|
Eneboo - Documentación para desarrolladores
|
src/libdigidoc/pkcs11/pkcs11t.h
Ir a la documentación de este archivo.
00001 /* pkcs11t.h include file for PKCS #11. 2001 June 25 */ 00002 00003 /* See top of pkcs11.h for information about the macros that 00004 * must be defined and the structure-packing conventions that 00005 * must be set before including this file. */ 00006 00007 #ifndef _PKCS11T_H_ 00008 #define _PKCS11T_H_ 1 00009 00010 #ifndef FALSE 00011 #define FALSE 0 00012 #endif 00013 00014 #ifndef TRUE 00015 #define TRUE (!FALSE) 00016 #endif 00017 00018 00019 /* an unsigned 8-bit value */ 00020 typedef unsigned char CK_BYTE; 00021 00022 /* an unsigned 8-bit character */ 00023 typedef CK_BYTE CK_CHAR; 00024 00025 /* an 8-bit UTF-8 character */ 00026 typedef CK_BYTE CK_UTF8CHAR; 00027 00028 /* a BYTE-sized Boolean flag */ 00029 typedef CK_BYTE CK_BBOOL; 00030 00031 /* an unsigned value, at least 32 bits long */ 00032 typedef unsigned long int CK_ULONG; 00033 00034 /* a signed value, the same size as a CK_ULONG */ 00035 /* CK_LONG is new for v2.0 */ 00036 typedef long int CK_LONG; 00037 00038 /* at least 32 bits; each bit is a Boolean flag */ 00039 typedef CK_ULONG CK_FLAGS; 00040 00041 00042 /* some special values for certain CK_ULONG variables */ 00043 #define CK_UNAVAILABLE_INFORMATION (~0UL) 00044 #define CK_EFFECTIVELY_INFINITE 0 00045 00046 00047 typedef CK_BYTE CK_PTR CK_BYTE_PTR; 00048 typedef CK_CHAR CK_PTR CK_CHAR_PTR; 00049 typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; 00050 typedef CK_ULONG CK_PTR CK_ULONG_PTR; 00051 typedef void CK_PTR CK_VOID_PTR; 00052 00053 /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ 00054 typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; 00055 00056 00057 /* The following value is always invalid if used as a session */ 00058 /* handle or object handle */ 00059 #define CK_INVALID_HANDLE 0 00060 00061 00062 typedef struct CK_VERSION { 00063 CK_BYTE major; /* integer portion of version number */ 00064 CK_BYTE minor; /* 1/100ths portion of version number */ 00065 } CK_VERSION; 00066 00067 typedef CK_VERSION CK_PTR CK_VERSION_PTR; 00068 00069 00070 typedef struct CK_INFO { 00071 /* manufacturerID and libraryDecription have been changed from 00072 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00073 CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ 00074 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00075 CK_FLAGS flags; /* must be zero */ 00076 00077 /* libraryDescription and libraryVersion are new for v2.0 */ 00078 CK_UTF8CHAR libraryDescription[32]; /* blank padded */ 00079 CK_VERSION libraryVersion; /* version of library */ 00080 } CK_INFO; 00081 00082 typedef CK_INFO CK_PTR CK_INFO_PTR; 00083 00084 00085 /* CK_NOTIFICATION enumerates the types of notifications that 00086 * Cryptoki provides to an application */ 00087 /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG 00088 * for v2.0 */ 00089 typedef CK_ULONG CK_NOTIFICATION; 00090 #define CKN_SURRENDER 0 00091 00092 00093 typedef CK_ULONG CK_SLOT_ID; 00094 00095 typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; 00096 00097 00098 /* CK_SLOT_INFO provides information about a slot */ 00099 typedef struct CK_SLOT_INFO { 00100 /* slotDescription and manufacturerID have been changed from 00101 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00102 CK_UTF8CHAR slotDescription[64]; /* blank padded */ 00103 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00104 CK_FLAGS flags; 00105 00106 /* hardwareVersion and firmwareVersion are new for v2.0 */ 00107 CK_VERSION hardwareVersion; /* version of hardware */ 00108 CK_VERSION firmwareVersion; /* version of firmware */ 00109 } CK_SLOT_INFO; 00110 00111 /* flags: bit flags that provide capabilities of the slot 00112 * Bit Flag Mask Meaning 00113 */ 00114 #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ 00115 #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ 00116 #define CKF_HW_SLOT 0x00000004 /* hardware slot */ 00117 00118 typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; 00119 00120 00121 /* CK_TOKEN_INFO provides information about a token */ 00122 typedef struct CK_TOKEN_INFO { 00123 /* label, manufacturerID, and model have been changed from 00124 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00125 CK_UTF8CHAR label[32]; /* blank padded */ 00126 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00127 CK_UTF8CHAR model[16]; /* blank padded */ 00128 CK_CHAR serialNumber[16]; /* blank padded */ 00129 CK_FLAGS flags; /* see below */ 00130 00131 /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, 00132 * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been 00133 * changed from CK_USHORT to CK_ULONG for v2.0 */ 00134 CK_ULONG ulMaxSessionCount; /* max open sessions */ 00135 CK_ULONG ulSessionCount; /* sess. now open */ 00136 CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ 00137 CK_ULONG ulRwSessionCount; /* R/W sess. now open */ 00138 CK_ULONG ulMaxPinLen; /* in bytes */ 00139 CK_ULONG ulMinPinLen; /* in bytes */ 00140 CK_ULONG ulTotalPublicMemory; /* in bytes */ 00141 CK_ULONG ulFreePublicMemory; /* in bytes */ 00142 CK_ULONG ulTotalPrivateMemory; /* in bytes */ 00143 CK_ULONG ulFreePrivateMemory; /* in bytes */ 00144 00145 /* hardwareVersion, firmwareVersion, and time are new for 00146 * v2.0 */ 00147 CK_VERSION hardwareVersion; /* version of hardware */ 00148 CK_VERSION firmwareVersion; /* version of firmware */ 00149 CK_CHAR utcTime[16]; /* time */ 00150 } CK_TOKEN_INFO; 00151 00152 /* The flags parameter is defined as follows: 00153 * Bit Flag Mask Meaning 00154 */ 00155 #define CKF_RNG 0x00000001 /* has random # 00156 * generator */ 00157 #define CKF_WRITE_PROTECTED 0x00000002 /* token is 00158 * write- 00159 * protected */ 00160 #define CKF_LOGIN_REQUIRED 0x00000004 /* user must 00161 * login */ 00162 #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's 00163 * PIN is set */ 00164 00165 /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, 00166 * that means that *every* time the state of cryptographic 00167 * operations of a session is successfully saved, all keys 00168 * needed to continue those operations are stored in the state */ 00169 #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 00170 00171 /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means 00172 * that the token has some sort of clock. The time on that 00173 * clock is returned in the token info structure */ 00174 #define CKF_CLOCK_ON_TOKEN 0x00000040 00175 00176 /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is 00177 * set, that means that there is some way for the user to login 00178 * without sending a PIN through the Cryptoki library itself */ 00179 #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 00180 00181 /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, 00182 * that means that a single session with the token can perform 00183 * dual simultaneous cryptographic operations (digest and 00184 * encrypt; decrypt and digest; sign and encrypt; and decrypt 00185 * and sign) */ 00186 #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 00187 00188 /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the 00189 * token has been initialized using C_InitializeToken or an 00190 * equivalent mechanism outside the scope of PKCS #11. 00191 * Calling C_InitializeToken when this flag is set will cause 00192 * the token to be reinitialized. */ 00193 #define CKF_TOKEN_INITIALIZED 0x00000400 00194 00195 /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is 00196 * true, the token supports secondary authentication for 00197 * private key objects. */ 00198 #define CKF_SECONDARY_AUTHENTICATION 0x00000800 00199 00200 /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an 00201 * incorrect user login PIN has been entered at least once 00202 * since the last successful authentication. */ 00203 #define CKF_USER_PIN_COUNT_LOW 0x00010000 00204 00205 /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, 00206 * supplying an incorrect user PIN will it to become locked. */ 00207 #define CKF_USER_PIN_FINAL_TRY 0x00020000 00208 00209 /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the 00210 * user PIN has been locked. User login to the token is not 00211 * possible. */ 00212 #define CKF_USER_PIN_LOCKED 0x00040000 00213 00214 /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 00215 * the user PIN value is the default value set by token 00216 * initialization or manufacturing, or the PIN has been 00217 * expired by the card. */ 00218 #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 00219 00220 /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an 00221 * incorrect SO login PIN has been entered at least once since 00222 * the last successful authentication. */ 00223 #define CKF_SO_PIN_COUNT_LOW 0x00100000 00224 00225 /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, 00226 * supplying an incorrect SO PIN will it to become locked. */ 00227 #define CKF_SO_PIN_FINAL_TRY 0x00200000 00228 00229 /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO 00230 * PIN has been locked. SO login to the token is not possible. 00231 */ 00232 #define CKF_SO_PIN_LOCKED 0x00400000 00233 00234 /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 00235 * the SO PIN value is the default value set by token 00236 * initialization or manufacturing, or the PIN has been 00237 * expired by the card. */ 00238 #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 00239 00240 typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; 00241 00242 00243 /* CK_SESSION_HANDLE is a Cryptoki-assigned value that 00244 * identifies a session */ 00245 typedef CK_ULONG CK_SESSION_HANDLE; 00246 00247 typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 00248 00249 00250 /* CK_USER_TYPE enumerates the types of Cryptoki users */ 00251 /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for 00252 * v2.0 */ 00253 typedef CK_ULONG CK_USER_TYPE; 00254 /* Security Officer */ 00255 #define CKU_SO 0 00256 /* Normal user */ 00257 #define CKU_USER 1 00258 00259 00260 /* CK_STATE enumerates the session states */ 00261 /* CK_STATE has been changed from an enum to a CK_ULONG for 00262 * v2.0 */ 00263 typedef CK_ULONG CK_STATE; 00264 #define CKS_RO_PUBLIC_SESSION 0 00265 #define CKS_RO_USER_FUNCTIONS 1 00266 #define CKS_RW_PUBLIC_SESSION 2 00267 #define CKS_RW_USER_FUNCTIONS 3 00268 #define CKS_RW_SO_FUNCTIONS 4 00269 00270 00271 /* CK_SESSION_INFO provides information about a session */ 00272 typedef struct CK_SESSION_INFO { 00273 CK_SLOT_ID slotID; 00274 CK_STATE state; 00275 CK_FLAGS flags; /* see below */ 00276 00277 /* ulDeviceError was changed from CK_USHORT to CK_ULONG for 00278 * v2.0 */ 00279 CK_ULONG ulDeviceError; /* device-dependent error code */ 00280 } CK_SESSION_INFO; 00281 00282 /* The flags are defined in the following table: 00283 * Bit Flag Mask Meaning 00284 */ 00285 #define CKF_RW_SESSION 0x00000002 /* session is r/w */ 00286 #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ 00287 00288 typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; 00289 00290 00291 /* CK_OBJECT_HANDLE is a token-specific identifier for an 00292 * object */ 00293 typedef CK_ULONG CK_OBJECT_HANDLE; 00294 00295 typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; 00296 00297 00298 /* CK_OBJECT_CLASS is a value that identifies the classes (or 00299 * types) of objects that Cryptoki recognizes. It is defined 00300 * as follows: */ 00301 /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for 00302 * v2.0 */ 00303 typedef CK_ULONG CK_OBJECT_CLASS; 00304 00305 /* The following classes of objects are defined: */ 00306 /* CKO_HW_FEATURE is new for v2.10 */ 00307 /* CKO_DOMAIN_PARAMETERS is new for v2.11 */ 00308 #define CKO_DATA 0x00000000 00309 #define CKO_CERTIFICATE 0x00000001 00310 #define CKO_PUBLIC_KEY 0x00000002 00311 #define CKO_PRIVATE_KEY 0x00000003 00312 #define CKO_SECRET_KEY 0x00000004 00313 #define CKO_HW_FEATURE 0x00000005 00314 #define CKO_DOMAIN_PARAMETERS 0x00000006 00315 #define CKO_VENDOR_DEFINED 0x80000000 00316 00317 typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; 00318 00319 /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a 00320 * value that identifies the hardware feature type of an object 00321 * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ 00322 typedef CK_ULONG CK_HW_FEATURE_TYPE; 00323 00324 /* The following hardware feature types are defined */ 00325 #define CKH_MONOTONIC_COUNTER 0x00000001 00326 #define CKH_CLOCK 0x00000002 00327 #define CKH_VENDOR_DEFINED 0x80000000 00328 00329 /* CK_KEY_TYPE is a value that identifies a key type */ 00330 /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ 00331 typedef CK_ULONG CK_KEY_TYPE; 00332 00333 /* the following key types are defined: */ 00334 #define CKK_RSA 0x00000000 00335 #define CKK_DSA 0x00000001 00336 #define CKK_DH 0x00000002 00337 00338 /* CKK_ECDSA and CKK_KEA are new for v2.0 */ 00339 /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ 00340 #define CKK_ECDSA 0x00000003 00341 #define CKK_EC 0x00000003 00342 #define CKK_X9_42_DH 0x00000004 00343 #define CKK_KEA 0x00000005 00344 00345 #define CKK_GENERIC_SECRET 0x00000010 00346 #define CKK_RC2 0x00000011 00347 #define CKK_RC4 0x00000012 00348 #define CKK_DES 0x00000013 00349 #define CKK_DES2 0x00000014 00350 #define CKK_DES3 0x00000015 00351 00352 /* all these key types are new for v2.0 */ 00353 #define CKK_CAST 0x00000016 00354 #define CKK_CAST3 0x00000017 00355 /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ 00356 #define CKK_CAST5 0x00000018 00357 #define CKK_CAST128 0x00000018 00358 #define CKK_RC5 0x00000019 00359 #define CKK_IDEA 0x0000001A 00360 #define CKK_SKIPJACK 0x0000001B 00361 #define CKK_BATON 0x0000001C 00362 #define CKK_JUNIPER 0x0000001D 00363 #define CKK_CDMF 0x0000001E 00364 #define CKK_AES 0x0000001F 00365 00366 #define CKK_VENDOR_DEFINED 0x80000000 00367 00368 00369 /* CK_CERTIFICATE_TYPE is a value that identifies a certificate 00370 * type */ 00371 /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG 00372 * for v2.0 */ 00373 typedef CK_ULONG CK_CERTIFICATE_TYPE; 00374 00375 /* The following certificate types are defined: */ 00376 /* CKC_X_509_ATTR_CERT is new for v2.10 */ 00377 #define CKC_X_509 0x00000000 00378 #define CKC_X_509_ATTR_CERT 0x00000001 00379 #define CKC_VENDOR_DEFINED 0x80000000 00380 00381 00382 /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute 00383 * type */ 00384 /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for 00385 * v2.0 */ 00386 typedef CK_ULONG CK_ATTRIBUTE_TYPE; 00387 00388 /* The following attribute types are defined: */ 00389 #define CKA_CLASS 0x00000000 00390 #define CKA_TOKEN 0x00000001 00391 #define CKA_PRIVATE 0x00000002 00392 #define CKA_LABEL 0x00000003 00393 #define CKA_APPLICATION 0x00000010 00394 #define CKA_VALUE 0x00000011 00395 00396 /* CKA_OBJECT_ID is new for v2.10 */ 00397 #define CKA_OBJECT_ID 0x00000012 00398 00399 #define CKA_CERTIFICATE_TYPE 0x00000080 00400 #define CKA_ISSUER 0x00000081 00401 #define CKA_SERIAL_NUMBER 0x00000082 00402 00403 /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new 00404 * for v2.10 */ 00405 #define CKA_AC_ISSUER 0x00000083 00406 #define CKA_OWNER 0x00000084 00407 #define CKA_ATTR_TYPES 0x00000085 00408 00409 /* CKA_TRUSTED is new for v2.11 */ 00410 #define CKA_TRUSTED 0x00000086 00411 00412 #define CKA_KEY_TYPE 0x00000100 00413 #define CKA_SUBJECT 0x00000101 00414 #define CKA_ID 0x00000102 00415 #define CKA_SENSITIVE 0x00000103 00416 #define CKA_ENCRYPT 0x00000104 00417 #define CKA_DECRYPT 0x00000105 00418 #define CKA_WRAP 0x00000106 00419 #define CKA_UNWRAP 0x00000107 00420 #define CKA_SIGN 0x00000108 00421 #define CKA_SIGN_RECOVER 0x00000109 00422 #define CKA_VERIFY 0x0000010A 00423 #define CKA_VERIFY_RECOVER 0x0000010B 00424 #define CKA_DERIVE 0x0000010C 00425 #define CKA_START_DATE 0x00000110 00426 #define CKA_END_DATE 0x00000111 00427 #define CKA_MODULUS 0x00000120 00428 #define CKA_MODULUS_BITS 0x00000121 00429 #define CKA_PUBLIC_EXPONENT 0x00000122 00430 #define CKA_PRIVATE_EXPONENT 0x00000123 00431 #define CKA_PRIME_1 0x00000124 00432 #define CKA_PRIME_2 0x00000125 00433 #define CKA_EXPONENT_1 0x00000126 00434 #define CKA_EXPONENT_2 0x00000127 00435 #define CKA_COEFFICIENT 0x00000128 00436 #define CKA_PRIME 0x00000130 00437 #define CKA_SUBPRIME 0x00000131 00438 #define CKA_BASE 0x00000132 00439 00440 /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ 00441 #define CKA_PRIME_BITS 0x00000133 00442 #define CKA_SUB_PRIME_BITS 0x00000134 00443 00444 #define CKA_VALUE_BITS 0x00000160 00445 #define CKA_VALUE_LEN 0x00000161 00446 00447 /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, 00448 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, 00449 * and CKA_EC_POINT are new for v2.0 */ 00450 #define CKA_EXTRACTABLE 0x00000162 00451 #define CKA_LOCAL 0x00000163 00452 #define CKA_NEVER_EXTRACTABLE 0x00000164 00453 #define CKA_ALWAYS_SENSITIVE 0x00000165 00454 00455 /* CKA_KEY_GEN_MECHANISM is new for v2.11 */ 00456 #define CKA_KEY_GEN_MECHANISM 0x00000166 00457 00458 #define CKA_MODIFIABLE 0x00000170 00459 00460 /* CKA_ECDSA_PARAMS is deprecated in v2.11, 00461 * CKA_EC_PARAMS is preferred. */ 00462 #define CKA_ECDSA_PARAMS 0x00000180 00463 #define CKA_EC_PARAMS 0x00000180 00464 00465 #define CKA_EC_POINT 0x00000181 00466 00467 /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, 00468 * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET 00469 * are new for v2.10 */ 00470 #define CKA_SECONDARY_AUTH 0x00000200 00471 #define CKA_AUTH_PIN_FLAGS 0x00000201 00472 #define CKA_HW_FEATURE_TYPE 0x00000300 00473 #define CKA_RESET_ON_INIT 0x00000301 00474 #define CKA_HAS_RESET 0x00000302 00475 00476 #define CKA_VENDOR_DEFINED 0x80000000 00477 00478 00479 /* CK_ATTRIBUTE is a structure that includes the type, length 00480 * and value of an attribute */ 00481 typedef struct CK_ATTRIBUTE { 00482 CK_ATTRIBUTE_TYPE type; 00483 CK_VOID_PTR pValue; 00484 00485 /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ 00486 CK_ULONG ulValueLen; /* in bytes */ 00487 } CK_ATTRIBUTE; 00488 00489 typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; 00490 00491 00492 /* CK_DATE is a structure that defines a date */ 00493 typedef struct CK_DATE{ 00494 CK_CHAR year[4]; /* the year ("1900" - "9999") */ 00495 CK_CHAR month[2]; /* the month ("01" - "12") */ 00496 CK_CHAR day[2]; /* the day ("01" - "31") */ 00497 } CK_DATE; 00498 00499 00500 /* CK_MECHANISM_TYPE is a value that identifies a mechanism 00501 * type */ 00502 /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for 00503 * v2.0 */ 00504 typedef CK_ULONG CK_MECHANISM_TYPE; 00505 00506 /* the following mechanism types are defined: */ 00507 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 00508 #define CKM_RSA_PKCS 0x00000001 00509 #define CKM_RSA_9796 0x00000002 00510 #define CKM_RSA_X_509 0x00000003 00511 00512 /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS 00513 * are new for v2.0. They are mechanisms which hash and sign */ 00514 #define CKM_MD2_RSA_PKCS 0x00000004 00515 #define CKM_MD5_RSA_PKCS 0x00000005 00516 #define CKM_SHA1_RSA_PKCS 0x00000006 00517 00518 /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and 00519 * CKM_RSA_PKCS_OAEP are new for v2.10 */ 00520 #define CKM_RIPEMD128_RSA_PKCS 0x00000007 00521 #define CKM_RIPEMD160_RSA_PKCS 0x00000008 00522 #define CKM_RSA_PKCS_OAEP 0x00000009 00523 00524 /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, 00525 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ 00526 #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A 00527 #define CKM_RSA_X9_31 0x0000000B 00528 #define CKM_SHA1_RSA_X9_31 0x0000000C 00529 #define CKM_RSA_PKCS_PSS 0x0000000D 00530 #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E 00531 00532 #define CKM_DSA_KEY_PAIR_GEN 0x00000010 00533 #define CKM_DSA 0x00000011 00534 #define CKM_DSA_SHA1 0x00000012 00535 #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 00536 #define CKM_DH_PKCS_DERIVE 0x00000021 00537 00538 /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, 00539 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for 00540 * v2.11 */ 00541 #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 00542 #define CKM_X9_42_DH_DERIVE 0x00000031 00543 #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 00544 #define CKM_X9_42_MQV_DERIVE 0x00000033 00545 00546 #define CKM_RC2_KEY_GEN 0x00000100 00547 #define CKM_RC2_ECB 0x00000101 00548 #define CKM_RC2_CBC 0x00000102 00549 #define CKM_RC2_MAC 0x00000103 00550 00551 /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ 00552 #define CKM_RC2_MAC_GENERAL 0x00000104 00553 #define CKM_RC2_CBC_PAD 0x00000105 00554 00555 #define CKM_RC4_KEY_GEN 0x00000110 00556 #define CKM_RC4 0x00000111 00557 #define CKM_DES_KEY_GEN 0x00000120 00558 #define CKM_DES_ECB 0x00000121 00559 #define CKM_DES_CBC 0x00000122 00560 #define CKM_DES_MAC 0x00000123 00561 00562 /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ 00563 #define CKM_DES_MAC_GENERAL 0x00000124 00564 #define CKM_DES_CBC_PAD 0x00000125 00565 00566 #define CKM_DES2_KEY_GEN 0x00000130 00567 #define CKM_DES3_KEY_GEN 0x00000131 00568 #define CKM_DES3_ECB 0x00000132 00569 #define CKM_DES3_CBC 0x00000133 00570 #define CKM_DES3_MAC 0x00000134 00571 00572 /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, 00573 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, 00574 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ 00575 #define CKM_DES3_MAC_GENERAL 0x00000135 00576 #define CKM_DES3_CBC_PAD 0x00000136 00577 #define CKM_CDMF_KEY_GEN 0x00000140 00578 #define CKM_CDMF_ECB 0x00000141 00579 #define CKM_CDMF_CBC 0x00000142 00580 #define CKM_CDMF_MAC 0x00000143 00581 #define CKM_CDMF_MAC_GENERAL 0x00000144 00582 #define CKM_CDMF_CBC_PAD 0x00000145 00583 00584 #define CKM_MD2 0x00000200 00585 00586 /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ 00587 #define CKM_MD2_HMAC 0x00000201 00588 #define CKM_MD2_HMAC_GENERAL 0x00000202 00589 00590 #define CKM_MD5 0x00000210 00591 00592 /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ 00593 #define CKM_MD5_HMAC 0x00000211 00594 #define CKM_MD5_HMAC_GENERAL 0x00000212 00595 00596 #define CKM_SHA_1 0x00000220 00597 00598 /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ 00599 #define CKM_SHA_1_HMAC 0x00000221 00600 #define CKM_SHA_1_HMAC_GENERAL 0x00000222 00601 00602 /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, 00603 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, 00604 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ 00605 #define CKM_RIPEMD128 0x00000230 00606 #define CKM_RIPEMD128_HMAC 0x00000231 00607 #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 00608 #define CKM_RIPEMD160 0x00000240 00609 #define CKM_RIPEMD160_HMAC 0x00000241 00610 #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 00611 00612 /* All of the following mechanisms are new for v2.0 */ 00613 /* Note that CAST128 and CAST5 are the same algorithm */ 00614 #define CKM_CAST_KEY_GEN 0x00000300 00615 #define CKM_CAST_ECB 0x00000301 00616 #define CKM_CAST_CBC 0x00000302 00617 #define CKM_CAST_MAC 0x00000303 00618 #define CKM_CAST_MAC_GENERAL 0x00000304 00619 #define CKM_CAST_CBC_PAD 0x00000305 00620 #define CKM_CAST3_KEY_GEN 0x00000310 00621 #define CKM_CAST3_ECB 0x00000311 00622 #define CKM_CAST3_CBC 0x00000312 00623 #define CKM_CAST3_MAC 0x00000313 00624 #define CKM_CAST3_MAC_GENERAL 0x00000314 00625 #define CKM_CAST3_CBC_PAD 0x00000315 00626 #define CKM_CAST5_KEY_GEN 0x00000320 00627 #define CKM_CAST128_KEY_GEN 0x00000320 00628 #define CKM_CAST5_ECB 0x00000321 00629 #define CKM_CAST128_ECB 0x00000321 00630 #define CKM_CAST5_CBC 0x00000322 00631 #define CKM_CAST128_CBC 0x00000322 00632 #define CKM_CAST5_MAC 0x00000323 00633 #define CKM_CAST128_MAC 0x00000323 00634 #define CKM_CAST5_MAC_GENERAL 0x00000324 00635 #define CKM_CAST128_MAC_GENERAL 0x00000324 00636 #define CKM_CAST5_CBC_PAD 0x00000325 00637 #define CKM_CAST128_CBC_PAD 0x00000325 00638 #define CKM_RC5_KEY_GEN 0x00000330 00639 #define CKM_RC5_ECB 0x00000331 00640 #define CKM_RC5_CBC 0x00000332 00641 #define CKM_RC5_MAC 0x00000333 00642 #define CKM_RC5_MAC_GENERAL 0x00000334 00643 #define CKM_RC5_CBC_PAD 0x00000335 00644 #define CKM_IDEA_KEY_GEN 0x00000340 00645 #define CKM_IDEA_ECB 0x00000341 00646 #define CKM_IDEA_CBC 0x00000342 00647 #define CKM_IDEA_MAC 0x00000343 00648 #define CKM_IDEA_MAC_GENERAL 0x00000344 00649 #define CKM_IDEA_CBC_PAD 0x00000345 00650 #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 00651 #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 00652 #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 00653 #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 00654 #define CKM_XOR_BASE_AND_DATA 0x00000364 00655 #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 00656 #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 00657 #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 00658 #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 00659 00660 /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, 00661 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and 00662 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ 00663 #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 00664 #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 00665 #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 00666 #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 00667 #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 00668 00669 #define CKM_SSL3_MD5_MAC 0x00000380 00670 #define CKM_SSL3_SHA1_MAC 0x00000381 00671 #define CKM_MD5_KEY_DERIVATION 0x00000390 00672 #define CKM_MD2_KEY_DERIVATION 0x00000391 00673 #define CKM_SHA1_KEY_DERIVATION 0x00000392 00674 #define CKM_PBE_MD2_DES_CBC 0x000003A0 00675 #define CKM_PBE_MD5_DES_CBC 0x000003A1 00676 #define CKM_PBE_MD5_CAST_CBC 0x000003A2 00677 #define CKM_PBE_MD5_CAST3_CBC 0x000003A3 00678 #define CKM_PBE_MD5_CAST5_CBC 0x000003A4 00679 #define CKM_PBE_MD5_CAST128_CBC 0x000003A4 00680 #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 00681 #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 00682 #define CKM_PBE_SHA1_RC4_128 0x000003A6 00683 #define CKM_PBE_SHA1_RC4_40 0x000003A7 00684 #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 00685 #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 00686 #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA 00687 #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB 00688 00689 /* CKM_PKCS5_PBKD2 is new for v2.10 */ 00690 #define CKM_PKCS5_PBKD2 0x000003B0 00691 00692 #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 00693 #define CKM_KEY_WRAP_LYNKS 0x00000400 00694 #define CKM_KEY_WRAP_SET_OAEP 0x00000401 00695 00696 /* Fortezza mechanisms */ 00697 #define CKM_SKIPJACK_KEY_GEN 0x00001000 00698 #define CKM_SKIPJACK_ECB64 0x00001001 00699 #define CKM_SKIPJACK_CBC64 0x00001002 00700 #define CKM_SKIPJACK_OFB64 0x00001003 00701 #define CKM_SKIPJACK_CFB64 0x00001004 00702 #define CKM_SKIPJACK_CFB32 0x00001005 00703 #define CKM_SKIPJACK_CFB16 0x00001006 00704 #define CKM_SKIPJACK_CFB8 0x00001007 00705 #define CKM_SKIPJACK_WRAP 0x00001008 00706 #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 00707 #define CKM_SKIPJACK_RELAYX 0x0000100a 00708 #define CKM_KEA_KEY_PAIR_GEN 0x00001010 00709 #define CKM_KEA_KEY_DERIVE 0x00001011 00710 #define CKM_FORTEZZA_TIMESTAMP 0x00001020 00711 #define CKM_BATON_KEY_GEN 0x00001030 00712 #define CKM_BATON_ECB128 0x00001031 00713 #define CKM_BATON_ECB96 0x00001032 00714 #define CKM_BATON_CBC128 0x00001033 00715 #define CKM_BATON_COUNTER 0x00001034 00716 #define CKM_BATON_SHUFFLE 0x00001035 00717 #define CKM_BATON_WRAP 0x00001036 00718 00719 /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, 00720 * CKM_EC_KEY_PAIR_GEN is preferred */ 00721 #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 00722 #define CKM_EC_KEY_PAIR_GEN 0x00001040 00723 00724 #define CKM_ECDSA 0x00001041 00725 #define CKM_ECDSA_SHA1 0x00001042 00726 00727 /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE 00728 * are new for v2.11 */ 00729 #define CKM_ECDH1_DERIVE 0x00001050 00730 #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 00731 #define CKM_ECMQV_DERIVE 0x00001052 00732 00733 #define CKM_JUNIPER_KEY_GEN 0x00001060 00734 #define CKM_JUNIPER_ECB128 0x00001061 00735 #define CKM_JUNIPER_CBC128 0x00001062 00736 #define CKM_JUNIPER_COUNTER 0x00001063 00737 #define CKM_JUNIPER_SHUFFLE 0x00001064 00738 #define CKM_JUNIPER_WRAP 0x00001065 00739 #define CKM_FASTHASH 0x00001070 00740 00741 /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, 00742 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, 00743 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are 00744 * new for v2.11 */ 00745 #define CKM_AES_KEY_GEN 0x00001080 00746 #define CKM_AES_ECB 0x00001081 00747 #define CKM_AES_CBC 0x00001082 00748 #define CKM_AES_MAC 0x00001083 00749 #define CKM_AES_MAC_GENERAL 0x00001084 00750 #define CKM_AES_CBC_PAD 0x00001085 00751 #define CKM_DSA_PARAMETER_GEN 0x00002000 00752 #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 00753 #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 00754 00755 #define CKM_VENDOR_DEFINED 0x80000000 00756 00757 typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; 00758 00759 00760 /* CK_MECHANISM is a structure that specifies a particular 00761 * mechanism */ 00762 typedef struct CK_MECHANISM { 00763 CK_MECHANISM_TYPE mechanism; 00764 CK_VOID_PTR pParameter; 00765 00766 /* ulParameterLen was changed from CK_USHORT to CK_ULONG for 00767 * v2.0 */ 00768 CK_ULONG ulParameterLen; /* in bytes */ 00769 } CK_MECHANISM; 00770 00771 typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; 00772 00773 00774 /* CK_MECHANISM_INFO provides information about a particular 00775 * mechanism */ 00776 typedef struct CK_MECHANISM_INFO { 00777 CK_ULONG ulMinKeySize; 00778 CK_ULONG ulMaxKeySize; 00779 CK_FLAGS flags; 00780 } CK_MECHANISM_INFO; 00781 00782 /* The flags are defined as follows: 00783 * Bit Flag Mask Meaning */ 00784 #define CKF_HW 0x00000001 /* performed by HW */ 00785 00786 /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, 00787 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, 00788 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, 00789 * and CKF_DERIVE are new for v2.0. They specify whether or not 00790 * a mechanism can be used for a particular task */ 00791 #define CKF_ENCRYPT 0x00000100 00792 #define CKF_DECRYPT 0x00000200 00793 #define CKF_DIGEST 0x00000400 00794 #define CKF_SIGN 0x00000800 00795 #define CKF_SIGN_RECOVER 0x00001000 00796 #define CKF_VERIFY 0x00002000 00797 #define CKF_VERIFY_RECOVER 0x00004000 00798 #define CKF_GENERATE 0x00008000 00799 #define CKF_GENERATE_KEY_PAIR 0x00010000 00800 #define CKF_WRAP 0x00020000 00801 #define CKF_UNWRAP 0x00040000 00802 #define CKF_DERIVE 0x00080000 00803 00804 /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, 00805 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They 00806 * describe a token's EC capabilities not available in mechanism 00807 * information. */ 00808 #define CKF_EC_F_P 0x00100000 00809 #define CKF_EC_F_2M 0x00200000 00810 #define CKF_EC_ECPARAMETERS 0x00400000 00811 #define CKF_EC_NAMEDCURVE 0x00800000 00812 #define CKF_EC_UNCOMPRESS 0x01000000 00813 #define CKF_EC_COMPRESS 0x02000000 00814 00815 #define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */ 00816 00817 typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; 00818 00819 00820 /* CK_RV is a value that identifies the return value of a 00821 * Cryptoki function */ 00822 /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ 00823 typedef CK_ULONG CK_RV; 00824 00825 #define CKR_OK 0x00000000 00826 #define CKR_CANCEL 0x00000001 00827 #define CKR_HOST_MEMORY 0x00000002 00828 #define CKR_SLOT_ID_INVALID 0x00000003 00829 00830 /* CKR_FLAGS_INVALID was removed for v2.0 */ 00831 00832 /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ 00833 #define CKR_GENERAL_ERROR 0x00000005 00834 #define CKR_FUNCTION_FAILED 0x00000006 00835 00836 /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, 00837 * and CKR_CANT_LOCK are new for v2.01 */ 00838 #define CKR_ARGUMENTS_BAD 0x00000007 00839 #define CKR_NO_EVENT 0x00000008 00840 #define CKR_NEED_TO_CREATE_THREADS 0x00000009 00841 #define CKR_CANT_LOCK 0x0000000A 00842 00843 #define CKR_ATTRIBUTE_READ_ONLY 0x00000010 00844 #define CKR_ATTRIBUTE_SENSITIVE 0x00000011 00845 #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 00846 #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 00847 #define CKR_DATA_INVALID 0x00000020 00848 #define CKR_DATA_LEN_RANGE 0x00000021 00849 #define CKR_DEVICE_ERROR 0x00000030 00850 #define CKR_DEVICE_MEMORY 0x00000031 00851 #define CKR_DEVICE_REMOVED 0x00000032 00852 #define CKR_ENCRYPTED_DATA_INVALID 0x00000040 00853 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 00854 #define CKR_FUNCTION_CANCELED 0x00000050 00855 #define CKR_FUNCTION_NOT_PARALLEL 0x00000051 00856 00857 /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ 00858 #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 00859 00860 #define CKR_KEY_HANDLE_INVALID 0x00000060 00861 00862 /* CKR_KEY_SENSITIVE was removed for v2.0 */ 00863 00864 #define CKR_KEY_SIZE_RANGE 0x00000062 00865 #define CKR_KEY_TYPE_INCONSISTENT 0x00000063 00866 00867 /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, 00868 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, 00869 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for 00870 * v2.0 */ 00871 #define CKR_KEY_NOT_NEEDED 0x00000064 00872 #define CKR_KEY_CHANGED 0x00000065 00873 #define CKR_KEY_NEEDED 0x00000066 00874 #define CKR_KEY_INDIGESTIBLE 0x00000067 00875 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 00876 #define CKR_KEY_NOT_WRAPPABLE 0x00000069 00877 #define CKR_KEY_UNEXTRACTABLE 0x0000006A 00878 00879 #define CKR_MECHANISM_INVALID 0x00000070 00880 #define CKR_MECHANISM_PARAM_INVALID 0x00000071 00881 00882 /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID 00883 * were removed for v2.0 */ 00884 #define CKR_OBJECT_HANDLE_INVALID 0x00000082 00885 #define CKR_OPERATION_ACTIVE 0x00000090 00886 #define CKR_OPERATION_NOT_INITIALIZED 0x00000091 00887 #define CKR_PIN_INCORRECT 0x000000A0 00888 #define CKR_PIN_INVALID 0x000000A1 00889 #define CKR_PIN_LEN_RANGE 0x000000A2 00890 00891 /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ 00892 #define CKR_PIN_EXPIRED 0x000000A3 00893 #define CKR_PIN_LOCKED 0x000000A4 00894 00895 #define CKR_SESSION_CLOSED 0x000000B0 00896 #define CKR_SESSION_COUNT 0x000000B1 00897 #define CKR_SESSION_HANDLE_INVALID 0x000000B3 00898 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 00899 #define CKR_SESSION_READ_ONLY 0x000000B5 00900 #define CKR_SESSION_EXISTS 0x000000B6 00901 00902 /* CKR_SESSION_READ_ONLY_EXISTS and 00903 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ 00904 #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 00905 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 00906 00907 #define CKR_SIGNATURE_INVALID 0x000000C0 00908 #define CKR_SIGNATURE_LEN_RANGE 0x000000C1 00909 #define CKR_TEMPLATE_INCOMPLETE 0x000000D0 00910 #define CKR_TEMPLATE_INCONSISTENT 0x000000D1 00911 #define CKR_TOKEN_NOT_PRESENT 0x000000E0 00912 #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 00913 #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 00914 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 00915 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 00916 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 00917 #define CKR_USER_ALREADY_LOGGED_IN 0x00000100 00918 #define CKR_USER_NOT_LOGGED_IN 0x00000101 00919 #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 00920 #define CKR_USER_TYPE_INVALID 0x00000103 00921 00922 /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES 00923 * are new to v2.01 */ 00924 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 00925 #define CKR_USER_TOO_MANY_TYPES 0x00000105 00926 00927 #define CKR_WRAPPED_KEY_INVALID 0x00000110 00928 #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 00929 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 00930 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 00931 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 00932 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 00933 00934 /* These are new to v2.0 */ 00935 #define CKR_RANDOM_NO_RNG 0x00000121 00936 00937 /* These are new to v2.11 */ 00938 #define CKR_DOMAIN_PARAMS_INVALID 0x00000130 00939 00940 /* These are new to v2.0 */ 00941 #define CKR_BUFFER_TOO_SMALL 0x00000150 00942 #define CKR_SAVED_STATE_INVALID 0x00000160 00943 #define CKR_INFORMATION_SENSITIVE 0x00000170 00944 #define CKR_STATE_UNSAVEABLE 0x00000180 00945 00946 /* These are new to v2.01 */ 00947 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 00948 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 00949 #define CKR_MUTEX_BAD 0x000001A0 00950 #define CKR_MUTEX_NOT_LOCKED 0x000001A1 00951 00952 #define CKR_VENDOR_DEFINED 0x80000000 00953 00954 00955 /* CK_NOTIFY is an application callback that processes events */ 00956 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( 00957 CK_SESSION_HANDLE hSession, /* the session's handle */ 00958 CK_NOTIFICATION event, 00959 CK_VOID_PTR pApplication /* passed to C_OpenSession */ 00960 ); 00961 00962 00963 /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec 00964 * version and pointers of appropriate types to all the 00965 * Cryptoki functions */ 00966 /* CK_FUNCTION_LIST is new for v2.0 */ 00967 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 00968 00969 typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; 00970 00971 typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; 00972 00973 00974 /* CK_CREATEMUTEX is an application callback for creating a 00975 * mutex object */ 00976 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( 00977 CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ 00978 ); 00979 00980 00981 /* CK_DESTROYMUTEX is an application callback for destroying a 00982 * mutex object */ 00983 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( 00984 CK_VOID_PTR pMutex /* pointer to mutex */ 00985 ); 00986 00987 00988 /* CK_LOCKMUTEX is an application callback for locking a mutex */ 00989 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( 00990 CK_VOID_PTR pMutex /* pointer to mutex */ 00991 ); 00992 00993 00994 /* CK_UNLOCKMUTEX is an application callback for unlocking a 00995 * mutex */ 00996 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( 00997 CK_VOID_PTR pMutex /* pointer to mutex */ 00998 ); 00999 01000 01001 /* CK_C_INITIALIZE_ARGS provides the optional arguments to 01002 * C_Initialize */ 01003 typedef struct CK_C_INITIALIZE_ARGS { 01004 CK_CREATEMUTEX CreateMutex; 01005 CK_DESTROYMUTEX DestroyMutex; 01006 CK_LOCKMUTEX LockMutex; 01007 CK_UNLOCKMUTEX UnlockMutex; 01008 CK_FLAGS flags; 01009 CK_VOID_PTR pReserved; 01010 } CK_C_INITIALIZE_ARGS; 01011 01012 /* flags: bit flags that provide capabilities of the slot 01013 * Bit Flag Mask Meaning 01014 */ 01015 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 01016 #define CKF_OS_LOCKING_OK 0x00000002 01017 01018 typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; 01019 01020 01021 /* additional flags for parameters to functions */ 01022 01023 /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ 01024 #define CKF_DONT_BLOCK 1 01025 01026 /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. 01027 * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message 01028 * Generation Function (MGF) applied to a message block when 01029 * formatting a message block for the PKCS #1 OAEP encryption 01030 * scheme. */ 01031 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 01032 01033 typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; 01034 01035 /* The following MGFs are defined */ 01036 #define CKG_MGF1_SHA1 0x00000001 01037 01038 /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. 01039 * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source 01040 * of the encoding parameter when formatting a message block 01041 * for the PKCS #1 OAEP encryption scheme. */ 01042 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 01043 01044 typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; 01045 01046 /* The following encoding parameter sources are defined */ 01047 #define CKZ_DATA_SPECIFIED 0x00000001 01048 01049 /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. 01050 * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the 01051 * CKM_RSA_PKCS_OAEP mechanism. */ 01052 typedef struct CK_RSA_PKCS_OAEP_PARAMS { 01053 CK_MECHANISM_TYPE hashAlg; 01054 CK_RSA_PKCS_MGF_TYPE mgf; 01055 CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 01056 CK_VOID_PTR pSourceData; 01057 CK_ULONG ulSourceDataLen; 01058 } CK_RSA_PKCS_OAEP_PARAMS; 01059 01060 typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; 01061 01062 /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. 01063 * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the 01064 * CKM_RSA_PKCS_PSS mechanism(s). */ 01065 typedef struct CK_RSA_PKCS_PSS_PARAMS { 01066 CK_MECHANISM_TYPE hashAlg; 01067 CK_RSA_PKCS_MGF_TYPE mgf; 01068 CK_ULONG sLen; 01069 } CK_RSA_PKCS_PSS_PARAMS; 01070 01071 /* CK_KEA_DERIVE_PARAMS provides the parameters to the 01072 * CKM_KEA_DERIVE mechanism */ 01073 /* CK_KEA_DERIVE_PARAMS is new for v2.0 */ 01074 typedef struct CK_KEA_DERIVE_PARAMS { 01075 CK_BBOOL isSender; 01076 CK_ULONG ulRandomLen; 01077 CK_BYTE_PTR pRandomA; 01078 CK_BYTE_PTR pRandomB; 01079 CK_ULONG ulPublicDataLen; 01080 CK_BYTE_PTR pPublicData; 01081 } CK_KEA_DERIVE_PARAMS; 01082 01083 typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; 01084 01085 01086 /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and 01087 * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just 01088 * holds the effective keysize */ 01089 typedef CK_ULONG CK_RC2_PARAMS; 01090 01091 typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; 01092 01093 01094 /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC 01095 * mechanism */ 01096 typedef struct CK_RC2_CBC_PARAMS { 01097 /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for 01098 * v2.0 */ 01099 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 01100 01101 CK_BYTE iv[8]; /* IV for CBC mode */ 01102 } CK_RC2_CBC_PARAMS; 01103 01104 typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; 01105 01106 01107 /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the 01108 * CKM_RC2_MAC_GENERAL mechanism */ 01109 /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ 01110 typedef struct CK_RC2_MAC_GENERAL_PARAMS { 01111 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 01112 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 01113 } CK_RC2_MAC_GENERAL_PARAMS; 01114 01115 typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ 01116 CK_RC2_MAC_GENERAL_PARAMS_PTR; 01117 01118 01119 /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and 01120 * CKM_RC5_MAC mechanisms */ 01121 /* CK_RC5_PARAMS is new for v2.0 */ 01122 typedef struct CK_RC5_PARAMS { 01123 CK_ULONG ulWordsize; /* wordsize in bits */ 01124 CK_ULONG ulRounds; /* number of rounds */ 01125 } CK_RC5_PARAMS; 01126 01127 typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; 01128 01129 01130 /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC 01131 * mechanism */ 01132 /* CK_RC5_CBC_PARAMS is new for v2.0 */ 01133 typedef struct CK_RC5_CBC_PARAMS { 01134 CK_ULONG ulWordsize; /* wordsize in bits */ 01135 CK_ULONG ulRounds; /* number of rounds */ 01136 CK_BYTE_PTR pIv; /* pointer to IV */ 01137 CK_ULONG ulIvLen; /* length of IV in bytes */ 01138 } CK_RC5_CBC_PARAMS; 01139 01140 typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; 01141 01142 01143 /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the 01144 * CKM_RC5_MAC_GENERAL mechanism */ 01145 /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ 01146 typedef struct CK_RC5_MAC_GENERAL_PARAMS { 01147 CK_ULONG ulWordsize; /* wordsize in bits */ 01148 CK_ULONG ulRounds; /* number of rounds */ 01149 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 01150 } CK_RC5_MAC_GENERAL_PARAMS; 01151 01152 typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ 01153 CK_RC5_MAC_GENERAL_PARAMS_PTR; 01154 01155 01156 /* CK_MAC_GENERAL_PARAMS provides the parameters to most block 01157 * ciphers' MAC_GENERAL mechanisms. Its value is the length of 01158 * the MAC */ 01159 /* CK_MAC_GENERAL_PARAMS is new for v2.0 */ 01160 typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 01161 01162 typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; 01163 01164 01165 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the 01166 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ 01167 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ 01168 typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { 01169 CK_ULONG ulPasswordLen; 01170 CK_BYTE_PTR pPassword; 01171 CK_ULONG ulPublicDataLen; 01172 CK_BYTE_PTR pPublicData; 01173 CK_ULONG ulPAndGLen; 01174 CK_ULONG ulQLen; 01175 CK_ULONG ulRandomLen; 01176 CK_BYTE_PTR pRandomA; 01177 CK_BYTE_PTR pPrimeP; 01178 CK_BYTE_PTR pBaseG; 01179 CK_BYTE_PTR pSubprimeQ; 01180 } CK_SKIPJACK_PRIVATE_WRAP_PARAMS; 01181 01182 typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ 01183 CK_SKIPJACK_PRIVATE_WRAP_PTR; 01184 01185 01186 /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the 01187 * CKM_SKIPJACK_RELAYX mechanism */ 01188 /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ 01189 typedef struct CK_SKIPJACK_RELAYX_PARAMS { 01190 CK_ULONG ulOldWrappedXLen; 01191 CK_BYTE_PTR pOldWrappedX; 01192 CK_ULONG ulOldPasswordLen; 01193 CK_BYTE_PTR pOldPassword; 01194 CK_ULONG ulOldPublicDataLen; 01195 CK_BYTE_PTR pOldPublicData; 01196 CK_ULONG ulOldRandomLen; 01197 CK_BYTE_PTR pOldRandomA; 01198 CK_ULONG ulNewPasswordLen; 01199 CK_BYTE_PTR pNewPassword; 01200 CK_ULONG ulNewPublicDataLen; 01201 CK_BYTE_PTR pNewPublicData; 01202 CK_ULONG ulNewRandomLen; 01203 CK_BYTE_PTR pNewRandomA; 01204 } CK_SKIPJACK_RELAYX_PARAMS; 01205 01206 typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ 01207 CK_SKIPJACK_RELAYX_PARAMS_PTR; 01208 01209 01210 typedef struct CK_PBE_PARAMS { 01211 CK_BYTE_PTR pInitVector; 01212 CK_UTF8CHAR_PTR pPassword; 01213 CK_ULONG ulPasswordLen; 01214 CK_BYTE_PTR pSalt; 01215 CK_ULONG ulSaltLen; 01216 CK_ULONG ulIteration; 01217 } CK_PBE_PARAMS; 01218 01219 typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; 01220 01221 01222 /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the 01223 * CKM_KEY_WRAP_SET_OAEP mechanism */ 01224 /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ 01225 typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { 01226 CK_BYTE bBC; /* block contents byte */ 01227 CK_BYTE_PTR pX; /* extra data */ 01228 CK_ULONG ulXLen; /* length of extra data in bytes */ 01229 } CK_KEY_WRAP_SET_OAEP_PARAMS; 01230 01231 typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \ 01232 CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; 01233 01234 01235 typedef struct CK_SSL3_RANDOM_DATA { 01236 CK_BYTE_PTR pClientRandom; 01237 CK_ULONG ulClientRandomLen; 01238 CK_BYTE_PTR pServerRandom; 01239 CK_ULONG ulServerRandomLen; 01240 } CK_SSL3_RANDOM_DATA; 01241 01242 01243 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { 01244 CK_SSL3_RANDOM_DATA RandomInfo; 01245 CK_VERSION_PTR pVersion; 01246 } CK_SSL3_MASTER_KEY_DERIVE_PARAMS; 01247 01248 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ 01249 CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; 01250 01251 01252 typedef struct CK_SSL3_KEY_MAT_OUT { 01253 CK_OBJECT_HANDLE hClientMacSecret; 01254 CK_OBJECT_HANDLE hServerMacSecret; 01255 CK_OBJECT_HANDLE hClientKey; 01256 CK_OBJECT_HANDLE hServerKey; 01257 CK_BYTE_PTR pIVClient; 01258 CK_BYTE_PTR pIVServer; 01259 } CK_SSL3_KEY_MAT_OUT; 01260 01261 typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; 01262 01263 01264 typedef struct CK_SSL3_KEY_MAT_PARAMS { 01265 CK_ULONG ulMacSizeInBits; 01266 CK_ULONG ulKeySizeInBits; 01267 CK_ULONG ulIVSizeInBits; 01268 CK_BBOOL bIsExport; 01269 CK_SSL3_RANDOM_DATA RandomInfo; 01270 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 01271 } CK_SSL3_KEY_MAT_PARAMS; 01272 01273 typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; 01274 01275 01276 typedef struct CK_KEY_DERIVATION_STRING_DATA { 01277 CK_BYTE_PTR pData; 01278 CK_ULONG ulLen; 01279 } CK_KEY_DERIVATION_STRING_DATA; 01280 01281 typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ 01282 CK_KEY_DERIVATION_STRING_DATA_PTR; 01283 01284 01285 /* The CK_EXTRACT_PARAMS is used for the 01286 * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit 01287 * of the base key should be used as the first bit of the 01288 * derived key */ 01289 /* CK_EXTRACT_PARAMS is new for v2.0 */ 01290 typedef CK_ULONG CK_EXTRACT_PARAMS; 01291 01292 typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; 01293 01294 /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. 01295 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to 01296 * indicate the Pseudo-Random Function (PRF) used to generate 01297 * key bits using PKCS #5 PBKDF2. */ 01298 typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; 01299 01300 typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; 01301 01302 /* The following PRFs are defined in PKCS #5 v2.0. */ 01303 #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 01304 01305 01306 /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. 01307 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the 01308 * source of the salt value when deriving a key using PKCS #5 01309 * PBKDF2. */ 01310 typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; 01311 01312 typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; 01313 01314 /* The following salt value sources are defined in PKCS #5 v2.0. */ 01315 #define CKZ_SALT_SPECIFIED 0x00000001 01316 01317 /* CK_PKCS5_PBKD2_PARAMS is new for v2.10. 01318 * CK_PKCS5_PBKD2_PARAMS is a structure that provides the 01319 * parameters to the CKM_PKCS5_PBKD2 mechanism. */ 01320 typedef struct CK_PKCS5_PBKD2_PARAMS { 01321 CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; 01322 CK_VOID_PTR pSaltSourceData; 01323 CK_ULONG ulSaltSourceDataLen; 01324 CK_ULONG iterations; 01325 CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; 01326 CK_VOID_PTR pPrfData; 01327 CK_ULONG ulPrfDataLen; 01328 CK_UTF8CHAR_PTR pPassword; 01329 CK_ULONG_PTR ulPasswordLen; 01330 } CK_PKCS5_PBKD2_PARAMS; 01331 01332 typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; 01333 01334 #endif
