1/* pkcs11f.h include file for PKCS #11. */ 2/* $Revision: 1.2 $ */ 3 4/* License to copy and use this software is granted provided that it is 5 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 6 * (Cryptoki)" in all material mentioning or referencing this software. 7 8 * License is also granted to make and use derivative works provided that 9 * such works are identified as "derived from the RSA Security Inc. PKCS #11 10 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 11 * referencing the derived work. 12 13 * RSA Security Inc. makes no representations concerning either the 14 * merchantability of this software or the suitability of this software for 15 * any particular purpose. It is provided "as is" without express or implied 16 * warranty of any kind. 17 */ 18 19/* This header file contains pretty much everything about all the */ 20/* Cryptoki function prototypes. Because this information is */ 21/* used for more than just declaring function prototypes, the */ 22/* order of the functions appearing herein is important, and */ 23/* should not be altered. */ 24 25/* General-purpose */ 26 27/* C_Initialize initializes the Cryptoki library. */ 28CK_PKCS11_FUNCTION_INFO(C_Initialize) 29#ifdef CK_NEED_ARG_LIST 30( 31 CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets 32 * cast to CK_C_INITIALIZE_ARGS_PTR 33 * and dereferenced */ 34); 35#endif 36 37 38/* C_Finalize indicates that an application is done with the 39 * Cryptoki library. */ 40CK_PKCS11_FUNCTION_INFO(C_Finalize) 41#ifdef CK_NEED_ARG_LIST 42( 43 CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ 44); 45#endif 46 47 48/* C_GetInfo returns general information about Cryptoki. */ 49CK_PKCS11_FUNCTION_INFO(C_GetInfo) 50#ifdef CK_NEED_ARG_LIST 51( 52 CK_INFO_PTR pInfo /* location that receives information */ 53); 54#endif 55 56 57/* C_GetFunctionList returns the function list. */ 58CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) 59#ifdef CK_NEED_ARG_LIST 60( 61 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to 62 * function list */ 63); 64#endif 65 66 67 68/* Slot and token management */ 69 70/* C_GetSlotList obtains a list of slots in the system. */ 71CK_PKCS11_FUNCTION_INFO(C_GetSlotList) 72#ifdef CK_NEED_ARG_LIST 73( 74 CK_BBOOL tokenPresent, /* only slots with tokens? */ 75 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ 76 CK_ULONG_PTR pulCount /* receives number of slots */ 77); 78#endif 79 80 81/* C_GetSlotInfo obtains information about a particular slot in 82 * the system. */ 83CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) 84#ifdef CK_NEED_ARG_LIST 85( 86 CK_SLOT_ID slotID, /* the ID of the slot */ 87 CK_SLOT_INFO_PTR pInfo /* receives the slot information */ 88); 89#endif 90 91 92/* C_GetTokenInfo obtains information about a particular token 93 * in the system. */ 94CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) 95#ifdef CK_NEED_ARG_LIST 96( 97 CK_SLOT_ID slotID, /* ID of the token's slot */ 98 CK_TOKEN_INFO_PTR pInfo /* receives the token information */ 99); 100#endif 101 102 103/* C_GetMechanismList obtains a list of mechanism types 104 * supported by a token. */ 105CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) 106#ifdef CK_NEED_ARG_LIST 107( 108 CK_SLOT_ID slotID, /* ID of token's slot */ 109 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ 110 CK_ULONG_PTR pulCount /* gets # of mechs. */ 111); 112#endif 113 114 115/* C_GetMechanismInfo obtains information about a particular 116 * mechanism possibly supported by a token. */ 117CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) 118#ifdef CK_NEED_ARG_LIST 119( 120 CK_SLOT_ID slotID, /* ID of the token's slot */ 121 CK_MECHANISM_TYPE type, /* type of mechanism */ 122 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ 123); 124#endif 125 126 127/* C_InitToken initializes a token. */ 128CK_PKCS11_FUNCTION_INFO(C_InitToken) 129#ifdef CK_NEED_ARG_LIST 130/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ 131( 132 CK_SLOT_ID slotID, /* ID of the token's slot */ 133 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ 134 CK_ULONG ulPinLen, /* length in bytes of the PIN */ 135 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ 136); 137#endif 138 139 140/* C_InitPIN initializes the normal user's PIN. */ 141CK_PKCS11_FUNCTION_INFO(C_InitPIN) 142#ifdef CK_NEED_ARG_LIST 143( 144 CK_SESSION_HANDLE hSession, /* the session's handle */ 145 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ 146 CK_ULONG ulPinLen /* length in bytes of the PIN */ 147); 148#endif 149 150 151/* C_SetPIN modifies the PIN of the user who is logged in. */ 152CK_PKCS11_FUNCTION_INFO(C_SetPIN) 153#ifdef CK_NEED_ARG_LIST 154( 155 CK_SESSION_HANDLE hSession, /* the session's handle */ 156 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ 157 CK_ULONG ulOldLen, /* length of the old PIN */ 158 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ 159 CK_ULONG ulNewLen /* length of the new PIN */ 160); 161#endif 162 163 164 165/* Session management */ 166 167/* C_OpenSession opens a session between an application and a 168 * token. */ 169CK_PKCS11_FUNCTION_INFO(C_OpenSession) 170#ifdef CK_NEED_ARG_LIST 171( 172 CK_SLOT_ID slotID, /* the slot's ID */ 173 CK_FLAGS flags, /* from CK_SESSION_INFO */ 174 CK_VOID_PTR pApplication, /* passed to callback */ 175 CK_NOTIFY Notify, /* callback function */ 176 CK_SESSION_HANDLE_PTR phSession /* gets session handle */ 177); 178#endif 179 180 181/* C_CloseSession closes a session between an application and a 182 * token. */ 183CK_PKCS11_FUNCTION_INFO(C_CloseSession) 184#ifdef CK_NEED_ARG_LIST 185( 186 CK_SESSION_HANDLE hSession /* the session's handle */ 187); 188#endif 189 190 191/* C_CloseAllSessions closes all sessions with a token. */ 192CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) 193#ifdef CK_NEED_ARG_LIST 194( 195 CK_SLOT_ID slotID /* the token's slot */ 196); 197#endif 198 199 200/* C_GetSessionInfo obtains information about the session. */ 201CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) 202#ifdef CK_NEED_ARG_LIST 203( 204 CK_SESSION_HANDLE hSession, /* the session's handle */ 205 CK_SESSION_INFO_PTR pInfo /* receives session info */ 206); 207#endif 208 209 210/* C_GetOperationState obtains the state of the cryptographic operation 211 * in a session. */ 212CK_PKCS11_FUNCTION_INFO(C_GetOperationState) 213#ifdef CK_NEED_ARG_LIST 214( 215 CK_SESSION_HANDLE hSession, /* session's handle */ 216 CK_BYTE_PTR pOperationState, /* gets state */ 217 CK_ULONG_PTR pulOperationStateLen /* gets state length */ 218); 219#endif 220 221 222/* C_SetOperationState restores the state of the cryptographic 223 * operation in a session. */ 224CK_PKCS11_FUNCTION_INFO(C_SetOperationState) 225#ifdef CK_NEED_ARG_LIST 226( 227 CK_SESSION_HANDLE hSession, /* session's handle */ 228 CK_BYTE_PTR pOperationState, /* holds state */ 229 CK_ULONG ulOperationStateLen, /* holds state length */ 230 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ 231 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ 232); 233#endif 234 235 236/* C_Login logs a user into a token. */ 237CK_PKCS11_FUNCTION_INFO(C_Login) 238#ifdef CK_NEED_ARG_LIST 239( 240 CK_SESSION_HANDLE hSession, /* the session's handle */ 241 CK_USER_TYPE userType, /* the user type */ 242 CK_UTF8CHAR_PTR pPin, /* the user's PIN */ 243 CK_ULONG ulPinLen /* the length of the PIN */ 244); 245#endif 246 247 248/* C_Logout logs a user out from a token. */ 249CK_PKCS11_FUNCTION_INFO(C_Logout) 250#ifdef CK_NEED_ARG_LIST 251( 252 CK_SESSION_HANDLE hSession /* the session's handle */ 253); 254#endif 255 256 257 258/* Object management */ 259 260/* C_CreateObject creates a new object. */ 261CK_PKCS11_FUNCTION_INFO(C_CreateObject) 262#ifdef CK_NEED_ARG_LIST 263( 264 CK_SESSION_HANDLE hSession, /* the session's handle */ 265 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ 266 CK_ULONG ulCount, /* attributes in template */ 267 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ 268); 269#endif 270 271 272/* C_CopyObject copies an object, creating a new object for the 273 * copy. */ 274CK_PKCS11_FUNCTION_INFO(C_CopyObject) 275#ifdef CK_NEED_ARG_LIST 276( 277 CK_SESSION_HANDLE hSession, /* the session's handle */ 278 CK_OBJECT_HANDLE hObject, /* the object's handle */ 279 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ 280 CK_ULONG ulCount, /* attributes in template */ 281 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ 282); 283#endif 284 285 286/* C_DestroyObject destroys an object. */ 287CK_PKCS11_FUNCTION_INFO(C_DestroyObject) 288#ifdef CK_NEED_ARG_LIST 289( 290 CK_SESSION_HANDLE hSession, /* the session's handle */ 291 CK_OBJECT_HANDLE hObject /* the object's handle */ 292); 293#endif 294 295 296/* C_GetObjectSize gets the size of an object in bytes. */ 297CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) 298#ifdef CK_NEED_ARG_LIST 299( 300 CK_SESSION_HANDLE hSession, /* the session's handle */ 301 CK_OBJECT_HANDLE hObject, /* the object's handle */ 302 CK_ULONG_PTR pulSize /* receives size of object */ 303); 304#endif 305 306 307/* C_GetAttributeValue obtains the value of one or more object 308 * attributes. */ 309CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) 310#ifdef CK_NEED_ARG_LIST 311( 312 CK_SESSION_HANDLE hSession, /* the session's handle */ 313 CK_OBJECT_HANDLE hObject, /* the object's handle */ 314 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ 315 CK_ULONG ulCount /* attributes in template */ 316); 317#endif 318 319 320/* C_SetAttributeValue modifies the value of one or more object 321 * attributes */ 322CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) 323#ifdef CK_NEED_ARG_LIST 324( 325 CK_SESSION_HANDLE hSession, /* the session's handle */ 326 CK_OBJECT_HANDLE hObject, /* the object's handle */ 327 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ 328 CK_ULONG ulCount /* attributes in template */ 329); 330#endif 331 332 333/* C_FindObjectsInit initializes a search for token and session 334 * objects that match a template. */ 335CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) 336#ifdef CK_NEED_ARG_LIST 337( 338 CK_SESSION_HANDLE hSession, /* the session's handle */ 339 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ 340 CK_ULONG ulCount /* attrs in search template */ 341); 342#endif 343 344 345/* C_FindObjects continues a search for token and session 346 * objects that match a template, obtaining additional object 347 * handles. */ 348CK_PKCS11_FUNCTION_INFO(C_FindObjects) 349#ifdef CK_NEED_ARG_LIST 350( 351 CK_SESSION_HANDLE hSession, /* session's handle */ 352 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ 353 CK_ULONG ulMaxObjectCount, /* max handles to get */ 354 CK_ULONG_PTR pulObjectCount /* actual # returned */ 355); 356#endif 357 358 359/* C_FindObjectsFinal finishes a search for token and session 360 * objects. */ 361CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) 362#ifdef CK_NEED_ARG_LIST 363( 364 CK_SESSION_HANDLE hSession /* the session's handle */ 365); 366#endif 367 368 369 370/* Encryption and decryption */ 371 372/* C_EncryptInit initializes an encryption operation. */ 373CK_PKCS11_FUNCTION_INFO(C_EncryptInit) 374#ifdef CK_NEED_ARG_LIST 375( 376 CK_SESSION_HANDLE hSession, /* the session's handle */ 377 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ 378 CK_OBJECT_HANDLE hKey /* handle of encryption key */ 379); 380#endif 381 382 383/* C_Encrypt encrypts single-part data. */ 384CK_PKCS11_FUNCTION_INFO(C_Encrypt) 385#ifdef CK_NEED_ARG_LIST 386( 387 CK_SESSION_HANDLE hSession, /* session's handle */ 388 CK_BYTE_PTR pData, /* the plaintext data */ 389 CK_ULONG ulDataLen, /* bytes of plaintext */ 390 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ 391 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ 392); 393#endif 394 395 396/* C_EncryptUpdate continues a multiple-part encryption 397 * operation. */ 398CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) 399#ifdef CK_NEED_ARG_LIST 400( 401 CK_SESSION_HANDLE hSession, /* session's handle */ 402 CK_BYTE_PTR pPart, /* the plaintext data */ 403 CK_ULONG ulPartLen, /* plaintext data len */ 404 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 405 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ 406); 407#endif 408 409 410/* C_EncryptFinal finishes a multiple-part encryption 411 * operation. */ 412CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) 413#ifdef CK_NEED_ARG_LIST 414( 415 CK_SESSION_HANDLE hSession, /* session handle */ 416 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ 417 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ 418); 419#endif 420 421 422/* C_DecryptInit initializes a decryption operation. */ 423CK_PKCS11_FUNCTION_INFO(C_DecryptInit) 424#ifdef CK_NEED_ARG_LIST 425( 426 CK_SESSION_HANDLE hSession, /* the session's handle */ 427 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ 428 CK_OBJECT_HANDLE hKey /* handle of decryption key */ 429); 430#endif 431 432 433/* C_Decrypt decrypts encrypted data in a single part. */ 434CK_PKCS11_FUNCTION_INFO(C_Decrypt) 435#ifdef CK_NEED_ARG_LIST 436( 437 CK_SESSION_HANDLE hSession, /* session's handle */ 438 CK_BYTE_PTR pEncryptedData, /* ciphertext */ 439 CK_ULONG ulEncryptedDataLen, /* ciphertext length */ 440 CK_BYTE_PTR pData, /* gets plaintext */ 441 CK_ULONG_PTR pulDataLen /* gets p-text size */ 442); 443#endif 444 445 446/* C_DecryptUpdate continues a multiple-part decryption 447 * operation. */ 448CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) 449#ifdef CK_NEED_ARG_LIST 450( 451 CK_SESSION_HANDLE hSession, /* session's handle */ 452 CK_BYTE_PTR pEncryptedPart, /* encrypted data */ 453 CK_ULONG ulEncryptedPartLen, /* input length */ 454 CK_BYTE_PTR pPart, /* gets plaintext */ 455 CK_ULONG_PTR pulPartLen /* p-text size */ 456); 457#endif 458 459 460/* C_DecryptFinal finishes a multiple-part decryption 461 * operation. */ 462CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) 463#ifdef CK_NEED_ARG_LIST 464( 465 CK_SESSION_HANDLE hSession, /* the session's handle */ 466 CK_BYTE_PTR pLastPart, /* gets plaintext */ 467 CK_ULONG_PTR pulLastPartLen /* p-text size */ 468); 469#endif 470 471 472 473/* Message digesting */ 474 475/* C_DigestInit initializes a message-digesting operation. */ 476CK_PKCS11_FUNCTION_INFO(C_DigestInit) 477#ifdef CK_NEED_ARG_LIST 478( 479 CK_SESSION_HANDLE hSession, /* the session's handle */ 480 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ 481); 482#endif 483 484 485/* C_Digest digests data in a single part. */ 486CK_PKCS11_FUNCTION_INFO(C_Digest) 487#ifdef CK_NEED_ARG_LIST 488( 489 CK_SESSION_HANDLE hSession, /* the session's handle */ 490 CK_BYTE_PTR pData, /* data to be digested */ 491 CK_ULONG ulDataLen, /* bytes of data to digest */ 492 CK_BYTE_PTR pDigest, /* gets the message digest */ 493 CK_ULONG_PTR pulDigestLen /* gets digest length */ 494); 495#endif 496 497 498/* C_DigestUpdate continues a multiple-part message-digesting 499 * operation. */ 500CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) 501#ifdef CK_NEED_ARG_LIST 502( 503 CK_SESSION_HANDLE hSession, /* the session's handle */ 504 CK_BYTE_PTR pPart, /* data to be digested */ 505 CK_ULONG ulPartLen /* bytes of data to be digested */ 506); 507#endif 508 509 510/* C_DigestKey continues a multi-part message-digesting 511 * operation, by digesting the value of a secret key as part of 512 * the data already digested. */ 513CK_PKCS11_FUNCTION_INFO(C_DigestKey) 514#ifdef CK_NEED_ARG_LIST 515( 516 CK_SESSION_HANDLE hSession, /* the session's handle */ 517 CK_OBJECT_HANDLE hKey /* secret key to digest */ 518); 519#endif 520 521 522/* C_DigestFinal finishes a multiple-part message-digesting 523 * operation. */ 524CK_PKCS11_FUNCTION_INFO(C_DigestFinal) 525#ifdef CK_NEED_ARG_LIST 526( 527 CK_SESSION_HANDLE hSession, /* the session's handle */ 528 CK_BYTE_PTR pDigest, /* gets the message digest */ 529 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ 530); 531#endif 532 533 534 535/* Signing and MACing */ 536 537/* C_SignInit initializes a signature (private key encryption) 538 * operation, where the signature is (will be) an appendix to 539 * the data, and plaintext cannot be recovered from the 540 *signature. */ 541CK_PKCS11_FUNCTION_INFO(C_SignInit) 542#ifdef CK_NEED_ARG_LIST 543( 544 CK_SESSION_HANDLE hSession, /* the session's handle */ 545 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 546 CK_OBJECT_HANDLE hKey /* handle of signature key */ 547); 548#endif 549 550 551/* C_Sign signs (encrypts with private key) data in a single 552 * part, where the signature is (will be) an appendix to the 553 * data, and plaintext cannot be recovered from the signature. */ 554CK_PKCS11_FUNCTION_INFO(C_Sign) 555#ifdef CK_NEED_ARG_LIST 556( 557 CK_SESSION_HANDLE hSession, /* the session's handle */ 558 CK_BYTE_PTR pData, /* the data to sign */ 559 CK_ULONG ulDataLen, /* count of bytes to sign */ 560 CK_BYTE_PTR pSignature, /* gets the signature */ 561 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 562); 563#endif 564 565 566/* C_SignUpdate continues a multiple-part signature operation, 567 * where the signature is (will be) an appendix to the data, 568 * and plaintext cannot be recovered from the signature. */ 569CK_PKCS11_FUNCTION_INFO(C_SignUpdate) 570#ifdef CK_NEED_ARG_LIST 571( 572 CK_SESSION_HANDLE hSession, /* the session's handle */ 573 CK_BYTE_PTR pPart, /* the data to sign */ 574 CK_ULONG ulPartLen /* count of bytes to sign */ 575); 576#endif 577 578 579/* C_SignFinal finishes a multiple-part signature operation, 580 * returning the signature. */ 581CK_PKCS11_FUNCTION_INFO(C_SignFinal) 582#ifdef CK_NEED_ARG_LIST 583( 584 CK_SESSION_HANDLE hSession, /* the session's handle */ 585 CK_BYTE_PTR pSignature, /* gets the signature */ 586 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 587); 588#endif 589 590 591/* C_SignRecoverInit initializes a signature operation, where 592 * the data can be recovered from the signature. */ 593CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) 594#ifdef CK_NEED_ARG_LIST 595( 596 CK_SESSION_HANDLE hSession, /* the session's handle */ 597 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 598 CK_OBJECT_HANDLE hKey /* handle of the signature key */ 599); 600#endif 601 602 603/* C_SignRecover signs data in a single operation, where the 604 * data can be recovered from the signature. */ 605CK_PKCS11_FUNCTION_INFO(C_SignRecover) 606#ifdef CK_NEED_ARG_LIST 607( 608 CK_SESSION_HANDLE hSession, /* the session's handle */ 609 CK_BYTE_PTR pData, /* the data to sign */ 610 CK_ULONG ulDataLen, /* count of bytes to sign */ 611 CK_BYTE_PTR pSignature, /* gets the signature */ 612 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 613); 614#endif 615 616 617 618/* Verifying signatures and MACs */ 619 620/* C_VerifyInit initializes a verification operation, where the 621 * signature is an appendix to the data, and plaintext cannot 622 * cannot be recovered from the signature (e.g. DSA). */ 623CK_PKCS11_FUNCTION_INFO(C_VerifyInit) 624#ifdef CK_NEED_ARG_LIST 625( 626 CK_SESSION_HANDLE hSession, /* the session's handle */ 627 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 628 CK_OBJECT_HANDLE hKey /* verification key */ 629); 630#endif 631 632 633/* C_Verify verifies a signature in a single-part operation, 634 * where the signature is an appendix to the data, and plaintext 635 * cannot be recovered from the signature. */ 636CK_PKCS11_FUNCTION_INFO(C_Verify) 637#ifdef CK_NEED_ARG_LIST 638( 639 CK_SESSION_HANDLE hSession, /* the session's handle */ 640 CK_BYTE_PTR pData, /* signed data */ 641 CK_ULONG ulDataLen, /* length of signed data */ 642 CK_BYTE_PTR pSignature, /* signature */ 643 CK_ULONG ulSignatureLen /* signature length*/ 644); 645#endif 646 647 648/* C_VerifyUpdate continues a multiple-part verification 649 * operation, where the signature is an appendix to the data, 650 * and plaintext cannot be recovered from the signature. */ 651CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) 652#ifdef CK_NEED_ARG_LIST 653( 654 CK_SESSION_HANDLE hSession, /* the session's handle */ 655 CK_BYTE_PTR pPart, /* signed data */ 656 CK_ULONG ulPartLen /* length of signed data */ 657); 658#endif 659 660 661/* C_VerifyFinal finishes a multiple-part verification 662 * operation, checking the signature. */ 663CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) 664#ifdef CK_NEED_ARG_LIST 665( 666 CK_SESSION_HANDLE hSession, /* the session's handle */ 667 CK_BYTE_PTR pSignature, /* signature to verify */ 668 CK_ULONG ulSignatureLen /* signature length */ 669); 670#endif 671 672 673/* C_VerifyRecoverInit initializes a signature verification 674 * operation, where the data is recovered from the signature. */ 675CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) 676#ifdef CK_NEED_ARG_LIST 677( 678 CK_SESSION_HANDLE hSession, /* the session's handle */ 679 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 680 CK_OBJECT_HANDLE hKey /* verification key */ 681); 682#endif 683 684 685/* C_VerifyRecover verifies a signature in a single-part 686 * operation, where the data is recovered from the signature. */ 687CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) 688#ifdef CK_NEED_ARG_LIST 689( 690 CK_SESSION_HANDLE hSession, /* the session's handle */ 691 CK_BYTE_PTR pSignature, /* signature to verify */ 692 CK_ULONG ulSignatureLen, /* signature length */ 693 CK_BYTE_PTR pData, /* gets signed data */ 694 CK_ULONG_PTR pulDataLen /* gets signed data len */ 695); 696#endif 697 698 699 700/* Dual-function cryptographic operations */ 701 702/* C_DigestEncryptUpdate continues a multiple-part digesting 703 * and encryption operation. */ 704CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) 705#ifdef CK_NEED_ARG_LIST 706( 707 CK_SESSION_HANDLE hSession, /* session's handle */ 708 CK_BYTE_PTR pPart, /* the plaintext data */ 709 CK_ULONG ulPartLen, /* plaintext length */ 710 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 711 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 712); 713#endif 714 715 716/* C_DecryptDigestUpdate continues a multiple-part decryption and 717 * digesting operation. */ 718CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) 719#ifdef CK_NEED_ARG_LIST 720( 721 CK_SESSION_HANDLE hSession, /* session's handle */ 722 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 723 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 724 CK_BYTE_PTR pPart, /* gets plaintext */ 725 CK_ULONG_PTR pulPartLen /* gets plaintext len */ 726); 727#endif 728 729 730/* C_SignEncryptUpdate continues a multiple-part signing and 731 * encryption operation. */ 732CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) 733#ifdef CK_NEED_ARG_LIST 734( 735 CK_SESSION_HANDLE hSession, /* session's handle */ 736 CK_BYTE_PTR pPart, /* the plaintext data */ 737 CK_ULONG ulPartLen, /* plaintext length */ 738 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 739 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 740); 741#endif 742 743 744/* C_DecryptVerifyUpdate continues a multiple-part decryption and 745 * verify operation. */ 746CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) 747#ifdef CK_NEED_ARG_LIST 748( 749 CK_SESSION_HANDLE hSession, /* session's handle */ 750 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 751 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 752 CK_BYTE_PTR pPart, /* gets plaintext */ 753 CK_ULONG_PTR pulPartLen /* gets p-text length */ 754); 755#endif 756 757 758 759/* Key management */ 760 761/* C_GenerateKey generates a secret key, creating a new key 762 * object. */ 763CK_PKCS11_FUNCTION_INFO(C_GenerateKey) 764#ifdef CK_NEED_ARG_LIST 765( 766 CK_SESSION_HANDLE hSession, /* the session's handle */ 767 CK_MECHANISM_PTR pMechanism, /* key generation mech. */ 768 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ 769 CK_ULONG ulCount, /* # of attrs in template */ 770 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ 771); 772#endif 773 774 775/* C_GenerateKeyPair generates a public-key/private-key pair, 776 * creating new key objects. */ 777CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) 778#ifdef CK_NEED_ARG_LIST 779( 780 CK_SESSION_HANDLE hSession, /* session 781 * handle */ 782 CK_MECHANISM_PTR pMechanism, /* key-gen 783 * mech. */ 784 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template 785 * for pub. 786 * key */ 787 CK_ULONG ulPublicKeyAttributeCount, /* # pub. 788 * attrs. */ 789 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template 790 * for priv. 791 * key */ 792 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. 793 * attrs. */ 794 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. 795 * key 796 * handle */ 797 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets 798 * priv. key 799 * handle */ 800); 801#endif 802 803 804/* C_WrapKey wraps (i.e., encrypts) a key. */ 805CK_PKCS11_FUNCTION_INFO(C_WrapKey) 806#ifdef CK_NEED_ARG_LIST 807( 808 CK_SESSION_HANDLE hSession, /* the session's handle */ 809 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ 810 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ 811 CK_OBJECT_HANDLE hKey, /* key to be wrapped */ 812 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ 813 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ 814); 815#endif 816 817 818/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 819 * key object. */ 820CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) 821#ifdef CK_NEED_ARG_LIST 822( 823 CK_SESSION_HANDLE hSession, /* session's handle */ 824 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ 825 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ 826 CK_BYTE_PTR pWrappedKey, /* the wrapped key */ 827 CK_ULONG ulWrappedKeyLen, /* wrapped key len */ 828 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 829 CK_ULONG ulAttributeCount, /* template length */ 830 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 831); 832#endif 833 834 835/* C_DeriveKey derives a key from a base key, creating a new key 836 * object. */ 837CK_PKCS11_FUNCTION_INFO(C_DeriveKey) 838#ifdef CK_NEED_ARG_LIST 839( 840 CK_SESSION_HANDLE hSession, /* session's handle */ 841 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ 842 CK_OBJECT_HANDLE hBaseKey, /* base key */ 843 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 844 CK_ULONG ulAttributeCount, /* template length */ 845 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 846); 847#endif 848 849 850 851/* Random number generation */ 852 853/* C_SeedRandom mixes additional seed material into the token's 854 * random number generator. */ 855CK_PKCS11_FUNCTION_INFO(C_SeedRandom) 856#ifdef CK_NEED_ARG_LIST 857( 858 CK_SESSION_HANDLE hSession, /* the session's handle */ 859 CK_BYTE_PTR pSeed, /* the seed material */ 860 CK_ULONG ulSeedLen /* length of seed material */ 861); 862#endif 863 864 865/* C_GenerateRandom generates random data. */ 866CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) 867#ifdef CK_NEED_ARG_LIST 868( 869 CK_SESSION_HANDLE hSession, /* the session's handle */ 870 CK_BYTE_PTR RandomData, /* receives the random data */ 871 CK_ULONG ulRandomLen /* # of bytes to generate */ 872); 873#endif 874 875 876 877/* Parallel function management */ 878 879/* C_GetFunctionStatus is a legacy function; it obtains an 880 * updated status of a function running in parallel with an 881 * application. */ 882CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) 883#ifdef CK_NEED_ARG_LIST 884( 885 CK_SESSION_HANDLE hSession /* the session's handle */ 886); 887#endif 888 889 890/* C_CancelFunction is a legacy function; it cancels a function 891 * running in parallel. */ 892CK_PKCS11_FUNCTION_INFO(C_CancelFunction) 893#ifdef CK_NEED_ARG_LIST 894( 895 CK_SESSION_HANDLE hSession /* the session's handle */ 896); 897#endif 898 899 900 901/* Functions added in for Cryptoki Version 2.01 or later */ 902 903/* C_WaitForSlotEvent waits for a slot event (token insertion, 904 * removal, etc.) to occur. */ 905CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) 906#ifdef CK_NEED_ARG_LIST 907( 908 CK_FLAGS flags, /* blocking/nonblocking flag */ 909 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ 910 CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ 911); 912#endif 913