Annotation of src/usr.bin/ssh/pkcs11.h, Revision 1.3
1.3 ! deraadt 1: /* $OpenBSD: pkcs11.h,v 1.2 2010/02/24 06:12:53 djm Exp $ */
1.1 markus 2: /* pkcs11.h
3: Copyright 2006, 2007 g10 Code GmbH
4: Copyright 2006 Andreas Jellinghaus
5:
6: This file is free software; as a special exception the author gives
7: unlimited permission to copy and/or distribute it, with or without
8: modifications, as long as this notice is preserved.
9:
10: This file is distributed in the hope that it will be useful, but
11: WITHOUT ANY WARRANTY, to the extent permitted by law; without even
12: the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
13: PURPOSE. */
14:
15: /* Please submit changes back to the Scute project at
16: http://www.scute.org/ (or send them to marcus@g10code.com), so that
17: they can be picked up by other projects from there as well. */
18:
19: /* This file is a modified implementation of the PKCS #11 standard by
20: RSA Security Inc. It is mostly a drop-in replacement, with the
21: following change:
22:
23: This header file does not require any macro definitions by the user
24: (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros
25: for you (if useful, some are missing, let me know if you need
26: more).
27:
28: There is an additional API available that does comply better to the
29: GNU coding standard. It can be switched on by defining
30: CRYPTOKI_GNU before including this header file. For this, the
31: following changes are made to the specification:
32:
33: All structure types are changed to a "struct ck_foo" where CK_FOO
34: is the type name in PKCS #11.
35:
36: All non-structure types are changed to ck_foo_t where CK_FOO is the
37: lowercase version of the type name in PKCS #11. The basic types
38: (CK_ULONG et al.) are removed without substitute.
39:
40: All members of structures are modified in the following way: Type
41: indication prefixes are removed, and underscore characters are
42: inserted before words. Then the result is lowercased.
43:
44: Note that function names are still in the original case, as they
45: need for ABI compatibility.
46:
47: CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use
48: <stdbool.h>.
49:
50: If CRYPTOKI_COMPAT is defined before including this header file,
51: then none of the API changes above take place, and the API is the
52: one defined by the PKCS #11 standard. */
53:
54: #ifndef PKCS11_H
55: #define PKCS11_H 1
56:
57: #if defined(__cplusplus)
58: extern "C" {
59: #endif
60:
61:
62: /* The version of cryptoki we implement. The revision is changed with
63: each modification of this file. If you do not use the "official"
64: version of this file, please consider deleting the revision macro
65: (you may use a macro with a different name to keep track of your
66: versions). */
67: #define CRYPTOKI_VERSION_MAJOR 2
68: #define CRYPTOKI_VERSION_MINOR 20
69: #define CRYPTOKI_VERSION_REVISION 6
70:
71:
72: /* Compatibility interface is default, unless CRYPTOKI_GNU is
73: given. */
74: #ifndef CRYPTOKI_GNU
75: #ifndef CRYPTOKI_COMPAT
76: #define CRYPTOKI_COMPAT 1
77: #endif
78: #endif
79:
80: /* System dependencies. */
81:
82: #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
83:
84: /* There is a matching pop below. */
85: #pragma pack(push, cryptoki, 1)
86:
87: #ifdef CRYPTOKI_EXPORTS
88: #define CK_SPEC __declspec(dllexport)
89: #else
90: #define CK_SPEC __declspec(dllimport)
91: #endif
92:
93: #else
94:
95: #define CK_SPEC
96:
97: #endif
98:
99:
100: #ifdef CRYPTOKI_COMPAT
101: /* If we are in compatibility mode, switch all exposed names to the
102: PKCS #11 variant. There are corresponding #undefs below. */
103:
104: #define ck_flags_t CK_FLAGS
105: #define ck_version _CK_VERSION
106:
107: #define ck_info _CK_INFO
108: #define cryptoki_version cryptokiVersion
109: #define manufacturer_id manufacturerID
110: #define library_description libraryDescription
111: #define library_version libraryVersion
112:
113: #define ck_notification_t CK_NOTIFICATION
114: #define ck_slot_id_t CK_SLOT_ID
115:
116: #define ck_slot_info _CK_SLOT_INFO
117: #define slot_description slotDescription
118: #define hardware_version hardwareVersion
119: #define firmware_version firmwareVersion
120:
121: #define ck_token_info _CK_TOKEN_INFO
122: #define serial_number serialNumber
123: #define max_session_count ulMaxSessionCount
124: #define session_count ulSessionCount
125: #define max_rw_session_count ulMaxRwSessionCount
126: #define rw_session_count ulRwSessionCount
127: #define max_pin_len ulMaxPinLen
128: #define min_pin_len ulMinPinLen
129: #define total_public_memory ulTotalPublicMemory
130: #define free_public_memory ulFreePublicMemory
131: #define total_private_memory ulTotalPrivateMemory
132: #define free_private_memory ulFreePrivateMemory
133: #define utc_time utcTime
134:
135: #define ck_session_handle_t CK_SESSION_HANDLE
136: #define ck_user_type_t CK_USER_TYPE
137: #define ck_state_t CK_STATE
138:
139: #define ck_session_info _CK_SESSION_INFO
140: #define slot_id slotID
141: #define device_error ulDeviceError
142:
143: #define ck_object_handle_t CK_OBJECT_HANDLE
144: #define ck_object_class_t CK_OBJECT_CLASS
145: #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE
146: #define ck_key_type_t CK_KEY_TYPE
147: #define ck_certificate_type_t CK_CERTIFICATE_TYPE
148: #define ck_attribute_type_t CK_ATTRIBUTE_TYPE
149:
150: #define ck_attribute _CK_ATTRIBUTE
151: #define value pValue
152: #define value_len ulValueLen
153:
154: #define ck_date _CK_DATE
155:
156: #define ck_mechanism_type_t CK_MECHANISM_TYPE
157:
158: #define ck_mechanism _CK_MECHANISM
159: #define parameter pParameter
160: #define parameter_len ulParameterLen
161:
162: #define ck_mechanism_info _CK_MECHANISM_INFO
163: #define min_key_size ulMinKeySize
164: #define max_key_size ulMaxKeySize
165:
166: #define ck_rv_t CK_RV
167: #define ck_notify_t CK_NOTIFY
168:
169: #define ck_function_list _CK_FUNCTION_LIST
170:
171: #define ck_createmutex_t CK_CREATEMUTEX
172: #define ck_destroymutex_t CK_DESTROYMUTEX
173: #define ck_lockmutex_t CK_LOCKMUTEX
174: #define ck_unlockmutex_t CK_UNLOCKMUTEX
175:
176: #define ck_c_initialize_args _CK_C_INITIALIZE_ARGS
177: #define create_mutex CreateMutex
178: #define destroy_mutex DestroyMutex
179: #define lock_mutex LockMutex
180: #define unlock_mutex UnlockMutex
181: #define reserved pReserved
182:
183: #endif /* CRYPTOKI_COMPAT */
184:
185:
186:
187: typedef unsigned long ck_flags_t;
188:
189: struct ck_version
190: {
191: unsigned char major;
192: unsigned char minor;
193: };
194:
195:
196: struct ck_info
197: {
198: struct ck_version cryptoki_version;
199: unsigned char manufacturer_id[32];
200: ck_flags_t flags;
201: unsigned char library_description[32];
202: struct ck_version library_version;
203: };
204:
205:
206: typedef unsigned long ck_notification_t;
207:
208: #define CKN_SURRENDER (0)
209:
210:
211: typedef unsigned long ck_slot_id_t;
212:
213:
214: struct ck_slot_info
215: {
216: unsigned char slot_description[64];
217: unsigned char manufacturer_id[32];
218: ck_flags_t flags;
219: struct ck_version hardware_version;
220: struct ck_version firmware_version;
221: };
222:
223:
224: #define CKF_TOKEN_PRESENT (1 << 0)
225: #define CKF_REMOVABLE_DEVICE (1 << 1)
226: #define CKF_HW_SLOT (1 << 2)
227: #define CKF_ARRAY_ATTRIBUTE (1 << 30)
228:
229:
230: struct ck_token_info
231: {
232: unsigned char label[32];
233: unsigned char manufacturer_id[32];
234: unsigned char model[16];
235: unsigned char serial_number[16];
236: ck_flags_t flags;
237: unsigned long max_session_count;
238: unsigned long session_count;
239: unsigned long max_rw_session_count;
240: unsigned long rw_session_count;
241: unsigned long max_pin_len;
242: unsigned long min_pin_len;
243: unsigned long total_public_memory;
244: unsigned long free_public_memory;
245: unsigned long total_private_memory;
246: unsigned long free_private_memory;
247: struct ck_version hardware_version;
248: struct ck_version firmware_version;
249: unsigned char utc_time[16];
250: };
251:
252:
253: #define CKF_RNG (1 << 0)
254: #define CKF_WRITE_PROTECTED (1 << 1)
255: #define CKF_LOGIN_REQUIRED (1 << 2)
256: #define CKF_USER_PIN_INITIALIZED (1 << 3)
257: #define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5)
258: #define CKF_CLOCK_ON_TOKEN (1 << 6)
259: #define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8)
260: #define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9)
261: #define CKF_TOKEN_INITIALIZED (1 << 10)
262: #define CKF_SECONDARY_AUTHENTICATION (1 << 11)
263: #define CKF_USER_PIN_COUNT_LOW (1 << 16)
264: #define CKF_USER_PIN_FINAL_TRY (1 << 17)
265: #define CKF_USER_PIN_LOCKED (1 << 18)
266: #define CKF_USER_PIN_TO_BE_CHANGED (1 << 19)
267: #define CKF_SO_PIN_COUNT_LOW (1 << 20)
268: #define CKF_SO_PIN_FINAL_TRY (1 << 21)
269: #define CKF_SO_PIN_LOCKED (1 << 22)
270: #define CKF_SO_PIN_TO_BE_CHANGED (1 << 23)
271:
272: #define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1)
273: #define CK_EFFECTIVELY_INFINITE (0)
274:
275:
276: typedef unsigned long ck_session_handle_t;
277:
278: #define CK_INVALID_HANDLE (0)
279:
280:
281: typedef unsigned long ck_user_type_t;
282:
283: #define CKU_SO (0)
284: #define CKU_USER (1)
285: #define CKU_CONTEXT_SPECIFIC (2)
286:
287:
288: typedef unsigned long ck_state_t;
289:
290: #define CKS_RO_PUBLIC_SESSION (0)
291: #define CKS_RO_USER_FUNCTIONS (1)
292: #define CKS_RW_PUBLIC_SESSION (2)
293: #define CKS_RW_USER_FUNCTIONS (3)
294: #define CKS_RW_SO_FUNCTIONS (4)
295:
296:
297: struct ck_session_info
298: {
299: ck_slot_id_t slot_id;
300: ck_state_t state;
301: ck_flags_t flags;
302: unsigned long device_error;
303: };
304:
305: #define CKF_RW_SESSION (1 << 1)
306: #define CKF_SERIAL_SESSION (1 << 2)
307:
308:
309: typedef unsigned long ck_object_handle_t;
310:
311:
312: typedef unsigned long ck_object_class_t;
313:
314: #define CKO_DATA (0)
315: #define CKO_CERTIFICATE (1)
316: #define CKO_PUBLIC_KEY (2)
317: #define CKO_PRIVATE_KEY (3)
318: #define CKO_SECRET_KEY (4)
319: #define CKO_HW_FEATURE (5)
320: #define CKO_DOMAIN_PARAMETERS (6)
321: #define CKO_MECHANISM (7)
1.3 ! deraadt 322: #define CKO_VENDOR_DEFINED (1U << 31)
1.1 markus 323:
324:
325: typedef unsigned long ck_hw_feature_type_t;
326:
327: #define CKH_MONOTONIC_COUNTER (1)
328: #define CKH_CLOCK (2)
329: #define CKH_USER_INTERFACE (3)
1.3 ! deraadt 330: #define CKH_VENDOR_DEFINED (1U << 31)
1.1 markus 331:
332:
333: typedef unsigned long ck_key_type_t;
334:
335: #define CKK_RSA (0)
336: #define CKK_DSA (1)
337: #define CKK_DH (2)
338: #define CKK_ECDSA (3)
339: #define CKK_EC (3)
340: #define CKK_X9_42_DH (4)
341: #define CKK_KEA (5)
342: #define CKK_GENERIC_SECRET (0x10)
343: #define CKK_RC2 (0x11)
344: #define CKK_RC4 (0x12)
345: #define CKK_DES (0x13)
346: #define CKK_DES2 (0x14)
347: #define CKK_DES3 (0x15)
348: #define CKK_CAST (0x16)
349: #define CKK_CAST3 (0x17)
350: #define CKK_CAST128 (0x18)
351: #define CKK_RC5 (0x19)
352: #define CKK_IDEA (0x1a)
353: #define CKK_SKIPJACK (0x1b)
354: #define CKK_BATON (0x1c)
355: #define CKK_JUNIPER (0x1d)
356: #define CKK_CDMF (0x1e)
357: #define CKK_AES (0x1f)
358: #define CKK_BLOWFISH (0x20)
359: #define CKK_TWOFISH (0x21)
1.3 ! deraadt 360: #define CKK_VENDOR_DEFINED (1U << 31)
1.1 markus 361:
362: typedef unsigned long ck_certificate_type_t;
363:
364: #define CKC_X_509 (0)
365: #define CKC_X_509_ATTR_CERT (1)
366: #define CKC_WTLS (2)
1.3 ! deraadt 367: #define CKC_VENDOR_DEFINED (1U << 31)
1.1 markus 368:
369:
370: typedef unsigned long ck_attribute_type_t;
371:
372: #define CKA_CLASS (0)
373: #define CKA_TOKEN (1)
374: #define CKA_PRIVATE (2)
375: #define CKA_LABEL (3)
376: #define CKA_APPLICATION (0x10)
377: #define CKA_VALUE (0x11)
378: #define CKA_OBJECT_ID (0x12)
379: #define CKA_CERTIFICATE_TYPE (0x80)
380: #define CKA_ISSUER (0x81)
381: #define CKA_SERIAL_NUMBER (0x82)
382: #define CKA_AC_ISSUER (0x83)
383: #define CKA_OWNER (0x84)
384: #define CKA_ATTR_TYPES (0x85)
385: #define CKA_TRUSTED (0x86)
386: #define CKA_CERTIFICATE_CATEGORY (0x87)
387: #define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88)
388: #define CKA_URL (0x89)
389: #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8a)
390: #define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8b)
391: #define CKA_CHECK_VALUE (0x90)
392: #define CKA_KEY_TYPE (0x100)
393: #define CKA_SUBJECT (0x101)
394: #define CKA_ID (0x102)
395: #define CKA_SENSITIVE (0x103)
396: #define CKA_ENCRYPT (0x104)
397: #define CKA_DECRYPT (0x105)
398: #define CKA_WRAP (0x106)
399: #define CKA_UNWRAP (0x107)
400: #define CKA_SIGN (0x108)
401: #define CKA_SIGN_RECOVER (0x109)
402: #define CKA_VERIFY (0x10a)
403: #define CKA_VERIFY_RECOVER (0x10b)
404: #define CKA_DERIVE (0x10c)
405: #define CKA_START_DATE (0x110)
406: #define CKA_END_DATE (0x111)
407: #define CKA_MODULUS (0x120)
408: #define CKA_MODULUS_BITS (0x121)
409: #define CKA_PUBLIC_EXPONENT (0x122)
410: #define CKA_PRIVATE_EXPONENT (0x123)
411: #define CKA_PRIME_1 (0x124)
412: #define CKA_PRIME_2 (0x125)
413: #define CKA_EXPONENT_1 (0x126)
414: #define CKA_EXPONENT_2 (0x127)
415: #define CKA_COEFFICIENT (0x128)
416: #define CKA_PRIME (0x130)
417: #define CKA_SUBPRIME (0x131)
418: #define CKA_BASE (0x132)
419: #define CKA_PRIME_BITS (0x133)
420: #define CKA_SUB_PRIME_BITS (0x134)
421: #define CKA_VALUE_BITS (0x160)
422: #define CKA_VALUE_LEN (0x161)
423: #define CKA_EXTRACTABLE (0x162)
424: #define CKA_LOCAL (0x163)
425: #define CKA_NEVER_EXTRACTABLE (0x164)
426: #define CKA_ALWAYS_SENSITIVE (0x165)
427: #define CKA_KEY_GEN_MECHANISM (0x166)
428: #define CKA_MODIFIABLE (0x170)
429: #define CKA_ECDSA_PARAMS (0x180)
430: #define CKA_EC_PARAMS (0x180)
431: #define CKA_EC_POINT (0x181)
432: #define CKA_SECONDARY_AUTH (0x200)
433: #define CKA_AUTH_PIN_FLAGS (0x201)
434: #define CKA_ALWAYS_AUTHENTICATE (0x202)
435: #define CKA_WRAP_WITH_TRUSTED (0x210)
436: #define CKA_HW_FEATURE_TYPE (0x300)
437: #define CKA_RESET_ON_INIT (0x301)
438: #define CKA_HAS_RESET (0x302)
439: #define CKA_PIXEL_X (0x400)
440: #define CKA_PIXEL_Y (0x401)
441: #define CKA_RESOLUTION (0x402)
442: #define CKA_CHAR_ROWS (0x403)
443: #define CKA_CHAR_COLUMNS (0x404)
444: #define CKA_COLOR (0x405)
445: #define CKA_BITS_PER_PIXEL (0x406)
446: #define CKA_CHAR_SETS (0x480)
447: #define CKA_ENCODING_METHODS (0x481)
448: #define CKA_MIME_TYPES (0x482)
449: #define CKA_MECHANISM_TYPE (0x500)
450: #define CKA_REQUIRED_CMS_ATTRIBUTES (0x501)
451: #define CKA_DEFAULT_CMS_ATTRIBUTES (0x502)
452: #define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503)
453: #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211)
454: #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212)
455: #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600)
1.3 ! deraadt 456: #define CKA_VENDOR_DEFINED (1U << 31)
1.1 markus 457:
458:
459: struct ck_attribute
460: {
461: ck_attribute_type_t type;
462: void *value;
463: unsigned long value_len;
464: };
465:
466:
467: struct ck_date
468: {
469: unsigned char year[4];
470: unsigned char month[2];
471: unsigned char day[2];
472: };
473:
474:
475: typedef unsigned long ck_mechanism_type_t;
476:
477: #define CKM_RSA_PKCS_KEY_PAIR_GEN (0)
478: #define CKM_RSA_PKCS (1)
479: #define CKM_RSA_9796 (2)
480: #define CKM_RSA_X_509 (3)
481: #define CKM_MD2_RSA_PKCS (4)
482: #define CKM_MD5_RSA_PKCS (5)
483: #define CKM_SHA1_RSA_PKCS (6)
484: #define CKM_RIPEMD128_RSA_PKCS (7)
485: #define CKM_RIPEMD160_RSA_PKCS (8)
486: #define CKM_RSA_PKCS_OAEP (9)
487: #define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa)
488: #define CKM_RSA_X9_31 (0xb)
489: #define CKM_SHA1_RSA_X9_31 (0xc)
490: #define CKM_RSA_PKCS_PSS (0xd)
491: #define CKM_SHA1_RSA_PKCS_PSS (0xe)
492: #define CKM_DSA_KEY_PAIR_GEN (0x10)
493: #define CKM_DSA (0x11)
494: #define CKM_DSA_SHA1 (0x12)
495: #define CKM_DH_PKCS_KEY_PAIR_GEN (0x20)
496: #define CKM_DH_PKCS_DERIVE (0x21)
497: #define CKM_X9_42_DH_KEY_PAIR_GEN (0x30)
498: #define CKM_X9_42_DH_DERIVE (0x31)
499: #define CKM_X9_42_DH_HYBRID_DERIVE (0x32)
500: #define CKM_X9_42_MQV_DERIVE (0x33)
501: #define CKM_SHA256_RSA_PKCS (0x40)
502: #define CKM_SHA384_RSA_PKCS (0x41)
503: #define CKM_SHA512_RSA_PKCS (0x42)
504: #define CKM_SHA256_RSA_PKCS_PSS (0x43)
505: #define CKM_SHA384_RSA_PKCS_PSS (0x44)
506: #define CKM_SHA512_RSA_PKCS_PSS (0x45)
507: #define CKM_RC2_KEY_GEN (0x100)
508: #define CKM_RC2_ECB (0x101)
509: #define CKM_RC2_CBC (0x102)
510: #define CKM_RC2_MAC (0x103)
511: #define CKM_RC2_MAC_GENERAL (0x104)
512: #define CKM_RC2_CBC_PAD (0x105)
513: #define CKM_RC4_KEY_GEN (0x110)
514: #define CKM_RC4 (0x111)
515: #define CKM_DES_KEY_GEN (0x120)
516: #define CKM_DES_ECB (0x121)
517: #define CKM_DES_CBC (0x122)
518: #define CKM_DES_MAC (0x123)
519: #define CKM_DES_MAC_GENERAL (0x124)
520: #define CKM_DES_CBC_PAD (0x125)
521: #define CKM_DES2_KEY_GEN (0x130)
522: #define CKM_DES3_KEY_GEN (0x131)
523: #define CKM_DES3_ECB (0x132)
524: #define CKM_DES3_CBC (0x133)
525: #define CKM_DES3_MAC (0x134)
526: #define CKM_DES3_MAC_GENERAL (0x135)
527: #define CKM_DES3_CBC_PAD (0x136)
528: #define CKM_CDMF_KEY_GEN (0x140)
529: #define CKM_CDMF_ECB (0x141)
530: #define CKM_CDMF_CBC (0x142)
531: #define CKM_CDMF_MAC (0x143)
532: #define CKM_CDMF_MAC_GENERAL (0x144)
533: #define CKM_CDMF_CBC_PAD (0x145)
534: #define CKM_MD2 (0x200)
535: #define CKM_MD2_HMAC (0x201)
536: #define CKM_MD2_HMAC_GENERAL (0x202)
537: #define CKM_MD5 (0x210)
538: #define CKM_MD5_HMAC (0x211)
539: #define CKM_MD5_HMAC_GENERAL (0x212)
540: #define CKM_SHA_1 (0x220)
541: #define CKM_SHA_1_HMAC (0x221)
542: #define CKM_SHA_1_HMAC_GENERAL (0x222)
543: #define CKM_RIPEMD128 (0x230)
544: #define CKM_RIPEMD128_HMAC (0x231)
545: #define CKM_RIPEMD128_HMAC_GENERAL (0x232)
546: #define CKM_RIPEMD160 (0x240)
547: #define CKM_RIPEMD160_HMAC (0x241)
548: #define CKM_RIPEMD160_HMAC_GENERAL (0x242)
549: #define CKM_SHA256 (0x250)
550: #define CKM_SHA256_HMAC (0x251)
551: #define CKM_SHA256_HMAC_GENERAL (0x252)
552: #define CKM_SHA384 (0x260)
553: #define CKM_SHA384_HMAC (0x261)
554: #define CKM_SHA384_HMAC_GENERAL (0x262)
555: #define CKM_SHA512 (0x270)
556: #define CKM_SHA512_HMAC (0x271)
557: #define CKM_SHA512_HMAC_GENERAL (0x272)
558: #define CKM_CAST_KEY_GEN (0x300)
559: #define CKM_CAST_ECB (0x301)
560: #define CKM_CAST_CBC (0x302)
561: #define CKM_CAST_MAC (0x303)
562: #define CKM_CAST_MAC_GENERAL (0x304)
563: #define CKM_CAST_CBC_PAD (0x305)
564: #define CKM_CAST3_KEY_GEN (0x310)
565: #define CKM_CAST3_ECB (0x311)
566: #define CKM_CAST3_CBC (0x312)
567: #define CKM_CAST3_MAC (0x313)
568: #define CKM_CAST3_MAC_GENERAL (0x314)
569: #define CKM_CAST3_CBC_PAD (0x315)
570: #define CKM_CAST5_KEY_GEN (0x320)
571: #define CKM_CAST128_KEY_GEN (0x320)
572: #define CKM_CAST5_ECB (0x321)
573: #define CKM_CAST128_ECB (0x321)
574: #define CKM_CAST5_CBC (0x322)
575: #define CKM_CAST128_CBC (0x322)
576: #define CKM_CAST5_MAC (0x323)
577: #define CKM_CAST128_MAC (0x323)
578: #define CKM_CAST5_MAC_GENERAL (0x324)
579: #define CKM_CAST128_MAC_GENERAL (0x324)
580: #define CKM_CAST5_CBC_PAD (0x325)
581: #define CKM_CAST128_CBC_PAD (0x325)
582: #define CKM_RC5_KEY_GEN (0x330)
583: #define CKM_RC5_ECB (0x331)
584: #define CKM_RC5_CBC (0x332)
585: #define CKM_RC5_MAC (0x333)
586: #define CKM_RC5_MAC_GENERAL (0x334)
587: #define CKM_RC5_CBC_PAD (0x335)
588: #define CKM_IDEA_KEY_GEN (0x340)
589: #define CKM_IDEA_ECB (0x341)
590: #define CKM_IDEA_CBC (0x342)
591: #define CKM_IDEA_MAC (0x343)
592: #define CKM_IDEA_MAC_GENERAL (0x344)
593: #define CKM_IDEA_CBC_PAD (0x345)
594: #define CKM_GENERIC_SECRET_KEY_GEN (0x350)
595: #define CKM_CONCATENATE_BASE_AND_KEY (0x360)
596: #define CKM_CONCATENATE_BASE_AND_DATA (0x362)
597: #define CKM_CONCATENATE_DATA_AND_BASE (0x363)
598: #define CKM_XOR_BASE_AND_DATA (0x364)
599: #define CKM_EXTRACT_KEY_FROM_KEY (0x365)
600: #define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370)
601: #define CKM_SSL3_MASTER_KEY_DERIVE (0x371)
602: #define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372)
603: #define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373)
604: #define CKM_TLS_PRE_MASTER_KEY_GEN (0x374)
605: #define CKM_TLS_MASTER_KEY_DERIVE (0x375)
606: #define CKM_TLS_KEY_AND_MAC_DERIVE (0x376)
607: #define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377)
608: #define CKM_SSL3_MD5_MAC (0x380)
609: #define CKM_SSL3_SHA1_MAC (0x381)
610: #define CKM_MD5_KEY_DERIVATION (0x390)
611: #define CKM_MD2_KEY_DERIVATION (0x391)
612: #define CKM_SHA1_KEY_DERIVATION (0x392)
613: #define CKM_PBE_MD2_DES_CBC (0x3a0)
614: #define CKM_PBE_MD5_DES_CBC (0x3a1)
615: #define CKM_PBE_MD5_CAST_CBC (0x3a2)
616: #define CKM_PBE_MD5_CAST3_CBC (0x3a3)
617: #define CKM_PBE_MD5_CAST5_CBC (0x3a4)
618: #define CKM_PBE_MD5_CAST128_CBC (0x3a4)
619: #define CKM_PBE_SHA1_CAST5_CBC (0x3a5)
620: #define CKM_PBE_SHA1_CAST128_CBC (0x3a5)
621: #define CKM_PBE_SHA1_RC4_128 (0x3a6)
622: #define CKM_PBE_SHA1_RC4_40 (0x3a7)
623: #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8)
624: #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9)
625: #define CKM_PBE_SHA1_RC2_128_CBC (0x3aa)
626: #define CKM_PBE_SHA1_RC2_40_CBC (0x3ab)
627: #define CKM_PKCS5_PBKD2 (0x3b0)
628: #define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0)
629: #define CKM_KEY_WRAP_LYNKS (0x400)
630: #define CKM_KEY_WRAP_SET_OAEP (0x401)
631: #define CKM_SKIPJACK_KEY_GEN (0x1000)
632: #define CKM_SKIPJACK_ECB64 (0x1001)
633: #define CKM_SKIPJACK_CBC64 (0x1002)
634: #define CKM_SKIPJACK_OFB64 (0x1003)
635: #define CKM_SKIPJACK_CFB64 (0x1004)
636: #define CKM_SKIPJACK_CFB32 (0x1005)
637: #define CKM_SKIPJACK_CFB16 (0x1006)
638: #define CKM_SKIPJACK_CFB8 (0x1007)
639: #define CKM_SKIPJACK_WRAP (0x1008)
640: #define CKM_SKIPJACK_PRIVATE_WRAP (0x1009)
641: #define CKM_SKIPJACK_RELAYX (0x100a)
642: #define CKM_KEA_KEY_PAIR_GEN (0x1010)
643: #define CKM_KEA_KEY_DERIVE (0x1011)
644: #define CKM_FORTEZZA_TIMESTAMP (0x1020)
645: #define CKM_BATON_KEY_GEN (0x1030)
646: #define CKM_BATON_ECB128 (0x1031)
647: #define CKM_BATON_ECB96 (0x1032)
648: #define CKM_BATON_CBC128 (0x1033)
649: #define CKM_BATON_COUNTER (0x1034)
650: #define CKM_BATON_SHUFFLE (0x1035)
651: #define CKM_BATON_WRAP (0x1036)
652: #define CKM_ECDSA_KEY_PAIR_GEN (0x1040)
653: #define CKM_EC_KEY_PAIR_GEN (0x1040)
654: #define CKM_ECDSA (0x1041)
655: #define CKM_ECDSA_SHA1 (0x1042)
656: #define CKM_ECDH1_DERIVE (0x1050)
657: #define CKM_ECDH1_COFACTOR_DERIVE (0x1051)
658: #define CKM_ECMQV_DERIVE (0x1052)
659: #define CKM_JUNIPER_KEY_GEN (0x1060)
660: #define CKM_JUNIPER_ECB128 (0x1061)
661: #define CKM_JUNIPER_CBC128 (0x1062)
662: #define CKM_JUNIPER_COUNTER (0x1063)
663: #define CKM_JUNIPER_SHUFFLE (0x1064)
664: #define CKM_JUNIPER_WRAP (0x1065)
665: #define CKM_FASTHASH (0x1070)
666: #define CKM_AES_KEY_GEN (0x1080)
667: #define CKM_AES_ECB (0x1081)
668: #define CKM_AES_CBC (0x1082)
669: #define CKM_AES_MAC (0x1083)
670: #define CKM_AES_MAC_GENERAL (0x1084)
671: #define CKM_AES_CBC_PAD (0x1085)
672: #define CKM_DSA_PARAMETER_GEN (0x2000)
673: #define CKM_DH_PKCS_PARAMETER_GEN (0x2001)
674: #define CKM_X9_42_DH_PARAMETER_GEN (0x2002)
1.3 ! deraadt 675: #define CKM_VENDOR_DEFINED (1U << 31)
1.1 markus 676:
677:
678: struct ck_mechanism
679: {
680: ck_mechanism_type_t mechanism;
681: void *parameter;
682: unsigned long parameter_len;
683: };
684:
685:
686: struct ck_mechanism_info
687: {
688: unsigned long min_key_size;
689: unsigned long max_key_size;
690: ck_flags_t flags;
691: };
692:
693: #define CKF_HW (1 << 0)
694: #define CKF_ENCRYPT (1 << 8)
695: #define CKF_DECRYPT (1 << 9)
696: #define CKF_DIGEST (1 << 10)
697: #define CKF_SIGN (1 << 11)
698: #define CKF_SIGN_RECOVER (1 << 12)
699: #define CKF_VERIFY (1 << 13)
700: #define CKF_VERIFY_RECOVER (1 << 14)
701: #define CKF_GENERATE (1 << 15)
702: #define CKF_GENERATE_KEY_PAIR (1 << 16)
703: #define CKF_WRAP (1 << 17)
704: #define CKF_UNWRAP (1 << 18)
705: #define CKF_DERIVE (1 << 19)
1.3 ! deraadt 706: #define CKF_EXTENSION (1U << 31)
1.1 markus 707:
708:
709: /* Flags for C_WaitForSlotEvent. */
710: #define CKF_DONT_BLOCK (1)
711:
712:
713: typedef unsigned long ck_rv_t;
714:
715:
716: typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session,
717: ck_notification_t event, void *application);
718:
719: /* Forward reference. */
720: struct ck_function_list;
721:
722: #define _CK_DECLARE_FUNCTION(name, args) \
723: typedef ck_rv_t (*CK_ ## name) args; \
724: ck_rv_t CK_SPEC name args
725:
726: _CK_DECLARE_FUNCTION (C_Initialize, (void *init_args));
727: _CK_DECLARE_FUNCTION (C_Finalize, (void *reserved));
728: _CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info));
729: _CK_DECLARE_FUNCTION (C_GetFunctionList,
730: (struct ck_function_list **function_list));
731:
732: _CK_DECLARE_FUNCTION (C_GetSlotList,
733: (unsigned char token_present, ck_slot_id_t *slot_list,
734: unsigned long *count));
735: _CK_DECLARE_FUNCTION (C_GetSlotInfo,
736: (ck_slot_id_t slot_id, struct ck_slot_info *info));
737: _CK_DECLARE_FUNCTION (C_GetTokenInfo,
738: (ck_slot_id_t slot_id, struct ck_token_info *info));
739: _CK_DECLARE_FUNCTION (C_WaitForSlotEvent,
740: (ck_flags_t flags, ck_slot_id_t *slot, void *reserved));
741: _CK_DECLARE_FUNCTION (C_GetMechanismList,
742: (ck_slot_id_t slot_id,
743: ck_mechanism_type_t *mechanism_list,
744: unsigned long *count));
745: _CK_DECLARE_FUNCTION (C_GetMechanismInfo,
746: (ck_slot_id_t slot_id, ck_mechanism_type_t type,
747: struct ck_mechanism_info *info));
748: _CK_DECLARE_FUNCTION (C_InitToken,
749: (ck_slot_id_t slot_id, unsigned char *pin,
750: unsigned long pin_len, unsigned char *label));
751: _CK_DECLARE_FUNCTION (C_InitPIN,
752: (ck_session_handle_t session, unsigned char *pin,
753: unsigned long pin_len));
754: _CK_DECLARE_FUNCTION (C_SetPIN,
755: (ck_session_handle_t session, unsigned char *old_pin,
756: unsigned long old_len, unsigned char *new_pin,
757: unsigned long new_len));
758:
759: _CK_DECLARE_FUNCTION (C_OpenSession,
760: (ck_slot_id_t slot_id, ck_flags_t flags,
761: void *application, ck_notify_t notify,
762: ck_session_handle_t *session));
763: _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session));
764: _CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id));
765: _CK_DECLARE_FUNCTION (C_GetSessionInfo,
766: (ck_session_handle_t session,
767: struct ck_session_info *info));
768: _CK_DECLARE_FUNCTION (C_GetOperationState,
769: (ck_session_handle_t session,
770: unsigned char *operation_state,
771: unsigned long *operation_state_len));
772: _CK_DECLARE_FUNCTION (C_SetOperationState,
773: (ck_session_handle_t session,
774: unsigned char *operation_state,
775: unsigned long operation_state_len,
776: ck_object_handle_t encryption_key,
777: ck_object_handle_t authentiation_key));
778: _CK_DECLARE_FUNCTION (C_Login,
779: (ck_session_handle_t session, ck_user_type_t user_type,
780: unsigned char *pin, unsigned long pin_len));
781: _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session));
782:
783: _CK_DECLARE_FUNCTION (C_CreateObject,
784: (ck_session_handle_t session,
785: struct ck_attribute *templ,
786: unsigned long count, ck_object_handle_t *object));
787: _CK_DECLARE_FUNCTION (C_CopyObject,
788: (ck_session_handle_t session, ck_object_handle_t object,
789: struct ck_attribute *templ, unsigned long count,
790: ck_object_handle_t *new_object));
791: _CK_DECLARE_FUNCTION (C_DestroyObject,
792: (ck_session_handle_t session,
793: ck_object_handle_t object));
794: _CK_DECLARE_FUNCTION (C_GetObjectSize,
795: (ck_session_handle_t session,
796: ck_object_handle_t object,
797: unsigned long *size));
798: _CK_DECLARE_FUNCTION (C_GetAttributeValue,
799: (ck_session_handle_t session,
800: ck_object_handle_t object,
801: struct ck_attribute *templ,
802: unsigned long count));
803: _CK_DECLARE_FUNCTION (C_SetAttributeValue,
804: (ck_session_handle_t session,
805: ck_object_handle_t object,
806: struct ck_attribute *templ,
807: unsigned long count));
808: _CK_DECLARE_FUNCTION (C_FindObjectsInit,
809: (ck_session_handle_t session,
810: struct ck_attribute *templ,
811: unsigned long count));
812: _CK_DECLARE_FUNCTION (C_FindObjects,
813: (ck_session_handle_t session,
814: ck_object_handle_t *object,
815: unsigned long max_object_count,
816: unsigned long *object_count));
817: _CK_DECLARE_FUNCTION (C_FindObjectsFinal,
818: (ck_session_handle_t session));
819:
820: _CK_DECLARE_FUNCTION (C_EncryptInit,
821: (ck_session_handle_t session,
822: struct ck_mechanism *mechanism,
823: ck_object_handle_t key));
824: _CK_DECLARE_FUNCTION (C_Encrypt,
825: (ck_session_handle_t session,
826: unsigned char *data, unsigned long data_len,
827: unsigned char *encrypted_data,
828: unsigned long *encrypted_data_len));
829: _CK_DECLARE_FUNCTION (C_EncryptUpdate,
830: (ck_session_handle_t session,
831: unsigned char *part, unsigned long part_len,
832: unsigned char *encrypted_part,
833: unsigned long *encrypted_part_len));
834: _CK_DECLARE_FUNCTION (C_EncryptFinal,
835: (ck_session_handle_t session,
836: unsigned char *last_encrypted_part,
837: unsigned long *last_encrypted_part_len));
838:
839: _CK_DECLARE_FUNCTION (C_DecryptInit,
840: (ck_session_handle_t session,
841: struct ck_mechanism *mechanism,
842: ck_object_handle_t key));
843: _CK_DECLARE_FUNCTION (C_Decrypt,
844: (ck_session_handle_t session,
845: unsigned char *encrypted_data,
846: unsigned long encrypted_data_len,
847: unsigned char *data, unsigned long *data_len));
848: _CK_DECLARE_FUNCTION (C_DecryptUpdate,
849: (ck_session_handle_t session,
850: unsigned char *encrypted_part,
851: unsigned long encrypted_part_len,
852: unsigned char *part, unsigned long *part_len));
853: _CK_DECLARE_FUNCTION (C_DecryptFinal,
854: (ck_session_handle_t session,
855: unsigned char *last_part,
856: unsigned long *last_part_len));
857:
858: _CK_DECLARE_FUNCTION (C_DigestInit,
859: (ck_session_handle_t session,
860: struct ck_mechanism *mechanism));
861: _CK_DECLARE_FUNCTION (C_Digest,
862: (ck_session_handle_t session,
863: unsigned char *data, unsigned long data_len,
864: unsigned char *digest,
865: unsigned long *digest_len));
866: _CK_DECLARE_FUNCTION (C_DigestUpdate,
867: (ck_session_handle_t session,
868: unsigned char *part, unsigned long part_len));
869: _CK_DECLARE_FUNCTION (C_DigestKey,
870: (ck_session_handle_t session, ck_object_handle_t key));
871: _CK_DECLARE_FUNCTION (C_DigestFinal,
872: (ck_session_handle_t session,
873: unsigned char *digest,
874: unsigned long *digest_len));
875:
876: _CK_DECLARE_FUNCTION (C_SignInit,
877: (ck_session_handle_t session,
878: struct ck_mechanism *mechanism,
879: ck_object_handle_t key));
880: _CK_DECLARE_FUNCTION (C_Sign,
881: (ck_session_handle_t session,
882: unsigned char *data, unsigned long data_len,
883: unsigned char *signature,
884: unsigned long *signature_len));
885: _CK_DECLARE_FUNCTION (C_SignUpdate,
886: (ck_session_handle_t session,
887: unsigned char *part, unsigned long part_len));
888: _CK_DECLARE_FUNCTION (C_SignFinal,
889: (ck_session_handle_t session,
890: unsigned char *signature,
891: unsigned long *signature_len));
892: _CK_DECLARE_FUNCTION (C_SignRecoverInit,
893: (ck_session_handle_t session,
894: struct ck_mechanism *mechanism,
895: ck_object_handle_t key));
896: _CK_DECLARE_FUNCTION (C_SignRecover,
897: (ck_session_handle_t session,
898: unsigned char *data, unsigned long data_len,
899: unsigned char *signature,
900: unsigned long *signature_len));
901:
902: _CK_DECLARE_FUNCTION (C_VerifyInit,
903: (ck_session_handle_t session,
904: struct ck_mechanism *mechanism,
905: ck_object_handle_t key));
906: _CK_DECLARE_FUNCTION (C_Verify,
907: (ck_session_handle_t session,
908: unsigned char *data, unsigned long data_len,
909: unsigned char *signature,
910: unsigned long signature_len));
911: _CK_DECLARE_FUNCTION (C_VerifyUpdate,
912: (ck_session_handle_t session,
913: unsigned char *part, unsigned long part_len));
914: _CK_DECLARE_FUNCTION (C_VerifyFinal,
915: (ck_session_handle_t session,
916: unsigned char *signature,
917: unsigned long signature_len));
918: _CK_DECLARE_FUNCTION (C_VerifyRecoverInit,
919: (ck_session_handle_t session,
920: struct ck_mechanism *mechanism,
921: ck_object_handle_t key));
922: _CK_DECLARE_FUNCTION (C_VerifyRecover,
923: (ck_session_handle_t session,
924: unsigned char *signature,
925: unsigned long signature_len,
926: unsigned char *data,
927: unsigned long *data_len));
928:
929: _CK_DECLARE_FUNCTION (C_DigestEncryptUpdate,
930: (ck_session_handle_t session,
931: unsigned char *part, unsigned long part_len,
932: unsigned char *encrypted_part,
933: unsigned long *encrypted_part_len));
934: _CK_DECLARE_FUNCTION (C_DecryptDigestUpdate,
935: (ck_session_handle_t session,
936: unsigned char *encrypted_part,
937: unsigned long encrypted_part_len,
938: unsigned char *part,
939: unsigned long *part_len));
940: _CK_DECLARE_FUNCTION (C_SignEncryptUpdate,
941: (ck_session_handle_t session,
942: unsigned char *part, unsigned long part_len,
943: unsigned char *encrypted_part,
944: unsigned long *encrypted_part_len));
945: _CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate,
946: (ck_session_handle_t session,
947: unsigned char *encrypted_part,
948: unsigned long encrypted_part_len,
949: unsigned char *part,
950: unsigned long *part_len));
951:
952: _CK_DECLARE_FUNCTION (C_GenerateKey,
953: (ck_session_handle_t session,
954: struct ck_mechanism *mechanism,
955: struct ck_attribute *templ,
956: unsigned long count,
957: ck_object_handle_t *key));
958: _CK_DECLARE_FUNCTION (C_GenerateKeyPair,
959: (ck_session_handle_t session,
960: struct ck_mechanism *mechanism,
961: struct ck_attribute *public_key_template,
962: unsigned long public_key_attribute_count,
963: struct ck_attribute *private_key_template,
964: unsigned long private_key_attribute_count,
965: ck_object_handle_t *public_key,
966: ck_object_handle_t *private_key));
967: _CK_DECLARE_FUNCTION (C_WrapKey,
968: (ck_session_handle_t session,
969: struct ck_mechanism *mechanism,
970: ck_object_handle_t wrapping_key,
971: ck_object_handle_t key,
972: unsigned char *wrapped_key,
973: unsigned long *wrapped_key_len));
974: _CK_DECLARE_FUNCTION (C_UnwrapKey,
975: (ck_session_handle_t session,
976: struct ck_mechanism *mechanism,
977: ck_object_handle_t unwrapping_key,
978: unsigned char *wrapped_key,
979: unsigned long wrapped_key_len,
980: struct ck_attribute *templ,
981: unsigned long attribute_count,
982: ck_object_handle_t *key));
983: _CK_DECLARE_FUNCTION (C_DeriveKey,
984: (ck_session_handle_t session,
985: struct ck_mechanism *mechanism,
986: ck_object_handle_t base_key,
987: struct ck_attribute *templ,
988: unsigned long attribute_count,
989: ck_object_handle_t *key));
990:
991: _CK_DECLARE_FUNCTION (C_SeedRandom,
992: (ck_session_handle_t session, unsigned char *seed,
993: unsigned long seed_len));
994: _CK_DECLARE_FUNCTION (C_GenerateRandom,
995: (ck_session_handle_t session,
996: unsigned char *random_data,
997: unsigned long random_len));
998:
999: _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session));
1000: _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session));
1001:
1002:
1003: struct ck_function_list
1004: {
1005: struct ck_version version;
1006: CK_C_Initialize C_Initialize;
1007: CK_C_Finalize C_Finalize;
1008: CK_C_GetInfo C_GetInfo;
1009: CK_C_GetFunctionList C_GetFunctionList;
1010: CK_C_GetSlotList C_GetSlotList;
1011: CK_C_GetSlotInfo C_GetSlotInfo;
1012: CK_C_GetTokenInfo C_GetTokenInfo;
1013: CK_C_GetMechanismList C_GetMechanismList;
1014: CK_C_GetMechanismInfo C_GetMechanismInfo;
1015: CK_C_InitToken C_InitToken;
1016: CK_C_InitPIN C_InitPIN;
1017: CK_C_SetPIN C_SetPIN;
1018: CK_C_OpenSession C_OpenSession;
1019: CK_C_CloseSession C_CloseSession;
1020: CK_C_CloseAllSessions C_CloseAllSessions;
1021: CK_C_GetSessionInfo C_GetSessionInfo;
1022: CK_C_GetOperationState C_GetOperationState;
1023: CK_C_SetOperationState C_SetOperationState;
1024: CK_C_Login C_Login;
1025: CK_C_Logout C_Logout;
1026: CK_C_CreateObject C_CreateObject;
1027: CK_C_CopyObject C_CopyObject;
1028: CK_C_DestroyObject C_DestroyObject;
1029: CK_C_GetObjectSize C_GetObjectSize;
1030: CK_C_GetAttributeValue C_GetAttributeValue;
1031: CK_C_SetAttributeValue C_SetAttributeValue;
1032: CK_C_FindObjectsInit C_FindObjectsInit;
1033: CK_C_FindObjects C_FindObjects;
1034: CK_C_FindObjectsFinal C_FindObjectsFinal;
1035: CK_C_EncryptInit C_EncryptInit;
1036: CK_C_Encrypt C_Encrypt;
1037: CK_C_EncryptUpdate C_EncryptUpdate;
1038: CK_C_EncryptFinal C_EncryptFinal;
1039: CK_C_DecryptInit C_DecryptInit;
1040: CK_C_Decrypt C_Decrypt;
1041: CK_C_DecryptUpdate C_DecryptUpdate;
1042: CK_C_DecryptFinal C_DecryptFinal;
1043: CK_C_DigestInit C_DigestInit;
1044: CK_C_Digest C_Digest;
1045: CK_C_DigestUpdate C_DigestUpdate;
1046: CK_C_DigestKey C_DigestKey;
1047: CK_C_DigestFinal C_DigestFinal;
1048: CK_C_SignInit C_SignInit;
1049: CK_C_Sign C_Sign;
1050: CK_C_SignUpdate C_SignUpdate;
1051: CK_C_SignFinal C_SignFinal;
1052: CK_C_SignRecoverInit C_SignRecoverInit;
1053: CK_C_SignRecover C_SignRecover;
1054: CK_C_VerifyInit C_VerifyInit;
1055: CK_C_Verify C_Verify;
1056: CK_C_VerifyUpdate C_VerifyUpdate;
1057: CK_C_VerifyFinal C_VerifyFinal;
1058: CK_C_VerifyRecoverInit C_VerifyRecoverInit;
1059: CK_C_VerifyRecover C_VerifyRecover;
1060: CK_C_DigestEncryptUpdate C_DigestEncryptUpdate;
1061: CK_C_DecryptDigestUpdate C_DecryptDigestUpdate;
1062: CK_C_SignEncryptUpdate C_SignEncryptUpdate;
1063: CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate;
1064: CK_C_GenerateKey C_GenerateKey;
1065: CK_C_GenerateKeyPair C_GenerateKeyPair;
1066: CK_C_WrapKey C_WrapKey;
1067: CK_C_UnwrapKey C_UnwrapKey;
1068: CK_C_DeriveKey C_DeriveKey;
1069: CK_C_SeedRandom C_SeedRandom;
1070: CK_C_GenerateRandom C_GenerateRandom;
1071: CK_C_GetFunctionStatus C_GetFunctionStatus;
1072: CK_C_CancelFunction C_CancelFunction;
1073: CK_C_WaitForSlotEvent C_WaitForSlotEvent;
1074: };
1075:
1076:
1077: typedef ck_rv_t (*ck_createmutex_t) (void **mutex);
1078: typedef ck_rv_t (*ck_destroymutex_t) (void *mutex);
1079: typedef ck_rv_t (*ck_lockmutex_t) (void *mutex);
1080: typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex);
1081:
1082:
1083: struct ck_c_initialize_args
1084: {
1085: ck_createmutex_t create_mutex;
1086: ck_destroymutex_t destroy_mutex;
1087: ck_lockmutex_t lock_mutex;
1088: ck_unlockmutex_t unlock_mutex;
1089: ck_flags_t flags;
1090: void *reserved;
1091: };
1092:
1093:
1094: #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0)
1095: #define CKF_OS_LOCKING_OK (1 << 1)
1096:
1097: #define CKR_OK (0)
1098: #define CKR_CANCEL (1)
1099: #define CKR_HOST_MEMORY (2)
1100: #define CKR_SLOT_ID_INVALID (3)
1101: #define CKR_GENERAL_ERROR (5)
1102: #define CKR_FUNCTION_FAILED (6)
1103: #define CKR_ARGUMENTS_BAD (7)
1104: #define CKR_NO_EVENT (8)
1105: #define CKR_NEED_TO_CREATE_THREADS (9)
1106: #define CKR_CANT_LOCK (0xa)
1107: #define CKR_ATTRIBUTE_READ_ONLY (0x10)
1108: #define CKR_ATTRIBUTE_SENSITIVE (0x11)
1109: #define CKR_ATTRIBUTE_TYPE_INVALID (0x12)
1110: #define CKR_ATTRIBUTE_VALUE_INVALID (0x13)
1111: #define CKR_DATA_INVALID (0x20)
1112: #define CKR_DATA_LEN_RANGE (0x21)
1113: #define CKR_DEVICE_ERROR (0x30)
1114: #define CKR_DEVICE_MEMORY (0x31)
1115: #define CKR_DEVICE_REMOVED (0x32)
1116: #define CKR_ENCRYPTED_DATA_INVALID (0x40)
1117: #define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41)
1118: #define CKR_FUNCTION_CANCELED (0x50)
1119: #define CKR_FUNCTION_NOT_PARALLEL (0x51)
1120: #define CKR_FUNCTION_NOT_SUPPORTED (0x54)
1121: #define CKR_KEY_HANDLE_INVALID (0x60)
1122: #define CKR_KEY_SIZE_RANGE (0x62)
1123: #define CKR_KEY_TYPE_INCONSISTENT (0x63)
1124: #define CKR_KEY_NOT_NEEDED (0x64)
1125: #define CKR_KEY_CHANGED (0x65)
1126: #define CKR_KEY_NEEDED (0x66)
1127: #define CKR_KEY_INDIGESTIBLE (0x67)
1128: #define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68)
1129: #define CKR_KEY_NOT_WRAPPABLE (0x69)
1130: #define CKR_KEY_UNEXTRACTABLE (0x6a)
1131: #define CKR_MECHANISM_INVALID (0x70)
1132: #define CKR_MECHANISM_PARAM_INVALID (0x71)
1133: #define CKR_OBJECT_HANDLE_INVALID (0x82)
1134: #define CKR_OPERATION_ACTIVE (0x90)
1135: #define CKR_OPERATION_NOT_INITIALIZED (0x91)
1136: #define CKR_PIN_INCORRECT (0xa0)
1137: #define CKR_PIN_INVALID (0xa1)
1138: #define CKR_PIN_LEN_RANGE (0xa2)
1139: #define CKR_PIN_EXPIRED (0xa3)
1140: #define CKR_PIN_LOCKED (0xa4)
1141: #define CKR_SESSION_CLOSED (0xb0)
1142: #define CKR_SESSION_COUNT (0xb1)
1143: #define CKR_SESSION_HANDLE_INVALID (0xb3)
1144: #define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4)
1145: #define CKR_SESSION_READ_ONLY (0xb5)
1146: #define CKR_SESSION_EXISTS (0xb6)
1147: #define CKR_SESSION_READ_ONLY_EXISTS (0xb7)
1148: #define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8)
1149: #define CKR_SIGNATURE_INVALID (0xc0)
1150: #define CKR_SIGNATURE_LEN_RANGE (0xc1)
1151: #define CKR_TEMPLATE_INCOMPLETE (0xd0)
1152: #define CKR_TEMPLATE_INCONSISTENT (0xd1)
1153: #define CKR_TOKEN_NOT_PRESENT (0xe0)
1154: #define CKR_TOKEN_NOT_RECOGNIZED (0xe1)
1155: #define CKR_TOKEN_WRITE_PROTECTED (0xe2)
1156: #define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0)
1157: #define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1)
1158: #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2)
1159: #define CKR_USER_ALREADY_LOGGED_IN (0x100)
1160: #define CKR_USER_NOT_LOGGED_IN (0x101)
1161: #define CKR_USER_PIN_NOT_INITIALIZED (0x102)
1162: #define CKR_USER_TYPE_INVALID (0x103)
1163: #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104)
1164: #define CKR_USER_TOO_MANY_TYPES (0x105)
1165: #define CKR_WRAPPED_KEY_INVALID (0x110)
1166: #define CKR_WRAPPED_KEY_LEN_RANGE (0x112)
1167: #define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113)
1168: #define CKR_WRAPPING_KEY_SIZE_RANGE (0x114)
1169: #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115)
1170: #define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120)
1171: #define CKR_RANDOM_NO_RNG (0x121)
1172: #define CKR_DOMAIN_PARAMS_INVALID (0x130)
1173: #define CKR_BUFFER_TOO_SMALL (0x150)
1174: #define CKR_SAVED_STATE_INVALID (0x160)
1175: #define CKR_INFORMATION_SENSITIVE (0x170)
1176: #define CKR_STATE_UNSAVEABLE (0x180)
1177: #define CKR_CRYPTOKI_NOT_INITIALIZED (0x190)
1178: #define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191)
1179: #define CKR_MUTEX_BAD (0x1a0)
1180: #define CKR_MUTEX_NOT_LOCKED (0x1a1)
1181: #define CKR_FUNCTION_REJECTED (0x200)
1.3 ! deraadt 1182: #define CKR_VENDOR_DEFINED (1U << 31)
1.1 markus 1183:
1184:
1185:
1186: /* Compatibility layer. */
1187:
1188: #ifdef CRYPTOKI_COMPAT
1189:
1190: #undef CK_DEFINE_FUNCTION
1191: #define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name
1192:
1193: /* For NULL. */
1194: #include <stddef.h>
1195:
1196: typedef unsigned char CK_BYTE;
1197: typedef unsigned char CK_CHAR;
1198: typedef unsigned char CK_UTF8CHAR;
1199: typedef unsigned char CK_BBOOL;
1200: typedef unsigned long int CK_ULONG;
1201: typedef long int CK_LONG;
1202: typedef CK_BYTE *CK_BYTE_PTR;
1203: typedef CK_CHAR *CK_CHAR_PTR;
1204: typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR;
1205: typedef CK_ULONG *CK_ULONG_PTR;
1206: typedef void *CK_VOID_PTR;
1207: typedef void **CK_VOID_PTR_PTR;
1208: #define CK_FALSE 0
1209: #define CK_TRUE 1
1210: #ifndef CK_DISABLE_TRUE_FALSE
1211: #ifndef FALSE
1212: #define FALSE 0
1213: #endif
1214: #ifndef TRUE
1215: #define TRUE 1
1216: #endif
1217: #endif
1218:
1219: typedef struct ck_version CK_VERSION;
1220: typedef struct ck_version *CK_VERSION_PTR;
1221:
1222: typedef struct ck_info CK_INFO;
1223: typedef struct ck_info *CK_INFO_PTR;
1224:
1225: typedef ck_slot_id_t *CK_SLOT_ID_PTR;
1226:
1227: typedef struct ck_slot_info CK_SLOT_INFO;
1228: typedef struct ck_slot_info *CK_SLOT_INFO_PTR;
1229:
1230: typedef struct ck_token_info CK_TOKEN_INFO;
1231: typedef struct ck_token_info *CK_TOKEN_INFO_PTR;
1232:
1233: typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR;
1234:
1235: typedef struct ck_session_info CK_SESSION_INFO;
1236: typedef struct ck_session_info *CK_SESSION_INFO_PTR;
1237:
1238: typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR;
1239:
1240: typedef ck_object_class_t *CK_OBJECT_CLASS_PTR;
1241:
1242: typedef struct ck_attribute CK_ATTRIBUTE;
1243: typedef struct ck_attribute *CK_ATTRIBUTE_PTR;
1244:
1245: typedef struct ck_date CK_DATE;
1246: typedef struct ck_date *CK_DATE_PTR;
1247:
1248: typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR;
1249:
1250: typedef struct ck_mechanism CK_MECHANISM;
1251: typedef struct ck_mechanism *CK_MECHANISM_PTR;
1252:
1253: typedef struct ck_mechanism_info CK_MECHANISM_INFO;
1254: typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR;
1255:
1256: typedef struct ck_function_list CK_FUNCTION_LIST;
1257: typedef struct ck_function_list *CK_FUNCTION_LIST_PTR;
1258: typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR;
1259:
1260: typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS;
1261: typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR;
1262:
1263: #define NULL_PTR NULL
1264:
1265: /* Delete the helper macros defined at the top of the file. */
1266: #undef ck_flags_t
1267: #undef ck_version
1268:
1269: #undef ck_info
1270: #undef cryptoki_version
1271: #undef manufacturer_id
1272: #undef library_description
1273: #undef library_version
1274:
1275: #undef ck_notification_t
1276: #undef ck_slot_id_t
1277:
1278: #undef ck_slot_info
1279: #undef slot_description
1280: #undef hardware_version
1281: #undef firmware_version
1282:
1283: #undef ck_token_info
1284: #undef serial_number
1285: #undef max_session_count
1286: #undef session_count
1287: #undef max_rw_session_count
1288: #undef rw_session_count
1289: #undef max_pin_len
1290: #undef min_pin_len
1291: #undef total_public_memory
1292: #undef free_public_memory
1293: #undef total_private_memory
1294: #undef free_private_memory
1295: #undef utc_time
1296:
1297: #undef ck_session_handle_t
1298: #undef ck_user_type_t
1299: #undef ck_state_t
1300:
1301: #undef ck_session_info
1302: #undef slot_id
1303: #undef device_error
1304:
1305: #undef ck_object_handle_t
1306: #undef ck_object_class_t
1307: #undef ck_hw_feature_type_t
1308: #undef ck_key_type_t
1309: #undef ck_certificate_type_t
1310: #undef ck_attribute_type_t
1311:
1312: #undef ck_attribute
1313: #undef value
1314: #undef value_len
1315:
1316: #undef ck_date
1317:
1318: #undef ck_mechanism_type_t
1319:
1320: #undef ck_mechanism
1321: #undef parameter
1322: #undef parameter_len
1323:
1324: #undef ck_mechanism_info
1325: #undef min_key_size
1326: #undef max_key_size
1327:
1328: #undef ck_rv_t
1329: #undef ck_notify_t
1330:
1331: #undef ck_function_list
1332:
1333: #undef ck_createmutex_t
1334: #undef ck_destroymutex_t
1335: #undef ck_lockmutex_t
1336: #undef ck_unlockmutex_t
1337:
1338: #undef ck_c_initialize_args
1339: #undef create_mutex
1340: #undef destroy_mutex
1341: #undef lock_mutex
1342: #undef unlock_mutex
1343: #undef reserved
1344:
1345: #endif /* CRYPTOKI_COMPAT */
1346:
1347:
1348: /* System dependencies. */
1349: #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
1350: #pragma pack(pop, cryptoki)
1351: #endif
1352:
1353: #if defined(__cplusplus)
1354: }
1355: #endif
1356:
1357: #endif /* PKCS11_H */