--- /dev/null
+/* pkcs11t.h include file for PKCS #11. */\r
+/* $Revision: 1.4 $ */\r
+\r
+/* License to copy and use this software is granted provided that it is\r
+ * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface\r
+ * (Cryptoki)" in all material mentioning or referencing this software.\r
+\r
+ * License is also granted to make and use derivative works provided that\r
+ * such works are identified as "derived from the RSA Security Inc. PKCS #11\r
+ * Cryptographic Token Interface (Cryptoki)" in all material mentioning or \r
+ * referencing the derived work.\r
+\r
+ * RSA Security Inc. makes no representations concerning either the \r
+ * merchantability of this software or the suitability of this software for\r
+ * any particular purpose. It is provided "as is" without express or implied\r
+ * warranty of any kind.\r
+ */\r
+\r
+/* See top of pkcs11.h for information about the macros that\r
+ * must be defined and the structure-packing conventions that\r
+ * must be set before including this file. */\r
+\r
+#ifndef _PKCS11T_H_\r
+#define _PKCS11T_H_ 1\r
+\r
+#ifndef CK_DISABLE_TRUE_FALSE\r
+#ifndef FALSE\r
+#define FALSE 0\r
+#endif\r
+\r
+#ifndef TRUE\r
+#define TRUE !(FALSE)\r
+#endif\r
+#endif\r
+\r
+#define CK_TRUE 1\r
+#define CK_FALSE 0\r
+\r
+/* an unsigned 8-bit value */\r
+typedef unsigned char CK_BYTE;\r
+\r
+/* an unsigned 8-bit character */\r
+typedef CK_BYTE CK_CHAR;\r
+\r
+/* an 8-bit UTF-8 character */\r
+typedef CK_BYTE CK_UTF8CHAR;\r
+\r
+/* a BYTE-sized Boolean flag */\r
+typedef CK_BYTE CK_BBOOL;\r
+\r
+/* an unsigned value, at least 32 bits long */\r
+typedef unsigned long int CK_ULONG;\r
+\r
+/* a signed value, the same size as a CK_ULONG */\r
+/* CK_LONG is new for v2.0 */\r
+typedef long int CK_LONG;\r
+\r
+/* at least 32 bits; each bit is a Boolean flag */\r
+typedef CK_ULONG CK_FLAGS;\r
+\r
+\r
+/* some special values for certain CK_ULONG variables */\r
+#define CK_UNAVAILABLE_INFORMATION (~0UL)\r
+#define CK_EFFECTIVELY_INFINITE 0\r
+\r
+\r
+typedef CK_BYTE CK_PTR CK_BYTE_PTR;\r
+typedef CK_CHAR CK_PTR CK_CHAR_PTR;\r
+typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;\r
+typedef CK_ULONG CK_PTR CK_ULONG_PTR;\r
+typedef void CK_PTR CK_VOID_PTR;\r
+\r
+/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */\r
+typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;\r
+\r
+\r
+/* The following value is always invalid if used as a session */\r
+/* handle or object handle */\r
+#define CK_INVALID_HANDLE 0\r
+\r
+\r
+typedef struct CK_VERSION {\r
+ CK_BYTE major; /* integer portion of version number */\r
+ CK_BYTE minor; /* 1/100ths portion of version number */\r
+} CK_VERSION;\r
+\r
+typedef CK_VERSION CK_PTR CK_VERSION_PTR;\r
+\r
+\r
+typedef struct CK_INFO {\r
+ /* manufacturerID and libraryDecription have been changed from\r
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */\r
+ CK_VERSION cryptokiVersion; /* Cryptoki interface ver */\r
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */\r
+ CK_FLAGS flags; /* must be zero */\r
+\r
+ /* libraryDescription and libraryVersion are new for v2.0 */\r
+ CK_UTF8CHAR libraryDescription[32]; /* blank padded */\r
+ CK_VERSION libraryVersion; /* version of library */\r
+} CK_INFO;\r
+\r
+typedef CK_INFO CK_PTR CK_INFO_PTR;\r
+\r
+\r
+/* CK_NOTIFICATION enumerates the types of notifications that\r
+ * Cryptoki provides to an application */\r
+/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG\r
+ * for v2.0 */\r
+typedef CK_ULONG CK_NOTIFICATION;\r
+#define CKN_SURRENDER 0\r
+\r
+\r
+typedef CK_ULONG CK_SLOT_ID;\r
+\r
+typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;\r
+\r
+\r
+/* CK_SLOT_INFO provides information about a slot */\r
+typedef struct CK_SLOT_INFO {\r
+ /* slotDescription and manufacturerID have been changed from\r
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */\r
+ CK_UTF8CHAR slotDescription[64]; /* blank padded */\r
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */\r
+ CK_FLAGS flags;\r
+\r
+ /* hardwareVersion and firmwareVersion are new for v2.0 */\r
+ CK_VERSION hardwareVersion; /* version of hardware */\r
+ CK_VERSION firmwareVersion; /* version of firmware */\r
+} CK_SLOT_INFO;\r
+\r
+/* flags: bit flags that provide capabilities of the slot\r
+ * Bit Flag Mask Meaning\r
+ */\r
+#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */\r
+#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/\r
+#define CKF_HW_SLOT 0x00000004 /* hardware slot */\r
+\r
+typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;\r
+\r
+\r
+/* CK_TOKEN_INFO provides information about a token */\r
+typedef struct CK_TOKEN_INFO {\r
+ /* label, manufacturerID, and model have been changed from\r
+ * CK_CHAR to CK_UTF8CHAR for v2.10 */\r
+ CK_UTF8CHAR label[32]; /* blank padded */\r
+ CK_UTF8CHAR manufacturerID[32]; /* blank padded */\r
+ CK_UTF8CHAR model[16]; /* blank padded */\r
+ CK_CHAR serialNumber[16]; /* blank padded */\r
+ CK_FLAGS flags; /* see below */\r
+\r
+ /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,\r
+ * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been\r
+ * changed from CK_USHORT to CK_ULONG for v2.0 */\r
+ CK_ULONG ulMaxSessionCount; /* max open sessions */\r
+ CK_ULONG ulSessionCount; /* sess. now open */\r
+ CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */\r
+ CK_ULONG ulRwSessionCount; /* R/W sess. now open */\r
+ CK_ULONG ulMaxPinLen; /* in bytes */\r
+ CK_ULONG ulMinPinLen; /* in bytes */\r
+ CK_ULONG ulTotalPublicMemory; /* in bytes */\r
+ CK_ULONG ulFreePublicMemory; /* in bytes */\r
+ CK_ULONG ulTotalPrivateMemory; /* in bytes */\r
+ CK_ULONG ulFreePrivateMemory; /* in bytes */\r
+\r
+ /* hardwareVersion, firmwareVersion, and time are new for\r
+ * v2.0 */\r
+ CK_VERSION hardwareVersion; /* version of hardware */\r
+ CK_VERSION firmwareVersion; /* version of firmware */\r
+ CK_CHAR utcTime[16]; /* time */\r
+} CK_TOKEN_INFO;\r
+\r
+/* The flags parameter is defined as follows:\r
+ * Bit Flag Mask Meaning \r
+ */\r
+#define CKF_RNG 0x00000001 /* has random #\r
+ * generator */\r
+#define CKF_WRITE_PROTECTED 0x00000002 /* token is\r
+ * write-\r
+ * protected */\r
+#define CKF_LOGIN_REQUIRED 0x00000004 /* user must\r
+ * login */\r
+#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's\r
+ * PIN is set */\r
+\r
+/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set,\r
+ * that means that *every* time the state of cryptographic\r
+ * operations of a session is successfully saved, all keys\r
+ * needed to continue those operations are stored in the state */\r
+#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020\r
+\r
+/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means\r
+ * that the token has some sort of clock. The time on that\r
+ * clock is returned in the token info structure */\r
+#define CKF_CLOCK_ON_TOKEN 0x00000040\r
+\r
+/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is\r
+ * set, that means that there is some way for the user to login\r
+ * without sending a PIN through the Cryptoki library itself */\r
+#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100\r
+\r
+/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true,\r
+ * that means that a single session with the token can perform\r
+ * dual simultaneous cryptographic operations (digest and\r
+ * encrypt; decrypt and digest; sign and encrypt; and decrypt\r
+ * and sign) */\r
+#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200\r
+\r
+/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the\r
+ * token has been initialized using C_InitializeToken or an \r
+ * equivalent mechanism outside the scope of PKCS #11.\r
+ * Calling C_InitializeToken when this flag is set will cause \r
+ * the token to be reinitialized. */\r
+#define CKF_TOKEN_INITIALIZED 0x00000400\r
+\r
+/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is \r
+ * true, the token supports secondary authentication for \r
+ * private key objects. */\r
+#define CKF_SECONDARY_AUTHENTICATION 0x00000800\r
+\r
+/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an \r
+ * incorrect user login PIN has been entered at least once \r
+ * since the last successful authentication. */\r
+#define CKF_USER_PIN_COUNT_LOW 0x00010000\r
+\r
+/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,\r
+ * supplying an incorrect user PIN will it to become locked. */\r
+#define CKF_USER_PIN_FINAL_TRY 0x00020000\r
+\r
+/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the \r
+ * user PIN has been locked. User login to the token is not \r
+ * possible. */\r
+#define CKF_USER_PIN_LOCKED 0x00040000\r
+\r
+/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, \r
+ * the user PIN value is the default value set by token \r
+ * initialization or manufacturing, or the PIN has been\r
+ * expired by the card. */\r
+#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000\r
+\r
+/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an \r
+ * incorrect SO login PIN has been entered at least once since \r
+ * the last successful authentication. */\r
+#define CKF_SO_PIN_COUNT_LOW 0x00100000\r
+\r
+/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,\r
+ * supplying an incorrect SO PIN will it to become locked. */\r
+#define CKF_SO_PIN_FINAL_TRY 0x00200000\r
+\r
+/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO \r
+ * PIN has been locked. SO login to the token is not possible.\r
+ */\r
+#define CKF_SO_PIN_LOCKED 0x00400000\r
+\r
+/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, \r
+ * the SO PIN value is the default value set by token \r
+ * initialization or manufacturing, or the PIN has been\r
+ * expired by the card. */\r
+#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000\r
+\r
+typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;\r
+\r
+\r
+/* CK_SESSION_HANDLE is a Cryptoki-assigned value that\r
+ * identifies a session */\r
+typedef CK_ULONG CK_SESSION_HANDLE;\r
+\r
+typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; \r
+\r
+\r
+/* CK_USER_TYPE enumerates the types of Cryptoki users */\r
+/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for\r
+ * v2.0 */\r
+typedef CK_ULONG CK_USER_TYPE;\r
+/* Security Officer */\r
+#define CKU_SO 0\r
+/* Normal user */\r
+#define CKU_USER 1\r
+\r
+\r
+/* CK_STATE enumerates the session states */\r
+/* CK_STATE has been changed from an enum to a CK_ULONG for\r
+ * v2.0 */\r
+typedef CK_ULONG CK_STATE;\r
+#define CKS_RO_PUBLIC_SESSION 0\r
+#define CKS_RO_USER_FUNCTIONS 1\r
+#define CKS_RW_PUBLIC_SESSION 2\r
+#define CKS_RW_USER_FUNCTIONS 3\r
+#define CKS_RW_SO_FUNCTIONS 4\r
+\r
+\r
+/* CK_SESSION_INFO provides information about a session */\r
+typedef struct CK_SESSION_INFO {\r
+ CK_SLOT_ID slotID;\r
+ CK_STATE state;\r
+ CK_FLAGS flags; /* see below */\r
+\r
+ /* ulDeviceError was changed from CK_USHORT to CK_ULONG for\r
+ * v2.0 */\r
+ CK_ULONG ulDeviceError; /* device-dependent error code */\r
+} CK_SESSION_INFO;\r
+\r
+/* The flags are defined in the following table:\r
+ * Bit Flag Mask Meaning\r
+ */\r
+#define CKF_RW_SESSION 0x00000002 /* session is r/w */\r
+#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */\r
+\r
+typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;\r
+\r
+\r
+/* CK_OBJECT_HANDLE is a token-specific identifier for an\r
+ * object */\r
+typedef CK_ULONG CK_OBJECT_HANDLE;\r
+\r
+typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;\r
+\r
+\r
+/* CK_OBJECT_CLASS is a value that identifies the classes (or\r
+ * types) of objects that Cryptoki recognizes. It is defined\r
+ * as follows: */\r
+/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for\r
+ * v2.0 */\r
+typedef CK_ULONG CK_OBJECT_CLASS;\r
+\r
+/* The following classes of objects are defined: */\r
+/* CKO_HW_FEATURE is new for v2.10 */\r
+/* CKO_DOMAIN_PARAMETERS is new for v2.11 */\r
+#define CKO_DATA 0x00000000\r
+#define CKO_CERTIFICATE 0x00000001\r
+#define CKO_PUBLIC_KEY 0x00000002\r
+#define CKO_PRIVATE_KEY 0x00000003\r
+#define CKO_SECRET_KEY 0x00000004\r
+#define CKO_HW_FEATURE 0x00000005\r
+#define CKO_DOMAIN_PARAMETERS 0x00000006\r
+#define CKO_VENDOR_DEFINED 0x80000000\r
+\r
+typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;\r
+\r
+/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a\r
+ * value that identifies the hardware feature type of an object\r
+ * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */\r
+typedef CK_ULONG CK_HW_FEATURE_TYPE;\r
+ \r
+/* The following hardware feature types are defined */\r
+#define CKH_MONOTONIC_COUNTER 0x00000001\r
+#define CKH_CLOCK 0x00000002\r
+#define CKH_VENDOR_DEFINED 0x80000000\r
+\r
+/* CK_KEY_TYPE is a value that identifies a key type */\r
+/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */\r
+typedef CK_ULONG CK_KEY_TYPE;\r
+\r
+/* the following key types are defined: */\r
+#define CKK_RSA 0x00000000\r
+#define CKK_DSA 0x00000001\r
+#define CKK_DH 0x00000002\r
+\r
+/* CKK_ECDSA and CKK_KEA are new for v2.0 */\r
+/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */\r
+#define CKK_ECDSA 0x00000003\r
+#define CKK_EC 0x00000003\r
+#define CKK_X9_42_DH 0x00000004\r
+#define CKK_KEA 0x00000005\r
+\r
+#define CKK_GENERIC_SECRET 0x00000010\r
+#define CKK_RC2 0x00000011\r
+#define CKK_RC4 0x00000012\r
+#define CKK_DES 0x00000013\r
+#define CKK_DES2 0x00000014\r
+#define CKK_DES3 0x00000015\r
+\r
+/* all these key types are new for v2.0 */\r
+#define CKK_CAST 0x00000016\r
+#define CKK_CAST3 0x00000017\r
+/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */\r
+#define CKK_CAST5 0x00000018\r
+#define CKK_CAST128 0x00000018\r
+#define CKK_RC5 0x00000019\r
+#define CKK_IDEA 0x0000001A\r
+#define CKK_SKIPJACK 0x0000001B\r
+#define CKK_BATON 0x0000001C\r
+#define CKK_JUNIPER 0x0000001D\r
+#define CKK_CDMF 0x0000001E\r
+#define CKK_AES 0x0000001F\r
+\r
+#define CKK_VENDOR_DEFINED 0x80000000\r
+\r
+\r
+/* CK_CERTIFICATE_TYPE is a value that identifies a certificate\r
+ * type */\r
+/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG\r
+ * for v2.0 */\r
+typedef CK_ULONG CK_CERTIFICATE_TYPE;\r
+\r
+/* The following certificate types are defined: */\r
+/* CKC_X_509_ATTR_CERT is new for v2.10 */\r
+#define CKC_X_509 0x00000000\r
+#define CKC_X_509_ATTR_CERT 0x00000001\r
+#define CKC_VENDOR_DEFINED 0x80000000\r
+\r
+\r
+/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute\r
+ * type */\r
+/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for\r
+ * v2.0 */\r
+typedef CK_ULONG CK_ATTRIBUTE_TYPE;\r
+\r
+/* The following attribute types are defined: */\r
+#define CKA_CLASS 0x00000000\r
+#define CKA_TOKEN 0x00000001\r
+#define CKA_PRIVATE 0x00000002\r
+#define CKA_LABEL 0x00000003\r
+#define CKA_APPLICATION 0x00000010\r
+#define CKA_VALUE 0x00000011\r
+\r
+/* CKA_OBJECT_ID is new for v2.10 */\r
+#define CKA_OBJECT_ID 0x00000012\r
+\r
+#define CKA_CERTIFICATE_TYPE 0x00000080\r
+#define CKA_ISSUER 0x00000081\r
+#define CKA_SERIAL_NUMBER 0x00000082\r
+\r
+/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new \r
+ * for v2.10 */\r
+#define CKA_AC_ISSUER 0x00000083\r
+#define CKA_OWNER 0x00000084\r
+#define CKA_ATTR_TYPES 0x00000085\r
+\r
+/* CKA_TRUSTED is new for v2.11 */\r
+#define CKA_TRUSTED 0x00000086\r
+\r
+#define CKA_KEY_TYPE 0x00000100\r
+#define CKA_SUBJECT 0x00000101\r
+#define CKA_ID 0x00000102\r
+#define CKA_SENSITIVE 0x00000103\r
+#define CKA_ENCRYPT 0x00000104\r
+#define CKA_DECRYPT 0x00000105\r
+#define CKA_WRAP 0x00000106\r
+#define CKA_UNWRAP 0x00000107\r
+#define CKA_SIGN 0x00000108\r
+#define CKA_SIGN_RECOVER 0x00000109\r
+#define CKA_VERIFY 0x0000010A\r
+#define CKA_VERIFY_RECOVER 0x0000010B\r
+#define CKA_DERIVE 0x0000010C\r
+#define CKA_START_DATE 0x00000110\r
+#define CKA_END_DATE 0x00000111\r
+#define CKA_MODULUS 0x00000120\r
+#define CKA_MODULUS_BITS 0x00000121\r
+#define CKA_PUBLIC_EXPONENT 0x00000122\r
+#define CKA_PRIVATE_EXPONENT 0x00000123\r
+#define CKA_PRIME_1 0x00000124\r
+#define CKA_PRIME_2 0x00000125\r
+#define CKA_EXPONENT_1 0x00000126\r
+#define CKA_EXPONENT_2 0x00000127\r
+#define CKA_COEFFICIENT 0x00000128\r
+#define CKA_PRIME 0x00000130\r
+#define CKA_SUBPRIME 0x00000131\r
+#define CKA_BASE 0x00000132\r
+\r
+/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */\r
+#define CKA_PRIME_BITS 0x00000133\r
+#define CKA_SUBPRIME_BITS 0x00000134 \r
+#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS \r
+/* (To retain backwards-compatibility) */\r
+\r
+#define CKA_VALUE_BITS 0x00000160\r
+#define CKA_VALUE_LEN 0x00000161\r
+\r
+/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,\r
+ * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,\r
+ * and CKA_EC_POINT are new for v2.0 */\r
+#define CKA_EXTRACTABLE 0x00000162\r
+#define CKA_LOCAL 0x00000163\r
+#define CKA_NEVER_EXTRACTABLE 0x00000164\r
+#define CKA_ALWAYS_SENSITIVE 0x00000165\r
+\r
+/* CKA_KEY_GEN_MECHANISM is new for v2.11 */\r
+#define CKA_KEY_GEN_MECHANISM 0x00000166\r
+\r
+#define CKA_MODIFIABLE 0x00000170\r
+\r
+/* CKA_ECDSA_PARAMS is deprecated in v2.11,\r
+ * CKA_EC_PARAMS is preferred. */\r
+#define CKA_ECDSA_PARAMS 0x00000180\r
+#define CKA_EC_PARAMS 0x00000180\r
+\r
+#define CKA_EC_POINT 0x00000181\r
+\r
+/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, \r
+ * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET\r
+ * are new for v2.10 */\r
+#define CKA_SECONDARY_AUTH 0x00000200\r
+#define CKA_AUTH_PIN_FLAGS 0x00000201\r
+#define CKA_HW_FEATURE_TYPE 0x00000300\r
+#define CKA_RESET_ON_INIT 0x00000301\r
+#define CKA_HAS_RESET 0x00000302\r
+\r
+#define CKA_VENDOR_DEFINED 0x80000000\r
+\r
+\r
+/* CK_ATTRIBUTE is a structure that includes the type, length\r
+ * and value of an attribute */\r
+typedef struct CK_ATTRIBUTE {\r
+ CK_ATTRIBUTE_TYPE type;\r
+ CK_VOID_PTR pValue;\r
+\r
+ /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */\r
+ CK_ULONG ulValueLen; /* in bytes */\r
+} CK_ATTRIBUTE;\r
+\r
+typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;\r
+\r
+\r
+/* CK_DATE is a structure that defines a date */\r
+typedef struct CK_DATE{\r
+ CK_CHAR year[4]; /* the year ("1900" - "9999") */\r
+ CK_CHAR month[2]; /* the month ("01" - "12") */\r
+ CK_CHAR day[2]; /* the day ("01" - "31") */\r
+} CK_DATE;\r
+\r
+\r
+/* CK_MECHANISM_TYPE is a value that identifies a mechanism\r
+ * type */\r
+/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for\r
+ * v2.0 */\r
+typedef CK_ULONG CK_MECHANISM_TYPE;\r
+\r
+/* the following mechanism types are defined: */\r
+#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000\r
+#define CKM_RSA_PKCS 0x00000001\r
+#define CKM_RSA_9796 0x00000002\r
+#define CKM_RSA_X_509 0x00000003\r
+\r
+/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS\r
+ * are new for v2.0. They are mechanisms which hash and sign */\r
+#define CKM_MD2_RSA_PKCS 0x00000004\r
+#define CKM_MD5_RSA_PKCS 0x00000005\r
+#define CKM_SHA1_RSA_PKCS 0x00000006\r
+\r
+/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and\r
+ * CKM_RSA_PKCS_OAEP are new for v2.10 */\r
+#define CKM_RIPEMD128_RSA_PKCS 0x00000007\r
+#define CKM_RIPEMD160_RSA_PKCS 0x00000008\r
+#define CKM_RSA_PKCS_OAEP 0x00000009\r
+\r
+/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,\r
+ * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */\r
+#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A\r
+#define CKM_RSA_X9_31 0x0000000B\r
+#define CKM_SHA1_RSA_X9_31 0x0000000C\r
+#define CKM_RSA_PKCS_PSS 0x0000000D\r
+#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E\r
+\r
+#define CKM_DSA_KEY_PAIR_GEN 0x00000010\r
+#define CKM_DSA 0x00000011\r
+#define CKM_DSA_SHA1 0x00000012\r
+#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020\r
+#define CKM_DH_PKCS_DERIVE 0x00000021\r
+\r
+/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,\r
+ * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for\r
+ * v2.11 */\r
+#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030\r
+#define CKM_X9_42_DH_DERIVE 0x00000031\r
+#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032\r
+#define CKM_X9_42_MQV_DERIVE 0x00000033\r
+\r
+#define CKM_RC2_KEY_GEN 0x00000100\r
+#define CKM_RC2_ECB 0x00000101\r
+#define CKM_RC2_CBC 0x00000102\r
+#define CKM_RC2_MAC 0x00000103\r
+\r
+/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */\r
+#define CKM_RC2_MAC_GENERAL 0x00000104\r
+#define CKM_RC2_CBC_PAD 0x00000105\r
+\r
+#define CKM_RC4_KEY_GEN 0x00000110\r
+#define CKM_RC4 0x00000111\r
+#define CKM_DES_KEY_GEN 0x00000120\r
+#define CKM_DES_ECB 0x00000121\r
+#define CKM_DES_CBC 0x00000122\r
+#define CKM_DES_MAC 0x00000123\r
+\r
+/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */\r
+#define CKM_DES_MAC_GENERAL 0x00000124\r
+#define CKM_DES_CBC_PAD 0x00000125\r
+\r
+#define CKM_DES2_KEY_GEN 0x00000130\r
+#define CKM_DES3_KEY_GEN 0x00000131\r
+#define CKM_DES3_ECB 0x00000132\r
+#define CKM_DES3_CBC 0x00000133\r
+#define CKM_DES3_MAC 0x00000134\r
+\r
+/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,\r
+ * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,\r
+ * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */\r
+#define CKM_DES3_MAC_GENERAL 0x00000135\r
+#define CKM_DES3_CBC_PAD 0x00000136\r
+#define CKM_CDMF_KEY_GEN 0x00000140\r
+#define CKM_CDMF_ECB 0x00000141\r
+#define CKM_CDMF_CBC 0x00000142\r
+#define CKM_CDMF_MAC 0x00000143\r
+#define CKM_CDMF_MAC_GENERAL 0x00000144\r
+#define CKM_CDMF_CBC_PAD 0x00000145\r
+\r
+#define CKM_MD2 0x00000200\r
+\r
+/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */\r
+#define CKM_MD2_HMAC 0x00000201\r
+#define CKM_MD2_HMAC_GENERAL 0x00000202\r
+\r
+#define CKM_MD5 0x00000210\r
+\r
+/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */\r
+#define CKM_MD5_HMAC 0x00000211\r
+#define CKM_MD5_HMAC_GENERAL 0x00000212\r
+\r
+#define CKM_SHA_1 0x00000220\r
+\r
+/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */\r
+#define CKM_SHA_1_HMAC 0x00000221\r
+#define CKM_SHA_1_HMAC_GENERAL 0x00000222\r
+\r
+/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, \r
+ * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,\r
+ * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */\r
+#define CKM_RIPEMD128 0x00000230\r
+#define CKM_RIPEMD128_HMAC 0x00000231\r
+#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232\r
+#define CKM_RIPEMD160 0x00000240\r
+#define CKM_RIPEMD160_HMAC 0x00000241\r
+#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242\r
+\r
+/* All of the following mechanisms are new for v2.0 */\r
+/* Note that CAST128 and CAST5 are the same algorithm */\r
+#define CKM_CAST_KEY_GEN 0x00000300\r
+#define CKM_CAST_ECB 0x00000301\r
+#define CKM_CAST_CBC 0x00000302\r
+#define CKM_CAST_MAC 0x00000303\r
+#define CKM_CAST_MAC_GENERAL 0x00000304\r
+#define CKM_CAST_CBC_PAD 0x00000305\r
+#define CKM_CAST3_KEY_GEN 0x00000310\r
+#define CKM_CAST3_ECB 0x00000311\r
+#define CKM_CAST3_CBC 0x00000312\r
+#define CKM_CAST3_MAC 0x00000313\r
+#define CKM_CAST3_MAC_GENERAL 0x00000314\r
+#define CKM_CAST3_CBC_PAD 0x00000315\r
+#define CKM_CAST5_KEY_GEN 0x00000320\r
+#define CKM_CAST128_KEY_GEN 0x00000320\r
+#define CKM_CAST5_ECB 0x00000321\r
+#define CKM_CAST128_ECB 0x00000321\r
+#define CKM_CAST5_CBC 0x00000322\r
+#define CKM_CAST128_CBC 0x00000322\r
+#define CKM_CAST5_MAC 0x00000323\r
+#define CKM_CAST128_MAC 0x00000323\r
+#define CKM_CAST5_MAC_GENERAL 0x00000324\r
+#define CKM_CAST128_MAC_GENERAL 0x00000324\r
+#define CKM_CAST5_CBC_PAD 0x00000325\r
+#define CKM_CAST128_CBC_PAD 0x00000325\r
+#define CKM_RC5_KEY_GEN 0x00000330\r
+#define CKM_RC5_ECB 0x00000331\r
+#define CKM_RC5_CBC 0x00000332\r
+#define CKM_RC5_MAC 0x00000333\r
+#define CKM_RC5_MAC_GENERAL 0x00000334\r
+#define CKM_RC5_CBC_PAD 0x00000335\r
+#define CKM_IDEA_KEY_GEN 0x00000340\r
+#define CKM_IDEA_ECB 0x00000341\r
+#define CKM_IDEA_CBC 0x00000342\r
+#define CKM_IDEA_MAC 0x00000343\r
+#define CKM_IDEA_MAC_GENERAL 0x00000344\r
+#define CKM_IDEA_CBC_PAD 0x00000345\r
+#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350\r
+#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360\r
+#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362\r
+#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363\r
+#define CKM_XOR_BASE_AND_DATA 0x00000364\r
+#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365\r
+#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370\r
+#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371\r
+#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372\r
+\r
+/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,\r
+ * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and\r
+ * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */\r
+#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373\r
+#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374\r
+#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375\r
+#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376\r
+#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377\r
+\r
+#define CKM_SSL3_MD5_MAC 0x00000380\r
+#define CKM_SSL3_SHA1_MAC 0x00000381\r
+#define CKM_MD5_KEY_DERIVATION 0x00000390\r
+#define CKM_MD2_KEY_DERIVATION 0x00000391\r
+#define CKM_SHA1_KEY_DERIVATION 0x00000392\r
+#define CKM_PBE_MD2_DES_CBC 0x000003A0\r
+#define CKM_PBE_MD5_DES_CBC 0x000003A1\r
+#define CKM_PBE_MD5_CAST_CBC 0x000003A2\r
+#define CKM_PBE_MD5_CAST3_CBC 0x000003A3\r
+#define CKM_PBE_MD5_CAST5_CBC 0x000003A4\r
+#define CKM_PBE_MD5_CAST128_CBC 0x000003A4\r
+#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5\r
+#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5\r
+#define CKM_PBE_SHA1_RC4_128 0x000003A6\r
+#define CKM_PBE_SHA1_RC4_40 0x000003A7\r
+#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8\r
+#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9\r
+#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA\r
+#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB\r
+\r
+/* CKM_PKCS5_PBKD2 is new for v2.10 */\r
+#define CKM_PKCS5_PBKD2 0x000003B0\r
+\r
+#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0\r
+#define CKM_KEY_WRAP_LYNKS 0x00000400\r
+#define CKM_KEY_WRAP_SET_OAEP 0x00000401\r
+\r
+/* Fortezza mechanisms */\r
+#define CKM_SKIPJACK_KEY_GEN 0x00001000\r
+#define CKM_SKIPJACK_ECB64 0x00001001\r
+#define CKM_SKIPJACK_CBC64 0x00001002\r
+#define CKM_SKIPJACK_OFB64 0x00001003\r
+#define CKM_SKIPJACK_CFB64 0x00001004\r
+#define CKM_SKIPJACK_CFB32 0x00001005\r
+#define CKM_SKIPJACK_CFB16 0x00001006\r
+#define CKM_SKIPJACK_CFB8 0x00001007\r
+#define CKM_SKIPJACK_WRAP 0x00001008\r
+#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009\r
+#define CKM_SKIPJACK_RELAYX 0x0000100a\r
+#define CKM_KEA_KEY_PAIR_GEN 0x00001010\r
+#define CKM_KEA_KEY_DERIVE 0x00001011\r
+#define CKM_FORTEZZA_TIMESTAMP 0x00001020\r
+#define CKM_BATON_KEY_GEN 0x00001030\r
+#define CKM_BATON_ECB128 0x00001031\r
+#define CKM_BATON_ECB96 0x00001032\r
+#define CKM_BATON_CBC128 0x00001033\r
+#define CKM_BATON_COUNTER 0x00001034\r
+#define CKM_BATON_SHUFFLE 0x00001035\r
+#define CKM_BATON_WRAP 0x00001036\r
+\r
+/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,\r
+ * CKM_EC_KEY_PAIR_GEN is preferred */\r
+#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040\r
+#define CKM_EC_KEY_PAIR_GEN 0x00001040\r
+\r
+#define CKM_ECDSA 0x00001041\r
+#define CKM_ECDSA_SHA1 0x00001042\r
+\r
+/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE\r
+ * are new for v2.11 */\r
+#define CKM_ECDH1_DERIVE 0x00001050\r
+#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051\r
+#define CKM_ECMQV_DERIVE 0x00001052\r
+\r
+#define CKM_JUNIPER_KEY_GEN 0x00001060\r
+#define CKM_JUNIPER_ECB128 0x00001061\r
+#define CKM_JUNIPER_CBC128 0x00001062\r
+#define CKM_JUNIPER_COUNTER 0x00001063\r
+#define CKM_JUNIPER_SHUFFLE 0x00001064\r
+#define CKM_JUNIPER_WRAP 0x00001065\r
+#define CKM_FASTHASH 0x00001070\r
+\r
+/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC,\r
+ * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN,\r
+ * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are\r
+ * new for v2.11 */\r
+#define CKM_AES_KEY_GEN 0x00001080\r
+#define CKM_AES_ECB 0x00001081\r
+#define CKM_AES_CBC 0x00001082\r
+#define CKM_AES_MAC 0x00001083\r
+#define CKM_AES_MAC_GENERAL 0x00001084\r
+#define CKM_AES_CBC_PAD 0x00001085\r
+#define CKM_DSA_PARAMETER_GEN 0x00002000\r
+#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001\r
+#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002\r
+\r
+#define CKM_VENDOR_DEFINED 0x80000000\r
+\r
+typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;\r
+\r
+\r
+/* CK_MECHANISM is a structure that specifies a particular\r
+ * mechanism */\r
+typedef struct CK_MECHANISM {\r
+ CK_MECHANISM_TYPE mechanism;\r
+ CK_VOID_PTR pParameter;\r
+\r
+ /* ulParameterLen was changed from CK_USHORT to CK_ULONG for\r
+ * v2.0 */\r
+ CK_ULONG ulParameterLen; /* in bytes */\r
+} CK_MECHANISM;\r
+\r
+typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;\r
+\r
+\r
+/* CK_MECHANISM_INFO provides information about a particular\r
+ * mechanism */\r
+typedef struct CK_MECHANISM_INFO {\r
+ CK_ULONG ulMinKeySize;\r
+ CK_ULONG ulMaxKeySize;\r
+ CK_FLAGS flags;\r
+} CK_MECHANISM_INFO;\r
+\r
+/* The flags are defined as follows:\r
+ * Bit Flag Mask Meaning */\r
+#define CKF_HW 0x00000001 /* performed by HW */\r
+\r
+/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,\r
+ * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,\r
+ * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,\r
+ * and CKF_DERIVE are new for v2.0. They specify whether or not\r
+ * a mechanism can be used for a particular task */\r
+#define CKF_ENCRYPT 0x00000100\r
+#define CKF_DECRYPT 0x00000200\r
+#define CKF_DIGEST 0x00000400\r
+#define CKF_SIGN 0x00000800\r
+#define CKF_SIGN_RECOVER 0x00001000\r
+#define CKF_VERIFY 0x00002000\r
+#define CKF_VERIFY_RECOVER 0x00004000\r
+#define CKF_GENERATE 0x00008000\r
+#define CKF_GENERATE_KEY_PAIR 0x00010000\r
+#define CKF_WRAP 0x00020000\r
+#define CKF_UNWRAP 0x00040000\r
+#define CKF_DERIVE 0x00080000\r
+\r
+/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,\r
+ * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They\r
+ * describe a token's EC capabilities not available in mechanism\r
+ * information. */\r
+#define CKF_EC_F_P 0x00100000\r
+#define CKF_EC_F_2M 0x00200000\r
+#define CKF_EC_ECPARAMETERS 0x00400000\r
+#define CKF_EC_NAMEDCURVE 0x00800000\r
+#define CKF_EC_UNCOMPRESS 0x01000000\r
+#define CKF_EC_COMPRESS 0x02000000\r
+\r
+#define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */\r
+\r
+typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;\r
+\r
+\r
+/* CK_RV is a value that identifies the return value of a\r
+ * Cryptoki function */\r
+/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */\r
+typedef CK_ULONG CK_RV;\r
+\r
+#define CKR_OK 0x00000000\r
+#define CKR_CANCEL 0x00000001\r
+#define CKR_HOST_MEMORY 0x00000002\r
+#define CKR_SLOT_ID_INVALID 0x00000003\r
+\r
+/* CKR_FLAGS_INVALID was removed for v2.0 */\r
+\r
+/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */\r
+#define CKR_GENERAL_ERROR 0x00000005\r
+#define CKR_FUNCTION_FAILED 0x00000006\r
+\r
+/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,\r
+ * and CKR_CANT_LOCK are new for v2.01 */\r
+#define CKR_ARGUMENTS_BAD 0x00000007\r
+#define CKR_NO_EVENT 0x00000008\r
+#define CKR_NEED_TO_CREATE_THREADS 0x00000009\r
+#define CKR_CANT_LOCK 0x0000000A\r
+\r
+#define CKR_ATTRIBUTE_READ_ONLY 0x00000010\r
+#define CKR_ATTRIBUTE_SENSITIVE 0x00000011\r
+#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012\r
+#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013\r
+#define CKR_DATA_INVALID 0x00000020\r
+#define CKR_DATA_LEN_RANGE 0x00000021\r
+#define CKR_DEVICE_ERROR 0x00000030\r
+#define CKR_DEVICE_MEMORY 0x00000031\r
+#define CKR_DEVICE_REMOVED 0x00000032\r
+#define CKR_ENCRYPTED_DATA_INVALID 0x00000040\r
+#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041\r
+#define CKR_FUNCTION_CANCELED 0x00000050\r
+#define CKR_FUNCTION_NOT_PARALLEL 0x00000051\r
+\r
+/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */\r
+#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054\r
+\r
+#define CKR_KEY_HANDLE_INVALID 0x00000060\r
+\r
+/* CKR_KEY_SENSITIVE was removed for v2.0 */\r
+\r
+#define CKR_KEY_SIZE_RANGE 0x00000062\r
+#define CKR_KEY_TYPE_INCONSISTENT 0x00000063\r
+\r
+/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,\r
+ * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,\r
+ * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for\r
+ * v2.0 */\r
+#define CKR_KEY_NOT_NEEDED 0x00000064\r
+#define CKR_KEY_CHANGED 0x00000065\r
+#define CKR_KEY_NEEDED 0x00000066\r
+#define CKR_KEY_INDIGESTIBLE 0x00000067\r
+#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068\r
+#define CKR_KEY_NOT_WRAPPABLE 0x00000069\r
+#define CKR_KEY_UNEXTRACTABLE 0x0000006A\r
+\r
+#define CKR_MECHANISM_INVALID 0x00000070\r
+#define CKR_MECHANISM_PARAM_INVALID 0x00000071\r
+\r
+/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID\r
+ * were removed for v2.0 */\r
+#define CKR_OBJECT_HANDLE_INVALID 0x00000082\r
+#define CKR_OPERATION_ACTIVE 0x00000090\r
+#define CKR_OPERATION_NOT_INITIALIZED 0x00000091\r
+#define CKR_PIN_INCORRECT 0x000000A0\r
+#define CKR_PIN_INVALID 0x000000A1\r
+#define CKR_PIN_LEN_RANGE 0x000000A2\r
+\r
+/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */\r
+#define CKR_PIN_EXPIRED 0x000000A3\r
+#define CKR_PIN_LOCKED 0x000000A4\r
+\r
+#define CKR_SESSION_CLOSED 0x000000B0\r
+#define CKR_SESSION_COUNT 0x000000B1\r
+#define CKR_SESSION_HANDLE_INVALID 0x000000B3\r
+#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4\r
+#define CKR_SESSION_READ_ONLY 0x000000B5\r
+#define CKR_SESSION_EXISTS 0x000000B6\r
+\r
+/* CKR_SESSION_READ_ONLY_EXISTS and\r
+ * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */\r
+#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7\r
+#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8\r
+\r
+#define CKR_SIGNATURE_INVALID 0x000000C0\r
+#define CKR_SIGNATURE_LEN_RANGE 0x000000C1\r
+#define CKR_TEMPLATE_INCOMPLETE 0x000000D0\r
+#define CKR_TEMPLATE_INCONSISTENT 0x000000D1\r
+#define CKR_TOKEN_NOT_PRESENT 0x000000E0\r
+#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1\r
+#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2\r
+#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0\r
+#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1\r
+#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2\r
+#define CKR_USER_ALREADY_LOGGED_IN 0x00000100\r
+#define CKR_USER_NOT_LOGGED_IN 0x00000101\r
+#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102\r
+#define CKR_USER_TYPE_INVALID 0x00000103\r
+\r
+/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES\r
+ * are new to v2.01 */\r
+#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104\r
+#define CKR_USER_TOO_MANY_TYPES 0x00000105\r
+\r
+#define CKR_WRAPPED_KEY_INVALID 0x00000110\r
+#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112\r
+#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113\r
+#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114\r
+#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115\r
+#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120\r
+\r
+/* These are new to v2.0 */\r
+#define CKR_RANDOM_NO_RNG 0x00000121\r
+\r
+/* These are new to v2.11 */\r
+#define CKR_DOMAIN_PARAMS_INVALID 0x00000130\r
+\r
+/* These are new to v2.0 */\r
+#define CKR_BUFFER_TOO_SMALL 0x00000150\r
+#define CKR_SAVED_STATE_INVALID 0x00000160\r
+#define CKR_INFORMATION_SENSITIVE 0x00000170\r
+#define CKR_STATE_UNSAVEABLE 0x00000180\r
+\r
+/* These are new to v2.01 */\r
+#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190\r
+#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191\r
+#define CKR_MUTEX_BAD 0x000001A0\r
+#define CKR_MUTEX_NOT_LOCKED 0x000001A1\r
+\r
+#define CKR_VENDOR_DEFINED 0x80000000\r
+\r
+\r
+/* CK_NOTIFY is an application callback that processes events */\r
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(\r
+ CK_SESSION_HANDLE hSession, /* the session's handle */\r
+ CK_NOTIFICATION event,\r
+ CK_VOID_PTR pApplication /* passed to C_OpenSession */\r
+);\r
+\r
+\r
+/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec\r
+ * version and pointers of appropriate types to all the\r
+ * Cryptoki functions */\r
+/* CK_FUNCTION_LIST is new for v2.0 */\r
+typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;\r
+\r
+typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;\r
+\r
+typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;\r
+\r
+\r
+/* CK_CREATEMUTEX is an application callback for creating a\r
+ * mutex object */\r
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(\r
+ CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */\r
+);\r
+\r
+\r
+/* CK_DESTROYMUTEX is an application callback for destroying a\r
+ * mutex object */\r
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(\r
+ CK_VOID_PTR pMutex /* pointer to mutex */\r
+);\r
+\r
+\r
+/* CK_LOCKMUTEX is an application callback for locking a mutex */\r
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(\r
+ CK_VOID_PTR pMutex /* pointer to mutex */\r
+);\r
+\r
+\r
+/* CK_UNLOCKMUTEX is an application callback for unlocking a\r
+ * mutex */\r
+typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(\r
+ CK_VOID_PTR pMutex /* pointer to mutex */\r
+);\r
+\r
+\r
+/* CK_C_INITIALIZE_ARGS provides the optional arguments to\r
+ * C_Initialize */\r
+typedef struct CK_C_INITIALIZE_ARGS {\r
+ CK_CREATEMUTEX CreateMutex;\r
+ CK_DESTROYMUTEX DestroyMutex;\r
+ CK_LOCKMUTEX LockMutex;\r
+ CK_UNLOCKMUTEX UnlockMutex;\r
+ CK_FLAGS flags;\r
+ CK_VOID_PTR pReserved;\r
+} CK_C_INITIALIZE_ARGS;\r
+\r
+/* flags: bit flags that provide capabilities of the slot\r
+ * Bit Flag Mask Meaning\r
+ */\r
+#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001\r
+#define CKF_OS_LOCKING_OK 0x00000002\r
+\r
+typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;\r
+\r
+\r
+/* additional flags for parameters to functions */\r
+\r
+/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */\r
+#define CKF_DONT_BLOCK 1\r
+\r
+/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. \r
+ * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message \r
+ * Generation Function (MGF) applied to a message block when \r
+ * formatting a message block for the PKCS #1 OAEP encryption \r
+ * scheme. */\r
+typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;\r
+\r
+typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;\r
+\r
+/* The following MGFs are defined */\r
+#define CKG_MGF1_SHA1 0x00000001\r
+\r
+/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. \r
+ * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source\r
+ * of the encoding parameter when formatting a message block \r
+ * for the PKCS #1 OAEP encryption scheme. */\r
+typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;\r
+\r
+typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;\r
+\r
+/* The following encoding parameter sources are defined */\r
+#define CKZ_DATA_SPECIFIED 0x00000001\r
+\r
+/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.\r
+ * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the \r
+ * CKM_RSA_PKCS_OAEP mechanism. */\r
+typedef struct CK_RSA_PKCS_OAEP_PARAMS {\r
+ CK_MECHANISM_TYPE hashAlg;\r
+ CK_RSA_PKCS_MGF_TYPE mgf;\r
+ CK_RSA_PKCS_OAEP_SOURCE_TYPE source;\r
+ CK_VOID_PTR pSourceData;\r
+ CK_ULONG ulSourceDataLen;\r
+} CK_RSA_PKCS_OAEP_PARAMS;\r
+\r
+typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;\r
+\r
+/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11.\r
+ * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the\r
+ * CKM_RSA_PKCS_PSS mechanism(s). */\r
+typedef struct CK_RSA_PKCS_PSS_PARAMS {\r
+ CK_MECHANISM_TYPE hashAlg;\r
+ CK_RSA_PKCS_MGF_TYPE mgf;\r
+ CK_ULONG sLen;\r
+} CK_RSA_PKCS_PSS_PARAMS;\r
+\r
+typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;\r
+\r
+/* CK_EC_KDF_TYPE is new for v2.11. */\r
+typedef CK_ULONG CK_EC_KDF_TYPE;\r
+\r
+/* The following EC Key Derivation Functions are defined */\r
+#define CKD_NULL 0x00000001\r
+#define CKD_SHA1_KDF 0x00000002\r
+\r
+/* CK_ECDH1_DERIVE_PARAMS is new for v2.11.\r
+ * CK_ECDH1_DERIVE_PARAMS provides the parameters to the\r
+ * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,\r
+ * where each party contributes one key pair.\r
+ */\r
+typedef struct CK_ECDH1_DERIVE_PARAMS {\r
+ CK_EC_KDF_TYPE kdf;\r
+ CK_ULONG ulSharedDataLen;\r
+ CK_BYTE_PTR pSharedData;\r
+ CK_ULONG ulPublicDataLen;\r
+ CK_BYTE_PTR pPublicData;\r
+} CK_ECDH1_DERIVE_PARAMS;\r
+\r
+typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;\r
+\r
+\r
+/* CK_ECDH2_DERIVE_PARAMS is new for v2.11.\r
+ * CK_ECDH2_DERIVE_PARAMS provides the parameters to the\r
+ * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */\r
+typedef struct CK_ECDH2_DERIVE_PARAMS {\r
+ CK_EC_KDF_TYPE kdf;\r
+ CK_ULONG ulSharedDataLen;\r
+ CK_BYTE_PTR pSharedData;\r
+ CK_ULONG ulPublicDataLen;\r
+ CK_BYTE_PTR pPublicData;\r
+ CK_ULONG ulPrivateDataLen;\r
+ CK_OBJECT_HANDLE hPrivateData;\r
+ CK_ULONG ulPublicDataLen2;\r
+ CK_BYTE_PTR pPublicData2;\r
+} CK_ECDH2_DERIVE_PARAMS;\r
+\r
+typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR;\r
+\r
+/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the \r
+ * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */\r
+typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;\r
+typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;\r
+\r
+/* The following X9.42 DH key derivation functions are defined: */\r
+#define CKD_NULL 0x00000001\r
+#define CKD_SHA1_KDF_ASN1 0x00000003\r
+#define CKD_SHA1_KDF_CONCATENATE 0x00000004\r
+\r
+/* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11.\r
+ * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the \r
+ * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party\r
+ * contributes one key pair */\r
+typedef struct CK_X9_42_DH1_DERIVE_PARAMS {\r
+ CK_X9_42_DH_KDF_TYPE kdf;\r
+ CK_ULONG ulOtherInfoLen;\r
+ CK_BYTE_PTR pOtherInfo;\r
+ CK_ULONG ulPublicDataLen;\r
+ CK_BYTE_PTR pPublicData;\r
+} CK_X9_42_DH1_DERIVE_PARAMS;\r
+\r
+typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;\r
+\r
+/* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11.\r
+ * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the \r
+ * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation\r
+ * mechanisms, where each party contributes two key pairs */\r
+typedef struct CK_X9_42_DH2_DERIVE_PARAMS {\r
+ CK_X9_42_DH_KDF_TYPE kdf;\r
+ CK_ULONG ulOtherInfoLen;\r
+ CK_BYTE_PTR pOtherInfo;\r
+ CK_ULONG ulPublicDataLen;\r
+ CK_BYTE_PTR pPublicData;\r
+ CK_ULONG ulPrivateDataLen;\r
+ CK_OBJECT_HANDLE hPrivateData;\r
+ CK_ULONG ulPublicDataLen2;\r
+ CK_BYTE_PTR pPublicData2;\r
+} CK_X9_42_DH2_DERIVE_PARAMS;\r
+\r
+typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;\r
+\r
+/* CK_KEA_DERIVE_PARAMS provides the parameters to the\r
+ * CKM_KEA_DERIVE mechanism */\r
+/* CK_KEA_DERIVE_PARAMS is new for v2.0 */\r
+typedef struct CK_KEA_DERIVE_PARAMS {\r
+ CK_BBOOL isSender;\r
+ CK_ULONG ulRandomLen;\r
+ CK_BYTE_PTR pRandomA;\r
+ CK_BYTE_PTR pRandomB;\r
+ CK_ULONG ulPublicDataLen;\r
+ CK_BYTE_PTR pPublicData;\r
+} CK_KEA_DERIVE_PARAMS;\r
+\r
+typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;\r
+\r
+\r
+/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and\r
+ * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just\r
+ * holds the effective keysize */\r
+typedef CK_ULONG CK_RC2_PARAMS;\r
+\r
+typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;\r
+\r
+\r
+/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC\r
+ * mechanism */\r
+typedef struct CK_RC2_CBC_PARAMS {\r
+ /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for\r
+ * v2.0 */\r
+ CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */\r
+\r
+ CK_BYTE iv[8]; /* IV for CBC mode */\r
+} CK_RC2_CBC_PARAMS;\r
+\r
+typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;\r
+\r
+\r
+/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the\r
+ * CKM_RC2_MAC_GENERAL mechanism */\r
+/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */\r
+typedef struct CK_RC2_MAC_GENERAL_PARAMS {\r
+ CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */\r
+ CK_ULONG ulMacLength; /* Length of MAC in bytes */\r
+} CK_RC2_MAC_GENERAL_PARAMS;\r
+\r
+typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \\r
+ CK_RC2_MAC_GENERAL_PARAMS_PTR;\r
+\r
+\r
+/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and\r
+ * CKM_RC5_MAC mechanisms */\r
+/* CK_RC5_PARAMS is new for v2.0 */\r
+typedef struct CK_RC5_PARAMS {\r
+ CK_ULONG ulWordsize; /* wordsize in bits */\r
+ CK_ULONG ulRounds; /* number of rounds */\r
+} CK_RC5_PARAMS;\r
+\r
+typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;\r
+\r
+\r
+/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC\r
+ * mechanism */\r
+/* CK_RC5_CBC_PARAMS is new for v2.0 */\r
+typedef struct CK_RC5_CBC_PARAMS {\r
+ CK_ULONG ulWordsize; /* wordsize in bits */\r
+ CK_ULONG ulRounds; /* number of rounds */\r
+ CK_BYTE_PTR pIv; /* pointer to IV */\r
+ CK_ULONG ulIvLen; /* length of IV in bytes */\r
+} CK_RC5_CBC_PARAMS;\r
+\r
+typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;\r
+\r
+\r
+/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the\r
+ * CKM_RC5_MAC_GENERAL mechanism */\r
+/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */\r
+typedef struct CK_RC5_MAC_GENERAL_PARAMS {\r
+ CK_ULONG ulWordsize; /* wordsize in bits */\r
+ CK_ULONG ulRounds; /* number of rounds */\r
+ CK_ULONG ulMacLength; /* Length of MAC in bytes */\r
+} CK_RC5_MAC_GENERAL_PARAMS;\r
+\r
+typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \\r
+ CK_RC5_MAC_GENERAL_PARAMS_PTR;\r
+\r
+\r
+/* CK_MAC_GENERAL_PARAMS provides the parameters to most block\r
+ * ciphers' MAC_GENERAL mechanisms. Its value is the length of\r
+ * the MAC */\r
+/* CK_MAC_GENERAL_PARAMS is new for v2.0 */\r
+typedef CK_ULONG CK_MAC_GENERAL_PARAMS;\r
+\r
+typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;\r
+\r
+\r
+/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the\r
+ * CKM_SKIPJACK_PRIVATE_WRAP mechanism */\r
+/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */\r
+typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {\r
+ CK_ULONG ulPasswordLen;\r
+ CK_BYTE_PTR pPassword;\r
+ CK_ULONG ulPublicDataLen;\r
+ CK_BYTE_PTR pPublicData;\r
+ CK_ULONG ulPAndGLen;\r
+ CK_ULONG ulQLen;\r
+ CK_ULONG ulRandomLen;\r
+ CK_BYTE_PTR pRandomA;\r
+ CK_BYTE_PTR pPrimeP;\r
+ CK_BYTE_PTR pBaseG;\r
+ CK_BYTE_PTR pSubprimeQ;\r
+} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;\r
+\r
+typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \\r
+ CK_SKIPJACK_PRIVATE_WRAP_PTR;\r
+\r
+\r
+/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the\r
+ * CKM_SKIPJACK_RELAYX mechanism */\r
+/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */\r
+typedef struct CK_SKIPJACK_RELAYX_PARAMS {\r
+ CK_ULONG ulOldWrappedXLen;\r
+ CK_BYTE_PTR pOldWrappedX;\r
+ CK_ULONG ulOldPasswordLen;\r
+ CK_BYTE_PTR pOldPassword;\r
+ CK_ULONG ulOldPublicDataLen;\r
+ CK_BYTE_PTR pOldPublicData;\r
+ CK_ULONG ulOldRandomLen;\r
+ CK_BYTE_PTR pOldRandomA;\r
+ CK_ULONG ulNewPasswordLen;\r
+ CK_BYTE_PTR pNewPassword;\r
+ CK_ULONG ulNewPublicDataLen;\r
+ CK_BYTE_PTR pNewPublicData;\r
+ CK_ULONG ulNewRandomLen;\r
+ CK_BYTE_PTR pNewRandomA;\r
+} CK_SKIPJACK_RELAYX_PARAMS;\r
+\r
+typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \\r
+ CK_SKIPJACK_RELAYX_PARAMS_PTR;\r
+\r
+\r
+typedef struct CK_PBE_PARAMS {\r
+ CK_BYTE_PTR pInitVector;\r
+ CK_UTF8CHAR_PTR pPassword;\r
+ CK_ULONG ulPasswordLen;\r
+ CK_BYTE_PTR pSalt;\r
+ CK_ULONG ulSaltLen;\r
+ CK_ULONG ulIteration;\r
+} CK_PBE_PARAMS;\r
+\r
+typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;\r
+\r
+\r
+/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the\r
+ * CKM_KEY_WRAP_SET_OAEP mechanism */\r
+/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */\r
+typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {\r
+ CK_BYTE bBC; /* block contents byte */\r
+ CK_BYTE_PTR pX; /* extra data */\r
+ CK_ULONG ulXLen; /* length of extra data in bytes */\r
+} CK_KEY_WRAP_SET_OAEP_PARAMS;\r
+\r
+typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \\r
+ CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;\r
+\r
+\r
+typedef struct CK_SSL3_RANDOM_DATA {\r
+ CK_BYTE_PTR pClientRandom;\r
+ CK_ULONG ulClientRandomLen;\r
+ CK_BYTE_PTR pServerRandom;\r
+ CK_ULONG ulServerRandomLen;\r
+} CK_SSL3_RANDOM_DATA;\r
+\r
+\r
+typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {\r
+ CK_SSL3_RANDOM_DATA RandomInfo;\r
+ CK_VERSION_PTR pVersion;\r
+} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;\r
+\r
+typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \\r
+ CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;\r
+\r
+\r
+typedef struct CK_SSL3_KEY_MAT_OUT {\r
+ CK_OBJECT_HANDLE hClientMacSecret;\r
+ CK_OBJECT_HANDLE hServerMacSecret;\r
+ CK_OBJECT_HANDLE hClientKey;\r
+ CK_OBJECT_HANDLE hServerKey;\r
+ CK_BYTE_PTR pIVClient;\r
+ CK_BYTE_PTR pIVServer;\r
+} CK_SSL3_KEY_MAT_OUT;\r
+\r
+typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;\r
+\r
+\r
+typedef struct CK_SSL3_KEY_MAT_PARAMS {\r
+ CK_ULONG ulMacSizeInBits;\r
+ CK_ULONG ulKeySizeInBits;\r
+ CK_ULONG ulIVSizeInBits;\r
+ CK_BBOOL bIsExport;\r
+ CK_SSL3_RANDOM_DATA RandomInfo;\r
+ CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;\r
+} CK_SSL3_KEY_MAT_PARAMS;\r
+\r
+typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;\r
+\r
+\r
+typedef struct CK_KEY_DERIVATION_STRING_DATA {\r
+ CK_BYTE_PTR pData;\r
+ CK_ULONG ulLen;\r
+} CK_KEY_DERIVATION_STRING_DATA;\r
+\r
+typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \\r
+ CK_KEY_DERIVATION_STRING_DATA_PTR;\r
+\r
+\r
+/* The CK_EXTRACT_PARAMS is used for the\r
+ * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit\r
+ * of the base key should be used as the first bit of the\r
+ * derived key */\r
+/* CK_EXTRACT_PARAMS is new for v2.0 */\r
+typedef CK_ULONG CK_EXTRACT_PARAMS;\r
+\r
+typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;\r
+\r
+/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.\r
+ * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to \r
+ * indicate the Pseudo-Random Function (PRF) used to generate \r
+ * key bits using PKCS #5 PBKDF2. */\r
+typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;\r
+\r
+typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;\r
+\r
+/* The following PRFs are defined in PKCS #5 v2.0. */\r
+#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001\r
+\r
+\r
+/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10.\r
+ * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the \r
+ * source of the salt value when deriving a key using PKCS #5 \r
+ * PBKDF2. */\r
+typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;\r
+\r
+typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;\r
+\r
+/* The following salt value sources are defined in PKCS #5 v2.0. */\r
+#define CKZ_SALT_SPECIFIED 0x00000001\r
+\r
+/* CK_PKCS5_PBKD2_PARAMS is new for v2.10.\r
+ * CK_PKCS5_PBKD2_PARAMS is a structure that provides the \r
+ * parameters to the CKM_PKCS5_PBKD2 mechanism. */\r
+typedef struct CK_PKCS5_PBKD2_PARAMS {\r
+ CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;\r
+ CK_VOID_PTR pSaltSourceData;\r
+ CK_ULONG ulSaltSourceDataLen;\r
+ CK_ULONG iterations;\r
+ CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;\r
+ CK_VOID_PTR pPrfData;\r
+ CK_ULONG ulPrfDataLen;\r
+ CK_UTF8CHAR_PTR pPassword;\r
+ CK_ULONG_PTR ulPasswordLen;\r
+} CK_PKCS5_PBKD2_PARAMS;\r
+\r
+typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;\r
+\r
+#endif\r