Estonian ID Card C-library
Loading...
Searching...
No Matches
pkcs11t.h
1/* pkcs11t.h include file for PKCS #11. 2001 June 25 */
2
3/* See top of pkcs11.h for information about the macros that
4 * must be defined and the structure-packing conventions that
5 * must be set before including this file. */
6
7#ifndef _PKCS11T_H_
8#define _PKCS11T_H_ 1
9
10#ifndef FALSE
11#define FALSE 0
12#endif
13
14#ifndef TRUE
15#define TRUE (!FALSE)
16#endif
17
18
19/* an unsigned 8-bit value */
20typedef unsigned char CK_BYTE;
21
22/* an unsigned 8-bit character */
23typedef CK_BYTE CK_CHAR;
24
25/* an 8-bit UTF-8 character */
26typedef CK_BYTE CK_UTF8CHAR;
27
28/* a BYTE-sized Boolean flag */
29typedef CK_BYTE CK_BBOOL;
30
31/* an unsigned value, at least 32 bits long */
32typedef unsigned long int CK_ULONG;
33
34/* a signed value, the same size as a CK_ULONG */
35/* CK_LONG is new for v2.0 */
36typedef long int CK_LONG;
37
38/* at least 32 bits; each bit is a Boolean flag */
39typedef CK_ULONG CK_FLAGS;
40
41
42/* some special values for certain CK_ULONG variables */
43#define CK_UNAVAILABLE_INFORMATION (~0UL)
44#define CK_EFFECTIVELY_INFINITE 0
45
46
47typedef CK_BYTE CK_PTR CK_BYTE_PTR;
48typedef CK_CHAR CK_PTR CK_CHAR_PTR;
49typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
50typedef CK_ULONG CK_PTR CK_ULONG_PTR;
51typedef void CK_PTR CK_VOID_PTR;
52
53/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
54typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
55
56
57/* The following value is always invalid if used as a session */
58/* handle or object handle */
59#define CK_INVALID_HANDLE 0
60
61
62typedef struct CK_VERSION {
63 CK_BYTE major; /* integer portion of version number */
64 CK_BYTE minor; /* 1/100ths portion of version number */
66
67typedef CK_VERSION CK_PTR CK_VERSION_PTR;
68
69
70typedef struct CK_INFO {
71 /* manufacturerID and libraryDecription have been changed from
72 * CK_CHAR to CK_UTF8CHAR for v2.10 */
73 CK_VERSION cryptokiVersion; /* Cryptoki interface ver */
74 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
75 CK_FLAGS flags; /* must be zero */
76
77 /* libraryDescription and libraryVersion are new for v2.0 */
78 CK_UTF8CHAR libraryDescription[32]; /* blank padded */
79 CK_VERSION libraryVersion; /* version of library */
80} CK_INFO;
81
82typedef CK_INFO CK_PTR CK_INFO_PTR;
83
84
85/* CK_NOTIFICATION enumerates the types of notifications that
86 * Cryptoki provides to an application */
87/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
88 * for v2.0 */
89typedef CK_ULONG CK_NOTIFICATION;
90#define CKN_SURRENDER 0
91
92
93typedef CK_ULONG CK_SLOT_ID;
94
95typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
96
97
98/* CK_SLOT_INFO provides information about a slot */
99typedef struct CK_SLOT_INFO {
100 /* slotDescription and manufacturerID have been changed from
101 * CK_CHAR to CK_UTF8CHAR for v2.10 */
102 CK_UTF8CHAR slotDescription[64]; /* blank padded */
103 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
104 CK_FLAGS flags;
105
106 /* hardwareVersion and firmwareVersion are new for v2.0 */
107 CK_VERSION hardwareVersion; /* version of hardware */
108 CK_VERSION firmwareVersion; /* version of firmware */
110
111/* flags: bit flags that provide capabilities of the slot
112 * Bit Flag Mask Meaning
113 */
114#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */
115#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/
116#define CKF_HW_SLOT 0x00000004 /* hardware slot */
117
118typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
119
120
121/* CK_TOKEN_INFO provides information about a token */
122typedef struct CK_TOKEN_INFO {
123 /* label, manufacturerID, and model have been changed from
124 * CK_CHAR to CK_UTF8CHAR for v2.10 */
125 CK_UTF8CHAR label[32]; /* blank padded */
126 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
127 CK_UTF8CHAR model[16]; /* blank padded */
128 CK_CHAR serialNumber[16]; /* blank padded */
129 CK_FLAGS flags; /* see below */
130
131 /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
132 * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
133 * changed from CK_USHORT to CK_ULONG for v2.0 */
134 CK_ULONG ulMaxSessionCount; /* max open sessions */
135 CK_ULONG ulSessionCount; /* sess. now open */
136 CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
137 CK_ULONG ulRwSessionCount; /* R/W sess. now open */
138 CK_ULONG ulMaxPinLen; /* in bytes */
139 CK_ULONG ulMinPinLen; /* in bytes */
140 CK_ULONG ulTotalPublicMemory; /* in bytes */
141 CK_ULONG ulFreePublicMemory; /* in bytes */
142 CK_ULONG ulTotalPrivateMemory; /* in bytes */
143 CK_ULONG ulFreePrivateMemory; /* in bytes */
144
145 /* hardwareVersion, firmwareVersion, and time are new for
146 * v2.0 */
147 CK_VERSION hardwareVersion; /* version of hardware */
148 CK_VERSION firmwareVersion; /* version of firmware */
149 CK_CHAR utcTime[16]; /* time */
151
152/* The flags parameter is defined as follows:
153 * Bit Flag Mask Meaning
154 */
155#define CKF_RNG 0x00000001 /* has random #
156 * generator */
157#define CKF_WRITE_PROTECTED 0x00000002 /* token is
158 * write-
159 * protected */
160#define CKF_LOGIN_REQUIRED 0x00000004 /* user must
161 * login */
162#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's
163 * PIN is set */
164
165/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set,
166 * that means that *every* time the state of cryptographic
167 * operations of a session is successfully saved, all keys
168 * needed to continue those operations are stored in the state */
169#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020
170
171/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means
172 * that the token has some sort of clock. The time on that
173 * clock is returned in the token info structure */
174#define CKF_CLOCK_ON_TOKEN 0x00000040
175
176/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is
177 * set, that means that there is some way for the user to login
178 * without sending a PIN through the Cryptoki library itself */
179#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100
180
181/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true,
182 * that means that a single session with the token can perform
183 * dual simultaneous cryptographic operations (digest and
184 * encrypt; decrypt and digest; sign and encrypt; and decrypt
185 * and sign) */
186#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200
187
188/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
189 * token has been initialized using C_InitializeToken or an
190 * equivalent mechanism outside the scope of PKCS #11.
191 * Calling C_InitializeToken when this flag is set will cause
192 * the token to be reinitialized. */
193#define CKF_TOKEN_INITIALIZED 0x00000400
194
195/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is
196 * true, the token supports secondary authentication for
197 * private key objects. */
198#define CKF_SECONDARY_AUTHENTICATION 0x00000800
199
200/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an
201 * incorrect user login PIN has been entered at least once
202 * since the last successful authentication. */
203#define CKF_USER_PIN_COUNT_LOW 0x00010000
204
205/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
206 * supplying an incorrect user PIN will it to become locked. */
207#define CKF_USER_PIN_FINAL_TRY 0x00020000
208
209/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the
210 * user PIN has been locked. User login to the token is not
211 * possible. */
212#define CKF_USER_PIN_LOCKED 0x00040000
213
214/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
215 * the user PIN value is the default value set by token
216 * initialization or manufacturing, or the PIN has been
217 * expired by the card. */
218#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000
219
220/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an
221 * incorrect SO login PIN has been entered at least once since
222 * the last successful authentication. */
223#define CKF_SO_PIN_COUNT_LOW 0x00100000
224
225/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
226 * supplying an incorrect SO PIN will it to become locked. */
227#define CKF_SO_PIN_FINAL_TRY 0x00200000
228
229/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
230 * PIN has been locked. SO login to the token is not possible.
231 */
232#define CKF_SO_PIN_LOCKED 0x00400000
233
234/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
235 * the SO PIN value is the default value set by token
236 * initialization or manufacturing, or the PIN has been
237 * expired by the card. */
238#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
239
240typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
241
242
243/* CK_SESSION_HANDLE is a Cryptoki-assigned value that
244 * identifies a session */
245typedef CK_ULONG CK_SESSION_HANDLE;
246
247typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
248
249
250/* CK_USER_TYPE enumerates the types of Cryptoki users */
251/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
252 * v2.0 */
253typedef CK_ULONG CK_USER_TYPE;
254/* Security Officer */
255#define CKU_SO 0
256/* Normal user */
257#define CKU_USER 1
258
259
260/* CK_STATE enumerates the session states */
261/* CK_STATE has been changed from an enum to a CK_ULONG for
262 * v2.0 */
263typedef CK_ULONG CK_STATE;
264#define CKS_RO_PUBLIC_SESSION 0
265#define CKS_RO_USER_FUNCTIONS 1
266#define CKS_RW_PUBLIC_SESSION 2
267#define CKS_RW_USER_FUNCTIONS 3
268#define CKS_RW_SO_FUNCTIONS 4
269
270
271/* CK_SESSION_INFO provides information about a session */
272typedef struct CK_SESSION_INFO {
273 CK_SLOT_ID slotID;
274 CK_STATE state;
275 CK_FLAGS flags; /* see below */
276
277 /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
278 * v2.0 */
279 CK_ULONG ulDeviceError; /* device-dependent error code */
281
282/* The flags are defined in the following table:
283 * Bit Flag Mask Meaning
284 */
285#define CKF_RW_SESSION 0x00000002 /* session is r/w */
286#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */
287
288typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
289
290
291/* CK_OBJECT_HANDLE is a token-specific identifier for an
292 * object */
293typedef CK_ULONG CK_OBJECT_HANDLE;
294
295typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
296
297
298/* CK_OBJECT_CLASS is a value that identifies the classes (or
299 * types) of objects that Cryptoki recognizes. It is defined
300 * as follows: */
301/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
302 * v2.0 */
303typedef CK_ULONG CK_OBJECT_CLASS;
304
305/* The following classes of objects are defined: */
306/* CKO_HW_FEATURE is new for v2.10 */
307/* CKO_DOMAIN_PARAMETERS is new for v2.11 */
308#define CKO_DATA 0x00000000
309#define CKO_CERTIFICATE 0x00000001
310#define CKO_PUBLIC_KEY 0x00000002
311#define CKO_PRIVATE_KEY 0x00000003
312#define CKO_SECRET_KEY 0x00000004
313#define CKO_HW_FEATURE 0x00000005
314#define CKO_DOMAIN_PARAMETERS 0x00000006
315#define CKO_VENDOR_DEFINED 0x80000000
316
317typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
318
319/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
320 * value that identifies the hardware feature type of an object
321 * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
322typedef CK_ULONG CK_HW_FEATURE_TYPE;
323
324/* The following hardware feature types are defined */
325#define CKH_MONOTONIC_COUNTER 0x00000001
326#define CKH_CLOCK 0x00000002
327#define CKH_VENDOR_DEFINED 0x80000000
328
329/* CK_KEY_TYPE is a value that identifies a key type */
330/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
331typedef CK_ULONG CK_KEY_TYPE;
332
333/* the following key types are defined: */
334#define CKK_RSA 0x00000000
335#define CKK_DSA 0x00000001
336#define CKK_DH 0x00000002
337
338/* CKK_ECDSA and CKK_KEA are new for v2.0 */
339/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */
340#define CKK_ECDSA 0x00000003
341#define CKK_EC 0x00000003
342#define CKK_X9_42_DH 0x00000004
343#define CKK_KEA 0x00000005
344
345#define CKK_GENERIC_SECRET 0x00000010
346#define CKK_RC2 0x00000011
347#define CKK_RC4 0x00000012
348#define CKK_DES 0x00000013
349#define CKK_DES2 0x00000014
350#define CKK_DES3 0x00000015
351
352/* all these key types are new for v2.0 */
353#define CKK_CAST 0x00000016
354#define CKK_CAST3 0x00000017
355/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */
356#define CKK_CAST5 0x00000018
357#define CKK_CAST128 0x00000018
358#define CKK_RC5 0x00000019
359#define CKK_IDEA 0x0000001A
360#define CKK_SKIPJACK 0x0000001B
361#define CKK_BATON 0x0000001C
362#define CKK_JUNIPER 0x0000001D
363#define CKK_CDMF 0x0000001E
364#define CKK_AES 0x0000001F
365
366#define CKK_VENDOR_DEFINED 0x80000000
367
368
369/* CK_CERTIFICATE_TYPE is a value that identifies a certificate
370 * type */
371/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
372 * for v2.0 */
373typedef CK_ULONG CK_CERTIFICATE_TYPE;
374
375/* The following certificate types are defined: */
376/* CKC_X_509_ATTR_CERT is new for v2.10 */
377#define CKC_X_509 0x00000000
378#define CKC_X_509_ATTR_CERT 0x00000001
379#define CKC_VENDOR_DEFINED 0x80000000
380
381
382/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
383 * type */
384/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
385 * v2.0 */
386typedef CK_ULONG CK_ATTRIBUTE_TYPE;
387
388/* The following attribute types are defined: */
389#define CKA_CLASS 0x00000000
390#define CKA_TOKEN 0x00000001
391#define CKA_PRIVATE 0x00000002
392#define CKA_LABEL 0x00000003
393#define CKA_APPLICATION 0x00000010
394#define CKA_VALUE 0x00000011
395
396/* CKA_OBJECT_ID is new for v2.10 */
397#define CKA_OBJECT_ID 0x00000012
398
399#define CKA_CERTIFICATE_TYPE 0x00000080
400#define CKA_ISSUER 0x00000081
401#define CKA_SERIAL_NUMBER 0x00000082
402
403/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new
404 * for v2.10 */
405#define CKA_AC_ISSUER 0x00000083
406#define CKA_OWNER 0x00000084
407#define CKA_ATTR_TYPES 0x00000085
408
409/* CKA_TRUSTED is new for v2.11 */
410#define CKA_TRUSTED 0x00000086
411
412#define CKA_KEY_TYPE 0x00000100
413#define CKA_SUBJECT 0x00000101
414#define CKA_ID 0x00000102
415#define CKA_SENSITIVE 0x00000103
416#define CKA_ENCRYPT 0x00000104
417#define CKA_DECRYPT 0x00000105
418#define CKA_WRAP 0x00000106
419#define CKA_UNWRAP 0x00000107
420#define CKA_SIGN 0x00000108
421#define CKA_SIGN_RECOVER 0x00000109
422#define CKA_VERIFY 0x0000010A
423#define CKA_VERIFY_RECOVER 0x0000010B
424#define CKA_DERIVE 0x0000010C
425#define CKA_START_DATE 0x00000110
426#define CKA_END_DATE 0x00000111
427#define CKA_MODULUS 0x00000120
428#define CKA_MODULUS_BITS 0x00000121
429#define CKA_PUBLIC_EXPONENT 0x00000122
430#define CKA_PRIVATE_EXPONENT 0x00000123
431#define CKA_PRIME_1 0x00000124
432#define CKA_PRIME_2 0x00000125
433#define CKA_EXPONENT_1 0x00000126
434#define CKA_EXPONENT_2 0x00000127
435#define CKA_COEFFICIENT 0x00000128
436#define CKA_PRIME 0x00000130
437#define CKA_SUBPRIME 0x00000131
438#define CKA_BASE 0x00000132
439
440/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
441#define CKA_PRIME_BITS 0x00000133
442#define CKA_SUB_PRIME_BITS 0x00000134
443
444#define CKA_VALUE_BITS 0x00000160
445#define CKA_VALUE_LEN 0x00000161
446
447/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
448 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
449 * and CKA_EC_POINT are new for v2.0 */
450#define CKA_EXTRACTABLE 0x00000162
451#define CKA_LOCAL 0x00000163
452#define CKA_NEVER_EXTRACTABLE 0x00000164
453#define CKA_ALWAYS_SENSITIVE 0x00000165
454
455/* CKA_KEY_GEN_MECHANISM is new for v2.11 */
456#define CKA_KEY_GEN_MECHANISM 0x00000166
457
458#define CKA_MODIFIABLE 0x00000170
459
460/* CKA_ECDSA_PARAMS is deprecated in v2.11,
461 * CKA_EC_PARAMS is preferred. */
462#define CKA_ECDSA_PARAMS 0x00000180
463#define CKA_EC_PARAMS 0x00000180
464
465#define CKA_EC_POINT 0x00000181
466
467/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
468 * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
469 * are new for v2.10 */
470#define CKA_SECONDARY_AUTH 0x00000200
471#define CKA_AUTH_PIN_FLAGS 0x00000201
472#define CKA_HW_FEATURE_TYPE 0x00000300
473#define CKA_RESET_ON_INIT 0x00000301
474#define CKA_HAS_RESET 0x00000302
475
476#define CKA_VENDOR_DEFINED 0x80000000
477
478
479/* CK_ATTRIBUTE is a structure that includes the type, length
480 * and value of an attribute */
481typedef struct CK_ATTRIBUTE {
482 CK_ATTRIBUTE_TYPE type;
483 CK_VOID_PTR pValue;
484
485 /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
486 CK_ULONG ulValueLen; /* in bytes */
489typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
490
491
492/* CK_DATE is a structure that defines a date */
493typedef struct CK_DATE{
494 CK_CHAR year[4]; /* the year ("1900" - "9999") */
495 CK_CHAR month[2]; /* the month ("01" - "12") */
496 CK_CHAR day[2]; /* the day ("01" - "31") */
497} CK_DATE;
498
499
500/* CK_MECHANISM_TYPE is a value that identifies a mechanism
501 * type */
502/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
503 * v2.0 */
504typedef CK_ULONG CK_MECHANISM_TYPE;
505
506/* the following mechanism types are defined: */
507#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
508#define CKM_RSA_PKCS 0x00000001
509#define CKM_RSA_9796 0x00000002
510#define CKM_RSA_X_509 0x00000003
511
512/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
513 * are new for v2.0. They are mechanisms which hash and sign */
514#define CKM_MD2_RSA_PKCS 0x00000004
515#define CKM_MD5_RSA_PKCS 0x00000005
516#define CKM_SHA1_RSA_PKCS 0x00000006
517
518/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and
519 * CKM_RSA_PKCS_OAEP are new for v2.10 */
520#define CKM_RIPEMD128_RSA_PKCS 0x00000007
521#define CKM_RIPEMD160_RSA_PKCS 0x00000008
522#define CKM_RSA_PKCS_OAEP 0x00000009
523
524/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
525 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
526#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A
527#define CKM_RSA_X9_31 0x0000000B
528#define CKM_SHA1_RSA_X9_31 0x0000000C
529#define CKM_RSA_PKCS_PSS 0x0000000D
530#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
531
532#define CKM_DSA_KEY_PAIR_GEN 0x00000010
533#define CKM_DSA 0x00000011
534#define CKM_DSA_SHA1 0x00000012
535#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
536#define CKM_DH_PKCS_DERIVE 0x00000021
537
538/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
539 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for
540 * v2.11 */
541#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030
542#define CKM_X9_42_DH_DERIVE 0x00000031
543#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032
544#define CKM_X9_42_MQV_DERIVE 0x00000033
545
546#define CKM_RC2_KEY_GEN 0x00000100
547#define CKM_RC2_ECB 0x00000101
548#define CKM_RC2_CBC 0x00000102
549#define CKM_RC2_MAC 0x00000103
550
551/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
552#define CKM_RC2_MAC_GENERAL 0x00000104
553#define CKM_RC2_CBC_PAD 0x00000105
554
555#define CKM_RC4_KEY_GEN 0x00000110
556#define CKM_RC4 0x00000111
557#define CKM_DES_KEY_GEN 0x00000120
558#define CKM_DES_ECB 0x00000121
559#define CKM_DES_CBC 0x00000122
560#define CKM_DES_MAC 0x00000123
561
562/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
563#define CKM_DES_MAC_GENERAL 0x00000124
564#define CKM_DES_CBC_PAD 0x00000125
565
566#define CKM_DES2_KEY_GEN 0x00000130
567#define CKM_DES3_KEY_GEN 0x00000131
568#define CKM_DES3_ECB 0x00000132
569#define CKM_DES3_CBC 0x00000133
570#define CKM_DES3_MAC 0x00000134
571
572/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
573 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
574 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
575#define CKM_DES3_MAC_GENERAL 0x00000135
576#define CKM_DES3_CBC_PAD 0x00000136
577#define CKM_CDMF_KEY_GEN 0x00000140
578#define CKM_CDMF_ECB 0x00000141
579#define CKM_CDMF_CBC 0x00000142
580#define CKM_CDMF_MAC 0x00000143
581#define CKM_CDMF_MAC_GENERAL 0x00000144
582#define CKM_CDMF_CBC_PAD 0x00000145
583
584#define CKM_MD2 0x00000200
585
586/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
587#define CKM_MD2_HMAC 0x00000201
588#define CKM_MD2_HMAC_GENERAL 0x00000202
589
590#define CKM_MD5 0x00000210
591
592/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
593#define CKM_MD5_HMAC 0x00000211
594#define CKM_MD5_HMAC_GENERAL 0x00000212
595
596#define CKM_SHA_1 0x00000220
597
598/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
599#define CKM_SHA_1_HMAC 0x00000221
600#define CKM_SHA_1_HMAC_GENERAL 0x00000222
601
602/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC,
603 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
604 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
605#define CKM_RIPEMD128 0x00000230
606#define CKM_RIPEMD128_HMAC 0x00000231
607#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232
608#define CKM_RIPEMD160 0x00000240
609#define CKM_RIPEMD160_HMAC 0x00000241
610#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242
611
612/* All of the following mechanisms are new for v2.0 */
613/* Note that CAST128 and CAST5 are the same algorithm */
614#define CKM_CAST_KEY_GEN 0x00000300
615#define CKM_CAST_ECB 0x00000301
616#define CKM_CAST_CBC 0x00000302
617#define CKM_CAST_MAC 0x00000303
618#define CKM_CAST_MAC_GENERAL 0x00000304
619#define CKM_CAST_CBC_PAD 0x00000305
620#define CKM_CAST3_KEY_GEN 0x00000310
621#define CKM_CAST3_ECB 0x00000311
622#define CKM_CAST3_CBC 0x00000312
623#define CKM_CAST3_MAC 0x00000313
624#define CKM_CAST3_MAC_GENERAL 0x00000314
625#define CKM_CAST3_CBC_PAD 0x00000315
626#define CKM_CAST5_KEY_GEN 0x00000320
627#define CKM_CAST128_KEY_GEN 0x00000320
628#define CKM_CAST5_ECB 0x00000321
629#define CKM_CAST128_ECB 0x00000321
630#define CKM_CAST5_CBC 0x00000322
631#define CKM_CAST128_CBC 0x00000322
632#define CKM_CAST5_MAC 0x00000323
633#define CKM_CAST128_MAC 0x00000323
634#define CKM_CAST5_MAC_GENERAL 0x00000324
635#define CKM_CAST128_MAC_GENERAL 0x00000324
636#define CKM_CAST5_CBC_PAD 0x00000325
637#define CKM_CAST128_CBC_PAD 0x00000325
638#define CKM_RC5_KEY_GEN 0x00000330
639#define CKM_RC5_ECB 0x00000331
640#define CKM_RC5_CBC 0x00000332
641#define CKM_RC5_MAC 0x00000333
642#define CKM_RC5_MAC_GENERAL 0x00000334
643#define CKM_RC5_CBC_PAD 0x00000335
644#define CKM_IDEA_KEY_GEN 0x00000340
645#define CKM_IDEA_ECB 0x00000341
646#define CKM_IDEA_CBC 0x00000342
647#define CKM_IDEA_MAC 0x00000343
648#define CKM_IDEA_MAC_GENERAL 0x00000344
649#define CKM_IDEA_CBC_PAD 0x00000345
650#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
651#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
652#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
653#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
654#define CKM_XOR_BASE_AND_DATA 0x00000364
655#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
656#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
657#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
658#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
659
660/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
661 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and
662 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */
663#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373
664#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374
665#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375
666#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376
667#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377
668
669#define CKM_SSL3_MD5_MAC 0x00000380
670#define CKM_SSL3_SHA1_MAC 0x00000381
671#define CKM_MD5_KEY_DERIVATION 0x00000390
672#define CKM_MD2_KEY_DERIVATION 0x00000391
673#define CKM_SHA1_KEY_DERIVATION 0x00000392
674#define CKM_PBE_MD2_DES_CBC 0x000003A0
675#define CKM_PBE_MD5_DES_CBC 0x000003A1
676#define CKM_PBE_MD5_CAST_CBC 0x000003A2
677#define CKM_PBE_MD5_CAST3_CBC 0x000003A3
678#define CKM_PBE_MD5_CAST5_CBC 0x000003A4
679#define CKM_PBE_MD5_CAST128_CBC 0x000003A4
680#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
681#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
682#define CKM_PBE_SHA1_RC4_128 0x000003A6
683#define CKM_PBE_SHA1_RC4_40 0x000003A7
684#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
685#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
686#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
687#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
688
689/* CKM_PKCS5_PBKD2 is new for v2.10 */
690#define CKM_PKCS5_PBKD2 0x000003B0
691
692#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
693#define CKM_KEY_WRAP_LYNKS 0x00000400
694#define CKM_KEY_WRAP_SET_OAEP 0x00000401
695
696/* Fortezza mechanisms */
697#define CKM_SKIPJACK_KEY_GEN 0x00001000
698#define CKM_SKIPJACK_ECB64 0x00001001
699#define CKM_SKIPJACK_CBC64 0x00001002
700#define CKM_SKIPJACK_OFB64 0x00001003
701#define CKM_SKIPJACK_CFB64 0x00001004
702#define CKM_SKIPJACK_CFB32 0x00001005
703#define CKM_SKIPJACK_CFB16 0x00001006
704#define CKM_SKIPJACK_CFB8 0x00001007
705#define CKM_SKIPJACK_WRAP 0x00001008
706#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
707#define CKM_SKIPJACK_RELAYX 0x0000100a
708#define CKM_KEA_KEY_PAIR_GEN 0x00001010
709#define CKM_KEA_KEY_DERIVE 0x00001011
710#define CKM_FORTEZZA_TIMESTAMP 0x00001020
711#define CKM_BATON_KEY_GEN 0x00001030
712#define CKM_BATON_ECB128 0x00001031
713#define CKM_BATON_ECB96 0x00001032
714#define CKM_BATON_CBC128 0x00001033
715#define CKM_BATON_COUNTER 0x00001034
716#define CKM_BATON_SHUFFLE 0x00001035
717#define CKM_BATON_WRAP 0x00001036
718
719/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,
720 * CKM_EC_KEY_PAIR_GEN is preferred */
721#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040
722#define CKM_EC_KEY_PAIR_GEN 0x00001040
723
724#define CKM_ECDSA 0x00001041
725#define CKM_ECDSA_SHA1 0x00001042
726
727/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE
728 * are new for v2.11 */
729#define CKM_ECDH1_DERIVE 0x00001050
730#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051
731#define CKM_ECMQV_DERIVE 0x00001052
732
733#define CKM_JUNIPER_KEY_GEN 0x00001060
734#define CKM_JUNIPER_ECB128 0x00001061
735#define CKM_JUNIPER_CBC128 0x00001062
736#define CKM_JUNIPER_COUNTER 0x00001063
737#define CKM_JUNIPER_SHUFFLE 0x00001064
738#define CKM_JUNIPER_WRAP 0x00001065
739#define CKM_FASTHASH 0x00001070
740
741/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC,
742 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN,
743 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are
744 * new for v2.11 */
745#define CKM_AES_KEY_GEN 0x00001080
746#define CKM_AES_ECB 0x00001081
747#define CKM_AES_CBC 0x00001082
748#define CKM_AES_MAC 0x00001083
749#define CKM_AES_MAC_GENERAL 0x00001084
750#define CKM_AES_CBC_PAD 0x00001085
751#define CKM_DSA_PARAMETER_GEN 0x00002000
752#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
753#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002
754
755#define CKM_VENDOR_DEFINED 0x80000000
756
757typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
758
759
760/* CK_MECHANISM is a structure that specifies a particular
761 * mechanism */
762typedef struct CK_MECHANISM {
763 CK_MECHANISM_TYPE mechanism;
764 CK_VOID_PTR pParameter;
765
766 /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
767 * v2.0 */
768 CK_ULONG ulParameterLen; /* in bytes */
770
771typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
772
773
774/* CK_MECHANISM_INFO provides information about a particular
775 * mechanism */
776typedef struct CK_MECHANISM_INFO {
777 CK_ULONG ulMinKeySize;
778 CK_ULONG ulMaxKeySize;
779 CK_FLAGS flags;
781
782/* The flags are defined as follows:
783 * Bit Flag Mask Meaning */
784#define CKF_HW 0x00000001 /* performed by HW */
785
786/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
787 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
788 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
789 * and CKF_DERIVE are new for v2.0. They specify whether or not
790 * a mechanism can be used for a particular task */
791#define CKF_ENCRYPT 0x00000100
792#define CKF_DECRYPT 0x00000200
793#define CKF_DIGEST 0x00000400
794#define CKF_SIGN 0x00000800
795#define CKF_SIGN_RECOVER 0x00001000
796#define CKF_VERIFY 0x00002000
797#define CKF_VERIFY_RECOVER 0x00004000
798#define CKF_GENERATE 0x00008000
799#define CKF_GENERATE_KEY_PAIR 0x00010000
800#define CKF_WRAP 0x00020000
801#define CKF_UNWRAP 0x00040000
802#define CKF_DERIVE 0x00080000
803
804/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
805 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They
806 * describe a token's EC capabilities not available in mechanism
807 * information. */
808#define CKF_EC_F_P 0x00100000
809#define CKF_EC_F_2M 0x00200000
810#define CKF_EC_ECPARAMETERS 0x00400000
811#define CKF_EC_NAMEDCURVE 0x00800000
812#define CKF_EC_UNCOMPRESS 0x01000000
813#define CKF_EC_COMPRESS 0x02000000
814
815#define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */
816
817typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
818
819
820/* CK_RV is a value that identifies the return value of a
821 * Cryptoki function */
822/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
823typedef CK_ULONG CK_RV;
824
825#define CKR_OK 0x00000000
826#define CKR_CANCEL 0x00000001
827#define CKR_HOST_MEMORY 0x00000002
828#define CKR_SLOT_ID_INVALID 0x00000003
829
830/* CKR_FLAGS_INVALID was removed for v2.0 */
831
832/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
833#define CKR_GENERAL_ERROR 0x00000005
834#define CKR_FUNCTION_FAILED 0x00000006
835
836/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
837 * and CKR_CANT_LOCK are new for v2.01 */
838#define CKR_ARGUMENTS_BAD 0x00000007
839#define CKR_NO_EVENT 0x00000008
840#define CKR_NEED_TO_CREATE_THREADS 0x00000009
841#define CKR_CANT_LOCK 0x0000000A
842
843#define CKR_ATTRIBUTE_READ_ONLY 0x00000010
844#define CKR_ATTRIBUTE_SENSITIVE 0x00000011
845#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
846#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
847#define CKR_DATA_INVALID 0x00000020
848#define CKR_DATA_LEN_RANGE 0x00000021
849#define CKR_DEVICE_ERROR 0x00000030
850#define CKR_DEVICE_MEMORY 0x00000031
851#define CKR_DEVICE_REMOVED 0x00000032
852#define CKR_ENCRYPTED_DATA_INVALID 0x00000040
853#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
854#define CKR_FUNCTION_CANCELED 0x00000050
855#define CKR_FUNCTION_NOT_PARALLEL 0x00000051
856
857/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
858#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
859
860#define CKR_KEY_HANDLE_INVALID 0x00000060
861
862/* CKR_KEY_SENSITIVE was removed for v2.0 */
863
864#define CKR_KEY_SIZE_RANGE 0x00000062
865#define CKR_KEY_TYPE_INCONSISTENT 0x00000063
866
867/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
868 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
869 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
870 * v2.0 */
871#define CKR_KEY_NOT_NEEDED 0x00000064
872#define CKR_KEY_CHANGED 0x00000065
873#define CKR_KEY_NEEDED 0x00000066
874#define CKR_KEY_INDIGESTIBLE 0x00000067
875#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
876#define CKR_KEY_NOT_WRAPPABLE 0x00000069
877#define CKR_KEY_UNEXTRACTABLE 0x0000006A
878
879#define CKR_MECHANISM_INVALID 0x00000070
880#define CKR_MECHANISM_PARAM_INVALID 0x00000071
881
882/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
883 * were removed for v2.0 */
884#define CKR_OBJECT_HANDLE_INVALID 0x00000082
885#define CKR_OPERATION_ACTIVE 0x00000090
886#define CKR_OPERATION_NOT_INITIALIZED 0x00000091
887#define CKR_PIN_INCORRECT 0x000000A0
888#define CKR_PIN_INVALID 0x000000A1
889#define CKR_PIN_LEN_RANGE 0x000000A2
890
891/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
892#define CKR_PIN_EXPIRED 0x000000A3
893#define CKR_PIN_LOCKED 0x000000A4
894
895#define CKR_SESSION_CLOSED 0x000000B0
896#define CKR_SESSION_COUNT 0x000000B1
897#define CKR_SESSION_HANDLE_INVALID 0x000000B3
898#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
899#define CKR_SESSION_READ_ONLY 0x000000B5
900#define CKR_SESSION_EXISTS 0x000000B6
901
902/* CKR_SESSION_READ_ONLY_EXISTS and
903 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
904#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
905#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
906
907#define CKR_SIGNATURE_INVALID 0x000000C0
908#define CKR_SIGNATURE_LEN_RANGE 0x000000C1
909#define CKR_TEMPLATE_INCOMPLETE 0x000000D0
910#define CKR_TEMPLATE_INCONSISTENT 0x000000D1
911#define CKR_TOKEN_NOT_PRESENT 0x000000E0
912#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
913#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
914#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
915#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
916#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
917#define CKR_USER_ALREADY_LOGGED_IN 0x00000100
918#define CKR_USER_NOT_LOGGED_IN 0x00000101
919#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
920#define CKR_USER_TYPE_INVALID 0x00000103
921
922/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
923 * are new to v2.01 */
924#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
925#define CKR_USER_TOO_MANY_TYPES 0x00000105
926
927#define CKR_WRAPPED_KEY_INVALID 0x00000110
928#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
929#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
930#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
931#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
932#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
933
934/* These are new to v2.0 */
935#define CKR_RANDOM_NO_RNG 0x00000121
936
937/* These are new to v2.11 */
938#define CKR_DOMAIN_PARAMS_INVALID 0x00000130
939
940/* These are new to v2.0 */
941#define CKR_BUFFER_TOO_SMALL 0x00000150
942#define CKR_SAVED_STATE_INVALID 0x00000160
943#define CKR_INFORMATION_SENSITIVE 0x00000170
944#define CKR_STATE_UNSAVEABLE 0x00000180
945
946/* These are new to v2.01 */
947#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
948#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
949#define CKR_MUTEX_BAD 0x000001A0
950#define CKR_MUTEX_NOT_LOCKED 0x000001A1
951
952#define CKR_VENDOR_DEFINED 0x80000000
953
954
955/* CK_NOTIFY is an application callback that processes events */
956typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
957 CK_SESSION_HANDLE hSession, /* the session's handle */
958 CK_NOTIFICATION event,
959 CK_VOID_PTR pApplication /* passed to C_OpenSession */
960);
961
962
963/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec
964 * version and pointers of appropriate types to all the
965 * Cryptoki functions */
966/* CK_FUNCTION_LIST is new for v2.0 */
968
969typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
970
971typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
972
973
974/* CK_CREATEMUTEX is an application callback for creating a
975 * mutex object */
976typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
977 CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
978);
979
980
981/* CK_DESTROYMUTEX is an application callback for destroying a
982 * mutex object */
983typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
984 CK_VOID_PTR pMutex /* pointer to mutex */
985);
986
987
988/* CK_LOCKMUTEX is an application callback for locking a mutex */
989typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
990 CK_VOID_PTR pMutex /* pointer to mutex */
991);
992
993
994/* CK_UNLOCKMUTEX is an application callback for unlocking a
995 * mutex */
996typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
997 CK_VOID_PTR pMutex /* pointer to mutex */
999
1000
1001/* CK_C_INITIALIZE_ARGS provides the optional arguments to
1002 * C_Initialize */
1003typedef struct CK_C_INITIALIZE_ARGS {
1004 CK_CREATEMUTEX CreateMutex;
1005 CK_DESTROYMUTEX DestroyMutex;
1006 CK_LOCKMUTEX LockMutex;
1007 CK_UNLOCKMUTEX UnlockMutex;
1008 CK_FLAGS flags;
1009 CK_VOID_PTR pReserved;
1011
1012/* flags: bit flags that provide capabilities of the slot
1013 * Bit Flag Mask Meaning
1014 */
1015#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
1016#define CKF_OS_LOCKING_OK 0x00000002
1017
1018typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
1019
1020
1021/* additional flags for parameters to functions */
1022
1023/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
1024#define CKF_DONT_BLOCK 1
1025
1026/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
1027 * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message
1028 * Generation Function (MGF) applied to a message block when
1029 * formatting a message block for the PKCS #1 OAEP encryption
1030 * scheme. */
1031typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
1032
1033typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;
1034
1035/* The following MGFs are defined */
1036#define CKG_MGF1_SHA1 0x00000001
1037
1038/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
1039 * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
1040 * of the encoding parameter when formatting a message block
1041 * for the PKCS #1 OAEP encryption scheme. */
1042typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
1043
1044typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
1045
1046/* The following encoding parameter sources are defined */
1047#define CKZ_DATA_SPECIFIED 0x00000001
1048
1049/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
1050 * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
1051 * CKM_RSA_PKCS_OAEP mechanism. */
1052typedef struct CK_RSA_PKCS_OAEP_PARAMS {
1053 CK_MECHANISM_TYPE hashAlg;
1054 CK_RSA_PKCS_MGF_TYPE mgf;
1055 CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
1056 CK_VOID_PTR pSourceData;
1057 CK_ULONG ulSourceDataLen;
1059
1060typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
1061
1062/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11.
1063 * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
1064 * CKM_RSA_PKCS_PSS mechanism(s). */
1065typedef struct CK_RSA_PKCS_PSS_PARAMS {
1066 CK_MECHANISM_TYPE hashAlg;
1067 CK_RSA_PKCS_MGF_TYPE mgf;
1068 CK_ULONG sLen;
1070
1071/* CK_KEA_DERIVE_PARAMS provides the parameters to the
1072 * CKM_KEA_DERIVE mechanism */
1073/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
1074typedef struct CK_KEA_DERIVE_PARAMS {
1075 CK_BBOOL isSender;
1076 CK_ULONG ulRandomLen;
1077 CK_BYTE_PTR pRandomA;
1078 CK_BYTE_PTR pRandomB;
1079 CK_ULONG ulPublicDataLen;
1080 CK_BYTE_PTR pPublicData;
1082
1083typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
1084
1085
1086/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
1087 * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
1088 * holds the effective keysize */
1089typedef CK_ULONG CK_RC2_PARAMS;
1090
1091typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
1092
1093
1094/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
1095 * mechanism */
1096typedef struct CK_RC2_CBC_PARAMS {
1097 /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
1098 * v2.0 */
1099 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
1100
1101 CK_BYTE iv[8]; /* IV for CBC mode */
1103
1104typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
1106
1107/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
1108 * CKM_RC2_MAC_GENERAL mechanism */
1109/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
1110typedef struct CK_RC2_MAC_GENERAL_PARAMS {
1111 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
1112 CK_ULONG ulMacLength; /* Length of MAC in bytes */
1114
1115typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
1116 CK_RC2_MAC_GENERAL_PARAMS_PTR;
1118
1119/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
1120 * CKM_RC5_MAC mechanisms */
1121/* CK_RC5_PARAMS is new for v2.0 */
1122typedef struct CK_RC5_PARAMS {
1123 CK_ULONG ulWordsize; /* wordsize in bits */
1124 CK_ULONG ulRounds; /* number of rounds */
1126
1127typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
1129
1130/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
1131 * mechanism */
1132/* CK_RC5_CBC_PARAMS is new for v2.0 */
1133typedef struct CK_RC5_CBC_PARAMS {
1134 CK_ULONG ulWordsize; /* wordsize in bits */
1135 CK_ULONG ulRounds; /* number of rounds */
1136 CK_BYTE_PTR pIv; /* pointer to IV */
1137 CK_ULONG ulIvLen; /* length of IV in bytes */
1139
1140typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
1142
1143/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
1144 * CKM_RC5_MAC_GENERAL mechanism */
1145/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
1146typedef struct CK_RC5_MAC_GENERAL_PARAMS {
1147 CK_ULONG ulWordsize; /* wordsize in bits */
1148 CK_ULONG ulRounds; /* number of rounds */
1149 CK_ULONG ulMacLength; /* Length of MAC in bytes */
1151
1152typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
1153 CK_RC5_MAC_GENERAL_PARAMS_PTR;
1154
1155
1156/* CK_MAC_GENERAL_PARAMS provides the parameters to most block
1157 * ciphers' MAC_GENERAL mechanisms. Its value is the length of
1158 * the MAC */
1159/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
1160typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
1161
1162typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
1164
1165/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
1166 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
1167/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
1168typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
1169 CK_ULONG ulPasswordLen;
1170 CK_BYTE_PTR pPassword;
1171 CK_ULONG ulPublicDataLen;
1172 CK_BYTE_PTR pPublicData;
1173 CK_ULONG ulPAndGLen;
1174 CK_ULONG ulQLen;
1175 CK_ULONG ulRandomLen;
1176 CK_BYTE_PTR pRandomA;
1177 CK_BYTE_PTR pPrimeP;
1178 CK_BYTE_PTR pBaseG;
1179 CK_BYTE_PTR pSubprimeQ;
1181
1182typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
1183 CK_SKIPJACK_PRIVATE_WRAP_PTR;
1185
1186/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
1187 * CKM_SKIPJACK_RELAYX mechanism */
1188/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
1189typedef struct CK_SKIPJACK_RELAYX_PARAMS {
1190 CK_ULONG ulOldWrappedXLen;
1191 CK_BYTE_PTR pOldWrappedX;
1192 CK_ULONG ulOldPasswordLen;
1193 CK_BYTE_PTR pOldPassword;
1194 CK_ULONG ulOldPublicDataLen;
1195 CK_BYTE_PTR pOldPublicData;
1196 CK_ULONG ulOldRandomLen;
1197 CK_BYTE_PTR pOldRandomA;
1198 CK_ULONG ulNewPasswordLen;
1199 CK_BYTE_PTR pNewPassword;
1200 CK_ULONG ulNewPublicDataLen;
1201 CK_BYTE_PTR pNewPublicData;
1202 CK_ULONG ulNewRandomLen;
1203 CK_BYTE_PTR pNewRandomA;
1206typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
1207 CK_SKIPJACK_RELAYX_PARAMS_PTR;
1208
1209
1210typedef struct CK_PBE_PARAMS {
1211 CK_BYTE_PTR pInitVector;
1212 CK_UTF8CHAR_PTR pPassword;
1213 CK_ULONG ulPasswordLen;
1214 CK_BYTE_PTR pSalt;
1215 CK_ULONG ulSaltLen;
1216 CK_ULONG ulIteration;
1218
1219typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
1221
1222/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
1223 * CKM_KEY_WRAP_SET_OAEP mechanism */
1224/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
1225typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
1226 CK_BYTE bBC; /* block contents byte */
1227 CK_BYTE_PTR pX; /* extra data */
1228 CK_ULONG ulXLen; /* length of extra data in bytes */
1231typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
1232 CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
1233
1234
1235typedef struct CK_SSL3_RANDOM_DATA {
1236 CK_BYTE_PTR pClientRandom;
1237 CK_ULONG ulClientRandomLen;
1238 CK_BYTE_PTR pServerRandom;
1239 CK_ULONG ulServerRandomLen;
1241
1242
1243typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
1244 CK_SSL3_RANDOM_DATA RandomInfo;
1245 CK_VERSION_PTR pVersion;
1248typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
1249 CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
1250
1251
1252typedef struct CK_SSL3_KEY_MAT_OUT {
1253 CK_OBJECT_HANDLE hClientMacSecret;
1254 CK_OBJECT_HANDLE hServerMacSecret;
1255 CK_OBJECT_HANDLE hClientKey;
1256 CK_OBJECT_HANDLE hServerKey;
1257 CK_BYTE_PTR pIVClient;
1258 CK_BYTE_PTR pIVServer;
1260
1261typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
1262
1263
1264typedef struct CK_SSL3_KEY_MAT_PARAMS {
1265 CK_ULONG ulMacSizeInBits;
1266 CK_ULONG ulKeySizeInBits;
1267 CK_ULONG ulIVSizeInBits;
1268 CK_BBOOL bIsExport;
1269 CK_SSL3_RANDOM_DATA RandomInfo;
1270 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
1272
1273typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
1274
1275
1276typedef struct CK_KEY_DERIVATION_STRING_DATA {
1277 CK_BYTE_PTR pData;
1278 CK_ULONG ulLen;
1280
1281typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
1282 CK_KEY_DERIVATION_STRING_DATA_PTR;
1283
1284
1285/* The CK_EXTRACT_PARAMS is used for the
1286 * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
1287 * of the base key should be used as the first bit of the
1288 * derived key */
1289/* CK_EXTRACT_PARAMS is new for v2.0 */
1290typedef CK_ULONG CK_EXTRACT_PARAMS;
1291
1292typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
1293
1294/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
1295 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
1296 * indicate the Pseudo-Random Function (PRF) used to generate
1297 * key bits using PKCS #5 PBKDF2. */
1298typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
1299
1300typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
1301
1302/* The following PRFs are defined in PKCS #5 v2.0. */
1303#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
1304
1305
1306/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10.
1307 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the
1308 * source of the salt value when deriving a key using PKCS #5
1309 * PBKDF2. */
1310typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
1311
1312typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
1313
1314/* The following salt value sources are defined in PKCS #5 v2.0. */
1315#define CKZ_SALT_SPECIFIED 0x00000001
1316
1317/* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
1318 * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
1319 * parameters to the CKM_PKCS5_PBKD2 mechanism. */
1320typedef struct CK_PKCS5_PBKD2_PARAMS {
1321 CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
1322 CK_VOID_PTR pSaltSourceData;
1323 CK_ULONG ulSaltSourceDataLen;
1324 CK_ULONG iterations;
1325 CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
1326 CK_VOID_PTR pPrfData;
1327 CK_ULONG ulPrfDataLen;
1328 CK_UTF8CHAR_PTR pPassword;
1329 CK_ULONG_PTR ulPasswordLen;
1331
1332typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
1333
1334#endif
Definition pkcs11t.h:476
Definition pkcs11t.h:998
Definition pkcs11t.h:488
Definition pkcs11.h:268
Definition pkcs11t.h:70
Definition pkcs11t.h:1069
Definition pkcs11t.h:1271
Definition pkcs11t.h:1220
Definition pkcs11t.h:771
Definition pkcs11t.h:757
Definition pkcs11t.h:1205
Definition pkcs11t.h:1315
Definition pkcs11t.h:1091
Definition pkcs11t.h:1105
Definition pkcs11t.h:1128
Definition pkcs11t.h:1141
Definition pkcs11t.h:1117
Definition pkcs11t.h:1047
Definition pkcs11t.h:1060
Definition pkcs11t.h:267
Definition pkcs11t.h:1163
Definition pkcs11t.h:1184
Definition pkcs11t.h:99
Definition pkcs11t.h:1247
Definition pkcs11t.h:1259
Definition pkcs11t.h:1238
Definition pkcs11t.h:1230
Definition pkcs11t.h:122
Definition pkcs11t.h:62