00001 /* pkcs11t.h include file for PKCS #11. */ 00002 /* $Revision: 1.2 $ */ 00003 00004 /* License to copy and use this software is granted provided that it is 00005 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 00006 * (Cryptoki)" in all material mentioning or referencing this software. 00007 00008 * License is also granted to make and use derivative works provided that 00009 * such works are identified as "derived from the RSA Security Inc. PKCS #11 00010 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 00011 * referencing the derived work. 00012 00013 * RSA Security Inc. makes no representations concerning either the 00014 * merchantability of this software or the suitability of this software for 00015 * any particular purpose. It is provided "as is" without express or implied 00016 * warranty of any kind. 00017 */ 00018 00019 /* See top of pkcs11.h for information about the macros that 00020 * must be defined and the structure-packing conventions that 00021 * must be set before including this file. */ 00022 00023 #ifndef _PKCS11T_H_ 00024 #define _PKCS11T_H_ 1 00025 00026 #define CRYPTOKI_VERSION_MAJOR 2 00027 #define CRYPTOKI_VERSION_MINOR 30 00028 #define CRYPTOKI_VERSION_REVISION 0 00029 #define CRYPTOKI_VERSION_AMENDMENT 0 00030 00031 #define CK_TRUE 1 00032 #define CK_FALSE 0 00033 00034 #ifndef CK_DISABLE_TRUE_FALSE 00035 #ifndef FALSE 00036 #define FALSE CK_FALSE 00037 #endif 00038 00039 #ifndef TRUE 00040 #define TRUE CK_TRUE 00041 #endif 00042 #endif 00043 00044 /* an unsigned 8-bit value */ 00045 typedef unsigned char CK_BYTE; 00046 00047 /* an unsigned 8-bit character */ 00048 typedef CK_BYTE CK_CHAR; 00049 00050 /* an 8-bit UTF-8 character */ 00051 typedef CK_BYTE CK_UTF8CHAR; 00052 00053 /* a BYTE-sized Boolean flag */ 00054 typedef CK_BYTE CK_BBOOL; 00055 00056 /* an unsigned value, at least 32 bits long */ 00057 typedef unsigned long int CK_ULONG; 00058 00059 /* a signed value, the same size as a CK_ULONG */ 00060 /* CK_LONG is new for v2.0 */ 00061 typedef long int CK_LONG; 00062 00063 /* at least 32 bits; each bit is a Boolean flag */ 00064 typedef CK_ULONG CK_FLAGS; 00065 00066 00067 /* some special values for certain CK_ULONG variables */ 00068 #define CK_UNAVAILABLE_INFORMATION (~0UL) 00069 #define CK_EFFECTIVELY_INFINITE 0 00070 00071 00072 typedef CK_BYTE CK_PTR CK_BYTE_PTR; 00073 typedef CK_CHAR CK_PTR CK_CHAR_PTR; 00074 typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; 00075 typedef CK_ULONG CK_PTR CK_ULONG_PTR; 00076 typedef void CK_PTR CK_VOID_PTR; 00077 00078 /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ 00079 typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; 00080 00081 00082 /* The following value is always invalid if used as a session */ 00083 /* handle or object handle */ 00084 #define CK_INVALID_HANDLE 0 00085 00086 00087 typedef struct CK_VERSION { 00088 CK_BYTE major; /* integer portion of version number */ 00089 CK_BYTE minor; /* 1/100ths portion of version number */ 00090 } CK_VERSION; 00091 00092 typedef CK_VERSION CK_PTR CK_VERSION_PTR; 00093 00094 00095 typedef struct CK_INFO { 00096 /* manufacturerID and libraryDecription have been changed from 00097 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00098 CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ 00099 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00100 CK_FLAGS flags; /* must be zero */ 00101 00102 /* libraryDescription and libraryVersion are new for v2.0 */ 00103 CK_UTF8CHAR libraryDescription[32]; /* blank padded */ 00104 CK_VERSION libraryVersion; /* version of library */ 00105 } CK_INFO; 00106 00107 typedef CK_INFO CK_PTR CK_INFO_PTR; 00108 00109 00110 /* CK_NOTIFICATION enumerates the types of notifications that 00111 * Cryptoki provides to an application */ 00112 /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG 00113 * for v2.0 */ 00114 typedef CK_ULONG CK_NOTIFICATION; 00115 #define CKN_SURRENDER 0 00116 00117 /* The following notification is new for PKCS #11 v2.20 amendment 3 */ 00118 #define CKN_OTP_CHANGED 1 00119 00120 00121 typedef CK_ULONG CK_SLOT_ID; 00122 00123 typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; 00124 00125 00126 /* CK_SLOT_INFO provides information about a slot */ 00127 typedef struct CK_SLOT_INFO { 00128 /* slotDescription and manufacturerID have been changed from 00129 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00130 CK_UTF8CHAR slotDescription[64]; /* blank padded */ 00131 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00132 CK_FLAGS flags; 00133 00134 /* hardwareVersion and firmwareVersion are new for v2.0 */ 00135 CK_VERSION hardwareVersion; /* version of hardware */ 00136 CK_VERSION firmwareVersion; /* version of firmware */ 00137 } CK_SLOT_INFO; 00138 00139 /* flags: bit flags that provide capabilities of the slot 00140 * Bit Flag Mask Meaning 00141 */ 00142 #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ 00143 #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ 00144 #define CKF_HW_SLOT 0x00000004 /* hardware slot */ 00145 00146 typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; 00147 00148 00149 /* CK_TOKEN_INFO provides information about a token */ 00150 typedef struct CK_TOKEN_INFO { 00151 /* label, manufacturerID, and model have been changed from 00152 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00153 CK_UTF8CHAR label[32]; /* blank padded */ 00154 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00155 CK_UTF8CHAR model[16]; /* blank padded */ 00156 CK_CHAR serialNumber[16]; /* blank padded */ 00157 CK_FLAGS flags; /* see below */ 00158 00159 /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, 00160 * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been 00161 * changed from CK_USHORT to CK_ULONG for v2.0 */ 00162 CK_ULONG ulMaxSessionCount; /* max open sessions */ 00163 CK_ULONG ulSessionCount; /* sess. now open */ 00164 CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ 00165 CK_ULONG ulRwSessionCount; /* R/W sess. now open */ 00166 CK_ULONG ulMaxPinLen; /* in bytes */ 00167 CK_ULONG ulMinPinLen; /* in bytes */ 00168 CK_ULONG ulTotalPublicMemory; /* in bytes */ 00169 CK_ULONG ulFreePublicMemory; /* in bytes */ 00170 CK_ULONG ulTotalPrivateMemory; /* in bytes */ 00171 CK_ULONG ulFreePrivateMemory; /* in bytes */ 00172 00173 /* hardwareVersion, firmwareVersion, and time are new for 00174 * v2.0 */ 00175 CK_VERSION hardwareVersion; /* version of hardware */ 00176 CK_VERSION firmwareVersion; /* version of firmware */ 00177 CK_CHAR utcTime[16]; /* time */ 00178 } CK_TOKEN_INFO; 00179 00180 /* The flags parameter is defined as follows: 00181 * Bit Flag Mask Meaning 00182 */ 00183 #define CKF_RNG 0x00000001 /* has random # 00184 * generator */ 00185 #define CKF_WRITE_PROTECTED 0x00000002 /* token is 00186 * write- 00187 * protected */ 00188 #define CKF_LOGIN_REQUIRED 0x00000004 /* user must 00189 * login */ 00190 #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's 00191 * PIN is set */ 00192 00193 /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, 00194 * that means that *every* time the state of cryptographic 00195 * operations of a session is successfully saved, all keys 00196 * needed to continue those operations are stored in the state */ 00197 #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 00198 00199 /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means 00200 * that the token has some sort of clock. The time on that 00201 * clock is returned in the token info structure */ 00202 #define CKF_CLOCK_ON_TOKEN 0x00000040 00203 00204 /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is 00205 * set, that means that there is some way for the user to login 00206 * without sending a PIN through the Cryptoki library itself */ 00207 #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 00208 00209 /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, 00210 * that means that a single session with the token can perform 00211 * dual simultaneous cryptographic operations (digest and 00212 * encrypt; decrypt and digest; sign and encrypt; and decrypt 00213 * and sign) */ 00214 #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 00215 00216 /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the 00217 * token has been initialized using C_InitializeToken or an 00218 * equivalent mechanism outside the scope of PKCS #11. 00219 * Calling C_InitializeToken when this flag is set will cause 00220 * the token to be reinitialized. */ 00221 #define CKF_TOKEN_INITIALIZED 0x00000400 00222 00223 /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is 00224 * true, the token supports secondary authentication for 00225 * private key objects. This flag is deprecated in v2.11 and 00226 onwards. */ 00227 #define CKF_SECONDARY_AUTHENTICATION 0x00000800 00228 00229 /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an 00230 * incorrect user login PIN has been entered at least once 00231 * since the last successful authentication. */ 00232 #define CKF_USER_PIN_COUNT_LOW 0x00010000 00233 00234 /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, 00235 * supplying an incorrect user PIN will it to become locked. */ 00236 #define CKF_USER_PIN_FINAL_TRY 0x00020000 00237 00238 /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the 00239 * user PIN has been locked. User login to the token is not 00240 * possible. */ 00241 #define CKF_USER_PIN_LOCKED 0x00040000 00242 00243 /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 00244 * the user PIN value is the default value set by token 00245 * initialization or manufacturing, or the PIN has been 00246 * expired by the card. */ 00247 #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 00248 00249 /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an 00250 * incorrect SO login PIN has been entered at least once since 00251 * the last successful authentication. */ 00252 #define CKF_SO_PIN_COUNT_LOW 0x00100000 00253 00254 /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, 00255 * supplying an incorrect SO PIN will it to become locked. */ 00256 #define CKF_SO_PIN_FINAL_TRY 0x00200000 00257 00258 /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO 00259 * PIN has been locked. SO login to the token is not possible. 00260 */ 00261 #define CKF_SO_PIN_LOCKED 0x00400000 00262 00263 /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 00264 * the SO PIN value is the default value set by token 00265 * initialization or manufacturing, or the PIN has been 00266 * expired by the card. */ 00267 #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 00268 00269 /* CKF_ERROR_STATE if new for v2.30. If it is true, 00270 * the token failed a FIPS 140-2 self-test and 00271 * entered an error state. */ 00272 #define CKF_ERROR_STATE 0x01000000 00273 00274 typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; 00275 00276 00277 /* CK_SESSION_HANDLE is a Cryptoki-assigned value that 00278 * identifies a session */ 00279 typedef CK_ULONG CK_SESSION_HANDLE; 00280 00281 typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 00282 00283 00284 /* CK_USER_TYPE enumerates the types of Cryptoki users */ 00285 /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for 00286 * v2.0 */ 00287 typedef CK_ULONG CK_USER_TYPE; 00288 /* Security Officer */ 00289 #define CKU_SO 0 00290 /* Normal user */ 00291 #define CKU_USER 1 00292 /* Context specific (added in v2.20) */ 00293 #define CKU_CONTEXT_SPECIFIC 2 00294 00295 /* CK_STATE enumerates the session states */ 00296 /* CK_STATE has been changed from an enum to a CK_ULONG for 00297 * v2.0 */ 00298 typedef CK_ULONG CK_STATE; 00299 #define CKS_RO_PUBLIC_SESSION 0 00300 #define CKS_RO_USER_FUNCTIONS 1 00301 #define CKS_RW_PUBLIC_SESSION 2 00302 #define CKS_RW_USER_FUNCTIONS 3 00303 #define CKS_RW_SO_FUNCTIONS 4 00304 00305 00306 /* CK_SESSION_INFO provides information about a session */ 00307 typedef struct CK_SESSION_INFO { 00308 CK_SLOT_ID slotID; 00309 CK_STATE state; 00310 CK_FLAGS flags; /* see below */ 00311 00312 /* ulDeviceError was changed from CK_USHORT to CK_ULONG for 00313 * v2.0 */ 00314 CK_ULONG ulDeviceError; /* device-dependent error code */ 00315 } CK_SESSION_INFO; 00316 00317 /* The flags are defined in the following table: 00318 * Bit Flag Mask Meaning 00319 */ 00320 #define CKF_RW_SESSION 0x00000002 /* session is r/w */ 00321 #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ 00322 00323 typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; 00324 00325 00326 /* CK_OBJECT_HANDLE is a token-specific identifier for an 00327 * object */ 00328 typedef CK_ULONG CK_OBJECT_HANDLE; 00329 00330 typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; 00331 00332 00333 /* CK_OBJECT_CLASS is a value that identifies the classes (or 00334 * types) of objects that Cryptoki recognizes. It is defined 00335 * as follows: */ 00336 /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for 00337 * v2.0 */ 00338 typedef CK_ULONG CK_OBJECT_CLASS; 00339 00340 /* The following classes of objects are defined: */ 00341 /* CKO_HW_FEATURE is new for v2.10 */ 00342 /* CKO_DOMAIN_PARAMETERS is new for v2.11 */ 00343 /* CKO_MECHANISM is new for v2.20 */ 00344 #define CKO_DATA 0x00000000 00345 #define CKO_CERTIFICATE 0x00000001 00346 #define CKO_PUBLIC_KEY 0x00000002 00347 #define CKO_PRIVATE_KEY 0x00000003 00348 #define CKO_SECRET_KEY 0x00000004 00349 #define CKO_HW_FEATURE 0x00000005 00350 #define CKO_DOMAIN_PARAMETERS 0x00000006 00351 #define CKO_MECHANISM 0x00000007 00352 00353 /* CKO_OTP_KEY is new for PKCS #11 v2.20 amendment 1 */ 00354 #define CKO_OTP_KEY 0x00000008 00355 00356 #define CKO_VENDOR_DEFINED 0x80000000 00357 00358 typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; 00359 00360 /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a 00361 * value that identifies the hardware feature type of an object 00362 * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ 00363 typedef CK_ULONG CK_HW_FEATURE_TYPE; 00364 00365 /* The following hardware feature types are defined */ 00366 /* CKH_USER_INTERFACE is new for v2.20 */ 00367 #define CKH_MONOTONIC_COUNTER 0x00000001 00368 #define CKH_CLOCK 0x00000002 00369 #define CKH_USER_INTERFACE 0x00000003 00370 #define CKH_VENDOR_DEFINED 0x80000000 00371 00372 /* CK_KEY_TYPE is a value that identifies a key type */ 00373 /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ 00374 typedef CK_ULONG CK_KEY_TYPE; 00375 00376 /* the following key types are defined: */ 00377 #define CKK_RSA 0x00000000 00378 #define CKK_DSA 0x00000001 00379 #define CKK_DH 0x00000002 00380 00381 /* CKK_ECDSA and CKK_KEA are new for v2.0 */ 00382 /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ 00383 #define CKK_ECDSA 0x00000003 00384 #define CKK_EC 0x00000003 00385 #define CKK_X9_42_DH 0x00000004 00386 #define CKK_KEA 0x00000005 00387 00388 #define CKK_GENERIC_SECRET 0x00000010 00389 #define CKK_RC2 0x00000011 00390 #define CKK_RC4 0x00000012 00391 #define CKK_DES 0x00000013 00392 #define CKK_DES2 0x00000014 00393 #define CKK_DES3 0x00000015 00394 00395 /* all these key types are new for v2.0 */ 00396 #define CKK_CAST 0x00000016 00397 #define CKK_CAST3 0x00000017 00398 /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ 00399 #define CKK_CAST5 0x00000018 00400 #define CKK_CAST128 0x00000018 00401 #define CKK_RC5 0x00000019 00402 #define CKK_IDEA 0x0000001A 00403 #define CKK_SKIPJACK 0x0000001B 00404 #define CKK_BATON 0x0000001C 00405 #define CKK_JUNIPER 0x0000001D 00406 #define CKK_CDMF 0x0000001E 00407 #define CKK_AES 0x0000001F 00408 00409 /* BlowFish and TwoFish are new for v2.20 */ 00410 #define CKK_BLOWFISH 0x00000020 00411 #define CKK_TWOFISH 0x00000021 00412 00413 /* SecurID, HOTP, and ACTI are new for PKCS #11 v2.20 amendment 1 */ 00414 #define CKK_SECURID 0x00000022 00415 #define CKK_HOTP 0x00000023 00416 #define CKK_ACTI 0x00000024 00417 00418 /* Camellia is new for PKCS #11 v2.20 amendment 3 */ 00419 #define CKK_CAMELLIA 0x00000025 00420 /* ARIA is new for PKCS #11 v2.20 amendment 3 */ 00421 #define CKK_ARIA 0x00000026 00422 00423 /* From PKCS #11 v2.20 amendment 4 draft 2 */ 00424 #define CKK_MD5_HMAC 0x00000027 00425 #define CKK_SHA_1_HMAC 0x00000028 00426 #define CKK_RIPEMD128_HMAC 0x00000029 00427 #define CKK_RIPEMD160_HMAC 0x0000002A 00428 #define CKK_SHA256_HMAC 0x0000002B 00429 #define CKK_SHA384_HMAC 0x0000002C 00430 #define CKK_SHA512_HMAC 0x0000002D 00431 #define CKK_SHA224_HMAC 0x0000002E 00432 00433 /* From PKCS #11 v2.30 */ 00434 #define CKK_SEED 0x0000002F 00435 #define CKK_GOSTR3410 0x00000030 00436 #define CKK_GOSTR3411 0x00000031 00437 #define CKK_GOST28147 0x00000032 00438 00439 #define CKK_VENDOR_DEFINED 0x80000000 00440 00441 00442 /* CK_CERTIFICATE_TYPE is a value that identifies a certificate 00443 * type */ 00444 /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG 00445 * for v2.0 */ 00446 typedef CK_ULONG CK_CERTIFICATE_TYPE; 00447 00448 /* The following certificate types are defined: */ 00449 /* CKC_X_509_ATTR_CERT is new for v2.10 */ 00450 /* CKC_WTLS is new for v2.20 */ 00451 #define CKC_X_509 0x00000000 00452 #define CKC_X_509_ATTR_CERT 0x00000001 00453 #define CKC_WTLS 0x00000002 00454 #define CKC_VENDOR_DEFINED 0x80000000 00455 00456 00457 /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute 00458 * type */ 00459 /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for 00460 * v2.0 */ 00461 typedef CK_ULONG CK_ATTRIBUTE_TYPE; 00462 00463 /* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which 00464 consists of an array of values. */ 00465 #define CKF_ARRAY_ATTRIBUTE 0x40000000 00466 00467 /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 00468 and relates to the CKA_OTP_FORMAT attribute */ 00469 #define CK_OTP_FORMAT_DECIMAL 0 00470 #define CK_OTP_FORMAT_HEXADECIMAL 1 00471 #define CK_OTP_FORMAT_ALPHANUMERIC 2 00472 #define CK_OTP_FORMAT_BINARY 3 00473 00474 /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 00475 and relates to the CKA_OTP_..._REQUIREMENT attributes */ 00476 #define CK_OTP_PARAM_IGNORED 0 00477 #define CK_OTP_PARAM_OPTIONAL 1 00478 #define CK_OTP_PARAM_MANDATORY 2 00479 00480 /* The following attribute types are defined: */ 00481 #define CKA_CLASS 0x00000000 00482 #define CKA_TOKEN 0x00000001 00483 #define CKA_PRIVATE 0x00000002 00484 #define CKA_LABEL 0x00000003 00485 #define CKA_APPLICATION 0x00000010 00486 #define CKA_VALUE 0x00000011 00487 00488 /* CKA_OBJECT_ID is new for v2.10 */ 00489 #define CKA_OBJECT_ID 0x00000012 00490 00491 #define CKA_CERTIFICATE_TYPE 0x00000080 00492 #define CKA_ISSUER 0x00000081 00493 #define CKA_SERIAL_NUMBER 0x00000082 00494 00495 /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new 00496 * for v2.10 */ 00497 #define CKA_AC_ISSUER 0x00000083 00498 #define CKA_OWNER 0x00000084 00499 #define CKA_ATTR_TYPES 0x00000085 00500 00501 /* CKA_TRUSTED is new for v2.11 */ 00502 #define CKA_TRUSTED 0x00000086 00503 00504 /* CKA_CERTIFICATE_CATEGORY ... 00505 * CKA_CHECK_VALUE are new for v2.20 */ 00506 #define CKA_CERTIFICATE_CATEGORY 0x00000087 00507 #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088 00508 #define CKA_URL 0x00000089 00509 #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A 00510 #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B 00511 /* One from v2.30? */ 00512 #define CKA_NAME_HASH_ALGORITH 0x0000008C 00513 #define CKA_CHECK_VALUE 0x00000090 00514 00515 #define CKA_KEY_TYPE 0x00000100 00516 #define CKA_SUBJECT 0x00000101 00517 #define CKA_ID 0x00000102 00518 #define CKA_SENSITIVE 0x00000103 00519 #define CKA_ENCRYPT 0x00000104 00520 #define CKA_DECRYPT 0x00000105 00521 #define CKA_WRAP 0x00000106 00522 #define CKA_UNWRAP 0x00000107 00523 #define CKA_SIGN 0x00000108 00524 #define CKA_SIGN_RECOVER 0x00000109 00525 #define CKA_VERIFY 0x0000010A 00526 #define CKA_VERIFY_RECOVER 0x0000010B 00527 #define CKA_DERIVE 0x0000010C 00528 #define CKA_START_DATE 0x00000110 00529 #define CKA_END_DATE 0x00000111 00530 #define CKA_MODULUS 0x00000120 00531 #define CKA_MODULUS_BITS 0x00000121 00532 #define CKA_PUBLIC_EXPONENT 0x00000122 00533 #define CKA_PRIVATE_EXPONENT 0x00000123 00534 #define CKA_PRIME_1 0x00000124 00535 #define CKA_PRIME_2 0x00000125 00536 #define CKA_EXPONENT_1 0x00000126 00537 #define CKA_EXPONENT_2 0x00000127 00538 #define CKA_COEFFICIENT 0x00000128 00539 #define CKA_PRIME 0x00000130 00540 #define CKA_SUBPRIME 0x00000131 00541 #define CKA_BASE 0x00000132 00542 00543 /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ 00544 #define CKA_PRIME_BITS 0x00000133 00545 #define CKA_SUBPRIME_BITS 0x00000134 00546 #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS 00547 /* (To retain backwards-compatibility) */ 00548 00549 #define CKA_VALUE_BITS 0x00000160 00550 #define CKA_VALUE_LEN 0x00000161 00551 00552 /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, 00553 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, 00554 * and CKA_EC_POINT are new for v2.0 */ 00555 #define CKA_EXTRACTABLE 0x00000162 00556 #define CKA_LOCAL 0x00000163 00557 #define CKA_NEVER_EXTRACTABLE 0x00000164 00558 #define CKA_ALWAYS_SENSITIVE 0x00000165 00559 00560 /* CKA_KEY_GEN_MECHANISM is new for v2.11 */ 00561 #define CKA_KEY_GEN_MECHANISM 0x00000166 00562 00563 #define CKA_MODIFIABLE 0x00000170 00564 00565 /* From v2.30? */ 00566 #define CKA_COPYABLE 0x00000171 00567 00568 /* CKA_ECDSA_PARAMS is deprecated in v2.11, 00569 * CKA_EC_PARAMS is preferred. */ 00570 #define CKA_ECDSA_PARAMS 0x00000180 00571 #define CKA_EC_PARAMS 0x00000180 00572 00573 #define CKA_EC_POINT 0x00000181 00574 00575 /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, 00576 * are new for v2.10. Deprecated in v2.11 and onwards. */ 00577 #define CKA_SECONDARY_AUTH 0x00000200 00578 #define CKA_AUTH_PIN_FLAGS 0x00000201 00579 00580 /* CKA_ALWAYS_AUTHENTICATE ... 00581 * CKA_UNWRAP_TEMPLATE are new for v2.20 */ 00582 #define CKA_ALWAYS_AUTHENTICATE 0x00000202 00583 00584 #define CKA_WRAP_WITH_TRUSTED 0x00000210 00585 #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211) 00586 #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212) 00587 00588 /* CKA_OTP... atttributes are new for PKCS #11 v2.20 amendment 3. */ 00589 #define CKA_OTP_FORMAT 0x00000220 00590 #define CKA_OTP_LENGTH 0x00000221 00591 #define CKA_OTP_TIME_INTERVAL 0x00000222 00592 #define CKA_OTP_USER_FRIENDLY_MODE 0x00000223 00593 #define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224 00594 #define CKA_OTP_TIME_REQUIREMENT 0x00000225 00595 #define CKA_OTP_COUNTER_REQUIREMENT 0x00000226 00596 #define CKA_OTP_PIN_REQUIREMENT 0x00000227 00597 #define CKA_OTP_COUNTER 0x0000022E 00598 #define CKA_OTP_TIME 0x0000022F 00599 #define CKA_OTP_USER_IDENTIFIER 0x0000022A 00600 #define CKA_OTP_SERVICE_IDENTIFIER 0x0000022B 00601 #define CKA_OTP_SERVICE_LOGO 0x0000022C 00602 #define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022D 00603 00604 /* CKA_GOST... */ 00605 #define CKA_GOSTR3410_PARAMS 0x00000250 00606 #define CKA_GOSTR3411_PARAMS 0x00000251 00607 #define CKA_GOST28147_PARAMS 0x00000252 00608 00609 /* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET 00610 * are new for v2.10 */ 00611 #define CKA_HW_FEATURE_TYPE 0x00000300 00612 #define CKA_RESET_ON_INIT 0x00000301 00613 #define CKA_HAS_RESET 0x00000302 00614 00615 /* The following attributes are new for v2.20 */ 00616 #define CKA_PIXEL_X 0x00000400 00617 #define CKA_PIXEL_Y 0x00000401 00618 #define CKA_RESOLUTION 0x00000402 00619 #define CKA_CHAR_ROWS 0x00000403 00620 #define CKA_CHAR_COLUMNS 0x00000404 00621 #define CKA_COLOR 0x00000405 00622 #define CKA_BITS_PER_PIXEL 0x00000406 00623 #define CKA_CHAR_SETS 0x00000480 00624 #define CKA_ENCODING_METHODS 0x00000481 00625 #define CKA_MIME_TYPES 0x00000482 00626 #define CKA_MECHANISM_TYPE 0x00000500 00627 #define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501 00628 #define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502 00629 #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503 00630 #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600) 00631 /* From v2.30? */ 00632 #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211) 00633 #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212) 00634 #define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000213) 00635 00636 #define CKA_VENDOR_DEFINED 0x80000000 00637 00638 /* CK_ATTRIBUTE is a structure that includes the type, length 00639 * and value of an attribute */ 00640 typedef struct CK_ATTRIBUTE { 00641 CK_ATTRIBUTE_TYPE type; 00642 CK_VOID_PTR pValue; 00643 00644 /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ 00645 CK_ULONG ulValueLen; /* in bytes */ 00646 } CK_ATTRIBUTE; 00647 00648 typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; 00649 00650 00651 /* CK_DATE is a structure that defines a date */ 00652 typedef struct CK_DATE{ 00653 CK_CHAR year[4]; /* the year ("1900" - "9999") */ 00654 CK_CHAR month[2]; /* the month ("01" - "12") */ 00655 CK_CHAR day[2]; /* the day ("01" - "31") */ 00656 } CK_DATE; 00657 00658 00659 /* CK_MECHANISM_TYPE is a value that identifies a mechanism 00660 * type */ 00661 /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for 00662 * v2.0 */ 00663 typedef CK_ULONG CK_MECHANISM_TYPE; 00664 00665 /* the following mechanism types are defined: */ 00666 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 00667 #define CKM_RSA_PKCS 0x00000001 00668 #define CKM_RSA_9796 0x00000002 00669 #define CKM_RSA_X_509 0x00000003 00670 00671 /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS 00672 * are new for v2.0. They are mechanisms which hash and sign */ 00673 #define CKM_MD2_RSA_PKCS 0x00000004 00674 #define CKM_MD5_RSA_PKCS 0x00000005 00675 #define CKM_SHA1_RSA_PKCS 0x00000006 00676 00677 /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and 00678 * CKM_RSA_PKCS_OAEP are new for v2.10 */ 00679 #define CKM_RIPEMD128_RSA_PKCS 0x00000007 00680 #define CKM_RIPEMD160_RSA_PKCS 0x00000008 00681 #define CKM_RSA_PKCS_OAEP 0x00000009 00682 00683 /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, 00684 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ 00685 #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A 00686 #define CKM_RSA_X9_31 0x0000000B 00687 #define CKM_SHA1_RSA_X9_31 0x0000000C 00688 #define CKM_RSA_PKCS_PSS 0x0000000D 00689 #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E 00690 00691 #define CKM_DSA_KEY_PAIR_GEN 0x00000010 00692 #define CKM_DSA 0x00000011 00693 #define CKM_DSA_SHA1 0x00000012 00694 /* Other DSAs */ 00695 #define CKM_DSA_SHA224 0x00000013 00696 #define CKM_DSA_SHA256 0x00000014 00697 #define CKM_DSA_SHA384 0x00000015 00698 #define CKM_DSA_SHA512 0x00000016 00699 00700 #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 00701 #define CKM_DH_PKCS_DERIVE 0x00000021 00702 00703 /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, 00704 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for 00705 * v2.11 */ 00706 #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 00707 #define CKM_X9_42_DH_DERIVE 0x00000031 00708 #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 00709 #define CKM_X9_42_MQV_DERIVE 0x00000033 00710 00711 /* CKM_SHA256/384/512 are new for v2.20 */ 00712 #define CKM_SHA256_RSA_PKCS 0x00000040 00713 #define CKM_SHA384_RSA_PKCS 0x00000041 00714 #define CKM_SHA512_RSA_PKCS 0x00000042 00715 #define CKM_SHA256_RSA_PKCS_PSS 0x00000043 00716 #define CKM_SHA384_RSA_PKCS_PSS 0x00000044 00717 #define CKM_SHA512_RSA_PKCS_PSS 0x00000045 00718 00719 /* SHA-224 RSA mechanisms are new for PKCS #11 v2.20 amendment 3 */ 00720 #define CKM_SHA224_RSA_PKCS 0x00000046 00721 #define CKM_SHA224_RSA_PKCS_PSS 0x00000047 00722 00723 #define CKM_RC2_KEY_GEN 0x00000100 00724 #define CKM_RC2_ECB 0x00000101 00725 #define CKM_RC2_CBC 0x00000102 00726 #define CKM_RC2_MAC 0x00000103 00727 00728 /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ 00729 #define CKM_RC2_MAC_GENERAL 0x00000104 00730 #define CKM_RC2_CBC_PAD 0x00000105 00731 00732 #define CKM_RC4_KEY_GEN 0x00000110 00733 #define CKM_RC4 0x00000111 00734 #define CKM_DES_KEY_GEN 0x00000120 00735 #define CKM_DES_ECB 0x00000121 00736 #define CKM_DES_CBC 0x00000122 00737 #define CKM_DES_MAC 0x00000123 00738 00739 /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ 00740 #define CKM_DES_MAC_GENERAL 0x00000124 00741 #define CKM_DES_CBC_PAD 0x00000125 00742 00743 #define CKM_DES2_KEY_GEN 0x00000130 00744 #define CKM_DES3_KEY_GEN 0x00000131 00745 #define CKM_DES3_ECB 0x00000132 00746 #define CKM_DES3_CBC 0x00000133 00747 #define CKM_DES3_MAC 0x00000134 00748 00749 /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, 00750 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, 00751 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0, 00752 * CKM_DES3_CMAC_GENERAL and CKM_DES3_CMAC are from v2.30? */ 00753 #define CKM_DES3_MAC_GENERAL 0x00000135 00754 #define CKM_DES3_CBC_PAD 0x00000136 00755 #define CKM_DES3_CMAC_GENERAL 0x00000137 00756 #define CKM_DES3_CMAC 0x00000138 00757 #define CKM_CDMF_KEY_GEN 0x00000140 00758 #define CKM_CDMF_ECB 0x00000141 00759 #define CKM_CDMF_CBC 0x00000142 00760 #define CKM_CDMF_MAC 0x00000143 00761 #define CKM_CDMF_MAC_GENERAL 0x00000144 00762 #define CKM_CDMF_CBC_PAD 0x00000145 00763 00764 /* the following four DES mechanisms are new for v2.20 */ 00765 #define CKM_DES_OFB64 0x00000150 00766 #define CKM_DES_OFB8 0x00000151 00767 #define CKM_DES_CFB64 0x00000152 00768 #define CKM_DES_CFB8 0x00000153 00769 00770 #define CKM_MD2 0x00000200 00771 00772 /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ 00773 #define CKM_MD2_HMAC 0x00000201 00774 #define CKM_MD2_HMAC_GENERAL 0x00000202 00775 00776 #define CKM_MD5 0x00000210 00777 00778 /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ 00779 #define CKM_MD5_HMAC 0x00000211 00780 #define CKM_MD5_HMAC_GENERAL 0x00000212 00781 00782 #define CKM_SHA_1 0x00000220 00783 00784 /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ 00785 #define CKM_SHA_1_HMAC 0x00000221 00786 #define CKM_SHA_1_HMAC_GENERAL 0x00000222 00787 00788 /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, 00789 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, 00790 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ 00791 #define CKM_RIPEMD128 0x00000230 00792 #define CKM_RIPEMD128_HMAC 0x00000231 00793 #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 00794 #define CKM_RIPEMD160 0x00000240 00795 #define CKM_RIPEMD160_HMAC 0x00000241 00796 #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 00797 00798 /* CKM_SHA256/384/512 are new for v2.20 */ 00799 #define CKM_SHA256 0x00000250 00800 #define CKM_SHA256_HMAC 0x00000251 00801 #define CKM_SHA256_HMAC_GENERAL 0x00000252 00802 00803 /* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ 00804 #define CKM_SHA224 0x00000255 00805 #define CKM_SHA224_HMAC 0x00000256 00806 #define CKM_SHA224_HMAC_GENERAL 0x00000257 00807 00808 #define CKM_SHA384 0x00000260 00809 #define CKM_SHA384_HMAC 0x00000261 00810 #define CKM_SHA384_HMAC_GENERAL 0x00000262 00811 #define CKM_SHA512 0x00000270 00812 #define CKM_SHA512_HMAC 0x00000271 00813 #define CKM_SHA512_HMAC_GENERAL 0x00000272 00814 00815 /* SecurID is new for PKCS #11 v2.20 amendment 1 */ 00816 #define CKM_SECURID_KEY_GEN 0x00000280 00817 #define CKM_SECURID 0x00000282 00818 00819 /* HOTP is new for PKCS #11 v2.20 amendment 1 */ 00820 #define CKM_HOTP_KEY_GEN 0x00000290 00821 #define CKM_HOTP 0x00000291 00822 00823 /* ACTI is new for PKCS #11 v2.20 amendment 1 */ 00824 #define CKM_ACTI 0x000002A0 00825 #define CKM_ACTI_KEY_GEN 0x000002A1 00826 00827 /* All of the following mechanisms are new for v2.0 */ 00828 /* Note that CAST128 and CAST5 are the same algorithm */ 00829 #define CKM_CAST_KEY_GEN 0x00000300 00830 #define CKM_CAST_ECB 0x00000301 00831 #define CKM_CAST_CBC 0x00000302 00832 #define CKM_CAST_MAC 0x00000303 00833 #define CKM_CAST_MAC_GENERAL 0x00000304 00834 #define CKM_CAST_CBC_PAD 0x00000305 00835 #define CKM_CAST3_KEY_GEN 0x00000310 00836 #define CKM_CAST3_ECB 0x00000311 00837 #define CKM_CAST3_CBC 0x00000312 00838 #define CKM_CAST3_MAC 0x00000313 00839 #define CKM_CAST3_MAC_GENERAL 0x00000314 00840 #define CKM_CAST3_CBC_PAD 0x00000315 00841 #define CKM_CAST5_KEY_GEN 0x00000320 00842 #define CKM_CAST128_KEY_GEN 0x00000320 00843 #define CKM_CAST5_ECB 0x00000321 00844 #define CKM_CAST128_ECB 0x00000321 00845 #define CKM_CAST5_CBC 0x00000322 00846 #define CKM_CAST128_CBC 0x00000322 00847 #define CKM_CAST5_MAC 0x00000323 00848 #define CKM_CAST128_MAC 0x00000323 00849 #define CKM_CAST5_MAC_GENERAL 0x00000324 00850 #define CKM_CAST128_MAC_GENERAL 0x00000324 00851 #define CKM_CAST5_CBC_PAD 0x00000325 00852 #define CKM_CAST128_CBC_PAD 0x00000325 00853 #define CKM_RC5_KEY_GEN 0x00000330 00854 #define CKM_RC5_ECB 0x00000331 00855 #define CKM_RC5_CBC 0x00000332 00856 #define CKM_RC5_MAC 0x00000333 00857 #define CKM_RC5_MAC_GENERAL 0x00000334 00858 #define CKM_RC5_CBC_PAD 0x00000335 00859 #define CKM_IDEA_KEY_GEN 0x00000340 00860 #define CKM_IDEA_ECB 0x00000341 00861 #define CKM_IDEA_CBC 0x00000342 00862 #define CKM_IDEA_MAC 0x00000343 00863 #define CKM_IDEA_MAC_GENERAL 0x00000344 00864 #define CKM_IDEA_CBC_PAD 0x00000345 00865 #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 00866 #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 00867 #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 00868 #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 00869 #define CKM_XOR_BASE_AND_DATA 0x00000364 00870 #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 00871 #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 00872 #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 00873 #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 00874 00875 /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, 00876 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and 00877 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ 00878 #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 00879 #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 00880 #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 00881 #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 00882 #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 00883 00884 /* CKM_TLS_PRF is new for v2.20 */ 00885 #define CKM_TLS_PRF 0x00000378 00886 00887 #define CKM_SSL3_MD5_MAC 0x00000380 00888 #define CKM_SSL3_SHA1_MAC 0x00000381 00889 #define CKM_MD5_KEY_DERIVATION 0x00000390 00890 #define CKM_MD2_KEY_DERIVATION 0x00000391 00891 #define CKM_SHA1_KEY_DERIVATION 0x00000392 00892 00893 /* CKM_SHA256/384/512 are new for v2.20 */ 00894 #define CKM_SHA256_KEY_DERIVATION 0x00000393 00895 #define CKM_SHA384_KEY_DERIVATION 0x00000394 00896 #define CKM_SHA512_KEY_DERIVATION 0x00000395 00897 00898 /* SHA-224 key derivation is new for PKCS #11 v2.20 amendment 3 */ 00899 #define CKM_SHA224_KEY_DERIVATION 0x00000396 00900 00901 #define CKM_PBE_MD2_DES_CBC 0x000003A0 00902 #define CKM_PBE_MD5_DES_CBC 0x000003A1 00903 #define CKM_PBE_MD5_CAST_CBC 0x000003A2 00904 #define CKM_PBE_MD5_CAST3_CBC 0x000003A3 00905 #define CKM_PBE_MD5_CAST5_CBC 0x000003A4 00906 #define CKM_PBE_MD5_CAST128_CBC 0x000003A4 00907 #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 00908 #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 00909 #define CKM_PBE_SHA1_RC4_128 0x000003A6 00910 #define CKM_PBE_SHA1_RC4_40 0x000003A7 00911 #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 00912 #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 00913 #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA 00914 #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB 00915 00916 /* CKM_PKCS5_PBKD2 is new for v2.10 */ 00917 #define CKM_PKCS5_PBKD2 0x000003B0 00918 00919 #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 00920 00921 /* WTLS mechanisms are new for v2.20 */ 00922 #define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0 00923 #define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1 00924 #define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2 00925 #define CKM_WTLS_PRF 0x000003D3 00926 #define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4 00927 #define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5 00928 00929 #define CKM_KEY_WRAP_LYNKS 0x00000400 00930 #define CKM_KEY_WRAP_SET_OAEP 0x00000401 00931 00932 /* CKM_CMS_SIG is new for v2.20 */ 00933 #define CKM_CMS_SIG 0x00000500 00934 00935 /* CKM_KIP mechanisms are new for PKCS #11 v2.20 amendment 2 */ 00936 #define CKM_KIP_DERIVE 0x00000510 00937 #define CKM_KIP_WRAP 0x00000511 00938 #define CKM_KIP_MAC 0x00000512 00939 00940 /* Camellia is new for PKCS #11 v2.20 amendment 3 */ 00941 #define CKM_CAMELLIA_KEY_GEN 0x00000550 00942 #define CKM_CAMELLIA_ECB 0x00000551 00943 #define CKM_CAMELLIA_CBC 0x00000552 00944 #define CKM_CAMELLIA_MAC 0x00000553 00945 #define CKM_CAMELLIA_MAC_GENERAL 0x00000554 00946 #define CKM_CAMELLIA_CBC_PAD 0x00000555 00947 #define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556 00948 #define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557 00949 #define CKM_CAMELLIA_CTR 0x00000558 00950 00951 /* ARIA is new for PKCS #11 v2.20 amendment 3 */ 00952 #define CKM_ARIA_KEY_GEN 0x00000560 00953 #define CKM_ARIA_ECB 0x00000561 00954 #define CKM_ARIA_CBC 0x00000562 00955 #define CKM_ARIA_MAC 0x00000563 00956 #define CKM_ARIA_MAC_GENERAL 0x00000564 00957 #define CKM_ARIA_CBC_PAD 0x00000565 00958 #define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566 00959 #define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567 00960 00961 /* SEED is new from PKCS #11 v2.30? */ 00962 #define CKM_SEED_KEY_GEN 0x00000650 00963 #define CKM_SEED_ECB 0x00000651 00964 #define CKM_SEED_CBC 0x00000652 00965 #define CKM_SEED_MAC 0x00000653 00966 #define CKM_SEED_MAC_GENERAL 0x00000654 00967 #define CKM_SEED_CBC_PAD 0x00000655 00968 #define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656 00969 #define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657 00970 00971 /* Fortezza mechanisms */ 00972 #define CKM_SKIPJACK_KEY_GEN 0x00001000 00973 #define CKM_SKIPJACK_ECB64 0x00001001 00974 #define CKM_SKIPJACK_CBC64 0x00001002 00975 #define CKM_SKIPJACK_OFB64 0x00001003 00976 #define CKM_SKIPJACK_CFB64 0x00001004 00977 #define CKM_SKIPJACK_CFB32 0x00001005 00978 #define CKM_SKIPJACK_CFB16 0x00001006 00979 #define CKM_SKIPJACK_CFB8 0x00001007 00980 #define CKM_SKIPJACK_WRAP 0x00001008 00981 #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 00982 #define CKM_SKIPJACK_RELAYX 0x0000100a 00983 #define CKM_KEA_KEY_PAIR_GEN 0x00001010 00984 #define CKM_KEA_KEY_DERIVE 0x00001011 00985 #define CKM_FORTEZZA_TIMESTAMP 0x00001020 00986 #define CKM_BATON_KEY_GEN 0x00001030 00987 #define CKM_BATON_ECB128 0x00001031 00988 #define CKM_BATON_ECB96 0x00001032 00989 #define CKM_BATON_CBC128 0x00001033 00990 #define CKM_BATON_COUNTER 0x00001034 00991 #define CKM_BATON_SHUFFLE 0x00001035 00992 #define CKM_BATON_WRAP 0x00001036 00993 00994 /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, 00995 * CKM_EC_KEY_PAIR_GEN is preferred */ 00996 #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 00997 #define CKM_EC_KEY_PAIR_GEN 0x00001040 00998 00999 #define CKM_ECDSA 0x00001041 01000 #define CKM_ECDSA_SHA1 0x00001042 01001 01002 /* From v2.30? */ 01003 #define CKM_ECDSA_SHA224 0x00001043 01004 #define CKM_ECDSA_SHA256 0x00001044 01005 #define CKM_ECDSA_SHA384 0x00001045 01006 #define CKM_ECDSA_SHA512 0x00001046 01007 01008 /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE 01009 * are new for v2.11 */ 01010 #define CKM_ECDH1_DERIVE 0x00001050 01011 #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 01012 #define CKM_ECMQV_DERIVE 0x00001052 01013 01014 #define CKM_JUNIPER_KEY_GEN 0x00001060 01015 #define CKM_JUNIPER_ECB128 0x00001061 01016 #define CKM_JUNIPER_CBC128 0x00001062 01017 #define CKM_JUNIPER_COUNTER 0x00001063 01018 #define CKM_JUNIPER_SHUFFLE 0x00001064 01019 #define CKM_JUNIPER_WRAP 0x00001065 01020 #define CKM_FASTHASH 0x00001070 01021 01022 /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, 01023 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, 01024 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are 01025 * new for v2.11 */ 01026 #define CKM_AES_KEY_GEN 0x00001080 01027 #define CKM_AES_ECB 0x00001081 01028 #define CKM_AES_CBC 0x00001082 01029 #define CKM_AES_MAC 0x00001083 01030 #define CKM_AES_MAC_GENERAL 0x00001084 01031 #define CKM_AES_CBC_PAD 0x00001085 01032 01033 /* AES counter mode is new for PKCS #11 v2.20 amendment 3 */ 01034 #define CKM_AES_CTR 0x00001086 01035 01036 /* Missing CKM_AES_GCM and co! */ 01037 01038 /* BlowFish and TwoFish are new for v2.20 */ 01039 #define CKM_BLOWFISH_KEY_GEN 0x00001090 01040 #define CKM_BLOWFISH_CBC 0x00001091 01041 #define CKM_TWOFISH_KEY_GEN 0x00001092 01042 #define CKM_TWOFISH_CBC 0x00001093 01043 01044 01045 /* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */ 01046 #define CKM_DES_ECB_ENCRYPT_DATA 0x00001100 01047 #define CKM_DES_CBC_ENCRYPT_DATA 0x00001101 01048 #define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102 01049 #define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103 01050 #define CKM_AES_ECB_ENCRYPT_DATA 0x00001104 01051 #define CKM_AES_CBC_ENCRYPT_DATA 0x00001105 01052 01053 /* GOST mechanism from v2.30? */ 01054 #define CKM_GOSTR3410_KEY_PAIR_GEN 0x00001200 01055 #define CKM_GOSTR3410 0x00001201 01056 #define CKM_GOSTR3410_WITH_GOSTR3411 0x00001202 01057 #define CKM_GOSTR3410_KEY_WRAP 0x00001203 01058 #define CKM_GOSTR3410_DERIVE 0x00001204 01059 #define CKM_GOSTR3411 0x00001210 01060 #define CKM_GOSTR3411_HMAC 0x00001211 01061 #define CKM_GOST28147_KEY_GEN 0x00001220 01062 #define CKM_GOST28147_ECB 0x00001221 01063 #define CKM_GOST28147 0x00001222 01064 #define CKM_GOST28147_MAC 0x00001223 01065 #define CKM_GOST28147_KEY_WRAP 0x00001224 01066 01067 #define CKM_DSA_PARAMETER_GEN 0x00002000 01068 #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 01069 #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 01070 01071 /* Missing AES_OFB and co, and RSA_PKCS 1_1 */ 01072 01073 #define CKM_VENDOR_DEFINED 0x80000000 01074 01075 typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; 01076 01077 01078 /* CK_MECHANISM is a structure that specifies a particular 01079 * mechanism */ 01080 typedef struct CK_MECHANISM { 01081 CK_MECHANISM_TYPE mechanism; 01082 CK_VOID_PTR pParameter; 01083 01084 /* ulParameterLen was changed from CK_USHORT to CK_ULONG for 01085 * v2.0 */ 01086 CK_ULONG ulParameterLen; /* in bytes */ 01087 } CK_MECHANISM; 01088 01089 typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; 01090 01091 01092 /* CK_MECHANISM_INFO provides information about a particular 01093 * mechanism */ 01094 typedef struct CK_MECHANISM_INFO { 01095 CK_ULONG ulMinKeySize; 01096 CK_ULONG ulMaxKeySize; 01097 CK_FLAGS flags; 01098 } CK_MECHANISM_INFO; 01099 01100 /* The flags are defined as follows: 01101 * Bit Flag Mask Meaning */ 01102 #define CKF_HW 0x00000001 /* performed by HW */ 01103 01104 /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, 01105 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, 01106 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, 01107 * and CKF_DERIVE are new for v2.0. They specify whether or not 01108 * a mechanism can be used for a particular task */ 01109 #define CKF_ENCRYPT 0x00000100 01110 #define CKF_DECRYPT 0x00000200 01111 #define CKF_DIGEST 0x00000400 01112 #define CKF_SIGN 0x00000800 01113 #define CKF_SIGN_RECOVER 0x00001000 01114 #define CKF_VERIFY 0x00002000 01115 #define CKF_VERIFY_RECOVER 0x00004000 01116 #define CKF_GENERATE 0x00008000 01117 #define CKF_GENERATE_KEY_PAIR 0x00010000 01118 #define CKF_WRAP 0x00020000 01119 #define CKF_UNWRAP 0x00040000 01120 #define CKF_DERIVE 0x00080000 01121 01122 /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, 01123 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They 01124 * describe a token's EC capabilities not available in mechanism 01125 * information. */ 01126 #define CKF_EC_F_P 0x00100000 01127 #define CKF_EC_F_2M 0x00200000 01128 #define CKF_EC_ECPARAMETERS 0x00400000 01129 #define CKF_EC_NAMEDCURVE 0x00800000 01130 #define CKF_EC_UNCOMPRESS 0x01000000 01131 #define CKF_EC_COMPRESS 0x02000000 01132 01133 #define CKF_EXTENSION 0x80000000 /* FALSE for this version */ 01134 01135 typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; 01136 01137 01138 /* CK_RV is a value that identifies the return value of a 01139 * Cryptoki function */ 01140 /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ 01141 typedef CK_ULONG CK_RV; 01142 01143 #define CKR_OK 0x00000000 01144 #define CKR_CANCEL 0x00000001 01145 #define CKR_HOST_MEMORY 0x00000002 01146 #define CKR_SLOT_ID_INVALID 0x00000003 01147 01148 /* CKR_FLAGS_INVALID was removed for v2.0 */ 01149 01150 /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ 01151 #define CKR_GENERAL_ERROR 0x00000005 01152 #define CKR_FUNCTION_FAILED 0x00000006 01153 01154 /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, 01155 * and CKR_CANT_LOCK are new for v2.01 */ 01156 #define CKR_ARGUMENTS_BAD 0x00000007 01157 #define CKR_NO_EVENT 0x00000008 01158 #define CKR_NEED_TO_CREATE_THREADS 0x00000009 01159 #define CKR_CANT_LOCK 0x0000000A 01160 01161 #define CKR_ATTRIBUTE_READ_ONLY 0x00000010 01162 #define CKR_ATTRIBUTE_SENSITIVE 0x00000011 01163 #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 01164 #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 01165 /* New CKR_COPY_PROHIBITED in v2.30? */ 01166 #define CKR_COPY_PROHIBITED 0x0000001A 01167 #define CKR_DATA_INVALID 0x00000020 01168 #define CKR_DATA_LEN_RANGE 0x00000021 01169 #define CKR_DEVICE_ERROR 0x00000030 01170 #define CKR_DEVICE_MEMORY 0x00000031 01171 #define CKR_DEVICE_REMOVED 0x00000032 01172 #define CKR_ENCRYPTED_DATA_INVALID 0x00000040 01173 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 01174 #define CKR_FUNCTION_CANCELED 0x00000050 01175 #define CKR_FUNCTION_NOT_PARALLEL 0x00000051 01176 01177 /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ 01178 #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 01179 01180 #define CKR_KEY_HANDLE_INVALID 0x00000060 01181 01182 /* CKR_KEY_SENSITIVE was removed for v2.0 */ 01183 01184 #define CKR_KEY_SIZE_RANGE 0x00000062 01185 #define CKR_KEY_TYPE_INCONSISTENT 0x00000063 01186 01187 /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, 01188 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, 01189 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for 01190 * v2.0 */ 01191 #define CKR_KEY_NOT_NEEDED 0x00000064 01192 #define CKR_KEY_CHANGED 0x00000065 01193 #define CKR_KEY_NEEDED 0x00000066 01194 #define CKR_KEY_INDIGESTIBLE 0x00000067 01195 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 01196 #define CKR_KEY_NOT_WRAPPABLE 0x00000069 01197 #define CKR_KEY_UNEXTRACTABLE 0x0000006A 01198 01199 #define CKR_MECHANISM_INVALID 0x00000070 01200 #define CKR_MECHANISM_PARAM_INVALID 0x00000071 01201 01202 /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID 01203 * were removed for v2.0 */ 01204 #define CKR_OBJECT_HANDLE_INVALID 0x00000082 01205 #define CKR_OPERATION_ACTIVE 0x00000090 01206 #define CKR_OPERATION_NOT_INITIALIZED 0x00000091 01207 #define CKR_PIN_INCORRECT 0x000000A0 01208 #define CKR_PIN_INVALID 0x000000A1 01209 #define CKR_PIN_LEN_RANGE 0x000000A2 01210 01211 /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ 01212 #define CKR_PIN_EXPIRED 0x000000A3 01213 #define CKR_PIN_LOCKED 0x000000A4 01214 01215 #define CKR_SESSION_CLOSED 0x000000B0 01216 #define CKR_SESSION_COUNT 0x000000B1 01217 #define CKR_SESSION_HANDLE_INVALID 0x000000B3 01218 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 01219 #define CKR_SESSION_READ_ONLY 0x000000B5 01220 #define CKR_SESSION_EXISTS 0x000000B6 01221 01222 /* CKR_SESSION_READ_ONLY_EXISTS and 01223 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ 01224 #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 01225 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 01226 01227 #define CKR_SIGNATURE_INVALID 0x000000C0 01228 #define CKR_SIGNATURE_LEN_RANGE 0x000000C1 01229 #define CKR_TEMPLATE_INCOMPLETE 0x000000D0 01230 #define CKR_TEMPLATE_INCONSISTENT 0x000000D1 01231 #define CKR_TOKEN_NOT_PRESENT 0x000000E0 01232 #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 01233 #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 01234 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 01235 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 01236 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 01237 01238 /* private extra values */ 01239 #define CKR_LIBRARY_ALREADY_INITIALIZED 0x000000FD 01240 #define CKR_LIBRARY_FAILED_TO_LOAD 0x000000FE 01241 #define CKR_SYMBOL_RESOLUTION_FAILED 0x000000FF 01242 01243 #define CKR_USER_ALREADY_LOGGED_IN 0x00000100 01244 #define CKR_USER_NOT_LOGGED_IN 0x00000101 01245 #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 01246 #define CKR_USER_TYPE_INVALID 0x00000103 01247 01248 /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES 01249 * are new to v2.01 */ 01250 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 01251 #define CKR_USER_TOO_MANY_TYPES 0x00000105 01252 01253 #define CKR_WRAPPED_KEY_INVALID 0x00000110 01254 #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 01255 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 01256 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 01257 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 01258 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 01259 01260 /* These are new to v2.0 */ 01261 #define CKR_RANDOM_NO_RNG 0x00000121 01262 01263 /* These are new to v2.11 */ 01264 #define CKR_DOMAIN_PARAMS_INVALID 0x00000130 01265 01266 /* These are new to v2.0 */ 01267 #define CKR_BUFFER_TOO_SMALL 0x00000150 01268 #define CKR_SAVED_STATE_INVALID 0x00000160 01269 #define CKR_INFORMATION_SENSITIVE 0x00000170 01270 #define CKR_STATE_UNSAVEABLE 0x00000180 01271 01272 /* These are new to v2.01 */ 01273 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 01274 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 01275 #define CKR_MUTEX_BAD 0x000001A0 01276 #define CKR_MUTEX_NOT_LOCKED 0x000001A1 01277 01278 /* The following return values are new for PKCS #11 v2.20 amendment 3 */ 01279 #define CKR_NEW_PIN_MODE 0x000001B0 01280 #define CKR_NEXT_OTP 0x000001B1 01281 01282 /* New from v2.30? */ 01283 #define CKR_EXCEEDED_MAX_ITERATIONS 0x000001B5 01284 #define CKR_FIPS_SELF_TEST_FAILED 0x000001B6 01285 #define CKR_LIBRARY_LOAD_FAILED 0x000001B7 01286 #define CKR_PIN_TOO_WEAK 0x000001B8 01287 #define CKR_PUBLIC_KEY_INVALID 0x000001B9 01288 01289 /* This is new to v2.20 */ 01290 #define CKR_FUNCTION_REJECTED 0x00000200 01291 01292 #define CKR_VENDOR_DEFINED 0x80000000 01293 01294 01295 /* CK_NOTIFY is an application callback that processes events */ 01296 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( 01297 CK_SESSION_HANDLE hSession, /* the session's handle */ 01298 CK_NOTIFICATION event, 01299 CK_VOID_PTR pApplication /* passed to C_OpenSession */ 01300 ); 01301 01302 01303 /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec 01304 * version and pointers of appropriate types to all the 01305 * Cryptoki functions */ 01306 /* CK_FUNCTION_LIST is new for v2.0 */ 01307 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 01308 01309 typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; 01310 01311 typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; 01312 01313 01314 /* CK_CREATEMUTEX is an application callback for creating a 01315 * mutex object */ 01316 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( 01317 CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ 01318 ); 01319 01320 01321 /* CK_DESTROYMUTEX is an application callback for destroying a 01322 * mutex object */ 01323 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( 01324 CK_VOID_PTR pMutex /* pointer to mutex */ 01325 ); 01326 01327 01328 /* CK_LOCKMUTEX is an application callback for locking a mutex */ 01329 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( 01330 CK_VOID_PTR pMutex /* pointer to mutex */ 01331 ); 01332 01333 01334 /* CK_UNLOCKMUTEX is an application callback for unlocking a 01335 * mutex */ 01336 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( 01337 CK_VOID_PTR pMutex /* pointer to mutex */ 01338 ); 01339 01340 01341 /* CK_C_INITIALIZE_ARGS provides the optional arguments to 01342 * C_Initialize */ 01343 typedef struct CK_C_INITIALIZE_ARGS { 01344 CK_CREATEMUTEX CreateMutex; 01345 CK_DESTROYMUTEX DestroyMutex; 01346 CK_LOCKMUTEX LockMutex; 01347 CK_UNLOCKMUTEX UnlockMutex; 01348 CK_FLAGS flags; 01349 CK_VOID_PTR pReserved; 01350 } CK_C_INITIALIZE_ARGS; 01351 01352 /* flags: bit flags that provide capabilities of the slot 01353 * Bit Flag Mask Meaning 01354 */ 01355 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 01356 #define CKF_OS_LOCKING_OK 0x00000002 01357 01358 typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; 01359 01360 01361 /* additional flags for parameters to functions */ 01362 01363 /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ 01364 #define CKF_DONT_BLOCK 1 01365 01366 /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. 01367 * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message 01368 * Generation Function (MGF) applied to a message block when 01369 * formatting a message block for the PKCS #1 OAEP encryption 01370 * scheme. */ 01371 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 01372 01373 typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; 01374 01375 /* The following MGFs are defined */ 01376 /* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512 01377 * are new for v2.20 */ 01378 #define CKG_MGF1_SHA1 0x00000001 01379 #define CKG_MGF1_SHA256 0x00000002 01380 #define CKG_MGF1_SHA384 0x00000003 01381 #define CKG_MGF1_SHA512 0x00000004 01382 /* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ 01383 #define CKG_MGF1_SHA224 0x00000005 01384 01385 /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. 01386 * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source 01387 * of the encoding parameter when formatting a message block 01388 * for the PKCS #1 OAEP encryption scheme. */ 01389 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 01390 01391 typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; 01392 01393 /* The following encoding parameter sources are defined */ 01394 #define CKZ_DATA_SPECIFIED 0x00000001 01395 01396 /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. 01397 * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the 01398 * CKM_RSA_PKCS_OAEP mechanism. */ 01399 typedef struct CK_RSA_PKCS_OAEP_PARAMS { 01400 CK_MECHANISM_TYPE hashAlg; 01401 CK_RSA_PKCS_MGF_TYPE mgf; 01402 CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 01403 CK_VOID_PTR pSourceData; 01404 CK_ULONG ulSourceDataLen; 01405 } CK_RSA_PKCS_OAEP_PARAMS; 01406 01407 typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; 01408 01409 /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. 01410 * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the 01411 * CKM_RSA_PKCS_PSS mechanism(s). */ 01412 typedef struct CK_RSA_PKCS_PSS_PARAMS { 01413 CK_MECHANISM_TYPE hashAlg; 01414 CK_RSA_PKCS_MGF_TYPE mgf; 01415 CK_ULONG sLen; 01416 } CK_RSA_PKCS_PSS_PARAMS; 01417 01418 typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; 01419 01420 /* CK_EC_KDF_TYPE is new for v2.11. */ 01421 typedef CK_ULONG CK_EC_KDF_TYPE; 01422 01423 /* The following EC Key Derivation Functions are defined */ 01424 #define CKD_NULL 0x00000001 01425 #define CKD_SHA1_KDF 0x00000002 01426 01427 /* CK_ECDH1_DERIVE_PARAMS is new for v2.11. 01428 * CK_ECDH1_DERIVE_PARAMS provides the parameters to the 01429 * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, 01430 * where each party contributes one key pair. 01431 */ 01432 typedef struct CK_ECDH1_DERIVE_PARAMS { 01433 CK_EC_KDF_TYPE kdf; 01434 CK_ULONG ulSharedDataLen; 01435 CK_BYTE_PTR pSharedData; 01436 CK_ULONG ulPublicDataLen; 01437 CK_BYTE_PTR pPublicData; 01438 } CK_ECDH1_DERIVE_PARAMS; 01439 01440 typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; 01441 01442 01443 /* CK_ECDH2_DERIVE_PARAMS is new for v2.11. 01444 * CK_ECDH2_DERIVE_PARAMS provides the parameters to the 01445 * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */ 01446 typedef struct CK_ECDH2_DERIVE_PARAMS { 01447 CK_EC_KDF_TYPE kdf; 01448 CK_ULONG ulSharedDataLen; 01449 CK_BYTE_PTR pSharedData; 01450 CK_ULONG ulPublicDataLen; 01451 CK_BYTE_PTR pPublicData; 01452 CK_ULONG ulPrivateDataLen; 01453 CK_OBJECT_HANDLE hPrivateData; 01454 CK_ULONG ulPublicDataLen2; 01455 CK_BYTE_PTR pPublicData2; 01456 } CK_ECDH2_DERIVE_PARAMS; 01457 01458 typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; 01459 01460 typedef struct CK_ECMQV_DERIVE_PARAMS { 01461 CK_EC_KDF_TYPE kdf; 01462 CK_ULONG ulSharedDataLen; 01463 CK_BYTE_PTR pSharedData; 01464 CK_ULONG ulPublicDataLen; 01465 CK_BYTE_PTR pPublicData; 01466 CK_ULONG ulPrivateDataLen; 01467 CK_OBJECT_HANDLE hPrivateData; 01468 CK_ULONG ulPublicDataLen2; 01469 CK_BYTE_PTR pPublicData2; 01470 CK_OBJECT_HANDLE publicKey; 01471 } CK_ECMQV_DERIVE_PARAMS; 01472 01473 typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR; 01474 01475 /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the 01476 * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */ 01477 typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; 01478 typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; 01479 01480 /* The following X9.42 DH key derivation functions are defined 01481 (besides CKD_NULL already defined : */ 01482 #define CKD_SHA1_KDF_ASN1 0x00000003 01483 #define CKD_SHA1_KDF_CONCATENATE 0x00000004 01484 01485 /* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11. 01486 * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the 01487 * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party 01488 * contributes one key pair */ 01489 typedef struct CK_X9_42_DH1_DERIVE_PARAMS { 01490 CK_X9_42_DH_KDF_TYPE kdf; 01491 CK_ULONG ulOtherInfoLen; 01492 CK_BYTE_PTR pOtherInfo; 01493 CK_ULONG ulPublicDataLen; 01494 CK_BYTE_PTR pPublicData; 01495 } CK_X9_42_DH1_DERIVE_PARAMS; 01496 01497 typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; 01498 01499 /* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11. 01500 * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the 01501 * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation 01502 * mechanisms, where each party contributes two key pairs */ 01503 typedef struct CK_X9_42_DH2_DERIVE_PARAMS { 01504 CK_X9_42_DH_KDF_TYPE kdf; 01505 CK_ULONG ulOtherInfoLen; 01506 CK_BYTE_PTR pOtherInfo; 01507 CK_ULONG ulPublicDataLen; 01508 CK_BYTE_PTR pPublicData; 01509 CK_ULONG ulPrivateDataLen; 01510 CK_OBJECT_HANDLE hPrivateData; 01511 CK_ULONG ulPublicDataLen2; 01512 CK_BYTE_PTR pPublicData2; 01513 } CK_X9_42_DH2_DERIVE_PARAMS; 01514 01515 typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; 01516 01517 typedef struct CK_X9_42_MQV_DERIVE_PARAMS { 01518 CK_X9_42_DH_KDF_TYPE kdf; 01519 CK_ULONG ulOtherInfoLen; 01520 CK_BYTE_PTR pOtherInfo; 01521 CK_ULONG ulPublicDataLen; 01522 CK_BYTE_PTR pPublicData; 01523 CK_ULONG ulPrivateDataLen; 01524 CK_OBJECT_HANDLE hPrivateData; 01525 CK_ULONG ulPublicDataLen2; 01526 CK_BYTE_PTR pPublicData2; 01527 CK_OBJECT_HANDLE publicKey; 01528 } CK_X9_42_MQV_DERIVE_PARAMS; 01529 01530 typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR; 01531 01532 /* CK_KEA_DERIVE_PARAMS provides the parameters to the 01533 * CKM_KEA_DERIVE mechanism */ 01534 /* CK_KEA_DERIVE_PARAMS is new for v2.0 */ 01535 typedef struct CK_KEA_DERIVE_PARAMS { 01536 CK_BBOOL isSender; 01537 CK_ULONG ulRandomLen; 01538 CK_BYTE_PTR pRandomA; 01539 CK_BYTE_PTR pRandomB; 01540 CK_ULONG ulPublicDataLen; 01541 CK_BYTE_PTR pPublicData; 01542 } CK_KEA_DERIVE_PARAMS; 01543 01544 typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; 01545 01546 01547 /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and 01548 * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just 01549 * holds the effective keysize */ 01550 typedef CK_ULONG CK_RC2_PARAMS; 01551 01552 typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; 01553 01554 01555 /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC 01556 * mechanism */ 01557 typedef struct CK_RC2_CBC_PARAMS { 01558 /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for 01559 * v2.0 */ 01560 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 01561 01562 CK_BYTE iv[8]; /* IV for CBC mode */ 01563 } CK_RC2_CBC_PARAMS; 01564 01565 typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; 01566 01567 01568 /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the 01569 * CKM_RC2_MAC_GENERAL mechanism */ 01570 /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ 01571 typedef struct CK_RC2_MAC_GENERAL_PARAMS { 01572 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 01573 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 01574 } CK_RC2_MAC_GENERAL_PARAMS; 01575 01576 typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ 01577 CK_RC2_MAC_GENERAL_PARAMS_PTR; 01578 01579 01580 /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and 01581 * CKM_RC5_MAC mechanisms */ 01582 /* CK_RC5_PARAMS is new for v2.0 */ 01583 typedef struct CK_RC5_PARAMS { 01584 CK_ULONG ulWordsize; /* wordsize in bits */ 01585 CK_ULONG ulRounds; /* number of rounds */ 01586 } CK_RC5_PARAMS; 01587 01588 typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; 01589 01590 01591 /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC 01592 * mechanism */ 01593 /* CK_RC5_CBC_PARAMS is new for v2.0 */ 01594 typedef struct CK_RC5_CBC_PARAMS { 01595 CK_ULONG ulWordsize; /* wordsize in bits */ 01596 CK_ULONG ulRounds; /* number of rounds */ 01597 CK_BYTE_PTR pIv; /* pointer to IV */ 01598 CK_ULONG ulIvLen; /* length of IV in bytes */ 01599 } CK_RC5_CBC_PARAMS; 01600 01601 typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; 01602 01603 01604 /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the 01605 * CKM_RC5_MAC_GENERAL mechanism */ 01606 /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ 01607 typedef struct CK_RC5_MAC_GENERAL_PARAMS { 01608 CK_ULONG ulWordsize; /* wordsize in bits */ 01609 CK_ULONG ulRounds; /* number of rounds */ 01610 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 01611 } CK_RC5_MAC_GENERAL_PARAMS; 01612 01613 typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ 01614 CK_RC5_MAC_GENERAL_PARAMS_PTR; 01615 01616 01617 /* CK_MAC_GENERAL_PARAMS provides the parameters to most block 01618 * ciphers' MAC_GENERAL mechanisms. Its value is the length of 01619 * the MAC */ 01620 /* CK_MAC_GENERAL_PARAMS is new for v2.0 */ 01621 typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 01622 01623 typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; 01624 01625 /* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */ 01626 typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS { 01627 CK_BYTE iv[8]; 01628 CK_BYTE_PTR pData; 01629 CK_ULONG length; 01630 } CK_DES_CBC_ENCRYPT_DATA_PARAMS; 01631 01632 typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; 01633 01634 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { 01635 CK_BYTE iv[16]; 01636 CK_BYTE_PTR pData; 01637 CK_ULONG length; 01638 } CK_AES_CBC_ENCRYPT_DATA_PARAMS; 01639 01640 typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; 01641 01642 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the 01643 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ 01644 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ 01645 typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { 01646 CK_ULONG ulPasswordLen; 01647 CK_BYTE_PTR pPassword; 01648 CK_ULONG ulPublicDataLen; 01649 CK_BYTE_PTR pPublicData; 01650 CK_ULONG ulPAndGLen; 01651 CK_ULONG ulQLen; 01652 CK_ULONG ulRandomLen; 01653 CK_BYTE_PTR pRandomA; 01654 CK_BYTE_PTR pPrimeP; 01655 CK_BYTE_PTR pBaseG; 01656 CK_BYTE_PTR pSubprimeQ; 01657 } CK_SKIPJACK_PRIVATE_WRAP_PARAMS; 01658 01659 typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ 01660 CK_SKIPJACK_PRIVATE_WRAP_PTR; 01661 01662 01663 /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the 01664 * CKM_SKIPJACK_RELAYX mechanism */ 01665 /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ 01666 typedef struct CK_SKIPJACK_RELAYX_PARAMS { 01667 CK_ULONG ulOldWrappedXLen; 01668 CK_BYTE_PTR pOldWrappedX; 01669 CK_ULONG ulOldPasswordLen; 01670 CK_BYTE_PTR pOldPassword; 01671 CK_ULONG ulOldPublicDataLen; 01672 CK_BYTE_PTR pOldPublicData; 01673 CK_ULONG ulOldRandomLen; 01674 CK_BYTE_PTR pOldRandomA; 01675 CK_ULONG ulNewPasswordLen; 01676 CK_BYTE_PTR pNewPassword; 01677 CK_ULONG ulNewPublicDataLen; 01678 CK_BYTE_PTR pNewPublicData; 01679 CK_ULONG ulNewRandomLen; 01680 CK_BYTE_PTR pNewRandomA; 01681 } CK_SKIPJACK_RELAYX_PARAMS; 01682 01683 typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ 01684 CK_SKIPJACK_RELAYX_PARAMS_PTR; 01685 01686 01687 typedef struct CK_PBE_PARAMS { 01688 CK_BYTE_PTR pInitVector; 01689 CK_UTF8CHAR_PTR pPassword; 01690 CK_ULONG ulPasswordLen; 01691 CK_BYTE_PTR pSalt; 01692 CK_ULONG ulSaltLen; 01693 CK_ULONG ulIteration; 01694 } CK_PBE_PARAMS; 01695 01696 typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; 01697 01698 01699 /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the 01700 * CKM_KEY_WRAP_SET_OAEP mechanism */ 01701 /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ 01702 typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { 01703 CK_BYTE bBC; /* block contents byte */ 01704 CK_BYTE_PTR pX; /* extra data */ 01705 CK_ULONG ulXLen; /* length of extra data in bytes */ 01706 } CK_KEY_WRAP_SET_OAEP_PARAMS; 01707 01708 typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \ 01709 CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; 01710 01711 01712 typedef struct CK_SSL3_RANDOM_DATA { 01713 CK_BYTE_PTR pClientRandom; 01714 CK_ULONG ulClientRandomLen; 01715 CK_BYTE_PTR pServerRandom; 01716 CK_ULONG ulServerRandomLen; 01717 } CK_SSL3_RANDOM_DATA; 01718 01719 01720 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { 01721 CK_SSL3_RANDOM_DATA RandomInfo; 01722 CK_VERSION_PTR pVersion; 01723 } CK_SSL3_MASTER_KEY_DERIVE_PARAMS; 01724 01725 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ 01726 CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; 01727 01728 01729 typedef struct CK_SSL3_KEY_MAT_OUT { 01730 CK_OBJECT_HANDLE hClientMacSecret; 01731 CK_OBJECT_HANDLE hServerMacSecret; 01732 CK_OBJECT_HANDLE hClientKey; 01733 CK_OBJECT_HANDLE hServerKey; 01734 CK_BYTE_PTR pIVClient; 01735 CK_BYTE_PTR pIVServer; 01736 } CK_SSL3_KEY_MAT_OUT; 01737 01738 typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; 01739 01740 01741 typedef struct CK_SSL3_KEY_MAT_PARAMS { 01742 CK_ULONG ulMacSizeInBits; 01743 CK_ULONG ulKeySizeInBits; 01744 CK_ULONG ulIVSizeInBits; 01745 CK_BBOOL bIsExport; 01746 CK_SSL3_RANDOM_DATA RandomInfo; 01747 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 01748 } CK_SSL3_KEY_MAT_PARAMS; 01749 01750 typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; 01751 01752 /* CK_TLS_PRF_PARAMS is new for version 2.20 */ 01753 typedef struct CK_TLS_PRF_PARAMS { 01754 CK_BYTE_PTR pSeed; 01755 CK_ULONG ulSeedLen; 01756 CK_BYTE_PTR pLabel; 01757 CK_ULONG ulLabelLen; 01758 CK_BYTE_PTR pOutput; 01759 CK_ULONG_PTR pulOutputLen; 01760 } CK_TLS_PRF_PARAMS; 01761 01762 typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; 01763 01764 /* WTLS is new for version 2.20 */ 01765 typedef struct CK_WTLS_RANDOM_DATA { 01766 CK_BYTE_PTR pClientRandom; 01767 CK_ULONG ulClientRandomLen; 01768 CK_BYTE_PTR pServerRandom; 01769 CK_ULONG ulServerRandomLen; 01770 } CK_WTLS_RANDOM_DATA; 01771 01772 typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR; 01773 01774 typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { 01775 CK_MECHANISM_TYPE DigestMechanism; 01776 CK_WTLS_RANDOM_DATA RandomInfo; 01777 CK_BYTE_PTR pVersion; 01778 } CK_WTLS_MASTER_KEY_DERIVE_PARAMS; 01779 01780 typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \ 01781 CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR; 01782 01783 typedef struct CK_WTLS_PRF_PARAMS { 01784 CK_MECHANISM_TYPE DigestMechanism; 01785 CK_BYTE_PTR pSeed; 01786 CK_ULONG ulSeedLen; 01787 CK_BYTE_PTR pLabel; 01788 CK_ULONG ulLabelLen; 01789 CK_BYTE_PTR pOutput; 01790 CK_ULONG_PTR pulOutputLen; 01791 } CK_WTLS_PRF_PARAMS; 01792 01793 typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR; 01794 01795 typedef struct CK_WTLS_KEY_MAT_OUT { 01796 CK_OBJECT_HANDLE hMacSecret; 01797 CK_OBJECT_HANDLE hKey; 01798 CK_BYTE_PTR pIV; 01799 } CK_WTLS_KEY_MAT_OUT; 01800 01801 typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR; 01802 01803 typedef struct CK_WTLS_KEY_MAT_PARAMS { 01804 CK_MECHANISM_TYPE DigestMechanism; 01805 CK_ULONG ulMacSizeInBits; 01806 CK_ULONG ulKeySizeInBits; 01807 CK_ULONG ulIVSizeInBits; 01808 CK_ULONG ulSequenceNumber; 01809 CK_BBOOL bIsExport; 01810 CK_WTLS_RANDOM_DATA RandomInfo; 01811 CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 01812 } CK_WTLS_KEY_MAT_PARAMS; 01813 01814 typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR; 01815 01816 /* CMS is new for version 2.20 */ 01817 typedef struct CK_CMS_SIG_PARAMS { 01818 CK_OBJECT_HANDLE certificateHandle; 01819 CK_MECHANISM_PTR pSigningMechanism; 01820 CK_MECHANISM_PTR pDigestMechanism; 01821 CK_UTF8CHAR_PTR pContentType; 01822 CK_BYTE_PTR pRequestedAttributes; 01823 CK_ULONG ulRequestedAttributesLen; 01824 CK_BYTE_PTR pRequiredAttributes; 01825 CK_ULONG ulRequiredAttributesLen; 01826 } CK_CMS_SIG_PARAMS; 01827 01828 typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR; 01829 01830 typedef struct CK_KEY_DERIVATION_STRING_DATA { 01831 CK_BYTE_PTR pData; 01832 CK_ULONG ulLen; 01833 } CK_KEY_DERIVATION_STRING_DATA; 01834 01835 typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ 01836 CK_KEY_DERIVATION_STRING_DATA_PTR; 01837 01838 01839 /* The CK_EXTRACT_PARAMS is used for the 01840 * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit 01841 * of the base key should be used as the first bit of the 01842 * derived key */ 01843 /* CK_EXTRACT_PARAMS is new for v2.0 */ 01844 typedef CK_ULONG CK_EXTRACT_PARAMS; 01845 01846 typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; 01847 01848 /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. 01849 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to 01850 * indicate the Pseudo-Random Function (PRF) used to generate 01851 * key bits using PKCS #5 PBKDF2. */ 01852 typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; 01853 01854 typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; 01855 01856 /* The following PRFs are defined in PKCS #5 v2.0. */ 01857 #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 01858 01859 01860 /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. 01861 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the 01862 * source of the salt value when deriving a key using PKCS #5 01863 * PBKDF2. */ 01864 typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; 01865 01866 typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; 01867 01868 /* The following salt value sources are defined in PKCS #5 v2.0. */ 01869 #define CKZ_SALT_SPECIFIED 0x00000001 01870 01871 /* CK_PKCS5_PBKD2_PARAMS is new for v2.10. 01872 * CK_PKCS5_PBKD2_PARAMS is a structure that provides the 01873 * parameters to the CKM_PKCS5_PBKD2 mechanism. */ 01874 typedef struct CK_PKCS5_PBKD2_PARAMS { 01875 CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; 01876 CK_VOID_PTR pSaltSourceData; 01877 CK_ULONG ulSaltSourceDataLen; 01878 CK_ULONG iterations; 01879 CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; 01880 CK_VOID_PTR pPrfData; 01881 CK_ULONG ulPrfDataLen; 01882 CK_UTF8CHAR_PTR pPassword; 01883 CK_ULONG_PTR ulPasswordLen; 01884 } CK_PKCS5_PBKD2_PARAMS; 01885 01886 typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; 01887 01888 /* All CK_OTP structs are new for PKCS #11 v2.20 amendment 3 */ 01889 01890 typedef CK_ULONG CK_OTP_PARAM_TYPE; 01891 typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* B/w compatibility */ 01892 01893 typedef struct CK_OTP_PARAM { 01894 CK_OTP_PARAM_TYPE type; 01895 CK_VOID_PTR pValue; 01896 CK_ULONG ulValueLen; 01897 } CK_OTP_PARAM; 01898 01899 typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR; 01900 01901 typedef struct CK_OTP_PARAMS { 01902 CK_OTP_PARAM_PTR pParams; 01903 CK_ULONG ulCount; 01904 } CK_OTP_PARAMS; 01905 01906 typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR; 01907 01908 typedef struct CK_OTP_SIGNATURE_INFO { 01909 CK_OTP_PARAM_PTR pParams; 01910 CK_ULONG ulCount; 01911 } CK_OTP_SIGNATURE_INFO; 01912 01913 typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR; 01914 01915 /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */ 01916 #define CK_OTP_VALUE 0 01917 #define CK_OTP_PIN 1 01918 #define CK_OTP_CHALLENGE 2 01919 #define CK_OTP_TIME 3 01920 #define CK_OTP_COUNTER 4 01921 #define CK_OTP_FLAGS 5 01922 #define CK_OTP_OUTPUT_LENGTH 6 01923 #define CK_OTP_OUTPUT_FORMAT 7 01924 01925 /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */ 01926 #define CKF_NEXT_OTP 0x00000001 01927 #define CKF_EXCLUDE_TIME 0x00000002 01928 #define CKF_EXCLUDE_COUNTER 0x00000004 01929 #define CKF_EXCLUDE_CHALLENGE 0x00000008 01930 #define CKF_EXCLUDE_PIN 0x00000010 01931 #define CKF_USER_FRIENDLY_OTP 0x00000020 01932 01933 /* CK_KIP_PARAMS is new for PKCS #11 v2.20 amendment 2 */ 01934 typedef struct CK_KIP_PARAMS { 01935 CK_MECHANISM_PTR pMechanism; 01936 CK_OBJECT_HANDLE hKey; 01937 CK_BYTE_PTR pSeed; 01938 CK_ULONG ulSeedLen; 01939 } CK_KIP_PARAMS; 01940 01941 typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR; 01942 01943 /* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 01944 typedef struct CK_AES_CTR_PARAMS { 01945 CK_ULONG ulCounterBits; 01946 CK_BYTE cb[16]; 01947 } CK_AES_CTR_PARAMS; 01948 01949 typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; 01950 01951 /* CK_CAMELLIA_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 01952 typedef struct CK_CAMELLIA_CTR_PARAMS { 01953 CK_ULONG ulCounterBits; 01954 CK_BYTE cb[16]; 01955 } CK_CAMELLIA_CTR_PARAMS; 01956 01957 typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR; 01958 01959 /* CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 01960 typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS { 01961 CK_BYTE iv[16]; 01962 CK_BYTE_PTR pData; 01963 CK_ULONG length; 01964 } CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; 01965 01966 typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; 01967 01968 /* CK_ARIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 01969 typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS { 01970 CK_BYTE iv[16]; 01971 CK_BYTE_PTR pData; 01972 CK_ULONG length; 01973 } CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; 01974 01975 typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; 01976 01977 #endif