--- /dev/null
+/* pkcs11f.h include file for PKCS #11. */\r
+/* $Revision: 1.4 $ */\r
+\r
+/* License to copy and use this software is granted provided that it is\r
+ * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface\r
+ * (Cryptoki)" in all material mentioning or referencing this software.\r
+\r
+ * License is also granted to make and use derivative works provided that\r
+ * such works are identified as "derived from the RSA Security Inc. PKCS #11\r
+ * Cryptographic Token Interface (Cryptoki)" in all material mentioning or \r
+ * referencing the derived work.\r
+\r
+ * RSA Security Inc. makes no representations concerning either the \r
+ * merchantability of this software or the suitability of this software for\r
+ * any particular purpose. It is provided "as is" without express or implied\r
+ * warranty of any kind.\r
+ */\r
+\r
+/* This header file contains pretty much everything about all the */\r
+/* Cryptoki function prototypes. Because this information is */\r
+/* used for more than just declaring function prototypes, the */\r
+/* order of the functions appearing herein is important, and */\r
+/* should not be altered. */\r
+\r
+/* General-purpose */\r
+\r
+/* C_Initialize initializes the Cryptoki library. */\r
+CK_PKCS11_FUNCTION_INFO(C_Initialize)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets\r
+ * cast to CK_C_INITIALIZE_ARGS_PTR\r
+ * and dereferenced */\r
+);\r
+#endif\r
+\r
+\r
+/* C_Finalize indicates that an application is done with the\r
+ * Cryptoki library. */\r
+CK_PKCS11_FUNCTION_INFO(C_Finalize)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetInfo returns general information about Cryptoki. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetInfo)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_INFO_PTR pInfo /* location that receives information */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetFunctionList returns the function list. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to\r
+ * function list */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Slot and token management */\r
+\r
+/* C_GetSlotList obtains a list of slots in the system. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetSlotList)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_BBOOL tokenPresent, /* only slots with tokens? */\r
+ CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */\r
+ CK_ULONG_PTR pulCount /* receives number of slots */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetSlotInfo obtains information about a particular slot in\r
+ * the system. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SLOT_ID slotID, /* the ID of the slot */\r
+ CK_SLOT_INFO_PTR pInfo /* receives the slot information */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetTokenInfo obtains information about a particular token\r
+ * in the system. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SLOT_ID slotID, /* ID of the token's slot */\r
+ CK_TOKEN_INFO_PTR pInfo /* receives the token information */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetMechanismList obtains a list of mechanism types\r
+ * supported by a token. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SLOT_ID slotID, /* ID of token's slot */\r
+ CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */\r
+ CK_ULONG_PTR pulCount /* gets # of mechs. */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetMechanismInfo obtains information about a particular\r
+ * mechanism possibly supported by a token. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SLOT_ID slotID, /* ID of the token's slot */\r
+ CK_MECHANISM_TYPE type, /* type of mechanism */\r
+ CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */\r
+);\r
+#endif\r
+\r
+\r
+/* C_InitToken initializes a token. */\r
+CK_PKCS11_FUNCTION_INFO(C_InitToken)\r
+#ifdef CK_NEED_ARG_LIST\r
+/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */\r
+(\r
+ CK_SLOT_ID slotID, /* ID of the token's slot */\r
+ CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */\r
+ CK_ULONG ulPinLen, /* length in bytes of the PIN */\r
+ CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */\r
+);\r
+#endif\r
+\r
+\r
+/* C_InitPIN initializes the normal user's PIN. */\r
+CK_PKCS11_FUNCTION_INFO(C_InitPIN)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */\r
+ CK_ULONG ulPinLen /* length in bytes of the PIN */\r
+);\r
+#endif\r
+\r
+\r
+/* C_SetPIN modifies the PIN of the user who is logged in. */\r
+CK_PKCS11_FUNCTION_INFO(C_SetPIN)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_UTF8CHAR_PTR pOldPin, /* the old PIN */\r
+ CK_ULONG ulOldLen, /* length of the old PIN */\r
+ CK_UTF8CHAR_PTR pNewPin, /* the new PIN */\r
+ CK_ULONG ulNewLen /* length of the new PIN */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Session management */\r
+\r
+/* C_OpenSession opens a session between an application and a\r
+ * token. */\r
+CK_PKCS11_FUNCTION_INFO(C_OpenSession)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SLOT_ID slotID, /* the slot's ID */\r
+ CK_FLAGS flags, /* from CK_SESSION_INFO */\r
+ CK_VOID_PTR pApplication, /* passed to callback */\r
+ CK_NOTIFY Notify, /* callback function */\r
+ CK_SESSION_HANDLE_PTR phSession /* gets session handle */\r
+);\r
+#endif\r
+\r
+\r
+/* C_CloseSession closes a session between an application and a\r
+ * token. */\r
+CK_PKCS11_FUNCTION_INFO(C_CloseSession)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession /* the session's handle */\r
+);\r
+#endif\r
+\r
+\r
+/* C_CloseAllSessions closes all sessions with a token. */\r
+CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SLOT_ID slotID /* the token's slot */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetSessionInfo obtains information about the session. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_SESSION_INFO_PTR pInfo /* receives session info */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetOperationState obtains the state of the cryptographic operation\r
+ * in a session. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetOperationState)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pOperationState, /* gets state */\r
+ CK_ULONG_PTR pulOperationStateLen /* gets state length */\r
+);\r
+#endif\r
+\r
+\r
+/* C_SetOperationState restores the state of the cryptographic\r
+ * operation in a session. */\r
+CK_PKCS11_FUNCTION_INFO(C_SetOperationState)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pOperationState, /* holds state */\r
+ CK_ULONG ulOperationStateLen, /* holds state length */\r
+ CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */\r
+ CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */\r
+);\r
+#endif\r
+\r
+\r
+/* C_Login logs a user into a token. */\r
+CK_PKCS11_FUNCTION_INFO(C_Login)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_USER_TYPE userType, /* the user type */\r
+ CK_UTF8CHAR_PTR pPin, /* the user's PIN */\r
+ CK_ULONG ulPinLen /* the length of the PIN */\r
+);\r
+#endif\r
+\r
+\r
+/* C_Logout logs a user out from a token. */\r
+CK_PKCS11_FUNCTION_INFO(C_Logout)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession /* the session's handle */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Object management */\r
+\r
+/* C_CreateObject creates a new object. */\r
+CK_PKCS11_FUNCTION_INFO(C_CreateObject)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_ATTRIBUTE_PTR pTemplate, /* the object's template */\r
+ CK_ULONG ulCount, /* attributes in template */\r
+ CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */\r
+);\r
+#endif\r
+\r
+\r
+/* C_CopyObject copies an object, creating a new object for the\r
+ * copy. */\r
+CK_PKCS11_FUNCTION_INFO(C_CopyObject)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_OBJECT_HANDLE hObject, /* the object's handle */\r
+ CK_ATTRIBUTE_PTR pTemplate, /* template for new object */\r
+ CK_ULONG ulCount, /* attributes in template */\r
+ CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DestroyObject destroys an object. */\r
+CK_PKCS11_FUNCTION_INFO(C_DestroyObject)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_OBJECT_HANDLE hObject /* the object's handle */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetObjectSize gets the size of an object in bytes. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_OBJECT_HANDLE hObject, /* the object's handle */\r
+ CK_ULONG_PTR pulSize /* receives size of object */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GetAttributeValue obtains the value of one or more object\r
+ * attributes. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_OBJECT_HANDLE hObject, /* the object's handle */\r
+ CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */\r
+ CK_ULONG ulCount /* attributes in template */\r
+);\r
+#endif\r
+\r
+\r
+/* C_SetAttributeValue modifies the value of one or more object\r
+ * attributes */\r
+CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_OBJECT_HANDLE hObject, /* the object's handle */\r
+ CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */\r
+ CK_ULONG ulCount /* attributes in template */\r
+);\r
+#endif\r
+\r
+\r
+/* C_FindObjectsInit initializes a search for token and session\r
+ * objects that match a template. */\r
+CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */\r
+ CK_ULONG ulCount /* attrs in search template */\r
+);\r
+#endif\r
+\r
+\r
+/* C_FindObjects continues a search for token and session\r
+ * objects that match a template, obtaining additional object\r
+ * handles. */\r
+CK_PKCS11_FUNCTION_INFO(C_FindObjects)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */\r
+ CK_ULONG ulMaxObjectCount, /* max handles to get */\r
+ CK_ULONG_PTR pulObjectCount /* actual # returned */\r
+);\r
+#endif\r
+\r
+\r
+/* C_FindObjectsFinal finishes a search for token and session\r
+ * objects. */\r
+CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession /* the session's handle */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Encryption and decryption */\r
+\r
+/* C_EncryptInit initializes an encryption operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_EncryptInit)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */\r
+ CK_OBJECT_HANDLE hKey /* handle of encryption key */\r
+);\r
+#endif\r
+\r
+\r
+/* C_Encrypt encrypts single-part data. */\r
+CK_PKCS11_FUNCTION_INFO(C_Encrypt)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pData, /* the plaintext data */\r
+ CK_ULONG ulDataLen, /* bytes of plaintext */\r
+ CK_BYTE_PTR pEncryptedData, /* gets ciphertext */\r
+ CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */\r
+);\r
+#endif\r
+\r
+\r
+/* C_EncryptUpdate continues a multiple-part encryption\r
+ * operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pPart, /* the plaintext data */\r
+ CK_ULONG ulPartLen, /* plaintext data len */\r
+ CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */\r
+ CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */\r
+);\r
+#endif\r
+\r
+\r
+/* C_EncryptFinal finishes a multiple-part encryption\r
+ * operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session handle */\r
+ CK_BYTE_PTR pLastEncryptedPart, /* last c-text */\r
+ CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DecryptInit initializes a decryption operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DecryptInit)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */\r
+ CK_OBJECT_HANDLE hKey /* handle of decryption key */\r
+);\r
+#endif\r
+\r
+\r
+/* C_Decrypt decrypts encrypted data in a single part. */\r
+CK_PKCS11_FUNCTION_INFO(C_Decrypt)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pEncryptedData, /* ciphertext */\r
+ CK_ULONG ulEncryptedDataLen, /* ciphertext length */\r
+ CK_BYTE_PTR pData, /* gets plaintext */\r
+ CK_ULONG_PTR pulDataLen /* gets p-text size */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DecryptUpdate continues a multiple-part decryption\r
+ * operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pEncryptedPart, /* encrypted data */\r
+ CK_ULONG ulEncryptedPartLen, /* input length */\r
+ CK_BYTE_PTR pPart, /* gets plaintext */\r
+ CK_ULONG_PTR pulPartLen /* p-text size */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DecryptFinal finishes a multiple-part decryption\r
+ * operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pLastPart, /* gets plaintext */\r
+ CK_ULONG_PTR pulLastPartLen /* p-text size */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Message digesting */\r
+\r
+/* C_DigestInit initializes a message-digesting operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DigestInit)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism /* the digesting mechanism */\r
+);\r
+#endif\r
+\r
+\r
+/* C_Digest digests data in a single part. */\r
+CK_PKCS11_FUNCTION_INFO(C_Digest)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pData, /* data to be digested */\r
+ CK_ULONG ulDataLen, /* bytes of data to digest */\r
+ CK_BYTE_PTR pDigest, /* gets the message digest */\r
+ CK_ULONG_PTR pulDigestLen /* gets digest length */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DigestUpdate continues a multiple-part message-digesting\r
+ * operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pPart, /* data to be digested */\r
+ CK_ULONG ulPartLen /* bytes of data to be digested */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DigestKey continues a multi-part message-digesting\r
+ * operation, by digesting the value of a secret key as part of\r
+ * the data already digested. */\r
+CK_PKCS11_FUNCTION_INFO(C_DigestKey)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_OBJECT_HANDLE hKey /* secret key to digest */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DigestFinal finishes a multiple-part message-digesting\r
+ * operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DigestFinal)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pDigest, /* gets the message digest */\r
+ CK_ULONG_PTR pulDigestLen /* gets byte count of digest */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Signing and MACing */\r
+\r
+/* C_SignInit initializes a signature (private key encryption)\r
+ * operation, where the signature is (will be) an appendix to\r
+ * the data, and plaintext cannot be recovered from the\r
+ *signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_SignInit)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* the signature mechanism */\r
+ CK_OBJECT_HANDLE hKey /* handle of signature key */\r
+);\r
+#endif\r
+\r
+\r
+/* C_Sign signs (encrypts with private key) data in a single\r
+ * part, where the signature is (will be) an appendix to the\r
+ * data, and plaintext cannot be recovered from the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_Sign)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pData, /* the data to sign */\r
+ CK_ULONG ulDataLen, /* count of bytes to sign */\r
+ CK_BYTE_PTR pSignature, /* gets the signature */\r
+ CK_ULONG_PTR pulSignatureLen /* gets signature length */\r
+);\r
+#endif\r
+\r
+\r
+/* C_SignUpdate continues a multiple-part signature operation,\r
+ * where the signature is (will be) an appendix to the data, \r
+ * and plaintext cannot be recovered from the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_SignUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pPart, /* the data to sign */\r
+ CK_ULONG ulPartLen /* count of bytes to sign */\r
+);\r
+#endif\r
+\r
+\r
+/* C_SignFinal finishes a multiple-part signature operation, \r
+ * returning the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_SignFinal)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pSignature, /* gets the signature */\r
+ CK_ULONG_PTR pulSignatureLen /* gets signature length */\r
+);\r
+#endif\r
+\r
+\r
+/* C_SignRecoverInit initializes a signature operation, where\r
+ * the data can be recovered from the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* the signature mechanism */\r
+ CK_OBJECT_HANDLE hKey /* handle of the signature key */\r
+);\r
+#endif\r
+\r
+\r
+/* C_SignRecover signs data in a single operation, where the\r
+ * data can be recovered from the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_SignRecover)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pData, /* the data to sign */\r
+ CK_ULONG ulDataLen, /* count of bytes to sign */\r
+ CK_BYTE_PTR pSignature, /* gets the signature */\r
+ CK_ULONG_PTR pulSignatureLen /* gets signature length */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Verifying signatures and MACs */\r
+\r
+/* C_VerifyInit initializes a verification operation, where the\r
+ * signature is an appendix to the data, and plaintext cannot\r
+ * cannot be recovered from the signature (e.g. DSA). */\r
+CK_PKCS11_FUNCTION_INFO(C_VerifyInit)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* the verification mechanism */\r
+ CK_OBJECT_HANDLE hKey /* verification key */ \r
+);\r
+#endif\r
+\r
+\r
+/* C_Verify verifies a signature in a single-part operation, \r
+ * where the signature is an appendix to the data, and plaintext\r
+ * cannot be recovered from the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_Verify)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pData, /* signed data */\r
+ CK_ULONG ulDataLen, /* length of signed data */\r
+ CK_BYTE_PTR pSignature, /* signature */\r
+ CK_ULONG ulSignatureLen /* signature length*/\r
+);\r
+#endif\r
+\r
+\r
+/* C_VerifyUpdate continues a multiple-part verification\r
+ * operation, where the signature is an appendix to the data, \r
+ * and plaintext cannot be recovered from the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pPart, /* signed data */\r
+ CK_ULONG ulPartLen /* length of signed data */\r
+);\r
+#endif\r
+\r
+\r
+/* C_VerifyFinal finishes a multiple-part verification\r
+ * operation, checking the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pSignature, /* signature to verify */\r
+ CK_ULONG ulSignatureLen /* signature length */\r
+);\r
+#endif\r
+\r
+\r
+/* C_VerifyRecoverInit initializes a signature verification\r
+ * operation, where the data is recovered from the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* the verification mechanism */\r
+ CK_OBJECT_HANDLE hKey /* verification key */\r
+);\r
+#endif\r
+\r
+\r
+/* C_VerifyRecover verifies a signature in a single-part\r
+ * operation, where the data is recovered from the signature. */\r
+CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pSignature, /* signature to verify */\r
+ CK_ULONG ulSignatureLen, /* signature length */\r
+ CK_BYTE_PTR pData, /* gets signed data */\r
+ CK_ULONG_PTR pulDataLen /* gets signed data len */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Dual-function cryptographic operations */\r
+\r
+/* C_DigestEncryptUpdate continues a multiple-part digesting\r
+ * and encryption operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pPart, /* the plaintext data */\r
+ CK_ULONG ulPartLen, /* plaintext length */\r
+ CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */\r
+ CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DecryptDigestUpdate continues a multiple-part decryption and\r
+ * digesting operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pEncryptedPart, /* ciphertext */\r
+ CK_ULONG ulEncryptedPartLen, /* ciphertext length */\r
+ CK_BYTE_PTR pPart, /* gets plaintext */\r
+ CK_ULONG_PTR pulPartLen /* gets plaintext len */\r
+);\r
+#endif\r
+\r
+\r
+/* C_SignEncryptUpdate continues a multiple-part signing and\r
+ * encryption operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pPart, /* the plaintext data */\r
+ CK_ULONG ulPartLen, /* plaintext length */\r
+ CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */\r
+ CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DecryptVerifyUpdate continues a multiple-part decryption and\r
+ * verify operation. */\r
+CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_BYTE_PTR pEncryptedPart, /* ciphertext */\r
+ CK_ULONG ulEncryptedPartLen, /* ciphertext length */\r
+ CK_BYTE_PTR pPart, /* gets plaintext */\r
+ CK_ULONG_PTR pulPartLen /* gets p-text length */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Key management */\r
+\r
+/* C_GenerateKey generates a secret key, creating a new key\r
+ * object. */\r
+CK_PKCS11_FUNCTION_INFO(C_GenerateKey)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* key generation mech. */\r
+ CK_ATTRIBUTE_PTR pTemplate, /* template for new key */\r
+ CK_ULONG ulCount, /* # of attrs in template */\r
+ CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GenerateKeyPair generates a public-key/private-key pair, \r
+ * creating new key objects. */\r
+CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session\r
+ * handle */\r
+ CK_MECHANISM_PTR pMechanism, /* key-gen\r
+ * mech. */\r
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template\r
+ * for pub.\r
+ * key */\r
+ CK_ULONG ulPublicKeyAttributeCount, /* # pub.\r
+ * attrs. */\r
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template\r
+ * for priv.\r
+ * key */\r
+ CK_ULONG ulPrivateKeyAttributeCount, /* # priv.\r
+ * attrs. */\r
+ CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub.\r
+ * key\r
+ * handle */\r
+ CK_OBJECT_HANDLE_PTR phPrivateKey /* gets\r
+ * priv. key\r
+ * handle */\r
+);\r
+#endif\r
+\r
+\r
+/* C_WrapKey wraps (i.e., encrypts) a key. */\r
+CK_PKCS11_FUNCTION_INFO(C_WrapKey)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */\r
+ CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */\r
+ CK_OBJECT_HANDLE hKey, /* key to be wrapped */\r
+ CK_BYTE_PTR pWrappedKey, /* gets wrapped key */\r
+ CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */\r
+);\r
+#endif\r
+\r
+\r
+/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new\r
+ * key object. */\r
+CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */\r
+ CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */\r
+ CK_BYTE_PTR pWrappedKey, /* the wrapped key */\r
+ CK_ULONG ulWrappedKeyLen, /* wrapped key len */\r
+ CK_ATTRIBUTE_PTR pTemplate, /* new key template */\r
+ CK_ULONG ulAttributeCount, /* template length */\r
+ CK_OBJECT_HANDLE_PTR phKey /* gets new handle */\r
+);\r
+#endif\r
+\r
+\r
+/* C_DeriveKey derives a key from a base key, creating a new key\r
+ * object. */\r
+CK_PKCS11_FUNCTION_INFO(C_DeriveKey)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* session's handle */\r
+ CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */\r
+ CK_OBJECT_HANDLE hBaseKey, /* base key */\r
+ CK_ATTRIBUTE_PTR pTemplate, /* new key template */\r
+ CK_ULONG ulAttributeCount, /* template length */\r
+ CK_OBJECT_HANDLE_PTR phKey /* gets new handle */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Random number generation */\r
+\r
+/* C_SeedRandom mixes additional seed material into the token's\r
+ * random number generator. */\r
+CK_PKCS11_FUNCTION_INFO(C_SeedRandom)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR pSeed, /* the seed material */\r
+ CK_ULONG ulSeedLen /* length of seed material */\r
+);\r
+#endif\r
+\r
+\r
+/* C_GenerateRandom generates random data. */\r
+CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_BYTE_PTR RandomData, /* receives the random data */\r
+ CK_ULONG ulRandomLen /* # of bytes to generate */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Parallel function management */\r
+\r
+/* C_GetFunctionStatus is a legacy function; it obtains an\r
+ * updated status of a function running in parallel with an\r
+ * application. */\r
+CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession /* the session's handle */\r
+);\r
+#endif\r
+\r
+\r
+/* C_CancelFunction is a legacy function; it cancels a function\r
+ * running in parallel. */\r
+CK_PKCS11_FUNCTION_INFO(C_CancelFunction)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_SESSION_HANDLE hSession /* the session's handle */\r
+);\r
+#endif\r
+\r
+\r
+\r
+/* Functions added in for Cryptoki Version 2.01 or later */\r
+\r
+/* C_WaitForSlotEvent waits for a slot event (token insertion,\r
+ * removal, etc.) to occur. */\r
+CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)\r
+#ifdef CK_NEED_ARG_LIST\r
+(\r
+ CK_FLAGS flags, /* blocking/nonblocking flag */\r
+ CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */\r
+ CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */\r
+);\r
+#endif\r