00001 /* pkcs11t.h include file for PKCS #11. */ 00002 /* $Revision: 1.4 $ */ 00003 00004 /* License to copy and use this software is granted provided that it is 00005 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 00006 * (Cryptoki)" in all material mentioning or referencing this software. 00007 00008 * License is also granted to make and use derivative works provided that 00009 * such works are identified as "derived from the RSA Security Inc. PKCS #11 00010 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 00011 * referencing the derived work. 00012 00013 * RSA Security Inc. makes no representations concerning either the 00014 * merchantability of this software or the suitability of this software for 00015 * any particular purpose. It is provided "as is" without express or implied 00016 * warranty of any kind. 00017 */ 00018 00019 /* See top of pkcs11.h for information about the macros that 00020 * must be defined and the structure-packing conventions that 00021 * must be set before including this file. */ 00022 00023 #ifndef _PKCS11T_H_ 00024 #define _PKCS11T_H_ 1 00025 00026 #ifndef CK_DISABLE_TRUE_FALSE 00027 #ifndef FALSE 00028 #define FALSE 0 00029 #endif 00030 00031 #ifndef TRUE 00032 #define TRUE !(FALSE) 00033 #endif 00034 #endif 00035 00036 #define CK_TRUE 1 00037 #define CK_FALSE 0 00038 00039 /* an unsigned 8-bit value */ 00040 typedef unsigned char CK_BYTE; 00041 00042 /* an unsigned 8-bit character */ 00043 typedef CK_BYTE CK_CHAR; 00044 00045 /* an 8-bit UTF-8 character */ 00046 typedef CK_BYTE CK_UTF8CHAR; 00047 00048 /* a BYTE-sized Boolean flag */ 00049 typedef CK_BYTE CK_BBOOL; 00050 00051 /* an unsigned value, at least 32 bits long */ 00052 typedef unsigned long int CK_ULONG; 00053 00054 /* a signed value, the same size as a CK_ULONG */ 00055 /* CK_LONG is new for v2.0 */ 00056 typedef long int CK_LONG; 00057 00058 /* at least 32 bits; each bit is a Boolean flag */ 00059 typedef CK_ULONG CK_FLAGS; 00060 00061 00062 /* some special values for certain CK_ULONG variables */ 00063 #define CK_UNAVAILABLE_INFORMATION (~0UL) 00064 #define CK_EFFECTIVELY_INFINITE 0 00065 00066 00067 typedef CK_BYTE CK_PTR CK_BYTE_PTR; 00068 typedef CK_CHAR CK_PTR CK_CHAR_PTR; 00069 typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; 00070 typedef CK_ULONG CK_PTR CK_ULONG_PTR; 00071 typedef void CK_PTR CK_VOID_PTR; 00072 00073 /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ 00074 typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; 00075 00076 00077 /* The following value is always invalid if used as a session */ 00078 /* handle or object handle */ 00079 #define CK_INVALID_HANDLE 0 00080 00081 00082 typedef struct CK_VERSION { 00083 CK_BYTE major; /* integer portion of version number */ 00084 CK_BYTE minor; /* 1/100ths portion of version number */ 00085 } CK_VERSION; 00086 00087 typedef CK_VERSION CK_PTR CK_VERSION_PTR; 00088 00089 00090 typedef struct CK_INFO { 00091 /* manufacturerID and libraryDecription have been changed from 00092 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00093 CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ 00094 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00095 CK_FLAGS flags; /* must be zero */ 00096 00097 /* libraryDescription and libraryVersion are new for v2.0 */ 00098 CK_UTF8CHAR libraryDescription[32]; /* blank padded */ 00099 CK_VERSION libraryVersion; /* version of library */ 00100 } CK_INFO; 00101 00102 typedef CK_INFO CK_PTR CK_INFO_PTR; 00103 00104 00105 /* CK_NOTIFICATION enumerates the types of notifications that 00106 * Cryptoki provides to an application */ 00107 /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG 00108 * for v2.0 */ 00109 typedef CK_ULONG CK_NOTIFICATION; 00110 #define CKN_SURRENDER 0 00111 00112 00113 typedef CK_ULONG CK_SLOT_ID; 00114 00115 typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; 00116 00117 00118 /* CK_SLOT_INFO provides information about a slot */ 00119 typedef struct CK_SLOT_INFO { 00120 /* slotDescription and manufacturerID have been changed from 00121 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00122 CK_UTF8CHAR slotDescription[64]; /* blank padded */ 00123 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00124 CK_FLAGS flags; 00125 00126 /* hardwareVersion and firmwareVersion are new for v2.0 */ 00127 CK_VERSION hardwareVersion; /* version of hardware */ 00128 CK_VERSION firmwareVersion; /* version of firmware */ 00129 } CK_SLOT_INFO; 00130 00131 /* flags: bit flags that provide capabilities of the slot 00132 * Bit Flag Mask Meaning 00133 */ 00134 #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ 00135 #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices */ 00136 #define CKF_HW_SLOT 0x00000004 /* hardware slot */ 00137 00138 typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; 00139 00140 00141 /* CK_TOKEN_INFO provides information about a token */ 00142 typedef struct CK_TOKEN_INFO { 00143 /* label, manufacturerID, and model have been changed from 00144 * CK_CHAR to CK_UTF8CHAR for v2.10 */ 00145 CK_UTF8CHAR label[32]; /* blank padded */ 00146 CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 00147 CK_UTF8CHAR model[16]; /* blank padded */ 00148 CK_CHAR serialNumber[16]; /* blank padded */ 00149 CK_FLAGS flags; /* see below */ 00150 00151 /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, 00152 * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been 00153 * changed from CK_USHORT to CK_ULONG for v2.0 */ 00154 CK_ULONG ulMaxSessionCount; /* max open sessions */ 00155 CK_ULONG ulSessionCount; /* sess. now open */ 00156 CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ 00157 CK_ULONG ulRwSessionCount; /* R/W sess. now open */ 00158 CK_ULONG ulMaxPinLen; /* in bytes */ 00159 CK_ULONG ulMinPinLen; /* in bytes */ 00160 CK_ULONG ulTotalPublicMemory; /* in bytes */ 00161 CK_ULONG ulFreePublicMemory; /* in bytes */ 00162 CK_ULONG ulTotalPrivateMemory; /* in bytes */ 00163 CK_ULONG ulFreePrivateMemory; /* in bytes */ 00164 00165 /* hardwareVersion, firmwareVersion, and time are new for 00166 * v2.0 */ 00167 CK_VERSION hardwareVersion; /* version of hardware */ 00168 CK_VERSION firmwareVersion; /* version of firmware */ 00169 CK_CHAR utcTime[16]; /* time */ 00170 } CK_TOKEN_INFO; 00171 00172 /* The flags parameter is defined as follows: 00173 * Bit Flag Mask Meaning 00174 */ 00175 #define CKF_RNG 0x00000001 /* has random # 00176 * generator */ 00177 #define CKF_WRITE_PROTECTED 0x00000002 /* token is 00178 * write- 00179 * protected */ 00180 #define CKF_LOGIN_REQUIRED 0x00000004 /* user must 00181 * login */ 00182 #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's 00183 * PIN is set */ 00184 00185 /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, 00186 * that means that *every* time the state of cryptographic 00187 * operations of a session is successfully saved, all keys 00188 * needed to continue those operations are stored in the state */ 00189 #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 00190 00191 /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means 00192 * that the token has some sort of clock. The time on that 00193 * clock is returned in the token info structure */ 00194 #define CKF_CLOCK_ON_TOKEN 0x00000040 00195 00196 /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is 00197 * set, that means that there is some way for the user to login 00198 * without sending a PIN through the Cryptoki library itself */ 00199 #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 00200 00201 /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, 00202 * that means that a single session with the token can perform 00203 * dual simultaneous cryptographic operations (digest and 00204 * encrypt; decrypt and digest; sign and encrypt; and decrypt 00205 * and sign) */ 00206 #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 00207 00208 /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the 00209 * token has been initialized using C_InitializeToken or an 00210 * equivalent mechanism outside the scope of PKCS #11. 00211 * Calling C_InitializeToken when this flag is set will cause 00212 * the token to be reinitialized. */ 00213 #define CKF_TOKEN_INITIALIZED 0x00000400 00214 00215 /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is 00216 * true, the token supports secondary authentication for 00217 * private key objects. */ 00218 #define CKF_SECONDARY_AUTHENTICATION 0x00000800 00219 00220 /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an 00221 * incorrect user login PIN has been entered at least once 00222 * since the last successful authentication. */ 00223 #define CKF_USER_PIN_COUNT_LOW 0x00010000 00224 00225 /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, 00226 * supplying an incorrect user PIN will it to become locked. */ 00227 #define CKF_USER_PIN_FINAL_TRY 0x00020000 00228 00229 /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the 00230 * user PIN has been locked. User login to the token is not 00231 * possible. */ 00232 #define CKF_USER_PIN_LOCKED 0x00040000 00233 00234 /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 00235 * the user PIN value is the default value set by token 00236 * initialization or manufacturing, or the PIN has been 00237 * expired by the card. */ 00238 #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 00239 00240 /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an 00241 * incorrect SO login PIN has been entered at least once since 00242 * the last successful authentication. */ 00243 #define CKF_SO_PIN_COUNT_LOW 0x00100000 00244 00245 /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, 00246 * supplying an incorrect SO PIN will it to become locked. */ 00247 #define CKF_SO_PIN_FINAL_TRY 0x00200000 00248 00249 /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO 00250 * PIN has been locked. SO login to the token is not possible. 00251 */ 00252 #define CKF_SO_PIN_LOCKED 0x00400000 00253 00254 /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 00255 * the SO PIN value is the default value set by token 00256 * initialization or manufacturing, or the PIN has been 00257 * expired by the card. */ 00258 #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 00259 00260 typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; 00261 00262 00263 /* CK_SESSION_HANDLE is a Cryptoki-assigned value that 00264 * identifies a session */ 00265 typedef CK_ULONG CK_SESSION_HANDLE; 00266 00267 typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 00268 00269 00270 /* CK_USER_TYPE enumerates the types of Cryptoki users */ 00271 /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for 00272 * v2.0 */ 00273 typedef CK_ULONG CK_USER_TYPE; 00274 /* Security Officer */ 00275 #define CKU_SO 0 00276 /* Normal user */ 00277 #define CKU_USER 1 00278 00279 00280 /* CK_STATE enumerates the session states */ 00281 /* CK_STATE has been changed from an enum to a CK_ULONG for 00282 * v2.0 */ 00283 typedef CK_ULONG CK_STATE; 00284 #define CKS_RO_PUBLIC_SESSION 0 00285 #define CKS_RO_USER_FUNCTIONS 1 00286 #define CKS_RW_PUBLIC_SESSION 2 00287 #define CKS_RW_USER_FUNCTIONS 3 00288 #define CKS_RW_SO_FUNCTIONS 4 00289 00290 00291 /* CK_SESSION_INFO provides information about a session */ 00292 typedef struct CK_SESSION_INFO { 00293 CK_SLOT_ID slotID; 00294 CK_STATE state; 00295 CK_FLAGS flags; /* see below */ 00296 00297 /* ulDeviceError was changed from CK_USHORT to CK_ULONG for 00298 * v2.0 */ 00299 CK_ULONG ulDeviceError; /* device-dependent error code */ 00300 } CK_SESSION_INFO; 00301 00302 /* The flags are defined in the following table: 00303 * Bit Flag Mask Meaning 00304 */ 00305 #define CKF_RW_SESSION 0x00000002 /* session is r/w */ 00306 #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ 00307 00308 typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; 00309 00310 00311 /* CK_OBJECT_HANDLE is a token-specific identifier for an 00312 * object */ 00313 typedef CK_ULONG CK_OBJECT_HANDLE; 00314 00315 typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; 00316 00317 00318 /* CK_OBJECT_CLASS is a value that identifies the classes (or 00319 * types) of objects that Cryptoki recognizes. It is defined 00320 * as follows: */ 00321 /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for 00322 * v2.0 */ 00323 typedef CK_ULONG CK_OBJECT_CLASS; 00324 00325 /* The following classes of objects are defined: */ 00326 /* CKO_HW_FEATURE is new for v2.10 */ 00327 /* CKO_DOMAIN_PARAMETERS is new for v2.11 */ 00328 #define CKO_DATA 0x00000000 00329 #define CKO_CERTIFICATE 0x00000001 00330 #define CKO_PUBLIC_KEY 0x00000002 00331 #define CKO_PRIVATE_KEY 0x00000003 00332 #define CKO_SECRET_KEY 0x00000004 00333 #define CKO_HW_FEATURE 0x00000005 00334 #define CKO_DOMAIN_PARAMETERS 0x00000006 00335 #define CKO_VENDOR_DEFINED 0x80000000 00336 00337 typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; 00338 00339 /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a 00340 * value that identifies the hardware feature type of an object 00341 * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ 00342 typedef CK_ULONG CK_HW_FEATURE_TYPE; 00343 00344 /* The following hardware feature types are defined */ 00345 #define CKH_MONOTONIC_COUNTER 0x00000001 00346 #define CKH_CLOCK 0x00000002 00347 #define CKH_VENDOR_DEFINED 0x80000000 00348 00349 /* CK_KEY_TYPE is a value that identifies a key type */ 00350 /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ 00351 typedef CK_ULONG CK_KEY_TYPE; 00352 00353 /* the following key types are defined: */ 00354 #define CKK_RSA 0x00000000 00355 #define CKK_DSA 0x00000001 00356 #define CKK_DH 0x00000002 00357 00358 /* CKK_ECDSA and CKK_KEA are new for v2.0 */ 00359 /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ 00360 #define CKK_ECDSA 0x00000003 00361 #define CKK_EC 0x00000003 00362 #define CKK_X9_42_DH 0x00000004 00363 #define CKK_KEA 0x00000005 00364 00365 #define CKK_GENERIC_SECRET 0x00000010 00366 #define CKK_RC2 0x00000011 00367 #define CKK_RC4 0x00000012 00368 #define CKK_DES 0x00000013 00369 #define CKK_DES2 0x00000014 00370 #define CKK_DES3 0x00000015 00371 00372 /* all these key types are new for v2.0 */ 00373 #define CKK_CAST 0x00000016 00374 #define CKK_CAST3 0x00000017 00375 /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ 00376 #define CKK_CAST5 0x00000018 00377 #define CKK_CAST128 0x00000018 00378 #define CKK_RC5 0x00000019 00379 #define CKK_IDEA 0x0000001A 00380 #define CKK_SKIPJACK 0x0000001B 00381 #define CKK_BATON 0x0000001C 00382 #define CKK_JUNIPER 0x0000001D 00383 #define CKK_CDMF 0x0000001E 00384 #define CKK_AES 0x0000001F 00385 00386 #define CKK_VENDOR_DEFINED 0x80000000 00387 00388 00389 /* CK_CERTIFICATE_TYPE is a value that identifies a certificate 00390 * type */ 00391 /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG 00392 * for v2.0 */ 00393 typedef CK_ULONG CK_CERTIFICATE_TYPE; 00394 00395 /* The following certificate types are defined: */ 00396 /* CKC_X_509_ATTR_CERT is new for v2.10 */ 00397 #define CKC_X_509 0x00000000 00398 #define CKC_X_509_ATTR_CERT 0x00000001 00399 #define CKC_VENDOR_DEFINED 0x80000000 00400 00401 00402 /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute 00403 * type */ 00404 /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for 00405 * v2.0 */ 00406 typedef CK_ULONG CK_ATTRIBUTE_TYPE; 00407 00408 /* The following attribute types are defined: */ 00409 #define CKA_CLASS 0x00000000 00410 #define CKA_TOKEN 0x00000001 00411 #define CKA_PRIVATE 0x00000002 00412 #define CKA_LABEL 0x00000003 00413 #define CKA_APPLICATION 0x00000010 00414 #define CKA_VALUE 0x00000011 00415 00416 /* CKA_OBJECT_ID is new for v2.10 */ 00417 #define CKA_OBJECT_ID 0x00000012 00418 00419 #define CKA_CERTIFICATE_TYPE 0x00000080 00420 #define CKA_ISSUER 0x00000081 00421 #define CKA_SERIAL_NUMBER 0x00000082 00422 00423 /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new 00424 * for v2.10 */ 00425 #define CKA_AC_ISSUER 0x00000083 00426 #define CKA_OWNER 0x00000084 00427 #define CKA_ATTR_TYPES 0x00000085 00428 00429 /* CKA_TRUSTED is new for v2.11 */ 00430 #define CKA_TRUSTED 0x00000086 00431 00432 #define CKA_KEY_TYPE 0x00000100 00433 #define CKA_SUBJECT 0x00000101 00434 #define CKA_ID 0x00000102 00435 #define CKA_SENSITIVE 0x00000103 00436 #define CKA_ENCRYPT 0x00000104 00437 #define CKA_DECRYPT 0x00000105 00438 #define CKA_WRAP 0x00000106 00439 #define CKA_UNWRAP 0x00000107 00440 #define CKA_SIGN 0x00000108 00441 #define CKA_SIGN_RECOVER 0x00000109 00442 #define CKA_VERIFY 0x0000010A 00443 #define CKA_VERIFY_RECOVER 0x0000010B 00444 #define CKA_DERIVE 0x0000010C 00445 #define CKA_START_DATE 0x00000110 00446 #define CKA_END_DATE 0x00000111 00447 #define CKA_MODULUS 0x00000120 00448 #define CKA_MODULUS_BITS 0x00000121 00449 #define CKA_PUBLIC_EXPONENT 0x00000122 00450 #define CKA_PRIVATE_EXPONENT 0x00000123 00451 #define CKA_PRIME_1 0x00000124 00452 #define CKA_PRIME_2 0x00000125 00453 #define CKA_EXPONENT_1 0x00000126 00454 #define CKA_EXPONENT_2 0x00000127 00455 #define CKA_COEFFICIENT 0x00000128 00456 #define CKA_PRIME 0x00000130 00457 #define CKA_SUBPRIME 0x00000131 00458 #define CKA_BASE 0x00000132 00459 00460 /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ 00461 #define CKA_PRIME_BITS 0x00000133 00462 #define CKA_SUBPRIME_BITS 0x00000134 00463 #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS 00464 /* (To retain backwards-compatibility) */ 00465 00466 #define CKA_VALUE_BITS 0x00000160 00467 #define CKA_VALUE_LEN 0x00000161 00468 00469 /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, 00470 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, 00471 * and CKA_EC_POINT are new for v2.0 */ 00472 #define CKA_EXTRACTABLE 0x00000162 00473 #define CKA_LOCAL 0x00000163 00474 #define CKA_NEVER_EXTRACTABLE 0x00000164 00475 #define CKA_ALWAYS_SENSITIVE 0x00000165 00476 00477 /* CKA_KEY_GEN_MECHANISM is new for v2.11 */ 00478 #define CKA_KEY_GEN_MECHANISM 0x00000166 00479 00480 #define CKA_MODIFIABLE 0x00000170 00481 00482 /* CKA_ECDSA_PARAMS is deprecated in v2.11, 00483 * CKA_EC_PARAMS is preferred. */ 00484 #define CKA_ECDSA_PARAMS 0x00000180 00485 #define CKA_EC_PARAMS 0x00000180 00486 00487 #define CKA_EC_POINT 0x00000181 00488 00489 /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, 00490 * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET 00491 * are new for v2.10 */ 00492 #define CKA_SECONDARY_AUTH 0x00000200 00493 #define CKA_AUTH_PIN_FLAGS 0x00000201 00494 #define CKA_HW_FEATURE_TYPE 0x00000300 00495 #define CKA_RESET_ON_INIT 0x00000301 00496 #define CKA_HAS_RESET 0x00000302 00497 00498 #define CKA_VENDOR_DEFINED 0x80000000 00499 00500 00501 /* CK_ATTRIBUTE is a structure that includes the type, length 00502 * and value of an attribute */ 00503 typedef struct CK_ATTRIBUTE { 00504 CK_ATTRIBUTE_TYPE type; 00505 CK_VOID_PTR pValue; 00506 00507 /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ 00508 CK_ULONG ulValueLen; /* in bytes */ 00509 } CK_ATTRIBUTE; 00510 00511 typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; 00512 00513 00514 /* CK_DATE is a structure that defines a date */ 00515 typedef struct CK_DATE { 00516 CK_CHAR year[4]; /* the year ("1900" - "9999") */ 00517 CK_CHAR month[2]; /* the month ("01" - "12") */ 00518 CK_CHAR day[2]; /* the day ("01" - "31") */ 00519 } CK_DATE; 00520 00521 00522 /* CK_MECHANISM_TYPE is a value that identifies a mechanism 00523 * type */ 00524 /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for 00525 * v2.0 */ 00526 typedef CK_ULONG CK_MECHANISM_TYPE; 00527 00528 /* the following mechanism types are defined: */ 00529 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 00530 #define CKM_RSA_PKCS 0x00000001 00531 #define CKM_RSA_9796 0x00000002 00532 #define CKM_RSA_X_509 0x00000003 00533 00534 /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS 00535 * are new for v2.0. They are mechanisms which hash and sign */ 00536 #define CKM_MD2_RSA_PKCS 0x00000004 00537 #define CKM_MD5_RSA_PKCS 0x00000005 00538 #define CKM_SHA1_RSA_PKCS 0x00000006 00539 00540 /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and 00541 * CKM_RSA_PKCS_OAEP are new for v2.10 */ 00542 #define CKM_RIPEMD128_RSA_PKCS 0x00000007 00543 #define CKM_RIPEMD160_RSA_PKCS 0x00000008 00544 #define CKM_RSA_PKCS_OAEP 0x00000009 00545 00546 /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, 00547 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ 00548 #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A 00549 #define CKM_RSA_X9_31 0x0000000B 00550 #define CKM_SHA1_RSA_X9_31 0x0000000C 00551 #define CKM_RSA_PKCS_PSS 0x0000000D 00552 #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E 00553 00554 #define CKM_DSA_KEY_PAIR_GEN 0x00000010 00555 #define CKM_DSA 0x00000011 00556 #define CKM_DSA_SHA1 0x00000012 00557 #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 00558 #define CKM_DH_PKCS_DERIVE 0x00000021 00559 00560 /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, 00561 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for 00562 * v2.11 */ 00563 #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 00564 #define CKM_X9_42_DH_DERIVE 0x00000031 00565 #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 00566 #define CKM_X9_42_MQV_DERIVE 0x00000033 00567 00568 #define CKM_RC2_KEY_GEN 0x00000100 00569 #define CKM_RC2_ECB 0x00000101 00570 #define CKM_RC2_CBC 0x00000102 00571 #define CKM_RC2_MAC 0x00000103 00572 00573 /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ 00574 #define CKM_RC2_MAC_GENERAL 0x00000104 00575 #define CKM_RC2_CBC_PAD 0x00000105 00576 00577 #define CKM_RC4_KEY_GEN 0x00000110 00578 #define CKM_RC4 0x00000111 00579 #define CKM_DES_KEY_GEN 0x00000120 00580 #define CKM_DES_ECB 0x00000121 00581 #define CKM_DES_CBC 0x00000122 00582 #define CKM_DES_MAC 0x00000123 00583 00584 /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ 00585 #define CKM_DES_MAC_GENERAL 0x00000124 00586 #define CKM_DES_CBC_PAD 0x00000125 00587 00588 #define CKM_DES2_KEY_GEN 0x00000130 00589 #define CKM_DES3_KEY_GEN 0x00000131 00590 #define CKM_DES3_ECB 0x00000132 00591 #define CKM_DES3_CBC 0x00000133 00592 #define CKM_DES3_MAC 0x00000134 00593 00594 /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, 00595 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, 00596 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ 00597 #define CKM_DES3_MAC_GENERAL 0x00000135 00598 #define CKM_DES3_CBC_PAD 0x00000136 00599 #define CKM_CDMF_KEY_GEN 0x00000140 00600 #define CKM_CDMF_ECB 0x00000141 00601 #define CKM_CDMF_CBC 0x00000142 00602 #define CKM_CDMF_MAC 0x00000143 00603 #define CKM_CDMF_MAC_GENERAL 0x00000144 00604 #define CKM_CDMF_CBC_PAD 0x00000145 00605 00606 #define CKM_MD2 0x00000200 00607 00608 /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ 00609 #define CKM_MD2_HMAC 0x00000201 00610 #define CKM_MD2_HMAC_GENERAL 0x00000202 00611 00612 #define CKM_MD5 0x00000210 00613 00614 /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ 00615 #define CKM_MD5_HMAC 0x00000211 00616 #define CKM_MD5_HMAC_GENERAL 0x00000212 00617 00618 #define CKM_SHA_1 0x00000220 00619 00620 /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ 00621 #define CKM_SHA_1_HMAC 0x00000221 00622 #define CKM_SHA_1_HMAC_GENERAL 0x00000222 00623 00624 /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, 00625 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, 00626 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ 00627 #define CKM_RIPEMD128 0x00000230 00628 #define CKM_RIPEMD128_HMAC 0x00000231 00629 #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 00630 #define CKM_RIPEMD160 0x00000240 00631 #define CKM_RIPEMD160_HMAC 0x00000241 00632 #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 00633 00634 /* All of the following mechanisms are new for v2.0 */ 00635 /* Note that CAST128 and CAST5 are the same algorithm */ 00636 #define CKM_CAST_KEY_GEN 0x00000300 00637 #define CKM_CAST_ECB 0x00000301 00638 #define CKM_CAST_CBC 0x00000302 00639 #define CKM_CAST_MAC 0x00000303 00640 #define CKM_CAST_MAC_GENERAL 0x00000304 00641 #define CKM_CAST_CBC_PAD 0x00000305 00642 #define CKM_CAST3_KEY_GEN 0x00000310 00643 #define CKM_CAST3_ECB 0x00000311 00644 #define CKM_CAST3_CBC 0x00000312 00645 #define CKM_CAST3_MAC 0x00000313 00646 #define CKM_CAST3_MAC_GENERAL 0x00000314 00647 #define CKM_CAST3_CBC_PAD 0x00000315 00648 #define CKM_CAST5_KEY_GEN 0x00000320 00649 #define CKM_CAST128_KEY_GEN 0x00000320 00650 #define CKM_CAST5_ECB 0x00000321 00651 #define CKM_CAST128_ECB 0x00000321 00652 #define CKM_CAST5_CBC 0x00000322 00653 #define CKM_CAST128_CBC 0x00000322 00654 #define CKM_CAST5_MAC 0x00000323 00655 #define CKM_CAST128_MAC 0x00000323 00656 #define CKM_CAST5_MAC_GENERAL 0x00000324 00657 #define CKM_CAST128_MAC_GENERAL 0x00000324 00658 #define CKM_CAST5_CBC_PAD 0x00000325 00659 #define CKM_CAST128_CBC_PAD 0x00000325 00660 #define CKM_RC5_KEY_GEN 0x00000330 00661 #define CKM_RC5_ECB 0x00000331 00662 #define CKM_RC5_CBC 0x00000332 00663 #define CKM_RC5_MAC 0x00000333 00664 #define CKM_RC5_MAC_GENERAL 0x00000334 00665 #define CKM_RC5_CBC_PAD 0x00000335 00666 #define CKM_IDEA_KEY_GEN 0x00000340 00667 #define CKM_IDEA_ECB 0x00000341 00668 #define CKM_IDEA_CBC 0x00000342 00669 #define CKM_IDEA_MAC 0x00000343 00670 #define CKM_IDEA_MAC_GENERAL 0x00000344 00671 #define CKM_IDEA_CBC_PAD 0x00000345 00672 #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 00673 #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 00674 #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 00675 #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 00676 #define CKM_XOR_BASE_AND_DATA 0x00000364 00677 #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 00678 #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 00679 #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 00680 #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 00681 00682 /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, 00683 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and 00684 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ 00685 #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 00686 #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 00687 #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 00688 #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 00689 #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 00690 00691 #define CKM_SSL3_MD5_MAC 0x00000380 00692 #define CKM_SSL3_SHA1_MAC 0x00000381 00693 #define CKM_MD5_KEY_DERIVATION 0x00000390 00694 #define CKM_MD2_KEY_DERIVATION 0x00000391 00695 #define CKM_SHA1_KEY_DERIVATION 0x00000392 00696 #define CKM_PBE_MD2_DES_CBC 0x000003A0 00697 #define CKM_PBE_MD5_DES_CBC 0x000003A1 00698 #define CKM_PBE_MD5_CAST_CBC 0x000003A2 00699 #define CKM_PBE_MD5_CAST3_CBC 0x000003A3 00700 #define CKM_PBE_MD5_CAST5_CBC 0x000003A4 00701 #define CKM_PBE_MD5_CAST128_CBC 0x000003A4 00702 #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 00703 #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 00704 #define CKM_PBE_SHA1_RC4_128 0x000003A6 00705 #define CKM_PBE_SHA1_RC4_40 0x000003A7 00706 #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 00707 #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 00708 #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA 00709 #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB 00710 00711 /* CKM_PKCS5_PBKD2 is new for v2.10 */ 00712 #define CKM_PKCS5_PBKD2 0x000003B0 00713 00714 #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 00715 #define CKM_KEY_WRAP_LYNKS 0x00000400 00716 #define CKM_KEY_WRAP_SET_OAEP 0x00000401 00717 00718 /* Fortezza mechanisms */ 00719 #define CKM_SKIPJACK_KEY_GEN 0x00001000 00720 #define CKM_SKIPJACK_ECB64 0x00001001 00721 #define CKM_SKIPJACK_CBC64 0x00001002 00722 #define CKM_SKIPJACK_OFB64 0x00001003 00723 #define CKM_SKIPJACK_CFB64 0x00001004 00724 #define CKM_SKIPJACK_CFB32 0x00001005 00725 #define CKM_SKIPJACK_CFB16 0x00001006 00726 #define CKM_SKIPJACK_CFB8 0x00001007 00727 #define CKM_SKIPJACK_WRAP 0x00001008 00728 #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 00729 #define CKM_SKIPJACK_RELAYX 0x0000100a 00730 #define CKM_KEA_KEY_PAIR_GEN 0x00001010 00731 #define CKM_KEA_KEY_DERIVE 0x00001011 00732 #define CKM_FORTEZZA_TIMESTAMP 0x00001020 00733 #define CKM_BATON_KEY_GEN 0x00001030 00734 #define CKM_BATON_ECB128 0x00001031 00735 #define CKM_BATON_ECB96 0x00001032 00736 #define CKM_BATON_CBC128 0x00001033 00737 #define CKM_BATON_COUNTER 0x00001034 00738 #define CKM_BATON_SHUFFLE 0x00001035 00739 #define CKM_BATON_WRAP 0x00001036 00740 00741 /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, 00742 * CKM_EC_KEY_PAIR_GEN is preferred */ 00743 #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 00744 #define CKM_EC_KEY_PAIR_GEN 0x00001040 00745 00746 #define CKM_ECDSA 0x00001041 00747 #define CKM_ECDSA_SHA1 0x00001042 00748 00749 /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE 00750 * are new for v2.11 */ 00751 #define CKM_ECDH1_DERIVE 0x00001050 00752 #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 00753 #define CKM_ECMQV_DERIVE 0x00001052 00754 00755 #define CKM_JUNIPER_KEY_GEN 0x00001060 00756 #define CKM_JUNIPER_ECB128 0x00001061 00757 #define CKM_JUNIPER_CBC128 0x00001062 00758 #define CKM_JUNIPER_COUNTER 0x00001063 00759 #define CKM_JUNIPER_SHUFFLE 0x00001064 00760 #define CKM_JUNIPER_WRAP 0x00001065 00761 #define CKM_FASTHASH 0x00001070 00762 00763 /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, 00764 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, 00765 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are 00766 * new for v2.11 */ 00767 #define CKM_AES_KEY_GEN 0x00001080 00768 #define CKM_AES_ECB 0x00001081 00769 #define CKM_AES_CBC 0x00001082 00770 #define CKM_AES_MAC 0x00001083 00771 #define CKM_AES_MAC_GENERAL 0x00001084 00772 #define CKM_AES_CBC_PAD 0x00001085 00773 #define CKM_DSA_PARAMETER_GEN 0x00002000 00774 #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 00775 #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 00776 00777 #define CKM_VENDOR_DEFINED 0x80000000 00778 00779 typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; 00780 00781 00782 /* CK_MECHANISM is a structure that specifies a particular 00783 * mechanism */ 00784 typedef struct CK_MECHANISM { 00785 CK_MECHANISM_TYPE mechanism; 00786 CK_VOID_PTR pParameter; 00787 00788 /* ulParameterLen was changed from CK_USHORT to CK_ULONG for 00789 * v2.0 */ 00790 CK_ULONG ulParameterLen; /* in bytes */ 00791 } CK_MECHANISM; 00792 00793 typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; 00794 00795 00796 /* CK_MECHANISM_INFO provides information about a particular 00797 * mechanism */ 00798 typedef struct CK_MECHANISM_INFO { 00799 CK_ULONG ulMinKeySize; 00800 CK_ULONG ulMaxKeySize; 00801 CK_FLAGS flags; 00802 } CK_MECHANISM_INFO; 00803 00804 /* The flags are defined as follows: 00805 * Bit Flag Mask Meaning */ 00806 #define CKF_HW 0x00000001 /* performed by HW */ 00807 00808 /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, 00809 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, 00810 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, 00811 * and CKF_DERIVE are new for v2.0. They specify whether or not 00812 * a mechanism can be used for a particular task */ 00813 #define CKF_ENCRYPT 0x00000100 00814 #define CKF_DECRYPT 0x00000200 00815 #define CKF_DIGEST 0x00000400 00816 #define CKF_SIGN 0x00000800 00817 #define CKF_SIGN_RECOVER 0x00001000 00818 #define CKF_VERIFY 0x00002000 00819 #define CKF_VERIFY_RECOVER 0x00004000 00820 #define CKF_GENERATE 0x00008000 00821 #define CKF_GENERATE_KEY_PAIR 0x00010000 00822 #define CKF_WRAP 0x00020000 00823 #define CKF_UNWRAP 0x00040000 00824 #define CKF_DERIVE 0x00080000 00825 00826 /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, 00827 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They 00828 * describe a token's EC capabilities not available in mechanism 00829 * information. */ 00830 #define CKF_EC_F_P 0x00100000 00831 #define CKF_EC_F_2M 0x00200000 00832 #define CKF_EC_ECPARAMETERS 0x00400000 00833 #define CKF_EC_NAMEDCURVE 0x00800000 00834 #define CKF_EC_UNCOMPRESS 0x01000000 00835 #define CKF_EC_COMPRESS 0x02000000 00836 00837 #define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */ 00838 00839 typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; 00840 00841 00842 /* CK_RV is a value that identifies the return value of a 00843 * Cryptoki function */ 00844 /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ 00845 typedef CK_ULONG CK_RV; 00846 00847 #define CKR_OK 0x00000000 00848 #define CKR_CANCEL 0x00000001 00849 #define CKR_HOST_MEMORY 0x00000002 00850 #define CKR_SLOT_ID_INVALID 0x00000003 00851 00852 /* CKR_FLAGS_INVALID was removed for v2.0 */ 00853 00854 /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ 00855 #define CKR_GENERAL_ERROR 0x00000005 00856 #define CKR_FUNCTION_FAILED 0x00000006 00857 00858 /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, 00859 * and CKR_CANT_LOCK are new for v2.01 */ 00860 #define CKR_ARGUMENTS_BAD 0x00000007 00861 #define CKR_NO_EVENT 0x00000008 00862 #define CKR_NEED_TO_CREATE_THREADS 0x00000009 00863 #define CKR_CANT_LOCK 0x0000000A 00864 00865 #define CKR_ATTRIBUTE_READ_ONLY 0x00000010 00866 #define CKR_ATTRIBUTE_SENSITIVE 0x00000011 00867 #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 00868 #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 00869 #define CKR_DATA_INVALID 0x00000020 00870 #define CKR_DATA_LEN_RANGE 0x00000021 00871 #define CKR_DEVICE_ERROR 0x00000030 00872 #define CKR_DEVICE_MEMORY 0x00000031 00873 #define CKR_DEVICE_REMOVED 0x00000032 00874 #define CKR_ENCRYPTED_DATA_INVALID 0x00000040 00875 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 00876 #define CKR_FUNCTION_CANCELED 0x00000050 00877 #define CKR_FUNCTION_NOT_PARALLEL 0x00000051 00878 00879 /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ 00880 #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 00881 00882 #define CKR_KEY_HANDLE_INVALID 0x00000060 00883 00884 /* CKR_KEY_SENSITIVE was removed for v2.0 */ 00885 00886 #define CKR_KEY_SIZE_RANGE 0x00000062 00887 #define CKR_KEY_TYPE_INCONSISTENT 0x00000063 00888 00889 /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, 00890 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, 00891 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for 00892 * v2.0 */ 00893 #define CKR_KEY_NOT_NEEDED 0x00000064 00894 #define CKR_KEY_CHANGED 0x00000065 00895 #define CKR_KEY_NEEDED 0x00000066 00896 #define CKR_KEY_INDIGESTIBLE 0x00000067 00897 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 00898 #define CKR_KEY_NOT_WRAPPABLE 0x00000069 00899 #define CKR_KEY_UNEXTRACTABLE 0x0000006A 00900 00901 #define CKR_MECHANISM_INVALID 0x00000070 00902 #define CKR_MECHANISM_PARAM_INVALID 0x00000071 00903 00904 /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID 00905 * were removed for v2.0 */ 00906 #define CKR_OBJECT_HANDLE_INVALID 0x00000082 00907 #define CKR_OPERATION_ACTIVE 0x00000090 00908 #define CKR_OPERATION_NOT_INITIALIZED 0x00000091 00909 #define CKR_PIN_INCORRECT 0x000000A0 00910 #define CKR_PIN_INVALID 0x000000A1 00911 #define CKR_PIN_LEN_RANGE 0x000000A2 00912 00913 /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ 00914 #define CKR_PIN_EXPIRED 0x000000A3 00915 #define CKR_PIN_LOCKED 0x000000A4 00916 00917 #define CKR_SESSION_CLOSED 0x000000B0 00918 #define CKR_SESSION_COUNT 0x000000B1 00919 #define CKR_SESSION_HANDLE_INVALID 0x000000B3 00920 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 00921 #define CKR_SESSION_READ_ONLY 0x000000B5 00922 #define CKR_SESSION_EXISTS 0x000000B6 00923 00924 /* CKR_SESSION_READ_ONLY_EXISTS and 00925 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ 00926 #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 00927 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 00928 00929 #define CKR_SIGNATURE_INVALID 0x000000C0 00930 #define CKR_SIGNATURE_LEN_RANGE 0x000000C1 00931 #define CKR_TEMPLATE_INCOMPLETE 0x000000D0 00932 #define CKR_TEMPLATE_INCONSISTENT 0x000000D1 00933 #define CKR_TOKEN_NOT_PRESENT 0x000000E0 00934 #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 00935 #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 00936 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 00937 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 00938 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 00939 #define CKR_USER_ALREADY_LOGGED_IN 0x00000100 00940 #define CKR_USER_NOT_LOGGED_IN 0x00000101 00941 #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 00942 #define CKR_USER_TYPE_INVALID 0x00000103 00943 00944 /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES 00945 * are new to v2.01 */ 00946 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 00947 #define CKR_USER_TOO_MANY_TYPES 0x00000105 00948 00949 #define CKR_WRAPPED_KEY_INVALID 0x00000110 00950 #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 00951 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 00952 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 00953 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 00954 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 00955 00956 /* These are new to v2.0 */ 00957 #define CKR_RANDOM_NO_RNG 0x00000121 00958 00959 /* These are new to v2.11 */ 00960 #define CKR_DOMAIN_PARAMS_INVALID 0x00000130 00961 00962 /* These are new to v2.0 */ 00963 #define CKR_BUFFER_TOO_SMALL 0x00000150 00964 #define CKR_SAVED_STATE_INVALID 0x00000160 00965 #define CKR_INFORMATION_SENSITIVE 0x00000170 00966 #define CKR_STATE_UNSAVEABLE 0x00000180 00967 00968 /* These are new to v2.01 */ 00969 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 00970 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 00971 #define CKR_MUTEX_BAD 0x000001A0 00972 #define CKR_MUTEX_NOT_LOCKED 0x000001A1 00973 00974 #define CKR_VENDOR_DEFINED 0x80000000 00975 00976 00977 /* CK_NOTIFY is an application callback that processes events */ 00978 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY) (CK_SESSION_HANDLE hSession, /* the session's handle */ 00979 CK_NOTIFICATION event, CK_VOID_PTR pApplication /* passed to C_OpenSession */ 00980 ); 00981 00982 00983 /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec 00984 * version and pointers of appropriate types to all the 00985 * Cryptoki functions */ 00986 /* CK_FUNCTION_LIST is new for v2.0 */ 00987 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 00988 00989 typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; 00990 00991 typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; 00992 00993 00994 /* CK_CREATEMUTEX is an application callback for creating a 00995 * mutex object */ 00996 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX) (CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ 00997 ); 00998 00999 01000 /* CK_DESTROYMUTEX is an application callback for destroying a 01001 * mutex object */ 01002 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX) (CK_VOID_PTR pMutex /* pointer to mutex */ 01003 ); 01004 01005 01006 /* CK_LOCKMUTEX is an application callback for locking a mutex */ 01007 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX) (CK_VOID_PTR pMutex /* pointer to mutex */ 01008 ); 01009 01010 01011 /* CK_UNLOCKMUTEX is an application callback for unlocking a 01012 * mutex */ 01013 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX) (CK_VOID_PTR pMutex /* pointer to mutex */ 01014 ); 01015 01016 01017 /* CK_C_INITIALIZE_ARGS provides the optional arguments to 01018 * C_Initialize */ 01019 typedef struct CK_C_INITIALIZE_ARGS { 01020 CK_CREATEMUTEX CreateMutex; 01021 CK_DESTROYMUTEX DestroyMutex; 01022 CK_LOCKMUTEX LockMutex; 01023 CK_UNLOCKMUTEX UnlockMutex; 01024 CK_FLAGS flags; 01025 CK_VOID_PTR pReserved; 01026 } CK_C_INITIALIZE_ARGS; 01027 01028 /* flags: bit flags that provide capabilities of the slot 01029 * Bit Flag Mask Meaning 01030 */ 01031 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 01032 #define CKF_OS_LOCKING_OK 0x00000002 01033 01034 typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; 01035 01036 01037 /* additional flags for parameters to functions */ 01038 01039 /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ 01040 #define CKF_DONT_BLOCK 1 01041 01042 /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. 01043 * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message 01044 * Generation Function (MGF) applied to a message block when 01045 * formatting a message block for the PKCS #1 OAEP encryption 01046 * scheme. */ 01047 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 01048 01049 typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; 01050 01051 /* The following MGFs are defined */ 01052 #define CKG_MGF1_SHA1 0x00000001 01053 01054 /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. 01055 * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source 01056 * of the encoding parameter when formatting a message block 01057 * for the PKCS #1 OAEP encryption scheme. */ 01058 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 01059 01060 typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; 01061 01062 /* The following encoding parameter sources are defined */ 01063 #define CKZ_DATA_SPECIFIED 0x00000001 01064 01065 /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. 01066 * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the 01067 * CKM_RSA_PKCS_OAEP mechanism. */ 01068 typedef struct CK_RSA_PKCS_OAEP_PARAMS { 01069 CK_MECHANISM_TYPE hashAlg; 01070 CK_RSA_PKCS_MGF_TYPE mgf; 01071 CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 01072 CK_VOID_PTR pSourceData; 01073 CK_ULONG ulSourceDataLen; 01074 } CK_RSA_PKCS_OAEP_PARAMS; 01075 01076 typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; 01077 01078 /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. 01079 * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the 01080 * CKM_RSA_PKCS_PSS mechanism(s). */ 01081 typedef struct CK_RSA_PKCS_PSS_PARAMS { 01082 CK_MECHANISM_TYPE hashAlg; 01083 CK_RSA_PKCS_MGF_TYPE mgf; 01084 CK_ULONG sLen; 01085 } CK_RSA_PKCS_PSS_PARAMS; 01086 01087 typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; 01088 01089 /* CK_EC_KDF_TYPE is new for v2.11. */ 01090 typedef CK_ULONG CK_EC_KDF_TYPE; 01091 01092 /* The following EC Key Derivation Functions are defined */ 01093 #define CKD_NULL 0x00000001 01094 #define CKD_SHA1_KDF 0x00000002 01095 01096 /* CK_ECDH1_DERIVE_PARAMS is new for v2.11. 01097 * CK_ECDH1_DERIVE_PARAMS provides the parameters to the 01098 * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, 01099 * where each party contributes one key pair. 01100 */ 01101 typedef struct CK_ECDH1_DERIVE_PARAMS { 01102 CK_EC_KDF_TYPE kdf; 01103 CK_ULONG ulSharedDataLen; 01104 CK_BYTE_PTR pSharedData; 01105 CK_ULONG ulPublicDataLen; 01106 CK_BYTE_PTR pPublicData; 01107 } CK_ECDH1_DERIVE_PARAMS; 01108 01109 typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; 01110 01111 01112 /* CK_ECDH2_DERIVE_PARAMS is new for v2.11. 01113 * CK_ECDH2_DERIVE_PARAMS provides the parameters to the 01114 * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */ 01115 typedef struct CK_ECDH2_DERIVE_PARAMS { 01116 CK_EC_KDF_TYPE kdf; 01117 CK_ULONG ulSharedDataLen; 01118 CK_BYTE_PTR pSharedData; 01119 CK_ULONG ulPublicDataLen; 01120 CK_BYTE_PTR pPublicData; 01121 CK_ULONG ulPrivateDataLen; 01122 CK_OBJECT_HANDLE hPrivateData; 01123 CK_ULONG ulPublicDataLen2; 01124 CK_BYTE_PTR pPublicData2; 01125 } CK_ECDH2_DERIVE_PARAMS; 01126 01127 typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; 01128 01129 /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the 01130 * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */ 01131 typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; 01132 typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; 01133 01134 /* The following X9.42 DH key derivation functions are defined: */ 01135 #define CKD_NULL 0x00000001 01136 #define CKD_SHA1_KDF_ASN1 0x00000003 01137 #define CKD_SHA1_KDF_CONCATENATE 0x00000004 01138 01139 /* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11. 01140 * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the 01141 * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party 01142 * contributes one key pair */ 01143 typedef struct CK_X9_42_DH1_DERIVE_PARAMS { 01144 CK_X9_42_DH_KDF_TYPE kdf; 01145 CK_ULONG ulOtherInfoLen; 01146 CK_BYTE_PTR pOtherInfo; 01147 CK_ULONG ulPublicDataLen; 01148 CK_BYTE_PTR pPublicData; 01149 } CK_X9_42_DH1_DERIVE_PARAMS; 01150 01151 typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; 01152 01153 /* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11. 01154 * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the 01155 * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation 01156 * mechanisms, where each party contributes two key pairs */ 01157 typedef struct CK_X9_42_DH2_DERIVE_PARAMS { 01158 CK_X9_42_DH_KDF_TYPE kdf; 01159 CK_ULONG ulOtherInfoLen; 01160 CK_BYTE_PTR pOtherInfo; 01161 CK_ULONG ulPublicDataLen; 01162 CK_BYTE_PTR pPublicData; 01163 CK_ULONG ulPrivateDataLen; 01164 CK_OBJECT_HANDLE hPrivateData; 01165 CK_ULONG ulPublicDataLen2; 01166 CK_BYTE_PTR pPublicData2; 01167 } CK_X9_42_DH2_DERIVE_PARAMS; 01168 01169 typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; 01170 01171 /* CK_KEA_DERIVE_PARAMS provides the parameters to the 01172 * CKM_KEA_DERIVE mechanism */ 01173 /* CK_KEA_DERIVE_PARAMS is new for v2.0 */ 01174 typedef struct CK_KEA_DERIVE_PARAMS { 01175 CK_BBOOL isSender; 01176 CK_ULONG ulRandomLen; 01177 CK_BYTE_PTR pRandomA; 01178 CK_BYTE_PTR pRandomB; 01179 CK_ULONG ulPublicDataLen; 01180 CK_BYTE_PTR pPublicData; 01181 } CK_KEA_DERIVE_PARAMS; 01182 01183 typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; 01184 01185 01186 /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and 01187 * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just 01188 * holds the effective keysize */ 01189 typedef CK_ULONG CK_RC2_PARAMS; 01190 01191 typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; 01192 01193 01194 /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC 01195 * mechanism */ 01196 typedef struct CK_RC2_CBC_PARAMS { 01197 /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for 01198 * v2.0 */ 01199 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 01200 01201 CK_BYTE iv[8]; /* IV for CBC mode */ 01202 } CK_RC2_CBC_PARAMS; 01203 01204 typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; 01205 01206 01207 /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the 01208 * CKM_RC2_MAC_GENERAL mechanism */ 01209 /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ 01210 typedef struct CK_RC2_MAC_GENERAL_PARAMS { 01211 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 01212 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 01213 } CK_RC2_MAC_GENERAL_PARAMS; 01214 01215 typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR CK_RC2_MAC_GENERAL_PARAMS_PTR; 01216 01217 01218 /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and 01219 * CKM_RC5_MAC mechanisms */ 01220 /* CK_RC5_PARAMS is new for v2.0 */ 01221 typedef struct CK_RC5_PARAMS { 01222 CK_ULONG ulWordsize; /* wordsize in bits */ 01223 CK_ULONG ulRounds; /* number of rounds */ 01224 } CK_RC5_PARAMS; 01225 01226 typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; 01227 01228 01229 /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC 01230 * mechanism */ 01231 /* CK_RC5_CBC_PARAMS is new for v2.0 */ 01232 typedef struct CK_RC5_CBC_PARAMS { 01233 CK_ULONG ulWordsize; /* wordsize in bits */ 01234 CK_ULONG ulRounds; /* number of rounds */ 01235 CK_BYTE_PTR pIv; /* pointer to IV */ 01236 CK_ULONG ulIvLen; /* length of IV in bytes */ 01237 } CK_RC5_CBC_PARAMS; 01238 01239 typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; 01240 01241 01242 /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the 01243 * CKM_RC5_MAC_GENERAL mechanism */ 01244 /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ 01245 typedef struct CK_RC5_MAC_GENERAL_PARAMS { 01246 CK_ULONG ulWordsize; /* wordsize in bits */ 01247 CK_ULONG ulRounds; /* number of rounds */ 01248 CK_ULONG ulMacLength; /* Length of MAC in bytes */ 01249 } CK_RC5_MAC_GENERAL_PARAMS; 01250 01251 typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR CK_RC5_MAC_GENERAL_PARAMS_PTR; 01252 01253 01254 /* CK_MAC_GENERAL_PARAMS provides the parameters to most block 01255 * ciphers' MAC_GENERAL mechanisms. Its value is the length of 01256 * the MAC */ 01257 /* CK_MAC_GENERAL_PARAMS is new for v2.0 */ 01258 typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 01259 01260 typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; 01261 01262 01263 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the 01264 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ 01265 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ 01266 typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { 01267 CK_ULONG ulPasswordLen; 01268 CK_BYTE_PTR pPassword; 01269 CK_ULONG ulPublicDataLen; 01270 CK_BYTE_PTR pPublicData; 01271 CK_ULONG ulPAndGLen; 01272 CK_ULONG ulQLen; 01273 CK_ULONG ulRandomLen; 01274 CK_BYTE_PTR pRandomA; 01275 CK_BYTE_PTR pPrimeP; 01276 CK_BYTE_PTR pBaseG; 01277 CK_BYTE_PTR pSubprimeQ; 01278 } CK_SKIPJACK_PRIVATE_WRAP_PARAMS; 01279 01280 typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR CK_SKIPJACK_PRIVATE_WRAP_PTR; 01281 01282 01283 /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the 01284 * CKM_SKIPJACK_RELAYX mechanism */ 01285 /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ 01286 typedef struct CK_SKIPJACK_RELAYX_PARAMS { 01287 CK_ULONG ulOldWrappedXLen; 01288 CK_BYTE_PTR pOldWrappedX; 01289 CK_ULONG ulOldPasswordLen; 01290 CK_BYTE_PTR pOldPassword; 01291 CK_ULONG ulOldPublicDataLen; 01292 CK_BYTE_PTR pOldPublicData; 01293 CK_ULONG ulOldRandomLen; 01294 CK_BYTE_PTR pOldRandomA; 01295 CK_ULONG ulNewPasswordLen; 01296 CK_BYTE_PTR pNewPassword; 01297 CK_ULONG ulNewPublicDataLen; 01298 CK_BYTE_PTR pNewPublicData; 01299 CK_ULONG ulNewRandomLen; 01300 CK_BYTE_PTR pNewRandomA; 01301 } CK_SKIPJACK_RELAYX_PARAMS; 01302 01303 typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR CK_SKIPJACK_RELAYX_PARAMS_PTR; 01304 01305 01306 typedef struct CK_PBE_PARAMS { 01307 CK_BYTE_PTR pInitVector; 01308 CK_UTF8CHAR_PTR pPassword; 01309 CK_ULONG ulPasswordLen; 01310 CK_BYTE_PTR pSalt; 01311 CK_ULONG ulSaltLen; 01312 CK_ULONG ulIteration; 01313 } CK_PBE_PARAMS; 01314 01315 typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; 01316 01317 01318 /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the 01319 * CKM_KEY_WRAP_SET_OAEP mechanism */ 01320 /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ 01321 typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { 01322 CK_BYTE bBC; /* block contents byte */ 01323 CK_BYTE_PTR pX; /* extra data */ 01324 CK_ULONG ulXLen; /* length of extra data in bytes */ 01325 } CK_KEY_WRAP_SET_OAEP_PARAMS; 01326 01327 typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; 01328 01329 01330 typedef struct CK_SSL3_RANDOM_DATA { 01331 CK_BYTE_PTR pClientRandom; 01332 CK_ULONG ulClientRandomLen; 01333 CK_BYTE_PTR pServerRandom; 01334 CK_ULONG ulServerRandomLen; 01335 } CK_SSL3_RANDOM_DATA; 01336 01337 01338 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { 01339 CK_SSL3_RANDOM_DATA RandomInfo; 01340 CK_VERSION_PTR pVersion; 01341 } CK_SSL3_MASTER_KEY_DERIVE_PARAMS; 01342 01343 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; 01344 01345 01346 typedef struct CK_SSL3_KEY_MAT_OUT { 01347 CK_OBJECT_HANDLE hClientMacSecret; 01348 CK_OBJECT_HANDLE hServerMacSecret; 01349 CK_OBJECT_HANDLE hClientKey; 01350 CK_OBJECT_HANDLE hServerKey; 01351 CK_BYTE_PTR pIVClient; 01352 CK_BYTE_PTR pIVServer; 01353 } CK_SSL3_KEY_MAT_OUT; 01354 01355 typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; 01356 01357 01358 typedef struct CK_SSL3_KEY_MAT_PARAMS { 01359 CK_ULONG ulMacSizeInBits; 01360 CK_ULONG ulKeySizeInBits; 01361 CK_ULONG ulIVSizeInBits; 01362 CK_BBOOL bIsExport; 01363 CK_SSL3_RANDOM_DATA RandomInfo; 01364 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 01365 } CK_SSL3_KEY_MAT_PARAMS; 01366 01367 typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; 01368 01369 01370 typedef struct CK_KEY_DERIVATION_STRING_DATA { 01371 CK_BYTE_PTR pData; 01372 CK_ULONG ulLen; 01373 } CK_KEY_DERIVATION_STRING_DATA; 01374 01375 typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR CK_KEY_DERIVATION_STRING_DATA_PTR; 01376 01377 01378 /* The CK_EXTRACT_PARAMS is used for the 01379 * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit 01380 * of the base key should be used as the first bit of the 01381 * derived key */ 01382 /* CK_EXTRACT_PARAMS is new for v2.0 */ 01383 typedef CK_ULONG CK_EXTRACT_PARAMS; 01384 01385 typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; 01386 01387 /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. 01388 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to 01389 * indicate the Pseudo-Random Function (PRF) used to generate 01390 * key bits using PKCS #5 PBKDF2. */ 01391 typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; 01392 01393 typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR 01394 CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; 01395 01396 /* The following PRFs are defined in PKCS #5 v2.0. */ 01397 #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 01398 01399 01400 /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. 01401 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the 01402 * source of the salt value when deriving a key using PKCS #5 01403 * PBKDF2. */ 01404 typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; 01405 01406 typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; 01407 01408 /* The following salt value sources are defined in PKCS #5 v2.0. */ 01409 #define CKZ_SALT_SPECIFIED 0x00000001 01410 01411 /* CK_PKCS5_PBKD2_PARAMS is new for v2.10. 01412 * CK_PKCS5_PBKD2_PARAMS is a structure that provides the 01413 * parameters to the CKM_PKCS5_PBKD2 mechanism. */ 01414 typedef struct CK_PKCS5_PBKD2_PARAMS { 01415 CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; 01416 CK_VOID_PTR pSaltSourceData; 01417 CK_ULONG ulSaltSourceDataLen; 01418 CK_ULONG iterations; 01419 CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; 01420 CK_VOID_PTR pPrfData; 01421 CK_ULONG ulPrfDataLen; 01422 CK_UTF8CHAR_PTR pPassword; 01423 CK_ULONG_PTR ulPasswordLen; 01424 } CK_PKCS5_PBKD2_PARAMS; 01425 01426 typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; 01427 01428 #endif