1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2018-2020, Linaro Limited 4 */ 5 6 #ifndef PKCS11_H 7 #define PKCS11_H 8 9 #ifdef __cplusplus 10 extern "C" { 11 #endif 12 13 /* 14 * PKCS#11 Cryptoki API v2.40-errata01, See specification from: 15 * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/os/pkcs11-base-v2.40-errata01-os-complete.html 16 */ 17 #define CK_PKCS11_VERSION_MAJOR 2 18 #define CK_PKCS11_VERSION_MINOR 40 19 #define CK_PKCS11_VERSION_PATCH 1 20 21 typedef unsigned char CK_BYTE; 22 typedef unsigned long CK_ULONG; 23 typedef long CK_LONG; 24 25 typedef CK_BYTE CK_CHAR; 26 typedef CK_BYTE CK_UTF8CHAR; 27 28 typedef CK_BYTE *CK_BYTE_PTR; 29 30 typedef CK_ULONG *CK_ULONG_PTR; 31 32 typedef CK_CHAR *CK_CHAR_PTR; 33 typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; 34 35 typedef void *CK_VOID_PTR; 36 typedef CK_VOID_PTR *CK_VOID_PTR_PTR; 37 38 typedef CK_BYTE CK_BBOOL; 39 40 #define CK_TRUE 1 41 #define CK_FALSE 0 42 43 typedef CK_ULONG CK_FLAGS; 44 45 #define CK_UNAVAILABLE_INFORMATION (~0UL) 46 #define CK_EFFECTIVELY_INFINITE 0UL 47 48 typedef CK_ULONG CK_SESSION_HANDLE; 49 typedef CK_SESSION_HANDLE *CK_SESSION_HANDLE_PTR; 50 51 typedef CK_ULONG CK_OBJECT_HANDLE; 52 typedef CK_OBJECT_HANDLE *CK_OBJECT_HANDLE_PTR; 53 54 #define CK_INVALID_HANDLE 0 55 56 typedef CK_ULONG CK_SLOT_ID; 57 typedef CK_SLOT_ID *CK_SLOT_ID_PTR; 58 59 typedef struct CK_VERSION CK_VERSION; 60 typedef struct CK_VERSION *CK_VERSION_PTR; 61 62 struct CK_VERSION { 63 CK_BYTE major; 64 CK_BYTE minor; 65 }; 66 67 typedef struct CK_DATE CK_DATE; 68 typedef struct CK_DATE *CK_DATE_PTR; 69 70 struct CK_DATE { 71 CK_CHAR year[4]; 72 CK_CHAR month[2]; 73 CK_CHAR day[2]; 74 }; 75 76 /* 77 * PKCS#11 Objects attributes 78 */ 79 80 typedef CK_ULONG CK_ATTRIBUTE_TYPE; 81 82 typedef struct CK_ATTRIBUTE CK_ATTRIBUTE; 83 typedef struct CK_ATTRIBUTE *CK_ATTRIBUTE_PTR; 84 85 struct CK_ATTRIBUTE { 86 CK_ATTRIBUTE_TYPE type; 87 CK_VOID_PTR pValue; 88 CK_ULONG ulValueLen; 89 }; 90 91 /* 92 * Values for CK_ATTRIBUTE_TYPE 93 * 94 * This does not cover the full PKCS#11 IDs. 95 */ 96 #define CKF_ARRAY_ATTRIBUTE (1U << 30) 97 #define CKA_VENDOR_DEFINED (1U << 31) 98 #define CKA_CLASS 0x0000 99 #define CKA_TOKEN 0x0001 100 #define CKA_PRIVATE 0x0002 101 #define CKA_LABEL 0x0003 102 #define CKA_APPLICATION 0x0010 103 #define CKA_VALUE 0x0011 104 #define CKA_OBJECT_ID 0x0012 105 #define CKA_CERTIFICATE_TYPE 0x0080 106 #define CKA_ISSUER 0x0081 107 #define CKA_SERIAL_NUMBER 0x0082 108 #define CKA_AC_ISSUER 0x0083 109 #define CKA_OWNER 0x0084 110 #define CKA_ATTR_TYPES 0x0085 111 #define CKA_TRUSTED 0x0086 112 #define CKA_CERTIFICATE_CATEGORY 0x0087 113 #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x0088 114 #define CKA_URL 0x0089 115 #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x008a 116 #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x008b 117 #define CKA_NAME_HASH_ALGORITHM 0x008c 118 #define CKA_CHECK_VALUE 0x0090 119 #define CKA_KEY_TYPE 0x0100 120 #define CKA_SUBJECT 0x0101 121 #define CKA_ID 0x0102 122 #define CKA_SENSITIVE 0x0103 123 #define CKA_ENCRYPT 0x0104 124 #define CKA_DECRYPT 0x0105 125 #define CKA_WRAP 0x0106 126 #define CKA_UNWRAP 0x0107 127 #define CKA_SIGN 0x0108 128 #define CKA_SIGN_RECOVER 0x0109 129 #define CKA_VERIFY 0x010a 130 #define CKA_VERIFY_RECOVER 0x010b 131 #define CKA_DERIVE 0x010c 132 #define CKA_START_DATE 0x0110 133 #define CKA_END_DATE 0x0111 134 #define CKA_MODULUS 0x0120 135 #define CKA_MODULUS_BITS 0x0121 136 #define CKA_PUBLIC_EXPONENT 0x0122 137 #define CKA_PRIVATE_EXPONENT 0x0123 138 #define CKA_PRIME_1 0x0124 139 #define CKA_PRIME_2 0x0125 140 #define CKA_EXPONENT_1 0x0126 141 #define CKA_EXPONENT_2 0x0127 142 #define CKA_COEFFICIENT 0x0128 143 #define CKA_PUBLIC_KEY_INFO 0x0129 144 #define CKA_PRIME 0x0130 145 #define CKA_SUBPRIME 0x0131 146 #define CKA_BASE 0x0132 147 #define CKA_PRIME_BITS 0x0133 148 #define CKA_SUBPRIME_BITS 0x0134 149 #define CKA_VALUE_BITS 0x0160 150 #define CKA_VALUE_LEN 0x0161 151 #define CKA_EXTRACTABLE 0x0162 152 #define CKA_LOCAL 0x0163 153 #define CKA_NEVER_EXTRACTABLE 0x0164 154 #define CKA_ALWAYS_SENSITIVE 0x0165 155 #define CKA_KEY_GEN_MECHANISM 0x0166 156 #define CKA_MODIFIABLE 0x0170 157 #define CKA_COPYABLE 0x0171 158 #define CKA_DESTROYABLE 0x0172 159 #define CKA_EC_PARAMS 0x0180 160 #define CKA_EC_POINT 0x0181 161 #define CKA_ALWAYS_AUTHENTICATE 0x0202 162 #define CKA_WRAP_WITH_TRUSTED 0x0210 163 #define CKA_WRAP_TEMPLATE (0x0211 | CKF_ARRAY_ATTRIBUTE) 164 #define CKA_UNWRAP_TEMPLATE (0x0212 | CKF_ARRAY_ATTRIBUTE) 165 #define CKA_DERIVE_TEMPLATE (0x0213 | CKF_ARRAY_ATTRIBUTE) 166 #define CKA_OTP_FORMAT 0x0220 167 #define CKA_OTP_LENGTH 0x0221 168 #define CKA_OTP_TIME_INTERVAL 0x0222 169 #define CKA_OTP_USER_FRIENDLY_MODE 0x0223 170 #define CKA_OTP_CHALLENGE_REQUIREMENT 0x0224 171 #define CKA_OTP_TIME_REQUIREMENT 0x0225 172 #define CKA_OTP_COUNTER_REQUIREMENT 0x0226 173 #define CKA_OTP_PIN_REQUIREMENT 0x0227 174 #define CKA_OTP_COUNTER 0x022e 175 #define CKA_OTP_TIME 0x022f 176 #define CKA_OTP_USER_IDENTIFIER 0x022a 177 #define CKA_OTP_SERVICE_IDENTIFIER 0x022b 178 #define CKA_OTP_SERVICE_LOGO 0x022c 179 #define CKA_OTP_SERVICE_LOGO_TYPE 0x022d 180 #define CKA_GOSTR3410_PARAMS 0x0250 181 #define CKA_GOSTR3411_PARAMS 0x0251 182 #define CKA_GOST28147_PARAMS 0x0252 183 #define CKA_HW_FEATURE_TYPE 0x0300 184 #define CKA_RESET_ON_INIT 0x0301 185 #define CKA_HAS_RESET 0x0302 186 #define CKA_PIXEL_X 0x0400 187 #define CKA_PIXEL_Y 0x0401 188 #define CKA_RESOLUTION 0x0402 189 #define CKA_CHAR_ROWS 0x0403 190 #define CKA_CHAR_COLUMNS 0x0404 191 #define CKA_COLOR 0x0405 192 #define CKA_BITS_PER_PIXEL 0x0406 193 #define CKA_CHAR_SETS 0x0480 194 #define CKA_ENCODING_METHODS 0x0481 195 #define CKA_MIME_TYPES 0x0482 196 #define CKA_MECHANISM_TYPE 0x0500 197 #define CKA_REQUIRED_CMS_ATTRIBUTES 0x0501 198 #define CKA_DEFAULT_CMS_ATTRIBUTES 0x0502 199 #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x0503 200 #define CKA_ALLOWED_MECHANISMS (0x0600 | CKF_ARRAY_ATTRIBUTE) 201 202 /* Attribute CKA_CLASS refers to a CK_OBJECT_CLASS typed value */ 203 typedef CK_ULONG CK_OBJECT_CLASS; 204 typedef CK_OBJECT_CLASS *CK_OBJECT_CLASS_PTR; 205 206 /* Values for type CK_OBJECT_CLASS */ 207 #define CKO_VENDOR_DEFINED (1U << 31) 208 #define CKO_DATA 0x0 209 #define CKO_CERTIFICATE 0x1 210 #define CKO_PUBLIC_KEY 0x2 211 #define CKO_PRIVATE_KEY 0x3 212 #define CKO_SECRET_KEY 0x4 213 #define CKO_HW_FEATURE 0x5 214 #define CKO_DOMAIN_PARAMETERS 0x6 215 #define CKO_MECHANISM 0x7 216 #define CKO_OTP_KEY 0x8 217 218 /* Attribute CKA_KEY_TYPE refers to a CK_KEY_TYPE typed value */ 219 typedef CK_ULONG CK_KEY_TYPE; 220 typedef CK_KEY_TYPE *CK_KEY_TYPE_PTR; 221 222 /* 223 * Values for type CK_KEY_TYPE 224 * 225 * This does not cover the full PKCS#11 IDs. 226 */ 227 #define CKK_VENDOR_DEFINED (1U << 31) 228 #define CKK_RSA 0x000 229 #define CKK_DSA 0x001 230 #define CKK_DH 0x002 231 #define CKK_ECDSA 0x003 232 #define CKK_EC 0x003 233 #define CKK_GENERIC_SECRET 0x010 234 #define CKK_DES3 0x015 235 #define CKK_AES 0x01f 236 #define CKK_HOTP 0x023 237 #define CKK_MD5_HMAC 0x027 238 #define CKK_SHA_1_HMAC 0x028 239 #define CKK_SHA256_HMAC 0x02b 240 #define CKK_SHA384_HMAC 0x02c 241 #define CKK_SHA512_HMAC 0x02d 242 #define CKK_SHA224_HMAC 0x02e 243 #define CKK_EC_EDWARDS 0x040 /* PKCS#11 v3.1-cs01 */ 244 245 /* 246 * Certificates 247 */ 248 typedef CK_ULONG CK_CERTIFICATE_TYPE; 249 typedef CK_ULONG CK_CERTIFICATE_CATEGORY; 250 251 /* 252 * Valid values for attribute CKA_CERTIFICATE_TYPE 253 */ 254 #define CKC_X_509 0x00000000UL 255 #define CKC_X_509_ATTR_CERT 0x00000001UL 256 #define CKC_WTLS 0x00000002UL 257 258 /* 259 * Valid values for attribute CKA_CERTIFICATE_CATEGORY 260 */ 261 #define CK_CERTIFICATE_CATEGORY_UNSPECIFIED 0UL 262 #define CK_CERTIFICATE_CATEGORY_TOKEN_USER 1UL 263 #define CK_CERTIFICATE_CATEGORY_AUTHORITY 2UL 264 #define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY 3UL 265 266 /* 267 * Mechanisms 268 * 269 * Note: a mechanism can be referenced as object reference in some PKCS#11 API 270 * functions. In such case, the object hold attribute CKA_MECHANISM_TYPE which 271 * refers to a CK_MECHANISM_TYPE typed value that defines the target mechanism. 272 */ 273 274 typedef CK_ULONG CK_MECHANISM_TYPE; 275 typedef CK_MECHANISM_TYPE *CK_MECHANISM_TYPE_PTR; 276 277 /* 278 * Values for type CK_MECHANISM_TYPE 279 * 280 * This does not cover the full PKCS#11 IDs. 281 */ 282 #define CKM_VENDOR_DEFINED (1U << 31) 283 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000 284 #define CKM_RSA_PKCS 0x00001 285 #define CKM_RSA_9796 0x00002 286 #define CKM_RSA_X_509 0x00003 287 #define CKM_MD5_RSA_PKCS 0x00005 288 #define CKM_SHA1_RSA_PKCS 0x00006 289 #define CKM_RSA_PKCS_OAEP 0x00009 290 #define CKM_RSA_PKCS_PSS 0x0000d 291 #define CKM_SHA1_RSA_PKCS_PSS 0x0000e 292 #define CKM_SHA256_RSA_PKCS 0x00040 293 #define CKM_SHA384_RSA_PKCS 0x00041 294 #define CKM_SHA512_RSA_PKCS 0x00042 295 #define CKM_SHA256_RSA_PKCS_PSS 0x00043 296 #define CKM_SHA384_RSA_PKCS_PSS 0x00044 297 #define CKM_SHA512_RSA_PKCS_PSS 0x00045 298 #define CKM_SHA224_RSA_PKCS 0x00046 299 #define CKM_SHA224_RSA_PKCS_PSS 0x00047 300 #define CKM_SHA512_224 0x00048 301 #define CKM_SHA512_224_HMAC 0x00049 302 #define CKM_SHA512_224_HMAC_GENERAL 0x0004a 303 #define CKM_SHA512_224_KEY_DERIVATION 0x0004b 304 #define CKM_SHA512_256 0x0004c 305 #define CKM_SHA512_256_HMAC 0x0004d 306 #define CKM_SHA512_256_HMAC_GENERAL 0x0004e 307 #define CKM_SHA512_256_KEY_DERIVATION 0x0004f 308 #define CKM_DES3_ECB 0x00132 309 #define CKM_DES3_CBC 0x00133 310 #define CKM_DES3_MAC 0x00134 311 #define CKM_DES3_MAC_GENERAL 0x00135 312 #define CKM_DES3_CBC_PAD 0x00136 313 #define CKM_DES3_CMAC_GENERAL 0x00137 314 #define CKM_DES3_CMAC 0x00138 315 #define CKM_MD5 0x00210 316 #define CKM_MD5_HMAC 0x00211 317 #define CKM_MD5_HMAC_GENERAL 0x00212 318 #define CKM_SHA_1 0x00220 319 #define CKM_SHA_1_HMAC 0x00221 320 #define CKM_SHA_1_HMAC_GENERAL 0x00222 321 #define CKM_SHA256 0x00250 322 #define CKM_SHA256_HMAC 0x00251 323 #define CKM_SHA256_HMAC_GENERAL 0x00252 324 #define CKM_SHA224 0x00255 325 #define CKM_SHA224_HMAC 0x00256 326 #define CKM_SHA224_HMAC_GENERAL 0x00257 327 #define CKM_SHA384 0x00260 328 #define CKM_SHA384_HMAC 0x00261 329 #define CKM_SHA384_HMAC_GENERAL 0x00262 330 #define CKM_SHA512 0x00270 331 #define CKM_SHA512_HMAC 0x00271 332 #define CKM_SHA512_HMAC_GENERAL 0x00272 333 #define CKM_HOTP_KEY_GEN 0x00290 334 #define CKM_HOTP 0x00291 335 #define CKM_GENERIC_SECRET_KEY_GEN 0x00350 336 #define CKM_MD5_KEY_DERIVATION 0x00390 337 #define CKM_MD2_KEY_DERIVATION 0x00391 338 #define CKM_SHA1_KEY_DERIVATION 0x00392 339 #define CKM_SHA256_KEY_DERIVATION 0x00393 340 #define CKM_SHA384_KEY_DERIVATION 0x00394 341 #define CKM_SHA512_KEY_DERIVATION 0x00395 342 #define CKM_SHA224_KEY_DERIVATION 0x00396 343 #define CKM_EC_KEY_PAIR_GEN 0x01040 344 #define CKM_ECDSA 0x01041 345 #define CKM_ECDSA_SHA1 0x01042 346 #define CKM_ECDSA_SHA224 0x01043 347 #define CKM_ECDSA_SHA256 0x01044 348 #define CKM_ECDSA_SHA384 0x01045 349 #define CKM_ECDSA_SHA512 0x01046 350 #define CKM_ECDH1_DERIVE 0x01050 351 #define CKM_ECDH1_COFACTOR_DERIVE 0x01051 352 #define CKM_ECMQV_DERIVE 0x01052 353 #define CKM_ECDH_AES_KEY_WRAP 0x01053 354 #define CKM_RSA_AES_KEY_WRAP 0x01054 355 #define CKM_EC_EDWARDS_KEY_PAIR_GEN 0x01055 356 #define CKM_EDDSA 0x01057 357 #define CKM_AES_KEY_GEN 0x01080 358 #define CKM_AES_ECB 0x01081 359 #define CKM_AES_CBC 0x01082 360 #define CKM_AES_MAC 0x01083 361 #define CKM_AES_MAC_GENERAL 0x01084 362 #define CKM_AES_CBC_PAD 0x01085 363 #define CKM_AES_CTR 0x01086 364 #define CKM_AES_GCM 0x01087 365 #define CKM_AES_CCM 0x01088 366 #define CKM_AES_CTS 0x01089 367 #define CKM_AES_CMAC 0x0108a 368 #define CKM_AES_CMAC_GENERAL 0x0108b 369 #define CKM_AES_XCBC_MAC 0x0108c 370 #define CKM_AES_XCBC_MAC_96 0x0108d 371 #define CKM_AES_GMAC 0x0108e 372 #define CKM_DES3_ECB_ENCRYPT_DATA 0x01102 373 #define CKM_DES3_CBC_ENCRYPT_DATA 0x01103 374 #define CKM_AES_ECB_ENCRYPT_DATA 0x01104 375 #define CKM_AES_CBC_ENCRYPT_DATA 0x01105 376 #define CKM_AES_KEY_WRAP 0x02109 377 #define CKM_AES_KEY_WRAP_PAD 0x0210a 378 379 typedef struct CK_MECHANISM_INFO CK_MECHANISM_INFO; 380 typedef struct CK_MECHANISM_INFO *CK_MECHANISM_INFO_PTR; 381 382 struct CK_MECHANISM_INFO { 383 CK_ULONG ulMinKeySize; 384 CK_ULONG ulMaxKeySize; 385 CK_FLAGS flags; 386 }; 387 388 /* Flags for field flags of struct ck_mechanism_info */ 389 #define CKF_HW (1U << 0) 390 #define CKF_ENCRYPT (1U << 8) 391 #define CKF_DECRYPT (1U << 9) 392 #define CKF_DIGEST (1U << 10) 393 #define CKF_SIGN (1U << 11) 394 #define CKF_SIGN_RECOVER (1U << 12) 395 #define CKF_VERIFY (1U << 13) 396 #define CKF_VERIFY_RECOVER (1U << 14) 397 #define CKF_GENERATE (1U << 15) 398 #define CKF_GENERATE_KEY_PAIR (1U << 16) 399 #define CKF_WRAP (1U << 17) 400 #define CKF_UNWRAP (1U << 18) 401 #define CKF_DERIVE (1U << 19) 402 #define CKF_EC_F_P (1U << 20) 403 #define CKF_EC_F_2M (1U << 21) 404 #define CKF_EC_ECPARAMETERS (1U << 22) 405 #define CKF_EC_NAMEDCURVE (1U << 23) 406 #define CKF_EC_UNCOMPRESS (1U << 24) 407 #define CKF_EC_COMPRESS (1U << 25) 408 #define CKF_EXTENSION (1U << 31) 409 410 /* 411 * Mechanism parameter structures 412 * 413 * This does not cover the whole mechanism parameter structures defined by 414 * the PKCS#11. To be updated when needed. 415 */ 416 417 typedef struct CK_MECHANISM CK_MECHANISM; 418 typedef struct CK_MECHANISM *CK_MECHANISM_PTR; 419 420 struct CK_MECHANISM { 421 CK_MECHANISM_TYPE mechanism; 422 CK_VOID_PTR pParameter; 423 CK_ULONG ulParameterLen; 424 }; 425 426 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 427 428 /* Values for type CK_RSA_PKCS_MGF_TYPE */ 429 #define CKG_MGF1_SHA1 0x0001UL 430 #define CKG_MGF1_SHA224 0x0005UL 431 #define CKG_MGF1_SHA256 0x0002UL 432 #define CKG_MGF1_SHA384 0x0003UL 433 #define CKG_MGF1_SHA512 0x0004UL 434 435 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 436 437 /* Values for type CK_RSA_PKCS_OAEP_SOURCE_TYPE */ 438 #define CKZ_DATA_SPECIFIED 0x0001UL 439 440 /* MAC General parameters */ 441 typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 442 typedef CK_MAC_GENERAL_PARAMS *CK_MAC_GENERAL_PARAMS_PTR; 443 444 /* 445 * CK_EC_KDF_TYPE is used to indicate the Key Derivation Function (KDF) applied 446 * to derive keying data from a shared secret. 447 */ 448 typedef CK_ULONG CK_EC_KDF_TYPE; 449 450 /* 451 * Elliptic curve Diffie-Hellman key derivation 452 * Elliptic curve Diffie-Hellman cofactor key derivation parameters 453 */ 454 typedef struct CK_ECDH1_DERIVE_PARAMS CK_ECDH1_DERIVE_PARAMS; 455 typedef struct CK_ECDH1_DERIVE_PARAMS *CK_ECDH1_DERIVE_PARAMS_PTR; 456 457 struct CK_ECDH1_DERIVE_PARAMS { 458 CK_EC_KDF_TYPE kdf; 459 CK_ULONG ulSharedDataLen; 460 CK_BYTE_PTR pSharedData; 461 CK_ULONG ulPublicDataLen; 462 CK_BYTE_PTR pPublicData; 463 }; 464 465 /* AES CBC encryption parameters */ 466 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_AES_CBC_ENCRYPT_DATA_PARAMS; 467 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS 468 *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; 469 470 struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { 471 CK_BYTE iv[16]; 472 CK_BYTE_PTR pData; 473 CK_ULONG length; 474 }; 475 476 /* AES CTR parameters */ 477 typedef struct CK_AES_CTR_PARAMS CK_AES_CTR_PARAMS; 478 typedef struct CK_AES_CTR_PARAMS *CK_AES_CTR_PARAMS_PTR; 479 480 struct CK_AES_CTR_PARAMS { 481 CK_ULONG ulCounterBits; 482 CK_BYTE cb[16]; 483 }; 484 485 /* AES GCM parameters */ 486 typedef struct CK_GCM_PARAMS CK_GCM_PARAMS; 487 typedef struct CK_GCM_PARAMS *CK_GCM_PARAMS_PTR; 488 489 struct CK_GCM_PARAMS { 490 CK_BYTE_PTR pIv; 491 CK_ULONG ulIvLen; 492 CK_ULONG ulIvBits; 493 CK_BYTE_PTR pAAD; 494 CK_ULONG ulAADLen; 495 CK_ULONG ulTagBits; 496 }; 497 498 /* EdDSA (RFC 8032) */ 499 typedef struct CK_EDDSA_PARAMS { 500 CK_BYTE phFlag; 501 CK_ULONG ulContextDataLen; 502 CK_BYTE_PTR pContextData; 503 } CK_EDDSA_PARAMS; 504 505 typedef CK_EDDSA_PARAMS *CK_EDDSA_PARAMS_PTR; 506 507 /* AES CCM parameters */ 508 typedef struct CK_CCM_PARAMS CK_CCM_PARAMS; 509 typedef struct CK_CCM_PARAMS *CK_CCM_PARAMS_PTR; 510 511 struct CK_CCM_PARAMS { 512 CK_ULONG ulDataLen; 513 CK_BYTE_PTR pNonce; 514 CK_ULONG ulNonceLen; 515 CK_BYTE_PTR pAAD; 516 CK_ULONG ulAADLen; 517 CK_ULONG ulMACLen; 518 }; 519 520 typedef struct CK_KEY_DERIVATION_STRING_DATA CK_KEY_DERIVATION_STRING_DATA; 521 typedef struct CK_KEY_DERIVATION_STRING_DATA 522 *CK_KEY_DERIVATION_STRING_DATA_PTR; 523 524 struct CK_KEY_DERIVATION_STRING_DATA { 525 CK_BYTE_PTR pData; 526 CK_ULONG ulLen; 527 }; 528 529 /* Parameters for CKM_RSA_PKCS_PSS */ 530 typedef struct CK_RSA_PKCS_PSS_PARAMS CK_RSA_PKCS_PSS_PARAMS; 531 typedef struct CK_RSA_PKCS_PSS_PARAMS *CK_RSA_PKCS_PSS_PARAMS_PTR; 532 533 struct CK_RSA_PKCS_PSS_PARAMS { 534 CK_MECHANISM_TYPE hashAlg; 535 CK_RSA_PKCS_MGF_TYPE mgf; 536 CK_ULONG sLen; 537 }; 538 539 /* Parameters for CKM_RSA_PKCS_OAEP */ 540 typedef struct CK_RSA_PKCS_OAEP_PARAMS CK_RSA_PKCS_OAEP_PARAMS; 541 typedef struct CK_RSA_PKCS_OAEP_PARAMS *CK_RSA_PKCS_OAEP_PARAMS_PTR; 542 543 struct CK_RSA_PKCS_OAEP_PARAMS { 544 CK_MECHANISM_TYPE hashAlg; 545 CK_RSA_PKCS_MGF_TYPE mgf; 546 CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 547 CK_VOID_PTR pSourceData; 548 CK_ULONG ulSourceDataLen; 549 }; 550 551 typedef struct CK_RSA_AES_KEY_WRAP_PARAMS { 552 CK_ULONG ulAESKeyBits; 553 CK_RSA_PKCS_OAEP_PARAMS_PTR pOAEPParams; 554 } CK_RSA_AES_KEY_WRAP_PARAMS; 555 556 typedef CK_RSA_AES_KEY_WRAP_PARAMS *CK_RSA_AES_KEY_WRAP_PARAMS_PTR; 557 558 /* 559 * PKCS#11 return values 560 */ 561 typedef CK_ULONG CK_RV; 562 563 /* Values for type CK_RV */ 564 #define CKR_VENDOR_DEFINED (1U << 31) 565 #define CKR_OK 0x0000 566 #define CKR_CANCEL 0x0001 567 #define CKR_HOST_MEMORY 0x0002 568 #define CKR_SLOT_ID_INVALID 0x0003 569 #define CKR_GENERAL_ERROR 0x0005 570 #define CKR_FUNCTION_FAILED 0x0006 571 #define CKR_ARGUMENTS_BAD 0x0007 572 #define CKR_NO_EVENT 0x0008 573 #define CKR_NEED_TO_CREATE_THREADS 0x0009 574 #define CKR_CANT_LOCK 0x000a 575 #define CKR_ATTRIBUTE_READ_ONLY 0x0010 576 #define CKR_ATTRIBUTE_SENSITIVE 0x0011 577 #define CKR_ATTRIBUTE_TYPE_INVALID 0x0012 578 #define CKR_ATTRIBUTE_VALUE_INVALID 0x0013 579 #define CKR_ACTION_PROHIBITED 0x001b 580 #define CKR_DATA_INVALID 0x0020 581 #define CKR_DATA_LEN_RANGE 0x0021 582 #define CKR_DEVICE_ERROR 0x0030 583 #define CKR_DEVICE_MEMORY 0x0031 584 #define CKR_DEVICE_REMOVED 0x0032 585 #define CKR_ENCRYPTED_DATA_INVALID 0x0040 586 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x0041 587 #define CKR_FUNCTION_CANCELED 0x0050 588 #define CKR_FUNCTION_NOT_PARALLEL 0x0051 589 #define CKR_FUNCTION_NOT_SUPPORTED 0x0054 590 #define CKR_KEY_HANDLE_INVALID 0x0060 591 #define CKR_KEY_SIZE_RANGE 0x0062 592 #define CKR_KEY_TYPE_INCONSISTENT 0x0063 593 #define CKR_KEY_NOT_NEEDED 0x0064 594 #define CKR_KEY_CHANGED 0x0065 595 #define CKR_KEY_NEEDED 0x0066 596 #define CKR_KEY_INDIGESTIBLE 0x0067 597 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x0068 598 #define CKR_KEY_NOT_WRAPPABLE 0x0069 599 #define CKR_KEY_UNEXTRACTABLE 0x006a 600 #define CKR_MECHANISM_INVALID 0x0070 601 #define CKR_MECHANISM_PARAM_INVALID 0x0071 602 #define CKR_OBJECT_HANDLE_INVALID 0x0082 603 #define CKR_OPERATION_ACTIVE 0x0090 604 #define CKR_OPERATION_NOT_INITIALIZED 0x0091 605 #define CKR_PIN_INCORRECT 0x00a0 606 #define CKR_PIN_INVALID 0x00a1 607 #define CKR_PIN_LEN_RANGE 0x00a2 608 #define CKR_PIN_EXPIRED 0x00a3 609 #define CKR_PIN_LOCKED 0x00a4 610 #define CKR_SESSION_CLOSED 0x00b0 611 #define CKR_SESSION_COUNT 0x00b1 612 #define CKR_SESSION_HANDLE_INVALID 0x00b3 613 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x00b4 614 #define CKR_SESSION_READ_ONLY 0x00b5 615 #define CKR_SESSION_EXISTS 0x00b6 616 #define CKR_SESSION_READ_ONLY_EXISTS 0x00b7 617 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x00b8 618 #define CKR_SIGNATURE_INVALID 0x00c0 619 #define CKR_SIGNATURE_LEN_RANGE 0x00c1 620 #define CKR_TEMPLATE_INCOMPLETE 0x00d0 621 #define CKR_TEMPLATE_INCONSISTENT 0x00d1 622 #define CKR_TOKEN_NOT_PRESENT 0x00e0 623 #define CKR_TOKEN_NOT_RECOGNIZED 0x00e1 624 #define CKR_TOKEN_WRITE_PROTECTED 0x00e2 625 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x00f0 626 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x00f1 627 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x00f2 628 #define CKR_USER_ALREADY_LOGGED_IN 0x0100 629 #define CKR_USER_NOT_LOGGED_IN 0x0101 630 #define CKR_USER_PIN_NOT_INITIALIZED 0x0102 631 #define CKR_USER_TYPE_INVALID 0x0103 632 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x0104 633 #define CKR_USER_TOO_MANY_TYPES 0x0105 634 #define CKR_WRAPPED_KEY_INVALID 0x0110 635 #define CKR_WRAPPED_KEY_LEN_RANGE 0x0112 636 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x0113 637 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x0114 638 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x0115 639 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x0120 640 #define CKR_RANDOM_NO_RNG 0x0121 641 #define CKR_DOMAIN_PARAMS_INVALID 0x0130 642 #define CKR_CURVE_NOT_SUPPORTED 0x0140 643 #define CKR_BUFFER_TOO_SMALL 0x0150 644 #define CKR_SAVED_STATE_INVALID 0x0160 645 #define CKR_INFORMATION_SENSITIVE 0x0170 646 #define CKR_STATE_UNSAVEABLE 0x0180 647 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x0190 648 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x0191 649 #define CKR_MUTEX_BAD 0x01a0 650 #define CKR_MUTEX_NOT_LOCKED 0x01a1 651 #define CKR_NEW_PIN_MODE 0x01b0 652 #define CKR_NEXT_OTP 0x01b1 653 #define CKR_EXCEEDED_MAX_ITERATIONS 0x01b5 654 #define CKR_FIPS_SELF_TEST_FAILED 0x01b6 655 #define CKR_LIBRARY_LOAD_FAILED 0x01b7 656 #define CKR_PIN_TOO_WEAK 0x01b8 657 #define CKR_PUBLIC_KEY_INVALID 0x01b9 658 #define CKR_FUNCTION_REJECTED 0x0200 659 660 /* 661 * PKCS#11 API functions 662 */ 663 664 /* Argument for C_GetInfo */ 665 typedef struct CK_INFO CK_INFO; 666 typedef struct CK_INFO *CK_INFO_PTR; 667 668 struct CK_INFO { 669 CK_VERSION cryptokiVersion; 670 CK_UTF8CHAR manufacturerID[32]; 671 CK_FLAGS flags; 672 CK_UTF8CHAR libraryDescription[32]; 673 CK_VERSION libraryVersion; 674 }; 675 676 /* Argument for C_GetSlotInfo */ 677 typedef struct CK_SLOT_INFO CK_SLOT_INFO; 678 typedef struct CK_SLOT_INFO *CK_SLOT_INFO_PTR; 679 680 struct CK_SLOT_INFO { 681 CK_UTF8CHAR slotDescription[64]; 682 CK_UTF8CHAR manufacturerID[32]; 683 CK_FLAGS flags; 684 CK_VERSION hardwareVersion; 685 CK_VERSION firmwareVersion; 686 }; 687 688 /* Values for field flags of struct ck_slot_info */ 689 #define CKF_TOKEN_PRESENT (1U << 0) 690 #define CKF_REMOVABLE_DEVICE (1U << 1) 691 #define CKF_HW_SLOT (1U << 2) 692 693 /* Argument for C_GetTokenInfo */ 694 typedef struct CK_TOKEN_INFO CK_TOKEN_INFO; 695 typedef struct CK_TOKEN_INFO *CK_TOKEN_INFO_PTR; 696 697 struct CK_TOKEN_INFO { 698 CK_UTF8CHAR label[32]; 699 CK_UTF8CHAR manufacturerID[32]; 700 CK_UTF8CHAR model[16]; 701 CK_CHAR serialNumber[16]; 702 CK_FLAGS flags; 703 CK_ULONG ulMaxSessionCount; 704 CK_ULONG ulSessionCount; 705 CK_ULONG ulMaxRwSessionCount; 706 CK_ULONG ulRwSessionCount; 707 CK_ULONG ulMaxPinLen; 708 CK_ULONG ulMinPinLen; 709 CK_ULONG ulTotalPublicMemory; 710 CK_ULONG ulFreePublicMemory; 711 CK_ULONG ulTotalPrivateMemory; 712 CK_ULONG ulFreePrivateMemory; 713 CK_VERSION hardwareVersion; 714 CK_VERSION firmwareVersion; 715 CK_CHAR utcTime[16]; 716 }; 717 718 /* Values for field flags of struct ck_token_info */ 719 #define CKF_RNG (1U << 0) 720 #define CKF_WRITE_PROTECTED (1U << 1) 721 #define CKF_LOGIN_REQUIRED (1U << 2) 722 #define CKF_USER_PIN_INITIALIZED (1U << 3) 723 #define CKF_RESTORE_KEY_NOT_NEEDED (1U << 5) 724 #define CKF_CLOCK_ON_TOKEN (1U << 6) 725 #define CKF_PROTECTED_AUTHENTICATION_PATH (1U << 8) 726 #define CKF_DUAL_CRYPTO_OPERATIONS (1U << 9) 727 #define CKF_TOKEN_INITIALIZED (1U << 10) 728 #define CKF_SECONDARY_AUTHENTICATION (1U << 11) 729 #define CKF_USER_PIN_COUNT_LOW (1U << 16) 730 #define CKF_USER_PIN_FINAL_TRY (1U << 17) 731 #define CKF_USER_PIN_LOCKED (1U << 18) 732 #define CKF_USER_PIN_TO_BE_CHANGED (1U << 19) 733 #define CKF_SO_PIN_COUNT_LOW (1U << 20) 734 #define CKF_SO_PIN_FINAL_TRY (1U << 21) 735 #define CKF_SO_PIN_LOCKED (1U << 22) 736 #define CKF_SO_PIN_TO_BE_CHANGED (1U << 23) 737 #define CKF_ERROR_STATE (1U << 24) 738 739 /* Argument for C_GetSessionInfo */ 740 typedef struct CK_SESSION_INFO CK_SESSION_INFO; 741 typedef struct CK_SESSION_INFO *CK_SESSION_INFO_PTR; 742 743 typedef CK_ULONG CK_STATE; 744 745 /* Values for CK_STATE */ 746 #define CKS_RO_PUBLIC_SESSION 0 747 #define CKS_RO_USER_FUNCTIONS 1 748 #define CKS_RW_PUBLIC_SESSION 2 749 #define CKS_RW_USER_FUNCTIONS 3 750 #define CKS_RW_SO_FUNCTIONS 4 751 752 struct CK_SESSION_INFO { 753 CK_SLOT_ID slotID; 754 CK_STATE state; 755 CK_FLAGS flags; 756 CK_ULONG ulDeviceError; 757 }; 758 759 /* Values for field flags of struct ck_session_info */ 760 #define CKF_RW_SESSION (1U << 1) 761 #define CKF_SERIAL_SESSION (1U << 2) 762 763 /* Argument for C_Login */ 764 typedef CK_ULONG CK_USER_TYPE; 765 766 /* Values for CK_USER_TYPE */ 767 #define CKU_SO 0 768 #define CKU_USER 1 769 #define CKU_CONTEXT_SPECIFIC 2 770 771 /* Values for argument flags of C_WaitForSlotEvent */ 772 #define CKF_DONT_BLOCK 1 773 774 /* Argument for CK_NOTIFY typed callback function */ 775 typedef CK_ULONG CK_NOTIFICATION; 776 777 /* Values for CK_NOTIFICATION */ 778 #define CKN_SURRENDER 0 779 #define CKN_OTP_CHANGED 1 780 781 /* Callback handler types */ 782 typedef CK_RV (*CK_NOTIFY) (CK_SESSION_HANDLE hSession, CK_NOTIFICATION event, 783 CK_VOID_PTR pApplication); 784 typedef CK_RV (*CK_CREATEMUTEX) (CK_VOID_PTR_PTR ppMutex); 785 typedef CK_RV (*CK_DESTROYMUTEX) (CK_VOID_PTR pMutex); 786 typedef CK_RV (*CK_LOCKMUTEX) (CK_VOID_PTR pMutex); 787 typedef CK_RV (*CK_UNLOCKMUTEX) (CK_VOID_PTR pMutex); 788 789 /* Argument for C_GetFunctionList */ 790 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 791 typedef struct CK_FUNCTION_LIST *CK_FUNCTION_LIST_PTR; 792 typedef struct CK_FUNCTION_LIST **CK_FUNCTION_LIST_PTR_PTR; 793 794 struct CK_FUNCTION_LIST { 795 CK_VERSION version; 796 CK_RV (*C_Initialize)(CK_VOID_PTR pInitArgs); 797 CK_RV (*C_Finalize)(CK_VOID_PTR pReserved); 798 CK_RV (*C_GetInfo)(CK_INFO_PTR pInfo); 799 CK_RV (*C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); 800 CK_RV (*C_GetSlotList)(CK_BBOOL tokenPresent, 801 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount); 802 CK_RV (*C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); 803 CK_RV (*C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); 804 CK_RV (*C_GetMechanismList)(CK_SLOT_ID slotID, 805 CK_MECHANISM_TYPE_PTR pMechanismList, 806 CK_ULONG_PTR pulCount); 807 CK_RV (*C_GetMechanismInfo)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, 808 CK_MECHANISM_INFO_PTR pInfo); 809 CK_RV (*C_InitToken)(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, 810 CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); 811 CK_RV (*C_InitPIN)(CK_SESSION_HANDLE hSession, 812 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 813 CK_RV (*C_SetPIN)(CK_SESSION_HANDLE hSession, 814 CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, 815 CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen); 816 CK_RV (*C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags, 817 CK_VOID_PTR pApplication, CK_NOTIFY Notify, 818 CK_SESSION_HANDLE_PTR phSession); 819 CK_RV (*C_CloseSession)(CK_SESSION_HANDLE hSession); 820 CK_RV (*C_CloseAllSessions)(CK_SLOT_ID slotID); 821 CK_RV (*C_GetSessionInfo)(CK_SESSION_HANDLE hSession, 822 CK_SESSION_INFO_PTR pInfo); 823 CK_RV (*C_GetOperationState)(CK_SESSION_HANDLE hSession, 824 CK_BYTE_PTR pOperationState, 825 CK_ULONG_PTR pulOperationStateLen); 826 CK_RV (*C_SetOperationState)(CK_SESSION_HANDLE hSession, 827 CK_BYTE_PTR pOperationState, 828 CK_ULONG ulOperationStateLen, 829 CK_OBJECT_HANDLE hEncryptionKey, 830 CK_OBJECT_HANDLE hAuthenticationKey); 831 CK_RV (*C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, 832 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 833 CK_RV (*C_Logout)(CK_SESSION_HANDLE hSession); 834 CK_RV (*C_CreateObject)(CK_SESSION_HANDLE hSession, 835 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 836 CK_OBJECT_HANDLE_PTR phObject); 837 CK_RV (*C_CopyObject)(CK_SESSION_HANDLE hSession, 838 CK_OBJECT_HANDLE hObject, 839 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 840 CK_OBJECT_HANDLE_PTR phNewObject); 841 CK_RV (*C_DestroyObject)(CK_SESSION_HANDLE hSession, 842 CK_OBJECT_HANDLE hObject); 843 CK_RV (*C_GetObjectSize)(CK_SESSION_HANDLE hSession, 844 CK_OBJECT_HANDLE hObject, 845 CK_ULONG_PTR pulSize); 846 CK_RV (*C_GetAttributeValue)(CK_SESSION_HANDLE hSession, 847 CK_OBJECT_HANDLE hObject, 848 CK_ATTRIBUTE_PTR pTemplate, 849 CK_ULONG ulCount); 850 CK_RV (*C_SetAttributeValue)(CK_SESSION_HANDLE hSession, 851 CK_OBJECT_HANDLE hObject, 852 CK_ATTRIBUTE_PTR pTemplate, 853 CK_ULONG ulCount); 854 CK_RV (*C_FindObjectsInit)(CK_SESSION_HANDLE hSession, 855 CK_ATTRIBUTE_PTR pTemplate, 856 CK_ULONG ulCount); 857 CK_RV (*C_FindObjects)(CK_SESSION_HANDLE hSession, 858 CK_OBJECT_HANDLE_PTR phObject, 859 CK_ULONG ulMaxObjectCount, 860 CK_ULONG_PTR pulObjectCount); 861 CK_RV (*C_FindObjectsFinal)(CK_SESSION_HANDLE hSession); 862 CK_RV (*C_EncryptInit)(CK_SESSION_HANDLE hSession, 863 CK_MECHANISM_PTR pMechanism, 864 CK_OBJECT_HANDLE hKey); 865 CK_RV (*C_Encrypt)(CK_SESSION_HANDLE hSession, 866 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 867 CK_BYTE_PTR pEncryptedData, 868 CK_ULONG_PTR pulEncryptedDataLen); 869 CK_RV (*C_EncryptUpdate)(CK_SESSION_HANDLE hSession, 870 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 871 CK_BYTE_PTR pEncryptedData, 872 CK_ULONG_PTR pulEncryptedDataLen); 873 CK_RV (*C_EncryptFinal)(CK_SESSION_HANDLE hSession, 874 CK_BYTE_PTR pLastEncryptedPart, 875 CK_ULONG_PTR pulLastEncryptedPartLen); 876 CK_RV (*C_DecryptInit)(CK_SESSION_HANDLE hSession, 877 CK_MECHANISM_PTR pMechanism, 878 CK_OBJECT_HANDLE hKey); 879 CK_RV (*C_Decrypt)(CK_SESSION_HANDLE hSession, 880 CK_BYTE_PTR pEncryptedData, 881 CK_ULONG ulEncryptedDataLen, 882 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 883 CK_RV (*C_DecryptUpdate)(CK_SESSION_HANDLE hSession, 884 CK_BYTE_PTR pEncryptedPart, 885 CK_ULONG ulEncryptedPartLen, 886 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 887 CK_RV (*C_DecryptFinal)(CK_SESSION_HANDLE hSession, 888 CK_BYTE_PTR pLastPart, 889 CK_ULONG_PTR pulLastPartLen); 890 CK_RV (*C_DigestInit)(CK_SESSION_HANDLE hSession, 891 CK_MECHANISM_PTR pMechanism); 892 CK_RV (*C_Digest)(CK_SESSION_HANDLE hSession, 893 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 894 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 895 CK_RV (*C_DigestUpdate)(CK_SESSION_HANDLE hSession, 896 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 897 CK_RV (*C_DigestKey)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); 898 CK_RV (*C_DigestFinal)(CK_SESSION_HANDLE hSession, 899 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 900 CK_RV (*C_SignInit)(CK_SESSION_HANDLE hSession, 901 CK_MECHANISM_PTR pMechanism, 902 CK_OBJECT_HANDLE hKey); 903 CK_RV (*C_Sign)(CK_SESSION_HANDLE hSession, 904 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 905 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 906 CK_RV (*C_SignUpdate)(CK_SESSION_HANDLE hSession, 907 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 908 CK_RV (*C_SignFinal)(CK_SESSION_HANDLE hSession, 909 CK_BYTE_PTR pSignature, 910 CK_ULONG_PTR pulSignatureLen); 911 CK_RV (*C_SignRecoverInit)(CK_SESSION_HANDLE hSession, 912 CK_MECHANISM_PTR pMechanism, 913 CK_OBJECT_HANDLE hKey); 914 CK_RV (*C_SignRecover)(CK_SESSION_HANDLE hSession, 915 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 916 CK_BYTE_PTR pSignature, 917 CK_ULONG_PTR pulSignatureLen); 918 CK_RV (*C_VerifyInit)(CK_SESSION_HANDLE hSession, 919 CK_MECHANISM_PTR pMechanism, 920 CK_OBJECT_HANDLE hKey); 921 CK_RV (*C_Verify)(CK_SESSION_HANDLE hSession, 922 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 923 CK_BYTE_PTR pSignature, 924 CK_ULONG ulSignatureLen); 925 CK_RV (*C_VerifyUpdate)(CK_SESSION_HANDLE hSession, 926 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 927 CK_RV (*C_VerifyFinal)(CK_SESSION_HANDLE hSession, 928 CK_BYTE_PTR pSignature, 929 CK_ULONG ulSignatureLen); 930 CK_RV (*C_VerifyRecoverInit)(CK_SESSION_HANDLE hSession, 931 CK_MECHANISM_PTR pMechanism, 932 CK_OBJECT_HANDLE hKey); 933 CK_RV (*C_VerifyRecover)(CK_SESSION_HANDLE hSession, 934 CK_BYTE_PTR pSignature, 935 CK_ULONG ulSignatureLen, 936 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 937 CK_RV (*C_DigestEncryptUpdate)(CK_SESSION_HANDLE hSession, 938 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 939 CK_BYTE_PTR pEncryptedPart, 940 CK_ULONG_PTR pulEncryptedPartLen); 941 CK_RV (*C_DecryptDigestUpdate)(CK_SESSION_HANDLE hSession, 942 CK_BYTE_PTR pEncryptedPart, 943 CK_ULONG ulEncryptedPartLen, 944 CK_BYTE_PTR pPart, 945 CK_ULONG_PTR pulPartLen); 946 CK_RV (*C_SignEncryptUpdate)(CK_SESSION_HANDLE hSession, 947 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 948 CK_BYTE_PTR pEncryptedPart, 949 CK_ULONG_PTR pulEncryptedPartLen); 950 CK_RV (*C_DecryptVerifyUpdate)(CK_SESSION_HANDLE hSession, 951 CK_BYTE_PTR pEncryptedPart, 952 CK_ULONG ulEncryptedPartLen, 953 CK_BYTE_PTR pPart, 954 CK_ULONG_PTR pulPartLen); 955 CK_RV (*C_GenerateKey)(CK_SESSION_HANDLE hSession, 956 CK_MECHANISM_PTR pMechanism, 957 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 958 CK_OBJECT_HANDLE_PTR phKey); 959 CK_RV (*C_GenerateKeyPair)(CK_SESSION_HANDLE hSession, 960 CK_MECHANISM_PTR pMechanism, 961 CK_ATTRIBUTE_PTR pPublicKeyTemplate, 962 CK_ULONG ulPublicKeyAttributeCount, 963 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, 964 CK_ULONG ulPrivateKeyAttributeCount, 965 CK_OBJECT_HANDLE_PTR phPublicKey, 966 CK_OBJECT_HANDLE_PTR phPrivateKey); 967 CK_RV (*C_WrapKey)(CK_SESSION_HANDLE hSession, 968 CK_MECHANISM_PTR pMechanism, 969 CK_OBJECT_HANDLE hWrappingKey, 970 CK_OBJECT_HANDLE hKey, 971 CK_BYTE_PTR pWrappedKey, 972 CK_ULONG_PTR pulWrappedKeyLen); 973 CK_RV (*C_UnwrapKey)(CK_SESSION_HANDLE hSession, 974 CK_MECHANISM_PTR pMechanism, 975 CK_OBJECT_HANDLE hUnwrappingKey, 976 CK_BYTE_PTR pWrappedKey, 977 CK_ULONG ulWrappedKeyLen, 978 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 979 CK_OBJECT_HANDLE_PTR phKey); 980 CK_RV (*C_DeriveKey)(CK_SESSION_HANDLE hSession, 981 CK_MECHANISM_PTR pMechanism, 982 CK_OBJECT_HANDLE hBaseKey, 983 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 984 CK_OBJECT_HANDLE_PTR phKey); 985 CK_RV (*C_SeedRandom)(CK_SESSION_HANDLE hSession, 986 CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen); 987 CK_RV (*C_GenerateRandom)(CK_SESSION_HANDLE hSession, 988 CK_BYTE_PTR pRandomData, 989 CK_ULONG ulRandomLen); 990 CK_RV (*C_GetFunctionStatus)(CK_SESSION_HANDLE hSession); 991 CK_RV (*C_CancelFunction)(CK_SESSION_HANDLE hSession); 992 CK_RV (*C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR slotID, 993 CK_VOID_PTR pReserved); 994 }; 995 996 /* Optional init_args structure for C_Initialize */ 997 typedef struct CK_C_INITIALIZE_ARGS CK_C_INITIALIZE_ARGS; 998 typedef struct CK_C_INITIALIZE_ARGS *CK_C_INITIALIZE_ARGS_PTR; 999 1000 struct CK_C_INITIALIZE_ARGS { 1001 CK_CREATEMUTEX CreateMutex; 1002 CK_DESTROYMUTEX DestroyMutex; 1003 CK_LOCKMUTEX LockMutex; 1004 CK_UNLOCKMUTEX UnlockMutex; 1005 CK_FLAGS flags; 1006 CK_VOID_PTR reserved; 1007 }; 1008 1009 /* Flags for field flags of struct ck_c_initialize_args */ 1010 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1U << 0) 1011 #define CKF_OS_LOCKING_OK (1U << 1) 1012 1013 CK_RV C_Initialize(CK_VOID_PTR pInitArgs); 1014 1015 CK_RV C_Finalize(CK_VOID_PTR pReserved); 1016 1017 CK_RV C_GetInfo(CK_INFO_PTR pInfo); 1018 1019 CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); 1020 1021 CK_RV C_GetSlotList(CK_BBOOL tokenPresent, 1022 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount); 1023 1024 CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); 1025 1026 CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); 1027 1028 CK_RV C_GetMechanismList(CK_SLOT_ID slotID, 1029 CK_MECHANISM_TYPE_PTR pMechanismList, 1030 CK_ULONG_PTR pulCount); 1031 1032 CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, 1033 CK_MECHANISM_INFO_PTR pInfo); 1034 1035 CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, 1036 CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); 1037 1038 CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, 1039 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 1040 1041 CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, 1042 CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, 1043 CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen); 1044 1045 CK_RV C_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, 1046 CK_VOID_PTR pApplication, CK_NOTIFY Notify, 1047 CK_SESSION_HANDLE_PTR phSession); 1048 1049 CK_RV C_CloseSession(CK_SESSION_HANDLE hSession); 1050 1051 CK_RV C_CloseAllSessions(CK_SLOT_ID slotID); 1052 1053 CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo); 1054 1055 CK_RV C_GetOperationState(CK_SESSION_HANDLE hSession, 1056 CK_BYTE_PTR pOperationState, 1057 CK_ULONG_PTR pulOperationStateLen); 1058 1059 CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession, 1060 CK_BYTE_PTR pOperationState, 1061 CK_ULONG ulOperationStateLen, 1062 CK_OBJECT_HANDLE hEncryptionKey, 1063 CK_OBJECT_HANDLE hAuthenticationKey); 1064 1065 CK_RV C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, 1066 CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 1067 1068 CK_RV C_Logout(CK_SESSION_HANDLE hSession); 1069 1070 CK_RV C_CreateObject(CK_SESSION_HANDLE hSession, 1071 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1072 CK_OBJECT_HANDLE_PTR phObject); 1073 1074 CK_RV C_CopyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 1075 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1076 CK_OBJECT_HANDLE_PTR phNewObject); 1077 1078 CK_RV C_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject); 1079 1080 CK_RV C_GetObjectSize(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 1081 CK_ULONG_PTR pulSize); 1082 1083 CK_RV C_GetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 1084 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 1085 1086 CK_RV C_SetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 1087 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 1088 1089 CK_RV C_FindObjectsInit(CK_SESSION_HANDLE hSession, 1090 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 1091 1092 CK_RV C_FindObjects(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, 1093 CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount); 1094 1095 CK_RV C_FindObjectsFinal(CK_SESSION_HANDLE hSession); 1096 1097 CK_RV C_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1098 CK_OBJECT_HANDLE hKey); 1099 1100 CK_RV C_Encrypt(CK_SESSION_HANDLE hSession, 1101 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1102 CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen); 1103 1104 CK_RV C_EncryptUpdate(CK_SESSION_HANDLE hSession, 1105 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 1106 CK_BYTE_PTR pEncryptedData, 1107 CK_ULONG_PTR pulEncryptedDataLen); 1108 1109 CK_RV C_EncryptFinal(CK_SESSION_HANDLE hSession, 1110 CK_BYTE_PTR pLastEncryptedPart, 1111 CK_ULONG_PTR pulLastEncryptedPartLen); 1112 1113 CK_RV C_DecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1114 CK_OBJECT_HANDLE hKey); 1115 1116 CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, 1117 CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, 1118 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 1119 1120 CK_RV C_DecryptUpdate(CK_SESSION_HANDLE hSession, 1121 CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, 1122 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1123 1124 CK_RV C_DecryptFinal(CK_SESSION_HANDLE hSession, 1125 CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen); 1126 1127 CK_RV C_DigestInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism); 1128 1129 CK_RV C_Digest(CK_SESSION_HANDLE hSession, 1130 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1131 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 1132 1133 CK_RV C_DigestUpdate(CK_SESSION_HANDLE hSession, 1134 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1135 1136 CK_RV C_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); 1137 1138 CK_RV C_DigestFinal(CK_SESSION_HANDLE hSession, 1139 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 1140 1141 CK_RV C_SignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1142 CK_OBJECT_HANDLE hKey); 1143 1144 CK_RV C_Sign(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1145 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1146 1147 CK_RV C_SignUpdate(CK_SESSION_HANDLE hSession, 1148 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1149 1150 CK_RV C_SignFinal(CK_SESSION_HANDLE hSession, 1151 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1152 1153 CK_RV C_SignRecoverInit(CK_SESSION_HANDLE hSession, 1154 CK_MECHANISM_PTR pMechanism, 1155 CK_OBJECT_HANDLE hKey); 1156 1157 CK_RV C_SignRecover(CK_SESSION_HANDLE hSession, 1158 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1159 CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 1160 1161 CK_RV C_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1162 CK_OBJECT_HANDLE hKey); 1163 1164 CK_RV C_Verify(CK_SESSION_HANDLE hSession, 1165 CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1166 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); 1167 1168 CK_RV C_VerifyUpdate(CK_SESSION_HANDLE hSession, 1169 CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 1170 1171 CK_RV C_VerifyFinal(CK_SESSION_HANDLE hSession, 1172 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); 1173 1174 CK_RV C_VerifyRecoverInit(CK_SESSION_HANDLE hSession, 1175 CK_MECHANISM_PTR pMechanism, 1176 CK_OBJECT_HANDLE hKey); 1177 1178 CK_RV C_VerifyRecover(CK_SESSION_HANDLE hSession, 1179 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, 1180 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 1181 1182 CK_RV C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, 1183 CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 1184 CK_BYTE_PTR pEncryptedPart, 1185 CK_ULONG_PTR pulEncryptedPartLen); 1186 1187 CK_RV C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession, 1188 CK_BYTE_PTR pEncryptedPart, 1189 CK_ULONG ulEncryptedPartLen, 1190 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1191 1192 CK_RV C_SignEncryptUpdate(CK_SESSION_HANDLE hSession, 1193 CK_BYTE_PTR pPart, 1194 CK_ULONG ulPartLen, 1195 CK_BYTE_PTR pEncryptedPart, 1196 CK_ULONG_PTR pulEncryptedPartLen); 1197 1198 CK_RV C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, 1199 CK_BYTE_PTR pEncryptedPart, 1200 CK_ULONG ulEncryptedPartLen, 1201 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 1202 1203 CK_RV C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1204 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1205 CK_OBJECT_HANDLE_PTR phKey); 1206 1207 CK_RV C_GenerateKeyPair(CK_SESSION_HANDLE hSession, 1208 CK_MECHANISM_PTR pMechanism, 1209 CK_ATTRIBUTE_PTR pPublicKeyTemplate, 1210 CK_ULONG ulPublicKeyAttributeCount, 1211 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, 1212 CK_ULONG ulPrivateKeyAttributeCount, 1213 CK_OBJECT_HANDLE_PTR phPublicKey, 1214 CK_OBJECT_HANDLE_PTR phPrivateKey); 1215 1216 CK_RV C_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1217 CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, 1218 CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen); 1219 1220 CK_RV C_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1221 CK_OBJECT_HANDLE hUnwrappingKey, 1222 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, 1223 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1224 CK_OBJECT_HANDLE_PTR phKey); 1225 1226 CK_RV C_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1227 CK_OBJECT_HANDLE hBaseKey, 1228 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 1229 CK_OBJECT_HANDLE_PTR phKey); 1230 1231 CK_RV C_SeedRandom(CK_SESSION_HANDLE hSession, 1232 CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen); 1233 1234 CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession, 1235 CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen); 1236 1237 CK_RV C_GetFunctionStatus(CK_SESSION_HANDLE hSession); 1238 1239 CK_RV C_CancelFunction(CK_SESSION_HANDLE hSession); 1240 1241 CK_RV C_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR slotID, 1242 CK_VOID_PTR pReserved); 1243 1244 #ifdef __cplusplus 1245 } 1246 #endif 1247 1248 #endif /*PKCS11_H*/ 1249