pkcs11 0.2.5-x64-mingw32 → 0.2.6-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,1885 +1,1917 @@
1
- /* pkcs11t.h include file for PKCS #11. */
2
- /* $Revision: 1.10 $ */
3
-
4
- /* License to copy and use this software is granted provided that it is
5
- * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
6
- * (Cryptoki)" in all material mentioning or referencing this software.
7
-
8
- * License is also granted to make and use derivative works provided that
9
- * such works are identified as "derived from the RSA Security Inc. PKCS #11
10
- * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
11
- * referencing the derived work.
12
-
13
- * RSA Security Inc. makes no representations concerning either the
14
- * merchantability of this software or the suitability of this software for
15
- * any particular purpose. It is provided "as is" without express or implied
16
- * warranty of any kind.
17
- */
18
-
19
- /* See top of pkcs11.h for information about the macros that
20
- * must be defined and the structure-packing conventions that
21
- * must be set before including this file. */
22
-
23
- #ifndef _PKCS11T_H_
24
- #define _PKCS11T_H_ 1
25
-
26
- #define CRYPTOKI_VERSION_MAJOR 2
27
- #define CRYPTOKI_VERSION_MINOR 20
28
- #define CRYPTOKI_VERSION_AMENDMENT 3
29
-
30
- #define CK_TRUE 1
31
- #define CK_FALSE 0
32
-
33
- #ifndef CK_DISABLE_TRUE_FALSE
34
- #ifndef FALSE
35
- #define FALSE CK_FALSE
36
- #endif
37
-
38
- #ifndef TRUE
39
- #define TRUE CK_TRUE
40
- #endif
41
- #endif
42
-
43
- /* an unsigned 8-bit value */
44
- typedef unsigned char CK_BYTE;
45
-
46
- /* an unsigned 8-bit character */
47
- typedef CK_BYTE CK_CHAR;
48
-
49
- /* an 8-bit UTF-8 character */
50
- typedef CK_BYTE CK_UTF8CHAR;
51
-
52
- /* a BYTE-sized Boolean flag */
53
- typedef CK_BYTE CK_BBOOL;
54
-
55
- /* an unsigned value, at least 32 bits long */
56
- typedef unsigned long int CK_ULONG;
57
-
58
- /* a signed value, the same size as a CK_ULONG */
59
- /* CK_LONG is new for v2.0 */
60
- typedef long int CK_LONG;
61
-
62
- /* at least 32 bits; each bit is a Boolean flag */
63
- typedef CK_ULONG CK_FLAGS;
64
-
65
-
66
- /* some special values for certain CK_ULONG variables */
67
- #define CK_UNAVAILABLE_INFORMATION (~0UL)
68
- #define CK_EFFECTIVELY_INFINITE 0
69
-
70
-
71
- typedef CK_BYTE CK_PTR CK_BYTE_PTR;
72
- typedef CK_CHAR CK_PTR CK_CHAR_PTR;
73
- typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
74
- typedef CK_ULONG CK_PTR CK_ULONG_PTR;
75
- typedef void CK_PTR CK_VOID_PTR;
76
-
77
- /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
78
- typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
79
-
80
-
81
- /* The following value is always invalid if used as a session */
82
- /* handle or object handle */
83
- #define CK_INVALID_HANDLE 0
84
-
85
-
86
- typedef struct CK_VERSION {
87
- CK_BYTE major; /* integer portion of version number */
88
- CK_BYTE minor; /* 1/100ths portion of version number */
89
- } CK_VERSION;
90
-
91
- typedef CK_VERSION CK_PTR CK_VERSION_PTR;
92
-
93
-
94
- typedef struct CK_INFO {
95
- /* manufacturerID and libraryDecription have been changed from
96
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
97
- CK_VERSION cryptokiVersion; /* Cryptoki interface ver */
98
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
99
- CK_FLAGS flags; /* must be zero */
100
-
101
- /* libraryDescription and libraryVersion are new for v2.0 */
102
- CK_UTF8CHAR libraryDescription[32]; /* blank padded */
103
- CK_VERSION libraryVersion; /* version of library */
104
- } CK_INFO;
105
-
106
- typedef CK_INFO CK_PTR CK_INFO_PTR;
107
-
108
-
109
- /* CK_NOTIFICATION enumerates the types of notifications that
110
- * Cryptoki provides to an application */
111
- /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
112
- * for v2.0 */
113
- typedef CK_ULONG CK_NOTIFICATION;
114
- #define CKN_SURRENDER 0
115
-
116
- /* The following notification is new for PKCS #11 v2.20 amendment 3 */
117
- #define CKN_OTP_CHANGED 1
118
-
119
-
120
- typedef CK_ULONG CK_SLOT_ID;
121
-
122
- typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
123
-
124
-
125
- /* CK_SLOT_INFO provides information about a slot */
126
- typedef struct CK_SLOT_INFO {
127
- /* slotDescription and manufacturerID have been changed from
128
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
129
- CK_UTF8CHAR slotDescription[64]; /* blank padded */
130
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
131
- CK_FLAGS flags;
132
-
133
- /* hardwareVersion and firmwareVersion are new for v2.0 */
134
- CK_VERSION hardwareVersion; /* version of hardware */
135
- CK_VERSION firmwareVersion; /* version of firmware */
136
- } CK_SLOT_INFO;
137
-
138
- /* flags: bit flags that provide capabilities of the slot
139
- * Bit Flag Mask Meaning
140
- */
141
- #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */
142
- #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/
143
- #define CKF_HW_SLOT 0x00000004 /* hardware slot */
144
-
145
- typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
146
-
147
-
148
- /* CK_TOKEN_INFO provides information about a token */
149
- typedef struct CK_TOKEN_INFO {
150
- /* label, manufacturerID, and model have been changed from
151
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
152
- CK_UTF8CHAR label[32]; /* blank padded */
153
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
154
- CK_UTF8CHAR model[16]; /* blank padded */
155
- CK_CHAR serialNumber[16]; /* blank padded */
156
- CK_FLAGS flags; /* see below */
157
-
158
- /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
159
- * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
160
- * changed from CK_USHORT to CK_ULONG for v2.0 */
161
- CK_ULONG ulMaxSessionCount; /* max open sessions */
162
- CK_ULONG ulSessionCount; /* sess. now open */
163
- CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
164
- CK_ULONG ulRwSessionCount; /* R/W sess. now open */
165
- CK_ULONG ulMaxPinLen; /* in bytes */
166
- CK_ULONG ulMinPinLen; /* in bytes */
167
- CK_ULONG ulTotalPublicMemory; /* in bytes */
168
- CK_ULONG ulFreePublicMemory; /* in bytes */
169
- CK_ULONG ulTotalPrivateMemory; /* in bytes */
170
- CK_ULONG ulFreePrivateMemory; /* in bytes */
171
-
172
- /* hardwareVersion, firmwareVersion, and time are new for
173
- * v2.0 */
174
- CK_VERSION hardwareVersion; /* version of hardware */
175
- CK_VERSION firmwareVersion; /* version of firmware */
176
- CK_CHAR utcTime[16]; /* time */
177
- } CK_TOKEN_INFO;
178
-
179
- /* The flags parameter is defined as follows:
180
- * Bit Flag Mask Meaning
181
- */
182
- #define CKF_RNG 0x00000001 /* has random #
183
- * generator */
184
- #define CKF_WRITE_PROTECTED 0x00000002 /* token is
185
- * write-
186
- * protected */
187
- #define CKF_LOGIN_REQUIRED 0x00000004 /* user must
188
- * login */
189
- #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's
190
- * PIN is set */
191
-
192
- /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set,
193
- * that means that *every* time the state of cryptographic
194
- * operations of a session is successfully saved, all keys
195
- * needed to continue those operations are stored in the state */
196
- #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020
197
-
198
- /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means
199
- * that the token has some sort of clock. The time on that
200
- * clock is returned in the token info structure */
201
- #define CKF_CLOCK_ON_TOKEN 0x00000040
202
-
203
- /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is
204
- * set, that means that there is some way for the user to login
205
- * without sending a PIN through the Cryptoki library itself */
206
- #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100
207
-
208
- /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true,
209
- * that means that a single session with the token can perform
210
- * dual simultaneous cryptographic operations (digest and
211
- * encrypt; decrypt and digest; sign and encrypt; and decrypt
212
- * and sign) */
213
- #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200
214
-
215
- /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
216
- * token has been initialized using C_InitializeToken or an
217
- * equivalent mechanism outside the scope of PKCS #11.
218
- * Calling C_InitializeToken when this flag is set will cause
219
- * the token to be reinitialized. */
220
- #define CKF_TOKEN_INITIALIZED 0x00000400
221
-
222
- /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is
223
- * true, the token supports secondary authentication for
224
- * private key objects. This flag is deprecated in v2.11 and
225
- onwards. */
226
- #define CKF_SECONDARY_AUTHENTICATION 0x00000800
227
-
228
- /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an
229
- * incorrect user login PIN has been entered at least once
230
- * since the last successful authentication. */
231
- #define CKF_USER_PIN_COUNT_LOW 0x00010000
232
-
233
- /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
234
- * supplying an incorrect user PIN will it to become locked. */
235
- #define CKF_USER_PIN_FINAL_TRY 0x00020000
236
-
237
- /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the
238
- * user PIN has been locked. User login to the token is not
239
- * possible. */
240
- #define CKF_USER_PIN_LOCKED 0x00040000
241
-
242
- /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
243
- * the user PIN value is the default value set by token
244
- * initialization or manufacturing, or the PIN has been
245
- * expired by the card. */
246
- #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000
247
-
248
- /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an
249
- * incorrect SO login PIN has been entered at least once since
250
- * the last successful authentication. */
251
- #define CKF_SO_PIN_COUNT_LOW 0x00100000
252
-
253
- /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
254
- * supplying an incorrect SO PIN will it to become locked. */
255
- #define CKF_SO_PIN_FINAL_TRY 0x00200000
256
-
257
- /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
258
- * PIN has been locked. SO login to the token is not possible.
259
- */
260
- #define CKF_SO_PIN_LOCKED 0x00400000
261
-
262
- /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
263
- * the SO PIN value is the default value set by token
264
- * initialization or manufacturing, or the PIN has been
265
- * expired by the card. */
266
- #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
267
-
268
- typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
269
-
270
-
271
- /* CK_SESSION_HANDLE is a Cryptoki-assigned value that
272
- * identifies a session */
273
- typedef CK_ULONG CK_SESSION_HANDLE;
274
-
275
- typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
276
-
277
-
278
- /* CK_USER_TYPE enumerates the types of Cryptoki users */
279
- /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
280
- * v2.0 */
281
- typedef CK_ULONG CK_USER_TYPE;
282
- /* Security Officer */
283
- #define CKU_SO 0
284
- /* Normal user */
285
- #define CKU_USER 1
286
- /* Context specific (added in v2.20) */
287
- #define CKU_CONTEXT_SPECIFIC 2
288
-
289
- /* CK_STATE enumerates the session states */
290
- /* CK_STATE has been changed from an enum to a CK_ULONG for
291
- * v2.0 */
292
- typedef CK_ULONG CK_STATE;
293
- #define CKS_RO_PUBLIC_SESSION 0
294
- #define CKS_RO_USER_FUNCTIONS 1
295
- #define CKS_RW_PUBLIC_SESSION 2
296
- #define CKS_RW_USER_FUNCTIONS 3
297
- #define CKS_RW_SO_FUNCTIONS 4
298
-
299
-
300
- /* CK_SESSION_INFO provides information about a session */
301
- typedef struct CK_SESSION_INFO {
302
- CK_SLOT_ID slotID;
303
- CK_STATE state;
304
- CK_FLAGS flags; /* see below */
305
-
306
- /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
307
- * v2.0 */
308
- CK_ULONG ulDeviceError; /* device-dependent error code */
309
- } CK_SESSION_INFO;
310
-
311
- /* The flags are defined in the following table:
312
- * Bit Flag Mask Meaning
313
- */
314
- #define CKF_RW_SESSION 0x00000002 /* session is r/w */
315
- #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */
316
-
317
- typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
318
-
319
-
320
- /* CK_OBJECT_HANDLE is a token-specific identifier for an
321
- * object */
322
- typedef CK_ULONG CK_OBJECT_HANDLE;
323
-
324
- typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
325
-
326
-
327
- /* CK_OBJECT_CLASS is a value that identifies the classes (or
328
- * types) of objects that Cryptoki recognizes. It is defined
329
- * as follows: */
330
- /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
331
- * v2.0 */
332
- typedef CK_ULONG CK_OBJECT_CLASS;
333
-
334
- /* The following classes of objects are defined: */
335
- /* CKO_HW_FEATURE is new for v2.10 */
336
- /* CKO_DOMAIN_PARAMETERS is new for v2.11 */
337
- /* CKO_MECHANISM is new for v2.20 */
338
- #define CKO_DATA 0x00000000
339
- #define CKO_CERTIFICATE 0x00000001
340
- #define CKO_PUBLIC_KEY 0x00000002
341
- #define CKO_PRIVATE_KEY 0x00000003
342
- #define CKO_SECRET_KEY 0x00000004
343
- #define CKO_HW_FEATURE 0x00000005
344
- #define CKO_DOMAIN_PARAMETERS 0x00000006
345
- #define CKO_MECHANISM 0x00000007
346
-
347
- /* CKO_OTP_KEY is new for PKCS #11 v2.20 amendment 1 */
348
- #define CKO_OTP_KEY 0x00000008
349
-
350
- #define CKO_VENDOR_DEFINED 0x80000000
351
-
352
- typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
353
-
354
- /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
355
- * value that identifies the hardware feature type of an object
356
- * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
357
- typedef CK_ULONG CK_HW_FEATURE_TYPE;
358
-
359
- /* The following hardware feature types are defined */
360
- /* CKH_USER_INTERFACE is new for v2.20 */
361
- #define CKH_MONOTONIC_COUNTER 0x00000001
362
- #define CKH_CLOCK 0x00000002
363
- #define CKH_USER_INTERFACE 0x00000003
364
- #define CKH_VENDOR_DEFINED 0x80000000
365
-
366
- /* CK_KEY_TYPE is a value that identifies a key type */
367
- /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
368
- typedef CK_ULONG CK_KEY_TYPE;
369
-
370
- /* the following key types are defined: */
371
- #define CKK_RSA 0x00000000
372
- #define CKK_DSA 0x00000001
373
- #define CKK_DH 0x00000002
374
-
375
- /* CKK_ECDSA and CKK_KEA are new for v2.0 */
376
- /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */
377
- #define CKK_ECDSA 0x00000003
378
- #define CKK_EC 0x00000003
379
- #define CKK_X9_42_DH 0x00000004
380
- #define CKK_KEA 0x00000005
381
-
382
- #define CKK_GENERIC_SECRET 0x00000010
383
- #define CKK_RC2 0x00000011
384
- #define CKK_RC4 0x00000012
385
- #define CKK_DES 0x00000013
386
- #define CKK_DES2 0x00000014
387
- #define CKK_DES3 0x00000015
388
-
389
- /* all these key types are new for v2.0 */
390
- #define CKK_CAST 0x00000016
391
- #define CKK_CAST3 0x00000017
392
- /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */
393
- #define CKK_CAST5 0x00000018
394
- #define CKK_CAST128 0x00000018
395
- #define CKK_RC5 0x00000019
396
- #define CKK_IDEA 0x0000001A
397
- #define CKK_SKIPJACK 0x0000001B
398
- #define CKK_BATON 0x0000001C
399
- #define CKK_JUNIPER 0x0000001D
400
- #define CKK_CDMF 0x0000001E
401
- #define CKK_AES 0x0000001F
402
-
403
- /* BlowFish and TwoFish are new for v2.20 */
404
- #define CKK_BLOWFISH 0x00000020
405
- #define CKK_TWOFISH 0x00000021
406
-
407
- /* SecurID, HOTP, and ACTI are new for PKCS #11 v2.20 amendment 1 */
408
- #define CKK_SECURID 0x00000022
409
- #define CKK_HOTP 0x00000023
410
- #define CKK_ACTI 0x00000024
411
-
412
- /* Camellia is new for PKCS #11 v2.20 amendment 3 */
413
- #define CKK_CAMELLIA 0x00000025
414
- /* ARIA is new for PKCS #11 v2.20 amendment 3 */
415
- #define CKK_ARIA 0x00000026
416
-
417
-
418
- #define CKK_VENDOR_DEFINED 0x80000000
419
-
420
-
421
- /* CK_CERTIFICATE_TYPE is a value that identifies a certificate
422
- * type */
423
- /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
424
- * for v2.0 */
425
- typedef CK_ULONG CK_CERTIFICATE_TYPE;
426
-
427
- /* The following certificate types are defined: */
428
- /* CKC_X_509_ATTR_CERT is new for v2.10 */
429
- /* CKC_WTLS is new for v2.20 */
430
- #define CKC_X_509 0x00000000
431
- #define CKC_X_509_ATTR_CERT 0x00000001
432
- #define CKC_WTLS 0x00000002
433
- #define CKC_VENDOR_DEFINED 0x80000000
434
-
435
-
436
- /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
437
- * type */
438
- /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
439
- * v2.0 */
440
- typedef CK_ULONG CK_ATTRIBUTE_TYPE;
441
-
442
- /* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which
443
- consists of an array of values. */
444
- #define CKF_ARRAY_ATTRIBUTE 0x40000000
445
-
446
- /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1
447
- and relates to the CKA_OTP_FORMAT attribute */
448
- #define CK_OTP_FORMAT_DECIMAL 0
449
- #define CK_OTP_FORMAT_HEXADECIMAL 1
450
- #define CK_OTP_FORMAT_ALPHANUMERIC 2
451
- #define CK_OTP_FORMAT_BINARY 3
452
-
453
- /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1
454
- and relates to the CKA_OTP_..._REQUIREMENT attributes */
455
- #define CK_OTP_PARAM_IGNORED 0
456
- #define CK_OTP_PARAM_OPTIONAL 1
457
- #define CK_OTP_PARAM_MANDATORY 2
458
-
459
- /* The following attribute types are defined: */
460
- #define CKA_CLASS 0x00000000
461
- #define CKA_TOKEN 0x00000001
462
- #define CKA_PRIVATE 0x00000002
463
- #define CKA_LABEL 0x00000003
464
- #define CKA_APPLICATION 0x00000010
465
- #define CKA_VALUE 0x00000011
466
-
467
- /* CKA_OBJECT_ID is new for v2.10 */
468
- #define CKA_OBJECT_ID 0x00000012
469
-
470
- #define CKA_CERTIFICATE_TYPE 0x00000080
471
- #define CKA_ISSUER 0x00000081
472
- #define CKA_SERIAL_NUMBER 0x00000082
473
-
474
- /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new
475
- * for v2.10 */
476
- #define CKA_AC_ISSUER 0x00000083
477
- #define CKA_OWNER 0x00000084
478
- #define CKA_ATTR_TYPES 0x00000085
479
-
480
- /* CKA_TRUSTED is new for v2.11 */
481
- #define CKA_TRUSTED 0x00000086
482
-
483
- /* CKA_CERTIFICATE_CATEGORY ...
484
- * CKA_CHECK_VALUE are new for v2.20 */
485
- #define CKA_CERTIFICATE_CATEGORY 0x00000087
486
- #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088
487
- #define CKA_URL 0x00000089
488
- #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A
489
- #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B
490
- #define CKA_CHECK_VALUE 0x00000090
491
-
492
- #define CKA_KEY_TYPE 0x00000100
493
- #define CKA_SUBJECT 0x00000101
494
- #define CKA_ID 0x00000102
495
- #define CKA_SENSITIVE 0x00000103
496
- #define CKA_ENCRYPT 0x00000104
497
- #define CKA_DECRYPT 0x00000105
498
- #define CKA_WRAP 0x00000106
499
- #define CKA_UNWRAP 0x00000107
500
- #define CKA_SIGN 0x00000108
501
- #define CKA_SIGN_RECOVER 0x00000109
502
- #define CKA_VERIFY 0x0000010A
503
- #define CKA_VERIFY_RECOVER 0x0000010B
504
- #define CKA_DERIVE 0x0000010C
505
- #define CKA_START_DATE 0x00000110
506
- #define CKA_END_DATE 0x00000111
507
- #define CKA_MODULUS 0x00000120
508
- #define CKA_MODULUS_BITS 0x00000121
509
- #define CKA_PUBLIC_EXPONENT 0x00000122
510
- #define CKA_PRIVATE_EXPONENT 0x00000123
511
- #define CKA_PRIME_1 0x00000124
512
- #define CKA_PRIME_2 0x00000125
513
- #define CKA_EXPONENT_1 0x00000126
514
- #define CKA_EXPONENT_2 0x00000127
515
- #define CKA_COEFFICIENT 0x00000128
516
- #define CKA_PRIME 0x00000130
517
- #define CKA_SUBPRIME 0x00000131
518
- #define CKA_BASE 0x00000132
519
-
520
- /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
521
- #define CKA_PRIME_BITS 0x00000133
522
- #define CKA_SUBPRIME_BITS 0x00000134
523
- #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS
524
- /* (To retain backwards-compatibility) */
525
-
526
- #define CKA_VALUE_BITS 0x00000160
527
- #define CKA_VALUE_LEN 0x00000161
528
-
529
- /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
530
- * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
531
- * and CKA_EC_POINT are new for v2.0 */
532
- #define CKA_EXTRACTABLE 0x00000162
533
- #define CKA_LOCAL 0x00000163
534
- #define CKA_NEVER_EXTRACTABLE 0x00000164
535
- #define CKA_ALWAYS_SENSITIVE 0x00000165
536
-
537
- /* CKA_KEY_GEN_MECHANISM is new for v2.11 */
538
- #define CKA_KEY_GEN_MECHANISM 0x00000166
539
-
540
- #define CKA_MODIFIABLE 0x00000170
541
-
542
- /* CKA_ECDSA_PARAMS is deprecated in v2.11,
543
- * CKA_EC_PARAMS is preferred. */
544
- #define CKA_ECDSA_PARAMS 0x00000180
545
- #define CKA_EC_PARAMS 0x00000180
546
-
547
- #define CKA_EC_POINT 0x00000181
548
-
549
- /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
550
- * are new for v2.10. Deprecated in v2.11 and onwards. */
551
- #define CKA_SECONDARY_AUTH 0x00000200
552
- #define CKA_AUTH_PIN_FLAGS 0x00000201
553
-
554
- /* CKA_ALWAYS_AUTHENTICATE ...
555
- * CKA_UNWRAP_TEMPLATE are new for v2.20 */
556
- #define CKA_ALWAYS_AUTHENTICATE 0x00000202
557
-
558
- #define CKA_WRAP_WITH_TRUSTED 0x00000210
559
- #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211)
560
- #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212)
561
-
562
- /* CKA_OTP... atttributes are new for PKCS #11 v2.20 amendment 3. */
563
- #define CKA_OTP_FORMAT 0x00000220
564
- #define CKA_OTP_LENGTH 0x00000221
565
- #define CKA_OTP_TIME_INTERVAL 0x00000222
566
- #define CKA_OTP_USER_FRIENDLY_MODE 0x00000223
567
- #define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224
568
- #define CKA_OTP_TIME_REQUIREMENT 0x00000225
569
- #define CKA_OTP_COUNTER_REQUIREMENT 0x00000226
570
- #define CKA_OTP_PIN_REQUIREMENT 0x00000227
571
- #define CKA_OTP_COUNTER 0x0000022E
572
- #define CKA_OTP_TIME 0x0000022F
573
- #define CKA_OTP_USER_IDENTIFIER 0x0000022A
574
- #define CKA_OTP_SERVICE_IDENTIFIER 0x0000022B
575
- #define CKA_OTP_SERVICE_LOGO 0x0000022C
576
- #define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022D
577
-
578
-
579
- /* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
580
- * are new for v2.10 */
581
- #define CKA_HW_FEATURE_TYPE 0x00000300
582
- #define CKA_RESET_ON_INIT 0x00000301
583
- #define CKA_HAS_RESET 0x00000302
584
-
585
- /* The following attributes are new for v2.20 */
586
- #define CKA_PIXEL_X 0x00000400
587
- #define CKA_PIXEL_Y 0x00000401
588
- #define CKA_RESOLUTION 0x00000402
589
- #define CKA_CHAR_ROWS 0x00000403
590
- #define CKA_CHAR_COLUMNS 0x00000404
591
- #define CKA_COLOR 0x00000405
592
- #define CKA_BITS_PER_PIXEL 0x00000406
593
- #define CKA_CHAR_SETS 0x00000480
594
- #define CKA_ENCODING_METHODS 0x00000481
595
- #define CKA_MIME_TYPES 0x00000482
596
- #define CKA_MECHANISM_TYPE 0x00000500
597
- #define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501
598
- #define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502
599
- #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503
600
- #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600)
601
-
602
- #define CKA_VENDOR_DEFINED 0x80000000
603
-
604
- /* CK_ATTRIBUTE is a structure that includes the type, length
605
- * and value of an attribute */
606
- typedef struct CK_ATTRIBUTE {
607
- CK_ATTRIBUTE_TYPE type;
608
- CK_VOID_PTR pValue;
609
-
610
- /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
611
- CK_ULONG ulValueLen; /* in bytes */
612
- } CK_ATTRIBUTE;
613
-
614
- typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
615
-
616
-
617
- /* CK_DATE is a structure that defines a date */
618
- typedef struct CK_DATE{
619
- CK_CHAR year[4]; /* the year ("1900" - "9999") */
620
- CK_CHAR month[2]; /* the month ("01" - "12") */
621
- CK_CHAR day[2]; /* the day ("01" - "31") */
622
- } CK_DATE;
623
-
624
-
625
- /* CK_MECHANISM_TYPE is a value that identifies a mechanism
626
- * type */
627
- /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
628
- * v2.0 */
629
- typedef CK_ULONG CK_MECHANISM_TYPE;
630
-
631
- /* the following mechanism types are defined: */
632
- #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
633
- #define CKM_RSA_PKCS 0x00000001
634
- #define CKM_RSA_9796 0x00000002
635
- #define CKM_RSA_X_509 0x00000003
636
-
637
- /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
638
- * are new for v2.0. They are mechanisms which hash and sign */
639
- #define CKM_MD2_RSA_PKCS 0x00000004
640
- #define CKM_MD5_RSA_PKCS 0x00000005
641
- #define CKM_SHA1_RSA_PKCS 0x00000006
642
-
643
- /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and
644
- * CKM_RSA_PKCS_OAEP are new for v2.10 */
645
- #define CKM_RIPEMD128_RSA_PKCS 0x00000007
646
- #define CKM_RIPEMD160_RSA_PKCS 0x00000008
647
- #define CKM_RSA_PKCS_OAEP 0x00000009
648
-
649
- /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
650
- * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
651
- #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A
652
- #define CKM_RSA_X9_31 0x0000000B
653
- #define CKM_SHA1_RSA_X9_31 0x0000000C
654
- #define CKM_RSA_PKCS_PSS 0x0000000D
655
- #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
656
-
657
- #define CKM_DSA_KEY_PAIR_GEN 0x00000010
658
- #define CKM_DSA 0x00000011
659
- #define CKM_DSA_SHA1 0x00000012
660
- #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
661
- #define CKM_DH_PKCS_DERIVE 0x00000021
662
-
663
- /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
664
- * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for
665
- * v2.11 */
666
- #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030
667
- #define CKM_X9_42_DH_DERIVE 0x00000031
668
- #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032
669
- #define CKM_X9_42_MQV_DERIVE 0x00000033
670
-
671
- /* CKM_SHA256/384/512 are new for v2.20 */
672
- #define CKM_SHA256_RSA_PKCS 0x00000040
673
- #define CKM_SHA384_RSA_PKCS 0x00000041
674
- #define CKM_SHA512_RSA_PKCS 0x00000042
675
- #define CKM_SHA256_RSA_PKCS_PSS 0x00000043
676
- #define CKM_SHA384_RSA_PKCS_PSS 0x00000044
677
- #define CKM_SHA512_RSA_PKCS_PSS 0x00000045
678
-
679
- /* SHA-224 RSA mechanisms are new for PKCS #11 v2.20 amendment 3 */
680
- #define CKM_SHA224_RSA_PKCS 0x00000046
681
- #define CKM_SHA224_RSA_PKCS_PSS 0x00000047
682
-
683
- #define CKM_RC2_KEY_GEN 0x00000100
684
- #define CKM_RC2_ECB 0x00000101
685
- #define CKM_RC2_CBC 0x00000102
686
- #define CKM_RC2_MAC 0x00000103
687
-
688
- /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
689
- #define CKM_RC2_MAC_GENERAL 0x00000104
690
- #define CKM_RC2_CBC_PAD 0x00000105
691
-
692
- #define CKM_RC4_KEY_GEN 0x00000110
693
- #define CKM_RC4 0x00000111
694
- #define CKM_DES_KEY_GEN 0x00000120
695
- #define CKM_DES_ECB 0x00000121
696
- #define CKM_DES_CBC 0x00000122
697
- #define CKM_DES_MAC 0x00000123
698
-
699
- /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
700
- #define CKM_DES_MAC_GENERAL 0x00000124
701
- #define CKM_DES_CBC_PAD 0x00000125
702
-
703
- #define CKM_DES2_KEY_GEN 0x00000130
704
- #define CKM_DES3_KEY_GEN 0x00000131
705
- #define CKM_DES3_ECB 0x00000132
706
- #define CKM_DES3_CBC 0x00000133
707
- #define CKM_DES3_MAC 0x00000134
708
-
709
- /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
710
- * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
711
- * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
712
- #define CKM_DES3_MAC_GENERAL 0x00000135
713
- #define CKM_DES3_CBC_PAD 0x00000136
714
- #define CKM_CDMF_KEY_GEN 0x00000140
715
- #define CKM_CDMF_ECB 0x00000141
716
- #define CKM_CDMF_CBC 0x00000142
717
- #define CKM_CDMF_MAC 0x00000143
718
- #define CKM_CDMF_MAC_GENERAL 0x00000144
719
- #define CKM_CDMF_CBC_PAD 0x00000145
720
-
721
- /* the following four DES mechanisms are new for v2.20 */
722
- #define CKM_DES_OFB64 0x00000150
723
- #define CKM_DES_OFB8 0x00000151
724
- #define CKM_DES_CFB64 0x00000152
725
- #define CKM_DES_CFB8 0x00000153
726
-
727
- #define CKM_MD2 0x00000200
728
-
729
- /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
730
- #define CKM_MD2_HMAC 0x00000201
731
- #define CKM_MD2_HMAC_GENERAL 0x00000202
732
-
733
- #define CKM_MD5 0x00000210
734
-
735
- /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
736
- #define CKM_MD5_HMAC 0x00000211
737
- #define CKM_MD5_HMAC_GENERAL 0x00000212
738
-
739
- #define CKM_SHA_1 0x00000220
740
-
741
- /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
742
- #define CKM_SHA_1_HMAC 0x00000221
743
- #define CKM_SHA_1_HMAC_GENERAL 0x00000222
744
-
745
- /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC,
746
- * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
747
- * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
748
- #define CKM_RIPEMD128 0x00000230
749
- #define CKM_RIPEMD128_HMAC 0x00000231
750
- #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232
751
- #define CKM_RIPEMD160 0x00000240
752
- #define CKM_RIPEMD160_HMAC 0x00000241
753
- #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242
754
-
755
- /* CKM_SHA256/384/512 are new for v2.20 */
756
- #define CKM_SHA256 0x00000250
757
- #define CKM_SHA256_HMAC 0x00000251
758
- #define CKM_SHA256_HMAC_GENERAL 0x00000252
759
-
760
- /* SHA-224 is new for PKCS #11 v2.20 amendment 3 */
761
- #define CKM_SHA224 0x00000255
762
- #define CKM_SHA224_HMAC 0x00000256
763
- #define CKM_SHA224_HMAC_GENERAL 0x00000257
764
-
765
- #define CKM_SHA384 0x00000260
766
- #define CKM_SHA384_HMAC 0x00000261
767
- #define CKM_SHA384_HMAC_GENERAL 0x00000262
768
- #define CKM_SHA512 0x00000270
769
- #define CKM_SHA512_HMAC 0x00000271
770
- #define CKM_SHA512_HMAC_GENERAL 0x00000272
771
-
772
- /* SecurID is new for PKCS #11 v2.20 amendment 1 */
773
- #define CKM_SECURID_KEY_GEN 0x00000280
774
- #define CKM_SECURID 0x00000282
775
-
776
- /* HOTP is new for PKCS #11 v2.20 amendment 1 */
777
- #define CKM_HOTP_KEY_GEN 0x00000290
778
- #define CKM_HOTP 0x00000291
779
-
780
- /* ACTI is new for PKCS #11 v2.20 amendment 1 */
781
- #define CKM_ACTI 0x000002A0
782
- #define CKM_ACTI_KEY_GEN 0x000002A1
783
-
784
- /* All of the following mechanisms are new for v2.0 */
785
- /* Note that CAST128 and CAST5 are the same algorithm */
786
- #define CKM_CAST_KEY_GEN 0x00000300
787
- #define CKM_CAST_ECB 0x00000301
788
- #define CKM_CAST_CBC 0x00000302
789
- #define CKM_CAST_MAC 0x00000303
790
- #define CKM_CAST_MAC_GENERAL 0x00000304
791
- #define CKM_CAST_CBC_PAD 0x00000305
792
- #define CKM_CAST3_KEY_GEN 0x00000310
793
- #define CKM_CAST3_ECB 0x00000311
794
- #define CKM_CAST3_CBC 0x00000312
795
- #define CKM_CAST3_MAC 0x00000313
796
- #define CKM_CAST3_MAC_GENERAL 0x00000314
797
- #define CKM_CAST3_CBC_PAD 0x00000315
798
- #define CKM_CAST5_KEY_GEN 0x00000320
799
- #define CKM_CAST128_KEY_GEN 0x00000320
800
- #define CKM_CAST5_ECB 0x00000321
801
- #define CKM_CAST128_ECB 0x00000321
802
- #define CKM_CAST5_CBC 0x00000322
803
- #define CKM_CAST128_CBC 0x00000322
804
- #define CKM_CAST5_MAC 0x00000323
805
- #define CKM_CAST128_MAC 0x00000323
806
- #define CKM_CAST5_MAC_GENERAL 0x00000324
807
- #define CKM_CAST128_MAC_GENERAL 0x00000324
808
- #define CKM_CAST5_CBC_PAD 0x00000325
809
- #define CKM_CAST128_CBC_PAD 0x00000325
810
- #define CKM_RC5_KEY_GEN 0x00000330
811
- #define CKM_RC5_ECB 0x00000331
812
- #define CKM_RC5_CBC 0x00000332
813
- #define CKM_RC5_MAC 0x00000333
814
- #define CKM_RC5_MAC_GENERAL 0x00000334
815
- #define CKM_RC5_CBC_PAD 0x00000335
816
- #define CKM_IDEA_KEY_GEN 0x00000340
817
- #define CKM_IDEA_ECB 0x00000341
818
- #define CKM_IDEA_CBC 0x00000342
819
- #define CKM_IDEA_MAC 0x00000343
820
- #define CKM_IDEA_MAC_GENERAL 0x00000344
821
- #define CKM_IDEA_CBC_PAD 0x00000345
822
- #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
823
- #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
824
- #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
825
- #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
826
- #define CKM_XOR_BASE_AND_DATA 0x00000364
827
- #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
828
- #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
829
- #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
830
- #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
831
-
832
- /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
833
- * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and
834
- * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */
835
- #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373
836
- #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374
837
- #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375
838
- #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376
839
- #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377
840
-
841
- /* CKM_TLS_PRF is new for v2.20 */
842
- #define CKM_TLS_PRF 0x00000378
843
-
844
- #define CKM_SSL3_MD5_MAC 0x00000380
845
- #define CKM_SSL3_SHA1_MAC 0x00000381
846
- #define CKM_MD5_KEY_DERIVATION 0x00000390
847
- #define CKM_MD2_KEY_DERIVATION 0x00000391
848
- #define CKM_SHA1_KEY_DERIVATION 0x00000392
849
-
850
- /* CKM_SHA256/384/512 are new for v2.20 */
851
- #define CKM_SHA256_KEY_DERIVATION 0x00000393
852
- #define CKM_SHA384_KEY_DERIVATION 0x00000394
853
- #define CKM_SHA512_KEY_DERIVATION 0x00000395
854
-
855
- /* SHA-224 key derivation is new for PKCS #11 v2.20 amendment 3 */
856
- #define CKM_SHA224_KEY_DERIVATION 0x00000396
857
-
858
- #define CKM_PBE_MD2_DES_CBC 0x000003A0
859
- #define CKM_PBE_MD5_DES_CBC 0x000003A1
860
- #define CKM_PBE_MD5_CAST_CBC 0x000003A2
861
- #define CKM_PBE_MD5_CAST3_CBC 0x000003A3
862
- #define CKM_PBE_MD5_CAST5_CBC 0x000003A4
863
- #define CKM_PBE_MD5_CAST128_CBC 0x000003A4
864
- #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
865
- #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
866
- #define CKM_PBE_SHA1_RC4_128 0x000003A6
867
- #define CKM_PBE_SHA1_RC4_40 0x000003A7
868
- #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
869
- #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
870
- #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
871
- #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
872
-
873
- /* CKM_PKCS5_PBKD2 is new for v2.10 */
874
- #define CKM_PKCS5_PBKD2 0x000003B0
875
-
876
- #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
877
-
878
- /* WTLS mechanisms are new for v2.20 */
879
- #define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0
880
- #define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1
881
- #define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2
882
- #define CKM_WTLS_PRF 0x000003D3
883
- #define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4
884
- #define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5
885
-
886
- #define CKM_KEY_WRAP_LYNKS 0x00000400
887
- #define CKM_KEY_WRAP_SET_OAEP 0x00000401
888
-
889
- /* CKM_CMS_SIG is new for v2.20 */
890
- #define CKM_CMS_SIG 0x00000500
891
-
892
- /* CKM_KIP mechanisms are new for PKCS #11 v2.20 amendment 2 */
893
- #define CKM_KIP_DERIVE 0x00000510
894
- #define CKM_KIP_WRAP 0x00000511
895
- #define CKM_KIP_MAC 0x00000512
896
-
897
- /* Camellia is new for PKCS #11 v2.20 amendment 3 */
898
- #define CKM_CAMELLIA_KEY_GEN 0x00000550
899
- #define CKM_CAMELLIA_ECB 0x00000551
900
- #define CKM_CAMELLIA_CBC 0x00000552
901
- #define CKM_CAMELLIA_MAC 0x00000553
902
- #define CKM_CAMELLIA_MAC_GENERAL 0x00000554
903
- #define CKM_CAMELLIA_CBC_PAD 0x00000555
904
- #define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556
905
- #define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557
906
- #define CKM_CAMELLIA_CTR 0x00000558
907
-
908
- /* ARIA is new for PKCS #11 v2.20 amendment 3 */
909
- #define CKM_ARIA_KEY_GEN 0x00000560
910
- #define CKM_ARIA_ECB 0x00000561
911
- #define CKM_ARIA_CBC 0x00000562
912
- #define CKM_ARIA_MAC 0x00000563
913
- #define CKM_ARIA_MAC_GENERAL 0x00000564
914
- #define CKM_ARIA_CBC_PAD 0x00000565
915
- #define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566
916
- #define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567
917
-
918
- /* Fortezza mechanisms */
919
- #define CKM_SKIPJACK_KEY_GEN 0x00001000
920
- #define CKM_SKIPJACK_ECB64 0x00001001
921
- #define CKM_SKIPJACK_CBC64 0x00001002
922
- #define CKM_SKIPJACK_OFB64 0x00001003
923
- #define CKM_SKIPJACK_CFB64 0x00001004
924
- #define CKM_SKIPJACK_CFB32 0x00001005
925
- #define CKM_SKIPJACK_CFB16 0x00001006
926
- #define CKM_SKIPJACK_CFB8 0x00001007
927
- #define CKM_SKIPJACK_WRAP 0x00001008
928
- #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
929
- #define CKM_SKIPJACK_RELAYX 0x0000100a
930
- #define CKM_KEA_KEY_PAIR_GEN 0x00001010
931
- #define CKM_KEA_KEY_DERIVE 0x00001011
932
- #define CKM_FORTEZZA_TIMESTAMP 0x00001020
933
- #define CKM_BATON_KEY_GEN 0x00001030
934
- #define CKM_BATON_ECB128 0x00001031
935
- #define CKM_BATON_ECB96 0x00001032
936
- #define CKM_BATON_CBC128 0x00001033
937
- #define CKM_BATON_COUNTER 0x00001034
938
- #define CKM_BATON_SHUFFLE 0x00001035
939
- #define CKM_BATON_WRAP 0x00001036
940
-
941
- /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,
942
- * CKM_EC_KEY_PAIR_GEN is preferred */
943
- #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040
944
- #define CKM_EC_KEY_PAIR_GEN 0x00001040
945
-
946
- #define CKM_ECDSA 0x00001041
947
- #define CKM_ECDSA_SHA1 0x00001042
948
-
949
- /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE
950
- * are new for v2.11 */
951
- #define CKM_ECDH1_DERIVE 0x00001050
952
- #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051
953
- #define CKM_ECMQV_DERIVE 0x00001052
954
-
955
- #define CKM_JUNIPER_KEY_GEN 0x00001060
956
- #define CKM_JUNIPER_ECB128 0x00001061
957
- #define CKM_JUNIPER_CBC128 0x00001062
958
- #define CKM_JUNIPER_COUNTER 0x00001063
959
- #define CKM_JUNIPER_SHUFFLE 0x00001064
960
- #define CKM_JUNIPER_WRAP 0x00001065
961
- #define CKM_FASTHASH 0x00001070
962
-
963
- /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC,
964
- * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN,
965
- * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are
966
- * new for v2.11 */
967
- #define CKM_AES_KEY_GEN 0x00001080
968
- #define CKM_AES_ECB 0x00001081
969
- #define CKM_AES_CBC 0x00001082
970
- #define CKM_AES_MAC 0x00001083
971
- #define CKM_AES_MAC_GENERAL 0x00001084
972
- #define CKM_AES_CBC_PAD 0x00001085
973
-
974
- /* AES counter mode is new for PKCS #11 v2.20 amendment 3 */
975
- #define CKM_AES_CTR 0x00001086
976
-
977
- /* BlowFish and TwoFish are new for v2.20 */
978
- #define CKM_BLOWFISH_KEY_GEN 0x00001090
979
- #define CKM_BLOWFISH_CBC 0x00001091
980
- #define CKM_TWOFISH_KEY_GEN 0x00001092
981
- #define CKM_TWOFISH_CBC 0x00001093
982
-
983
-
984
- /* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */
985
- #define CKM_DES_ECB_ENCRYPT_DATA 0x00001100
986
- #define CKM_DES_CBC_ENCRYPT_DATA 0x00001101
987
- #define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102
988
- #define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103
989
- #define CKM_AES_ECB_ENCRYPT_DATA 0x00001104
990
- #define CKM_AES_CBC_ENCRYPT_DATA 0x00001105
991
-
992
- #define CKM_DSA_PARAMETER_GEN 0x00002000
993
- #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
994
- #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002
995
-
996
- #define CKM_VENDOR_DEFINED 0x80000000
997
-
998
- typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
999
-
1000
-
1001
- /* CK_MECHANISM is a structure that specifies a particular
1002
- * mechanism */
1003
- typedef struct CK_MECHANISM {
1004
- CK_MECHANISM_TYPE mechanism;
1005
- CK_VOID_PTR pParameter;
1006
-
1007
- /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
1008
- * v2.0 */
1009
- CK_ULONG ulParameterLen; /* in bytes */
1010
- } CK_MECHANISM;
1011
-
1012
- typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
1013
-
1014
-
1015
- /* CK_MECHANISM_INFO provides information about a particular
1016
- * mechanism */
1017
- typedef struct CK_MECHANISM_INFO {
1018
- CK_ULONG ulMinKeySize;
1019
- CK_ULONG ulMaxKeySize;
1020
- CK_FLAGS flags;
1021
- } CK_MECHANISM_INFO;
1022
-
1023
- /* The flags are defined as follows:
1024
- * Bit Flag Mask Meaning */
1025
- #define CKF_HW 0x00000001 /* performed by HW */
1026
-
1027
- /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
1028
- * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
1029
- * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
1030
- * and CKF_DERIVE are new for v2.0. They specify whether or not
1031
- * a mechanism can be used for a particular task */
1032
- #define CKF_ENCRYPT 0x00000100
1033
- #define CKF_DECRYPT 0x00000200
1034
- #define CKF_DIGEST 0x00000400
1035
- #define CKF_SIGN 0x00000800
1036
- #define CKF_SIGN_RECOVER 0x00001000
1037
- #define CKF_VERIFY 0x00002000
1038
- #define CKF_VERIFY_RECOVER 0x00004000
1039
- #define CKF_GENERATE 0x00008000
1040
- #define CKF_GENERATE_KEY_PAIR 0x00010000
1041
- #define CKF_WRAP 0x00020000
1042
- #define CKF_UNWRAP 0x00040000
1043
- #define CKF_DERIVE 0x00080000
1044
-
1045
- /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
1046
- * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They
1047
- * describe a token's EC capabilities not available in mechanism
1048
- * information. */
1049
- #define CKF_EC_F_P 0x00100000
1050
- #define CKF_EC_F_2M 0x00200000
1051
- #define CKF_EC_ECPARAMETERS 0x00400000
1052
- #define CKF_EC_NAMEDCURVE 0x00800000
1053
- #define CKF_EC_UNCOMPRESS 0x01000000
1054
- #define CKF_EC_COMPRESS 0x02000000
1055
-
1056
- #define CKF_EXTENSION 0x80000000 /* FALSE for this version */
1057
-
1058
- typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
1059
-
1060
-
1061
- /* CK_RV is a value that identifies the return value of a
1062
- * Cryptoki function */
1063
- /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
1064
- typedef CK_ULONG CK_RV;
1065
-
1066
- #define CKR_OK 0x00000000
1067
- #define CKR_CANCEL 0x00000001
1068
- #define CKR_HOST_MEMORY 0x00000002
1069
- #define CKR_SLOT_ID_INVALID 0x00000003
1070
-
1071
- /* CKR_FLAGS_INVALID was removed for v2.0 */
1072
-
1073
- /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
1074
- #define CKR_GENERAL_ERROR 0x00000005
1075
- #define CKR_FUNCTION_FAILED 0x00000006
1076
-
1077
- /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
1078
- * and CKR_CANT_LOCK are new for v2.01 */
1079
- #define CKR_ARGUMENTS_BAD 0x00000007
1080
- #define CKR_NO_EVENT 0x00000008
1081
- #define CKR_NEED_TO_CREATE_THREADS 0x00000009
1082
- #define CKR_CANT_LOCK 0x0000000A
1083
-
1084
- #define CKR_ATTRIBUTE_READ_ONLY 0x00000010
1085
- #define CKR_ATTRIBUTE_SENSITIVE 0x00000011
1086
- #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
1087
- #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
1088
- #define CKR_DATA_INVALID 0x00000020
1089
- #define CKR_DATA_LEN_RANGE 0x00000021
1090
- #define CKR_DEVICE_ERROR 0x00000030
1091
- #define CKR_DEVICE_MEMORY 0x00000031
1092
- #define CKR_DEVICE_REMOVED 0x00000032
1093
- #define CKR_ENCRYPTED_DATA_INVALID 0x00000040
1094
- #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
1095
- #define CKR_FUNCTION_CANCELED 0x00000050
1096
- #define CKR_FUNCTION_NOT_PARALLEL 0x00000051
1097
-
1098
- /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
1099
- #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
1100
-
1101
- #define CKR_KEY_HANDLE_INVALID 0x00000060
1102
-
1103
- /* CKR_KEY_SENSITIVE was removed for v2.0 */
1104
-
1105
- #define CKR_KEY_SIZE_RANGE 0x00000062
1106
- #define CKR_KEY_TYPE_INCONSISTENT 0x00000063
1107
-
1108
- /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
1109
- * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
1110
- * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
1111
- * v2.0 */
1112
- #define CKR_KEY_NOT_NEEDED 0x00000064
1113
- #define CKR_KEY_CHANGED 0x00000065
1114
- #define CKR_KEY_NEEDED 0x00000066
1115
- #define CKR_KEY_INDIGESTIBLE 0x00000067
1116
- #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
1117
- #define CKR_KEY_NOT_WRAPPABLE 0x00000069
1118
- #define CKR_KEY_UNEXTRACTABLE 0x0000006A
1119
-
1120
- #define CKR_MECHANISM_INVALID 0x00000070
1121
- #define CKR_MECHANISM_PARAM_INVALID 0x00000071
1122
-
1123
- /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
1124
- * were removed for v2.0 */
1125
- #define CKR_OBJECT_HANDLE_INVALID 0x00000082
1126
- #define CKR_OPERATION_ACTIVE 0x00000090
1127
- #define CKR_OPERATION_NOT_INITIALIZED 0x00000091
1128
- #define CKR_PIN_INCORRECT 0x000000A0
1129
- #define CKR_PIN_INVALID 0x000000A1
1130
- #define CKR_PIN_LEN_RANGE 0x000000A2
1131
-
1132
- /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
1133
- #define CKR_PIN_EXPIRED 0x000000A3
1134
- #define CKR_PIN_LOCKED 0x000000A4
1135
-
1136
- #define CKR_SESSION_CLOSED 0x000000B0
1137
- #define CKR_SESSION_COUNT 0x000000B1
1138
- #define CKR_SESSION_HANDLE_INVALID 0x000000B3
1139
- #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
1140
- #define CKR_SESSION_READ_ONLY 0x000000B5
1141
- #define CKR_SESSION_EXISTS 0x000000B6
1142
-
1143
- /* CKR_SESSION_READ_ONLY_EXISTS and
1144
- * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
1145
- #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
1146
- #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
1147
-
1148
- #define CKR_SIGNATURE_INVALID 0x000000C0
1149
- #define CKR_SIGNATURE_LEN_RANGE 0x000000C1
1150
- #define CKR_TEMPLATE_INCOMPLETE 0x000000D0
1151
- #define CKR_TEMPLATE_INCONSISTENT 0x000000D1
1152
- #define CKR_TOKEN_NOT_PRESENT 0x000000E0
1153
- #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
1154
- #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
1155
- #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
1156
- #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
1157
- #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
1158
- #define CKR_USER_ALREADY_LOGGED_IN 0x00000100
1159
- #define CKR_USER_NOT_LOGGED_IN 0x00000101
1160
- #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
1161
- #define CKR_USER_TYPE_INVALID 0x00000103
1162
-
1163
- /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
1164
- * are new to v2.01 */
1165
- #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
1166
- #define CKR_USER_TOO_MANY_TYPES 0x00000105
1167
-
1168
- #define CKR_WRAPPED_KEY_INVALID 0x00000110
1169
- #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
1170
- #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
1171
- #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
1172
- #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
1173
- #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
1174
-
1175
- /* These are new to v2.0 */
1176
- #define CKR_RANDOM_NO_RNG 0x00000121
1177
-
1178
- /* These are new to v2.11 */
1179
- #define CKR_DOMAIN_PARAMS_INVALID 0x00000130
1180
-
1181
- /* These are new to v2.0 */
1182
- #define CKR_BUFFER_TOO_SMALL 0x00000150
1183
- #define CKR_SAVED_STATE_INVALID 0x00000160
1184
- #define CKR_INFORMATION_SENSITIVE 0x00000170
1185
- #define CKR_STATE_UNSAVEABLE 0x00000180
1186
-
1187
- /* These are new to v2.01 */
1188
- #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
1189
- #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
1190
- #define CKR_MUTEX_BAD 0x000001A0
1191
- #define CKR_MUTEX_NOT_LOCKED 0x000001A1
1192
-
1193
- /* The following return values are new for PKCS #11 v2.20 amendment 3 */
1194
- #define CKR_NEW_PIN_MODE 0x000001B0
1195
- #define CKR_NEXT_OTP 0x000001B1
1196
-
1197
- /* This is new to v2.20 */
1198
- #define CKR_FUNCTION_REJECTED 0x00000200
1199
-
1200
- #define CKR_VENDOR_DEFINED 0x80000000
1201
-
1202
-
1203
- /* CK_NOTIFY is an application callback that processes events */
1204
- typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
1205
- CK_SESSION_HANDLE hSession, /* the session's handle */
1206
- CK_NOTIFICATION event,
1207
- CK_VOID_PTR pApplication /* passed to C_OpenSession */
1208
- );
1209
-
1210
-
1211
- /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec
1212
- * version and pointers of appropriate types to all the
1213
- * Cryptoki functions */
1214
- /* CK_FUNCTION_LIST is new for v2.0 */
1215
- typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
1216
-
1217
- typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
1218
-
1219
- typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
1220
-
1221
-
1222
- /* CK_CREATEMUTEX is an application callback for creating a
1223
- * mutex object */
1224
- typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
1225
- CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
1226
- );
1227
-
1228
-
1229
- /* CK_DESTROYMUTEX is an application callback for destroying a
1230
- * mutex object */
1231
- typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
1232
- CK_VOID_PTR pMutex /* pointer to mutex */
1233
- );
1234
-
1235
-
1236
- /* CK_LOCKMUTEX is an application callback for locking a mutex */
1237
- typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
1238
- CK_VOID_PTR pMutex /* pointer to mutex */
1239
- );
1240
-
1241
-
1242
- /* CK_UNLOCKMUTEX is an application callback for unlocking a
1243
- * mutex */
1244
- typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
1245
- CK_VOID_PTR pMutex /* pointer to mutex */
1246
- );
1247
-
1248
-
1249
- /* CK_C_INITIALIZE_ARGS provides the optional arguments to
1250
- * C_Initialize */
1251
- typedef struct CK_C_INITIALIZE_ARGS {
1252
- CK_CREATEMUTEX CreateMutex;
1253
- CK_DESTROYMUTEX DestroyMutex;
1254
- CK_LOCKMUTEX LockMutex;
1255
- CK_UNLOCKMUTEX UnlockMutex;
1256
- CK_FLAGS flags;
1257
- CK_VOID_PTR pReserved;
1258
- } CK_C_INITIALIZE_ARGS;
1259
-
1260
- /* flags: bit flags that provide capabilities of the slot
1261
- * Bit Flag Mask Meaning
1262
- */
1263
- #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
1264
- #define CKF_OS_LOCKING_OK 0x00000002
1265
-
1266
- typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
1267
-
1268
-
1269
- /* additional flags for parameters to functions */
1270
-
1271
- /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
1272
- #define CKF_DONT_BLOCK 1
1273
-
1274
- /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
1275
- * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message
1276
- * Generation Function (MGF) applied to a message block when
1277
- * formatting a message block for the PKCS #1 OAEP encryption
1278
- * scheme. */
1279
- typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
1280
-
1281
- typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;
1282
-
1283
- /* The following MGFs are defined */
1284
- /* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512
1285
- * are new for v2.20 */
1286
- #define CKG_MGF1_SHA1 0x00000001
1287
- #define CKG_MGF1_SHA256 0x00000002
1288
- #define CKG_MGF1_SHA384 0x00000003
1289
- #define CKG_MGF1_SHA512 0x00000004
1290
- /* SHA-224 is new for PKCS #11 v2.20 amendment 3 */
1291
- #define CKG_MGF1_SHA224 0x00000005
1292
-
1293
- /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
1294
- * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
1295
- * of the encoding parameter when formatting a message block
1296
- * for the PKCS #1 OAEP encryption scheme. */
1297
- typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
1298
-
1299
- typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
1300
-
1301
- /* The following encoding parameter sources are defined */
1302
- #define CKZ_DATA_SPECIFIED 0x00000001
1303
-
1304
- /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
1305
- * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
1306
- * CKM_RSA_PKCS_OAEP mechanism. */
1307
- typedef struct CK_RSA_PKCS_OAEP_PARAMS {
1308
- CK_MECHANISM_TYPE hashAlg;
1309
- CK_RSA_PKCS_MGF_TYPE mgf;
1310
- CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
1311
- CK_VOID_PTR pSourceData;
1312
- CK_ULONG ulSourceDataLen;
1313
- } CK_RSA_PKCS_OAEP_PARAMS;
1314
-
1315
- typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
1316
-
1317
- /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11.
1318
- * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
1319
- * CKM_RSA_PKCS_PSS mechanism(s). */
1320
- typedef struct CK_RSA_PKCS_PSS_PARAMS {
1321
- CK_MECHANISM_TYPE hashAlg;
1322
- CK_RSA_PKCS_MGF_TYPE mgf;
1323
- CK_ULONG sLen;
1324
- } CK_RSA_PKCS_PSS_PARAMS;
1325
-
1326
- typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;
1327
-
1328
- /* CK_EC_KDF_TYPE is new for v2.11. */
1329
- typedef CK_ULONG CK_EC_KDF_TYPE;
1330
-
1331
- /* The following EC Key Derivation Functions are defined */
1332
- #define CKD_NULL 0x00000001
1333
- #define CKD_SHA1_KDF 0x00000002
1334
-
1335
- /* CK_ECDH1_DERIVE_PARAMS is new for v2.11.
1336
- * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
1337
- * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,
1338
- * where each party contributes one key pair.
1339
- */
1340
- typedef struct CK_ECDH1_DERIVE_PARAMS {
1341
- CK_EC_KDF_TYPE kdf;
1342
- CK_ULONG ulSharedDataLen;
1343
- CK_BYTE_PTR pSharedData;
1344
- CK_ULONG ulPublicDataLen;
1345
- CK_BYTE_PTR pPublicData;
1346
- } CK_ECDH1_DERIVE_PARAMS;
1347
-
1348
- typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;
1349
-
1350
-
1351
- /* CK_ECDH2_DERIVE_PARAMS is new for v2.11.
1352
- * CK_ECDH2_DERIVE_PARAMS provides the parameters to the
1353
- * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */
1354
- typedef struct CK_ECDH2_DERIVE_PARAMS {
1355
- CK_EC_KDF_TYPE kdf;
1356
- CK_ULONG ulSharedDataLen;
1357
- CK_BYTE_PTR pSharedData;
1358
- CK_ULONG ulPublicDataLen;
1359
- CK_BYTE_PTR pPublicData;
1360
- CK_ULONG ulPrivateDataLen;
1361
- CK_OBJECT_HANDLE hPrivateData;
1362
- CK_ULONG ulPublicDataLen2;
1363
- CK_BYTE_PTR pPublicData2;
1364
- } CK_ECDH2_DERIVE_PARAMS;
1365
-
1366
- typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR;
1367
-
1368
- typedef struct CK_ECMQV_DERIVE_PARAMS {
1369
- CK_EC_KDF_TYPE kdf;
1370
- CK_ULONG ulSharedDataLen;
1371
- CK_BYTE_PTR pSharedData;
1372
- CK_ULONG ulPublicDataLen;
1373
- CK_BYTE_PTR pPublicData;
1374
- CK_ULONG ulPrivateDataLen;
1375
- CK_OBJECT_HANDLE hPrivateData;
1376
- CK_ULONG ulPublicDataLen2;
1377
- CK_BYTE_PTR pPublicData2;
1378
- CK_OBJECT_HANDLE publicKey;
1379
- } CK_ECMQV_DERIVE_PARAMS;
1380
-
1381
- typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR;
1382
-
1383
- /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the
1384
- * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */
1385
- typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;
1386
- typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;
1387
-
1388
- /* The following X9.42 DH key derivation functions are defined
1389
- (besides CKD_NULL already defined : */
1390
- #define CKD_SHA1_KDF_ASN1 0x00000003
1391
- #define CKD_SHA1_KDF_CONCATENATE 0x00000004
1392
-
1393
- /* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11.
1394
- * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the
1395
- * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party
1396
- * contributes one key pair */
1397
- typedef struct CK_X9_42_DH1_DERIVE_PARAMS {
1398
- CK_X9_42_DH_KDF_TYPE kdf;
1399
- CK_ULONG ulOtherInfoLen;
1400
- CK_BYTE_PTR pOtherInfo;
1401
- CK_ULONG ulPublicDataLen;
1402
- CK_BYTE_PTR pPublicData;
1403
- } CK_X9_42_DH1_DERIVE_PARAMS;
1404
-
1405
- typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;
1406
-
1407
- /* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11.
1408
- * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the
1409
- * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation
1410
- * mechanisms, where each party contributes two key pairs */
1411
- typedef struct CK_X9_42_DH2_DERIVE_PARAMS {
1412
- CK_X9_42_DH_KDF_TYPE kdf;
1413
- CK_ULONG ulOtherInfoLen;
1414
- CK_BYTE_PTR pOtherInfo;
1415
- CK_ULONG ulPublicDataLen;
1416
- CK_BYTE_PTR pPublicData;
1417
- CK_ULONG ulPrivateDataLen;
1418
- CK_OBJECT_HANDLE hPrivateData;
1419
- CK_ULONG ulPublicDataLen2;
1420
- CK_BYTE_PTR pPublicData2;
1421
- } CK_X9_42_DH2_DERIVE_PARAMS;
1422
-
1423
- typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;
1424
-
1425
- typedef struct CK_X9_42_MQV_DERIVE_PARAMS {
1426
- CK_X9_42_DH_KDF_TYPE kdf;
1427
- CK_ULONG ulOtherInfoLen;
1428
- CK_BYTE_PTR pOtherInfo;
1429
- CK_ULONG ulPublicDataLen;
1430
- CK_BYTE_PTR pPublicData;
1431
- CK_ULONG ulPrivateDataLen;
1432
- CK_OBJECT_HANDLE hPrivateData;
1433
- CK_ULONG ulPublicDataLen2;
1434
- CK_BYTE_PTR pPublicData2;
1435
- CK_OBJECT_HANDLE publicKey;
1436
- } CK_X9_42_MQV_DERIVE_PARAMS;
1437
-
1438
- typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR;
1439
-
1440
- /* CK_KEA_DERIVE_PARAMS provides the parameters to the
1441
- * CKM_KEA_DERIVE mechanism */
1442
- /* CK_KEA_DERIVE_PARAMS is new for v2.0 */
1443
- typedef struct CK_KEA_DERIVE_PARAMS {
1444
- CK_BBOOL isSender;
1445
- CK_ULONG ulRandomLen;
1446
- CK_BYTE_PTR pRandomA;
1447
- CK_BYTE_PTR pRandomB;
1448
- CK_ULONG ulPublicDataLen;
1449
- CK_BYTE_PTR pPublicData;
1450
- } CK_KEA_DERIVE_PARAMS;
1451
-
1452
- typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
1453
-
1454
-
1455
- /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
1456
- * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
1457
- * holds the effective keysize */
1458
- typedef CK_ULONG CK_RC2_PARAMS;
1459
-
1460
- typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
1461
-
1462
-
1463
- /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
1464
- * mechanism */
1465
- typedef struct CK_RC2_CBC_PARAMS {
1466
- /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
1467
- * v2.0 */
1468
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
1469
-
1470
- CK_BYTE iv[8]; /* IV for CBC mode */
1471
- } CK_RC2_CBC_PARAMS;
1472
-
1473
- typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
1474
-
1475
-
1476
- /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
1477
- * CKM_RC2_MAC_GENERAL mechanism */
1478
- /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
1479
- typedef struct CK_RC2_MAC_GENERAL_PARAMS {
1480
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
1481
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
1482
- } CK_RC2_MAC_GENERAL_PARAMS;
1483
-
1484
- typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
1485
- CK_RC2_MAC_GENERAL_PARAMS_PTR;
1486
-
1487
-
1488
- /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
1489
- * CKM_RC5_MAC mechanisms */
1490
- /* CK_RC5_PARAMS is new for v2.0 */
1491
- typedef struct CK_RC5_PARAMS {
1492
- CK_ULONG ulWordsize; /* wordsize in bits */
1493
- CK_ULONG ulRounds; /* number of rounds */
1494
- } CK_RC5_PARAMS;
1495
-
1496
- typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
1497
-
1498
-
1499
- /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
1500
- * mechanism */
1501
- /* CK_RC5_CBC_PARAMS is new for v2.0 */
1502
- typedef struct CK_RC5_CBC_PARAMS {
1503
- CK_ULONG ulWordsize; /* wordsize in bits */
1504
- CK_ULONG ulRounds; /* number of rounds */
1505
- CK_BYTE_PTR pIv; /* pointer to IV */
1506
- CK_ULONG ulIvLen; /* length of IV in bytes */
1507
- } CK_RC5_CBC_PARAMS;
1508
-
1509
- typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
1510
-
1511
-
1512
- /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
1513
- * CKM_RC5_MAC_GENERAL mechanism */
1514
- /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
1515
- typedef struct CK_RC5_MAC_GENERAL_PARAMS {
1516
- CK_ULONG ulWordsize; /* wordsize in bits */
1517
- CK_ULONG ulRounds; /* number of rounds */
1518
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
1519
- } CK_RC5_MAC_GENERAL_PARAMS;
1520
-
1521
- typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
1522
- CK_RC5_MAC_GENERAL_PARAMS_PTR;
1523
-
1524
-
1525
- /* CK_MAC_GENERAL_PARAMS provides the parameters to most block
1526
- * ciphers' MAC_GENERAL mechanisms. Its value is the length of
1527
- * the MAC */
1528
- /* CK_MAC_GENERAL_PARAMS is new for v2.0 */
1529
- typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
1530
-
1531
- typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
1532
-
1533
- /* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */
1534
- typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS {
1535
- CK_BYTE iv[8];
1536
- CK_BYTE_PTR pData;
1537
- CK_ULONG length;
1538
- } CK_DES_CBC_ENCRYPT_DATA_PARAMS;
1539
-
1540
- typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR;
1541
-
1542
- typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS {
1543
- CK_BYTE iv[16];
1544
- CK_BYTE_PTR pData;
1545
- CK_ULONG length;
1546
- } CK_AES_CBC_ENCRYPT_DATA_PARAMS;
1547
-
1548
- typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;
1549
-
1550
- /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
1551
- * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
1552
- /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
1553
- typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
1554
- CK_ULONG ulPasswordLen;
1555
- CK_BYTE_PTR pPassword;
1556
- CK_ULONG ulPublicDataLen;
1557
- CK_BYTE_PTR pPublicData;
1558
- CK_ULONG ulPAndGLen;
1559
- CK_ULONG ulQLen;
1560
- CK_ULONG ulRandomLen;
1561
- CK_BYTE_PTR pRandomA;
1562
- CK_BYTE_PTR pPrimeP;
1563
- CK_BYTE_PTR pBaseG;
1564
- CK_BYTE_PTR pSubprimeQ;
1565
- } CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
1566
-
1567
- typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
1568
- CK_SKIPJACK_PRIVATE_WRAP_PTR;
1569
-
1570
-
1571
- /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
1572
- * CKM_SKIPJACK_RELAYX mechanism */
1573
- /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
1574
- typedef struct CK_SKIPJACK_RELAYX_PARAMS {
1575
- CK_ULONG ulOldWrappedXLen;
1576
- CK_BYTE_PTR pOldWrappedX;
1577
- CK_ULONG ulOldPasswordLen;
1578
- CK_BYTE_PTR pOldPassword;
1579
- CK_ULONG ulOldPublicDataLen;
1580
- CK_BYTE_PTR pOldPublicData;
1581
- CK_ULONG ulOldRandomLen;
1582
- CK_BYTE_PTR pOldRandomA;
1583
- CK_ULONG ulNewPasswordLen;
1584
- CK_BYTE_PTR pNewPassword;
1585
- CK_ULONG ulNewPublicDataLen;
1586
- CK_BYTE_PTR pNewPublicData;
1587
- CK_ULONG ulNewRandomLen;
1588
- CK_BYTE_PTR pNewRandomA;
1589
- } CK_SKIPJACK_RELAYX_PARAMS;
1590
-
1591
- typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
1592
- CK_SKIPJACK_RELAYX_PARAMS_PTR;
1593
-
1594
-
1595
- typedef struct CK_PBE_PARAMS {
1596
- CK_BYTE_PTR pInitVector;
1597
- CK_UTF8CHAR_PTR pPassword;
1598
- CK_ULONG ulPasswordLen;
1599
- CK_BYTE_PTR pSalt;
1600
- CK_ULONG ulSaltLen;
1601
- CK_ULONG ulIteration;
1602
- } CK_PBE_PARAMS;
1603
-
1604
- typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
1605
-
1606
-
1607
- /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
1608
- * CKM_KEY_WRAP_SET_OAEP mechanism */
1609
- /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
1610
- typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
1611
- CK_BYTE bBC; /* block contents byte */
1612
- CK_BYTE_PTR pX; /* extra data */
1613
- CK_ULONG ulXLen; /* length of extra data in bytes */
1614
- } CK_KEY_WRAP_SET_OAEP_PARAMS;
1615
-
1616
- typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
1617
- CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
1618
-
1619
-
1620
- typedef struct CK_SSL3_RANDOM_DATA {
1621
- CK_BYTE_PTR pClientRandom;
1622
- CK_ULONG ulClientRandomLen;
1623
- CK_BYTE_PTR pServerRandom;
1624
- CK_ULONG ulServerRandomLen;
1625
- } CK_SSL3_RANDOM_DATA;
1626
-
1627
-
1628
- typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
1629
- CK_SSL3_RANDOM_DATA RandomInfo;
1630
- CK_VERSION_PTR pVersion;
1631
- } CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
1632
-
1633
- typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
1634
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
1635
-
1636
-
1637
- typedef struct CK_SSL3_KEY_MAT_OUT {
1638
- CK_OBJECT_HANDLE hClientMacSecret;
1639
- CK_OBJECT_HANDLE hServerMacSecret;
1640
- CK_OBJECT_HANDLE hClientKey;
1641
- CK_OBJECT_HANDLE hServerKey;
1642
- CK_BYTE_PTR pIVClient;
1643
- CK_BYTE_PTR pIVServer;
1644
- } CK_SSL3_KEY_MAT_OUT;
1645
-
1646
- typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
1647
-
1648
-
1649
- typedef struct CK_SSL3_KEY_MAT_PARAMS {
1650
- CK_ULONG ulMacSizeInBits;
1651
- CK_ULONG ulKeySizeInBits;
1652
- CK_ULONG ulIVSizeInBits;
1653
- CK_BBOOL bIsExport;
1654
- CK_SSL3_RANDOM_DATA RandomInfo;
1655
- CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
1656
- } CK_SSL3_KEY_MAT_PARAMS;
1657
-
1658
- typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
1659
-
1660
- /* CK_TLS_PRF_PARAMS is new for version 2.20 */
1661
- typedef struct CK_TLS_PRF_PARAMS {
1662
- CK_BYTE_PTR pSeed;
1663
- CK_ULONG ulSeedLen;
1664
- CK_BYTE_PTR pLabel;
1665
- CK_ULONG ulLabelLen;
1666
- CK_BYTE_PTR pOutput;
1667
- CK_ULONG_PTR pulOutputLen;
1668
- } CK_TLS_PRF_PARAMS;
1669
-
1670
- typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR;
1671
-
1672
- /* WTLS is new for version 2.20 */
1673
- typedef struct CK_WTLS_RANDOM_DATA {
1674
- CK_BYTE_PTR pClientRandom;
1675
- CK_ULONG ulClientRandomLen;
1676
- CK_BYTE_PTR pServerRandom;
1677
- CK_ULONG ulServerRandomLen;
1678
- } CK_WTLS_RANDOM_DATA;
1679
-
1680
- typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR;
1681
-
1682
- typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS {
1683
- CK_MECHANISM_TYPE DigestMechanism;
1684
- CK_WTLS_RANDOM_DATA RandomInfo;
1685
- CK_BYTE_PTR pVersion;
1686
- } CK_WTLS_MASTER_KEY_DERIVE_PARAMS;
1687
-
1688
- typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \
1689
- CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR;
1690
-
1691
- typedef struct CK_WTLS_PRF_PARAMS {
1692
- CK_MECHANISM_TYPE DigestMechanism;
1693
- CK_BYTE_PTR pSeed;
1694
- CK_ULONG ulSeedLen;
1695
- CK_BYTE_PTR pLabel;
1696
- CK_ULONG ulLabelLen;
1697
- CK_BYTE_PTR pOutput;
1698
- CK_ULONG_PTR pulOutputLen;
1699
- } CK_WTLS_PRF_PARAMS;
1700
-
1701
- typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR;
1702
-
1703
- typedef struct CK_WTLS_KEY_MAT_OUT {
1704
- CK_OBJECT_HANDLE hMacSecret;
1705
- CK_OBJECT_HANDLE hKey;
1706
- CK_BYTE_PTR pIV;
1707
- } CK_WTLS_KEY_MAT_OUT;
1708
-
1709
- typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR;
1710
-
1711
- typedef struct CK_WTLS_KEY_MAT_PARAMS {
1712
- CK_MECHANISM_TYPE DigestMechanism;
1713
- CK_ULONG ulMacSizeInBits;
1714
- CK_ULONG ulKeySizeInBits;
1715
- CK_ULONG ulIVSizeInBits;
1716
- CK_ULONG ulSequenceNumber;
1717
- CK_BBOOL bIsExport;
1718
- CK_WTLS_RANDOM_DATA RandomInfo;
1719
- CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
1720
- } CK_WTLS_KEY_MAT_PARAMS;
1721
-
1722
- typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR;
1723
-
1724
- /* CMS is new for version 2.20 */
1725
- typedef struct CK_CMS_SIG_PARAMS {
1726
- CK_OBJECT_HANDLE certificateHandle;
1727
- CK_MECHANISM_PTR pSigningMechanism;
1728
- CK_MECHANISM_PTR pDigestMechanism;
1729
- CK_UTF8CHAR_PTR pContentType;
1730
- CK_BYTE_PTR pRequestedAttributes;
1731
- CK_ULONG ulRequestedAttributesLen;
1732
- CK_BYTE_PTR pRequiredAttributes;
1733
- CK_ULONG ulRequiredAttributesLen;
1734
- } CK_CMS_SIG_PARAMS;
1735
-
1736
- typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR;
1737
-
1738
- typedef struct CK_KEY_DERIVATION_STRING_DATA {
1739
- CK_BYTE_PTR pData;
1740
- CK_ULONG ulLen;
1741
- } CK_KEY_DERIVATION_STRING_DATA;
1742
-
1743
- typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
1744
- CK_KEY_DERIVATION_STRING_DATA_PTR;
1745
-
1746
-
1747
- /* The CK_EXTRACT_PARAMS is used for the
1748
- * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
1749
- * of the base key should be used as the first bit of the
1750
- * derived key */
1751
- /* CK_EXTRACT_PARAMS is new for v2.0 */
1752
- typedef CK_ULONG CK_EXTRACT_PARAMS;
1753
-
1754
- typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
1755
-
1756
- /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
1757
- * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
1758
- * indicate the Pseudo-Random Function (PRF) used to generate
1759
- * key bits using PKCS #5 PBKDF2. */
1760
- typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
1761
-
1762
- typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
1763
-
1764
- /* The following PRFs are defined in PKCS #5 v2.0. */
1765
- #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
1766
-
1767
-
1768
- /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10.
1769
- * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the
1770
- * source of the salt value when deriving a key using PKCS #5
1771
- * PBKDF2. */
1772
- typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
1773
-
1774
- typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
1775
-
1776
- /* The following salt value sources are defined in PKCS #5 v2.0. */
1777
- #define CKZ_SALT_SPECIFIED 0x00000001
1778
-
1779
- /* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
1780
- * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
1781
- * parameters to the CKM_PKCS5_PBKD2 mechanism. */
1782
- typedef struct CK_PKCS5_PBKD2_PARAMS {
1783
- CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
1784
- CK_VOID_PTR pSaltSourceData;
1785
- CK_ULONG ulSaltSourceDataLen;
1786
- CK_ULONG iterations;
1787
- CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
1788
- CK_VOID_PTR pPrfData;
1789
- CK_ULONG ulPrfDataLen;
1790
- CK_UTF8CHAR_PTR pPassword;
1791
- CK_ULONG_PTR ulPasswordLen;
1792
- } CK_PKCS5_PBKD2_PARAMS;
1793
-
1794
- typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
1795
-
1796
- /* All CK_OTP structs are new for PKCS #11 v2.20 amendment 3 */
1797
-
1798
- typedef CK_ULONG CK_OTP_PARAM_TYPE;
1799
- typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* B/w compatibility */
1800
-
1801
- typedef struct CK_OTP_PARAM {
1802
- CK_OTP_PARAM_TYPE type;
1803
- CK_VOID_PTR pValue;
1804
- CK_ULONG ulValueLen;
1805
- } CK_OTP_PARAM;
1806
-
1807
- typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR;
1808
-
1809
- typedef struct CK_OTP_PARAMS {
1810
- CK_OTP_PARAM_PTR pParams;
1811
- CK_ULONG ulCount;
1812
- } CK_OTP_PARAMS;
1813
-
1814
- typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR;
1815
-
1816
- typedef struct CK_OTP_SIGNATURE_INFO {
1817
- CK_OTP_PARAM_PTR pParams;
1818
- CK_ULONG ulCount;
1819
- } CK_OTP_SIGNATURE_INFO;
1820
-
1821
- typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR;
1822
-
1823
- /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */
1824
- #define CK_OTP_VALUE 0
1825
- #define CK_OTP_PIN 1
1826
- #define CK_OTP_CHALLENGE 2
1827
- #define CK_OTP_TIME 3
1828
- #define CK_OTP_COUNTER 4
1829
- #define CK_OTP_FLAGS 5
1830
- #define CK_OTP_OUTPUT_LENGTH 6
1831
- #define CK_OTP_OUTPUT_FORMAT 7
1832
-
1833
- /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */
1834
- #define CKF_NEXT_OTP 0x00000001
1835
- #define CKF_EXCLUDE_TIME 0x00000002
1836
- #define CKF_EXCLUDE_COUNTER 0x00000004
1837
- #define CKF_EXCLUDE_CHALLENGE 0x00000008
1838
- #define CKF_EXCLUDE_PIN 0x00000010
1839
- #define CKF_USER_FRIENDLY_OTP 0x00000020
1840
-
1841
- /* CK_KIP_PARAMS is new for PKCS #11 v2.20 amendment 2 */
1842
- typedef struct CK_KIP_PARAMS {
1843
- CK_MECHANISM_PTR pMechanism;
1844
- CK_OBJECT_HANDLE hKey;
1845
- CK_BYTE_PTR pSeed;
1846
- CK_ULONG ulSeedLen;
1847
- } CK_KIP_PARAMS;
1848
-
1849
- typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR;
1850
-
1851
- /* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */
1852
- typedef struct CK_AES_CTR_PARAMS {
1853
- CK_ULONG ulCounterBits;
1854
- CK_BYTE cb[16];
1855
- } CK_AES_CTR_PARAMS;
1856
-
1857
- typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR;
1858
-
1859
- /* CK_CAMELLIA_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */
1860
- typedef struct CK_CAMELLIA_CTR_PARAMS {
1861
- CK_ULONG ulCounterBits;
1862
- CK_BYTE cb[16];
1863
- } CK_CAMELLIA_CTR_PARAMS;
1864
-
1865
- typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR;
1866
-
1867
- /* CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */
1868
- typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS {
1869
- CK_BYTE iv[16];
1870
- CK_BYTE_PTR pData;
1871
- CK_ULONG length;
1872
- } CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS;
1873
-
1874
- typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
1875
-
1876
- /* CK_ARIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */
1877
- typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS {
1878
- CK_BYTE iv[16];
1879
- CK_BYTE_PTR pData;
1880
- CK_ULONG length;
1881
- } CK_ARIA_CBC_ENCRYPT_DATA_PARAMS;
1882
-
1883
- typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
1884
-
1885
- #endif
1
+ /*
2
+ * Copyright (C) OASIS Open 2014. All rights reserved.
3
+ * OASIS trademark, IPR and other policies apply.
4
+ * http://www.oasis-open.org/policies-guidelines/ipr
5
+ */
6
+
7
+ /* See top of pkcs11.h for information about the macros that
8
+ * must be defined and the structure-packing conventions that
9
+ * must be set before including this file. */
10
+
11
+ #ifndef _PKCS11T_H_
12
+ #define _PKCS11T_H_ 1
13
+
14
+ #define CRYPTOKI_VERSION_MAJOR 2
15
+ #define CRYPTOKI_VERSION_MINOR 40
16
+ #define CRYPTOKI_VERSION_AMENDMENT 0
17
+
18
+ #define CK_TRUE 1
19
+ #define CK_FALSE 0
20
+
21
+ #ifndef CK_DISABLE_TRUE_FALSE
22
+ #ifndef FALSE
23
+ #define FALSE CK_FALSE
24
+ #endif
25
+
26
+ #ifndef TRUE
27
+ #define TRUE CK_TRUE
28
+ #endif
29
+ #endif
30
+
31
+ /* an unsigned 8-bit value */
32
+ typedef unsigned char CK_BYTE;
33
+
34
+ /* an unsigned 8-bit character */
35
+ typedef CK_BYTE CK_CHAR;
36
+
37
+ /* an 8-bit UTF-8 character */
38
+ typedef CK_BYTE CK_UTF8CHAR;
39
+
40
+ /* a BYTE-sized Boolean flag */
41
+ typedef CK_BYTE CK_BBOOL;
42
+
43
+ /* an unsigned value, at least 32 bits long */
44
+ typedef unsigned long int CK_ULONG;
45
+
46
+ /* a signed value, the same size as a CK_ULONG */
47
+ typedef long int CK_LONG;
48
+
49
+ /* at least 32 bits; each bit is a Boolean flag */
50
+ typedef CK_ULONG CK_FLAGS;
51
+
52
+
53
+ /* some special values for certain CK_ULONG variables */
54
+ #define CK_UNAVAILABLE_INFORMATION (~0UL)
55
+ #define CK_EFFECTIVELY_INFINITE 0UL
56
+
57
+
58
+ typedef CK_BYTE CK_PTR CK_BYTE_PTR;
59
+ typedef CK_CHAR CK_PTR CK_CHAR_PTR;
60
+ typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
61
+ typedef CK_ULONG CK_PTR CK_ULONG_PTR;
62
+ typedef void CK_PTR CK_VOID_PTR;
63
+
64
+ /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
65
+ typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
66
+
67
+
68
+ /* The following value is always invalid if used as a session */
69
+ /* handle or object handle */
70
+ #define CK_INVALID_HANDLE 0UL
71
+
72
+
73
+ typedef struct CK_VERSION {
74
+ CK_BYTE major; /* integer portion of version number */
75
+ CK_BYTE minor; /* 1/100ths portion of version number */
76
+ } CK_VERSION;
77
+
78
+ typedef CK_VERSION CK_PTR CK_VERSION_PTR;
79
+
80
+
81
+ typedef struct CK_INFO {
82
+ /* manufacturerID and libraryDecription have been changed from
83
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */
84
+ CK_VERSION cryptokiVersion; /* Cryptoki interface ver */
85
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */
86
+ CK_FLAGS flags; /* must be zero */
87
+
88
+ CK_UTF8CHAR libraryDescription[32]; /* blank padded */
89
+ CK_VERSION libraryVersion; /* version of library */
90
+ } CK_INFO;
91
+
92
+ typedef CK_INFO CK_PTR CK_INFO_PTR;
93
+
94
+
95
+ /* CK_NOTIFICATION enumerates the types of notifications that
96
+ * Cryptoki provides to an application */
97
+ typedef CK_ULONG CK_NOTIFICATION;
98
+ #define CKN_SURRENDER 0UL
99
+ #define CKN_OTP_CHANGED 1UL
100
+
101
+
102
+ typedef CK_ULONG CK_SLOT_ID;
103
+
104
+ typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
105
+
106
+
107
+ /* CK_SLOT_INFO provides information about a slot */
108
+ typedef struct CK_SLOT_INFO {
109
+ /* slotDescription and manufacturerID have been changed from
110
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */
111
+ CK_UTF8CHAR slotDescription[64]; /* blank padded */
112
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */
113
+ CK_FLAGS flags;
114
+
115
+ CK_VERSION hardwareVersion; /* version of hardware */
116
+ CK_VERSION firmwareVersion; /* version of firmware */
117
+ } CK_SLOT_INFO;
118
+
119
+ /* flags: bit flags that provide capabilities of the slot
120
+ * Bit Flag Mask Meaning
121
+ */
122
+ #define CKF_TOKEN_PRESENT 0x00000001UL /* a token is there */
123
+ #define CKF_REMOVABLE_DEVICE 0x00000002UL /* removable devices*/
124
+ #define CKF_HW_SLOT 0x00000004UL /* hardware slot */
125
+
126
+ typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
127
+
128
+
129
+ /* CK_TOKEN_INFO provides information about a token */
130
+ typedef struct CK_TOKEN_INFO {
131
+ /* label, manufacturerID, and model have been changed from
132
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */
133
+ CK_UTF8CHAR label[32]; /* blank padded */
134
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */
135
+ CK_UTF8CHAR model[16]; /* blank padded */
136
+ CK_CHAR serialNumber[16]; /* blank padded */
137
+ CK_FLAGS flags; /* see below */
138
+
139
+ CK_ULONG ulMaxSessionCount; /* max open sessions */
140
+ CK_ULONG ulSessionCount; /* sess. now open */
141
+ CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
142
+ CK_ULONG ulRwSessionCount; /* R/W sess. now open */
143
+ CK_ULONG ulMaxPinLen; /* in bytes */
144
+ CK_ULONG ulMinPinLen; /* in bytes */
145
+ CK_ULONG ulTotalPublicMemory; /* in bytes */
146
+ CK_ULONG ulFreePublicMemory; /* in bytes */
147
+ CK_ULONG ulTotalPrivateMemory; /* in bytes */
148
+ CK_ULONG ulFreePrivateMemory; /* in bytes */
149
+ CK_VERSION hardwareVersion; /* version of hardware */
150
+ CK_VERSION firmwareVersion; /* version of firmware */
151
+ CK_CHAR utcTime[16]; /* time */
152
+ } CK_TOKEN_INFO;
153
+
154
+ /* The flags parameter is defined as follows:
155
+ * Bit Flag Mask Meaning
156
+ */
157
+ #define CKF_RNG 0x00000001UL /* has random #
158
+ * generator */
159
+ #define CKF_WRITE_PROTECTED 0x00000002UL /* token is
160
+ * write-
161
+ * protected */
162
+ #define CKF_LOGIN_REQUIRED 0x00000004UL /* user must
163
+ * login */
164
+ #define CKF_USER_PIN_INITIALIZED 0x00000008UL /* normal user's
165
+ * PIN is set */
166
+
167
+ /* CKF_RESTORE_KEY_NOT_NEEDED. If it is set,
168
+ * that means that *every* time the state of cryptographic
169
+ * operations of a session is successfully saved, all keys
170
+ * needed to continue those operations are stored in the state */
171
+ #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020UL
172
+
173
+ /* CKF_CLOCK_ON_TOKEN. If it is set, that means
174
+ * that the token has some sort of clock. The time on that
175
+ * clock is returned in the token info structure */
176
+ #define CKF_CLOCK_ON_TOKEN 0x00000040UL
177
+
178
+ /* CKF_PROTECTED_AUTHENTICATION_PATH. If it is
179
+ * set, that means that there is some way for the user to login
180
+ * without sending a PIN through the Cryptoki library itself */
181
+ #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100UL
182
+
183
+ /* CKF_DUAL_CRYPTO_OPERATIONS. If it is true,
184
+ * that means that a single session with the token can perform
185
+ * dual simultaneous cryptographic operations (digest and
186
+ * encrypt; decrypt and digest; sign and encrypt; and decrypt
187
+ * and sign) */
188
+ #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200UL
189
+
190
+ /* CKF_TOKEN_INITIALIZED. If it is true, the
191
+ * token has been initialized using C_InitializeToken or an
192
+ * equivalent mechanism outside the scope of PKCS #11.
193
+ * Calling C_InitializeToken when this flag is set will cause
194
+ * the token to be reinitialized. */
195
+ #define CKF_TOKEN_INITIALIZED 0x00000400UL
196
+
197
+ /* CKF_SECONDARY_AUTHENTICATION. If it is
198
+ * true, the token supports secondary authentication for
199
+ * private key objects. This flag is deprecated in v2.11 and
200
+ onwards. */
201
+ #define CKF_SECONDARY_AUTHENTICATION 0x00000800UL
202
+
203
+ /* CKF_USER_PIN_COUNT_LOW. If it is true, an
204
+ * incorrect user login PIN has been entered at least once
205
+ * since the last successful authentication. */
206
+ #define CKF_USER_PIN_COUNT_LOW 0x00010000UL
207
+
208
+ /* CKF_USER_PIN_FINAL_TRY. If it is true,
209
+ * supplying an incorrect user PIN will it to become locked. */
210
+ #define CKF_USER_PIN_FINAL_TRY 0x00020000UL
211
+
212
+ /* CKF_USER_PIN_LOCKED. If it is true, the
213
+ * user PIN has been locked. User login to the token is not
214
+ * possible. */
215
+ #define CKF_USER_PIN_LOCKED 0x00040000UL
216
+
217
+ /* CKF_USER_PIN_TO_BE_CHANGED. If it is true,
218
+ * the user PIN value is the default value set by token
219
+ * initialization or manufacturing, or the PIN has been
220
+ * expired by the card. */
221
+ #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000UL
222
+
223
+ /* CKF_SO_PIN_COUNT_LOW. If it is true, an
224
+ * incorrect SO login PIN has been entered at least once since
225
+ * the last successful authentication. */
226
+ #define CKF_SO_PIN_COUNT_LOW 0x00100000UL
227
+
228
+ /* CKF_SO_PIN_FINAL_TRY. If it is true,
229
+ * supplying an incorrect SO PIN will it to become locked. */
230
+ #define CKF_SO_PIN_FINAL_TRY 0x00200000UL
231
+
232
+ /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
233
+ * PIN has been locked. SO login to the token is not possible.
234
+ */
235
+ #define CKF_SO_PIN_LOCKED 0x00400000UL
236
+
237
+ /* CKF_SO_PIN_TO_BE_CHANGED. If it is true,
238
+ * the SO PIN value is the default value set by token
239
+ * initialization or manufacturing, or the PIN has been
240
+ * expired by the card. */
241
+ #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000UL
242
+
243
+ #define CKF_ERROR_STATE 0x01000000UL
244
+
245
+ typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
246
+
247
+
248
+ /* CK_SESSION_HANDLE is a Cryptoki-assigned value that
249
+ * identifies a session */
250
+ typedef CK_ULONG CK_SESSION_HANDLE;
251
+
252
+ typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
253
+
254
+
255
+ /* CK_USER_TYPE enumerates the types of Cryptoki users */
256
+ typedef CK_ULONG CK_USER_TYPE;
257
+ /* Security Officer */
258
+ #define CKU_SO 0UL
259
+ /* Normal user */
260
+ #define CKU_USER 1UL
261
+ /* Context specific */
262
+ #define CKU_CONTEXT_SPECIFIC 2UL
263
+
264
+ /* CK_STATE enumerates the session states */
265
+ typedef CK_ULONG CK_STATE;
266
+ #define CKS_RO_PUBLIC_SESSION 0UL
267
+ #define CKS_RO_USER_FUNCTIONS 1UL
268
+ #define CKS_RW_PUBLIC_SESSION 2UL
269
+ #define CKS_RW_USER_FUNCTIONS 3UL
270
+ #define CKS_RW_SO_FUNCTIONS 4UL
271
+
272
+
273
+ /* CK_SESSION_INFO provides information about a session */
274
+ typedef struct CK_SESSION_INFO {
275
+ CK_SLOT_ID slotID;
276
+ CK_STATE state;
277
+ CK_FLAGS flags; /* see below */
278
+ CK_ULONG ulDeviceError; /* device-dependent error code */
279
+ } CK_SESSION_INFO;
280
+
281
+ /* The flags are defined in the following table:
282
+ * Bit Flag Mask Meaning
283
+ */
284
+ #define CKF_RW_SESSION 0x00000002UL /* session is r/w */
285
+ #define CKF_SERIAL_SESSION 0x00000004UL /* no parallel */
286
+
287
+ typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
288
+
289
+
290
+ /* CK_OBJECT_HANDLE is a token-specific identifier for an
291
+ * object */
292
+ typedef CK_ULONG CK_OBJECT_HANDLE;
293
+
294
+ typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
295
+
296
+
297
+ /* CK_OBJECT_CLASS is a value that identifies the classes (or
298
+ * types) of objects that Cryptoki recognizes. It is defined
299
+ * as follows: */
300
+ typedef CK_ULONG CK_OBJECT_CLASS;
301
+
302
+ /* The following classes of objects are defined: */
303
+ #define CKO_DATA 0x00000000UL
304
+ #define CKO_CERTIFICATE 0x00000001UL
305
+ #define CKO_PUBLIC_KEY 0x00000002UL
306
+ #define CKO_PRIVATE_KEY 0x00000003UL
307
+ #define CKO_SECRET_KEY 0x00000004UL
308
+ #define CKO_HW_FEATURE 0x00000005UL
309
+ #define CKO_DOMAIN_PARAMETERS 0x00000006UL
310
+ #define CKO_MECHANISM 0x00000007UL
311
+ #define CKO_OTP_KEY 0x00000008UL
312
+
313
+ #define CKO_VENDOR_DEFINED 0x80000000UL
314
+
315
+ typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
316
+
317
+ /* CK_HW_FEATURE_TYPE is a
318
+ * value that identifies the hardware feature type of an object
319
+ * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
320
+ typedef CK_ULONG CK_HW_FEATURE_TYPE;
321
+
322
+ /* The following hardware feature types are defined */
323
+ #define CKH_MONOTONIC_COUNTER 0x00000001UL
324
+ #define CKH_CLOCK 0x00000002UL
325
+ #define CKH_USER_INTERFACE 0x00000003UL
326
+ #define CKH_VENDOR_DEFINED 0x80000000UL
327
+
328
+ /* CK_KEY_TYPE is a value that identifies a key type */
329
+ typedef CK_ULONG CK_KEY_TYPE;
330
+
331
+ /* the following key types are defined: */
332
+ #define CKK_RSA 0x00000000UL
333
+ #define CKK_DSA 0x00000001UL
334
+ #define CKK_DH 0x00000002UL
335
+ /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */
336
+ #define CKK_ECDSA 0x00000003UL
337
+ #define CKK_EC 0x00000003UL
338
+ #define CKK_X9_42_DH 0x00000004UL
339
+ #define CKK_KEA 0x00000005UL
340
+ #define CKK_GENERIC_SECRET 0x00000010UL
341
+ #define CKK_RC2 0x00000011UL
342
+ #define CKK_RC4 0x00000012UL
343
+ #define CKK_DES 0x00000013UL
344
+ #define CKK_DES2 0x00000014UL
345
+ #define CKK_DES3 0x00000015UL
346
+ #define CKK_CAST 0x00000016UL
347
+ #define CKK_CAST3 0x00000017UL
348
+ /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */
349
+ #define CKK_CAST5 0x00000018UL
350
+ #define CKK_CAST128 0x00000018UL
351
+ #define CKK_RC5 0x00000019UL
352
+ #define CKK_IDEA 0x0000001AUL
353
+ #define CKK_SKIPJACK 0x0000001BUL
354
+ #define CKK_BATON 0x0000001CUL
355
+ #define CKK_JUNIPER 0x0000001DUL
356
+ #define CKK_CDMF 0x0000001EUL
357
+ #define CKK_AES 0x0000001FUL
358
+ #define CKK_BLOWFISH 0x00000020UL
359
+ #define CKK_TWOFISH 0x00000021UL
360
+ #define CKK_SECURID 0x00000022UL
361
+ #define CKK_HOTP 0x00000023UL
362
+ #define CKK_ACTI 0x00000024UL
363
+ #define CKK_CAMELLIA 0x00000025UL
364
+ #define CKK_ARIA 0x00000026UL
365
+
366
+ /* new for v2.40 */
367
+ #define CKK_SHA512_224_HMAC 0x00000027UL
368
+ #define CKK_SHA512_256_HMAC 0x00000028UL
369
+ #define CKK_SHA512_T_HMAC 0x00000029UL
370
+
371
+ #define CKK_SHA_1_HMAC 0x00000040UL
372
+ #define CKK_SHA224_HMAC 0x00000041UL
373
+ #define CKK_SHA256_HMAC 0x00000042UL
374
+ #define CKK_SHA384_HMAC 0x00000043UL
375
+ #define CKK_SHA512_HMAC 0x00000044UL
376
+
377
+ #define CKK_SEED 0x00000050UL
378
+
379
+ #define CKK_GOSTR3410 0x00000060UL
380
+ #define CKK_GOSTR3411 0x00000061UL
381
+ #define CKK_GOST28147 0x00000062UL
382
+
383
+ #define CKK_VENDOR_DEFINED 0x80000000UL
384
+
385
+
386
+ /* CK_CERTIFICATE_TYPE is a value that identifies a certificate
387
+ * type */
388
+ typedef CK_ULONG CK_CERTIFICATE_TYPE;
389
+
390
+ /* new for v2.40 */
391
+ #define CK_CERTIFICATE_CATEGORY_UNSPECIFIED 0UL
392
+ #define CK_CERTIFICATE_CATEGORY_TOKEN_USER 1UL
393
+ #define CK_CERTIFICATE_CATEGORY_AUTHORITY 2UL
394
+ #define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY 3UL
395
+
396
+ /* new for v2.40 */
397
+ #define CK_SECURITY_DOMAIN_UNSPECIFIED 0UL
398
+ #define CK_SECURITY_DOMAIN_MANUFACTURER 1UL
399
+ #define CK_SECURITY_DOMAIN_OPERATOR 2UL
400
+ #define CK_SECURITY_DOMAIN_THIRD_PARTY 3UL
401
+
402
+
403
+ /* The following certificate types are defined: */
404
+ #define CKC_X_509 0x00000000UL
405
+ #define CKC_X_509_ATTR_CERT 0x00000001UL
406
+ #define CKC_WTLS 0x00000002UL
407
+ #define CKC_VENDOR_DEFINED 0x80000000UL
408
+
409
+
410
+ /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
411
+ * type */
412
+ typedef CK_ULONG CK_ATTRIBUTE_TYPE;
413
+
414
+ /* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which
415
+ consists of an array of values. */
416
+ #define CKF_ARRAY_ATTRIBUTE 0x40000000UL
417
+
418
+ /* The following OTP-related defines relate to the CKA_OTP_FORMAT attribute */
419
+ #define CK_OTP_FORMAT_DECIMAL 0UL
420
+ #define CK_OTP_FORMAT_HEXADECIMAL 1UL
421
+ #define CK_OTP_FORMAT_ALPHANUMERIC 2UL
422
+ #define CK_OTP_FORMAT_BINARY 3UL
423
+
424
+ /* The following OTP-related defines relate to the CKA_OTP_..._REQUIREMENT attributes */
425
+ #define CK_OTP_PARAM_IGNORED 0UL
426
+ #define CK_OTP_PARAM_OPTIONAL 1UL
427
+ #define CK_OTP_PARAM_MANDATORY 2UL
428
+
429
+ /* The following attribute types are defined: */
430
+ #define CKA_CLASS 0x00000000UL
431
+ #define CKA_TOKEN 0x00000001UL
432
+ #define CKA_PRIVATE 0x00000002UL
433
+ #define CKA_LABEL 0x00000003UL
434
+ #define CKA_APPLICATION 0x00000010UL
435
+ #define CKA_VALUE 0x00000011UL
436
+ #define CKA_OBJECT_ID 0x00000012UL
437
+ #define CKA_CERTIFICATE_TYPE 0x00000080UL
438
+ #define CKA_ISSUER 0x00000081UL
439
+ #define CKA_SERIAL_NUMBER 0x00000082UL
440
+ #define CKA_AC_ISSUER 0x00000083UL
441
+ #define CKA_OWNER 0x00000084UL
442
+ #define CKA_ATTR_TYPES 0x00000085UL
443
+ #define CKA_TRUSTED 0x00000086UL
444
+ #define CKA_CERTIFICATE_CATEGORY 0x00000087UL
445
+ #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088UL
446
+ #define CKA_URL 0x00000089UL
447
+ #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008AUL
448
+ #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008BUL
449
+ #define CKA_NAME_HASH_ALGORITHM 0x0000008CUL
450
+ #define CKA_CHECK_VALUE 0x00000090UL
451
+
452
+ #define CKA_KEY_TYPE 0x00000100UL
453
+ #define CKA_SUBJECT 0x00000101UL
454
+ #define CKA_ID 0x00000102UL
455
+ #define CKA_SENSITIVE 0x00000103UL
456
+ #define CKA_ENCRYPT 0x00000104UL
457
+ #define CKA_DECRYPT 0x00000105UL
458
+ #define CKA_WRAP 0x00000106UL
459
+ #define CKA_UNWRAP 0x00000107UL
460
+ #define CKA_SIGN 0x00000108UL
461
+ #define CKA_SIGN_RECOVER 0x00000109UL
462
+ #define CKA_VERIFY 0x0000010AUL
463
+ #define CKA_VERIFY_RECOVER 0x0000010BUL
464
+ #define CKA_DERIVE 0x0000010CUL
465
+ #define CKA_START_DATE 0x00000110UL
466
+ #define CKA_END_DATE 0x00000111UL
467
+ #define CKA_MODULUS 0x00000120UL
468
+ #define CKA_MODULUS_BITS 0x00000121UL
469
+ #define CKA_PUBLIC_EXPONENT 0x00000122UL
470
+ #define CKA_PRIVATE_EXPONENT 0x00000123UL
471
+ #define CKA_PRIME_1 0x00000124UL
472
+ #define CKA_PRIME_2 0x00000125UL
473
+ #define CKA_EXPONENT_1 0x00000126UL
474
+ #define CKA_EXPONENT_2 0x00000127UL
475
+ #define CKA_COEFFICIENT 0x00000128UL
476
+ #define CKA_PUBLIC_KEY_INFO 0x00000129UL
477
+ #define CKA_PRIME 0x00000130UL
478
+ #define CKA_SUBPRIME 0x00000131UL
479
+ #define CKA_BASE 0x00000132UL
480
+
481
+ #define CKA_PRIME_BITS 0x00000133UL
482
+ #define CKA_SUBPRIME_BITS 0x00000134UL
483
+ /* (To retain backwards-compatibility) */
484
+ #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS
485
+
486
+ #define CKA_VALUE_BITS 0x00000160UL
487
+ #define CKA_VALUE_LEN 0x00000161UL
488
+ #define CKA_EXTRACTABLE 0x00000162UL
489
+ #define CKA_LOCAL 0x00000163UL
490
+ #define CKA_NEVER_EXTRACTABLE 0x00000164UL
491
+ #define CKA_ALWAYS_SENSITIVE 0x00000165UL
492
+ #define CKA_KEY_GEN_MECHANISM 0x00000166UL
493
+
494
+ #define CKA_MODIFIABLE 0x00000170UL
495
+ #define CKA_COPYABLE 0x00000171UL
496
+
497
+ /* new for v2.40 */
498
+ #define CKA_DESTROYABLE 0x00000172UL
499
+
500
+ /* CKA_ECDSA_PARAMS is deprecated in v2.11,
501
+ * CKA_EC_PARAMS is preferred. */
502
+ #define CKA_ECDSA_PARAMS 0x00000180UL
503
+ #define CKA_EC_PARAMS 0x00000180UL
504
+
505
+ #define CKA_EC_POINT 0x00000181UL
506
+
507
+ /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
508
+ * are new for v2.10. Deprecated in v2.11 and onwards. */
509
+ #define CKA_SECONDARY_AUTH 0x00000200UL /* Deprecated */
510
+ #define CKA_AUTH_PIN_FLAGS 0x00000201UL /* Deprecated */
511
+
512
+ #define CKA_ALWAYS_AUTHENTICATE 0x00000202UL
513
+
514
+ #define CKA_WRAP_WITH_TRUSTED 0x00000210UL
515
+ #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211UL)
516
+ #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212UL)
517
+
518
+ #define CKA_OTP_FORMAT 0x00000220UL
519
+ #define CKA_OTP_LENGTH 0x00000221UL
520
+ #define CKA_OTP_TIME_INTERVAL 0x00000222UL
521
+ #define CKA_OTP_USER_FRIENDLY_MODE 0x00000223UL
522
+ #define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224UL
523
+ #define CKA_OTP_TIME_REQUIREMENT 0x00000225UL
524
+ #define CKA_OTP_COUNTER_REQUIREMENT 0x00000226UL
525
+ #define CKA_OTP_PIN_REQUIREMENT 0x00000227UL
526
+ #define CKA_OTP_COUNTER 0x0000022EUL
527
+ #define CKA_OTP_TIME 0x0000022FUL
528
+ #define CKA_OTP_USER_IDENTIFIER 0x0000022AUL
529
+ #define CKA_OTP_SERVICE_IDENTIFIER 0x0000022BUL
530
+ #define CKA_OTP_SERVICE_LOGO 0x0000022CUL
531
+ #define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022DUL
532
+
533
+ #define CKA_GOSTR3410_PARAMS 0x00000250UL
534
+ #define CKA_GOSTR3411_PARAMS 0x00000251UL
535
+ #define CKA_GOST28147_PARAMS 0x00000252UL
536
+
537
+ #define CKA_HW_FEATURE_TYPE 0x00000300UL
538
+ #define CKA_RESET_ON_INIT 0x00000301UL
539
+ #define CKA_HAS_RESET 0x00000302UL
540
+
541
+ #define CKA_PIXEL_X 0x00000400UL
542
+ #define CKA_PIXEL_Y 0x00000401UL
543
+ #define CKA_RESOLUTION 0x00000402UL
544
+ #define CKA_CHAR_ROWS 0x00000403UL
545
+ #define CKA_CHAR_COLUMNS 0x00000404UL
546
+ #define CKA_COLOR 0x00000405UL
547
+ #define CKA_BITS_PER_PIXEL 0x00000406UL
548
+ #define CKA_CHAR_SETS 0x00000480UL
549
+ #define CKA_ENCODING_METHODS 0x00000481UL
550
+ #define CKA_MIME_TYPES 0x00000482UL
551
+ #define CKA_MECHANISM_TYPE 0x00000500UL
552
+ #define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501UL
553
+ #define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502UL
554
+ #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503UL
555
+ #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600UL)
556
+
557
+ #define CKA_VENDOR_DEFINED 0x80000000UL
558
+
559
+ /* CK_ATTRIBUTE is a structure that includes the type, length
560
+ * and value of an attribute */
561
+ typedef struct CK_ATTRIBUTE {
562
+ CK_ATTRIBUTE_TYPE type;
563
+ CK_VOID_PTR pValue;
564
+ CK_ULONG ulValueLen; /* in bytes */
565
+ } CK_ATTRIBUTE;
566
+
567
+ typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
568
+
569
+
570
+ /* CK_DATE is a structure that defines a date */
571
+ typedef struct CK_DATE{
572
+ CK_CHAR year[4]; /* the year ("1900" - "9999") */
573
+ CK_CHAR month[2]; /* the month ("01" - "12") */
574
+ CK_CHAR day[2]; /* the day ("01" - "31") */
575
+ } CK_DATE;
576
+
577
+
578
+ /* CK_MECHANISM_TYPE is a value that identifies a mechanism
579
+ * type */
580
+ typedef CK_ULONG CK_MECHANISM_TYPE;
581
+
582
+ /* the following mechanism types are defined: */
583
+ #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000UL
584
+ #define CKM_RSA_PKCS 0x00000001UL
585
+ #define CKM_RSA_9796 0x00000002UL
586
+ #define CKM_RSA_X_509 0x00000003UL
587
+
588
+ #define CKM_MD2_RSA_PKCS 0x00000004UL
589
+ #define CKM_MD5_RSA_PKCS 0x00000005UL
590
+ #define CKM_SHA1_RSA_PKCS 0x00000006UL
591
+
592
+ #define CKM_RIPEMD128_RSA_PKCS 0x00000007UL
593
+ #define CKM_RIPEMD160_RSA_PKCS 0x00000008UL
594
+ #define CKM_RSA_PKCS_OAEP 0x00000009UL
595
+
596
+ #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000AUL
597
+ #define CKM_RSA_X9_31 0x0000000BUL
598
+ #define CKM_SHA1_RSA_X9_31 0x0000000CUL
599
+ #define CKM_RSA_PKCS_PSS 0x0000000DUL
600
+ #define CKM_SHA1_RSA_PKCS_PSS 0x0000000EUL
601
+
602
+ /* new for v2.40 */
603
+ #define CKM_DSA_KEY_PAIR_GEN 0x00000010UL
604
+ #define CKM_DSA 0x00000011UL
605
+ #define CKM_DSA_SHA1 0x00000012UL
606
+ #define CKM_DSA_FIPS_G_GEN 0x00000013UL
607
+ #define CKM_DSA_SHA224 0x00000014UL
608
+ #define CKM_DSA_SHA256 0x00000015UL
609
+ #define CKM_DSA_SHA384 0x00000016UL
610
+ #define CKM_DSA_SHA512 0x00000017UL
611
+
612
+ #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020UL
613
+ #define CKM_DH_PKCS_DERIVE 0x00000021UL
614
+
615
+ #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030UL
616
+ #define CKM_X9_42_DH_DERIVE 0x00000031UL
617
+ #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032UL
618
+ #define CKM_X9_42_MQV_DERIVE 0x00000033UL
619
+
620
+ #define CKM_SHA256_RSA_PKCS 0x00000040UL
621
+ #define CKM_SHA384_RSA_PKCS 0x00000041UL
622
+ #define CKM_SHA512_RSA_PKCS 0x00000042UL
623
+ #define CKM_SHA256_RSA_PKCS_PSS 0x00000043UL
624
+ #define CKM_SHA384_RSA_PKCS_PSS 0x00000044UL
625
+ #define CKM_SHA512_RSA_PKCS_PSS 0x00000045UL
626
+
627
+ #define CKM_SHA224_RSA_PKCS 0x00000046UL
628
+ #define CKM_SHA224_RSA_PKCS_PSS 0x00000047UL
629
+
630
+ /* new for v2.40 */
631
+ #define CKM_SHA512_224 0x00000048UL
632
+ #define CKM_SHA512_224_HMAC 0x00000049UL
633
+ #define CKM_SHA512_224_HMAC_GENERAL 0x0000004AUL
634
+ #define CKM_SHA512_224_KEY_DERIVATION 0x0000004BUL
635
+ #define CKM_SHA512_256 0x0000004CUL
636
+ #define CKM_SHA512_256_HMAC 0x0000004DUL
637
+ #define CKM_SHA512_256_HMAC_GENERAL 0x0000004EUL
638
+ #define CKM_SHA512_256_KEY_DERIVATION 0x0000004FUL
639
+
640
+ #define CKM_SHA512_T 0x00000050UL
641
+ #define CKM_SHA512_T_HMAC 0x00000051UL
642
+ #define CKM_SHA512_T_HMAC_GENERAL 0x00000052UL
643
+ #define CKM_SHA512_T_KEY_DERIVATION 0x00000053UL
644
+
645
+ #define CKM_RC2_KEY_GEN 0x00000100UL
646
+ #define CKM_RC2_ECB 0x00000101UL
647
+ #define CKM_RC2_CBC 0x00000102UL
648
+ #define CKM_RC2_MAC 0x00000103UL
649
+
650
+ #define CKM_RC2_MAC_GENERAL 0x00000104UL
651
+ #define CKM_RC2_CBC_PAD 0x00000105UL
652
+
653
+ #define CKM_RC4_KEY_GEN 0x00000110UL
654
+ #define CKM_RC4 0x00000111UL
655
+ #define CKM_DES_KEY_GEN 0x00000120UL
656
+ #define CKM_DES_ECB 0x00000121UL
657
+ #define CKM_DES_CBC 0x00000122UL
658
+ #define CKM_DES_MAC 0x00000123UL
659
+
660
+ #define CKM_DES_MAC_GENERAL 0x00000124UL
661
+ #define CKM_DES_CBC_PAD 0x00000125UL
662
+
663
+ #define CKM_DES2_KEY_GEN 0x00000130UL
664
+ #define CKM_DES3_KEY_GEN 0x00000131UL
665
+ #define CKM_DES3_ECB 0x00000132UL
666
+ #define CKM_DES3_CBC 0x00000133UL
667
+ #define CKM_DES3_MAC 0x00000134UL
668
+
669
+ #define CKM_DES3_MAC_GENERAL 0x00000135UL
670
+ #define CKM_DES3_CBC_PAD 0x00000136UL
671
+ #define CKM_DES3_CMAC_GENERAL 0x00000137UL
672
+ #define CKM_DES3_CMAC 0x00000138UL
673
+ #define CKM_CDMF_KEY_GEN 0x00000140UL
674
+ #define CKM_CDMF_ECB 0x00000141UL
675
+ #define CKM_CDMF_CBC 0x00000142UL
676
+ #define CKM_CDMF_MAC 0x00000143UL
677
+ #define CKM_CDMF_MAC_GENERAL 0x00000144UL
678
+ #define CKM_CDMF_CBC_PAD 0x00000145UL
679
+
680
+ #define CKM_DES_OFB64 0x00000150UL
681
+ #define CKM_DES_OFB8 0x00000151UL
682
+ #define CKM_DES_CFB64 0x00000152UL
683
+ #define CKM_DES_CFB8 0x00000153UL
684
+
685
+ #define CKM_MD2 0x00000200UL
686
+
687
+ #define CKM_MD2_HMAC 0x00000201UL
688
+ #define CKM_MD2_HMAC_GENERAL 0x00000202UL
689
+
690
+ #define CKM_MD5 0x00000210UL
691
+
692
+ #define CKM_MD5_HMAC 0x00000211UL
693
+ #define CKM_MD5_HMAC_GENERAL 0x00000212UL
694
+
695
+ #define CKM_SHA_1 0x00000220UL
696
+
697
+ #define CKM_SHA_1_HMAC 0x00000221UL
698
+ #define CKM_SHA_1_HMAC_GENERAL 0x00000222UL
699
+
700
+ #define CKM_RIPEMD128 0x00000230UL
701
+ #define CKM_RIPEMD128_HMAC 0x00000231UL
702
+ #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232UL
703
+ #define CKM_RIPEMD160 0x00000240UL
704
+ #define CKM_RIPEMD160_HMAC 0x00000241UL
705
+ #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242UL
706
+
707
+ #define CKM_SHA256 0x00000250UL
708
+ #define CKM_SHA256_HMAC 0x00000251UL
709
+ #define CKM_SHA256_HMAC_GENERAL 0x00000252UL
710
+ #define CKM_SHA224 0x00000255UL
711
+ #define CKM_SHA224_HMAC 0x00000256UL
712
+ #define CKM_SHA224_HMAC_GENERAL 0x00000257UL
713
+ #define CKM_SHA384 0x00000260UL
714
+ #define CKM_SHA384_HMAC 0x00000261UL
715
+ #define CKM_SHA384_HMAC_GENERAL 0x00000262UL
716
+ #define CKM_SHA512 0x00000270UL
717
+ #define CKM_SHA512_HMAC 0x00000271UL
718
+ #define CKM_SHA512_HMAC_GENERAL 0x00000272UL
719
+ #define CKM_SECURID_KEY_GEN 0x00000280UL
720
+ #define CKM_SECURID 0x00000282UL
721
+ #define CKM_HOTP_KEY_GEN 0x00000290UL
722
+ #define CKM_HOTP 0x00000291UL
723
+ #define CKM_ACTI 0x000002A0UL
724
+ #define CKM_ACTI_KEY_GEN 0x000002A1UL
725
+
726
+ /* new for v2.40 */
727
+ #define CKM_CAST_KEY_GEN 0x00000300UL
728
+ #define CKM_CAST_ECB 0x00000301UL
729
+ #define CKM_CAST_CBC 0x00000302UL
730
+ #define CKM_CAST_MAC 0x00000303UL
731
+ #define CKM_CAST_MAC_GENERAL 0x00000304UL
732
+ #define CKM_CAST_CBC_PAD 0x00000305UL
733
+ #define CKM_CAST3_KEY_GEN 0x00000310UL
734
+ #define CKM_CAST3_ECB 0x00000311UL
735
+ #define CKM_CAST3_CBC 0x00000312UL
736
+ #define CKM_CAST3_MAC 0x00000313UL
737
+ #define CKM_CAST3_MAC_GENERAL 0x00000314UL
738
+ #define CKM_CAST3_CBC_PAD 0x00000315UL
739
+ /* Note that CAST128 and CAST5 are the same algorithm */
740
+ #define CKM_CAST5_KEY_GEN 0x00000320UL
741
+ #define CKM_CAST128_KEY_GEN 0x00000320UL
742
+ #define CKM_CAST5_ECB 0x00000321UL
743
+ #define CKM_CAST128_ECB 0x00000321UL
744
+ #define CKM_CAST5_CBC 0x00000322UL
745
+ #define CKM_CAST128_CBC 0x00000322UL
746
+ #define CKM_CAST5_MAC 0x00000323UL
747
+ #define CKM_CAST128_MAC 0x00000323UL
748
+ #define CKM_CAST5_MAC_GENERAL 0x00000324UL
749
+ #define CKM_CAST128_MAC_GENERAL 0x00000324UL
750
+ #define CKM_CAST5_CBC_PAD 0x00000325UL
751
+ #define CKM_CAST128_CBC_PAD 0x00000325UL
752
+ #define CKM_RC5_KEY_GEN 0x00000330UL
753
+ #define CKM_RC5_ECB 0x00000331UL
754
+ #define CKM_RC5_CBC 0x00000332UL
755
+ #define CKM_RC5_MAC 0x00000333UL
756
+ #define CKM_RC5_MAC_GENERAL 0x00000334UL
757
+ #define CKM_RC5_CBC_PAD 0x00000335UL
758
+ #define CKM_IDEA_KEY_GEN 0x00000340UL
759
+ #define CKM_IDEA_ECB 0x00000341UL
760
+ #define CKM_IDEA_CBC 0x00000342UL
761
+ #define CKM_IDEA_MAC 0x00000343UL
762
+ #define CKM_IDEA_MAC_GENERAL 0x00000344UL
763
+ #define CKM_IDEA_CBC_PAD 0x00000345UL
764
+ #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350UL
765
+ #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360UL
766
+ #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362UL
767
+ #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363UL
768
+ #define CKM_XOR_BASE_AND_DATA 0x00000364UL
769
+ #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365UL
770
+ #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370UL
771
+ #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371UL
772
+ #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372UL
773
+
774
+ #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373UL
775
+ #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374UL
776
+ #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375UL
777
+ #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376UL
778
+ #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377UL
779
+
780
+ #define CKM_TLS_PRF 0x00000378UL
781
+
782
+ #define CKM_SSL3_MD5_MAC 0x00000380UL
783
+ #define CKM_SSL3_SHA1_MAC 0x00000381UL
784
+ #define CKM_MD5_KEY_DERIVATION 0x00000390UL
785
+ #define CKM_MD2_KEY_DERIVATION 0x00000391UL
786
+ #define CKM_SHA1_KEY_DERIVATION 0x00000392UL
787
+
788
+ #define CKM_SHA256_KEY_DERIVATION 0x00000393UL
789
+ #define CKM_SHA384_KEY_DERIVATION 0x00000394UL
790
+ #define CKM_SHA512_KEY_DERIVATION 0x00000395UL
791
+ #define CKM_SHA224_KEY_DERIVATION 0x00000396UL
792
+
793
+ /* new for v2.40 */
794
+ #define CKM_PBE_MD2_DES_CBC 0x000003A0UL
795
+ #define CKM_PBE_MD5_DES_CBC 0x000003A1UL
796
+ #define CKM_PBE_MD5_CAST_CBC 0x000003A2UL
797
+ #define CKM_PBE_MD5_CAST3_CBC 0x000003A3UL
798
+ #define CKM_PBE_MD5_CAST5_CBC 0x000003A4UL
799
+ #define CKM_PBE_MD5_CAST128_CBC 0x000003A4UL
800
+ #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5UL
801
+ #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5UL
802
+ #define CKM_PBE_SHA1_RC4_128 0x000003A6UL
803
+ #define CKM_PBE_SHA1_RC4_40 0x000003A7UL
804
+ #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8UL
805
+ #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9UL
806
+ #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AAUL
807
+ #define CKM_PBE_SHA1_RC2_40_CBC 0x000003ABUL
808
+
809
+ #define CKM_PKCS5_PBKD2 0x000003B0UL
810
+
811
+ #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0UL
812
+
813
+ #define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0UL
814
+ #define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1UL
815
+ #define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2UL
816
+ #define CKM_WTLS_PRF 0x000003D3UL
817
+ #define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4UL
818
+ #define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5UL
819
+
820
+ /* new for v2.40 */
821
+ #define CKM_TLS10_MAC_SERVER 0x000003D6UL
822
+ #define CKM_TLS10_MAC_CLIENT 0x000003D7UL
823
+ #define CKM_TLS12_MAC 0x000003D8UL
824
+ #define CKM_TLS12_KDF 0x000003D9UL
825
+ #define CKM_TLS12_MASTER_KEY_DERIVE 0x000003E0UL
826
+ #define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003E1UL
827
+ #define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003E2UL
828
+ #define CKM_TLS12_KEY_SAFE_DERIVE 0x000003E3UL
829
+ #define CKM_TLS_MAC 0x000003E4UL
830
+ #define CKM_TLS_KDF 0x000003E5UL
831
+
832
+ #define CKM_KEY_WRAP_LYNKS 0x00000400UL
833
+ #define CKM_KEY_WRAP_SET_OAEP 0x00000401UL
834
+
835
+ #define CKM_CMS_SIG 0x00000500UL
836
+ /* new for v2.40 */
837
+ #define CKM_KIP_DERIVE 0x00000510UL
838
+ #define CKM_KIP_WRAP 0x00000511UL
839
+ #define CKM_KIP_MAC 0x00000512UL
840
+
841
+ #define CKM_CAMELLIA_KEY_GEN 0x00000550UL
842
+ #define CKM_CAMELLIA_ECB 0x00000551UL
843
+ #define CKM_CAMELLIA_CBC 0x00000552UL
844
+ #define CKM_CAMELLIA_MAC 0x00000553UL
845
+ #define CKM_CAMELLIA_MAC_GENERAL 0x00000554UL
846
+ #define CKM_CAMELLIA_CBC_PAD 0x00000555UL
847
+ #define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556UL
848
+ #define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557UL
849
+ #define CKM_CAMELLIA_CTR 0x00000558UL
850
+
851
+ #define CKM_ARIA_KEY_GEN 0x00000560UL
852
+ #define CKM_ARIA_ECB 0x00000561UL
853
+ #define CKM_ARIA_CBC 0x00000562UL
854
+ #define CKM_ARIA_MAC 0x00000563UL
855
+ #define CKM_ARIA_MAC_GENERAL 0x00000564UL
856
+ #define CKM_ARIA_CBC_PAD 0x00000565UL
857
+ #define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566UL
858
+ #define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567UL
859
+
860
+ #define CKM_SEED_KEY_GEN 0x00000650UL
861
+ #define CKM_SEED_ECB 0x00000651UL
862
+ #define CKM_SEED_CBC 0x00000652UL
863
+ #define CKM_SEED_MAC 0x00000653UL
864
+ #define CKM_SEED_MAC_GENERAL 0x00000654UL
865
+ #define CKM_SEED_CBC_PAD 0x00000655UL
866
+ #define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656UL
867
+ #define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657UL
868
+
869
+ #define CKM_SKIPJACK_KEY_GEN 0x00001000UL
870
+ #define CKM_SKIPJACK_ECB64 0x00001001UL
871
+ #define CKM_SKIPJACK_CBC64 0x00001002UL
872
+ #define CKM_SKIPJACK_OFB64 0x00001003UL
873
+ #define CKM_SKIPJACK_CFB64 0x00001004UL
874
+ #define CKM_SKIPJACK_CFB32 0x00001005UL
875
+ #define CKM_SKIPJACK_CFB16 0x00001006UL
876
+ #define CKM_SKIPJACK_CFB8 0x00001007UL
877
+ #define CKM_SKIPJACK_WRAP 0x00001008UL
878
+ #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009UL
879
+ #define CKM_SKIPJACK_RELAYX 0x0000100aUL
880
+ #define CKM_KEA_KEY_PAIR_GEN 0x00001010UL
881
+ #define CKM_KEA_KEY_DERIVE 0x00001011UL
882
+ #define CKM_KEA_DERIVE 0x00001012UL
883
+ #define CKM_FORTEZZA_TIMESTAMP 0x00001020UL
884
+ #define CKM_BATON_KEY_GEN 0x00001030UL
885
+ #define CKM_BATON_ECB128 0x00001031UL
886
+ #define CKM_BATON_ECB96 0x00001032UL
887
+ #define CKM_BATON_CBC128 0x00001033UL
888
+ #define CKM_BATON_COUNTER 0x00001034UL
889
+ #define CKM_BATON_SHUFFLE 0x00001035UL
890
+ #define CKM_BATON_WRAP 0x00001036UL
891
+
892
+ /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,
893
+ * CKM_EC_KEY_PAIR_GEN is preferred */
894
+ #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040UL
895
+ #define CKM_EC_KEY_PAIR_GEN 0x00001040UL
896
+
897
+ #define CKM_ECDSA 0x00001041UL
898
+ #define CKM_ECDSA_SHA1 0x00001042UL
899
+
900
+ #define CKM_ECDH1_DERIVE 0x00001050UL
901
+ #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051UL
902
+ #define CKM_ECMQV_DERIVE 0x00001052UL
903
+
904
+ /* new for v2.40 */
905
+ #define CKM_ECDH_AES_KEY_WRAP 0x00001053UL
906
+ #define CKM_RSA_AES_KEY_WRAP 0x00001054UL
907
+
908
+ #define CKM_JUNIPER_KEY_GEN 0x00001060UL
909
+ #define CKM_JUNIPER_ECB128 0x00001061UL
910
+ #define CKM_JUNIPER_CBC128 0x00001062UL
911
+ #define CKM_JUNIPER_COUNTER 0x00001063UL
912
+ #define CKM_JUNIPER_SHUFFLE 0x00001064UL
913
+ #define CKM_JUNIPER_WRAP 0x00001065UL
914
+ #define CKM_FASTHASH 0x00001070UL
915
+
916
+ #define CKM_AES_KEY_GEN 0x00001080UL
917
+ #define CKM_AES_ECB 0x00001081UL
918
+ #define CKM_AES_CBC 0x00001082UL
919
+ #define CKM_AES_MAC 0x00001083UL
920
+ #define CKM_AES_MAC_GENERAL 0x00001084UL
921
+ #define CKM_AES_CBC_PAD 0x00001085UL
922
+ #define CKM_AES_CTR 0x00001086UL
923
+ #define CKM_AES_GCM 0x00001087UL
924
+ #define CKM_AES_CCM 0x00001088UL
925
+ #define CKM_AES_CMAC_GENERAL 0x00001089UL
926
+ #define CKM_AES_CMAC 0x0000108AUL
927
+ #define CKM_AES_CTS 0x0000108BUL
928
+
929
+ /* new for v2.40 */
930
+ #define CKM_AES_XCBC_MAC 0x0000108CUL
931
+ #define CKM_AES_XCBC_MAC_96 0x0000108DUL
932
+ #define CKM_AES_GMAC 0x0000108EUL
933
+
934
+ #define CKM_BLOWFISH_KEY_GEN 0x00001090UL
935
+ #define CKM_BLOWFISH_CBC 0x00001091UL
936
+ #define CKM_TWOFISH_KEY_GEN 0x00001092UL
937
+ #define CKM_TWOFISH_CBC 0x00001093UL
938
+ #define CKM_BLOWFISH_CBC_PAD 0x00001094UL
939
+ #define CKM_TWOFISH_CBC_PAD 0x00001095UL
940
+
941
+ #define CKM_DES_ECB_ENCRYPT_DATA 0x00001100UL
942
+ #define CKM_DES_CBC_ENCRYPT_DATA 0x00001101UL
943
+ #define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102UL
944
+ #define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103UL
945
+ #define CKM_AES_ECB_ENCRYPT_DATA 0x00001104UL
946
+ #define CKM_AES_CBC_ENCRYPT_DATA 0x00001105UL
947
+
948
+ #define CKM_GOSTR3410_KEY_PAIR_GEN 0x00001200UL
949
+ #define CKM_GOSTR3410 0x00001201UL
950
+ #define CKM_GOSTR3410_WITH_GOSTR3411 0x00001202UL
951
+ #define CKM_GOSTR3410_KEY_WRAP 0x00001203UL
952
+ #define CKM_GOSTR3410_DERIVE 0x00001204UL
953
+ #define CKM_GOSTR3411 0x00001210UL
954
+ #define CKM_GOSTR3411_HMAC 0x00001211UL
955
+ #define CKM_GOST28147_KEY_GEN 0x00001220UL
956
+ #define CKM_GOST28147_ECB 0x00001221UL
957
+ #define CKM_GOST28147 0x00001222UL
958
+ #define CKM_GOST28147_MAC 0x00001223UL
959
+ #define CKM_GOST28147_KEY_WRAP 0x00001224UL
960
+
961
+ #define CKM_DSA_PARAMETER_GEN 0x00002000UL
962
+ #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001UL
963
+ #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002UL
964
+ #define CKM_DSA_PROBABLISTIC_PARAMETER_GEN 0x00002003UL
965
+ #define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN 0x00002004UL
966
+
967
+ #define CKM_AES_OFB 0x00002104UL
968
+ #define CKM_AES_CFB64 0x00002105UL
969
+ #define CKM_AES_CFB8 0x00002106UL
970
+ #define CKM_AES_CFB128 0x00002107UL
971
+
972
+ /* new for v2.40 */
973
+ #define CKM_AES_CFB1 0x00002108UL
974
+ #define CKM_AES_KEY_WRAP 0x00002109UL
975
+ #define CKM_AES_KEY_WRAP_PAD 0x0000210AUL
976
+
977
+ #define CKM_RSA_PKCS_TPM_1_1 0x00004001UL
978
+ #define CKM_RSA_PKCS_OAEP_TPM_1_1 0x00004002UL
979
+
980
+ #define CKM_VENDOR_DEFINED 0x80000000UL
981
+
982
+ typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
983
+
984
+
985
+ /* CK_MECHANISM is a structure that specifies a particular
986
+ * mechanism */
987
+ typedef struct CK_MECHANISM {
988
+ CK_MECHANISM_TYPE mechanism;
989
+ CK_VOID_PTR pParameter;
990
+ CK_ULONG ulParameterLen; /* in bytes */
991
+ } CK_MECHANISM;
992
+
993
+ typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
994
+
995
+
996
+ /* CK_MECHANISM_INFO provides information about a particular
997
+ * mechanism */
998
+ typedef struct CK_MECHANISM_INFO {
999
+ CK_ULONG ulMinKeySize;
1000
+ CK_ULONG ulMaxKeySize;
1001
+ CK_FLAGS flags;
1002
+ } CK_MECHANISM_INFO;
1003
+
1004
+ /* The flags are defined as follows:
1005
+ * Bit Flag Mask Meaning */
1006
+ #define CKF_HW 0x00000001UL /* performed by HW */
1007
+
1008
+ /* Specify whether or not a mechanism can be used for a particular task */
1009
+ #define CKF_ENCRYPT 0x00000100UL
1010
+ #define CKF_DECRYPT 0x00000200UL
1011
+ #define CKF_DIGEST 0x00000400UL
1012
+ #define CKF_SIGN 0x00000800UL
1013
+ #define CKF_SIGN_RECOVER 0x00001000UL
1014
+ #define CKF_VERIFY 0x00002000UL
1015
+ #define CKF_VERIFY_RECOVER 0x00004000UL
1016
+ #define CKF_GENERATE 0x00008000UL
1017
+ #define CKF_GENERATE_KEY_PAIR 0x00010000UL
1018
+ #define CKF_WRAP 0x00020000UL
1019
+ #define CKF_UNWRAP 0x00040000UL
1020
+ #define CKF_DERIVE 0x00080000UL
1021
+
1022
+ /* Describe a token's EC capabilities not available in mechanism
1023
+ * information. */
1024
+ #define CKF_EC_F_P 0x00100000UL
1025
+ #define CKF_EC_F_2M 0x00200000UL
1026
+ #define CKF_EC_ECPARAMETERS 0x00400000UL
1027
+ #define CKF_EC_NAMEDCURVE 0x00800000UL
1028
+ #define CKF_EC_UNCOMPRESS 0x01000000UL
1029
+ #define CKF_EC_COMPRESS 0x02000000UL
1030
+
1031
+ #define CKF_EXTENSION 0x80000000UL /* FALSE for this version */
1032
+
1033
+ typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
1034
+
1035
+
1036
+ /* CK_RV is a value that identifies the return value of a
1037
+ * Cryptoki function */
1038
+ typedef CK_ULONG CK_RV;
1039
+
1040
+ #define CKR_OK 0x00000000UL
1041
+ #define CKR_CANCEL 0x00000001UL
1042
+ #define CKR_HOST_MEMORY 0x00000002UL
1043
+ #define CKR_SLOT_ID_INVALID 0x00000003UL
1044
+
1045
+ /* CKR_FLAGS_INVALID was removed for v2.0 */
1046
+
1047
+ #define CKR_GENERAL_ERROR 0x00000005UL
1048
+ #define CKR_FUNCTION_FAILED 0x00000006UL
1049
+
1050
+ #define CKR_ARGUMENTS_BAD 0x00000007UL
1051
+ #define CKR_NO_EVENT 0x00000008UL
1052
+ #define CKR_NEED_TO_CREATE_THREADS 0x00000009UL
1053
+ #define CKR_CANT_LOCK 0x0000000AUL
1054
+
1055
+ #define CKR_ATTRIBUTE_READ_ONLY 0x00000010UL
1056
+ #define CKR_ATTRIBUTE_SENSITIVE 0x00000011UL
1057
+ #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012UL
1058
+ #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013UL
1059
+
1060
+ /* new for v2.40 */
1061
+ #define CKR_ACTION_PROHIBITED 0x0000001BUL
1062
+
1063
+ #define CKR_DATA_INVALID 0x00000020UL
1064
+ #define CKR_DATA_LEN_RANGE 0x00000021UL
1065
+ #define CKR_DEVICE_ERROR 0x00000030UL
1066
+ #define CKR_DEVICE_MEMORY 0x00000031UL
1067
+ #define CKR_DEVICE_REMOVED 0x00000032UL
1068
+ #define CKR_ENCRYPTED_DATA_INVALID 0x00000040UL
1069
+ #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041UL
1070
+ #define CKR_FUNCTION_CANCELED 0x00000050UL
1071
+ #define CKR_FUNCTION_NOT_PARALLEL 0x00000051UL
1072
+
1073
+ #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054UL
1074
+
1075
+ #define CKR_KEY_HANDLE_INVALID 0x00000060UL
1076
+
1077
+ /* CKR_KEY_SENSITIVE was removed for v2.0 */
1078
+
1079
+ #define CKR_KEY_SIZE_RANGE 0x00000062UL
1080
+ #define CKR_KEY_TYPE_INCONSISTENT 0x00000063UL
1081
+
1082
+ #define CKR_KEY_NOT_NEEDED 0x00000064UL
1083
+ #define CKR_KEY_CHANGED 0x00000065UL
1084
+ #define CKR_KEY_NEEDED 0x00000066UL
1085
+ #define CKR_KEY_INDIGESTIBLE 0x00000067UL
1086
+ #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068UL
1087
+ #define CKR_KEY_NOT_WRAPPABLE 0x00000069UL
1088
+ #define CKR_KEY_UNEXTRACTABLE 0x0000006AUL
1089
+
1090
+ #define CKR_MECHANISM_INVALID 0x00000070UL
1091
+ #define CKR_MECHANISM_PARAM_INVALID 0x00000071UL
1092
+
1093
+ /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
1094
+ * were removed for v2.0 */
1095
+ #define CKR_OBJECT_HANDLE_INVALID 0x00000082UL
1096
+ #define CKR_OPERATION_ACTIVE 0x00000090UL
1097
+ #define CKR_OPERATION_NOT_INITIALIZED 0x00000091UL
1098
+ #define CKR_PIN_INCORRECT 0x000000A0UL
1099
+ #define CKR_PIN_INVALID 0x000000A1UL
1100
+ #define CKR_PIN_LEN_RANGE 0x000000A2UL
1101
+
1102
+ #define CKR_PIN_EXPIRED 0x000000A3UL
1103
+ #define CKR_PIN_LOCKED 0x000000A4UL
1104
+
1105
+ #define CKR_SESSION_CLOSED 0x000000B0UL
1106
+ #define CKR_SESSION_COUNT 0x000000B1UL
1107
+ #define CKR_SESSION_HANDLE_INVALID 0x000000B3UL
1108
+ #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4UL
1109
+ #define CKR_SESSION_READ_ONLY 0x000000B5UL
1110
+ #define CKR_SESSION_EXISTS 0x000000B6UL
1111
+
1112
+ #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7UL
1113
+ #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8UL
1114
+
1115
+ #define CKR_SIGNATURE_INVALID 0x000000C0UL
1116
+ #define CKR_SIGNATURE_LEN_RANGE 0x000000C1UL
1117
+ #define CKR_TEMPLATE_INCOMPLETE 0x000000D0UL
1118
+ #define CKR_TEMPLATE_INCONSISTENT 0x000000D1UL
1119
+ #define CKR_TOKEN_NOT_PRESENT 0x000000E0UL
1120
+ #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1UL
1121
+ #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2UL
1122
+ #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0UL
1123
+ #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1UL
1124
+ #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2UL
1125
+ #define CKR_USER_ALREADY_LOGGED_IN 0x00000100UL
1126
+ #define CKR_USER_NOT_LOGGED_IN 0x00000101UL
1127
+ #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102UL
1128
+ #define CKR_USER_TYPE_INVALID 0x00000103UL
1129
+
1130
+ #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104UL
1131
+ #define CKR_USER_TOO_MANY_TYPES 0x00000105UL
1132
+
1133
+ #define CKR_WRAPPED_KEY_INVALID 0x00000110UL
1134
+ #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112UL
1135
+ #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113UL
1136
+ #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114UL
1137
+ #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115UL
1138
+ #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120UL
1139
+
1140
+ #define CKR_RANDOM_NO_RNG 0x00000121UL
1141
+
1142
+ #define CKR_DOMAIN_PARAMS_INVALID 0x00000130UL
1143
+
1144
+ /* new for v2.40 */
1145
+ #define CKR_CURVE_NOT_SUPPORTED 0x00000140UL
1146
+
1147
+ #define CKR_BUFFER_TOO_SMALL 0x00000150UL
1148
+ #define CKR_SAVED_STATE_INVALID 0x00000160UL
1149
+ #define CKR_INFORMATION_SENSITIVE 0x00000170UL
1150
+ #define CKR_STATE_UNSAVEABLE 0x00000180UL
1151
+
1152
+ #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190UL
1153
+ #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191UL
1154
+ #define CKR_MUTEX_BAD 0x000001A0UL
1155
+ #define CKR_MUTEX_NOT_LOCKED 0x000001A1UL
1156
+
1157
+ #define CKR_NEW_PIN_MODE 0x000001B0UL
1158
+ #define CKR_NEXT_OTP 0x000001B1UL
1159
+
1160
+ #define CKR_EXCEEDED_MAX_ITERATIONS 0x000001C0UL
1161
+ #define CKR_FIPS_SELF_TEST_FAILED 0x000001C1UL
1162
+ #define CKR_LIBRARY_LOAD_FAILED 0x000001C2UL
1163
+ #define CKR_PIN_TOO_WEAK 0x000001C3UL
1164
+ #define CKR_PUBLIC_KEY_INVALID 0x000001C4UL
1165
+
1166
+ #define CKR_FUNCTION_REJECTED 0x00000200UL
1167
+
1168
+ #define CKR_VENDOR_DEFINED 0x80000000UL
1169
+
1170
+
1171
+ /* CK_NOTIFY is an application callback that processes events */
1172
+ typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
1173
+ CK_SESSION_HANDLE hSession, /* the session's handle */
1174
+ CK_NOTIFICATION event,
1175
+ CK_VOID_PTR pApplication /* passed to C_OpenSession */
1176
+ );
1177
+
1178
+
1179
+ /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec
1180
+ * version and pointers of appropriate types to all the
1181
+ * Cryptoki functions */
1182
+ typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
1183
+
1184
+ typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
1185
+
1186
+ typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
1187
+
1188
+
1189
+ /* CK_CREATEMUTEX is an application callback for creating a
1190
+ * mutex object */
1191
+ typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
1192
+ CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
1193
+ );
1194
+
1195
+
1196
+ /* CK_DESTROYMUTEX is an application callback for destroying a
1197
+ * mutex object */
1198
+ typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
1199
+ CK_VOID_PTR pMutex /* pointer to mutex */
1200
+ );
1201
+
1202
+
1203
+ /* CK_LOCKMUTEX is an application callback for locking a mutex */
1204
+ typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
1205
+ CK_VOID_PTR pMutex /* pointer to mutex */
1206
+ );
1207
+
1208
+
1209
+ /* CK_UNLOCKMUTEX is an application callback for unlocking a
1210
+ * mutex */
1211
+ typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
1212
+ CK_VOID_PTR pMutex /* pointer to mutex */
1213
+ );
1214
+
1215
+
1216
+ /* CK_C_INITIALIZE_ARGS provides the optional arguments to
1217
+ * C_Initialize */
1218
+ typedef struct CK_C_INITIALIZE_ARGS {
1219
+ CK_CREATEMUTEX CreateMutex;
1220
+ CK_DESTROYMUTEX DestroyMutex;
1221
+ CK_LOCKMUTEX LockMutex;
1222
+ CK_UNLOCKMUTEX UnlockMutex;
1223
+ CK_FLAGS flags;
1224
+ CK_VOID_PTR pReserved;
1225
+ } CK_C_INITIALIZE_ARGS;
1226
+
1227
+ /* flags: bit flags that provide capabilities of the slot
1228
+ * Bit Flag Mask Meaning
1229
+ */
1230
+ #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001UL
1231
+ #define CKF_OS_LOCKING_OK 0x00000002UL
1232
+
1233
+ typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
1234
+
1235
+
1236
+ /* additional flags for parameters to functions */
1237
+
1238
+ /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
1239
+ #define CKF_DONT_BLOCK 1
1240
+
1241
+ /*
1242
+ * CK_RSA_PKCS_MGF_TYPE is used to indicate the Message
1243
+ * Generation Function (MGF) applied to a message block when
1244
+ * formatting a message block for the PKCS #1 OAEP encryption
1245
+ * scheme. */
1246
+ typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
1247
+
1248
+ typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;
1249
+
1250
+ /* The following MGFs are defined */
1251
+ #define CKG_MGF1_SHA1 0x00000001UL
1252
+ #define CKG_MGF1_SHA256 0x00000002UL
1253
+ #define CKG_MGF1_SHA384 0x00000003UL
1254
+ #define CKG_MGF1_SHA512 0x00000004UL
1255
+ #define CKG_MGF1_SHA224 0x00000005UL
1256
+
1257
+ /*
1258
+ * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
1259
+ * of the encoding parameter when formatting a message block
1260
+ * for the PKCS #1 OAEP encryption scheme. */
1261
+ typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
1262
+
1263
+ typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
1264
+
1265
+ /* The following encoding parameter sources are defined */
1266
+ #define CKZ_DATA_SPECIFIED 0x00000001UL
1267
+
1268
+ /*
1269
+ * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
1270
+ * CKM_RSA_PKCS_OAEP mechanism. */
1271
+ typedef struct CK_RSA_PKCS_OAEP_PARAMS {
1272
+ CK_MECHANISM_TYPE hashAlg;
1273
+ CK_RSA_PKCS_MGF_TYPE mgf;
1274
+ CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
1275
+ CK_VOID_PTR pSourceData;
1276
+ CK_ULONG ulSourceDataLen;
1277
+ } CK_RSA_PKCS_OAEP_PARAMS;
1278
+
1279
+ typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
1280
+
1281
+ /*
1282
+ * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
1283
+ * CKM_RSA_PKCS_PSS mechanism(s). */
1284
+ typedef struct CK_RSA_PKCS_PSS_PARAMS {
1285
+ CK_MECHANISM_TYPE hashAlg;
1286
+ CK_RSA_PKCS_MGF_TYPE mgf;
1287
+ CK_ULONG sLen;
1288
+ } CK_RSA_PKCS_PSS_PARAMS;
1289
+
1290
+ typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;
1291
+
1292
+ typedef CK_ULONG CK_EC_KDF_TYPE;
1293
+
1294
+ /* The following EC Key Derivation Functions are defined */
1295
+ #define CKD_NULL 0x00000001UL
1296
+ #define CKD_SHA1_KDF 0x00000002UL
1297
+ /* The following X9.42 DH key derivation functions are defined */
1298
+ #define CKD_SHA1_KDF_ASN1 0x00000003UL
1299
+ #define CKD_SHA1_KDF_CONCATENATE 0x00000004UL
1300
+ #define CKD_SHA224_KDF 0x00000005UL
1301
+ #define CKD_SHA256_KDF 0x00000006UL
1302
+ #define CKD_SHA384_KDF 0x00000007UL
1303
+ #define CKD_SHA512_KDF 0x00000008UL
1304
+ #define CKD_CPDIVERSIFY_KDF 0x00000009UL
1305
+
1306
+
1307
+ /*
1308
+ * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
1309
+ * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,
1310
+ * where each party contributes one key pair.
1311
+ */
1312
+ typedef struct CK_ECDH1_DERIVE_PARAMS {
1313
+ CK_EC_KDF_TYPE kdf;
1314
+ CK_ULONG ulSharedDataLen;
1315
+ CK_BYTE_PTR pSharedData;
1316
+ CK_ULONG ulPublicDataLen;
1317
+ CK_BYTE_PTR pPublicData;
1318
+ } CK_ECDH1_DERIVE_PARAMS;
1319
+
1320
+ typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;
1321
+
1322
+ typedef struct CK_ECMQV_DERIVE_PARAMS {
1323
+ CK_EC_KDF_TYPE kdf;
1324
+ CK_ULONG ulSharedDataLen;
1325
+ CK_BYTE_PTR pSharedData;
1326
+ CK_ULONG ulPublicDataLen;
1327
+ CK_BYTE_PTR pPublicData;
1328
+ CK_ULONG ulPrivateDataLen;
1329
+ CK_OBJECT_HANDLE hPrivateData;
1330
+ CK_ULONG ulPublicDataLen2;
1331
+ CK_BYTE_PTR pPublicData2;
1332
+ CK_OBJECT_HANDLE publicKey;
1333
+ } CK_ECMQV_DERIVE_PARAMS;
1334
+
1335
+ typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR;
1336
+
1337
+ /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the
1338
+ * CKM_X9_42_DH_PARAMETER_GEN mechanisms */
1339
+ typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;
1340
+ typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;
1341
+
1342
+ /*
1343
+ * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the
1344
+ * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party
1345
+ * contributes one key pair */
1346
+ typedef struct CK_X9_42_DH1_DERIVE_PARAMS {
1347
+ CK_X9_42_DH_KDF_TYPE kdf;
1348
+ CK_ULONG ulOtherInfoLen;
1349
+ CK_BYTE_PTR pOtherInfo;
1350
+ CK_ULONG ulPublicDataLen;
1351
+ CK_BYTE_PTR pPublicData;
1352
+ } CK_X9_42_DH1_DERIVE_PARAMS;
1353
+
1354
+ typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;
1355
+
1356
+ /*
1357
+ * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the
1358
+ * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation
1359
+ * mechanisms, where each party contributes two key pairs */
1360
+ typedef struct CK_X9_42_DH2_DERIVE_PARAMS {
1361
+ CK_X9_42_DH_KDF_TYPE kdf;
1362
+ CK_ULONG ulOtherInfoLen;
1363
+ CK_BYTE_PTR pOtherInfo;
1364
+ CK_ULONG ulPublicDataLen;
1365
+ CK_BYTE_PTR pPublicData;
1366
+ CK_ULONG ulPrivateDataLen;
1367
+ CK_OBJECT_HANDLE hPrivateData;
1368
+ CK_ULONG ulPublicDataLen2;
1369
+ CK_BYTE_PTR pPublicData2;
1370
+ } CK_X9_42_DH2_DERIVE_PARAMS;
1371
+
1372
+ typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;
1373
+
1374
+ typedef struct CK_X9_42_MQV_DERIVE_PARAMS {
1375
+ CK_X9_42_DH_KDF_TYPE kdf;
1376
+ CK_ULONG ulOtherInfoLen;
1377
+ CK_BYTE_PTR pOtherInfo;
1378
+ CK_ULONG ulPublicDataLen;
1379
+ CK_BYTE_PTR pPublicData;
1380
+ CK_ULONG ulPrivateDataLen;
1381
+ CK_OBJECT_HANDLE hPrivateData;
1382
+ CK_ULONG ulPublicDataLen2;
1383
+ CK_BYTE_PTR pPublicData2;
1384
+ CK_OBJECT_HANDLE publicKey;
1385
+ } CK_X9_42_MQV_DERIVE_PARAMS;
1386
+
1387
+ typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR;
1388
+
1389
+ /* CK_KEA_DERIVE_PARAMS provides the parameters to the
1390
+ * CKM_KEA_DERIVE mechanism */
1391
+ typedef struct CK_KEA_DERIVE_PARAMS {
1392
+ CK_BBOOL isSender;
1393
+ CK_ULONG ulRandomLen;
1394
+ CK_BYTE_PTR pRandomA;
1395
+ CK_BYTE_PTR pRandomB;
1396
+ CK_ULONG ulPublicDataLen;
1397
+ CK_BYTE_PTR pPublicData;
1398
+ } CK_KEA_DERIVE_PARAMS;
1399
+
1400
+ typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
1401
+
1402
+
1403
+ /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
1404
+ * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
1405
+ * holds the effective keysize */
1406
+ typedef CK_ULONG CK_RC2_PARAMS;
1407
+
1408
+ typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
1409
+
1410
+
1411
+ /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
1412
+ * mechanism */
1413
+ typedef struct CK_RC2_CBC_PARAMS {
1414
+ CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
1415
+
1416
+ CK_BYTE iv[8]; /* IV for CBC mode */
1417
+ } CK_RC2_CBC_PARAMS;
1418
+
1419
+ typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
1420
+
1421
+
1422
+ /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
1423
+ * CKM_RC2_MAC_GENERAL mechanism */
1424
+ typedef struct CK_RC2_MAC_GENERAL_PARAMS {
1425
+ CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
1426
+ CK_ULONG ulMacLength; /* Length of MAC in bytes */
1427
+ } CK_RC2_MAC_GENERAL_PARAMS;
1428
+
1429
+ typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
1430
+ CK_RC2_MAC_GENERAL_PARAMS_PTR;
1431
+
1432
+
1433
+ /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
1434
+ * CKM_RC5_MAC mechanisms */
1435
+ typedef struct CK_RC5_PARAMS {
1436
+ CK_ULONG ulWordsize; /* wordsize in bits */
1437
+ CK_ULONG ulRounds; /* number of rounds */
1438
+ } CK_RC5_PARAMS;
1439
+
1440
+ typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
1441
+
1442
+
1443
+ /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
1444
+ * mechanism */
1445
+ typedef struct CK_RC5_CBC_PARAMS {
1446
+ CK_ULONG ulWordsize; /* wordsize in bits */
1447
+ CK_ULONG ulRounds; /* number of rounds */
1448
+ CK_BYTE_PTR pIv; /* pointer to IV */
1449
+ CK_ULONG ulIvLen; /* length of IV in bytes */
1450
+ } CK_RC5_CBC_PARAMS;
1451
+
1452
+ typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
1453
+
1454
+
1455
+ /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
1456
+ * CKM_RC5_MAC_GENERAL mechanism */
1457
+ typedef struct CK_RC5_MAC_GENERAL_PARAMS {
1458
+ CK_ULONG ulWordsize; /* wordsize in bits */
1459
+ CK_ULONG ulRounds; /* number of rounds */
1460
+ CK_ULONG ulMacLength; /* Length of MAC in bytes */
1461
+ } CK_RC5_MAC_GENERAL_PARAMS;
1462
+
1463
+ typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
1464
+ CK_RC5_MAC_GENERAL_PARAMS_PTR;
1465
+
1466
+
1467
+ /* CK_MAC_GENERAL_PARAMS provides the parameters to most block
1468
+ * ciphers' MAC_GENERAL mechanisms. Its value is the length of
1469
+ * the MAC */
1470
+ typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
1471
+
1472
+ typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
1473
+
1474
+ typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS {
1475
+ CK_BYTE iv[8];
1476
+ CK_BYTE_PTR pData;
1477
+ CK_ULONG length;
1478
+ } CK_DES_CBC_ENCRYPT_DATA_PARAMS;
1479
+
1480
+ typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR;
1481
+
1482
+ typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS {
1483
+ CK_BYTE iv[16];
1484
+ CK_BYTE_PTR pData;
1485
+ CK_ULONG length;
1486
+ } CK_AES_CBC_ENCRYPT_DATA_PARAMS;
1487
+
1488
+ typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;
1489
+
1490
+ /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
1491
+ * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
1492
+ typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
1493
+ CK_ULONG ulPasswordLen;
1494
+ CK_BYTE_PTR pPassword;
1495
+ CK_ULONG ulPublicDataLen;
1496
+ CK_BYTE_PTR pPublicData;
1497
+ CK_ULONG ulPAndGLen;
1498
+ CK_ULONG ulQLen;
1499
+ CK_ULONG ulRandomLen;
1500
+ CK_BYTE_PTR pRandomA;
1501
+ CK_BYTE_PTR pPrimeP;
1502
+ CK_BYTE_PTR pBaseG;
1503
+ CK_BYTE_PTR pSubprimeQ;
1504
+ } CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
1505
+
1506
+ typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
1507
+ CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR;
1508
+
1509
+
1510
+ /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
1511
+ * CKM_SKIPJACK_RELAYX mechanism */
1512
+ typedef struct CK_SKIPJACK_RELAYX_PARAMS {
1513
+ CK_ULONG ulOldWrappedXLen;
1514
+ CK_BYTE_PTR pOldWrappedX;
1515
+ CK_ULONG ulOldPasswordLen;
1516
+ CK_BYTE_PTR pOldPassword;
1517
+ CK_ULONG ulOldPublicDataLen;
1518
+ CK_BYTE_PTR pOldPublicData;
1519
+ CK_ULONG ulOldRandomLen;
1520
+ CK_BYTE_PTR pOldRandomA;
1521
+ CK_ULONG ulNewPasswordLen;
1522
+ CK_BYTE_PTR pNewPassword;
1523
+ CK_ULONG ulNewPublicDataLen;
1524
+ CK_BYTE_PTR pNewPublicData;
1525
+ CK_ULONG ulNewRandomLen;
1526
+ CK_BYTE_PTR pNewRandomA;
1527
+ } CK_SKIPJACK_RELAYX_PARAMS;
1528
+
1529
+ typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
1530
+ CK_SKIPJACK_RELAYX_PARAMS_PTR;
1531
+
1532
+
1533
+ typedef struct CK_PBE_PARAMS {
1534
+ CK_BYTE_PTR pInitVector;
1535
+ CK_UTF8CHAR_PTR pPassword;
1536
+ CK_ULONG ulPasswordLen;
1537
+ CK_BYTE_PTR pSalt;
1538
+ CK_ULONG ulSaltLen;
1539
+ CK_ULONG ulIteration;
1540
+ } CK_PBE_PARAMS;
1541
+
1542
+ typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
1543
+
1544
+
1545
+ /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
1546
+ * CKM_KEY_WRAP_SET_OAEP mechanism */
1547
+ typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
1548
+ CK_BYTE bBC; /* block contents byte */
1549
+ CK_BYTE_PTR pX; /* extra data */
1550
+ CK_ULONG ulXLen; /* length of extra data in bytes */
1551
+ } CK_KEY_WRAP_SET_OAEP_PARAMS;
1552
+
1553
+ typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
1554
+ CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
1555
+
1556
+
1557
+ typedef struct CK_SSL3_RANDOM_DATA {
1558
+ CK_BYTE_PTR pClientRandom;
1559
+ CK_ULONG ulClientRandomLen;
1560
+ CK_BYTE_PTR pServerRandom;
1561
+ CK_ULONG ulServerRandomLen;
1562
+ } CK_SSL3_RANDOM_DATA;
1563
+
1564
+
1565
+ typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
1566
+ CK_SSL3_RANDOM_DATA RandomInfo;
1567
+ CK_VERSION_PTR pVersion;
1568
+ } CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
1569
+
1570
+ typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
1571
+ CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
1572
+
1573
+
1574
+ typedef struct CK_SSL3_KEY_MAT_OUT {
1575
+ CK_OBJECT_HANDLE hClientMacSecret;
1576
+ CK_OBJECT_HANDLE hServerMacSecret;
1577
+ CK_OBJECT_HANDLE hClientKey;
1578
+ CK_OBJECT_HANDLE hServerKey;
1579
+ CK_BYTE_PTR pIVClient;
1580
+ CK_BYTE_PTR pIVServer;
1581
+ } CK_SSL3_KEY_MAT_OUT;
1582
+
1583
+ typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
1584
+
1585
+
1586
+ typedef struct CK_SSL3_KEY_MAT_PARAMS {
1587
+ CK_ULONG ulMacSizeInBits;
1588
+ CK_ULONG ulKeySizeInBits;
1589
+ CK_ULONG ulIVSizeInBits;
1590
+ CK_BBOOL bIsExport;
1591
+ CK_SSL3_RANDOM_DATA RandomInfo;
1592
+ CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
1593
+ } CK_SSL3_KEY_MAT_PARAMS;
1594
+
1595
+ typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
1596
+
1597
+ typedef struct CK_WTLS_RANDOM_DATA {
1598
+ CK_BYTE_PTR pClientRandom;
1599
+ CK_ULONG ulClientRandomLen;
1600
+ CK_BYTE_PTR pServerRandom;
1601
+ CK_ULONG ulServerRandomLen;
1602
+ } CK_WTLS_RANDOM_DATA;
1603
+
1604
+ typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR;
1605
+
1606
+ typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS {
1607
+ CK_MECHANISM_TYPE DigestMechanism;
1608
+ CK_WTLS_RANDOM_DATA RandomInfo;
1609
+ CK_BYTE_PTR pVersion;
1610
+ } CK_WTLS_MASTER_KEY_DERIVE_PARAMS;
1611
+
1612
+ typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \
1613
+ CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR;
1614
+
1615
+ typedef struct CK_WTLS_PRF_PARAMS {
1616
+ CK_MECHANISM_TYPE DigestMechanism;
1617
+ CK_BYTE_PTR pSeed;
1618
+ CK_ULONG ulSeedLen;
1619
+ CK_BYTE_PTR pLabel;
1620
+ CK_ULONG ulLabelLen;
1621
+ CK_BYTE_PTR pOutput;
1622
+ CK_ULONG_PTR pulOutputLen;
1623
+ } CK_WTLS_PRF_PARAMS;
1624
+
1625
+ typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR;
1626
+
1627
+ typedef struct CK_WTLS_KEY_MAT_OUT {
1628
+ CK_OBJECT_HANDLE hMacSecret;
1629
+ CK_OBJECT_HANDLE hKey;
1630
+ CK_BYTE_PTR pIV;
1631
+ } CK_WTLS_KEY_MAT_OUT;
1632
+
1633
+ typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR;
1634
+
1635
+ typedef struct CK_WTLS_KEY_MAT_PARAMS {
1636
+ CK_MECHANISM_TYPE DigestMechanism;
1637
+ CK_ULONG ulMacSizeInBits;
1638
+ CK_ULONG ulKeySizeInBits;
1639
+ CK_ULONG ulIVSizeInBits;
1640
+ CK_ULONG ulSequenceNumber;
1641
+ CK_BBOOL bIsExport;
1642
+ CK_WTLS_RANDOM_DATA RandomInfo;
1643
+ CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
1644
+ } CK_WTLS_KEY_MAT_PARAMS;
1645
+
1646
+ typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR;
1647
+
1648
+ typedef struct CK_CMS_SIG_PARAMS {
1649
+ CK_OBJECT_HANDLE certificateHandle;
1650
+ CK_MECHANISM_PTR pSigningMechanism;
1651
+ CK_MECHANISM_PTR pDigestMechanism;
1652
+ CK_UTF8CHAR_PTR pContentType;
1653
+ CK_BYTE_PTR pRequestedAttributes;
1654
+ CK_ULONG ulRequestedAttributesLen;
1655
+ CK_BYTE_PTR pRequiredAttributes;
1656
+ CK_ULONG ulRequiredAttributesLen;
1657
+ } CK_CMS_SIG_PARAMS;
1658
+
1659
+ typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR;
1660
+
1661
+ typedef struct CK_KEY_DERIVATION_STRING_DATA {
1662
+ CK_BYTE_PTR pData;
1663
+ CK_ULONG ulLen;
1664
+ } CK_KEY_DERIVATION_STRING_DATA;
1665
+
1666
+ typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
1667
+ CK_KEY_DERIVATION_STRING_DATA_PTR;
1668
+
1669
+
1670
+ /* The CK_EXTRACT_PARAMS is used for the
1671
+ * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
1672
+ * of the base key should be used as the first bit of the
1673
+ * derived key */
1674
+ typedef CK_ULONG CK_EXTRACT_PARAMS;
1675
+
1676
+ typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
1677
+
1678
+ /*
1679
+ * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
1680
+ * indicate the Pseudo-Random Function (PRF) used to generate
1681
+ * key bits using PKCS #5 PBKDF2. */
1682
+ typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
1683
+
1684
+ typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
1685
+
1686
+ #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001UL
1687
+ /* new for v2.40 */
1688
+ #define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 0x00000002UL
1689
+ #define CKP_PKCS5_PBKD2_HMAC_SHA224 0x00000003UL
1690
+ #define CKP_PKCS5_PBKD2_HMAC_SHA256 0x00000004UL
1691
+ #define CKP_PKCS5_PBKD2_HMAC_SHA384 0x00000005UL
1692
+ #define CKP_PKCS5_PBKD2_HMAC_SHA512 0x00000006UL
1693
+ #define CKP_PKCS5_PBKD2_HMAC_SHA512_224 0x00000007UL
1694
+ #define CKP_PKCS5_PBKD2_HMAC_SHA512_256 0x00000008UL
1695
+
1696
+ /*
1697
+ * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the
1698
+ * source of the salt value when deriving a key using PKCS #5
1699
+ * PBKDF2. */
1700
+ typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
1701
+
1702
+ typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
1703
+
1704
+ /* The following salt value sources are defined in PKCS #5 v2.0. */
1705
+ #define CKZ_SALT_SPECIFIED 0x00000001UL
1706
+
1707
+ /*
1708
+ * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
1709
+ * parameters to the CKM_PKCS5_PBKD2 mechanism.
1710
+ */
1711
+ typedef struct CK_PKCS5_PBKD2_PARAMS {
1712
+ CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
1713
+ CK_VOID_PTR pSaltSourceData;
1714
+ CK_ULONG ulSaltSourceDataLen;
1715
+ CK_ULONG iterations;
1716
+ CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
1717
+ CK_VOID_PTR pPrfData;
1718
+ CK_ULONG ulPrfDataLen;
1719
+ CK_UTF8CHAR_PTR pPassword;
1720
+ CK_ULONG_PTR ulPasswordLen;
1721
+ } CK_PKCS5_PBKD2_PARAMS;
1722
+
1723
+ typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
1724
+
1725
+ typedef CK_ULONG CK_OTP_PARAM_TYPE;
1726
+ typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* B/w compatibility */
1727
+
1728
+ typedef struct CK_OTP_PARAM {
1729
+ CK_OTP_PARAM_TYPE type;
1730
+ CK_VOID_PTR pValue;
1731
+ CK_ULONG ulValueLen;
1732
+ } CK_OTP_PARAM;
1733
+
1734
+ typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR;
1735
+
1736
+ typedef struct CK_OTP_PARAMS {
1737
+ CK_OTP_PARAM_PTR pParams;
1738
+ CK_ULONG ulCount;
1739
+ } CK_OTP_PARAMS;
1740
+
1741
+ typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR;
1742
+
1743
+ typedef struct CK_OTP_SIGNATURE_INFO {
1744
+ CK_OTP_PARAM_PTR pParams;
1745
+ CK_ULONG ulCount;
1746
+ } CK_OTP_SIGNATURE_INFO;
1747
+
1748
+ typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR;
1749
+
1750
+ #define CK_OTP_VALUE 0UL
1751
+ #define CK_OTP_PIN 1UL
1752
+ #define CK_OTP_CHALLENGE 2UL
1753
+ #define CK_OTP_TIME 3UL
1754
+ #define CK_OTP_COUNTER 4UL
1755
+ #define CK_OTP_FLAGS 5UL
1756
+ #define CK_OTP_OUTPUT_LENGTH 6UL
1757
+ #define CK_OTP_OUTPUT_FORMAT 7UL
1758
+
1759
+ #define CKF_NEXT_OTP 0x00000001UL
1760
+ #define CKF_EXCLUDE_TIME 0x00000002UL
1761
+ #define CKF_EXCLUDE_COUNTER 0x00000004UL
1762
+ #define CKF_EXCLUDE_CHALLENGE 0x00000008UL
1763
+ #define CKF_EXCLUDE_PIN 0x00000010UL
1764
+ #define CKF_USER_FRIENDLY_OTP 0x00000020UL
1765
+
1766
+ typedef struct CK_KIP_PARAMS {
1767
+ CK_MECHANISM_PTR pMechanism;
1768
+ CK_OBJECT_HANDLE hKey;
1769
+ CK_BYTE_PTR pSeed;
1770
+ CK_ULONG ulSeedLen;
1771
+ } CK_KIP_PARAMS;
1772
+
1773
+ typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR;
1774
+
1775
+ typedef struct CK_AES_CTR_PARAMS {
1776
+ CK_ULONG ulCounterBits;
1777
+ CK_BYTE cb[16];
1778
+ } CK_AES_CTR_PARAMS;
1779
+
1780
+ typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR;
1781
+
1782
+ typedef struct CK_GCM_PARAMS {
1783
+ CK_BYTE_PTR pIv;
1784
+ CK_ULONG ulIvLen;
1785
+ CK_ULONG ulIvBits;
1786
+ CK_BYTE_PTR pAAD;
1787
+ CK_ULONG ulAADLen;
1788
+ CK_ULONG ulTagBits;
1789
+ } CK_GCM_PARAMS;
1790
+
1791
+ typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR;
1792
+
1793
+ typedef struct CK_CCM_PARAMS {
1794
+ CK_ULONG ulDataLen; /*plaintext or ciphertext*/
1795
+ CK_BYTE_PTR pNonce;
1796
+ CK_ULONG ulNonceLen;
1797
+ CK_BYTE_PTR pAAD;
1798
+ CK_ULONG ulAADLen;
1799
+ CK_ULONG ulMACLen;
1800
+ } CK_CCM_PARAMS;
1801
+
1802
+ typedef CK_CCM_PARAMS CK_PTR CK_CCM_PARAMS_PTR;
1803
+
1804
+ typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS {
1805
+ CK_BYTE iv[16];
1806
+ CK_BYTE_PTR pData;
1807
+ CK_ULONG length;
1808
+ } CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS;
1809
+
1810
+ typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
1811
+
1812
+ typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS {
1813
+ CK_BYTE iv[16];
1814
+ CK_BYTE_PTR pData;
1815
+ CK_ULONG length;
1816
+ } CK_ARIA_CBC_ENCRYPT_DATA_PARAMS;
1817
+
1818
+ typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
1819
+
1820
+ /* new for v2.40 */
1821
+ typedef struct CK_DSA_PARAMETER_GEN_PARAM {
1822
+ CK_MECHANISM_TYPE hash;
1823
+ CK_BYTE_PTR pSeed;
1824
+ CK_ULONG ulSeedLen;
1825
+ CK_ULONG ulIndex;
1826
+ } CK_DSA_PARAMETER_GEN_PARAM;
1827
+
1828
+ typedef CK_DSA_PARAMETER_GEN_PARAM CK_PTR CK_DSA_PARAMETER_GEN_PARAM_PTR;
1829
+
1830
+ /* new for v2.40 */
1831
+ typedef struct CK_ECDH_AES_KEY_WRAP_PARAMS {
1832
+ CK_ULONG ulAESKeyBits;
1833
+ CK_EC_KDF_TYPE kdf;
1834
+ CK_ULONG ulSharedDataLen;
1835
+ CK_BYTE_PTR pSharedData;
1836
+ } CK_ECDH_AES_KEY_WRAP_PARAMS;
1837
+
1838
+ typedef CK_ECDH_AES_KEY_WRAP_PARAMS CK_PTR CK_ECDH_AES_KEY_WRAP_PARAMS_PTR;
1839
+
1840
+ /* new for v2.40 */
1841
+ typedef CK_ULONG CK_JAVA_MIDP_SECURITY_DOMAIN;
1842
+
1843
+ /* new for v2.40 */
1844
+ typedef CK_ULONG CK_CERTIFICATE_CATEGORY;
1845
+
1846
+ /* new for v2.40 */
1847
+ typedef struct CK_RSA_AES_KEY_WRAP_PARAMS {
1848
+ CK_ULONG ulAESKeyBits;
1849
+ CK_RSA_PKCS_OAEP_PARAMS_PTR pOAEPParams;
1850
+ } CK_RSA_AES_KEY_WRAP_PARAMS;
1851
+
1852
+ typedef CK_RSA_AES_KEY_WRAP_PARAMS CK_PTR CK_RSA_AES_KEY_WRAP_PARAMS_PTR;
1853
+
1854
+ /* new for v2.40 */
1855
+ typedef struct CK_TLS12_MASTER_KEY_DERIVE_PARAMS {
1856
+ CK_SSL3_RANDOM_DATA RandomInfo;
1857
+ CK_VERSION_PTR pVersion;
1858
+ CK_MECHANISM_TYPE prfHashMechanism;
1859
+ } CK_TLS12_MASTER_KEY_DERIVE_PARAMS;
1860
+
1861
+ typedef CK_TLS12_MASTER_KEY_DERIVE_PARAMS CK_PTR CK_TLS12_MASTER_KEY_DERIVE_PARAMS_PTR;
1862
+
1863
+ /* new for v2.40 */
1864
+ typedef struct CK_TLS12_KEY_MAT_PARAMS {
1865
+ CK_ULONG ulMacSizeInBits;
1866
+ CK_ULONG ulKeySizeInBits;
1867
+ CK_ULONG ulIVSizeInBits;
1868
+ CK_BBOOL bIsExport;
1869
+ CK_SSL3_RANDOM_DATA RandomInfo;
1870
+ CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
1871
+ CK_MECHANISM_TYPE prfHashMechanism;
1872
+ } CK_TLS12_KEY_MAT_PARAMS;
1873
+
1874
+ typedef CK_TLS12_KEY_MAT_PARAMS CK_PTR CK_TLS12_KEY_MAT_PARAMS_PTR;
1875
+
1876
+ /* new for v2.40 */
1877
+ typedef struct CK_TLS_KDF_PARAMS {
1878
+ CK_MECHANISM_TYPE prfMechanism;
1879
+ CK_BYTE_PTR pLabel;
1880
+ CK_ULONG ulLabelLength;
1881
+ CK_SSL3_RANDOM_DATA RandomInfo;
1882
+ CK_BYTE_PTR pContextData;
1883
+ CK_ULONG ulContextDataLength;
1884
+ } CK_TLS_KDF_PARAMS;
1885
+
1886
+ typedef CK_TLS_KDF_PARAMS CK_PTR CK_TLS_KDF_PARAMS_PTR;
1887
+
1888
+ /* new for v2.40 */
1889
+ typedef struct CK_TLS_MAC_PARAMS {
1890
+ CK_MECHANISM_TYPE prfHashMechanism;
1891
+ CK_ULONG ulMacLength;
1892
+ CK_ULONG ulServerOrClient;
1893
+ } CK_TLS_MAC_PARAMS;
1894
+
1895
+ typedef CK_TLS_MAC_PARAMS CK_PTR CK_TLS_MAC_PARAMS_PTR;
1896
+
1897
+ typedef struct CK_GOSTR3410_DERIVE_PARAMS {
1898
+ CK_EC_KDF_TYPE kdf;
1899
+ CK_BYTE_PTR pPublicData;
1900
+ CK_ULONG ulPublicDataLen;
1901
+ CK_BYTE_PTR pUKM;
1902
+ CK_ULONG ulUKMLen;
1903
+ } CK_GOSTR3410_DERIVE_PARAMS;
1904
+
1905
+ typedef CK_GOSTR3410_DERIVE_PARAMS CK_PTR CK_GOSTR3410_DERIVE_PARAMS_PTR;
1906
+
1907
+ typedef struct CK_GOSTR3410_KEY_WRAP_PARAMS {
1908
+ CK_BYTE_PTR pWrapOID;
1909
+ CK_ULONG ulWrapOIDLen;
1910
+ CK_BYTE_PTR pUKM;
1911
+ CK_ULONG ulUKMLen;
1912
+ CK_OBJECT_HANDLE hKey;
1913
+ } CK_GOSTR3410_KEY_WRAP_PARAMS;
1914
+
1915
+ typedef CK_GOSTR3410_KEY_WRAP_PARAMS CK_PTR CK_GOSTR3410_KEY_WRAP_PARAMS_PTR;
1916
+
1917
+ #endif