/* SPDX-License-Identifier: BSD-2-Clause */ /* * Copyright (c) 2018-2020, Linaro Limited */ #ifndef PKCS11_H #define PKCS11_H #ifdef __cplusplus extern "C" { #endif /* * PKCS#11 Cryptoki API v2.40-errata01, See specification from: * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/os/pkcs11-base-v2.40-errata01-os-complete.html */ #define CK_PKCS11_VERSION_MAJOR 2 #define CK_PKCS11_VERSION_MINOR 40 #define CK_PKCS11_VERSION_PATCH 1 typedef unsigned char CK_BYTE; typedef unsigned long CK_ULONG; typedef long CK_LONG; typedef CK_BYTE CK_CHAR; typedef CK_BYTE CK_UTF8CHAR; typedef CK_BYTE *CK_BYTE_PTR; typedef CK_ULONG *CK_ULONG_PTR; typedef CK_CHAR *CK_CHAR_PTR; typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; typedef void *CK_VOID_PTR; typedef CK_VOID_PTR *CK_VOID_PTR_PTR; typedef CK_BYTE CK_BBOOL; #define CK_TRUE 1 #define CK_FALSE 0 typedef CK_ULONG CK_FLAGS; #define CK_UNAVAILABLE_INFORMATION (~0UL) #define CK_EFFECTIVELY_INFINITE 0UL typedef CK_ULONG CK_SESSION_HANDLE; typedef CK_SESSION_HANDLE *CK_SESSION_HANDLE_PTR; typedef CK_ULONG CK_OBJECT_HANDLE; typedef CK_OBJECT_HANDLE *CK_OBJECT_HANDLE_PTR; #define CK_INVALID_HANDLE 0 typedef CK_ULONG CK_SLOT_ID; typedef CK_SLOT_ID *CK_SLOT_ID_PTR; typedef struct CK_VERSION CK_VERSION; typedef struct CK_VERSION *CK_VERSION_PTR; struct CK_VERSION { CK_BYTE major; CK_BYTE minor; }; typedef struct CK_DATE CK_DATE; typedef struct CK_DATE *CK_DATE_PTR; struct CK_DATE { CK_CHAR year[4]; CK_CHAR month[2]; CK_CHAR day[2]; }; /* * PKCS#11 Objects attributes */ typedef CK_ULONG CK_ATTRIBUTE_TYPE; typedef struct CK_ATTRIBUTE CK_ATTRIBUTE; typedef struct CK_ATTRIBUTE *CK_ATTRIBUTE_PTR; struct CK_ATTRIBUTE { CK_ATTRIBUTE_TYPE type; CK_VOID_PTR pValue; CK_ULONG ulValueLen; }; /* * Values for CK_ATTRIBUTE_TYPE * * This does not cover the full PKCS#11 IDs. */ #define CKF_ARRAY_ATTRIBUTE (1U << 30) #define CKA_VENDOR_DEFINED (1U << 31) #define CKA_CLASS 0x0000 #define CKA_TOKEN 0x0001 #define CKA_PRIVATE 0x0002 #define CKA_LABEL 0x0003 #define CKA_APPLICATION 0x0010 #define CKA_VALUE 0x0011 #define CKA_OBJECT_ID 0x0012 #define CKA_CERTIFICATE_TYPE 0x0080 #define CKA_ISSUER 0x0081 #define CKA_SERIAL_NUMBER 0x0082 #define CKA_AC_ISSUER 0x0083 #define CKA_OWNER 0x0084 #define CKA_ATTR_TYPES 0x0085 #define CKA_TRUSTED 0x0086 #define CKA_CERTIFICATE_CATEGORY 0x0087 #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x0088 #define CKA_URL 0x0089 #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x008a #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x008b #define CKA_NAME_HASH_ALGORITHM 0x008c #define CKA_CHECK_VALUE 0x0090 #define CKA_KEY_TYPE 0x0100 #define CKA_SUBJECT 0x0101 #define CKA_ID 0x0102 #define CKA_SENSITIVE 0x0103 #define CKA_ENCRYPT 0x0104 #define CKA_DECRYPT 0x0105 #define CKA_WRAP 0x0106 #define CKA_UNWRAP 0x0107 #define CKA_SIGN 0x0108 #define CKA_SIGN_RECOVER 0x0109 #define CKA_VERIFY 0x010a #define CKA_VERIFY_RECOVER 0x010b #define CKA_DERIVE 0x010c #define CKA_START_DATE 0x0110 #define CKA_END_DATE 0x0111 #define CKA_MODULUS 0x0120 #define CKA_MODULUS_BITS 0x0121 #define CKA_PUBLIC_EXPONENT 0x0122 #define CKA_PRIVATE_EXPONENT 0x0123 #define CKA_PRIME_1 0x0124 #define CKA_PRIME_2 0x0125 #define CKA_EXPONENT_1 0x0126 #define CKA_EXPONENT_2 0x0127 #define CKA_COEFFICIENT 0x0128 #define CKA_PUBLIC_KEY_INFO 0x0129 #define CKA_PRIME 0x0130 #define CKA_SUBPRIME 0x0131 #define CKA_BASE 0x0132 #define CKA_PRIME_BITS 0x0133 #define CKA_SUBPRIME_BITS 0x0134 #define CKA_VALUE_BITS 0x0160 #define CKA_VALUE_LEN 0x0161 #define CKA_EXTRACTABLE 0x0162 #define CKA_LOCAL 0x0163 #define CKA_NEVER_EXTRACTABLE 0x0164 #define CKA_ALWAYS_SENSITIVE 0x0165 #define CKA_KEY_GEN_MECHANISM 0x0166 #define CKA_MODIFIABLE 0x0170 #define CKA_COPYABLE 0x0171 #define CKA_DESTROYABLE 0x0172 #define CKA_EC_PARAMS 0x0180 #define CKA_EC_POINT 0x0181 #define CKA_ALWAYS_AUTHENTICATE 0x0202 #define CKA_WRAP_WITH_TRUSTED 0x0210 #define CKA_WRAP_TEMPLATE (0x0211 | CKF_ARRAY_ATTRIBUTE) #define CKA_UNWRAP_TEMPLATE (0x0212 | CKF_ARRAY_ATTRIBUTE) #define CKA_DERIVE_TEMPLATE (0x0213 | CKF_ARRAY_ATTRIBUTE) #define CKA_OTP_FORMAT 0x0220 #define CKA_OTP_LENGTH 0x0221 #define CKA_OTP_TIME_INTERVAL 0x0222 #define CKA_OTP_USER_FRIENDLY_MODE 0x0223 #define CKA_OTP_CHALLENGE_REQUIREMENT 0x0224 #define CKA_OTP_TIME_REQUIREMENT 0x0225 #define CKA_OTP_COUNTER_REQUIREMENT 0x0226 #define CKA_OTP_PIN_REQUIREMENT 0x0227 #define CKA_OTP_COUNTER 0x022e #define CKA_OTP_TIME 0x022f #define CKA_OTP_USER_IDENTIFIER 0x022a #define CKA_OTP_SERVICE_IDENTIFIER 0x022b #define CKA_OTP_SERVICE_LOGO 0x022c #define CKA_OTP_SERVICE_LOGO_TYPE 0x022d #define CKA_GOSTR3410_PARAMS 0x0250 #define CKA_GOSTR3411_PARAMS 0x0251 #define CKA_GOST28147_PARAMS 0x0252 #define CKA_HW_FEATURE_TYPE 0x0300 #define CKA_RESET_ON_INIT 0x0301 #define CKA_HAS_RESET 0x0302 #define CKA_PIXEL_X 0x0400 #define CKA_PIXEL_Y 0x0401 #define CKA_RESOLUTION 0x0402 #define CKA_CHAR_ROWS 0x0403 #define CKA_CHAR_COLUMNS 0x0404 #define CKA_COLOR 0x0405 #define CKA_BITS_PER_PIXEL 0x0406 #define CKA_CHAR_SETS 0x0480 #define CKA_ENCODING_METHODS 0x0481 #define CKA_MIME_TYPES 0x0482 #define CKA_MECHANISM_TYPE 0x0500 #define CKA_REQUIRED_CMS_ATTRIBUTES 0x0501 #define CKA_DEFAULT_CMS_ATTRIBUTES 0x0502 #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x0503 #define CKA_ALLOWED_MECHANISMS (0x0600 | CKF_ARRAY_ATTRIBUTE) /* Attribute CKA_CLASS refers to a CK_OBJECT_CLASS typed value */ typedef CK_ULONG CK_OBJECT_CLASS; typedef CK_OBJECT_CLASS *CK_OBJECT_CLASS_PTR; /* Values for type CK_OBJECT_CLASS */ #define CKO_VENDOR_DEFINED (1U << 31) #define CKO_DATA 0x0 #define CKO_CERTIFICATE 0x1 #define CKO_PUBLIC_KEY 0x2 #define CKO_PRIVATE_KEY 0x3 #define CKO_SECRET_KEY 0x4 #define CKO_HW_FEATURE 0x5 #define CKO_DOMAIN_PARAMETERS 0x6 #define CKO_MECHANISM 0x7 #define CKO_OTP_KEY 0x8 /* Attribute CKA_KEY_TYPE refers to a CK_KEY_TYPE typed value */ typedef CK_ULONG CK_KEY_TYPE; typedef CK_KEY_TYPE *CK_KEY_TYPE_PTR; /* * Values for type CK_KEY_TYPE * * This does not cover the full PKCS#11 IDs. */ #define CKK_VENDOR_DEFINED (1U << 31) #define CKK_RSA 0x000 #define CKK_DSA 0x001 #define CKK_DH 0x002 #define CKK_ECDSA 0x003 #define CKK_EC 0x003 #define CKK_GENERIC_SECRET 0x010 #define CKK_DES3 0x015 #define CKK_AES 0x01f #define CKK_HOTP 0x023 #define CKK_MD5_HMAC 0x027 #define CKK_SHA_1_HMAC 0x028 #define CKK_SHA256_HMAC 0x02b #define CKK_SHA384_HMAC 0x02c #define CKK_SHA512_HMAC 0x02d #define CKK_SHA224_HMAC 0x02e /* * Mechanisms * * Note: a mechanism can be referenced as object reference in some PKCS#11 API * functions. In such case, the object hold attribute CKA_MECHANISM_TYPE which * refers to a CK_MECHANISM_TYPE typed value that defines the target mechanism. */ typedef CK_ULONG CK_MECHANISM_TYPE; typedef CK_MECHANISM_TYPE *CK_MECHANISM_TYPE_PTR; /* * Values for type CK_MECHANISM_TYPE * * This does not cover the full PKCS#11 IDs. */ #define CKM_VENDOR_DEFINED (1U << 31) #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000 #define CKM_RSA_PKCS 0x00001 #define CKM_RSA_9796 0x00002 #define CKM_RSA_X_509 0x00003 #define CKM_RSA_PKCS_OAEP 0x00009 #define CKM_SHA256_RSA_PKCS 0x00040 #define CKM_SHA384_RSA_PKCS 0x00041 #define CKM_SHA512_RSA_PKCS 0x00042 #define CKM_SHA256_RSA_PKCS_PSS 0x00043 #define CKM_SHA384_RSA_PKCS_PSS 0x00044 #define CKM_SHA512_RSA_PKCS_PSS 0x00045 #define CKM_SHA224_RSA_PKCS 0x00046 #define CKM_SHA224_RSA_PKCS_PSS 0x00047 #define CKM_SHA512_224 0x00048 #define CKM_SHA512_224_HMAC 0x00049 #define CKM_SHA512_224_HMAC_GENERAL 0x0004a #define CKM_SHA512_224_KEY_DERIVATION 0x0004b #define CKM_SHA512_256 0x0004c #define CKM_SHA512_256_HMAC 0x0004d #define CKM_SHA512_256_HMAC_GENERAL 0x0004e #define CKM_SHA512_256_KEY_DERIVATION 0x0004f #define CKM_DES3_ECB 0x00132 #define CKM_DES3_CBC 0x00133 #define CKM_DES3_MAC 0x00134 #define CKM_DES3_MAC_GENERAL 0x00135 #define CKM_DES3_CBC_PAD 0x00136 #define CKM_DES3_CMAC_GENERAL 0x00137 #define CKM_DES3_CMAC 0x00138 #define CKM_MD5 0x00210 #define CKM_MD5_HMAC 0x00211 #define CKM_MD5_HMAC_GENERAL 0x00212 #define CKM_SHA_1 0x00220 #define CKM_SHA_1_HMAC 0x00221 #define CKM_SHA_1_HMAC_GENERAL 0x00222 #define CKM_SHA256 0x00250 #define CKM_SHA256_HMAC 0x00251 #define CKM_SHA256_HMAC_GENERAL 0x00252 #define CKM_SHA224 0x00255 #define CKM_SHA224_HMAC 0x00256 #define CKM_SHA224_HMAC_GENERAL 0x00257 #define CKM_SHA384 0x00260 #define CKM_SHA384_HMAC 0x00261 #define CKM_SHA384_HMAC_GENERAL 0x00262 #define CKM_SHA512 0x00270 #define CKM_SHA512_HMAC 0x00271 #define CKM_SHA512_HMAC_GENERAL 0x00272 #define CKM_HOTP_KEY_GEN 0x00290 #define CKM_HOTP 0x00291 #define CKM_GENERIC_SECRET_KEY_GEN 0x00350 #define CKM_MD5_KEY_DERIVATION 0x00390 #define CKM_MD2_KEY_DERIVATION 0x00391 #define CKM_SHA1_KEY_DERIVATION 0x00392 #define CKM_SHA256_KEY_DERIVATION 0x00393 #define CKM_SHA384_KEY_DERIVATION 0x00394 #define CKM_SHA512_KEY_DERIVATION 0x00395 #define CKM_SHA224_KEY_DERIVATION 0x00396 #define CKM_EC_KEY_PAIR_GEN 0x01040 #define CKM_ECDSA 0x01041 #define CKM_ECDSA_SHA1 0x01042 #define CKM_ECDSA_SHA224 0x01043 #define CKM_ECDSA_SHA256 0x01044 #define CKM_ECDSA_SHA384 0x01045 #define CKM_ECDSA_SHA512 0x01046 #define CKM_ECDH1_DERIVE 0x01050 #define CKM_ECDH1_COFACTOR_DERIVE 0x01051 #define CKM_ECMQV_DERIVE 0x01052 #define CKM_ECDH_AES_KEY_WRAP 0x01053 #define CKM_RSA_AES_KEY_WRAP 0x01054 #define CKM_AES_KEY_GEN 0x01080 #define CKM_AES_ECB 0x01081 #define CKM_AES_CBC 0x01082 #define CKM_AES_MAC 0x01083 #define CKM_AES_MAC_GENERAL 0x01084 #define CKM_AES_CBC_PAD 0x01085 #define CKM_AES_CTR 0x01086 #define CKM_AES_GCM 0x01087 #define CKM_AES_CCM 0x01088 #define CKM_AES_CTS 0x01089 #define CKM_AES_CMAC 0x0108a #define CKM_AES_CMAC_GENERAL 0x0108b #define CKM_AES_XCBC_MAC 0x0108c #define CKM_AES_XCBC_MAC_96 0x0108d #define CKM_AES_GMAC 0x0108e #define CKM_DES3_ECB_ENCRYPT_DATA 0x01102 #define CKM_DES3_CBC_ENCRYPT_DATA 0x01103 #define CKM_AES_ECB_ENCRYPT_DATA 0x01104 #define CKM_AES_CBC_ENCRYPT_DATA 0x01105 #define CKM_AES_KEY_WRAP 0x02109 #define CKM_AES_KEY_WRAP_PAD 0x0210a typedef struct CK_MECHANISM_INFO CK_MECHANISM_INFO; typedef struct CK_MECHANISM_INFO *CK_MECHANISM_INFO_PTR; struct CK_MECHANISM_INFO { CK_ULONG ulMinKeySize; CK_ULONG ulMaxKeySize; CK_FLAGS flags; }; /* Flags for field flags of struct ck_mechanism_info */ #define CKF_HW (1U << 0) #define CKF_ENCRYPT (1U << 8) #define CKF_DECRYPT (1U << 9) #define CKF_DIGEST (1U << 10) #define CKF_SIGN (1U << 11) #define CKF_SIGN_RECOVER (1U << 12) #define CKF_VERIFY (1U << 13) #define CKF_VERIFY_RECOVER (1U << 14) #define CKF_GENERATE (1U << 15) #define CKF_GENERATE_KEY_PAIR (1U << 16) #define CKF_WRAP (1U << 17) #define CKF_UNWRAP (1U << 18) #define CKF_DERIVE (1U << 19) #define CKF_EC_F_P (1U << 20) #define CKF_EC_F_2M (1U << 21) #define CKF_EC_ECPARAMETERS (1U << 22) #define CKF_EC_NAMEDCURVE (1U << 23) #define CKF_EC_UNCOMPRESS (1U << 24) #define CKF_EC_COMPRESS (1U << 25) #define CKF_EXTENSION (1U << 31) /* * Mechanism parameter structures * * This does not cover the whole mechanism parameter structures defined by * the PKCS#11. To be updated when needed. */ typedef struct CK_MECHANISM CK_MECHANISM; typedef struct CK_MECHANISM *CK_MECHANISM_PTR; struct CK_MECHANISM { CK_MECHANISM_TYPE mechanism; CK_VOID_PTR pParameter; CK_ULONG ulParameterLen; }; /* MAC General parameters */ typedef CK_ULONG CK_MAC_GENERAL_PARAMS; typedef CK_MAC_GENERAL_PARAMS *CK_MAC_GENERAL_PARAMS_PTR; /* AES CBC encryption parameters */ typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_AES_CBC_ENCRYPT_DATA_PARAMS; typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { CK_BYTE iv[16]; CK_BYTE_PTR pData; CK_ULONG length; }; /* AES CTR parameters */ typedef struct CK_AES_CTR_PARAMS CK_AES_CTR_PARAMS; typedef struct CK_AES_CTR_PARAMS *CK_AES_CTR_PARAMS_PTR; struct CK_AES_CTR_PARAMS { CK_ULONG ulCounterBits; CK_BYTE cb[16]; }; /* AES GCM parameters */ typedef struct CK_GCM_PARAMS CK_GCM_PARAMS; typedef struct CK_GCM_PARAMS *CK_GCM_PARAMS_PTR; struct CK_GCM_PARAMS { CK_BYTE_PTR pIv; CK_ULONG ulIvLen; CK_ULONG ulIvBits; CK_BYTE_PTR pAAD; CK_ULONG ulAADLen; CK_ULONG ulTagBits; }; /* AES CCM parameters */ typedef struct CK_CCM_PARAMS CK_CCM_PARAMS; typedef struct CK_CCM_PARAMS *CK_CCM_PARAMS_PTR; struct CK_CCM_PARAMS { CK_ULONG ulDataLen; CK_BYTE_PTR pNonce; CK_ULONG ulNonceLen; CK_BYTE_PTR pAAD; CK_ULONG ulAADLen; CK_ULONG ulMACLen; }; typedef struct CK_KEY_DERIVATION_STRING_DATA CK_KEY_DERIVATION_STRING_DATA; typedef struct CK_KEY_DERIVATION_STRING_DATA *CK_KEY_DERIVATION_STRING_DATA_PTR; struct CK_KEY_DERIVATION_STRING_DATA { CK_BYTE_PTR pData; CK_ULONG ulLen; }; /* * PKCS#11 return values */ typedef CK_ULONG CK_RV; /* Values for type CK_RV */ #define CKR_VENDOR_DEFINED (1U << 31) #define CKR_OK 0x0000 #define CKR_CANCEL 0x0001 #define CKR_HOST_MEMORY 0x0002 #define CKR_SLOT_ID_INVALID 0x0003 #define CKR_GENERAL_ERROR 0x0005 #define CKR_FUNCTION_FAILED 0x0006 #define CKR_ARGUMENTS_BAD 0x0007 #define CKR_NO_EVENT 0x0008 #define CKR_NEED_TO_CREATE_THREADS 0x0009 #define CKR_CANT_LOCK 0x000a #define CKR_ATTRIBUTE_READ_ONLY 0x0010 #define CKR_ATTRIBUTE_SENSITIVE 0x0011 #define CKR_ATTRIBUTE_TYPE_INVALID 0x0012 #define CKR_ATTRIBUTE_VALUE_INVALID 0x0013 #define CKR_ACTION_PROHIBITED 0x001b #define CKR_DATA_INVALID 0x0020 #define CKR_DATA_LEN_RANGE 0x0021 #define CKR_DEVICE_ERROR 0x0030 #define CKR_DEVICE_MEMORY 0x0031 #define CKR_DEVICE_REMOVED 0x0032 #define CKR_ENCRYPTED_DATA_INVALID 0x0040 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x0041 #define CKR_FUNCTION_CANCELED 0x0050 #define CKR_FUNCTION_NOT_PARALLEL 0x0051 #define CKR_FUNCTION_NOT_SUPPORTED 0x0054 #define CKR_KEY_HANDLE_INVALID 0x0060 #define CKR_KEY_SIZE_RANGE 0x0062 #define CKR_KEY_TYPE_INCONSISTENT 0x0063 #define CKR_KEY_NOT_NEEDED 0x0064 #define CKR_KEY_CHANGED 0x0065 #define CKR_KEY_NEEDED 0x0066 #define CKR_KEY_INDIGESTIBLE 0x0067 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x0068 #define CKR_KEY_NOT_WRAPPABLE 0x0069 #define CKR_KEY_UNEXTRACTABLE 0x006a #define CKR_MECHANISM_INVALID 0x0070 #define CKR_MECHANISM_PARAM_INVALID 0x0071 #define CKR_OBJECT_HANDLE_INVALID 0x0082 #define CKR_OPERATION_ACTIVE 0x0090 #define CKR_OPERATION_NOT_INITIALIZED 0x0091 #define CKR_PIN_INCORRECT 0x00a0 #define CKR_PIN_INVALID 0x00a1 #define CKR_PIN_LEN_RANGE 0x00a2 #define CKR_PIN_EXPIRED 0x00a3 #define CKR_PIN_LOCKED 0x00a4 #define CKR_SESSION_CLOSED 0x00b0 #define CKR_SESSION_COUNT 0x00b1 #define CKR_SESSION_HANDLE_INVALID 0x00b3 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x00b4 #define CKR_SESSION_READ_ONLY 0x00b5 #define CKR_SESSION_EXISTS 0x00b6 #define CKR_SESSION_READ_ONLY_EXISTS 0x00b7 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x00b8 #define CKR_SIGNATURE_INVALID 0x00c0 #define CKR_SIGNATURE_LEN_RANGE 0x00c1 #define CKR_TEMPLATE_INCOMPLETE 0x00d0 #define CKR_TEMPLATE_INCONSISTENT 0x00d1 #define CKR_TOKEN_NOT_PRESENT 0x00e0 #define CKR_TOKEN_NOT_RECOGNIZED 0x00e1 #define CKR_TOKEN_WRITE_PROTECTED 0x00e2 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x00f0 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x00f1 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x00f2 #define CKR_USER_ALREADY_LOGGED_IN 0x0100 #define CKR_USER_NOT_LOGGED_IN 0x0101 #define CKR_USER_PIN_NOT_INITIALIZED 0x0102 #define CKR_USER_TYPE_INVALID 0x0103 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x0104 #define CKR_USER_TOO_MANY_TYPES 0x0105 #define CKR_WRAPPED_KEY_INVALID 0x0110 #define CKR_WRAPPED_KEY_LEN_RANGE 0x0112 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x0113 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x0114 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x0115 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x0120 #define CKR_RANDOM_NO_RNG 0x0121 #define CKR_DOMAIN_PARAMS_INVALID 0x0130 #define CKR_CURVE_NOT_SUPPORTED 0x0140 #define CKR_BUFFER_TOO_SMALL 0x0150 #define CKR_SAVED_STATE_INVALID 0x0160 #define CKR_INFORMATION_SENSITIVE 0x0170 #define CKR_STATE_UNSAVEABLE 0x0180 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x0190 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x0191 #define CKR_MUTEX_BAD 0x01a0 #define CKR_MUTEX_NOT_LOCKED 0x01a1 #define CKR_NEW_PIN_MODE 0x01b0 #define CKR_NEXT_OTP 0x01b1 #define CKR_EXCEEDED_MAX_ITERATIONS 0x01b5 #define CKR_FIPS_SELF_TEST_FAILED 0x01b6 #define CKR_LIBRARY_LOAD_FAILED 0x01b7 #define CKR_PIN_TOO_WEAK 0x01b8 #define CKR_PUBLIC_KEY_INVALID 0x01b9 #define CKR_FUNCTION_REJECTED 0x0200 /* * PKCS#11 API functions */ /* Argument for C_GetInfo */ typedef struct CK_INFO CK_INFO; typedef struct CK_INFO *CK_INFO_PTR; struct CK_INFO { CK_VERSION cryptokiVersion; CK_UTF8CHAR manufacturerID[32]; CK_FLAGS flags; CK_UTF8CHAR libraryDescription[32]; CK_VERSION libraryVersion; }; /* Argument for C_GetSlotInfo */ typedef struct CK_SLOT_INFO CK_SLOT_INFO; typedef struct CK_SLOT_INFO *CK_SLOT_INFO_PTR; struct CK_SLOT_INFO { CK_UTF8CHAR slotDescription[64]; CK_UTF8CHAR manufacturerID[32]; CK_FLAGS flags; CK_VERSION hardwareVersion; CK_VERSION firmwareVersion; }; /* Values for field flags of struct ck_slot_info */ #define CKF_TOKEN_PRESENT (1U << 0) #define CKF_REMOVABLE_DEVICE (1U << 1) #define CKF_HW_SLOT (1U << 2) /* Argument for C_GetTokenInfo */ typedef struct CK_TOKEN_INFO CK_TOKEN_INFO; typedef struct CK_TOKEN_INFO *CK_TOKEN_INFO_PTR; struct CK_TOKEN_INFO { CK_UTF8CHAR label[32]; CK_UTF8CHAR manufacturerID[32]; CK_UTF8CHAR model[16]; CK_CHAR serialNumber[16]; CK_FLAGS flags; CK_ULONG ulMaxSessionCount; CK_ULONG ulSessionCount; CK_ULONG ulMaxRwSessionCount; CK_ULONG ulRwSessionCount; CK_ULONG ulMaxPinLen; CK_ULONG ulMinPinLen; CK_ULONG ulTotalPublicMemory; CK_ULONG ulFreePublicMemory; CK_ULONG ulTotalPrivateMemory; CK_ULONG ulFreePrivateMemory; CK_VERSION hardwareVersion; CK_VERSION firmwareVersion; CK_CHAR utcTime[16]; }; /* Values for field flags of struct ck_token_info */ #define CKF_RNG (1U << 0) #define CKF_WRITE_PROTECTED (1U << 1) #define CKF_LOGIN_REQUIRED (1U << 2) #define CKF_USER_PIN_INITIALIZED (1U << 3) #define CKF_RESTORE_KEY_NOT_NEEDED (1U << 5) #define CKF_CLOCK_ON_TOKEN (1U << 6) #define CKF_PROTECTED_AUTHENTICATION_PATH (1U << 8) #define CKF_DUAL_CRYPTO_OPERATIONS (1U << 9) #define CKF_TOKEN_INITIALIZED (1U << 10) #define CKF_SECONDARY_AUTHENTICATION (1U << 11) #define CKF_USER_PIN_COUNT_LOW (1U << 16) #define CKF_USER_PIN_FINAL_TRY (1U << 17) #define CKF_USER_PIN_LOCKED (1U << 18) #define CKF_USER_PIN_TO_BE_CHANGED (1U << 19) #define CKF_SO_PIN_COUNT_LOW (1U << 20) #define CKF_SO_PIN_FINAL_TRY (1U << 21) #define CKF_SO_PIN_LOCKED (1U << 22) #define CKF_SO_PIN_TO_BE_CHANGED (1U << 23) #define CKF_ERROR_STATE (1U << 24) /* Argument for C_GetSessionInfo */ typedef struct CK_SESSION_INFO CK_SESSION_INFO; typedef struct CK_SESSION_INFO *CK_SESSION_INFO_PTR; typedef CK_ULONG CK_STATE; /* Values for CK_STATE */ #define CKS_RO_PUBLIC_SESSION 0 #define CKS_RO_USER_FUNCTIONS 1 #define CKS_RW_PUBLIC_SESSION 2 #define CKS_RW_USER_FUNCTIONS 3 #define CKS_RW_SO_FUNCTIONS 4 struct CK_SESSION_INFO { CK_SLOT_ID slotID; CK_STATE state; CK_FLAGS flags; CK_ULONG ulDeviceError; }; /* Values for field flags of struct ck_session_info */ #define CKF_RW_SESSION (1U << 1) #define CKF_SERIAL_SESSION (1U << 2) /* Argument for C_Login */ typedef CK_ULONG CK_USER_TYPE; /* Values for CK_USER_TYPE */ #define CKU_SO 0 #define CKU_USER 1 #define CKU_CONTEXT_SPECIFIC 2 /* Values for argument flags of C_WaitForSlotEvent */ #define CKF_DONT_BLOCK 1 /* Argument for CK_NOTIFY typed callback function */ typedef CK_ULONG CK_NOTIFICATION; /* Values for CK_NOTIFICATION */ #define CKN_SURRENDER 0 #define CKN_OTP_CHANGED 1 /* Callback handler types */ typedef CK_RV (*CK_NOTIFY) (CK_SESSION_HANDLE hSession, CK_NOTIFICATION event, CK_VOID_PTR pApplication); typedef CK_RV (*CK_CREATEMUTEX) (CK_VOID_PTR_PTR ppMutex); typedef CK_RV (*CK_DESTROYMUTEX) (CK_VOID_PTR pMutex); typedef CK_RV (*CK_LOCKMUTEX) (CK_VOID_PTR pMutex); typedef CK_RV (*CK_UNLOCKMUTEX) (CK_VOID_PTR pMutex); /* Argument for C_GetFunctionList */ typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; typedef struct CK_FUNCTION_LIST *CK_FUNCTION_LIST_PTR; typedef struct CK_FUNCTION_LIST **CK_FUNCTION_LIST_PTR_PTR; struct CK_FUNCTION_LIST { CK_VERSION version; CK_RV (*C_Initialize)(CK_VOID_PTR pInitArgs); CK_RV (*C_Finalize)(CK_VOID_PTR pReserved); CK_RV (*C_GetInfo)(CK_INFO_PTR pInfo); CK_RV (*C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); CK_RV (*C_GetSlotList)(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount); CK_RV (*C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); CK_RV (*C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); CK_RV (*C_GetMechanismList)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount); CK_RV (*C_GetMechanismInfo)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR pInfo); CK_RV (*C_InitToken)(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); CK_RV (*C_InitPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); CK_RV (*C_SetPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen); CK_RV (*C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession); CK_RV (*C_CloseSession)(CK_SESSION_HANDLE hSession); CK_RV (*C_CloseAllSessions)(CK_SLOT_ID slotID); CK_RV (*C_GetSessionInfo)(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo); CK_RV (*C_GetOperationState)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen); CK_RV (*C_SetOperationState)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen, CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey); CK_RV (*C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); CK_RV (*C_Logout)(CK_SESSION_HANDLE hSession); CK_RV (*C_CreateObject)(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phObject); CK_RV (*C_CopyObject)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phNewObject); CK_RV (*C_DestroyObject)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject); CK_RV (*C_GetObjectSize)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize); CK_RV (*C_GetAttributeValue)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); CK_RV (*C_SetAttributeValue)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); CK_RV (*C_FindObjectsInit)(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); CK_RV (*C_FindObjects)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount); CK_RV (*C_FindObjectsFinal)(CK_SESSION_HANDLE hSession); CK_RV (*C_EncryptInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV (*C_Encrypt)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen); CK_RV (*C_EncryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen); CK_RV (*C_EncryptFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen); CK_RV (*C_DecryptInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV (*C_Decrypt)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); CK_RV (*C_DecryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); CK_RV (*C_DecryptFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen); CK_RV (*C_DigestInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism); CK_RV (*C_Digest)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); CK_RV (*C_DigestUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen); CK_RV (*C_DigestKey)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); CK_RV (*C_DigestFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); CK_RV (*C_SignInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV (*C_Sign)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); CK_RV (*C_SignUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen); CK_RV (*C_SignFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); CK_RV (*C_SignRecoverInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV (*C_SignRecover)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); CK_RV (*C_VerifyInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV (*C_Verify)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); CK_RV (*C_VerifyUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen); CK_RV (*C_VerifyFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); CK_RV (*C_VerifyRecoverInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV (*C_VerifyRecover)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); CK_RV (*C_DigestEncryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen); CK_RV (*C_DecryptDigestUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); CK_RV (*C_SignEncryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen); CK_RV (*C_DecryptVerifyUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); CK_RV (*C_GenerateKey)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey); CK_RV (*C_GenerateKeyPair)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey); CK_RV (*C_WrapKey)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen); CK_RV (*C_UnwrapKey)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey); CK_RV (*C_DeriveKey)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey); CK_RV (*C_SeedRandom)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen); CK_RV (*C_GenerateRandom)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen); CK_RV (*C_GetFunctionStatus)(CK_SESSION_HANDLE hSession); CK_RV (*C_CancelFunction)(CK_SESSION_HANDLE hSession); CK_RV (*C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR slotID, CK_VOID_PTR pReserved); }; /* Optional init_args structure for C_Initialize */ typedef struct CK_C_INITIALIZE_ARGS CK_C_INITIALIZE_ARGS; typedef struct CK_C_INITIALIZE_ARGS *CK_C_INITIALIZE_ARGS_PTR; struct CK_C_INITIALIZE_ARGS { CK_CREATEMUTEX CreateMutex; CK_DESTROYMUTEX DestroyMutex; CK_LOCKMUTEX LockMutex; CK_UNLOCKMUTEX UnlockMutex; CK_FLAGS flags; CK_VOID_PTR reserved; }; /* Flags for field flags of struct ck_c_initialize_args */ #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1U << 0) #define CKF_OS_LOCKING_OK (1U << 1) CK_RV C_Initialize(CK_VOID_PTR pInitArgs); CK_RV C_Finalize(CK_VOID_PTR pReserved); CK_RV C_GetInfo(CK_INFO_PTR pInfo); CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); CK_RV C_GetSlotList(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount); CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); CK_RV C_GetMechanismList(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount); CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR pInfo); CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen); CK_RV C_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession); CK_RV C_CloseSession(CK_SESSION_HANDLE hSession); CK_RV C_CloseAllSessions(CK_SLOT_ID slotID); CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo); CK_RV C_GetOperationState(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen); CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen, CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey); CK_RV C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); CK_RV C_Logout(CK_SESSION_HANDLE hSession); CK_RV C_CreateObject(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phObject); CK_RV C_CopyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phNewObject); CK_RV C_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject); CK_RV C_GetObjectSize(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize); CK_RV C_GetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); CK_RV C_SetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); CK_RV C_FindObjectsInit(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); CK_RV C_FindObjects(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount); CK_RV C_FindObjectsFinal(CK_SESSION_HANDLE hSession); CK_RV C_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV C_Encrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen); CK_RV C_EncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen); CK_RV C_EncryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen); CK_RV C_DecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); CK_RV C_DecryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); CK_RV C_DecryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen); CK_RV C_DigestInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism); CK_RV C_Digest(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); CK_RV C_DigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen); CK_RV C_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); CK_RV C_DigestFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); CK_RV C_SignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV C_Sign(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); CK_RV C_SignUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen); CK_RV C_SignFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); CK_RV C_SignRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV C_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); CK_RV C_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV C_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); CK_RV C_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen); CK_RV C_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); CK_RV C_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); CK_RV C_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); CK_RV C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen); CK_RV C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); CK_RV C_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen); CK_RV C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); CK_RV C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey); CK_RV C_GenerateKeyPair(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey); CK_RV C_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen); CK_RV C_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey); CK_RV C_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey); CK_RV C_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen); CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen); CK_RV C_GetFunctionStatus(CK_SESSION_HANDLE hSession); CK_RV C_CancelFunction(CK_SESSION_HANDLE hSession); CK_RV C_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR slotID, CK_VOID_PTR pReserved); #ifdef __cplusplus } #endif #endif /*PKCS11_H*/