1/* $NetBSD: pkcs11f.h,v 1.2.6.1 2012/06/05 21:15:51 bouyer Exp $ */ 2 3/* pkcs11f.h include file for PKCS #11. */ 4/* Revision: 1.2 */ 5 6/* License to copy and use this software is granted provided that it is 7 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 8 * (Cryptoki)" in all material mentioning or referencing this software. 9 10 * License is also granted to make and use derivative works provided that 11 * such works are identified as "derived from the RSA Security Inc. PKCS #11 12 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 13 * referencing the derived work. 14 15 * RSA Security Inc. makes no representations concerning either the 16 * merchantability of this software or the suitability of this software for 17 * any particular purpose. It is provided "as is" without express or implied 18 * warranty of any kind. 19 */ 20 21/* This header file contains pretty much everything about all the */ 22/* Cryptoki function prototypes. Because this information is */ 23/* used for more than just declaring function prototypes, the */ 24/* order of the functions appearing herein is important, and */ 25/* should not be altered. */ 26 27/* General-purpose */ 28 29/* C_Initialize initializes the Cryptoki library. */ 30CK_PKCS11_FUNCTION_INFO(C_Initialize) 31#ifdef CK_NEED_ARG_LIST 32( 33 CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets 34 * cast to CK_C_INITIALIZE_ARGS_PTR 35 * and dereferenced */ 36); 37#endif 38 39 40/* C_Finalize indicates that an application is done with the 41 * Cryptoki library. */ 42CK_PKCS11_FUNCTION_INFO(C_Finalize) 43#ifdef CK_NEED_ARG_LIST 44( 45 CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ 46); 47#endif 48 49 50/* C_GetInfo returns general information about Cryptoki. */ 51CK_PKCS11_FUNCTION_INFO(C_GetInfo) 52#ifdef CK_NEED_ARG_LIST 53( 54 CK_INFO_PTR pInfo /* location that receives information */ 55); 56#endif 57 58 59/* C_GetFunctionList returns the function list. */ 60CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) 61#ifdef CK_NEED_ARG_LIST 62( 63 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to 64 * function list */ 65); 66#endif 67 68 69 70/* Slot and token management */ 71 72/* C_GetSlotList obtains a list of slots in the system. */ 73CK_PKCS11_FUNCTION_INFO(C_GetSlotList) 74#ifdef CK_NEED_ARG_LIST 75( 76 CK_BBOOL tokenPresent, /* only slots with tokens? */ 77 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ 78 CK_ULONG_PTR pulCount /* receives number of slots */ 79); 80#endif 81 82 83/* C_GetSlotInfo obtains information about a particular slot in 84 * the system. */ 85CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) 86#ifdef CK_NEED_ARG_LIST 87( 88 CK_SLOT_ID slotID, /* the ID of the slot */ 89 CK_SLOT_INFO_PTR pInfo /* receives the slot information */ 90); 91#endif 92 93 94/* C_GetTokenInfo obtains information about a particular token 95 * in the system. */ 96CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) 97#ifdef CK_NEED_ARG_LIST 98( 99 CK_SLOT_ID slotID, /* ID of the token's slot */ 100 CK_TOKEN_INFO_PTR pInfo /* receives the token information */ 101); 102#endif 103 104 105/* C_GetMechanismList obtains a list of mechanism types 106 * supported by a token. */ 107CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) 108#ifdef CK_NEED_ARG_LIST 109( 110 CK_SLOT_ID slotID, /* ID of token's slot */ 111 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ 112 CK_ULONG_PTR pulCount /* gets # of mechs. */ 113); 114#endif 115 116 117/* C_GetMechanismInfo obtains information about a particular 118 * mechanism possibly supported by a token. */ 119CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) 120#ifdef CK_NEED_ARG_LIST 121( 122 CK_SLOT_ID slotID, /* ID of the token's slot */ 123 CK_MECHANISM_TYPE type, /* type of mechanism */ 124 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ 125); 126#endif 127 128 129/* C_InitToken initializes a token. */ 130CK_PKCS11_FUNCTION_INFO(C_InitToken) 131#ifdef CK_NEED_ARG_LIST 132/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ 133( 134 CK_SLOT_ID slotID, /* ID of the token's slot */ 135 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ 136 CK_ULONG ulPinLen, /* length in bytes of the PIN */ 137 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ 138); 139#endif 140 141 142/* C_InitPIN initializes the normal user's PIN. */ 143CK_PKCS11_FUNCTION_INFO(C_InitPIN) 144#ifdef CK_NEED_ARG_LIST 145( 146 CK_SESSION_HANDLE hSession, /* the session's handle */ 147 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ 148 CK_ULONG ulPinLen /* length in bytes of the PIN */ 149); 150#endif 151 152 153/* C_SetPIN modifies the PIN of the user who is logged in. */ 154CK_PKCS11_FUNCTION_INFO(C_SetPIN) 155#ifdef CK_NEED_ARG_LIST 156( 157 CK_SESSION_HANDLE hSession, /* the session's handle */ 158 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ 159 CK_ULONG ulOldLen, /* length of the old PIN */ 160 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ 161 CK_ULONG ulNewLen /* length of the new PIN */ 162); 163#endif 164 165 166 167/* Session management */ 168 169/* C_OpenSession opens a session between an application and a 170 * token. */ 171CK_PKCS11_FUNCTION_INFO(C_OpenSession) 172#ifdef CK_NEED_ARG_LIST 173( 174 CK_SLOT_ID slotID, /* the slot's ID */ 175 CK_FLAGS flags, /* from CK_SESSION_INFO */ 176 CK_VOID_PTR pApplication, /* passed to callback */ 177 CK_NOTIFY Notify, /* callback function */ 178 CK_SESSION_HANDLE_PTR phSession /* gets session handle */ 179); 180#endif 181 182 183/* C_CloseSession closes a session between an application and a 184 * token. */ 185CK_PKCS11_FUNCTION_INFO(C_CloseSession) 186#ifdef CK_NEED_ARG_LIST 187( 188 CK_SESSION_HANDLE hSession /* the session's handle */ 189); 190#endif 191 192 193/* C_CloseAllSessions closes all sessions with a token. */ 194CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) 195#ifdef CK_NEED_ARG_LIST 196( 197 CK_SLOT_ID slotID /* the token's slot */ 198); 199#endif 200 201 202/* C_GetSessionInfo obtains information about the session. */ 203CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) 204#ifdef CK_NEED_ARG_LIST 205( 206 CK_SESSION_HANDLE hSession, /* the session's handle */ 207 CK_SESSION_INFO_PTR pInfo /* receives session info */ 208); 209#endif 210 211 212/* C_GetOperationState obtains the state of the cryptographic operation 213 * in a session. */ 214CK_PKCS11_FUNCTION_INFO(C_GetOperationState) 215#ifdef CK_NEED_ARG_LIST 216( 217 CK_SESSION_HANDLE hSession, /* session's handle */ 218 CK_BYTE_PTR pOperationState, /* gets state */ 219 CK_ULONG_PTR pulOperationStateLen /* gets state length */ 220); 221#endif 222 223 224/* C_SetOperationState restores the state of the cryptographic 225 * operation in a session. */ 226CK_PKCS11_FUNCTION_INFO(C_SetOperationState) 227#ifdef CK_NEED_ARG_LIST 228( 229 CK_SESSION_HANDLE hSession, /* session's handle */ 230 CK_BYTE_PTR pOperationState, /* holds state */ 231 CK_ULONG ulOperationStateLen, /* holds state length */ 232 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ 233 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ 234); 235#endif 236 237 238/* C_Login logs a user into a token. */ 239CK_PKCS11_FUNCTION_INFO(C_Login) 240#ifdef CK_NEED_ARG_LIST 241( 242 CK_SESSION_HANDLE hSession, /* the session's handle */ 243 CK_USER_TYPE userType, /* the user type */ 244 CK_UTF8CHAR_PTR pPin, /* the user's PIN */ 245 CK_ULONG ulPinLen /* the length of the PIN */ 246); 247#endif 248 249 250/* C_Logout logs a user out from a token. */ 251CK_PKCS11_FUNCTION_INFO(C_Logout) 252#ifdef CK_NEED_ARG_LIST 253( 254 CK_SESSION_HANDLE hSession /* the session's handle */ 255); 256#endif 257 258 259 260/* Object management */ 261 262/* C_CreateObject creates a new object. */ 263CK_PKCS11_FUNCTION_INFO(C_CreateObject) 264#ifdef CK_NEED_ARG_LIST 265( 266 CK_SESSION_HANDLE hSession, /* the session's handle */ 267 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ 268 CK_ULONG ulCount, /* attributes in template */ 269 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ 270); 271#endif 272 273 274/* C_CopyObject copies an object, creating a new object for the 275 * copy. */ 276CK_PKCS11_FUNCTION_INFO(C_CopyObject) 277#ifdef CK_NEED_ARG_LIST 278( 279 CK_SESSION_HANDLE hSession, /* the session's handle */ 280 CK_OBJECT_HANDLE hObject, /* the object's handle */ 281 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ 282 CK_ULONG ulCount, /* attributes in template */ 283 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ 284); 285#endif 286 287 288/* C_DestroyObject destroys an object. */ 289CK_PKCS11_FUNCTION_INFO(C_DestroyObject) 290#ifdef CK_NEED_ARG_LIST 291( 292 CK_SESSION_HANDLE hSession, /* the session's handle */ 293 CK_OBJECT_HANDLE hObject /* the object's handle */ 294); 295#endif 296 297 298/* C_GetObjectSize gets the size of an object in bytes. */ 299CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) 300#ifdef CK_NEED_ARG_LIST 301( 302 CK_SESSION_HANDLE hSession, /* the session's handle */ 303 CK_OBJECT_HANDLE hObject, /* the object's handle */ 304 CK_ULONG_PTR pulSize /* receives size of object */ 305); 306#endif 307 308 309/* C_GetAttributeValue obtains the value of one or more object 310 * attributes. */ 311CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) 312#ifdef CK_NEED_ARG_LIST 313( 314 CK_SESSION_HANDLE hSession, /* the session's handle */ 315 CK_OBJECT_HANDLE hObject, /* the object's handle */ 316 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ 317 CK_ULONG ulCount /* attributes in template */ 318); 319#endif 320 321 322/* C_SetAttributeValue modifies the value of one or more object 323 * attributes */ 324CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) 325#ifdef CK_NEED_ARG_LIST 326( 327 CK_SESSION_HANDLE hSession, /* the session's handle */ 328 CK_OBJECT_HANDLE hObject, /* the object's handle */ 329 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ 330 CK_ULONG ulCount /* attributes in template */ 331); 332#endif 333 334 335/* C_FindObjectsInit initializes a search for token and session 336 * objects that match a template. */ 337CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) 338#ifdef CK_NEED_ARG_LIST 339( 340 CK_SESSION_HANDLE hSession, /* the session's handle */ 341 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ 342 CK_ULONG ulCount /* attrs in search template */ 343); 344#endif 345 346 347/* C_FindObjects continues a search for token and session 348 * objects that match a template, obtaining additional object 349 * handles. */ 350CK_PKCS11_FUNCTION_INFO(C_FindObjects) 351#ifdef CK_NEED_ARG_LIST 352( 353 CK_SESSION_HANDLE hSession, /* session's handle */ 354 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ 355 CK_ULONG ulMaxObjectCount, /* max handles to get */ 356 CK_ULONG_PTR pulObjectCount /* actual # returned */ 357); 358#endif 359 360 361/* C_FindObjectsFinal finishes a search for token and session 362 * objects. */ 363CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) 364#ifdef CK_NEED_ARG_LIST 365( 366 CK_SESSION_HANDLE hSession /* the session's handle */ 367); 368#endif 369 370 371 372/* Encryption and decryption */ 373 374/* C_EncryptInit initializes an encryption operation. */ 375CK_PKCS11_FUNCTION_INFO(C_EncryptInit) 376#ifdef CK_NEED_ARG_LIST 377( 378 CK_SESSION_HANDLE hSession, /* the session's handle */ 379 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ 380 CK_OBJECT_HANDLE hKey /* handle of encryption key */ 381); 382#endif 383 384 385/* C_Encrypt encrypts single-part data. */ 386CK_PKCS11_FUNCTION_INFO(C_Encrypt) 387#ifdef CK_NEED_ARG_LIST 388( 389 CK_SESSION_HANDLE hSession, /* session's handle */ 390 CK_BYTE_PTR pData, /* the plaintext data */ 391 CK_ULONG ulDataLen, /* bytes of plaintext */ 392 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ 393 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ 394); 395#endif 396 397 398/* C_EncryptUpdate continues a multiple-part encryption 399 * operation. */ 400CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) 401#ifdef CK_NEED_ARG_LIST 402( 403 CK_SESSION_HANDLE hSession, /* session's handle */ 404 CK_BYTE_PTR pPart, /* the plaintext data */ 405 CK_ULONG ulPartLen, /* plaintext data len */ 406 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 407 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ 408); 409#endif 410 411 412/* C_EncryptFinal finishes a multiple-part encryption 413 * operation. */ 414CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) 415#ifdef CK_NEED_ARG_LIST 416( 417 CK_SESSION_HANDLE hSession, /* session handle */ 418 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ 419 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ 420); 421#endif 422 423 424/* C_DecryptInit initializes a decryption operation. */ 425CK_PKCS11_FUNCTION_INFO(C_DecryptInit) 426#ifdef CK_NEED_ARG_LIST 427( 428 CK_SESSION_HANDLE hSession, /* the session's handle */ 429 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ 430 CK_OBJECT_HANDLE hKey /* handle of decryption key */ 431); 432#endif 433 434 435/* C_Decrypt decrypts encrypted data in a single part. */ 436CK_PKCS11_FUNCTION_INFO(C_Decrypt) 437#ifdef CK_NEED_ARG_LIST 438( 439 CK_SESSION_HANDLE hSession, /* session's handle */ 440 CK_BYTE_PTR pEncryptedData, /* ciphertext */ 441 CK_ULONG ulEncryptedDataLen, /* ciphertext length */ 442 CK_BYTE_PTR pData, /* gets plaintext */ 443 CK_ULONG_PTR pulDataLen /* gets p-text size */ 444); 445#endif 446 447 448/* C_DecryptUpdate continues a multiple-part decryption 449 * operation. */ 450CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) 451#ifdef CK_NEED_ARG_LIST 452( 453 CK_SESSION_HANDLE hSession, /* session's handle */ 454 CK_BYTE_PTR pEncryptedPart, /* encrypted data */ 455 CK_ULONG ulEncryptedPartLen, /* input length */ 456 CK_BYTE_PTR pPart, /* gets plaintext */ 457 CK_ULONG_PTR pulPartLen /* p-text size */ 458); 459#endif 460 461 462/* C_DecryptFinal finishes a multiple-part decryption 463 * operation. */ 464CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) 465#ifdef CK_NEED_ARG_LIST 466( 467 CK_SESSION_HANDLE hSession, /* the session's handle */ 468 CK_BYTE_PTR pLastPart, /* gets plaintext */ 469 CK_ULONG_PTR pulLastPartLen /* p-text size */ 470); 471#endif 472 473 474 475/* Message digesting */ 476 477/* C_DigestInit initializes a message-digesting operation. */ 478CK_PKCS11_FUNCTION_INFO(C_DigestInit) 479#ifdef CK_NEED_ARG_LIST 480( 481 CK_SESSION_HANDLE hSession, /* the session's handle */ 482 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ 483); 484#endif 485 486 487/* C_Digest digests data in a single part. */ 488CK_PKCS11_FUNCTION_INFO(C_Digest) 489#ifdef CK_NEED_ARG_LIST 490( 491 CK_SESSION_HANDLE hSession, /* the session's handle */ 492 CK_BYTE_PTR pData, /* data to be digested */ 493 CK_ULONG ulDataLen, /* bytes of data to digest */ 494 CK_BYTE_PTR pDigest, /* gets the message digest */ 495 CK_ULONG_PTR pulDigestLen /* gets digest length */ 496); 497#endif 498 499 500/* C_DigestUpdate continues a multiple-part message-digesting 501 * operation. */ 502CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) 503#ifdef CK_NEED_ARG_LIST 504( 505 CK_SESSION_HANDLE hSession, /* the session's handle */ 506 CK_BYTE_PTR pPart, /* data to be digested */ 507 CK_ULONG ulPartLen /* bytes of data to be digested */ 508); 509#endif 510 511 512/* C_DigestKey continues a multi-part message-digesting 513 * operation, by digesting the value of a secret key as part of 514 * the data already digested. */ 515CK_PKCS11_FUNCTION_INFO(C_DigestKey) 516#ifdef CK_NEED_ARG_LIST 517( 518 CK_SESSION_HANDLE hSession, /* the session's handle */ 519 CK_OBJECT_HANDLE hKey /* secret key to digest */ 520); 521#endif 522 523 524/* C_DigestFinal finishes a multiple-part message-digesting 525 * operation. */ 526CK_PKCS11_FUNCTION_INFO(C_DigestFinal) 527#ifdef CK_NEED_ARG_LIST 528( 529 CK_SESSION_HANDLE hSession, /* the session's handle */ 530 CK_BYTE_PTR pDigest, /* gets the message digest */ 531 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ 532); 533#endif 534 535 536 537/* Signing and MACing */ 538 539/* C_SignInit initializes a signature (private key encryption) 540 * operation, where the signature is (will be) an appendix to 541 * the data, and plaintext cannot be recovered from the 542 *signature. */ 543CK_PKCS11_FUNCTION_INFO(C_SignInit) 544#ifdef CK_NEED_ARG_LIST 545( 546 CK_SESSION_HANDLE hSession, /* the session's handle */ 547 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 548 CK_OBJECT_HANDLE hKey /* handle of signature key */ 549); 550#endif 551 552 553/* C_Sign signs (encrypts with private key) data in a single 554 * part, where the signature is (will be) an appendix to the 555 * data, and plaintext cannot be recovered from the signature. */ 556CK_PKCS11_FUNCTION_INFO(C_Sign) 557#ifdef CK_NEED_ARG_LIST 558( 559 CK_SESSION_HANDLE hSession, /* the session's handle */ 560 CK_BYTE_PTR pData, /* the data to sign */ 561 CK_ULONG ulDataLen, /* count of bytes to sign */ 562 CK_BYTE_PTR pSignature, /* gets the signature */ 563 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 564); 565#endif 566 567 568/* C_SignUpdate continues a multiple-part signature operation, 569 * where the signature is (will be) an appendix to the data, 570 * and plaintext cannot be recovered from the signature. */ 571CK_PKCS11_FUNCTION_INFO(C_SignUpdate) 572#ifdef CK_NEED_ARG_LIST 573( 574 CK_SESSION_HANDLE hSession, /* the session's handle */ 575 CK_BYTE_PTR pPart, /* the data to sign */ 576 CK_ULONG ulPartLen /* count of bytes to sign */ 577); 578#endif 579 580 581/* C_SignFinal finishes a multiple-part signature operation, 582 * returning the signature. */ 583CK_PKCS11_FUNCTION_INFO(C_SignFinal) 584#ifdef CK_NEED_ARG_LIST 585( 586 CK_SESSION_HANDLE hSession, /* the session's handle */ 587 CK_BYTE_PTR pSignature, /* gets the signature */ 588 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 589); 590#endif 591 592 593/* C_SignRecoverInit initializes a signature operation, where 594 * the data can be recovered from the signature. */ 595CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) 596#ifdef CK_NEED_ARG_LIST 597( 598 CK_SESSION_HANDLE hSession, /* the session's handle */ 599 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 600 CK_OBJECT_HANDLE hKey /* handle of the signature key */ 601); 602#endif 603 604 605/* C_SignRecover signs data in a single operation, where the 606 * data can be recovered from the signature. */ 607CK_PKCS11_FUNCTION_INFO(C_SignRecover) 608#ifdef CK_NEED_ARG_LIST 609( 610 CK_SESSION_HANDLE hSession, /* the session's handle */ 611 CK_BYTE_PTR pData, /* the data to sign */ 612 CK_ULONG ulDataLen, /* count of bytes to sign */ 613 CK_BYTE_PTR pSignature, /* gets the signature */ 614 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 615); 616#endif 617 618 619 620/* Verifying signatures and MACs */ 621 622/* C_VerifyInit initializes a verification operation, where the 623 * signature is an appendix to the data, and plaintext cannot 624 * cannot be recovered from the signature (e.g. DSA). */ 625CK_PKCS11_FUNCTION_INFO(C_VerifyInit) 626#ifdef CK_NEED_ARG_LIST 627( 628 CK_SESSION_HANDLE hSession, /* the session's handle */ 629 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 630 CK_OBJECT_HANDLE hKey /* verification key */ 631); 632#endif 633 634 635/* C_Verify verifies a signature in a single-part operation, 636 * where the signature is an appendix to the data, and plaintext 637 * cannot be recovered from the signature. */ 638CK_PKCS11_FUNCTION_INFO(C_Verify) 639#ifdef CK_NEED_ARG_LIST 640( 641 CK_SESSION_HANDLE hSession, /* the session's handle */ 642 CK_BYTE_PTR pData, /* signed data */ 643 CK_ULONG ulDataLen, /* length of signed data */ 644 CK_BYTE_PTR pSignature, /* signature */ 645 CK_ULONG ulSignatureLen /* signature length*/ 646); 647#endif 648 649 650/* C_VerifyUpdate continues a multiple-part verification 651 * operation, where the signature is an appendix to the data, 652 * and plaintext cannot be recovered from the signature. */ 653CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) 654#ifdef CK_NEED_ARG_LIST 655( 656 CK_SESSION_HANDLE hSession, /* the session's handle */ 657 CK_BYTE_PTR pPart, /* signed data */ 658 CK_ULONG ulPartLen /* length of signed data */ 659); 660#endif 661 662 663/* C_VerifyFinal finishes a multiple-part verification 664 * operation, checking the signature. */ 665CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) 666#ifdef CK_NEED_ARG_LIST 667( 668 CK_SESSION_HANDLE hSession, /* the session's handle */ 669 CK_BYTE_PTR pSignature, /* signature to verify */ 670 CK_ULONG ulSignatureLen /* signature length */ 671); 672#endif 673 674 675/* C_VerifyRecoverInit initializes a signature verification 676 * operation, where the data is recovered from the signature. */ 677CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) 678#ifdef CK_NEED_ARG_LIST 679( 680 CK_SESSION_HANDLE hSession, /* the session's handle */ 681 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 682 CK_OBJECT_HANDLE hKey /* verification key */ 683); 684#endif 685 686 687/* C_VerifyRecover verifies a signature in a single-part 688 * operation, where the data is recovered from the signature. */ 689CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) 690#ifdef CK_NEED_ARG_LIST 691( 692 CK_SESSION_HANDLE hSession, /* the session's handle */ 693 CK_BYTE_PTR pSignature, /* signature to verify */ 694 CK_ULONG ulSignatureLen, /* signature length */ 695 CK_BYTE_PTR pData, /* gets signed data */ 696 CK_ULONG_PTR pulDataLen /* gets signed data len */ 697); 698#endif 699 700 701 702/* Dual-function cryptographic operations */ 703 704/* C_DigestEncryptUpdate continues a multiple-part digesting 705 * and encryption operation. */ 706CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) 707#ifdef CK_NEED_ARG_LIST 708( 709 CK_SESSION_HANDLE hSession, /* session's handle */ 710 CK_BYTE_PTR pPart, /* the plaintext data */ 711 CK_ULONG ulPartLen, /* plaintext length */ 712 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 713 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 714); 715#endif 716 717 718/* C_DecryptDigestUpdate continues a multiple-part decryption and 719 * digesting operation. */ 720CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) 721#ifdef CK_NEED_ARG_LIST 722( 723 CK_SESSION_HANDLE hSession, /* session's handle */ 724 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 725 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 726 CK_BYTE_PTR pPart, /* gets plaintext */ 727 CK_ULONG_PTR pulPartLen /* gets plaintext len */ 728); 729#endif 730 731 732/* C_SignEncryptUpdate continues a multiple-part signing and 733 * encryption operation. */ 734CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) 735#ifdef CK_NEED_ARG_LIST 736( 737 CK_SESSION_HANDLE hSession, /* session's handle */ 738 CK_BYTE_PTR pPart, /* the plaintext data */ 739 CK_ULONG ulPartLen, /* plaintext length */ 740 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 741 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 742); 743#endif 744 745 746/* C_DecryptVerifyUpdate continues a multiple-part decryption and 747 * verify operation. */ 748CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) 749#ifdef CK_NEED_ARG_LIST 750( 751 CK_SESSION_HANDLE hSession, /* session's handle */ 752 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 753 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 754 CK_BYTE_PTR pPart, /* gets plaintext */ 755 CK_ULONG_PTR pulPartLen /* gets p-text length */ 756); 757#endif 758 759 760 761/* Key management */ 762 763/* C_GenerateKey generates a secret key, creating a new key 764 * object. */ 765CK_PKCS11_FUNCTION_INFO(C_GenerateKey) 766#ifdef CK_NEED_ARG_LIST 767( 768 CK_SESSION_HANDLE hSession, /* the session's handle */ 769 CK_MECHANISM_PTR pMechanism, /* key generation mech. */ 770 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ 771 CK_ULONG ulCount, /* # of attrs in template */ 772 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ 773); 774#endif 775 776 777/* C_GenerateKeyPair generates a public-key/private-key pair, 778 * creating new key objects. */ 779CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) 780#ifdef CK_NEED_ARG_LIST 781( 782 CK_SESSION_HANDLE hSession, /* session 783 * handle */ 784 CK_MECHANISM_PTR pMechanism, /* key-gen 785 * mech. */ 786 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template 787 * for pub. 788 * key */ 789 CK_ULONG ulPublicKeyAttributeCount, /* # pub. 790 * attrs. */ 791 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template 792 * for priv. 793 * key */ 794 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. 795 * attrs. */ 796 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. 797 * key 798 * handle */ 799 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets 800 * priv. key 801 * handle */ 802); 803#endif 804 805 806/* C_WrapKey wraps (i.e., encrypts) a key. */ 807CK_PKCS11_FUNCTION_INFO(C_WrapKey) 808#ifdef CK_NEED_ARG_LIST 809( 810 CK_SESSION_HANDLE hSession, /* the session's handle */ 811 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ 812 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ 813 CK_OBJECT_HANDLE hKey, /* key to be wrapped */ 814 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ 815 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ 816); 817#endif 818 819 820/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 821 * key object. */ 822CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) 823#ifdef CK_NEED_ARG_LIST 824( 825 CK_SESSION_HANDLE hSession, /* session's handle */ 826 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ 827 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ 828 CK_BYTE_PTR pWrappedKey, /* the wrapped key */ 829 CK_ULONG ulWrappedKeyLen, /* wrapped key len */ 830 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 831 CK_ULONG ulAttributeCount, /* template length */ 832 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 833); 834#endif 835 836 837/* C_DeriveKey derives a key from a base key, creating a new key 838 * object. */ 839CK_PKCS11_FUNCTION_INFO(C_DeriveKey) 840#ifdef CK_NEED_ARG_LIST 841( 842 CK_SESSION_HANDLE hSession, /* session's handle */ 843 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ 844 CK_OBJECT_HANDLE hBaseKey, /* base key */ 845 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 846 CK_ULONG ulAttributeCount, /* template length */ 847 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 848); 849#endif 850 851 852 853/* Random number generation */ 854 855/* C_SeedRandom mixes additional seed material into the token's 856 * random number generator. */ 857CK_PKCS11_FUNCTION_INFO(C_SeedRandom) 858#ifdef CK_NEED_ARG_LIST 859( 860 CK_SESSION_HANDLE hSession, /* the session's handle */ 861 CK_BYTE_PTR pSeed, /* the seed material */ 862 CK_ULONG ulSeedLen /* length of seed material */ 863); 864#endif 865 866 867/* C_GenerateRandom generates random data. */ 868CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) 869#ifdef CK_NEED_ARG_LIST 870( 871 CK_SESSION_HANDLE hSession, /* the session's handle */ 872 CK_BYTE_PTR RandomData, /* receives the random data */ 873 CK_ULONG ulRandomLen /* # of bytes to generate */ 874); 875#endif 876 877 878 879/* Parallel function management */ 880 881/* C_GetFunctionStatus is a legacy function; it obtains an 882 * updated status of a function running in parallel with an 883 * application. */ 884CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) 885#ifdef CK_NEED_ARG_LIST 886( 887 CK_SESSION_HANDLE hSession /* the session's handle */ 888); 889#endif 890 891 892/* C_CancelFunction is a legacy function; it cancels a function 893 * running in parallel. */ 894CK_PKCS11_FUNCTION_INFO(C_CancelFunction) 895#ifdef CK_NEED_ARG_LIST 896( 897 CK_SESSION_HANDLE hSession /* the session's handle */ 898); 899#endif 900 901 902 903/* Functions added in for Cryptoki Version 2.01 or later */ 904 905/* C_WaitForSlotEvent waits for a slot event (token insertion, 906 * removal, etc.) to occur. */ 907CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) 908#ifdef CK_NEED_ARG_LIST 909( 910 CK_FLAGS flags, /* blocking/nonblocking flag */ 911 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ 912 CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ 913); 914#endif 915