1 /* pkcs11t.h include file for PKCS #11. */
\r
2 /* $Revision: 1.4 $ */
\r
4 /* License to copy and use this software is granted provided that it is
\r
5 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
\r
6 * (Cryptoki)" in all material mentioning or referencing this software.
\r
8 * License is also granted to make and use derivative works provided that
\r
9 * such works are identified as "derived from the RSA Security Inc. PKCS #11
\r
10 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
\r
11 * referencing the derived work.
\r
13 * RSA Security Inc. makes no representations concerning either the
\r
14 * merchantability of this software or the suitability of this software for
\r
15 * any particular purpose. It is provided "as is" without express or implied
\r
16 * warranty of any kind.
\r
19 /* See top of pkcs11.h for information about the macros that
\r
20 * must be defined and the structure-packing conventions that
\r
21 * must be set before including this file. */
\r
24 #define _PKCS11T_H_ 1
\r
26 #ifndef CK_DISABLE_TRUE_FALSE
\r
32 #define TRUE !(FALSE)
\r
39 /* an unsigned 8-bit value */
\r
40 typedef unsigned char CK_BYTE;
\r
42 /* an unsigned 8-bit character */
\r
43 typedef CK_BYTE CK_CHAR;
\r
45 /* an 8-bit UTF-8 character */
\r
46 typedef CK_BYTE CK_UTF8CHAR;
\r
48 /* a BYTE-sized Boolean flag */
\r
49 typedef CK_BYTE CK_BBOOL;
\r
51 /* an unsigned value, at least 32 bits long */
\r
52 typedef unsigned long int CK_ULONG;
\r
54 /* a signed value, the same size as a CK_ULONG */
\r
55 /* CK_LONG is new for v2.0 */
\r
56 typedef long int CK_LONG;
\r
58 /* at least 32 bits; each bit is a Boolean flag */
\r
59 typedef CK_ULONG CK_FLAGS;
\r
62 /* some special values for certain CK_ULONG variables */
\r
63 #define CK_UNAVAILABLE_INFORMATION (~0UL)
\r
64 #define CK_EFFECTIVELY_INFINITE 0
\r
67 typedef CK_BYTE CK_PTR CK_BYTE_PTR;
\r
68 typedef CK_CHAR CK_PTR CK_CHAR_PTR;
\r
69 typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
\r
70 typedef CK_ULONG CK_PTR CK_ULONG_PTR;
\r
71 typedef void CK_PTR CK_VOID_PTR;
\r
73 /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
\r
74 typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
\r
77 /* The following value is always invalid if used as a session */
\r
78 /* handle or object handle */
\r
79 #define CK_INVALID_HANDLE 0
\r
82 typedef struct CK_VERSION {
\r
83 CK_BYTE major; /* integer portion of version number */
\r
84 CK_BYTE minor; /* 1/100ths portion of version number */
\r
87 typedef CK_VERSION CK_PTR CK_VERSION_PTR;
\r
90 typedef struct CK_INFO {
\r
91 /* manufacturerID and libraryDecription have been changed from
\r
92 * CK_CHAR to CK_UTF8CHAR for v2.10 */
\r
93 CK_VERSION cryptokiVersion; /* Cryptoki interface ver */
\r
94 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
\r
95 CK_FLAGS flags; /* must be zero */
\r
97 /* libraryDescription and libraryVersion are new for v2.0 */
\r
98 CK_UTF8CHAR libraryDescription[32]; /* blank padded */
\r
99 CK_VERSION libraryVersion; /* version of library */
\r
102 typedef CK_INFO CK_PTR CK_INFO_PTR;
\r
105 /* CK_NOTIFICATION enumerates the types of notifications that
\r
106 * Cryptoki provides to an application */
\r
107 /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
\r
109 typedef CK_ULONG CK_NOTIFICATION;
\r
110 #define CKN_SURRENDER 0
\r
113 typedef CK_ULONG CK_SLOT_ID;
\r
115 typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
\r
118 /* CK_SLOT_INFO provides information about a slot */
\r
119 typedef struct CK_SLOT_INFO {
\r
120 /* slotDescription and manufacturerID have been changed from
\r
121 * CK_CHAR to CK_UTF8CHAR for v2.10 */
\r
122 CK_UTF8CHAR slotDescription[64]; /* blank padded */
\r
123 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
\r
126 /* hardwareVersion and firmwareVersion are new for v2.0 */
\r
127 CK_VERSION hardwareVersion; /* version of hardware */
\r
128 CK_VERSION firmwareVersion; /* version of firmware */
\r
131 /* flags: bit flags that provide capabilities of the slot
\r
132 * Bit Flag Mask Meaning
\r
134 #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */
\r
135 #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/
\r
136 #define CKF_HW_SLOT 0x00000004 /* hardware slot */
\r
138 typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
\r
141 /* CK_TOKEN_INFO provides information about a token */
\r
142 typedef struct CK_TOKEN_INFO {
\r
143 /* label, manufacturerID, and model have been changed from
\r
144 * CK_CHAR to CK_UTF8CHAR for v2.10 */
\r
145 CK_UTF8CHAR label[32]; /* blank padded */
\r
146 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
\r
147 CK_UTF8CHAR model[16]; /* blank padded */
\r
148 CK_CHAR serialNumber[16]; /* blank padded */
\r
149 CK_FLAGS flags; /* see below */
\r
151 /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
\r
152 * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
\r
153 * changed from CK_USHORT to CK_ULONG for v2.0 */
\r
154 CK_ULONG ulMaxSessionCount; /* max open sessions */
\r
155 CK_ULONG ulSessionCount; /* sess. now open */
\r
156 CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
\r
157 CK_ULONG ulRwSessionCount; /* R/W sess. now open */
\r
158 CK_ULONG ulMaxPinLen; /* in bytes */
\r
159 CK_ULONG ulMinPinLen; /* in bytes */
\r
160 CK_ULONG ulTotalPublicMemory; /* in bytes */
\r
161 CK_ULONG ulFreePublicMemory; /* in bytes */
\r
162 CK_ULONG ulTotalPrivateMemory; /* in bytes */
\r
163 CK_ULONG ulFreePrivateMemory; /* in bytes */
\r
165 /* hardwareVersion, firmwareVersion, and time are new for
\r
167 CK_VERSION hardwareVersion; /* version of hardware */
\r
168 CK_VERSION firmwareVersion; /* version of firmware */
\r
169 CK_CHAR utcTime[16]; /* time */
\r
172 /* The flags parameter is defined as follows:
\r
173 * Bit Flag Mask Meaning
\r
175 #define CKF_RNG 0x00000001 /* has random #
\r
177 #define CKF_WRITE_PROTECTED 0x00000002 /* token is
\r
180 #define CKF_LOGIN_REQUIRED 0x00000004 /* user must
\r
182 #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's
\r
185 /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set,
\r
186 * that means that *every* time the state of cryptographic
\r
187 * operations of a session is successfully saved, all keys
\r
188 * needed to continue those operations are stored in the state */
\r
189 #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020
\r
191 /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means
\r
192 * that the token has some sort of clock. The time on that
\r
193 * clock is returned in the token info structure */
\r
194 #define CKF_CLOCK_ON_TOKEN 0x00000040
\r
196 /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is
\r
197 * set, that means that there is some way for the user to login
\r
198 * without sending a PIN through the Cryptoki library itself */
\r
199 #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100
\r
201 /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true,
\r
202 * that means that a single session with the token can perform
\r
203 * dual simultaneous cryptographic operations (digest and
\r
204 * encrypt; decrypt and digest; sign and encrypt; and decrypt
\r
206 #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200
\r
208 /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
\r
209 * token has been initialized using C_InitializeToken or an
\r
210 * equivalent mechanism outside the scope of PKCS #11.
\r
211 * Calling C_InitializeToken when this flag is set will cause
\r
212 * the token to be reinitialized. */
\r
213 #define CKF_TOKEN_INITIALIZED 0x00000400
\r
215 /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is
\r
216 * true, the token supports secondary authentication for
\r
217 * private key objects. */
\r
218 #define CKF_SECONDARY_AUTHENTICATION 0x00000800
\r
220 /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an
\r
221 * incorrect user login PIN has been entered at least once
\r
222 * since the last successful authentication. */
\r
223 #define CKF_USER_PIN_COUNT_LOW 0x00010000
\r
225 /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
\r
226 * supplying an incorrect user PIN will it to become locked. */
\r
227 #define CKF_USER_PIN_FINAL_TRY 0x00020000
\r
229 /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the
\r
230 * user PIN has been locked. User login to the token is not
\r
232 #define CKF_USER_PIN_LOCKED 0x00040000
\r
234 /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
\r
235 * the user PIN value is the default value set by token
\r
236 * initialization or manufacturing, or the PIN has been
\r
237 * expired by the card. */
\r
238 #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000
\r
240 /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an
\r
241 * incorrect SO login PIN has been entered at least once since
\r
242 * the last successful authentication. */
\r
243 #define CKF_SO_PIN_COUNT_LOW 0x00100000
\r
245 /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
\r
246 * supplying an incorrect SO PIN will it to become locked. */
\r
247 #define CKF_SO_PIN_FINAL_TRY 0x00200000
\r
249 /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
\r
250 * PIN has been locked. SO login to the token is not possible.
\r
252 #define CKF_SO_PIN_LOCKED 0x00400000
\r
254 /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
\r
255 * the SO PIN value is the default value set by token
\r
256 * initialization or manufacturing, or the PIN has been
\r
257 * expired by the card. */
\r
258 #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
\r
260 typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
\r
263 /* CK_SESSION_HANDLE is a Cryptoki-assigned value that
\r
264 * identifies a session */
\r
265 typedef CK_ULONG CK_SESSION_HANDLE;
\r
267 typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
\r
270 /* CK_USER_TYPE enumerates the types of Cryptoki users */
\r
271 /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
\r
273 typedef CK_ULONG CK_USER_TYPE;
\r
274 /* Security Officer */
\r
280 /* CK_STATE enumerates the session states */
\r
281 /* CK_STATE has been changed from an enum to a CK_ULONG for
\r
283 typedef CK_ULONG CK_STATE;
\r
284 #define CKS_RO_PUBLIC_SESSION 0
\r
285 #define CKS_RO_USER_FUNCTIONS 1
\r
286 #define CKS_RW_PUBLIC_SESSION 2
\r
287 #define CKS_RW_USER_FUNCTIONS 3
\r
288 #define CKS_RW_SO_FUNCTIONS 4
\r
291 /* CK_SESSION_INFO provides information about a session */
\r
292 typedef struct CK_SESSION_INFO {
\r
295 CK_FLAGS flags; /* see below */
\r
297 /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
\r
299 CK_ULONG ulDeviceError; /* device-dependent error code */
\r
302 /* The flags are defined in the following table:
\r
303 * Bit Flag Mask Meaning
\r
305 #define CKF_RW_SESSION 0x00000002 /* session is r/w */
\r
306 #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */
\r
308 typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
\r
311 /* CK_OBJECT_HANDLE is a token-specific identifier for an
\r
313 typedef CK_ULONG CK_OBJECT_HANDLE;
\r
315 typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
\r
318 /* CK_OBJECT_CLASS is a value that identifies the classes (or
\r
319 * types) of objects that Cryptoki recognizes. It is defined
\r
321 /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
\r
323 typedef CK_ULONG CK_OBJECT_CLASS;
\r
325 /* The following classes of objects are defined: */
\r
326 /* CKO_HW_FEATURE is new for v2.10 */
\r
327 /* CKO_DOMAIN_PARAMETERS is new for v2.11 */
\r
328 #define CKO_DATA 0x00000000
\r
329 #define CKO_CERTIFICATE 0x00000001
\r
330 #define CKO_PUBLIC_KEY 0x00000002
\r
331 #define CKO_PRIVATE_KEY 0x00000003
\r
332 #define CKO_SECRET_KEY 0x00000004
\r
333 #define CKO_HW_FEATURE 0x00000005
\r
334 #define CKO_DOMAIN_PARAMETERS 0x00000006
\r
335 #define CKO_VENDOR_DEFINED 0x80000000
\r
337 typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
\r
339 /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
\r
340 * value that identifies the hardware feature type of an object
\r
341 * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
\r
342 typedef CK_ULONG CK_HW_FEATURE_TYPE;
\r
344 /* The following hardware feature types are defined */
\r
345 #define CKH_MONOTONIC_COUNTER 0x00000001
\r
346 #define CKH_CLOCK 0x00000002
\r
347 #define CKH_VENDOR_DEFINED 0x80000000
\r
349 /* CK_KEY_TYPE is a value that identifies a key type */
\r
350 /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
\r
351 typedef CK_ULONG CK_KEY_TYPE;
\r
353 /* the following key types are defined: */
\r
354 #define CKK_RSA 0x00000000
\r
355 #define CKK_DSA 0x00000001
\r
356 #define CKK_DH 0x00000002
\r
358 /* CKK_ECDSA and CKK_KEA are new for v2.0 */
\r
359 /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */
\r
360 #define CKK_ECDSA 0x00000003
\r
361 #define CKK_EC 0x00000003
\r
362 #define CKK_X9_42_DH 0x00000004
\r
363 #define CKK_KEA 0x00000005
\r
365 #define CKK_GENERIC_SECRET 0x00000010
\r
366 #define CKK_RC2 0x00000011
\r
367 #define CKK_RC4 0x00000012
\r
368 #define CKK_DES 0x00000013
\r
369 #define CKK_DES2 0x00000014
\r
370 #define CKK_DES3 0x00000015
\r
372 /* all these key types are new for v2.0 */
\r
373 #define CKK_CAST 0x00000016
\r
374 #define CKK_CAST3 0x00000017
\r
375 /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */
\r
376 #define CKK_CAST5 0x00000018
\r
377 #define CKK_CAST128 0x00000018
\r
378 #define CKK_RC5 0x00000019
\r
379 #define CKK_IDEA 0x0000001A
\r
380 #define CKK_SKIPJACK 0x0000001B
\r
381 #define CKK_BATON 0x0000001C
\r
382 #define CKK_JUNIPER 0x0000001D
\r
383 #define CKK_CDMF 0x0000001E
\r
384 #define CKK_AES 0x0000001F
\r
386 #define CKK_VENDOR_DEFINED 0x80000000
\r
389 /* CK_CERTIFICATE_TYPE is a value that identifies a certificate
\r
391 /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
\r
393 typedef CK_ULONG CK_CERTIFICATE_TYPE;
\r
395 /* The following certificate types are defined: */
\r
396 /* CKC_X_509_ATTR_CERT is new for v2.10 */
\r
397 #define CKC_X_509 0x00000000
\r
398 #define CKC_X_509_ATTR_CERT 0x00000001
\r
399 #define CKC_VENDOR_DEFINED 0x80000000
\r
402 /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
\r
404 /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
\r
406 typedef CK_ULONG CK_ATTRIBUTE_TYPE;
\r
408 /* The following attribute types are defined: */
\r
409 #define CKA_CLASS 0x00000000
\r
410 #define CKA_TOKEN 0x00000001
\r
411 #define CKA_PRIVATE 0x00000002
\r
412 #define CKA_LABEL 0x00000003
\r
413 #define CKA_APPLICATION 0x00000010
\r
414 #define CKA_VALUE 0x00000011
\r
416 /* CKA_OBJECT_ID is new for v2.10 */
\r
417 #define CKA_OBJECT_ID 0x00000012
\r
419 #define CKA_CERTIFICATE_TYPE 0x00000080
\r
420 #define CKA_ISSUER 0x00000081
\r
421 #define CKA_SERIAL_NUMBER 0x00000082
\r
423 /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new
\r
425 #define CKA_AC_ISSUER 0x00000083
\r
426 #define CKA_OWNER 0x00000084
\r
427 #define CKA_ATTR_TYPES 0x00000085
\r
429 /* CKA_TRUSTED is new for v2.11 */
\r
430 #define CKA_TRUSTED 0x00000086
\r
432 #define CKA_KEY_TYPE 0x00000100
\r
433 #define CKA_SUBJECT 0x00000101
\r
434 #define CKA_ID 0x00000102
\r
435 #define CKA_SENSITIVE 0x00000103
\r
436 #define CKA_ENCRYPT 0x00000104
\r
437 #define CKA_DECRYPT 0x00000105
\r
438 #define CKA_WRAP 0x00000106
\r
439 #define CKA_UNWRAP 0x00000107
\r
440 #define CKA_SIGN 0x00000108
\r
441 #define CKA_SIGN_RECOVER 0x00000109
\r
442 #define CKA_VERIFY 0x0000010A
\r
443 #define CKA_VERIFY_RECOVER 0x0000010B
\r
444 #define CKA_DERIVE 0x0000010C
\r
445 #define CKA_START_DATE 0x00000110
\r
446 #define CKA_END_DATE 0x00000111
\r
447 #define CKA_MODULUS 0x00000120
\r
448 #define CKA_MODULUS_BITS 0x00000121
\r
449 #define CKA_PUBLIC_EXPONENT 0x00000122
\r
450 #define CKA_PRIVATE_EXPONENT 0x00000123
\r
451 #define CKA_PRIME_1 0x00000124
\r
452 #define CKA_PRIME_2 0x00000125
\r
453 #define CKA_EXPONENT_1 0x00000126
\r
454 #define CKA_EXPONENT_2 0x00000127
\r
455 #define CKA_COEFFICIENT 0x00000128
\r
456 #define CKA_PRIME 0x00000130
\r
457 #define CKA_SUBPRIME 0x00000131
\r
458 #define CKA_BASE 0x00000132
\r
460 /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
\r
461 #define CKA_PRIME_BITS 0x00000133
\r
462 #define CKA_SUBPRIME_BITS 0x00000134
\r
463 #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS
\r
464 /* (To retain backwards-compatibility) */
\r
466 #define CKA_VALUE_BITS 0x00000160
\r
467 #define CKA_VALUE_LEN 0x00000161
\r
469 /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
\r
470 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
\r
471 * and CKA_EC_POINT are new for v2.0 */
\r
472 #define CKA_EXTRACTABLE 0x00000162
\r
473 #define CKA_LOCAL 0x00000163
\r
474 #define CKA_NEVER_EXTRACTABLE 0x00000164
\r
475 #define CKA_ALWAYS_SENSITIVE 0x00000165
\r
477 /* CKA_KEY_GEN_MECHANISM is new for v2.11 */
\r
478 #define CKA_KEY_GEN_MECHANISM 0x00000166
\r
480 #define CKA_MODIFIABLE 0x00000170
\r
482 /* CKA_ECDSA_PARAMS is deprecated in v2.11,
\r
483 * CKA_EC_PARAMS is preferred. */
\r
484 #define CKA_ECDSA_PARAMS 0x00000180
\r
485 #define CKA_EC_PARAMS 0x00000180
\r
487 #define CKA_EC_POINT 0x00000181
\r
489 /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
\r
490 * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
\r
491 * are new for v2.10 */
\r
492 #define CKA_SECONDARY_AUTH 0x00000200
\r
493 #define CKA_AUTH_PIN_FLAGS 0x00000201
\r
494 #define CKA_HW_FEATURE_TYPE 0x00000300
\r
495 #define CKA_RESET_ON_INIT 0x00000301
\r
496 #define CKA_HAS_RESET 0x00000302
\r
498 #define CKA_VENDOR_DEFINED 0x80000000
\r
501 /* CK_ATTRIBUTE is a structure that includes the type, length
\r
502 * and value of an attribute */
\r
503 typedef struct CK_ATTRIBUTE {
\r
504 CK_ATTRIBUTE_TYPE type;
\r
505 CK_VOID_PTR pValue;
\r
507 /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
\r
508 CK_ULONG ulValueLen; /* in bytes */
\r
511 typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
\r
514 /* CK_DATE is a structure that defines a date */
\r
515 typedef struct CK_DATE{
\r
516 CK_CHAR year[4]; /* the year ("1900" - "9999") */
\r
517 CK_CHAR month[2]; /* the month ("01" - "12") */
\r
518 CK_CHAR day[2]; /* the day ("01" - "31") */
\r
522 /* CK_MECHANISM_TYPE is a value that identifies a mechanism
\r
524 /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
\r
526 typedef CK_ULONG CK_MECHANISM_TYPE;
\r
528 /* the following mechanism types are defined: */
\r
529 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
\r
530 #define CKM_RSA_PKCS 0x00000001
\r
531 #define CKM_RSA_9796 0x00000002
\r
532 #define CKM_RSA_X_509 0x00000003
\r
534 /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
\r
535 * are new for v2.0. They are mechanisms which hash and sign */
\r
536 #define CKM_MD2_RSA_PKCS 0x00000004
\r
537 #define CKM_MD5_RSA_PKCS 0x00000005
\r
538 #define CKM_SHA1_RSA_PKCS 0x00000006
\r
540 /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and
\r
541 * CKM_RSA_PKCS_OAEP are new for v2.10 */
\r
542 #define CKM_RIPEMD128_RSA_PKCS 0x00000007
\r
543 #define CKM_RIPEMD160_RSA_PKCS 0x00000008
\r
544 #define CKM_RSA_PKCS_OAEP 0x00000009
\r
546 /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
\r
547 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
\r
548 #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A
\r
549 #define CKM_RSA_X9_31 0x0000000B
\r
550 #define CKM_SHA1_RSA_X9_31 0x0000000C
\r
551 #define CKM_RSA_PKCS_PSS 0x0000000D
\r
552 #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
\r
554 #define CKM_DSA_KEY_PAIR_GEN 0x00000010
\r
555 #define CKM_DSA 0x00000011
\r
556 #define CKM_DSA_SHA1 0x00000012
\r
557 #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
\r
558 #define CKM_DH_PKCS_DERIVE 0x00000021
\r
560 /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
\r
561 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for
\r
563 #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030
\r
564 #define CKM_X9_42_DH_DERIVE 0x00000031
\r
565 #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032
\r
566 #define CKM_X9_42_MQV_DERIVE 0x00000033
\r
568 #define CKM_RC2_KEY_GEN 0x00000100
\r
569 #define CKM_RC2_ECB 0x00000101
\r
570 #define CKM_RC2_CBC 0x00000102
\r
571 #define CKM_RC2_MAC 0x00000103
\r
573 /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
\r
574 #define CKM_RC2_MAC_GENERAL 0x00000104
\r
575 #define CKM_RC2_CBC_PAD 0x00000105
\r
577 #define CKM_RC4_KEY_GEN 0x00000110
\r
578 #define CKM_RC4 0x00000111
\r
579 #define CKM_DES_KEY_GEN 0x00000120
\r
580 #define CKM_DES_ECB 0x00000121
\r
581 #define CKM_DES_CBC 0x00000122
\r
582 #define CKM_DES_MAC 0x00000123
\r
584 /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
\r
585 #define CKM_DES_MAC_GENERAL 0x00000124
\r
586 #define CKM_DES_CBC_PAD 0x00000125
\r
588 #define CKM_DES2_KEY_GEN 0x00000130
\r
589 #define CKM_DES3_KEY_GEN 0x00000131
\r
590 #define CKM_DES3_ECB 0x00000132
\r
591 #define CKM_DES3_CBC 0x00000133
\r
592 #define CKM_DES3_MAC 0x00000134
\r
594 /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
\r
595 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
\r
596 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
\r
597 #define CKM_DES3_MAC_GENERAL 0x00000135
\r
598 #define CKM_DES3_CBC_PAD 0x00000136
\r
599 #define CKM_CDMF_KEY_GEN 0x00000140
\r
600 #define CKM_CDMF_ECB 0x00000141
\r
601 #define CKM_CDMF_CBC 0x00000142
\r
602 #define CKM_CDMF_MAC 0x00000143
\r
603 #define CKM_CDMF_MAC_GENERAL 0x00000144
\r
604 #define CKM_CDMF_CBC_PAD 0x00000145
\r
606 #define CKM_MD2 0x00000200
\r
608 /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
\r
609 #define CKM_MD2_HMAC 0x00000201
\r
610 #define CKM_MD2_HMAC_GENERAL 0x00000202
\r
612 #define CKM_MD5 0x00000210
\r
614 /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
\r
615 #define CKM_MD5_HMAC 0x00000211
\r
616 #define CKM_MD5_HMAC_GENERAL 0x00000212
\r
618 #define CKM_SHA_1 0x00000220
\r
620 /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
\r
621 #define CKM_SHA_1_HMAC 0x00000221
\r
622 #define CKM_SHA_1_HMAC_GENERAL 0x00000222
\r
624 /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC,
\r
625 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
\r
626 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
\r
627 #define CKM_RIPEMD128 0x00000230
\r
628 #define CKM_RIPEMD128_HMAC 0x00000231
\r
629 #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232
\r
630 #define CKM_RIPEMD160 0x00000240
\r
631 #define CKM_RIPEMD160_HMAC 0x00000241
\r
632 #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242
\r
634 /* All of the following mechanisms are new for v2.0 */
\r
635 /* Note that CAST128 and CAST5 are the same algorithm */
\r
636 #define CKM_CAST_KEY_GEN 0x00000300
\r
637 #define CKM_CAST_ECB 0x00000301
\r
638 #define CKM_CAST_CBC 0x00000302
\r
639 #define CKM_CAST_MAC 0x00000303
\r
640 #define CKM_CAST_MAC_GENERAL 0x00000304
\r
641 #define CKM_CAST_CBC_PAD 0x00000305
\r
642 #define CKM_CAST3_KEY_GEN 0x00000310
\r
643 #define CKM_CAST3_ECB 0x00000311
\r
644 #define CKM_CAST3_CBC 0x00000312
\r
645 #define CKM_CAST3_MAC 0x00000313
\r
646 #define CKM_CAST3_MAC_GENERAL 0x00000314
\r
647 #define CKM_CAST3_CBC_PAD 0x00000315
\r
648 #define CKM_CAST5_KEY_GEN 0x00000320
\r
649 #define CKM_CAST128_KEY_GEN 0x00000320
\r
650 #define CKM_CAST5_ECB 0x00000321
\r
651 #define CKM_CAST128_ECB 0x00000321
\r
652 #define CKM_CAST5_CBC 0x00000322
\r
653 #define CKM_CAST128_CBC 0x00000322
\r
654 #define CKM_CAST5_MAC 0x00000323
\r
655 #define CKM_CAST128_MAC 0x00000323
\r
656 #define CKM_CAST5_MAC_GENERAL 0x00000324
\r
657 #define CKM_CAST128_MAC_GENERAL 0x00000324
\r
658 #define CKM_CAST5_CBC_PAD 0x00000325
\r
659 #define CKM_CAST128_CBC_PAD 0x00000325
\r
660 #define CKM_RC5_KEY_GEN 0x00000330
\r
661 #define CKM_RC5_ECB 0x00000331
\r
662 #define CKM_RC5_CBC 0x00000332
\r
663 #define CKM_RC5_MAC 0x00000333
\r
664 #define CKM_RC5_MAC_GENERAL 0x00000334
\r
665 #define CKM_RC5_CBC_PAD 0x00000335
\r
666 #define CKM_IDEA_KEY_GEN 0x00000340
\r
667 #define CKM_IDEA_ECB 0x00000341
\r
668 #define CKM_IDEA_CBC 0x00000342
\r
669 #define CKM_IDEA_MAC 0x00000343
\r
670 #define CKM_IDEA_MAC_GENERAL 0x00000344
\r
671 #define CKM_IDEA_CBC_PAD 0x00000345
\r
672 #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
\r
673 #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
\r
674 #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
\r
675 #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
\r
676 #define CKM_XOR_BASE_AND_DATA 0x00000364
\r
677 #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
\r
678 #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
\r
679 #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
\r
680 #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
\r
682 /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
\r
683 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and
\r
684 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */
\r
685 #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373
\r
686 #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374
\r
687 #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375
\r
688 #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376
\r
689 #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377
\r
691 #define CKM_SSL3_MD5_MAC 0x00000380
\r
692 #define CKM_SSL3_SHA1_MAC 0x00000381
\r
693 #define CKM_MD5_KEY_DERIVATION 0x00000390
\r
694 #define CKM_MD2_KEY_DERIVATION 0x00000391
\r
695 #define CKM_SHA1_KEY_DERIVATION 0x00000392
\r
696 #define CKM_PBE_MD2_DES_CBC 0x000003A0
\r
697 #define CKM_PBE_MD5_DES_CBC 0x000003A1
\r
698 #define CKM_PBE_MD5_CAST_CBC 0x000003A2
\r
699 #define CKM_PBE_MD5_CAST3_CBC 0x000003A3
\r
700 #define CKM_PBE_MD5_CAST5_CBC 0x000003A4
\r
701 #define CKM_PBE_MD5_CAST128_CBC 0x000003A4
\r
702 #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
\r
703 #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
\r
704 #define CKM_PBE_SHA1_RC4_128 0x000003A6
\r
705 #define CKM_PBE_SHA1_RC4_40 0x000003A7
\r
706 #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
\r
707 #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
\r
708 #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
\r
709 #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
\r
711 /* CKM_PKCS5_PBKD2 is new for v2.10 */
\r
712 #define CKM_PKCS5_PBKD2 0x000003B0
\r
714 #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
\r
715 #define CKM_KEY_WRAP_LYNKS 0x00000400
\r
716 #define CKM_KEY_WRAP_SET_OAEP 0x00000401
\r
718 /* Fortezza mechanisms */
\r
719 #define CKM_SKIPJACK_KEY_GEN 0x00001000
\r
720 #define CKM_SKIPJACK_ECB64 0x00001001
\r
721 #define CKM_SKIPJACK_CBC64 0x00001002
\r
722 #define CKM_SKIPJACK_OFB64 0x00001003
\r
723 #define CKM_SKIPJACK_CFB64 0x00001004
\r
724 #define CKM_SKIPJACK_CFB32 0x00001005
\r
725 #define CKM_SKIPJACK_CFB16 0x00001006
\r
726 #define CKM_SKIPJACK_CFB8 0x00001007
\r
727 #define CKM_SKIPJACK_WRAP 0x00001008
\r
728 #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
\r
729 #define CKM_SKIPJACK_RELAYX 0x0000100a
\r
730 #define CKM_KEA_KEY_PAIR_GEN 0x00001010
\r
731 #define CKM_KEA_KEY_DERIVE 0x00001011
\r
732 #define CKM_FORTEZZA_TIMESTAMP 0x00001020
\r
733 #define CKM_BATON_KEY_GEN 0x00001030
\r
734 #define CKM_BATON_ECB128 0x00001031
\r
735 #define CKM_BATON_ECB96 0x00001032
\r
736 #define CKM_BATON_CBC128 0x00001033
\r
737 #define CKM_BATON_COUNTER 0x00001034
\r
738 #define CKM_BATON_SHUFFLE 0x00001035
\r
739 #define CKM_BATON_WRAP 0x00001036
\r
741 /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,
\r
742 * CKM_EC_KEY_PAIR_GEN is preferred */
\r
743 #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040
\r
744 #define CKM_EC_KEY_PAIR_GEN 0x00001040
\r
746 #define CKM_ECDSA 0x00001041
\r
747 #define CKM_ECDSA_SHA1 0x00001042
\r
749 /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE
\r
750 * are new for v2.11 */
\r
751 #define CKM_ECDH1_DERIVE 0x00001050
\r
752 #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051
\r
753 #define CKM_ECMQV_DERIVE 0x00001052
\r
755 #define CKM_JUNIPER_KEY_GEN 0x00001060
\r
756 #define CKM_JUNIPER_ECB128 0x00001061
\r
757 #define CKM_JUNIPER_CBC128 0x00001062
\r
758 #define CKM_JUNIPER_COUNTER 0x00001063
\r
759 #define CKM_JUNIPER_SHUFFLE 0x00001064
\r
760 #define CKM_JUNIPER_WRAP 0x00001065
\r
761 #define CKM_FASTHASH 0x00001070
\r
763 /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC,
\r
764 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN,
\r
765 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are
\r
767 #define CKM_AES_KEY_GEN 0x00001080
\r
768 #define CKM_AES_ECB 0x00001081
\r
769 #define CKM_AES_CBC 0x00001082
\r
770 #define CKM_AES_MAC 0x00001083
\r
771 #define CKM_AES_MAC_GENERAL 0x00001084
\r
772 #define CKM_AES_CBC_PAD 0x00001085
\r
773 #define CKM_DSA_PARAMETER_GEN 0x00002000
\r
774 #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
\r
775 #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002
\r
777 #define CKM_VENDOR_DEFINED 0x80000000
\r
779 typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
\r
782 /* CK_MECHANISM is a structure that specifies a particular
\r
784 typedef struct CK_MECHANISM {
\r
785 CK_MECHANISM_TYPE mechanism;
\r
786 CK_VOID_PTR pParameter;
\r
788 /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
\r
790 CK_ULONG ulParameterLen; /* in bytes */
\r
793 typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
\r
796 /* CK_MECHANISM_INFO provides information about a particular
\r
798 typedef struct CK_MECHANISM_INFO {
\r
799 CK_ULONG ulMinKeySize;
\r
800 CK_ULONG ulMaxKeySize;
\r
802 } CK_MECHANISM_INFO;
\r
804 /* The flags are defined as follows:
\r
805 * Bit Flag Mask Meaning */
\r
806 #define CKF_HW 0x00000001 /* performed by HW */
\r
808 /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
\r
809 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
\r
810 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
\r
811 * and CKF_DERIVE are new for v2.0. They specify whether or not
\r
812 * a mechanism can be used for a particular task */
\r
813 #define CKF_ENCRYPT 0x00000100
\r
814 #define CKF_DECRYPT 0x00000200
\r
815 #define CKF_DIGEST 0x00000400
\r
816 #define CKF_SIGN 0x00000800
\r
817 #define CKF_SIGN_RECOVER 0x00001000
\r
818 #define CKF_VERIFY 0x00002000
\r
819 #define CKF_VERIFY_RECOVER 0x00004000
\r
820 #define CKF_GENERATE 0x00008000
\r
821 #define CKF_GENERATE_KEY_PAIR 0x00010000
\r
822 #define CKF_WRAP 0x00020000
\r
823 #define CKF_UNWRAP 0x00040000
\r
824 #define CKF_DERIVE 0x00080000
\r
826 /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
\r
827 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They
\r
828 * describe a token's EC capabilities not available in mechanism
\r
830 #define CKF_EC_F_P 0x00100000
\r
831 #define CKF_EC_F_2M 0x00200000
\r
832 #define CKF_EC_ECPARAMETERS 0x00400000
\r
833 #define CKF_EC_NAMEDCURVE 0x00800000
\r
834 #define CKF_EC_UNCOMPRESS 0x01000000
\r
835 #define CKF_EC_COMPRESS 0x02000000
\r
837 #define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */
\r
839 typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
\r
842 /* CK_RV is a value that identifies the return value of a
\r
843 * Cryptoki function */
\r
844 /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
\r
845 typedef CK_ULONG CK_RV;
\r
847 #define CKR_OK 0x00000000
\r
848 #define CKR_CANCEL 0x00000001
\r
849 #define CKR_HOST_MEMORY 0x00000002
\r
850 #define CKR_SLOT_ID_INVALID 0x00000003
\r
852 /* CKR_FLAGS_INVALID was removed for v2.0 */
\r
854 /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
\r
855 #define CKR_GENERAL_ERROR 0x00000005
\r
856 #define CKR_FUNCTION_FAILED 0x00000006
\r
858 /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
\r
859 * and CKR_CANT_LOCK are new for v2.01 */
\r
860 #define CKR_ARGUMENTS_BAD 0x00000007
\r
861 #define CKR_NO_EVENT 0x00000008
\r
862 #define CKR_NEED_TO_CREATE_THREADS 0x00000009
\r
863 #define CKR_CANT_LOCK 0x0000000A
\r
865 #define CKR_ATTRIBUTE_READ_ONLY 0x00000010
\r
866 #define CKR_ATTRIBUTE_SENSITIVE 0x00000011
\r
867 #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
\r
868 #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
\r
869 #define CKR_DATA_INVALID 0x00000020
\r
870 #define CKR_DATA_LEN_RANGE 0x00000021
\r
871 #define CKR_DEVICE_ERROR 0x00000030
\r
872 #define CKR_DEVICE_MEMORY 0x00000031
\r
873 #define CKR_DEVICE_REMOVED 0x00000032
\r
874 #define CKR_ENCRYPTED_DATA_INVALID 0x00000040
\r
875 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
\r
876 #define CKR_FUNCTION_CANCELED 0x00000050
\r
877 #define CKR_FUNCTION_NOT_PARALLEL 0x00000051
\r
879 /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
\r
880 #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
\r
882 #define CKR_KEY_HANDLE_INVALID 0x00000060
\r
884 /* CKR_KEY_SENSITIVE was removed for v2.0 */
\r
886 #define CKR_KEY_SIZE_RANGE 0x00000062
\r
887 #define CKR_KEY_TYPE_INCONSISTENT 0x00000063
\r
889 /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
\r
890 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
\r
891 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
\r
893 #define CKR_KEY_NOT_NEEDED 0x00000064
\r
894 #define CKR_KEY_CHANGED 0x00000065
\r
895 #define CKR_KEY_NEEDED 0x00000066
\r
896 #define CKR_KEY_INDIGESTIBLE 0x00000067
\r
897 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
\r
898 #define CKR_KEY_NOT_WRAPPABLE 0x00000069
\r
899 #define CKR_KEY_UNEXTRACTABLE 0x0000006A
\r
901 #define CKR_MECHANISM_INVALID 0x00000070
\r
902 #define CKR_MECHANISM_PARAM_INVALID 0x00000071
\r
904 /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
\r
905 * were removed for v2.0 */
\r
906 #define CKR_OBJECT_HANDLE_INVALID 0x00000082
\r
907 #define CKR_OPERATION_ACTIVE 0x00000090
\r
908 #define CKR_OPERATION_NOT_INITIALIZED 0x00000091
\r
909 #define CKR_PIN_INCORRECT 0x000000A0
\r
910 #define CKR_PIN_INVALID 0x000000A1
\r
911 #define CKR_PIN_LEN_RANGE 0x000000A2
\r
913 /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
\r
914 #define CKR_PIN_EXPIRED 0x000000A3
\r
915 #define CKR_PIN_LOCKED 0x000000A4
\r
917 #define CKR_SESSION_CLOSED 0x000000B0
\r
918 #define CKR_SESSION_COUNT 0x000000B1
\r
919 #define CKR_SESSION_HANDLE_INVALID 0x000000B3
\r
920 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
\r
921 #define CKR_SESSION_READ_ONLY 0x000000B5
\r
922 #define CKR_SESSION_EXISTS 0x000000B6
\r
924 /* CKR_SESSION_READ_ONLY_EXISTS and
\r
925 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
\r
926 #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
\r
927 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
\r
929 #define CKR_SIGNATURE_INVALID 0x000000C0
\r
930 #define CKR_SIGNATURE_LEN_RANGE 0x000000C1
\r
931 #define CKR_TEMPLATE_INCOMPLETE 0x000000D0
\r
932 #define CKR_TEMPLATE_INCONSISTENT 0x000000D1
\r
933 #define CKR_TOKEN_NOT_PRESENT 0x000000E0
\r
934 #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
\r
935 #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
\r
936 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
\r
937 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
\r
938 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
\r
939 #define CKR_USER_ALREADY_LOGGED_IN 0x00000100
\r
940 #define CKR_USER_NOT_LOGGED_IN 0x00000101
\r
941 #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
\r
942 #define CKR_USER_TYPE_INVALID 0x00000103
\r
944 /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
\r
945 * are new to v2.01 */
\r
946 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
\r
947 #define CKR_USER_TOO_MANY_TYPES 0x00000105
\r
949 #define CKR_WRAPPED_KEY_INVALID 0x00000110
\r
950 #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
\r
951 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
\r
952 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
\r
953 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
\r
954 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
\r
956 /* These are new to v2.0 */
\r
957 #define CKR_RANDOM_NO_RNG 0x00000121
\r
959 /* These are new to v2.11 */
\r
960 #define CKR_DOMAIN_PARAMS_INVALID 0x00000130
\r
962 /* These are new to v2.0 */
\r
963 #define CKR_BUFFER_TOO_SMALL 0x00000150
\r
964 #define CKR_SAVED_STATE_INVALID 0x00000160
\r
965 #define CKR_INFORMATION_SENSITIVE 0x00000170
\r
966 #define CKR_STATE_UNSAVEABLE 0x00000180
\r
968 /* These are new to v2.01 */
\r
969 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
\r
970 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
\r
971 #define CKR_MUTEX_BAD 0x000001A0
\r
972 #define CKR_MUTEX_NOT_LOCKED 0x000001A1
\r
974 #define CKR_VENDOR_DEFINED 0x80000000
\r
977 /* CK_NOTIFY is an application callback that processes events */
\r
978 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
\r
979 CK_SESSION_HANDLE hSession, /* the session's handle */
\r
980 CK_NOTIFICATION event,
\r
981 CK_VOID_PTR pApplication /* passed to C_OpenSession */
\r
985 /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec
\r
986 * version and pointers of appropriate types to all the
\r
987 * Cryptoki functions */
\r
988 /* CK_FUNCTION_LIST is new for v2.0 */
\r
989 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
\r
991 typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
\r
993 typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
\r
996 /* CK_CREATEMUTEX is an application callback for creating a
\r
998 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
\r
999 CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
\r
1003 /* CK_DESTROYMUTEX is an application callback for destroying a
\r
1005 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
\r
1006 CK_VOID_PTR pMutex /* pointer to mutex */
\r
1010 /* CK_LOCKMUTEX is an application callback for locking a mutex */
\r
1011 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
\r
1012 CK_VOID_PTR pMutex /* pointer to mutex */
\r
1016 /* CK_UNLOCKMUTEX is an application callback for unlocking a
\r
1018 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
\r
1019 CK_VOID_PTR pMutex /* pointer to mutex */
\r
1023 /* CK_C_INITIALIZE_ARGS provides the optional arguments to
\r
1025 typedef struct CK_C_INITIALIZE_ARGS {
\r
1026 CK_CREATEMUTEX CreateMutex;
\r
1027 CK_DESTROYMUTEX DestroyMutex;
\r
1028 CK_LOCKMUTEX LockMutex;
\r
1029 CK_UNLOCKMUTEX UnlockMutex;
\r
1031 CK_VOID_PTR pReserved;
\r
1032 } CK_C_INITIALIZE_ARGS;
\r
1034 /* flags: bit flags that provide capabilities of the slot
\r
1035 * Bit Flag Mask Meaning
\r
1037 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
\r
1038 #define CKF_OS_LOCKING_OK 0x00000002
\r
1040 typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
\r
1043 /* additional flags for parameters to functions */
\r
1045 /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
\r
1046 #define CKF_DONT_BLOCK 1
\r
1048 /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
\r
1049 * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message
\r
1050 * Generation Function (MGF) applied to a message block when
\r
1051 * formatting a message block for the PKCS #1 OAEP encryption
\r
1053 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
\r
1055 typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;
\r
1057 /* The following MGFs are defined */
\r
1058 #define CKG_MGF1_SHA1 0x00000001
\r
1060 /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
\r
1061 * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
\r
1062 * of the encoding parameter when formatting a message block
\r
1063 * for the PKCS #1 OAEP encryption scheme. */
\r
1064 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
\r
1066 typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
\r
1068 /* The following encoding parameter sources are defined */
\r
1069 #define CKZ_DATA_SPECIFIED 0x00000001
\r
1071 /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
\r
1072 * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
\r
1073 * CKM_RSA_PKCS_OAEP mechanism. */
\r
1074 typedef struct CK_RSA_PKCS_OAEP_PARAMS {
\r
1075 CK_MECHANISM_TYPE hashAlg;
\r
1076 CK_RSA_PKCS_MGF_TYPE mgf;
\r
1077 CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
\r
1078 CK_VOID_PTR pSourceData;
\r
1079 CK_ULONG ulSourceDataLen;
\r
1080 } CK_RSA_PKCS_OAEP_PARAMS;
\r
1082 typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
\r
1084 /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11.
\r
1085 * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
\r
1086 * CKM_RSA_PKCS_PSS mechanism(s). */
\r
1087 typedef struct CK_RSA_PKCS_PSS_PARAMS {
\r
1088 CK_MECHANISM_TYPE hashAlg;
\r
1089 CK_RSA_PKCS_MGF_TYPE mgf;
\r
1091 } CK_RSA_PKCS_PSS_PARAMS;
\r
1093 typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;
\r
1095 /* CK_EC_KDF_TYPE is new for v2.11. */
\r
1096 typedef CK_ULONG CK_EC_KDF_TYPE;
\r
1098 /* The following EC Key Derivation Functions are defined */
\r
1099 #define CKD_NULL 0x00000001
\r
1100 #define CKD_SHA1_KDF 0x00000002
\r
1102 /* CK_ECDH1_DERIVE_PARAMS is new for v2.11.
\r
1103 * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
\r
1104 * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,
\r
1105 * where each party contributes one key pair.
\r
1107 typedef struct CK_ECDH1_DERIVE_PARAMS {
\r
1108 CK_EC_KDF_TYPE kdf;
\r
1109 CK_ULONG ulSharedDataLen;
\r
1110 CK_BYTE_PTR pSharedData;
\r
1111 CK_ULONG ulPublicDataLen;
\r
1112 CK_BYTE_PTR pPublicData;
\r
1113 } CK_ECDH1_DERIVE_PARAMS;
\r
1115 typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;
\r
1118 /* CK_ECDH2_DERIVE_PARAMS is new for v2.11.
\r
1119 * CK_ECDH2_DERIVE_PARAMS provides the parameters to the
\r
1120 * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */
\r
1121 typedef struct CK_ECDH2_DERIVE_PARAMS {
\r
1122 CK_EC_KDF_TYPE kdf;
\r
1123 CK_ULONG ulSharedDataLen;
\r
1124 CK_BYTE_PTR pSharedData;
\r
1125 CK_ULONG ulPublicDataLen;
\r
1126 CK_BYTE_PTR pPublicData;
\r
1127 CK_ULONG ulPrivateDataLen;
\r
1128 CK_OBJECT_HANDLE hPrivateData;
\r
1129 CK_ULONG ulPublicDataLen2;
\r
1130 CK_BYTE_PTR pPublicData2;
\r
1131 } CK_ECDH2_DERIVE_PARAMS;
\r
1133 typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR;
\r
1135 /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the
\r
1136 * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */
\r
1137 typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;
\r
1138 typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;
\r
1140 /* The following X9.42 DH key derivation functions are defined: */
\r
1141 #define CKD_NULL 0x00000001
\r
1142 #define CKD_SHA1_KDF_ASN1 0x00000003
\r
1143 #define CKD_SHA1_KDF_CONCATENATE 0x00000004
\r
1145 /* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11.
\r
1146 * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the
\r
1147 * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party
\r
1148 * contributes one key pair */
\r
1149 typedef struct CK_X9_42_DH1_DERIVE_PARAMS {
\r
1150 CK_X9_42_DH_KDF_TYPE kdf;
\r
1151 CK_ULONG ulOtherInfoLen;
\r
1152 CK_BYTE_PTR pOtherInfo;
\r
1153 CK_ULONG ulPublicDataLen;
\r
1154 CK_BYTE_PTR pPublicData;
\r
1155 } CK_X9_42_DH1_DERIVE_PARAMS;
\r
1157 typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;
\r
1159 /* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11.
\r
1160 * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the
\r
1161 * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation
\r
1162 * mechanisms, where each party contributes two key pairs */
\r
1163 typedef struct CK_X9_42_DH2_DERIVE_PARAMS {
\r
1164 CK_X9_42_DH_KDF_TYPE kdf;
\r
1165 CK_ULONG ulOtherInfoLen;
\r
1166 CK_BYTE_PTR pOtherInfo;
\r
1167 CK_ULONG ulPublicDataLen;
\r
1168 CK_BYTE_PTR pPublicData;
\r
1169 CK_ULONG ulPrivateDataLen;
\r
1170 CK_OBJECT_HANDLE hPrivateData;
\r
1171 CK_ULONG ulPublicDataLen2;
\r
1172 CK_BYTE_PTR pPublicData2;
\r
1173 } CK_X9_42_DH2_DERIVE_PARAMS;
\r
1175 typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;
\r
1177 /* CK_KEA_DERIVE_PARAMS provides the parameters to the
\r
1178 * CKM_KEA_DERIVE mechanism */
\r
1179 /* CK_KEA_DERIVE_PARAMS is new for v2.0 */
\r
1180 typedef struct CK_KEA_DERIVE_PARAMS {
\r
1181 CK_BBOOL isSender;
\r
1182 CK_ULONG ulRandomLen;
\r
1183 CK_BYTE_PTR pRandomA;
\r
1184 CK_BYTE_PTR pRandomB;
\r
1185 CK_ULONG ulPublicDataLen;
\r
1186 CK_BYTE_PTR pPublicData;
\r
1187 } CK_KEA_DERIVE_PARAMS;
\r
1189 typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
\r
1192 /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
\r
1193 * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
\r
1194 * holds the effective keysize */
\r
1195 typedef CK_ULONG CK_RC2_PARAMS;
\r
1197 typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
\r
1200 /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
\r
1202 typedef struct CK_RC2_CBC_PARAMS {
\r
1203 /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
\r
1205 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
\r
1207 CK_BYTE iv[8]; /* IV for CBC mode */
\r
1208 } CK_RC2_CBC_PARAMS;
\r
1210 typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
\r
1213 /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
\r
1214 * CKM_RC2_MAC_GENERAL mechanism */
\r
1215 /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
\r
1216 typedef struct CK_RC2_MAC_GENERAL_PARAMS {
\r
1217 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
\r
1218 CK_ULONG ulMacLength; /* Length of MAC in bytes */
\r
1219 } CK_RC2_MAC_GENERAL_PARAMS;
\r
1221 typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
\r
1222 CK_RC2_MAC_GENERAL_PARAMS_PTR;
\r
1225 /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
\r
1226 * CKM_RC5_MAC mechanisms */
\r
1227 /* CK_RC5_PARAMS is new for v2.0 */
\r
1228 typedef struct CK_RC5_PARAMS {
\r
1229 CK_ULONG ulWordsize; /* wordsize in bits */
\r
1230 CK_ULONG ulRounds; /* number of rounds */
\r
1233 typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
\r
1236 /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
\r
1238 /* CK_RC5_CBC_PARAMS is new for v2.0 */
\r
1239 typedef struct CK_RC5_CBC_PARAMS {
\r
1240 CK_ULONG ulWordsize; /* wordsize in bits */
\r
1241 CK_ULONG ulRounds; /* number of rounds */
\r
1242 CK_BYTE_PTR pIv; /* pointer to IV */
\r
1243 CK_ULONG ulIvLen; /* length of IV in bytes */
\r
1244 } CK_RC5_CBC_PARAMS;
\r
1246 typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
\r
1249 /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
\r
1250 * CKM_RC5_MAC_GENERAL mechanism */
\r
1251 /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
\r
1252 typedef struct CK_RC5_MAC_GENERAL_PARAMS {
\r
1253 CK_ULONG ulWordsize; /* wordsize in bits */
\r
1254 CK_ULONG ulRounds; /* number of rounds */
\r
1255 CK_ULONG ulMacLength; /* Length of MAC in bytes */
\r
1256 } CK_RC5_MAC_GENERAL_PARAMS;
\r
1258 typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
\r
1259 CK_RC5_MAC_GENERAL_PARAMS_PTR;
\r
1262 /* CK_MAC_GENERAL_PARAMS provides the parameters to most block
\r
1263 * ciphers' MAC_GENERAL mechanisms. Its value is the length of
\r
1265 /* CK_MAC_GENERAL_PARAMS is new for v2.0 */
\r
1266 typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
\r
1268 typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
\r
1271 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
\r
1272 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
\r
1273 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
\r
1274 typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
\r
1275 CK_ULONG ulPasswordLen;
\r
1276 CK_BYTE_PTR pPassword;
\r
1277 CK_ULONG ulPublicDataLen;
\r
1278 CK_BYTE_PTR pPublicData;
\r
1279 CK_ULONG ulPAndGLen;
\r
1281 CK_ULONG ulRandomLen;
\r
1282 CK_BYTE_PTR pRandomA;
\r
1283 CK_BYTE_PTR pPrimeP;
\r
1284 CK_BYTE_PTR pBaseG;
\r
1285 CK_BYTE_PTR pSubprimeQ;
\r
1286 } CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
\r
1288 typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
\r
1289 CK_SKIPJACK_PRIVATE_WRAP_PTR;
\r
1292 /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
\r
1293 * CKM_SKIPJACK_RELAYX mechanism */
\r
1294 /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
\r
1295 typedef struct CK_SKIPJACK_RELAYX_PARAMS {
\r
1296 CK_ULONG ulOldWrappedXLen;
\r
1297 CK_BYTE_PTR pOldWrappedX;
\r
1298 CK_ULONG ulOldPasswordLen;
\r
1299 CK_BYTE_PTR pOldPassword;
\r
1300 CK_ULONG ulOldPublicDataLen;
\r
1301 CK_BYTE_PTR pOldPublicData;
\r
1302 CK_ULONG ulOldRandomLen;
\r
1303 CK_BYTE_PTR pOldRandomA;
\r
1304 CK_ULONG ulNewPasswordLen;
\r
1305 CK_BYTE_PTR pNewPassword;
\r
1306 CK_ULONG ulNewPublicDataLen;
\r
1307 CK_BYTE_PTR pNewPublicData;
\r
1308 CK_ULONG ulNewRandomLen;
\r
1309 CK_BYTE_PTR pNewRandomA;
\r
1310 } CK_SKIPJACK_RELAYX_PARAMS;
\r
1312 typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
\r
1313 CK_SKIPJACK_RELAYX_PARAMS_PTR;
\r
1316 typedef struct CK_PBE_PARAMS {
\r
1317 CK_BYTE_PTR pInitVector;
\r
1318 CK_UTF8CHAR_PTR pPassword;
\r
1319 CK_ULONG ulPasswordLen;
\r
1320 CK_BYTE_PTR pSalt;
\r
1321 CK_ULONG ulSaltLen;
\r
1322 CK_ULONG ulIteration;
\r
1325 typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
\r
1328 /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
\r
1329 * CKM_KEY_WRAP_SET_OAEP mechanism */
\r
1330 /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
\r
1331 typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
\r
1332 CK_BYTE bBC; /* block contents byte */
\r
1333 CK_BYTE_PTR pX; /* extra data */
\r
1334 CK_ULONG ulXLen; /* length of extra data in bytes */
\r
1335 } CK_KEY_WRAP_SET_OAEP_PARAMS;
\r
1337 typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
\r
1338 CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
\r
1341 typedef struct CK_SSL3_RANDOM_DATA {
\r
1342 CK_BYTE_PTR pClientRandom;
\r
1343 CK_ULONG ulClientRandomLen;
\r
1344 CK_BYTE_PTR pServerRandom;
\r
1345 CK_ULONG ulServerRandomLen;
\r
1346 } CK_SSL3_RANDOM_DATA;
\r
1349 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
\r
1350 CK_SSL3_RANDOM_DATA RandomInfo;
\r
1351 CK_VERSION_PTR pVersion;
\r
1352 } CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
\r
1354 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
\r
1355 CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
\r
1358 typedef struct CK_SSL3_KEY_MAT_OUT {
\r
1359 CK_OBJECT_HANDLE hClientMacSecret;
\r
1360 CK_OBJECT_HANDLE hServerMacSecret;
\r
1361 CK_OBJECT_HANDLE hClientKey;
\r
1362 CK_OBJECT_HANDLE hServerKey;
\r
1363 CK_BYTE_PTR pIVClient;
\r
1364 CK_BYTE_PTR pIVServer;
\r
1365 } CK_SSL3_KEY_MAT_OUT;
\r
1367 typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
\r
1370 typedef struct CK_SSL3_KEY_MAT_PARAMS {
\r
1371 CK_ULONG ulMacSizeInBits;
\r
1372 CK_ULONG ulKeySizeInBits;
\r
1373 CK_ULONG ulIVSizeInBits;
\r
1374 CK_BBOOL bIsExport;
\r
1375 CK_SSL3_RANDOM_DATA RandomInfo;
\r
1376 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
\r
1377 } CK_SSL3_KEY_MAT_PARAMS;
\r
1379 typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
\r
1382 typedef struct CK_KEY_DERIVATION_STRING_DATA {
\r
1383 CK_BYTE_PTR pData;
\r
1385 } CK_KEY_DERIVATION_STRING_DATA;
\r
1387 typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
\r
1388 CK_KEY_DERIVATION_STRING_DATA_PTR;
\r
1391 /* The CK_EXTRACT_PARAMS is used for the
\r
1392 * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
\r
1393 * of the base key should be used as the first bit of the
\r
1395 /* CK_EXTRACT_PARAMS is new for v2.0 */
\r
1396 typedef CK_ULONG CK_EXTRACT_PARAMS;
\r
1398 typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
\r
1400 /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
\r
1401 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
\r
1402 * indicate the Pseudo-Random Function (PRF) used to generate
\r
1403 * key bits using PKCS #5 PBKDF2. */
\r
1404 typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
\r
1406 typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
\r
1408 /* The following PRFs are defined in PKCS #5 v2.0. */
\r
1409 #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
\r
1412 /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10.
\r
1413 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the
\r
1414 * source of the salt value when deriving a key using PKCS #5
\r
1416 typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
\r
1418 typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
\r
1420 /* The following salt value sources are defined in PKCS #5 v2.0. */
\r
1421 #define CKZ_SALT_SPECIFIED 0x00000001
\r
1423 /* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
\r
1424 * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
\r
1425 * parameters to the CKM_PKCS5_PBKD2 mechanism. */
\r
1426 typedef struct CK_PKCS5_PBKD2_PARAMS {
\r
1427 CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
\r
1428 CK_VOID_PTR pSaltSourceData;
\r
1429 CK_ULONG ulSaltSourceDataLen;
\r
1430 CK_ULONG iterations;
\r
1431 CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
\r
1432 CK_VOID_PTR pPrfData;
\r
1433 CK_ULONG ulPrfDataLen;
\r
1434 CK_UTF8CHAR_PTR pPassword;
\r
1435 CK_ULONG_PTR ulPasswordLen;
\r
1436 } CK_PKCS5_PBKD2_PARAMS;
\r
1438 typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
\r
projects / lab.git / blob