The Tor Browser / annotate

security/nss/lib/util/pkcs11t.h@b8a032363ba2 (annotated)

security/nss/lib/util/pkcs11t.h

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4 /* License to copy and use this software is granted provided that it is
michael@0 5 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
michael@0 6 * (Cryptoki)" in all material mentioning or referencing this software.
michael@0 7
michael@0 8 * License is also granted to make and use derivative works provided that
michael@0 9 * such works are identified as "derived from the RSA Security Inc. PKCS #11
michael@0 10 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
michael@0 11 * referencing the derived work.
michael@0 12
michael@0 13 * RSA Security Inc. makes no representations concerning either the
michael@0 14 * merchantability of this software or the suitability of this software for
michael@0 15 * any particular purpose. It is provided "as is" without express or implied
michael@0 16 * warranty of any kind.
michael@0 17 */
michael@0 18
michael@0 19
michael@0 20 #ifndef _PKCS11T_H_
michael@0 21 #define _PKCS11T_H_ 1
michael@0 22
michael@0 23 #define CK_TRUE 1
michael@0 24 #define CK_FALSE 0
michael@0 25
michael@0 26 #include "prtypes.h"
michael@0 27
michael@0 28 #define CK_PTR *
michael@0 29 #define CK_NULL_PTR 0
michael@0 30 #define CK_CALLBACK_FUNCTION(rtype,func) rtype (PR_CALLBACK * func)
michael@0 31 #define CK_DECLARE_FUNCTION(rtype,func) extern rtype func
michael@0 32 #define CK_DECLARE_FUNCTION_POINTER(rtype,func) rtype (PR_CALLBACK * func)
michael@0 33
michael@0 34 #define CK_INVALID_SESSION 0
michael@0 35
michael@0 36 /* an unsigned 8-bit value */
michael@0 37 typedef unsigned char CK_BYTE;
michael@0 38
michael@0 39 /* an unsigned 8-bit character */
michael@0 40 typedef CK_BYTE CK_CHAR;
michael@0 41
michael@0 42 /* an 8-bit UTF-8 character */
michael@0 43 typedef CK_BYTE CK_UTF8CHAR;
michael@0 44
michael@0 45 /* a BYTE-sized Boolean flag */
michael@0 46 typedef CK_BYTE CK_BBOOL;
michael@0 47
michael@0 48 /* an unsigned value, at least 32 bits long */
michael@0 49 typedef unsigned long int CK_ULONG;
michael@0 50
michael@0 51 /* a signed value, the same size as a CK_ULONG */
michael@0 52 /* CK_LONG is new for v2.0 */
michael@0 53 typedef long int CK_LONG;
michael@0 54
michael@0 55 /* at least 32 bits; each bit is a Boolean flag */
michael@0 56 typedef CK_ULONG CK_FLAGS;
michael@0 57
michael@0 58
michael@0 59 /* some special values for certain CK_ULONG variables */
michael@0 60 #define CK_UNAVAILABLE_INFORMATION (~0UL)
michael@0 61 #define CK_EFFECTIVELY_INFINITE 0
michael@0 62
michael@0 63
michael@0 64 typedef CK_BYTE CK_PTR CK_BYTE_PTR;
michael@0 65 typedef CK_CHAR CK_PTR CK_CHAR_PTR;
michael@0 66 typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
michael@0 67 typedef CK_ULONG CK_PTR CK_ULONG_PTR;
michael@0 68 typedef void CK_PTR CK_VOID_PTR;
michael@0 69
michael@0 70 /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
michael@0 71 typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
michael@0 72
michael@0 73
michael@0 74 /* The following value is always invalid if used as a session */
michael@0 75 /* handle or object handle */
michael@0 76 #define CK_INVALID_HANDLE 0
michael@0 77
michael@0 78
michael@0 79 /* pack */
michael@0 80 #include "pkcs11p.h"
michael@0 81
michael@0 82 typedef struct CK_VERSION {
michael@0 83 CK_BYTE major; /* integer portion of version number */
michael@0 84 CK_BYTE minor; /* 1/100ths portion of version number */
michael@0 85 } CK_VERSION;
michael@0 86
michael@0 87 typedef CK_VERSION CK_PTR CK_VERSION_PTR;
michael@0 88
michael@0 89
michael@0 90 typedef struct CK_INFO {
michael@0 91 /* manufacturerID and libraryDecription have been changed from
michael@0 92 * CK_CHAR to CK_UTF8CHAR for v2.10 */
michael@0 93 CK_VERSION cryptokiVersion; /* PKCS #11 interface ver */
michael@0 94 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
michael@0 95 CK_FLAGS flags; /* must be zero */
michael@0 96
michael@0 97 /* libraryDescription and libraryVersion are new for v2.0 */
michael@0 98 CK_UTF8CHAR libraryDescription[32]; /* blank padded */
michael@0 99 CK_VERSION libraryVersion; /* version of library */
michael@0 100 } CK_INFO;
michael@0 101
michael@0 102 typedef CK_INFO CK_PTR CK_INFO_PTR;
michael@0 103
michael@0 104
michael@0 105 /* CK_NOTIFICATION enumerates the types of notifications that
michael@0 106 * PKCS #11 provides to an application */
michael@0 107 /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
michael@0 108 * for v2.0 */
michael@0 109 typedef CK_ULONG CK_NOTIFICATION;
michael@0 110 #define CKN_SURRENDER 0
michael@0 111
michael@0 112
michael@0 113 typedef CK_ULONG CK_SLOT_ID;
michael@0 114
michael@0 115 typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
michael@0 116
michael@0 117
michael@0 118 /* CK_SLOT_INFO provides information about a slot */
michael@0 119 typedef struct CK_SLOT_INFO {
michael@0 120 /* slotDescription and manufacturerID have been changed from
michael@0 121 * CK_CHAR to CK_UTF8CHAR for v2.10 */
michael@0 122 CK_UTF8CHAR slotDescription[64]; /* blank padded */
michael@0 123 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
michael@0 124 CK_FLAGS flags;
michael@0 125
michael@0 126 /* hardwareVersion and firmwareVersion are new for v2.0 */
michael@0 127 CK_VERSION hardwareVersion; /* version of hardware */
michael@0 128 CK_VERSION firmwareVersion; /* version of firmware */
michael@0 129 } CK_SLOT_INFO;
michael@0 130
michael@0 131 /* flags: bit flags that provide capabilities of the slot
michael@0 132 * Bit Flag Mask Meaning
michael@0 133 */
michael@0 134 #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */
michael@0 135 #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/
michael@0 136 #define CKF_HW_SLOT 0x00000004 /* hardware slot */
michael@0 137
michael@0 138 typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
michael@0 139
michael@0 140
michael@0 141 /* CK_TOKEN_INFO provides information about a token */
michael@0 142 typedef struct CK_TOKEN_INFO {
michael@0 143 /* label, manufacturerID, and model have been changed from
michael@0 144 * CK_CHAR to CK_UTF8CHAR for v2.10 */
michael@0 145 CK_UTF8CHAR label[32]; /* blank padded */
michael@0 146 CK_UTF8CHAR manufacturerID[32]; /* blank padded */
michael@0 147 CK_UTF8CHAR model[16]; /* blank padded */
michael@0 148 CK_CHAR serialNumber[16]; /* blank padded */
michael@0 149 CK_FLAGS flags; /* see below */
michael@0 150
michael@0 151 /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
michael@0 152 * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
michael@0 153 * changed from CK_USHORT to CK_ULONG for v2.0 */
michael@0 154 CK_ULONG ulMaxSessionCount; /* max open sessions */
michael@0 155 CK_ULONG ulSessionCount; /* sess. now open */
michael@0 156 CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
michael@0 157 CK_ULONG ulRwSessionCount; /* R/W sess. now open */
michael@0 158 CK_ULONG ulMaxPinLen; /* in bytes */
michael@0 159 CK_ULONG ulMinPinLen; /* in bytes */
michael@0 160 CK_ULONG ulTotalPublicMemory; /* in bytes */
michael@0 161 CK_ULONG ulFreePublicMemory; /* in bytes */
michael@0 162 CK_ULONG ulTotalPrivateMemory; /* in bytes */
michael@0 163 CK_ULONG ulFreePrivateMemory; /* in bytes */
michael@0 164
michael@0 165 /* hardwareVersion, firmwareVersion, and time are new for
michael@0 166 * v2.0 */
michael@0 167 CK_VERSION hardwareVersion; /* version of hardware */
michael@0 168 CK_VERSION firmwareVersion; /* version of firmware */
michael@0 169 CK_CHAR utcTime[16]; /* time */
michael@0 170 } CK_TOKEN_INFO;
michael@0 171
michael@0 172 /* The flags parameter is defined as follows:
michael@0 173 * Bit Flag Mask Meaning
michael@0 174 */
michael@0 175 #define CKF_RNG 0x00000001 /* has random #
michael@0 176 * generator */
michael@0 177 #define CKF_WRITE_PROTECTED 0x00000002 /* token is
michael@0 178 * write-
michael@0 179 * protected */
michael@0 180 #define CKF_LOGIN_REQUIRED 0x00000004 /* user must
michael@0 181 * login */
michael@0 182 #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's
michael@0 183 * PIN is set */
michael@0 184
michael@0 185 /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set,
michael@0 186 * that means that *every* time the state of cryptographic
michael@0 187 * operations of a session is successfully saved, all keys
michael@0 188 * needed to continue those operations are stored in the state */
michael@0 189 #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020
michael@0 190
michael@0 191 /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means
michael@0 192 * that the token has some sort of clock. The time on that
michael@0 193 * clock is returned in the token info structure */
michael@0 194 #define CKF_CLOCK_ON_TOKEN 0x00000040
michael@0 195
michael@0 196 /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is
michael@0 197 * set, that means that there is some way for the user to login
michael@0 198 * without sending a PIN through the PKCS #11 library itself */
michael@0 199 #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100
michael@0 200
michael@0 201 /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true,
michael@0 202 * that means that a single session with the token can perform
michael@0 203 * dual simultaneous cryptographic operations (digest and
michael@0 204 * encrypt; decrypt and digest; sign and encrypt; and decrypt
michael@0 205 * and sign) */
michael@0 206 #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200
michael@0 207
michael@0 208 /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
michael@0 209 * token has been initialized using C_InitializeToken or an
michael@0 210 * equivalent mechanism outside the scope of PKCS #11.
michael@0 211 * Calling C_InitializeToken when this flag is set will cause
michael@0 212 * the token to be reinitialized. */
michael@0 213 #define CKF_TOKEN_INITIALIZED 0x00000400
michael@0 214
michael@0 215 /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is
michael@0 216 * true, the token supports secondary authentication for
michael@0 217 * private key objects. This flag is deprecated in v2.11 and
michael@0 218 onwards. */
michael@0 219 #define CKF_SECONDARY_AUTHENTICATION 0x00000800
michael@0 220
michael@0 221 /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an
michael@0 222 * incorrect user login PIN has been entered at least once
michael@0 223 * since the last successful authentication. */
michael@0 224 #define CKF_USER_PIN_COUNT_LOW 0x00010000
michael@0 225
michael@0 226 /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
michael@0 227 * supplying an incorrect user PIN will it to become locked. */
michael@0 228 #define CKF_USER_PIN_FINAL_TRY 0x00020000
michael@0 229
michael@0 230 /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the
michael@0 231 * user PIN has been locked. User login to the token is not
michael@0 232 * possible. */
michael@0 233 #define CKF_USER_PIN_LOCKED 0x00040000
michael@0 234
michael@0 235 /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
michael@0 236 * the user PIN value is the default value set by token
michael@0 237 * initialization or manufacturing, or the PIN has been
michael@0 238 * expired by the card. */
michael@0 239 #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000
michael@0 240
michael@0 241 /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an
michael@0 242 * incorrect SO login PIN has been entered at least once since
michael@0 243 * the last successful authentication. */
michael@0 244 #define CKF_SO_PIN_COUNT_LOW 0x00100000
michael@0 245
michael@0 246 /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
michael@0 247 * supplying an incorrect SO PIN will it to become locked. */
michael@0 248 #define CKF_SO_PIN_FINAL_TRY 0x00200000
michael@0 249
michael@0 250 /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
michael@0 251 * PIN has been locked. SO login to the token is not possible.
michael@0 252 */
michael@0 253 #define CKF_SO_PIN_LOCKED 0x00400000
michael@0 254
michael@0 255 /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
michael@0 256 * the SO PIN value is the default value set by token
michael@0 257 * initialization or manufacturing, or the PIN has been
michael@0 258 * expired by the card. */
michael@0 259 #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
michael@0 260
michael@0 261 typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
michael@0 262
michael@0 263
michael@0 264 /* CK_SESSION_HANDLE is a PKCS #11-assigned value that
michael@0 265 * identifies a session */
michael@0 266 typedef CK_ULONG CK_SESSION_HANDLE;
michael@0 267
michael@0 268 typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
michael@0 269
michael@0 270
michael@0 271 /* CK_USER_TYPE enumerates the types of PKCS #11 users */
michael@0 272 /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
michael@0 273 * v2.0 */
michael@0 274 typedef CK_ULONG CK_USER_TYPE;
michael@0 275 /* Security Officer */
michael@0 276 #define CKU_SO 0
michael@0 277 /* Normal user */
michael@0 278 #define CKU_USER 1
michael@0 279 /* Context specific (added in v2.20) */
michael@0 280 #define CKU_CONTEXT_SPECIFIC 2
michael@0 281
michael@0 282 /* CK_STATE enumerates the session states */
michael@0 283 /* CK_STATE has been changed from an enum to a CK_ULONG for
michael@0 284 * v2.0 */
michael@0 285 typedef CK_ULONG CK_STATE;
michael@0 286 #define CKS_RO_PUBLIC_SESSION 0
michael@0 287 #define CKS_RO_USER_FUNCTIONS 1
michael@0 288 #define CKS_RW_PUBLIC_SESSION 2
michael@0 289 #define CKS_RW_USER_FUNCTIONS 3
michael@0 290 #define CKS_RW_SO_FUNCTIONS 4
michael@0 291
michael@0 292
michael@0 293 /* CK_SESSION_INFO provides information about a session */
michael@0 294 typedef struct CK_SESSION_INFO {
michael@0 295 CK_SLOT_ID slotID;
michael@0 296 CK_STATE state;
michael@0 297 CK_FLAGS flags; /* see below */
michael@0 298
michael@0 299 /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
michael@0 300 * v2.0 */
michael@0 301 CK_ULONG ulDeviceError; /* device-dependent error code */
michael@0 302 } CK_SESSION_INFO;
michael@0 303
michael@0 304 /* The flags are defined in the following table:
michael@0 305 * Bit Flag Mask Meaning
michael@0 306 */
michael@0 307 #define CKF_RW_SESSION 0x00000002 /* session is r/w */
michael@0 308 #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */
michael@0 309
michael@0 310 typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
michael@0 311
michael@0 312
michael@0 313 /* CK_OBJECT_HANDLE is a token-specific identifier for an
michael@0 314 * object */
michael@0 315 typedef CK_ULONG CK_OBJECT_HANDLE;
michael@0 316
michael@0 317 typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
michael@0 318
michael@0 319
michael@0 320 /* CK_OBJECT_CLASS is a value that identifies the classes (or
michael@0 321 * types) of objects that PKCS #11 recognizes. It is defined
michael@0 322 * as follows: */
michael@0 323 /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
michael@0 324 * v2.0 */
michael@0 325 typedef CK_ULONG CK_OBJECT_CLASS;
michael@0 326
michael@0 327 /* The following classes of objects are defined: */
michael@0 328 /* CKO_HW_FEATURE is new for v2.10 */
michael@0 329 /* CKO_DOMAIN_PARAMETERS is new for v2.11 */
michael@0 330 /* CKO_MECHANISM is new for v2.20 */
michael@0 331 #define CKO_DATA 0x00000000
michael@0 332 #define CKO_CERTIFICATE 0x00000001
michael@0 333 #define CKO_PUBLIC_KEY 0x00000002
michael@0 334 #define CKO_PRIVATE_KEY 0x00000003
michael@0 335 #define CKO_SECRET_KEY 0x00000004
michael@0 336 #define CKO_HW_FEATURE 0x00000005
michael@0 337 #define CKO_DOMAIN_PARAMETERS 0x00000006
michael@0 338 #define CKO_MECHANISM 0x00000007
michael@0 339 #define CKO_VENDOR_DEFINED 0x80000000
michael@0 340
michael@0 341 typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
michael@0 342
michael@0 343 /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
michael@0 344 * value that identifies the hardware feature type of an object
michael@0 345 * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
michael@0 346 typedef CK_ULONG CK_HW_FEATURE_TYPE;
michael@0 347
michael@0 348 /* The following hardware feature types are defined */
michael@0 349 /* CKH_USER_INTERFACE is new for v2.20 */
michael@0 350 #define CKH_MONOTONIC_COUNTER 0x00000001
michael@0 351 #define CKH_CLOCK 0x00000002
michael@0 352 #define CKH_USER_INTERFACE 0x00000003
michael@0 353 #define CKH_VENDOR_DEFINED 0x80000000
michael@0 354
michael@0 355 /* CK_KEY_TYPE is a value that identifies a key type */
michael@0 356 /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
michael@0 357 typedef CK_ULONG CK_KEY_TYPE;
michael@0 358
michael@0 359 /* the following key types are defined: */
michael@0 360 #define CKK_RSA 0x00000000
michael@0 361 #define CKK_DSA 0x00000001
michael@0 362 #define CKK_DH 0x00000002
michael@0 363
michael@0 364 /* CKK_ECDSA and CKK_KEA are new for v2.0 */
michael@0 365 /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */
michael@0 366 #define CKK_ECDSA 0x00000003
michael@0 367 #define CKK_EC 0x00000003
michael@0 368 #define CKK_X9_42_DH 0x00000004
michael@0 369 #define CKK_KEA 0x00000005
michael@0 370
michael@0 371 #define CKK_GENERIC_SECRET 0x00000010
michael@0 372 #define CKK_RC2 0x00000011
michael@0 373 #define CKK_RC4 0x00000012
michael@0 374 #define CKK_DES 0x00000013
michael@0 375 #define CKK_DES2 0x00000014
michael@0 376 #define CKK_DES3 0x00000015
michael@0 377
michael@0 378 /* all these key types are new for v2.0 */
michael@0 379 #define CKK_CAST 0x00000016
michael@0 380 #define CKK_CAST3 0x00000017
michael@0 381 /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */
michael@0 382 #define CKK_CAST5 0x00000018
michael@0 383 #define CKK_CAST128 0x00000018
michael@0 384 #define CKK_RC5 0x00000019
michael@0 385 #define CKK_IDEA 0x0000001A
michael@0 386 #define CKK_SKIPJACK 0x0000001B
michael@0 387 #define CKK_BATON 0x0000001C
michael@0 388 #define CKK_JUNIPER 0x0000001D
michael@0 389 #define CKK_CDMF 0x0000001E
michael@0 390 #define CKK_AES 0x0000001F
michael@0 391
michael@0 392 /* BlowFish and TwoFish are new for v2.20 */
michael@0 393 #define CKK_BLOWFISH 0x00000020
michael@0 394 #define CKK_TWOFISH 0x00000021
michael@0 395
michael@0 396 /* Camellia is proposed for v2.20 Amendment 3 */
michael@0 397 #define CKK_CAMELLIA 0x00000025
michael@0 398
michael@0 399 #define CKK_SEED 0x00000026
michael@0 400
michael@0 401 #define CKK_VENDOR_DEFINED 0x80000000
michael@0 402
michael@0 403
michael@0 404 /* CK_CERTIFICATE_TYPE is a value that identifies a certificate
michael@0 405 * type */
michael@0 406 /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
michael@0 407 * for v2.0 */
michael@0 408 typedef CK_ULONG CK_CERTIFICATE_TYPE;
michael@0 409
michael@0 410 /* The following certificate types are defined: */
michael@0 411 /* CKC_X_509_ATTR_CERT is new for v2.10 */
michael@0 412 /* CKC_WTLS is new for v2.20 */
michael@0 413 #define CKC_X_509 0x00000000
michael@0 414 #define CKC_X_509_ATTR_CERT 0x00000001
michael@0 415 #define CKC_WTLS 0x00000002
michael@0 416 #define CKC_VENDOR_DEFINED 0x80000000
michael@0 417
michael@0 418
michael@0 419 /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
michael@0 420 * type */
michael@0 421 /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
michael@0 422 * v2.0 */
michael@0 423 typedef CK_ULONG CK_ATTRIBUTE_TYPE;
michael@0 424
michael@0 425 /* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which
michael@0 426 consists of an array of values. */
michael@0 427 #define CKF_ARRAY_ATTRIBUTE 0x40000000
michael@0 428
michael@0 429 /* The following attribute types are defined: */
michael@0 430 #define CKA_CLASS 0x00000000
michael@0 431 #define CKA_TOKEN 0x00000001
michael@0 432 #define CKA_PRIVATE 0x00000002
michael@0 433 #define CKA_LABEL 0x00000003
michael@0 434 #define CKA_APPLICATION 0x00000010
michael@0 435 #define CKA_VALUE 0x00000011
michael@0 436
michael@0 437 /* CKA_OBJECT_ID is new for v2.10 */
michael@0 438 #define CKA_OBJECT_ID 0x00000012
michael@0 439
michael@0 440 #define CKA_CERTIFICATE_TYPE 0x00000080
michael@0 441 #define CKA_ISSUER 0x00000081
michael@0 442 #define CKA_SERIAL_NUMBER 0x00000082
michael@0 443
michael@0 444 /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new
michael@0 445 * for v2.10 */
michael@0 446 #define CKA_AC_ISSUER 0x00000083
michael@0 447 #define CKA_OWNER 0x00000084
michael@0 448 #define CKA_ATTR_TYPES 0x00000085
michael@0 449
michael@0 450 /* CKA_TRUSTED is new for v2.11 */
michael@0 451 #define CKA_TRUSTED 0x00000086
michael@0 452
michael@0 453 /* CKA_CERTIFICATE_CATEGORY ...
michael@0 454 * CKA_CHECK_VALUE are new for v2.20 */
michael@0 455 #define CKA_CERTIFICATE_CATEGORY 0x00000087
michael@0 456 #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088
michael@0 457 #define CKA_URL 0x00000089
michael@0 458 #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A
michael@0 459 #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B
michael@0 460 #define CKA_CHECK_VALUE 0x00000090
michael@0 461
michael@0 462 #define CKA_KEY_TYPE 0x00000100
michael@0 463 #define CKA_SUBJECT 0x00000101
michael@0 464 #define CKA_ID 0x00000102
michael@0 465 #define CKA_SENSITIVE 0x00000103
michael@0 466 #define CKA_ENCRYPT 0x00000104
michael@0 467 #define CKA_DECRYPT 0x00000105
michael@0 468 #define CKA_WRAP 0x00000106
michael@0 469 #define CKA_UNWRAP 0x00000107
michael@0 470 #define CKA_SIGN 0x00000108
michael@0 471 #define CKA_SIGN_RECOVER 0x00000109
michael@0 472 #define CKA_VERIFY 0x0000010A
michael@0 473 #define CKA_VERIFY_RECOVER 0x0000010B
michael@0 474 #define CKA_DERIVE 0x0000010C
michael@0 475 #define CKA_START_DATE 0x00000110
michael@0 476 #define CKA_END_DATE 0x00000111
michael@0 477 #define CKA_MODULUS 0x00000120
michael@0 478 #define CKA_MODULUS_BITS 0x00000121
michael@0 479 #define CKA_PUBLIC_EXPONENT 0x00000122
michael@0 480 #define CKA_PRIVATE_EXPONENT 0x00000123
michael@0 481 #define CKA_PRIME_1 0x00000124
michael@0 482 #define CKA_PRIME_2 0x00000125
michael@0 483 #define CKA_EXPONENT_1 0x00000126
michael@0 484 #define CKA_EXPONENT_2 0x00000127
michael@0 485 #define CKA_COEFFICIENT 0x00000128
michael@0 486 #define CKA_PRIME 0x00000130
michael@0 487 #define CKA_SUBPRIME 0x00000131
michael@0 488 #define CKA_BASE 0x00000132
michael@0 489
michael@0 490 /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
michael@0 491 #define CKA_PRIME_BITS 0x00000133
michael@0 492 #define CKA_SUBPRIME_BITS 0x00000134
michael@0 493 #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS
michael@0 494 /* (To retain backwards-compatibility) */
michael@0 495
michael@0 496 #define CKA_VALUE_BITS 0x00000160
michael@0 497 #define CKA_VALUE_LEN 0x00000161
michael@0 498
michael@0 499 /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
michael@0 500 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
michael@0 501 * and CKA_EC_POINT are new for v2.0 */
michael@0 502 #define CKA_EXTRACTABLE 0x00000162
michael@0 503 #define CKA_LOCAL 0x00000163
michael@0 504 #define CKA_NEVER_EXTRACTABLE 0x00000164
michael@0 505 #define CKA_ALWAYS_SENSITIVE 0x00000165
michael@0 506
michael@0 507 /* CKA_KEY_GEN_MECHANISM is new for v2.11 */
michael@0 508 #define CKA_KEY_GEN_MECHANISM 0x00000166
michael@0 509
michael@0 510 #define CKA_MODIFIABLE 0x00000170
michael@0 511
michael@0 512 /* CKA_ECDSA_PARAMS is deprecated in v2.11,
michael@0 513 * CKA_EC_PARAMS is preferred. */
michael@0 514 #define CKA_ECDSA_PARAMS 0x00000180
michael@0 515 #define CKA_EC_PARAMS 0x00000180
michael@0 516
michael@0 517 #define CKA_EC_POINT 0x00000181
michael@0 518
michael@0 519 /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
michael@0 520 * are new for v2.10. Deprecated in v2.11 and onwards. */
michael@0 521 #define CKA_SECONDARY_AUTH 0x00000200
michael@0 522 #define CKA_AUTH_PIN_FLAGS 0x00000201
michael@0 523
michael@0 524 /* CKA_ALWAYS_AUTHENTICATE ...
michael@0 525 * CKA_UNWRAP_TEMPLATE are new for v2.20 */
michael@0 526 #define CKA_ALWAYS_AUTHENTICATE 0x00000202
michael@0 527
michael@0 528 #define CKA_WRAP_WITH_TRUSTED 0x00000210
michael@0 529 #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211)
michael@0 530 #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212)
michael@0 531
michael@0 532 /* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
michael@0 533 * are new for v2.10 */
michael@0 534 #define CKA_HW_FEATURE_TYPE 0x00000300
michael@0 535 #define CKA_RESET_ON_INIT 0x00000301
michael@0 536 #define CKA_HAS_RESET 0x00000302
michael@0 537
michael@0 538 /* The following attributes are new for v2.20 */
michael@0 539 #define CKA_PIXEL_X 0x00000400
michael@0 540 #define CKA_PIXEL_Y 0x00000401
michael@0 541 #define CKA_RESOLUTION 0x00000402
michael@0 542 #define CKA_CHAR_ROWS 0x00000403
michael@0 543 #define CKA_CHAR_COLUMNS 0x00000404
michael@0 544 #define CKA_COLOR 0x00000405
michael@0 545 #define CKA_BITS_PER_PIXEL 0x00000406
michael@0 546 #define CKA_CHAR_SETS 0x00000480
michael@0 547 #define CKA_ENCODING_METHODS 0x00000481
michael@0 548 #define CKA_MIME_TYPES 0x00000482
michael@0 549 #define CKA_MECHANISM_TYPE 0x00000500
michael@0 550 #define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501
michael@0 551 #define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502
michael@0 552 #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503
michael@0 553 #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600)
michael@0 554
michael@0 555 #define CKA_VENDOR_DEFINED 0x80000000
michael@0 556
michael@0 557
michael@0 558 /* CK_ATTRIBUTE is a structure that includes the type, length
michael@0 559 * and value of an attribute */
michael@0 560 typedef struct CK_ATTRIBUTE {
michael@0 561 CK_ATTRIBUTE_TYPE type;
michael@0 562 CK_VOID_PTR pValue;
michael@0 563
michael@0 564 /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
michael@0 565 CK_ULONG ulValueLen; /* in bytes */
michael@0 566 } CK_ATTRIBUTE;
michael@0 567
michael@0 568 typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
michael@0 569
michael@0 570
michael@0 571 /* CK_DATE is a structure that defines a date */
michael@0 572 typedef struct CK_DATE{
michael@0 573 CK_CHAR year[4]; /* the year ("1900" - "9999") */
michael@0 574 CK_CHAR month[2]; /* the month ("01" - "12") */
michael@0 575 CK_CHAR day[2]; /* the day ("01" - "31") */
michael@0 576 } CK_DATE;
michael@0 577
michael@0 578
michael@0 579 /* CK_MECHANISM_TYPE is a value that identifies a mechanism
michael@0 580 * type */
michael@0 581 /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
michael@0 582 * v2.0 */
michael@0 583 typedef CK_ULONG CK_MECHANISM_TYPE;
michael@0 584
michael@0 585 /* the following mechanism types are defined: */
michael@0 586 #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
michael@0 587 #define CKM_RSA_PKCS 0x00000001
michael@0 588 #define CKM_RSA_9796 0x00000002
michael@0 589 #define CKM_RSA_X_509 0x00000003
michael@0 590
michael@0 591 /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
michael@0 592 * are new for v2.0. They are mechanisms which hash and sign */
michael@0 593 #define CKM_MD2_RSA_PKCS 0x00000004
michael@0 594 #define CKM_MD5_RSA_PKCS 0x00000005
michael@0 595 #define CKM_SHA1_RSA_PKCS 0x00000006
michael@0 596
michael@0 597 /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and
michael@0 598 * CKM_RSA_PKCS_OAEP are new for v2.10 */
michael@0 599 #define CKM_RIPEMD128_RSA_PKCS 0x00000007
michael@0 600 #define CKM_RIPEMD160_RSA_PKCS 0x00000008
michael@0 601 #define CKM_RSA_PKCS_OAEP 0x00000009
michael@0 602
michael@0 603 /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
michael@0 604 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
michael@0 605 #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A
michael@0 606 #define CKM_RSA_X9_31 0x0000000B
michael@0 607 #define CKM_SHA1_RSA_X9_31 0x0000000C
michael@0 608 #define CKM_RSA_PKCS_PSS 0x0000000D
michael@0 609 #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
michael@0 610
michael@0 611 #define CKM_DSA_KEY_PAIR_GEN 0x00000010
michael@0 612 #define CKM_DSA 0x00000011
michael@0 613 #define CKM_DSA_SHA1 0x00000012
michael@0 614 #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
michael@0 615 #define CKM_DH_PKCS_DERIVE 0x00000021
michael@0 616
michael@0 617 /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
michael@0 618 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for
michael@0 619 * v2.11 */
michael@0 620 #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030
michael@0 621 #define CKM_X9_42_DH_DERIVE 0x00000031
michael@0 622 #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032
michael@0 623 #define CKM_X9_42_MQV_DERIVE 0x00000033
michael@0 624
michael@0 625 /* CKM_SHA256/384/512 are new for v2.20 */
michael@0 626 #define CKM_SHA256_RSA_PKCS 0x00000040
michael@0 627 #define CKM_SHA384_RSA_PKCS 0x00000041
michael@0 628 #define CKM_SHA512_RSA_PKCS 0x00000042
michael@0 629 #define CKM_SHA256_RSA_PKCS_PSS 0x00000043
michael@0 630 #define CKM_SHA384_RSA_PKCS_PSS 0x00000044
michael@0 631 #define CKM_SHA512_RSA_PKCS_PSS 0x00000045
michael@0 632
michael@0 633 /* CKM_SHA224 new for v2.20 amendment 3 */
michael@0 634 #define CKM_SHA224_RSA_PKCS 0x00000046
michael@0 635 #define CKM_SHA224_RSA_PKCS_PSS 0x00000047
michael@0 636
michael@0 637 #define CKM_RC2_KEY_GEN 0x00000100
michael@0 638 #define CKM_RC2_ECB 0x00000101
michael@0 639 #define CKM_RC2_CBC 0x00000102
michael@0 640 #define CKM_RC2_MAC 0x00000103
michael@0 641
michael@0 642 /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
michael@0 643 #define CKM_RC2_MAC_GENERAL 0x00000104
michael@0 644 #define CKM_RC2_CBC_PAD 0x00000105
michael@0 645
michael@0 646 #define CKM_RC4_KEY_GEN 0x00000110
michael@0 647 #define CKM_RC4 0x00000111
michael@0 648 #define CKM_DES_KEY_GEN 0x00000120
michael@0 649 #define CKM_DES_ECB 0x00000121
michael@0 650 #define CKM_DES_CBC 0x00000122
michael@0 651 #define CKM_DES_MAC 0x00000123
michael@0 652
michael@0 653 /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
michael@0 654 #define CKM_DES_MAC_GENERAL 0x00000124
michael@0 655 #define CKM_DES_CBC_PAD 0x00000125
michael@0 656
michael@0 657 #define CKM_DES2_KEY_GEN 0x00000130
michael@0 658 #define CKM_DES3_KEY_GEN 0x00000131
michael@0 659 #define CKM_DES3_ECB 0x00000132
michael@0 660 #define CKM_DES3_CBC 0x00000133
michael@0 661 #define CKM_DES3_MAC 0x00000134
michael@0 662
michael@0 663 /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
michael@0 664 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
michael@0 665 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
michael@0 666 #define CKM_DES3_MAC_GENERAL 0x00000135
michael@0 667 #define CKM_DES3_CBC_PAD 0x00000136
michael@0 668 #define CKM_CDMF_KEY_GEN 0x00000140
michael@0 669 #define CKM_CDMF_ECB 0x00000141
michael@0 670 #define CKM_CDMF_CBC 0x00000142
michael@0 671 #define CKM_CDMF_MAC 0x00000143
michael@0 672 #define CKM_CDMF_MAC_GENERAL 0x00000144
michael@0 673 #define CKM_CDMF_CBC_PAD 0x00000145
michael@0 674
michael@0 675 /* the following four DES mechanisms are new for v2.20 */
michael@0 676 #define CKM_DES_OFB64 0x00000150
michael@0 677 #define CKM_DES_OFB8 0x00000151
michael@0 678 #define CKM_DES_CFB64 0x00000152
michael@0 679 #define CKM_DES_CFB8 0x00000153
michael@0 680
michael@0 681 #define CKM_MD2 0x00000200
michael@0 682
michael@0 683 /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
michael@0 684 #define CKM_MD2_HMAC 0x00000201
michael@0 685 #define CKM_MD2_HMAC_GENERAL 0x00000202
michael@0 686
michael@0 687 #define CKM_MD5 0x00000210
michael@0 688
michael@0 689 /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
michael@0 690 #define CKM_MD5_HMAC 0x00000211
michael@0 691 #define CKM_MD5_HMAC_GENERAL 0x00000212
michael@0 692
michael@0 693 #define CKM_SHA_1 0x00000220
michael@0 694
michael@0 695 /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
michael@0 696 #define CKM_SHA_1_HMAC 0x00000221
michael@0 697 #define CKM_SHA_1_HMAC_GENERAL 0x00000222
michael@0 698
michael@0 699 /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC,
michael@0 700 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
michael@0 701 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
michael@0 702 #define CKM_RIPEMD128 0x00000230
michael@0 703 #define CKM_RIPEMD128_HMAC 0x00000231
michael@0 704 #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232
michael@0 705 #define CKM_RIPEMD160 0x00000240
michael@0 706 #define CKM_RIPEMD160_HMAC 0x00000241
michael@0 707 #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242
michael@0 708
michael@0 709 /* CKM_SHA256/384/512 are new for v2.20 */
michael@0 710 #define CKM_SHA256 0x00000250
michael@0 711 #define CKM_SHA256_HMAC 0x00000251
michael@0 712 #define CKM_SHA256_HMAC_GENERAL 0x00000252
michael@0 713 #define CKM_SHA384 0x00000260
michael@0 714 #define CKM_SHA384_HMAC 0x00000261
michael@0 715 #define CKM_SHA384_HMAC_GENERAL 0x00000262
michael@0 716 #define CKM_SHA512 0x00000270
michael@0 717 #define CKM_SHA512_HMAC 0x00000271
michael@0 718 #define CKM_SHA512_HMAC_GENERAL 0x00000272
michael@0 719
michael@0 720 /* CKM_SHA224 new for v2.20 amendment 3 */
michael@0 721 #define CKM_SHA224 0x00000255
michael@0 722 #define CKM_SHA224_HMAC 0x00000256
michael@0 723 #define CKM_SHA224_HMAC_GENERAL 0x00000257
michael@0 724
michael@0 725 /* All of the following mechanisms are new for v2.0 */
michael@0 726 /* Note that CAST128 and CAST5 are the same algorithm */
michael@0 727 #define CKM_CAST_KEY_GEN 0x00000300
michael@0 728 #define CKM_CAST_ECB 0x00000301
michael@0 729 #define CKM_CAST_CBC 0x00000302
michael@0 730 #define CKM_CAST_MAC 0x00000303
michael@0 731 #define CKM_CAST_MAC_GENERAL 0x00000304
michael@0 732 #define CKM_CAST_CBC_PAD 0x00000305
michael@0 733 #define CKM_CAST3_KEY_GEN 0x00000310
michael@0 734 #define CKM_CAST3_ECB 0x00000311
michael@0 735 #define CKM_CAST3_CBC 0x00000312
michael@0 736 #define CKM_CAST3_MAC 0x00000313
michael@0 737 #define CKM_CAST3_MAC_GENERAL 0x00000314
michael@0 738 #define CKM_CAST3_CBC_PAD 0x00000315
michael@0 739 #define CKM_CAST5_KEY_GEN 0x00000320
michael@0 740 #define CKM_CAST128_KEY_GEN 0x00000320
michael@0 741 #define CKM_CAST5_ECB 0x00000321
michael@0 742 #define CKM_CAST128_ECB 0x00000321
michael@0 743 #define CKM_CAST5_CBC 0x00000322
michael@0 744 #define CKM_CAST128_CBC 0x00000322
michael@0 745 #define CKM_CAST5_MAC 0x00000323
michael@0 746 #define CKM_CAST128_MAC 0x00000323
michael@0 747 #define CKM_CAST5_MAC_GENERAL 0x00000324
michael@0 748 #define CKM_CAST128_MAC_GENERAL 0x00000324
michael@0 749 #define CKM_CAST5_CBC_PAD 0x00000325
michael@0 750 #define CKM_CAST128_CBC_PAD 0x00000325
michael@0 751 #define CKM_RC5_KEY_GEN 0x00000330
michael@0 752 #define CKM_RC5_ECB 0x00000331
michael@0 753 #define CKM_RC5_CBC 0x00000332
michael@0 754 #define CKM_RC5_MAC 0x00000333
michael@0 755 #define CKM_RC5_MAC_GENERAL 0x00000334
michael@0 756 #define CKM_RC5_CBC_PAD 0x00000335
michael@0 757 #define CKM_IDEA_KEY_GEN 0x00000340
michael@0 758 #define CKM_IDEA_ECB 0x00000341
michael@0 759 #define CKM_IDEA_CBC 0x00000342
michael@0 760 #define CKM_IDEA_MAC 0x00000343
michael@0 761 #define CKM_IDEA_MAC_GENERAL 0x00000344
michael@0 762 #define CKM_IDEA_CBC_PAD 0x00000345
michael@0 763 #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
michael@0 764 #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
michael@0 765 #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
michael@0 766 #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
michael@0 767 #define CKM_XOR_BASE_AND_DATA 0x00000364
michael@0 768 #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
michael@0 769 #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
michael@0 770 #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
michael@0 771 #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
michael@0 772
michael@0 773 /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
michael@0 774 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and
michael@0 775 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */
michael@0 776 #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373
michael@0 777 #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374
michael@0 778 #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375
michael@0 779 #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376
michael@0 780 #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377
michael@0 781
michael@0 782 /* CKM_TLS_PRF is new for v2.20 */
michael@0 783 #define CKM_TLS_PRF 0x00000378
michael@0 784
michael@0 785 #define CKM_SSL3_MD5_MAC 0x00000380
michael@0 786 #define CKM_SSL3_SHA1_MAC 0x00000381
michael@0 787 #define CKM_MD5_KEY_DERIVATION 0x00000390
michael@0 788 #define CKM_MD2_KEY_DERIVATION 0x00000391
michael@0 789 #define CKM_SHA1_KEY_DERIVATION 0x00000392
michael@0 790
michael@0 791 /* CKM_SHA256/384/512 are new for v2.20 */
michael@0 792 #define CKM_SHA256_KEY_DERIVATION 0x00000393
michael@0 793 #define CKM_SHA384_KEY_DERIVATION 0x00000394
michael@0 794 #define CKM_SHA512_KEY_DERIVATION 0x00000395
michael@0 795
michael@0 796 /* CKM_SHA224 new for v2.20 amendment 3 */
michael@0 797 #define CKM_SHA224_KEY_DERIVATION 0x00000396
michael@0 798
michael@0 799 #define CKM_PBE_MD2_DES_CBC 0x000003A0
michael@0 800 #define CKM_PBE_MD5_DES_CBC 0x000003A1
michael@0 801 #define CKM_PBE_MD5_CAST_CBC 0x000003A2
michael@0 802 #define CKM_PBE_MD5_CAST3_CBC 0x000003A3
michael@0 803 #define CKM_PBE_MD5_CAST5_CBC 0x000003A4
michael@0 804 #define CKM_PBE_MD5_CAST128_CBC 0x000003A4
michael@0 805 #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
michael@0 806 #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
michael@0 807 #define CKM_PBE_SHA1_RC4_128 0x000003A6
michael@0 808 #define CKM_PBE_SHA1_RC4_40 0x000003A7
michael@0 809 #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
michael@0 810 #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
michael@0 811 #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
michael@0 812 #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
michael@0 813
michael@0 814 /* CKM_PKCS5_PBKD2 is new for v2.10 */
michael@0 815 #define CKM_PKCS5_PBKD2 0x000003B0
michael@0 816
michael@0 817 #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
michael@0 818
michael@0 819 /* WTLS mechanisms are new for v2.20 */
michael@0 820 #define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0
michael@0 821 #define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1
michael@0 822 #define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2
michael@0 823 #define CKM_WTLS_PRF 0x000003D3
michael@0 824 #define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4
michael@0 825 #define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5
michael@0 826
michael@0 827 #define CKM_KEY_WRAP_LYNKS 0x00000400
michael@0 828 #define CKM_KEY_WRAP_SET_OAEP 0x00000401
michael@0 829
michael@0 830 /* CKM_CMS_SIG is new for v2.20 */
michael@0 831 #define CKM_CMS_SIG 0x00000500
michael@0 832
michael@0 833 /* Fortezza mechanisms */
michael@0 834 #define CKM_SKIPJACK_KEY_GEN 0x00001000
michael@0 835 #define CKM_SKIPJACK_ECB64 0x00001001
michael@0 836 #define CKM_SKIPJACK_CBC64 0x00001002
michael@0 837 #define CKM_SKIPJACK_OFB64 0x00001003
michael@0 838 #define CKM_SKIPJACK_CFB64 0x00001004
michael@0 839 #define CKM_SKIPJACK_CFB32 0x00001005
michael@0 840 #define CKM_SKIPJACK_CFB16 0x00001006
michael@0 841 #define CKM_SKIPJACK_CFB8 0x00001007
michael@0 842 #define CKM_SKIPJACK_WRAP 0x00001008
michael@0 843 #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
michael@0 844 #define CKM_SKIPJACK_RELAYX 0x0000100a
michael@0 845 #define CKM_KEA_KEY_PAIR_GEN 0x00001010
michael@0 846 #define CKM_KEA_KEY_DERIVE 0x00001011
michael@0 847 #define CKM_FORTEZZA_TIMESTAMP 0x00001020
michael@0 848 #define CKM_BATON_KEY_GEN 0x00001030
michael@0 849 #define CKM_BATON_ECB128 0x00001031
michael@0 850 #define CKM_BATON_ECB96 0x00001032
michael@0 851 #define CKM_BATON_CBC128 0x00001033
michael@0 852 #define CKM_BATON_COUNTER 0x00001034
michael@0 853 #define CKM_BATON_SHUFFLE 0x00001035
michael@0 854 #define CKM_BATON_WRAP 0x00001036
michael@0 855
michael@0 856 /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,
michael@0 857 * CKM_EC_KEY_PAIR_GEN is preferred */
michael@0 858 #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040
michael@0 859 #define CKM_EC_KEY_PAIR_GEN 0x00001040
michael@0 860
michael@0 861 #define CKM_ECDSA 0x00001041
michael@0 862 #define CKM_ECDSA_SHA1 0x00001042
michael@0 863
michael@0 864 /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE
michael@0 865 * are new for v2.11 */
michael@0 866 #define CKM_ECDH1_DERIVE 0x00001050
michael@0 867 #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051
michael@0 868 #define CKM_ECMQV_DERIVE 0x00001052
michael@0 869
michael@0 870 #define CKM_JUNIPER_KEY_GEN 0x00001060
michael@0 871 #define CKM_JUNIPER_ECB128 0x00001061
michael@0 872 #define CKM_JUNIPER_CBC128 0x00001062
michael@0 873 #define CKM_JUNIPER_COUNTER 0x00001063
michael@0 874 #define CKM_JUNIPER_SHUFFLE 0x00001064
michael@0 875 #define CKM_JUNIPER_WRAP 0x00001065
michael@0 876 #define CKM_FASTHASH 0x00001070
michael@0 877
michael@0 878 /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC,
michael@0 879 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN,
michael@0 880 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are
michael@0 881 * new for v2.11 */
michael@0 882 #define CKM_AES_KEY_GEN 0x00001080
michael@0 883 #define CKM_AES_ECB 0x00001081
michael@0 884 #define CKM_AES_CBC 0x00001082
michael@0 885 #define CKM_AES_MAC 0x00001083
michael@0 886 #define CKM_AES_MAC_GENERAL 0x00001084
michael@0 887 #define CKM_AES_CBC_PAD 0x00001085
michael@0 888 /* new for v2.20 amendment 3 */
michael@0 889 #define CKM_AES_CTR 0x00001086
michael@0 890 /* new for v2.30 */
michael@0 891 #define CKM_AES_GCM 0x00001087
michael@0 892 #define CKM_AES_CCM 0x00001088
michael@0 893 #define CKM_AES_CTS 0x00001089
michael@0 894
michael@0 895 /* BlowFish and TwoFish are new for v2.20 */
michael@0 896 #define CKM_BLOWFISH_KEY_GEN 0x00001090
michael@0 897 #define CKM_BLOWFISH_CBC 0x00001091
michael@0 898 #define CKM_TWOFISH_KEY_GEN 0x00001092
michael@0 899 #define CKM_TWOFISH_CBC 0x00001093
michael@0 900
michael@0 901 /* Camellia is proposed for v2.20 Amendment 3 */
michael@0 902 #define CKM_CAMELLIA_KEY_GEN 0x00000550
michael@0 903 #define CKM_CAMELLIA_ECB 0x00000551
michael@0 904 #define CKM_CAMELLIA_CBC 0x00000552
michael@0 905 #define CKM_CAMELLIA_MAC 0x00000553
michael@0 906 #define CKM_CAMELLIA_MAC_GENERAL 0x00000554
michael@0 907 #define CKM_CAMELLIA_CBC_PAD 0x00000555
michael@0 908 #define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556
michael@0 909 #define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557
michael@0 910
michael@0 911 #define CKM_SEED_KEY_GEN 0x00000650
michael@0 912 #define CKM_SEED_ECB 0x00000651
michael@0 913 #define CKM_SEED_CBC 0x00000652
michael@0 914 #define CKM_SEED_MAC 0x00000653
michael@0 915 #define CKM_SEED_MAC_GENERAL 0x00000654
michael@0 916 #define CKM_SEED_CBC_PAD 0x00000655
michael@0 917 #define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656
michael@0 918 #define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657
michael@0 919
michael@0 920 /* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */
michael@0 921 #define CKM_DES_ECB_ENCRYPT_DATA 0x00001100
michael@0 922 #define CKM_DES_CBC_ENCRYPT_DATA 0x00001101
michael@0 923 #define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102
michael@0 924 #define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103
michael@0 925 #define CKM_AES_ECB_ENCRYPT_DATA 0x00001104
michael@0 926 #define CKM_AES_CBC_ENCRYPT_DATA 0x00001105
michael@0 927
michael@0 928 #define CKM_DSA_PARAMETER_GEN 0x00002000
michael@0 929 #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
michael@0 930 #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002
michael@0 931
michael@0 932 #define CKM_VENDOR_DEFINED 0x80000000
michael@0 933
michael@0 934 typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
michael@0 935
michael@0 936
michael@0 937 /* CK_MECHANISM is a structure that specifies a particular
michael@0 938 * mechanism */
michael@0 939 typedef struct CK_MECHANISM {
michael@0 940 CK_MECHANISM_TYPE mechanism;
michael@0 941 CK_VOID_PTR pParameter;
michael@0 942
michael@0 943 /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
michael@0 944 * v2.0 */
michael@0 945 CK_ULONG ulParameterLen; /* in bytes */
michael@0 946 } CK_MECHANISM;
michael@0 947
michael@0 948 typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
michael@0 949
michael@0 950
michael@0 951 /* CK_MECHANISM_INFO provides information about a particular
michael@0 952 * mechanism */
michael@0 953 typedef struct CK_MECHANISM_INFO {
michael@0 954 CK_ULONG ulMinKeySize;
michael@0 955 CK_ULONG ulMaxKeySize;
michael@0 956 CK_FLAGS flags;
michael@0 957 } CK_MECHANISM_INFO;
michael@0 958
michael@0 959 /* The flags are defined as follows:
michael@0 960 * Bit Flag Mask Meaning */
michael@0 961 #define CKF_HW 0x00000001 /* performed by HW */
michael@0 962
michael@0 963 /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
michael@0 964 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
michael@0 965 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
michael@0 966 * and CKF_DERIVE are new for v2.0. They specify whether or not
michael@0 967 * a mechanism can be used for a particular task */
michael@0 968 #define CKF_ENCRYPT 0x00000100
michael@0 969 #define CKF_DECRYPT 0x00000200
michael@0 970 #define CKF_DIGEST 0x00000400
michael@0 971 #define CKF_SIGN 0x00000800
michael@0 972 #define CKF_SIGN_RECOVER 0x00001000
michael@0 973 #define CKF_VERIFY 0x00002000
michael@0 974 #define CKF_VERIFY_RECOVER 0x00004000
michael@0 975 #define CKF_GENERATE 0x00008000
michael@0 976 #define CKF_GENERATE_KEY_PAIR 0x00010000
michael@0 977 #define CKF_WRAP 0x00020000
michael@0 978 #define CKF_UNWRAP 0x00040000
michael@0 979 #define CKF_DERIVE 0x00080000
michael@0 980
michael@0 981 /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
michael@0 982 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They
michael@0 983 * describe a token's EC capabilities not available in mechanism
michael@0 984 * information. */
michael@0 985 #define CKF_EC_F_P 0x00100000
michael@0 986 #define CKF_EC_F_2M 0x00200000
michael@0 987 #define CKF_EC_ECPARAMETERS 0x00400000
michael@0 988 #define CKF_EC_NAMEDCURVE 0x00800000
michael@0 989 #define CKF_EC_UNCOMPRESS 0x01000000
michael@0 990 #define CKF_EC_COMPRESS 0x02000000
michael@0 991
michael@0 992 #define CKF_EXTENSION 0x80000000 /* FALSE for this version */
michael@0 993
michael@0 994 typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
michael@0 995
michael@0 996
michael@0 997 /* CK_RV is a value that identifies the return value of a
michael@0 998 * PKCS #11 function */
michael@0 999 /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
michael@0 1000 typedef CK_ULONG CK_RV;
michael@0 1001
michael@0 1002 #define CKR_OK 0x00000000
michael@0 1003 #define CKR_CANCEL 0x00000001
michael@0 1004 #define CKR_HOST_MEMORY 0x00000002
michael@0 1005 #define CKR_SLOT_ID_INVALID 0x00000003
michael@0 1006
michael@0 1007 /* CKR_FLAGS_INVALID was removed for v2.0 */
michael@0 1008
michael@0 1009 /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
michael@0 1010 #define CKR_GENERAL_ERROR 0x00000005
michael@0 1011 #define CKR_FUNCTION_FAILED 0x00000006
michael@0 1012
michael@0 1013 /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
michael@0 1014 * and CKR_CANT_LOCK are new for v2.01 */
michael@0 1015 #define CKR_ARGUMENTS_BAD 0x00000007
michael@0 1016 #define CKR_NO_EVENT 0x00000008
michael@0 1017 #define CKR_NEED_TO_CREATE_THREADS 0x00000009
michael@0 1018 #define CKR_CANT_LOCK 0x0000000A
michael@0 1019
michael@0 1020 #define CKR_ATTRIBUTE_READ_ONLY 0x00000010
michael@0 1021 #define CKR_ATTRIBUTE_SENSITIVE 0x00000011
michael@0 1022 #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
michael@0 1023 #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
michael@0 1024 #define CKR_DATA_INVALID 0x00000020
michael@0 1025 #define CKR_DATA_LEN_RANGE 0x00000021
michael@0 1026 #define CKR_DEVICE_ERROR 0x00000030
michael@0 1027 #define CKR_DEVICE_MEMORY 0x00000031
michael@0 1028 #define CKR_DEVICE_REMOVED 0x00000032
michael@0 1029 #define CKR_ENCRYPTED_DATA_INVALID 0x00000040
michael@0 1030 #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
michael@0 1031 #define CKR_FUNCTION_CANCELED 0x00000050
michael@0 1032 #define CKR_FUNCTION_NOT_PARALLEL 0x00000051
michael@0 1033
michael@0 1034 /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
michael@0 1035 #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
michael@0 1036
michael@0 1037 #define CKR_KEY_HANDLE_INVALID 0x00000060
michael@0 1038
michael@0 1039 /* CKR_KEY_SENSITIVE was removed for v2.0 */
michael@0 1040
michael@0 1041 #define CKR_KEY_SIZE_RANGE 0x00000062
michael@0 1042 #define CKR_KEY_TYPE_INCONSISTENT 0x00000063
michael@0 1043
michael@0 1044 /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
michael@0 1045 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
michael@0 1046 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
michael@0 1047 * v2.0 */
michael@0 1048 #define CKR_KEY_NOT_NEEDED 0x00000064
michael@0 1049 #define CKR_KEY_CHANGED 0x00000065
michael@0 1050 #define CKR_KEY_NEEDED 0x00000066
michael@0 1051 #define CKR_KEY_INDIGESTIBLE 0x00000067
michael@0 1052 #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
michael@0 1053 #define CKR_KEY_NOT_WRAPPABLE 0x00000069
michael@0 1054 #define CKR_KEY_UNEXTRACTABLE 0x0000006A
michael@0 1055
michael@0 1056 #define CKR_MECHANISM_INVALID 0x00000070
michael@0 1057 #define CKR_MECHANISM_PARAM_INVALID 0x00000071
michael@0 1058
michael@0 1059 /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
michael@0 1060 * were removed for v2.0 */
michael@0 1061 #define CKR_OBJECT_HANDLE_INVALID 0x00000082
michael@0 1062 #define CKR_OPERATION_ACTIVE 0x00000090
michael@0 1063 #define CKR_OPERATION_NOT_INITIALIZED 0x00000091
michael@0 1064 #define CKR_PIN_INCORRECT 0x000000A0
michael@0 1065 #define CKR_PIN_INVALID 0x000000A1
michael@0 1066 #define CKR_PIN_LEN_RANGE 0x000000A2
michael@0 1067
michael@0 1068 /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
michael@0 1069 #define CKR_PIN_EXPIRED 0x000000A3
michael@0 1070 #define CKR_PIN_LOCKED 0x000000A4
michael@0 1071
michael@0 1072 #define CKR_SESSION_CLOSED 0x000000B0
michael@0 1073 #define CKR_SESSION_COUNT 0x000000B1
michael@0 1074 #define CKR_SESSION_HANDLE_INVALID 0x000000B3
michael@0 1075 #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
michael@0 1076 #define CKR_SESSION_READ_ONLY 0x000000B5
michael@0 1077 #define CKR_SESSION_EXISTS 0x000000B6
michael@0 1078
michael@0 1079 /* CKR_SESSION_READ_ONLY_EXISTS and
michael@0 1080 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
michael@0 1081 #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
michael@0 1082 #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
michael@0 1083
michael@0 1084 #define CKR_SIGNATURE_INVALID 0x000000C0
michael@0 1085 #define CKR_SIGNATURE_LEN_RANGE 0x000000C1
michael@0 1086 #define CKR_TEMPLATE_INCOMPLETE 0x000000D0
michael@0 1087 #define CKR_TEMPLATE_INCONSISTENT 0x000000D1
michael@0 1088 #define CKR_TOKEN_NOT_PRESENT 0x000000E0
michael@0 1089 #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
michael@0 1090 #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
michael@0 1091 #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
michael@0 1092 #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
michael@0 1093 #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
michael@0 1094 #define CKR_USER_ALREADY_LOGGED_IN 0x00000100
michael@0 1095 #define CKR_USER_NOT_LOGGED_IN 0x00000101
michael@0 1096 #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
michael@0 1097 #define CKR_USER_TYPE_INVALID 0x00000103
michael@0 1098
michael@0 1099 /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
michael@0 1100 * are new to v2.01 */
michael@0 1101 #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
michael@0 1102 #define CKR_USER_TOO_MANY_TYPES 0x00000105
michael@0 1103
michael@0 1104 #define CKR_WRAPPED_KEY_INVALID 0x00000110
michael@0 1105 #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
michael@0 1106 #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
michael@0 1107 #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
michael@0 1108 #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
michael@0 1109 #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
michael@0 1110
michael@0 1111 /* These are new to v2.0 */
michael@0 1112 #define CKR_RANDOM_NO_RNG 0x00000121
michael@0 1113
michael@0 1114 /* These are new to v2.11 */
michael@0 1115 #define CKR_DOMAIN_PARAMS_INVALID 0x00000130
michael@0 1116
michael@0 1117 /* These are new to v2.0 */
michael@0 1118 #define CKR_BUFFER_TOO_SMALL 0x00000150
michael@0 1119 #define CKR_SAVED_STATE_INVALID 0x00000160
michael@0 1120 #define CKR_INFORMATION_SENSITIVE 0x00000170
michael@0 1121 #define CKR_STATE_UNSAVEABLE 0x00000180
michael@0 1122
michael@0 1123 /* These are new to v2.01 */
michael@0 1124 #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
michael@0 1125 #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
michael@0 1126 #define CKR_MUTEX_BAD 0x000001A0
michael@0 1127 #define CKR_MUTEX_NOT_LOCKED 0x000001A1
michael@0 1128
michael@0 1129 /* This is new to v2.20 */
michael@0 1130 #define CKR_FUNCTION_REJECTED 0x00000200
michael@0 1131
michael@0 1132 #define CKR_VENDOR_DEFINED 0x80000000
michael@0 1133
michael@0 1134
michael@0 1135 /* CK_NOTIFY is an application callback that processes events */
michael@0 1136 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
michael@0 1137 CK_SESSION_HANDLE hSession, /* the session's handle */
michael@0 1138 CK_NOTIFICATION event,
michael@0 1139 CK_VOID_PTR pApplication /* passed to C_OpenSession */
michael@0 1140 );
michael@0 1141
michael@0 1142
michael@0 1143 /* CK_FUNCTION_LIST is a structure holding a PKCS #11 spec
michael@0 1144 * version and pointers of appropriate types to all the
michael@0 1145 * PKCS #11 functions */
michael@0 1146 /* CK_FUNCTION_LIST is new for v2.0 */
michael@0 1147 typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
michael@0 1148
michael@0 1149 typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
michael@0 1150
michael@0 1151 typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
michael@0 1152
michael@0 1153
michael@0 1154 /* CK_CREATEMUTEX is an application callback for creating a
michael@0 1155 * mutex object */
michael@0 1156 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
michael@0 1157 CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
michael@0 1158 );
michael@0 1159
michael@0 1160
michael@0 1161 /* CK_DESTROYMUTEX is an application callback for destroying a
michael@0 1162 * mutex object */
michael@0 1163 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
michael@0 1164 CK_VOID_PTR pMutex /* pointer to mutex */
michael@0 1165 );
michael@0 1166
michael@0 1167
michael@0 1168 /* CK_LOCKMUTEX is an application callback for locking a mutex */
michael@0 1169 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
michael@0 1170 CK_VOID_PTR pMutex /* pointer to mutex */
michael@0 1171 );
michael@0 1172
michael@0 1173
michael@0 1174 /* CK_UNLOCKMUTEX is an application callback for unlocking a
michael@0 1175 * mutex */
michael@0 1176 typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
michael@0 1177 CK_VOID_PTR pMutex /* pointer to mutex */
michael@0 1178 );
michael@0 1179
michael@0 1180
michael@0 1181 /* CK_C_INITIALIZE_ARGS provides the optional arguments to
michael@0 1182 * C_Initialize */
michael@0 1183 typedef struct CK_C_INITIALIZE_ARGS {
michael@0 1184 CK_CREATEMUTEX CreateMutex;
michael@0 1185 CK_DESTROYMUTEX DestroyMutex;
michael@0 1186 CK_LOCKMUTEX LockMutex;
michael@0 1187 CK_UNLOCKMUTEX UnlockMutex;
michael@0 1188 CK_FLAGS flags;
michael@0 1189 /* The official PKCS #11 spec does not have a 'LibraryParameters' field, but
michael@0 1190 * a reserved field. NSS needs a way to pass instance-specific information
michael@0 1191 * to the library (like where to find its config files, etc). This
michael@0 1192 * information is usually provided by the installer and passed uninterpreted
michael@0 1193 * by NSS to the library, though NSS does know the specifics of the softoken
michael@0 1194 * version of this parameter. Most compliant PKCS#11 modules expect this
michael@0 1195 * parameter to be NULL, and will return CKR_ARGUMENTS_BAD from
michael@0 1196 * C_Initialize if Library parameters is supplied. */
michael@0 1197 CK_CHAR_PTR *LibraryParameters;
michael@0 1198 /* This field is only present if the LibraryParameters is not NULL. It must
michael@0 1199 * be NULL in all cases */
michael@0 1200 CK_VOID_PTR pReserved;
michael@0 1201 } CK_C_INITIALIZE_ARGS;
michael@0 1202
michael@0 1203 /* flags: bit flags that provide capabilities of the slot
michael@0 1204 * Bit Flag Mask Meaning
michael@0 1205 */
michael@0 1206 #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
michael@0 1207 #define CKF_OS_LOCKING_OK 0x00000002
michael@0 1208
michael@0 1209 typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
michael@0 1210
michael@0 1211
michael@0 1212 /* additional flags for parameters to functions */
michael@0 1213
michael@0 1214 /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
michael@0 1215 #define CKF_DONT_BLOCK 1
michael@0 1216
michael@0 1217 /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
michael@0 1218 * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message
michael@0 1219 * Generation Function (MGF) applied to a message block when
michael@0 1220 * formatting a message block for the PKCS #1 OAEP encryption
michael@0 1221 * scheme. */
michael@0 1222 typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
michael@0 1223
michael@0 1224 typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;
michael@0 1225
michael@0 1226 /* The following MGFs are defined */
michael@0 1227 /* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512
michael@0 1228 * are new for v2.20 */
michael@0 1229 #define CKG_MGF1_SHA1 0x00000001
michael@0 1230 #define CKG_MGF1_SHA256 0x00000002
michael@0 1231 #define CKG_MGF1_SHA384 0x00000003
michael@0 1232 #define CKG_MGF1_SHA512 0x00000004
michael@0 1233
michael@0 1234 /* v2.20 amendment 3 */
michael@0 1235 #define CKG_MGF1_SHA224 0x00000005
michael@0 1236
michael@0 1237 /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
michael@0 1238 * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
michael@0 1239 * of the encoding parameter when formatting a message block
michael@0 1240 * for the PKCS #1 OAEP encryption scheme. */
michael@0 1241 typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
michael@0 1242
michael@0 1243 typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
michael@0 1244
michael@0 1245 /* The following encoding parameter sources are defined */
michael@0 1246 #define CKZ_DATA_SPECIFIED 0x00000001
michael@0 1247
michael@0 1248 /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
michael@0 1249 * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
michael@0 1250 * CKM_RSA_PKCS_OAEP mechanism. */
michael@0 1251 typedef struct CK_RSA_PKCS_OAEP_PARAMS {
michael@0 1252 CK_MECHANISM_TYPE hashAlg;
michael@0 1253 CK_RSA_PKCS_MGF_TYPE mgf;
michael@0 1254 CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
michael@0 1255 CK_VOID_PTR pSourceData;
michael@0 1256 CK_ULONG ulSourceDataLen;
michael@0 1257 } CK_RSA_PKCS_OAEP_PARAMS;
michael@0 1258
michael@0 1259 typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
michael@0 1260
michael@0 1261 /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11.
michael@0 1262 * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
michael@0 1263 * CKM_RSA_PKCS_PSS mechanism(s). */
michael@0 1264 typedef struct CK_RSA_PKCS_PSS_PARAMS {
michael@0 1265 CK_MECHANISM_TYPE hashAlg;
michael@0 1266 CK_RSA_PKCS_MGF_TYPE mgf;
michael@0 1267 CK_ULONG sLen;
michael@0 1268 } CK_RSA_PKCS_PSS_PARAMS;
michael@0 1269
michael@0 1270 typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;
michael@0 1271
michael@0 1272 /* CK_EC_KDF_TYPE is new for v2.11. */
michael@0 1273 typedef CK_ULONG CK_EC_KDF_TYPE;
michael@0 1274
michael@0 1275 /* The following EC Key Derivation Functions are defined */
michael@0 1276 #define CKD_NULL 0x00000001
michael@0 1277 #define CKD_SHA1_KDF 0x00000002
michael@0 1278 #define CKD_SHA224_KDF 0x00000005
michael@0 1279 #define CKD_SHA256_KDF 0x00000006
michael@0 1280 #define CKD_SHA384_KDF 0x00000007
michael@0 1281 #define CKD_SHA512_KDF 0x00000008
michael@0 1282
michael@0 1283 /* CK_ECDH1_DERIVE_PARAMS is new for v2.11.
michael@0 1284 * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
michael@0 1285 * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,
michael@0 1286 * where each party contributes one key pair.
michael@0 1287 */
michael@0 1288 typedef struct CK_ECDH1_DERIVE_PARAMS {
michael@0 1289 CK_EC_KDF_TYPE kdf;
michael@0 1290 CK_ULONG ulSharedDataLen;
michael@0 1291 CK_BYTE_PTR pSharedData;
michael@0 1292 CK_ULONG ulPublicDataLen;
michael@0 1293 CK_BYTE_PTR pPublicData;
michael@0 1294 } CK_ECDH1_DERIVE_PARAMS;
michael@0 1295
michael@0 1296 typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;
michael@0 1297
michael@0 1298
michael@0 1299 /* CK_ECDH2_DERIVE_PARAMS is new for v2.11.
michael@0 1300 * CK_ECDH2_DERIVE_PARAMS provides the parameters to the
michael@0 1301 * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */
michael@0 1302 typedef struct CK_ECDH2_DERIVE_PARAMS {
michael@0 1303 CK_EC_KDF_TYPE kdf;
michael@0 1304 CK_ULONG ulSharedDataLen;
michael@0 1305 CK_BYTE_PTR pSharedData;
michael@0 1306 CK_ULONG ulPublicDataLen;
michael@0 1307 CK_BYTE_PTR pPublicData;
michael@0 1308 CK_ULONG ulPrivateDataLen;
michael@0 1309 CK_OBJECT_HANDLE hPrivateData;
michael@0 1310 CK_ULONG ulPublicDataLen2;
michael@0 1311 CK_BYTE_PTR pPublicData2;
michael@0 1312 } CK_ECDH2_DERIVE_PARAMS;
michael@0 1313
michael@0 1314 typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR;
michael@0 1315
michael@0 1316 typedef struct CK_ECMQV_DERIVE_PARAMS {
michael@0 1317 CK_EC_KDF_TYPE kdf;
michael@0 1318 CK_ULONG ulSharedDataLen;
michael@0 1319 CK_BYTE_PTR pSharedData;
michael@0 1320 CK_ULONG ulPublicDataLen;
michael@0 1321 CK_BYTE_PTR pPublicData;
michael@0 1322 CK_ULONG ulPrivateDataLen;
michael@0 1323 CK_OBJECT_HANDLE hPrivateData;
michael@0 1324 CK_ULONG ulPublicDataLen2;
michael@0 1325 CK_BYTE_PTR pPublicData2;
michael@0 1326 CK_OBJECT_HANDLE publicKey;
michael@0 1327 } CK_ECMQV_DERIVE_PARAMS;
michael@0 1328
michael@0 1329 typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR;
michael@0 1330
michael@0 1331 /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the
michael@0 1332 * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */
michael@0 1333 typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;
michael@0 1334 typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;
michael@0 1335
michael@0 1336 /* The following X9.42 DH key derivation functions are defined
michael@0 1337 (besides CKD_NULL already defined : */
michael@0 1338 #define CKD_SHA1_KDF_ASN1 0x00000003
michael@0 1339 #define CKD_SHA1_KDF_CONCATENATE 0x00000004
michael@0 1340
michael@0 1341 /* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11.
michael@0 1342 * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the
michael@0 1343 * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party
michael@0 1344 * contributes one key pair */
michael@0 1345 typedef struct CK_X9_42_DH1_DERIVE_PARAMS {
michael@0 1346 CK_X9_42_DH_KDF_TYPE kdf;
michael@0 1347 CK_ULONG ulOtherInfoLen;
michael@0 1348 CK_BYTE_PTR pOtherInfo;
michael@0 1349 CK_ULONG ulPublicDataLen;
michael@0 1350 CK_BYTE_PTR pPublicData;
michael@0 1351 } CK_X9_42_DH1_DERIVE_PARAMS;
michael@0 1352
michael@0 1353 typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;
michael@0 1354
michael@0 1355 /* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11.
michael@0 1356 * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the
michael@0 1357 * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation
michael@0 1358 * mechanisms, where each party contributes two key pairs */
michael@0 1359 typedef struct CK_X9_42_DH2_DERIVE_PARAMS {
michael@0 1360 CK_X9_42_DH_KDF_TYPE kdf;
michael@0 1361 CK_ULONG ulOtherInfoLen;
michael@0 1362 CK_BYTE_PTR pOtherInfo;
michael@0 1363 CK_ULONG ulPublicDataLen;
michael@0 1364 CK_BYTE_PTR pPublicData;
michael@0 1365 CK_ULONG ulPrivateDataLen;
michael@0 1366 CK_OBJECT_HANDLE hPrivateData;
michael@0 1367 CK_ULONG ulPublicDataLen2;
michael@0 1368 CK_BYTE_PTR pPublicData2;
michael@0 1369 } CK_X9_42_DH2_DERIVE_PARAMS;
michael@0 1370
michael@0 1371 typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;
michael@0 1372
michael@0 1373 typedef struct CK_X9_42_MQV_DERIVE_PARAMS {
michael@0 1374 CK_X9_42_DH_KDF_TYPE kdf;
michael@0 1375 CK_ULONG ulOtherInfoLen;
michael@0 1376 CK_BYTE_PTR pOtherInfo;
michael@0 1377 CK_ULONG ulPublicDataLen;
michael@0 1378 CK_BYTE_PTR pPublicData;
michael@0 1379 CK_ULONG ulPrivateDataLen;
michael@0 1380 CK_OBJECT_HANDLE hPrivateData;
michael@0 1381 CK_ULONG ulPublicDataLen2;
michael@0 1382 CK_BYTE_PTR pPublicData2;
michael@0 1383 CK_OBJECT_HANDLE publicKey;
michael@0 1384 } CK_X9_42_MQV_DERIVE_PARAMS;
michael@0 1385
michael@0 1386 typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR;
michael@0 1387
michael@0 1388 /* CK_KEA_DERIVE_PARAMS provides the parameters to the
michael@0 1389 * CKM_KEA_DERIVE mechanism */
michael@0 1390 /* CK_KEA_DERIVE_PARAMS is new for v2.0 */
michael@0 1391 typedef struct CK_KEA_DERIVE_PARAMS {
michael@0 1392 CK_BBOOL isSender;
michael@0 1393 CK_ULONG ulRandomLen;
michael@0 1394 CK_BYTE_PTR pRandomA;
michael@0 1395 CK_BYTE_PTR pRandomB;
michael@0 1396 CK_ULONG ulPublicDataLen;
michael@0 1397 CK_BYTE_PTR pPublicData;
michael@0 1398 } CK_KEA_DERIVE_PARAMS;
michael@0 1399
michael@0 1400 typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
michael@0 1401
michael@0 1402
michael@0 1403 /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
michael@0 1404 * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
michael@0 1405 * holds the effective keysize */
michael@0 1406 typedef CK_ULONG CK_RC2_PARAMS;
michael@0 1407
michael@0 1408 typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
michael@0 1409
michael@0 1410
michael@0 1411 /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
michael@0 1412 * mechanism */
michael@0 1413 typedef struct CK_RC2_CBC_PARAMS {
michael@0 1414 /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
michael@0 1415 * v2.0 */
michael@0 1416 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
michael@0 1417
michael@0 1418 CK_BYTE iv[8]; /* IV for CBC mode */
michael@0 1419 } CK_RC2_CBC_PARAMS;
michael@0 1420
michael@0 1421 typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
michael@0 1422
michael@0 1423
michael@0 1424 /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
michael@0 1425 * CKM_RC2_MAC_GENERAL mechanism */
michael@0 1426 /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
michael@0 1427 typedef struct CK_RC2_MAC_GENERAL_PARAMS {
michael@0 1428 CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
michael@0 1429 CK_ULONG ulMacLength; /* Length of MAC in bytes */
michael@0 1430 } CK_RC2_MAC_GENERAL_PARAMS;
michael@0 1431
michael@0 1432 typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
michael@0 1433 CK_RC2_MAC_GENERAL_PARAMS_PTR;
michael@0 1434
michael@0 1435
michael@0 1436 /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
michael@0 1437 * CKM_RC5_MAC mechanisms */
michael@0 1438 /* CK_RC5_PARAMS is new for v2.0 */
michael@0 1439 typedef struct CK_RC5_PARAMS {
michael@0 1440 CK_ULONG ulWordsize; /* wordsize in bits */
michael@0 1441 CK_ULONG ulRounds; /* number of rounds */
michael@0 1442 } CK_RC5_PARAMS;
michael@0 1443
michael@0 1444 typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
michael@0 1445
michael@0 1446
michael@0 1447 /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
michael@0 1448 * mechanism */
michael@0 1449 /* CK_RC5_CBC_PARAMS is new for v2.0 */
michael@0 1450 typedef struct CK_RC5_CBC_PARAMS {
michael@0 1451 CK_ULONG ulWordsize; /* wordsize in bits */
michael@0 1452 CK_ULONG ulRounds; /* number of rounds */
michael@0 1453 CK_BYTE_PTR pIv; /* pointer to IV */
michael@0 1454 CK_ULONG ulIvLen; /* length of IV in bytes */
michael@0 1455 } CK_RC5_CBC_PARAMS;
michael@0 1456
michael@0 1457 typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
michael@0 1458
michael@0 1459
michael@0 1460 /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
michael@0 1461 * CKM_RC5_MAC_GENERAL mechanism */
michael@0 1462 /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
michael@0 1463 typedef struct CK_RC5_MAC_GENERAL_PARAMS {
michael@0 1464 CK_ULONG ulWordsize; /* wordsize in bits */
michael@0 1465 CK_ULONG ulRounds; /* number of rounds */
michael@0 1466 CK_ULONG ulMacLength; /* Length of MAC in bytes */
michael@0 1467 } CK_RC5_MAC_GENERAL_PARAMS;
michael@0 1468
michael@0 1469 typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
michael@0 1470 CK_RC5_MAC_GENERAL_PARAMS_PTR;
michael@0 1471
michael@0 1472
michael@0 1473 /* CK_MAC_GENERAL_PARAMS provides the parameters to most block
michael@0 1474 * ciphers' MAC_GENERAL mechanisms. Its value is the length of
michael@0 1475 * the MAC */
michael@0 1476 /* CK_MAC_GENERAL_PARAMS is new for v2.0 */
michael@0 1477 typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
michael@0 1478
michael@0 1479 typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
michael@0 1480
michael@0 1481 /* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */
michael@0 1482 typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS {
michael@0 1483 CK_BYTE iv[8];
michael@0 1484 CK_BYTE_PTR pData;
michael@0 1485 CK_ULONG length;
michael@0 1486 } CK_DES_CBC_ENCRYPT_DATA_PARAMS;
michael@0 1487
michael@0 1488 typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR;
michael@0 1489
michael@0 1490 typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS {
michael@0 1491 CK_BYTE iv[16];
michael@0 1492 CK_BYTE_PTR pData;
michael@0 1493 CK_ULONG length;
michael@0 1494 } CK_AES_CBC_ENCRYPT_DATA_PARAMS;
michael@0 1495
michael@0 1496 typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;
michael@0 1497
michael@0 1498 /* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */
michael@0 1499 typedef struct CK_AES_CTR_PARAMS {
michael@0 1500 CK_ULONG ulCounterBits;
michael@0 1501 CK_BYTE cb[16];
michael@0 1502 } CK_AES_CTR_PARAMS;
michael@0 1503
michael@0 1504 typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR;
michael@0 1505
michael@0 1506 /* CK_GCM_PARAMS is new for version 2.30 */
michael@0 1507 typedef struct CK_GCM_PARAMS {
michael@0 1508 CK_BYTE_PTR pIv;
michael@0 1509 CK_ULONG ulIvLen;
michael@0 1510 CK_BYTE_PTR pAAD;
michael@0 1511 CK_ULONG ulAADLen;
michael@0 1512 CK_ULONG ulTagBits;
michael@0 1513 } CK_GCM_PARAMS;
michael@0 1514
michael@0 1515 typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR;
michael@0 1516
michael@0 1517 /* CK_CCM_PARAMS is new for version 2.30 */
michael@0 1518 typedef struct CK_CCM_PARAMS {
michael@0 1519 CK_ULONG ulDataLen;
michael@0 1520 CK_BYTE_PTR pNonce;
michael@0 1521 CK_ULONG ulNonceLen;
michael@0 1522 CK_BYTE_PTR pAAD;
michael@0 1523 CK_ULONG ulAADLen;
michael@0 1524 CK_ULONG ulMACLen;
michael@0 1525 } CK_CCM_PARAMS;
michael@0 1526
michael@0 1527 typedef CK_CCM_PARAMS CK_PTR CK_CCM_PARAMS_PTR;
michael@0 1528
michael@0 1529 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
michael@0 1530 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
michael@0 1531 /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
michael@0 1532 typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
michael@0 1533 CK_ULONG ulPasswordLen;
michael@0 1534 CK_BYTE_PTR pPassword;
michael@0 1535 CK_ULONG ulPublicDataLen;
michael@0 1536 CK_BYTE_PTR pPublicData;
michael@0 1537 CK_ULONG ulPAndGLen;
michael@0 1538 CK_ULONG ulQLen;
michael@0 1539 CK_ULONG ulRandomLen;
michael@0 1540 CK_BYTE_PTR pRandomA;
michael@0 1541 CK_BYTE_PTR pPrimeP;
michael@0 1542 CK_BYTE_PTR pBaseG;
michael@0 1543 CK_BYTE_PTR pSubprimeQ;
michael@0 1544 } CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
michael@0 1545
michael@0 1546 typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
michael@0 1547 CK_SKIPJACK_PRIVATE_WRAP_PTR;
michael@0 1548
michael@0 1549
michael@0 1550 /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
michael@0 1551 * CKM_SKIPJACK_RELAYX mechanism */
michael@0 1552 /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
michael@0 1553 typedef struct CK_SKIPJACK_RELAYX_PARAMS {
michael@0 1554 CK_ULONG ulOldWrappedXLen;
michael@0 1555 CK_BYTE_PTR pOldWrappedX;
michael@0 1556 CK_ULONG ulOldPasswordLen;
michael@0 1557 CK_BYTE_PTR pOldPassword;
michael@0 1558 CK_ULONG ulOldPublicDataLen;
michael@0 1559 CK_BYTE_PTR pOldPublicData;
michael@0 1560 CK_ULONG ulOldRandomLen;
michael@0 1561 CK_BYTE_PTR pOldRandomA;
michael@0 1562 CK_ULONG ulNewPasswordLen;
michael@0 1563 CK_BYTE_PTR pNewPassword;
michael@0 1564 CK_ULONG ulNewPublicDataLen;
michael@0 1565 CK_BYTE_PTR pNewPublicData;
michael@0 1566 CK_ULONG ulNewRandomLen;
michael@0 1567 CK_BYTE_PTR pNewRandomA;
michael@0 1568 } CK_SKIPJACK_RELAYX_PARAMS;
michael@0 1569
michael@0 1570 typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
michael@0 1571 CK_SKIPJACK_RELAYX_PARAMS_PTR;
michael@0 1572
michael@0 1573
michael@0 1574 typedef struct CK_PBE_PARAMS {
michael@0 1575 CK_BYTE_PTR pInitVector;
michael@0 1576 CK_UTF8CHAR_PTR pPassword;
michael@0 1577 CK_ULONG ulPasswordLen;
michael@0 1578 CK_BYTE_PTR pSalt;
michael@0 1579 CK_ULONG ulSaltLen;
michael@0 1580 CK_ULONG ulIteration;
michael@0 1581 } CK_PBE_PARAMS;
michael@0 1582
michael@0 1583 typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
michael@0 1584
michael@0 1585
michael@0 1586 /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
michael@0 1587 * CKM_KEY_WRAP_SET_OAEP mechanism */
michael@0 1588 /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
michael@0 1589 typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
michael@0 1590 CK_BYTE bBC; /* block contents byte */
michael@0 1591 CK_BYTE_PTR pX; /* extra data */
michael@0 1592 CK_ULONG ulXLen; /* length of extra data in bytes */
michael@0 1593 } CK_KEY_WRAP_SET_OAEP_PARAMS;
michael@0 1594
michael@0 1595 typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
michael@0 1596 CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
michael@0 1597
michael@0 1598
michael@0 1599 typedef struct CK_SSL3_RANDOM_DATA {
michael@0 1600 CK_BYTE_PTR pClientRandom;
michael@0 1601 CK_ULONG ulClientRandomLen;
michael@0 1602 CK_BYTE_PTR pServerRandom;
michael@0 1603 CK_ULONG ulServerRandomLen;
michael@0 1604 } CK_SSL3_RANDOM_DATA;
michael@0 1605
michael@0 1606
michael@0 1607 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
michael@0 1608 CK_SSL3_RANDOM_DATA RandomInfo;
michael@0 1609 CK_VERSION_PTR pVersion;
michael@0 1610 } CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
michael@0 1611
michael@0 1612 typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
michael@0 1613 CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
michael@0 1614
michael@0 1615
michael@0 1616 typedef struct CK_SSL3_KEY_MAT_OUT {
michael@0 1617 CK_OBJECT_HANDLE hClientMacSecret;
michael@0 1618 CK_OBJECT_HANDLE hServerMacSecret;
michael@0 1619 CK_OBJECT_HANDLE hClientKey;
michael@0 1620 CK_OBJECT_HANDLE hServerKey;
michael@0 1621 CK_BYTE_PTR pIVClient;
michael@0 1622 CK_BYTE_PTR pIVServer;
michael@0 1623 } CK_SSL3_KEY_MAT_OUT;
michael@0 1624
michael@0 1625 typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
michael@0 1626
michael@0 1627
michael@0 1628 typedef struct CK_SSL3_KEY_MAT_PARAMS {
michael@0 1629 CK_ULONG ulMacSizeInBits;
michael@0 1630 CK_ULONG ulKeySizeInBits;
michael@0 1631 CK_ULONG ulIVSizeInBits;
michael@0 1632 CK_BBOOL bIsExport;
michael@0 1633 CK_SSL3_RANDOM_DATA RandomInfo;
michael@0 1634 CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
michael@0 1635 } CK_SSL3_KEY_MAT_PARAMS;
michael@0 1636
michael@0 1637 typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
michael@0 1638
michael@0 1639 /* CK_TLS_PRF_PARAMS is new for version 2.20 */
michael@0 1640 typedef struct CK_TLS_PRF_PARAMS {
michael@0 1641 CK_BYTE_PTR pSeed;
michael@0 1642 CK_ULONG ulSeedLen;
michael@0 1643 CK_BYTE_PTR pLabel;
michael@0 1644 CK_ULONG ulLabelLen;
michael@0 1645 CK_BYTE_PTR pOutput;
michael@0 1646 CK_ULONG_PTR pulOutputLen;
michael@0 1647 } CK_TLS_PRF_PARAMS;
michael@0 1648
michael@0 1649 typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR;
michael@0 1650
michael@0 1651 /* WTLS is new for version 2.20 */
michael@0 1652 typedef struct CK_WTLS_RANDOM_DATA {
michael@0 1653 CK_BYTE_PTR pClientRandom;
michael@0 1654 CK_ULONG ulClientRandomLen;
michael@0 1655 CK_BYTE_PTR pServerRandom;
michael@0 1656 CK_ULONG ulServerRandomLen;
michael@0 1657 } CK_WTLS_RANDOM_DATA;
michael@0 1658
michael@0 1659 typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR;
michael@0 1660
michael@0 1661 typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS {
michael@0 1662 CK_MECHANISM_TYPE DigestMechanism;
michael@0 1663 CK_WTLS_RANDOM_DATA RandomInfo;
michael@0 1664 CK_BYTE_PTR pVersion;
michael@0 1665 } CK_WTLS_MASTER_KEY_DERIVE_PARAMS;
michael@0 1666
michael@0 1667 typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \
michael@0 1668 CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR;
michael@0 1669
michael@0 1670 typedef struct CK_WTLS_PRF_PARAMS {
michael@0 1671 CK_MECHANISM_TYPE DigestMechanism;
michael@0 1672 CK_BYTE_PTR pSeed;
michael@0 1673 CK_ULONG ulSeedLen;
michael@0 1674 CK_BYTE_PTR pLabel;
michael@0 1675 CK_ULONG ulLabelLen;
michael@0 1676 CK_BYTE_PTR pOutput;
michael@0 1677 CK_ULONG_PTR pulOutputLen;
michael@0 1678 } CK_WTLS_PRF_PARAMS;
michael@0 1679
michael@0 1680 typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR;
michael@0 1681
michael@0 1682 typedef struct CK_WTLS_KEY_MAT_OUT {
michael@0 1683 CK_OBJECT_HANDLE hMacSecret;
michael@0 1684 CK_OBJECT_HANDLE hKey;
michael@0 1685 CK_BYTE_PTR pIV;
michael@0 1686 } CK_WTLS_KEY_MAT_OUT;
michael@0 1687
michael@0 1688 typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR;
michael@0 1689
michael@0 1690 typedef struct CK_WTLS_KEY_MAT_PARAMS {
michael@0 1691 CK_MECHANISM_TYPE DigestMechanism;
michael@0 1692 CK_ULONG ulMacSizeInBits;
michael@0 1693 CK_ULONG ulKeySizeInBits;
michael@0 1694 CK_ULONG ulIVSizeInBits;
michael@0 1695 CK_ULONG ulSequenceNumber;
michael@0 1696 CK_BBOOL bIsExport;
michael@0 1697 CK_WTLS_RANDOM_DATA RandomInfo;
michael@0 1698 CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
michael@0 1699 } CK_WTLS_KEY_MAT_PARAMS;
michael@0 1700
michael@0 1701 typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR;
michael@0 1702
michael@0 1703 /* CMS is new for version 2.20 */
michael@0 1704 typedef struct CK_CMS_SIG_PARAMS {
michael@0 1705 CK_OBJECT_HANDLE certificateHandle;
michael@0 1706 CK_MECHANISM_PTR pSigningMechanism;
michael@0 1707 CK_MECHANISM_PTR pDigestMechanism;
michael@0 1708 CK_UTF8CHAR_PTR pContentType;
michael@0 1709 CK_BYTE_PTR pRequestedAttributes;
michael@0 1710 CK_ULONG ulRequestedAttributesLen;
michael@0 1711 CK_BYTE_PTR pRequiredAttributes;
michael@0 1712 CK_ULONG ulRequiredAttributesLen;
michael@0 1713 } CK_CMS_SIG_PARAMS;
michael@0 1714
michael@0 1715 typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR;
michael@0 1716
michael@0 1717 typedef struct CK_KEY_DERIVATION_STRING_DATA {
michael@0 1718 CK_BYTE_PTR pData;
michael@0 1719 CK_ULONG ulLen;
michael@0 1720 } CK_KEY_DERIVATION_STRING_DATA;
michael@0 1721
michael@0 1722 typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
michael@0 1723 CK_KEY_DERIVATION_STRING_DATA_PTR;
michael@0 1724
michael@0 1725
michael@0 1726 /* The CK_EXTRACT_PARAMS is used for the
michael@0 1727 * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
michael@0 1728 * of the base key should be used as the first bit of the
michael@0 1729 * derived key */
michael@0 1730 /* CK_EXTRACT_PARAMS is new for v2.0 */
michael@0 1731 typedef CK_ULONG CK_EXTRACT_PARAMS;
michael@0 1732
michael@0 1733 typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
michael@0 1734
michael@0 1735 /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
michael@0 1736 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
michael@0 1737 * indicate the Pseudo-Random Function (PRF) used to generate
michael@0 1738 * key bits using PKCS #5 PBKDF2. */
michael@0 1739 typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
michael@0 1740
michael@0 1741 typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
michael@0 1742
michael@0 1743 /* The following PRFs are defined in PKCS #5 v2.0. */
michael@0 1744 #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
michael@0 1745
michael@0 1746
michael@0 1747 /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10.
michael@0 1748 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the
michael@0 1749 * source of the salt value when deriving a key using PKCS #5
michael@0 1750 * PBKDF2. */
michael@0 1751 typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
michael@0 1752
michael@0 1753 typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
michael@0 1754
michael@0 1755 /* The following salt value sources are defined in PKCS #5 v2.0. */
michael@0 1756 #define CKZ_SALT_SPECIFIED 0x00000001
michael@0 1757
michael@0 1758 /* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
michael@0 1759 * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
michael@0 1760 * parameters to the CKM_PKCS5_PBKD2 mechanism. */
michael@0 1761 typedef struct CK_PKCS5_PBKD2_PARAMS {
michael@0 1762 CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
michael@0 1763 CK_VOID_PTR pSaltSourceData;
michael@0 1764 CK_ULONG ulSaltSourceDataLen;
michael@0 1765 CK_ULONG iterations;
michael@0 1766 CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
michael@0 1767 CK_VOID_PTR pPrfData;
michael@0 1768 CK_ULONG ulPrfDataLen;
michael@0 1769 CK_UTF8CHAR_PTR pPassword;
michael@0 1770 CK_ULONG_PTR ulPasswordLen;
michael@0 1771 } CK_PKCS5_PBKD2_PARAMS;
michael@0 1772
michael@0 1773 typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
michael@0 1774
michael@0 1775 /* NSS Specific defines */
michael@0 1776
michael@0 1777 /* defines that have been deprecated in 2.20, but maintained in our
michael@0 1778 * header file for backward compatibility */
michael@0 1779 #define CKO_KG_PARAMETERS CKO_DOMAIN_PARAMETERS
michael@0 1780 #define CKF_EC_FP CKF_EC_F_P
michael@0 1781 /* new in v2.11 deprecated by 2.20 */
michael@0 1782 #define CKR_KEY_PARAMS_INVALID 0x0000006B
michael@0 1783
michael@0 1784 /* stuff that for historic reasons is in this header file but should have
michael@0 1785 * been in pkcs11n.h */
michael@0 1786 #define CKK_INVALID_KEY_TYPE 0xffffffff
michael@0 1787
michael@0 1788 #include "pkcs11n.h"
michael@0 1789
michael@0 1790 /* undo packing */
michael@0 1791 #include "pkcs11u.h"
michael@0 1792
michael@0 1793 #endif

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial