1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2018-2020, Linaro Limited 4 */ 5 6 #ifndef PKCS11_H 7 #define PKCS11_H 8 9 #ifdef __cplusplus 10 extern "C" { 11 #endif 12 13 /* 14 * PKCS#11 Cryptoki API v2.40-errata01, See specification from: 15 * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/os/pkcs11-base-v2.40-errata01-os-complete.html 16 */ 17 #define CK_PKCS11_VERSION_MAJOR 2 18 #define CK_PKCS11_VERSION_MINOR 40 19 #define CK_PKCS11_VERSION_PATCH 1 20 21 typedef unsigned char CK_BYTE; 22 typedef unsigned long CK_ULONG; 23 typedef long CK_LONG; 24 25 typedef CK_BYTE CK_CHAR; 26 typedef CK_BYTE CK_UTF8CHAR; 27 28 typedef CK_BYTE *CK_BYTE_PTR; 29 30 typedef CK_ULONG *CK_ULONG_PTR; 31 32 typedef CK_CHAR *CK_CHAR_PTR; 33 typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; 34 35 typedef void *CK_VOID_PTR; 36 typedef CK_VOID_PTR *CK_VOID_PTR_PTR; 37 38 typedef CK_BYTE CK_BBOOL; 39 40 #define CK_TRUE 1 41 #define CK_FALSE 0 42 43 typedef CK_ULONG CK_FLAGS; 44 45 #define CK_UNAVAILABLE_INFORMATION (~0UL) 46 #define CK_EFFECTIVELY_INFINITE 0UL 47 48 typedef CK_ULONG CK_SESSION_HANDLE; 49 typedef CK_SESSION_HANDLE *CK_SESSION_HANDLE_PTR; 50 51 typedef CK_ULONG CK_OBJECT_HANDLE; 52 typedef CK_OBJECT_HANDLE *CK_OBJECT_HANDLE_PTR; 53 54 #define CK_INVALID_HANDLE 0 55 56 typedef CK_ULONG CK_SLOT_ID; 57 typedef CK_SLOT_ID *CK_SLOT_ID_PTR; 58 59 typedef struct CK_VERSION CK_VERSION; 60 typedef struct CK_VERSION *CK_VERSION_PTR; 61 62 struct CK_VERSION { 63 CK_BYTE major; 64 CK_BYTE minor; 65 }; 66 67 typedef struct CK_DATE CK_DATE; 68 typedef struct CK_DATE *CK_DATE_PTR; 69 70 struct CK_DATE { 71 CK_CHAR year[4]; 72 CK_CHAR month[2]; 73 CK_CHAR day[2]; 74 }; 75 76 /* 77 * PKCS#11 Objects attributes 78 */ 79 80 typedef CK_ULONG CK_ATTRIBUTE_TYPE; 81 82 typedef struct CK_ATTRIBUTE CK_ATTRIBUTE; 83 typedef struct CK_ATTRIBUTE *CK_ATTRIBUTE_PTR; 84 85 struct CK_ATTRIBUTE { 86 CK_ATTRIBUTE_TYPE type; 87 CK_VOID_PTR pValue; 88 CK_ULONG ulValueLen; 89 }; 90 91 /* 92 * Values for CK_ATTRIBUTE_TYPE 93 * 94 * This does not cover the full PKCS#11 IDs. 95 */ 96 #define CKF_ARRAY_ATTRIBUTE (1U << 30) 97 #define CKA_VENDOR_DEFINED (1U << 31) 98 #define CKA_CLASS 0x0000 99 #define CKA_TOKEN 0x0001 100 #define CKA_PRIVATE 0x0002 101 #define CKA_LABEL 0x0003 102 #define CKA_APPLICATION 0x0010 103 #define CKA_VALUE 0x0011 104 #define CKA_OBJECT_ID 0x0012 105 #define CKA_CERTIFICATE_TYPE 0x0080 106 #define CKA_ISSUER 0x0081 107 #define CKA_SERIAL_NUMBER 0x0082 108 #define CKA_AC_ISSUER 0x0083 109 #define CKA_OWNER 0x0084 110 #define CKA_ATTR_TYPES 0x0085 111 #define CKA_TRUSTED 0x0086 112 #define CKA_CERTIFICATE_CATEGORY 0x0087 113 #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x0088 114 #define CKA_URL 0x0089 115 #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x008a 116 #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x008b 117 #define CKA_NAME_HASH_ALGORITHM 0x008c 118 #define CKA_CHECK_VALUE 0x0090 119 #define CKA_KEY_TYPE 0x0100 120 #define CKA_SUBJECT 0x0101 121 #define CKA_ID 0x0102 122 #define CKA_SENSITIVE 0x0103 123 #define CKA_ENCRYPT 0x0104 124 #define CKA_DECRYPT 0x0105 125 #define CKA_WRAP 0x0106 126 #define CKA_UNWRAP 0x0107 127 #define CKA_SIGN 0x0108 128 #define CKA_SIGN_RECOVER 0x0109 129 #define CKA_VERIFY 0x010a 130 #define CKA_VERIFY_RECOVER 0x010b 131 #define CKA_DERIVE 0x010c 132 #define CKA_START_DATE 0x0110 133 #define CKA_END_DATE 0x0111 134 #define CKA_MODULUS 0x0120 135 #define CKA_MODULUS_BITS 0x0121 136 #define CKA_PUBLIC_EXPONENT 0x0122 137 #define CKA_PRIVATE_EXPONENT 0x0123 138 #define CKA_PRIME_1 0x0124 139 #define CKA_PRIME_2 0x0125 140 #define CKA_EXPONENT_1 0x0126 141 #define CKA_EXPONENT_2 0x0127 142 #define CKA_COEFFICIENT 0x0128 143 #define CKA_PUBLIC_KEY_INFO 0x0129 144 #define CKA_PRIME 0x0130 145 #define CKA_SUBPRIME 0x0131 146 #define CKA_BASE 0x0132 147 #define CKA_PRIME_BITS 0x0133 148 #define CKA_SUBPRIME_BITS 0x0134 149 #define CKA_VALUE_BITS 0x0160 150 #define CKA_VALUE_LEN 0x0161 151 #define CKA_EXTRACTABLE 0x0162 152 #define CKA_LOCAL 0x0163 153 #define CKA_NEVER_EXTRACTABLE 0x0164 154 #define CKA_ALWAYS_SENSITIVE 0x0165 155 #define CKA_KEY_GEN_MECHANISM 0x0166 156 #define CKA_MODIFIABLE 0x0170 157 #define CKA_COPYABLE 0x0171 158 #define CKA_DESTROYABLE 0x0172 159 #define CKA_EC_PARAMS 0x0180 160 #define CKA_EC_POINT 0x0181 161 #define CKA_ALWAYS_AUTHENTICATE 0x0202 162 #define CKA_WRAP_WITH_TRUSTED 0x0210 163 #define CKA_WRAP_TEMPLATE (0x0211 | CKF_ARRAY_ATTRIBUTE) 164 #define CKA_UNWRAP_TEMPLATE (0x0212 | CKF_ARRAY_ATTRIBUTE) 165 #define CKA_DERIVE_TEMPLATE (0x0213 | CKF_ARRAY_ATTRIBUTE) 166 #define CKA_OTP_FORMAT 0x0220 167 #define CKA_OTP_LENGTH 0x0221 168 #define CKA_OTP_TIME_INTERVAL 0x0222 169 #define CKA_OTP_USER_FRIENDLY_MODE 0x0223 170 #define CKA_OTP_CHALLENGE_REQUIREMENT 0x0224 171 #define CKA_OTP_TIME_REQUIREMENT 0x0225 172 #define CKA_OTP_COUNTER_REQUIREMENT 0x0226 173 #define CKA_OTP_PIN_REQUIREMENT 0x0227 174 #define CKA_OTP_COUNTER 0x022e 175 #define CKA_OTP_TIME 0x022f 176 #define CKA_OTP_USER_IDENTIFIER 0x022a 177 #define CKA_OTP_SERVICE_IDENTIFIER 0x022b 178 #define CKA_OTP_SERVICE_LOGO 0x022c 179 #define CKA_OTP_SERVICE_LOGO_TYPE 0x022d 180 #define CKA_GOSTR3410_PARAMS 0x0250 181 #define CKA_GOSTR3411_PARAMS 0x0251 182 #define CKA_GOST28147_PARAMS 0x0252 183 #define CKA_HW_FEATURE_TYPE 0x0300 184 #define CKA_RESET_ON_INIT 0x0301 185 #define CKA_HAS_RESET 0x0302 186 #define CKA_PIXEL_X 0x0400 187 #define CKA_PIXEL_Y 0x0401 188 #define CKA_RESOLUTION 0x0402 189 #define CKA_CHAR_ROWS 0x0403 190 #define CKA_CHAR_COLUMNS 0x0404 191 #define CKA_COLOR 0x0405 192 #define CKA_BITS_PER_PIXEL 0x0406 193 #define CKA_CHAR_SETS 0x0480 194 #define CKA_ENCODING_METHODS 0x0481 195 #define CKA_MIME_TYPES 0x0482 196 #define CKA_MECHANISM_TYPE 0x0500 197 #define CKA_REQUIRED_CMS_ATTRIBUTES 0x0501 198 #define CKA_DEFAULT_CMS_ATTRIBUTES 0x0502 199 #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x0503 200 #define CKA_ALLOWED_MECHANISMS (0x0600 | CKF_ARRAY_ATTRIBUTE) 201 202 /* Attribute CKA_CLASS refers to a CK_OBJECT_CLASS typed value */ 203 typedef CK_ULONG CK_OBJECT_CLASS; 204 typedef CK_OBJECT_CLASS *CK_OBJECT_CLASS_PTR; 205 206 /* Values for type CK_OBJECT_CLASS */ 207 #define CKO_VENDOR_DEFINED (1U << 31) 208 #define CKO_DATA 0x0 209 #define CKO_CERTIFICATE 0x1 210 #define CKO_PUBLIC_KEY 0x2 211 #define CKO_PRIVATE_KEY 0x3 212 #define CKO_SECRET_KEY 0x4 213 #define CKO_HW_FEATURE 0x5 214 #define CKO_DOMAIN_PARAMETERS 0x6 215 #define CKO_MECHANISM 0x7 216 #define CKO_OTP_KEY 0x8 217 218 /* Attribute CKA_KEY_TYPE refers to a CK_KEY_TYPE typed value */ 219 typedef CK_ULONG CK_KEY_TYPE; 220 typedef CK_KEY_TYPE *CK_KEY_TYPE_PTR; 221 222 /* 223 * Values for type CK_KEY_TYPE 224 * 225 * This does not cover the full PKCS#11 IDs. 226 */ 227 #define CKK_VENDOR_DEFINED (1U << 31) 228 #define CKK_RSA 0x000 229 #define CKK_DSA 0x001 230 #define CKK_DH 0x002 231 #define CKK_ECDSA 0x003 232 #define CKK_EC 0x003 233 #define CKK_GENERIC_SECRET 0x010 234 #define CKK_DES3 0x015 235 #define CKK_AES 0x01f 236 #define CKK_HOTP 0x023 237 #define CKK_MD5_HMAC 0x027 238 #define CKK_SHA_1_HMAC 0x028 239 #define CKK_SHA256_HMAC 0x02b 240 #define CKK_SHA384_HMAC 0x02c 241 #define CKK_SHA512_HMAC 0x02d 242 #define CKK_SHA224_HMAC 0x02e 243 244 /* 245 * Mechanisms 246 * 247 * Note: a mechanism can be referenced as object reference in some PKCS#11 API 248 * functions. In such case, the object hold attribute CKA_MECHANISM_TYPE which 249 * refers to a CK_MECHANISM_TYPE typed value that defines the target mechanism. 250 */ 251 252 typedef CK_ULONG CK_MECHANISM_TYPE; 253 typedef CK_MECHANISM_TYPE *CK_MECHANISM_TYPE_PTR; 254 255 /* 256 * Values for type CK_MECHANISM_TYPE 257 * 258 * This does not cover the full PKCS#11 IDs. 259 */ 260 #define CKM_VENDOR_DEFINED (1U << 31) 261 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000 262 #define CKM_RSA_PKCS 0x00001 263 #define CKM_RSA_9796 0x00002 264 #define CKM_RSA_X_509 0x00003 265 #define CKM_RSA_PKCS_OAEP 0x00009 266 #define CKM_SHA256_RSA_PKCS 0x00040 267 #define CKM_SHA384_RSA_PKCS 0x00041 268 #define CKM_SHA512_RSA_PKCS 0x00042 269 #define CKM_SHA256_RSA_PKCS_PSS 0x00043 270 #define CKM_SHA384_RSA_PKCS_PSS 0x00044 271 #define CKM_SHA512_RSA_PKCS_PSS 0x00045 272 #define CKM_SHA224_RSA_PKCS 0x00046 273 #define CKM_SHA224_RSA_PKCS_PSS 0x00047 274 #define CKM_SHA512_224 0x00048 275 #define CKM_SHA512_224_HMAC 0x00049 276 #define CKM_SHA512_224_HMAC_GENERAL 0x0004a 277 #define CKM_SHA512_224_KEY_DERIVATION 0x0004b 278 #define CKM_SHA512_256 0x0004c 279 #define CKM_SHA512_256_HMAC 0x0004d 280 #define CKM_SHA512_256_HMAC_GENERAL 0x0004e 281 #define CKM_SHA512_256_KEY_DERIVATION 0x0004f 282 #define CKM_DES3_ECB 0x00132 283 #define CKM_DES3_CBC 0x00133 284 #define CKM_DES3_MAC 0x00134 285 #define CKM_DES3_MAC_GENERAL 0x00135 286 #define CKM_DES3_CBC_PAD 0x00136 287 #define CKM_DES3_CMAC_GENERAL 0x00137 288 #define CKM_DES3_CMAC 0x00138 289 #define CKM_MD5 0x00210 290 #define CKM_MD5_HMAC 0x00211 291 #define CKM_MD5_HMAC_GENERAL 0x00212 292 #define CKM_SHA_1 0x00220 293 #define CKM_SHA_1_HMAC 0x00221 294 #define CKM_SHA_1_HMAC_GENERAL 0x00222 295 #define CKM_SHA256 0x00250 296 #define CKM_SHA256_HMAC 0x00251 297 #define CKM_SHA256_HMAC_GENERAL 0x00252 298 #define CKM_SHA224 0x00255 299 #define CKM_SHA224_HMAC 0x00256 300 #define CKM_SHA224_HMAC_GENERAL 0x00257 301 #define CKM_SHA384 0x00260 302 #define CKM_SHA384_HMAC 0x00261 303 #define CKM_SHA384_HMAC_GENERAL 0x00262 304 #define CKM_SHA512 0x00270 305 #define CKM_SHA512_HMAC 0x00271 306 #define CKM_SHA512_HMAC_GENERAL 0x00272 307 #define CKM_HOTP_KEY_GEN 0x00290 308 #define CKM_HOTP 0x00291 309 #define CKM_GENERIC_SECRET_KEY_GEN 0x00350 310 #define CKM_MD5_KEY_DERIVATION 0x00390 311 #define CKM_MD2_KEY_DERIVATION 0x00391 312 #define CKM_SHA1_KEY_DERIVATION 0x00392 313 #define CKM_SHA256_KEY_DERIVATION 0x00393 314 #define CKM_SHA384_KEY_DERIVATION 0x00394 315 #define CKM_SHA512_KEY_DERIVATION 0x00395 316 #define CKM_SHA224_KEY_DERIVATION 0x00396 317 #define CKM_EC_KEY_PAIR_GEN 0x01040 318 #define CKM_ECDSA 0x01041 319 #define CKM_ECDSA_SHA1 0x01042 320 #define CKM_ECDSA_SHA224 0x01043 321 #define CKM_ECDSA_SHA256 0x01044 322 #define CKM_ECDSA_SHA384 0x01045 323 #define CKM_ECDSA_SHA512 0x01046 324 #define CKM_ECDH1_DERIVE 0x01050 325 #define CKM_ECDH1_COFACTOR_DERIVE 0x01051 326 #define CKM_ECMQV_DERIVE 0x01052 327 #define CKM_ECDH_AES_KEY_WRAP 0x01053 328 #define CKM_RSA_AES_KEY_WRAP 0x01054 329 #define CKM_AES_KEY_GEN 0x01080 330 #define CKM_AES_ECB 0x01081 331 #define CKM_AES_CBC 0x01082 332 #define CKM_AES_MAC 0x01083 333 #define CKM_AES_MAC_GENERAL 0x01084 334 #define CKM_AES_CBC_PAD 0x01085 335 #define CKM_AES_CTR 0x01086 336 #define CKM_AES_GCM 0x01087 337 #define CKM_AES_CCM 0x01088 338 #define CKM_AES_CTS 0x01089 339 #define CKM_AES_CMAC 0x0108a 340 #define CKM_AES_CMAC_GENERAL 0x0108b 341 #define CKM_AES_XCBC_MAC 0x0108c 342 #define CKM_AES_XCBC_MAC_96 0x0108d 343 #define CKM_AES_GMAC 0x0108e 344 #define CKM_DES3_ECB_ENCRYPT_DATA 0x01102 345 #define CKM_DES3_CBC_ENCRYPT_DATA 0x01103 346 #define CKM_AES_ECB_ENCRYPT_DATA 0x01104 347 #define CKM_AES_CBC_ENCRYPT_DATA 0x01105 348 #define CKM_AES_KEY_WRAP 0x02109 349 #define CKM_AES_KEY_WRAP_PAD 0x0210a 350 351 typedef struct CK_MECHANISM_INFO CK_MECHANISM_INFO; 352 typedef struct CK_MECHANISM_INFO *CK_MECHANISM_INFO_PTR; 353 354 struct CK_MECHANISM_INFO { 355 CK_ULONG ulMinKeySize; 356 CK_ULONG ulMaxKeySize; 357 CK_FLAGS flags; 358 }; 359 360 /* Flags for field flags of struct ck_mechanism_info */ 361 #define CKF_HW (1U << 0) 362 #define CKF_ENCRYPT (1U << 8) 363 #define CKF_DECRYPT (1U << 9) 364 #define CKF_DIGEST (1U << 10) 365 #define CKF_SIGN (1U << 11) 366 #define CKF_SIGN_RECOVER (1U << 12) 367 #define CKF_VERIFY (1U << 13) 368 #define CKF_VERIFY_RECOVER (1U << 14) 369 #define CKF_GENERATE (1U << 15) 370 #define CKF_GENERATE_KEY_PAIR (1U << 16) 371 #define CKF_WRAP (1U << 17) 372 #define CKF_UNWRAP (1U << 18) 373 #define CKF_DERIVE (1U << 19) 374 #define CKF_EC_F_P (1U << 20) 375 #define CKF_EC_F_2M (1U << 21) 376 #define CKF_EC_ECPARAMETERS (1U << 22) 377 #define CKF_EC_NAMEDCURVE (1U << 23) 378 #define CKF_EC_UNCOMPRESS (1U << 24) 379 #define CKF_EC_COMPRESS (1U << 25) 380 #define CKF_EXTENSION (1U << 31) 381 382 /* 383 * Mechanism parameter structures 384 * 385 * This does not cover the whole mechanism parameter structures defined by 386 * the PKCS#11. To be updated when needed. 387 */ 388 389 typedef struct CK_MECHANISM CK_MECHANISM; 390 typedef struct CK_MECHANISM *CK_MECHANISM_PTR; 391 392 struct CK_MECHANISM { 393 CK_MECHANISM_TYPE mechanism; 394 CK_VOID_PTR pParameter; 395 CK_ULONG ulParameterLen; 396 }; 397 398 /* MAC General parameters */ 399 typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 400 typedef CK_MAC_GENERAL_PARAMS *CK_MAC_GENERAL_PARAMS_PTR; 401 402 /* AES CBC encryption parameters */ 403 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_AES_CBC_ENCRYPT_DATA_PARAMS; 404 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS 405 *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; 406 407 struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { 408 CK_BYTE iv[16]; 409 CK_BYTE_PTR pData; 410 CK_ULONG length; 411 }; 412 413 /* AES CTR parameters */ 414 typedef struct CK_AES_CTR_PARAMS CK_AES_CTR_PARAMS; 415 typedef struct CK_AES_CTR_PARAMS *CK_AES_CTR_PARAMS_PTR; 416 417 struct CK_AES_CTR_PARAMS { 418 CK_ULONG ulCounterBits; 419 CK_BYTE cb[16]; 420 }; 421 422 /* AES GCM parameters */ 423 typedef struct CK_GCM_PARAMS CK_GCM_PARAMS; 424 typedef struct CK_GCM_PARAMS *CK_GCM_PARAMS_PTR; 425 426 struct CK_GCM_PARAMS { 427 CK_BYTE_PTR pIv; 428 CK_ULONG ulIvLen; 429 CK_ULONG ulIvBits; 430 CK_BYTE_PTR pAAD; 431 CK_ULONG ulAADLen; 432 CK_ULONG ulTagBits; 433 }; 434 435 /* AES CCM parameters */ 436 typedef struct CK_CCM_PARAMS CK_CCM_PARAMS; 437 typedef struct CK_CCM_PARAMS *CK_CCM_PARAMS_PTR; 438 439 struct CK_CCM_PARAMS { 440 CK_ULONG ulDataLen; 441 CK_BYTE_PTR pNonce; 442 CK_ULONG ulNonceLen; 443 CK_BYTE_PTR pAAD; 444 CK_ULONG ulAADLen; 445 CK_ULONG ulMACLen; 446 }; 447 448 typedef struct CK_KEY_DERIVATION_STRING_DATA CK_KEY_DERIVATION_STRING_DATA; 449 typedef struct CK_KEY_DERIVATION_STRING_DATA 450 *CK_KEY_DERIVATION_STRING_DATA_PTR; 451 452 struct CK_KEY_DERIVATION_STRING_DATA { 453 CK_BYTE_PTR pData; 454 CK_ULONG ulLen; 455 }; 456 457 /* 458 * PKCS#11 return values 459 */ 460 typedef CK_ULONG CK_RV; 461 462 /* Values for type CK_RV */ 463 #define CKR_VENDOR_DEFINED (1U << 31) 464 #define CKR_OK 0x0000 465 #define CKR_CANCEL 0x0001 466 #define CKR_HOST_MEMORY 0x0002 467 #define CKR_SLOT_ID_INVALID 0x0003 468 #define CKR_GENERAL_ERROR 0x0005 469 #define CKR_FUNCTION_FAILED 0x0006 470 #define CKR_ARGUMENTS_BAD 0x0007 471 #define CKR_NO_EVENT 0x0008 472 #define CKR_NEED_TO_CREATE_THREADS 0x0009 473 #define CKR_CANT_LOCK 0x000a 474 #define CKR_ATTRIBUTE_READ_ONLY 0x0010 475 #define CKR_ATTRIBUTE_SENSITIVE 0x0011 476 #define CKR_ATTRIBUTE_TYPE_INVALID 0x0012 477 #define CKR_ATTRIBUTE_VALUE_INVALID 0x0013 478 #define CKR_ACTION_PROHIBITED 0x001b 479 #define CKR_DATA_INVALID 0x0020 480 #define CKR_DATA_LEN_RANGE 0x0021 481 #define CKR_DEVICE_ERROR 0x0030 482 #define CKR_DEVICE_MEMORY 0x0031 483 #define CKR_DEVICE_REMOVED 0x0032 484 #define CKR_ENCRYPTED_DATA_INVALID 0x0040 485 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x0041 486 #define CKR_FUNCTION_CANCELED 0x0050 487 #define CKR_FUNCTION_NOT_PARALLEL 0x0051 488 #define CKR_FUNCTION_NOT_SUPPORTED 0x0054 489 #define CKR_KEY_HANDLE_INVALID 0x0060 490 #define CKR_KEY_SIZE_RANGE 0x0062 491 #define CKR_KEY_TYPE_INCONSISTENT 0x0063 492 #define CKR_KEY_NOT_NEEDED 0x0064 493 #define CKR_KEY_CHANGED 0x0065 494 #define CKR_KEY_NEEDED 0x0066 495 #define CKR_KEY_INDIGESTIBLE 0x0067 496 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x0068 497 #define CKR_KEY_NOT_WRAPPABLE 0x0069 498 #define CKR_KEY_UNEXTRACTABLE 0x006a 499 #define CKR_MECHANISM_INVALID 0x0070 500 #define CKR_MECHANISM_PARAM_INVALID 0x0071 501 #define CKR_OBJECT_HANDLE_INVALID 0x0082 502 #define CKR_OPERATION_ACTIVE 0x0090 503 #define CKR_OPERATION_NOT_INITIALIZED 0x0091 504 #define CKR_PIN_INCORRECT 0x00a0 505 #define CKR_PIN_INVALID 0x00a1 506 #define CKR_PIN_LEN_RANGE 0x00a2 507 #define CKR_PIN_EXPIRED 0x00a3 508 #define CKR_PIN_LOCKED 0x00a4 509 #define CKR_SESSION_CLOSED 0x00b0 510 #define CKR_SESSION_COUNT 0x00b1 511 #define CKR_SESSION_HANDLE_INVALID 0x00b3 512 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x00b4 513 #define CKR_SESSION_READ_ONLY 0x00b5 514 #define CKR_SESSION_EXISTS 0x00b6 515 #define CKR_SESSION_READ_ONLY_EXISTS 0x00b7 516 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x00b8 517 #define CKR_SIGNATURE_INVALID 0x00c0 518 #define CKR_SIGNATURE_LEN_RANGE 0x00c1 519 #define CKR_TEMPLATE_INCOMPLETE 0x00d0 520 #define CKR_TEMPLATE_INCONSISTENT 0x00d1 521 #define CKR_TOKEN_NOT_PRESENT 0x00e0 522 #define CKR_TOKEN_NOT_RECOGNIZED 0x00e1 523 #define CKR_TOKEN_WRITE_PROTECTED 0x00e2 524 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x00f0 525 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x00f1 526 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x00f2 527 #define CKR_USER_ALREADY_LOGGED_IN 0x0100 528 #define CKR_USER_NOT_LOGGED_IN 0x0101 529 #define CKR_USER_PIN_NOT_INITIALIZED 0x0102 530 #define CKR_USER_TYPE_INVALID 0x0103 531 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x0104 532 #define CKR_USER_TOO_MANY_TYPES 0x0105 533 #define CKR_WRAPPED_KEY_INVALID 0x0110 534 #define CKR_WRAPPED_KEY_LEN_RANGE 0x0112 535 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x0113 536 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x0114 537 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x0115 538 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x0120 539 #define CKR_RANDOM_NO_RNG 0x0121 540 #define CKR_DOMAIN_PARAMS_INVALID 0x0130 541 #define CKR_CURVE_NOT_SUPPORTED 0x0140 542 #define CKR_BUFFER_TOO_SMALL 0x0150 543 #define CKR_SAVED_STATE_INVALID 0x0160 544 #define CKR_INFORMATION_SENSITIVE 0x0170 545 #define CKR_STATE_UNSAVEABLE 0x0180 546 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x0190 547 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x0191 548 #define CKR_MUTEX_BAD 0x01a0 549 #define CKR_MUTEX_NOT_LOCKED 0x01a1 550 #define CKR_NEW_PIN_MODE 0x01b0 551 #define CKR_NEXT_OTP 0x01b1 552 #define CKR_EXCEEDED_MAX_ITERATIONS 0x01b5 553 #define CKR_FIPS_SELF_TEST_FAILED 0x01b6 554 #define CKR_LIBRARY_LOAD_FAILED 0x01b7 555 #define CKR_PIN_TOO_WEAK 0x01b8 556 #define CKR_PUBLIC_KEY_INVALID 0x01b9 557 #define CKR_FUNCTION_REJECTED 0x0200 558 559 /* 560 * PKCS#11 API functions 561 */ 562 563 /* Argument for C_GetInfo */ 564 typedef struct CK_INFO CK_INFO; 565 typedef struct CK_INFO *CK_INFO_PTR; 566 567 struct CK_INFO { 568 CK_VERSION cryptokiVersion; 569 CK_UTF8CHAR manufacturerID[32]; 570 CK_FLAGS flags; 571 CK_UTF8CHAR libraryDescription[32]; 572 CK_VERSION libraryVersion; 573 }; 574 575 /* Argument for C_GetSlotInfo */ 576 typedef struct CK_SLOT_INFO CK_SLOT_INFO; 577 typedef struct CK_SLOT_INFO *CK_SLOT_INFO_PTR; 578 579 struct CK_SLOT_INFO { 580 CK_UTF8CHAR slotDescription[64]; 581 CK_UTF8CHAR manufacturerID[32]; 582 CK_FLAGS flags; 583 CK_VERSION hardwareVersion; 584 CK_VERSION firmwareVersion; 585 }; 586 587 /* Values for field flags of struct ck_slot_info */ 588 #define CKF_TOKEN_PRESENT (1U << 0) 589 #define CKF_REMOVABLE_DEVICE (1U << 1) 590 #define CKF_HW_SLOT (1U << 2) 591 592 /* Argument for C_GetTokenInfo */ 593 typedef struct CK_TOKEN_INFO CK_TOKEN_INFO; 594 typedef struct CK_TOKEN_INFO *CK_TOKEN_INFO_PTR; 595 596 struct CK_TOKEN_INFO { 597 CK_UTF8CHAR label[32]; 598 CK_UTF8CHAR manufacturerID[32]; 599 CK_UTF8CHAR model[16]; 600 CK_CHAR serialNumber[16]; 601 CK_FLAGS flags; 602 CK_ULONG ulMaxSessionCount; 603 CK_ULONG ulSessionCount; 604 CK_ULONG ulMaxRwSessionCount; 605 CK_ULONG ulRwSessionCount; 606 CK_ULONG ulMaxPinLen; 607 CK_ULONG ulMinPinLen; 608 CK_ULONG ulTotalPublicMemory; 609 CK_ULONG ulFreePublicMemory; 610 CK_ULONG ulTotalPrivateMemory; 611 CK_ULONG ulFreePrivateMemory; 612 CK_VERSION hardwareVersion; 613 CK_VERSION firmwareVersion; 614 CK_CHAR utcTime[16]; 615 }; 616 617 /* Values for field flags of struct ck_token_info */ 618 #define CKF_RNG (1U << 0) 619 #define CKF_WRITE_PROTECTED (1U << 1) 620 #define CKF_LOGIN_REQUIRED (1U << 2) 621 #define CKF_USER_PIN_INITIALIZED (1U << 3) 622 #define CKF_RESTORE_KEY_NOT_NEEDED (1U << 5) 623 #define CKF_CLOCK_ON_TOKEN (1U << 6) 624 #define CKF_PROTECTED_AUTHENTICATION_PATH (1U << 8) 625 #define CKF_DUAL_CRYPTO_OPERATIONS (1U << 9) 626 #define CKF_TOKEN_INITIALIZED (1U << 10) 627 #define CKF_SECONDARY_AUTHENTICATION (1U << 11) 628 #define CKF_USER_PIN_COUNT_LOW (1U << 16) 629 #define CKF_USER_PIN_FINAL_TRY (1U << 17) 630 #define CKF_USER_PIN_LOCKED (1U << 18) 631 #define CKF_USER_PIN_TO_BE_CHANGED (1U << 19) 632 #define CKF_SO_PIN_COUNT_LOW (1U << 20) 633 #define CKF_SO_PIN_FINAL_TRY (1U << 21) 634 #define CKF_SO_PIN_LOCKED (1U << 22) 635 #define CKF_SO_PIN_TO_BE_CHANGED (1U << 23) 636 #define CKF_ERROR_STATE (1U << 24) 637 638 /* Argument for C_GetSessionInfo */ 639 typedef struct CK_SESSION_INFO CK_SESSION_INFO; 640 typedef struct CK_SESSION_INFO *CK_SESSION_INFO_PTR; 641 642 typedef CK_ULONG CK_STATE; 643 644 /* Values for CK_STATE */ 645 #define CKS_RO_PUBLIC_SESSION 0 646 #define CKS_RO_USER_FUNCTIONS 1 647 #define CKS_RW_PUBLIC_SESSION 2 648 #define CKS_RW_USER_FUNCTIONS 3 649 #define CKS_RW_SO_FUNCTIONS 4 650 651 struct CK_SESSION_INFO { 652 CK_SLOT_ID slotID; 653 CK_STATE state; 654 CK_FLAGS flags; 655 CK_ULONG ulDeviceError; 656 }; 657 658 /* Values for field flags of struct ck_session_info */ 659 #define CKF_RW_SESSION (1U << 1) 660 #define CKF_SERIAL_SESSION (1U << 2) 661 662 /* Argument for C_Login */ 663 typedef CK_ULONG CK_USER_TYPE; 664 665 /* Values for CK_USER_TYPE */ 666 #define CKU_SO 0 667 #define CKU_USER 1 668 #define CKU_CONTEXT_SPECIFIC 2 669 670 /* Values for argument flags of C_WaitForSlotEvent */ 671 #define CKF_DONT_BLOCK 1 672 673 /* Argument for CK_NOTIFY typed callback function */ 674 typedef CK_ULONG CK_NOTIFICATION; 675 676 /* Values for CK_NOTIFICATION */ 677 #define CKN_SURRENDER 0 678 #define CKN_OTP_CHANGED 1 679 680 /* Callback handler types */ 681 typedef CK_RV (*CK_NOTIFY) (CK_SESSION_HANDLE hSession, CK_NOTIFICATION event, 682 CK_VOID_PTR pApplication); 683 typedef CK_RV (*CK_CREATEMUTEX) (CK_VOID_PTR_PTR ppMutex); 684 typedef CK_RV (*CK_DESTROYMUTEX) (CK_VOID_PTR pMutex); 685 typedef CK_RV (*CK_LOCKMUTEX) (CK_VOID_PTR pMutex); 686 typedef CK_RV (*CK_UNLOCKMUTEX) (CK_VOID_PTR pMutex); 687 688 /* Argument for C_GetFunctionList */ 689 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 690 typedef struct CK_FUNCTION_LIST *CK_FUNCTION_LIST_PTR; 691 typedef struct CK_FUNCTION_LIST **CK_FUNCTION_LIST_PTR_PTR; 692 693 struct CK_FUNCTION_LIST { 694 CK_VERSION version; 695 CK_RV (*C_Initialize)(CK_VOID_PTR pInitArgs); 696 CK_RV (*C_Finalize)(CK_VOID_PTR pReserved); 697 CK_RV (*C_GetInfo)(CK_INFO_PTR pInfo); 698 CK_RV (*C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); 699 CK_RV (*C_GetSlotList)(CK_BBOOL tokenPresent, 700 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount); 701 CK_RV (*C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); 702 CK_RV (*C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); 703 CK_RV (*C_GetMechanismList)(CK_SLOT_ID slotID, 704 CK_MECHANISM_TYPE_PTR pMechanismList, 705 CK_ULONG_PTR pulCount); 706 CK_RV (*C_GetMechanismInfo)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, 707 CK_MECHANISM_INFO_PTR pInfo); 708 CK_RV (*C_InitToken)(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, 709 CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); 710 CK_RV (*C_InitPIN)(CK_SESSION_HANDLE hSession, 711 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 712 CK_RV (*C_SetPIN)(CK_SESSION_HANDLE hSession, 713 CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, 714 CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen); 715 CK_RV (*C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags, 716 CK_VOID_PTR pApplication, CK_NOTIFY Notify, 717 CK_SESSION_HANDLE_PTR phSession); 718 CK_RV (*C_CloseSession)(CK_SESSION_HANDLE hSession); 719 CK_RV (*C_CloseAllSessions)(CK_SLOT_ID slotID); 720 CK_RV (*C_GetSessionInfo)(CK_SESSION_HANDLE hSession, 721 CK_SESSION_INFO_PTR pInfo); 722 CK_RV (*C_GetOperationState)(CK_SESSION_HANDLE hSession, 723 CK_BYTE_PTR pOperationState, 724 CK_ULONG_PTR pulOperationStateLen); 725 CK_RV (*C_SetOperationState)(CK_SESSION_HANDLE hSession, 726 CK_BYTE_PTR pOperationState, 727 CK_ULONG ulOperationStateLen, 728 CK_OBJECT_HANDLE hEncryptionKey, 729 CK_OBJECT_HANDLE hAuthenticationKey); 730 CK_RV (*C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, 731 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 732 CK_RV (*C_Logout)(CK_SESSION_HANDLE hSession); 733 CK_RV (*C_CreateObject)(CK_SESSION_HANDLE hSession, 734 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 735 CK_OBJECT_HANDLE_PTR phObject); 736 CK_RV (*C_CopyObject)(CK_SESSION_HANDLE hSession, 737 CK_OBJECT_HANDLE hObject, 738 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 739 CK_OBJECT_HANDLE_PTR phNewObject); 740 CK_RV (*C_DestroyObject)(CK_SESSION_HANDLE hSession, 741 CK_OBJECT_HANDLE hObject); 742 CK_RV (*C_GetObjectSize)(CK_SESSION_HANDLE hSession, 743 CK_OBJECT_HANDLE hObject, 744 CK_ULONG_PTR pulSize); 745 CK_RV (*C_GetAttributeValue)(CK_SESSION_HANDLE hSession, 746 CK_OBJECT_HANDLE hObject, 747 CK_ATTRIBUTE_PTR pTemplate, 748 CK_ULONG ulCount); 749 CK_RV (*C_SetAttributeValue)(CK_SESSION_HANDLE hSession, 750 CK_OBJECT_HANDLE hObject, 751 CK_ATTRIBUTE_PTR pTemplate, 752 CK_ULONG ulCount); 753 CK_RV (*C_FindObjectsInit)(CK_SESSION_HANDLE hSession, 754 CK_ATTRIBUTE_PTR pTemplate, 755 CK_ULONG ulCount); 756 CK_RV (*C_FindObjects)(CK_SESSION_HANDLE hSession, 757 CK_OBJECT_HANDLE_PTR phObject, 758 CK_ULONG ulMaxObjectCount, 759 CK_ULONG_PTR pulObjectCount); 760 CK_RV (*C_FindObjectsFinal)(CK_SESSION_HANDLE hSession); 761 CK_RV (*C_EncryptInit)(CK_SESSION_HANDLE hSession, 762 CK_MECHANISM_PTR pMechanism, 763 CK_OBJECT_HANDLE hKey); 764 CK_RV (*C_Encrypt)(CK_SESSION_HANDLE hSession, 765 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 766 CK_BYTE_PTR pEncryptedData, 767 CK_ULONG_PTR pulEncryptedDataLen); 768 CK_RV (*C_EncryptUpdate)(CK_SESSION_HANDLE hSession, 769 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 770 CK_BYTE_PTR pEncryptedData, 771 CK_ULONG_PTR pulEncryptedDataLen); 772 CK_RV (*C_EncryptFinal)(CK_SESSION_HANDLE hSession, 773 CK_BYTE_PTR pLastEncryptedPart, 774 CK_ULONG_PTR pulLastEncryptedPartLen); 775 CK_RV (*C_DecryptInit)(CK_SESSION_HANDLE hSession, 776 CK_MECHANISM_PTR pMechanism, 777 CK_OBJECT_HANDLE hKey); 778 CK_RV (*C_Decrypt)(CK_SESSION_HANDLE hSession, 779 CK_BYTE_PTR pEncryptedData, 780 CK_ULONG ulEncryptedDataLen, 781 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 782 CK_RV (*C_DecryptUpdate)(CK_SESSION_HANDLE hSession, 783 CK_BYTE_PTR pEncryptedPart, 784 CK_ULONG ulEncryptedPartLen, 785 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 786 CK_RV (*C_DecryptFinal)(CK_SESSION_HANDLE hSession, 787 CK_BYTE_PTR pLastPart, 788 CK_ULONG_PTR pulLastPartLen); 789 CK_RV (*C_DigestInit)(CK_SESSION_HANDLE hSession, 790 CK_MECHANISM_PTR pMechanism); 791 CK_RV (*C_Digest)(CK_SESSION_HANDLE hSession, 792 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 793 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 794 CK_RV (*C_DigestUpdate)(CK_SESSION_HANDLE hSession, 795 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 796 CK_RV (*C_DigestKey)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); 797 CK_RV (*C_DigestFinal)(CK_SESSION_HANDLE hSession, 798 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 799 CK_RV (*C_SignInit)(CK_SESSION_HANDLE hSession, 800 CK_MECHANISM_PTR pMechanism, 801 CK_OBJECT_HANDLE hKey); 802 CK_RV (*C_Sign)(CK_SESSION_HANDLE hSession, 803 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 804 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 805 CK_RV (*C_SignUpdate)(CK_SESSION_HANDLE hSession, 806 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 807 CK_RV (*C_SignFinal)(CK_SESSION_HANDLE hSession, 808 CK_BYTE_PTR pSignature, 809 CK_ULONG_PTR pulSignatureLen); 810 CK_RV (*C_SignRecoverInit)(CK_SESSION_HANDLE hSession, 811 CK_MECHANISM_PTR pMechanism, 812 CK_OBJECT_HANDLE hKey); 813 CK_RV (*C_SignRecover)(CK_SESSION_HANDLE hSession, 814 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 815 CK_BYTE_PTR pSignature, 816 CK_ULONG_PTR pulSignatureLen); 817 CK_RV (*C_VerifyInit)(CK_SESSION_HANDLE hSession, 818 CK_MECHANISM_PTR pMechanism, 819 CK_OBJECT_HANDLE hKey); 820 CK_RV (*C_Verify)(CK_SESSION_HANDLE hSession, 821 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 822 CK_BYTE_PTR pSignature, 823 CK_ULONG ulSignatureLen); 824 CK_RV (*C_VerifyUpdate)(CK_SESSION_HANDLE hSession, 825 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 826 CK_RV (*C_VerifyFinal)(CK_SESSION_HANDLE hSession, 827 CK_BYTE_PTR pSignature, 828 CK_ULONG ulSignatureLen); 829 CK_RV (*C_VerifyRecoverInit)(CK_SESSION_HANDLE hSession, 830 CK_MECHANISM_PTR pMechanism, 831 CK_OBJECT_HANDLE hKey); 832 CK_RV (*C_VerifyRecover)(CK_SESSION_HANDLE hSession, 833 CK_BYTE_PTR pSignature, 834 CK_ULONG ulSignatureLen, 835 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 836 CK_RV (*C_DigestEncryptUpdate)(CK_SESSION_HANDLE hSession, 837 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 838 CK_BYTE_PTR pEncryptedPart, 839 CK_ULONG_PTR pulEncryptedPartLen); 840 CK_RV (*C_DecryptDigestUpdate)(CK_SESSION_HANDLE hSession, 841 CK_BYTE_PTR pEncryptedPart, 842 CK_ULONG ulEncryptedPartLen, 843 CK_BYTE_PTR pPart, 844 CK_ULONG_PTR pulPartLen); 845 CK_RV (*C_SignEncryptUpdate)(CK_SESSION_HANDLE hSession, 846 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 847 CK_BYTE_PTR pEncryptedPart, 848 CK_ULONG_PTR pulEncryptedPartLen); 849 CK_RV (*C_DecryptVerifyUpdate)(CK_SESSION_HANDLE hSession, 850 CK_BYTE_PTR pEncryptedPart, 851 CK_ULONG ulEncryptedPartLen, 852 CK_BYTE_PTR pPart, 853 CK_ULONG_PTR pulPartLen); 854 CK_RV (*C_GenerateKey)(CK_SESSION_HANDLE hSession, 855 CK_MECHANISM_PTR pMechanism, 856 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 857 CK_OBJECT_HANDLE_PTR phKey); 858 CK_RV (*C_GenerateKeyPair)(CK_SESSION_HANDLE hSession, 859 CK_MECHANISM_PTR pMechanism, 860 CK_ATTRIBUTE_PTR pPublicKeyTemplate, 861 CK_ULONG ulPublicKeyAttributeCount, 862 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, 863 CK_ULONG ulPrivateKeyAttributeCount, 864 CK_OBJECT_HANDLE_PTR phPublicKey, 865 CK_OBJECT_HANDLE_PTR phPrivateKey); 866 CK_RV (*C_WrapKey)(CK_SESSION_HANDLE hSession, 867 CK_MECHANISM_PTR pMechanism, 868 CK_OBJECT_HANDLE hWrappingKey, 869 CK_OBJECT_HANDLE hKey, 870 CK_BYTE_PTR pWrappedKey, 871 CK_ULONG_PTR pulWrappedKeyLen); 872 CK_RV (*C_UnwrapKey)(CK_SESSION_HANDLE hSession, 873 CK_MECHANISM_PTR pMechanism, 874 CK_OBJECT_HANDLE hUnwrappingKey, 875 CK_BYTE_PTR pWrappedKey, 876 CK_ULONG ulWrappedKeyLen, 877 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 878 CK_OBJECT_HANDLE_PTR phKey); 879 CK_RV (*C_DeriveKey)(CK_SESSION_HANDLE hSession, 880 CK_MECHANISM_PTR pMechanism, 881 CK_OBJECT_HANDLE hBaseKey, 882 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 883 CK_OBJECT_HANDLE_PTR phKey); 884 CK_RV (*C_SeedRandom)(CK_SESSION_HANDLE hSession, 885 CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen); 886 CK_RV (*C_GenerateRandom)(CK_SESSION_HANDLE hSession, 887 CK_BYTE_PTR pRandomData, 888 CK_ULONG ulRandomLen); 889 CK_RV (*C_GetFunctionStatus)(CK_SESSION_HANDLE hSession); 890 CK_RV (*C_CancelFunction)(CK_SESSION_HANDLE hSession); 891 CK_RV (*C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR slotID, 892 CK_VOID_PTR pReserved); 893 }; 894 895 /* Optional init_args structure for C_Initialize */ 896 typedef struct CK_C_INITIALIZE_ARGS CK_C_INITIALIZE_ARGS; 897 typedef struct CK_C_INITIALIZE_ARGS *CK_C_INITIALIZE_ARGS_PTR; 898 899 struct CK_C_INITIALIZE_ARGS { 900 CK_CREATEMUTEX CreateMutex; 901 CK_DESTROYMUTEX DestroyMutex; 902 CK_LOCKMUTEX LockMutex; 903 CK_UNLOCKMUTEX UnlockMutex; 904 CK_FLAGS flags; 905 CK_VOID_PTR reserved; 906 }; 907 908 /* Flags for field flags of struct ck_c_initialize_args */ 909 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1U << 0) 910 #define CKF_OS_LOCKING_OK (1U << 1) 911 912 CK_RV C_Initialize(CK_VOID_PTR pInitArgs); 913 914 CK_RV C_Finalize(CK_VOID_PTR pReserved); 915 916 CK_RV C_GetInfo(CK_INFO_PTR pInfo); 917 918 CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); 919 920 CK_RV C_GetSlotList(CK_BBOOL tokenPresent, 921 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount); 922 923 CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); 924 925 CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); 926 927 CK_RV C_GetMechanismList(CK_SLOT_ID slotID, 928 CK_MECHANISM_TYPE_PTR pMechanismList, 929 CK_ULONG_PTR pulCount); 930 931 CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, 932 CK_MECHANISM_INFO_PTR pInfo); 933 934 CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, 935 CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); 936 937 CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, 938 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 939 940 CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, 941 CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, 942 CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen); 943 944 CK_RV C_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, 945 CK_VOID_PTR pApplication, CK_NOTIFY Notify, 946 CK_SESSION_HANDLE_PTR phSession); 947 948 CK_RV C_CloseSession(CK_SESSION_HANDLE hSession); 949 950 CK_RV C_CloseAllSessions(CK_SLOT_ID slotID); 951 952 CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo); 953 954 CK_RV C_GetOperationState(CK_SESSION_HANDLE hSession, 955 CK_BYTE_PTR pOperationState, 956 CK_ULONG_PTR pulOperationStateLen); 957 958 CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession, 959 CK_BYTE_PTR pOperationState, 960 CK_ULONG ulOperationStateLen, 961 CK_OBJECT_HANDLE hEncryptionKey, 962 CK_OBJECT_HANDLE hAuthenticationKey); 963 964 CK_RV C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, 965 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 966 967 CK_RV C_Logout(CK_SESSION_HANDLE hSession); 968 969 CK_RV C_CreateObject(CK_SESSION_HANDLE hSession, 970 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 971 CK_OBJECT_HANDLE_PTR phObject); 972 973 CK_RV C_CopyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 974 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 975 CK_OBJECT_HANDLE_PTR phNewObject); 976 977 CK_RV C_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject); 978 979 CK_RV C_GetObjectSize(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 980 CK_ULONG_PTR pulSize); 981 982 CK_RV C_GetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 983 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 984 985 CK_RV C_SetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 986 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 987 988 CK_RV C_FindObjectsInit(CK_SESSION_HANDLE hSession, 989 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 990 991 CK_RV C_FindObjects(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, 992 CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount); 993 994 CK_RV C_FindObjectsFinal(CK_SESSION_HANDLE hSession); 995 996 CK_RV C_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 997 CK_OBJECT_HANDLE hKey); 998 999 CK_RV C_Encrypt(CK_SESSION_HANDLE hSession, 1000 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1001 CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen); 1002 1003 CK_RV C_EncryptUpdate(CK_SESSION_HANDLE hSession, 1004 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 1005 CK_BYTE_PTR pEncryptedData, 1006 CK_ULONG_PTR pulEncryptedDataLen); 1007 1008 CK_RV C_EncryptFinal(CK_SESSION_HANDLE hSession, 1009 CK_BYTE_PTR pLastEncryptedPart, 1010 CK_ULONG_PTR pulLastEncryptedPartLen); 1011 1012 CK_RV C_DecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1013 CK_OBJECT_HANDLE hKey); 1014 1015 CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, 1016 CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, 1017 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 1018 1019 CK_RV C_DecryptUpdate(CK_SESSION_HANDLE hSession, 1020 CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, 1021 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1022 1023 CK_RV C_DecryptFinal(CK_SESSION_HANDLE hSession, 1024 CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen); 1025 1026 CK_RV C_DigestInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism); 1027 1028 CK_RV C_Digest(CK_SESSION_HANDLE hSession, 1029 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1030 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 1031 1032 CK_RV C_DigestUpdate(CK_SESSION_HANDLE hSession, 1033 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1034 1035 CK_RV C_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); 1036 1037 CK_RV C_DigestFinal(CK_SESSION_HANDLE hSession, 1038 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 1039 1040 CK_RV C_SignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1041 CK_OBJECT_HANDLE hKey); 1042 1043 CK_RV C_Sign(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1044 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1045 1046 CK_RV C_SignUpdate(CK_SESSION_HANDLE hSession, 1047 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1048 1049 CK_RV C_SignFinal(CK_SESSION_HANDLE hSession, 1050 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1051 1052 CK_RV C_SignRecoverInit(CK_SESSION_HANDLE hSession, 1053 CK_MECHANISM_PTR pMechanism, 1054 CK_OBJECT_HANDLE hKey); 1055 1056 CK_RV C_SignRecover(CK_SESSION_HANDLE hSession, 1057 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1058 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1059 1060 CK_RV C_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1061 CK_OBJECT_HANDLE hKey); 1062 1063 CK_RV C_Verify(CK_SESSION_HANDLE hSession, 1064 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1065 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); 1066 1067 CK_RV C_VerifyUpdate(CK_SESSION_HANDLE hSession, 1068 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1069 1070 CK_RV C_VerifyFinal(CK_SESSION_HANDLE hSession, 1071 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); 1072 1073 CK_RV C_VerifyRecoverInit(CK_SESSION_HANDLE hSession, 1074 CK_MECHANISM_PTR pMechanism, 1075 CK_OBJECT_HANDLE hKey); 1076 1077 CK_RV C_VerifyRecover(CK_SESSION_HANDLE hSession, 1078 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, 1079 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 1080 1081 CK_RV C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, 1082 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 1083 CK_BYTE_PTR pEncryptedPart, 1084 CK_ULONG_PTR pulEncryptedPartLen); 1085 1086 CK_RV C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession, 1087 CK_BYTE_PTR pEncryptedPart, 1088 CK_ULONG ulEncryptedPartLen, 1089 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1090 1091 CK_RV C_SignEncryptUpdate(CK_SESSION_HANDLE hSession, 1092 CK_BYTE_PTR pPart, 1093 CK_ULONG ulPartLen, 1094 CK_BYTE_PTR pEncryptedPart, 1095 CK_ULONG_PTR pulEncryptedPartLen); 1096 1097 CK_RV C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, 1098 CK_BYTE_PTR pEncryptedPart, 1099 CK_ULONG ulEncryptedPartLen, 1100 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1101 1102 CK_RV C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1103 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1104 CK_OBJECT_HANDLE_PTR phKey); 1105 1106 CK_RV C_GenerateKeyPair(CK_SESSION_HANDLE hSession, 1107 CK_MECHANISM_PTR pMechanism, 1108 CK_ATTRIBUTE_PTR pPublicKeyTemplate, 1109 CK_ULONG ulPublicKeyAttributeCount, 1110 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, 1111 CK_ULONG ulPrivateKeyAttributeCount, 1112 CK_OBJECT_HANDLE_PTR phPublicKey, 1113 CK_OBJECT_HANDLE_PTR phPrivateKey); 1114 1115 CK_RV C_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1116 CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, 1117 CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen); 1118 1119 CK_RV C_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1120 CK_OBJECT_HANDLE hUnwrappingKey, 1121 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, 1122 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1123 CK_OBJECT_HANDLE_PTR phKey); 1124 1125 CK_RV C_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1126 CK_OBJECT_HANDLE hBaseKey, 1127 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1128 CK_OBJECT_HANDLE_PTR phKey); 1129 1130 CK_RV C_SeedRandom(CK_SESSION_HANDLE hSession, 1131 CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen); 1132 1133 CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession, 1134 CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen); 1135 1136 CK_RV C_GetFunctionStatus(CK_SESSION_HANDLE hSession); 1137 1138 CK_RV C_CancelFunction(CK_SESSION_HANDLE hSession); 1139 1140 CK_RV C_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR slotID, 1141 CK_VOID_PTR pReserved); 1142 1143 #ifdef __cplusplus 1144 } 1145 #endif 1146 1147 #endif /*PKCS11_H*/ 1148