /* gets plaintext */ 755 CK_ULONG_PTR pulPartLen /* gets p-text length */ 756 ); 757 #endif 758 759 760 761 /* Key management */ 762 763 /* C_GenerateKey generates a secret key, creating a new key 764 * object. */ 765 CK_PKCS11_FUNCTION_INFO(C_GenerateKey) 766 #ifdef CK_NEED_ARG_LIST 767 ( 768 CK_SESSION_HANDLE hSession, /* the session's handle */ 769 CK_MECHANISM_PTR pMechanism, /* key generation mech. */ 770 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ 771 CK_ULONG ulCount, /* # of attrs in template */ 772 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ 773 ); 774 #endif 775 776 777 /* C_GenerateKeyPair generates a public-key/private-key pair, 778 * creating new key objects. */ 779 CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) 780 #ifdef CK_NEED_ARG_LIST 781 ( 782 CK_SESSION_HANDLE hSession, /* session 783 * handle */ 784 CK_MECHANISM_PTR pMechanism, /* key-gen 785 * mech. */ 786 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template 787 * for pub. 788 * key */ 789 CK_ULONG ulPublicKeyAttributeCount, /* # pub. 790 * attrs. */ 791 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template 792 * for priv. 793 * key */ 794 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. 795 * attrs. */ 796 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. 797 * key 798 * handle */ 799 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets 800 * priv. key 801 * handle */ 802 ); 803 #endif 804 805 806 /* C_WrapKey wraps (i.e., encrypts) a key. */ 807 CK_PKCS11_FUNCTION_INFO(C_WrapKey) 808 #ifdef CK_NEED_ARG_LIST 809 ( 810 CK_SESSION_HANDLE hSession, /* the session's handle */ 811 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ 812 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ 813 CK_OBJECT_HANDLE hKey, /* key to be wrapped */ 814 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ 815 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ 816 ); 817 #endif 818 819 820 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 821 * key object. */ 822 CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) 823 #ifdef CK_NEED_ARG_LIST 824 ( 825 CK_SESSION_HANDLE hSession, /* session's handle */ 826 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ 827 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ 828 CK_BYTE_PTR pWrappedKey, /* the wrapped key */ 829 CK_ULONG ulWrappedKeyLen, /* wrapped key len */ 830 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 831 CK_ULONG ulAttributeCount, /* template length */ 832 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 833 ); 834 #endif 835 836 837 /* C_DeriveKey derives a key from a base key, creating a new key 838 * object. */ 839 CK_PKCS11_FUNCTION_INFO(C_DeriveKey) 840 #ifdef CK_NEED_ARG_LIST 841 ( 842 CK_SESSION_HANDLE hSession, /* session's handle */ 843 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ 844 CK_OBJECT_HANDLE hBaseKey, /* base key */ 845 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 846 CK_ULONG ulAttributeCount, /* template length */ 847 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 848 ); 849 #endif 850 851 852 853 /* Random number generation */ 854 855 /* C_SeedRandom mixes additional seed material into the token's 856 * random number generator. */ 857 CK_PKCS11_FUNCTION_INFO(C_SeedRandom) 858 #ifdef CK_NEED_ARG_LIST 859 ( 860 CK_SESSION_HANDLE hSession, /* the session's handle */ 861 CK_BYTE_PTR pSeed, /* the seed material */ 862 CK_ULONG ulSeedLen /* length of seed material */ 863 ); 864 #endif 865 866 867 /* C_GenerateRandom generates random data. */ 868 CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) 869 #ifdef CK_NEED_ARG_LIST 870 ( 871 CK_SESSION_HANDLE hSession, /* the session's handle */ 872 CK_BYTE_PTR RandomData, /* receives the random data */ 873 CK_ULONG ulRandomLen /* # of bytes to generate */ 874 ); 875 #endif 876 877 878 879 /* Parallel function management */ 880 881 /* C_GetFunctionStatus is a legacy function; it obtains an 882 * updated status of a function running in parallel with an 883 * application. */ 884 CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) 885 #ifdef CK_NEED_ARG_LIST 886 ( 887 CK_SESSION_HANDLE hSession /* the session's handle */ 888 ); 889 #endif 890 891 892 /* C_CancelFunction is a legacy function; it cancels a function 893 * running in parallel. */ 894 CK_PKCS11_FUNCTION_INFO(C_CancelFunction) 895 #ifdef CK_NEED_ARG_LIST 896 ( 897 CK_SESSION_HANDLE hSession /* the session's handle */ 898 ); 899 #endif 900 901 902 903 /* Functions added in for Cryptoki Version 2.01 or later */ 904 905 /* C_WaitForSlotEvent waits for a slot event (token insertion, 906 * removal, etc.) to occur. */ 907 CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) 908 #ifdef CK_NEED_ARG_LIST 909 ( 910 CK_FLAGS flags, /* blocking/nonblocking flag */ 911 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ 912 CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ 913 ); 914 #endif 915