Annotation of src/usr.bin/ssh/pkcs11.h, Revision 1.1
1.1 ! markus 1: /* pkcs11.h
! 2: Copyright 2006, 2007 g10 Code GmbH
! 3: Copyright 2006 Andreas Jellinghaus
! 4:
! 5: This file is free software; as a special exception the author gives
! 6: unlimited permission to copy and/or distribute it, with or without
! 7: modifications, as long as this notice is preserved.
! 8:
! 9: This file is distributed in the hope that it will be useful, but
! 10: WITHOUT ANY WARRANTY, to the extent permitted by law; without even
! 11: the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
! 12: PURPOSE. */
! 13:
! 14: /* Please submit changes back to the Scute project at
! 15: http://www.scute.org/ (or send them to marcus@g10code.com), so that
! 16: they can be picked up by other projects from there as well. */
! 17:
! 18: /* This file is a modified implementation of the PKCS #11 standard by
! 19: RSA Security Inc. It is mostly a drop-in replacement, with the
! 20: following change:
! 21:
! 22: This header file does not require any macro definitions by the user
! 23: (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros
! 24: for you (if useful, some are missing, let me know if you need
! 25: more).
! 26:
! 27: There is an additional API available that does comply better to the
! 28: GNU coding standard. It can be switched on by defining
! 29: CRYPTOKI_GNU before including this header file. For this, the
! 30: following changes are made to the specification:
! 31:
! 32: All structure types are changed to a "struct ck_foo" where CK_FOO
! 33: is the type name in PKCS #11.
! 34:
! 35: All non-structure types are changed to ck_foo_t where CK_FOO is the
! 36: lowercase version of the type name in PKCS #11. The basic types
! 37: (CK_ULONG et al.) are removed without substitute.
! 38:
! 39: All members of structures are modified in the following way: Type
! 40: indication prefixes are removed, and underscore characters are
! 41: inserted before words. Then the result is lowercased.
! 42:
! 43: Note that function names are still in the original case, as they
! 44: need for ABI compatibility.
! 45:
! 46: CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use
! 47: <stdbool.h>.
! 48:
! 49: If CRYPTOKI_COMPAT is defined before including this header file,
! 50: then none of the API changes above take place, and the API is the
! 51: one defined by the PKCS #11 standard. */
! 52:
! 53: #ifndef PKCS11_H
! 54: #define PKCS11_H 1
! 55:
! 56: #if defined(__cplusplus)
! 57: extern "C" {
! 58: #endif
! 59:
! 60:
! 61: /* The version of cryptoki we implement. The revision is changed with
! 62: each modification of this file. If you do not use the "official"
! 63: version of this file, please consider deleting the revision macro
! 64: (you may use a macro with a different name to keep track of your
! 65: versions). */
! 66: #define CRYPTOKI_VERSION_MAJOR 2
! 67: #define CRYPTOKI_VERSION_MINOR 20
! 68: #define CRYPTOKI_VERSION_REVISION 6
! 69:
! 70:
! 71: /* Compatibility interface is default, unless CRYPTOKI_GNU is
! 72: given. */
! 73: #ifndef CRYPTOKI_GNU
! 74: #ifndef CRYPTOKI_COMPAT
! 75: #define CRYPTOKI_COMPAT 1
! 76: #endif
! 77: #endif
! 78:
! 79: /* System dependencies. */
! 80:
! 81: #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
! 82:
! 83: /* There is a matching pop below. */
! 84: #pragma pack(push, cryptoki, 1)
! 85:
! 86: #ifdef CRYPTOKI_EXPORTS
! 87: #define CK_SPEC __declspec(dllexport)
! 88: #else
! 89: #define CK_SPEC __declspec(dllimport)
! 90: #endif
! 91:
! 92: #else
! 93:
! 94: #define CK_SPEC
! 95:
! 96: #endif
! 97:
! 98:
! 99: #ifdef CRYPTOKI_COMPAT
! 100: /* If we are in compatibility mode, switch all exposed names to the
! 101: PKCS #11 variant. There are corresponding #undefs below. */
! 102:
! 103: #define ck_flags_t CK_FLAGS
! 104: #define ck_version _CK_VERSION
! 105:
! 106: #define ck_info _CK_INFO
! 107: #define cryptoki_version cryptokiVersion
! 108: #define manufacturer_id manufacturerID
! 109: #define library_description libraryDescription
! 110: #define library_version libraryVersion
! 111:
! 112: #define ck_notification_t CK_NOTIFICATION
! 113: #define ck_slot_id_t CK_SLOT_ID
! 114:
! 115: #define ck_slot_info _CK_SLOT_INFO
! 116: #define slot_description slotDescription
! 117: #define hardware_version hardwareVersion
! 118: #define firmware_version firmwareVersion
! 119:
! 120: #define ck_token_info _CK_TOKEN_INFO
! 121: #define serial_number serialNumber
! 122: #define max_session_count ulMaxSessionCount
! 123: #define session_count ulSessionCount
! 124: #define max_rw_session_count ulMaxRwSessionCount
! 125: #define rw_session_count ulRwSessionCount
! 126: #define max_pin_len ulMaxPinLen
! 127: #define min_pin_len ulMinPinLen
! 128: #define total_public_memory ulTotalPublicMemory
! 129: #define free_public_memory ulFreePublicMemory
! 130: #define total_private_memory ulTotalPrivateMemory
! 131: #define free_private_memory ulFreePrivateMemory
! 132: #define utc_time utcTime
! 133:
! 134: #define ck_session_handle_t CK_SESSION_HANDLE
! 135: #define ck_user_type_t CK_USER_TYPE
! 136: #define ck_state_t CK_STATE
! 137:
! 138: #define ck_session_info _CK_SESSION_INFO
! 139: #define slot_id slotID
! 140: #define device_error ulDeviceError
! 141:
! 142: #define ck_object_handle_t CK_OBJECT_HANDLE
! 143: #define ck_object_class_t CK_OBJECT_CLASS
! 144: #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE
! 145: #define ck_key_type_t CK_KEY_TYPE
! 146: #define ck_certificate_type_t CK_CERTIFICATE_TYPE
! 147: #define ck_attribute_type_t CK_ATTRIBUTE_TYPE
! 148:
! 149: #define ck_attribute _CK_ATTRIBUTE
! 150: #define value pValue
! 151: #define value_len ulValueLen
! 152:
! 153: #define ck_date _CK_DATE
! 154:
! 155: #define ck_mechanism_type_t CK_MECHANISM_TYPE
! 156:
! 157: #define ck_mechanism _CK_MECHANISM
! 158: #define parameter pParameter
! 159: #define parameter_len ulParameterLen
! 160:
! 161: #define ck_mechanism_info _CK_MECHANISM_INFO
! 162: #define min_key_size ulMinKeySize
! 163: #define max_key_size ulMaxKeySize
! 164:
! 165: #define ck_rv_t CK_RV
! 166: #define ck_notify_t CK_NOTIFY
! 167:
! 168: #define ck_function_list _CK_FUNCTION_LIST
! 169:
! 170: #define ck_createmutex_t CK_CREATEMUTEX
! 171: #define ck_destroymutex_t CK_DESTROYMUTEX
! 172: #define ck_lockmutex_t CK_LOCKMUTEX
! 173: #define ck_unlockmutex_t CK_UNLOCKMUTEX
! 174:
! 175: #define ck_c_initialize_args _CK_C_INITIALIZE_ARGS
! 176: #define create_mutex CreateMutex
! 177: #define destroy_mutex DestroyMutex
! 178: #define lock_mutex LockMutex
! 179: #define unlock_mutex UnlockMutex
! 180: #define reserved pReserved
! 181:
! 182: #endif /* CRYPTOKI_COMPAT */
! 183:
! 184:
! 185:
! 186: typedef unsigned long ck_flags_t;
! 187:
! 188: struct ck_version
! 189: {
! 190: unsigned char major;
! 191: unsigned char minor;
! 192: };
! 193:
! 194:
! 195: struct ck_info
! 196: {
! 197: struct ck_version cryptoki_version;
! 198: unsigned char manufacturer_id[32];
! 199: ck_flags_t flags;
! 200: unsigned char library_description[32];
! 201: struct ck_version library_version;
! 202: };
! 203:
! 204:
! 205: typedef unsigned long ck_notification_t;
! 206:
! 207: #define CKN_SURRENDER (0)
! 208:
! 209:
! 210: typedef unsigned long ck_slot_id_t;
! 211:
! 212:
! 213: struct ck_slot_info
! 214: {
! 215: unsigned char slot_description[64];
! 216: unsigned char manufacturer_id[32];
! 217: ck_flags_t flags;
! 218: struct ck_version hardware_version;
! 219: struct ck_version firmware_version;
! 220: };
! 221:
! 222:
! 223: #define CKF_TOKEN_PRESENT (1 << 0)
! 224: #define CKF_REMOVABLE_DEVICE (1 << 1)
! 225: #define CKF_HW_SLOT (1 << 2)
! 226: #define CKF_ARRAY_ATTRIBUTE (1 << 30)
! 227:
! 228:
! 229: struct ck_token_info
! 230: {
! 231: unsigned char label[32];
! 232: unsigned char manufacturer_id[32];
! 233: unsigned char model[16];
! 234: unsigned char serial_number[16];
! 235: ck_flags_t flags;
! 236: unsigned long max_session_count;
! 237: unsigned long session_count;
! 238: unsigned long max_rw_session_count;
! 239: unsigned long rw_session_count;
! 240: unsigned long max_pin_len;
! 241: unsigned long min_pin_len;
! 242: unsigned long total_public_memory;
! 243: unsigned long free_public_memory;
! 244: unsigned long total_private_memory;
! 245: unsigned long free_private_memory;
! 246: struct ck_version hardware_version;
! 247: struct ck_version firmware_version;
! 248: unsigned char utc_time[16];
! 249: };
! 250:
! 251:
! 252: #define CKF_RNG (1 << 0)
! 253: #define CKF_WRITE_PROTECTED (1 << 1)
! 254: #define CKF_LOGIN_REQUIRED (1 << 2)
! 255: #define CKF_USER_PIN_INITIALIZED (1 << 3)
! 256: #define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5)
! 257: #define CKF_CLOCK_ON_TOKEN (1 << 6)
! 258: #define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8)
! 259: #define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9)
! 260: #define CKF_TOKEN_INITIALIZED (1 << 10)
! 261: #define CKF_SECONDARY_AUTHENTICATION (1 << 11)
! 262: #define CKF_USER_PIN_COUNT_LOW (1 << 16)
! 263: #define CKF_USER_PIN_FINAL_TRY (1 << 17)
! 264: #define CKF_USER_PIN_LOCKED (1 << 18)
! 265: #define CKF_USER_PIN_TO_BE_CHANGED (1 << 19)
! 266: #define CKF_SO_PIN_COUNT_LOW (1 << 20)
! 267: #define CKF_SO_PIN_FINAL_TRY (1 << 21)
! 268: #define CKF_SO_PIN_LOCKED (1 << 22)
! 269: #define CKF_SO_PIN_TO_BE_CHANGED (1 << 23)
! 270:
! 271: #define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1)
! 272: #define CK_EFFECTIVELY_INFINITE (0)
! 273:
! 274:
! 275: typedef unsigned long ck_session_handle_t;
! 276:
! 277: #define CK_INVALID_HANDLE (0)
! 278:
! 279:
! 280: typedef unsigned long ck_user_type_t;
! 281:
! 282: #define CKU_SO (0)
! 283: #define CKU_USER (1)
! 284: #define CKU_CONTEXT_SPECIFIC (2)
! 285:
! 286:
! 287: typedef unsigned long ck_state_t;
! 288:
! 289: #define CKS_RO_PUBLIC_SESSION (0)
! 290: #define CKS_RO_USER_FUNCTIONS (1)
! 291: #define CKS_RW_PUBLIC_SESSION (2)
! 292: #define CKS_RW_USER_FUNCTIONS (3)
! 293: #define CKS_RW_SO_FUNCTIONS (4)
! 294:
! 295:
! 296: struct ck_session_info
! 297: {
! 298: ck_slot_id_t slot_id;
! 299: ck_state_t state;
! 300: ck_flags_t flags;
! 301: unsigned long device_error;
! 302: };
! 303:
! 304: #define CKF_RW_SESSION (1 << 1)
! 305: #define CKF_SERIAL_SESSION (1 << 2)
! 306:
! 307:
! 308: typedef unsigned long ck_object_handle_t;
! 309:
! 310:
! 311: typedef unsigned long ck_object_class_t;
! 312:
! 313: #define CKO_DATA (0)
! 314: #define CKO_CERTIFICATE (1)
! 315: #define CKO_PUBLIC_KEY (2)
! 316: #define CKO_PRIVATE_KEY (3)
! 317: #define CKO_SECRET_KEY (4)
! 318: #define CKO_HW_FEATURE (5)
! 319: #define CKO_DOMAIN_PARAMETERS (6)
! 320: #define CKO_MECHANISM (7)
! 321: #define CKO_VENDOR_DEFINED ((unsigned long) (1 << 31))
! 322:
! 323:
! 324: typedef unsigned long ck_hw_feature_type_t;
! 325:
! 326: #define CKH_MONOTONIC_COUNTER (1)
! 327: #define CKH_CLOCK (2)
! 328: #define CKH_USER_INTERFACE (3)
! 329: #define CKH_VENDOR_DEFINED ((unsigned long) (1 << 31))
! 330:
! 331:
! 332: typedef unsigned long ck_key_type_t;
! 333:
! 334: #define CKK_RSA (0)
! 335: #define CKK_DSA (1)
! 336: #define CKK_DH (2)
! 337: #define CKK_ECDSA (3)
! 338: #define CKK_EC (3)
! 339: #define CKK_X9_42_DH (4)
! 340: #define CKK_KEA (5)
! 341: #define CKK_GENERIC_SECRET (0x10)
! 342: #define CKK_RC2 (0x11)
! 343: #define CKK_RC4 (0x12)
! 344: #define CKK_DES (0x13)
! 345: #define CKK_DES2 (0x14)
! 346: #define CKK_DES3 (0x15)
! 347: #define CKK_CAST (0x16)
! 348: #define CKK_CAST3 (0x17)
! 349: #define CKK_CAST128 (0x18)
! 350: #define CKK_RC5 (0x19)
! 351: #define CKK_IDEA (0x1a)
! 352: #define CKK_SKIPJACK (0x1b)
! 353: #define CKK_BATON (0x1c)
! 354: #define CKK_JUNIPER (0x1d)
! 355: #define CKK_CDMF (0x1e)
! 356: #define CKK_AES (0x1f)
! 357: #define CKK_BLOWFISH (0x20)
! 358: #define CKK_TWOFISH (0x21)
! 359: #define CKK_VENDOR_DEFINED ((unsigned long) (1 << 31))
! 360:
! 361: typedef unsigned long ck_certificate_type_t;
! 362:
! 363: #define CKC_X_509 (0)
! 364: #define CKC_X_509_ATTR_CERT (1)
! 365: #define CKC_WTLS (2)
! 366: #define CKC_VENDOR_DEFINED ((unsigned long) (1 << 31))
! 367:
! 368:
! 369: typedef unsigned long ck_attribute_type_t;
! 370:
! 371: #define CKA_CLASS (0)
! 372: #define CKA_TOKEN (1)
! 373: #define CKA_PRIVATE (2)
! 374: #define CKA_LABEL (3)
! 375: #define CKA_APPLICATION (0x10)
! 376: #define CKA_VALUE (0x11)
! 377: #define CKA_OBJECT_ID (0x12)
! 378: #define CKA_CERTIFICATE_TYPE (0x80)
! 379: #define CKA_ISSUER (0x81)
! 380: #define CKA_SERIAL_NUMBER (0x82)
! 381: #define CKA_AC_ISSUER (0x83)
! 382: #define CKA_OWNER (0x84)
! 383: #define CKA_ATTR_TYPES (0x85)
! 384: #define CKA_TRUSTED (0x86)
! 385: #define CKA_CERTIFICATE_CATEGORY (0x87)
! 386: #define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88)
! 387: #define CKA_URL (0x89)
! 388: #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8a)
! 389: #define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8b)
! 390: #define CKA_CHECK_VALUE (0x90)
! 391: #define CKA_KEY_TYPE (0x100)
! 392: #define CKA_SUBJECT (0x101)
! 393: #define CKA_ID (0x102)
! 394: #define CKA_SENSITIVE (0x103)
! 395: #define CKA_ENCRYPT (0x104)
! 396: #define CKA_DECRYPT (0x105)
! 397: #define CKA_WRAP (0x106)
! 398: #define CKA_UNWRAP (0x107)
! 399: #define CKA_SIGN (0x108)
! 400: #define CKA_SIGN_RECOVER (0x109)
! 401: #define CKA_VERIFY (0x10a)
! 402: #define CKA_VERIFY_RECOVER (0x10b)
! 403: #define CKA_DERIVE (0x10c)
! 404: #define CKA_START_DATE (0x110)
! 405: #define CKA_END_DATE (0x111)
! 406: #define CKA_MODULUS (0x120)
! 407: #define CKA_MODULUS_BITS (0x121)
! 408: #define CKA_PUBLIC_EXPONENT (0x122)
! 409: #define CKA_PRIVATE_EXPONENT (0x123)
! 410: #define CKA_PRIME_1 (0x124)
! 411: #define CKA_PRIME_2 (0x125)
! 412: #define CKA_EXPONENT_1 (0x126)
! 413: #define CKA_EXPONENT_2 (0x127)
! 414: #define CKA_COEFFICIENT (0x128)
! 415: #define CKA_PRIME (0x130)
! 416: #define CKA_SUBPRIME (0x131)
! 417: #define CKA_BASE (0x132)
! 418: #define CKA_PRIME_BITS (0x133)
! 419: #define CKA_SUB_PRIME_BITS (0x134)
! 420: #define CKA_VALUE_BITS (0x160)
! 421: #define CKA_VALUE_LEN (0x161)
! 422: #define CKA_EXTRACTABLE (0x162)
! 423: #define CKA_LOCAL (0x163)
! 424: #define CKA_NEVER_EXTRACTABLE (0x164)
! 425: #define CKA_ALWAYS_SENSITIVE (0x165)
! 426: #define CKA_KEY_GEN_MECHANISM (0x166)
! 427: #define CKA_MODIFIABLE (0x170)
! 428: #define CKA_ECDSA_PARAMS (0x180)
! 429: #define CKA_EC_PARAMS (0x180)
! 430: #define CKA_EC_POINT (0x181)
! 431: #define CKA_SECONDARY_AUTH (0x200)
! 432: #define CKA_AUTH_PIN_FLAGS (0x201)
! 433: #define CKA_ALWAYS_AUTHENTICATE (0x202)
! 434: #define CKA_WRAP_WITH_TRUSTED (0x210)
! 435: #define CKA_HW_FEATURE_TYPE (0x300)
! 436: #define CKA_RESET_ON_INIT (0x301)
! 437: #define CKA_HAS_RESET (0x302)
! 438: #define CKA_PIXEL_X (0x400)
! 439: #define CKA_PIXEL_Y (0x401)
! 440: #define CKA_RESOLUTION (0x402)
! 441: #define CKA_CHAR_ROWS (0x403)
! 442: #define CKA_CHAR_COLUMNS (0x404)
! 443: #define CKA_COLOR (0x405)
! 444: #define CKA_BITS_PER_PIXEL (0x406)
! 445: #define CKA_CHAR_SETS (0x480)
! 446: #define CKA_ENCODING_METHODS (0x481)
! 447: #define CKA_MIME_TYPES (0x482)
! 448: #define CKA_MECHANISM_TYPE (0x500)
! 449: #define CKA_REQUIRED_CMS_ATTRIBUTES (0x501)
! 450: #define CKA_DEFAULT_CMS_ATTRIBUTES (0x502)
! 451: #define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503)
! 452: #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211)
! 453: #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212)
! 454: #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600)
! 455: #define CKA_VENDOR_DEFINED ((unsigned long) (1 << 31))
! 456:
! 457:
! 458: struct ck_attribute
! 459: {
! 460: ck_attribute_type_t type;
! 461: void *value;
! 462: unsigned long value_len;
! 463: };
! 464:
! 465:
! 466: struct ck_date
! 467: {
! 468: unsigned char year[4];
! 469: unsigned char month[2];
! 470: unsigned char day[2];
! 471: };
! 472:
! 473:
! 474: typedef unsigned long ck_mechanism_type_t;
! 475:
! 476: #define CKM_RSA_PKCS_KEY_PAIR_GEN (0)
! 477: #define CKM_RSA_PKCS (1)
! 478: #define CKM_RSA_9796 (2)
! 479: #define CKM_RSA_X_509 (3)
! 480: #define CKM_MD2_RSA_PKCS (4)
! 481: #define CKM_MD5_RSA_PKCS (5)
! 482: #define CKM_SHA1_RSA_PKCS (6)
! 483: #define CKM_RIPEMD128_RSA_PKCS (7)
! 484: #define CKM_RIPEMD160_RSA_PKCS (8)
! 485: #define CKM_RSA_PKCS_OAEP (9)
! 486: #define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa)
! 487: #define CKM_RSA_X9_31 (0xb)
! 488: #define CKM_SHA1_RSA_X9_31 (0xc)
! 489: #define CKM_RSA_PKCS_PSS (0xd)
! 490: #define CKM_SHA1_RSA_PKCS_PSS (0xe)
! 491: #define CKM_DSA_KEY_PAIR_GEN (0x10)
! 492: #define CKM_DSA (0x11)
! 493: #define CKM_DSA_SHA1 (0x12)
! 494: #define CKM_DH_PKCS_KEY_PAIR_GEN (0x20)
! 495: #define CKM_DH_PKCS_DERIVE (0x21)
! 496: #define CKM_X9_42_DH_KEY_PAIR_GEN (0x30)
! 497: #define CKM_X9_42_DH_DERIVE (0x31)
! 498: #define CKM_X9_42_DH_HYBRID_DERIVE (0x32)
! 499: #define CKM_X9_42_MQV_DERIVE (0x33)
! 500: #define CKM_SHA256_RSA_PKCS (0x40)
! 501: #define CKM_SHA384_RSA_PKCS (0x41)
! 502: #define CKM_SHA512_RSA_PKCS (0x42)
! 503: #define CKM_SHA256_RSA_PKCS_PSS (0x43)
! 504: #define CKM_SHA384_RSA_PKCS_PSS (0x44)
! 505: #define CKM_SHA512_RSA_PKCS_PSS (0x45)
! 506: #define CKM_RC2_KEY_GEN (0x100)
! 507: #define CKM_RC2_ECB (0x101)
! 508: #define CKM_RC2_CBC (0x102)
! 509: #define CKM_RC2_MAC (0x103)
! 510: #define CKM_RC2_MAC_GENERAL (0x104)
! 511: #define CKM_RC2_CBC_PAD (0x105)
! 512: #define CKM_RC4_KEY_GEN (0x110)
! 513: #define CKM_RC4 (0x111)
! 514: #define CKM_DES_KEY_GEN (0x120)
! 515: #define CKM_DES_ECB (0x121)
! 516: #define CKM_DES_CBC (0x122)
! 517: #define CKM_DES_MAC (0x123)
! 518: #define CKM_DES_MAC_GENERAL (0x124)
! 519: #define CKM_DES_CBC_PAD (0x125)
! 520: #define CKM_DES2_KEY_GEN (0x130)
! 521: #define CKM_DES3_KEY_GEN (0x131)
! 522: #define CKM_DES3_ECB (0x132)
! 523: #define CKM_DES3_CBC (0x133)
! 524: #define CKM_DES3_MAC (0x134)
! 525: #define CKM_DES3_MAC_GENERAL (0x135)
! 526: #define CKM_DES3_CBC_PAD (0x136)
! 527: #define CKM_CDMF_KEY_GEN (0x140)
! 528: #define CKM_CDMF_ECB (0x141)
! 529: #define CKM_CDMF_CBC (0x142)
! 530: #define CKM_CDMF_MAC (0x143)
! 531: #define CKM_CDMF_MAC_GENERAL (0x144)
! 532: #define CKM_CDMF_CBC_PAD (0x145)
! 533: #define CKM_MD2 (0x200)
! 534: #define CKM_MD2_HMAC (0x201)
! 535: #define CKM_MD2_HMAC_GENERAL (0x202)
! 536: #define CKM_MD5 (0x210)
! 537: #define CKM_MD5_HMAC (0x211)
! 538: #define CKM_MD5_HMAC_GENERAL (0x212)
! 539: #define CKM_SHA_1 (0x220)
! 540: #define CKM_SHA_1_HMAC (0x221)
! 541: #define CKM_SHA_1_HMAC_GENERAL (0x222)
! 542: #define CKM_RIPEMD128 (0x230)
! 543: #define CKM_RIPEMD128_HMAC (0x231)
! 544: #define CKM_RIPEMD128_HMAC_GENERAL (0x232)
! 545: #define CKM_RIPEMD160 (0x240)
! 546: #define CKM_RIPEMD160_HMAC (0x241)
! 547: #define CKM_RIPEMD160_HMAC_GENERAL (0x242)
! 548: #define CKM_SHA256 (0x250)
! 549: #define CKM_SHA256_HMAC (0x251)
! 550: #define CKM_SHA256_HMAC_GENERAL (0x252)
! 551: #define CKM_SHA384 (0x260)
! 552: #define CKM_SHA384_HMAC (0x261)
! 553: #define CKM_SHA384_HMAC_GENERAL (0x262)
! 554: #define CKM_SHA512 (0x270)
! 555: #define CKM_SHA512_HMAC (0x271)
! 556: #define CKM_SHA512_HMAC_GENERAL (0x272)
! 557: #define CKM_CAST_KEY_GEN (0x300)
! 558: #define CKM_CAST_ECB (0x301)
! 559: #define CKM_CAST_CBC (0x302)
! 560: #define CKM_CAST_MAC (0x303)
! 561: #define CKM_CAST_MAC_GENERAL (0x304)
! 562: #define CKM_CAST_CBC_PAD (0x305)
! 563: #define CKM_CAST3_KEY_GEN (0x310)
! 564: #define CKM_CAST3_ECB (0x311)
! 565: #define CKM_CAST3_CBC (0x312)
! 566: #define CKM_CAST3_MAC (0x313)
! 567: #define CKM_CAST3_MAC_GENERAL (0x314)
! 568: #define CKM_CAST3_CBC_PAD (0x315)
! 569: #define CKM_CAST5_KEY_GEN (0x320)
! 570: #define CKM_CAST128_KEY_GEN (0x320)
! 571: #define CKM_CAST5_ECB (0x321)
! 572: #define CKM_CAST128_ECB (0x321)
! 573: #define CKM_CAST5_CBC (0x322)
! 574: #define CKM_CAST128_CBC (0x322)
! 575: #define CKM_CAST5_MAC (0x323)
! 576: #define CKM_CAST128_MAC (0x323)
! 577: #define CKM_CAST5_MAC_GENERAL (0x324)
! 578: #define CKM_CAST128_MAC_GENERAL (0x324)
! 579: #define CKM_CAST5_CBC_PAD (0x325)
! 580: #define CKM_CAST128_CBC_PAD (0x325)
! 581: #define CKM_RC5_KEY_GEN (0x330)
! 582: #define CKM_RC5_ECB (0x331)
! 583: #define CKM_RC5_CBC (0x332)
! 584: #define CKM_RC5_MAC (0x333)
! 585: #define CKM_RC5_MAC_GENERAL (0x334)
! 586: #define CKM_RC5_CBC_PAD (0x335)
! 587: #define CKM_IDEA_KEY_GEN (0x340)
! 588: #define CKM_IDEA_ECB (0x341)
! 589: #define CKM_IDEA_CBC (0x342)
! 590: #define CKM_IDEA_MAC (0x343)
! 591: #define CKM_IDEA_MAC_GENERAL (0x344)
! 592: #define CKM_IDEA_CBC_PAD (0x345)
! 593: #define CKM_GENERIC_SECRET_KEY_GEN (0x350)
! 594: #define CKM_CONCATENATE_BASE_AND_KEY (0x360)
! 595: #define CKM_CONCATENATE_BASE_AND_DATA (0x362)
! 596: #define CKM_CONCATENATE_DATA_AND_BASE (0x363)
! 597: #define CKM_XOR_BASE_AND_DATA (0x364)
! 598: #define CKM_EXTRACT_KEY_FROM_KEY (0x365)
! 599: #define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370)
! 600: #define CKM_SSL3_MASTER_KEY_DERIVE (0x371)
! 601: #define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372)
! 602: #define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373)
! 603: #define CKM_TLS_PRE_MASTER_KEY_GEN (0x374)
! 604: #define CKM_TLS_MASTER_KEY_DERIVE (0x375)
! 605: #define CKM_TLS_KEY_AND_MAC_DERIVE (0x376)
! 606: #define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377)
! 607: #define CKM_SSL3_MD5_MAC (0x380)
! 608: #define CKM_SSL3_SHA1_MAC (0x381)
! 609: #define CKM_MD5_KEY_DERIVATION (0x390)
! 610: #define CKM_MD2_KEY_DERIVATION (0x391)
! 611: #define CKM_SHA1_KEY_DERIVATION (0x392)
! 612: #define CKM_PBE_MD2_DES_CBC (0x3a0)
! 613: #define CKM_PBE_MD5_DES_CBC (0x3a1)
! 614: #define CKM_PBE_MD5_CAST_CBC (0x3a2)
! 615: #define CKM_PBE_MD5_CAST3_CBC (0x3a3)
! 616: #define CKM_PBE_MD5_CAST5_CBC (0x3a4)
! 617: #define CKM_PBE_MD5_CAST128_CBC (0x3a4)
! 618: #define CKM_PBE_SHA1_CAST5_CBC (0x3a5)
! 619: #define CKM_PBE_SHA1_CAST128_CBC (0x3a5)
! 620: #define CKM_PBE_SHA1_RC4_128 (0x3a6)
! 621: #define CKM_PBE_SHA1_RC4_40 (0x3a7)
! 622: #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8)
! 623: #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9)
! 624: #define CKM_PBE_SHA1_RC2_128_CBC (0x3aa)
! 625: #define CKM_PBE_SHA1_RC2_40_CBC (0x3ab)
! 626: #define CKM_PKCS5_PBKD2 (0x3b0)
! 627: #define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0)
! 628: #define CKM_KEY_WRAP_LYNKS (0x400)
! 629: #define CKM_KEY_WRAP_SET_OAEP (0x401)
! 630: #define CKM_SKIPJACK_KEY_GEN (0x1000)
! 631: #define CKM_SKIPJACK_ECB64 (0x1001)
! 632: #define CKM_SKIPJACK_CBC64 (0x1002)
! 633: #define CKM_SKIPJACK_OFB64 (0x1003)
! 634: #define CKM_SKIPJACK_CFB64 (0x1004)
! 635: #define CKM_SKIPJACK_CFB32 (0x1005)
! 636: #define CKM_SKIPJACK_CFB16 (0x1006)
! 637: #define CKM_SKIPJACK_CFB8 (0x1007)
! 638: #define CKM_SKIPJACK_WRAP (0x1008)
! 639: #define CKM_SKIPJACK_PRIVATE_WRAP (0x1009)
! 640: #define CKM_SKIPJACK_RELAYX (0x100a)
! 641: #define CKM_KEA_KEY_PAIR_GEN (0x1010)
! 642: #define CKM_KEA_KEY_DERIVE (0x1011)
! 643: #define CKM_FORTEZZA_TIMESTAMP (0x1020)
! 644: #define CKM_BATON_KEY_GEN (0x1030)
! 645: #define CKM_BATON_ECB128 (0x1031)
! 646: #define CKM_BATON_ECB96 (0x1032)
! 647: #define CKM_BATON_CBC128 (0x1033)
! 648: #define CKM_BATON_COUNTER (0x1034)
! 649: #define CKM_BATON_SHUFFLE (0x1035)
! 650: #define CKM_BATON_WRAP (0x1036)
! 651: #define CKM_ECDSA_KEY_PAIR_GEN (0x1040)
! 652: #define CKM_EC_KEY_PAIR_GEN (0x1040)
! 653: #define CKM_ECDSA (0x1041)
! 654: #define CKM_ECDSA_SHA1 (0x1042)
! 655: #define CKM_ECDH1_DERIVE (0x1050)
! 656: #define CKM_ECDH1_COFACTOR_DERIVE (0x1051)
! 657: #define CKM_ECMQV_DERIVE (0x1052)
! 658: #define CKM_JUNIPER_KEY_GEN (0x1060)
! 659: #define CKM_JUNIPER_ECB128 (0x1061)
! 660: #define CKM_JUNIPER_CBC128 (0x1062)
! 661: #define CKM_JUNIPER_COUNTER (0x1063)
! 662: #define CKM_JUNIPER_SHUFFLE (0x1064)
! 663: #define CKM_JUNIPER_WRAP (0x1065)
! 664: #define CKM_FASTHASH (0x1070)
! 665: #define CKM_AES_KEY_GEN (0x1080)
! 666: #define CKM_AES_ECB (0x1081)
! 667: #define CKM_AES_CBC (0x1082)
! 668: #define CKM_AES_MAC (0x1083)
! 669: #define CKM_AES_MAC_GENERAL (0x1084)
! 670: #define CKM_AES_CBC_PAD (0x1085)
! 671: #define CKM_DSA_PARAMETER_GEN (0x2000)
! 672: #define CKM_DH_PKCS_PARAMETER_GEN (0x2001)
! 673: #define CKM_X9_42_DH_PARAMETER_GEN (0x2002)
! 674: #define CKM_VENDOR_DEFINED ((unsigned long) (1 << 31))
! 675:
! 676:
! 677: struct ck_mechanism
! 678: {
! 679: ck_mechanism_type_t mechanism;
! 680: void *parameter;
! 681: unsigned long parameter_len;
! 682: };
! 683:
! 684:
! 685: struct ck_mechanism_info
! 686: {
! 687: unsigned long min_key_size;
! 688: unsigned long max_key_size;
! 689: ck_flags_t flags;
! 690: };
! 691:
! 692: #define CKF_HW (1 << 0)
! 693: #define CKF_ENCRYPT (1 << 8)
! 694: #define CKF_DECRYPT (1 << 9)
! 695: #define CKF_DIGEST (1 << 10)
! 696: #define CKF_SIGN (1 << 11)
! 697: #define CKF_SIGN_RECOVER (1 << 12)
! 698: #define CKF_VERIFY (1 << 13)
! 699: #define CKF_VERIFY_RECOVER (1 << 14)
! 700: #define CKF_GENERATE (1 << 15)
! 701: #define CKF_GENERATE_KEY_PAIR (1 << 16)
! 702: #define CKF_WRAP (1 << 17)
! 703: #define CKF_UNWRAP (1 << 18)
! 704: #define CKF_DERIVE (1 << 19)
! 705: #define CKF_EXTENSION ((unsigned long) (1 << 31))
! 706:
! 707:
! 708: /* Flags for C_WaitForSlotEvent. */
! 709: #define CKF_DONT_BLOCK (1)
! 710:
! 711:
! 712: typedef unsigned long ck_rv_t;
! 713:
! 714:
! 715: typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session,
! 716: ck_notification_t event, void *application);
! 717:
! 718: /* Forward reference. */
! 719: struct ck_function_list;
! 720:
! 721: #define _CK_DECLARE_FUNCTION(name, args) \
! 722: typedef ck_rv_t (*CK_ ## name) args; \
! 723: ck_rv_t CK_SPEC name args
! 724:
! 725: _CK_DECLARE_FUNCTION (C_Initialize, (void *init_args));
! 726: _CK_DECLARE_FUNCTION (C_Finalize, (void *reserved));
! 727: _CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info));
! 728: _CK_DECLARE_FUNCTION (C_GetFunctionList,
! 729: (struct ck_function_list **function_list));
! 730:
! 731: _CK_DECLARE_FUNCTION (C_GetSlotList,
! 732: (unsigned char token_present, ck_slot_id_t *slot_list,
! 733: unsigned long *count));
! 734: _CK_DECLARE_FUNCTION (C_GetSlotInfo,
! 735: (ck_slot_id_t slot_id, struct ck_slot_info *info));
! 736: _CK_DECLARE_FUNCTION (C_GetTokenInfo,
! 737: (ck_slot_id_t slot_id, struct ck_token_info *info));
! 738: _CK_DECLARE_FUNCTION (C_WaitForSlotEvent,
! 739: (ck_flags_t flags, ck_slot_id_t *slot, void *reserved));
! 740: _CK_DECLARE_FUNCTION (C_GetMechanismList,
! 741: (ck_slot_id_t slot_id,
! 742: ck_mechanism_type_t *mechanism_list,
! 743: unsigned long *count));
! 744: _CK_DECLARE_FUNCTION (C_GetMechanismInfo,
! 745: (ck_slot_id_t slot_id, ck_mechanism_type_t type,
! 746: struct ck_mechanism_info *info));
! 747: _CK_DECLARE_FUNCTION (C_InitToken,
! 748: (ck_slot_id_t slot_id, unsigned char *pin,
! 749: unsigned long pin_len, unsigned char *label));
! 750: _CK_DECLARE_FUNCTION (C_InitPIN,
! 751: (ck_session_handle_t session, unsigned char *pin,
! 752: unsigned long pin_len));
! 753: _CK_DECLARE_FUNCTION (C_SetPIN,
! 754: (ck_session_handle_t session, unsigned char *old_pin,
! 755: unsigned long old_len, unsigned char *new_pin,
! 756: unsigned long new_len));
! 757:
! 758: _CK_DECLARE_FUNCTION (C_OpenSession,
! 759: (ck_slot_id_t slot_id, ck_flags_t flags,
! 760: void *application, ck_notify_t notify,
! 761: ck_session_handle_t *session));
! 762: _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session));
! 763: _CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id));
! 764: _CK_DECLARE_FUNCTION (C_GetSessionInfo,
! 765: (ck_session_handle_t session,
! 766: struct ck_session_info *info));
! 767: _CK_DECLARE_FUNCTION (C_GetOperationState,
! 768: (ck_session_handle_t session,
! 769: unsigned char *operation_state,
! 770: unsigned long *operation_state_len));
! 771: _CK_DECLARE_FUNCTION (C_SetOperationState,
! 772: (ck_session_handle_t session,
! 773: unsigned char *operation_state,
! 774: unsigned long operation_state_len,
! 775: ck_object_handle_t encryption_key,
! 776: ck_object_handle_t authentiation_key));
! 777: _CK_DECLARE_FUNCTION (C_Login,
! 778: (ck_session_handle_t session, ck_user_type_t user_type,
! 779: unsigned char *pin, unsigned long pin_len));
! 780: _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session));
! 781:
! 782: _CK_DECLARE_FUNCTION (C_CreateObject,
! 783: (ck_session_handle_t session,
! 784: struct ck_attribute *templ,
! 785: unsigned long count, ck_object_handle_t *object));
! 786: _CK_DECLARE_FUNCTION (C_CopyObject,
! 787: (ck_session_handle_t session, ck_object_handle_t object,
! 788: struct ck_attribute *templ, unsigned long count,
! 789: ck_object_handle_t *new_object));
! 790: _CK_DECLARE_FUNCTION (C_DestroyObject,
! 791: (ck_session_handle_t session,
! 792: ck_object_handle_t object));
! 793: _CK_DECLARE_FUNCTION (C_GetObjectSize,
! 794: (ck_session_handle_t session,
! 795: ck_object_handle_t object,
! 796: unsigned long *size));
! 797: _CK_DECLARE_FUNCTION (C_GetAttributeValue,
! 798: (ck_session_handle_t session,
! 799: ck_object_handle_t object,
! 800: struct ck_attribute *templ,
! 801: unsigned long count));
! 802: _CK_DECLARE_FUNCTION (C_SetAttributeValue,
! 803: (ck_session_handle_t session,
! 804: ck_object_handle_t object,
! 805: struct ck_attribute *templ,
! 806: unsigned long count));
! 807: _CK_DECLARE_FUNCTION (C_FindObjectsInit,
! 808: (ck_session_handle_t session,
! 809: struct ck_attribute *templ,
! 810: unsigned long count));
! 811: _CK_DECLARE_FUNCTION (C_FindObjects,
! 812: (ck_session_handle_t session,
! 813: ck_object_handle_t *object,
! 814: unsigned long max_object_count,
! 815: unsigned long *object_count));
! 816: _CK_DECLARE_FUNCTION (C_FindObjectsFinal,
! 817: (ck_session_handle_t session));
! 818:
! 819: _CK_DECLARE_FUNCTION (C_EncryptInit,
! 820: (ck_session_handle_t session,
! 821: struct ck_mechanism *mechanism,
! 822: ck_object_handle_t key));
! 823: _CK_DECLARE_FUNCTION (C_Encrypt,
! 824: (ck_session_handle_t session,
! 825: unsigned char *data, unsigned long data_len,
! 826: unsigned char *encrypted_data,
! 827: unsigned long *encrypted_data_len));
! 828: _CK_DECLARE_FUNCTION (C_EncryptUpdate,
! 829: (ck_session_handle_t session,
! 830: unsigned char *part, unsigned long part_len,
! 831: unsigned char *encrypted_part,
! 832: unsigned long *encrypted_part_len));
! 833: _CK_DECLARE_FUNCTION (C_EncryptFinal,
! 834: (ck_session_handle_t session,
! 835: unsigned char *last_encrypted_part,
! 836: unsigned long *last_encrypted_part_len));
! 837:
! 838: _CK_DECLARE_FUNCTION (C_DecryptInit,
! 839: (ck_session_handle_t session,
! 840: struct ck_mechanism *mechanism,
! 841: ck_object_handle_t key));
! 842: _CK_DECLARE_FUNCTION (C_Decrypt,
! 843: (ck_session_handle_t session,
! 844: unsigned char *encrypted_data,
! 845: unsigned long encrypted_data_len,
! 846: unsigned char *data, unsigned long *data_len));
! 847: _CK_DECLARE_FUNCTION (C_DecryptUpdate,
! 848: (ck_session_handle_t session,
! 849: unsigned char *encrypted_part,
! 850: unsigned long encrypted_part_len,
! 851: unsigned char *part, unsigned long *part_len));
! 852: _CK_DECLARE_FUNCTION (C_DecryptFinal,
! 853: (ck_session_handle_t session,
! 854: unsigned char *last_part,
! 855: unsigned long *last_part_len));
! 856:
! 857: _CK_DECLARE_FUNCTION (C_DigestInit,
! 858: (ck_session_handle_t session,
! 859: struct ck_mechanism *mechanism));
! 860: _CK_DECLARE_FUNCTION (C_Digest,
! 861: (ck_session_handle_t session,
! 862: unsigned char *data, unsigned long data_len,
! 863: unsigned char *digest,
! 864: unsigned long *digest_len));
! 865: _CK_DECLARE_FUNCTION (C_DigestUpdate,
! 866: (ck_session_handle_t session,
! 867: unsigned char *part, unsigned long part_len));
! 868: _CK_DECLARE_FUNCTION (C_DigestKey,
! 869: (ck_session_handle_t session, ck_object_handle_t key));
! 870: _CK_DECLARE_FUNCTION (C_DigestFinal,
! 871: (ck_session_handle_t session,
! 872: unsigned char *digest,
! 873: unsigned long *digest_len));
! 874:
! 875: _CK_DECLARE_FUNCTION (C_SignInit,
! 876: (ck_session_handle_t session,
! 877: struct ck_mechanism *mechanism,
! 878: ck_object_handle_t key));
! 879: _CK_DECLARE_FUNCTION (C_Sign,
! 880: (ck_session_handle_t session,
! 881: unsigned char *data, unsigned long data_len,
! 882: unsigned char *signature,
! 883: unsigned long *signature_len));
! 884: _CK_DECLARE_FUNCTION (C_SignUpdate,
! 885: (ck_session_handle_t session,
! 886: unsigned char *part, unsigned long part_len));
! 887: _CK_DECLARE_FUNCTION (C_SignFinal,
! 888: (ck_session_handle_t session,
! 889: unsigned char *signature,
! 890: unsigned long *signature_len));
! 891: _CK_DECLARE_FUNCTION (C_SignRecoverInit,
! 892: (ck_session_handle_t session,
! 893: struct ck_mechanism *mechanism,
! 894: ck_object_handle_t key));
! 895: _CK_DECLARE_FUNCTION (C_SignRecover,
! 896: (ck_session_handle_t session,
! 897: unsigned char *data, unsigned long data_len,
! 898: unsigned char *signature,
! 899: unsigned long *signature_len));
! 900:
! 901: _CK_DECLARE_FUNCTION (C_VerifyInit,
! 902: (ck_session_handle_t session,
! 903: struct ck_mechanism *mechanism,
! 904: ck_object_handle_t key));
! 905: _CK_DECLARE_FUNCTION (C_Verify,
! 906: (ck_session_handle_t session,
! 907: unsigned char *data, unsigned long data_len,
! 908: unsigned char *signature,
! 909: unsigned long signature_len));
! 910: _CK_DECLARE_FUNCTION (C_VerifyUpdate,
! 911: (ck_session_handle_t session,
! 912: unsigned char *part, unsigned long part_len));
! 913: _CK_DECLARE_FUNCTION (C_VerifyFinal,
! 914: (ck_session_handle_t session,
! 915: unsigned char *signature,
! 916: unsigned long signature_len));
! 917: _CK_DECLARE_FUNCTION (C_VerifyRecoverInit,
! 918: (ck_session_handle_t session,
! 919: struct ck_mechanism *mechanism,
! 920: ck_object_handle_t key));
! 921: _CK_DECLARE_FUNCTION (C_VerifyRecover,
! 922: (ck_session_handle_t session,
! 923: unsigned char *signature,
! 924: unsigned long signature_len,
! 925: unsigned char *data,
! 926: unsigned long *data_len));
! 927:
! 928: _CK_DECLARE_FUNCTION (C_DigestEncryptUpdate,
! 929: (ck_session_handle_t session,
! 930: unsigned char *part, unsigned long part_len,
! 931: unsigned char *encrypted_part,
! 932: unsigned long *encrypted_part_len));
! 933: _CK_DECLARE_FUNCTION (C_DecryptDigestUpdate,
! 934: (ck_session_handle_t session,
! 935: unsigned char *encrypted_part,
! 936: unsigned long encrypted_part_len,
! 937: unsigned char *part,
! 938: unsigned long *part_len));
! 939: _CK_DECLARE_FUNCTION (C_SignEncryptUpdate,
! 940: (ck_session_handle_t session,
! 941: unsigned char *part, unsigned long part_len,
! 942: unsigned char *encrypted_part,
! 943: unsigned long *encrypted_part_len));
! 944: _CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate,
! 945: (ck_session_handle_t session,
! 946: unsigned char *encrypted_part,
! 947: unsigned long encrypted_part_len,
! 948: unsigned char *part,
! 949: unsigned long *part_len));
! 950:
! 951: _CK_DECLARE_FUNCTION (C_GenerateKey,
! 952: (ck_session_handle_t session,
! 953: struct ck_mechanism *mechanism,
! 954: struct ck_attribute *templ,
! 955: unsigned long count,
! 956: ck_object_handle_t *key));
! 957: _CK_DECLARE_FUNCTION (C_GenerateKeyPair,
! 958: (ck_session_handle_t session,
! 959: struct ck_mechanism *mechanism,
! 960: struct ck_attribute *public_key_template,
! 961: unsigned long public_key_attribute_count,
! 962: struct ck_attribute *private_key_template,
! 963: unsigned long private_key_attribute_count,
! 964: ck_object_handle_t *public_key,
! 965: ck_object_handle_t *private_key));
! 966: _CK_DECLARE_FUNCTION (C_WrapKey,
! 967: (ck_session_handle_t session,
! 968: struct ck_mechanism *mechanism,
! 969: ck_object_handle_t wrapping_key,
! 970: ck_object_handle_t key,
! 971: unsigned char *wrapped_key,
! 972: unsigned long *wrapped_key_len));
! 973: _CK_DECLARE_FUNCTION (C_UnwrapKey,
! 974: (ck_session_handle_t session,
! 975: struct ck_mechanism *mechanism,
! 976: ck_object_handle_t unwrapping_key,
! 977: unsigned char *wrapped_key,
! 978: unsigned long wrapped_key_len,
! 979: struct ck_attribute *templ,
! 980: unsigned long attribute_count,
! 981: ck_object_handle_t *key));
! 982: _CK_DECLARE_FUNCTION (C_DeriveKey,
! 983: (ck_session_handle_t session,
! 984: struct ck_mechanism *mechanism,
! 985: ck_object_handle_t base_key,
! 986: struct ck_attribute *templ,
! 987: unsigned long attribute_count,
! 988: ck_object_handle_t *key));
! 989:
! 990: _CK_DECLARE_FUNCTION (C_SeedRandom,
! 991: (ck_session_handle_t session, unsigned char *seed,
! 992: unsigned long seed_len));
! 993: _CK_DECLARE_FUNCTION (C_GenerateRandom,
! 994: (ck_session_handle_t session,
! 995: unsigned char *random_data,
! 996: unsigned long random_len));
! 997:
! 998: _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session));
! 999: _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session));
! 1000:
! 1001:
! 1002: struct ck_function_list
! 1003: {
! 1004: struct ck_version version;
! 1005: CK_C_Initialize C_Initialize;
! 1006: CK_C_Finalize C_Finalize;
! 1007: CK_C_GetInfo C_GetInfo;
! 1008: CK_C_GetFunctionList C_GetFunctionList;
! 1009: CK_C_GetSlotList C_GetSlotList;
! 1010: CK_C_GetSlotInfo C_GetSlotInfo;
! 1011: CK_C_GetTokenInfo C_GetTokenInfo;
! 1012: CK_C_GetMechanismList C_GetMechanismList;
! 1013: CK_C_GetMechanismInfo C_GetMechanismInfo;
! 1014: CK_C_InitToken C_InitToken;
! 1015: CK_C_InitPIN C_InitPIN;
! 1016: CK_C_SetPIN C_SetPIN;
! 1017: CK_C_OpenSession C_OpenSession;
! 1018: CK_C_CloseSession C_CloseSession;
! 1019: CK_C_CloseAllSessions C_CloseAllSessions;
! 1020: CK_C_GetSessionInfo C_GetSessionInfo;
! 1021: CK_C_GetOperationState C_GetOperationState;
! 1022: CK_C_SetOperationState C_SetOperationState;
! 1023: CK_C_Login C_Login;
! 1024: CK_C_Logout C_Logout;
! 1025: CK_C_CreateObject C_CreateObject;
! 1026: CK_C_CopyObject C_CopyObject;
! 1027: CK_C_DestroyObject C_DestroyObject;
! 1028: CK_C_GetObjectSize C_GetObjectSize;
! 1029: CK_C_GetAttributeValue C_GetAttributeValue;
! 1030: CK_C_SetAttributeValue C_SetAttributeValue;
! 1031: CK_C_FindObjectsInit C_FindObjectsInit;
! 1032: CK_C_FindObjects C_FindObjects;
! 1033: CK_C_FindObjectsFinal C_FindObjectsFinal;
! 1034: CK_C_EncryptInit C_EncryptInit;
! 1035: CK_C_Encrypt C_Encrypt;
! 1036: CK_C_EncryptUpdate C_EncryptUpdate;
! 1037: CK_C_EncryptFinal C_EncryptFinal;
! 1038: CK_C_DecryptInit C_DecryptInit;
! 1039: CK_C_Decrypt C_Decrypt;
! 1040: CK_C_DecryptUpdate C_DecryptUpdate;
! 1041: CK_C_DecryptFinal C_DecryptFinal;
! 1042: CK_C_DigestInit C_DigestInit;
! 1043: CK_C_Digest C_Digest;
! 1044: CK_C_DigestUpdate C_DigestUpdate;
! 1045: CK_C_DigestKey C_DigestKey;
! 1046: CK_C_DigestFinal C_DigestFinal;
! 1047: CK_C_SignInit C_SignInit;
! 1048: CK_C_Sign C_Sign;
! 1049: CK_C_SignUpdate C_SignUpdate;
! 1050: CK_C_SignFinal C_SignFinal;
! 1051: CK_C_SignRecoverInit C_SignRecoverInit;
! 1052: CK_C_SignRecover C_SignRecover;
! 1053: CK_C_VerifyInit C_VerifyInit;
! 1054: CK_C_Verify C_Verify;
! 1055: CK_C_VerifyUpdate C_VerifyUpdate;
! 1056: CK_C_VerifyFinal C_VerifyFinal;
! 1057: CK_C_VerifyRecoverInit C_VerifyRecoverInit;
! 1058: CK_C_VerifyRecover C_VerifyRecover;
! 1059: CK_C_DigestEncryptUpdate C_DigestEncryptUpdate;
! 1060: CK_C_DecryptDigestUpdate C_DecryptDigestUpdate;
! 1061: CK_C_SignEncryptUpdate C_SignEncryptUpdate;
! 1062: CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate;
! 1063: CK_C_GenerateKey C_GenerateKey;
! 1064: CK_C_GenerateKeyPair C_GenerateKeyPair;
! 1065: CK_C_WrapKey C_WrapKey;
! 1066: CK_C_UnwrapKey C_UnwrapKey;
! 1067: CK_C_DeriveKey C_DeriveKey;
! 1068: CK_C_SeedRandom C_SeedRandom;
! 1069: CK_C_GenerateRandom C_GenerateRandom;
! 1070: CK_C_GetFunctionStatus C_GetFunctionStatus;
! 1071: CK_C_CancelFunction C_CancelFunction;
! 1072: CK_C_WaitForSlotEvent C_WaitForSlotEvent;
! 1073: };
! 1074:
! 1075:
! 1076: typedef ck_rv_t (*ck_createmutex_t) (void **mutex);
! 1077: typedef ck_rv_t (*ck_destroymutex_t) (void *mutex);
! 1078: typedef ck_rv_t (*ck_lockmutex_t) (void *mutex);
! 1079: typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex);
! 1080:
! 1081:
! 1082: struct ck_c_initialize_args
! 1083: {
! 1084: ck_createmutex_t create_mutex;
! 1085: ck_destroymutex_t destroy_mutex;
! 1086: ck_lockmutex_t lock_mutex;
! 1087: ck_unlockmutex_t unlock_mutex;
! 1088: ck_flags_t flags;
! 1089: void *reserved;
! 1090: };
! 1091:
! 1092:
! 1093: #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0)
! 1094: #define CKF_OS_LOCKING_OK (1 << 1)
! 1095:
! 1096: #define CKR_OK (0)
! 1097: #define CKR_CANCEL (1)
! 1098: #define CKR_HOST_MEMORY (2)
! 1099: #define CKR_SLOT_ID_INVALID (3)
! 1100: #define CKR_GENERAL_ERROR (5)
! 1101: #define CKR_FUNCTION_FAILED (6)
! 1102: #define CKR_ARGUMENTS_BAD (7)
! 1103: #define CKR_NO_EVENT (8)
! 1104: #define CKR_NEED_TO_CREATE_THREADS (9)
! 1105: #define CKR_CANT_LOCK (0xa)
! 1106: #define CKR_ATTRIBUTE_READ_ONLY (0x10)
! 1107: #define CKR_ATTRIBUTE_SENSITIVE (0x11)
! 1108: #define CKR_ATTRIBUTE_TYPE_INVALID (0x12)
! 1109: #define CKR_ATTRIBUTE_VALUE_INVALID (0x13)
! 1110: #define CKR_DATA_INVALID (0x20)
! 1111: #define CKR_DATA_LEN_RANGE (0x21)
! 1112: #define CKR_DEVICE_ERROR (0x30)
! 1113: #define CKR_DEVICE_MEMORY (0x31)
! 1114: #define CKR_DEVICE_REMOVED (0x32)
! 1115: #define CKR_ENCRYPTED_DATA_INVALID (0x40)
! 1116: #define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41)
! 1117: #define CKR_FUNCTION_CANCELED (0x50)
! 1118: #define CKR_FUNCTION_NOT_PARALLEL (0x51)
! 1119: #define CKR_FUNCTION_NOT_SUPPORTED (0x54)
! 1120: #define CKR_KEY_HANDLE_INVALID (0x60)
! 1121: #define CKR_KEY_SIZE_RANGE (0x62)
! 1122: #define CKR_KEY_TYPE_INCONSISTENT (0x63)
! 1123: #define CKR_KEY_NOT_NEEDED (0x64)
! 1124: #define CKR_KEY_CHANGED (0x65)
! 1125: #define CKR_KEY_NEEDED (0x66)
! 1126: #define CKR_KEY_INDIGESTIBLE (0x67)
! 1127: #define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68)
! 1128: #define CKR_KEY_NOT_WRAPPABLE (0x69)
! 1129: #define CKR_KEY_UNEXTRACTABLE (0x6a)
! 1130: #define CKR_MECHANISM_INVALID (0x70)
! 1131: #define CKR_MECHANISM_PARAM_INVALID (0x71)
! 1132: #define CKR_OBJECT_HANDLE_INVALID (0x82)
! 1133: #define CKR_OPERATION_ACTIVE (0x90)
! 1134: #define CKR_OPERATION_NOT_INITIALIZED (0x91)
! 1135: #define CKR_PIN_INCORRECT (0xa0)
! 1136: #define CKR_PIN_INVALID (0xa1)
! 1137: #define CKR_PIN_LEN_RANGE (0xa2)
! 1138: #define CKR_PIN_EXPIRED (0xa3)
! 1139: #define CKR_PIN_LOCKED (0xa4)
! 1140: #define CKR_SESSION_CLOSED (0xb0)
! 1141: #define CKR_SESSION_COUNT (0xb1)
! 1142: #define CKR_SESSION_HANDLE_INVALID (0xb3)
! 1143: #define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4)
! 1144: #define CKR_SESSION_READ_ONLY (0xb5)
! 1145: #define CKR_SESSION_EXISTS (0xb6)
! 1146: #define CKR_SESSION_READ_ONLY_EXISTS (0xb7)
! 1147: #define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8)
! 1148: #define CKR_SIGNATURE_INVALID (0xc0)
! 1149: #define CKR_SIGNATURE_LEN_RANGE (0xc1)
! 1150: #define CKR_TEMPLATE_INCOMPLETE (0xd0)
! 1151: #define CKR_TEMPLATE_INCONSISTENT (0xd1)
! 1152: #define CKR_TOKEN_NOT_PRESENT (0xe0)
! 1153: #define CKR_TOKEN_NOT_RECOGNIZED (0xe1)
! 1154: #define CKR_TOKEN_WRITE_PROTECTED (0xe2)
! 1155: #define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0)
! 1156: #define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1)
! 1157: #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2)
! 1158: #define CKR_USER_ALREADY_LOGGED_IN (0x100)
! 1159: #define CKR_USER_NOT_LOGGED_IN (0x101)
! 1160: #define CKR_USER_PIN_NOT_INITIALIZED (0x102)
! 1161: #define CKR_USER_TYPE_INVALID (0x103)
! 1162: #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104)
! 1163: #define CKR_USER_TOO_MANY_TYPES (0x105)
! 1164: #define CKR_WRAPPED_KEY_INVALID (0x110)
! 1165: #define CKR_WRAPPED_KEY_LEN_RANGE (0x112)
! 1166: #define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113)
! 1167: #define CKR_WRAPPING_KEY_SIZE_RANGE (0x114)
! 1168: #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115)
! 1169: #define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120)
! 1170: #define CKR_RANDOM_NO_RNG (0x121)
! 1171: #define CKR_DOMAIN_PARAMS_INVALID (0x130)
! 1172: #define CKR_BUFFER_TOO_SMALL (0x150)
! 1173: #define CKR_SAVED_STATE_INVALID (0x160)
! 1174: #define CKR_INFORMATION_SENSITIVE (0x170)
! 1175: #define CKR_STATE_UNSAVEABLE (0x180)
! 1176: #define CKR_CRYPTOKI_NOT_INITIALIZED (0x190)
! 1177: #define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191)
! 1178: #define CKR_MUTEX_BAD (0x1a0)
! 1179: #define CKR_MUTEX_NOT_LOCKED (0x1a1)
! 1180: #define CKR_FUNCTION_REJECTED (0x200)
! 1181: #define CKR_VENDOR_DEFINED ((unsigned long) (1 << 31))
! 1182:
! 1183:
! 1184:
! 1185: /* Compatibility layer. */
! 1186:
! 1187: #ifdef CRYPTOKI_COMPAT
! 1188:
! 1189: #undef CK_DEFINE_FUNCTION
! 1190: #define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name
! 1191:
! 1192: /* For NULL. */
! 1193: #include <stddef.h>
! 1194:
! 1195: typedef unsigned char CK_BYTE;
! 1196: typedef unsigned char CK_CHAR;
! 1197: typedef unsigned char CK_UTF8CHAR;
! 1198: typedef unsigned char CK_BBOOL;
! 1199: typedef unsigned long int CK_ULONG;
! 1200: typedef long int CK_LONG;
! 1201: typedef CK_BYTE *CK_BYTE_PTR;
! 1202: typedef CK_CHAR *CK_CHAR_PTR;
! 1203: typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR;
! 1204: typedef CK_ULONG *CK_ULONG_PTR;
! 1205: typedef void *CK_VOID_PTR;
! 1206: typedef void **CK_VOID_PTR_PTR;
! 1207: #define CK_FALSE 0
! 1208: #define CK_TRUE 1
! 1209: #ifndef CK_DISABLE_TRUE_FALSE
! 1210: #ifndef FALSE
! 1211: #define FALSE 0
! 1212: #endif
! 1213: #ifndef TRUE
! 1214: #define TRUE 1
! 1215: #endif
! 1216: #endif
! 1217:
! 1218: typedef struct ck_version CK_VERSION;
! 1219: typedef struct ck_version *CK_VERSION_PTR;
! 1220:
! 1221: typedef struct ck_info CK_INFO;
! 1222: typedef struct ck_info *CK_INFO_PTR;
! 1223:
! 1224: typedef ck_slot_id_t *CK_SLOT_ID_PTR;
! 1225:
! 1226: typedef struct ck_slot_info CK_SLOT_INFO;
! 1227: typedef struct ck_slot_info *CK_SLOT_INFO_PTR;
! 1228:
! 1229: typedef struct ck_token_info CK_TOKEN_INFO;
! 1230: typedef struct ck_token_info *CK_TOKEN_INFO_PTR;
! 1231:
! 1232: typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR;
! 1233:
! 1234: typedef struct ck_session_info CK_SESSION_INFO;
! 1235: typedef struct ck_session_info *CK_SESSION_INFO_PTR;
! 1236:
! 1237: typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR;
! 1238:
! 1239: typedef ck_object_class_t *CK_OBJECT_CLASS_PTR;
! 1240:
! 1241: typedef struct ck_attribute CK_ATTRIBUTE;
! 1242: typedef struct ck_attribute *CK_ATTRIBUTE_PTR;
! 1243:
! 1244: typedef struct ck_date CK_DATE;
! 1245: typedef struct ck_date *CK_DATE_PTR;
! 1246:
! 1247: typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR;
! 1248:
! 1249: typedef struct ck_mechanism CK_MECHANISM;
! 1250: typedef struct ck_mechanism *CK_MECHANISM_PTR;
! 1251:
! 1252: typedef struct ck_mechanism_info CK_MECHANISM_INFO;
! 1253: typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR;
! 1254:
! 1255: typedef struct ck_function_list CK_FUNCTION_LIST;
! 1256: typedef struct ck_function_list *CK_FUNCTION_LIST_PTR;
! 1257: typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR;
! 1258:
! 1259: typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS;
! 1260: typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR;
! 1261:
! 1262: #define NULL_PTR NULL
! 1263:
! 1264: /* Delete the helper macros defined at the top of the file. */
! 1265: #undef ck_flags_t
! 1266: #undef ck_version
! 1267:
! 1268: #undef ck_info
! 1269: #undef cryptoki_version
! 1270: #undef manufacturer_id
! 1271: #undef library_description
! 1272: #undef library_version
! 1273:
! 1274: #undef ck_notification_t
! 1275: #undef ck_slot_id_t
! 1276:
! 1277: #undef ck_slot_info
! 1278: #undef slot_description
! 1279: #undef hardware_version
! 1280: #undef firmware_version
! 1281:
! 1282: #undef ck_token_info
! 1283: #undef serial_number
! 1284: #undef max_session_count
! 1285: #undef session_count
! 1286: #undef max_rw_session_count
! 1287: #undef rw_session_count
! 1288: #undef max_pin_len
! 1289: #undef min_pin_len
! 1290: #undef total_public_memory
! 1291: #undef free_public_memory
! 1292: #undef total_private_memory
! 1293: #undef free_private_memory
! 1294: #undef utc_time
! 1295:
! 1296: #undef ck_session_handle_t
! 1297: #undef ck_user_type_t
! 1298: #undef ck_state_t
! 1299:
! 1300: #undef ck_session_info
! 1301: #undef slot_id
! 1302: #undef device_error
! 1303:
! 1304: #undef ck_object_handle_t
! 1305: #undef ck_object_class_t
! 1306: #undef ck_hw_feature_type_t
! 1307: #undef ck_key_type_t
! 1308: #undef ck_certificate_type_t
! 1309: #undef ck_attribute_type_t
! 1310:
! 1311: #undef ck_attribute
! 1312: #undef value
! 1313: #undef value_len
! 1314:
! 1315: #undef ck_date
! 1316:
! 1317: #undef ck_mechanism_type_t
! 1318:
! 1319: #undef ck_mechanism
! 1320: #undef parameter
! 1321: #undef parameter_len
! 1322:
! 1323: #undef ck_mechanism_info
! 1324: #undef min_key_size
! 1325: #undef max_key_size
! 1326:
! 1327: #undef ck_rv_t
! 1328: #undef ck_notify_t
! 1329:
! 1330: #undef ck_function_list
! 1331:
! 1332: #undef ck_createmutex_t
! 1333: #undef ck_destroymutex_t
! 1334: #undef ck_lockmutex_t
! 1335: #undef ck_unlockmutex_t
! 1336:
! 1337: #undef ck_c_initialize_args
! 1338: #undef create_mutex
! 1339: #undef destroy_mutex
! 1340: #undef lock_mutex
! 1341: #undef unlock_mutex
! 1342: #undef reserved
! 1343:
! 1344: #endif /* CRYPTOKI_COMPAT */
! 1345:
! 1346:
! 1347: /* System dependencies. */
! 1348: #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
! 1349: #pragma pack(pop, cryptoki)
! 1350: #endif
! 1351:
! 1352: #if defined(__cplusplus)
! 1353: }
! 1354: #endif
! 1355:
! 1356: #endif /* PKCS11_H */