OpenDNSSEC-libhsm 2.1.13
pkcs11.h
Go to the documentation of this file.
1/* pkcs11.h
2 Copyright 2006, 2007 g10 Code GmbH
3 Copyright 2006 Andreas Jellinghaus
4
5 This file is free software; as a special exception the author gives
6 unlimited permission to copy and/or distribute it, with or without
7 modifications, as long as this notice is preserved.
8
9 This file is distributed in the hope that it will be useful, but
10 WITHOUT ANY WARRANTY, to the extent permitted by law; without even
11 the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
12 PURPOSE. */
13
14/* Please submit changes back to the Scute project at
15 http://www.scute.org/ (or send them to marcus@g10code.com), so that
16 they can be picked up by other projects from there as well. */
17
18/* This file is a modified implementation of the PKCS #11 standard by
19 RSA Security Inc. It is mostly a drop-in replacement, with the
20 following change:
21
22 This header file does not require any macro definitions by the user
23 (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros
24 for you (if useful, some are missing, let me know if you need
25 more).
26
27 There is an additional API available that does comply better to the
28 GNU coding standard. It can be switched on by defining
29 CRYPTOKI_GNU before including this header file. For this, the
30 following changes are made to the specification:
31
32 All structure types are changed to a "struct ck_foo" where CK_FOO
33 is the type name in PKCS #11.
34
35 All non-structure types are changed to ck_foo_t where CK_FOO is the
36 lowercase version of the type name in PKCS #11. The basic types
37 (CK_ULONG et al.) are removed without substitute.
38
39 All members of structures are modified in the following way: Type
40 indication prefixes are removed, and underscore characters are
41 inserted before words. Then the result is lowercased.
42
43 Note that function names are still in the original case, as they
44 need for ABI compatibility.
45
46 CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use
47 <stdbool.h>.
48
49 If CRYPTOKI_COMPAT is defined before including this header file,
50 then none of the API changes above take place, and the API is the
51 one defined by the PKCS #11 standard. */
52
53#ifndef PKCS11_H
54#define PKCS11_H 1
55
56#if defined(__cplusplus)
57extern "C" {
58#endif
59
60
61/* The version of cryptoki we implement. The revision is changed with
62 each modification of this file. If you do not use the "official"
63 version of this file, please consider deleting the revision macro
64 (you may use a macro with a different name to keep track of your
65 versions). */
66#define CRYPTOKI_VERSION_MAJOR 2
67#define CRYPTOKI_VERSION_MINOR 20
68#define CRYPTOKI_VERSION_REVISION 6
69
70
71/* Compatibility interface is default, unless CRYPTOKI_GNU is
72 given. */
73#ifndef CRYPTOKI_GNU
74#ifndef CRYPTOKI_COMPAT
75#define CRYPTOKI_COMPAT 1
76#endif
77#endif
78
79/* System dependencies. */
80
81#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
82
83/* There is a matching pop below. */
84#pragma pack(push, cryptoki, 1)
85
86#ifdef CRYPTOKI_EXPORTS
87#define CK_SPEC __declspec(dllexport)
88#else
89#define CK_SPEC __declspec(dllimport)
90#endif
91
92#else
93
94#define CK_SPEC
95
96#endif
97
98
99#ifdef CRYPTOKI_COMPAT
100 /* If we are in compatibility mode, switch all exposed names to the
101 PKCS #11 variant. There are corresponding #undefs below. */
102
103#define ck_flags_t CK_FLAGS
104#define ck_version _CK_VERSION
105
106#define ck_info _CK_INFO
107#define cryptoki_version cryptokiVersion
108#define manufacturer_id manufacturerID
109#define library_description libraryDescription
110#define library_version libraryVersion
111
112#define ck_notification_t CK_NOTIFICATION
113#define ck_slot_id_t CK_SLOT_ID
114
115#define ck_slot_info _CK_SLOT_INFO
116#define slot_description slotDescription
117#define hardware_version hardwareVersion
118#define firmware_version firmwareVersion
119
120#define ck_token_info _CK_TOKEN_INFO
121#define serial_number serialNumber
122#define max_session_count ulMaxSessionCount
123#define session_count ulSessionCount
124#define max_rw_session_count ulMaxRwSessionCount
125#define rw_session_count ulRwSessionCount
126#define max_pin_len ulMaxPinLen
127#define min_pin_len ulMinPinLen
128#define total_public_memory ulTotalPublicMemory
129#define free_public_memory ulFreePublicMemory
130#define total_private_memory ulTotalPrivateMemory
131#define free_private_memory ulFreePrivateMemory
132#define utc_time utcTime
133
134#define ck_session_handle_t CK_SESSION_HANDLE
135#define ck_user_type_t CK_USER_TYPE
136#define ck_state_t CK_STATE
137
138#define ck_session_info _CK_SESSION_INFO
139#define slot_id slotID
140#define device_error ulDeviceError
141
142#define ck_object_handle_t CK_OBJECT_HANDLE
143#define ck_object_class_t CK_OBJECT_CLASS
144#define ck_hw_feature_type_t CK_HW_FEATURE_TYPE
145#define ck_key_type_t CK_KEY_TYPE
146#define ck_certificate_type_t CK_CERTIFICATE_TYPE
147#define ck_attribute_type_t CK_ATTRIBUTE_TYPE
148
149#define ck_attribute _CK_ATTRIBUTE
150#define value pValue
151#define value_len ulValueLen
152
153#define ck_date _CK_DATE
154
155#define ck_mechanism_type_t CK_MECHANISM_TYPE
156
157#define ck_mechanism _CK_MECHANISM
158#define parameter pParameter
159#define parameter_len ulParameterLen
160
161#define ck_mechanism_info _CK_MECHANISM_INFO
162#define min_key_size ulMinKeySize
163#define max_key_size ulMaxKeySize
164
165#define ck_rv_t CK_RV
166#define ck_notify_t CK_NOTIFY
167
168#define ck_function_list _CK_FUNCTION_LIST
169
170#define ck_createmutex_t CK_CREATEMUTEX
171#define ck_destroymutex_t CK_DESTROYMUTEX
172#define ck_lockmutex_t CK_LOCKMUTEX
173#define ck_unlockmutex_t CK_UNLOCKMUTEX
174
175#define ck_c_initialize_args _CK_C_INITIALIZE_ARGS
176#define create_mutex CreateMutex
177#define destroy_mutex DestroyMutex
178#define lock_mutex LockMutex
179#define unlock_mutex UnlockMutex
180#define reserved pReserved
181
182#endif /* CRYPTOKI_COMPAT */
183
184
185
186typedef unsigned long ck_flags_t;
187
189{
190 unsigned char major;
191 unsigned char minor;
192};
193
194
203
204
205typedef unsigned long ck_notification_t;
206
207#define CKN_SURRENDER (0)
208
209
210typedef unsigned long ck_slot_id_t;
211
212
221
222
223#define CKF_TOKEN_PRESENT (1 << 0)
224#define CKF_REMOVABLE_DEVICE (1 << 1)
225#define CKF_HW_SLOT (1 << 2)
226#define CKF_ARRAY_ATTRIBUTE (1 << 30)
227
228
230{
231 unsigned char label[32];
232 unsigned char manufacturer_id[32];
233 unsigned char model[16];
234 unsigned char serial_number[16];
236 unsigned long max_session_count;
237 unsigned long session_count;
238 unsigned long max_rw_session_count;
239 unsigned long rw_session_count;
240 unsigned long max_pin_len;
241 unsigned long min_pin_len;
242 unsigned long total_public_memory;
243 unsigned long free_public_memory;
244 unsigned long total_private_memory;
245 unsigned long free_private_memory;
248 unsigned char utc_time[16];
249};
250
251
252#define CKF_RNG (1 << 0)
253#define CKF_WRITE_PROTECTED (1 << 1)
254#define CKF_LOGIN_REQUIRED (1 << 2)
255#define CKF_USER_PIN_INITIALIZED (1 << 3)
256#define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5)
257#define CKF_CLOCK_ON_TOKEN (1 << 6)
258#define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8)
259#define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9)
260#define CKF_TOKEN_INITIALIZED (1 << 10)
261#define CKF_SECONDARY_AUTHENTICATION (1 << 11)
262#define CKF_USER_PIN_COUNT_LOW (1 << 16)
263#define CKF_USER_PIN_FINAL_TRY (1 << 17)
264#define CKF_USER_PIN_LOCKED (1 << 18)
265#define CKF_USER_PIN_TO_BE_CHANGED (1 << 19)
266#define CKF_SO_PIN_COUNT_LOW (1 << 20)
267#define CKF_SO_PIN_FINAL_TRY (1 << 21)
268#define CKF_SO_PIN_LOCKED (1 << 22)
269#define CKF_SO_PIN_TO_BE_CHANGED (1 << 23)
270
271#define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1)
272#define CK_EFFECTIVELY_INFINITE (0)
273
274
275typedef unsigned long ck_session_handle_t;
276
277#define CK_INVALID_HANDLE (0)
278
279
280typedef unsigned long ck_user_type_t;
281
282#define CKU_SO (0)
283#define CKU_USER (1)
284#define CKU_CONTEXT_SPECIFIC (2)
285
286
287typedef unsigned long ck_state_t;
288
289#define CKS_RO_PUBLIC_SESSION (0)
290#define CKS_RO_USER_FUNCTIONS (1)
291#define CKS_RW_PUBLIC_SESSION (2)
292#define CKS_RW_USER_FUNCTIONS (3)
293#define CKS_RW_SO_FUNCTIONS (4)
294
295
303
304#define CKF_RW_SESSION (1 << 1)
305#define CKF_SERIAL_SESSION (1 << 2)
306
307
308typedef unsigned long ck_object_handle_t;
309
310
311typedef unsigned long ck_object_class_t;
312
313#define CKO_DATA (0)
314#define CKO_CERTIFICATE (1)
315#define CKO_PUBLIC_KEY (2)
316#define CKO_PRIVATE_KEY (3)
317#define CKO_SECRET_KEY (4)
318#define CKO_HW_FEATURE (5)
319#define CKO_DOMAIN_PARAMETERS (6)
320#define CKO_MECHANISM (7)
321#define CKO_VENDOR_DEFINED ((unsigned long) (1 << 31))
322
323
324typedef unsigned long ck_hw_feature_type_t;
325
326#define CKH_MONOTONIC_COUNTER (1)
327#define CKH_CLOCK (2)
328#define CKH_USER_INTERFACE (3)
329#define CKH_VENDOR_DEFINED ((unsigned long) (1 << 31))
330
331
332typedef unsigned long ck_key_type_t;
333
334#define CKK_RSA (0)
335#define CKK_DSA (1)
336#define CKK_DH (2)
337#define CKK_ECDSA (3)
338#define CKK_EC (3)
339#define CKK_X9_42_DH (4)
340#define CKK_KEA (5)
341#define CKK_GENERIC_SECRET (0x10)
342#define CKK_RC2 (0x11)
343#define CKK_RC4 (0x12)
344#define CKK_DES (0x13)
345#define CKK_DES2 (0x14)
346#define CKK_DES3 (0x15)
347#define CKK_CAST (0x16)
348#define CKK_CAST3 (0x17)
349#define CKK_CAST128 (0x18)
350#define CKK_RC5 (0x19)
351#define CKK_IDEA (0x1a)
352#define CKK_SKIPJACK (0x1b)
353#define CKK_BATON (0x1c)
354#define CKK_JUNIPER (0x1d)
355#define CKK_CDMF (0x1e)
356#define CKK_AES (0x1f)
357#define CKK_BLOWFISH (0x20)
358#define CKK_TWOFISH (0x21)
359#define CKK_GOSTR3410 (0x30) /* From PKCS#11 v2.30 - draft 7 */
360#define CKK_EC_EDWARDS (0x40)
361#define CKK_VENDOR_DEFINED ((unsigned long) (1 << 31))
362
363
364typedef unsigned long ck_certificate_type_t;
365
366#define CKC_X_509 (0)
367#define CKC_X_509_ATTR_CERT (1)
368#define CKC_WTLS (2)
369#define CKC_VENDOR_DEFINED ((unsigned long) (1 << 31))
370
371
372typedef unsigned long ck_attribute_type_t;
373
374#define CKA_CLASS (0)
375#define CKA_TOKEN (1)
376#define CKA_PRIVATE (2)
377#define CKA_LABEL (3)
378#define CKA_APPLICATION (0x10)
379#define CKA_VALUE (0x11)
380#define CKA_OBJECT_ID (0x12)
381#define CKA_CERTIFICATE_TYPE (0x80)
382#define CKA_ISSUER (0x81)
383#define CKA_SERIAL_NUMBER (0x82)
384#define CKA_AC_ISSUER (0x83)
385#define CKA_OWNER (0x84)
386#define CKA_ATTR_TYPES (0x85)
387#define CKA_TRUSTED (0x86)
388#define CKA_CERTIFICATE_CATEGORY (0x87)
389#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88)
390#define CKA_URL (0x89)
391#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8a)
392#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8b)
393#define CKA_CHECK_VALUE (0x90)
394#define CKA_KEY_TYPE (0x100)
395#define CKA_SUBJECT (0x101)
396#define CKA_ID (0x102)
397#define CKA_SENSITIVE (0x103)
398#define CKA_ENCRYPT (0x104)
399#define CKA_DECRYPT (0x105)
400#define CKA_WRAP (0x106)
401#define CKA_UNWRAP (0x107)
402#define CKA_SIGN (0x108)
403#define CKA_SIGN_RECOVER (0x109)
404#define CKA_VERIFY (0x10a)
405#define CKA_VERIFY_RECOVER (0x10b)
406#define CKA_DERIVE (0x10c)
407#define CKA_START_DATE (0x110)
408#define CKA_END_DATE (0x111)
409#define CKA_MODULUS (0x120)
410#define CKA_MODULUS_BITS (0x121)
411#define CKA_PUBLIC_EXPONENT (0x122)
412#define CKA_PRIVATE_EXPONENT (0x123)
413#define CKA_PRIME_1 (0x124)
414#define CKA_PRIME_2 (0x125)
415#define CKA_EXPONENT_1 (0x126)
416#define CKA_EXPONENT_2 (0x127)
417#define CKA_COEFFICIENT (0x128)
418#define CKA_PRIME (0x130)
419#define CKA_SUBPRIME (0x131)
420#define CKA_BASE (0x132)
421#define CKA_PRIME_BITS (0x133)
422#define CKA_SUB_PRIME_BITS (0x134)
423#define CKA_VALUE_BITS (0x160)
424#define CKA_VALUE_LEN (0x161)
425#define CKA_EXTRACTABLE (0x162)
426#define CKA_LOCAL (0x163)
427#define CKA_NEVER_EXTRACTABLE (0x164)
428#define CKA_ALWAYS_SENSITIVE (0x165)
429#define CKA_KEY_GEN_MECHANISM (0x166)
430#define CKA_MODIFIABLE (0x170)
431#define CKA_ECDSA_PARAMS (0x180)
432#define CKA_EC_PARAMS (0x180)
433#define CKA_EC_POINT (0x181)
434#define CKA_SECONDARY_AUTH (0x200)
435#define CKA_AUTH_PIN_FLAGS (0x201)
436#define CKA_ALWAYS_AUTHENTICATE (0x202)
437#define CKA_WRAP_WITH_TRUSTED (0x210)
438#define CKA_GOSTR3410PARAMS (0x250) /* From PKCS#11 v2.30 - draft 7 */
439#define CKA_GOSTR3411PARAMS (0x251) /* From PKCS#11 v2.30 - draft 7 */
440#define CKA_HW_FEATURE_TYPE (0x300)
441#define CKA_RESET_ON_INIT (0x301)
442#define CKA_HAS_RESET (0x302)
443#define CKA_PIXEL_X (0x400)
444#define CKA_PIXEL_Y (0x401)
445#define CKA_RESOLUTION (0x402)
446#define CKA_CHAR_ROWS (0x403)
447#define CKA_CHAR_COLUMNS (0x404)
448#define CKA_COLOR (0x405)
449#define CKA_BITS_PER_PIXEL (0x406)
450#define CKA_CHAR_SETS (0x480)
451#define CKA_ENCODING_METHODS (0x481)
452#define CKA_MIME_TYPES (0x482)
453#define CKA_MECHANISM_TYPE (0x500)
454#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501)
455#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502)
456#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503)
457#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211)
458#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212)
459#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600)
460#define CKA_VENDOR_DEFINED ((unsigned long) (1 << 31))
461
462
464{
466 void *value;
467 unsigned long value_len;
468};
469
470
472{
473 unsigned char year[4];
474 unsigned char month[2];
475 unsigned char day[2];
476};
477
478
479typedef unsigned long ck_mechanism_type_t;
480
481#define CKM_RSA_PKCS_KEY_PAIR_GEN (0)
482#define CKM_RSA_PKCS (1)
483#define CKM_RSA_9796 (2)
484#define CKM_RSA_X_509 (3)
485#define CKM_MD2_RSA_PKCS (4)
486#define CKM_MD5_RSA_PKCS (5)
487#define CKM_SHA1_RSA_PKCS (6)
488#define CKM_RIPEMD128_RSA_PKCS (7)
489#define CKM_RIPEMD160_RSA_PKCS (8)
490#define CKM_RSA_PKCS_OAEP (9)
491#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa)
492#define CKM_RSA_X9_31 (0xb)
493#define CKM_SHA1_RSA_X9_31 (0xc)
494#define CKM_RSA_PKCS_PSS (0xd)
495#define CKM_SHA1_RSA_PKCS_PSS (0xe)
496#define CKM_DSA_KEY_PAIR_GEN (0x10)
497#define CKM_DSA (0x11)
498#define CKM_DSA_SHA1 (0x12)
499#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20)
500#define CKM_DH_PKCS_DERIVE (0x21)
501#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30)
502#define CKM_X9_42_DH_DERIVE (0x31)
503#define CKM_X9_42_DH_HYBRID_DERIVE (0x32)
504#define CKM_X9_42_MQV_DERIVE (0x33)
505#define CKM_SHA256_RSA_PKCS (0x40)
506#define CKM_SHA384_RSA_PKCS (0x41)
507#define CKM_SHA512_RSA_PKCS (0x42)
508#define CKM_SHA256_RSA_PKCS_PSS (0x43)
509#define CKM_SHA384_RSA_PKCS_PSS (0x44)
510#define CKM_SHA512_RSA_PKCS_PSS (0x45)
511#define CKM_RC2_KEY_GEN (0x100)
512#define CKM_RC2_ECB (0x101)
513#define CKM_RC2_CBC (0x102)
514#define CKM_RC2_MAC (0x103)
515#define CKM_RC2_MAC_GENERAL (0x104)
516#define CKM_RC2_CBC_PAD (0x105)
517#define CKM_RC4_KEY_GEN (0x110)
518#define CKM_RC4 (0x111)
519#define CKM_DES_KEY_GEN (0x120)
520#define CKM_DES_ECB (0x121)
521#define CKM_DES_CBC (0x122)
522#define CKM_DES_MAC (0x123)
523#define CKM_DES_MAC_GENERAL (0x124)
524#define CKM_DES_CBC_PAD (0x125)
525#define CKM_DES2_KEY_GEN (0x130)
526#define CKM_DES3_KEY_GEN (0x131)
527#define CKM_DES3_ECB (0x132)
528#define CKM_DES3_CBC (0x133)
529#define CKM_DES3_MAC (0x134)
530#define CKM_DES3_MAC_GENERAL (0x135)
531#define CKM_DES3_CBC_PAD (0x136)
532#define CKM_CDMF_KEY_GEN (0x140)
533#define CKM_CDMF_ECB (0x141)
534#define CKM_CDMF_CBC (0x142)
535#define CKM_CDMF_MAC (0x143)
536#define CKM_CDMF_MAC_GENERAL (0x144)
537#define CKM_CDMF_CBC_PAD (0x145)
538#define CKM_MD2 (0x200)
539#define CKM_MD2_HMAC (0x201)
540#define CKM_MD2_HMAC_GENERAL (0x202)
541#define CKM_MD5 (0x210)
542#define CKM_MD5_HMAC (0x211)
543#define CKM_MD5_HMAC_GENERAL (0x212)
544#define CKM_SHA_1 (0x220)
545#define CKM_SHA_1_HMAC (0x221)
546#define CKM_SHA_1_HMAC_GENERAL (0x222)
547#define CKM_RIPEMD128 (0x230)
548#define CKM_RIPEMD128_HMAC (0x231)
549#define CKM_RIPEMD128_HMAC_GENERAL (0x232)
550#define CKM_RIPEMD160 (0x240)
551#define CKM_RIPEMD160_HMAC (0x241)
552#define CKM_RIPEMD160_HMAC_GENERAL (0x242)
553#define CKM_SHA256 (0x250)
554#define CKM_SHA256_HMAC (0x251)
555#define CKM_SHA256_HMAC_GENERAL (0x252)
556#define CKM_SHA384 (0x260)
557#define CKM_SHA384_HMAC (0x261)
558#define CKM_SHA384_HMAC_GENERAL (0x262)
559#define CKM_SHA512 (0x270)
560#define CKM_SHA512_HMAC (0x271)
561#define CKM_SHA512_HMAC_GENERAL (0x272)
562#define CKM_CAST_KEY_GEN (0x300)
563#define CKM_CAST_ECB (0x301)
564#define CKM_CAST_CBC (0x302)
565#define CKM_CAST_MAC (0x303)
566#define CKM_CAST_MAC_GENERAL (0x304)
567#define CKM_CAST_CBC_PAD (0x305)
568#define CKM_CAST3_KEY_GEN (0x310)
569#define CKM_CAST3_ECB (0x311)
570#define CKM_CAST3_CBC (0x312)
571#define CKM_CAST3_MAC (0x313)
572#define CKM_CAST3_MAC_GENERAL (0x314)
573#define CKM_CAST3_CBC_PAD (0x315)
574#define CKM_CAST5_KEY_GEN (0x320)
575#define CKM_CAST128_KEY_GEN (0x320)
576#define CKM_CAST5_ECB (0x321)
577#define CKM_CAST128_ECB (0x321)
578#define CKM_CAST5_CBC (0x322)
579#define CKM_CAST128_CBC (0x322)
580#define CKM_CAST5_MAC (0x323)
581#define CKM_CAST128_MAC (0x323)
582#define CKM_CAST5_MAC_GENERAL (0x324)
583#define CKM_CAST128_MAC_GENERAL (0x324)
584#define CKM_CAST5_CBC_PAD (0x325)
585#define CKM_CAST128_CBC_PAD (0x325)
586#define CKM_RC5_KEY_GEN (0x330)
587#define CKM_RC5_ECB (0x331)
588#define CKM_RC5_CBC (0x332)
589#define CKM_RC5_MAC (0x333)
590#define CKM_RC5_MAC_GENERAL (0x334)
591#define CKM_RC5_CBC_PAD (0x335)
592#define CKM_IDEA_KEY_GEN (0x340)
593#define CKM_IDEA_ECB (0x341)
594#define CKM_IDEA_CBC (0x342)
595#define CKM_IDEA_MAC (0x343)
596#define CKM_IDEA_MAC_GENERAL (0x344)
597#define CKM_IDEA_CBC_PAD (0x345)
598#define CKM_GENERIC_SECRET_KEY_GEN (0x350)
599#define CKM_CONCATENATE_BASE_AND_KEY (0x360)
600#define CKM_CONCATENATE_BASE_AND_DATA (0x362)
601#define CKM_CONCATENATE_DATA_AND_BASE (0x363)
602#define CKM_XOR_BASE_AND_DATA (0x364)
603#define CKM_EXTRACT_KEY_FROM_KEY (0x365)
604#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370)
605#define CKM_SSL3_MASTER_KEY_DERIVE (0x371)
606#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372)
607#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373)
608#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374)
609#define CKM_TLS_MASTER_KEY_DERIVE (0x375)
610#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376)
611#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377)
612#define CKM_SSL3_MD5_MAC (0x380)
613#define CKM_SSL3_SHA1_MAC (0x381)
614#define CKM_MD5_KEY_DERIVATION (0x390)
615#define CKM_MD2_KEY_DERIVATION (0x391)
616#define CKM_SHA1_KEY_DERIVATION (0x392)
617#define CKM_PBE_MD2_DES_CBC (0x3a0)
618#define CKM_PBE_MD5_DES_CBC (0x3a1)
619#define CKM_PBE_MD5_CAST_CBC (0x3a2)
620#define CKM_PBE_MD5_CAST3_CBC (0x3a3)
621#define CKM_PBE_MD5_CAST5_CBC (0x3a4)
622#define CKM_PBE_MD5_CAST128_CBC (0x3a4)
623#define CKM_PBE_SHA1_CAST5_CBC (0x3a5)
624#define CKM_PBE_SHA1_CAST128_CBC (0x3a5)
625#define CKM_PBE_SHA1_RC4_128 (0x3a6)
626#define CKM_PBE_SHA1_RC4_40 (0x3a7)
627#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8)
628#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9)
629#define CKM_PBE_SHA1_RC2_128_CBC (0x3aa)
630#define CKM_PBE_SHA1_RC2_40_CBC (0x3ab)
631#define CKM_PKCS5_PBKD2 (0x3b0)
632#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0)
633#define CKM_KEY_WRAP_LYNKS (0x400)
634#define CKM_KEY_WRAP_SET_OAEP (0x401)
635#define CKM_SKIPJACK_KEY_GEN (0x1000)
636#define CKM_SKIPJACK_ECB64 (0x1001)
637#define CKM_SKIPJACK_CBC64 (0x1002)
638#define CKM_SKIPJACK_OFB64 (0x1003)
639#define CKM_SKIPJACK_CFB64 (0x1004)
640#define CKM_SKIPJACK_CFB32 (0x1005)
641#define CKM_SKIPJACK_CFB16 (0x1006)
642#define CKM_SKIPJACK_CFB8 (0x1007)
643#define CKM_SKIPJACK_WRAP (0x1008)
644#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009)
645#define CKM_SKIPJACK_RELAYX (0x100a)
646#define CKM_KEA_KEY_PAIR_GEN (0x1010)
647#define CKM_KEA_KEY_DERIVE (0x1011)
648#define CKM_FORTEZZA_TIMESTAMP (0x1020)
649#define CKM_BATON_KEY_GEN (0x1030)
650#define CKM_BATON_ECB128 (0x1031)
651#define CKM_BATON_ECB96 (0x1032)
652#define CKM_BATON_CBC128 (0x1033)
653#define CKM_BATON_COUNTER (0x1034)
654#define CKM_BATON_SHUFFLE (0x1035)
655#define CKM_BATON_WRAP (0x1036)
656#define CKM_ECDSA_KEY_PAIR_GEN (0x1040)
657#define CKM_EC_KEY_PAIR_GEN (0x1040)
658#define CKM_ECDSA (0x1041)
659#define CKM_ECDSA_SHA1 (0x1042)
660#define CKM_ECDH1_DERIVE (0x1050)
661#define CKM_ECDH1_COFACTOR_DERIVE (0x1051)
662#define CKM_ECMQV_DERIVE (0x1052)
663#define CKM_EC_EDWARDS_KEY_PAIR_GEN (0x1055)
664#define CKM_EDDSA (0x1057)
665#define CKM_JUNIPER_KEY_GEN (0x1060)
666#define CKM_JUNIPER_ECB128 (0x1061)
667#define CKM_JUNIPER_CBC128 (0x1062)
668#define CKM_JUNIPER_COUNTER (0x1063)
669#define CKM_JUNIPER_SHUFFLE (0x1064)
670#define CKM_JUNIPER_WRAP (0x1065)
671#define CKM_FASTHASH (0x1070)
672#define CKM_AES_KEY_GEN (0x1080)
673#define CKM_AES_ECB (0x1081)
674#define CKM_AES_CBC (0x1082)
675#define CKM_AES_MAC (0x1083)
676#define CKM_AES_MAC_GENERAL (0x1084)
677#define CKM_AES_CBC_PAD (0x1085)
678#define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200) /* From PKCS#11 v2.30 - draft 7 */
679#define CKM_GOSTR3410 (0x1201) /* From PKCS#11 v2.30 - draft 7 */
680#define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202) /* From PKCS#11 v2.30 - draft 7 */
681#define CKM_GOSTR3411 (0x1210) /* From PKCS#11 v2.30 - draft 7 */
682#define CKM_DSA_PARAMETER_GEN (0x2000)
683#define CKM_DH_PKCS_PARAMETER_GEN (0x2001)
684#define CKM_X9_42_DH_PARAMETER_GEN (0x2002)
685#define CKM_VENDOR_DEFINED ((unsigned long) (1 << 31))
686
687
694
695
697{
698 unsigned long min_key_size;
699 unsigned long max_key_size;
701};
702
703#define CKF_HW (1 << 0)
704#define CKF_ENCRYPT (1 << 8)
705#define CKF_DECRYPT (1 << 9)
706#define CKF_DIGEST (1 << 10)
707#define CKF_SIGN (1 << 11)
708#define CKF_SIGN_RECOVER (1 << 12)
709#define CKF_VERIFY (1 << 13)
710#define CKF_VERIFY_RECOVER (1 << 14)
711#define CKF_GENERATE (1 << 15)
712#define CKF_GENERATE_KEY_PAIR (1 << 16)
713#define CKF_WRAP (1 << 17)
714#define CKF_UNWRAP (1 << 18)
715#define CKF_DERIVE (1 << 19)
716#define CKF_EXTENSION ((unsigned long) (1 << 31))
717
718
719/* Flags for C_WaitForSlotEvent. */
720#define CKF_DONT_BLOCK (1)
721
722
723typedef unsigned long ck_rv_t;
724
725
727 ck_notification_t event, void *application);
728
729/* Forward reference. */
730struct ck_function_list;
731
732#define _CK_DECLARE_FUNCTION(name, args) \
733typedef ck_rv_t (*CK_ ## name) args; \
734ck_rv_t CK_SPEC name args
735
736_CK_DECLARE_FUNCTION (C_Initialize, (void *init_args));
737_CK_DECLARE_FUNCTION (C_Finalize, (void *reserved));
738_CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info));
739_CK_DECLARE_FUNCTION (C_GetFunctionList,
740 (struct ck_function_list **function_list));
741
742_CK_DECLARE_FUNCTION (C_GetSlotList,
743 (unsigned char token_present, ck_slot_id_t *slot_list,
744 unsigned long *count));
745_CK_DECLARE_FUNCTION (C_GetSlotInfo,
746 (ck_slot_id_t slot_id, struct ck_slot_info *info));
747_CK_DECLARE_FUNCTION (C_GetTokenInfo,
748 (ck_slot_id_t slot_id, struct ck_token_info *info));
749_CK_DECLARE_FUNCTION (C_WaitForSlotEvent,
750 (ck_flags_t flags, ck_slot_id_t *slot, void *reserved));
751_CK_DECLARE_FUNCTION (C_GetMechanismList,
753 ck_mechanism_type_t *mechanism_list,
754 unsigned long *count));
755_CK_DECLARE_FUNCTION (C_GetMechanismInfo,
757 struct ck_mechanism_info *info));
759 (ck_slot_id_t slot_id, unsigned char *pin,
760 unsigned long pin_len, unsigned char *label));
762 (ck_session_handle_t session, unsigned char *pin,
763 unsigned long pin_len));
765 (ck_session_handle_t session, unsigned char *old_pin,
766 unsigned long old_len, unsigned char *new_pin,
767 unsigned long new_len));
768
769_CK_DECLARE_FUNCTION (C_OpenSession,
771 void *application, ck_notify_t notify,
772 ck_session_handle_t *session));
773_CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session));
775_CK_DECLARE_FUNCTION (C_GetSessionInfo,
776 (ck_session_handle_t session,
777 struct ck_session_info *info));
778_CK_DECLARE_FUNCTION (C_GetOperationState,
779 (ck_session_handle_t session,
780 unsigned char *operation_state,
781 unsigned long *operation_state_len));
782_CK_DECLARE_FUNCTION (C_SetOperationState,
783 (ck_session_handle_t session,
784 unsigned char *operation_state,
785 unsigned long operation_state_len,
786 ck_object_handle_t encryption_key,
787 ck_object_handle_t authentiation_key));
789 (ck_session_handle_t session, ck_user_type_t user_type,
790 unsigned char *pin, unsigned long pin_len));
792
793_CK_DECLARE_FUNCTION (C_CreateObject,
794 (ck_session_handle_t session,
795 struct ck_attribute *templ,
796 unsigned long count, ck_object_handle_t *object));
799 struct ck_attribute *templ, unsigned long count,
800 ck_object_handle_t *new_object));
801_CK_DECLARE_FUNCTION (C_DestroyObject,
802 (ck_session_handle_t session,
803 ck_object_handle_t object));
804_CK_DECLARE_FUNCTION (C_GetObjectSize,
805 (ck_session_handle_t session,
806 ck_object_handle_t object,
807 unsigned long *size));
808_CK_DECLARE_FUNCTION (C_GetAttributeValue,
809 (ck_session_handle_t session,
810 ck_object_handle_t object,
811 struct ck_attribute *templ,
812 unsigned long count));
813_CK_DECLARE_FUNCTION (C_SetAttributeValue,
814 (ck_session_handle_t session,
815 ck_object_handle_t object,
816 struct ck_attribute *templ,
817 unsigned long count));
818_CK_DECLARE_FUNCTION (C_FindObjectsInit,
819 (ck_session_handle_t session,
820 struct ck_attribute *templ,
821 unsigned long count));
822_CK_DECLARE_FUNCTION (C_FindObjects,
823 (ck_session_handle_t session,
824 ck_object_handle_t *object,
825 unsigned long max_object_count,
826 unsigned long *object_count));
827_CK_DECLARE_FUNCTION (C_FindObjectsFinal,
828 (ck_session_handle_t session));
829
830_CK_DECLARE_FUNCTION (C_EncryptInit,
831 (ck_session_handle_t session,
832 struct ck_mechanism *mechanism,
833 ck_object_handle_t key));
835 (ck_session_handle_t session,
836 unsigned char *data, unsigned long data_len,
837 unsigned char *encrypted_data,
838 unsigned long *encrypted_data_len));
839_CK_DECLARE_FUNCTION (C_EncryptUpdate,
840 (ck_session_handle_t session,
841 unsigned char *part, unsigned long part_len,
842 unsigned char *encrypted_part,
843 unsigned long *encrypted_part_len));
844_CK_DECLARE_FUNCTION (C_EncryptFinal,
845 (ck_session_handle_t session,
846 unsigned char *last_encrypted_part,
847 unsigned long *last_encrypted_part_len));
848
849_CK_DECLARE_FUNCTION (C_DecryptInit,
850 (ck_session_handle_t session,
851 struct ck_mechanism *mechanism,
852 ck_object_handle_t key));
854 (ck_session_handle_t session,
855 unsigned char *encrypted_data,
856 unsigned long encrypted_data_len,
857 unsigned char *data, unsigned long *data_len));
858_CK_DECLARE_FUNCTION (C_DecryptUpdate,
859 (ck_session_handle_t session,
860 unsigned char *encrypted_part,
861 unsigned long encrypted_part_len,
862 unsigned char *part, unsigned long *part_len));
863_CK_DECLARE_FUNCTION (C_DecryptFinal,
864 (ck_session_handle_t session,
865 unsigned char *last_part,
866 unsigned long *last_part_len));
867
869 (ck_session_handle_t session,
870 struct ck_mechanism *mechanism));
872 (ck_session_handle_t session,
873 unsigned char *data, unsigned long data_len,
874 unsigned char *digest,
875 unsigned long *digest_len));
876_CK_DECLARE_FUNCTION (C_DigestUpdate,
877 (ck_session_handle_t session,
878 unsigned char *part, unsigned long part_len));
881_CK_DECLARE_FUNCTION (C_DigestFinal,
882 (ck_session_handle_t session,
883 unsigned char *digest,
884 unsigned long *digest_len));
885
887 (ck_session_handle_t session,
888 struct ck_mechanism *mechanism,
889 ck_object_handle_t key));
891 (ck_session_handle_t session,
892 unsigned char *data, unsigned long data_len,
893 unsigned char *signature,
894 unsigned long *signature_len));
896 (ck_session_handle_t session,
897 unsigned char *part, unsigned long part_len));
899 (ck_session_handle_t session,
900 unsigned char *signature,
901 unsigned long *signature_len));
902_CK_DECLARE_FUNCTION (C_SignRecoverInit,
903 (ck_session_handle_t session,
904 struct ck_mechanism *mechanism,
905 ck_object_handle_t key));
906_CK_DECLARE_FUNCTION (C_SignRecover,
907 (ck_session_handle_t session,
908 unsigned char *data, unsigned long data_len,
909 unsigned char *signature,
910 unsigned long *signature_len));
911
913 (ck_session_handle_t session,
914 struct ck_mechanism *mechanism,
915 ck_object_handle_t key));
917 (ck_session_handle_t session,
918 unsigned char *data, unsigned long data_len,
919 unsigned char *signature,
920 unsigned long signature_len));
921_CK_DECLARE_FUNCTION (C_VerifyUpdate,
922 (ck_session_handle_t session,
923 unsigned char *part, unsigned long part_len));
924_CK_DECLARE_FUNCTION (C_VerifyFinal,
925 (ck_session_handle_t session,
926 unsigned char *signature,
927 unsigned long signature_len));
928_CK_DECLARE_FUNCTION (C_VerifyRecoverInit,
929 (ck_session_handle_t session,
930 struct ck_mechanism *mechanism,
931 ck_object_handle_t key));
932_CK_DECLARE_FUNCTION (C_VerifyRecover,
933 (ck_session_handle_t session,
934 unsigned char *signature,
935 unsigned long signature_len,
936 unsigned char *data,
937 unsigned long *data_len));
938
939_CK_DECLARE_FUNCTION (C_DigestEncryptUpdate,
940 (ck_session_handle_t session,
941 unsigned char *part, unsigned long part_len,
942 unsigned char *encrypted_part,
943 unsigned long *encrypted_part_len));
944_CK_DECLARE_FUNCTION (C_DecryptDigestUpdate,
945 (ck_session_handle_t session,
946 unsigned char *encrypted_part,
947 unsigned long encrypted_part_len,
948 unsigned char *part,
949 unsigned long *part_len));
950_CK_DECLARE_FUNCTION (C_SignEncryptUpdate,
951 (ck_session_handle_t session,
952 unsigned char *part, unsigned long part_len,
953 unsigned char *encrypted_part,
954 unsigned long *encrypted_part_len));
955_CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate,
956 (ck_session_handle_t session,
957 unsigned char *encrypted_part,
958 unsigned long encrypted_part_len,
959 unsigned char *part,
960 unsigned long *part_len));
961
962_CK_DECLARE_FUNCTION (C_GenerateKey,
963 (ck_session_handle_t session,
964 struct ck_mechanism *mechanism,
965 struct ck_attribute *templ,
966 unsigned long count,
967 ck_object_handle_t *key));
968_CK_DECLARE_FUNCTION (C_GenerateKeyPair,
969 (ck_session_handle_t session,
970 struct ck_mechanism *mechanism,
971 struct ck_attribute *public_key_template,
972 unsigned long public_key_attribute_count,
973 struct ck_attribute *private_key_template,
974 unsigned long private_key_attribute_count,
975 ck_object_handle_t *public_key,
976 ck_object_handle_t *private_key));
978 (ck_session_handle_t session,
979 struct ck_mechanism *mechanism,
980 ck_object_handle_t wrapping_key,
982 unsigned char *wrapped_key,
983 unsigned long *wrapped_key_len));
985 (ck_session_handle_t session,
986 struct ck_mechanism *mechanism,
987 ck_object_handle_t unwrapping_key,
988 unsigned char *wrapped_key,
989 unsigned long wrapped_key_len,
990 struct ck_attribute *templ,
991 unsigned long attribute_count,
992 ck_object_handle_t *key));
994 (ck_session_handle_t session,
995 struct ck_mechanism *mechanism,
996 ck_object_handle_t base_key,
997 struct ck_attribute *templ,
998 unsigned long attribute_count,
999 ck_object_handle_t *key));
1000
1002 (ck_session_handle_t session, unsigned char *seed,
1003 unsigned long seed_len));
1004_CK_DECLARE_FUNCTION (C_GenerateRandom,
1005 (ck_session_handle_t session,
1006 unsigned char *random_data,
1007 unsigned long random_len));
1008
1009_CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session));
1010_CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session));
1011
1012
1014{
1016 CK_C_Initialize C_Initialize;
1017 CK_C_Finalize C_Finalize;
1018 CK_C_GetInfo C_GetInfo;
1019 CK_C_GetFunctionList C_GetFunctionList;
1020 CK_C_GetSlotList C_GetSlotList;
1021 CK_C_GetSlotInfo C_GetSlotInfo;
1022 CK_C_GetTokenInfo C_GetTokenInfo;
1023 CK_C_GetMechanismList C_GetMechanismList;
1024 CK_C_GetMechanismInfo C_GetMechanismInfo;
1025 CK_C_InitToken C_InitToken;
1026 CK_C_InitPIN C_InitPIN;
1027 CK_C_SetPIN C_SetPIN;
1028 CK_C_OpenSession C_OpenSession;
1029 CK_C_CloseSession C_CloseSession;
1030 CK_C_CloseAllSessions C_CloseAllSessions;
1031 CK_C_GetSessionInfo C_GetSessionInfo;
1032 CK_C_GetOperationState C_GetOperationState;
1033 CK_C_SetOperationState C_SetOperationState;
1034 CK_C_Login C_Login;
1035 CK_C_Logout C_Logout;
1036 CK_C_CreateObject C_CreateObject;
1037 CK_C_CopyObject C_CopyObject;
1038 CK_C_DestroyObject C_DestroyObject;
1039 CK_C_GetObjectSize C_GetObjectSize;
1040 CK_C_GetAttributeValue C_GetAttributeValue;
1041 CK_C_SetAttributeValue C_SetAttributeValue;
1042 CK_C_FindObjectsInit C_FindObjectsInit;
1043 CK_C_FindObjects C_FindObjects;
1044 CK_C_FindObjectsFinal C_FindObjectsFinal;
1045 CK_C_EncryptInit C_EncryptInit;
1046 CK_C_Encrypt C_Encrypt;
1047 CK_C_EncryptUpdate C_EncryptUpdate;
1048 CK_C_EncryptFinal C_EncryptFinal;
1049 CK_C_DecryptInit C_DecryptInit;
1050 CK_C_Decrypt C_Decrypt;
1051 CK_C_DecryptUpdate C_DecryptUpdate;
1052 CK_C_DecryptFinal C_DecryptFinal;
1053 CK_C_DigestInit C_DigestInit;
1054 CK_C_Digest C_Digest;
1055 CK_C_DigestUpdate C_DigestUpdate;
1056 CK_C_DigestKey C_DigestKey;
1057 CK_C_DigestFinal C_DigestFinal;
1058 CK_C_SignInit C_SignInit;
1059 CK_C_Sign C_Sign;
1060 CK_C_SignUpdate C_SignUpdate;
1061 CK_C_SignFinal C_SignFinal;
1062 CK_C_SignRecoverInit C_SignRecoverInit;
1063 CK_C_SignRecover C_SignRecover;
1064 CK_C_VerifyInit C_VerifyInit;
1065 CK_C_Verify C_Verify;
1066 CK_C_VerifyUpdate C_VerifyUpdate;
1067 CK_C_VerifyFinal C_VerifyFinal;
1068 CK_C_VerifyRecoverInit C_VerifyRecoverInit;
1069 CK_C_VerifyRecover C_VerifyRecover;
1070 CK_C_DigestEncryptUpdate C_DigestEncryptUpdate;
1071 CK_C_DecryptDigestUpdate C_DecryptDigestUpdate;
1072 CK_C_SignEncryptUpdate C_SignEncryptUpdate;
1073 CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate;
1074 CK_C_GenerateKey C_GenerateKey;
1075 CK_C_GenerateKeyPair C_GenerateKeyPair;
1076 CK_C_WrapKey C_WrapKey;
1077 CK_C_UnwrapKey C_UnwrapKey;
1078 CK_C_DeriveKey C_DeriveKey;
1079 CK_C_SeedRandom C_SeedRandom;
1080 CK_C_GenerateRandom C_GenerateRandom;
1081 CK_C_GetFunctionStatus C_GetFunctionStatus;
1082 CK_C_CancelFunction C_CancelFunction;
1083 CK_C_WaitForSlotEvent C_WaitForSlotEvent;
1084};
1085
1086
1087typedef ck_rv_t (*ck_createmutex_t) (void **mutex);
1088typedef ck_rv_t (*ck_destroymutex_t) (void *mutex);
1089typedef ck_rv_t (*ck_lockmutex_t) (void *mutex);
1090typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex);
1091
1092
1102
1103
1104#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0)
1105#define CKF_OS_LOCKING_OK (1 << 1)
1106
1107#define CKR_OK (0)
1108#define CKR_CANCEL (1)
1109#define CKR_HOST_MEMORY (2)
1110#define CKR_SLOT_ID_INVALID (3)
1111#define CKR_GENERAL_ERROR (5)
1112#define CKR_FUNCTION_FAILED (6)
1113#define CKR_ARGUMENTS_BAD (7)
1114#define CKR_NO_EVENT (8)
1115#define CKR_NEED_TO_CREATE_THREADS (9)
1116#define CKR_CANT_LOCK (0xa)
1117#define CKR_ATTRIBUTE_READ_ONLY (0x10)
1118#define CKR_ATTRIBUTE_SENSITIVE (0x11)
1119#define CKR_ATTRIBUTE_TYPE_INVALID (0x12)
1120#define CKR_ATTRIBUTE_VALUE_INVALID (0x13)
1121#define CKR_DATA_INVALID (0x20)
1122#define CKR_DATA_LEN_RANGE (0x21)
1123#define CKR_DEVICE_ERROR (0x30)
1124#define CKR_DEVICE_MEMORY (0x31)
1125#define CKR_DEVICE_REMOVED (0x32)
1126#define CKR_ENCRYPTED_DATA_INVALID (0x40)
1127#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41)
1128#define CKR_FUNCTION_CANCELED (0x50)
1129#define CKR_FUNCTION_NOT_PARALLEL (0x51)
1130#define CKR_FUNCTION_NOT_SUPPORTED (0x54)
1131#define CKR_KEY_HANDLE_INVALID (0x60)
1132#define CKR_KEY_SIZE_RANGE (0x62)
1133#define CKR_KEY_TYPE_INCONSISTENT (0x63)
1134#define CKR_KEY_NOT_NEEDED (0x64)
1135#define CKR_KEY_CHANGED (0x65)
1136#define CKR_KEY_NEEDED (0x66)
1137#define CKR_KEY_INDIGESTIBLE (0x67)
1138#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68)
1139#define CKR_KEY_NOT_WRAPPABLE (0x69)
1140#define CKR_KEY_UNEXTRACTABLE (0x6a)
1141#define CKR_MECHANISM_INVALID (0x70)
1142#define CKR_MECHANISM_PARAM_INVALID (0x71)
1143#define CKR_OBJECT_HANDLE_INVALID (0x82)
1144#define CKR_OPERATION_ACTIVE (0x90)
1145#define CKR_OPERATION_NOT_INITIALIZED (0x91)
1146#define CKR_PIN_INCORRECT (0xa0)
1147#define CKR_PIN_INVALID (0xa1)
1148#define CKR_PIN_LEN_RANGE (0xa2)
1149#define CKR_PIN_EXPIRED (0xa3)
1150#define CKR_PIN_LOCKED (0xa4)
1151#define CKR_SESSION_CLOSED (0xb0)
1152#define CKR_SESSION_COUNT (0xb1)
1153#define CKR_SESSION_HANDLE_INVALID (0xb3)
1154#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4)
1155#define CKR_SESSION_READ_ONLY (0xb5)
1156#define CKR_SESSION_EXISTS (0xb6)
1157#define CKR_SESSION_READ_ONLY_EXISTS (0xb7)
1158#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8)
1159#define CKR_SIGNATURE_INVALID (0xc0)
1160#define CKR_SIGNATURE_LEN_RANGE (0xc1)
1161#define CKR_TEMPLATE_INCOMPLETE (0xd0)
1162#define CKR_TEMPLATE_INCONSISTENT (0xd1)
1163#define CKR_TOKEN_NOT_PRESENT (0xe0)
1164#define CKR_TOKEN_NOT_RECOGNIZED (0xe1)
1165#define CKR_TOKEN_WRITE_PROTECTED (0xe2)
1166#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0)
1167#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1)
1168#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2)
1169#define CKR_USER_ALREADY_LOGGED_IN (0x100)
1170#define CKR_USER_NOT_LOGGED_IN (0x101)
1171#define CKR_USER_PIN_NOT_INITIALIZED (0x102)
1172#define CKR_USER_TYPE_INVALID (0x103)
1173#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104)
1174#define CKR_USER_TOO_MANY_TYPES (0x105)
1175#define CKR_WRAPPED_KEY_INVALID (0x110)
1176#define CKR_WRAPPED_KEY_LEN_RANGE (0x112)
1177#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113)
1178#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114)
1179#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115)
1180#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120)
1181#define CKR_RANDOM_NO_RNG (0x121)
1182#define CKR_DOMAIN_PARAMS_INVALID (0x130)
1183#define CKR_BUFFER_TOO_SMALL (0x150)
1184#define CKR_SAVED_STATE_INVALID (0x160)
1185#define CKR_INFORMATION_SENSITIVE (0x170)
1186#define CKR_STATE_UNSAVEABLE (0x180)
1187#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190)
1188#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191)
1189#define CKR_MUTEX_BAD (0x1a0)
1190#define CKR_MUTEX_NOT_LOCKED (0x1a1)
1191#define CKR_FUNCTION_REJECTED (0x200)
1192#define CKR_VENDOR_DEFINED ((unsigned long) (1 << 31))
1193
1194
1195
1196
1197/* Compatibility layer. */
1198
1199#ifdef CRYPTOKI_COMPAT
1200
1201#undef CK_DEFINE_FUNCTION
1202#define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name
1203
1204#if defined(__cplusplus)
1205}
1206#endif
1207
1208/* For NULL. */
1209#include <stddef.h>
1210
1211#if defined(__cplusplus)
1212extern "C" {
1213#endif
1214
1215typedef unsigned char CK_BYTE;
1216typedef unsigned char CK_CHAR;
1217typedef unsigned char CK_UTF8CHAR;
1218typedef unsigned char CK_BBOOL;
1219typedef unsigned long int CK_ULONG;
1220typedef long int CK_LONG;
1225typedef void *CK_VOID_PTR;
1226typedef void **CK_VOID_PTR_PTR;
1227#define CK_FALSE 0
1228#define CK_TRUE 1
1229#ifndef CK_DISABLE_TRUE_FALSE
1230#ifndef FALSE
1231#define FALSE 0
1232#endif
1233#ifndef TRUE
1234#define TRUE 1
1235#endif
1236#endif
1237
1238typedef struct ck_version CK_VERSION;
1240
1241typedef struct ck_info CK_INFO;
1242typedef struct ck_info *CK_INFO_PTR;
1243
1245
1248
1251
1253
1256
1258
1260
1263
1264typedef struct ck_date CK_DATE;
1265typedef struct ck_date *CK_DATE_PTR;
1266
1268
1271
1274
1278
1281
1282#define NULL_PTR NULL
1283
1284/* Delete the helper macros defined at the top of the file. */
1285#undef ck_flags_t
1286#undef ck_version
1287
1288#undef ck_info
1289#undef cryptoki_version
1290#undef manufacturer_id
1291#undef library_description
1292#undef library_version
1293
1294#undef ck_notification_t
1295#undef ck_slot_id_t
1296
1297#undef ck_slot_info
1298#undef slot_description
1299#undef hardware_version
1300#undef firmware_version
1301
1302#undef ck_token_info
1303#undef serial_number
1304#undef max_session_count
1305#undef session_count
1306#undef max_rw_session_count
1307#undef rw_session_count
1308#undef max_pin_len
1309#undef min_pin_len
1310#undef total_public_memory
1311#undef free_public_memory
1312#undef total_private_memory
1313#undef free_private_memory
1314#undef utc_time
1315
1316#undef ck_session_handle_t
1317#undef ck_user_type_t
1318#undef ck_state_t
1319
1320#undef ck_session_info
1321#undef slot_id
1322#undef device_error
1323
1324#undef ck_object_handle_t
1325#undef ck_object_class_t
1326#undef ck_hw_feature_type_t
1327#undef ck_key_type_t
1328#undef ck_certificate_type_t
1329#undef ck_attribute_type_t
1330
1331#undef ck_attribute
1332#undef value
1333#undef value_len
1334
1335#undef ck_date
1336
1337#undef ck_mechanism_type_t
1338
1339#undef ck_mechanism
1340#undef parameter
1341#undef parameter_len
1342
1343#undef ck_mechanism_info
1344#undef min_key_size
1345#undef max_key_size
1346
1347#undef ck_rv_t
1348#undef ck_notify_t
1349
1350#undef ck_function_list
1351
1352#undef ck_createmutex_t
1353#undef ck_destroymutex_t
1354#undef ck_lockmutex_t
1355#undef ck_unlockmutex_t
1356
1357#undef ck_c_initialize_args
1358#undef create_mutex
1359#undef destroy_mutex
1360#undef lock_mutex
1361#undef unlock_mutex
1362#undef reserved
1363
1364#endif /* CRYPTOKI_COMPAT */
1365
1366
1367/* System dependencies. */
1368#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
1369#pragma pack(pop, cryptoki)
1370#endif
1371
1372#if defined(__cplusplus)
1373}
1374#endif
1375
1376#endif /* PKCS11_H */
#define ck_hw_feature_type_t
Definition pkcs11.h:144
#define ck_unlockmutex_t
Definition pkcs11.h:173
#define ck_key_type_t
Definition pkcs11.h:145
#define utc_time
Definition pkcs11.h:132
struct ck_mechanism_info * CK_MECHANISM_INFO_PTR
Definition pkcs11.h:1273
#define cryptoki_version
Definition pkcs11.h:107
struct ck_date * CK_DATE_PTR
Definition pkcs11.h:1265
ck_session_handle_t * CK_SESSION_HANDLE_PTR
Definition pkcs11.h:1252
#define slot_description
Definition pkcs11.h:116
unsigned long ck_object_handle_t
Definition pkcs11.h:308
ck_mechanism_type_t * CK_MECHANISM_TYPE_PTR
Definition pkcs11.h:1267
unsigned long ck_object_class_t
Definition pkcs11.h:311
CK_ULONG * CK_ULONG_PTR
Definition pkcs11.h:1224
#define hardware_version
Definition pkcs11.h:117
#define ck_mechanism_type_t
Definition pkcs11.h:155
unsigned long int CK_ULONG
Definition pkcs11.h:1219
unsigned long ck_mechanism_type_t
Definition pkcs11.h:479
#define ck_slot_id_t
Definition pkcs11.h:113
CK_CHAR * CK_CHAR_PTR
Definition pkcs11.h:1222
#define ck_object_handle_t
Definition pkcs11.h:142
unsigned char CK_BYTE
Definition pkcs11.h:1215
unsigned char CK_CHAR
Definition pkcs11.h:1216
#define reserved
Definition pkcs11.h:180
struct ck_session_info * CK_SESSION_INFO_PTR
Definition pkcs11.h:1255
struct ck_function_list * CK_FUNCTION_LIST_PTR
Definition pkcs11.h:1276
ck_slot_id_t * CK_SLOT_ID_PTR
Definition pkcs11.h:1244
unsigned long ck_session_handle_t
Definition pkcs11.h:275
struct ck_attribute * CK_ATTRIBUTE_PTR
Definition pkcs11.h:1262
struct ck_version * CK_VERSION_PTR
Definition pkcs11.h:1239
#define ck_object_class_t
Definition pkcs11.h:143
ck_object_handle_t * CK_OBJECT_HANDLE_PTR
Definition pkcs11.h:1257
#define ck_state_t
Definition pkcs11.h:136
#define ck_attribute_type_t
Definition pkcs11.h:147
CK_BYTE * CK_BYTE_PTR
Definition pkcs11.h:1221
#define ck_flags_t
Definition pkcs11.h:103
#define library_description
Definition pkcs11.h:109
#define serial_number
Definition pkcs11.h:121
struct ck_slot_info * CK_SLOT_INFO_PTR
Definition pkcs11.h:1247
void * CK_VOID_PTR
Definition pkcs11.h:1225
unsigned long ck_state_t
Definition pkcs11.h:287
unsigned long ck_flags_t
Definition pkcs11.h:186
void ** CK_VOID_PTR_PTR
Definition pkcs11.h:1226
#define ck_certificate_type_t
Definition pkcs11.h:146
struct ck_function_list ** CK_FUNCTION_LIST_PTR_PTR
Definition pkcs11.h:1277
unsigned char CK_BBOOL
Definition pkcs11.h:1218
unsigned long ck_user_type_t
Definition pkcs11.h:280
#define firmware_version
Definition pkcs11.h:118
#define ck_rv_t
Definition pkcs11.h:165
#define manufacturer_id
Definition pkcs11.h:108
#define ck_createmutex_t
Definition pkcs11.h:170
struct ck_token_info * CK_TOKEN_INFO_PTR
Definition pkcs11.h:1250
ck_object_class_t * CK_OBJECT_CLASS_PTR
Definition pkcs11.h:1259
struct ck_mechanism * CK_MECHANISM_PTR
Definition pkcs11.h:1270
#define ck_session_handle_t
Definition pkcs11.h:134
#define slot_id
Definition pkcs11.h:139
struct ck_info * CK_INFO_PTR
Definition pkcs11.h:1242
#define ck_lockmutex_t
Definition pkcs11.h:172
#define ck_destroymutex_t
Definition pkcs11.h:171
#define library_version
Definition pkcs11.h:110
long int CK_LONG
Definition pkcs11.h:1220
unsigned long ck_slot_id_t
Definition pkcs11.h:210
#define _CK_DECLARE_FUNCTION(name, args)
Definition pkcs11.h:732
unsigned long ck_attribute_type_t
Definition pkcs11.h:372
unsigned long ck_notification_t
Definition pkcs11.h:205
unsigned char CK_UTF8CHAR
Definition pkcs11.h:1217
CK_UTF8CHAR * CK_UTF8CHAR_PTR
Definition pkcs11.h:1223
#define ck_user_type_t
Definition pkcs11.h:135
#define ck_notification_t
Definition pkcs11.h:112
struct ck_c_initialize_args * CK_C_INITIALIZE_ARGS_PTR
Definition pkcs11.h:1280
#define ck_notify_t
Definition pkcs11.h:166
unsigned long value_len
Definition pkcs11.h:467
void * value
Definition pkcs11.h:466
ck_attribute_type_t type
Definition pkcs11.h:465
ck_lockmutex_t lock_mutex
Definition pkcs11.h:1097
ck_destroymutex_t destroy_mutex
Definition pkcs11.h:1096
ck_createmutex_t create_mutex
Definition pkcs11.h:1095
ck_unlockmutex_t unlock_mutex
Definition pkcs11.h:1098
ck_flags_t flags
Definition pkcs11.h:1099
unsigned char day[2]
Definition pkcs11.h:475
unsigned char month[2]
Definition pkcs11.h:474
unsigned char year[4]
Definition pkcs11.h:473
CK_C_OpenSession C_OpenSession
Definition pkcs11.h:1028
CK_C_SetPIN C_SetPIN
Definition pkcs11.h:1027
CK_C_GetSlotList C_GetSlotList
Definition pkcs11.h:1020
CK_C_Digest C_Digest
Definition pkcs11.h:1054
CK_C_GetFunctionList C_GetFunctionList
Definition pkcs11.h:1019
CK_C_SignUpdate C_SignUpdate
Definition pkcs11.h:1060
CK_C_GenerateRandom C_GenerateRandom
Definition pkcs11.h:1080
CK_C_EncryptFinal C_EncryptFinal
Definition pkcs11.h:1048
CK_C_SignRecover C_SignRecover
Definition pkcs11.h:1063
CK_C_GetInfo C_GetInfo
Definition pkcs11.h:1018
CK_C_Login C_Login
Definition pkcs11.h:1034
CK_C_WaitForSlotEvent C_WaitForSlotEvent
Definition pkcs11.h:1083
CK_C_GenerateKeyPair C_GenerateKeyPair
Definition pkcs11.h:1075
CK_C_GetMechanismInfo C_GetMechanismInfo
Definition pkcs11.h:1024
CK_C_Decrypt C_Decrypt
Definition pkcs11.h:1050
CK_C_FindObjectsFinal C_FindObjectsFinal
Definition pkcs11.h:1044
CK_C_SignRecoverInit C_SignRecoverInit
Definition pkcs11.h:1062
CK_C_CloseSession C_CloseSession
Definition pkcs11.h:1029
CK_C_DestroyObject C_DestroyObject
Definition pkcs11.h:1038
CK_C_UnwrapKey C_UnwrapKey
Definition pkcs11.h:1077
CK_C_FindObjectsInit C_FindObjectsInit
Definition pkcs11.h:1042
CK_C_GetMechanismList C_GetMechanismList
Definition pkcs11.h:1023
CK_C_EncryptUpdate C_EncryptUpdate
Definition pkcs11.h:1047
CK_C_EncryptInit C_EncryptInit
Definition pkcs11.h:1045
CK_C_SetAttributeValue C_SetAttributeValue
Definition pkcs11.h:1041
CK_C_DigestUpdate C_DigestUpdate
Definition pkcs11.h:1055
CK_C_SeedRandom C_SeedRandom
Definition pkcs11.h:1079
CK_C_DecryptFinal C_DecryptFinal
Definition pkcs11.h:1052
CK_C_FindObjects C_FindObjects
Definition pkcs11.h:1043
CK_C_DeriveKey C_DeriveKey
Definition pkcs11.h:1078
struct ck_version version
Definition pkcs11.h:1015
CK_C_DigestFinal C_DigestFinal
Definition pkcs11.h:1057
CK_C_SignInit C_SignInit
Definition pkcs11.h:1058
CK_C_SignEncryptUpdate C_SignEncryptUpdate
Definition pkcs11.h:1072
CK_C_InitPIN C_InitPIN
Definition pkcs11.h:1026
CK_C_VerifyUpdate C_VerifyUpdate
Definition pkcs11.h:1066
CK_C_CopyObject C_CopyObject
Definition pkcs11.h:1037
CK_C_DecryptDigestUpdate C_DecryptDigestUpdate
Definition pkcs11.h:1071
CK_C_CancelFunction C_CancelFunction
Definition pkcs11.h:1082
CK_C_GenerateKey C_GenerateKey
Definition pkcs11.h:1074
CK_C_SignFinal C_SignFinal
Definition pkcs11.h:1061
CK_C_DigestKey C_DigestKey
Definition pkcs11.h:1056
CK_C_GetFunctionStatus C_GetFunctionStatus
Definition pkcs11.h:1081
CK_C_Initialize C_Initialize
Definition pkcs11.h:1016
CK_C_DigestInit C_DigestInit
Definition pkcs11.h:1053
CK_C_GetOperationState C_GetOperationState
Definition pkcs11.h:1032
CK_C_Logout C_Logout
Definition pkcs11.h:1035
CK_C_Encrypt C_Encrypt
Definition pkcs11.h:1046
CK_C_GetAttributeValue C_GetAttributeValue
Definition pkcs11.h:1040
CK_C_DigestEncryptUpdate C_DigestEncryptUpdate
Definition pkcs11.h:1070
CK_C_DecryptUpdate C_DecryptUpdate
Definition pkcs11.h:1051
CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate
Definition pkcs11.h:1073
CK_C_DecryptInit C_DecryptInit
Definition pkcs11.h:1049
CK_C_InitToken C_InitToken
Definition pkcs11.h:1025
CK_C_CreateObject C_CreateObject
Definition pkcs11.h:1036
CK_C_GetTokenInfo C_GetTokenInfo
Definition pkcs11.h:1022
CK_C_CloseAllSessions C_CloseAllSessions
Definition pkcs11.h:1030
CK_C_VerifyFinal C_VerifyFinal
Definition pkcs11.h:1067
CK_C_Verify C_Verify
Definition pkcs11.h:1065
CK_C_GetObjectSize C_GetObjectSize
Definition pkcs11.h:1039
CK_C_VerifyRecoverInit C_VerifyRecoverInit
Definition pkcs11.h:1068
CK_C_WrapKey C_WrapKey
Definition pkcs11.h:1076
CK_C_Finalize C_Finalize
Definition pkcs11.h:1017
CK_C_GetSessionInfo C_GetSessionInfo
Definition pkcs11.h:1031
CK_C_SetOperationState C_SetOperationState
Definition pkcs11.h:1033
CK_C_Sign C_Sign
Definition pkcs11.h:1059
CK_C_VerifyRecover C_VerifyRecover
Definition pkcs11.h:1069
CK_C_VerifyInit C_VerifyInit
Definition pkcs11.h:1064
CK_C_GetSlotInfo C_GetSlotInfo
Definition pkcs11.h:1021
ck_flags_t flags
Definition pkcs11.h:199
ck_flags_t flags
Definition pkcs11.h:700
unsigned long max_key_size
Definition pkcs11.h:699
unsigned long min_key_size
Definition pkcs11.h:698
ck_mechanism_type_t mechanism
Definition pkcs11.h:690
unsigned long parameter_len
Definition pkcs11.h:692
void * parameter
Definition pkcs11.h:691
ck_state_t state
Definition pkcs11.h:299
ck_slot_id_t slot_id
Definition pkcs11.h:298
ck_flags_t flags
Definition pkcs11.h:300
unsigned long device_error
Definition pkcs11.h:301
ck_flags_t flags
Definition pkcs11.h:217
unsigned long total_public_memory
Definition pkcs11.h:242
unsigned long free_public_memory
Definition pkcs11.h:243
unsigned long max_rw_session_count
Definition pkcs11.h:238
unsigned long max_session_count
Definition pkcs11.h:236
unsigned char model[16]
Definition pkcs11.h:233
ck_flags_t flags
Definition pkcs11.h:235
unsigned long free_private_memory
Definition pkcs11.h:245
unsigned long total_private_memory
Definition pkcs11.h:244
unsigned long rw_session_count
Definition pkcs11.h:239
unsigned char label[32]
Definition pkcs11.h:231
unsigned long session_count
Definition pkcs11.h:237
unsigned long max_pin_len
Definition pkcs11.h:240
unsigned long min_pin_len
Definition pkcs11.h:241
unsigned char minor
Definition pkcs11.h:191
unsigned char major
Definition pkcs11.h:190