Overview
| Comment: | Added CACKey project |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | 5f05cafcb7e6d334aab6342cde578362ab03860d |
| User & Date: | rkeene on 2010-05-04 18:05:37 |
| Other Links: | manifest | tags |
Context
|
2010-05-04
| ||
| 18:30 |
Added checks for PCSC Header
Updated ignores check-in: 8a2230f927 user: rkeene tags: trunk | |
| 18:05 | Added CACKey project check-in: 5f05cafcb7 user: rkeene tags: trunk | |
| 18:05 | initial empty check-in check-in: 4227550970 user: rkeene tags: trunk | |
Changes
Added Makefile.in version [3fb5f04961].
1 +CC = @PTHREAD_CC@ 2 +CFLAGS = @CFLAGS@ @PTHREAD_CFLAGS@ 3 +DEBUGCFLAGS = @CFLAGS@ @PTHREAD_CFLAGS@ 4 +CPPFLAGS = @CPPFLAGS@ @DEFS@ -I./pkcs11/ 5 +DEBUGCPPFLAGS = @CPPFLAGS@ @DEFS@ 6 +LDFLAGS = @LDFLAGS@ 7 +LIBS = @LIBS@ @PTHREAD_LIBS@ 8 +SHOBJFLAGS = @SHOBJFLAGS@ 9 +SHOBJLDFLAGS = @SHOBJLDFLAGS@ 10 +AR = @AR@ 11 +RANLIB = @RANLIB@ 12 +prefix = @prefix@ 13 +exec_prefix = @exec_prefix@ 14 +libdir = @libdir@ 15 +@SET_MAKE@ 16 + 17 +all: cackey.@SHOBJEXT@ 18 + 19 +cackey.o: cackey.c 20 + $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) -o cackey.o -c cackey.c 21 + 22 +cackey.@SHOBJEXT@: cackey.o 23 + $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o cackey.@SHOBJEXT@ cackey.o $(LIBS) 24 + 25 +install: cackey.@SHOBJEXT@ 26 + -mkdir "$(DESTDIR)$(libdir)" 27 + cp cackey.@SHOBJEXT@ "$(DESTDIR)$(libdir)/" 28 + 29 +clean: 30 + rm -f cackey.@SHOBJEXT@ 31 + rm -f cackey.o 32 + 33 +distclean: clean 34 + rm -f config.log config.status config.h Makefile 35 + 36 +mrproper: distclean 37 + rm -f configure config.h.in aclocal.m4 *~ 38 + 39 +.PHONY: all clean distclean mrproper install
Added aclocal/Makefile version [d2222baa13].
1 +../aclocal.m4: acx_pthread.m4 dc_shobjs.m4 2 + cat $^ > "$@"
Added aclocal/acx_pthread.m4 version [02cd4dedfa].
1 +dnl Available from the GNU Autoconf Macro Archive at: 2 +dnl http://www.gnu.org/software/ac-archive/htmldoc/acx_pthread.html 3 +dnl 4 +AC_DEFUN([ACX_PTHREAD], [ 5 +AC_REQUIRE([AC_CANONICAL_HOST]) 6 +AC_LANG_SAVE 7 +AC_LANG_C 8 +acx_pthread_ok=no 9 + 10 +# We used to check for pthread.h first, but this fails if pthread.h 11 +# requires special compiler flags (e.g. on True64 or Sequent). 12 +# It gets checked for in the link test anyway. 13 + 14 +# First of all, check if the user has set any of the PTHREAD_LIBS, 15 +# etcetera environment variables, and if threads linking works using 16 +# them: 17 +if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then 18 + save_CFLAGS="$CFLAGS" 19 + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" 20 + save_LIBS="$LIBS" 21 + LIBS="$PTHREAD_LIBS $LIBS" 22 + AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS]) 23 + AC_TRY_LINK_FUNC(pthread_join, acx_pthread_ok=yes) 24 + AC_MSG_RESULT($acx_pthread_ok) 25 + if test x"$acx_pthread_ok" = xno; then 26 + PTHREAD_LIBS="" 27 + PTHREAD_CFLAGS="" 28 + fi 29 + LIBS="$save_LIBS" 30 + CFLAGS="$save_CFLAGS" 31 +fi 32 + 33 +# We must check for the threads library under a number of different 34 +# names; the ordering is very important because some systems 35 +# (e.g. DEC) have both -lpthread and -lpthreads, where one of the 36 +# libraries is broken (non-POSIX). 37 + 38 +# Create a list of thread flags to try. Items starting with a "-" are 39 +# C compiler flags, and other items are library names, except for "none" 40 +# which indicates that we try without any flags at all. 41 + 42 +acx_pthread_flags="pthreads none -Kthread -kthread lthread pthread -pthread -pthreads -mthreads --thread-safe -mt" 43 + 44 +# The ordering *is* (sometimes) important. Some notes on the 45 +# individual items follow: 46 + 47 +# pthreads: AIX (must check this before -lpthread) 48 +# none: in case threads are in libc; should be tried before -Kthread and 49 +# other compiler flags to prevent continual compiler warnings 50 +# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) 51 +# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) 52 +# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) 53 +# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) 54 +# -pthreads: Solaris/gcc 55 +# -mthreads: Mingw32/gcc, Lynx/gcc 56 +# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it 57 +# doesn't hurt to check since this sometimes defines pthreads too; 58 +# also defines -D_REENTRANT) 59 +# pthread: Linux, etcetera 60 +# --thread-safe: KAI C++ 61 + 62 +case "${host_cpu}-${host_os}" in 63 + *solaris*) 64 + 65 + # On Solaris (at least, for some versions), libc contains stubbed 66 + # (non-functional) versions of the pthreads routines, so link-based 67 + # tests will erroneously succeed. (We need to link with -pthread or 68 + # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather 69 + # a function called by this macro, so we could check for that, but 70 + # who knows whether they'll stub that too in a future libc.) So, 71 + # we'll just look for -pthreads and -lpthread first: 72 + 73 + acx_pthread_flags="-pthread -pthreads pthread -mt $acx_pthread_flags" 74 + ;; 75 +esac 76 + 77 +if test x"$acx_pthread_ok" = xno; then 78 +for flag in $acx_pthread_flags; do 79 + 80 + case $flag in 81 + none) 82 + AC_MSG_CHECKING([whether pthreads work without any flags]) 83 + ;; 84 + 85 + -*) 86 + AC_MSG_CHECKING([whether pthreads work with $flag]) 87 + PTHREAD_CFLAGS="$flag" 88 + ;; 89 + 90 + *) 91 + AC_MSG_CHECKING([for the pthreads library -l$flag]) 92 + PTHREAD_LIBS="-l$flag" 93 + ;; 94 + esac 95 + 96 + save_LIBS="$LIBS" 97 + save_CFLAGS="$CFLAGS" 98 + LIBS="$PTHREAD_LIBS $LIBS" 99 + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" 100 + 101 + # Check for various functions. We must include pthread.h, 102 + # since some functions may be macros. (On the Sequent, we 103 + # need a special flag -Kthread to make this header compile.) 104 + # We check for pthread_join because it is in -lpthread on IRIX 105 + # while pthread_create is in libc. We check for pthread_attr_init 106 + # due to DEC craziness with -lpthreads. We check for 107 + # pthread_cleanup_push because it is one of the few pthread 108 + # functions on Solaris that doesn't have a non-functional libc stub. 109 + # We try pthread_create on general principles. 110 + AC_TRY_LINK([#include <pthread.h>], 111 + [pthread_t th; pthread_join(th, 0); 112 + pthread_attr_init(0); pthread_cleanup_push(0, 0); 113 + pthread_create(0,0,0,0); pthread_cleanup_pop(0); ], 114 + [acx_pthread_ok=yes]) 115 + 116 + LIBS="$save_LIBS" 117 + CFLAGS="$save_CFLAGS" 118 + 119 + AC_MSG_RESULT($acx_pthread_ok) 120 + if test "x$acx_pthread_ok" = xyes; then 121 + break; 122 + fi 123 + 124 + PTHREAD_LIBS="" 125 + PTHREAD_CFLAGS="" 126 +done 127 +fi 128 + 129 +# Various other checks: 130 +if test "x$acx_pthread_ok" = xyes; then 131 + save_LIBS="$LIBS" 132 + LIBS="$PTHREAD_LIBS $LIBS" 133 + save_CFLAGS="$CFLAGS" 134 + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" 135 + 136 + # Detect AIX lossage: threads are created detached by default 137 + # and the JOINABLE attribute has a nonstandard name (UNDETACHED). 138 + AC_MSG_CHECKING([for joinable pthread attribute]) 139 + AC_TRY_LINK([#include <pthread.h>], 140 + [int attr=PTHREAD_CREATE_JOINABLE;], 141 + ok=PTHREAD_CREATE_JOINABLE, ok=unknown) 142 + if test x"$ok" = xunknown; then 143 + AC_TRY_LINK([#include <pthread.h>], 144 + [int attr=PTHREAD_CREATE_UNDETACHED;], 145 + ok=PTHREAD_CREATE_UNDETACHED, ok=unknown) 146 + fi 147 + if test x"$ok" != xPTHREAD_CREATE_JOINABLE; then 148 + AC_DEFINE(PTHREAD_CREATE_JOINABLE, $ok, 149 + [Define to the necessary symbol if this constant 150 + uses a non-standard name on your system.]) 151 + fi 152 + AC_MSG_RESULT(${ok}) 153 + if test x"$ok" = xunknown; then 154 + AC_MSG_WARN([we do not know how to create joinable pthreads]) 155 + fi 156 + 157 + AC_MSG_CHECKING([if more special flags are required for pthreads]) 158 + flag=no 159 + case "${host_cpu}-${host_os}" in 160 + *-aix* | *-freebsd*) flag="-D_THREAD_SAFE";; 161 + *solaris* | *-osf* | *-hpux*) flag="-D_REENTRANT";; 162 + esac 163 + AC_MSG_RESULT(${flag}) 164 + if test "x$flag" != xno; then 165 + PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" 166 + fi 167 + 168 + LIBS="$save_LIBS" 169 + CFLAGS="$save_CFLAGS" 170 + 171 + # More AIX lossage: must compile with cc_r 172 + AC_CHECK_PROG(PTHREAD_CC, cc_r, cc_r, ${CC}) 173 +else 174 + PTHREAD_CC="$CC" 175 +fi 176 + 177 +AC_SUBST(PTHREAD_LIBS) 178 +AC_SUBST(PTHREAD_CFLAGS) 179 +AC_SUBST(PTHREAD_CC) 180 + 181 +# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: 182 +if test x"$acx_pthread_ok" = xyes; then 183 + ifelse([$1],,AC_DEFINE(HAVE_PTHREAD,1,[Define if you have POSIX threads libraries and header files.]),[$1]) 184 + : 185 +else 186 + acx_pthread_ok=no 187 + $2 188 +fi 189 +AC_LANG_RESTORE 190 +])dnl ACX_PTHREAD
Added aclocal/dc_shobjs.m4 version [058e702ce1].
1 +dnl Usage: 2 +dnl DC_TEST_SHOBJFLAGS(shobjflags, shobjldflags, action-if-not-found) 3 +dnl 4 +AC_DEFUN(DC_TEST_SHOBJFLAGS, [ 5 + AC_SUBST(SHOBJFLAGS) 6 + AC_SUBST(SHOBJLDFLAGS) 7 + 8 + OLD_LDFLAGS="$LDFLAGS" 9 + SHOBJFLAGS="" 10 + 11 + LDFLAGS="$OLD_LDFLAGS $1 $2" 12 + 13 + AC_TRY_LINK([#include <stdio.h> 14 +int unrestst(void);], [ printf("okay\n"); unrestst(); return(0); ], [ SHOBJFLAGS="$1"; SHOBJLDFLAGS="$2" ], [ 15 + LDFLAGS="$OLD_LDFLAGS" 16 + $3 17 + ]) 18 + 19 + LDFLAGS="$OLD_LDFLAGS" 20 +]) 21 + 22 +AC_DEFUN(DC_GET_SHOBJFLAGS, [ 23 + AC_SUBST(SHOBJFLAGS) 24 + AC_SUBST(SHOBJLDFLAGS) 25 + 26 + AC_MSG_CHECKING(how to create shared objects) 27 + 28 + if test -z "$SHOBJFLAGS" -a -z "$SHOBJLDFLAGS"; then 29 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -rdynamic], [ 30 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared], [ 31 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -rdynamic -mimpure-text], [ 32 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -mimpure-text], [ 33 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -rdynamic -Wl,-G,-z,textoff], [ 34 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -Wl,-G,-z,textoff], [ 35 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -dynamiclib -flat_namespace -undefined suppress -bind_at_load], [ 36 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-dynamiclib -flat_namespace -undefined suppress -bind_at_load], [ 37 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-Wl,-dynamiclib -Wl,-flat_namespace -Wl,-undefined,suppress -Wl,-bind_at_load], [ 38 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-dynamiclib -flat_namespace -undefined suppress], [ 39 + DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-dynamiclib], [ 40 + AC_MSG_RESULT(cant) 41 + AC_MSG_ERROR([We are unable to make shared objects.]) 42 + ]) 43 + ]) 44 + ]) 45 + ]) 46 + ]) 47 + ]) 48 + ]) 49 + ]) 50 + ]) 51 + ]) 52 + ]) 53 + fi 54 + 55 + AC_MSG_RESULT($SHOBJLDFLAGS $SHOBJFLAGS) 56 + 57 + DC_SYNC_SHLIBOBJS 58 +]) 59 + 60 +AC_DEFUN(DC_SYNC_SHLIBOBJS, [ 61 + AC_SUBST(SHLIBOBJS) 62 + SHLIBOBJS="" 63 + for obj in $LIB@&t@OBJS; do 64 + SHLIBOBJS="$SHLIBOBJS `echo $obj | sed 's/\.o$/_shr.o/g'`" 65 + done 66 +]) 67 + 68 +AC_DEFUN(DC_SYNC_RPATH, [ 69 + OLD_LDFLAGS="$LDFLAGS" 70 + 71 + for tryrpath in "-Wl,-rpath" "-Wl,--rpath" "-Wl,-R"; do 72 + LDFLAGS="$OLD_LDFLAGS $tryrpath -Wl,/tmp" 73 + AC_LINK_IFELSE(AC_LANG_PROGRAM([], [ return(0); ]), [ 74 + rpathldflags="$tryrpath" 75 + break 76 + ]) 77 + done 78 + unset tryrpath 79 + 80 + LDFLAGS="$OLD_LDFLAGS" 81 + unset OLD_LDFLAGS 82 + 83 + ADDLDFLAGS="" 84 + for opt in $LDFLAGS; do 85 + if echo "$opt" | grep '^-L' >/dev/null; then 86 + rpathdir=`echo "$opt" | sed 's@^-L *@@'` 87 + ADDLDFLAGS="$ADDLDFLAGS $rpathldflags -Wl,$rpathdir" 88 + fi 89 + done 90 + unset opt rpathldflags 91 + 92 + LDFLAGS="$LDFLAGS $ADDLDFLAGS" 93 + 94 + unset ADDLDFLAGS 95 +]) 96 + 97 +AC_DEFUN(DC_CHK_OS_INFO, [ 98 + AC_CANONICAL_HOST 99 + AC_SUBST(SHOBJEXT) 100 + AC_SUBST(SHOBJFLAGS) 101 + AC_SUBST(SHOBJLDFLAGS) 102 + AC_SUBST(CFLAGS) 103 + AC_SUBST(CPPFLAGS) 104 + AC_SUBST(AREXT) 105 + 106 + AC_MSG_CHECKING(host operating system) 107 + AC_MSG_RESULT($host_os) 108 + 109 + SHOBJEXT="so" 110 + AREXT="a" 111 + 112 + case $host_os in 113 + darwin*) 114 + SHOBJEXT="dylib" 115 + ;; 116 + hpux*) 117 + SHOBJEXT="sl" 118 + ;; 119 + mingw32msvc*) 120 + SHOBJEXT="dll" 121 + SHOBJFLAGS="-DPIC" 122 + CFLAGS="$CFLAGS -mno-cygwin -mms-bitfields" 123 + CPPFLAGS="$CPPFLAGS -mno-cygwin -mms-bitfields" 124 + SHOBJLDFLAGS='-shared -Wl,--dll -Wl,--enable-auto-image-base -Wl,--output-def,$[@].def,--out-implib,$[@].a' 125 + ;; 126 + cygwin*) 127 + SHOBJEXT="dll" 128 + SHOBJFLAGS="-fPIC -DPIC" 129 + CFLAGS="$CFLAGS -mms-bitfields" 130 + CPPFLAGS="$CPPFLAGS -mms-bitfields" 131 + SHOBJLDFLAGS='-shared -Wl,--enable-auto-image-base -Wl,--output-def,$[@].def,--out-implib,$[@].a' 132 + ;; 133 + esac 134 +])
Added autogen.sh version [0fece0ea10].
1 +#! /bin/sh 2 + 3 +rm -f aclocal.m4 4 + 5 +make -C aclocal 6 +autoconf; autoheader 7 + 8 +rm -rf autom4te.cache/
Added cackey.c version [5d2cb9e273].
1 +#ifdef HAVE_PCSCLITE_H 2 +#include <pcsclite.h> 3 +#endif
Added configure.ac version [d3c01ad0d4].
1 +AC_INIT(cackey, 0.0.1) 2 +AC_CONFIG_HEADERS(config.h) 3 + 4 +dnl Locate standard tools 5 +AC_PROG_CC 6 +AC_PROG_MAKE_SET 7 +AC_PROG_INSTALL 8 +AC_AIX 9 + 10 +dnl Determine this platform 11 +DC_CHK_OS_INFO 12 + 13 +dnl Determine how to create shared objects on this platform 14 +DC_GET_SHOBJFLAGS 15 + 16 +ACX_PTHREAD(, [ 17 + AC_WARN([Can't figure out how to compile with pthreads support, run-time will likely fail.]) 18 +]) 19 + 20 +dnl Determine how to create static archives on this platform 21 +AC_CHECK_TOOL(AR, ar) 22 +AC_CHECK_TOOL(RANLIB, ranlib) 23 + 24 +dnl Check for all required headers 25 +AC_CHECK_HEADERS(arpa/inet.h inttypes.h stdarg.h stdint.h stdio.h stdlib.h string.h sys/socket.h sys/types.h sys/un.h unistd.h pthread.h,,[ 26 + AC_WARN([Required header missing, compilation will likely fail.]) 27 +], [ 28 +#ifdef HAVE_ARPA_INET_H 29 +# include <arpa/inet.h> 30 +#endif 31 +#ifdef HAVE_INTTYPES_H 32 +# include <inttypes.h> 33 +#endif 34 +#ifdef HAVE_STDARG_H 35 +# include <stdarg.h> 36 +#endif 37 +#ifdef HAVE_STDINT_H 38 +# include <stdint.h> 39 +#endif 40 +#ifdef HAVE_STDIO_H 41 +# include <stdio.h> 42 +#endif 43 +#ifdef HAVE_STDLIB_H 44 +# include <stdlib.h> 45 +#endif 46 +#ifdef HAVE_STRING_H 47 +# include <string.h> 48 +#endif 49 +#ifdef HAVE_SYS_SOCKET_H 50 +# include <sys/socket.h> 51 +#endif 52 +#ifdef HAVE_SYS_TYPES_H 53 +# include <sys/types.h> 54 +#endif 55 +#ifdef HAVE_SYS_UN_H 56 +# include <sys/un.h> 57 +#endif 58 +#ifdef HAVE_UNISTD_H 59 +# include <unistd.h> 60 +#endif 61 +#ifdef HAVE_PTHREAD_H 62 +# include <pthread.h> 63 +#endif 64 +]) 65 + 66 +dnl Upate LDFLAGS to include setting the run-time linker path to the same as our compile-time linker 67 +DC_SYNC_RPATH 68 + 69 +dnl If we updated LIBOBJS, update SHLIBOBJS -- must be last. 70 +DC_SYNC_SHLIBOBJS 71 + 72 +dnl Produce Makefile 73 +AC_OUTPUT(Makefile)
Added pkcs11/mypkcs11.h version [c7b295b688].
1 +/* ***** BEGIN COPYRIGHT BLOCK ***** 2 + * Copyright (C) 2005 Red Hat, Inc. 3 + * All rights reserved. 4 + * 5 + * This library is free software; you can redistribute it and/or 6 + * modify it under the terms of the GNU Lesser General Public 7 + * License as published by the Free Software Foundation version 8 + * 2.1 of the License. 9 + * 10 + * This library is distributed in the hope that it will be useful, 11 + * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13 + * Lesser General Public License for more details. 14 + * 15 + * You should have received a copy of the GNU Lesser General Public 16 + * License along with this library; if not, write to the Free Software 17 + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 + * ***** END COPYRIGHT BLOCK *****/ 19 + 20 +#ifndef COOLKEY_MYPKCS11_H 21 +#define COOLKEY_MYPKCS11_H 22 + 23 +#if defined(_WIN32) 24 +#define CK_PTR * 25 +#define CK_DECLARE_FUNCTION(rv,func) rv __declspec(dllexport) func 26 +#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (* func) 27 +#define CK_CALLBACK_FUNCTION(rv,func) rv (* func) 28 +#define CK_NULL_PTR 0 29 +#else 30 +#define CK_PTR * 31 +#define CK_DECLARE_FUNCTION(rv,func) rv func 32 +#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (* func) 33 +#define CK_CALLBACK_FUNCTION(rv,func) rv (* func) 34 +#define CK_NULL_PTR 0 35 +#endif 36 + 37 +#if defined(_WIN32) 38 +#pragma warning(disable:4103) 39 +#pragma pack(push, cryptoki, 1) 40 +#endif 41 + 42 +#include "pkcs11.h" 43 + 44 +#include "pkcs11n.h" 45 + 46 +#if defined (_WIN32) 47 +#pragma warning(disable:4103) 48 +#pragma pack(pop, cryptoki) 49 +#endif 50 + 51 + 52 +#endif
Added pkcs11/pkcs11.h version [67c147948d].
1 +/* ***** BEGIN COPYRIGHT BLOCK ***** 2 + * Copyright (C) 2005 Red Hat, Inc. 3 + * All rights reserved. 4 + * 5 + * This library is free software; you can redistribute it and/or 6 + * modify it under the terms of the GNU Lesser General Public 7 + * License as published by the Free Software Foundation version 8 + * 2.1 of the License. 9 + * 10 + * This library is distributed in the hope that it will be useful, 11 + * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13 + * Lesser General Public License for more details. 14 + * 15 + * You should have received a copy of the GNU Lesser General Public 16 + * License along with this library; if not, write to the Free Software 17 + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 + * ***** END COPYRIGHT BLOCK *****/ 19 + 20 +/* pkcs11.h include file for PKCS #11. 2001 June 25 */ 21 + 22 +#ifndef _PKCS11_H_ 23 +#define _PKCS11_H_ 1 24 + 25 +#ifdef __cplusplus 26 +extern "C" { 27 +#endif 28 + 29 +/* Before including this file (pkcs11.h) (or pkcs11t.h by 30 + * itself), 6 platform-specific macros must be defined. These 31 + * macros are described below, and typical definitions for them 32 + * are also given. Be advised that these definitions can depend 33 + * on both the platform and the compiler used (and possibly also 34 + * on whether a Cryptoki library is linked statically or 35 + * dynamically). 36 + * 37 + * In addition to defining these 6 macros, the packing convention 38 + * for Cryptoki structures should be set. The Cryptoki 39 + * convention on packing is that structures should be 1-byte 40 + * aligned. 41 + * 42 + * If you're using Microsoft Developer Studio 5.0 to produce 43 + * Win32 stuff, this might be done by using the following 44 + * preprocessor directive before including pkcs11.h or pkcs11t.h: 45 + * 46 + * #pragma pack(push, cryptoki, 1) 47 + * 48 + * and using the following preprocessor directive after including 49 + * pkcs11.h or pkcs11t.h: 50 + * 51 + * #pragma pack(pop, cryptoki) 52 + * 53 + * If you're using an earlier version of Microsoft Developer 54 + * Studio to produce Win16 stuff, this might be done by using 55 + * the following preprocessor directive before including 56 + * pkcs11.h or pkcs11t.h: 57 + * 58 + * #pragma pack(1) 59 + * 60 + * In a UNIX environment, you're on your own for this. You might 61 + * not need to do (or be able to do!) anything. 62 + * 63 + * 64 + * Now for the macros: 65 + * 66 + * 67 + * 1. CK_PTR: The indirection string for making a pointer to an 68 + * object. It can be used like this: 69 + * 70 + * typedef CK_BYTE CK_PTR CK_BYTE_PTR; 71 + * 72 + * If you're using Microsoft Developer Studio 5.0 to produce 73 + * Win32 stuff, it might be defined by: 74 + * 75 + * #define CK_PTR * 76 + * 77 + * If you're using an earlier version of Microsoft Developer 78 + * Studio to produce Win16 stuff, it might be defined by: 79 + * 80 + * #define CK_PTR far * 81 + * 82 + * In a typical UNIX environment, it might be defined by: 83 + * 84 + * #define CK_PTR * 85 + * 86 + * 87 + * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes 88 + * an exportable Cryptoki library function definition out of a 89 + * return type and a function name. It should be used in the 90 + * following fashion to define the exposed Cryptoki functions in 91 + * a Cryptoki library: 92 + * 93 + * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)( 94 + * CK_VOID_PTR pReserved 95 + * ) 96 + * { 97 + * ... 98 + * } 99 + * 100 + * If you're using Microsoft Developer Studio 5.0 to define a 101 + * function in a Win32 Cryptoki .dll, it might be defined by: 102 + * 103 + * #define CK_DEFINE_FUNCTION(returnType, name) \ 104 + * returnType __declspec(dllexport) name 105 + * 106 + * If you're using an earlier version of Microsoft Developer 107 + * Studio to define a function in a Win16 Cryptoki .dll, it 108 + * might be defined by: 109 + * 110 + * #define CK_DEFINE_FUNCTION(returnType, name) \ 111 + * returnType __export _far _pascal name 112 + * 113 + * In a UNIX environment, it might be defined by: 114 + * 115 + * #define CK_DEFINE_FUNCTION(returnType, name) \ 116 + * returnType name 117 + * 118 + * 119 + * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes 120 + * an importable Cryptoki library function declaration out of a 121 + * return type and a function name. It should be used in the 122 + * following fashion: 123 + * 124 + * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)( 125 + * CK_VOID_PTR pReserved 126 + * ); 127 + * 128 + * If you're using Microsoft Developer Studio 5.0 to declare a 129 + * function in a Win32 Cryptoki .dll, it might be defined by: 130 + * 131 + * #define CK_DECLARE_FUNCTION(returnType, name) \ 132 + * returnType __declspec(dllimport) name 133 + * 134 + * If you're using an earlier version of Microsoft Developer 135 + * Studio to declare a function in a Win16 Cryptoki .dll, it 136 + * might be defined by: 137 + * 138 + * #define CK_DECLARE_FUNCTION(returnType, name) \ 139 + * returnType __export _far _pascal name 140 + * 141 + * In a UNIX environment, it might be defined by: 142 + * 143 + * #define CK_DECLARE_FUNCTION(returnType, name) \ 144 + * returnType name 145 + * 146 + * 147 + * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro 148 + * which makes a Cryptoki API function pointer declaration or 149 + * function pointer type declaration out of a return type and a 150 + * function name. It should be used in the following fashion: 151 + * 152 + * // Define funcPtr to be a pointer to a Cryptoki API function 153 + * // taking arguments args and returning CK_RV. 154 + * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args); 155 + * 156 + * or 157 + * 158 + * // Define funcPtrType to be the type of a pointer to a 159 + * // Cryptoki API function taking arguments args and returning 160 + * // CK_RV, and then define funcPtr to be a variable of type 161 + * // funcPtrType. 162 + * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args); 163 + * funcPtrType funcPtr; 164 + * 165 + * If you're using Microsoft Developer Studio 5.0 to access 166 + * functions in a Win32 Cryptoki .dll, in might be defined by: 167 + * 168 + * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ 169 + * returnType __declspec(dllimport) (* name) 170 + * 171 + * If you're using an earlier version of Microsoft Developer 172 + * Studio to access functions in a Win16 Cryptoki .dll, it might 173 + * be defined by: 174 + * 175 + * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ 176 + * returnType __export _far _pascal (* name) 177 + * 178 + * In a UNIX environment, it might be defined by: 179 + * 180 + * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ 181 + * returnType (* name) 182 + * 183 + * 184 + * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes 185 + * a function pointer type for an application callback out of 186 + * a return type for the callback and a name for the callback. 187 + * It should be used in the following fashion: 188 + * 189 + * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args); 190 + * 191 + * to declare a function pointer, myCallback, to a callback 192 + * which takes arguments args and returns a CK_RV. It can also 193 + * be used like this: 194 + * 195 + * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args); 196 + * myCallbackType myCallback; 197 + * 198 + * If you're using Microsoft Developer Studio 5.0 to do Win32 199 + * Cryptoki development, it might be defined by: 200 + * 201 + * #define CK_CALLBACK_FUNCTION(returnType, name) \ 202 + * returnType (* name) 203 + * 204 + * If you're using an earlier version of Microsoft Developer 205 + * Studio to do Win16 development, it might be defined by: 206 + * 207 + * #define CK_CALLBACK_FUNCTION(returnType, name) \ 208 + * returnType _far _pascal (* name) 209 + * 210 + * In a UNIX environment, it might be defined by: 211 + * 212 + * #define CK_CALLBACK_FUNCTION(returnType, name) \ 213 + * returnType (* name) 214 + * 215 + * 216 + * 6. NULL_PTR: This macro is the value of a NULL pointer. 217 + * 218 + * In any ANSI/ISO C environment (and in many others as well), 219 + * this should best be defined by 220 + * 221 + * #ifndef NULL_PTR 222 + * #define NULL_PTR 0 223 + * #endif 224 + */ 225 + 226 + 227 +/* All the various Cryptoki types and #define'd values are in the 228 + * file pkcs11t.h. */ 229 +#include "pkcs11t.h" 230 + 231 +#define __PASTE(x,y) x##y 232 + 233 + 234 +/* ============================================================== 235 + * Define the "extern" form of all the entry points. 236 + * ============================================================== 237 + */ 238 + 239 +#define CK_NEED_ARG_LIST 1 240 +#define CK_PKCS11_FUNCTION_INFO(name) \ 241 + CK_DECLARE_FUNCTION(CK_RV, name) 242 + 243 +/* pkcs11f.h has all the information about the Cryptoki 244 + * function prototypes. */ 245 +#include "pkcs11f.h" 246 + 247 +#undef CK_NEED_ARG_LIST 248 +#undef CK_PKCS11_FUNCTION_INFO 249 + 250 + 251 +/* ============================================================== 252 + * Define the typedef form of all the entry points. That is, for 253 + * each Cryptoki function C_XXX, define a type CK_C_XXX which is 254 + * a pointer to that kind of function. 255 + * ============================================================== 256 + */ 257 + 258 +#define CK_NEED_ARG_LIST 1 259 +#define CK_PKCS11_FUNCTION_INFO(name) \ 260 + typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name)) 261 + 262 +/* pkcs11f.h has all the information about the Cryptoki 263 + * function prototypes. */ 264 +#include "pkcs11f.h" 265 + 266 +#undef CK_NEED_ARG_LIST 267 +#undef CK_PKCS11_FUNCTION_INFO 268 + 269 + 270 +/* ============================================================== 271 + * Define structed vector of entry points. A CK_FUNCTION_LIST 272 + * contains a CK_VERSION indicating a library's Cryptoki version 273 + * and then a whole slew of function pointers to the routines in 274 + * the library. This type was declared, but not defined, in 275 + * pkcs11t.h. 276 + * ============================================================== 277 + */ 278 + 279 +#define CK_PKCS11_FUNCTION_INFO(name) \ 280 + __PASTE(CK_,name) name; 281 + 282 +struct CK_FUNCTION_LIST { 283 + 284 + CK_VERSION version; /* Cryptoki version */ 285 + 286 +/* Pile all the function pointers into the CK_FUNCTION_LIST. */ 287 +/* pkcs11f.h has all the information about the Cryptoki 288 + * function prototypes. */ 289 +#include "pkcs11f.h" 290 + 291 +}; 292 + 293 +#undef CK_PKCS11_FUNCTION_INFO 294 + 295 + 296 +#undef __PASTE 297 + 298 +#ifdef __cplusplus 299 +} 300 +#endif 301 + 302 +#endif
Added pkcs11/pkcs11f.h version [3b3d3e07e4].
1 +/* ***** BEGIN COPYRIGHT BLOCK ***** 2 + * Copyright (C) 2005 Red Hat, Inc. 3 + * All rights reserved. 4 + * 5 + * This library is free software; you can redistribute it and/or 6 + * modify it under the terms of the GNU Lesser General Public 7 + * License as published by the Free Software Foundation version 8 + * 2.1 of the License. 9 + * 10 + * This library is distributed in the hope that it will be useful, 11 + * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13 + * Lesser General Public License for more details. 14 + * 15 + * You should have received a copy of the GNU Lesser General Public 16 + * License along with this library; if not, write to the Free Software 17 + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 + * ***** END COPYRIGHT BLOCK *****/ 19 + 20 +/* pkcs11f.h include file for PKCS #11. 2001 June 25 */ 21 + 22 +/* This function contains pretty much everything about all the */ 23 +/* Cryptoki function prototypes. Because this information is */ 24 +/* used for more than just declaring function prototypes, the */ 25 +/* order of the functions appearing herein is important, and */ 26 +/* should not be altered. */ 27 + 28 + 29 + 30 +/* General-purpose */ 31 + 32 +/* C_Initialize initializes the Cryptoki library. */ 33 +CK_PKCS11_FUNCTION_INFO(C_Initialize) 34 +#ifdef CK_NEED_ARG_LIST 35 +( 36 + CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets 37 + * cast to CK_C_INITIALIZE_ARGS_PTR 38 + * and dereferenced */ 39 +); 40 +#endif 41 + 42 + 43 +/* C_Finalize indicates that an application is done with the 44 + * Cryptoki library. */ 45 +CK_PKCS11_FUNCTION_INFO(C_Finalize) 46 +#ifdef CK_NEED_ARG_LIST 47 +( 48 + CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ 49 +); 50 +#endif 51 + 52 + 53 +/* C_GetInfo returns general information about Cryptoki. */ 54 +CK_PKCS11_FUNCTION_INFO(C_GetInfo) 55 +#ifdef CK_NEED_ARG_LIST 56 +( 57 + CK_INFO_PTR pInfo /* location that receives information */ 58 +); 59 +#endif 60 + 61 + 62 +/* C_GetFunctionList returns the function list. */ 63 +CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) 64 +#ifdef CK_NEED_ARG_LIST 65 +( 66 + CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to 67 + * function list */ 68 +); 69 +#endif 70 + 71 + 72 + 73 +/* Slot and token management */ 74 + 75 +/* C_GetSlotList obtains a list of slots in the system. */ 76 +CK_PKCS11_FUNCTION_INFO(C_GetSlotList) 77 +#ifdef CK_NEED_ARG_LIST 78 +( 79 + CK_BBOOL tokenPresent, /* only slots with tokens? */ 80 + CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ 81 + CK_ULONG_PTR pulCount /* receives number of slots */ 82 +); 83 +#endif 84 + 85 + 86 +/* C_GetSlotInfo obtains information about a particular slot in 87 + * the system. */ 88 +CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) 89 +#ifdef CK_NEED_ARG_LIST 90 +( 91 + CK_SLOT_ID slotID, /* the ID of the slot */ 92 + CK_SLOT_INFO_PTR pInfo /* receives the slot information */ 93 +); 94 +#endif 95 + 96 + 97 +/* C_GetTokenInfo obtains information about a particular token 98 + * in the system. */ 99 +CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) 100 +#ifdef CK_NEED_ARG_LIST 101 +( 102 + CK_SLOT_ID slotID, /* ID of the token's slot */ 103 + CK_TOKEN_INFO_PTR pInfo /* receives the token information */ 104 +); 105 +#endif 106 + 107 + 108 +/* C_GetMechanismList obtains a list of mechanism types 109 + * supported by a token. */ 110 +CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) 111 +#ifdef CK_NEED_ARG_LIST 112 +( 113 + CK_SLOT_ID slotID, /* ID of token's slot */ 114 + CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ 115 + CK_ULONG_PTR pulCount /* gets # of mechs. */ 116 +); 117 +#endif 118 + 119 + 120 +/* C_GetMechanismInfo obtains information about a particular 121 + * mechanism possibly supported by a token. */ 122 +CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) 123 +#ifdef CK_NEED_ARG_LIST 124 +( 125 + CK_SLOT_ID slotID, /* ID of the token's slot */ 126 + CK_MECHANISM_TYPE type, /* type of mechanism */ 127 + CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ 128 +); 129 +#endif 130 + 131 + 132 +/* C_InitToken initializes a token. */ 133 +CK_PKCS11_FUNCTION_INFO(C_InitToken) 134 +#ifdef CK_NEED_ARG_LIST 135 +/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ 136 +( 137 + CK_SLOT_ID slotID, /* ID of the token's slot */ 138 + CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ 139 + CK_ULONG ulPinLen, /* length in bytes of the PIN */ 140 + CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ 141 +); 142 +#endif 143 + 144 + 145 +/* C_InitPIN initializes the normal user's PIN. */ 146 +CK_PKCS11_FUNCTION_INFO(C_InitPIN) 147 +#ifdef CK_NEED_ARG_LIST 148 +( 149 + CK_SESSION_HANDLE hSession, /* the session's handle */ 150 + CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ 151 + CK_ULONG ulPinLen /* length in bytes of the PIN */ 152 +); 153 +#endif 154 + 155 + 156 +/* C_SetPIN modifies the PIN of the user who is logged in. */ 157 +CK_PKCS11_FUNCTION_INFO(C_SetPIN) 158 +#ifdef CK_NEED_ARG_LIST 159 +( 160 + CK_SESSION_HANDLE hSession, /* the session's handle */ 161 + CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ 162 + CK_ULONG ulOldLen, /* length of the old PIN */ 163 + CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ 164 + CK_ULONG ulNewLen /* length of the new PIN */ 165 +); 166 +#endif 167 + 168 + 169 + 170 +/* Session management */ 171 + 172 +/* C_OpenSession opens a session between an application and a 173 + * token. */ 174 +CK_PKCS11_FUNCTION_INFO(C_OpenSession) 175 +#ifdef CK_NEED_ARG_LIST 176 +( 177 + CK_SLOT_ID slotID, /* the slot's ID */ 178 + CK_FLAGS flags, /* from CK_SESSION_INFO */ 179 + CK_VOID_PTR pApplication, /* passed to callback */ 180 + CK_NOTIFY Notify, /* callback function */ 181 + CK_SESSION_HANDLE_PTR phSession /* gets session handle */ 182 +); 183 +#endif 184 + 185 + 186 +/* C_CloseSession closes a session between an application and a 187 + * token. */ 188 +CK_PKCS11_FUNCTION_INFO(C_CloseSession) 189 +#ifdef CK_NEED_ARG_LIST 190 +( 191 + CK_SESSION_HANDLE hSession /* the session's handle */ 192 +); 193 +#endif 194 + 195 + 196 +/* C_CloseAllSessions closes all sessions with a token. */ 197 +CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) 198 +#ifdef CK_NEED_ARG_LIST 199 +( 200 + CK_SLOT_ID slotID /* the token's slot */ 201 +); 202 +#endif 203 + 204 + 205 +/* C_GetSessionInfo obtains information about the session. */ 206 +CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) 207 +#ifdef CK_NEED_ARG_LIST 208 +( 209 + CK_SESSION_HANDLE hSession, /* the session's handle */ 210 + CK_SESSION_INFO_PTR pInfo /* receives session info */ 211 +); 212 +#endif 213 + 214 + 215 +/* C_GetOperationState obtains the state of the cryptographic operation 216 + * in a session. */ 217 +CK_PKCS11_FUNCTION_INFO(C_GetOperationState) 218 +#ifdef CK_NEED_ARG_LIST 219 +( 220 + CK_SESSION_HANDLE hSession, /* session's handle */ 221 + CK_BYTE_PTR pOperationState, /* gets state */ 222 + CK_ULONG_PTR pulOperationStateLen /* gets state length */ 223 +); 224 +#endif 225 + 226 + 227 +/* C_SetOperationState restores the state of the cryptographic 228 + * operation in a session. */ 229 +CK_PKCS11_FUNCTION_INFO(C_SetOperationState) 230 +#ifdef CK_NEED_ARG_LIST 231 +( 232 + CK_SESSION_HANDLE hSession, /* session's handle */ 233 + CK_BYTE_PTR pOperationState, /* holds state */ 234 + CK_ULONG ulOperationStateLen, /* holds state length */ 235 + CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ 236 + CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ 237 +); 238 +#endif 239 + 240 + 241 +/* C_Login logs a user into a token. */ 242 +CK_PKCS11_FUNCTION_INFO(C_Login) 243 +#ifdef CK_NEED_ARG_LIST 244 +( 245 + CK_SESSION_HANDLE hSession, /* the session's handle */ 246 + CK_USER_TYPE userType, /* the user type */ 247 + CK_UTF8CHAR_PTR pPin, /* the user's PIN */ 248 + CK_ULONG ulPinLen /* the length of the PIN */ 249 +); 250 +#endif 251 + 252 + 253 +/* C_Logout logs a user out from a token. */ 254 +CK_PKCS11_FUNCTION_INFO(C_Logout) 255 +#ifdef CK_NEED_ARG_LIST 256 +( 257 + CK_SESSION_HANDLE hSession /* the session's handle */ 258 +); 259 +#endif 260 + 261 + 262 + 263 +/* Object management */ 264 + 265 +/* C_CreateObject creates a new object. */ 266 +CK_PKCS11_FUNCTION_INFO(C_CreateObject) 267 +#ifdef CK_NEED_ARG_LIST 268 +( 269 + CK_SESSION_HANDLE hSession, /* the session's handle */ 270 + CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ 271 + CK_ULONG ulCount, /* attributes in template */ 272 + CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ 273 +); 274 +#endif 275 + 276 + 277 +/* C_CopyObject copies an object, creating a new object for the 278 + * copy. */ 279 +CK_PKCS11_FUNCTION_INFO(C_CopyObject) 280 +#ifdef CK_NEED_ARG_LIST 281 +( 282 + CK_SESSION_HANDLE hSession, /* the session's handle */ 283 + CK_OBJECT_HANDLE hObject, /* the object's handle */ 284 + CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ 285 + CK_ULONG ulCount, /* attributes in template */ 286 + CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ 287 +); 288 +#endif 289 + 290 + 291 +/* C_DestroyObject destroys an object. */ 292 +CK_PKCS11_FUNCTION_INFO(C_DestroyObject) 293 +#ifdef CK_NEED_ARG_LIST 294 +( 295 + CK_SESSION_HANDLE hSession, /* the session's handle */ 296 + CK_OBJECT_HANDLE hObject /* the object's handle */ 297 +); 298 +#endif 299 + 300 + 301 +/* C_GetObjectSize gets the size of an object in bytes. */ 302 +CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) 303 +#ifdef CK_NEED_ARG_LIST 304 +( 305 + CK_SESSION_HANDLE hSession, /* the session's handle */ 306 + CK_OBJECT_HANDLE hObject, /* the object's handle */ 307 + CK_ULONG_PTR pulSize /* receives size of object */ 308 +); 309 +#endif 310 + 311 + 312 +/* C_GetAttributeValue obtains the value of one or more object 313 + * attributes. */ 314 +CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) 315 +#ifdef CK_NEED_ARG_LIST 316 +( 317 + CK_SESSION_HANDLE hSession, /* the session's handle */ 318 + CK_OBJECT_HANDLE hObject, /* the object's handle */ 319 + CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ 320 + CK_ULONG ulCount /* attributes in template */ 321 +); 322 +#endif 323 + 324 + 325 +/* C_SetAttributeValue modifies the value of one or more object 326 + * attributes */ 327 +CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) 328 +#ifdef CK_NEED_ARG_LIST 329 +( 330 + CK_SESSION_HANDLE hSession, /* the session's handle */ 331 + CK_OBJECT_HANDLE hObject, /* the object's handle */ 332 + CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ 333 + CK_ULONG ulCount /* attributes in template */ 334 +); 335 +#endif 336 + 337 + 338 +/* C_FindObjectsInit initializes a search for token and session 339 + * objects that match a template. */ 340 +CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) 341 +#ifdef CK_NEED_ARG_LIST 342 +( 343 + CK_SESSION_HANDLE hSession, /* the session's handle */ 344 + CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ 345 + CK_ULONG ulCount /* attrs in search template */ 346 +); 347 +#endif 348 + 349 + 350 +/* C_FindObjects continues a search for token and session 351 + * objects that match a template, obtaining additional object 352 + * handles. */ 353 +CK_PKCS11_FUNCTION_INFO(C_FindObjects) 354 +#ifdef CK_NEED_ARG_LIST 355 +( 356 + CK_SESSION_HANDLE hSession, /* session's handle */ 357 + CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ 358 + CK_ULONG ulMaxObjectCount, /* max handles to get */ 359 + CK_ULONG_PTR pulObjectCount /* actual # returned */ 360 +); 361 +#endif 362 + 363 + 364 +/* C_FindObjectsFinal finishes a search for token and session 365 + * objects. */ 366 +CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) 367 +#ifdef CK_NEED_ARG_LIST 368 +( 369 + CK_SESSION_HANDLE hSession /* the session's handle */ 370 +); 371 +#endif 372 + 373 + 374 + 375 +/* Encryption and decryption */ 376 + 377 +/* C_EncryptInit initializes an encryption operation. */ 378 +CK_PKCS11_FUNCTION_INFO(C_EncryptInit) 379 +#ifdef CK_NEED_ARG_LIST 380 +( 381 + CK_SESSION_HANDLE hSession, /* the session's handle */ 382 + CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ 383 + CK_OBJECT_HANDLE hKey /* handle of encryption key */ 384 +); 385 +#endif 386 + 387 + 388 +/* C_Encrypt encrypts single-part data. */ 389 +CK_PKCS11_FUNCTION_INFO(C_Encrypt) 390 +#ifdef CK_NEED_ARG_LIST 391 +( 392 + CK_SESSION_HANDLE hSession, /* session's handle */ 393 + CK_BYTE_PTR pData, /* the plaintext data */ 394 + CK_ULONG ulDataLen, /* bytes of plaintext */ 395 + CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ 396 + CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ 397 +); 398 +#endif 399 + 400 + 401 +/* C_EncryptUpdate continues a multiple-part encryption 402 + * operation. */ 403 +CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) 404 +#ifdef CK_NEED_ARG_LIST 405 +( 406 + CK_SESSION_HANDLE hSession, /* session's handle */ 407 + CK_BYTE_PTR pPart, /* the plaintext data */ 408 + CK_ULONG ulPartLen, /* plaintext data len */ 409 + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 410 + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ 411 +); 412 +#endif 413 + 414 + 415 +/* C_EncryptFinal finishes a multiple-part encryption 416 + * operation. */ 417 +CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) 418 +#ifdef CK_NEED_ARG_LIST 419 +( 420 + CK_SESSION_HANDLE hSession, /* session handle */ 421 + CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ 422 + CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ 423 +); 424 +#endif 425 + 426 + 427 +/* C_DecryptInit initializes a decryption operation. */ 428 +CK_PKCS11_FUNCTION_INFO(C_DecryptInit) 429 +#ifdef CK_NEED_ARG_LIST 430 +( 431 + CK_SESSION_HANDLE hSession, /* the session's handle */ 432 + CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ 433 + CK_OBJECT_HANDLE hKey /* handle of decryption key */ 434 +); 435 +#endif 436 + 437 + 438 +/* C_Decrypt decrypts encrypted data in a single part. */ 439 +CK_PKCS11_FUNCTION_INFO(C_Decrypt) 440 +#ifdef CK_NEED_ARG_LIST 441 +( 442 + CK_SESSION_HANDLE hSession, /* session's handle */ 443 + CK_BYTE_PTR pEncryptedData, /* ciphertext */ 444 + CK_ULONG ulEncryptedDataLen, /* ciphertext length */ 445 + CK_BYTE_PTR pData, /* gets plaintext */ 446 + CK_ULONG_PTR pulDataLen /* gets p-text size */ 447 +); 448 +#endif 449 + 450 + 451 +/* C_DecryptUpdate continues a multiple-part decryption 452 + * operation. */ 453 +CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) 454 +#ifdef CK_NEED_ARG_LIST 455 +( 456 + CK_SESSION_HANDLE hSession, /* session's handle */ 457 + CK_BYTE_PTR pEncryptedPart, /* encrypted data */ 458 + CK_ULONG ulEncryptedPartLen, /* input length */ 459 + CK_BYTE_PTR pPart, /* gets plaintext */ 460 + CK_ULONG_PTR pulPartLen /* p-text size */ 461 +); 462 +#endif 463 + 464 + 465 +/* C_DecryptFinal finishes a multiple-part decryption 466 + * operation. */ 467 +CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) 468 +#ifdef CK_NEED_ARG_LIST 469 +( 470 + CK_SESSION_HANDLE hSession, /* the session's handle */ 471 + CK_BYTE_PTR pLastPart, /* gets plaintext */ 472 + CK_ULONG_PTR pulLastPartLen /* p-text size */ 473 +); 474 +#endif 475 + 476 + 477 + 478 +/* Message digesting */ 479 + 480 +/* C_DigestInit initializes a message-digesting operation. */ 481 +CK_PKCS11_FUNCTION_INFO(C_DigestInit) 482 +#ifdef CK_NEED_ARG_LIST 483 +( 484 + CK_SESSION_HANDLE hSession, /* the session's handle */ 485 + CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ 486 +); 487 +#endif 488 + 489 + 490 +/* C_Digest digests data in a single part. */ 491 +CK_PKCS11_FUNCTION_INFO(C_Digest) 492 +#ifdef CK_NEED_ARG_LIST 493 +( 494 + CK_SESSION_HANDLE hSession, /* the session's handle */ 495 + CK_BYTE_PTR pData, /* data to be digested */ 496 + CK_ULONG ulDataLen, /* bytes of data to digest */ 497 + CK_BYTE_PTR pDigest, /* gets the message digest */ 498 + CK_ULONG_PTR pulDigestLen /* gets digest length */ 499 +); 500 +#endif 501 + 502 + 503 +/* C_DigestUpdate continues a multiple-part message-digesting 504 + * operation. */ 505 +CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) 506 +#ifdef CK_NEED_ARG_LIST 507 +( 508 + CK_SESSION_HANDLE hSession, /* the session's handle */ 509 + CK_BYTE_PTR pPart, /* data to be digested */ 510 + CK_ULONG ulPartLen /* bytes of data to be digested */ 511 +); 512 +#endif 513 + 514 + 515 +/* C_DigestKey continues a multi-part message-digesting 516 + * operation, by digesting the value of a secret key as part of 517 + * the data already digested. */ 518 +CK_PKCS11_FUNCTION_INFO(C_DigestKey) 519 +#ifdef CK_NEED_ARG_LIST 520 +( 521 + CK_SESSION_HANDLE hSession, /* the session's handle */ 522 + CK_OBJECT_HANDLE hKey /* secret key to digest */ 523 +); 524 +#endif 525 + 526 + 527 +/* C_DigestFinal finishes a multiple-part message-digesting 528 + * operation. */ 529 +CK_PKCS11_FUNCTION_INFO(C_DigestFinal) 530 +#ifdef CK_NEED_ARG_LIST 531 +( 532 + CK_SESSION_HANDLE hSession, /* the session's handle */ 533 + CK_BYTE_PTR pDigest, /* gets the message digest */ 534 + CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ 535 +); 536 +#endif 537 + 538 + 539 + 540 +/* Signing and MACing */ 541 + 542 +/* C_SignInit initializes a signature (private key encryption) 543 + * operation, where the signature is (will be) an appendix to 544 + * the data, and plaintext cannot be recovered from the 545 + *signature. */ 546 +CK_PKCS11_FUNCTION_INFO(C_SignInit) 547 +#ifdef CK_NEED_ARG_LIST 548 +( 549 + CK_SESSION_HANDLE hSession, /* the session's handle */ 550 + CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 551 + CK_OBJECT_HANDLE hKey /* handle of signature key */ 552 +); 553 +#endif 554 + 555 + 556 +/* C_Sign signs (encrypts with private key) data in a single 557 + * part, where the signature is (will be) an appendix to the 558 + * data, and plaintext cannot be recovered from the signature. */ 559 +CK_PKCS11_FUNCTION_INFO(C_Sign) 560 +#ifdef CK_NEED_ARG_LIST 561 +( 562 + CK_SESSION_HANDLE hSession, /* the session's handle */ 563 + CK_BYTE_PTR pData, /* the data to sign */ 564 + CK_ULONG ulDataLen, /* count of bytes to sign */ 565 + CK_BYTE_PTR pSignature, /* gets the signature */ 566 + CK_ULONG_PTR pulSignatureLen /* gets signature length */ 567 +); 568 +#endif 569 + 570 + 571 +/* C_SignUpdate continues a multiple-part signature operation, 572 + * where the signature is (will be) an appendix to the data, 573 + * and plaintext cannot be recovered from the signature. */ 574 +CK_PKCS11_FUNCTION_INFO(C_SignUpdate) 575 +#ifdef CK_NEED_ARG_LIST 576 +( 577 + CK_SESSION_HANDLE hSession, /* the session's handle */ 578 + CK_BYTE_PTR pPart, /* the data to sign */ 579 + CK_ULONG ulPartLen /* count of bytes to sign */ 580 +); 581 +#endif 582 + 583 + 584 +/* C_SignFinal finishes a multiple-part signature operation, 585 + * returning the signature. */ 586 +CK_PKCS11_FUNCTION_INFO(C_SignFinal) 587 +#ifdef CK_NEED_ARG_LIST 588 +( 589 + CK_SESSION_HANDLE hSession, /* the session's handle */ 590 + CK_BYTE_PTR pSignature, /* gets the signature */ 591 + CK_ULONG_PTR pulSignatureLen /* gets signature length */ 592 +); 593 +#endif 594 + 595 + 596 +/* C_SignRecoverInit initializes a signature operation, where 597 + * the data can be recovered from the signature. */ 598 +CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) 599 +#ifdef CK_NEED_ARG_LIST 600 +( 601 + CK_SESSION_HANDLE hSession, /* the session's handle */ 602 + CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 603 + CK_OBJECT_HANDLE hKey /* handle of the signature key */ 604 +); 605 +#endif 606 + 607 + 608 +/* C_SignRecover signs data in a single operation, where the 609 + * data can be recovered from the signature. */ 610 +CK_PKCS11_FUNCTION_INFO(C_SignRecover) 611 +#ifdef CK_NEED_ARG_LIST 612 +( 613 + CK_SESSION_HANDLE hSession, /* the session's handle */ 614 + CK_BYTE_PTR pData, /* the data to sign */ 615 + CK_ULONG ulDataLen, /* count of bytes to sign */ 616 + CK_BYTE_PTR pSignature, /* gets the signature */ 617 + CK_ULONG_PTR pulSignatureLen /* gets signature length */ 618 +); 619 +#endif 620 + 621 + 622 + 623 +/* Verifying signatures and MACs */ 624 + 625 +/* C_VerifyInit initializes a verification operation, where the 626 + * signature is an appendix to the data, and plaintext cannot 627 + * cannot be recovered from the signature (e.g. DSA). */ 628 +CK_PKCS11_FUNCTION_INFO(C_VerifyInit) 629 +#ifdef CK_NEED_ARG_LIST 630 +( 631 + CK_SESSION_HANDLE hSession, /* the session's handle */ 632 + CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 633 + CK_OBJECT_HANDLE hKey /* verification key */ 634 +); 635 +#endif 636 + 637 + 638 +/* C_Verify verifies a signature in a single-part operation, 639 + * where the signature is an appendix to the data, and plaintext 640 + * cannot be recovered from the signature. */ 641 +CK_PKCS11_FUNCTION_INFO(C_Verify) 642 +#ifdef CK_NEED_ARG_LIST 643 +( 644 + CK_SESSION_HANDLE hSession, /* the session's handle */ 645 + CK_BYTE_PTR pData, /* signed data */ 646 + CK_ULONG ulDataLen, /* length of signed data */ 647 + CK_BYTE_PTR pSignature, /* signature */ 648 + CK_ULONG ulSignatureLen /* signature length*/ 649 +); 650 +#endif 651 + 652 + 653 +/* C_VerifyUpdate continues a multiple-part verification 654 + * operation, where the signature is an appendix to the data, 655 + * and plaintext cannot be recovered from the signature. */ 656 +CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) 657 +#ifdef CK_NEED_ARG_LIST 658 +( 659 + CK_SESSION_HANDLE hSession, /* the session's handle */ 660 + CK_BYTE_PTR pPart, /* signed data */ 661 + CK_ULONG ulPartLen /* length of signed data */ 662 +); 663 +#endif 664 + 665 + 666 +/* C_VerifyFinal finishes a multiple-part verification 667 + * operation, checking the signature. */ 668 +CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) 669 +#ifdef CK_NEED_ARG_LIST 670 +( 671 + CK_SESSION_HANDLE hSession, /* the session's handle */ 672 + CK_BYTE_PTR pSignature, /* signature to verify */ 673 + CK_ULONG ulSignatureLen /* signature length */ 674 +); 675 +#endif 676 + 677 + 678 +/* C_VerifyRecoverInit initializes a signature verification 679 + * operation, where the data is recovered from the signature. */ 680 +CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) 681 +#ifdef CK_NEED_ARG_LIST 682 +( 683 + CK_SESSION_HANDLE hSession, /* the session's handle */ 684 + CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 685 + CK_OBJECT_HANDLE hKey /* verification key */ 686 +); 687 +#endif 688 + 689 + 690 +/* C_VerifyRecover verifies a signature in a single-part 691 + * operation, where the data is recovered from the signature. */ 692 +CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) 693 +#ifdef CK_NEED_ARG_LIST 694 +( 695 + CK_SESSION_HANDLE hSession, /* the session's handle */ 696 + CK_BYTE_PTR pSignature, /* signature to verify */ 697 + CK_ULONG ulSignatureLen, /* signature length */ 698 + CK_BYTE_PTR pData, /* gets signed data */ 699 + CK_ULONG_PTR pulDataLen /* gets signed data len */ 700 +); 701 +#endif 702 + 703 + 704 + 705 +/* Dual-function cryptographic operations */ 706 + 707 +/* C_DigestEncryptUpdate continues a multiple-part digesting 708 + * and encryption operation. */ 709 +CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) 710 +#ifdef CK_NEED_ARG_LIST 711 +( 712 + CK_SESSION_HANDLE hSession, /* session's handle */ 713 + CK_BYTE_PTR pPart, /* the plaintext data */ 714 + CK_ULONG ulPartLen, /* plaintext length */ 715 + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 716 + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 717 +); 718 +#endif 719 + 720 + 721 +/* C_DecryptDigestUpdate continues a multiple-part decryption and 722 + * digesting operation. */ 723 +CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) 724 +#ifdef CK_NEED_ARG_LIST 725 +( 726 + CK_SESSION_HANDLE hSession, /* session's handle */ 727 + CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 728 + CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 729 + CK_BYTE_PTR pPart, /* gets plaintext */ 730 + CK_ULONG_PTR pulPartLen /* gets plaintext len */ 731 +); 732 +#endif 733 + 734 + 735 +/* C_SignEncryptUpdate continues a multiple-part signing and 736 + * encryption operation. */ 737 +CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) 738 +#ifdef CK_NEED_ARG_LIST 739 +( 740 + CK_SESSION_HANDLE hSession, /* session's handle */ 741 + CK_BYTE_PTR pPart, /* the plaintext data */ 742 + CK_ULONG ulPartLen, /* plaintext length */ 743 + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 744 + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 745 +); 746 +#endif 747 + 748 + 749 +/* C_DecryptVerifyUpdate continues a multiple-part decryption and 750 + * verify operation. */ 751 +CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) 752 +#ifdef CK_NEED_ARG_LIST 753 +( 754 + CK_SESSION_HANDLE hSession, /* session's handle */ 755 + CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 756 + CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 757 + CK_BYTE_PTR pPart, /* gets plaintext */ 758 + CK_ULONG_PTR pulPartLen /* gets p-text length */ 759 +); 760 +#endif 761 + 762 + 763 + 764 +/* Key management */ 765 + 766 +/* C_GenerateKey generates a secret key, creating a new key 767 + * object. */ 768 +CK_PKCS11_FUNCTION_INFO(C_GenerateKey) 769 +#ifdef CK_NEED_ARG_LIST 770 +( 771 + CK_SESSION_HANDLE hSession, /* the session's handle */ 772 + CK_MECHANISM_PTR pMechanism, /* key generation mech. */ 773 + CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ 774 + CK_ULONG ulCount, /* # of attrs in template */ 775 + CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ 776 +); 777 +#endif 778 + 779 + 780 +/* C_GenerateKeyPair generates a public-key/private-key pair, 781 + * creating new key objects. */ 782 +CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) 783 +#ifdef CK_NEED_ARG_LIST 784 +( 785 + CK_SESSION_HANDLE hSession, /* session 786 + * handle */ 787 + CK_MECHANISM_PTR pMechanism, /* key-gen 788 + * mech. */ 789 + CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template 790 + * for pub. 791 + * key */ 792 + CK_ULONG ulPublicKeyAttributeCount, /* # pub. 793 + * attrs. */ 794 + CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template 795 + * for priv. 796 + * key */ 797 + CK_ULONG ulPrivateKeyAttributeCount, /* # priv. 798 + * attrs. */ 799 + CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. 800 + * key 801 + * handle */ 802 + CK_OBJECT_HANDLE_PTR phPrivateKey /* gets 803 + * priv. key 804 + * handle */ 805 +); 806 +#endif 807 + 808 + 809 +/* C_WrapKey wraps (i.e., encrypts) a key. */ 810 +CK_PKCS11_FUNCTION_INFO(C_WrapKey) 811 +#ifdef CK_NEED_ARG_LIST 812 +( 813 + CK_SESSION_HANDLE hSession, /* the session's handle */ 814 + CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ 815 + CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ 816 + CK_OBJECT_HANDLE hKey, /* key to be wrapped */ 817 + CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ 818 + CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ 819 +); 820 +#endif 821 + 822 + 823 +/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 824 + * key object. */ 825 +CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) 826 +#ifdef CK_NEED_ARG_LIST 827 +( 828 + CK_SESSION_HANDLE hSession, /* session's handle */ 829 + CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ 830 + CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ 831 + CK_BYTE_PTR pWrappedKey, /* the wrapped key */ 832 + CK_ULONG ulWrappedKeyLen, /* wrapped key len */ 833 + CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 834 + CK_ULONG ulAttributeCount, /* template length */ 835 + CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 836 +); 837 +#endif 838 + 839 + 840 +/* C_DeriveKey derives a key from a base key, creating a new key 841 + * object. */ 842 +CK_PKCS11_FUNCTION_INFO(C_DeriveKey) 843 +#ifdef CK_NEED_ARG_LIST 844 +( 845 + CK_SESSION_HANDLE hSession, /* session's handle */ 846 + CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ 847 + CK_OBJECT_HANDLE hBaseKey, /* base key */ 848 + CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 849 + CK_ULONG ulAttributeCount, /* template length */ 850 + CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 851 +); 852 +#endif 853 + 854 + 855 + 856 +/* Random number generation */ 857 + 858 +/* C_SeedRandom mixes additional seed material into the token's 859 + * random number generator. */ 860 +CK_PKCS11_FUNCTION_INFO(C_SeedRandom) 861 +#ifdef CK_NEED_ARG_LIST 862 +( 863 + CK_SESSION_HANDLE hSession, /* the session's handle */ 864 + CK_BYTE_PTR pSeed, /* the seed material */ 865 + CK_ULONG ulSeedLen /* length of seed material */ 866 +); 867 +#endif 868 + 869 + 870 +/* C_GenerateRandom generates random data. */ 871 +CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) 872 +#ifdef CK_NEED_ARG_LIST 873 +( 874 + CK_SESSION_HANDLE hSession, /* the session's handle */ 875 + CK_BYTE_PTR RandomData, /* receives the random data */ 876 + CK_ULONG ulRandomLen /* # of bytes to generate */ 877 +); 878 +#endif 879 + 880 + 881 + 882 +/* Parallel function management */ 883 + 884 +/* C_GetFunctionStatus is a legacy function; it obtains an 885 + * updated status of a function running in parallel with an 886 + * application. */ 887 +CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) 888 +#ifdef CK_NEED_ARG_LIST 889 +( 890 + CK_SESSION_HANDLE hSession /* the session's handle */ 891 +); 892 +#endif 893 + 894 + 895 +/* C_CancelFunction is a legacy function; it cancels a function 896 + * running in parallel. */ 897 +CK_PKCS11_FUNCTION_INFO(C_CancelFunction) 898 +#ifdef CK_NEED_ARG_LIST 899 +( 900 + CK_SESSION_HANDLE hSession /* the session's handle */ 901 +); 902 +#endif 903 + 904 + 905 + 906 +/* Functions added in for Cryptoki Version 2.01 or later */ 907 + 908 +/* C_WaitForSlotEvent waits for a slot event (token insertion, 909 + * removal, etc.) to occur. */ 910 +CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) 911 +#ifdef CK_NEED_ARG_LIST 912 +( 913 + CK_FLAGS flags, /* blocking/nonblocking flag */ 914 + CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ 915 + CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ 916 +); 917 +#endif
Added pkcs11/pkcs11n.h version [8ab0af0056].
1 +/* ***** BEGIN COPYRIGHT BLOCK ***** 2 + * The contents of this file are subject to the Mozilla Public 3 + * License Version 1.1 (the "License"); you may not use this file 4 + * except in compliance with the License. You may obtain a copy of 5 + * the License at http://www.mozilla.org/MPL/ 6 + * 7 + * Software distributed under the License is distributed on an "AS 8 + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or 9 + * implied. See the License for the specific language governing 10 + * rights and limitations under the License. 11 + * 12 + * The Original Code is the Netscape security libraries. 13 + * 14 + * The Initial Developer of the Original Code is Netscape 15 + * Communications Corporation. Portions created by Netscape are 16 + * Copyright (C) 1994-2000 Netscape Communications Corporation. All 17 + * Rights Reserved. 18 + * 19 + * Alternatively, the contents of this file may be used under the 20 + * terms of the GNU General Public License Version 2 or later (the 21 + * "GPL"), in which case the provisions of the GPL are applicable 22 + * instead of those above. If you wish to allow use of your 23 + * version of this file only under the terms of the GPL and not to 24 + * allow others to use your version of this file under the MPL, 25 + * indicate your decision by deleting the provisions above and 26 + * replace them with the notice and other provisions required by 27 + * the GPL. If you do not delete the provisions above, a recipient 28 + * may use your version of this file under either the MPL or the 29 + * GPL. 30 + * ***** END COPYRIGHT BLOCK *****/ 31 + 32 +#ifndef _PKCS11N_H_ 33 +#define _PKCS11N_H_ 34 + 35 +#ifdef DEBUG 36 +static const char CKT_CVS_ID[] = "@(#) $RCSfile: pkcs11n.h,v $ $Revision: 1.1 $ $Date: 2006/06/09 18:39:11 $ $Name: $"; 37 +#endif /* DEBUG */ 38 + 39 +/* 40 + * pkcs11n.h 41 + * 42 + * This file contains the NSS-specific type definitions for Cryptoki 43 + * (PKCS#11). 44 + */ 45 + 46 +/* 47 + * NSSCK_VENDOR_NETSCAPE 48 + * 49 + * Cryptoki reserves the high half of all the number spaces for 50 + * vendor-defined use. I'd like to keep all of our Netscape- 51 + * specific values together, but not in the oh-so-obvious 52 + * 0x80000001, 0x80000002, etc. area. So I've picked an offset, 53 + * and constructed values for the beginnings of our spaces. 54 + * 55 + * Note that some "historical" Netscape values don't fall within 56 + * this range. 57 + */ 58 +#define NSSCK_VENDOR_NETSCAPE 0x4E534350 /* NSCP */ 59 + 60 +/* 61 + * Netscape-defined object classes 62 + * 63 + */ 64 +#define CKO_NETSCAPE (CKO_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE) 65 +#define CKO_MOZ_READER (CKO_NETSCAPE + 5) 66 + 67 +/* 68 + * Netscape-defined object attributes 69 + * 70 + */ 71 +#define CKA_NETSCAPE (CKA_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE) 72 +#define CKA_MOZ_IS_COOL_KEY (CKA_NETSCAPE + 24) 73 +#define CKA_MOZ_ATR (CKA_NETSCAPE + 25) 74 +#define CKA_MOZ_TPS_URL (CKA_NETSCAPE + 26) 75 + 76 +#endif /* _PKCS11N_H_ */
Added pkcs11/pkcs11t.h version [3e84a5b712].
1 +/* ***** BEGIN COPYRIGHT BLOCK ***** 2 + * Copyright (C) 2005 Red Hat, Inc. 3 + * All rights reserved. 4 + * 5 + * This library is free software; you can redistribute it and/or 6 + * modify it under the terms of the GNU Lesser General Public 7 + * License as published by the Free Software Foundation version 8 + * 2.1 of the License. 9 + * 10 + * This library is distributed in the hope that it will be useful, 11 + * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13 + * Lesser General Public License for more details. 14 + * 15 + * You should have received a copy of the GNU Lesser General Public 16 + * License along with this library; if not, write to the Free Software 17 + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 + * ***** END COPYRIGHT BLOCK *****/ 19 + 20 +/* pkcs11t.h include file for PKCS #11. 2001 June 25 */ 21 + 22 +/* See top of pkcs11.h for information about the macros that 23 + * must be defined and the structure-packing conventions that 24 + * must be set before including this file. */ 25 + 26 +#ifndef _PKCS11T_H_ 27 +#define _PKCS11T_H_ 1 28 + 29 +#ifndef FALSE 30 +#define FALSE 0 31 +#endif 32 + 33 +#ifndef TRUE 34 +#define TRUE (!FALSE) 35 +#endif 36 + 37 + 38 +/* an unsigned 8-bit value */ 39 +typedef unsigned char CK_BYTE; 40 + 41 +/* an unsigned 8-bit character */ 42 +typedef CK_BYTE CK_CHAR; 43 + 44 +/* an 8-bit UTF-8 character */ 45 +typedef CK_BYTE CK_UTF8CHAR; 46 + 47 +/* a BYTE-sized Boolean flag */ 48 +typedef CK_BYTE CK_BBOOL; 49 + 50 +/* an unsigned value, at least 32 bits long */ 51 +typedef unsigned long int CK_ULONG; 52 + 53 +/* a signed value, the same size as a CK_ULONG */ 54 +/* CK_LONG is new for v2.0 */ 55 +typedef long int CK_LONG; 56 + 57 +/* at least 32 bits; each bit is a Boolean flag */ 58 +typedef CK_ULONG CK_FLAGS; 59 + 60 + 61 +/* some special values for certain CK_ULONG variables */ 62 +#define CK_UNAVAILABLE_INFORMATION (~0UL) 63 +#define CK_EFFECTIVELY_INFINITE 0 64 + 65 + 66 +typedef CK_BYTE CK_PTR CK_BYTE_PTR; 67 +typedef CK_CHAR CK_PTR CK_CHAR_PTR; 68 +typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; 69 +typedef CK_ULONG CK_PTR CK_ULONG_PTR; 70 +typedef void CK_PTR CK_VOID_PTR; 71 + 72 +/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ 73 +typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; 74 + 75 + 76 +/* The following value is always invalid if used as a session */ 77 +/* handle or object handle */ 78 +#define CK_INVALID_HANDLE 0 79 + 80 + 81 +typedef struct CK_VERSION { 82 + CK_BYTE major; /* integer portion of version number */ 83 + CK_BYTE minor; /* 1/100ths portion of version number */ 84 +} CK_VERSION; 85 + 86 +typedef CK_VERSION CK_PTR CK_VERSION_PTR; 87 + 88 + 89 +typedef struct CK_INFO { 90 + /* manufacturerID and libraryDecription have been changed from 91 + * CK_CHAR to CK_UTF8CHAR for v2.10 */ 92 + CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ 93 + CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 94 + CK_FLAGS flags; /* must be zero */ 95 + 96 + /* libraryDescription and libraryVersion are new for v2.0 */ 97 + CK_UTF8CHAR libraryDescription[32]; /* blank padded */ 98 + CK_VERSION libraryVersion; /* version of library */ 99 +} CK_INFO; 100 + 101 +typedef CK_INFO CK_PTR CK_INFO_PTR; 102 + 103 + 104 +/* CK_NOTIFICATION enumerates the types of notifications that 105 + * Cryptoki provides to an application */ 106 +/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG 107 + * for v2.0 */ 108 +typedef CK_ULONG CK_NOTIFICATION; 109 +#define CKN_SURRENDER 0 110 + 111 + 112 +typedef CK_ULONG CK_SLOT_ID; 113 + 114 +typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; 115 + 116 + 117 +/* CK_SLOT_INFO provides information about a slot */ 118 +typedef struct CK_SLOT_INFO { 119 + /* slotDescription and manufacturerID have been changed from 120 + * CK_CHAR to CK_UTF8CHAR for v2.10 */ 121 + CK_UTF8CHAR slotDescription[64]; /* blank padded */ 122 + CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 123 + CK_FLAGS flags; 124 + 125 + /* hardwareVersion and firmwareVersion are new for v2.0 */ 126 + CK_VERSION hardwareVersion; /* version of hardware */ 127 + CK_VERSION firmwareVersion; /* version of firmware */ 128 +} CK_SLOT_INFO; 129 + 130 +/* flags: bit flags that provide capabilities of the slot 131 + * Bit Flag Mask Meaning 132 + */ 133 +#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ 134 +#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ 135 +#define CKF_HW_SLOT 0x00000004 /* hardware slot */ 136 + 137 +typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; 138 + 139 + 140 +/* CK_TOKEN_INFO provides information about a token */ 141 +typedef struct CK_TOKEN_INFO { 142 + /* label, manufacturerID, and model have been changed from 143 + * CK_CHAR to CK_UTF8CHAR for v2.10 */ 144 + CK_UTF8CHAR label[32]; /* blank padded */ 145 + CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 146 + CK_UTF8CHAR model[16]; /* blank padded */ 147 + CK_CHAR serialNumber[16]; /* blank padded */ 148 + CK_FLAGS flags; /* see below */ 149 + 150 + /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, 151 + * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been 152 + * changed from CK_USHORT to CK_ULONG for v2.0 */ 153 + CK_ULONG ulMaxSessionCount; /* max open sessions */ 154 + CK_ULONG ulSessionCount; /* sess. now open */ 155 + CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ 156 + CK_ULONG ulRwSessionCount; /* R/W sess. now open */ 157 + CK_ULONG ulMaxPinLen; /* in bytes */ 158 + CK_ULONG ulMinPinLen; /* in bytes */ 159 + CK_ULONG ulTotalPublicMemory; /* in bytes */ 160 + CK_ULONG ulFreePublicMemory; /* in bytes */ 161 + CK_ULONG ulTotalPrivateMemory; /* in bytes */ 162 + CK_ULONG ulFreePrivateMemory; /* in bytes */ 163 + 164 + /* hardwareVersion, firmwareVersion, and time are new for 165 + * v2.0 */ 166 + CK_VERSION hardwareVersion; /* version of hardware */ 167 + CK_VERSION firmwareVersion; /* version of firmware */ 168 + CK_CHAR utcTime[16]; /* time */ 169 +} CK_TOKEN_INFO; 170 + 171 +/* The flags parameter is defined as follows: 172 + * Bit Flag Mask Meaning 173 + */ 174 +#define CKF_RNG 0x00000001 /* has random # 175 + * generator */ 176 +#define CKF_WRITE_PROTECTED 0x00000002 /* token is 177 + * write- 178 + * protected */ 179 +#define CKF_LOGIN_REQUIRED 0x00000004 /* user must 180 + * login */ 181 +#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's 182 + * PIN is set */ 183 + 184 +/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, 185 + * that means that *every* time the state of cryptographic 186 + * operations of a session is successfully saved, all keys 187 + * needed to continue those operations are stored in the state */ 188 +#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 189 + 190 +/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means 191 + * that the token has some sort of clock. The time on that 192 + * clock is returned in the token info structure */ 193 +#define CKF_CLOCK_ON_TOKEN 0x00000040 194 + 195 +/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is 196 + * set, that means that there is some way for the user to login 197 + * without sending a PIN through the Cryptoki library itself */ 198 +#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 199 + 200 +/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, 201 + * that means that a single session with the token can perform 202 + * dual simultaneous cryptographic operations (digest and 203 + * encrypt; decrypt and digest; sign and encrypt; and decrypt 204 + * and sign) */ 205 +#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 206 + 207 +/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the 208 + * token has been initialized using C_InitializeToken or an 209 + * equivalent mechanism outside the scope of PKCS #11. 210 + * Calling C_InitializeToken when this flag is set will cause 211 + * the token to be reinitialized. */ 212 +#define CKF_TOKEN_INITIALIZED 0x00000400 213 + 214 +/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is 215 + * true, the token supports secondary authentication for 216 + * private key objects. */ 217 +#define CKF_SECONDARY_AUTHENTICATION 0x00000800 218 + 219 +/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an 220 + * incorrect user login PIN has been entered at least once 221 + * since the last successful authentication. */ 222 +#define CKF_USER_PIN_COUNT_LOW 0x00010000 223 + 224 +/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, 225 + * supplying an incorrect user PIN will it to become locked. */ 226 +#define CKF_USER_PIN_FINAL_TRY 0x00020000 227 + 228 +/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the 229 + * user PIN has been locked. User login to the token is not 230 + * possible. */ 231 +#define CKF_USER_PIN_LOCKED 0x00040000 232 + 233 +/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 234 + * the user PIN value is the default value set by token 235 + * initialization or manufacturing, or the PIN has been 236 + * expired by the card. */ 237 +#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 238 + 239 +/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an 240 + * incorrect SO login PIN has been entered at least once since 241 + * the last successful authentication. */ 242 +#define CKF_SO_PIN_COUNT_LOW 0x00100000 243 + 244 +/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, 245 + * supplying an incorrect SO PIN will it to become locked. */ 246 +#define CKF_SO_PIN_FINAL_TRY 0x00200000 247 + 248 +/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO 249 + * PIN has been locked. SO login to the token is not possible. 250 + */ 251 +#define CKF_SO_PIN_LOCKED 0x00400000 252 + 253 +/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 254 + * the SO PIN value is the default value set by token 255 + * initialization or manufacturing, or the PIN has been 256 + * expired by the card. */ 257 +#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 258 + 259 +typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; 260 + 261 + 262 +/* CK_SESSION_HANDLE is a Cryptoki-assigned value that 263 + * identifies a session */ 264 +typedef CK_ULONG CK_SESSION_HANDLE; 265 + 266 +typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 267 + 268 + 269 +/* CK_USER_TYPE enumerates the types of Cryptoki users */ 270 +/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for 271 + * v2.0 */ 272 +typedef CK_ULONG CK_USER_TYPE; 273 +/* Security Officer */ 274 +#define CKU_SO 0 275 +/* Normal user */ 276 +#define CKU_USER 1 277 + 278 + 279 +/* CK_STATE enumerates the session states */ 280 +/* CK_STATE has been changed from an enum to a CK_ULONG for 281 + * v2.0 */ 282 +typedef CK_ULONG CK_STATE; 283 +#define CKS_RO_PUBLIC_SESSION 0 284 +#define CKS_RO_USER_FUNCTIONS 1 285 +#define CKS_RW_PUBLIC_SESSION 2 286 +#define CKS_RW_USER_FUNCTIONS 3 287 +#define CKS_RW_SO_FUNCTIONS 4 288 + 289 + 290 +/* CK_SESSION_INFO provides information about a session */ 291 +typedef struct CK_SESSION_INFO { 292 + CK_SLOT_ID slotID; 293 + CK_STATE state; 294 + CK_FLAGS flags; /* see below */ 295 + 296 + /* ulDeviceError was changed from CK_USHORT to CK_ULONG for 297 + * v2.0 */ 298 + CK_ULONG ulDeviceError; /* device-dependent error code */ 299 +} CK_SESSION_INFO; 300 + 301 +/* The flags are defined in the following table: 302 + * Bit Flag Mask Meaning 303 + */ 304 +#define CKF_RW_SESSION 0x00000002 /* session is r/w */ 305 +#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ 306 + 307 +typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; 308 + 309 + 310 +/* CK_OBJECT_HANDLE is a token-specific identifier for an 311 + * object */ 312 +typedef CK_ULONG CK_OBJECT_HANDLE; 313 + 314 +typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; 315 + 316 + 317 +/* CK_OBJECT_CLASS is a value that identifies the classes (or 318 + * types) of objects that Cryptoki recognizes. It is defined 319 + * as follows: */ 320 +/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for 321 + * v2.0 */ 322 +typedef CK_ULONG CK_OBJECT_CLASS; 323 + 324 +/* The following classes of objects are defined: */ 325 +/* CKO_HW_FEATURE is new for v2.10 */ 326 +/* CKO_DOMAIN_PARAMETERS is new for v2.11 */ 327 +#define CKO_DATA 0x00000000 328 +#define CKO_CERTIFICATE 0x00000001 329 +#define CKO_PUBLIC_KEY 0x00000002 330 +#define CKO_PRIVATE_KEY 0x00000003 331 +#define CKO_SECRET_KEY 0x00000004 332 +#define CKO_HW_FEATURE 0x00000005 333 +#define CKO_DOMAIN_PARAMETERS 0x00000006 334 +#define CKO_VENDOR_DEFINED 0x80000000 335 + 336 +typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; 337 + 338 +/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a 339 + * value that identifies the hardware feature type of an object 340 + * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ 341 +typedef CK_ULONG CK_HW_FEATURE_TYPE; 342 + 343 +/* The following hardware feature types are defined */ 344 +#define CKH_MONOTONIC_COUNTER 0x00000001 345 +#define CKH_CLOCK 0x00000002 346 +#define CKH_VENDOR_DEFINED 0x80000000 347 + 348 +/* CK_KEY_TYPE is a value that identifies a key type */ 349 +/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ 350 +typedef CK_ULONG CK_KEY_TYPE; 351 + 352 +/* the following key types are defined: */ 353 +#define CKK_RSA 0x00000000 354 +#define CKK_DSA 0x00000001 355 +#define CKK_DH 0x00000002 356 + 357 +/* CKK_ECDSA and CKK_KEA are new for v2.0 */ 358 +/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ 359 +#define CKK_ECDSA 0x00000003 360 +#define CKK_EC 0x00000003 361 +#define CKK_X9_42_DH 0x00000004 362 +#define CKK_KEA 0x00000005 363 + 364 +#define CKK_GENERIC_SECRET 0x00000010 365 +#define CKK_RC2 0x00000011 366 +#define CKK_RC4 0x00000012 367 +#define CKK_DES 0x00000013 368 +#define CKK_DES2 0x00000014 369 +#define CKK_DES3 0x00000015 370 + 371 +/* all these key types are new for v2.0 */ 372 +#define CKK_CAST 0x00000016 373 +#define CKK_CAST3 0x00000017 374 +/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ 375 +#define CKK_CAST5 0x00000018 376 +#define CKK_CAST128 0x00000018 377 +#define CKK_RC5 0x00000019 378 +#define CKK_IDEA 0x0000001A 379 +#define CKK_SKIPJACK 0x0000001B 380 +#define CKK_BATON 0x0000001C 381 +#define CKK_JUNIPER 0x0000001D 382 +#define CKK_CDMF 0x0000001E 383 +#define CKK_AES 0x0000001F 384 + 385 +#define CKK_VENDOR_DEFINED 0x80000000 386 + 387 + 388 +/* CK_CERTIFICATE_TYPE is a value that identifies a certificate 389 + * type */ 390 +/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG 391 + * for v2.0 */ 392 +typedef CK_ULONG CK_CERTIFICATE_TYPE; 393 + 394 +/* The following certificate types are defined: */ 395 +/* CKC_X_509_ATTR_CERT is new for v2.10 */ 396 +#define CKC_X_509 0x00000000 397 +#define CKC_X_509_ATTR_CERT 0x00000001 398 +#define CKC_VENDOR_DEFINED 0x80000000 399 + 400 + 401 +/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute 402 + * type */ 403 +/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for 404 + * v2.0 */ 405 +typedef CK_ULONG CK_ATTRIBUTE_TYPE; 406 + 407 +/* The following attribute types are defined: */ 408 +#define CKA_CLASS 0x00000000 409 +#define CKA_TOKEN 0x00000001 410 +#define CKA_PRIVATE 0x00000002 411 +#define CKA_LABEL 0x00000003 412 +#define CKA_APPLICATION 0x00000010 413 +#define CKA_VALUE 0x00000011 414 + 415 +/* CKA_OBJECT_ID is new for v2.10 */ 416 +#define CKA_OBJECT_ID 0x00000012 417 + 418 +#define CKA_CERTIFICATE_TYPE 0x00000080 419 +#define CKA_ISSUER 0x00000081 420 +#define CKA_SERIAL_NUMBER 0x00000082 421 + 422 +/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new 423 + * for v2.10 */ 424 +#define CKA_AC_ISSUER 0x00000083 425 +#define CKA_OWNER 0x00000084 426 +#define CKA_ATTR_TYPES 0x00000085 427 + 428 +/* CKA_TRUSTED is new for v2.11 */ 429 +#define CKA_TRUSTED 0x00000086 430 + 431 +#define CKA_KEY_TYPE 0x00000100 432 +#define CKA_SUBJECT 0x00000101 433 +#define CKA_ID 0x00000102 434 +#define CKA_SENSITIVE 0x00000103 435 +#define CKA_ENCRYPT 0x00000104 436 +#define CKA_DECRYPT 0x00000105 437 +#define CKA_WRAP 0x00000106 438 +#define CKA_UNWRAP 0x00000107 439 +#define CKA_SIGN 0x00000108 440 +#define CKA_SIGN_RECOVER 0x00000109 441 +#define CKA_VERIFY 0x0000010A 442 +#define CKA_VERIFY_RECOVER 0x0000010B 443 +#define CKA_DERIVE 0x0000010C 444 +#define CKA_START_DATE 0x00000110 445 +#define CKA_END_DATE 0x00000111 446 +#define CKA_MODULUS 0x00000120 447 +#define CKA_MODULUS_BITS 0x00000121 448 +#define CKA_PUBLIC_EXPONENT 0x00000122 449 +#define CKA_PRIVATE_EXPONENT 0x00000123 450 +#define CKA_PRIME_1 0x00000124 451 +#define CKA_PRIME_2 0x00000125 452 +#define CKA_EXPONENT_1 0x00000126 453 +#define CKA_EXPONENT_2 0x00000127 454 +#define CKA_COEFFICIENT 0x00000128 455 +#define CKA_PRIME 0x00000130 456 +#define CKA_SUBPRIME 0x00000131 457 +#define CKA_BASE 0x00000132 458 + 459 +/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ 460 +#define CKA_PRIME_BITS 0x00000133 461 +#define CKA_SUB_PRIME_BITS 0x00000134 462 + 463 +#define CKA_VALUE_BITS 0x00000160 464 +#define CKA_VALUE_LEN 0x00000161 465 + 466 +/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, 467 + * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, 468 + * and CKA_EC_POINT are new for v2.0 */ 469 +#define CKA_EXTRACTABLE 0x00000162 470 +#define CKA_LOCAL 0x00000163 471 +#define CKA_NEVER_EXTRACTABLE 0x00000164 472 +#define CKA_ALWAYS_SENSITIVE 0x00000165 473 + 474 +/* CKA_KEY_GEN_MECHANISM is new for v2.11 */ 475 +#define CKA_KEY_GEN_MECHANISM 0x00000166 476 + 477 +#define CKA_MODIFIABLE 0x00000170 478 + 479 +/* CKA_ECDSA_PARAMS is deprecated in v2.11, 480 + * CKA_EC_PARAMS is preferred. */ 481 +#define CKA_ECDSA_PARAMS 0x00000180 482 +#define CKA_EC_PARAMS 0x00000180 483 + 484 +#define CKA_EC_POINT 0x00000181 485 + 486 +/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, 487 + * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET 488 + * are new for v2.10 */ 489 +#define CKA_SECONDARY_AUTH 0x00000200 490 +#define CKA_AUTH_PIN_FLAGS 0x00000201 491 +#define CKA_HW_FEATURE_TYPE 0x00000300 492 +#define CKA_RESET_ON_INIT 0x00000301 493 +#define CKA_HAS_RESET 0x00000302 494 + 495 +#define CKA_VENDOR_DEFINED 0x80000000 496 + 497 + 498 +/* CK_ATTRIBUTE is a structure that includes the type, length 499 + * and value of an attribute */ 500 +typedef struct CK_ATTRIBUTE { 501 + CK_ATTRIBUTE_TYPE type; 502 + CK_VOID_PTR pValue; 503 + 504 + /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ 505 + CK_ULONG ulValueLen; /* in bytes */ 506 +} CK_ATTRIBUTE; 507 + 508 +typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; 509 + 510 + 511 +/* CK_DATE is a structure that defines a date */ 512 +typedef struct CK_DATE{ 513 + CK_CHAR year[4]; /* the year ("1900" - "9999") */ 514 + CK_CHAR month[2]; /* the month ("01" - "12") */ 515 + CK_CHAR day[2]; /* the day ("01" - "31") */ 516 +} CK_DATE; 517 + 518 + 519 +/* CK_MECHANISM_TYPE is a value that identifies a mechanism 520 + * type */ 521 +/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for 522 + * v2.0 */ 523 +typedef CK_ULONG CK_MECHANISM_TYPE; 524 + 525 +/* the following mechanism types are defined: */ 526 +#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 527 +#define CKM_RSA_PKCS 0x00000001 528 +#define CKM_RSA_9796 0x00000002 529 +#define CKM_RSA_X_509 0x00000003 530 + 531 +/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS 532 + * are new for v2.0. They are mechanisms which hash and sign */ 533 +#define CKM_MD2_RSA_PKCS 0x00000004 534 +#define CKM_MD5_RSA_PKCS 0x00000005 535 +#define CKM_SHA1_RSA_PKCS 0x00000006 536 + 537 +/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and 538 + * CKM_RSA_PKCS_OAEP are new for v2.10 */ 539 +#define CKM_RIPEMD128_RSA_PKCS 0x00000007 540 +#define CKM_RIPEMD160_RSA_PKCS 0x00000008 541 +#define CKM_RSA_PKCS_OAEP 0x00000009 542 + 543 +/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, 544 + * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ 545 +#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A 546 +#define CKM_RSA_X9_31 0x0000000B 547 +#define CKM_SHA1_RSA_X9_31 0x0000000C 548 +#define CKM_RSA_PKCS_PSS 0x0000000D 549 +#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E 550 + 551 +#define CKM_DSA_KEY_PAIR_GEN 0x00000010 552 +#define CKM_DSA 0x00000011 553 +#define CKM_DSA_SHA1 0x00000012 554 +#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 555 +#define CKM_DH_PKCS_DERIVE 0x00000021 556 + 557 +/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, 558 + * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for 559 + * v2.11 */ 560 +#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 561 +#define CKM_X9_42_DH_DERIVE 0x00000031 562 +#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 563 +#define CKM_X9_42_MQV_DERIVE 0x00000033 564 + 565 +#define CKM_RC2_KEY_GEN 0x00000100 566 +#define CKM_RC2_ECB 0x00000101 567 +#define CKM_RC2_CBC 0x00000102 568 +#define CKM_RC2_MAC 0x00000103 569 + 570 +/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ 571 +#define CKM_RC2_MAC_GENERAL 0x00000104 572 +#define CKM_RC2_CBC_PAD 0x00000105 573 + 574 +#define CKM_RC4_KEY_GEN 0x00000110 575 +#define CKM_RC4 0x00000111 576 +#define CKM_DES_KEY_GEN 0x00000120 577 +#define CKM_DES_ECB 0x00000121 578 +#define CKM_DES_CBC 0x00000122 579 +#define CKM_DES_MAC 0x00000123 580 + 581 +/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ 582 +#define CKM_DES_MAC_GENERAL 0x00000124 583 +#define CKM_DES_CBC_PAD 0x00000125 584 + 585 +#define CKM_DES2_KEY_GEN 0x00000130 586 +#define CKM_DES3_KEY_GEN 0x00000131 587 +#define CKM_DES3_ECB 0x00000132 588 +#define CKM_DES3_CBC 0x00000133 589 +#define CKM_DES3_MAC 0x00000134 590 + 591 +/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, 592 + * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, 593 + * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ 594 +#define CKM_DES3_MAC_GENERAL 0x00000135 595 +#define CKM_DES3_CBC_PAD 0x00000136 596 +#define CKM_CDMF_KEY_GEN 0x00000140 597 +#define CKM_CDMF_ECB 0x00000141 598 +#define CKM_CDMF_CBC 0x00000142 599 +#define CKM_CDMF_MAC 0x00000143 600 +#define CKM_CDMF_MAC_GENERAL 0x00000144 601 +#define CKM_CDMF_CBC_PAD 0x00000145 602 + 603 +#define CKM_MD2 0x00000200 604 + 605 +/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ 606 +#define CKM_MD2_HMAC 0x00000201 607 +#define CKM_MD2_HMAC_GENERAL 0x00000202 608 + 609 +#define CKM_MD5 0x00000210 610 + 611 +/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ 612 +#define CKM_MD5_HMAC 0x00000211 613 +#define CKM_MD5_HMAC_GENERAL 0x00000212 614 + 615 +#define CKM_SHA_1 0x00000220 616 + 617 +/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ 618 +#define CKM_SHA_1_HMAC 0x00000221 619 +#define CKM_SHA_1_HMAC_GENERAL 0x00000222 620 + 621 +/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, 622 + * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, 623 + * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ 624 +#define CKM_RIPEMD128 0x00000230 625 +#define CKM_RIPEMD128_HMAC 0x00000231 626 +#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 627 +#define CKM_RIPEMD160 0x00000240 628 +#define CKM_RIPEMD160_HMAC 0x00000241 629 +#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 630 + 631 +/* All of the following mechanisms are new for v2.0 */ 632 +/* Note that CAST128 and CAST5 are the same algorithm */ 633 +#define CKM_CAST_KEY_GEN 0x00000300 634 +#define CKM_CAST_ECB 0x00000301 635 +#define CKM_CAST_CBC 0x00000302 636 +#define CKM_CAST_MAC 0x00000303 637 +#define CKM_CAST_MAC_GENERAL 0x00000304 638 +#define CKM_CAST_CBC_PAD 0x00000305 639 +#define CKM_CAST3_KEY_GEN 0x00000310 640 +#define CKM_CAST3_ECB 0x00000311 641 +#define CKM_CAST3_CBC 0x00000312 642 +#define CKM_CAST3_MAC 0x00000313 643 +#define CKM_CAST3_MAC_GENERAL 0x00000314 644 +#define CKM_CAST3_CBC_PAD 0x00000315 645 +#define CKM_CAST5_KEY_GEN 0x00000320 646 +#define CKM_CAST128_KEY_GEN 0x00000320 647 +#define CKM_CAST5_ECB 0x00000321 648 +#define CKM_CAST128_ECB 0x00000321 649 +#define CKM_CAST5_CBC 0x00000322 650 +#define CKM_CAST128_CBC 0x00000322 651 +#define CKM_CAST5_MAC 0x00000323 652 +#define CKM_CAST128_MAC 0x00000323 653 +#define CKM_CAST5_MAC_GENERAL 0x00000324 654 +#define CKM_CAST128_MAC_GENERAL 0x00000324 655 +#define CKM_CAST5_CBC_PAD 0x00000325 656 +#define CKM_CAST128_CBC_PAD 0x00000325 657 +#define CKM_RC5_KEY_GEN 0x00000330 658 +#define CKM_RC5_ECB 0x00000331 659 +#define CKM_RC5_CBC 0x00000332 660 +#define CKM_RC5_MAC 0x00000333 661 +#define CKM_RC5_MAC_GENERAL 0x00000334 662 +#define CKM_RC5_CBC_PAD 0x00000335 663 +#define CKM_IDEA_KEY_GEN 0x00000340 664 +#define CKM_IDEA_ECB 0x00000341 665 +#define CKM_IDEA_CBC 0x00000342 666 +#define CKM_IDEA_MAC 0x00000343 667 +#define CKM_IDEA_MAC_GENERAL 0x00000344 668 +#define CKM_IDEA_CBC_PAD 0x00000345 669 +#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 670 +#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 671 +#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 672 +#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 673 +#define CKM_XOR_BASE_AND_DATA 0x00000364 674 +#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 675 +#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 676 +#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 677 +#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 678 + 679 +/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, 680 + * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and 681 + * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ 682 +#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 683 +#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 684 +#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 685 +#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 686 +#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 687 + 688 +#define CKM_SSL3_MD5_MAC 0x00000380 689 +#define CKM_SSL3_SHA1_MAC 0x00000381 690 +#define CKM_MD5_KEY_DERIVATION 0x00000390 691 +#define CKM_MD2_KEY_DERIVATION 0x00000391 692 +#define CKM_SHA1_KEY_DERIVATION 0x00000392 693 +#define CKM_PBE_MD2_DES_CBC 0x000003A0 694 +#define CKM_PBE_MD5_DES_CBC 0x000003A1 695 +#define CKM_PBE_MD5_CAST_CBC 0x000003A2 696 +#define CKM_PBE_MD5_CAST3_CBC 0x000003A3 697 +#define CKM_PBE_MD5_CAST5_CBC 0x000003A4 698 +#define CKM_PBE_MD5_CAST128_CBC 0x000003A4 699 +#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 700 +#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 701 +#define CKM_PBE_SHA1_RC4_128 0x000003A6 702 +#define CKM_PBE_SHA1_RC4_40 0x000003A7 703 +#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 704 +#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 705 +#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA 706 +#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB 707 + 708 +/* CKM_PKCS5_PBKD2 is new for v2.10 */ 709 +#define CKM_PKCS5_PBKD2 0x000003B0 710 + 711 +#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 712 +#define CKM_KEY_WRAP_LYNKS 0x00000400 713 +#define CKM_KEY_WRAP_SET_OAEP 0x00000401 714 + 715 +/* Fortezza mechanisms */ 716 +#define CKM_SKIPJACK_KEY_GEN 0x00001000 717 +#define CKM_SKIPJACK_ECB64 0x00001001 718 +#define CKM_SKIPJACK_CBC64 0x00001002 719 +#define CKM_SKIPJACK_OFB64 0x00001003 720 +#define CKM_SKIPJACK_CFB64 0x00001004 721 +#define CKM_SKIPJACK_CFB32 0x00001005 722 +#define CKM_SKIPJACK_CFB16 0x00001006 723 +#define CKM_SKIPJACK_CFB8 0x00001007 724 +#define CKM_SKIPJACK_WRAP 0x00001008 725 +#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 726 +#define CKM_SKIPJACK_RELAYX 0x0000100a 727 +#define CKM_KEA_KEY_PAIR_GEN 0x00001010 728 +#define CKM_KEA_KEY_DERIVE 0x00001011 729 +#define CKM_FORTEZZA_TIMESTAMP 0x00001020 730 +#define CKM_BATON_KEY_GEN 0x00001030 731 +#define CKM_BATON_ECB128 0x00001031 732 +#define CKM_BATON_ECB96 0x00001032 733 +#define CKM_BATON_CBC128 0x00001033 734 +#define CKM_BATON_COUNTER 0x00001034 735 +#define CKM_BATON_SHUFFLE 0x00001035 736 +#define CKM_BATON_WRAP 0x00001036 737 + 738 +/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, 739 + * CKM_EC_KEY_PAIR_GEN is preferred */ 740 +#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 741 +#define CKM_EC_KEY_PAIR_GEN 0x00001040 742 + 743 +#define CKM_ECDSA 0x00001041 744 +#define CKM_ECDSA_SHA1 0x00001042 745 + 746 +/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE 747 + * are new for v2.11 */ 748 +#define CKM_ECDH1_DERIVE 0x00001050 749 +#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 750 +#define CKM_ECMQV_DERIVE 0x00001052 751 + 752 +#define CKM_JUNIPER_KEY_GEN 0x00001060 753 +#define CKM_JUNIPER_ECB128 0x00001061 754 +#define CKM_JUNIPER_CBC128 0x00001062 755 +#define CKM_JUNIPER_COUNTER 0x00001063 756 +#define CKM_JUNIPER_SHUFFLE 0x00001064 757 +#define CKM_JUNIPER_WRAP 0x00001065 758 +#define CKM_FASTHASH 0x00001070 759 + 760 +/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, 761 + * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, 762 + * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are 763 + * new for v2.11 */ 764 +#define CKM_AES_KEY_GEN 0x00001080 765 +#define CKM_AES_ECB 0x00001081 766 +#define CKM_AES_CBC 0x00001082 767 +#define CKM_AES_MAC 0x00001083 768 +#define CKM_AES_MAC_GENERAL 0x00001084 769 +#define CKM_AES_CBC_PAD 0x00001085 770 +#define CKM_DSA_PARAMETER_GEN 0x00002000 771 +#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 772 +#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 773 + 774 +#define CKM_VENDOR_DEFINED 0x80000000 775 + 776 +typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; 777 + 778 + 779 +/* CK_MECHANISM is a structure that specifies a particular 780 + * mechanism */ 781 +typedef struct CK_MECHANISM { 782 + CK_MECHANISM_TYPE mechanism; 783 + CK_VOID_PTR pParameter; 784 + 785 + /* ulParameterLen was changed from CK_USHORT to CK_ULONG for 786 + * v2.0 */ 787 + CK_ULONG ulParameterLen; /* in bytes */ 788 +} CK_MECHANISM; 789 + 790 +typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; 791 + 792 + 793 +/* CK_MECHANISM_INFO provides information about a particular 794 + * mechanism */ 795 +typedef struct CK_MECHANISM_INFO { 796 + CK_ULONG ulMinKeySize; 797 + CK_ULONG ulMaxKeySize; 798 + CK_FLAGS flags; 799 +} CK_MECHANISM_INFO; 800 + 801 +/* The flags are defined as follows: 802 + * Bit Flag Mask Meaning */ 803 +#define CKF_HW 0x00000001 /* performed by HW */ 804 + 805 +/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, 806 + * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, 807 + * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, 808 + * and CKF_DERIVE are new for v2.0. They specify whether or not 809 + * a mechanism can be used for a particular task */ 810 +#define CKF_ENCRYPT 0x00000100 811 +#define CKF_DECRYPT 0x00000200 812 +#define CKF_DIGEST 0x00000400 813 +#define CKF_SIGN 0x00000800 814 +#define CKF_SIGN_RECOVER 0x00001000 815 +#define CKF_VERIFY 0x00002000 816 +#define CKF_VERIFY_RECOVER 0x00004000 817 +#define CKF_GENERATE 0x00008000 818 +#define CKF_GENERATE_KEY_PAIR 0x00010000 819 +#define CKF_WRAP 0x00020000 820 +#define CKF_UNWRAP 0x00040000 821 +#define CKF_DERIVE 0x00080000 822 + 823 +/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, 824 + * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They 825 + * describe a token's EC capabilities not available in mechanism 826 + * information. */ 827 +#define CKF_EC_F_P 0x00100000 828 +#define CKF_EC_F_2M 0x00200000 829 +#define CKF_EC_ECPARAMETERS 0x00400000 830 +#define CKF_EC_NAMEDCURVE 0x00800000 831 +#define CKF_EC_UNCOMPRESS 0x01000000 832 +#define CKF_EC_COMPRESS 0x02000000 833 + 834 +#define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */ 835 + 836 +typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; 837 + 838 + 839 +/* CK_RV is a value that identifies the return value of a 840 + * Cryptoki function */ 841 +/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ 842 +typedef CK_ULONG CK_RV; 843 + 844 +#define CKR_OK 0x00000000 845 +#define CKR_CANCEL 0x00000001 846 +#define CKR_HOST_MEMORY 0x00000002 847 +#define CKR_SLOT_ID_INVALID 0x00000003 848 + 849 +/* CKR_FLAGS_INVALID was removed for v2.0 */ 850 + 851 +/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ 852 +#define CKR_GENERAL_ERROR 0x00000005 853 +#define CKR_FUNCTION_FAILED 0x00000006 854 + 855 +/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, 856 + * and CKR_CANT_LOCK are new for v2.01 */ 857 +#define CKR_ARGUMENTS_BAD 0x00000007 858 +#define CKR_NO_EVENT 0x00000008 859 +#define CKR_NEED_TO_CREATE_THREADS 0x00000009 860 +#define CKR_CANT_LOCK 0x0000000A 861 + 862 +#define CKR_ATTRIBUTE_READ_ONLY 0x00000010 863 +#define CKR_ATTRIBUTE_SENSITIVE 0x00000011 864 +#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 865 +#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 866 +#define CKR_DATA_INVALID 0x00000020 867 +#define CKR_DATA_LEN_RANGE 0x00000021 868 +#define CKR_DEVICE_ERROR 0x00000030 869 +#define CKR_DEVICE_MEMORY 0x00000031 870 +#define CKR_DEVICE_REMOVED 0x00000032 871 +#define CKR_ENCRYPTED_DATA_INVALID 0x00000040 872 +#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 873 +#define CKR_FUNCTION_CANCELED 0x00000050 874 +#define CKR_FUNCTION_NOT_PARALLEL 0x00000051 875 + 876 +/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ 877 +#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 878 + 879 +#define CKR_KEY_HANDLE_INVALID 0x00000060 880 + 881 +/* CKR_KEY_SENSITIVE was removed for v2.0 */ 882 + 883 +#define CKR_KEY_SIZE_RANGE 0x00000062 884 +#define CKR_KEY_TYPE_INCONSISTENT 0x00000063 885 + 886 +/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, 887 + * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, 888 + * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for 889 + * v2.0 */ 890 +#define CKR_KEY_NOT_NEEDED 0x00000064 891 +#define CKR_KEY_CHANGED 0x00000065 892 +#define CKR_KEY_NEEDED 0x00000066 893 +#define CKR_KEY_INDIGESTIBLE 0x00000067 894 +#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 895 +#define CKR_KEY_NOT_WRAPPABLE 0x00000069 896 +#define CKR_KEY_UNEXTRACTABLE 0x0000006A 897 + 898 +#define CKR_MECHANISM_INVALID 0x00000070 899 +#define CKR_MECHANISM_PARAM_INVALID 0x00000071 900 + 901 +/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID 902 + * were removed for v2.0 */ 903 +#define CKR_OBJECT_HANDLE_INVALID 0x00000082 904 +#define CKR_OPERATION_ACTIVE 0x00000090 905 +#define CKR_OPERATION_NOT_INITIALIZED 0x00000091 906 +#define CKR_PIN_INCORRECT 0x000000A0 907 +#define CKR_PIN_INVALID 0x000000A1 908 +#define CKR_PIN_LEN_RANGE 0x000000A2 909 + 910 +/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ 911 +#define CKR_PIN_EXPIRED 0x000000A3 912 +#define CKR_PIN_LOCKED 0x000000A4 913 + 914 +#define CKR_SESSION_CLOSED 0x000000B0 915 +#define CKR_SESSION_COUNT 0x000000B1 916 +#define CKR_SESSION_HANDLE_INVALID 0x000000B3 917 +#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 918 +#define CKR_SESSION_READ_ONLY 0x000000B5 919 +#define CKR_SESSION_EXISTS 0x000000B6 920 + 921 +/* CKR_SESSION_READ_ONLY_EXISTS and 922 + * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ 923 +#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 924 +#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 925 + 926 +#define CKR_SIGNATURE_INVALID 0x000000C0 927 +#define CKR_SIGNATURE_LEN_RANGE 0x000000C1 928 +#define CKR_TEMPLATE_INCOMPLETE 0x000000D0 929 +#define CKR_TEMPLATE_INCONSISTENT 0x000000D1 930 +#define CKR_TOKEN_NOT_PRESENT 0x000000E0 931 +#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 932 +#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 933 +#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 934 +#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 935 +#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 936 +#define CKR_USER_ALREADY_LOGGED_IN 0x00000100 937 +#define CKR_USER_NOT_LOGGED_IN 0x00000101 938 +#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 939 +#define CKR_USER_TYPE_INVALID 0x00000103 940 + 941 +/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES 942 + * are new to v2.01 */ 943 +#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 944 +#define CKR_USER_TOO_MANY_TYPES 0x00000105 945 + 946 +#define CKR_WRAPPED_KEY_INVALID 0x00000110 947 +#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 948 +#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 949 +#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 950 +#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 951 +#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 952 + 953 +/* These are new to v2.0 */ 954 +#define CKR_RANDOM_NO_RNG 0x00000121 955 + 956 +/* These are new to v2.11 */ 957 +#define CKR_DOMAIN_PARAMS_INVALID 0x00000130 958 + 959 +/* These are new to v2.0 */ 960 +#define CKR_BUFFER_TOO_SMALL 0x00000150 961 +#define CKR_SAVED_STATE_INVALID 0x00000160 962 +#define CKR_INFORMATION_SENSITIVE 0x00000170 963 +#define CKR_STATE_UNSAVEABLE 0x00000180 964 + 965 +/* These are new to v2.01 */ 966 +#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 967 +#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 968 +#define CKR_MUTEX_BAD 0x000001A0 969 +#define CKR_MUTEX_NOT_LOCKED 0x000001A1 970 + 971 +#define CKR_VENDOR_DEFINED 0x80000000 972 + 973 + 974 +/* CK_NOTIFY is an application callback that processes events */ 975 +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( 976 + CK_SESSION_HANDLE hSession, /* the session's handle */ 977 + CK_NOTIFICATION event, 978 + CK_VOID_PTR pApplication /* passed to C_OpenSession */ 979 +); 980 + 981 + 982 +/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec 983 + * version and pointers of appropriate types to all the 984 + * Cryptoki functions */ 985 +/* CK_FUNCTION_LIST is new for v2.0 */ 986 +typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 987 + 988 +typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; 989 + 990 +typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; 991 + 992 + 993 +/* CK_CREATEMUTEX is an application callback for creating a 994 + * mutex object */ 995 +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( 996 + CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ 997 +); 998 + 999 + 1000 +/* CK_DESTROYMUTEX is an application callback for destroying a 1001 + * mutex object */ 1002 +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( 1003 + CK_VOID_PTR pMutex /* pointer to mutex */ 1004 +); 1005 + 1006 + 1007 +/* CK_LOCKMUTEX is an application callback for locking a mutex */ 1008 +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( 1009 + CK_VOID_PTR pMutex /* pointer to mutex */ 1010 +); 1011 + 1012 + 1013 +/* CK_UNLOCKMUTEX is an application callback for unlocking a 1014 + * mutex */ 1015 +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( 1016 + CK_VOID_PTR pMutex /* pointer to mutex */ 1017 +); 1018 + 1019 + 1020 +/* CK_C_INITIALIZE_ARGS provides the optional arguments to 1021 + * C_Initialize */ 1022 +typedef struct CK_C_INITIALIZE_ARGS { 1023 + CK_CREATEMUTEX CreateMutex; 1024 + CK_DESTROYMUTEX DestroyMutex; 1025 + CK_LOCKMUTEX LockMutex; 1026 + CK_UNLOCKMUTEX UnlockMutex; 1027 + CK_FLAGS flags; 1028 + CK_VOID_PTR LibraryParameters; 1029 + CK_VOID_PTR pReserved; 1030 +} CK_C_INITIALIZE_ARGS; 1031 + 1032 +/* flags: bit flags that provide capabilities of the slot 1033 + * Bit Flag Mask Meaning 1034 + */ 1035 +#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 1036 +#define CKF_OS_LOCKING_OK 0x00000002 1037 + 1038 +typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; 1039 + 1040 + 1041 +/* additional flags for parameters to functions */ 1042 + 1043 +/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ 1044 +#define CKF_DONT_BLOCK 1 1045 + 1046 +/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. 1047 + * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message 1048 + * Generation Function (MGF) applied to a message block when 1049 + * formatting a message block for the PKCS #1 OAEP encryption 1050 + * scheme. */ 1051 +typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 1052 + 1053 +typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; 1054 + 1055 +/* The following MGFs are defined */ 1056 +#define CKG_MGF1_SHA1 0x00000001 1057 + 1058 +/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. 1059 + * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source 1060 + * of the encoding parameter when formatting a message block 1061 + * for the PKCS #1 OAEP encryption scheme. */ 1062 +typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 1063 + 1064 +typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; 1065 + 1066 +/* The following encoding parameter sources are defined */ 1067 +#define CKZ_DATA_SPECIFIED 0x00000001 1068 + 1069 +/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. 1070 + * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the 1071 + * CKM_RSA_PKCS_OAEP mechanism. */ 1072 +typedef struct CK_RSA_PKCS_OAEP_PARAMS { 1073 + CK_MECHANISM_TYPE hashAlg; 1074 + CK_RSA_PKCS_MGF_TYPE mgf; 1075 + CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 1076 + CK_VOID_PTR pSourceData; 1077 + CK_ULONG ulSourceDataLen; 1078 +} CK_RSA_PKCS_OAEP_PARAMS; 1079 + 1080 +typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; 1081 + 1082 +/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. 1083 + * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the 1084 + * CKM_RSA_PKCS_PSS mechanism(s). */ 1085 +typedef struct CK_RSA_PKCS_PSS_PARAMS { 1086 + CK_MECHANISM_TYPE hashAlg; 1087 + CK_RSA_PKCS_MGF_TYPE mgf; 1088 + CK_ULONG sLen; 1089 +} CK_RSA_PKCS_PSS_PARAMS; 1090 + 1091 +/* CK_KEA_DERIVE_PARAMS provides the parameters to the 1092 + * CKM_KEA_DERIVE mechanism */ 1093 +/* CK_KEA_DERIVE_PARAMS is new for v2.0 */ 1094 +typedef struct CK_KEA_DERIVE_PARAMS { 1095 + CK_BBOOL isSender; 1096 + CK_ULONG ulRandomLen; 1097 + CK_BYTE_PTR pRandomA; 1098 + CK_BYTE_PTR pRandomB; 1099 + CK_ULONG ulPublicDataLen; 1100 + CK_BYTE_PTR pPublicData; 1101 +} CK_KEA_DERIVE_PARAMS; 1102 + 1103 +typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; 1104 + 1105 + 1106 +/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and 1107 + * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just 1108 + * holds the effective keysize */ 1109 +typedef CK_ULONG CK_RC2_PARAMS; 1110 + 1111 +typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; 1112 + 1113 + 1114 +/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC 1115 + * mechanism */ 1116 +typedef struct CK_RC2_CBC_PARAMS { 1117 + /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for 1118 + * v2.0 */ 1119 + CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 1120 + 1121 + CK_BYTE iv[8]; /* IV for CBC mode */ 1122 +} CK_RC2_CBC_PARAMS; 1123 + 1124 +typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; 1125 + 1126 + 1127 +/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the 1128 + * CKM_RC2_MAC_GENERAL mechanism */ 1129 +/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ 1130 +typedef struct CK_RC2_MAC_GENERAL_PARAMS { 1131 + CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 1132 + CK_ULONG ulMacLength; /* Length of MAC in bytes */ 1133 +} CK_RC2_MAC_GENERAL_PARAMS; 1134 + 1135 +typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ 1136 + CK_RC2_MAC_GENERAL_PARAMS_PTR; 1137 + 1138 + 1139 +/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and 1140 + * CKM_RC5_MAC mechanisms */ 1141 +/* CK_RC5_PARAMS is new for v2.0 */ 1142 +typedef struct CK_RC5_PARAMS { 1143 + CK_ULONG ulWordsize; /* wordsize in bits */ 1144 + CK_ULONG ulRounds; /* number of rounds */ 1145 +} CK_RC5_PARAMS; 1146 + 1147 +typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; 1148 + 1149 + 1150 +/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC 1151 + * mechanism */ 1152 +/* CK_RC5_CBC_PARAMS is new for v2.0 */ 1153 +typedef struct CK_RC5_CBC_PARAMS { 1154 + CK_ULONG ulWordsize; /* wordsize in bits */ 1155 + CK_ULONG ulRounds; /* number of rounds */ 1156 + CK_BYTE_PTR pIv; /* pointer to IV */ 1157 + CK_ULONG ulIvLen; /* length of IV in bytes */ 1158 +} CK_RC5_CBC_PARAMS; 1159 + 1160 +typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; 1161 + 1162 + 1163 +/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the 1164 + * CKM_RC5_MAC_GENERAL mechanism */ 1165 +/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ 1166 +typedef struct CK_RC5_MAC_GENERAL_PARAMS { 1167 + CK_ULONG ulWordsize; /* wordsize in bits */ 1168 + CK_ULONG ulRounds; /* number of rounds */ 1169 + CK_ULONG ulMacLength; /* Length of MAC in bytes */ 1170 +} CK_RC5_MAC_GENERAL_PARAMS; 1171 + 1172 +typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ 1173 + CK_RC5_MAC_GENERAL_PARAMS_PTR; 1174 + 1175 + 1176 +/* CK_MAC_GENERAL_PARAMS provides the parameters to most block 1177 + * ciphers' MAC_GENERAL mechanisms. Its value is the length of 1178 + * the MAC */ 1179 +/* CK_MAC_GENERAL_PARAMS is new for v2.0 */ 1180 +typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 1181 + 1182 +typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; 1183 + 1184 + 1185 +/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the 1186 + * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ 1187 +/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ 1188 +typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { 1189 + CK_ULONG ulPasswordLen; 1190 + CK_BYTE_PTR pPassword; 1191 + CK_ULONG ulPublicDataLen; 1192 + CK_BYTE_PTR pPublicData; 1193 + CK_ULONG ulPAndGLen; 1194 + CK_ULONG ulQLen; 1195 + CK_ULONG ulRandomLen; 1196 + CK_BYTE_PTR pRandomA; 1197 + CK_BYTE_PTR pPrimeP; 1198 + CK_BYTE_PTR pBaseG; 1199 + CK_BYTE_PTR pSubprimeQ; 1200 +} CK_SKIPJACK_PRIVATE_WRAP_PARAMS; 1201 + 1202 +typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ 1203 + CK_SKIPJACK_PRIVATE_WRAP_PTR; 1204 + 1205 + 1206 +/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the 1207 + * CKM_SKIPJACK_RELAYX mechanism */ 1208 +/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ 1209 +typedef struct CK_SKIPJACK_RELAYX_PARAMS { 1210 + CK_ULONG ulOldWrappedXLen; 1211 + CK_BYTE_PTR pOldWrappedX; 1212 + CK_ULONG ulOldPasswordLen; 1213 + CK_BYTE_PTR pOldPassword; 1214 + CK_ULONG ulOldPublicDataLen; 1215 + CK_BYTE_PTR pOldPublicData; 1216 + CK_ULONG ulOldRandomLen; 1217 + CK_BYTE_PTR pOldRandomA; 1218 + CK_ULONG ulNewPasswordLen; 1219 + CK_BYTE_PTR pNewPassword; 1220 + CK_ULONG ulNewPublicDataLen; 1221 + CK_BYTE_PTR pNewPublicData; 1222 + CK_ULONG ulNewRandomLen; 1223 + CK_BYTE_PTR pNewRandomA; 1224 +} CK_SKIPJACK_RELAYX_PARAMS; 1225 + 1226 +typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ 1227 + CK_SKIPJACK_RELAYX_PARAMS_PTR; 1228 + 1229 + 1230 +typedef struct CK_PBE_PARAMS { 1231 + CK_BYTE_PTR pInitVector; 1232 + CK_UTF8CHAR_PTR pPassword; 1233 + CK_ULONG ulPasswordLen; 1234 + CK_BYTE_PTR pSalt; 1235 + CK_ULONG ulSaltLen; 1236 + CK_ULONG ulIteration; 1237 +} CK_PBE_PARAMS; 1238 + 1239 +typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; 1240 + 1241 + 1242 +/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the 1243 + * CKM_KEY_WRAP_SET_OAEP mechanism */ 1244 +/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ 1245 +typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { 1246 + CK_BYTE bBC; /* block contents byte */ 1247 + CK_BYTE_PTR pX; /* extra data */ 1248 + CK_ULONG ulXLen; /* length of extra data in bytes */ 1249 +} CK_KEY_WRAP_SET_OAEP_PARAMS; 1250 + 1251 +typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \ 1252 + CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; 1253 + 1254 + 1255 +typedef struct CK_SSL3_RANDOM_DATA { 1256 + CK_BYTE_PTR pClientRandom; 1257 + CK_ULONG ulClientRandomLen; 1258 + CK_BYTE_PTR pServerRandom; 1259 + CK_ULONG ulServerRandomLen; 1260 +} CK_SSL3_RANDOM_DATA; 1261 + 1262 + 1263 +typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { 1264 + CK_SSL3_RANDOM_DATA RandomInfo; 1265 + CK_VERSION_PTR pVersion; 1266 +} CK_SSL3_MASTER_KEY_DERIVE_PARAMS; 1267 + 1268 +typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ 1269 + CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; 1270 + 1271 + 1272 +typedef struct CK_SSL3_KEY_MAT_OUT { 1273 + CK_OBJECT_HANDLE hClientMacSecret; 1274 + CK_OBJECT_HANDLE hServerMacSecret; 1275 + CK_OBJECT_HANDLE hClientKey; 1276 + CK_OBJECT_HANDLE hServerKey; 1277 + CK_BYTE_PTR pIVClient; 1278 + CK_BYTE_PTR pIVServer; 1279 +} CK_SSL3_KEY_MAT_OUT; 1280 + 1281 +typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; 1282 + 1283 + 1284 +typedef struct CK_SSL3_KEY_MAT_PARAMS { 1285 + CK_ULONG ulMacSizeInBits; 1286 + CK_ULONG ulKeySizeInBits; 1287 + CK_ULONG ulIVSizeInBits; 1288 + CK_BBOOL bIsExport; 1289 + CK_SSL3_RANDOM_DATA RandomInfo; 1290 + CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 1291 +} CK_SSL3_KEY_MAT_PARAMS; 1292 + 1293 +typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; 1294 + 1295 + 1296 +typedef struct CK_KEY_DERIVATION_STRING_DATA { 1297 + CK_BYTE_PTR pData; 1298 + CK_ULONG ulLen; 1299 +} CK_KEY_DERIVATION_STRING_DATA; 1300 + 1301 +typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ 1302 + CK_KEY_DERIVATION_STRING_DATA_PTR; 1303 + 1304 + 1305 +/* The CK_EXTRACT_PARAMS is used for the 1306 + * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit 1307 + * of the base key should be used as the first bit of the 1308 + * derived key */ 1309 +/* CK_EXTRACT_PARAMS is new for v2.0 */ 1310 +typedef CK_ULONG CK_EXTRACT_PARAMS; 1311 + 1312 +typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; 1313 + 1314 +/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. 1315 + * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to 1316 + * indicate the Pseudo-Random Function (PRF) used to generate 1317 + * key bits using PKCS #5 PBKDF2. */ 1318 +typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; 1319 + 1320 +typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; 1321 + 1322 +/* The following PRFs are defined in PKCS #5 v2.0. */ 1323 +#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 1324 + 1325 + 1326 +/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. 1327 + * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the 1328 + * source of the salt value when deriving a key using PKCS #5 1329 + * PBKDF2. */ 1330 +typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; 1331 + 1332 +typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; 1333 + 1334 +/* The following salt value sources are defined in PKCS #5 v2.0. */ 1335 +#define CKZ_SALT_SPECIFIED 0x00000001 1336 + 1337 +/* CK_PKCS5_PBKD2_PARAMS is new for v2.10. 1338 + * CK_PKCS5_PBKD2_PARAMS is a structure that provides the 1339 + * parameters to the CKM_PKCS5_PBKD2 mechanism. */ 1340 +typedef struct CK_PKCS5_PBKD2_PARAMS { 1341 + CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; 1342 + CK_VOID_PTR pSaltSourceData; 1343 + CK_ULONG ulSaltSourceDataLen; 1344 + CK_ULONG iterations; 1345 + CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; 1346 + CK_VOID_PTR pPrfData; 1347 + CK_ULONG ulPrfDataLen; 1348 + CK_UTF8CHAR_PTR pPassword; 1349 + CK_ULONG_PTR ulPasswordLen; 1350 +} CK_PKCS5_PBKD2_PARAMS; 1351 + 1352 +typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; 1353 + 1354 +#endif