Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / d48a22601bdd3eec054794c535f4ae8d8ae4c6e2 / . / pkcs11.h
blob: b01d58f9483af5e238814faf0ff25ad9d2daf101 [file] [log] [blame]
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]1/* $OpenBSD: pkcs11.h,v 1.3 2013/11/26 19:15:09 deraadt Exp $ */
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]2/* pkcs11.h
3 Copyright 2006, 2007 g10 Code GmbH
4 Copyright 2006 Andreas Jellinghaus
5
6 This file is free software; as a special exception the author gives
7 unlimited permission to copy and/or distribute it, with or without
8 modifications, as long as this notice is preserved.
9
10 This file is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY, to the extent permitted by law; without even
12 the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
13 PURPOSE. */
14
15/* Please submit changes back to the Scute project at
16 http://www.scute.org/ (or send them to marcus@g10code.com), so that
17 they can be picked up by other projects from there as well. */
18
19/* This file is a modified implementation of the PKCS #11 standard by
20 RSA Security Inc. It is mostly a drop-in replacement, with the
21 following change:
22
23 This header file does not require any macro definitions by the user
24 (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros
25 for you (if useful, some are missing, let me know if you need
26 more).
27
28 There is an additional API available that does comply better to the
29 GNU coding standard. It can be switched on by defining
30 CRYPTOKI_GNU before including this header file. For this, the
31 following changes are made to the specification:
32
33 All structure types are changed to a "struct ck_foo" where CK_FOO
34 is the type name in PKCS #11.
35
36 All non-structure types are changed to ck_foo_t where CK_FOO is the
37 lowercase version of the type name in PKCS #11. The basic types
38 (CK_ULONG et al.) are removed without substitute.
39
40 All members of structures are modified in the following way: Type
41 indication prefixes are removed, and underscore characters are
42 inserted before words. Then the result is lowercased.
43
44 Note that function names are still in the original case, as they
45 need for ABI compatibility.
46
47 CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use
48 <stdbool.h>.
49
50 If CRYPTOKI_COMPAT is defined before including this header file,
51 then none of the API changes above take place, and the API is the
52 one defined by the PKCS #11 standard. */
53
54#ifndef PKCS11_H
55#define PKCS11_H 1
56
57#if defined(__cplusplus)
58extern "C" {
59#endif
60
61
62/* The version of cryptoki we implement. The revision is changed with
63 each modification of this file. If you do not use the "official"
64 version of this file, please consider deleting the revision macro
65 (you may use a macro with a different name to keep track of your
66 versions). */
67#define CRYPTOKI_VERSION_MAJOR 2
68#define CRYPTOKI_VERSION_MINOR 20
69#define CRYPTOKI_VERSION_REVISION 6
70
71
72/* Compatibility interface is default, unless CRYPTOKI_GNU is
73 given. */
74#ifndef CRYPTOKI_GNU
75#ifndef CRYPTOKI_COMPAT
76#define CRYPTOKI_COMPAT 1
77#endif
78#endif
79
80/* System dependencies. */
81
82#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
83
84/* There is a matching pop below. */
85#pragma pack(push, cryptoki, 1)
86
87#ifdef CRYPTOKI_EXPORTS
88#define CK_SPEC __declspec(dllexport)
89#else
90#define CK_SPEC __declspec(dllimport)
91#endif
92
93#else
94
95#define CK_SPEC
96
97#endif
98
99
100#ifdef CRYPTOKI_COMPAT
101 /* If we are in compatibility mode, switch all exposed names to the
102 PKCS #11 variant. There are corresponding #undefs below. */
103
104#define ck_flags_t CK_FLAGS
105#define ck_version _CK_VERSION
106
107#define ck_info _CK_INFO
108#define cryptoki_version cryptokiVersion
109#define manufacturer_id manufacturerID
110#define library_description libraryDescription
111#define library_version libraryVersion
112
113#define ck_notification_t CK_NOTIFICATION
114#define ck_slot_id_t CK_SLOT_ID
115
116#define ck_slot_info _CK_SLOT_INFO
117#define slot_description slotDescription
118#define hardware_version hardwareVersion
119#define firmware_version firmwareVersion
120
121#define ck_token_info _CK_TOKEN_INFO
122#define serial_number serialNumber
123#define max_session_count ulMaxSessionCount
124#define session_count ulSessionCount
125#define max_rw_session_count ulMaxRwSessionCount
126#define rw_session_count ulRwSessionCount
127#define max_pin_len ulMaxPinLen
128#define min_pin_len ulMinPinLen
129#define total_public_memory ulTotalPublicMemory
130#define free_public_memory ulFreePublicMemory
131#define total_private_memory ulTotalPrivateMemory
132#define free_private_memory ulFreePrivateMemory
133#define utc_time utcTime
134
135#define ck_session_handle_t CK_SESSION_HANDLE
136#define ck_user_type_t CK_USER_TYPE
137#define ck_state_t CK_STATE
138
139#define ck_session_info _CK_SESSION_INFO
140#define slot_id slotID
141#define device_error ulDeviceError
142
143#define ck_object_handle_t CK_OBJECT_HANDLE
144#define ck_object_class_t CK_OBJECT_CLASS
145#define ck_hw_feature_type_t CK_HW_FEATURE_TYPE
146#define ck_key_type_t CK_KEY_TYPE
147#define ck_certificate_type_t CK_CERTIFICATE_TYPE
148#define ck_attribute_type_t CK_ATTRIBUTE_TYPE
149
150#define ck_attribute _CK_ATTRIBUTE
151#define value pValue
152#define value_len ulValueLen
153
154#define ck_date _CK_DATE
155
156#define ck_mechanism_type_t CK_MECHANISM_TYPE
157
158#define ck_mechanism _CK_MECHANISM
159#define parameter pParameter
160#define parameter_len ulParameterLen
161
162#define ck_mechanism_info _CK_MECHANISM_INFO
163#define min_key_size ulMinKeySize
164#define max_key_size ulMaxKeySize
165
166#define ck_rv_t CK_RV
167#define ck_notify_t CK_NOTIFY
168
169#define ck_function_list _CK_FUNCTION_LIST
170
171#define ck_createmutex_t CK_CREATEMUTEX
172#define ck_destroymutex_t CK_DESTROYMUTEX
173#define ck_lockmutex_t CK_LOCKMUTEX
174#define ck_unlockmutex_t CK_UNLOCKMUTEX
175
176#define ck_c_initialize_args _CK_C_INITIALIZE_ARGS
177#define create_mutex CreateMutex
178#define destroy_mutex DestroyMutex
179#define lock_mutex LockMutex
180#define unlock_mutex UnlockMutex
181#define reserved pReserved
182
183#endif /* CRYPTOKI_COMPAT */
184
185
186
187typedef unsigned long ck_flags_t;
188
189struct ck_version
190{
191 unsigned char major;
192 unsigned char minor;
193};
194
195
196struct ck_info
197{
198 struct ck_version cryptoki_version;
199 unsigned char manufacturer_id[32];
200 ck_flags_t flags;
201 unsigned char library_description[32];
202 struct ck_version library_version;
203};
204
205
206typedef unsigned long ck_notification_t;
207
208#define CKN_SURRENDER (0)
209
210
211typedef unsigned long ck_slot_id_t;
212
213
214struct ck_slot_info
215{
216 unsigned char slot_description[64];
217 unsigned char manufacturer_id[32];
218 ck_flags_t flags;
219 struct ck_version hardware_version;
220 struct ck_version firmware_version;
221};
222
223
224#define CKF_TOKEN_PRESENT (1 << 0)
225#define CKF_REMOVABLE_DEVICE (1 << 1)
226#define CKF_HW_SLOT (1 << 2)
227#define CKF_ARRAY_ATTRIBUTE (1 << 30)
228
229
230struct ck_token_info
231{
232 unsigned char label[32];
233 unsigned char manufacturer_id[32];
234 unsigned char model[16];
235 unsigned char serial_number[16];
236 ck_flags_t flags;
237 unsigned long max_session_count;
238 unsigned long session_count;
239 unsigned long max_rw_session_count;
240 unsigned long rw_session_count;
241 unsigned long max_pin_len;
242 unsigned long min_pin_len;
243 unsigned long total_public_memory;
244 unsigned long free_public_memory;
245 unsigned long total_private_memory;
246 unsigned long free_private_memory;
247 struct ck_version hardware_version;
248 struct ck_version firmware_version;
249 unsigned char utc_time[16];
250};
251
252
253#define CKF_RNG (1 << 0)
254#define CKF_WRITE_PROTECTED (1 << 1)
255#define CKF_LOGIN_REQUIRED (1 << 2)
256#define CKF_USER_PIN_INITIALIZED (1 << 3)
257#define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5)
258#define CKF_CLOCK_ON_TOKEN (1 << 6)
259#define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8)
260#define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9)
261#define CKF_TOKEN_INITIALIZED (1 << 10)
262#define CKF_SECONDARY_AUTHENTICATION (1 << 11)
263#define CKF_USER_PIN_COUNT_LOW (1 << 16)
264#define CKF_USER_PIN_FINAL_TRY (1 << 17)
265#define CKF_USER_PIN_LOCKED (1 << 18)
266#define CKF_USER_PIN_TO_BE_CHANGED (1 << 19)
267#define CKF_SO_PIN_COUNT_LOW (1 << 20)
268#define CKF_SO_PIN_FINAL_TRY (1 << 21)
269#define CKF_SO_PIN_LOCKED (1 << 22)
270#define CKF_SO_PIN_TO_BE_CHANGED (1 << 23)
271
272#define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1)
273#define CK_EFFECTIVELY_INFINITE (0)
274
275
276typedef unsigned long ck_session_handle_t;
277
278#define CK_INVALID_HANDLE (0)
279
280
281typedef unsigned long ck_user_type_t;
282
283#define CKU_SO (0)
284#define CKU_USER (1)
285#define CKU_CONTEXT_SPECIFIC (2)
286
287
288typedef unsigned long ck_state_t;
289
290#define CKS_RO_PUBLIC_SESSION (0)
291#define CKS_RO_USER_FUNCTIONS (1)
292#define CKS_RW_PUBLIC_SESSION (2)
293#define CKS_RW_USER_FUNCTIONS (3)
294#define CKS_RW_SO_FUNCTIONS (4)
295
296
297struct ck_session_info
298{
299 ck_slot_id_t slot_id;
300 ck_state_t state;
301 ck_flags_t flags;
302 unsigned long device_error;
303};
304
305#define CKF_RW_SESSION (1 << 1)
306#define CKF_SERIAL_SESSION (1 << 2)
307
308
309typedef unsigned long ck_object_handle_t;
310
311
312typedef unsigned long ck_object_class_t;
313
314#define CKO_DATA (0)
315#define CKO_CERTIFICATE (1)
316#define CKO_PUBLIC_KEY (2)
317#define CKO_PRIVATE_KEY (3)
318#define CKO_SECRET_KEY (4)
319#define CKO_HW_FEATURE (5)
320#define CKO_DOMAIN_PARAMETERS (6)
321#define CKO_MECHANISM (7)
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]322#define CKO_VENDOR_DEFINED (1U << 31)
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]323
324
325typedef unsigned long ck_hw_feature_type_t;
326
327#define CKH_MONOTONIC_COUNTER (1)
328#define CKH_CLOCK (2)
329#define CKH_USER_INTERFACE (3)
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]330#define CKH_VENDOR_DEFINED (1U << 31)
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]331
332
333typedef unsigned long ck_key_type_t;
334
335#define CKK_RSA (0)
336#define CKK_DSA (1)
337#define CKK_DH (2)
338#define CKK_ECDSA (3)
339#define CKK_EC (3)
340#define CKK_X9_42_DH (4)
341#define CKK_KEA (5)
342#define CKK_GENERIC_SECRET (0x10)
343#define CKK_RC2 (0x11)
344#define CKK_RC4 (0x12)
345#define CKK_DES (0x13)
346#define CKK_DES2 (0x14)
347#define CKK_DES3 (0x15)
348#define CKK_CAST (0x16)
349#define CKK_CAST3 (0x17)
350#define CKK_CAST128 (0x18)
351#define CKK_RC5 (0x19)
352#define CKK_IDEA (0x1a)
353#define CKK_SKIPJACK (0x1b)
354#define CKK_BATON (0x1c)
355#define CKK_JUNIPER (0x1d)
356#define CKK_CDMF (0x1e)
357#define CKK_AES (0x1f)
358#define CKK_BLOWFISH (0x20)
359#define CKK_TWOFISH (0x21)
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]360#define CKK_VENDOR_DEFINED (1U << 31)
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]361
362typedef unsigned long ck_certificate_type_t;
363
364#define CKC_X_509 (0)
365#define CKC_X_509_ATTR_CERT (1)
366#define CKC_WTLS (2)
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]367#define CKC_VENDOR_DEFINED (1U << 31)
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]368
369
370typedef unsigned long ck_attribute_type_t;
371
372#define CKA_CLASS (0)
373#define CKA_TOKEN (1)
374#define CKA_PRIVATE (2)
375#define CKA_LABEL (3)
376#define CKA_APPLICATION (0x10)
377#define CKA_VALUE (0x11)
378#define CKA_OBJECT_ID (0x12)
379#define CKA_CERTIFICATE_TYPE (0x80)
380#define CKA_ISSUER (0x81)
381#define CKA_SERIAL_NUMBER (0x82)
382#define CKA_AC_ISSUER (0x83)
383#define CKA_OWNER (0x84)
384#define CKA_ATTR_TYPES (0x85)
385#define CKA_TRUSTED (0x86)
386#define CKA_CERTIFICATE_CATEGORY (0x87)
387#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88)
388#define CKA_URL (0x89)
389#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8a)
390#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8b)
391#define CKA_CHECK_VALUE (0x90)
392#define CKA_KEY_TYPE (0x100)
393#define CKA_SUBJECT (0x101)
394#define CKA_ID (0x102)
395#define CKA_SENSITIVE (0x103)
396#define CKA_ENCRYPT (0x104)
397#define CKA_DECRYPT (0x105)
398#define CKA_WRAP (0x106)
399#define CKA_UNWRAP (0x107)
400#define CKA_SIGN (0x108)
401#define CKA_SIGN_RECOVER (0x109)
402#define CKA_VERIFY (0x10a)
403#define CKA_VERIFY_RECOVER (0x10b)
404#define CKA_DERIVE (0x10c)
405#define CKA_START_DATE (0x110)
406#define CKA_END_DATE (0x111)
407#define CKA_MODULUS (0x120)
408#define CKA_MODULUS_BITS (0x121)
409#define CKA_PUBLIC_EXPONENT (0x122)
410#define CKA_PRIVATE_EXPONENT (0x123)
411#define CKA_PRIME_1 (0x124)
412#define CKA_PRIME_2 (0x125)
413#define CKA_EXPONENT_1 (0x126)
414#define CKA_EXPONENT_2 (0x127)
415#define CKA_COEFFICIENT (0x128)
416#define CKA_PRIME (0x130)
417#define CKA_SUBPRIME (0x131)
418#define CKA_BASE (0x132)
419#define CKA_PRIME_BITS (0x133)
420#define CKA_SUB_PRIME_BITS (0x134)
421#define CKA_VALUE_BITS (0x160)
422#define CKA_VALUE_LEN (0x161)
423#define CKA_EXTRACTABLE (0x162)
424#define CKA_LOCAL (0x163)
425#define CKA_NEVER_EXTRACTABLE (0x164)
426#define CKA_ALWAYS_SENSITIVE (0x165)
427#define CKA_KEY_GEN_MECHANISM (0x166)
428#define CKA_MODIFIABLE (0x170)
429#define CKA_ECDSA_PARAMS (0x180)
430#define CKA_EC_PARAMS (0x180)
431#define CKA_EC_POINT (0x181)
432#define CKA_SECONDARY_AUTH (0x200)
433#define CKA_AUTH_PIN_FLAGS (0x201)
434#define CKA_ALWAYS_AUTHENTICATE (0x202)
435#define CKA_WRAP_WITH_TRUSTED (0x210)
436#define CKA_HW_FEATURE_TYPE (0x300)
437#define CKA_RESET_ON_INIT (0x301)
438#define CKA_HAS_RESET (0x302)
439#define CKA_PIXEL_X (0x400)
440#define CKA_PIXEL_Y (0x401)
441#define CKA_RESOLUTION (0x402)
442#define CKA_CHAR_ROWS (0x403)
443#define CKA_CHAR_COLUMNS (0x404)
444#define CKA_COLOR (0x405)
445#define CKA_BITS_PER_PIXEL (0x406)
446#define CKA_CHAR_SETS (0x480)
447#define CKA_ENCODING_METHODS (0x481)
448#define CKA_MIME_TYPES (0x482)
449#define CKA_MECHANISM_TYPE (0x500)
450#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501)
451#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502)
452#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503)
453#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211)
454#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212)
455#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600)
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]456#define CKA_VENDOR_DEFINED (1U << 31)
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]457
458
459struct ck_attribute
460{
461 ck_attribute_type_t type;
462 void *value;
463 unsigned long value_len;
464};
465
466
467struct ck_date
468{
469 unsigned char year[4];
470 unsigned char month[2];
471 unsigned char day[2];
472};
473
474
475typedef unsigned long ck_mechanism_type_t;
476
477#define CKM_RSA_PKCS_KEY_PAIR_GEN (0)
478#define CKM_RSA_PKCS (1)
479#define CKM_RSA_9796 (2)
480#define CKM_RSA_X_509 (3)
481#define CKM_MD2_RSA_PKCS (4)
482#define CKM_MD5_RSA_PKCS (5)
483#define CKM_SHA1_RSA_PKCS (6)
484#define CKM_RIPEMD128_RSA_PKCS (7)
485#define CKM_RIPEMD160_RSA_PKCS (8)
486#define CKM_RSA_PKCS_OAEP (9)
487#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa)
488#define CKM_RSA_X9_31 (0xb)
489#define CKM_SHA1_RSA_X9_31 (0xc)
490#define CKM_RSA_PKCS_PSS (0xd)
491#define CKM_SHA1_RSA_PKCS_PSS (0xe)
492#define CKM_DSA_KEY_PAIR_GEN (0x10)
493#define CKM_DSA (0x11)
494#define CKM_DSA_SHA1 (0x12)
495#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20)
496#define CKM_DH_PKCS_DERIVE (0x21)
497#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30)
498#define CKM_X9_42_DH_DERIVE (0x31)
499#define CKM_X9_42_DH_HYBRID_DERIVE (0x32)
500#define CKM_X9_42_MQV_DERIVE (0x33)
501#define CKM_SHA256_RSA_PKCS (0x40)
502#define CKM_SHA384_RSA_PKCS (0x41)
503#define CKM_SHA512_RSA_PKCS (0x42)
504#define CKM_SHA256_RSA_PKCS_PSS (0x43)
505#define CKM_SHA384_RSA_PKCS_PSS (0x44)
506#define CKM_SHA512_RSA_PKCS_PSS (0x45)
507#define CKM_RC2_KEY_GEN (0x100)
508#define CKM_RC2_ECB (0x101)
509#define CKM_RC2_CBC (0x102)
510#define CKM_RC2_MAC (0x103)
511#define CKM_RC2_MAC_GENERAL (0x104)
512#define CKM_RC2_CBC_PAD (0x105)
513#define CKM_RC4_KEY_GEN (0x110)
514#define CKM_RC4 (0x111)
515#define CKM_DES_KEY_GEN (0x120)
516#define CKM_DES_ECB (0x121)
517#define CKM_DES_CBC (0x122)
518#define CKM_DES_MAC (0x123)
519#define CKM_DES_MAC_GENERAL (0x124)
520#define CKM_DES_CBC_PAD (0x125)
521#define CKM_DES2_KEY_GEN (0x130)
522#define CKM_DES3_KEY_GEN (0x131)
523#define CKM_DES3_ECB (0x132)
524#define CKM_DES3_CBC (0x133)
525#define CKM_DES3_MAC (0x134)
526#define CKM_DES3_MAC_GENERAL (0x135)
527#define CKM_DES3_CBC_PAD (0x136)
528#define CKM_CDMF_KEY_GEN (0x140)
529#define CKM_CDMF_ECB (0x141)
530#define CKM_CDMF_CBC (0x142)
531#define CKM_CDMF_MAC (0x143)
532#define CKM_CDMF_MAC_GENERAL (0x144)
533#define CKM_CDMF_CBC_PAD (0x145)
534#define CKM_MD2 (0x200)
535#define CKM_MD2_HMAC (0x201)
536#define CKM_MD2_HMAC_GENERAL (0x202)
537#define CKM_MD5 (0x210)
538#define CKM_MD5_HMAC (0x211)
539#define CKM_MD5_HMAC_GENERAL (0x212)
540#define CKM_SHA_1 (0x220)
541#define CKM_SHA_1_HMAC (0x221)
542#define CKM_SHA_1_HMAC_GENERAL (0x222)
543#define CKM_RIPEMD128 (0x230)
544#define CKM_RIPEMD128_HMAC (0x231)
545#define CKM_RIPEMD128_HMAC_GENERAL (0x232)
546#define CKM_RIPEMD160 (0x240)
547#define CKM_RIPEMD160_HMAC (0x241)
548#define CKM_RIPEMD160_HMAC_GENERAL (0x242)
549#define CKM_SHA256 (0x250)
550#define CKM_SHA256_HMAC (0x251)
551#define CKM_SHA256_HMAC_GENERAL (0x252)
552#define CKM_SHA384 (0x260)
553#define CKM_SHA384_HMAC (0x261)
554#define CKM_SHA384_HMAC_GENERAL (0x262)
555#define CKM_SHA512 (0x270)
556#define CKM_SHA512_HMAC (0x271)
557#define CKM_SHA512_HMAC_GENERAL (0x272)
558#define CKM_CAST_KEY_GEN (0x300)
559#define CKM_CAST_ECB (0x301)
560#define CKM_CAST_CBC (0x302)
561#define CKM_CAST_MAC (0x303)
562#define CKM_CAST_MAC_GENERAL (0x304)
563#define CKM_CAST_CBC_PAD (0x305)
564#define CKM_CAST3_KEY_GEN (0x310)
565#define CKM_CAST3_ECB (0x311)
566#define CKM_CAST3_CBC (0x312)
567#define CKM_CAST3_MAC (0x313)
568#define CKM_CAST3_MAC_GENERAL (0x314)
569#define CKM_CAST3_CBC_PAD (0x315)
570#define CKM_CAST5_KEY_GEN (0x320)
571#define CKM_CAST128_KEY_GEN (0x320)
572#define CKM_CAST5_ECB (0x321)
573#define CKM_CAST128_ECB (0x321)
574#define CKM_CAST5_CBC (0x322)
575#define CKM_CAST128_CBC (0x322)
576#define CKM_CAST5_MAC (0x323)
577#define CKM_CAST128_MAC (0x323)
578#define CKM_CAST5_MAC_GENERAL (0x324)
579#define CKM_CAST128_MAC_GENERAL (0x324)
580#define CKM_CAST5_CBC_PAD (0x325)
581#define CKM_CAST128_CBC_PAD (0x325)
582#define CKM_RC5_KEY_GEN (0x330)
583#define CKM_RC5_ECB (0x331)
584#define CKM_RC5_CBC (0x332)
585#define CKM_RC5_MAC (0x333)
586#define CKM_RC5_MAC_GENERAL (0x334)
587#define CKM_RC5_CBC_PAD (0x335)
588#define CKM_IDEA_KEY_GEN (0x340)
589#define CKM_IDEA_ECB (0x341)
590#define CKM_IDEA_CBC (0x342)
591#define CKM_IDEA_MAC (0x343)
592#define CKM_IDEA_MAC_GENERAL (0x344)
593#define CKM_IDEA_CBC_PAD (0x345)
594#define CKM_GENERIC_SECRET_KEY_GEN (0x350)
595#define CKM_CONCATENATE_BASE_AND_KEY (0x360)
596#define CKM_CONCATENATE_BASE_AND_DATA (0x362)
597#define CKM_CONCATENATE_DATA_AND_BASE (0x363)
598#define CKM_XOR_BASE_AND_DATA (0x364)
599#define CKM_EXTRACT_KEY_FROM_KEY (0x365)
600#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370)
601#define CKM_SSL3_MASTER_KEY_DERIVE (0x371)
602#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372)
603#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373)
604#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374)
605#define CKM_TLS_MASTER_KEY_DERIVE (0x375)
606#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376)
607#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377)
608#define CKM_SSL3_MD5_MAC (0x380)
609#define CKM_SSL3_SHA1_MAC (0x381)
610#define CKM_MD5_KEY_DERIVATION (0x390)
611#define CKM_MD2_KEY_DERIVATION (0x391)
612#define CKM_SHA1_KEY_DERIVATION (0x392)
613#define CKM_PBE_MD2_DES_CBC (0x3a0)
614#define CKM_PBE_MD5_DES_CBC (0x3a1)
615#define CKM_PBE_MD5_CAST_CBC (0x3a2)
616#define CKM_PBE_MD5_CAST3_CBC (0x3a3)
617#define CKM_PBE_MD5_CAST5_CBC (0x3a4)
618#define CKM_PBE_MD5_CAST128_CBC (0x3a4)
619#define CKM_PBE_SHA1_CAST5_CBC (0x3a5)
620#define CKM_PBE_SHA1_CAST128_CBC (0x3a5)
621#define CKM_PBE_SHA1_RC4_128 (0x3a6)
622#define CKM_PBE_SHA1_RC4_40 (0x3a7)
623#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8)
624#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9)
625#define CKM_PBE_SHA1_RC2_128_CBC (0x3aa)
626#define CKM_PBE_SHA1_RC2_40_CBC (0x3ab)
627#define CKM_PKCS5_PBKD2 (0x3b0)
628#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0)
629#define CKM_KEY_WRAP_LYNKS (0x400)
630#define CKM_KEY_WRAP_SET_OAEP (0x401)
631#define CKM_SKIPJACK_KEY_GEN (0x1000)
632#define CKM_SKIPJACK_ECB64 (0x1001)
633#define CKM_SKIPJACK_CBC64 (0x1002)
634#define CKM_SKIPJACK_OFB64 (0x1003)
635#define CKM_SKIPJACK_CFB64 (0x1004)
636#define CKM_SKIPJACK_CFB32 (0x1005)
637#define CKM_SKIPJACK_CFB16 (0x1006)
638#define CKM_SKIPJACK_CFB8 (0x1007)
639#define CKM_SKIPJACK_WRAP (0x1008)
640#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009)
641#define CKM_SKIPJACK_RELAYX (0x100a)
642#define CKM_KEA_KEY_PAIR_GEN (0x1010)
643#define CKM_KEA_KEY_DERIVE (0x1011)
644#define CKM_FORTEZZA_TIMESTAMP (0x1020)
645#define CKM_BATON_KEY_GEN (0x1030)
646#define CKM_BATON_ECB128 (0x1031)
647#define CKM_BATON_ECB96 (0x1032)
648#define CKM_BATON_CBC128 (0x1033)
649#define CKM_BATON_COUNTER (0x1034)
650#define CKM_BATON_SHUFFLE (0x1035)
651#define CKM_BATON_WRAP (0x1036)
652#define CKM_ECDSA_KEY_PAIR_GEN (0x1040)
653#define CKM_EC_KEY_PAIR_GEN (0x1040)
654#define CKM_ECDSA (0x1041)
655#define CKM_ECDSA_SHA1 (0x1042)
656#define CKM_ECDH1_DERIVE (0x1050)
657#define CKM_ECDH1_COFACTOR_DERIVE (0x1051)
658#define CKM_ECMQV_DERIVE (0x1052)
659#define CKM_JUNIPER_KEY_GEN (0x1060)
660#define CKM_JUNIPER_ECB128 (0x1061)
661#define CKM_JUNIPER_CBC128 (0x1062)
662#define CKM_JUNIPER_COUNTER (0x1063)
663#define CKM_JUNIPER_SHUFFLE (0x1064)
664#define CKM_JUNIPER_WRAP (0x1065)
665#define CKM_FASTHASH (0x1070)
666#define CKM_AES_KEY_GEN (0x1080)
667#define CKM_AES_ECB (0x1081)
668#define CKM_AES_CBC (0x1082)
669#define CKM_AES_MAC (0x1083)
670#define CKM_AES_MAC_GENERAL (0x1084)
671#define CKM_AES_CBC_PAD (0x1085)
672#define CKM_DSA_PARAMETER_GEN (0x2000)
673#define CKM_DH_PKCS_PARAMETER_GEN (0x2001)
674#define CKM_X9_42_DH_PARAMETER_GEN (0x2002)
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]675#define CKM_VENDOR_DEFINED (1U << 31)
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]676
677
678struct ck_mechanism
679{
680 ck_mechanism_type_t mechanism;
681 void *parameter;
682 unsigned long parameter_len;
683};
684
685
686struct ck_mechanism_info
687{
688 unsigned long min_key_size;
689 unsigned long max_key_size;
690 ck_flags_t flags;
691};
692
693#define CKF_HW (1 << 0)
694#define CKF_ENCRYPT (1 << 8)
695#define CKF_DECRYPT (1 << 9)
696#define CKF_DIGEST (1 << 10)
697#define CKF_SIGN (1 << 11)
698#define CKF_SIGN_RECOVER (1 << 12)
699#define CKF_VERIFY (1 << 13)
700#define CKF_VERIFY_RECOVER (1 << 14)
701#define CKF_GENERATE (1 << 15)
702#define CKF_GENERATE_KEY_PAIR (1 << 16)
703#define CKF_WRAP (1 << 17)
704#define CKF_UNWRAP (1 << 18)
705#define CKF_DERIVE (1 << 19)
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]706#define CKF_EXTENSION (1U << 31)
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]707
708
709/* Flags for C_WaitForSlotEvent. */
710#define CKF_DONT_BLOCK (1)
711
712
713typedef unsigned long ck_rv_t;
714
715
716typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session,
717 ck_notification_t event, void *application);
718
719/* Forward reference. */
720struct ck_function_list;
721
722#define _CK_DECLARE_FUNCTION(name, args) \
723typedef ck_rv_t (*CK_ ## name) args; \
724ck_rv_t CK_SPEC name args
725
726_CK_DECLARE_FUNCTION (C_Initialize, (void *init_args));
727_CK_DECLARE_FUNCTION (C_Finalize, (void *reserved));
728_CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info));
729_CK_DECLARE_FUNCTION (C_GetFunctionList,
730 (struct ck_function_list **function_list));
731
732_CK_DECLARE_FUNCTION (C_GetSlotList,
733 (unsigned char token_present, ck_slot_id_t *slot_list,
734 unsigned long *count));
735_CK_DECLARE_FUNCTION (C_GetSlotInfo,
736 (ck_slot_id_t slot_id, struct ck_slot_info *info));
737_CK_DECLARE_FUNCTION (C_GetTokenInfo,
738 (ck_slot_id_t slot_id, struct ck_token_info *info));
739_CK_DECLARE_FUNCTION (C_WaitForSlotEvent,
740 (ck_flags_t flags, ck_slot_id_t *slot, void *reserved));
741_CK_DECLARE_FUNCTION (C_GetMechanismList,
742 (ck_slot_id_t slot_id,
743 ck_mechanism_type_t *mechanism_list,
744 unsigned long *count));
745_CK_DECLARE_FUNCTION (C_GetMechanismInfo,
746 (ck_slot_id_t slot_id, ck_mechanism_type_t type,
747 struct ck_mechanism_info *info));
748_CK_DECLARE_FUNCTION (C_InitToken,
749 (ck_slot_id_t slot_id, unsigned char *pin,
750 unsigned long pin_len, unsigned char *label));
751_CK_DECLARE_FUNCTION (C_InitPIN,
752 (ck_session_handle_t session, unsigned char *pin,
753 unsigned long pin_len));
754_CK_DECLARE_FUNCTION (C_SetPIN,
755 (ck_session_handle_t session, unsigned char *old_pin,
756 unsigned long old_len, unsigned char *new_pin,
757 unsigned long new_len));
758
759_CK_DECLARE_FUNCTION (C_OpenSession,
760 (ck_slot_id_t slot_id, ck_flags_t flags,
761 void *application, ck_notify_t notify,
762 ck_session_handle_t *session));
763_CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session));
764_CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id));
765_CK_DECLARE_FUNCTION (C_GetSessionInfo,
766 (ck_session_handle_t session,
767 struct ck_session_info *info));
768_CK_DECLARE_FUNCTION (C_GetOperationState,
769 (ck_session_handle_t session,
770 unsigned char *operation_state,
771 unsigned long *operation_state_len));
772_CK_DECLARE_FUNCTION (C_SetOperationState,
773 (ck_session_handle_t session,
774 unsigned char *operation_state,
775 unsigned long operation_state_len,
776 ck_object_handle_t encryption_key,
777 ck_object_handle_t authentiation_key));
778_CK_DECLARE_FUNCTION (C_Login,
779 (ck_session_handle_t session, ck_user_type_t user_type,
780 unsigned char *pin, unsigned long pin_len));
781_CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session));
782
783_CK_DECLARE_FUNCTION (C_CreateObject,
784 (ck_session_handle_t session,
785 struct ck_attribute *templ,
786 unsigned long count, ck_object_handle_t *object));
787_CK_DECLARE_FUNCTION (C_CopyObject,
788 (ck_session_handle_t session, ck_object_handle_t object,
789 struct ck_attribute *templ, unsigned long count,
790 ck_object_handle_t *new_object));
791_CK_DECLARE_FUNCTION (C_DestroyObject,
792 (ck_session_handle_t session,
793 ck_object_handle_t object));
794_CK_DECLARE_FUNCTION (C_GetObjectSize,
795 (ck_session_handle_t session,
796 ck_object_handle_t object,
797 unsigned long *size));
798_CK_DECLARE_FUNCTION (C_GetAttributeValue,
799 (ck_session_handle_t session,
800 ck_object_handle_t object,
801 struct ck_attribute *templ,
802 unsigned long count));
803_CK_DECLARE_FUNCTION (C_SetAttributeValue,
804 (ck_session_handle_t session,
805 ck_object_handle_t object,
806 struct ck_attribute *templ,
807 unsigned long count));
808_CK_DECLARE_FUNCTION (C_FindObjectsInit,
809 (ck_session_handle_t session,
810 struct ck_attribute *templ,
811 unsigned long count));
812_CK_DECLARE_FUNCTION (C_FindObjects,
813 (ck_session_handle_t session,
814 ck_object_handle_t *object,
815 unsigned long max_object_count,
816 unsigned long *object_count));
817_CK_DECLARE_FUNCTION (C_FindObjectsFinal,
818 (ck_session_handle_t session));
819
820_CK_DECLARE_FUNCTION (C_EncryptInit,
821 (ck_session_handle_t session,
822 struct ck_mechanism *mechanism,
823 ck_object_handle_t key));
824_CK_DECLARE_FUNCTION (C_Encrypt,
825 (ck_session_handle_t session,
826 unsigned char *data, unsigned long data_len,
827 unsigned char *encrypted_data,
828 unsigned long *encrypted_data_len));
829_CK_DECLARE_FUNCTION (C_EncryptUpdate,
830 (ck_session_handle_t session,
831 unsigned char *part, unsigned long part_len,
832 unsigned char *encrypted_part,
833 unsigned long *encrypted_part_len));
834_CK_DECLARE_FUNCTION (C_EncryptFinal,
835 (ck_session_handle_t session,
836 unsigned char *last_encrypted_part,
837 unsigned long *last_encrypted_part_len));
838
839_CK_DECLARE_FUNCTION (C_DecryptInit,
840 (ck_session_handle_t session,
841 struct ck_mechanism *mechanism,
842 ck_object_handle_t key));
843_CK_DECLARE_FUNCTION (C_Decrypt,
844 (ck_session_handle_t session,
845 unsigned char *encrypted_data,
846 unsigned long encrypted_data_len,
847 unsigned char *data, unsigned long *data_len));
848_CK_DECLARE_FUNCTION (C_DecryptUpdate,
849 (ck_session_handle_t session,
850 unsigned char *encrypted_part,
851 unsigned long encrypted_part_len,
852 unsigned char *part, unsigned long *part_len));
853_CK_DECLARE_FUNCTION (C_DecryptFinal,
854 (ck_session_handle_t session,
855 unsigned char *last_part,
856 unsigned long *last_part_len));
857
858_CK_DECLARE_FUNCTION (C_DigestInit,
859 (ck_session_handle_t session,
860 struct ck_mechanism *mechanism));
861_CK_DECLARE_FUNCTION (C_Digest,
862 (ck_session_handle_t session,
863 unsigned char *data, unsigned long data_len,
864 unsigned char *digest,
865 unsigned long *digest_len));
866_CK_DECLARE_FUNCTION (C_DigestUpdate,
867 (ck_session_handle_t session,
868 unsigned char *part, unsigned long part_len));
869_CK_DECLARE_FUNCTION (C_DigestKey,
870 (ck_session_handle_t session, ck_object_handle_t key));
871_CK_DECLARE_FUNCTION (C_DigestFinal,
872 (ck_session_handle_t session,
873 unsigned char *digest,
874 unsigned long *digest_len));
875
876_CK_DECLARE_FUNCTION (C_SignInit,
877 (ck_session_handle_t session,
878 struct ck_mechanism *mechanism,
879 ck_object_handle_t key));
880_CK_DECLARE_FUNCTION (C_Sign,
881 (ck_session_handle_t session,
882 unsigned char *data, unsigned long data_len,
883 unsigned char *signature,
884 unsigned long *signature_len));
885_CK_DECLARE_FUNCTION (C_SignUpdate,
886 (ck_session_handle_t session,
887 unsigned char *part, unsigned long part_len));
888_CK_DECLARE_FUNCTION (C_SignFinal,
889 (ck_session_handle_t session,
890 unsigned char *signature,
891 unsigned long *signature_len));
892_CK_DECLARE_FUNCTION (C_SignRecoverInit,
893 (ck_session_handle_t session,
894 struct ck_mechanism *mechanism,
895 ck_object_handle_t key));
896_CK_DECLARE_FUNCTION (C_SignRecover,
897 (ck_session_handle_t session,
898 unsigned char *data, unsigned long data_len,
899 unsigned char *signature,
900 unsigned long *signature_len));
901
902_CK_DECLARE_FUNCTION (C_VerifyInit,
903 (ck_session_handle_t session,
904 struct ck_mechanism *mechanism,
905 ck_object_handle_t key));
906_CK_DECLARE_FUNCTION (C_Verify,
907 (ck_session_handle_t session,
908 unsigned char *data, unsigned long data_len,
909 unsigned char *signature,
910 unsigned long signature_len));
911_CK_DECLARE_FUNCTION (C_VerifyUpdate,
912 (ck_session_handle_t session,
913 unsigned char *part, unsigned long part_len));
914_CK_DECLARE_FUNCTION (C_VerifyFinal,
915 (ck_session_handle_t session,
916 unsigned char *signature,
917 unsigned long signature_len));
918_CK_DECLARE_FUNCTION (C_VerifyRecoverInit,
919 (ck_session_handle_t session,
920 struct ck_mechanism *mechanism,
921 ck_object_handle_t key));
922_CK_DECLARE_FUNCTION (C_VerifyRecover,
923 (ck_session_handle_t session,
924 unsigned char *signature,
925 unsigned long signature_len,
926 unsigned char *data,
927 unsigned long *data_len));
928
929_CK_DECLARE_FUNCTION (C_DigestEncryptUpdate,
930 (ck_session_handle_t session,
931 unsigned char *part, unsigned long part_len,
932 unsigned char *encrypted_part,
933 unsigned long *encrypted_part_len));
934_CK_DECLARE_FUNCTION (C_DecryptDigestUpdate,
935 (ck_session_handle_t session,
936 unsigned char *encrypted_part,
937 unsigned long encrypted_part_len,
938 unsigned char *part,
939 unsigned long *part_len));
940_CK_DECLARE_FUNCTION (C_SignEncryptUpdate,
941 (ck_session_handle_t session,
942 unsigned char *part, unsigned long part_len,
943 unsigned char *encrypted_part,
944 unsigned long *encrypted_part_len));
945_CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate,
946 (ck_session_handle_t session,
947 unsigned char *encrypted_part,
948 unsigned long encrypted_part_len,
949 unsigned char *part,
950 unsigned long *part_len));
951
952_CK_DECLARE_FUNCTION (C_GenerateKey,
953 (ck_session_handle_t session,
954 struct ck_mechanism *mechanism,
955 struct ck_attribute *templ,
956 unsigned long count,
957 ck_object_handle_t *key));
958_CK_DECLARE_FUNCTION (C_GenerateKeyPair,
959 (ck_session_handle_t session,
960 struct ck_mechanism *mechanism,
961 struct ck_attribute *public_key_template,
962 unsigned long public_key_attribute_count,
963 struct ck_attribute *private_key_template,
964 unsigned long private_key_attribute_count,
965 ck_object_handle_t *public_key,
966 ck_object_handle_t *private_key));
967_CK_DECLARE_FUNCTION (C_WrapKey,
968 (ck_session_handle_t session,
969 struct ck_mechanism *mechanism,
970 ck_object_handle_t wrapping_key,
971 ck_object_handle_t key,
972 unsigned char *wrapped_key,
973 unsigned long *wrapped_key_len));
974_CK_DECLARE_FUNCTION (C_UnwrapKey,
975 (ck_session_handle_t session,
976 struct ck_mechanism *mechanism,
977 ck_object_handle_t unwrapping_key,
978 unsigned char *wrapped_key,
979 unsigned long wrapped_key_len,
980 struct ck_attribute *templ,
981 unsigned long attribute_count,
982 ck_object_handle_t *key));
983_CK_DECLARE_FUNCTION (C_DeriveKey,
984 (ck_session_handle_t session,
985 struct ck_mechanism *mechanism,
986 ck_object_handle_t base_key,
987 struct ck_attribute *templ,
988 unsigned long attribute_count,
989 ck_object_handle_t *key));
990
991_CK_DECLARE_FUNCTION (C_SeedRandom,
992 (ck_session_handle_t session, unsigned char *seed,
993 unsigned long seed_len));
994_CK_DECLARE_FUNCTION (C_GenerateRandom,
995 (ck_session_handle_t session,
996 unsigned char *random_data,
997 unsigned long random_len));
998
999_CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session));
1000_CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session));
1001
1002
1003struct ck_function_list
1004{
1005 struct ck_version version;
1006 CK_C_Initialize C_Initialize;
1007 CK_C_Finalize C_Finalize;
1008 CK_C_GetInfo C_GetInfo;
1009 CK_C_GetFunctionList C_GetFunctionList;
1010 CK_C_GetSlotList C_GetSlotList;
1011 CK_C_GetSlotInfo C_GetSlotInfo;
1012 CK_C_GetTokenInfo C_GetTokenInfo;
1013 CK_C_GetMechanismList C_GetMechanismList;
1014 CK_C_GetMechanismInfo C_GetMechanismInfo;
1015 CK_C_InitToken C_InitToken;
1016 CK_C_InitPIN C_InitPIN;
1017 CK_C_SetPIN C_SetPIN;
1018 CK_C_OpenSession C_OpenSession;
1019 CK_C_CloseSession C_CloseSession;
1020 CK_C_CloseAllSessions C_CloseAllSessions;
1021 CK_C_GetSessionInfo C_GetSessionInfo;
1022 CK_C_GetOperationState C_GetOperationState;
1023 CK_C_SetOperationState C_SetOperationState;
1024 CK_C_Login C_Login;
1025 CK_C_Logout C_Logout;
1026 CK_C_CreateObject C_CreateObject;
1027 CK_C_CopyObject C_CopyObject;
1028 CK_C_DestroyObject C_DestroyObject;
1029 CK_C_GetObjectSize C_GetObjectSize;
1030 CK_C_GetAttributeValue C_GetAttributeValue;
1031 CK_C_SetAttributeValue C_SetAttributeValue;
1032 CK_C_FindObjectsInit C_FindObjectsInit;
1033 CK_C_FindObjects C_FindObjects;
1034 CK_C_FindObjectsFinal C_FindObjectsFinal;
1035 CK_C_EncryptInit C_EncryptInit;
1036 CK_C_Encrypt C_Encrypt;
1037 CK_C_EncryptUpdate C_EncryptUpdate;
1038 CK_C_EncryptFinal C_EncryptFinal;
1039 CK_C_DecryptInit C_DecryptInit;
1040 CK_C_Decrypt C_Decrypt;
1041 CK_C_DecryptUpdate C_DecryptUpdate;
1042 CK_C_DecryptFinal C_DecryptFinal;
1043 CK_C_DigestInit C_DigestInit;
1044 CK_C_Digest C_Digest;
1045 CK_C_DigestUpdate C_DigestUpdate;
1046 CK_C_DigestKey C_DigestKey;
1047 CK_C_DigestFinal C_DigestFinal;
1048 CK_C_SignInit C_SignInit;
1049 CK_C_Sign C_Sign;
1050 CK_C_SignUpdate C_SignUpdate;
1051 CK_C_SignFinal C_SignFinal;
1052 CK_C_SignRecoverInit C_SignRecoverInit;
1053 CK_C_SignRecover C_SignRecover;
1054 CK_C_VerifyInit C_VerifyInit;
1055 CK_C_Verify C_Verify;
1056 CK_C_VerifyUpdate C_VerifyUpdate;
1057 CK_C_VerifyFinal C_VerifyFinal;
1058 CK_C_VerifyRecoverInit C_VerifyRecoverInit;
1059 CK_C_VerifyRecover C_VerifyRecover;
1060 CK_C_DigestEncryptUpdate C_DigestEncryptUpdate;
1061 CK_C_DecryptDigestUpdate C_DecryptDigestUpdate;
1062 CK_C_SignEncryptUpdate C_SignEncryptUpdate;
1063 CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate;
1064 CK_C_GenerateKey C_GenerateKey;
1065 CK_C_GenerateKeyPair C_GenerateKeyPair;
1066 CK_C_WrapKey C_WrapKey;
1067 CK_C_UnwrapKey C_UnwrapKey;
1068 CK_C_DeriveKey C_DeriveKey;
1069 CK_C_SeedRandom C_SeedRandom;
1070 CK_C_GenerateRandom C_GenerateRandom;
1071 CK_C_GetFunctionStatus C_GetFunctionStatus;
1072 CK_C_CancelFunction C_CancelFunction;
1073 CK_C_WaitForSlotEvent C_WaitForSlotEvent;
1074};
1075
1076
1077typedef ck_rv_t (*ck_createmutex_t) (void **mutex);
1078typedef ck_rv_t (*ck_destroymutex_t) (void *mutex);
1079typedef ck_rv_t (*ck_lockmutex_t) (void *mutex);
1080typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex);
1081
1082
1083struct ck_c_initialize_args
1084{
1085 ck_createmutex_t create_mutex;
1086 ck_destroymutex_t destroy_mutex;
1087 ck_lockmutex_t lock_mutex;
1088 ck_unlockmutex_t unlock_mutex;
1089 ck_flags_t flags;
1090 void *reserved;
1091};
1092
1093
1094#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0)
1095#define CKF_OS_LOCKING_OK (1 << 1)
1096
1097#define CKR_OK (0)
1098#define CKR_CANCEL (1)
1099#define CKR_HOST_MEMORY (2)
1100#define CKR_SLOT_ID_INVALID (3)
1101#define CKR_GENERAL_ERROR (5)
1102#define CKR_FUNCTION_FAILED (6)
1103#define CKR_ARGUMENTS_BAD (7)
1104#define CKR_NO_EVENT (8)
1105#define CKR_NEED_TO_CREATE_THREADS (9)
1106#define CKR_CANT_LOCK (0xa)
1107#define CKR_ATTRIBUTE_READ_ONLY (0x10)
1108#define CKR_ATTRIBUTE_SENSITIVE (0x11)
1109#define CKR_ATTRIBUTE_TYPE_INVALID (0x12)
1110#define CKR_ATTRIBUTE_VALUE_INVALID (0x13)
1111#define CKR_DATA_INVALID (0x20)
1112#define CKR_DATA_LEN_RANGE (0x21)
1113#define CKR_DEVICE_ERROR (0x30)
1114#define CKR_DEVICE_MEMORY (0x31)
1115#define CKR_DEVICE_REMOVED (0x32)
1116#define CKR_ENCRYPTED_DATA_INVALID (0x40)
1117#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41)
1118#define CKR_FUNCTION_CANCELED (0x50)
1119#define CKR_FUNCTION_NOT_PARALLEL (0x51)
1120#define CKR_FUNCTION_NOT_SUPPORTED (0x54)
1121#define CKR_KEY_HANDLE_INVALID (0x60)
1122#define CKR_KEY_SIZE_RANGE (0x62)
1123#define CKR_KEY_TYPE_INCONSISTENT (0x63)
1124#define CKR_KEY_NOT_NEEDED (0x64)
1125#define CKR_KEY_CHANGED (0x65)
1126#define CKR_KEY_NEEDED (0x66)
1127#define CKR_KEY_INDIGESTIBLE (0x67)
1128#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68)
1129#define CKR_KEY_NOT_WRAPPABLE (0x69)
1130#define CKR_KEY_UNEXTRACTABLE (0x6a)
1131#define CKR_MECHANISM_INVALID (0x70)
1132#define CKR_MECHANISM_PARAM_INVALID (0x71)
1133#define CKR_OBJECT_HANDLE_INVALID (0x82)
1134#define CKR_OPERATION_ACTIVE (0x90)
1135#define CKR_OPERATION_NOT_INITIALIZED (0x91)
1136#define CKR_PIN_INCORRECT (0xa0)
1137#define CKR_PIN_INVALID (0xa1)
1138#define CKR_PIN_LEN_RANGE (0xa2)
1139#define CKR_PIN_EXPIRED (0xa3)
1140#define CKR_PIN_LOCKED (0xa4)
1141#define CKR_SESSION_CLOSED (0xb0)
1142#define CKR_SESSION_COUNT (0xb1)
1143#define CKR_SESSION_HANDLE_INVALID (0xb3)
1144#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4)
1145#define CKR_SESSION_READ_ONLY (0xb5)
1146#define CKR_SESSION_EXISTS (0xb6)
1147#define CKR_SESSION_READ_ONLY_EXISTS (0xb7)
1148#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8)
1149#define CKR_SIGNATURE_INVALID (0xc0)
1150#define CKR_SIGNATURE_LEN_RANGE (0xc1)
1151#define CKR_TEMPLATE_INCOMPLETE (0xd0)
1152#define CKR_TEMPLATE_INCONSISTENT (0xd1)
1153#define CKR_TOKEN_NOT_PRESENT (0xe0)
1154#define CKR_TOKEN_NOT_RECOGNIZED (0xe1)
1155#define CKR_TOKEN_WRITE_PROTECTED (0xe2)
1156#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0)
1157#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1)
1158#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2)
1159#define CKR_USER_ALREADY_LOGGED_IN (0x100)
1160#define CKR_USER_NOT_LOGGED_IN (0x101)
1161#define CKR_USER_PIN_NOT_INITIALIZED (0x102)
1162#define CKR_USER_TYPE_INVALID (0x103)
1163#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104)
1164#define CKR_USER_TOO_MANY_TYPES (0x105)
1165#define CKR_WRAPPED_KEY_INVALID (0x110)
1166#define CKR_WRAPPED_KEY_LEN_RANGE (0x112)
1167#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113)
1168#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114)
1169#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115)
1170#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120)
1171#define CKR_RANDOM_NO_RNG (0x121)
1172#define CKR_DOMAIN_PARAMS_INVALID (0x130)
1173#define CKR_BUFFER_TOO_SMALL (0x150)
1174#define CKR_SAVED_STATE_INVALID (0x160)
1175#define CKR_INFORMATION_SENSITIVE (0x170)
1176#define CKR_STATE_UNSAVEABLE (0x180)
1177#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190)
1178#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191)
1179#define CKR_MUTEX_BAD (0x1a0)
1180#define CKR_MUTEX_NOT_LOCKED (0x1a1)
1181#define CKR_FUNCTION_REJECTED (0x200)
Damien Miller1d2f8802013-12-05 10:22:03 +1100[diff] [blame]1182#define CKR_VENDOR_DEFINED (1U << 31)
Damien Millerd8f60022010-02-12 09:34:22 +1100[diff] [blame]1183
1184
1185
1186/* Compatibility layer. */
1187
1188#ifdef CRYPTOKI_COMPAT
1189
1190#undef CK_DEFINE_FUNCTION
1191#define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name
1192
1193/* For NULL. */
1194#include <stddef.h>
1195
1196typedef unsigned char CK_BYTE;
1197typedef unsigned char CK_CHAR;
1198typedef unsigned char CK_UTF8CHAR;
1199typedef unsigned char CK_BBOOL;
1200typedef unsigned long int CK_ULONG;
1201typedef long int CK_LONG;
1202typedef CK_BYTE *CK_BYTE_PTR;
1203typedef CK_CHAR *CK_CHAR_PTR;
1204typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR;
1205typedef CK_ULONG *CK_ULONG_PTR;
1206typedef void *CK_VOID_PTR;
1207typedef void **CK_VOID_PTR_PTR;
1208#define CK_FALSE 0
1209#define CK_TRUE 1
1210#ifndef CK_DISABLE_TRUE_FALSE
1211#ifndef FALSE
1212#define FALSE 0
1213#endif
1214#ifndef TRUE
1215#define TRUE 1
1216#endif
1217#endif
1218
1219typedef struct ck_version CK_VERSION;
1220typedef struct ck_version *CK_VERSION_PTR;
1221
1222typedef struct ck_info CK_INFO;
1223typedef struct ck_info *CK_INFO_PTR;
1224
1225typedef ck_slot_id_t *CK_SLOT_ID_PTR;
1226
1227typedef struct ck_slot_info CK_SLOT_INFO;
1228typedef struct ck_slot_info *CK_SLOT_INFO_PTR;
1229
1230typedef struct ck_token_info CK_TOKEN_INFO;
1231typedef struct ck_token_info *CK_TOKEN_INFO_PTR;
1232
1233typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR;
1234
1235typedef struct ck_session_info CK_SESSION_INFO;
1236typedef struct ck_session_info *CK_SESSION_INFO_PTR;
1237
1238typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR;
1239
1240typedef ck_object_class_t *CK_OBJECT_CLASS_PTR;
1241
1242typedef struct ck_attribute CK_ATTRIBUTE;
1243typedef struct ck_attribute *CK_ATTRIBUTE_PTR;
1244
1245typedef struct ck_date CK_DATE;
1246typedef struct ck_date *CK_DATE_PTR;
1247
1248typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR;
1249
1250typedef struct ck_mechanism CK_MECHANISM;
1251typedef struct ck_mechanism *CK_MECHANISM_PTR;
1252
1253typedef struct ck_mechanism_info CK_MECHANISM_INFO;
1254typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR;
1255
1256typedef struct ck_function_list CK_FUNCTION_LIST;
1257typedef struct ck_function_list *CK_FUNCTION_LIST_PTR;
1258typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR;
1259
1260typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS;
1261typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR;
1262
1263#define NULL_PTR NULL
1264
1265/* Delete the helper macros defined at the top of the file. */
1266#undef ck_flags_t
1267#undef ck_version
1268
1269#undef ck_info
1270#undef cryptoki_version
1271#undef manufacturer_id
1272#undef library_description
1273#undef library_version
1274
1275#undef ck_notification_t
1276#undef ck_slot_id_t
1277
1278#undef ck_slot_info
1279#undef slot_description
1280#undef hardware_version
1281#undef firmware_version
1282
1283#undef ck_token_info
1284#undef serial_number
1285#undef max_session_count
1286#undef session_count
1287#undef max_rw_session_count
1288#undef rw_session_count
1289#undef max_pin_len
1290#undef min_pin_len
1291#undef total_public_memory
1292#undef free_public_memory
1293#undef total_private_memory
1294#undef free_private_memory
1295#undef utc_time
1296
1297#undef ck_session_handle_t
1298#undef ck_user_type_t
1299#undef ck_state_t
1300
1301#undef ck_session_info
1302#undef slot_id
1303#undef device_error
1304
1305#undef ck_object_handle_t
1306#undef ck_object_class_t
1307#undef ck_hw_feature_type_t
1308#undef ck_key_type_t
1309#undef ck_certificate_type_t
1310#undef ck_attribute_type_t
1311
1312#undef ck_attribute
1313#undef value
1314#undef value_len
1315
1316#undef ck_date
1317
1318#undef ck_mechanism_type_t
1319
1320#undef ck_mechanism
1321#undef parameter
1322#undef parameter_len
1323
1324#undef ck_mechanism_info
1325#undef min_key_size
1326#undef max_key_size
1327
1328#undef ck_rv_t
1329#undef ck_notify_t
1330
1331#undef ck_function_list
1332
1333#undef ck_createmutex_t
1334#undef ck_destroymutex_t
1335#undef ck_lockmutex_t
1336#undef ck_unlockmutex_t
1337
1338#undef ck_c_initialize_args
1339#undef create_mutex
1340#undef destroy_mutex
1341#undef lock_mutex
1342#undef unlock_mutex
1343#undef reserved
1344
1345#endif /* CRYPTOKI_COMPAT */
1346
1347
1348/* System dependencies. */
1349#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
1350#pragma pack(pop, cryptoki)
1351#endif
1352
1353#if defined(__cplusplus)
1354}
1355#endif
1356
1357#endif /* PKCS11_H */