1/* $NetBSD: pkcs11.h,v 1.1 2024/02/18 20:57:55 christos Exp $ */ 2 3/* 4 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 5 * Copyright 2006 Andreas Jellinghaus 6 * Copyright 2006, 2007 g10 Code GmbH 7 * Copyright 2017 Red Hat, Inc. 8 * 9 * SPDX-License-Identifier: MPL-2.0 10 * 11 * This Source Code Form is subject to the terms of the Mozilla Public 12 * License, v. 2.0. If a copy of the MPL was not distributed with this 13 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 14 * 15 * See the COPYRIGHT file distributed with this work for additional 16 * information regarding copyright ownership. 17 */ 18 19/* Please submit any changes back to the p11-kit project at 20 * https://github.com/p11-glue/p11-kit/, so that 21 * they can be picked up by other projects from there as well. */ 22 23/* This file is a modified implementation of the PKCS #11 standard by 24 * OASIS group. It is mostly a drop-in replacement, with the 25 * following change: 26 * 27 * This header file does not require any macro definitions by the user 28 * (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros 29 * for you (if useful, some are missing, let me know if you need 30 * more). 31 * 32 * There is an additional API available that does comply better to the 33 * GNU coding standard. It can be switched on by defining 34 * CRYPTOKI_GNU before including this header file. For this, the 35 * following changes are made to the specification: 36 * 37 * All structure types are changed to a "struct ck_foo" where CK_FOO 38 * is the type name in PKCS #11. 39 * 40 * All non-structure types are changed to ck_foo_t where CK_FOO is the 41 * lowercase version of the type name in PKCS #11. The basic types 42 * (CK_ULONG et al.) are removed without substitute. 43 * 44 * All members of structures are modified in the following way: Type 45 * indication prefixes are removed, and underscore characters are 46 * inserted before words. Then the result is lowercased. 47 * 48 * Note that function names are still in the original case, as they 49 * need for ABI compatibility. 50 * 51 * CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use 52 * <stdbool.h>. 53 * 54 * If CRYPTOKI_COMPAT is defined before including this header file, 55 * then none of the API changes above take place, and the API is the 56 * one defined by the PKCS #11 standard. */ 57 58#ifndef PKCS11_H 59#define PKCS11_H 1 60 61#if defined(__cplusplus) 62extern "C" { 63#endif /* if defined(__cplusplus) */ 64 65/* The version of cryptoki we implement. The revision is changed with 66 * each modification of this file. */ 67#define CRYPTOKI_VERSION_MAJOR 2 68#define CRYPTOKI_VERSION_MINOR 40 69#define P11_KIT_CRYPTOKI_VERSION_REVISION 0 70 71/* Compatibility interface is default, unless CRYPTOKI_GNU is 72 * given. */ 73#ifndef CRYPTOKI_GNU 74#ifndef CRYPTOKI_COMPAT 75#define CRYPTOKI_COMPAT 1 76#endif /* ifndef CRYPTOKI_COMPAT */ 77#endif /* ifndef CRYPTOKI_GNU */ 78 79/* System dependencies. */ 80 81#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) 82 83/* There is a matching pop below. */ 84#pragma pack(push, cryptoki, 1) 85 86#ifdef CRYPTOKI_EXPORTS 87#define CK_SPEC __declspec(dllexport) 88#else /* ifdef CRYPTOKI_EXPORTS */ 89#define CK_SPEC __declspec(dllimport) 90#endif /* ifdef CRYPTOKI_EXPORTS */ 91 92#else /* if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) */ 93 94#define CK_SPEC 95 96#endif /* if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) */ 97 98#ifdef CRYPTOKI_COMPAT 99/* If we are in compatibility mode, switch all exposed names to the 100 * PKCS #11 variant. There are corresponding #undefs below. */ 101 102#define ck_flags_t CK_FLAGS 103#define ck_version _CK_VERSION 104 105#define ck_info _CK_INFO 106#define cryptoki_version cryptokiVersion 107#define manufacturer_id manufacturerID 108#define library_description libraryDescription 109#define library_version libraryVersion 110 111#define ck_notification_t CK_NOTIFICATION 112#define ck_slot_id_t CK_SLOT_ID 113 114#define ck_slot_info _CK_SLOT_INFO 115#define slot_description slotDescription 116#define hardware_version hardwareVersion 117#define firmware_version firmwareVersion 118 119#define ck_token_info _CK_TOKEN_INFO 120#define serial_number serialNumber 121#define max_session_count ulMaxSessionCount 122#define session_count ulSessionCount 123#define max_rw_session_count ulMaxRwSessionCount 124#define rw_session_count ulRwSessionCount 125#define max_pin_len ulMaxPinLen 126#define min_pin_len ulMinPinLen 127#define total_public_memory ulTotalPublicMemory 128#define free_public_memory ulFreePublicMemory 129#define total_private_memory ulTotalPrivateMemory 130#define free_private_memory ulFreePrivateMemory 131#define utc_time utcTime 132 133#define ck_session_handle_t CK_SESSION_HANDLE 134#define ck_user_type_t CK_USER_TYPE 135#define ck_state_t CK_STATE 136 137#define ck_session_info _CK_SESSION_INFO 138#define slot_id slotID 139#define device_error ulDeviceError 140 141#define ck_object_handle_t CK_OBJECT_HANDLE 142#define ck_object_class_t CK_OBJECT_CLASS 143#define ck_hw_feature_type_t CK_HW_FEATURE_TYPE 144#define ck_key_type_t CK_KEY_TYPE 145#define ck_certificate_type_t CK_CERTIFICATE_TYPE 146#define ck_attribute_type_t CK_ATTRIBUTE_TYPE 147 148#define ck_attribute _CK_ATTRIBUTE 149#define value pValue 150#define value_len ulValueLen 151 152#define count ulCount 153 154#define ck_date _CK_DATE 155 156#define ck_mechanism_type_t CK_MECHANISM_TYPE 157 158#define ck_mechanism _CK_MECHANISM 159#define parameter pParameter 160#define parameter_len ulParameterLen 161 162#define params pParams 163 164#define ck_mechanism_info _CK_MECHANISM_INFO 165#define min_key_size ulMinKeySize 166#define max_key_size ulMaxKeySize 167 168#define ck_param_type CK_PARAM_TYPE 169#define ck_otp_param CK_OTP_PARAM 170#define ck_otp_params CK_OTP_PARAMS 171#define ck_otp_signature_info CK_OTP_SIGNATURE_INFO 172 173#define ck_rv_t CK_RV 174#define ck_notify_t CK_NOTIFY 175 176#define ck_function_list _CK_FUNCTION_LIST 177 178#define ck_createmutex_t CK_CREATEMUTEX 179#define ck_destroymutex_t CK_DESTROYMUTEX 180#define ck_lockmutex_t CK_LOCKMUTEX 181#define ck_unlockmutex_t CK_UNLOCKMUTEX 182 183#define ck_c_initialize_args _CK_C_INITIALIZE_ARGS 184#define create_mutex CreateMutex 185#define destroy_mutex DestroyMutex 186#define lock_mutex LockMutex 187#define unlock_mutex UnlockMutex 188#define reserved pReserved 189 190#define ck_rsa_pkcs_mgf_type_t CK_RSA_PKCS_MGF_TYPE 191#define ck_rsa_pkcs_oaep_source_type_t CK_RSA_PKCS_OAEP_SOURCE_TYPE 192#define hash_alg hashAlg 193#define s_len sLen 194#define source_data pSourceData 195#define source_data_len ulSourceDataLen 196 197#define counter_bits ulCounterBits 198#define iv_ptr pIv 199#define iv_len ulIvLen 200#define iv_bits ulIvBits 201#define aad_ptr pAAD 202#define aad_len ulAADLen 203#define tag_bits ulTagBits 204#define shared_data_len ulSharedDataLen 205#define shared_data pSharedData 206#define public_data_len ulPublicDataLen 207#define public_data pPublicData 208#define string_data pData 209#define string_data_len ulLen 210#define data_params pData 211#endif /* CRYPTOKI_COMPAT */ 212 213typedef unsigned long ck_flags_t; 214 215struct ck_version { 216 unsigned char major; 217 unsigned char minor; 218}; 219 220struct ck_info { 221 struct ck_version cryptoki_version; 222 unsigned char manufacturer_id[32]; 223 ck_flags_t flags; 224 unsigned char library_description[32]; 225 struct ck_version library_version; 226}; 227 228typedef unsigned long ck_notification_t; 229 230#define CKN_SURRENDER (0UL) 231 232typedef unsigned long ck_slot_id_t; 233 234struct ck_slot_info { 235 unsigned char slot_description[64]; 236 unsigned char manufacturer_id[32]; 237 ck_flags_t flags; 238 struct ck_version hardware_version; 239 struct ck_version firmware_version; 240}; 241 242#define CKF_TOKEN_PRESENT (1UL << 0) 243#define CKF_REMOVABLE_DEVICE (1UL << 1) 244#define CKF_HW_SLOT (1UL << 2) 245#define CKF_ARRAY_ATTRIBUTE (1UL << 30) 246 247struct ck_token_info { 248 unsigned char label[32]; 249 unsigned char manufacturer_id[32]; 250 unsigned char model[16]; 251 unsigned char serial_number[16]; 252 ck_flags_t flags; 253 unsigned long max_session_count; 254 unsigned long session_count; 255 unsigned long max_rw_session_count; 256 unsigned long rw_session_count; 257 unsigned long max_pin_len; 258 unsigned long min_pin_len; 259 unsigned long total_public_memory; 260 unsigned long free_public_memory; 261 unsigned long total_private_memory; 262 unsigned long free_private_memory; 263 struct ck_version hardware_version; 264 struct ck_version firmware_version; 265 unsigned char utc_time[16]; 266}; 267 268#define CKF_RNG (1UL << 0) 269#define CKF_WRITE_PROTECTED (1UL << 1) 270#define CKF_LOGIN_REQUIRED (1UL << 2) 271#define CKF_USER_PIN_INITIALIZED (1UL << 3) 272#define CKF_RESTORE_KEY_NOT_NEEDED (1UL << 5) 273#define CKF_CLOCK_ON_TOKEN (1UL << 6) 274#define CKF_PROTECTED_AUTHENTICATION_PATH (1UL << 8) 275#define CKF_DUAL_CRYPTO_OPERATIONS (1UL << 9) 276#define CKF_TOKEN_INITIALIZED (1UL << 10) 277#define CKF_SECONDARY_AUTHENTICATION (1UL << 11) 278#define CKF_USER_PIN_COUNT_LOW (1UL << 16) 279#define CKF_USER_PIN_FINAL_TRY (1UL << 17) 280#define CKF_USER_PIN_LOCKED (1UL << 18) 281#define CKF_USER_PIN_TO_BE_CHANGED (1UL << 19) 282#define CKF_SO_PIN_COUNT_LOW (1UL << 20) 283#define CKF_SO_PIN_FINAL_TRY (1UL << 21) 284#define CKF_SO_PIN_LOCKED (1UL << 22) 285#define CKF_SO_PIN_TO_BE_CHANGED (1UL << 23) 286 287#define CK_UNAVAILABLE_INFORMATION ((unsigned long)-1L) 288#define CK_EFFECTIVELY_INFINITE (0UL) 289 290typedef unsigned long ck_session_handle_t; 291 292#define CK_INVALID_HANDLE (0UL) 293 294typedef unsigned long ck_user_type_t; 295 296#define CKU_SO (0UL) 297#define CKU_USER (1UL) 298#define CKU_CONTEXT_SPECIFIC (2UL) 299 300typedef unsigned long ck_state_t; 301 302#define CKS_RO_PUBLIC_SESSION (0UL) 303#define CKS_RO_USER_FUNCTIONS (1UL) 304#define CKS_RW_PUBLIC_SESSION (2UL) 305#define CKS_RW_USER_FUNCTIONS (3UL) 306#define CKS_RW_SO_FUNCTIONS (4UL) 307 308struct ck_session_info { 309 ck_slot_id_t slot_id; 310 ck_state_t state; 311 ck_flags_t flags; 312 unsigned long device_error; 313}; 314 315#define CKF_RW_SESSION (1UL << 1) 316#define CKF_SERIAL_SESSION (1UL << 2) 317 318typedef unsigned long ck_object_handle_t; 319 320typedef unsigned long ck_object_class_t; 321 322#define CKO_DATA (0UL) 323#define CKO_CERTIFICATE (1UL) 324#define CKO_PUBLIC_KEY (2UL) 325#define CKO_PRIVATE_KEY (3UL) 326#define CKO_SECRET_KEY (4UL) 327#define CKO_HW_FEATURE (5UL) 328#define CKO_DOMAIN_PARAMETERS (6UL) 329#define CKO_MECHANISM (7UL) 330#define CKO_OTP_KEY (8UL) 331#define CKO_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 332 333typedef unsigned long ck_hw_feature_type_t; 334 335#define CKH_MONOTONIC_COUNTER (1UL) 336#define CKH_CLOCK (2UL) 337#define CKH_USER_INTERFACE (3UL) 338#define CKH_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 339 340typedef unsigned long ck_key_type_t; 341 342#define CKK_RSA (0UL) 343#define CKK_DSA (1UL) 344#define CKK_DH (2UL) 345#define CKK_ECDSA (3UL) 346#define CKK_EC (3UL) 347#define CKK_X9_42_DH (4UL) 348#define CKK_KEA (5UL) 349#define CKK_GENERIC_SECRET (0x10UL) 350#define CKK_RC2 (0x11UL) 351#define CKK_RC4 (0x12UL) 352#define CKK_DES (0x13UL) 353#define CKK_DES2 (0x14UL) 354#define CKK_DES3 (0x15UL) 355#define CKK_CAST (0x16UL) 356#define CKK_CAST3 (0x17UL) 357#define CKK_CAST128 (0x18UL) 358#define CKK_RC5 (0x19UL) 359#define CKK_IDEA (0x1aUL) 360#define CKK_SKIPJACK (0x1bUL) 361#define CKK_BATON (0x1cUL) 362#define CKK_JUNIPER (0x1dUL) 363#define CKK_CDMF (0x1eUL) 364#define CKK_AES (0x1fUL) 365#define CKK_BLOWFISH (0x20UL) 366#define CKK_TWOFISH (0x21UL) 367#define CKK_SECURID (0x22UL) 368#define CKK_HOTP (0x23UL) 369#define CKK_ACTI (0x24UL) 370#define CKK_CAMELLIA (0x25UL) 371#define CKK_ARIA (0x26UL) 372#define CKK_MD5_HMAC (0x27UL) 373#define CKK_SHA_1_HMAC (0x28UL) 374#define CKK_RIPEMD128_HMAC (0x29UL) 375#define CKK_RIPEMD160_HMAC (0x2aUL) 376#define CKK_SHA256_HMAC (0x2bUL) 377#define CKK_SHA384_HMAC (0x2cUL) 378#define CKK_SHA512_HMAC (0x2dUL) 379#define CKK_SHA224_HMAC (0x2eUL) 380#define CKK_SEED (0x2fUL) 381#define CKK_GOSTR3410 (0x30UL) 382#define CKK_GOSTR3411 (0x31UL) 383#define CKK_GOST28147 (0x32UL) 384#define CKK_EC_EDWARDS (0x40UL) 385#define CKK_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 386 387typedef unsigned long ck_certificate_type_t; 388 389#define CKC_X_509 (0UL) 390#define CKC_X_509_ATTR_CERT (1UL) 391#define CKC_WTLS (2UL) 392#define CKC_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 393 394#define CKC_OPENPGP (CKC_VENDOR_DEFINED | 0x504750UL) 395 396typedef unsigned long ck_attribute_type_t; 397 398#define CKA_CLASS (0UL) 399#define CKA_TOKEN (1UL) 400#define CKA_PRIVATE (2UL) 401#define CKA_LABEL (3UL) 402#define CKA_APPLICATION (0x10UL) 403#define CKA_VALUE (0x11UL) 404#define CKA_OBJECT_ID (0x12UL) 405#define CKA_CERTIFICATE_TYPE (0x80UL) 406#define CKA_ISSUER (0x81UL) 407#define CKA_SERIAL_NUMBER (0x82UL) 408#define CKA_AC_ISSUER (0x83UL) 409#define CKA_OWNER (0x84UL) 410#define CKA_ATTR_TYPES (0x85UL) 411#define CKA_TRUSTED (0x86UL) 412#define CKA_CERTIFICATE_CATEGORY (0x87UL) 413#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) 414#define CKA_URL (0x89UL) 415#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) 416#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) 417#define CKA_NAME_HASH_ALGORITHM (0x8cUL) 418#define CKA_CHECK_VALUE (0x90UL) 419#define CKA_KEY_TYPE (0x100UL) 420#define CKA_SUBJECT (0x101UL) 421#define CKA_ID (0x102UL) 422#define CKA_SENSITIVE (0x103UL) 423#define CKA_ENCRYPT (0x104UL) 424#define CKA_DECRYPT (0x105UL) 425#define CKA_WRAP (0x106UL) 426#define CKA_UNWRAP (0x107UL) 427#define CKA_SIGN (0x108UL) 428#define CKA_SIGN_RECOVER (0x109UL) 429#define CKA_VERIFY (0x10aUL) 430#define CKA_VERIFY_RECOVER (0x10bUL) 431#define CKA_DERIVE (0x10cUL) 432#define CKA_START_DATE (0x110UL) 433#define CKA_END_DATE (0x111UL) 434#define CKA_MODULUS (0x120UL) 435#define CKA_MODULUS_BITS (0x121UL) 436#define CKA_PUBLIC_EXPONENT (0x122UL) 437#define CKA_PRIVATE_EXPONENT (0x123UL) 438#define CKA_PRIME_1 (0x124UL) 439#define CKA_PRIME_2 (0x125UL) 440#define CKA_EXPONENT_1 (0x126UL) 441#define CKA_EXPONENT_2 (0x127UL) 442#define CKA_COEFFICIENT (0x128UL) 443#define CKA_PUBLIC_KEY_INFO (0x129UL) 444#define CKA_PRIME (0x130UL) 445#define CKA_SUBPRIME (0x131UL) 446#define CKA_BASE (0x132UL) 447#define CKA_PRIME_BITS (0x133UL) 448#define CKA_SUB_PRIME_BITS (0x134UL) 449#define CKA_VALUE_BITS (0x160UL) 450#define CKA_VALUE_LEN (0x161UL) 451#define CKA_EXTRACTABLE (0x162UL) 452#define CKA_LOCAL (0x163UL) 453#define CKA_NEVER_EXTRACTABLE (0x164UL) 454#define CKA_ALWAYS_SENSITIVE (0x165UL) 455#define CKA_KEY_GEN_MECHANISM (0x166UL) 456#define CKA_MODIFIABLE (0x170UL) 457#define CKA_COPYABLE (0x171UL) 458#define CKA_DESTROYABLE (0x172UL) 459#define CKA_ECDSA_PARAMS (0x180UL) 460#define CKA_EC_PARAMS (0x180UL) 461#define CKA_EC_POINT (0x181UL) 462#define CKA_SECONDARY_AUTH (0x200UL) 463#define CKA_AUTH_PIN_FLAGS (0x201UL) 464#define CKA_ALWAYS_AUTHENTICATE (0x202UL) 465#define CKA_WRAP_WITH_TRUSTED (0x210UL) 466#define CKA_OTP_FORMAT (0x220UL) 467#define CKA_OTP_LENGTH (0x221UL) 468#define CKA_OTP_TIME_INTERVAL (0x222UL) 469#define CKA_OTP_USER_FRIENDLY_MODE (0x223UL) 470#define CKA_OTP_CHALLENGE_REQUIREMENT (0x224UL) 471#define CKA_OTP_TIME_REQUIREMENT (0x225UL) 472#define CKA_OTP_COUNTER_REQUIREMENT (0x226UL) 473#define CKA_OTP_PIN_REQUIREMENT (0x227UL) 474#define CKA_OTP_USER_IDENTIFIER (0x22AUL) 475#define CKA_OTP_SERVICE_IDENTIFIER (0x22BUL) 476#define CKA_OTP_SERVICE_LOGO (0x22CUL) 477#define CKA_OTP_SERVICE_LOGO_TYPE (0x22DUL) 478#define CKA_OTP_COUNTER (0x22EUL) 479#define CKA_OTP_TIME (0x22FUL) 480#define CKA_GOSTR3410_PARAMS (0x250UL) 481#define CKA_GOSTR3411_PARAMS (0x251UL) 482#define CKA_GOST28147_PARAMS (0x252UL) 483#define CKA_HW_FEATURE_TYPE (0x300UL) 484#define CKA_RESET_ON_INIT (0x301UL) 485#define CKA_HAS_RESET (0x302UL) 486#define CKA_PIXEL_X (0x400UL) 487#define CKA_PIXEL_Y (0x401UL) 488#define CKA_RESOLUTION (0x402UL) 489#define CKA_CHAR_ROWS (0x403UL) 490#define CKA_CHAR_COLUMNS (0x404UL) 491#define CKA_COLOR (0x405UL) 492#define CKA_BITS_PER_PIXEL (0x406UL) 493#define CKA_CHAR_SETS (0x480UL) 494#define CKA_ENCODING_METHODS (0x481UL) 495#define CKA_MIME_TYPES (0x482UL) 496#define CKA_MECHANISM_TYPE (0x500UL) 497#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) 498#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) 499#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) 500#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) 501#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) 502#define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x213UL) 503#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) 504#define CKA_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 505 506struct ck_attribute { 507 ck_attribute_type_t type; 508 void *value; 509 unsigned long value_len; 510}; 511 512struct ck_date { 513 unsigned char year[4]; 514 unsigned char month[2]; 515 unsigned char day[2]; 516}; 517 518typedef unsigned long ck_mechanism_type_t; 519 520#define CKM_RSA_PKCS_KEY_PAIR_GEN (0UL) 521#define CKM_RSA_PKCS (1UL) 522#define CKM_RSA_9796 (2UL) 523#define CKM_RSA_X_509 (3UL) 524#define CKM_MD2_RSA_PKCS (4UL) 525#define CKM_MD5_RSA_PKCS (5UL) 526#define CKM_SHA1_RSA_PKCS (6UL) 527#define CKM_RIPEMD128_RSA_PKCS (7UL) 528#define CKM_RIPEMD160_RSA_PKCS (8UL) 529#define CKM_RSA_PKCS_OAEP (9UL) 530#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xaUL) 531#define CKM_RSA_X9_31 (0xbUL) 532#define CKM_SHA1_RSA_X9_31 (0xcUL) 533#define CKM_RSA_PKCS_PSS (0xdUL) 534#define CKM_SHA1_RSA_PKCS_PSS (0xeUL) 535#define CKM_DSA_KEY_PAIR_GEN (0x10UL) 536#define CKM_DSA (0x11UL) 537#define CKM_DSA_SHA1 (0x12UL) 538#define CKM_DSA_SHA224 (0x13UL) 539#define CKM_DSA_SHA256 (0x14UL) 540#define CKM_DSA_SHA384 (0x15UL) 541#define CKM_DSA_SHA512 (0x16UL) 542#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20UL) 543#define CKM_DH_PKCS_DERIVE (0x21UL) 544#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30UL) 545#define CKM_X9_42_DH_DERIVE (0x31UL) 546#define CKM_X9_42_DH_HYBRID_DERIVE (0x32UL) 547#define CKM_X9_42_MQV_DERIVE (0x33UL) 548#define CKM_SHA256_RSA_PKCS (0x40UL) 549#define CKM_SHA384_RSA_PKCS (0x41UL) 550#define CKM_SHA512_RSA_PKCS (0x42UL) 551#define CKM_SHA256_RSA_PKCS_PSS (0x43UL) 552#define CKM_SHA384_RSA_PKCS_PSS (0x44UL) 553#define CKM_SHA512_RSA_PKCS_PSS (0x45UL) 554#define CKM_SHA512_224 (0x48UL) 555#define CKM_SHA512_224_HMAC (0x49UL) 556#define CKM_SHA512_224_HMAC_GENERAL (0x4aUL) 557#define CKM_SHA512_224_KEY_DERIVATION (0x4bUL) 558#define CKM_SHA512_256 (0x4cUL) 559#define CKM_SHA512_256_HMAC (0x4dUL) 560#define CKM_SHA512_256_HMAC_GENERAL (0x4eUL) 561#define CKM_SHA512_256_KEY_DERIVATION (0x4fUL) 562#define CKM_SHA512_T (0x50UL) 563#define CKM_SHA512_T_HMAC (0x51UL) 564#define CKM_SHA512_T_HMAC_GENERAL (0x52UL) 565#define CKM_SHA512_T_KEY_DERIVATION (0x53UL) 566#define CKM_RC2_KEY_GEN (0x100UL) 567#define CKM_RC2_ECB (0x101UL) 568#define CKM_RC2_CBC (0x102UL) 569#define CKM_RC2_MAC (0x103UL) 570#define CKM_RC2_MAC_GENERAL (0x104UL) 571#define CKM_RC2_CBC_PAD (0x105UL) 572#define CKM_RC4_KEY_GEN (0x110UL) 573#define CKM_RC4 (0x111UL) 574#define CKM_DES_KEY_GEN (0x120UL) 575#define CKM_DES_ECB (0x121UL) 576#define CKM_DES_CBC (0x122UL) 577#define CKM_DES_MAC (0x123UL) 578#define CKM_DES_MAC_GENERAL (0x124UL) 579#define CKM_DES_CBC_PAD (0x125UL) 580#define CKM_DES2_KEY_GEN (0x130UL) 581#define CKM_DES3_KEY_GEN (0x131UL) 582#define CKM_DES3_ECB (0x132UL) 583#define CKM_DES3_CBC (0x133UL) 584#define CKM_DES3_MAC (0x134UL) 585#define CKM_DES3_MAC_GENERAL (0x135UL) 586#define CKM_DES3_CBC_PAD (0x136UL) 587#define CKM_DES3_CMAC_GENERAL (0x137UL) 588#define CKM_DES3_CMAC (0x138UL) 589#define CKM_CDMF_KEY_GEN (0x140UL) 590#define CKM_CDMF_ECB (0x141UL) 591#define CKM_CDMF_CBC (0x142UL) 592#define CKM_CDMF_MAC (0x143UL) 593#define CKM_CDMF_MAC_GENERAL (0x144UL) 594#define CKM_CDMF_CBC_PAD (0x145UL) 595#define CKM_DES_OFB64 (0x150UL) 596#define CKM_DES_OFB8 (0x151UL) 597#define CKM_DES_CFB64 (0x152UL) 598#define CKM_DES_CFB8 (0x153UL) 599#define CKM_MD2 (0x200UL) 600#define CKM_MD2_HMAC (0x201UL) 601#define CKM_MD2_HMAC_GENERAL (0x202UL) 602#define CKM_MD5 (0x210UL) 603#define CKM_MD5_HMAC (0x211UL) 604#define CKM_MD5_HMAC_GENERAL (0x212UL) 605#define CKM_SHA_1 (0x220UL) 606#define CKM_SHA_1_HMAC (0x221UL) 607#define CKM_SHA_1_HMAC_GENERAL (0x222UL) 608#define CKM_RIPEMD128 (0x230UL) 609#define CKM_RIPEMD128_HMAC (0x231UL) 610#define CKM_RIPEMD128_HMAC_GENERAL (0x232UL) 611#define CKM_RIPEMD160 (0x240UL) 612#define CKM_RIPEMD160_HMAC (0x241UL) 613#define CKM_RIPEMD160_HMAC_GENERAL (0x242UL) 614#define CKM_SHA256 (0x250UL) 615#define CKM_SHA256_HMAC (0x251UL) 616#define CKM_SHA256_HMAC_GENERAL (0x252UL) 617#define CKM_SHA384 (0x260UL) 618#define CKM_SHA384_HMAC (0x261UL) 619#define CKM_SHA384_HMAC_GENERAL (0x262UL) 620#define CKM_SHA512 (0x270UL) 621#define CKM_SHA512_HMAC (0x271UL) 622#define CKM_SHA512_HMAC_GENERAL (0x272UL) 623#define CKM_SECURID_KEY_GEN (0x280UL) 624#define CKM_SECURID (0x282UL) 625#define CKM_HOTP_KEY_GEN (0x290UL) 626#define CKM_HOTP (0x291UL) 627#define CKM_ACTI (0x2a0UL) 628#define CKM_ACTI_KEY_GEN (0x2a1UL) 629#define CKM_CAST_KEY_GEN (0x300UL) 630#define CKM_CAST_ECB (0x301UL) 631#define CKM_CAST_CBC (0x302UL) 632#define CKM_CAST_MAC (0x303UL) 633#define CKM_CAST_MAC_GENERAL (0x304UL) 634#define CKM_CAST_CBC_PAD (0x305UL) 635#define CKM_CAST3_KEY_GEN (0x310UL) 636#define CKM_CAST3_ECB (0x311UL) 637#define CKM_CAST3_CBC (0x312UL) 638#define CKM_CAST3_MAC (0x313UL) 639#define CKM_CAST3_MAC_GENERAL (0x314UL) 640#define CKM_CAST3_CBC_PAD (0x315UL) 641#define CKM_CAST5_KEY_GEN (0x320UL) 642#define CKM_CAST128_KEY_GEN (0x320UL) 643#define CKM_CAST5_ECB (0x321UL) 644#define CKM_CAST128_ECB (0x321UL) 645#define CKM_CAST5_CBC (0x322UL) 646#define CKM_CAST128_CBC (0x322UL) 647#define CKM_CAST5_MAC (0x323UL) 648#define CKM_CAST128_MAC (0x323UL) 649#define CKM_CAST5_MAC_GENERAL (0x324UL) 650#define CKM_CAST128_MAC_GENERAL (0x324UL) 651#define CKM_CAST5_CBC_PAD (0x325UL) 652#define CKM_CAST128_CBC_PAD (0x325UL) 653#define CKM_RC5_KEY_GEN (0x330UL) 654#define CKM_RC5_ECB (0x331UL) 655#define CKM_RC5_CBC (0x332UL) 656#define CKM_RC5_MAC (0x333UL) 657#define CKM_RC5_MAC_GENERAL (0x334UL) 658#define CKM_RC5_CBC_PAD (0x335UL) 659#define CKM_IDEA_KEY_GEN (0x340UL) 660#define CKM_IDEA_ECB (0x341UL) 661#define CKM_IDEA_CBC (0x342UL) 662#define CKM_IDEA_MAC (0x343UL) 663#define CKM_IDEA_MAC_GENERAL (0x344UL) 664#define CKM_IDEA_CBC_PAD (0x345UL) 665#define CKM_GENERIC_SECRET_KEY_GEN (0x350UL) 666#define CKM_CONCATENATE_BASE_AND_KEY (0x360UL) 667#define CKM_CONCATENATE_BASE_AND_DATA (0x362UL) 668#define CKM_CONCATENATE_DATA_AND_BASE (0x363UL) 669#define CKM_XOR_BASE_AND_DATA (0x364UL) 670#define CKM_EXTRACT_KEY_FROM_KEY (0x365UL) 671#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370UL) 672#define CKM_SSL3_MASTER_KEY_DERIVE (0x371UL) 673#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372UL) 674#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373UL) 675#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374UL) 676#define CKM_TLS_MASTER_KEY_DERIVE (0x375UL) 677#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376UL) 678#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377UL) 679#define CKM_TLS_PRF (0x378UL) 680#define CKM_SSL3_MD5_MAC (0x380UL) 681#define CKM_SSL3_SHA1_MAC (0x381UL) 682#define CKM_MD5_KEY_DERIVATION (0x390UL) 683#define CKM_MD2_KEY_DERIVATION (0x391UL) 684#define CKM_SHA1_KEY_DERIVATION (0x392UL) 685#define CKM_SHA256_KEY_DERIVATION (0x393UL) 686#define CKM_SHA384_KEY_DERIVATION (0x394UL) 687#define CKM_SHA512_KEY_DERIVATION (0x395UL) 688#define CKM_PBE_MD2_DES_CBC (0x3a0UL) 689#define CKM_PBE_MD5_DES_CBC (0x3a1UL) 690#define CKM_PBE_MD5_CAST_CBC (0x3a2UL) 691#define CKM_PBE_MD5_CAST3_CBC (0x3a3UL) 692#define CKM_PBE_MD5_CAST5_CBC (0x3a4UL) 693#define CKM_PBE_MD5_CAST128_CBC (0x3a4UL) 694#define CKM_PBE_SHA1_CAST5_CBC (0x3a5UL) 695#define CKM_PBE_SHA1_CAST128_CBC (0x3a5UL) 696#define CKM_PBE_SHA1_RC4_128 (0x3a6UL) 697#define CKM_PBE_SHA1_RC4_40 (0x3a7UL) 698#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8UL) 699#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9UL) 700#define CKM_PBE_SHA1_RC2_128_CBC (0x3aaUL) 701#define CKM_PBE_SHA1_RC2_40_CBC (0x3abUL) 702#define CKM_PKCS5_PBKD2 (0x3b0UL) 703#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0UL) 704#define CKM_WTLS_PRE_MASTER_KEY_GEN (0x3d0UL) 705#define CKM_WTLS_MASTER_KEY_DERIVE (0x3d1UL) 706#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC (0x3d2UL) 707#define CKM_WTLS_PRF (0x3d3UL) 708#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE (0x3d4UL) 709#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE (0x3d5UL) 710#define CKM_TLS10_MAC_SERVER (0x3d6UL) 711#define CKM_TLS10_MAC_CLIENT (0x3d7UL) 712#define CKM_TLS12_MAC (0x3d8UL) 713#define CKM_TLS12_KDF (0x3d9UL) 714#define CKM_TLS12_MASTER_KEY_DERIVE (0x3e0UL) 715#define CKM_TLS12_KEY_AND_MAC_DERIVE (0x3e1UL) 716#define CKM_TLS12_MASTER_KEY_DERIVE_DH (0x3e2UL) 717#define CKM_TLS12_KEY_SAFE_DERIVE (0x3e3UL) 718#define CKM_TLS_MAC (0x3e4UL) 719#define CKM_TLS_KDF (0x3e5UL) 720#define CKM_KEY_WRAP_LYNKS (0x400UL) 721#define CKM_KEY_WRAP_SET_OAEP (0x401UL) 722#define CKM_CMS_SIG (0x500UL) 723#define CKM_KIP_DERIVE (0x510UL) 724#define CKM_KIP_WRAP (0x511UL) 725#define CKM_KIP_MAC (0x512UL) 726#define CKM_ARIA_KEY_GEN (0x560UL) 727#define CKM_ARIA_ECB (0x561UL) 728#define CKM_ARIA_CBC (0x562UL) 729#define CKM_ARIA_MAC (0x563UL) 730#define CKM_ARIA_MAC_GENERAL (0x564UL) 731#define CKM_ARIA_CBC_PAD (0x565UL) 732#define CKM_ARIA_ECB_ENCRYPT_DATA (0x566UL) 733#define CKM_ARIA_CBC_ENCRYPT_DATA (0x567UL) 734#define CKM_SEED_KEY_GEN (0x650UL) 735#define CKM_SEED_ECB (0x651UL) 736#define CKM_SEED_CBC (0x652UL) 737#define CKM_SEED_MAC (0x653UL) 738#define CKM_SEED_MAC_GENERAL (0x654UL) 739#define CKM_SEED_CBC_PAD (0x655UL) 740#define CKM_SEED_ECB_ENCRYPT_DATA (0x656UL) 741#define CKM_SEED_CBC_ENCRYPT_DATA (0x657UL) 742#define CKM_SKIPJACK_KEY_GEN (0x1000UL) 743#define CKM_SKIPJACK_ECB64 (0x1001UL) 744#define CKM_SKIPJACK_CBC64 (0x1002UL) 745#define CKM_SKIPJACK_OFB64 (0x1003UL) 746#define CKM_SKIPJACK_CFB64 (0x1004UL) 747#define CKM_SKIPJACK_CFB32 (0x1005UL) 748#define CKM_SKIPJACK_CFB16 (0x1006UL) 749#define CKM_SKIPJACK_CFB8 (0x1007UL) 750#define CKM_SKIPJACK_WRAP (0x1008UL) 751#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009UL) 752#define CKM_SKIPJACK_RELAYX (0x100aUL) 753#define CKM_KEA_KEY_PAIR_GEN (0x1010UL) 754#define CKM_KEA_KEY_DERIVE (0x1011UL) 755#define CKM_FORTEZZA_TIMESTAMP (0x1020UL) 756#define CKM_BATON_KEY_GEN (0x1030UL) 757#define CKM_BATON_ECB128 (0x1031UL) 758#define CKM_BATON_ECB96 (0x1032UL) 759#define CKM_BATON_CBC128 (0x1033UL) 760#define CKM_BATON_COUNTER (0x1034UL) 761#define CKM_BATON_SHUFFLE (0x1035UL) 762#define CKM_BATON_WRAP (0x1036UL) 763#define CKM_ECDSA_KEY_PAIR_GEN (0x1040UL) 764#define CKM_EC_KEY_PAIR_GEN (0x1040UL) 765#define CKM_ECDSA (0x1041UL) 766#define CKM_ECDSA_SHA1 (0x1042UL) 767#define CKM_ECDSA_SHA224 (0x1043UL) 768#define CKM_ECDSA_SHA256 (0x1044UL) 769#define CKM_ECDSA_SHA384 (0x1045UL) 770#define CKM_ECDSA_SHA512 (0x1046UL) 771#define CKM_ECDH1_DERIVE (0x1050UL) 772#define CKM_ECDH1_COFACTOR_DERIVE (0x1051UL) 773#define CKM_ECMQV_DERIVE (0x1052UL) 774#define CKM_ECDH_AES_KEY_WRAP (0x1053UL) 775#define CKM_RSA_AES_KEY_WRAP (0x1054UL) 776#define CKM_JUNIPER_KEY_GEN (0x1060UL) 777#define CKM_JUNIPER_ECB128 (0x1061UL) 778#define CKM_JUNIPER_CBC128 (0x1062UL) 779#define CKM_JUNIPER_COUNTER (0x1063UL) 780#define CKM_JUNIPER_SHUFFLE (0x1064UL) 781#define CKM_JUNIPER_WRAP (0x1065UL) 782#define CKM_FASTHASH (0x1070UL) 783#define CKM_AES_KEY_GEN (0x1080UL) 784#define CKM_AES_ECB (0x1081UL) 785#define CKM_AES_CBC (0x1082UL) 786#define CKM_AES_MAC (0x1083UL) 787#define CKM_AES_MAC_GENERAL (0x1084UL) 788#define CKM_AES_CBC_PAD (0x1085UL) 789#define CKM_AES_CTR (0x1086UL) 790#define CKM_AES_GCM (0x1087UL) 791#define CKM_AES_CCM (0x1088UL) 792#define CKM_AES_CTS (0x1089UL) 793#define CKM_AES_CMAC (0x108aUL) 794#define CKM_AES_CMAC_GENERAL (0x108bUL) 795#define CKM_AES_XCBC_MAC (0x108cUL) 796#define CKM_AES_XCBC_MAC_96 (0x108dUL) 797#define CKM_AES_GMAC (0x108eUL) 798#define CKM_BLOWFISH_KEY_GEN (0x1090UL) 799#define CKM_BLOWFISH_CBC (0x1091UL) 800#define CKM_TWOFISH_KEY_GEN (0x1092UL) 801#define CKM_TWOFISH_CBC (0x1093UL) 802#define CKM_BLOWFISH_CBC_PAD (0x1094UL) 803#define CKM_TWOFISH_CBC_PAD (0x1095UL) 804#define CKM_DES_ECB_ENCRYPT_DATA (0x1100UL) 805#define CKM_DES_CBC_ENCRYPT_DATA (0x1101UL) 806#define CKM_DES3_ECB_ENCRYPT_DATA (0x1102UL) 807#define CKM_DES3_CBC_ENCRYPT_DATA (0x1103UL) 808#define CKM_AES_ECB_ENCRYPT_DATA (0x1104UL) 809#define CKM_AES_CBC_ENCRYPT_DATA (0x1105UL) 810#define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200UL) 811#define CKM_GOSTR3410 (0x1201UL) 812#define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202UL) 813#define CKM_GOSTR3410_KEY_WRAP (0x1203UL) 814#define CKM_GOSTR3410_DERIVE (0x1204UL) 815#define CKM_GOSTR3411 (0x1210UL) 816#define CKM_GOSTR3411_HMAC (0x1211UL) 817#define CKM_GOST28147_KEY_GEN (0x1220UL) 818#define CKM_GOST28147_ECB (0x1221UL) 819#define CKM_GOST28147 (0x1222UL) 820#define CKM_GOST28147_MAC (0x1223UL) 821#define CKM_GOST28147_KEY_WRAP (0x1224UL) 822#define CKM_DSA_PARAMETER_GEN (0x2000UL) 823#define CKM_DH_PKCS_PARAMETER_GEN (0x2001UL) 824#define CKM_X9_42_DH_PARAMETER_GEN (0x2002UL) 825#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN (0x2003UL) 826#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN (0x2004UL) 827#define CKM_AES_OFB (0x2104UL) 828#define CKM_AES_CFB64 (0x2105UL) 829#define CKM_AES_CFB8 (0x2106UL) 830#define CKM_AES_CFB128 (0x2107UL) 831#define CKM_AES_CFB1 (0x2108UL) 832 833#define CKM_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 834 835/* Amendments */ 836#define CKM_SHA224 (0x255UL) 837#define CKM_SHA224_HMAC (0x256UL) 838#define CKM_SHA224_HMAC_GENERAL (0x257UL) 839#define CKM_SHA224_RSA_PKCS (0x46UL) 840#define CKM_SHA224_RSA_PKCS_PSS (0x47UL) 841#define CKM_SHA224_KEY_DERIVATION (0x396UL) 842 843#define CKM_CAMELLIA_KEY_GEN (0x550UL) 844#define CKM_CAMELLIA_ECB (0x551UL) 845#define CKM_CAMELLIA_CBC (0x552UL) 846#define CKM_CAMELLIA_MAC (0x553UL) 847#define CKM_CAMELLIA_MAC_GENERAL (0x554UL) 848#define CKM_CAMELLIA_CBC_PAD (0x555UL) 849#define CKM_CAMELLIA_ECB_ENCRYPT_DATA (0x556UL) 850#define CKM_CAMELLIA_CBC_ENCRYPT_DATA (0x557UL) 851#define CKM_CAMELLIA_CTR (0x558UL) 852 853#define CKM_AES_KEY_WRAP (0x2109UL) 854#define CKM_AES_KEY_WRAP_PAD (0x210aUL) 855 856#define CKM_RSA_PKCS_TPM_1_1 (0x4001UL) 857#define CKM_RSA_PKCS_OAEP_TPM_1_1 (0x4002UL) 858 859/* From version 3.0 */ 860#define CKM_EC_EDWARDS_KEY_PAIR_GEN (0x1055UL) 861#define CKM_EDDSA (0x1057UL) 862 863/* Attribute and other constants related to OTP */ 864#define CK_OTP_FORMAT_DECIMAL (0UL) 865#define CK_OTP_FORMAT_HEXADECIMAL (1UL) 866#define CK_OTP_FORMAT_ALPHANUMERIC (2UL) 867#define CK_OTP_FORMAT_BINARY (3UL) 868#define CK_OTP_PARAM_IGNORED (0UL) 869#define CK_OTP_PARAM_OPTIONAL (1UL) 870#define CK_OTP_PARAM_MANDATORY (2UL) 871 872#define CK_OTP_VALUE (0UL) 873#define CK_OTP_PIN (1UL) 874#define CK_OTP_CHALLENGE (2UL) 875#define CK_OTP_TIME (3UL) 876#define CK_OTP_COUNTER (4UL) 877#define CK_OTP_FLAGS (5UL) 878#define CK_OTP_OUTPUT_LENGTH (6UL) 879#define CK_OTP_FORMAT (7UL) 880 881/* OTP mechanism flags */ 882#define CKF_NEXT_OTP (0x01UL) 883#define CKF_EXCLUDE_TIME (0x02UL) 884#define CKF_EXCLUDE_COUNTER (0x04UL) 885#define CKF_EXCLUDE_CHALLENGE (0x08UL) 886#define CKF_EXCLUDE_PIN (0x10UL) 887#define CKF_USER_FRIENDLY_OTP (0x20UL) 888 889#define CKN_OTP_CHANGED (0x01UL) 890 891struct ck_mechanism { 892 ck_mechanism_type_t mechanism; 893 void *parameter; 894 unsigned long parameter_len; 895}; 896 897struct ck_mechanism_info { 898 unsigned long min_key_size; 899 unsigned long max_key_size; 900 ck_flags_t flags; 901}; 902 903typedef unsigned long ck_param_type; 904 905typedef struct ck_otp_param { 906 ck_param_type type; 907 void *value; 908 unsigned long value_len; 909} ck_otp_param; 910 911typedef struct ck_otp_params { 912 struct ck_otp_param *params; 913 unsigned long count; 914} ck_otp_params; 915 916typedef struct ck_otp_signature_info { 917 struct ck_otp_param *params; 918 unsigned long count; 919} ck_otp_signature_info; 920 921#define CKG_MGF1_SHA1 0x00000001UL 922#define CKG_MGF1_SHA224 0x00000005UL 923#define CKG_MGF1_SHA256 0x00000002UL 924#define CKG_MGF1_SHA384 0x00000003UL 925#define CKG_MGF1_SHA512 0x00000004UL 926 927typedef unsigned long ck_rsa_pkcs_mgf_type_t; 928 929struct ck_rsa_pkcs_pss_params { 930 ck_mechanism_type_t hash_alg; 931 ck_rsa_pkcs_mgf_type_t mgf; 932 unsigned long s_len; 933}; 934 935typedef unsigned long ck_rsa_pkcs_oaep_source_type_t; 936 937struct ck_rsa_pkcs_oaep_params { 938 ck_mechanism_type_t hash_alg; 939 ck_rsa_pkcs_mgf_type_t mgf; 940 ck_rsa_pkcs_oaep_source_type_t source; 941 void *source_data; 942 unsigned long source_data_len; 943}; 944 945struct ck_aes_ctr_params { 946 unsigned long counter_bits; 947 unsigned char cb[16]; 948}; 949 950struct ck_gcm_params { 951 unsigned char *iv_ptr; 952 unsigned long iv_len; 953 unsigned long iv_bits; 954 unsigned char *aad_ptr; 955 unsigned long aad_len; 956 unsigned long tag_bits; 957}; 958 959/* The following EC Key Derivation Functions are defined */ 960#define CKD_NULL (0x01UL) 961#define CKD_SHA1_KDF (0x02UL) 962 963/* The following X9.42 DH key derivation functions are defined */ 964#define CKD_SHA1_KDF_ASN1 (0x03UL) 965#define CKD_SHA1_KDF_CONCATENATE (0x04UL) 966#define CKD_SHA224_KDF (0x05UL) 967#define CKD_SHA256_KDF (0x06UL) 968#define CKD_SHA384_KDF (0x07UL) 969#define CKD_SHA512_KDF (0x08UL) 970#define CKD_CPDIVERSIFY_KDF (0x09UL) 971 972typedef unsigned long ck_ec_kdf_t; 973 974struct ck_ecdh1_derive_params { 975 ck_ec_kdf_t kdf; 976 unsigned long shared_data_len; 977 unsigned char *shared_data; 978 unsigned long public_data_len; 979 unsigned char *public_data; 980}; 981 982struct ck_key_derivation_string_data { 983 unsigned char *string_data; 984 unsigned long string_data_len; 985}; 986 987struct ck_des_cbc_encrypt_data_params { 988 unsigned char iv[8]; 989 unsigned char *data_params; 990 unsigned long length; 991}; 992 993struct ck_aes_cbc_encrypt_data_params { 994 unsigned char iv[16]; 995 unsigned char *data_params; 996 unsigned long length; 997}; 998 999#define CKF_HW (1UL << 0) 1000#define CKF_ENCRYPT (1UL << 8) 1001#define CKF_DECRYPT (1UL << 9) 1002#define CKF_DIGEST (1UL << 10) 1003#define CKF_SIGN (1UL << 11) 1004#define CKF_SIGN_RECOVER (1UL << 12) 1005#define CKF_VERIFY (1UL << 13) 1006#define CKF_VERIFY_RECOVER (1UL << 14) 1007#define CKF_GENERATE (1UL << 15) 1008#define CKF_GENERATE_KEY_PAIR (1UL << 16) 1009#define CKF_WRAP (1UL << 17) 1010#define CKF_UNWRAP (1UL << 18) 1011#define CKF_DERIVE (1UL << 19) 1012#define CKF_EXTENSION ((unsigned long)(1UL << 31)) 1013 1014#define CKF_EC_F_P (1UL << 20) 1015#define CKF_EC_NAMEDCURVE (1UL << 23) 1016#define CKF_EC_UNCOMPRESS (1UL << 24) 1017#define CKF_EC_COMPRESS (1UL << 25) 1018 1019/* Flags for C_WaitForSlotEvent. */ 1020#define CKF_DONT_BLOCK (1UL) 1021 1022typedef unsigned long ck_rv_t; 1023 1024typedef ck_rv_t (*ck_notify_t)(ck_session_handle_t session, 1025 ck_notification_t event, void *application); 1026 1027/* Forward reference. */ 1028struct ck_function_list; 1029 1030#define _CK_DECLARE_FUNCTION(name, args) \ 1031 typedef ck_rv_t(*CK_##name) args; \ 1032 ck_rv_t CK_SPEC name args 1033 1034_CK_DECLARE_FUNCTION(C_Initialize, (void *init_args)); 1035_CK_DECLARE_FUNCTION(C_Finalize, (void *reserved)); 1036_CK_DECLARE_FUNCTION(C_GetInfo, (struct ck_info * info)); 1037_CK_DECLARE_FUNCTION(C_GetFunctionList, 1038 (struct ck_function_list * *function_list)); 1039 1040_CK_DECLARE_FUNCTION(C_GetSlotList, 1041 (unsigned char token_present, ck_slot_id_t *slot_list, 1042 unsigned long *count)); 1043_CK_DECLARE_FUNCTION(C_GetSlotInfo, 1044 (ck_slot_id_t slot_id, struct ck_slot_info *info)); 1045_CK_DECLARE_FUNCTION(C_GetTokenInfo, 1046 (ck_slot_id_t slot_id, struct ck_token_info *info)); 1047_CK_DECLARE_FUNCTION(C_WaitForSlotEvent, 1048 (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); 1049_CK_DECLARE_FUNCTION(C_GetMechanismList, 1050 (ck_slot_id_t slot_id, ck_mechanism_type_t *mechanism_list, 1051 unsigned long *count)); 1052_CK_DECLARE_FUNCTION(C_GetMechanismInfo, 1053 (ck_slot_id_t slot_id, ck_mechanism_type_t type, 1054 struct ck_mechanism_info *info)); 1055_CK_DECLARE_FUNCTION(C_InitToken, 1056 (ck_slot_id_t slot_id, unsigned char *pin, 1057 unsigned long pin_len, unsigned char *label)); 1058_CK_DECLARE_FUNCTION(C_InitPIN, (ck_session_handle_t session, 1059 unsigned char *pin, unsigned long pin_len)); 1060_CK_DECLARE_FUNCTION(C_SetPIN, (ck_session_handle_t session, 1061 unsigned char *old_pin, unsigned long old_len, 1062 unsigned char *new_pin, unsigned long new_len)); 1063 1064_CK_DECLARE_FUNCTION(C_OpenSession, 1065 (ck_slot_id_t slot_id, ck_flags_t flags, void *application, 1066 ck_notify_t notify, ck_session_handle_t *session)); 1067_CK_DECLARE_FUNCTION(C_CloseSession, (ck_session_handle_t session)); 1068_CK_DECLARE_FUNCTION(C_CloseAllSessions, (ck_slot_id_t slot_id)); 1069_CK_DECLARE_FUNCTION(C_GetSessionInfo, (ck_session_handle_t session, 1070 struct ck_session_info *info)); 1071_CK_DECLARE_FUNCTION(C_GetOperationState, (ck_session_handle_t session, 1072 unsigned char *operation_state, 1073 unsigned long *operation_state_len)); 1074_CK_DECLARE_FUNCTION(C_SetOperationState, 1075 (ck_session_handle_t session, 1076 unsigned char *operation_state, 1077 unsigned long operation_state_len, 1078 ck_object_handle_t encryption_key, 1079 ck_object_handle_t authentiation_key)); 1080_CK_DECLARE_FUNCTION(C_Login, 1081 (ck_session_handle_t session, ck_user_type_t user_type, 1082 unsigned char *pin, unsigned long pin_len)); 1083_CK_DECLARE_FUNCTION(C_Logout, (ck_session_handle_t session)); 1084 1085_CK_DECLARE_FUNCTION(C_CreateObject, 1086 (ck_session_handle_t session, struct ck_attribute *templ, 1087 unsigned long count, ck_object_handle_t *object)); 1088_CK_DECLARE_FUNCTION(C_CopyObject, 1089 (ck_session_handle_t session, ck_object_handle_t object, 1090 struct ck_attribute *templ, unsigned long count, 1091 ck_object_handle_t *new_object)); 1092_CK_DECLARE_FUNCTION(C_DestroyObject, 1093 (ck_session_handle_t session, ck_object_handle_t object)); 1094_CK_DECLARE_FUNCTION(C_GetObjectSize, 1095 (ck_session_handle_t session, ck_object_handle_t object, 1096 unsigned long *size)); 1097_CK_DECLARE_FUNCTION(C_GetAttributeValue, 1098 (ck_session_handle_t session, ck_object_handle_t object, 1099 struct ck_attribute *templ, unsigned long count)); 1100_CK_DECLARE_FUNCTION(C_SetAttributeValue, 1101 (ck_session_handle_t session, ck_object_handle_t object, 1102 struct ck_attribute *templ, unsigned long count)); 1103_CK_DECLARE_FUNCTION(C_FindObjectsInit, 1104 (ck_session_handle_t session, struct ck_attribute *templ, 1105 unsigned long count)); 1106_CK_DECLARE_FUNCTION(C_FindObjects, 1107 (ck_session_handle_t session, ck_object_handle_t *object, 1108 unsigned long max_object_count, 1109 unsigned long *object_count)); 1110_CK_DECLARE_FUNCTION(C_FindObjectsFinal, (ck_session_handle_t session)); 1111 1112_CK_DECLARE_FUNCTION(C_EncryptInit, 1113 (ck_session_handle_t session, 1114 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1115_CK_DECLARE_FUNCTION(C_Encrypt, 1116 (ck_session_handle_t session, unsigned char *data, 1117 unsigned long data_len, unsigned char *encrypted_data, 1118 unsigned long *encrypted_data_len)); 1119_CK_DECLARE_FUNCTION(C_EncryptUpdate, 1120 (ck_session_handle_t session, unsigned char *part, 1121 unsigned long part_len, unsigned char *encrypted_part, 1122 unsigned long *encrypted_part_len)); 1123_CK_DECLARE_FUNCTION(C_EncryptFinal, (ck_session_handle_t session, 1124 unsigned char *last_encrypted_part, 1125 unsigned long *last_encrypted_part_len)); 1126 1127_CK_DECLARE_FUNCTION(C_DecryptInit, 1128 (ck_session_handle_t session, 1129 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1130_CK_DECLARE_FUNCTION(C_Decrypt, (ck_session_handle_t session, 1131 unsigned char *encrypted_data, 1132 unsigned long encrypted_data_len, 1133 unsigned char *data, unsigned long *data_len)); 1134_CK_DECLARE_FUNCTION(C_DecryptUpdate, 1135 (ck_session_handle_t session, 1136 unsigned char *encrypted_part, 1137 unsigned long encrypted_part_len, unsigned char *part, 1138 unsigned long *part_len)); 1139_CK_DECLARE_FUNCTION(C_DecryptFinal, 1140 (ck_session_handle_t session, unsigned char *last_part, 1141 unsigned long *last_part_len)); 1142 1143_CK_DECLARE_FUNCTION(C_DigestInit, (ck_session_handle_t session, 1144 struct ck_mechanism *mechanism)); 1145_CK_DECLARE_FUNCTION(C_Digest, 1146 (ck_session_handle_t session, unsigned char *data, 1147 unsigned long data_len, unsigned char *digest, 1148 unsigned long *digest_len)); 1149_CK_DECLARE_FUNCTION(C_DigestUpdate, 1150 (ck_session_handle_t session, unsigned char *part, 1151 unsigned long part_len)); 1152_CK_DECLARE_FUNCTION(C_DigestKey, 1153 (ck_session_handle_t session, ck_object_handle_t key)); 1154_CK_DECLARE_FUNCTION(C_DigestFinal, 1155 (ck_session_handle_t session, unsigned char *digest, 1156 unsigned long *digest_len)); 1157 1158_CK_DECLARE_FUNCTION(C_SignInit, 1159 (ck_session_handle_t session, 1160 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1161_CK_DECLARE_FUNCTION(C_Sign, (ck_session_handle_t session, unsigned char *data, 1162 unsigned long data_len, unsigned char *signature, 1163 unsigned long *signature_len)); 1164_CK_DECLARE_FUNCTION(C_SignUpdate, 1165 (ck_session_handle_t session, unsigned char *part, 1166 unsigned long part_len)); 1167_CK_DECLARE_FUNCTION(C_SignFinal, 1168 (ck_session_handle_t session, unsigned char *signature, 1169 unsigned long *signature_len)); 1170_CK_DECLARE_FUNCTION(C_SignRecoverInit, 1171 (ck_session_handle_t session, 1172 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1173_CK_DECLARE_FUNCTION(C_SignRecover, 1174 (ck_session_handle_t session, unsigned char *data, 1175 unsigned long data_len, unsigned char *signature, 1176 unsigned long *signature_len)); 1177 1178_CK_DECLARE_FUNCTION(C_VerifyInit, 1179 (ck_session_handle_t session, 1180 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1181_CK_DECLARE_FUNCTION(C_Verify, 1182 (ck_session_handle_t session, unsigned char *data, 1183 unsigned long data_len, unsigned char *signature, 1184 unsigned long signature_len)); 1185_CK_DECLARE_FUNCTION(C_VerifyUpdate, 1186 (ck_session_handle_t session, unsigned char *part, 1187 unsigned long part_len)); 1188_CK_DECLARE_FUNCTION(C_VerifyFinal, 1189 (ck_session_handle_t session, unsigned char *signature, 1190 unsigned long signature_len)); 1191_CK_DECLARE_FUNCTION(C_VerifyRecoverInit, 1192 (ck_session_handle_t session, 1193 struct ck_mechanism *mechanism, ck_object_handle_t key)); 1194_CK_DECLARE_FUNCTION(C_VerifyRecover, 1195 (ck_session_handle_t session, unsigned char *signature, 1196 unsigned long signature_len, unsigned char *data, 1197 unsigned long *data_len)); 1198 1199_CK_DECLARE_FUNCTION(C_DigestEncryptUpdate, 1200 (ck_session_handle_t session, unsigned char *part, 1201 unsigned long part_len, unsigned char *encrypted_part, 1202 unsigned long *encrypted_part_len)); 1203_CK_DECLARE_FUNCTION(C_DecryptDigestUpdate, 1204 (ck_session_handle_t session, 1205 unsigned char *encrypted_part, 1206 unsigned long encrypted_part_len, unsigned char *part, 1207 unsigned long *part_len)); 1208_CK_DECLARE_FUNCTION(C_SignEncryptUpdate, 1209 (ck_session_handle_t session, unsigned char *part, 1210 unsigned long part_len, unsigned char *encrypted_part, 1211 unsigned long *encrypted_part_len)); 1212_CK_DECLARE_FUNCTION(C_DecryptVerifyUpdate, 1213 (ck_session_handle_t session, 1214 unsigned char *encrypted_part, 1215 unsigned long encrypted_part_len, unsigned char *part, 1216 unsigned long *part_len)); 1217 1218_CK_DECLARE_FUNCTION(C_GenerateKey, 1219 (ck_session_handle_t session, 1220 struct ck_mechanism *mechanism, 1221 struct ck_attribute *templ, unsigned long count, 1222 ck_object_handle_t *key)); 1223_CK_DECLARE_FUNCTION(C_GenerateKeyPair, 1224 (ck_session_handle_t session, 1225 struct ck_mechanism *mechanism, 1226 struct ck_attribute *public_key_template, 1227 unsigned long public_key_attribute_count, 1228 struct ck_attribute *private_key_template, 1229 unsigned long private_key_attribute_count, 1230 ck_object_handle_t *public_key, 1231 ck_object_handle_t *private_key)); 1232_CK_DECLARE_FUNCTION(C_WrapKey, 1233 (ck_session_handle_t session, 1234 struct ck_mechanism *mechanism, 1235 ck_object_handle_t wrapping_key, ck_object_handle_t key, 1236 unsigned char *wrapped_key, 1237 unsigned long *wrapped_key_len)); 1238_CK_DECLARE_FUNCTION(C_UnwrapKey, 1239 (ck_session_handle_t session, 1240 struct ck_mechanism *mechanism, 1241 ck_object_handle_t unwrapping_key, 1242 unsigned char *wrapped_key, unsigned long wrapped_key_len, 1243 struct ck_attribute *templ, unsigned long attribute_count, 1244 ck_object_handle_t *key)); 1245_CK_DECLARE_FUNCTION(C_DeriveKey, 1246 (ck_session_handle_t session, 1247 struct ck_mechanism *mechanism, 1248 ck_object_handle_t base_key, struct ck_attribute *templ, 1249 unsigned long attribute_count, ck_object_handle_t *key)); 1250 1251_CK_DECLARE_FUNCTION(C_SeedRandom, 1252 (ck_session_handle_t session, unsigned char *seed, 1253 unsigned long seed_len)); 1254_CK_DECLARE_FUNCTION(C_GenerateRandom, 1255 (ck_session_handle_t session, unsigned char *random_data, 1256 unsigned long random_len)); 1257 1258_CK_DECLARE_FUNCTION(C_GetFunctionStatus, (ck_session_handle_t session)); 1259_CK_DECLARE_FUNCTION(C_CancelFunction, (ck_session_handle_t session)); 1260 1261struct ck_function_list { 1262 struct ck_version version; 1263 CK_C_Initialize C_Initialize; 1264 CK_C_Finalize C_Finalize; 1265 CK_C_GetInfo C_GetInfo; 1266 CK_C_GetFunctionList C_GetFunctionList; 1267 CK_C_GetSlotList C_GetSlotList; 1268 CK_C_GetSlotInfo C_GetSlotInfo; 1269 CK_C_GetTokenInfo C_GetTokenInfo; 1270 CK_C_GetMechanismList C_GetMechanismList; 1271 CK_C_GetMechanismInfo C_GetMechanismInfo; 1272 CK_C_InitToken C_InitToken; 1273 CK_C_InitPIN C_InitPIN; 1274 CK_C_SetPIN C_SetPIN; 1275 CK_C_OpenSession C_OpenSession; 1276 CK_C_CloseSession C_CloseSession; 1277 CK_C_CloseAllSessions C_CloseAllSessions; 1278 CK_C_GetSessionInfo C_GetSessionInfo; 1279 CK_C_GetOperationState C_GetOperationState; 1280 CK_C_SetOperationState C_SetOperationState; 1281 CK_C_Login C_Login; 1282 CK_C_Logout C_Logout; 1283 CK_C_CreateObject C_CreateObject; 1284 CK_C_CopyObject C_CopyObject; 1285 CK_C_DestroyObject C_DestroyObject; 1286 CK_C_GetObjectSize C_GetObjectSize; 1287 CK_C_GetAttributeValue C_GetAttributeValue; 1288 CK_C_SetAttributeValue C_SetAttributeValue; 1289 CK_C_FindObjectsInit C_FindObjectsInit; 1290 CK_C_FindObjects C_FindObjects; 1291 CK_C_FindObjectsFinal C_FindObjectsFinal; 1292 CK_C_EncryptInit C_EncryptInit; 1293 CK_C_Encrypt C_Encrypt; 1294 CK_C_EncryptUpdate C_EncryptUpdate; 1295 CK_C_EncryptFinal C_EncryptFinal; 1296 CK_C_DecryptInit C_DecryptInit; 1297 CK_C_Decrypt C_Decrypt; 1298 CK_C_DecryptUpdate C_DecryptUpdate; 1299 CK_C_DecryptFinal C_DecryptFinal; 1300 CK_C_DigestInit C_DigestInit; 1301 CK_C_Digest C_Digest; 1302 CK_C_DigestUpdate C_DigestUpdate; 1303 CK_C_DigestKey C_DigestKey; 1304 CK_C_DigestFinal C_DigestFinal; 1305 CK_C_SignInit C_SignInit; 1306 CK_C_Sign C_Sign; 1307 CK_C_SignUpdate C_SignUpdate; 1308 CK_C_SignFinal C_SignFinal; 1309 CK_C_SignRecoverInit C_SignRecoverInit; 1310 CK_C_SignRecover C_SignRecover; 1311 CK_C_VerifyInit C_VerifyInit; 1312 CK_C_Verify C_Verify; 1313 CK_C_VerifyUpdate C_VerifyUpdate; 1314 CK_C_VerifyFinal C_VerifyFinal; 1315 CK_C_VerifyRecoverInit C_VerifyRecoverInit; 1316 CK_C_VerifyRecover C_VerifyRecover; 1317 CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; 1318 CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; 1319 CK_C_SignEncryptUpdate C_SignEncryptUpdate; 1320 CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; 1321 CK_C_GenerateKey C_GenerateKey; 1322 CK_C_GenerateKeyPair C_GenerateKeyPair; 1323 CK_C_WrapKey C_WrapKey; 1324 CK_C_UnwrapKey C_UnwrapKey; 1325 CK_C_DeriveKey C_DeriveKey; 1326 CK_C_SeedRandom C_SeedRandom; 1327 CK_C_GenerateRandom C_GenerateRandom; 1328 CK_C_GetFunctionStatus C_GetFunctionStatus; 1329 CK_C_CancelFunction C_CancelFunction; 1330 CK_C_WaitForSlotEvent C_WaitForSlotEvent; 1331}; 1332 1333typedef ck_rv_t (*ck_createmutex_t)(void **mutex); 1334typedef ck_rv_t (*ck_destroymutex_t)(void *mutex); 1335typedef ck_rv_t (*ck_lockmutex_t)(void *mutex); 1336typedef ck_rv_t (*ck_unlockmutex_t)(void *mutex); 1337 1338struct ck_c_initialize_args { 1339 ck_createmutex_t create_mutex; 1340 ck_destroymutex_t destroy_mutex; 1341 ck_lockmutex_t lock_mutex; 1342 ck_unlockmutex_t unlock_mutex; 1343 ck_flags_t flags; 1344 void *reserved; 1345}; 1346 1347#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1UL << 0) 1348#define CKF_OS_LOCKING_OK (1UL << 1) 1349 1350#define CKR_OK (0UL) 1351#define CKR_CANCEL (1UL) 1352#define CKR_HOST_MEMORY (2UL) 1353#define CKR_SLOT_ID_INVALID (3UL) 1354#define CKR_GENERAL_ERROR (5UL) 1355#define CKR_FUNCTION_FAILED (6UL) 1356#define CKR_ARGUMENTS_BAD (7UL) 1357#define CKR_NO_EVENT (8UL) 1358#define CKR_NEED_TO_CREATE_THREADS (9UL) 1359#define CKR_CANT_LOCK (0xaUL) 1360#define CKR_ATTRIBUTE_READ_ONLY (0x10UL) 1361#define CKR_ATTRIBUTE_SENSITIVE (0x11UL) 1362#define CKR_ATTRIBUTE_TYPE_INVALID (0x12UL) 1363#define CKR_ATTRIBUTE_VALUE_INVALID (0x13UL) 1364#define CKR_ACTION_PROHIBITED (0x1BUL) 1365#define CKR_DATA_INVALID (0x20UL) 1366#define CKR_DATA_LEN_RANGE (0x21UL) 1367#define CKR_DEVICE_ERROR (0x30UL) 1368#define CKR_DEVICE_MEMORY (0x31UL) 1369#define CKR_DEVICE_REMOVED (0x32UL) 1370#define CKR_ENCRYPTED_DATA_INVALID (0x40UL) 1371#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41UL) 1372#define CKR_FUNCTION_CANCELED (0x50UL) 1373#define CKR_FUNCTION_NOT_PARALLEL (0x51UL) 1374#define CKR_FUNCTION_NOT_SUPPORTED (0x54UL) 1375#define CKR_KEY_HANDLE_INVALID (0x60UL) 1376#define CKR_KEY_SIZE_RANGE (0x62UL) 1377#define CKR_KEY_TYPE_INCONSISTENT (0x63UL) 1378#define CKR_KEY_NOT_NEEDED (0x64UL) 1379#define CKR_KEY_CHANGED (0x65UL) 1380#define CKR_KEY_NEEDED (0x66UL) 1381#define CKR_KEY_INDIGESTIBLE (0x67UL) 1382#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68UL) 1383#define CKR_KEY_NOT_WRAPPABLE (0x69UL) 1384#define CKR_KEY_UNEXTRACTABLE (0x6aUL) 1385#define CKR_MECHANISM_INVALID (0x70UL) 1386#define CKR_MECHANISM_PARAM_INVALID (0x71UL) 1387#define CKR_OBJECT_HANDLE_INVALID (0x82UL) 1388#define CKR_OPERATION_ACTIVE (0x90UL) 1389#define CKR_OPERATION_NOT_INITIALIZED (0x91UL) 1390#define CKR_PIN_INCORRECT (0xa0UL) 1391#define CKR_PIN_INVALID (0xa1UL) 1392#define CKR_PIN_LEN_RANGE (0xa2UL) 1393#define CKR_PIN_EXPIRED (0xa3UL) 1394#define CKR_PIN_LOCKED (0xa4UL) 1395#define CKR_SESSION_CLOSED (0xb0UL) 1396#define CKR_SESSION_COUNT (0xb1UL) 1397#define CKR_SESSION_HANDLE_INVALID (0xb3UL) 1398#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4UL) 1399#define CKR_SESSION_READ_ONLY (0xb5UL) 1400#define CKR_SESSION_EXISTS (0xb6UL) 1401#define CKR_SESSION_READ_ONLY_EXISTS (0xb7UL) 1402#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8UL) 1403#define CKR_SIGNATURE_INVALID (0xc0UL) 1404#define CKR_SIGNATURE_LEN_RANGE (0xc1UL) 1405#define CKR_TEMPLATE_INCOMPLETE (0xd0UL) 1406#define CKR_TEMPLATE_INCONSISTENT (0xd1UL) 1407#define CKR_TOKEN_NOT_PRESENT (0xe0UL) 1408#define CKR_TOKEN_NOT_RECOGNIZED (0xe1UL) 1409#define CKR_TOKEN_WRITE_PROTECTED (0xe2UL) 1410#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0UL) 1411#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1UL) 1412#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2UL) 1413#define CKR_USER_ALREADY_LOGGED_IN (0x100UL) 1414#define CKR_USER_NOT_LOGGED_IN (0x101UL) 1415#define CKR_USER_PIN_NOT_INITIALIZED (0x102UL) 1416#define CKR_USER_TYPE_INVALID (0x103UL) 1417#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104UL) 1418#define CKR_USER_TOO_MANY_TYPES (0x105UL) 1419#define CKR_WRAPPED_KEY_INVALID (0x110UL) 1420#define CKR_WRAPPED_KEY_LEN_RANGE (0x112UL) 1421#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113UL) 1422#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114UL) 1423#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115UL) 1424#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120UL) 1425#define CKR_RANDOM_NO_RNG (0x121UL) 1426#define CKR_DOMAIN_PARAMS_INVALID (0x130UL) 1427#define CKR_BUFFER_TOO_SMALL (0x150UL) 1428#define CKR_SAVED_STATE_INVALID (0x160UL) 1429#define CKR_INFORMATION_SENSITIVE (0x170UL) 1430#define CKR_STATE_UNSAVEABLE (0x180UL) 1431#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190UL) 1432#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191UL) 1433#define CKR_MUTEX_BAD (0x1a0UL) 1434#define CKR_MUTEX_NOT_LOCKED (0x1a1UL) 1435#define CKR_NEW_PIN_MODE (0x1b0UL) 1436#define CKR_NEXT_OTP (0x1b1UL) 1437#define CKR_EXCEEDED_MAX_ITERATIONS (0x1c0UL) 1438#define CKR_FIPS_SELF_TEST_FAILED (0x1c1UL) 1439#define CKR_LIBRARY_LOAD_FAILED (0x1c2UL) 1440#define CKR_PIN_TOO_WEAK (0x1c3UL) 1441#define CKR_PUBLIC_KEY_INVALID (0x1c4UL) 1442#define CKR_FUNCTION_REJECTED (0x200UL) 1443#define CKR_VENDOR_DEFINED ((unsigned long)(1UL << 31)) 1444 1445#define CKZ_DATA_SPECIFIED (0x01UL) 1446 1447/* Compatibility layer. */ 1448 1449#ifdef CRYPTOKI_COMPAT 1450 1451#undef CK_DEFINE_FUNCTION 1452#define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name 1453 1454/* For NULL. */ 1455#include <stddef.h> 1456 1457typedef unsigned char CK_BYTE; 1458typedef unsigned char CK_CHAR; 1459typedef unsigned char CK_UTF8CHAR; 1460typedef unsigned char CK_BBOOL; 1461typedef unsigned long int CK_ULONG; 1462typedef long int CK_LONG; 1463typedef CK_BYTE *CK_BYTE_PTR; 1464typedef CK_CHAR *CK_CHAR_PTR; 1465typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; 1466typedef CK_ULONG *CK_ULONG_PTR; 1467typedef void *CK_VOID_PTR; 1468typedef void **CK_VOID_PTR_PTR; 1469#define CK_FALSE 0 1470#define CK_TRUE 1 1471#ifndef CK_DISABLE_TRUE_FALSE 1472#ifndef FALSE 1473#define FALSE 0 1474#endif /* ifndef FALSE */ 1475#ifndef TRUE 1476#define TRUE 1 1477#endif /* ifndef TRUE */ 1478#endif /* ifndef CK_DISABLE_TRUE_FALSE */ 1479 1480typedef struct ck_version CK_VERSION; 1481typedef struct ck_version *CK_VERSION_PTR; 1482 1483typedef struct ck_info CK_INFO; 1484typedef struct ck_info *CK_INFO_PTR; 1485 1486typedef ck_slot_id_t *CK_SLOT_ID_PTR; 1487 1488typedef struct ck_slot_info CK_SLOT_INFO; 1489typedef struct ck_slot_info *CK_SLOT_INFO_PTR; 1490 1491typedef struct ck_token_info CK_TOKEN_INFO; 1492typedef struct ck_token_info *CK_TOKEN_INFO_PTR; 1493 1494typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR; 1495 1496typedef struct ck_session_info CK_SESSION_INFO; 1497typedef struct ck_session_info *CK_SESSION_INFO_PTR; 1498 1499typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR; 1500 1501typedef ck_object_class_t *CK_OBJECT_CLASS_PTR; 1502 1503typedef struct ck_attribute CK_ATTRIBUTE; 1504typedef struct ck_attribute *CK_ATTRIBUTE_PTR; 1505 1506typedef struct ck_date CK_DATE; 1507typedef struct ck_date *CK_DATE_PTR; 1508 1509typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; 1510 1511typedef struct ck_mechanism CK_MECHANISM; 1512typedef struct ck_mechanism *CK_MECHANISM_PTR; 1513 1514typedef struct ck_mechanism_info CK_MECHANISM_INFO; 1515typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; 1516 1517typedef struct ck_otp_mechanism_info CK_OTP_MECHANISM_INFO; 1518typedef struct ck_otp_mechanism_info *CK_OTP_MECHANISM_INFO_PTR; 1519 1520typedef struct ck_function_list CK_FUNCTION_LIST; 1521typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; 1522typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; 1523 1524typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; 1525typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; 1526 1527typedef struct ck_rsa_pkcs_pss_params CK_RSA_PKCS_PSS_PARAMS; 1528typedef struct ck_rsa_pkcs_pss_params *CK_RSA_PKCS_PSS_PARAMS_PTR; 1529 1530typedef struct ck_rsa_pkcs_oaep_params CK_RSA_PKCS_OAEP_PARAMS; 1531typedef struct ck_rsa_pkcs_oaep_params *CK_RSA_PKCS_OAEP_PARAMS_PTR; 1532 1533typedef struct ck_aes_ctr_params CK_AES_CTR_PARAMS; 1534typedef struct ck_aes_ctr_params *CK_AES_CTR_PARAMS_PTR; 1535 1536typedef struct ck_gcm_params CK_GCM_PARAMS; 1537typedef struct ck_gcm_params *CK_GCM_PARAMS_PTR; 1538 1539typedef struct ck_ecdh1_derive_params CK_ECDH1_DERIVE_PARAMS; 1540typedef struct ck_ecdh1_derive_params *CK_ECDH1_DERIVE_PARAMS_PTR; 1541 1542typedef struct ck_key_derivation_string_data CK_KEY_DERIVATION_STRING_DATA; 1543typedef struct ck_key_derivation_string_data *CK_KEY_DERIVATION_STRING_DATA_PTR; 1544 1545typedef struct ck_des_cbc_encrypt_data_params CK_DES_CBC_ENCRYPT_DATA_PARAMS; 1546typedef struct ck_des_cbc_encrypt_data_params 1547 *CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; 1548 1549typedef struct ck_aes_cbc_encrypt_data_params CK_AES_CBC_ENCRYPT_DATA_PARAMS; 1550typedef struct ck_aes_cbc_encrypt_data_params 1551 *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; 1552 1553#ifndef NULL_PTR 1554#define NULL_PTR NULL 1555#endif /* ifndef NULL_PTR */ 1556 1557/* Delete the helper macros defined at the top of the file. */ 1558#undef ck_flags_t 1559#undef ck_version 1560 1561#undef ck_info 1562#undef cryptoki_version 1563#undef manufacturer_id 1564#undef library_description 1565#undef library_version 1566 1567#undef ck_notification_t 1568#undef ck_slot_id_t 1569 1570#undef ck_slot_info 1571#undef slot_description 1572#undef hardware_version 1573#undef firmware_version 1574 1575#undef ck_token_info 1576#undef serial_number 1577#undef max_session_count 1578#undef session_count 1579#undef max_rw_session_count 1580#undef rw_session_count 1581#undef max_pin_len 1582#undef min_pin_len 1583#undef total_public_memory 1584#undef free_public_memory 1585#undef total_private_memory 1586#undef free_private_memory 1587#undef utc_time 1588 1589#undef ck_session_handle_t 1590#undef ck_user_type_t 1591#undef ck_state_t 1592 1593#undef ck_session_info 1594#undef slot_id 1595#undef device_error 1596 1597#undef ck_object_handle_t 1598#undef ck_object_class_t 1599#undef ck_hw_feature_type_t 1600#undef ck_key_type_t 1601#undef ck_certificate_type_t 1602#undef ck_attribute_type_t 1603 1604#undef ck_attribute 1605#undef value 1606#undef value_len 1607 1608#undef params 1609#undef count 1610 1611#undef ck_date 1612 1613#undef ck_mechanism_type_t 1614 1615#undef ck_mechanism 1616#undef parameter 1617#undef parameter_len 1618 1619#undef ck_mechanism_info 1620 1621#undef ck_param_type 1622#undef ck_otp_param 1623#undef ck_otp_params 1624#undef ck_otp_signature_info 1625 1626#undef min_key_size 1627#undef max_key_size 1628 1629#undef ck_rv_t 1630#undef ck_notify_t 1631 1632#undef ck_function_list 1633 1634#undef ck_createmutex_t 1635#undef ck_destroymutex_t 1636#undef ck_lockmutex_t 1637#undef ck_unlockmutex_t 1638 1639#undef ck_c_initialize_args 1640#undef create_mutex 1641#undef destroy_mutex 1642#undef lock_mutex 1643#undef unlock_mutex 1644#undef reserved 1645 1646#endif /* CRYPTOKI_COMPAT */ 1647 1648/* System dependencies. */ 1649#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) 1650#pragma pack(pop, cryptoki) 1651#endif /* if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) */ 1652 1653#if defined(__cplusplus) 1654} 1655#endif /* if defined(__cplusplus) */ 1656 1657#endif /* PKCS11_H */ 1658