1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2018-2020, Linaro Limited 4 */ 5 6 #ifndef PKCS11_H 7 #define PKCS11_H 8 9 #ifdef __cplusplus 10 extern "C" { 11 #endif 12 13 /* 14 * PKCS#11 Cryptoki API v2.40-errata01, See specification from: 15 * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/os/pkcs11-base-v2.40-errata01-os-complete.html 16 */ 17 #define CK_PKCS11_VERSION_MAJOR 2 18 #define CK_PKCS11_VERSION_MINOR 40 19 #define CK_PKCS11_VERSION_PATCH 1 20 21 typedef unsigned char CK_BYTE; 22 typedef unsigned long CK_ULONG; 23 typedef long CK_LONG; 24 25 typedef CK_BYTE CK_CHAR; 26 typedef CK_BYTE CK_UTF8CHAR; 27 28 typedef CK_BYTE *CK_BYTE_PTR; 29 30 typedef CK_ULONG *CK_ULONG_PTR; 31 32 typedef CK_CHAR *CK_CHAR_PTR; 33 typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; 34 35 typedef void *CK_VOID_PTR; 36 typedef CK_VOID_PTR *CK_VOID_PTR_PTR; 37 38 typedef CK_BYTE CK_BBOOL; 39 40 #define CK_TRUE 1 41 #define CK_FALSE 0 42 43 typedef CK_ULONG CK_FLAGS; 44 45 #define CK_UNAVAILABLE_INFORMATION (~0UL) 46 #define CK_EFFECTIVELY_INFINITE 0UL 47 48 typedef CK_ULONG CK_SESSION_HANDLE; 49 typedef CK_SESSION_HANDLE *CK_SESSION_HANDLE_PTR; 50 51 typedef CK_ULONG CK_OBJECT_HANDLE; 52 typedef CK_OBJECT_HANDLE *CK_OBJECT_HANDLE_PTR; 53 54 #define CK_INVALID_HANDLE 0 55 56 typedef CK_ULONG CK_SLOT_ID; 57 typedef CK_SLOT_ID *CK_SLOT_ID_PTR; 58 59 typedef struct CK_VERSION CK_VERSION; 60 typedef struct CK_VERSION *CK_VERSION_PTR; 61 62 struct CK_VERSION { 63 CK_BYTE major; 64 CK_BYTE minor; 65 }; 66 67 typedef struct CK_DATE CK_DATE; 68 typedef struct CK_DATE *CK_DATE_PTR; 69 70 struct CK_DATE { 71 CK_CHAR year[4]; 72 CK_CHAR month[2]; 73 CK_CHAR day[2]; 74 }; 75 76 /* 77 * PKCS#11 Objects attributes 78 */ 79 80 typedef CK_ULONG CK_ATTRIBUTE_TYPE; 81 82 typedef struct CK_ATTRIBUTE CK_ATTRIBUTE; 83 typedef struct CK_ATTRIBUTE *CK_ATTRIBUTE_PTR; 84 85 struct CK_ATTRIBUTE { 86 CK_ATTRIBUTE_TYPE type; 87 CK_VOID_PTR pValue; 88 CK_ULONG ulValueLen; 89 }; 90 91 /* 92 * Values for CK_ATTRIBUTE_TYPE 93 * 94 * This does not cover the full PKCS#11 IDs. 95 */ 96 #define CKF_ARRAY_ATTRIBUTE (1U << 30) 97 #define CKA_VENDOR_DEFINED (1U << 31) 98 #define CKA_CLASS 0x0000 99 #define CKA_TOKEN 0x0001 100 #define CKA_PRIVATE 0x0002 101 #define CKA_LABEL 0x0003 102 #define CKA_APPLICATION 0x0010 103 #define CKA_VALUE 0x0011 104 #define CKA_OBJECT_ID 0x0012 105 #define CKA_CERTIFICATE_TYPE 0x0080 106 #define CKA_ISSUER 0x0081 107 #define CKA_SERIAL_NUMBER 0x0082 108 #define CKA_AC_ISSUER 0x0083 109 #define CKA_OWNER 0x0084 110 #define CKA_ATTR_TYPES 0x0085 111 #define CKA_TRUSTED 0x0086 112 #define CKA_CERTIFICATE_CATEGORY 0x0087 113 #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x0088 114 #define CKA_URL 0x0089 115 #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x008a 116 #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x008b 117 #define CKA_NAME_HASH_ALGORITHM 0x008c 118 #define CKA_CHECK_VALUE 0x0090 119 #define CKA_KEY_TYPE 0x0100 120 #define CKA_SUBJECT 0x0101 121 #define CKA_ID 0x0102 122 #define CKA_SENSITIVE 0x0103 123 #define CKA_ENCRYPT 0x0104 124 #define CKA_DECRYPT 0x0105 125 #define CKA_WRAP 0x0106 126 #define CKA_UNWRAP 0x0107 127 #define CKA_SIGN 0x0108 128 #define CKA_SIGN_RECOVER 0x0109 129 #define CKA_VERIFY 0x010a 130 #define CKA_VERIFY_RECOVER 0x010b 131 #define CKA_DERIVE 0x010c 132 #define CKA_START_DATE 0x0110 133 #define CKA_END_DATE 0x0111 134 #define CKA_MODULUS 0x0120 135 #define CKA_MODULUS_BITS 0x0121 136 #define CKA_PUBLIC_EXPONENT 0x0122 137 #define CKA_PRIVATE_EXPONENT 0x0123 138 #define CKA_PRIME_1 0x0124 139 #define CKA_PRIME_2 0x0125 140 #define CKA_EXPONENT_1 0x0126 141 #define CKA_EXPONENT_2 0x0127 142 #define CKA_COEFFICIENT 0x0128 143 #define CKA_PUBLIC_KEY_INFO 0x0129 144 #define CKA_PRIME 0x0130 145 #define CKA_SUBPRIME 0x0131 146 #define CKA_BASE 0x0132 147 #define CKA_PRIME_BITS 0x0133 148 #define CKA_SUBPRIME_BITS 0x0134 149 #define CKA_VALUE_BITS 0x0160 150 #define CKA_VALUE_LEN 0x0161 151 #define CKA_EXTRACTABLE 0x0162 152 #define CKA_LOCAL 0x0163 153 #define CKA_NEVER_EXTRACTABLE 0x0164 154 #define CKA_ALWAYS_SENSITIVE 0x0165 155 #define CKA_KEY_GEN_MECHANISM 0x0166 156 #define CKA_MODIFIABLE 0x0170 157 #define CKA_COPYABLE 0x0171 158 #define CKA_DESTROYABLE 0x0172 159 #define CKA_EC_PARAMS 0x0180 160 #define CKA_EC_POINT 0x0181 161 #define CKA_ALWAYS_AUTHENTICATE 0x0202 162 #define CKA_WRAP_WITH_TRUSTED 0x0210 163 #define CKA_WRAP_TEMPLATE (0x0211 | CKF_ARRAY_ATTRIBUTE) 164 #define CKA_UNWRAP_TEMPLATE (0x0212 | CKF_ARRAY_ATTRIBUTE) 165 #define CKA_DERIVE_TEMPLATE (0x0213 | CKF_ARRAY_ATTRIBUTE) 166 #define CKA_OTP_FORMAT 0x0220 167 #define CKA_OTP_LENGTH 0x0221 168 #define CKA_OTP_TIME_INTERVAL 0x0222 169 #define CKA_OTP_USER_FRIENDLY_MODE 0x0223 170 #define CKA_OTP_CHALLENGE_REQUIREMENT 0x0224 171 #define CKA_OTP_TIME_REQUIREMENT 0x0225 172 #define CKA_OTP_COUNTER_REQUIREMENT 0x0226 173 #define CKA_OTP_PIN_REQUIREMENT 0x0227 174 #define CKA_OTP_COUNTER 0x022e 175 #define CKA_OTP_TIME 0x022f 176 #define CKA_OTP_USER_IDENTIFIER 0x022a 177 #define CKA_OTP_SERVICE_IDENTIFIER 0x022b 178 #define CKA_OTP_SERVICE_LOGO 0x022c 179 #define CKA_OTP_SERVICE_LOGO_TYPE 0x022d 180 #define CKA_GOSTR3410_PARAMS 0x0250 181 #define CKA_GOSTR3411_PARAMS 0x0251 182 #define CKA_GOST28147_PARAMS 0x0252 183 #define CKA_HW_FEATURE_TYPE 0x0300 184 #define CKA_RESET_ON_INIT 0x0301 185 #define CKA_HAS_RESET 0x0302 186 #define CKA_PIXEL_X 0x0400 187 #define CKA_PIXEL_Y 0x0401 188 #define CKA_RESOLUTION 0x0402 189 #define CKA_CHAR_ROWS 0x0403 190 #define CKA_CHAR_COLUMNS 0x0404 191 #define CKA_COLOR 0x0405 192 #define CKA_BITS_PER_PIXEL 0x0406 193 #define CKA_CHAR_SETS 0x0480 194 #define CKA_ENCODING_METHODS 0x0481 195 #define CKA_MIME_TYPES 0x0482 196 #define CKA_MECHANISM_TYPE 0x0500 197 #define CKA_REQUIRED_CMS_ATTRIBUTES 0x0501 198 #define CKA_DEFAULT_CMS_ATTRIBUTES 0x0502 199 #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x0503 200 #define CKA_ALLOWED_MECHANISMS (0x0600 | CKF_ARRAY_ATTRIBUTE) 201 202 /* Attribute CKA_CLASS refers to a CK_OBJECT_CLASS typed value */ 203 typedef CK_ULONG CK_OBJECT_CLASS; 204 typedef CK_OBJECT_CLASS *CK_OBJECT_CLASS_PTR; 205 206 /* Values for type CK_OBJECT_CLASS */ 207 #define CKO_VENDOR_DEFINED (1U << 31) 208 #define CKO_DATA 0x0 209 #define CKO_CERTIFICATE 0x1 210 #define CKO_PUBLIC_KEY 0x2 211 #define CKO_PRIVATE_KEY 0x3 212 #define CKO_SECRET_KEY 0x4 213 #define CKO_HW_FEATURE 0x5 214 #define CKO_DOMAIN_PARAMETERS 0x6 215 #define CKO_MECHANISM 0x7 216 #define CKO_OTP_KEY 0x8 217 218 /* Attribute CKA_KEY_TYPE refers to a CK_KEY_TYPE typed value */ 219 typedef CK_ULONG CK_KEY_TYPE; 220 typedef CK_KEY_TYPE *CK_KEY_TYPE_PTR; 221 222 /* 223 * Values for type CK_KEY_TYPE 224 * 225 * This does not cover the full PKCS#11 IDs. 226 */ 227 #define CKK_VENDOR_DEFINED (1U << 31) 228 #define CKK_RSA 0x000 229 #define CKK_DSA 0x001 230 #define CKK_DH 0x002 231 #define CKK_ECDSA 0x003 232 #define CKK_EC 0x003 233 #define CKK_GENERIC_SECRET 0x010 234 #define CKK_DES3 0x015 235 #define CKK_AES 0x01f 236 #define CKK_HOTP 0x023 237 #define CKK_MD5_HMAC 0x027 238 #define CKK_SHA_1_HMAC 0x028 239 #define CKK_SHA256_HMAC 0x02b 240 #define CKK_SHA384_HMAC 0x02c 241 #define CKK_SHA512_HMAC 0x02d 242 #define CKK_SHA224_HMAC 0x02e 243 244 /* 245 * Certificates 246 */ 247 typedef CK_ULONG CK_CERTIFICATE_TYPE; 248 typedef CK_ULONG CK_CERTIFICATE_CATEGORY; 249 250 /* 251 * Valid values for attribute CKA_CERTIFICATE_TYPE 252 */ 253 #define CKC_X_509 0x00000000UL 254 #define CKC_X_509_ATTR_CERT 0x00000001UL 255 #define CKC_WTLS 0x00000002UL 256 257 /* 258 * Valid values for attribute CKA_CERTIFICATE_CATEGORY 259 */ 260 #define CK_CERTIFICATE_CATEGORY_UNSPECIFIED 0UL 261 #define CK_CERTIFICATE_CATEGORY_TOKEN_USER 1UL 262 #define CK_CERTIFICATE_CATEGORY_AUTHORITY 2UL 263 #define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY 3UL 264 265 /* 266 * Mechanisms 267 * 268 * Note: a mechanism can be referenced as object reference in some PKCS#11 API 269 * functions. In such case, the object hold attribute CKA_MECHANISM_TYPE which 270 * refers to a CK_MECHANISM_TYPE typed value that defines the target mechanism. 271 */ 272 273 typedef CK_ULONG CK_MECHANISM_TYPE; 274 typedef CK_MECHANISM_TYPE *CK_MECHANISM_TYPE_PTR; 275 276 /* 277 * Values for type CK_MECHANISM_TYPE 278 * 279 * This does not cover the full PKCS#11 IDs. 280 */ 281 #define CKM_VENDOR_DEFINED (1U << 31) 282 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000 283 #define CKM_RSA_PKCS 0x00001 284 #define CKM_RSA_9796 0x00002 285 #define CKM_RSA_X_509 0x00003 286 #define CKM_MD5_RSA_PKCS 0x00005 287 #define CKM_SHA1_RSA_PKCS 0x00006 288 #define CKM_RSA_PKCS_OAEP 0x00009 289 #define CKM_RSA_PKCS_PSS 0x0000d 290 #define CKM_SHA1_RSA_PKCS_PSS 0x0000e 291 #define CKM_SHA256_RSA_PKCS 0x00040 292 #define CKM_SHA384_RSA_PKCS 0x00041 293 #define CKM_SHA512_RSA_PKCS 0x00042 294 #define CKM_SHA256_RSA_PKCS_PSS 0x00043 295 #define CKM_SHA384_RSA_PKCS_PSS 0x00044 296 #define CKM_SHA512_RSA_PKCS_PSS 0x00045 297 #define CKM_SHA224_RSA_PKCS 0x00046 298 #define CKM_SHA224_RSA_PKCS_PSS 0x00047 299 #define CKM_SHA512_224 0x00048 300 #define CKM_SHA512_224_HMAC 0x00049 301 #define CKM_SHA512_224_HMAC_GENERAL 0x0004a 302 #define CKM_SHA512_224_KEY_DERIVATION 0x0004b 303 #define CKM_SHA512_256 0x0004c 304 #define CKM_SHA512_256_HMAC 0x0004d 305 #define CKM_SHA512_256_HMAC_GENERAL 0x0004e 306 #define CKM_SHA512_256_KEY_DERIVATION 0x0004f 307 #define CKM_DES3_ECB 0x00132 308 #define CKM_DES3_CBC 0x00133 309 #define CKM_DES3_MAC 0x00134 310 #define CKM_DES3_MAC_GENERAL 0x00135 311 #define CKM_DES3_CBC_PAD 0x00136 312 #define CKM_DES3_CMAC_GENERAL 0x00137 313 #define CKM_DES3_CMAC 0x00138 314 #define CKM_MD5 0x00210 315 #define CKM_MD5_HMAC 0x00211 316 #define CKM_MD5_HMAC_GENERAL 0x00212 317 #define CKM_SHA_1 0x00220 318 #define CKM_SHA_1_HMAC 0x00221 319 #define CKM_SHA_1_HMAC_GENERAL 0x00222 320 #define CKM_SHA256 0x00250 321 #define CKM_SHA256_HMAC 0x00251 322 #define CKM_SHA256_HMAC_GENERAL 0x00252 323 #define CKM_SHA224 0x00255 324 #define CKM_SHA224_HMAC 0x00256 325 #define CKM_SHA224_HMAC_GENERAL 0x00257 326 #define CKM_SHA384 0x00260 327 #define CKM_SHA384_HMAC 0x00261 328 #define CKM_SHA384_HMAC_GENERAL 0x00262 329 #define CKM_SHA512 0x00270 330 #define CKM_SHA512_HMAC 0x00271 331 #define CKM_SHA512_HMAC_GENERAL 0x00272 332 #define CKM_HOTP_KEY_GEN 0x00290 333 #define CKM_HOTP 0x00291 334 #define CKM_GENERIC_SECRET_KEY_GEN 0x00350 335 #define CKM_MD5_KEY_DERIVATION 0x00390 336 #define CKM_MD2_KEY_DERIVATION 0x00391 337 #define CKM_SHA1_KEY_DERIVATION 0x00392 338 #define CKM_SHA256_KEY_DERIVATION 0x00393 339 #define CKM_SHA384_KEY_DERIVATION 0x00394 340 #define CKM_SHA512_KEY_DERIVATION 0x00395 341 #define CKM_SHA224_KEY_DERIVATION 0x00396 342 #define CKM_EC_KEY_PAIR_GEN 0x01040 343 #define CKM_ECDSA 0x01041 344 #define CKM_ECDSA_SHA1 0x01042 345 #define CKM_ECDSA_SHA224 0x01043 346 #define CKM_ECDSA_SHA256 0x01044 347 #define CKM_ECDSA_SHA384 0x01045 348 #define CKM_ECDSA_SHA512 0x01046 349 #define CKM_ECDH1_DERIVE 0x01050 350 #define CKM_ECDH1_COFACTOR_DERIVE 0x01051 351 #define CKM_ECMQV_DERIVE 0x01052 352 #define CKM_ECDH_AES_KEY_WRAP 0x01053 353 #define CKM_RSA_AES_KEY_WRAP 0x01054 354 #define CKM_AES_KEY_GEN 0x01080 355 #define CKM_AES_ECB 0x01081 356 #define CKM_AES_CBC 0x01082 357 #define CKM_AES_MAC 0x01083 358 #define CKM_AES_MAC_GENERAL 0x01084 359 #define CKM_AES_CBC_PAD 0x01085 360 #define CKM_AES_CTR 0x01086 361 #define CKM_AES_GCM 0x01087 362 #define CKM_AES_CCM 0x01088 363 #define CKM_AES_CTS 0x01089 364 #define CKM_AES_CMAC 0x0108a 365 #define CKM_AES_CMAC_GENERAL 0x0108b 366 #define CKM_AES_XCBC_MAC 0x0108c 367 #define CKM_AES_XCBC_MAC_96 0x0108d 368 #define CKM_AES_GMAC 0x0108e 369 #define CKM_DES3_ECB_ENCRYPT_DATA 0x01102 370 #define CKM_DES3_CBC_ENCRYPT_DATA 0x01103 371 #define CKM_AES_ECB_ENCRYPT_DATA 0x01104 372 #define CKM_AES_CBC_ENCRYPT_DATA 0x01105 373 #define CKM_AES_KEY_WRAP 0x02109 374 #define CKM_AES_KEY_WRAP_PAD 0x0210a 375 376 typedef struct CK_MECHANISM_INFO CK_MECHANISM_INFO; 377 typedef struct CK_MECHANISM_INFO *CK_MECHANISM_INFO_PTR; 378 379 struct CK_MECHANISM_INFO { 380 CK_ULONG ulMinKeySize; 381 CK_ULONG ulMaxKeySize; 382 CK_FLAGS flags; 383 }; 384 385 /* Flags for field flags of struct ck_mechanism_info */ 386 #define CKF_HW (1U << 0) 387 #define CKF_ENCRYPT (1U << 8) 388 #define CKF_DECRYPT (1U << 9) 389 #define CKF_DIGEST (1U << 10) 390 #define CKF_SIGN (1U << 11) 391 #define CKF_SIGN_RECOVER (1U << 12) 392 #define CKF_VERIFY (1U << 13) 393 #define CKF_VERIFY_RECOVER (1U << 14) 394 #define CKF_GENERATE (1U << 15) 395 #define CKF_GENERATE_KEY_PAIR (1U << 16) 396 #define CKF_WRAP (1U << 17) 397 #define CKF_UNWRAP (1U << 18) 398 #define CKF_DERIVE (1U << 19) 399 #define CKF_EC_F_P (1U << 20) 400 #define CKF_EC_F_2M (1U << 21) 401 #define CKF_EC_ECPARAMETERS (1U << 22) 402 #define CKF_EC_NAMEDCURVE (1U << 23) 403 #define CKF_EC_UNCOMPRESS (1U << 24) 404 #define CKF_EC_COMPRESS (1U << 25) 405 #define CKF_EXTENSION (1U << 31) 406 407 /* 408 * Mechanism parameter structures 409 * 410 * This does not cover the whole mechanism parameter structures defined by 411 * the PKCS#11. To be updated when needed. 412 */ 413 414 typedef struct CK_MECHANISM CK_MECHANISM; 415 typedef struct CK_MECHANISM *CK_MECHANISM_PTR; 416 417 struct CK_MECHANISM { 418 CK_MECHANISM_TYPE mechanism; 419 CK_VOID_PTR pParameter; 420 CK_ULONG ulParameterLen; 421 }; 422 423 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 424 425 /* Values for type CK_RSA_PKCS_MGF_TYPE */ 426 #define CKG_MGF1_SHA1 0x0001UL 427 #define CKG_MGF1_SHA224 0x0005UL 428 #define CKG_MGF1_SHA256 0x0002UL 429 #define CKG_MGF1_SHA384 0x0003UL 430 #define CKG_MGF1_SHA512 0x0004UL 431 432 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 433 434 /* Values for type CK_RSA_PKCS_OAEP_SOURCE_TYPE */ 435 #define CKZ_DATA_SPECIFIED 0x0001UL 436 437 /* MAC General parameters */ 438 typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 439 typedef CK_MAC_GENERAL_PARAMS *CK_MAC_GENERAL_PARAMS_PTR; 440 441 /* AES CBC encryption parameters */ 442 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_AES_CBC_ENCRYPT_DATA_PARAMS; 443 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS 444 *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; 445 446 struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { 447 CK_BYTE iv[16]; 448 CK_BYTE_PTR pData; 449 CK_ULONG length; 450 }; 451 452 /* AES CTR parameters */ 453 typedef struct CK_AES_CTR_PARAMS CK_AES_CTR_PARAMS; 454 typedef struct CK_AES_CTR_PARAMS *CK_AES_CTR_PARAMS_PTR; 455 456 struct CK_AES_CTR_PARAMS { 457 CK_ULONG ulCounterBits; 458 CK_BYTE cb[16]; 459 }; 460 461 /* AES GCM parameters */ 462 typedef struct CK_GCM_PARAMS CK_GCM_PARAMS; 463 typedef struct CK_GCM_PARAMS *CK_GCM_PARAMS_PTR; 464 465 struct CK_GCM_PARAMS { 466 CK_BYTE_PTR pIv; 467 CK_ULONG ulIvLen; 468 CK_ULONG ulIvBits; 469 CK_BYTE_PTR pAAD; 470 CK_ULONG ulAADLen; 471 CK_ULONG ulTagBits; 472 }; 473 474 /* AES CCM parameters */ 475 typedef struct CK_CCM_PARAMS CK_CCM_PARAMS; 476 typedef struct CK_CCM_PARAMS *CK_CCM_PARAMS_PTR; 477 478 struct CK_CCM_PARAMS { 479 CK_ULONG ulDataLen; 480 CK_BYTE_PTR pNonce; 481 CK_ULONG ulNonceLen; 482 CK_BYTE_PTR pAAD; 483 CK_ULONG ulAADLen; 484 CK_ULONG ulMACLen; 485 }; 486 487 typedef struct CK_KEY_DERIVATION_STRING_DATA CK_KEY_DERIVATION_STRING_DATA; 488 typedef struct CK_KEY_DERIVATION_STRING_DATA 489 *CK_KEY_DERIVATION_STRING_DATA_PTR; 490 491 struct CK_KEY_DERIVATION_STRING_DATA { 492 CK_BYTE_PTR pData; 493 CK_ULONG ulLen; 494 }; 495 496 /* Parameters for CKM_RSA_PKCS_PSS */ 497 typedef struct CK_RSA_PKCS_PSS_PARAMS CK_RSA_PKCS_PSS_PARAMS; 498 typedef struct CK_RSA_PKCS_PSS_PARAMS *CK_RSA_PKCS_PSS_PARAMS_PTR; 499 500 struct CK_RSA_PKCS_PSS_PARAMS { 501 CK_MECHANISM_TYPE hashAlg; 502 CK_RSA_PKCS_MGF_TYPE mgf; 503 CK_ULONG sLen; 504 }; 505 506 /* Parameters for CKM_RSA_PKCS_OAEP */ 507 typedef struct CK_RSA_PKCS_OAEP_PARAMS CK_RSA_PKCS_OAEP_PARAMS; 508 typedef struct CK_RSA_PKCS_OAEP_PARAMS *CK_RSA_PKCS_OAEP_PARAMS_PTR; 509 510 struct CK_RSA_PKCS_OAEP_PARAMS { 511 CK_MECHANISM_TYPE hashAlg; 512 CK_RSA_PKCS_MGF_TYPE mgf; 513 CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 514 CK_VOID_PTR pSourceData; 515 CK_ULONG ulSourceDataLen; 516 }; 517 518 /* 519 * PKCS#11 return values 520 */ 521 typedef CK_ULONG CK_RV; 522 523 /* Values for type CK_RV */ 524 #define CKR_VENDOR_DEFINED (1U << 31) 525 #define CKR_OK 0x0000 526 #define CKR_CANCEL 0x0001 527 #define CKR_HOST_MEMORY 0x0002 528 #define CKR_SLOT_ID_INVALID 0x0003 529 #define CKR_GENERAL_ERROR 0x0005 530 #define CKR_FUNCTION_FAILED 0x0006 531 #define CKR_ARGUMENTS_BAD 0x0007 532 #define CKR_NO_EVENT 0x0008 533 #define CKR_NEED_TO_CREATE_THREADS 0x0009 534 #define CKR_CANT_LOCK 0x000a 535 #define CKR_ATTRIBUTE_READ_ONLY 0x0010 536 #define CKR_ATTRIBUTE_SENSITIVE 0x0011 537 #define CKR_ATTRIBUTE_TYPE_INVALID 0x0012 538 #define CKR_ATTRIBUTE_VALUE_INVALID 0x0013 539 #define CKR_ACTION_PROHIBITED 0x001b 540 #define CKR_DATA_INVALID 0x0020 541 #define CKR_DATA_LEN_RANGE 0x0021 542 #define CKR_DEVICE_ERROR 0x0030 543 #define CKR_DEVICE_MEMORY 0x0031 544 #define CKR_DEVICE_REMOVED 0x0032 545 #define CKR_ENCRYPTED_DATA_INVALID 0x0040 546 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x0041 547 #define CKR_FUNCTION_CANCELED 0x0050 548 #define CKR_FUNCTION_NOT_PARALLEL 0x0051 549 #define CKR_FUNCTION_NOT_SUPPORTED 0x0054 550 #define CKR_KEY_HANDLE_INVALID 0x0060 551 #define CKR_KEY_SIZE_RANGE 0x0062 552 #define CKR_KEY_TYPE_INCONSISTENT 0x0063 553 #define CKR_KEY_NOT_NEEDED 0x0064 554 #define CKR_KEY_CHANGED 0x0065 555 #define CKR_KEY_NEEDED 0x0066 556 #define CKR_KEY_INDIGESTIBLE 0x0067 557 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x0068 558 #define CKR_KEY_NOT_WRAPPABLE 0x0069 559 #define CKR_KEY_UNEXTRACTABLE 0x006a 560 #define CKR_MECHANISM_INVALID 0x0070 561 #define CKR_MECHANISM_PARAM_INVALID 0x0071 562 #define CKR_OBJECT_HANDLE_INVALID 0x0082 563 #define CKR_OPERATION_ACTIVE 0x0090 564 #define CKR_OPERATION_NOT_INITIALIZED 0x0091 565 #define CKR_PIN_INCORRECT 0x00a0 566 #define CKR_PIN_INVALID 0x00a1 567 #define CKR_PIN_LEN_RANGE 0x00a2 568 #define CKR_PIN_EXPIRED 0x00a3 569 #define CKR_PIN_LOCKED 0x00a4 570 #define CKR_SESSION_CLOSED 0x00b0 571 #define CKR_SESSION_COUNT 0x00b1 572 #define CKR_SESSION_HANDLE_INVALID 0x00b3 573 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x00b4 574 #define CKR_SESSION_READ_ONLY 0x00b5 575 #define CKR_SESSION_EXISTS 0x00b6 576 #define CKR_SESSION_READ_ONLY_EXISTS 0x00b7 577 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x00b8 578 #define CKR_SIGNATURE_INVALID 0x00c0 579 #define CKR_SIGNATURE_LEN_RANGE 0x00c1 580 #define CKR_TEMPLATE_INCOMPLETE 0x00d0 581 #define CKR_TEMPLATE_INCONSISTENT 0x00d1 582 #define CKR_TOKEN_NOT_PRESENT 0x00e0 583 #define CKR_TOKEN_NOT_RECOGNIZED 0x00e1 584 #define CKR_TOKEN_WRITE_PROTECTED 0x00e2 585 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x00f0 586 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x00f1 587 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x00f2 588 #define CKR_USER_ALREADY_LOGGED_IN 0x0100 589 #define CKR_USER_NOT_LOGGED_IN 0x0101 590 #define CKR_USER_PIN_NOT_INITIALIZED 0x0102 591 #define CKR_USER_TYPE_INVALID 0x0103 592 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x0104 593 #define CKR_USER_TOO_MANY_TYPES 0x0105 594 #define CKR_WRAPPED_KEY_INVALID 0x0110 595 #define CKR_WRAPPED_KEY_LEN_RANGE 0x0112 596 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x0113 597 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x0114 598 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x0115 599 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x0120 600 #define CKR_RANDOM_NO_RNG 0x0121 601 #define CKR_DOMAIN_PARAMS_INVALID 0x0130 602 #define CKR_CURVE_NOT_SUPPORTED 0x0140 603 #define CKR_BUFFER_TOO_SMALL 0x0150 604 #define CKR_SAVED_STATE_INVALID 0x0160 605 #define CKR_INFORMATION_SENSITIVE 0x0170 606 #define CKR_STATE_UNSAVEABLE 0x0180 607 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x0190 608 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x0191 609 #define CKR_MUTEX_BAD 0x01a0 610 #define CKR_MUTEX_NOT_LOCKED 0x01a1 611 #define CKR_NEW_PIN_MODE 0x01b0 612 #define CKR_NEXT_OTP 0x01b1 613 #define CKR_EXCEEDED_MAX_ITERATIONS 0x01b5 614 #define CKR_FIPS_SELF_TEST_FAILED 0x01b6 615 #define CKR_LIBRARY_LOAD_FAILED 0x01b7 616 #define CKR_PIN_TOO_WEAK 0x01b8 617 #define CKR_PUBLIC_KEY_INVALID 0x01b9 618 #define CKR_FUNCTION_REJECTED 0x0200 619 620 /* 621 * PKCS#11 API functions 622 */ 623 624 /* Argument for C_GetInfo */ 625 typedef struct CK_INFO CK_INFO; 626 typedef struct CK_INFO *CK_INFO_PTR; 627 628 struct CK_INFO { 629 CK_VERSION cryptokiVersion; 630 CK_UTF8CHAR manufacturerID[32]; 631 CK_FLAGS flags; 632 CK_UTF8CHAR libraryDescription[32]; 633 CK_VERSION libraryVersion; 634 }; 635 636 /* Argument for C_GetSlotInfo */ 637 typedef struct CK_SLOT_INFO CK_SLOT_INFO; 638 typedef struct CK_SLOT_INFO *CK_SLOT_INFO_PTR; 639 640 struct CK_SLOT_INFO { 641 CK_UTF8CHAR slotDescription[64]; 642 CK_UTF8CHAR manufacturerID[32]; 643 CK_FLAGS flags; 644 CK_VERSION hardwareVersion; 645 CK_VERSION firmwareVersion; 646 }; 647 648 /* Values for field flags of struct ck_slot_info */ 649 #define CKF_TOKEN_PRESENT (1U << 0) 650 #define CKF_REMOVABLE_DEVICE (1U << 1) 651 #define CKF_HW_SLOT (1U << 2) 652 653 /* Argument for C_GetTokenInfo */ 654 typedef struct CK_TOKEN_INFO CK_TOKEN_INFO; 655 typedef struct CK_TOKEN_INFO *CK_TOKEN_INFO_PTR; 656 657 struct CK_TOKEN_INFO { 658 CK_UTF8CHAR label[32]; 659 CK_UTF8CHAR manufacturerID[32]; 660 CK_UTF8CHAR model[16]; 661 CK_CHAR serialNumber[16]; 662 CK_FLAGS flags; 663 CK_ULONG ulMaxSessionCount; 664 CK_ULONG ulSessionCount; 665 CK_ULONG ulMaxRwSessionCount; 666 CK_ULONG ulRwSessionCount; 667 CK_ULONG ulMaxPinLen; 668 CK_ULONG ulMinPinLen; 669 CK_ULONG ulTotalPublicMemory; 670 CK_ULONG ulFreePublicMemory; 671 CK_ULONG ulTotalPrivateMemory; 672 CK_ULONG ulFreePrivateMemory; 673 CK_VERSION hardwareVersion; 674 CK_VERSION firmwareVersion; 675 CK_CHAR utcTime[16]; 676 }; 677 678 /* Values for field flags of struct ck_token_info */ 679 #define CKF_RNG (1U << 0) 680 #define CKF_WRITE_PROTECTED (1U << 1) 681 #define CKF_LOGIN_REQUIRED (1U << 2) 682 #define CKF_USER_PIN_INITIALIZED (1U << 3) 683 #define CKF_RESTORE_KEY_NOT_NEEDED (1U << 5) 684 #define CKF_CLOCK_ON_TOKEN (1U << 6) 685 #define CKF_PROTECTED_AUTHENTICATION_PATH (1U << 8) 686 #define CKF_DUAL_CRYPTO_OPERATIONS (1U << 9) 687 #define CKF_TOKEN_INITIALIZED (1U << 10) 688 #define CKF_SECONDARY_AUTHENTICATION (1U << 11) 689 #define CKF_USER_PIN_COUNT_LOW (1U << 16) 690 #define CKF_USER_PIN_FINAL_TRY (1U << 17) 691 #define CKF_USER_PIN_LOCKED (1U << 18) 692 #define CKF_USER_PIN_TO_BE_CHANGED (1U << 19) 693 #define CKF_SO_PIN_COUNT_LOW (1U << 20) 694 #define CKF_SO_PIN_FINAL_TRY (1U << 21) 695 #define CKF_SO_PIN_LOCKED (1U << 22) 696 #define CKF_SO_PIN_TO_BE_CHANGED (1U << 23) 697 #define CKF_ERROR_STATE (1U << 24) 698 699 /* Argument for C_GetSessionInfo */ 700 typedef struct CK_SESSION_INFO CK_SESSION_INFO; 701 typedef struct CK_SESSION_INFO *CK_SESSION_INFO_PTR; 702 703 typedef CK_ULONG CK_STATE; 704 705 /* Values for CK_STATE */ 706 #define CKS_RO_PUBLIC_SESSION 0 707 #define CKS_RO_USER_FUNCTIONS 1 708 #define CKS_RW_PUBLIC_SESSION 2 709 #define CKS_RW_USER_FUNCTIONS 3 710 #define CKS_RW_SO_FUNCTIONS 4 711 712 struct CK_SESSION_INFO { 713 CK_SLOT_ID slotID; 714 CK_STATE state; 715 CK_FLAGS flags; 716 CK_ULONG ulDeviceError; 717 }; 718 719 /* Values for field flags of struct ck_session_info */ 720 #define CKF_RW_SESSION (1U << 1) 721 #define CKF_SERIAL_SESSION (1U << 2) 722 723 /* Argument for C_Login */ 724 typedef CK_ULONG CK_USER_TYPE; 725 726 /* Values for CK_USER_TYPE */ 727 #define CKU_SO 0 728 #define CKU_USER 1 729 #define CKU_CONTEXT_SPECIFIC 2 730 731 /* Values for argument flags of C_WaitForSlotEvent */ 732 #define CKF_DONT_BLOCK 1 733 734 /* Argument for CK_NOTIFY typed callback function */ 735 typedef CK_ULONG CK_NOTIFICATION; 736 737 /* Values for CK_NOTIFICATION */ 738 #define CKN_SURRENDER 0 739 #define CKN_OTP_CHANGED 1 740 741 /* Callback handler types */ 742 typedef CK_RV (*CK_NOTIFY) (CK_SESSION_HANDLE hSession, CK_NOTIFICATION event, 743 CK_VOID_PTR pApplication); 744 typedef CK_RV (*CK_CREATEMUTEX) (CK_VOID_PTR_PTR ppMutex); 745 typedef CK_RV (*CK_DESTROYMUTEX) (CK_VOID_PTR pMutex); 746 typedef CK_RV (*CK_LOCKMUTEX) (CK_VOID_PTR pMutex); 747 typedef CK_RV (*CK_UNLOCKMUTEX) (CK_VOID_PTR pMutex); 748 749 /* Argument for C_GetFunctionList */ 750 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 751 typedef struct CK_FUNCTION_LIST *CK_FUNCTION_LIST_PTR; 752 typedef struct CK_FUNCTION_LIST **CK_FUNCTION_LIST_PTR_PTR; 753 754 struct CK_FUNCTION_LIST { 755 CK_VERSION version; 756 CK_RV (*C_Initialize)(CK_VOID_PTR pInitArgs); 757 CK_RV (*C_Finalize)(CK_VOID_PTR pReserved); 758 CK_RV (*C_GetInfo)(CK_INFO_PTR pInfo); 759 CK_RV (*C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); 760 CK_RV (*C_GetSlotList)(CK_BBOOL tokenPresent, 761 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount); 762 CK_RV (*C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); 763 CK_RV (*C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); 764 CK_RV (*C_GetMechanismList)(CK_SLOT_ID slotID, 765 CK_MECHANISM_TYPE_PTR pMechanismList, 766 CK_ULONG_PTR pulCount); 767 CK_RV (*C_GetMechanismInfo)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, 768 CK_MECHANISM_INFO_PTR pInfo); 769 CK_RV (*C_InitToken)(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, 770 CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); 771 CK_RV (*C_InitPIN)(CK_SESSION_HANDLE hSession, 772 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 773 CK_RV (*C_SetPIN)(CK_SESSION_HANDLE hSession, 774 CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, 775 CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen); 776 CK_RV (*C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags, 777 CK_VOID_PTR pApplication, CK_NOTIFY Notify, 778 CK_SESSION_HANDLE_PTR phSession); 779 CK_RV (*C_CloseSession)(CK_SESSION_HANDLE hSession); 780 CK_RV (*C_CloseAllSessions)(CK_SLOT_ID slotID); 781 CK_RV (*C_GetSessionInfo)(CK_SESSION_HANDLE hSession, 782 CK_SESSION_INFO_PTR pInfo); 783 CK_RV (*C_GetOperationState)(CK_SESSION_HANDLE hSession, 784 CK_BYTE_PTR pOperationState, 785 CK_ULONG_PTR pulOperationStateLen); 786 CK_RV (*C_SetOperationState)(CK_SESSION_HANDLE hSession, 787 CK_BYTE_PTR pOperationState, 788 CK_ULONG ulOperationStateLen, 789 CK_OBJECT_HANDLE hEncryptionKey, 790 CK_OBJECT_HANDLE hAuthenticationKey); 791 CK_RV (*C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, 792 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 793 CK_RV (*C_Logout)(CK_SESSION_HANDLE hSession); 794 CK_RV (*C_CreateObject)(CK_SESSION_HANDLE hSession, 795 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 796 CK_OBJECT_HANDLE_PTR phObject); 797 CK_RV (*C_CopyObject)(CK_SESSION_HANDLE hSession, 798 CK_OBJECT_HANDLE hObject, 799 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 800 CK_OBJECT_HANDLE_PTR phNewObject); 801 CK_RV (*C_DestroyObject)(CK_SESSION_HANDLE hSession, 802 CK_OBJECT_HANDLE hObject); 803 CK_RV (*C_GetObjectSize)(CK_SESSION_HANDLE hSession, 804 CK_OBJECT_HANDLE hObject, 805 CK_ULONG_PTR pulSize); 806 CK_RV (*C_GetAttributeValue)(CK_SESSION_HANDLE hSession, 807 CK_OBJECT_HANDLE hObject, 808 CK_ATTRIBUTE_PTR pTemplate, 809 CK_ULONG ulCount); 810 CK_RV (*C_SetAttributeValue)(CK_SESSION_HANDLE hSession, 811 CK_OBJECT_HANDLE hObject, 812 CK_ATTRIBUTE_PTR pTemplate, 813 CK_ULONG ulCount); 814 CK_RV (*C_FindObjectsInit)(CK_SESSION_HANDLE hSession, 815 CK_ATTRIBUTE_PTR pTemplate, 816 CK_ULONG ulCount); 817 CK_RV (*C_FindObjects)(CK_SESSION_HANDLE hSession, 818 CK_OBJECT_HANDLE_PTR phObject, 819 CK_ULONG ulMaxObjectCount, 820 CK_ULONG_PTR pulObjectCount); 821 CK_RV (*C_FindObjectsFinal)(CK_SESSION_HANDLE hSession); 822 CK_RV (*C_EncryptInit)(CK_SESSION_HANDLE hSession, 823 CK_MECHANISM_PTR pMechanism, 824 CK_OBJECT_HANDLE hKey); 825 CK_RV (*C_Encrypt)(CK_SESSION_HANDLE hSession, 826 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 827 CK_BYTE_PTR pEncryptedData, 828 CK_ULONG_PTR pulEncryptedDataLen); 829 CK_RV (*C_EncryptUpdate)(CK_SESSION_HANDLE hSession, 830 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 831 CK_BYTE_PTR pEncryptedData, 832 CK_ULONG_PTR pulEncryptedDataLen); 833 CK_RV (*C_EncryptFinal)(CK_SESSION_HANDLE hSession, 834 CK_BYTE_PTR pLastEncryptedPart, 835 CK_ULONG_PTR pulLastEncryptedPartLen); 836 CK_RV (*C_DecryptInit)(CK_SESSION_HANDLE hSession, 837 CK_MECHANISM_PTR pMechanism, 838 CK_OBJECT_HANDLE hKey); 839 CK_RV (*C_Decrypt)(CK_SESSION_HANDLE hSession, 840 CK_BYTE_PTR pEncryptedData, 841 CK_ULONG ulEncryptedDataLen, 842 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 843 CK_RV (*C_DecryptUpdate)(CK_SESSION_HANDLE hSession, 844 CK_BYTE_PTR pEncryptedPart, 845 CK_ULONG ulEncryptedPartLen, 846 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 847 CK_RV (*C_DecryptFinal)(CK_SESSION_HANDLE hSession, 848 CK_BYTE_PTR pLastPart, 849 CK_ULONG_PTR pulLastPartLen); 850 CK_RV (*C_DigestInit)(CK_SESSION_HANDLE hSession, 851 CK_MECHANISM_PTR pMechanism); 852 CK_RV (*C_Digest)(CK_SESSION_HANDLE hSession, 853 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 854 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 855 CK_RV (*C_DigestUpdate)(CK_SESSION_HANDLE hSession, 856 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 857 CK_RV (*C_DigestKey)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); 858 CK_RV (*C_DigestFinal)(CK_SESSION_HANDLE hSession, 859 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 860 CK_RV (*C_SignInit)(CK_SESSION_HANDLE hSession, 861 CK_MECHANISM_PTR pMechanism, 862 CK_OBJECT_HANDLE hKey); 863 CK_RV (*C_Sign)(CK_SESSION_HANDLE hSession, 864 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 865 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 866 CK_RV (*C_SignUpdate)(CK_SESSION_HANDLE hSession, 867 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 868 CK_RV (*C_SignFinal)(CK_SESSION_HANDLE hSession, 869 CK_BYTE_PTR pSignature, 870 CK_ULONG_PTR pulSignatureLen); 871 CK_RV (*C_SignRecoverInit)(CK_SESSION_HANDLE hSession, 872 CK_MECHANISM_PTR pMechanism, 873 CK_OBJECT_HANDLE hKey); 874 CK_RV (*C_SignRecover)(CK_SESSION_HANDLE hSession, 875 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 876 CK_BYTE_PTR pSignature, 877 CK_ULONG_PTR pulSignatureLen); 878 CK_RV (*C_VerifyInit)(CK_SESSION_HANDLE hSession, 879 CK_MECHANISM_PTR pMechanism, 880 CK_OBJECT_HANDLE hKey); 881 CK_RV (*C_Verify)(CK_SESSION_HANDLE hSession, 882 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 883 CK_BYTE_PTR pSignature, 884 CK_ULONG ulSignatureLen); 885 CK_RV (*C_VerifyUpdate)(CK_SESSION_HANDLE hSession, 886 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 887 CK_RV (*C_VerifyFinal)(CK_SESSION_HANDLE hSession, 888 CK_BYTE_PTR pSignature, 889 CK_ULONG ulSignatureLen); 890 CK_RV (*C_VerifyRecoverInit)(CK_SESSION_HANDLE hSession, 891 CK_MECHANISM_PTR pMechanism, 892 CK_OBJECT_HANDLE hKey); 893 CK_RV (*C_VerifyRecover)(CK_SESSION_HANDLE hSession, 894 CK_BYTE_PTR pSignature, 895 CK_ULONG ulSignatureLen, 896 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 897 CK_RV (*C_DigestEncryptUpdate)(CK_SESSION_HANDLE hSession, 898 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 899 CK_BYTE_PTR pEncryptedPart, 900 CK_ULONG_PTR pulEncryptedPartLen); 901 CK_RV (*C_DecryptDigestUpdate)(CK_SESSION_HANDLE hSession, 902 CK_BYTE_PTR pEncryptedPart, 903 CK_ULONG ulEncryptedPartLen, 904 CK_BYTE_PTR pPart, 905 CK_ULONG_PTR pulPartLen); 906 CK_RV (*C_SignEncryptUpdate)(CK_SESSION_HANDLE hSession, 907 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 908 CK_BYTE_PTR pEncryptedPart, 909 CK_ULONG_PTR pulEncryptedPartLen); 910 CK_RV (*C_DecryptVerifyUpdate)(CK_SESSION_HANDLE hSession, 911 CK_BYTE_PTR pEncryptedPart, 912 CK_ULONG ulEncryptedPartLen, 913 CK_BYTE_PTR pPart, 914 CK_ULONG_PTR pulPartLen); 915 CK_RV (*C_GenerateKey)(CK_SESSION_HANDLE hSession, 916 CK_MECHANISM_PTR pMechanism, 917 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 918 CK_OBJECT_HANDLE_PTR phKey); 919 CK_RV (*C_GenerateKeyPair)(CK_SESSION_HANDLE hSession, 920 CK_MECHANISM_PTR pMechanism, 921 CK_ATTRIBUTE_PTR pPublicKeyTemplate, 922 CK_ULONG ulPublicKeyAttributeCount, 923 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, 924 CK_ULONG ulPrivateKeyAttributeCount, 925 CK_OBJECT_HANDLE_PTR phPublicKey, 926 CK_OBJECT_HANDLE_PTR phPrivateKey); 927 CK_RV (*C_WrapKey)(CK_SESSION_HANDLE hSession, 928 CK_MECHANISM_PTR pMechanism, 929 CK_OBJECT_HANDLE hWrappingKey, 930 CK_OBJECT_HANDLE hKey, 931 CK_BYTE_PTR pWrappedKey, 932 CK_ULONG_PTR pulWrappedKeyLen); 933 CK_RV (*C_UnwrapKey)(CK_SESSION_HANDLE hSession, 934 CK_MECHANISM_PTR pMechanism, 935 CK_OBJECT_HANDLE hUnwrappingKey, 936 CK_BYTE_PTR pWrappedKey, 937 CK_ULONG ulWrappedKeyLen, 938 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 939 CK_OBJECT_HANDLE_PTR phKey); 940 CK_RV (*C_DeriveKey)(CK_SESSION_HANDLE hSession, 941 CK_MECHANISM_PTR pMechanism, 942 CK_OBJECT_HANDLE hBaseKey, 943 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 944 CK_OBJECT_HANDLE_PTR phKey); 945 CK_RV (*C_SeedRandom)(CK_SESSION_HANDLE hSession, 946 CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen); 947 CK_RV (*C_GenerateRandom)(CK_SESSION_HANDLE hSession, 948 CK_BYTE_PTR pRandomData, 949 CK_ULONG ulRandomLen); 950 CK_RV (*C_GetFunctionStatus)(CK_SESSION_HANDLE hSession); 951 CK_RV (*C_CancelFunction)(CK_SESSION_HANDLE hSession); 952 CK_RV (*C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR slotID, 953 CK_VOID_PTR pReserved); 954 }; 955 956 /* Optional init_args structure for C_Initialize */ 957 typedef struct CK_C_INITIALIZE_ARGS CK_C_INITIALIZE_ARGS; 958 typedef struct CK_C_INITIALIZE_ARGS *CK_C_INITIALIZE_ARGS_PTR; 959 960 struct CK_C_INITIALIZE_ARGS { 961 CK_CREATEMUTEX CreateMutex; 962 CK_DESTROYMUTEX DestroyMutex; 963 CK_LOCKMUTEX LockMutex; 964 CK_UNLOCKMUTEX UnlockMutex; 965 CK_FLAGS flags; 966 CK_VOID_PTR reserved; 967 }; 968 969 /* Flags for field flags of struct ck_c_initialize_args */ 970 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1U << 0) 971 #define CKF_OS_LOCKING_OK (1U << 1) 972 973 CK_RV C_Initialize(CK_VOID_PTR pInitArgs); 974 975 CK_RV C_Finalize(CK_VOID_PTR pReserved); 976 977 CK_RV C_GetInfo(CK_INFO_PTR pInfo); 978 979 CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); 980 981 CK_RV C_GetSlotList(CK_BBOOL tokenPresent, 982 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount); 983 984 CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); 985 986 CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); 987 988 CK_RV C_GetMechanismList(CK_SLOT_ID slotID, 989 CK_MECHANISM_TYPE_PTR pMechanismList, 990 CK_ULONG_PTR pulCount); 991 992 CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, 993 CK_MECHANISM_INFO_PTR pInfo); 994 995 CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, 996 CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); 997 998 CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, 999 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 1000 1001 CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, 1002 CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, 1003 CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen); 1004 1005 CK_RV C_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, 1006 CK_VOID_PTR pApplication, CK_NOTIFY Notify, 1007 CK_SESSION_HANDLE_PTR phSession); 1008 1009 CK_RV C_CloseSession(CK_SESSION_HANDLE hSession); 1010 1011 CK_RV C_CloseAllSessions(CK_SLOT_ID slotID); 1012 1013 CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo); 1014 1015 CK_RV C_GetOperationState(CK_SESSION_HANDLE hSession, 1016 CK_BYTE_PTR pOperationState, 1017 CK_ULONG_PTR pulOperationStateLen); 1018 1019 CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession, 1020 CK_BYTE_PTR pOperationState, 1021 CK_ULONG ulOperationStateLen, 1022 CK_OBJECT_HANDLE hEncryptionKey, 1023 CK_OBJECT_HANDLE hAuthenticationKey); 1024 1025 CK_RV C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, 1026 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 1027 1028 CK_RV C_Logout(CK_SESSION_HANDLE hSession); 1029 1030 CK_RV C_CreateObject(CK_SESSION_HANDLE hSession, 1031 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1032 CK_OBJECT_HANDLE_PTR phObject); 1033 1034 CK_RV C_CopyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 1035 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1036 CK_OBJECT_HANDLE_PTR phNewObject); 1037 1038 CK_RV C_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject); 1039 1040 CK_RV C_GetObjectSize(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 1041 CK_ULONG_PTR pulSize); 1042 1043 CK_RV C_GetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 1044 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 1045 1046 CK_RV C_SetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 1047 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 1048 1049 CK_RV C_FindObjectsInit(CK_SESSION_HANDLE hSession, 1050 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 1051 1052 CK_RV C_FindObjects(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, 1053 CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount); 1054 1055 CK_RV C_FindObjectsFinal(CK_SESSION_HANDLE hSession); 1056 1057 CK_RV C_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1058 CK_OBJECT_HANDLE hKey); 1059 1060 CK_RV C_Encrypt(CK_SESSION_HANDLE hSession, 1061 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1062 CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen); 1063 1064 CK_RV C_EncryptUpdate(CK_SESSION_HANDLE hSession, 1065 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 1066 CK_BYTE_PTR pEncryptedData, 1067 CK_ULONG_PTR pulEncryptedDataLen); 1068 1069 CK_RV C_EncryptFinal(CK_SESSION_HANDLE hSession, 1070 CK_BYTE_PTR pLastEncryptedPart, 1071 CK_ULONG_PTR pulLastEncryptedPartLen); 1072 1073 CK_RV C_DecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1074 CK_OBJECT_HANDLE hKey); 1075 1076 CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, 1077 CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, 1078 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 1079 1080 CK_RV C_DecryptUpdate(CK_SESSION_HANDLE hSession, 1081 CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, 1082 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1083 1084 CK_RV C_DecryptFinal(CK_SESSION_HANDLE hSession, 1085 CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen); 1086 1087 CK_RV C_DigestInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism); 1088 1089 CK_RV C_Digest(CK_SESSION_HANDLE hSession, 1090 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1091 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 1092 1093 CK_RV C_DigestUpdate(CK_SESSION_HANDLE hSession, 1094 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1095 1096 CK_RV C_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); 1097 1098 CK_RV C_DigestFinal(CK_SESSION_HANDLE hSession, 1099 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 1100 1101 CK_RV C_SignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1102 CK_OBJECT_HANDLE hKey); 1103 1104 CK_RV C_Sign(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1105 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1106 1107 CK_RV C_SignUpdate(CK_SESSION_HANDLE hSession, 1108 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1109 1110 CK_RV C_SignFinal(CK_SESSION_HANDLE hSession, 1111 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1112 1113 CK_RV C_SignRecoverInit(CK_SESSION_HANDLE hSession, 1114 CK_MECHANISM_PTR pMechanism, 1115 CK_OBJECT_HANDLE hKey); 1116 1117 CK_RV C_SignRecover(CK_SESSION_HANDLE hSession, 1118 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1119 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1120 1121 CK_RV C_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1122 CK_OBJECT_HANDLE hKey); 1123 1124 CK_RV C_Verify(CK_SESSION_HANDLE hSession, 1125 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1126 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); 1127 1128 CK_RV C_VerifyUpdate(CK_SESSION_HANDLE hSession, 1129 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1130 1131 CK_RV C_VerifyFinal(CK_SESSION_HANDLE hSession, 1132 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); 1133 1134 CK_RV C_VerifyRecoverInit(CK_SESSION_HANDLE hSession, 1135 CK_MECHANISM_PTR pMechanism, 1136 CK_OBJECT_HANDLE hKey); 1137 1138 CK_RV C_VerifyRecover(CK_SESSION_HANDLE hSession, 1139 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, 1140 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 1141 1142 CK_RV C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, 1143 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 1144 CK_BYTE_PTR pEncryptedPart, 1145 CK_ULONG_PTR pulEncryptedPartLen); 1146 1147 CK_RV C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession, 1148 CK_BYTE_PTR pEncryptedPart, 1149 CK_ULONG ulEncryptedPartLen, 1150 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1151 1152 CK_RV C_SignEncryptUpdate(CK_SESSION_HANDLE hSession, 1153 CK_BYTE_PTR pPart, 1154 CK_ULONG ulPartLen, 1155 CK_BYTE_PTR pEncryptedPart, 1156 CK_ULONG_PTR pulEncryptedPartLen); 1157 1158 CK_RV C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, 1159 CK_BYTE_PTR pEncryptedPart, 1160 CK_ULONG ulEncryptedPartLen, 1161 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1162 1163 CK_RV C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1164 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1165 CK_OBJECT_HANDLE_PTR phKey); 1166 1167 CK_RV C_GenerateKeyPair(CK_SESSION_HANDLE hSession, 1168 CK_MECHANISM_PTR pMechanism, 1169 CK_ATTRIBUTE_PTR pPublicKeyTemplate, 1170 CK_ULONG ulPublicKeyAttributeCount, 1171 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, 1172 CK_ULONG ulPrivateKeyAttributeCount, 1173 CK_OBJECT_HANDLE_PTR phPublicKey, 1174 CK_OBJECT_HANDLE_PTR phPrivateKey); 1175 1176 CK_RV C_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1177 CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, 1178 CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen); 1179 1180 CK_RV C_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1181 CK_OBJECT_HANDLE hUnwrappingKey, 1182 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, 1183 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1184 CK_OBJECT_HANDLE_PTR phKey); 1185 1186 CK_RV C_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1187 CK_OBJECT_HANDLE hBaseKey, 1188 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1189 CK_OBJECT_HANDLE_PTR phKey); 1190 1191 CK_RV C_SeedRandom(CK_SESSION_HANDLE hSession, 1192 CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen); 1193 1194 CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession, 1195 CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen); 1196 1197 CK_RV C_GetFunctionStatus(CK_SESSION_HANDLE hSession); 1198 1199 CK_RV C_CancelFunction(CK_SESSION_HANDLE hSession); 1200 1201 CK_RV C_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR slotID, 1202 CK_VOID_PTR pReserved); 1203 1204 #ifdef __cplusplus 1205 } 1206 #endif 1207 1208 #endif /*PKCS11_H*/ 1209