security/nss/cmd/lib/pk11table.c@97036ab72558
security/nss/cmd/lib/pk11table.c
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 #include "pk11table.h"
7 const char *_valueString[] = {
8 "None",
9 "Variable",
10 "CK_ULONG",
11 "Data",
12 "UTF8",
13 "CK_INFO",
14 "CK_SLOT_INFO",
15 "CK_TOKEN_INFO",
16 "CK_SESSION_INFO",
17 "CK_ATTRIBUTE",
18 "CK_MECHANISM",
19 "CK_MECHANISM_INFO",
20 "CK_C_INITIALIZE_ARGS",
21 "CK_FUNCTION_LIST"
22 };
24 const char **valueString = &_valueString[0];
25 const int valueCount = sizeof(_valueString)/sizeof(_valueString[0]);
27 const char *_constTypeString[] = {
28 "None",
29 "Bool",
30 "InfoFlags",
31 "SlotFlags",
32 "TokenFlags",
33 "SessionFlags",
34 "MechanismFlags",
35 "InitializeFlags",
36 "Users",
37 "SessionState",
38 "Object",
39 "Hardware",
40 "KeyType",
41 "CertificateType",
42 "Attribute",
43 "Mechanism",
44 "Result",
45 "Trust",
46 "AvailableSizes",
47 "CurrentSize"
48 };
50 const char **constTypeString = &_constTypeString[0];
51 const int constTypeCount = sizeof(_constTypeString)/sizeof(_constTypeString[0]);
53 #define mkEntry(x,t) { #x, x, Const##t, ConstNone }
54 #define mkEntry2(x,t,t2) { #x, x, Const##t, Const##t2 }
56 const Constant _consts[] = {
57 mkEntry(CK_FALSE, Bool),
58 mkEntry(CK_TRUE, Bool),
60 mkEntry(CKF_TOKEN_PRESENT, SlotFlags),
61 mkEntry(CKF_REMOVABLE_DEVICE, SlotFlags),
62 mkEntry(CKF_HW_SLOT, SlotFlags),
64 mkEntry(CKF_RNG, TokenFlags),
65 mkEntry(CKF_WRITE_PROTECTED, TokenFlags),
66 mkEntry(CKF_LOGIN_REQUIRED, TokenFlags),
67 mkEntry(CKF_USER_PIN_INITIALIZED, TokenFlags),
68 mkEntry(CKF_RESTORE_KEY_NOT_NEEDED, TokenFlags),
69 mkEntry(CKF_CLOCK_ON_TOKEN, TokenFlags),
70 mkEntry(CKF_PROTECTED_AUTHENTICATION_PATH, TokenFlags),
71 mkEntry(CKF_DUAL_CRYPTO_OPERATIONS, TokenFlags),
72 mkEntry(CKF_TOKEN_INITIALIZED, TokenFlags),
73 mkEntry(CKF_SECONDARY_AUTHENTICATION, TokenFlags),
74 mkEntry(CKF_USER_PIN_COUNT_LOW, TokenFlags),
75 mkEntry(CKF_USER_PIN_FINAL_TRY, TokenFlags),
76 mkEntry(CKF_USER_PIN_LOCKED, TokenFlags),
77 mkEntry(CKF_USER_PIN_TO_BE_CHANGED, TokenFlags),
78 mkEntry(CKF_SO_PIN_COUNT_LOW, TokenFlags),
79 mkEntry(CKF_SO_PIN_FINAL_TRY, TokenFlags),
80 mkEntry(CKF_SO_PIN_LOCKED, TokenFlags),
81 mkEntry(CKF_SO_PIN_TO_BE_CHANGED, TokenFlags),
83 mkEntry(CKF_RW_SESSION, SessionFlags),
84 mkEntry(CKF_SERIAL_SESSION, SessionFlags),
86 mkEntry(CKF_HW, MechanismFlags),
87 mkEntry(CKF_ENCRYPT, MechanismFlags),
88 mkEntry(CKF_DECRYPT, MechanismFlags),
89 mkEntry(CKF_DIGEST, MechanismFlags),
90 mkEntry(CKF_SIGN, MechanismFlags),
91 mkEntry(CKF_SIGN_RECOVER, MechanismFlags),
92 mkEntry(CKF_VERIFY, MechanismFlags),
93 mkEntry(CKF_VERIFY_RECOVER, MechanismFlags),
94 mkEntry(CKF_GENERATE, MechanismFlags),
95 mkEntry(CKF_GENERATE_KEY_PAIR, MechanismFlags),
96 mkEntry(CKF_WRAP, MechanismFlags),
97 mkEntry(CKF_UNWRAP, MechanismFlags),
98 mkEntry(CKF_DERIVE, MechanismFlags),
99 mkEntry(CKF_EC_FP, MechanismFlags),
100 mkEntry(CKF_EC_F_2M, MechanismFlags),
101 mkEntry(CKF_EC_ECPARAMETERS, MechanismFlags),
102 mkEntry(CKF_EC_NAMEDCURVE, MechanismFlags),
103 mkEntry(CKF_EC_UNCOMPRESS, MechanismFlags),
104 mkEntry(CKF_EC_COMPRESS, MechanismFlags),
106 mkEntry(CKF_LIBRARY_CANT_CREATE_OS_THREADS, InitializeFlags),
107 mkEntry(CKF_OS_LOCKING_OK, InitializeFlags),
109 mkEntry(CKU_SO, Users),
110 mkEntry(CKU_USER, Users),
112 mkEntry(CKS_RO_PUBLIC_SESSION, SessionState),
113 mkEntry(CKS_RO_USER_FUNCTIONS, SessionState),
114 mkEntry(CKS_RW_PUBLIC_SESSION, SessionState),
115 mkEntry(CKS_RW_USER_FUNCTIONS, SessionState),
116 mkEntry(CKS_RW_SO_FUNCTIONS, SessionState),
118 mkEntry(CKO_DATA, Object),
119 mkEntry(CKO_CERTIFICATE, Object),
120 mkEntry(CKO_PUBLIC_KEY, Object),
121 mkEntry(CKO_PRIVATE_KEY, Object),
122 mkEntry(CKO_SECRET_KEY, Object),
123 mkEntry(CKO_HW_FEATURE, Object),
124 mkEntry(CKO_DOMAIN_PARAMETERS, Object),
125 mkEntry(CKO_KG_PARAMETERS, Object),
126 mkEntry(CKO_NSS_CRL, Object),
127 mkEntry(CKO_NSS_SMIME, Object),
128 mkEntry(CKO_NSS_TRUST, Object),
129 mkEntry(CKO_NSS_BUILTIN_ROOT_LIST, Object),
131 mkEntry(CKH_MONOTONIC_COUNTER, Hardware),
132 mkEntry(CKH_CLOCK, Hardware),
134 mkEntry(CKK_RSA, KeyType),
135 mkEntry(CKK_DSA, KeyType),
136 mkEntry(CKK_DH, KeyType),
137 mkEntry(CKK_ECDSA, KeyType),
138 mkEntry(CKK_EC, KeyType),
139 mkEntry(CKK_X9_42_DH, KeyType),
140 mkEntry(CKK_KEA, KeyType),
141 mkEntry(CKK_GENERIC_SECRET, KeyType),
142 mkEntry(CKK_RC2, KeyType),
143 mkEntry(CKK_RC4, KeyType),
144 mkEntry(CKK_DES, KeyType),
145 mkEntry(CKK_DES2, KeyType),
146 mkEntry(CKK_DES3, KeyType),
147 mkEntry(CKK_CAST, KeyType),
148 mkEntry(CKK_CAST3, KeyType),
149 mkEntry(CKK_CAST5, KeyType),
150 mkEntry(CKK_CAST128, KeyType),
151 mkEntry(CKK_RC5, KeyType),
152 mkEntry(CKK_IDEA, KeyType),
153 mkEntry(CKK_SKIPJACK, KeyType),
154 mkEntry(CKK_BATON, KeyType),
155 mkEntry(CKK_JUNIPER, KeyType),
156 mkEntry(CKK_CDMF, KeyType),
157 mkEntry(CKK_AES, KeyType),
158 mkEntry(CKK_CAMELLIA, KeyType),
159 mkEntry(CKK_NSS_PKCS8, KeyType),
161 mkEntry(CKC_X_509, CertType),
162 mkEntry(CKC_X_509_ATTR_CERT, CertType),
164 mkEntry2(CKA_CLASS, Attribute, Object),
165 mkEntry2(CKA_TOKEN, Attribute, Bool),
166 mkEntry2(CKA_PRIVATE, Attribute, Bool),
167 mkEntry2(CKA_LABEL, Attribute, None),
168 mkEntry2(CKA_APPLICATION, Attribute, None),
169 mkEntry2(CKA_VALUE, Attribute, None),
170 mkEntry2(CKA_OBJECT_ID, Attribute, None),
171 mkEntry2(CKA_CERTIFICATE_TYPE, Attribute, CertType),
172 mkEntry2(CKA_ISSUER, Attribute, None),
173 mkEntry2(CKA_SERIAL_NUMBER, Attribute, None),
174 mkEntry2(CKA_AC_ISSUER, Attribute, None),
175 mkEntry2(CKA_OWNER, Attribute, None),
176 mkEntry2(CKA_ATTR_TYPES, Attribute, None),
177 mkEntry2(CKA_TRUSTED, Attribute, Bool),
178 mkEntry2(CKA_KEY_TYPE, Attribute, KeyType),
179 mkEntry2(CKA_SUBJECT, Attribute, None),
180 mkEntry2(CKA_ID, Attribute, None),
181 mkEntry2(CKA_SENSITIVE, Attribute, Bool),
182 mkEntry2(CKA_ENCRYPT, Attribute, Bool),
183 mkEntry2(CKA_DECRYPT, Attribute, Bool),
184 mkEntry2(CKA_WRAP, Attribute, Bool),
185 mkEntry2(CKA_UNWRAP, Attribute, Bool),
186 mkEntry2(CKA_SIGN, Attribute, Bool),
187 mkEntry2(CKA_SIGN_RECOVER, Attribute, Bool),
188 mkEntry2(CKA_VERIFY, Attribute, Bool),
189 mkEntry2(CKA_VERIFY_RECOVER, Attribute, Bool),
190 mkEntry2(CKA_DERIVE, Attribute, Bool),
191 mkEntry2(CKA_START_DATE, Attribute, None),
192 mkEntry2(CKA_END_DATE, Attribute, None),
193 mkEntry2(CKA_MODULUS, Attribute, None),
194 mkEntry2(CKA_MODULUS_BITS, Attribute, None),
195 mkEntry2(CKA_PUBLIC_EXPONENT, Attribute, None),
196 mkEntry2(CKA_PRIVATE_EXPONENT, Attribute, None),
197 mkEntry2(CKA_PRIME_1, Attribute, None),
198 mkEntry2(CKA_PRIME_2, Attribute, None),
199 mkEntry2(CKA_EXPONENT_1, Attribute, None),
200 mkEntry2(CKA_EXPONENT_2, Attribute, None),
201 mkEntry2(CKA_COEFFICIENT, Attribute, None),
202 mkEntry2(CKA_PRIME, Attribute, None),
203 mkEntry2(CKA_SUBPRIME, Attribute, None),
204 mkEntry2(CKA_BASE, Attribute, None),
205 mkEntry2(CKA_PRIME_BITS, Attribute, None),
206 mkEntry2(CKA_SUB_PRIME_BITS, Attribute, None),
207 mkEntry2(CKA_VALUE_BITS, Attribute, None),
208 mkEntry2(CKA_VALUE_LEN, Attribute, None),
209 mkEntry2(CKA_EXTRACTABLE, Attribute, Bool),
210 mkEntry2(CKA_LOCAL, Attribute, Bool),
211 mkEntry2(CKA_NEVER_EXTRACTABLE, Attribute, Bool),
212 mkEntry2(CKA_ALWAYS_SENSITIVE, Attribute, Bool),
213 mkEntry2(CKA_KEY_GEN_MECHANISM, Attribute, Mechanism),
214 mkEntry2(CKA_MODIFIABLE, Attribute, Bool),
215 mkEntry2(CKA_ECDSA_PARAMS, Attribute, None),
216 mkEntry2(CKA_EC_PARAMS, Attribute, None),
217 mkEntry2(CKA_EC_POINT, Attribute, None),
218 mkEntry2(CKA_SECONDARY_AUTH, Attribute, None),
219 mkEntry2(CKA_AUTH_PIN_FLAGS, Attribute, None),
220 mkEntry2(CKA_HW_FEATURE_TYPE, Attribute, Hardware),
221 mkEntry2(CKA_RESET_ON_INIT, Attribute, Bool),
222 mkEntry2(CKA_HAS_RESET, Attribute, Bool),
223 mkEntry2(CKA_NSS_URL, Attribute, None),
224 mkEntry2(CKA_NSS_EMAIL, Attribute, None),
225 mkEntry2(CKA_NSS_SMIME_INFO, Attribute, None),
226 mkEntry2(CKA_NSS_SMIME_TIMESTAMP, Attribute, None),
227 mkEntry2(CKA_NSS_PKCS8_SALT, Attribute, None),
228 mkEntry2(CKA_NSS_PASSWORD_CHECK, Attribute, None),
229 mkEntry2(CKA_NSS_EXPIRES, Attribute, None),
230 mkEntry2(CKA_NSS_KRL, Attribute, None),
231 mkEntry2(CKA_NSS_PQG_COUNTER, Attribute, None),
232 mkEntry2(CKA_NSS_PQG_SEED, Attribute, None),
233 mkEntry2(CKA_NSS_PQG_H, Attribute, None),
234 mkEntry2(CKA_NSS_PQG_SEED_BITS, Attribute, None),
235 mkEntry2(CKA_TRUST_DIGITAL_SIGNATURE, Attribute, Trust),
236 mkEntry2(CKA_TRUST_NON_REPUDIATION, Attribute, Trust),
237 mkEntry2(CKA_TRUST_KEY_ENCIPHERMENT, Attribute, Trust),
238 mkEntry2(CKA_TRUST_DATA_ENCIPHERMENT, Attribute, Trust),
239 mkEntry2(CKA_TRUST_KEY_AGREEMENT, Attribute, Trust),
240 mkEntry2(CKA_TRUST_KEY_CERT_SIGN, Attribute, Trust),
241 mkEntry2(CKA_TRUST_CRL_SIGN, Attribute, Trust),
242 mkEntry2(CKA_TRUST_SERVER_AUTH, Attribute, Trust),
243 mkEntry2(CKA_TRUST_CLIENT_AUTH, Attribute, Trust),
244 mkEntry2(CKA_TRUST_CODE_SIGNING, Attribute, Trust),
245 mkEntry2(CKA_TRUST_EMAIL_PROTECTION, Attribute, Trust),
246 mkEntry2(CKA_TRUST_IPSEC_END_SYSTEM, Attribute, Trust),
247 mkEntry2(CKA_TRUST_IPSEC_TUNNEL, Attribute, Trust),
248 mkEntry2(CKA_TRUST_IPSEC_USER, Attribute, Trust),
249 mkEntry2(CKA_TRUST_TIME_STAMPING, Attribute, Trust),
250 mkEntry2(CKA_CERT_SHA1_HASH, Attribute, None),
251 mkEntry2(CKA_CERT_MD5_HASH, Attribute, None),
252 mkEntry2(CKA_NETSCAPE_DB, Attribute, None),
253 mkEntry2(CKA_NETSCAPE_TRUST, Attribute, Trust),
255 mkEntry(CKM_RSA_PKCS, Mechanism),
256 mkEntry(CKM_RSA_9796, Mechanism),
257 mkEntry(CKM_RSA_X_509, Mechanism),
258 mkEntry(CKM_RSA_PKCS_KEY_PAIR_GEN, Mechanism),
259 mkEntry(CKM_MD2_RSA_PKCS, Mechanism),
260 mkEntry(CKM_MD5_RSA_PKCS, Mechanism),
261 mkEntry(CKM_SHA1_RSA_PKCS, Mechanism),
262 mkEntry(CKM_RIPEMD128_RSA_PKCS, Mechanism),
263 mkEntry(CKM_RIPEMD160_RSA_PKCS, Mechanism),
264 mkEntry(CKM_RSA_PKCS_OAEP, Mechanism),
265 mkEntry(CKM_RSA_X9_31_KEY_PAIR_GEN, Mechanism),
266 mkEntry(CKM_RSA_X9_31, Mechanism),
267 mkEntry(CKM_SHA1_RSA_X9_31, Mechanism),
268 mkEntry(CKM_DSA_KEY_PAIR_GEN, Mechanism),
269 mkEntry(CKM_DSA, Mechanism),
270 mkEntry(CKM_DSA_SHA1, Mechanism),
271 mkEntry(CKM_DH_PKCS_KEY_PAIR_GEN, Mechanism),
272 mkEntry(CKM_DH_PKCS_DERIVE, Mechanism),
273 mkEntry(CKM_X9_42_DH_DERIVE, Mechanism),
274 mkEntry(CKM_X9_42_DH_HYBRID_DERIVE, Mechanism),
275 mkEntry(CKM_X9_42_MQV_DERIVE, Mechanism),
276 mkEntry(CKM_SHA256_RSA_PKCS, Mechanism),
277 mkEntry(CKM_SHA384_RSA_PKCS, Mechanism),
278 mkEntry(CKM_SHA512_RSA_PKCS, Mechanism),
279 mkEntry(CKM_RC2_KEY_GEN, Mechanism),
280 mkEntry(CKM_RC2_ECB, Mechanism),
281 mkEntry(CKM_RC2_CBC, Mechanism),
282 mkEntry(CKM_RC2_MAC, Mechanism),
283 mkEntry(CKM_RC2_MAC_GENERAL, Mechanism),
284 mkEntry(CKM_RC2_CBC_PAD, Mechanism),
285 mkEntry(CKM_RC4_KEY_GEN, Mechanism),
286 mkEntry(CKM_RC4, Mechanism),
287 mkEntry(CKM_DES_KEY_GEN, Mechanism),
288 mkEntry(CKM_DES_ECB, Mechanism),
289 mkEntry(CKM_DES_CBC, Mechanism),
290 mkEntry(CKM_DES_MAC, Mechanism),
291 mkEntry(CKM_DES_MAC_GENERAL, Mechanism),
292 mkEntry(CKM_DES_CBC_PAD, Mechanism),
293 mkEntry(CKM_DES2_KEY_GEN, Mechanism),
294 mkEntry(CKM_DES3_KEY_GEN, Mechanism),
295 mkEntry(CKM_DES3_ECB, Mechanism),
296 mkEntry(CKM_DES3_CBC, Mechanism),
297 mkEntry(CKM_DES3_MAC, Mechanism),
298 mkEntry(CKM_DES3_MAC_GENERAL, Mechanism),
299 mkEntry(CKM_DES3_CBC_PAD, Mechanism),
300 mkEntry(CKM_CDMF_KEY_GEN, Mechanism),
301 mkEntry(CKM_CDMF_ECB, Mechanism),
302 mkEntry(CKM_CDMF_CBC, Mechanism),
303 mkEntry(CKM_CDMF_MAC, Mechanism),
304 mkEntry(CKM_CDMF_MAC_GENERAL, Mechanism),
305 mkEntry(CKM_CDMF_CBC_PAD, Mechanism),
306 mkEntry(CKM_MD2, Mechanism),
307 mkEntry(CKM_MD2_HMAC, Mechanism),
308 mkEntry(CKM_MD2_HMAC_GENERAL, Mechanism),
309 mkEntry(CKM_MD5, Mechanism),
310 mkEntry(CKM_MD5_HMAC, Mechanism),
311 mkEntry(CKM_MD5_HMAC_GENERAL, Mechanism),
312 mkEntry(CKM_SHA_1, Mechanism),
313 mkEntry(CKM_SHA_1_HMAC, Mechanism),
314 mkEntry(CKM_SHA_1_HMAC_GENERAL, Mechanism),
315 mkEntry(CKM_RIPEMD128, Mechanism),
316 mkEntry(CKM_RIPEMD128_HMAC, Mechanism),
317 mkEntry(CKM_RIPEMD128_HMAC_GENERAL, Mechanism),
318 mkEntry(CKM_RIPEMD160, Mechanism),
319 mkEntry(CKM_RIPEMD160_HMAC, Mechanism),
320 mkEntry(CKM_RIPEMD160_HMAC_GENERAL, Mechanism),
321 mkEntry(CKM_SHA256, Mechanism),
322 mkEntry(CKM_SHA256_HMAC_GENERAL, Mechanism),
323 mkEntry(CKM_SHA256_HMAC, Mechanism),
324 mkEntry(CKM_SHA384, Mechanism),
325 mkEntry(CKM_SHA384_HMAC_GENERAL, Mechanism),
326 mkEntry(CKM_SHA384_HMAC, Mechanism),
327 mkEntry(CKM_SHA512, Mechanism),
328 mkEntry(CKM_SHA512_HMAC_GENERAL, Mechanism),
329 mkEntry(CKM_SHA512_HMAC, Mechanism),
330 mkEntry(CKM_CAST_KEY_GEN, Mechanism),
331 mkEntry(CKM_CAST_ECB, Mechanism),
332 mkEntry(CKM_CAST_CBC, Mechanism),
333 mkEntry(CKM_CAST_MAC, Mechanism),
334 mkEntry(CKM_CAST_MAC_GENERAL, Mechanism),
335 mkEntry(CKM_CAST_CBC_PAD, Mechanism),
336 mkEntry(CKM_CAST3_KEY_GEN, Mechanism),
337 mkEntry(CKM_CAST3_ECB, Mechanism),
338 mkEntry(CKM_CAST3_CBC, Mechanism),
339 mkEntry(CKM_CAST3_MAC, Mechanism),
340 mkEntry(CKM_CAST3_MAC_GENERAL, Mechanism),
341 mkEntry(CKM_CAST3_CBC_PAD, Mechanism),
342 mkEntry(CKM_CAST5_KEY_GEN, Mechanism),
343 mkEntry(CKM_CAST128_KEY_GEN, Mechanism),
344 mkEntry(CKM_CAST5_ECB, Mechanism),
345 mkEntry(CKM_CAST128_ECB, Mechanism),
346 mkEntry(CKM_CAST5_CBC, Mechanism),
347 mkEntry(CKM_CAST128_CBC, Mechanism),
348 mkEntry(CKM_CAST5_MAC, Mechanism),
349 mkEntry(CKM_CAST128_MAC, Mechanism),
350 mkEntry(CKM_CAST5_MAC_GENERAL, Mechanism),
351 mkEntry(CKM_CAST128_MAC_GENERAL, Mechanism),
352 mkEntry(CKM_CAST5_CBC_PAD, Mechanism),
353 mkEntry(CKM_CAST128_CBC_PAD, Mechanism),
354 mkEntry(CKM_RC5_KEY_GEN, Mechanism),
355 mkEntry(CKM_RC5_ECB, Mechanism),
356 mkEntry(CKM_RC5_CBC, Mechanism),
357 mkEntry(CKM_RC5_MAC, Mechanism),
358 mkEntry(CKM_RC5_MAC_GENERAL, Mechanism),
359 mkEntry(CKM_RC5_CBC_PAD, Mechanism),
360 mkEntry(CKM_IDEA_KEY_GEN, Mechanism),
361 mkEntry(CKM_IDEA_ECB, Mechanism),
362 mkEntry(CKM_IDEA_CBC, Mechanism),
363 mkEntry(CKM_IDEA_MAC, Mechanism),
364 mkEntry(CKM_IDEA_MAC_GENERAL, Mechanism),
365 mkEntry(CKM_IDEA_CBC_PAD, Mechanism),
366 mkEntry(CKM_GENERIC_SECRET_KEY_GEN, Mechanism),
367 mkEntry(CKM_CONCATENATE_BASE_AND_KEY, Mechanism),
368 mkEntry(CKM_CONCATENATE_BASE_AND_DATA, Mechanism),
369 mkEntry(CKM_CONCATENATE_DATA_AND_BASE, Mechanism),
370 mkEntry(CKM_XOR_BASE_AND_DATA, Mechanism),
371 mkEntry(CKM_EXTRACT_KEY_FROM_KEY, Mechanism),
372 mkEntry(CKM_SSL3_PRE_MASTER_KEY_GEN, Mechanism),
373 mkEntry(CKM_SSL3_MASTER_KEY_DERIVE, Mechanism),
374 mkEntry(CKM_SSL3_KEY_AND_MAC_DERIVE, Mechanism),
375 mkEntry(CKM_SSL3_MASTER_KEY_DERIVE_DH, Mechanism),
376 mkEntry(CKM_TLS_PRE_MASTER_KEY_GEN, Mechanism),
377 mkEntry(CKM_TLS_MASTER_KEY_DERIVE, Mechanism),
378 mkEntry(CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256, Mechanism),
379 mkEntry(CKM_TLS_KEY_AND_MAC_DERIVE, Mechanism),
380 mkEntry(CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256, Mechanism),
381 mkEntry(CKM_TLS_MASTER_KEY_DERIVE_DH, Mechanism),
382 mkEntry(CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256, Mechanism),
383 mkEntry(CKM_SSL3_MD5_MAC, Mechanism),
384 mkEntry(CKM_SSL3_SHA1_MAC, Mechanism),
385 mkEntry(CKM_MD5_KEY_DERIVATION, Mechanism),
386 mkEntry(CKM_MD2_KEY_DERIVATION, Mechanism),
387 mkEntry(CKM_SHA1_KEY_DERIVATION, Mechanism),
388 mkEntry(CKM_SHA256_KEY_DERIVATION, Mechanism),
389 mkEntry(CKM_SHA384_KEY_DERIVATION, Mechanism),
390 mkEntry(CKM_SHA512_KEY_DERIVATION, Mechanism),
391 mkEntry(CKM_PBE_MD2_DES_CBC, Mechanism),
392 mkEntry(CKM_PBE_MD5_DES_CBC, Mechanism),
393 mkEntry(CKM_PBE_MD5_CAST_CBC, Mechanism),
394 mkEntry(CKM_PBE_MD5_CAST3_CBC, Mechanism),
395 mkEntry(CKM_PBE_MD5_CAST5_CBC, Mechanism),
396 mkEntry(CKM_PBE_MD5_CAST128_CBC, Mechanism),
397 mkEntry(CKM_PBE_SHA1_CAST5_CBC, Mechanism),
398 mkEntry(CKM_PBE_SHA1_CAST128_CBC, Mechanism),
399 mkEntry(CKM_PBE_SHA1_RC4_128, Mechanism),
400 mkEntry(CKM_PBE_SHA1_RC4_40, Mechanism),
401 mkEntry(CKM_PBE_SHA1_DES3_EDE_CBC, Mechanism),
402 mkEntry(CKM_PBE_SHA1_DES2_EDE_CBC, Mechanism),
403 mkEntry(CKM_PBE_SHA1_RC2_128_CBC, Mechanism),
404 mkEntry(CKM_PBE_SHA1_RC2_40_CBC, Mechanism),
405 mkEntry(CKM_PKCS5_PBKD2, Mechanism),
406 mkEntry(CKM_PBA_SHA1_WITH_SHA1_HMAC, Mechanism),
407 mkEntry(CKM_KEY_WRAP_LYNKS, Mechanism),
408 mkEntry(CKM_KEY_WRAP_SET_OAEP, Mechanism),
409 mkEntry(CKM_SKIPJACK_KEY_GEN, Mechanism),
410 mkEntry(CKM_SKIPJACK_ECB64, Mechanism),
411 mkEntry(CKM_SKIPJACK_CBC64, Mechanism),
412 mkEntry(CKM_SKIPJACK_OFB64, Mechanism),
413 mkEntry(CKM_SKIPJACK_CFB64, Mechanism),
414 mkEntry(CKM_SKIPJACK_CFB32, Mechanism),
415 mkEntry(CKM_SKIPJACK_CFB16, Mechanism),
416 mkEntry(CKM_SKIPJACK_CFB8, Mechanism),
417 mkEntry(CKM_SKIPJACK_WRAP, Mechanism),
418 mkEntry(CKM_SKIPJACK_PRIVATE_WRAP, Mechanism),
419 mkEntry(CKM_SKIPJACK_RELAYX, Mechanism),
420 mkEntry(CKM_KEA_KEY_PAIR_GEN, Mechanism),
421 mkEntry(CKM_KEA_KEY_DERIVE, Mechanism),
422 mkEntry(CKM_FORTEZZA_TIMESTAMP, Mechanism),
423 mkEntry(CKM_BATON_KEY_GEN, Mechanism),
424 mkEntry(CKM_BATON_ECB128, Mechanism),
425 mkEntry(CKM_BATON_ECB96, Mechanism),
426 mkEntry(CKM_BATON_CBC128, Mechanism),
427 mkEntry(CKM_BATON_COUNTER, Mechanism),
428 mkEntry(CKM_BATON_SHUFFLE, Mechanism),
429 mkEntry(CKM_BATON_WRAP, Mechanism),
430 mkEntry(CKM_ECDSA_KEY_PAIR_GEN, Mechanism),
431 mkEntry(CKM_EC_KEY_PAIR_GEN, Mechanism),
432 mkEntry(CKM_ECDSA, Mechanism),
433 mkEntry(CKM_ECDSA_SHA1, Mechanism),
434 mkEntry(CKM_ECDH1_DERIVE, Mechanism),
435 mkEntry(CKM_ECDH1_COFACTOR_DERIVE, Mechanism),
436 mkEntry(CKM_ECMQV_DERIVE, Mechanism),
437 mkEntry(CKM_JUNIPER_KEY_GEN, Mechanism),
438 mkEntry(CKM_JUNIPER_ECB128, Mechanism),
439 mkEntry(CKM_JUNIPER_CBC128, Mechanism),
440 mkEntry(CKM_JUNIPER_COUNTER, Mechanism),
441 mkEntry(CKM_JUNIPER_SHUFFLE, Mechanism),
442 mkEntry(CKM_JUNIPER_WRAP, Mechanism),
443 mkEntry(CKM_FASTHASH, Mechanism),
444 mkEntry(CKM_AES_KEY_GEN, Mechanism),
445 mkEntry(CKM_AES_ECB, Mechanism),
446 mkEntry(CKM_AES_CBC, Mechanism),
447 mkEntry(CKM_AES_MAC, Mechanism),
448 mkEntry(CKM_AES_MAC_GENERAL, Mechanism),
449 mkEntry(CKM_AES_CBC_PAD, Mechanism),
450 mkEntry(CKM_CAMELLIA_KEY_GEN, Mechanism),
451 mkEntry(CKM_CAMELLIA_ECB, Mechanism),
452 mkEntry(CKM_CAMELLIA_CBC, Mechanism),
453 mkEntry(CKM_CAMELLIA_MAC, Mechanism),
454 mkEntry(CKM_CAMELLIA_MAC_GENERAL, Mechanism),
455 mkEntry(CKM_CAMELLIA_CBC_PAD, Mechanism),
456 mkEntry(CKM_SEED_KEY_GEN, Mechanism),
457 mkEntry(CKM_SEED_ECB, Mechanism),
458 mkEntry(CKM_SEED_CBC, Mechanism),
459 mkEntry(CKM_SEED_MAC, Mechanism),
460 mkEntry(CKM_SEED_MAC_GENERAL, Mechanism),
461 mkEntry(CKM_SEED_CBC_PAD, Mechanism),
462 mkEntry(CKM_SEED_ECB_ENCRYPT_DATA, Mechanism),
463 mkEntry(CKM_SEED_CBC_ENCRYPT_DATA, Mechanism),
464 mkEntry(CKM_DSA_PARAMETER_GEN, Mechanism),
465 mkEntry(CKM_DH_PKCS_PARAMETER_GEN, Mechanism),
466 mkEntry(CKM_NSS_AES_KEY_WRAP, Mechanism),
467 mkEntry(CKM_NSS_AES_KEY_WRAP_PAD, Mechanism),
468 mkEntry(CKM_NETSCAPE_PBE_SHA1_DES_CBC, Mechanism),
469 mkEntry(CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, Mechanism),
470 mkEntry(CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC, Mechanism),
471 mkEntry(CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC, Mechanism),
472 mkEntry(CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4, Mechanism),
473 mkEntry(CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4, Mechanism),
474 mkEntry(CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, Mechanism),
475 mkEntry(CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN, Mechanism),
476 mkEntry(CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN, Mechanism),
477 mkEntry(CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN, Mechanism),
478 mkEntry(CKM_TLS_PRF_GENERAL, Mechanism),
479 mkEntry(CKM_NSS_TLS_PRF_GENERAL_SHA256, Mechanism),
481 mkEntry(CKR_OK, Result),
482 mkEntry(CKR_CANCEL, Result),
483 mkEntry(CKR_HOST_MEMORY, Result),
484 mkEntry(CKR_SLOT_ID_INVALID, Result),
485 mkEntry(CKR_GENERAL_ERROR, Result),
486 mkEntry(CKR_FUNCTION_FAILED, Result),
487 mkEntry(CKR_ARGUMENTS_BAD, Result),
488 mkEntry(CKR_NO_EVENT, Result),
489 mkEntry(CKR_NEED_TO_CREATE_THREADS, Result),
490 mkEntry(CKR_CANT_LOCK, Result),
491 mkEntry(CKR_ATTRIBUTE_READ_ONLY, Result),
492 mkEntry(CKR_ATTRIBUTE_SENSITIVE, Result),
493 mkEntry(CKR_ATTRIBUTE_TYPE_INVALID, Result),
494 mkEntry(CKR_ATTRIBUTE_VALUE_INVALID, Result),
495 mkEntry(CKR_DATA_INVALID, Result),
496 mkEntry(CKR_DATA_LEN_RANGE, Result),
497 mkEntry(CKR_DEVICE_ERROR, Result),
498 mkEntry(CKR_DEVICE_MEMORY, Result),
499 mkEntry(CKR_DEVICE_REMOVED, Result),
500 mkEntry(CKR_ENCRYPTED_DATA_INVALID, Result),
501 mkEntry(CKR_ENCRYPTED_DATA_LEN_RANGE, Result),
502 mkEntry(CKR_FUNCTION_CANCELED, Result),
503 mkEntry(CKR_FUNCTION_NOT_PARALLEL, Result),
504 mkEntry(CKR_FUNCTION_NOT_SUPPORTED, Result),
505 mkEntry(CKR_KEY_HANDLE_INVALID, Result),
506 mkEntry(CKR_KEY_SIZE_RANGE, Result),
507 mkEntry(CKR_KEY_TYPE_INCONSISTENT, Result),
508 mkEntry(CKR_KEY_NOT_NEEDED, Result),
509 mkEntry(CKR_KEY_CHANGED, Result),
510 mkEntry(CKR_KEY_NEEDED, Result),
511 mkEntry(CKR_KEY_INDIGESTIBLE, Result),
512 mkEntry(CKR_KEY_FUNCTION_NOT_PERMITTED, Result),
513 mkEntry(CKR_KEY_NOT_WRAPPABLE, Result),
514 mkEntry(CKR_KEY_UNEXTRACTABLE, Result),
515 mkEntry(CKR_KEY_PARAMS_INVALID, Result),
516 mkEntry(CKR_MECHANISM_INVALID, Result),
517 mkEntry(CKR_MECHANISM_PARAM_INVALID, Result),
518 mkEntry(CKR_OBJECT_HANDLE_INVALID, Result),
519 mkEntry(CKR_OPERATION_ACTIVE, Result),
520 mkEntry(CKR_OPERATION_NOT_INITIALIZED, Result),
521 mkEntry(CKR_PIN_INCORRECT, Result),
522 mkEntry(CKR_PIN_INVALID, Result),
523 mkEntry(CKR_PIN_LEN_RANGE, Result),
524 mkEntry(CKR_PIN_EXPIRED, Result),
525 mkEntry(CKR_PIN_LOCKED, Result),
526 mkEntry(CKR_SESSION_CLOSED, Result),
527 mkEntry(CKR_SESSION_COUNT, Result),
528 mkEntry(CKR_SESSION_HANDLE_INVALID, Result),
529 mkEntry(CKR_SESSION_PARALLEL_NOT_SUPPORTED, Result),
530 mkEntry(CKR_SESSION_READ_ONLY, Result),
531 mkEntry(CKR_SESSION_EXISTS, Result),
532 mkEntry(CKR_SESSION_READ_ONLY_EXISTS, Result),
533 mkEntry(CKR_SESSION_READ_WRITE_SO_EXISTS, Result),
534 mkEntry(CKR_SIGNATURE_INVALID, Result),
535 mkEntry(CKR_SIGNATURE_LEN_RANGE, Result),
536 mkEntry(CKR_TEMPLATE_INCOMPLETE, Result),
537 mkEntry(CKR_TEMPLATE_INCONSISTENT, Result),
538 mkEntry(CKR_TOKEN_NOT_PRESENT, Result),
539 mkEntry(CKR_TOKEN_NOT_RECOGNIZED, Result),
540 mkEntry(CKR_TOKEN_WRITE_PROTECTED, Result),
541 mkEntry(CKR_UNWRAPPING_KEY_HANDLE_INVALID, Result),
542 mkEntry(CKR_UNWRAPPING_KEY_SIZE_RANGE, Result),
543 mkEntry(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, Result),
544 mkEntry(CKR_USER_ALREADY_LOGGED_IN, Result),
545 mkEntry(CKR_USER_NOT_LOGGED_IN, Result),
546 mkEntry(CKR_USER_PIN_NOT_INITIALIZED, Result),
547 mkEntry(CKR_USER_TYPE_INVALID, Result),
548 mkEntry(CKR_USER_ANOTHER_ALREADY_LOGGED_IN, Result),
549 mkEntry(CKR_USER_TOO_MANY_TYPES, Result),
550 mkEntry(CKR_WRAPPED_KEY_INVALID, Result),
551 mkEntry(CKR_WRAPPED_KEY_LEN_RANGE, Result),
552 mkEntry(CKR_WRAPPING_KEY_HANDLE_INVALID, Result),
553 mkEntry(CKR_WRAPPING_KEY_SIZE_RANGE, Result),
554 mkEntry(CKR_WRAPPING_KEY_TYPE_INCONSISTENT, Result),
555 mkEntry(CKR_RANDOM_SEED_NOT_SUPPORTED, Result),
556 mkEntry(CKR_RANDOM_NO_RNG, Result),
557 mkEntry(CKR_DOMAIN_PARAMS_INVALID, Result),
558 mkEntry(CKR_BUFFER_TOO_SMALL, Result),
559 mkEntry(CKR_SAVED_STATE_INVALID, Result),
560 mkEntry(CKR_INFORMATION_SENSITIVE, Result),
561 mkEntry(CKR_STATE_UNSAVEABLE, Result),
562 mkEntry(CKR_CRYPTOKI_NOT_INITIALIZED, Result),
563 mkEntry(CKR_CRYPTOKI_ALREADY_INITIALIZED, Result),
564 mkEntry(CKR_MUTEX_BAD, Result),
565 mkEntry(CKR_MUTEX_NOT_LOCKED, Result),
566 mkEntry(CKR_VENDOR_DEFINED, Result),
568 mkEntry(CKT_NSS_TRUSTED, Trust),
569 mkEntry(CKT_NSS_TRUSTED_DELEGATOR, Trust),
570 mkEntry(CKT_NSS_NOT_TRUSTED, Trust),
571 mkEntry(CKT_NSS_MUST_VERIFY_TRUST, Trust),
572 mkEntry(CKT_NSS_TRUST_UNKNOWN, Trust),
573 mkEntry(CKT_NSS_VALID_DELEGATOR, Trust),
575 mkEntry(CK_EFFECTIVELY_INFINITE, AvailableSizes),
576 mkEntry(CK_UNAVAILABLE_INFORMATION, CurrentSize),
577 };
579 const Constant *consts = &_consts[0];
580 const int constCount = sizeof(_consts)/sizeof(_consts[0]);
582 const Commands _commands[] = {
583 {"C_Initialize", F_C_Initialize,
584 "C_Initialize pInitArgs\n\n"
585 "C_Initialize initializes the PKCS #11 library.\n"
586 " pInitArgs if this is not NULL_PTR it gets cast to and dereferenced\n",
587 {ArgInitializeArgs, ArgNone, ArgNone, ArgNone, ArgNone,
588 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
589 {"C_Finalize", F_C_Finalize,
590 "C_Finalize pReserved\n\n"
591 "C_Finalize indicates that an application is done with the PKCS #11 library.\n"
592 " pReserved reserved. Should be NULL_PTR\n",
593 {ArgInitializeArgs, ArgNone, ArgNone, ArgNone, ArgNone,
594 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
595 {"C_GetInfo", F_C_GetInfo,
596 "C_GetInfo pInfo\n\n"
597 "C_GetInfo returns general information about PKCS #11.\n"
598 " pInfo location that receives information\n",
599 {ArgInfo|ArgOut, ArgNone, ArgNone, ArgNone, ArgNone,
600 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
601 {"C_GetFunctionList", F_C_GetFunctionList,
602 "C_GetFunctionList ppFunctionList\n\n"
603 "C_GetFunctionList returns the function list.\n"
604 " ppFunctionList receives pointer to function list\n",
605 {ArgFunctionList|ArgOut, ArgNone, ArgNone, ArgNone, ArgNone,
606 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
607 {"C_GetSlotList", F_C_GetSlotList,
608 "C_GetSlotList tokenPresent pSlotList pulCount\n\n"
609 "C_GetSlotList obtains a list of slots in the system.\n"
610 " tokenPresent only slots with tokens?\n"
611 " pSlotList receives array of slot IDs\n"
612 " pulCount receives number of slots\n",
613 {ArgULong, ArgULong|ArgArray|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone,
614 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
615 {"C_GetSlotInfo", F_C_GetSlotInfo,
616 "C_GetSlotInfo slotID pInfo\n\n"
617 "C_GetSlotInfo obtains information about a particular slot in the system.\n"
618 " slotID the ID of the slot\n"
619 " pInfo receives the slot information\n",
620 {ArgULong, ArgSlotInfo|ArgOut, ArgNone, ArgNone, ArgNone,
621 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
622 {"C_GetTokenInfo", F_C_GetTokenInfo,
623 "C_GetTokenInfo slotID pInfo\n\n"
624 "C_GetTokenInfo obtains information about a particular token in the system.\n"
625 " slotID ID of the token's slot\n"
626 " pInfo receives the token information\n",
627 {ArgULong, ArgTokenInfo|ArgOut, ArgNone, ArgNone, ArgNone,
628 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
629 {"C_GetMechanismList", F_C_GetMechanismList,
630 "C_GetMechanismList slotID pMechanismList pulCount\n\n"
631 "C_GetMechanismList obtains a list of mechanism types supported by a token.\n"
632 " slotID ID of token's slot\n"
633 " pMechanismList gets mech. array\n"
634 " pulCount gets # of mechs.\n",
635 {ArgULong, ArgULong|ArgArray|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone,
636 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
637 {"C_GetMechanismInfo", F_C_GetMechanismInfo,
638 "C_GetMechanismInfo slotID type pInfo\n\n"
639 "C_GetMechanismInfo obtains information about a particular mechanism possibly\n"
640 "supported by a token.\n"
641 " slotID ID of the token's slot\n"
642 " type type of mechanism\n"
643 " pInfo receives mechanism info\n",
644 {ArgULong, ArgULong, ArgMechanismInfo|ArgOut, ArgNone, ArgNone,
645 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
646 {"C_InitToken", F_C_InitToken,
647 "C_InitToken slotID pPin ulPinLen pLabel\n\n"
648 "C_InitToken initializes a token.\n"
649 " slotID ID of the token's slot\n"
650 " pPin the SO's initial PIN\n"
651 " ulPinLen length in bytes of the PIN\n"
652 " pLabel 32-byte token label (blank padded)\n",
653 {ArgULong, ArgUTF8, ArgULong, ArgUTF8, ArgNone,
654 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
655 {"C_InitPIN", F_C_InitPIN,
656 "C_InitPIN hSession pPin ulPinLen\n\n"
657 "C_InitPIN initializes the normal user's PIN.\n"
658 " hSession the session's handle\n"
659 " pPin the normal user's PIN\n"
660 " ulPinLen length in bytes of the PIN\n",
661 {ArgULong, ArgUTF8, ArgULong, ArgNone, ArgNone,
662 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
663 {"C_SetPIN", F_C_SetPIN,
664 "C_SetPIN hSession pOldPin ulOldLen pNewPin ulNewLen\n\n"
665 "C_SetPIN modifies the PIN of the user who is logged in.\n"
666 " hSession the session's handle\n"
667 " pOldPin the old PIN\n"
668 " ulOldLen length of the old PIN\n"
669 " pNewPin the new PIN\n"
670 " ulNewLen length of the new PIN\n",
671 {ArgULong, ArgUTF8, ArgULong, ArgUTF8, ArgULong,
672 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
673 {"C_OpenSession", F_C_OpenSession,
674 "C_OpenSession slotID flags phSession\n\n"
675 "C_OpenSession opens a session between an application and a token.\n"
676 " slotID the slot's ID\n"
677 " flags from\n"
678 " phSession gets session handle\n",
679 {ArgULong, ArgULong, ArgULong|ArgOut, ArgNone, ArgNone,
680 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
681 {"C_CloseSession", F_C_CloseSession,
682 "C_CloseSession hSession\n\n"
683 "C_CloseSession closes a session between an application and a token.\n"
684 " hSession the session's handle\n",
685 {ArgULong, ArgNone, ArgNone, ArgNone, ArgNone,
686 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
687 {"C_CloseAllSessions", F_C_CloseAllSessions,
688 "C_CloseAllSessions slotID\n\n"
689 "C_CloseAllSessions closes all sessions with a token.\n"
690 " slotID the token's slot\n",
691 {ArgULong, ArgNone, ArgNone, ArgNone, ArgNone,
692 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
693 {"C_GetSessionInfo", F_C_GetSessionInfo,
694 "C_GetSessionInfo hSession pInfo\n\n"
695 "C_GetSessionInfo obtains information about the session.\n"
696 " hSession the session's handle\n"
697 " pInfo receives session info\n",
698 {ArgULong, ArgSessionInfo|ArgOut, ArgNone, ArgNone, ArgNone,
699 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
700 {"C_GetOperationState", F_C_GetOperationState,
701 "C_GetOperationState hSession pOpState pulOpStateLen\n\n"
702 "C_GetOperationState obtains the state of the cryptographic operation in a\n"
703 "session.\n"
704 " hSession session's handle\n"
705 " pOpState gets state\n"
706 " pulOpStateLen gets state length\n",
707 {ArgULong, ArgChar|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone,
708 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
709 {"C_SetOperationState", F_C_SetOperationState,
710 "C_SetOperationState hSession pOpState ulOpStateLen hEncKey hAuthKey\n\n"
711 "C_SetOperationState restores the state of the cryptographic operation in a\n"
712 "session.\n"
713 " hSession session's handle\n"
714 " pOpState holds state\n"
715 " ulOpStateLen holds state length\n"
716 " hEncKey en/decryption key\n"
717 " hAuthnKey sign/verify key\n",
718 {ArgULong, ArgChar|ArgOut, ArgULong, ArgULong, ArgULong,
719 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
720 {"C_Login", F_C_Login,
721 "C_Login hSession userType pPin ulPinLen\n\n"
722 "C_Login logs a user into a token.\n"
723 " hSession the session's handle\n"
724 " userType the user type\n"
725 " pPin the user's PIN\n"
726 " ulPinLen the length of the PIN\n",
727 {ArgULong, ArgULong, ArgVar, ArgULong, ArgNone,
728 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
729 {"C_Logout", F_C_Logout,
730 "C_Logout hSession\n\n"
731 "C_Logout logs a user out from a token.\n"
732 " hSession the session's handle\n",
733 {ArgULong, ArgNone, ArgNone, ArgNone, ArgNone,
734 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
735 {"C_CreateObject", F_C_CreateObject,
736 "C_CreateObject hSession pTemplate ulCount phObject\n\n"
737 "C_CreateObject creates a new object.\n"
738 " hSession the session's handle\n"
739 " pTemplate the object's template\n"
740 " ulCount attributes in template\n"
741 " phObject gets new object's handle.\n",
742 {ArgULong, ArgAttribute|ArgArray, ArgULong, ArgULong|ArgOut, ArgNone,
743 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
744 {"C_CopyObject", F_C_CopyObject,
745 "C_CopyObject hSession hObject pTemplate ulCount phNewObject\n\n"
746 "C_CopyObject copies an object creating a new object for the copy.\n"
747 " hSession the session's handle\n"
748 " hObject the object's handle\n"
749 " pTemplate template for new object\n"
750 " ulCount attributes in template\n"
751 " phNewObject receives handle of copy\n",
752 {ArgULong, ArgULong, ArgAttribute|ArgArray, ArgULong, ArgULong|ArgOut,
753 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
754 {"C_DestroyObject", F_C_DestroyObject,
755 "C_DestroyObject hSession hObject\n\n"
756 "C_DestroyObject destroys an object.\n"
757 " hSession the session's handle\n"
758 " hObject the object's handle\n",
759 {ArgULong, ArgULong, ArgNone, ArgNone, ArgNone,
760 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
761 {"C_GetObjectSize", F_C_GetObjectSize,
762 "C_GetObjectSize hSession hObject pulSize\n\n"
763 "C_GetObjectSize gets the size of an object in bytes.\n"
764 " hSession the session's handle\n"
765 " hObject the object's handle\n"
766 " pulSize receives size of object\n",
767 {ArgULong, ArgULong, ArgULong|ArgOut, ArgNone, ArgNone,
768 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
769 {"C_GetAttributeValue", F_C_GetAttributeValue,
770 "C_GetAttributeValue hSession hObject pTemplate ulCount\n\n"
771 "C_GetAttributeValue obtains the value of one or more object attributes.\n"
772 " hSession the session's handle\n"
773 " hObject the object's handle\n"
774 " pTemplate specifies attrs; gets vals\n"
775 " ulCount attributes in template\n",
776 {ArgULong, ArgULong, ArgAttribute|ArgArray, ArgULong, ArgNone,
777 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
778 {"C_SetAttributeValue", F_C_SetAttributeValue,
779 "C_SetAttributeValue hSession hObject pTemplate ulCount\n\n"
780 "C_SetAttributeValue modifies the value of one or more object attributes\n"
781 " hSession the session's handle\n"
782 " hObject the object's handle\n"
783 " pTemplate specifies attrs and values\n"
784 " ulCount attributes in template\n",
785 {ArgULong, ArgULong, ArgAttribute|ArgArray, ArgULong, ArgNone,
786 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
787 {"C_FindObjectsInit", F_C_FindObjectsInit,
788 "C_FindObjectsInit hSession pTemplate ulCount\n\n"
789 "C_FindObjectsInit initializes a search for token and session objects that\n"
790 "match a template.\n"
791 " hSession the session's handle\n"
792 " pTemplate attribute values to match\n"
793 " ulCount attrs in search template\n",
794 {ArgULong, ArgAttribute|ArgArray, ArgULong, ArgNone, ArgNone,
795 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
796 {"C_FindObjectsFinal", F_C_FindObjectsFinal,
797 "C_FindObjectsFinal hSession\n\n"
798 "C_FindObjectsFinal finishes a search for token and session objects.\n"
799 " hSession the session's handle\n",
800 {ArgULong, ArgNone, ArgNone, ArgNone, ArgNone,
801 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
802 {"C_FindObjects", F_C_FindObjects,
803 "C_FindObjects hSession phObject ulMaxObjectCount pulObjectCount\n\n"
804 "C_FindObjects continues a search for token and session objects that match\n"
805 "a template obtaining additional object handles.\n"
806 " hSession session's handle\n"
807 " phObject gets obj. handles\n"
808 " ulMaxObjectCount max handles to get\n"
809 " pulObjectCount actual # returned\n",
810 {ArgULong, ArgULong|ArgOut, ArgULong, ArgULong|ArgOut, ArgNone,
811 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
812 {"C_EncryptInit", F_C_EncryptInit,
813 "C_EncryptInit hSession pMechanism hKey\n\n"
814 "C_EncryptInit initializes an encryption operation.\n"
815 " hSession the session's handle\n"
816 " pMechanism the encryption mechanism\n"
817 " hKey handle of encryption key\n",
818 {ArgULong, ArgMechanism, ArgULong, ArgNone, ArgNone,
819 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
820 {"C_EncryptUpdate", F_C_EncryptUpdate,
821 "C_EncryptUpdate hSession pPart ulPartLen pEncryptedPart pulEncryptedPartLen\n"
822 "\n"
823 "C_EncryptUpdate continues a multiple-part encryption operation.\n"
824 " hSession session's handle\n"
825 " pPart the plaintext data\n"
826 " ulPartLen plaintext data len\n"
827 " pEncryptedPart gets ciphertext\n"
828 " pulEncryptedPartLen gets c-text size\n",
829 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
830 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
831 {"C_EncryptFinal", F_C_EncryptFinal,
832 "C_EncryptFinal hSession pLastEncryptedPart pulLastEncryptedPartLen\n\n"
833 "C_EncryptFinal finishes a multiple-part encryption operation.\n"
834 " hSession session handle\n"
835 " pLastEncryptedPart last c-text\n"
836 " pulLastEncryptedPartLen gets last size\n",
837 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
838 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
839 {"C_Encrypt", F_C_Encrypt,
840 "C_Encrypt hSession pData ulDataLen pEncryptedData pulEncryptedDataLen\n\n"
841 "C_Encrypt encrypts single-part data.\n"
842 " hSession session's handle\n"
843 " pData the plaintext data\n"
844 " ulDataLen bytes of plaintext\n"
845 " pEncryptedData gets ciphertext\n"
846 " pulEncryptedDataLen gets c-text size\n",
847 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
848 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
849 {"C_DecryptInit", F_C_DecryptInit,
850 "C_DecryptInit hSession pMechanism hKey\n\n"
851 "C_DecryptInit initializes a decryption operation.\n"
852 " hSession the session's handle\n"
853 " pMechanism the decryption mechanism\n"
854 " hKey handle of decryption key\n",
855 {ArgULong, ArgMechanism, ArgULong, ArgNone, ArgNone,
856 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
857 {"C_DecryptUpdate", F_C_DecryptUpdate,
858 "C_DecryptUpdate hSession pEncryptedPart ulEncryptedPartLen pPart pulPartLen\n"
859 "\n"
860 "C_DecryptUpdate continues a multiple-part decryption operation.\n"
861 " hSession session's handle\n"
862 " pEncryptedPart encrypted data\n"
863 " ulEncryptedPartLen input length\n"
864 " pPart gets plaintext\n"
865 " pulPartLen p-text size\n",
866 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
867 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
868 {"C_DecryptFinal", F_C_DecryptFinal,
869 "C_DecryptFinal hSession pLastPart pulLastPartLen\n\n"
870 "C_DecryptFinal finishes a multiple-part decryption operation.\n"
871 " hSession the session's handle\n"
872 " pLastPart gets plaintext\n"
873 " pulLastPartLen p-text size\n",
874 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
875 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
876 {"C_Decrypt", F_C_Decrypt,
877 "C_Decrypt hSession pEncryptedData ulEncryptedDataLen pData pulDataLen\n\n"
878 "C_Decrypt decrypts encrypted data in a single part.\n"
879 " hSession session's handle\n"
880 " pEncryptedData ciphertext\n"
881 " ulEncryptedDataLen ciphertext length\n"
882 " pData gets plaintext\n"
883 " pulDataLen gets p-text size\n",
884 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
885 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
886 {"C_DigestInit", F_C_DigestInit,
887 "C_DigestInit hSession pMechanism\n\n"
888 "C_DigestInit initializes a message-digesting operation.\n"
889 " hSession the session's handle\n"
890 " pMechanism the digesting mechanism\n",
891 {ArgULong, ArgMechanism, ArgNone, ArgNone, ArgNone,
892 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
893 {"C_DigestUpdate", F_C_DigestUpdate,
894 "C_DigestUpdate hSession pPart ulPartLen\n\n"
895 "C_DigestUpdate continues a multiple-part message-digesting operation.\n"
896 " hSession the session's handle\n"
897 " pPart data to be digested\n"
898 " ulPartLen bytes of data to be digested\n",
899 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
900 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
901 {"C_DigestKey", F_C_DigestKey,
902 "C_DigestKey hSession hKey\n\n"
903 "C_DigestKey continues a multi-part message-digesting operation by digesting\n"
904 "the value of a secret key as part of the data already digested.\n"
905 " hSession the session's handle\n"
906 " hKey secret key to digest\n",
907 {ArgULong, ArgULong, ArgNone, ArgNone, ArgNone,
908 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
909 {"C_DigestFinal", F_C_DigestFinal,
910 "C_DigestFinal hSession pDigest pulDigestLen\n\n"
911 "C_DigestFinal finishes a multiple-part message-digesting operation.\n"
912 " hSession the session's handle\n"
913 " pDigest gets the message digest\n"
914 " pulDigestLen gets byte count of digest\n",
915 {ArgULong, ArgChar|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone,
916 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
917 {"C_Digest", F_C_Digest,
918 "C_Digest hSession pData ulDataLen pDigest pulDigestLen\n\n"
919 "C_Digest digests data in a single part.\n"
920 " hSession the session's handle\n"
921 " pData data to be digested\n"
922 " ulDataLen bytes of data to digest\n"
923 " pDigest gets the message digest\n"
924 " pulDigestLen gets digest length\n",
925 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
926 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
927 {"C_SignInit", F_C_SignInit,
928 "C_SignInit hSession pMechanism hKey\n\n"
929 "C_SignInit initializes a signature (private key encryption operation where\n"
930 "the signature is (will be) an appendix to the data and plaintext cannot be\n"
931 "recovered from the signature.\n"
932 " hSession the session's handle\n"
933 " pMechanism the signature mechanism\n"
934 " hKey handle of signature key\n",
935 {ArgULong, ArgMechanism, ArgULong, ArgNone, ArgNone,
936 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
937 {"C_SignUpdate", F_C_SignUpdate,
938 "C_SignUpdate hSession pPart ulPartLen\n\n"
939 "C_SignUpdate continues a multiple-part signature operation where the\n"
940 "signature is (will be) an appendix to the data and plaintext cannot be\n"
941 "recovered from the signature.\n"
942 " hSession the session's handle\n"
943 " pPart the data to sign\n"
944 " ulPartLen count of bytes to sign\n",
945 {ArgULong, ArgChar|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone,
946 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
947 {"C_SignFinal", F_C_SignFinal,
948 "C_SignFinal hSession pSignature pulSignatureLen\n\n"
949 "C_SignFinal finishes a multiple-part signature operation returning the\n"
950 "signature.\n"
951 " hSession the session's handle\n"
952 " pSignature gets the signature\n"
953 " pulSignatureLen gets signature length\n",
954 {ArgULong, ArgChar|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone,
955 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
956 {"C_SignRecoverInit", F_C_SignRecoverInit,
957 "C_SignRecoverInit hSession pMechanism hKey\n\n"
958 "C_SignRecoverInit initializes a signature operation where the data can be\n"
959 "recovered from the signature.\n"
960 " hSession the session's handle\n"
961 " pMechanism the signature mechanism\n"
962 " hKey handle of the signature key\n",
963 {ArgULong, ArgMechanism, ArgULong, ArgNone, ArgNone,
964 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
965 {"C_SignRecover", F_C_SignRecover,
966 "C_SignRecover hSession pData ulDataLen pSignature pulSignatureLen\n\n"
967 "C_SignRecover signs data in a single operation where the data can be\n"
968 "recovered from the signature.\n"
969 " hSession the session's handle\n"
970 " pData the data to sign\n"
971 " ulDataLen count of bytes to sign\n"
972 " pSignature gets the signature\n"
973 " pulSignatureLen gets signature length\n",
974 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
975 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
976 {"C_Sign", F_C_Sign,
977 "C_Sign hSession pData ulDataLen pSignature pulSignatureLen\n\n"
978 "C_Sign signs (encrypts with private key) data in a single part where the\n"
979 "signature is (will be) an appendix to the data and plaintext cannot be\n"
980 "recovered from the signature.\n"
981 " hSession the session's handle\n"
982 " pData the data to sign\n"
983 " ulDataLen count of bytes to sign\n"
984 " pSignature gets the signature\n"
985 " pulSignatureLen gets signature length\n",
986 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
987 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
988 {"C_VerifyInit", F_C_VerifyInit,
989 "C_VerifyInit hSession pMechanism hKey\n\n"
990 "C_VerifyInit initializes a verification operation where the signature is an\n"
991 "appendix to the data and plaintext cannot cannot be recovered from the\n"
992 "signature (e.g. DSA).\n"
993 " hSession the session's handle\n"
994 " pMechanism the verification mechanism\n"
995 " hKey verification key\n",
996 {ArgULong, ArgMechanism, ArgULong, ArgNone, ArgNone,
997 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
998 {"C_VerifyUpdate", F_C_VerifyUpdate,
999 "C_VerifyUpdate hSession pPart ulPartLen\n\n"
1000 "C_VerifyUpdate continues a multiple-part verification operation where the\n"
1001 "signature is an appendix to the data and plaintext cannot be recovered from\n"
1002 "the signature.\n"
1003 " hSession the session's handle\n"
1004 " pPart signed data\n"
1005 " ulPartLen length of signed data\n",
1006 {ArgULong, ArgChar|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone,
1007 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1008 {"C_VerifyFinal", F_C_VerifyFinal,
1009 "C_VerifyFinal hSession pSignature ulSignatureLen\n\n"
1010 "C_VerifyFinal finishes a multiple-part verification operation checking the\n"
1011 "signature.\n"
1012 " hSession the session's handle\n"
1013 " pSignature signature to verify\n"
1014 " ulSignatureLen signature length\n",
1015 {ArgULong, ArgChar|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone,
1016 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1017 {"C_VerifyRecoverInit", F_C_VerifyRecoverInit,
1018 "C_VerifyRecoverInit hSession pMechanism hKey\n\n"
1019 "C_VerifyRecoverInit initializes a signature verification operation where the\n"
1020 "data is recovered from the signature.\n"
1021 " hSession the session's handle\n"
1022 " pMechanism the verification mechanism\n"
1023 " hKey verification key\n",
1024 {ArgULong, ArgMechanism, ArgULong, ArgNone, ArgNone,
1025 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1026 {"C_VerifyRecover", F_C_VerifyRecover,
1027 "C_VerifyRecover hSession pSignature ulSignatureLen pData pulDataLen\n\n"
1028 "C_VerifyRecover verifies a signature in a single-part operation where the\n"
1029 "data is recovered from the signature.\n"
1030 " hSession the session's handle\n"
1031 " pSignature signature to verify\n"
1032 " ulSignatureLen signature length\n"
1033 " pData gets signed data\n"
1034 " pulDataLen gets signed data len\n",
1035 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
1036 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1037 {"C_Verify", F_C_Verify,
1038 "C_Verify hSession pData ulDataLen pSignature ulSignatureLen\n\n"
1039 "C_Verify verifies a signature in a single-part operation where the signature\n"
1040 "is an appendix to the data and plaintext cannot be recovered from the\n"
1041 "signature.\n"
1042 " hSession the session's handle\n"
1043 " pData signed data\n"
1044 " ulDataLen length of signed data\n"
1045 " pSignature signature\n"
1046 " ulSignatureLen signature length*/\n",
1047 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
1048 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1049 {"C_DigestEncryptUpdate", F_C_DigestEncryptUpdate,
1050 "C_DigestEncryptUpdate hSession pPart ulPartLen pEncryptedPart \\\n"
1051 " pulEncryptedPartLen\n\n"
1052 "C_DigestEncryptUpdate continues a multiple-part digesting and encryption\n"
1053 "operation.\n"
1054 " hSession session's handle\n"
1055 " pPart the plaintext data\n"
1056 " ulPartLen plaintext length\n"
1057 " pEncryptedPart gets ciphertext\n"
1058 " pulEncryptedPartLen gets c-text length\n",
1059 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
1060 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1061 {"C_DecryptDigestUpdate", F_C_DecryptDigestUpdate,
1062 "C_DecryptDigestUpdate hSession pEncryptedPart ulEncryptedPartLen pPart \\\n"
1063 " pulPartLen\n\n"
1064 "C_DecryptDigestUpdate continues a multiple-part decryption and digesting\n"
1065 "operation.\n"
1066 " hSession session's handle\n"
1067 " pEncryptedPart ciphertext\n"
1068 " ulEncryptedPartLen ciphertext length\n"
1069 " pPart gets plaintext\n"
1070 " pulPartLen gets plaintext len\n",
1071 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
1072 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1073 {"C_SignEncryptUpdate", F_C_SignEncryptUpdate,
1074 "C_SignEncryptUpdate hSession pPart ulPartLen pEncryptedPart \\\n"
1075 " pulEncryptedPartLen\n\n"
1076 "C_SignEncryptUpdate continues a multiple-part signing and encryption\n"
1077 "operation.\n"
1078 " hSession session's handle\n"
1079 " pPart the plaintext data\n"
1080 " ulPartLen plaintext length\n"
1081 " pEncryptedPart gets ciphertext\n"
1082 " pulEncryptedPartLen gets c-text length\n",
1083 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
1084 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1085 {"C_DecryptVerifyUpdate", F_C_DecryptVerifyUpdate,
1086 "C_DecryptVerifyUpdate hSession pEncryptedPart ulEncryptedPartLen pPart \\\n"
1087 " pulPartLen\n\n"
1088 "C_DecryptVerifyUpdate continues a multiple-part decryption and verify\n"
1089 "operation.\n"
1090 " hSession session's handle\n"
1091 " pEncryptedPart ciphertext\n"
1092 " ulEncryptedPartLen ciphertext length\n"
1093 " pPart gets plaintext\n"
1094 " pulPartLen gets p-text length\n",
1095 {ArgULong, ArgChar, ArgULong, ArgChar|ArgOut, ArgULong|ArgOut,
1096 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1097 {"C_GenerateKeyPair", F_C_GenerateKeyPair,
1098 "C_GenerateKeyPair hSession pMechanism pPublicKeyTemplate \\\n"
1099 " ulPublicKeyAttributeCount pPrivateKeyTemplate ulPrivateKeyAttributeCount \\\n"
1100 " phPublicKey phPrivateKey\n\n"
1101 "C_GenerateKeyPair generates a public-key/private-key pair creating new key\n"
1102 "objects.\n"
1103 " hSession sessionhandle\n"
1104 " pMechanism key-genmech.\n"
1105 " pPublicKeyTemplate templatefor pub. key\n"
1106 " ulPublicKeyAttributeCount # pub. attrs.\n"
1107 " pPrivateKeyTemplate templatefor priv. key\n"
1108 " ulPrivateKeyAttributeCount # priv. attrs.\n"
1109 " phPublicKey gets pub. keyhandle\n"
1110 " phPrivateKey getspriv. keyhandle\n",
1111 {ArgULong, ArgMechanism, ArgAttribute|ArgArray, ArgULong,
1112 ArgAttribute|ArgArray,
1113 ArgULong, ArgULong|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone }},
1114 {"C_GenerateKey", F_C_GenerateKey,
1115 "C_GenerateKey hSession pMechanism pTemplate ulCount phKey\n\n"
1116 "C_GenerateKey generates a secret key creating a new key object.\n"
1117 " hSession the session's handle\n"
1118 " pMechanism key generation mech.\n"
1119 " pTemplate template for new key\n"
1120 " ulCount # of attrs in template\n"
1121 " phKey gets handle of new key\n",
1122 {ArgULong, ArgMechanism, ArgAttribute|ArgArray, ArgULong,
1123 ArgULong|ArgOut,
1124 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1125 {"C_WrapKey", F_C_WrapKey,
1126 "C_WrapKey hSession pMechanism hWrappingKey hKey pWrappedKey pulWrappedKeyLen\n\n"
1127 "C_WrapKey wraps (i.e. encrypts) a key.\n"
1128 " hSession the session's handle\n"
1129 " pMechanism the wrapping mechanism\n"
1130 " hWrappingKey wrapping key\n"
1131 " hKey key to be wrapped\n"
1132 " pWrappedKey gets wrapped key\n"
1133 " pulWrappedKeyLen gets wrapped key size\n",
1134 {ArgULong, ArgMechanism, ArgULong, ArgULong, ArgULong,
1135 ArgChar|ArgOut, ArgULong|ArgOut, ArgNone, ArgNone, ArgNone }},
1136 {"C_UnwrapKey", F_C_UnwrapKey,
1137 "C_UnwrapKey hSession pMechanism hUnwrappingKey pWrappedKey ulWrappedKeyLen \\\n"
1138 " pTemplate ulAttributeCount phKey\n\n"
1139 "C_UnwrapKey unwraps (decrypts) a wrapped key creating a new key object.\n"
1140 " hSession session's handle\n"
1141 " pMechanism unwrapping mech.\n"
1142 " hUnwrappingKey unwrapping key\n"
1143 " pWrappedKey the wrapped key\n"
1144 " ulWrappedKeyLen wrapped key len\n"
1145 " pTemplate new key template\n"
1146 " ulAttributeCount template length\n"
1147 " phKey gets new handle\n",
1148 {ArgULong, ArgMechanism, ArgULong, ArgChar, ArgULong,
1149 ArgAttribute|ArgArray, ArgULong, ArgULong|ArgOut, ArgNone, ArgNone }},
1150 {"C_DeriveKey", F_C_DeriveKey,
1151 "C_DeriveKey hSession pMechanism hBaseKey pTemplate ulAttributeCount phKey\n\n"
1152 "C_DeriveKey derives a key from a base key creating a new key object.\n"
1153 " hSession session's handle\n"
1154 " pMechanism key deriv. mech.\n"
1155 " hBaseKey base key\n"
1156 " pTemplate new key template\n"
1157 " ulAttributeCount template length\n"
1158 " phKey gets new handle\n",
1159 {ArgULong, ArgMechanism, ArgULong, ArgAttribute|ArgArray, ArgULong,
1160 ArgULong|ArgOut, ArgNone, ArgNone, ArgNone, ArgNone }},
1161 {"C_SeedRandom", F_C_SeedRandom,
1162 "C_SeedRandom hSession pSeed ulSeedLen\n\n"
1163 "C_SeedRandom mixes additional seed material into the token's random number\n"
1164 "generator.\n"
1165 " hSession the session's handle\n"
1166 " pSeed the seed material\n"
1167 " ulSeedLen length of seed material\n",
1168 {ArgULong, ArgChar, ArgULong, ArgNone, ArgNone,
1169 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1170 {"C_GenerateRandom", F_C_GenerateRandom,
1171 "C_GenerateRandom hSession RandomData ulRandomLen\n\n"
1172 "C_GenerateRandom generates random data.\n"
1173 " hSession the session's handle\n"
1174 " RandomData receives the random data\n"
1175 " ulRandomLen # of bytes to generate\n",
1176 {ArgULong, ArgChar, ArgULong, ArgNone, ArgNone,
1177 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1178 {"C_GetFunctionStatus", F_C_GetFunctionStatus,
1179 "C_GetFunctionStatus hSession\n\n"
1180 "C_GetFunctionStatus is a legacy function; it obtains an updated status of\n"
1181 "a function running in parallel with an application.\n"
1182 " hSession the session's handle\n",
1183 {ArgULong, ArgNone, ArgNone, ArgNone, ArgNone,
1184 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1185 {"C_CancelFunction", F_C_CancelFunction,
1186 "C_CancelFunction hSession\n\n"
1187 "C_CancelFunction is a legacy function; it cancels a function running in\n"
1188 "parallel.\n"
1189 " hSession the session's handle\n",
1190 {ArgULong, ArgNone, ArgNone, ArgNone, ArgNone,
1191 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1192 {"C_WaitForSlotEvent", F_C_WaitForSlotEvent,
1193 "C_WaitForSlotEvent flags pSlot pRserved\n\n"
1194 "C_WaitForSlotEvent waits for a slot event (token insertion removal etc.)\n"
1195 "to occur.\n"
1196 " flags blocking/nonblocking flag\n"
1197 " pSlot location that receives the slot ID\n"
1198 " pRserved reserved. Should be NULL_PTR\n",
1199 {ArgULong, ArgULong|ArgArray, ArgVar, ArgNone, ArgNone,
1200 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1201 {"NewArray", F_NewArray,
1202 "NewArray varName varType array size\n\n"
1203 "Creates a new array variable.\n"
1204 " varName variable name of the new array\n"
1205 " varType data type of the new array\n"
1206 " size number of elements in the array\n",
1207 {ArgVar|ArgNew, ArgVar, ArgULong, ArgNone, ArgNone,
1208 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1209 {"NewInitArg", F_NewInitializeArgs,
1210 "NewInitArg varName flags string\n\n"
1211 "Creates a new init variable.\n"
1212 " varName variable name of the new initArg\n"
1213 " flags value to set the flags field\n"
1214 " string string parameter for init arg\n",
1215 {ArgVar|ArgNew, ArgULong, ArgVar|ArgNew, ArgNone, ArgNone,
1216 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1217 {"NewTemplate", F_NewTemplate,
1218 "NewTemplate varName attributeList\n\n"
1219 "Create a new empty template and populate the attribute list\n"
1220 " varName variable name of the new template\n"
1221 " attributeList comma separated list of CKA_ATTRIBUTE types\n",
1222 {ArgVar|ArgNew, ArgVar, ArgNone, ArgNone, ArgNone,
1223 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1224 {"NewMechanism", F_NewMechanism,
1225 "NewMechanism varName mechanismType\n\n"
1226 "Create a new CK_MECHANISM object with type NULL parameters and specified type\n"
1227 " varName variable name of the new mechansim\n"
1228 " mechanismType CKM_ mechanism type value to set int the type field\n",
1229 {ArgVar|ArgNew, ArgULong, ArgNone, ArgNone, ArgNone,
1230 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1231 {"BuildTemplate", F_BuildTemplate,
1232 "BuildTemplate template\n\n"
1233 "Allocates space for the value in a template which has the sizes filled in,\n"
1234 "but no values allocated yet.\n"
1235 " template variable name of the template\n",
1236 {ArgAttribute, ArgNone, ArgNone, ArgNone, ArgNone,
1237 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1238 {"SetTemplate", F_SetTemplate,
1239 "SetTemplate template index value\n\n"
1240 "Sets a particular element of a template to a CK_ULONG\n"
1241 " template variable name of the template\n"
1242 " index index into the template to the element to change\n"
1243 " value 32 bit value to set in the template\n",
1244 {ArgAttribute, ArgULong, ArgULong, ArgNone, ArgNone,
1245 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1246 {"SetString", F_SetStringVar,
1247 "SetString varName string\n\n"
1248 "Sets a particular variable to a string value\n"
1249 " variable variable name of new string\n"
1250 " string String to set the variable to\n",
1251 {ArgVar|ArgNew, ArgVar, ArgNone, ArgNone, ArgNone,
1252 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1253 {"Set", F_SetVar,
1254 "Set varName value\n\n"
1255 "Sets a particular variable to CK_ULONG\n"
1256 " variable name of the new variable\n"
1257 " value 32 bit value to set variable to\n",
1258 {ArgVar|ArgNew, ArgULong, ArgNone, ArgNone, ArgNone,
1259 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1260 {"Print", F_Print,
1261 "Print varName\n\n"
1262 "prints a variable\n"
1263 " variable name of the variable to print\n",
1264 {ArgVar, ArgNone, ArgNone, ArgNone, ArgNone,
1265 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1266 {"Delete", F_Delete,
1267 "Delete varName\n\n"
1268 "delete a variable\n"
1269 " variable name of the variable to delete\n",
1270 {ArgVar|ArgNew, ArgNone, ArgNone, ArgNone, ArgNone,
1271 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1272 {"Load", F_Load,
1273 "load libraryName\n\n"
1274 "load a pkcs #11 module\n"
1275 " libraryName Name of a shared library\n",
1276 {ArgVar, ArgNone, ArgNone, ArgNone, ArgNone,
1277 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1278 {"Save", F_SaveVar,
1279 "Save filename variable\n\n"
1280 "Saves the binary value of 'variable' in file 'filename'\n"
1281 " fileName target file to save the variable in\n"
1282 " variable variable to save\n",
1283 {ArgVar|ArgNew, ArgVar, ArgNone, ArgNone, ArgNone,
1284 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1285 {"Restore", F_RestoreVar,
1286 "Restore filename variable\n\n"
1287 "Restores a variable from a file\n"
1288 " fileName target file to restore the variable from\n"
1289 " variable variable to restore\n",
1290 {ArgVar|ArgNew, ArgVar, ArgNone, ArgNone, ArgNone,
1291 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1292 {"Increment", F_Increment,
1293 "Increment variable value\n\n"
1294 "Increment a variable by value\n",
1295 {ArgVar, ArgULong, ArgNone, ArgNone, ArgNone,
1296 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1297 {"Decrement", F_Decrement,
1298 "Decrement variable value\n\n"
1299 "Decrement a variable by value\n",
1300 {ArgVar, ArgULong, ArgNone, ArgNone, ArgNone,
1301 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1302 {"List", F_List,
1303 "List all the variables\n",
1304 {ArgNone, ArgNone, ArgNone, ArgNone, ArgNone,
1305 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1306 {"Unload", F_Unload,
1307 "Unload the currrently loaded PKCS #11 library\n",
1308 {ArgNone, ArgNone, ArgNone, ArgNone, ArgNone,
1309 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1310 {"Run", F_Run,
1311 "Run filename\n\n"
1312 "reads filename as script of commands to execute\n",
1313 {ArgVar|ArgNew, ArgNone, ArgNone, ArgNone, ArgNone,
1314 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1315 {"Time", F_Time,
1316 "Time pkcs11 command\n\n"
1317 "Execute a pkcs #11 command and time the results\n",
1318 {ArgVar|ArgFull, ArgNone, ArgNone, ArgNone, ArgNone,
1319 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1320 {"System", F_System,
1321 "Set System Flag",
1322 {ArgULong, ArgNone, ArgNone, ArgNone, ArgNone,
1323 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1324 {"LoopRun", F_Loop,
1325 "LoopRun filename var start end step\n\n"
1326 "Run in a loop. Loop exit if scrip does and explicit quit (Quit QuitIf etc.)",
1327 {ArgVar|ArgNew, ArgVar|ArgNew, ArgULong, ArgULong, ArgULong,
1328 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1329 {"Help", F_Help,
1330 "Help [command]\n\n"
1331 "print general help, or help for a specific command\n",
1332 {ArgVar|ArgOpt, ArgNone, ArgNone, ArgNone, ArgNone,
1333 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1334 {"QuitIf", F_QuitIf,
1335 "QuitIf arg1 comparator arg2\n\n"
1336 "Exit from this program if Condition is valid, valid comparators:\n"
1337 " < > <= >= = !=\n",
1338 {ArgULong, ArgVar|ArgNew, ArgULong, ArgNone, ArgNone,
1339 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1340 {"QuitIfString", F_QuitIfString,
1341 "QuitIfString arg1 comparator arg2\n\n"
1342 "Exit from this program if Condition is valid, valid comparators:\n"
1343 " = !=\n",
1344 {ArgVar|ArgNew, ArgVar|ArgNew, ArgVar|ArgNew, ArgNone, ArgNone,
1345 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1346 {"Quit", F_Quit,
1347 "Exit from this program",
1348 {ArgNone, ArgNone, ArgNone, ArgNone, ArgNone,
1349 ArgNone, ArgNone, ArgNone, ArgNone, ArgNone }},
1350 };
1352 const Commands *commands= &_commands[0];
1353 const int commandCount = sizeof(_commands) / sizeof(_commands[0]);
1355 const Topics _topics[] = {
1356 { "variables",
1357 "Variables are random strings of characters. These should begin with alpha\n"
1358 " characters, and should not contain any spaces, nor should they match any\n"
1359 " built-in constants. There is some checking in the code for these things,\n"
1360 " but it's not 100% and using invalid variable names can cause problems.\n"
1361 " Variables are created by any 'OUT' parameter. If the variable does not\n"
1362 " exist, it will be created. For in parameters variables must already exist.\n"
1363 },
1364 { "constants",
1365 "pk11util recognizes *lots* of constants. All CKA_, CKF_, CKO_, CKU_, CKS_,\n"
1366 " CKC_, CKK_, CKH_, CKM_, CKT_ values from the PKCS #11 spec are recognized.\n"
1367 " Constants can be specified with their fully qualified CK?_ value, or the\n"
1368 " prefix can be dropped. Constants are matched case insensitve.\n"
1369 },
1370 { "arrays",
1371 "Arrays are special variables which represent 'C' arrays. Each array \n"
1372 " variable can be referenced as a group (using just the name), or as \n"
1373 " individual elements (with the [int] operator). Example:\n"
1374 " print myArray # prints the full array.\n"
1375 " print myArray[3] # prints the 3rd elemement of the array \n"
1376 },
1377 { "sizes",
1378 "Size operaters returns the size in bytes of a variable, or the number of\n"
1379 " elements in an array.\n"
1380 " size(var) and sizeof(var) return the size of var in bytes.\n"
1381 " sizea(var) and sizeofarray(var) return the number of elements in var.\n"
1382 " If var is not an array, sizea(var) returns 1.\n"
1383 },
1384 };
1386 const Topics *topics= &_topics[0];
1387 const int topicCount = sizeof(_topics) / sizeof(_topics[0]);
1389 const char *
1390 getName(CK_ULONG value, ConstType type)
1391 {
1392 int i;
1394 for (i=0; i < constCount; i++) {
1395 if (consts[i].type == type && consts[i].value == value) {
1396 return consts[i].name;
1397 }
1398 if (type == ConstNone && consts[i].value == value) {
1399 return consts[i].name;
1400 }
1401 }
1403 return NULL;
1404 }
1406 const char *
1407 getNameFromAttribute(CK_ATTRIBUTE_TYPE type)
1408 {
1409 return getName(type, ConstAttribute);
1410 }
1412 int totalKnownType(ConstType type) {
1413 int count = 0;
1414 int i;
1416 for (i=0; i < constCount; i++) {
1417 if (consts[i].type == type) count++;
1418 }
1419 return count;
1420 }
