rpms
/
softhsm
7
0
Fork 0
Code Issues Pull Requests Releases Activity
softhsm/SOURCES/softhsm-2.4.0-use-p11-kit-h...

5182 lines
176 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From 227aea681d6a3835134dccdf1e9e9e4fac8796d4 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Sat, 11 Aug 2018 11:31:23 +0300
Subject: [PATCH] Replace PKCS11 headers with a version from p11-kit
Since headers provided by OASIS PKCS11 TC have not-exactly free license
(they do not allow modification), use an alternative header from p11-kit
which is licensed under a more liberal license.
Vendor-specific constants were also updated to PKCS11 standard v3.0
where possible.
---
src/bin/dump/tables.h | 2 +-
src/lib/P11Attributes.cpp | 4 +-
src/lib/SoftHSM.cpp | 8 +-
src/lib/object_store/DBObject.cpp | 2 +-
src/lib/object_store/test/DBObjectTests.cpp | 8 +-
src/lib/object_store/test/ObjectFileTests.cpp | 8 +-
.../object_store/test/SessionObjectTests.cpp | 8 +-
src/lib/pkcs11/pkcs11.h | 1991 +++++++++++++---
src/lib/pkcs11/pkcs11f.h | 939 --------
src/lib/pkcs11/pkcs11t.h | 2003 -----------------
10 files changed, 1758 insertions(+), 3215 deletions(-)
delete mode 100644 src/lib/pkcs11/pkcs11f.h
delete mode 100644 src/lib/pkcs11/pkcs11t.h
diff --git a/src/bin/dump/tables.h b/src/bin/dump/tables.h
index 76d64fb..d125a2b 100644
--- a/src/bin/dump/tables.h
+++ b/src/bin/dump/tables.h
@@ -88,7 +88,7 @@ void fill_CKA_table(std::map<unsigned long, std::string> &t)
t[CKA_SUBPRIME] = "CKA_SUBPRIME";
t[CKA_BASE] = "CKA_BASE";
t[CKA_PRIME_BITS] = "CKA_PRIME_BITS";
- t[CKA_SUBPRIME_BITS] = "CKA_SUBPRIME_BITS";
+ t[CKA_SUB_PRIME_BITS] = "CKA_SUB_PRIME_BITS";
t[CKA_VALUE_BITS] = "CKA_VALUE_BITS";
t[CKA_VALUE_LEN] = "CKA_VALUE_LEN";
t[CKA_EXTRACTABLE] = "CKA_EXTRACTABLE";
diff --git a/src/lib/P11Attributes.cpp b/src/lib/P11Attributes.cpp
index 28d0f9b..02b71d7 100644
--- a/src/lib/P11Attributes.cpp
+++ b/src/lib/P11Attributes.cpp
@@ -2350,7 +2350,7 @@ CK_RV P11AttrWrapTemplate::updateAttr(Token* /*token*/, bool /*isPrivate*/, CK_V
case CKA_KEY_GEN_MECHANISM:
case CKA_MODULUS_BITS:
case CKA_PRIME_BITS:
- case CKA_SUBPRIME_BITS:
+ case CKA_SUB_PRIME_BITS:
case CKA_VALUE_BITS:
case CKA_VALUE_LEN:
case CKA_AUTH_PIN_FLAGS:
@@ -2449,7 +2449,7 @@ CK_RV P11AttrUnwrapTemplate::updateAttr(Token* /*token*/, bool /*isPrivate*/, CK
case CKA_KEY_GEN_MECHANISM:
case CKA_MODULUS_BITS:
case CKA_PRIME_BITS:
- case CKA_SUBPRIME_BITS:
+ case CKA_SUB_PRIME_BITS:
case CKA_VALUE_BITS:
case CKA_VALUE_LEN:
case CKA_AUTH_PIN_FLAGS:
diff --git a/src/lib/SoftHSM.cpp b/src/lib/SoftHSM.cpp
index 7a23a8a..84a5f5f 100644
--- a/src/lib/SoftHSM.cpp
+++ b/src/lib/SoftHSM.cpp
@@ -8149,10 +8149,10 @@ CK_RV SoftHSM::generateDSAParameters
}
bitLen = *(CK_ULONG*)pTemplate[i].pValue;
break;
- case CKA_SUBPRIME_BITS:
+ case CKA_SUB_PRIME_BITS:
if (pTemplate[i].ulValueLen != sizeof(CK_ULONG))
{
- INFO_MSG("CKA_SUBPRIME_BITS does not have the size of CK_ULONG");
+ INFO_MSG("CKA_SUB_PRIME_BITS does not have the size of CK_ULONG");
return CKR_ATTRIBUTE_VALUE_INVALID;
}
qLen = *(CK_ULONG*)pTemplate[i].pValue;
@@ -8169,11 +8169,11 @@ CK_RV SoftHSM::generateDSAParameters
return CKR_TEMPLATE_INCOMPLETE;
}
- // No real choice for CKA_SUBPRIME_BITS
+ // No real choice for CKA_SUB_PRIME_BITS
if ((qLen != 0) &&
(((bitLen >= 2048) && (qLen != 256)) ||
((bitLen < 2048) && (qLen != 160))))
- INFO_MSG("CKA_SUBPRIME_BITS is ignored");
+ INFO_MSG("CKA_SUB_PRIME_BITS is ignored");
// Generate domain parameters
diff --git a/src/lib/object_store/DBObject.cpp b/src/lib/object_store/DBObject.cpp
index d2515bd..1861aff 100644
--- a/src/lib/object_store/DBObject.cpp
+++ b/src/lib/object_store/DBObject.cpp
@@ -452,7 +452,7 @@ static AttributeKind attributeKind(CK_ATTRIBUTE_TYPE type)
case CKA_SUBPRIME: return akBinary;
case CKA_BASE: return akBinary;
case CKA_PRIME_BITS: return akInteger;
- case CKA_SUBPRIME_BITS: return akInteger;
+ case CKA_SUB_PRIME_BITS: return akInteger;
case CKA_VALUE_BITS: return akInteger;
case CKA_VALUE_LEN: return akInteger;
case CKA_EXTRACTABLE: return akBoolean;
diff --git a/src/lib/object_store/test/DBObjectTests.cpp b/src/lib/object_store/test/DBObjectTests.cpp
index d856b06..22d252c 100644
--- a/src/lib/object_store/test/DBObjectTests.cpp
+++ b/src/lib/object_store/test/DBObjectTests.cpp
@@ -202,7 +202,7 @@ void test_a_dbobject_with_an_object::should_store_unsigned_long_attributes()
CPPUNIT_ASSERT(testObject.setAttribute(CKA_MODULUS_BITS, attr1));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_PRIME_BITS, attr2));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_AUTH_PIN_FLAGS, attr3));
- CPPUNIT_ASSERT(testObject.setAttribute(CKA_SUBPRIME_BITS, attr4));
+ CPPUNIT_ASSERT(testObject.setAttribute(CKA_SUB_PRIME_BITS, attr4));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_KEY_TYPE, attr5));
}
@@ -215,20 +215,20 @@ void test_a_dbobject_with_an_object::should_store_unsigned_long_attributes()
CPPUNIT_ASSERT(testObject.attributeExists(CKA_MODULUS_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_PRIME_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_AUTH_PIN_FLAGS));
- CPPUNIT_ASSERT(testObject.attributeExists(CKA_SUBPRIME_BITS));
+ CPPUNIT_ASSERT(testObject.attributeExists(CKA_SUB_PRIME_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_KEY_TYPE));
CPPUNIT_ASSERT(!testObject.attributeExists(CKA_ID));
CPPUNIT_ASSERT(testObject.getAttribute(CKA_MODULUS_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_PRIME_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_AUTH_PIN_FLAGS).isUnsignedLongAttribute());
- CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUBPRIME_BITS).isUnsignedLongAttribute());
+ CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUB_PRIME_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_KEY_TYPE).isUnsignedLongAttribute());
CPPUNIT_ASSERT_EQUAL(testObject.getAttribute(CKA_MODULUS_BITS).getUnsignedLongValue(), (unsigned long)0x12345678);
CPPUNIT_ASSERT_EQUAL(testObject.getAttribute(CKA_PRIME_BITS).getUnsignedLongValue(), (unsigned long)0x87654321);
CPPUNIT_ASSERT_EQUAL(testObject.getAttribute(CKA_AUTH_PIN_FLAGS).getUnsignedLongValue(), (unsigned long)0x01010101);
- CPPUNIT_ASSERT_EQUAL(testObject.getAttribute(CKA_SUBPRIME_BITS).getUnsignedLongValue(), (unsigned long)0x10101010);
+ CPPUNIT_ASSERT_EQUAL(testObject.getAttribute(CKA_SUB_PRIME_BITS).getUnsignedLongValue(), (unsigned long)0x10101010);
CPPUNIT_ASSERT_EQUAL(testObject.getAttribute(CKA_KEY_TYPE).getUnsignedLongValue(), (unsigned long)0xABCDEF);
unsigned long value6 = 0x90909090;
diff --git a/src/lib/object_store/test/ObjectFileTests.cpp b/src/lib/object_store/test/ObjectFileTests.cpp
index 9f0f5bd..f3c3ae5 100644
--- a/src/lib/object_store/test/ObjectFileTests.cpp
+++ b/src/lib/object_store/test/ObjectFileTests.cpp
@@ -158,7 +158,7 @@ void ObjectFileTests::testULongAttr()
CPPUNIT_ASSERT(testObject.setAttribute(CKA_MODULUS_BITS, attr1));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_PRIME_BITS, attr2));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_AUTH_PIN_FLAGS, attr3));
- CPPUNIT_ASSERT(testObject.setAttribute(CKA_SUBPRIME_BITS, attr4));
+ CPPUNIT_ASSERT(testObject.setAttribute(CKA_SUB_PRIME_BITS, attr4));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_KEY_TYPE, attr5));
}
@@ -175,20 +175,20 @@ void ObjectFileTests::testULongAttr()
CPPUNIT_ASSERT(testObject.attributeExists(CKA_MODULUS_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_PRIME_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_AUTH_PIN_FLAGS));
- CPPUNIT_ASSERT(testObject.attributeExists(CKA_SUBPRIME_BITS));
+ CPPUNIT_ASSERT(testObject.attributeExists(CKA_SUB_PRIME_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_KEY_TYPE));
CPPUNIT_ASSERT(!testObject.attributeExists(CKA_ID));
CPPUNIT_ASSERT(testObject.getAttribute(CKA_MODULUS_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_PRIME_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_AUTH_PIN_FLAGS).isUnsignedLongAttribute());
- CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUBPRIME_BITS).isUnsignedLongAttribute());
+ CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUB_PRIME_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_KEY_TYPE).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_MODULUS_BITS).getUnsignedLongValue() == 0x12345678);
CPPUNIT_ASSERT(testObject.getAttribute(CKA_PRIME_BITS).getUnsignedLongValue() == 0x87654321);
CPPUNIT_ASSERT(testObject.getAttribute(CKA_AUTH_PIN_FLAGS).getUnsignedLongValue() == 0x01010101);
- CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUBPRIME_BITS).getUnsignedLongValue() == 0x10101010);
+ CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUB_PRIME_BITS).getUnsignedLongValue() == 0x10101010);
CPPUNIT_ASSERT(testObject.getAttribute(CKA_KEY_TYPE).getUnsignedLongValue() == 0xABCDEF);
unsigned long value6 = 0x90909090;
diff --git a/src/lib/object_store/test/SessionObjectTests.cpp b/src/lib/object_store/test/SessionObjectTests.cpp
index 6183ec6..20d9052 100644
--- a/src/lib/object_store/test/SessionObjectTests.cpp
+++ b/src/lib/object_store/test/SessionObjectTests.cpp
@@ -125,7 +125,7 @@ void SessionObjectTests::testULongAttr()
CPPUNIT_ASSERT(testObject.setAttribute(CKA_MODULUS_BITS, attr1));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_PRIME_BITS, attr2));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_AUTH_PIN_FLAGS, attr3));
- CPPUNIT_ASSERT(testObject.setAttribute(CKA_SUBPRIME_BITS, attr4));
+ CPPUNIT_ASSERT(testObject.setAttribute(CKA_SUB_PRIME_BITS, attr4));
CPPUNIT_ASSERT(testObject.setAttribute(CKA_KEY_TYPE, attr5));
CPPUNIT_ASSERT(testObject.isValid());
@@ -133,20 +133,20 @@ void SessionObjectTests::testULongAttr()
CPPUNIT_ASSERT(testObject.attributeExists(CKA_MODULUS_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_PRIME_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_AUTH_PIN_FLAGS));
- CPPUNIT_ASSERT(testObject.attributeExists(CKA_SUBPRIME_BITS));
+ CPPUNIT_ASSERT(testObject.attributeExists(CKA_SUB_PRIME_BITS));
CPPUNIT_ASSERT(testObject.attributeExists(CKA_KEY_TYPE));
CPPUNIT_ASSERT(!testObject.attributeExists(CKA_ID));
CPPUNIT_ASSERT(testObject.getAttribute(CKA_MODULUS_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_PRIME_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_AUTH_PIN_FLAGS).isUnsignedLongAttribute());
- CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUBPRIME_BITS).isUnsignedLongAttribute());
+ CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUB_PRIME_BITS).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_KEY_TYPE).isUnsignedLongAttribute());
CPPUNIT_ASSERT(testObject.getAttribute(CKA_MODULUS_BITS).getUnsignedLongValue() == 0x12345678);
CPPUNIT_ASSERT(testObject.getAttribute(CKA_PRIME_BITS).getUnsignedLongValue() == 0x87654321);
CPPUNIT_ASSERT(testObject.getAttribute(CKA_AUTH_PIN_FLAGS).getUnsignedLongValue() == 0x01010101);
- CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUBPRIME_BITS).getUnsignedLongValue() == 0x10101010);
+ CPPUNIT_ASSERT(testObject.getAttribute(CKA_SUB_PRIME_BITS).getUnsignedLongValue() == 0x10101010);
CPPUNIT_ASSERT(testObject.getAttribute(CKA_KEY_TYPE).getUnsignedLongValue() == 0xABCDEF);
unsigned long value6 = 0x90909090;
diff --git a/src/lib/pkcs11/pkcs11.h b/src/lib/pkcs11/pkcs11.h
index 0d78dd7..9d31ce8 100644
--- a/src/lib/pkcs11/pkcs11.h
+++ b/src/lib/pkcs11/pkcs11.h
@@ -1,265 +1,1750 @@
-/* Copyright (c) OASIS Open 2016. All Rights Reserved./
- * /Distributed under the terms of the OASIS IPR Policy,
- * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
- * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
- * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
- */
-
-/* Latest version of the specification:
- * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
- */
-
-#ifndef _PKCS11_H_
-#define _PKCS11_H_ 1
-
-#ifdef __cplusplus
+/* pkcs11.h
+ Copyright 2006, 2007 g10 Code GmbH
+ Copyright 2006 Andreas Jellinghaus
+ Copyright 2017 Red Hat, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even
+ the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ PURPOSE. */
+
+/* Please submit any changes back to the p11-kit project at
+ https://github.com/p11-glue/p11-kit/, so that
+ they can be picked up by other projects from there as well. */
+
+/* This file is a modified implementation of the PKCS #11 standard by
+ OASIS group. It is mostly a drop-in replacement, with the
+ following change:
+
+ This header file does not require any macro definitions by the user
+ (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros
+ for you (if useful, some are missing, let me know if you need
+ more).
+
+ There is an additional API available that does comply better to the
+ GNU coding standard. It can be switched on by defining
+ CRYPTOKI_GNU before including this header file. For this, the
+ following changes are made to the specification:
+
+ All structure types are changed to a "struct ck_foo" where CK_FOO
+ is the type name in PKCS #11.
+
+ All non-structure types are changed to ck_foo_t where CK_FOO is the
+ lowercase version of the type name in PKCS #11. The basic types
+ (CK_ULONG et al.) are removed without substitute.
+
+ All members of structures are modified in the following way: Type
+ indication prefixes are removed, and underscore characters are
+ inserted before words. Then the result is lowercased.
+
+ Note that function names are still in the original case, as they
+ need for ABI compatibility.
+
+ CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use
+ <stdbool.h>.
+
+ If CRYPTOKI_COMPAT is defined before including this header file,
+ then none of the API changes above take place, and the API is the
+ one defined by the PKCS #11 standard. */
+
+#ifndef PKCS11_H
+#define PKCS11_H 1
+
+#if defined(__cplusplus)
extern "C" {
#endif
-/* Before including this file (pkcs11.h) (or pkcs11t.h by
- * itself), 5 platform-specific macros must be defined. These
- * macros are described below, and typical definitions for them
- * are also given. Be advised that these definitions can depend
- * on both the platform and the compiler used (and possibly also
- * on whether a Cryptoki library is linked statically or
- * dynamically).
- *
- * In addition to defining these 5 macros, the packing convention
- * for Cryptoki structures should be set. The Cryptoki
- * convention on packing is that structures should be 1-byte
- * aligned.
- *
- * If you're using Microsoft Developer Studio 5.0 to produce
- * Win32 stuff, this might be done by using the following
- * preprocessor directive before including pkcs11.h or pkcs11t.h:
- *
- * #pragma pack(push, cryptoki, 1)
- *
- * and using the following preprocessor directive after including
- * pkcs11.h or pkcs11t.h:
- *
- * #pragma pack(pop, cryptoki)
- *
- * If you're using an earlier version of Microsoft Developer
- * Studio to produce Win16 stuff, this might be done by using
- * the following preprocessor directive before including
- * pkcs11.h or pkcs11t.h:
- *
- * #pragma pack(1)
- *
- * In a UNIX environment, you're on your own for this. You might
- * not need to do (or be able to do!) anything.
- *
- *
- * Now for the macros:
- *
- *
- * 1. CK_PTR: The indirection string for making a pointer to an
- * object. It can be used like this:
- *
- * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
- *
- * If you're using Microsoft Developer Studio 5.0 to produce
- * Win32 stuff, it might be defined by:
- *
- * #define CK_PTR *
- *
- * If you're using an earlier version of Microsoft Developer
- * Studio to produce Win16 stuff, it might be defined by:
- *
- * #define CK_PTR far *
- *
- * In a typical UNIX environment, it might be defined by:
- *
- * #define CK_PTR *
- *
- *
- * 2. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
- * an importable Cryptoki library function declaration out of a
- * return type and a function name. It should be used in the
- * following fashion:
- *
- * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
- * CK_VOID_PTR pReserved
- * );
- *
- * If you're using Microsoft Developer Studio 5.0 to declare a
- * function in a Win32 Cryptoki .dll, it might be defined by:
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType __declspec(dllimport) name
- *
- * If you're using an earlier version of Microsoft Developer
- * Studio to declare a function in a Win16 Cryptoki .dll, it
- * might be defined by:
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by:
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType name
- *
- *
- * 3. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
- * which makes a Cryptoki API function pointer declaration or
- * function pointer type declaration out of a return type and a
- * function name. It should be used in the following fashion:
- *
- * // Define funcPtr to be a pointer to a Cryptoki API function
- * // taking arguments args and returning CK_RV.
- * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
- *
- * or
- *
- * // Define funcPtrType to be the type of a pointer to a
- * // Cryptoki API function taking arguments args and returning
- * // CK_RV, and then define funcPtr to be a variable of type
- * // funcPtrType.
- * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
- * funcPtrType funcPtr;
- *
- * If you're using Microsoft Developer Studio 5.0 to access
- * functions in a Win32 Cryptoki .dll, in might be defined by:
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType __declspec(dllimport) (* name)
- *
- * If you're using an earlier version of Microsoft Developer
- * Studio to access functions in a Win16 Cryptoki .dll, it might
- * be defined by:
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType __export _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by:
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType (* name)
- *
- *
- * 4. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
- * a function pointer type for an application callback out of
- * a return type for the callback and a name for the callback.
- * It should be used in the following fashion:
- *
- * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
- *
- * to declare a function pointer, myCallback, to a callback
- * which takes arguments args and returns a CK_RV. It can also
- * be used like this:
- *
- * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
- * myCallbackType myCallback;
- *
- * If you're using Microsoft Developer Studio 5.0 to do Win32
- * Cryptoki development, it might be defined by:
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType (* name)
- *
- * If you're using an earlier version of Microsoft Developer
- * Studio to do Win16 development, it might be defined by:
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by:
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType (* name)
- *
- *
- * 5. NULL_PTR: This macro is the value of a NULL pointer.
- *
- * In any ANSI/ISO C environment (and in many others as well),
- * this should best be defined by
- *
- * #ifndef NULL_PTR
- * #define NULL_PTR 0
- * #endif
- */
-
-
-/* All the various Cryptoki types and #define'd values are in the
- * file pkcs11t.h.
- */
-#include "pkcs11t.h"
-
-#define __PASTE(x,y) x##y
-
-
-/* ==============================================================
- * Define the "extern" form of all the entry points.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST 1
-#define CK_PKCS11_FUNCTION_INFO(name) \
- extern CK_DECLARE_FUNCTION(CK_RV, name)
-
-/* pkcs11f.h has all the information about the Cryptoki
- * function prototypes.
- */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define the typedef form of all the entry points. That is, for
- * each Cryptoki function C_XXX, define a type CK_C_XXX which is
- * a pointer to that kind of function.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST 1
-#define CK_PKCS11_FUNCTION_INFO(name) \
- typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
-
-/* pkcs11f.h has all the information about the Cryptoki
- * function prototypes.
- */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define structed vector of entry points. A CK_FUNCTION_LIST
- * contains a CK_VERSION indicating a library's Cryptoki version
- * and then a whole slew of function pointers to the routines in
- * the library. This type was declared, but not defined, in
- * pkcs11t.h.
- * ==============================================================
- */
-
-#define CK_PKCS11_FUNCTION_INFO(name) \
- __PASTE(CK_,name) name;
-
-struct CK_FUNCTION_LIST {
-
- CK_VERSION version; /* Cryptoki version */
-
-/* Pile all the function pointers into the CK_FUNCTION_LIST. */
-/* pkcs11f.h has all the information about the Cryptoki
- * function prototypes.
- */
-#include "pkcs11f.h"
+/* The version of cryptoki we implement. The revision is changed with
+ each modification of this file. */
+#define CRYPTOKI_VERSION_MAJOR 2
+#define CRYPTOKI_VERSION_MINOR 40
+#define P11_KIT_CRYPTOKI_VERSION_REVISION 0
+
+
+/* Compatibility interface is default, unless CRYPTOKI_GNU is
+ given. */
+#ifndef CRYPTOKI_GNU
+#ifndef CRYPTOKI_COMPAT
+#define CRYPTOKI_COMPAT 1
+#endif
+#endif
+
+/* System dependencies. */
+
+#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
+
+/* There is a matching pop below. */
+#pragma pack(push, cryptoki, 1)
+
+#ifdef CRYPTOKI_EXPORTS
+#define CK_SPEC __declspec(dllexport)
+#else
+#define CK_SPEC __declspec(dllimport)
+#endif
+
+#else
+
+#define CK_SPEC
+
+#endif
+
+
+#ifdef CRYPTOKI_COMPAT
+ /* If we are in compatibility mode, switch all exposed names to the
+ PKCS #11 variant. There are corresponding #undefs below. */
+
+#define ck_flags_t CK_FLAGS
+#define ck_version _CK_VERSION
+
+#define ck_info _CK_INFO
+#define cryptoki_version cryptokiVersion
+#define manufacturer_id manufacturerID
+#define library_description libraryDescription
+#define library_version libraryVersion
+
+#define ck_notification_t CK_NOTIFICATION
+#define ck_slot_id_t CK_SLOT_ID
+
+#define ck_slot_info _CK_SLOT_INFO
+#define slot_description slotDescription
+#define hardware_version hardwareVersion
+#define firmware_version firmwareVersion
+
+#define ck_token_info _CK_TOKEN_INFO
+#define serial_number serialNumber
+#define max_session_count ulMaxSessionCount
+#define session_count ulSessionCount
+#define max_rw_session_count ulMaxRwSessionCount
+#define rw_session_count ulRwSessionCount
+#define max_pin_len ulMaxPinLen
+#define min_pin_len ulMinPinLen
+#define total_public_memory ulTotalPublicMemory
+#define free_public_memory ulFreePublicMemory
+#define total_private_memory ulTotalPrivateMemory
+#define free_private_memory ulFreePrivateMemory
+#define utc_time utcTime
+
+#define ck_session_handle_t CK_SESSION_HANDLE
+#define ck_user_type_t CK_USER_TYPE
+#define ck_state_t CK_STATE
+
+#define ck_session_info _CK_SESSION_INFO
+#define slot_id slotID
+#define device_error ulDeviceError
+
+#define ck_object_handle_t CK_OBJECT_HANDLE
+#define ck_object_class_t CK_OBJECT_CLASS
+#define ck_hw_feature_type_t CK_HW_FEATURE_TYPE
+#define ck_key_type_t CK_KEY_TYPE
+#define ck_certificate_type_t CK_CERTIFICATE_TYPE
+#define ck_attribute_type_t CK_ATTRIBUTE_TYPE
+
+#define ck_attribute _CK_ATTRIBUTE
+#define value pValue
+#define value_len ulValueLen
+
+#define count ulCount
+
+#define ck_date _CK_DATE
+
+#define ck_mechanism_type_t CK_MECHANISM_TYPE
+
+#define ck_mechanism _CK_MECHANISM
+#define parameter pParameter
+#define parameter_len ulParameterLen
+
+#define params pParams
+
+#define ck_mechanism_info _CK_MECHANISM_INFO
+#define min_key_size ulMinKeySize
+#define max_key_size ulMaxKeySize
+
+#define ck_param_type CK_PARAM_TYPE
+#define ck_otp_param CK_OTP_PARAM
+#define ck_otp_params CK_OTP_PARAMS
+#define ck_otp_signature_info CK_OTP_SIGNATURE_INFO
+
+#define ck_rv_t CK_RV
+#define ck_notify_t CK_NOTIFY
+
+#define ck_function_list _CK_FUNCTION_LIST
+
+#define ck_createmutex_t CK_CREATEMUTEX
+#define ck_destroymutex_t CK_DESTROYMUTEX
+#define ck_lockmutex_t CK_LOCKMUTEX
+#define ck_unlockmutex_t CK_UNLOCKMUTEX
+
+#define ck_c_initialize_args _CK_C_INITIALIZE_ARGS
+#define create_mutex CreateMutex
+#define destroy_mutex DestroyMutex
+#define lock_mutex LockMutex
+#define unlock_mutex UnlockMutex
+#define reserved pReserved
+
+#define ck_rsa_pkcs_mgf_type_t CK_RSA_PKCS_MGF_TYPE
+#define ck_rsa_pkcs_oaep_source_type_t CK_RSA_PKCS_OAEP_SOURCE_TYPE
+#define hash_alg hashAlg
+#define s_len sLen
+#define source_data pSourceData
+#define source_data_len ulSourceDataLen
+
+#define counter_bits ulCounterBits
+#define iv_ptr pIv
+#define iv_len ulIvLen
+#define iv_bits ulIvBits
+#define aad_ptr pAAD
+#define aad_len ulAADLen
+#define tag_bits ulTagBits
+#define shared_data_len ulSharedDataLen
+#define shared_data pSharedData
+#define public_data_len ulPublicDataLen
+#define public_data pPublicData
+#define string_data pData
+#define string_data_len ulLen
+#define data_params pData
+#endif /* CRYPTOKI_COMPAT */
+
+
+
+typedef unsigned long ck_flags_t;
+
+struct ck_version
+{
+ unsigned char major;
+ unsigned char minor;
};
-#undef CK_PKCS11_FUNCTION_INFO
+struct ck_info
+{
+ struct ck_version cryptoki_version;
+ unsigned char manufacturer_id[32];
+ ck_flags_t flags;
+ unsigned char library_description[32];
+ struct ck_version library_version;
+};
-#undef __PASTE
-#ifdef __cplusplus
-}
+typedef unsigned long ck_notification_t;
+
+#define CKN_SURRENDER (0UL)
+
+
+typedef unsigned long ck_slot_id_t;
+
+
+struct ck_slot_info
+{
+ unsigned char slot_description[64];
+ unsigned char manufacturer_id[32];
+ ck_flags_t flags;
+ struct ck_version hardware_version;
+ struct ck_version firmware_version;
+};
+
+
+#define CKF_TOKEN_PRESENT (1UL << 0)
+#define CKF_REMOVABLE_DEVICE (1UL << 1)
+#define CKF_HW_SLOT (1UL << 2)
+#define CKF_ARRAY_ATTRIBUTE (1UL << 30)
+
+
+struct ck_token_info
+{
+ unsigned char label[32];
+ unsigned char manufacturer_id[32];
+ unsigned char model[16];
+ unsigned char serial_number[16];
+ ck_flags_t flags;
+ unsigned long max_session_count;
+ unsigned long session_count;
+ unsigned long max_rw_session_count;
+ unsigned long rw_session_count;
+ unsigned long max_pin_len;
+ unsigned long min_pin_len;
+ unsigned long total_public_memory;
+ unsigned long free_public_memory;
+ unsigned long total_private_memory;
+ unsigned long free_private_memory;
+ struct ck_version hardware_version;
+ struct ck_version firmware_version;
+ unsigned char utc_time[16];
+};
+
+
+#define CKF_RNG (1UL << 0)
+#define CKF_WRITE_PROTECTED (1UL << 1)
+#define CKF_LOGIN_REQUIRED (1UL << 2)
+#define CKF_USER_PIN_INITIALIZED (1UL << 3)
+#define CKF_RESTORE_KEY_NOT_NEEDED (1UL << 5)
+#define CKF_CLOCK_ON_TOKEN (1UL << 6)
+#define CKF_PROTECTED_AUTHENTICATION_PATH (1UL << 8)
+#define CKF_DUAL_CRYPTO_OPERATIONS (1UL << 9)
+#define CKF_TOKEN_INITIALIZED (1UL << 10)
+#define CKF_SECONDARY_AUTHENTICATION (1UL << 11)
+#define CKF_USER_PIN_COUNT_LOW (1UL << 16)
+#define CKF_USER_PIN_FINAL_TRY (1UL << 17)
+#define CKF_USER_PIN_LOCKED (1UL << 18)
+#define CKF_USER_PIN_TO_BE_CHANGED (1UL << 19)
+#define CKF_SO_PIN_COUNT_LOW (1UL << 20)
+#define CKF_SO_PIN_FINAL_TRY (1UL << 21)
+#define CKF_SO_PIN_LOCKED (1UL << 22)
+#define CKF_SO_PIN_TO_BE_CHANGED (1UL << 23)
+
+#define CK_UNAVAILABLE_INFORMATION ((unsigned long)-1L)
+#define CK_EFFECTIVELY_INFINITE (0UL)
+
+
+typedef unsigned long ck_session_handle_t;
+
+#define CK_INVALID_HANDLE (0UL)
+
+
+typedef unsigned long ck_user_type_t;
+
+#define CKU_SO (0UL)
+#define CKU_USER (1UL)
+#define CKU_CONTEXT_SPECIFIC (2UL)
+
+
+typedef unsigned long ck_state_t;
+
+#define CKS_RO_PUBLIC_SESSION (0UL)
+#define CKS_RO_USER_FUNCTIONS (1UL)
+#define CKS_RW_PUBLIC_SESSION (2UL)
+#define CKS_RW_USER_FUNCTIONS (3UL)
+#define CKS_RW_SO_FUNCTIONS (4UL)
+
+
+struct ck_session_info
+{
+ ck_slot_id_t slot_id;
+ ck_state_t state;
+ ck_flags_t flags;
+ unsigned long device_error;
+};
+
+#define CKF_RW_SESSION (1UL << 1)
+#define CKF_SERIAL_SESSION (1UL << 2)
+
+
+typedef unsigned long ck_object_handle_t;
+
+
+typedef unsigned long ck_object_class_t;
+
+#define CKO_DATA (0UL)
+#define CKO_CERTIFICATE (1UL)
+#define CKO_PUBLIC_KEY (2UL)
+#define CKO_PRIVATE_KEY (3UL)
+#define CKO_SECRET_KEY (4UL)
+#define CKO_HW_FEATURE (5UL)
+#define CKO_DOMAIN_PARAMETERS (6UL)
+#define CKO_MECHANISM (7UL)
+#define CKO_OTP_KEY (8UL)
+#define CKO_VENDOR_DEFINED ((unsigned long) (1UL << 31))
+
+
+typedef unsigned long ck_hw_feature_type_t;
+
+#define CKH_MONOTONIC_COUNTER (1UL)
+#define CKH_CLOCK (2UL)
+#define CKH_USER_INTERFACE (3UL)
+#define CKH_VENDOR_DEFINED ((unsigned long) (1UL << 31))
+
+
+typedef unsigned long ck_key_type_t;
+
+#define CKK_RSA (0UL)
+#define CKK_DSA (1UL)
+#define CKK_DH (2UL)
+#define CKK_ECDSA (3UL)
+#define CKK_EC (3UL)
+#define CKK_X9_42_DH (4UL)
+#define CKK_KEA (5UL)
+#define CKK_GENERIC_SECRET (0x10UL)
+#define CKK_RC2 (0x11UL)
+#define CKK_RC4 (0x12UL)
+#define CKK_DES (0x13UL)
+#define CKK_DES2 (0x14UL)
+#define CKK_DES3 (0x15UL)
+#define CKK_CAST (0x16UL)
+#define CKK_CAST3 (0x17UL)
+#define CKK_CAST128 (0x18UL)
+#define CKK_RC5 (0x19UL)
+#define CKK_IDEA (0x1aUL)
+#define CKK_SKIPJACK (0x1bUL)
+#define CKK_BATON (0x1cUL)
+#define CKK_JUNIPER (0x1dUL)
+#define CKK_CDMF (0x1eUL)
+#define CKK_AES (0x1fUL)
+#define CKK_BLOWFISH (0x20UL)
+#define CKK_TWOFISH (0x21UL)
+#define CKK_SECURID (0x22UL)
+#define CKK_HOTP (0x23UL)
+#define CKK_ACTI (0x24UL)
+#define CKK_CAMELLIA (0x25UL)
+#define CKK_ARIA (0x26UL)
+#define CKK_MD5_HMAC (0x27UL)
+#define CKK_SHA_1_HMAC (0x28UL)
+#define CKK_RIPEMD128_HMAC (0x29UL)
+#define CKK_RIPEMD160_HMAC (0x2aUL)
+#define CKK_SHA256_HMAC (0x2bUL)
+#define CKK_SHA384_HMAC (0x2cUL)
+#define CKK_SHA512_HMAC (0x2dUL)
+#define CKK_SHA224_HMAC (0x2eUL)
+#define CKK_SEED (0x2fUL)
+#define CKK_GOSTR3410 (0x30UL)
+#define CKK_GOSTR3411 (0x31UL)
+#define CKK_GOST28147 (0x32UL)
+#define CKK_EC_EDWARDS (0x40UL)
+#define CKK_VENDOR_DEFINED ((unsigned long) (1UL << 31))
+
+
+typedef unsigned long ck_certificate_type_t;
+
+#define CKC_X_509 (0UL)
+#define CKC_X_509_ATTR_CERT (1UL)
+#define CKC_WTLS (2UL)
+#define CKC_VENDOR_DEFINED ((unsigned long) (1UL << 31))
+
+#define CKC_OPENPGP (CKC_VENDOR_DEFINED|0x504750UL)
+
+typedef unsigned long ck_attribute_type_t;
+
+#define CKA_CLASS (0UL)
+#define CKA_TOKEN (1UL)
+#define CKA_PRIVATE (2UL)
+#define CKA_LABEL (3UL)
+#define CKA_APPLICATION (0x10UL)
+#define CKA_VALUE (0x11UL)
+#define CKA_OBJECT_ID (0x12UL)
+#define CKA_CERTIFICATE_TYPE (0x80UL)
+#define CKA_ISSUER (0x81UL)
+#define CKA_SERIAL_NUMBER (0x82UL)
+#define CKA_AC_ISSUER (0x83UL)
+#define CKA_OWNER (0x84UL)
+#define CKA_ATTR_TYPES (0x85UL)
+#define CKA_TRUSTED (0x86UL)
+#define CKA_CERTIFICATE_CATEGORY (0x87UL)
+#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL)
+#define CKA_URL (0x89UL)
+#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL)
+#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL)
+#define CKA_NAME_HASH_ALGORITHM (0x8cUL)
+#define CKA_CHECK_VALUE (0x90UL)
+#define CKA_KEY_TYPE (0x100UL)
+#define CKA_SUBJECT (0x101UL)
+#define CKA_ID (0x102UL)
+#define CKA_SENSITIVE (0x103UL)
+#define CKA_ENCRYPT (0x104UL)
+#define CKA_DECRYPT (0x105UL)
+#define CKA_WRAP (0x106UL)
+#define CKA_UNWRAP (0x107UL)
+#define CKA_SIGN (0x108UL)
+#define CKA_SIGN_RECOVER (0x109UL)
+#define CKA_VERIFY (0x10aUL)
+#define CKA_VERIFY_RECOVER (0x10bUL)
+#define CKA_DERIVE (0x10cUL)
+#define CKA_START_DATE (0x110UL)
+#define CKA_END_DATE (0x111UL)
+#define CKA_MODULUS (0x120UL)
+#define CKA_MODULUS_BITS (0x121UL)
+#define CKA_PUBLIC_EXPONENT (0x122UL)
+#define CKA_PRIVATE_EXPONENT (0x123UL)
+#define CKA_PRIME_1 (0x124UL)
+#define CKA_PRIME_2 (0x125UL)
+#define CKA_EXPONENT_1 (0x126UL)
+#define CKA_EXPONENT_2 (0x127UL)
+#define CKA_COEFFICIENT (0x128UL)
+#define CKA_PUBLIC_KEY_INFO (0x129UL)
+#define CKA_PRIME (0x130UL)
+#define CKA_SUBPRIME (0x131UL)
+#define CKA_BASE (0x132UL)
+#define CKA_PRIME_BITS (0x133UL)
+#define CKA_SUB_PRIME_BITS (0x134UL)
+#define CKA_VALUE_BITS (0x160UL)
+#define CKA_VALUE_LEN (0x161UL)
+#define CKA_EXTRACTABLE (0x162UL)
+#define CKA_LOCAL (0x163UL)
+#define CKA_NEVER_EXTRACTABLE (0x164UL)
+#define CKA_ALWAYS_SENSITIVE (0x165UL)
+#define CKA_KEY_GEN_MECHANISM (0x166UL)
+#define CKA_MODIFIABLE (0x170UL)
+#define CKA_COPYABLE (0x171UL)
+#define CKA_DESTROYABLE (0x172UL)
+#define CKA_ECDSA_PARAMS (0x180UL)
+#define CKA_EC_PARAMS (0x180UL)
+#define CKA_EC_POINT (0x181UL)
+#define CKA_SECONDARY_AUTH (0x200UL)
+#define CKA_AUTH_PIN_FLAGS (0x201UL)
+#define CKA_ALWAYS_AUTHENTICATE (0x202UL)
+#define CKA_WRAP_WITH_TRUSTED (0x210UL)
+#define CKA_OTP_FORMAT (0x220UL)
+#define CKA_OTP_LENGTH (0x221UL)
+#define CKA_OTP_TIME_INTERVAL (0x222UL)
+#define CKA_OTP_USER_FRIENDLY_MODE (0x223UL)
+#define CKA_OTP_CHALLENGE_REQUIREMENT (0x224UL)
+#define CKA_OTP_TIME_REQUIREMENT (0x225UL)
+#define CKA_OTP_COUNTER_REQUIREMENT (0x226UL)
+#define CKA_OTP_PIN_REQUIREMENT (0x227UL)
+#define CKA_OTP_USER_IDENTIFIER (0x22AUL)
+#define CKA_OTP_SERVICE_IDENTIFIER (0x22BUL)
+#define CKA_OTP_SERVICE_LOGO (0x22CUL)
+#define CKA_OTP_SERVICE_LOGO_TYPE (0x22DUL)
+#define CKA_OTP_COUNTER (0x22EUL)
+#define CKA_OTP_TIME (0x22FUL)
+#define CKA_GOSTR3410_PARAMS (0x250UL)
+#define CKA_GOSTR3411_PARAMS (0x251UL)
+#define CKA_GOST28147_PARAMS (0x252UL)
+#define CKA_HW_FEATURE_TYPE (0x300UL)
+#define CKA_RESET_ON_INIT (0x301UL)
+#define CKA_HAS_RESET (0x302UL)
+#define CKA_PIXEL_X (0x400UL)
+#define CKA_PIXEL_Y (0x401UL)
+#define CKA_RESOLUTION (0x402UL)
+#define CKA_CHAR_ROWS (0x403UL)
+#define CKA_CHAR_COLUMNS (0x404UL)
+#define CKA_COLOR (0x405UL)
+#define CKA_BITS_PER_PIXEL (0x406UL)
+#define CKA_CHAR_SETS (0x480UL)
+#define CKA_ENCODING_METHODS (0x481UL)
+#define CKA_MIME_TYPES (0x482UL)
+#define CKA_MECHANISM_TYPE (0x500UL)
+#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL)
+#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL)
+#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL)
+#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL)
+#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL)
+#define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x213UL)
+#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL)
+#define CKA_VENDOR_DEFINED ((unsigned long) (1UL << 31))
+
+
+struct ck_attribute
+{
+ ck_attribute_type_t type;
+ void *value;
+ unsigned long value_len;
+};
+
+
+struct ck_date
+{
+ unsigned char year[4];
+ unsigned char month[2];
+ unsigned char day[2];
+};
+
+
+typedef unsigned long ck_mechanism_type_t;
+
+#define CKM_RSA_PKCS_KEY_PAIR_GEN (0UL)
+#define CKM_RSA_PKCS (1UL)
+#define CKM_RSA_9796 (2UL)
+#define CKM_RSA_X_509 (3UL)
+#define CKM_MD2_RSA_PKCS (4UL)
+#define CKM_MD5_RSA_PKCS (5UL)
+#define CKM_SHA1_RSA_PKCS (6UL)
+#define CKM_RIPEMD128_RSA_PKCS (7UL)
+#define CKM_RIPEMD160_RSA_PKCS (8UL)
+#define CKM_RSA_PKCS_OAEP (9UL)
+#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xaUL)
+#define CKM_RSA_X9_31 (0xbUL)
+#define CKM_SHA1_RSA_X9_31 (0xcUL)
+#define CKM_RSA_PKCS_PSS (0xdUL)
+#define CKM_SHA1_RSA_PKCS_PSS (0xeUL)
+#define CKM_DSA_KEY_PAIR_GEN (0x10UL)
+#define CKM_DSA (0x11UL)
+#define CKM_DSA_SHA1 (0x12UL)
+#define CKM_DSA_SHA224 (0x13UL)
+#define CKM_DSA_SHA256 (0x14UL)
+#define CKM_DSA_SHA384 (0x15UL)
+#define CKM_DSA_SHA512 (0x16UL)
+#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20UL)
+#define CKM_DH_PKCS_DERIVE (0x21UL)
+#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30UL)
+#define CKM_X9_42_DH_DERIVE (0x31UL)
+#define CKM_X9_42_DH_HYBRID_DERIVE (0x32UL)
+#define CKM_X9_42_MQV_DERIVE (0x33UL)
+#define CKM_SHA256_RSA_PKCS (0x40UL)
+#define CKM_SHA384_RSA_PKCS (0x41UL)
+#define CKM_SHA512_RSA_PKCS (0x42UL)
+#define CKM_SHA256_RSA_PKCS_PSS (0x43UL)
+#define CKM_SHA384_RSA_PKCS_PSS (0x44UL)
+#define CKM_SHA512_RSA_PKCS_PSS (0x45UL)
+#define CKM_SHA512_224 (0x48UL)
+#define CKM_SHA512_224_HMAC (0x49UL)
+#define CKM_SHA512_224_HMAC_GENERAL (0x4aUL)
+#define CKM_SHA512_224_KEY_DERIVATION (0x4bUL)
+#define CKM_SHA512_256 (0x4cUL)
+#define CKM_SHA512_256_HMAC (0x4dUL)
+#define CKM_SHA512_256_HMAC_GENERAL (0x4eUL)
+#define CKM_SHA512_256_KEY_DERIVATION (0x4fUL)
+#define CKM_SHA512_T (0x50UL)
+#define CKM_SHA512_T_HMAC (0x51UL)
+#define CKM_SHA512_T_HMAC_GENERAL (0x52UL)
+#define CKM_SHA512_T_KEY_DERIVATION (0x53UL)
+#define CKM_RC2_KEY_GEN (0x100UL)
+#define CKM_RC2_ECB (0x101UL)
+#define CKM_RC2_CBC (0x102UL)
+#define CKM_RC2_MAC (0x103UL)
+#define CKM_RC2_MAC_GENERAL (0x104UL)
+#define CKM_RC2_CBC_PAD (0x105UL)
+#define CKM_RC4_KEY_GEN (0x110UL)
+#define CKM_RC4 (0x111UL)
+#define CKM_DES_KEY_GEN (0x120UL)
+#define CKM_DES_ECB (0x121UL)
+#define CKM_DES_CBC (0x122UL)
+#define CKM_DES_MAC (0x123UL)
+#define CKM_DES_MAC_GENERAL (0x124UL)
+#define CKM_DES_CBC_PAD (0x125UL)
+#define CKM_DES2_KEY_GEN (0x130UL)
+#define CKM_DES3_KEY_GEN (0x131UL)
+#define CKM_DES3_ECB (0x132UL)
+#define CKM_DES3_CBC (0x133UL)
+#define CKM_DES3_MAC (0x134UL)
+#define CKM_DES3_MAC_GENERAL (0x135UL)
+#define CKM_DES3_CBC_PAD (0x136UL)
+#define CKM_DES3_CMAC_GENERAL (0x137UL)
+#define CKM_DES3_CMAC (0x138UL)
+#define CKM_CDMF_KEY_GEN (0x140UL)
+#define CKM_CDMF_ECB (0x141UL)
+#define CKM_CDMF_CBC (0x142UL)
+#define CKM_CDMF_MAC (0x143UL)
+#define CKM_CDMF_MAC_GENERAL (0x144UL)
+#define CKM_CDMF_CBC_PAD (0x145UL)
+#define CKM_DES_OFB64 (0x150UL)
+#define CKM_DES_OFB8 (0x151UL)
+#define CKM_DES_CFB64 (0x152UL)
+#define CKM_DES_CFB8 (0x153UL)
+#define CKM_MD2 (0x200UL)
+#define CKM_MD2_HMAC (0x201UL)
+#define CKM_MD2_HMAC_GENERAL (0x202UL)
+#define CKM_MD5 (0x210UL)
+#define CKM_MD5_HMAC (0x211UL)
+#define CKM_MD5_HMAC_GENERAL (0x212UL)
+#define CKM_SHA_1 (0x220UL)
+#define CKM_SHA_1_HMAC (0x221UL)
+#define CKM_SHA_1_HMAC_GENERAL (0x222UL)
+#define CKM_RIPEMD128 (0x230UL)
+#define CKM_RIPEMD128_HMAC (0x231UL)
+#define CKM_RIPEMD128_HMAC_GENERAL (0x232UL)
+#define CKM_RIPEMD160 (0x240UL)
+#define CKM_RIPEMD160_HMAC (0x241UL)
+#define CKM_RIPEMD160_HMAC_GENERAL (0x242UL)
+#define CKM_SHA256 (0x250UL)
+#define CKM_SHA256_HMAC (0x251UL)
+#define CKM_SHA256_HMAC_GENERAL (0x252UL)
+#define CKM_SHA384 (0x260UL)
+#define CKM_SHA384_HMAC (0x261UL)
+#define CKM_SHA384_HMAC_GENERAL (0x262UL)
+#define CKM_SHA512 (0x270UL)
+#define CKM_SHA512_HMAC (0x271UL)
+#define CKM_SHA512_HMAC_GENERAL (0x272UL)
+#define CKM_SECURID_KEY_GEN (0x280UL)
+#define CKM_SECURID (0x282UL)
+#define CKM_HOTP_KEY_GEN (0x290UL)
+#define CKM_HOTP (0x291UL)
+#define CKM_ACTI (0x2a0UL)
+#define CKM_ACTI_KEY_GEN (0x2a1UL)
+#define CKM_CAST_KEY_GEN (0x300UL)
+#define CKM_CAST_ECB (0x301UL)
+#define CKM_CAST_CBC (0x302UL)
+#define CKM_CAST_MAC (0x303UL)
+#define CKM_CAST_MAC_GENERAL (0x304UL)
+#define CKM_CAST_CBC_PAD (0x305UL)
+#define CKM_CAST3_KEY_GEN (0x310UL)
+#define CKM_CAST3_ECB (0x311UL)
+#define CKM_CAST3_CBC (0x312UL)
+#define CKM_CAST3_MAC (0x313UL)
+#define CKM_CAST3_MAC_GENERAL (0x314UL)
+#define CKM_CAST3_CBC_PAD (0x315UL)
+#define CKM_CAST5_KEY_GEN (0x320UL)
+#define CKM_CAST128_KEY_GEN (0x320UL)
+#define CKM_CAST5_ECB (0x321UL)
+#define CKM_CAST128_ECB (0x321UL)
+#define CKM_CAST5_CBC (0x322UL)
+#define CKM_CAST128_CBC (0x322UL)
+#define CKM_CAST5_MAC (0x323UL)
+#define CKM_CAST128_MAC (0x323UL)
+#define CKM_CAST5_MAC_GENERAL (0x324UL)
+#define CKM_CAST128_MAC_GENERAL (0x324UL)
+#define CKM_CAST5_CBC_PAD (0x325UL)
+#define CKM_CAST128_CBC_PAD (0x325UL)
+#define CKM_RC5_KEY_GEN (0x330UL)
+#define CKM_RC5_ECB (0x331UL)
+#define CKM_RC5_CBC (0x332UL)
+#define CKM_RC5_MAC (0x333UL)
+#define CKM_RC5_MAC_GENERAL (0x334UL)
+#define CKM_RC5_CBC_PAD (0x335UL)
+#define CKM_IDEA_KEY_GEN (0x340UL)
+#define CKM_IDEA_ECB (0x341UL)
+#define CKM_IDEA_CBC (0x342UL)
+#define CKM_IDEA_MAC (0x343UL)
+#define CKM_IDEA_MAC_GENERAL (0x344UL)
+#define CKM_IDEA_CBC_PAD (0x345UL)
+#define CKM_GENERIC_SECRET_KEY_GEN (0x350UL)
+#define CKM_CONCATENATE_BASE_AND_KEY (0x360UL)
+#define CKM_CONCATENATE_BASE_AND_DATA (0x362UL)
+#define CKM_CONCATENATE_DATA_AND_BASE (0x363UL)
+#define CKM_XOR_BASE_AND_DATA (0x364UL)
+#define CKM_EXTRACT_KEY_FROM_KEY (0x365UL)
+#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370UL)
+#define CKM_SSL3_MASTER_KEY_DERIVE (0x371UL)
+#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372UL)
+#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373UL)
+#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374UL)
+#define CKM_TLS_MASTER_KEY_DERIVE (0x375UL)
+#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376UL)
+#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377UL)
+#define CKM_TLS_PRF (0x378UL)
+#define CKM_SSL3_MD5_MAC (0x380UL)
+#define CKM_SSL3_SHA1_MAC (0x381UL)
+#define CKM_MD5_KEY_DERIVATION (0x390UL)
+#define CKM_MD2_KEY_DERIVATION (0x391UL)
+#define CKM_SHA1_KEY_DERIVATION (0x392UL)
+#define CKM_SHA256_KEY_DERIVATION (0x393UL)
+#define CKM_SHA384_KEY_DERIVATION (0x394UL)
+#define CKM_SHA512_KEY_DERIVATION (0x395UL)
+#define CKM_PBE_MD2_DES_CBC (0x3a0UL)
+#define CKM_PBE_MD5_DES_CBC (0x3a1UL)
+#define CKM_PBE_MD5_CAST_CBC (0x3a2UL)
+#define CKM_PBE_MD5_CAST3_CBC (0x3a3UL)
+#define CKM_PBE_MD5_CAST5_CBC (0x3a4UL)
+#define CKM_PBE_MD5_CAST128_CBC (0x3a4UL)
+#define CKM_PBE_SHA1_CAST5_CBC (0x3a5UL)
+#define CKM_PBE_SHA1_CAST128_CBC (0x3a5UL)
+#define CKM_PBE_SHA1_RC4_128 (0x3a6UL)
+#define CKM_PBE_SHA1_RC4_40 (0x3a7UL)
+#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8UL)
+#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9UL)
+#define CKM_PBE_SHA1_RC2_128_CBC (0x3aaUL)
+#define CKM_PBE_SHA1_RC2_40_CBC (0x3abUL)
+#define CKM_PKCS5_PBKD2 (0x3b0UL)
+#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0UL)
+#define CKM_WTLS_PRE_MASTER_KEY_GEN (0x3d0UL)
+#define CKM_WTLS_MASTER_KEY_DERIVE (0x3d1UL)
+#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC (0x3d2UL)
+#define CKM_WTLS_PRF (0x3d3UL)
+#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE (0x3d4UL)
+#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE (0x3d5UL)
+#define CKM_TLS10_MAC_SERVER (0x3d6UL)
+#define CKM_TLS10_MAC_CLIENT (0x3d7UL)
+#define CKM_TLS12_MAC (0x3d8UL)
+#define CKM_TLS12_KDF (0x3d9UL)
+#define CKM_TLS12_MASTER_KEY_DERIVE (0x3e0UL)
+#define CKM_TLS12_KEY_AND_MAC_DERIVE (0x3e1UL)
+#define CKM_TLS12_MASTER_KEY_DERIVE_DH (0x3e2UL)
+#define CKM_TLS12_KEY_SAFE_DERIVE (0x3e3UL)
+#define CKM_TLS_MAC (0x3e4UL)
+#define CKM_TLS_KDF (0x3e5UL)
+#define CKM_KEY_WRAP_LYNKS (0x400UL)
+#define CKM_KEY_WRAP_SET_OAEP (0x401UL)
+#define CKM_CMS_SIG (0x500UL)
+#define CKM_KIP_DERIVE (0x510UL)
+#define CKM_KIP_WRAP (0x511UL)
+#define CKM_KIP_MAC (0x512UL)
+#define CKM_CAMELLIA_KEY_GEN (0x550UL)
+#define CKM_CAMELLIA_CTR (0x558UL)
+#define CKM_ARIA_KEY_GEN (0x560UL)
+#define CKM_ARIA_ECB (0x561UL)
+#define CKM_ARIA_CBC (0x562UL)
+#define CKM_ARIA_MAC (0x563UL)
+#define CKM_ARIA_MAC_GENERAL (0x564UL)
+#define CKM_ARIA_CBC_PAD (0x565UL)
+#define CKM_ARIA_ECB_ENCRYPT_DATA (0x566UL)
+#define CKM_ARIA_CBC_ENCRYPT_DATA (0x567UL)
+#define CKM_SEED_KEY_GEN (0x650UL)
+#define CKM_SEED_ECB (0x651UL)
+#define CKM_SEED_CBC (0x652UL)
+#define CKM_SEED_MAC (0x653UL)
+#define CKM_SEED_MAC_GENERAL (0x654UL)
+#define CKM_SEED_CBC_PAD (0x655UL)
+#define CKM_SEED_ECB_ENCRYPT_DATA (0x656UL)
+#define CKM_SEED_CBC_ENCRYPT_DATA (0x657UL)
+#define CKM_SKIPJACK_KEY_GEN (0x1000UL)
+#define CKM_SKIPJACK_ECB64 (0x1001UL)
+#define CKM_SKIPJACK_CBC64 (0x1002UL)
+#define CKM_SKIPJACK_OFB64 (0x1003UL)
+#define CKM_SKIPJACK_CFB64 (0x1004UL)
+#define CKM_SKIPJACK_CFB32 (0x1005UL)
+#define CKM_SKIPJACK_CFB16 (0x1006UL)
+#define CKM_SKIPJACK_CFB8 (0x1007UL)
+#define CKM_SKIPJACK_WRAP (0x1008UL)
+#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009UL)
+#define CKM_SKIPJACK_RELAYX (0x100aUL)
+#define CKM_KEA_KEY_PAIR_GEN (0x1010UL)
+#define CKM_KEA_KEY_DERIVE (0x1011UL)
+#define CKM_FORTEZZA_TIMESTAMP (0x1020UL)
+#define CKM_BATON_KEY_GEN (0x1030UL)
+#define CKM_BATON_ECB128 (0x1031UL)
+#define CKM_BATON_ECB96 (0x1032UL)
+#define CKM_BATON_CBC128 (0x1033UL)
+#define CKM_BATON_COUNTER (0x1034UL)
+#define CKM_BATON_SHUFFLE (0x1035UL)
+#define CKM_BATON_WRAP (0x1036UL)
+#define CKM_ECDSA_KEY_PAIR_GEN (0x1040UL)
+#define CKM_EC_KEY_PAIR_GEN (0x1040UL)
+#define CKM_ECDSA (0x1041UL)
+#define CKM_ECDSA_SHA1 (0x1042UL)
+#define CKM_ECDSA_SHA224 (0x1043UL)
+#define CKM_ECDSA_SHA256 (0x1044UL)
+#define CKM_ECDSA_SHA384 (0x1045UL)
+#define CKM_ECDSA_SHA512 (0x1046UL)
+#define CKM_ECDH1_DERIVE (0x1050UL)
+#define CKM_ECDH1_COFACTOR_DERIVE (0x1051UL)
+#define CKM_ECMQV_DERIVE (0x1052UL)
+#define CKM_ECDH_AES_KEY_WRAP (0x1053UL)
+#define CKM_RSA_AES_KEY_WRAP (0x1054UL)
+#define CKM_JUNIPER_KEY_GEN (0x1060UL)
+#define CKM_JUNIPER_ECB128 (0x1061UL)
+#define CKM_JUNIPER_CBC128 (0x1062UL)
+#define CKM_JUNIPER_COUNTER (0x1063UL)
+#define CKM_JUNIPER_SHUFFLE (0x1064UL)
+#define CKM_JUNIPER_WRAP (0x1065UL)
+#define CKM_FASTHASH (0x1070UL)
+#define CKM_AES_KEY_GEN (0x1080UL)
+#define CKM_AES_ECB (0x1081UL)
+#define CKM_AES_CBC (0x1082UL)
+#define CKM_AES_MAC (0x1083UL)
+#define CKM_AES_MAC_GENERAL (0x1084UL)
+#define CKM_AES_CBC_PAD (0x1085UL)
+#define CKM_AES_CTR (0x1086UL)
+#define CKM_AES_GCM (0x1087UL)
+#define CKM_AES_CCM (0x1088UL)
+#define CKM_AES_CTS (0x1089UL)
+#define CKM_AES_CMAC (0x108aUL)
+#define CKM_AES_CMAC_GENERAL (0x108bUL)
+#define CKM_AES_XCBC_MAC (0x108cUL)
+#define CKM_AES_XCBC_MAC_96 (0x108dUL)
+#define CKM_AES_GMAC (0x108eUL)
+#define CKM_BLOWFISH_KEY_GEN (0x1090UL)
+#define CKM_BLOWFISH_CBC (0x1091UL)
+#define CKM_TWOFISH_KEY_GEN (0x1092UL)
+#define CKM_TWOFISH_CBC (0x1093UL)
+#define CKM_BLOWFISH_CBC_PAD (0x1094UL)
+#define CKM_TWOFISH_CBC_PAD (0x1095UL)
+#define CKM_DES_ECB_ENCRYPT_DATA (0x1100UL)
+#define CKM_DES_CBC_ENCRYPT_DATA (0x1101UL)
+#define CKM_DES3_ECB_ENCRYPT_DATA (0x1102UL)
+#define CKM_DES3_CBC_ENCRYPT_DATA (0x1103UL)
+#define CKM_AES_ECB_ENCRYPT_DATA (0x1104UL)
+#define CKM_AES_CBC_ENCRYPT_DATA (0x1105UL)
+#define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200UL)
+#define CKM_GOSTR3410 (0x1201UL)
+#define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202UL)
+#define CKM_GOSTR3410_KEY_WRAP (0x1203UL)
+#define CKM_GOSTR3410_DERIVE (0x1204UL)
+#define CKM_GOSTR3411 (0x1210UL)
+#define CKM_GOSTR3411_HMAC (0x1211UL)
+#define CKM_GOST28147_KEY_GEN (0x1220UL)
+#define CKM_GOST28147_ECB (0x1221UL)
+#define CKM_GOST28147 (0x1222UL)
+#define CKM_GOST28147_MAC (0x1223UL)
+#define CKM_GOST28147_KEY_WRAP (0x1224UL)
+#define CKM_DSA_PARAMETER_GEN (0x2000UL)
+#define CKM_DH_PKCS_PARAMETER_GEN (0x2001UL)
+#define CKM_X9_42_DH_PARAMETER_GEN (0x2002UL)
+#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN (0x2003UL)
+#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN (0x2004UL)
+#define CKM_AES_OFB (0x2104UL)
+#define CKM_AES_CFB64 (0x2105UL)
+#define CKM_AES_CFB8 (0x2106UL)
+#define CKM_AES_CFB128 (0x2107UL)
+#define CKM_AES_CFB1 (0x2108UL)
+
+#define CKM_VENDOR_DEFINED ((unsigned long) (1UL << 31))
+
+/* Ammendments */
+#define CKM_SHA224 (0x255UL)
+#define CKM_SHA224_HMAC (0x256UL)
+#define CKM_SHA224_HMAC_GENERAL (0x257UL)
+#define CKM_SHA224_RSA_PKCS (0x46UL)
+#define CKM_SHA224_RSA_PKCS_PSS (0x47UL)
+#define CKM_SHA224_KEY_DERIVATION (0x396UL)
+
+#define CKM_CAMELLIA_KEY_GEN (0x550UL)
+#define CKM_CAMELLIA_ECB (0x551UL)
+#define CKM_CAMELLIA_CBC (0x552UL)
+#define CKM_CAMELLIA_MAC (0x553UL)
+#define CKM_CAMELLIA_MAC_GENERAL (0x554UL)
+#define CKM_CAMELLIA_CBC_PAD (0x555UL)
+#define CKM_CAMELLIA_ECB_ENCRYPT_DATA (0x556UL)
+#define CKM_CAMELLIA_CBC_ENCRYPT_DATA (0x557UL)
+
+#define CKM_AES_KEY_WRAP (0x2109UL)
+#define CKM_AES_KEY_WRAP_PAD (0x210aUL)
+
+#define CKM_RSA_PKCS_TPM_1_1 (0x4001UL)
+#define CKM_RSA_PKCS_OAEP_TPM_1_1 (0x4002UL)
+
+/* From version 3.0 */
+#define CKM_EC_EDWARDS_KEY_PAIR_GEN (0x1055UL)
+#define CKM_EDDSA (0x1057UL)
+
+/* Attribute and other constants related to OTP */
+#define CK_OTP_FORMAT_DECIMAL (0UL)
+#define CK_OTP_FORMAT_HEXADECIMAL (1UL)
+#define CK_OTP_FORMAT_ALPHANUMERIC (2UL)
+#define CK_OTP_FORMAT_BINARY (3UL)
+#define CK_OTP_PARAM_IGNORED (0UL)
+#define CK_OTP_PARAM_OPTIONAL (1UL)
+#define CK_OTP_PARAM_MANDATORY (2UL)
+
+#define CK_OTP_VALUE (0UL)
+#define CK_OTP_PIN (1UL)
+#define CK_OTP_CHALLENGE (2UL)
+#define CK_OTP_TIME (3UL)
+#define CK_OTP_COUNTER (4UL)
+#define CK_OTP_FLAGS (5UL)
+#define CK_OTP_OUTPUT_LENGTH (6UL)
+#define CK_OTP_FORMAT (7UL)
+
+/* OTP mechanism flags */
+#define CKF_NEXT_OTP (0x01UL)
+#define CKF_EXCLUDE_TIME (0x02UL)
+#define CKF_EXCLUDE_COUNTER (0x04UL)
+#define CKF_EXCLUDE_CHALLENGE (0x08UL)
+#define CKF_EXCLUDE_PIN (0x10UL)
+#define CKF_USER_FRIENDLY_OTP (0x20UL)
+
+#define CKN_OTP_CHANGED (0x01UL)
+
+struct ck_mechanism
+{
+ ck_mechanism_type_t mechanism;
+ void *parameter;
+ unsigned long parameter_len;
+};
+
+
+struct ck_mechanism_info
+{
+ unsigned long min_key_size;
+ unsigned long max_key_size;
+ ck_flags_t flags;
+};
+
+typedef unsigned long ck_param_type;
+
+typedef struct ck_otp_param {
+ ck_param_type type;
+ void *value;
+ unsigned long value_len;
+} ck_otp_param;
+
+typedef struct ck_otp_params {
+ struct ck_otp_param *params;
+ unsigned long count;
+} ck_otp_params;
+
+typedef struct ck_otp_signature_info
+{
+ struct ck_otp_param *params;
+ unsigned long count;
+} ck_otp_signature_info;
+
+#define CKG_MGF1_SHA1 0x00000001UL
+#define CKG_MGF1_SHA224 0x00000005UL
+#define CKG_MGF1_SHA256 0x00000002UL
+#define CKG_MGF1_SHA384 0x00000003UL
+#define CKG_MGF1_SHA512 0x00000004UL
+
+typedef unsigned long ck_rsa_pkcs_mgf_type_t;
+
+struct ck_rsa_pkcs_pss_params {
+ ck_mechanism_type_t hash_alg;
+ ck_rsa_pkcs_mgf_type_t mgf;
+ unsigned long s_len;
+};
+
+typedef unsigned long ck_rsa_pkcs_oaep_source_type_t;
+
+struct ck_rsa_pkcs_oaep_params {
+ ck_mechanism_type_t hash_alg;
+ ck_rsa_pkcs_mgf_type_t mgf;
+ ck_rsa_pkcs_oaep_source_type_t source;
+ void *source_data;
+ unsigned long source_data_len;
+};
+
+struct ck_aes_ctr_params {
+ unsigned long counter_bits;
+ unsigned char cb[16];
+};
+
+struct ck_gcm_params {
+ unsigned char *iv_ptr;
+ unsigned long iv_len;
+ unsigned long iv_bits;
+ unsigned char *aad_ptr;
+ unsigned long aad_len;
+ unsigned long tag_bits;
+};
+
+
+/* The following EC Key Derivation Functions are defined */
+#define CKD_NULL (0x01UL)
+#define CKD_SHA1_KDF (0x02UL)
+
+/* The following X9.42 DH key derivation functions are defined */
+#define CKD_SHA1_KDF_ASN1 (0x03UL)
+#define CKD_SHA1_KDF_CONCATENATE (0x04UL)
+#define CKD_SHA224_KDF (0x05UL)
+#define CKD_SHA256_KDF (0x06UL)
+#define CKD_SHA384_KDF (0x07UL)
+#define CKD_SHA512_KDF (0x08UL)
+#define CKD_CPDIVERSIFY_KDF (0x09UL)
+
+typedef unsigned long ck_ec_kdf_t;
+
+struct ck_ecdh1_derive_params {
+ ck_ec_kdf_t kdf;
+ unsigned long shared_data_len;
+ unsigned char *shared_data;
+ unsigned long public_data_len;
+ unsigned char *public_data;
+};
+
+struct ck_key_derivation_string_data {
+ unsigned char *string_data;
+ unsigned long string_data_len;
+};
+
+struct ck_des_cbc_encrypt_data_params {
+ unsigned char iv[8];
+ unsigned char *data_params;
+ unsigned long length;
+};
+
+struct ck_aes_cbc_encrypt_data_params {
+ unsigned char iv[16];
+ unsigned char *data_params;
+ unsigned long length;
+};
+
+#define CKF_HW (1UL << 0)
+#define CKF_ENCRYPT (1UL << 8)
+#define CKF_DECRYPT (1UL << 9)
+#define CKF_DIGEST (1UL << 10)
+#define CKF_SIGN (1UL << 11)
+#define CKF_SIGN_RECOVER (1UL << 12)
+#define CKF_VERIFY (1UL << 13)
+#define CKF_VERIFY_RECOVER (1UL << 14)
+#define CKF_GENERATE (1UL << 15)
+#define CKF_GENERATE_KEY_PAIR (1UL << 16)
+#define CKF_WRAP (1UL << 17)
+#define CKF_UNWRAP (1UL << 18)
+#define CKF_DERIVE (1UL << 19)
+#define CKF_EXTENSION ((unsigned long) (1UL << 31))
+
+#define CKF_EC_F_P (1UL << 20)
+#define CKF_EC_NAMEDCURVE (1UL << 23)
+#define CKF_EC_UNCOMPRESS (1UL << 24)
+#define CKF_EC_COMPRESS (1UL << 25)
+
+
+/* Flags for C_WaitForSlotEvent. */
+#define CKF_DONT_BLOCK (1UL)
+
+
+typedef unsigned long ck_rv_t;
+
+
+typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session,
+ ck_notification_t event, void *application);
+
+/* Forward reference. */
+struct ck_function_list;
+
+#define _CK_DECLARE_FUNCTION(name, args) \
+typedef ck_rv_t (*CK_ ## name) args; \
+ck_rv_t CK_SPEC name args
+
+_CK_DECLARE_FUNCTION (C_Initialize, (void *init_args));
+_CK_DECLARE_FUNCTION (C_Finalize, (void *reserved));
+_CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info));
+_CK_DECLARE_FUNCTION (C_GetFunctionList,
+ (struct ck_function_list **function_list));
+
+_CK_DECLARE_FUNCTION (C_GetSlotList,
+ (unsigned char token_present, ck_slot_id_t *slot_list,
+ unsigned long *count));
+_CK_DECLARE_FUNCTION (C_GetSlotInfo,
+ (ck_slot_id_t slot_id, struct ck_slot_info *info));
+_CK_DECLARE_FUNCTION (C_GetTokenInfo,
+ (ck_slot_id_t slot_id, struct ck_token_info *info));
+_CK_DECLARE_FUNCTION (C_WaitForSlotEvent,
+ (ck_flags_t flags, ck_slot_id_t *slot, void *reserved));
+_CK_DECLARE_FUNCTION (C_GetMechanismList,
+ (ck_slot_id_t slot_id,
+ ck_mechanism_type_t *mechanism_list,
+ unsigned long *count));
+_CK_DECLARE_FUNCTION (C_GetMechanismInfo,
+ (ck_slot_id_t slot_id, ck_mechanism_type_t type,
+ struct ck_mechanism_info *info));
+_CK_DECLARE_FUNCTION (C_InitToken,
+ (ck_slot_id_t slot_id, unsigned char *pin,
+ unsigned long pin_len, unsigned char *label));
+_CK_DECLARE_FUNCTION (C_InitPIN,
+ (ck_session_handle_t session, unsigned char *pin,
+ unsigned long pin_len));
+_CK_DECLARE_FUNCTION (C_SetPIN,
+ (ck_session_handle_t session, unsigned char *old_pin,
+ unsigned long old_len, unsigned char *new_pin,
+ unsigned long new_len));
+
+_CK_DECLARE_FUNCTION (C_OpenSession,
+ (ck_slot_id_t slot_id, ck_flags_t flags,
+ void *application, ck_notify_t notify,
+ ck_session_handle_t *session));
+_CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session));
+_CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id));
+_CK_DECLARE_FUNCTION (C_GetSessionInfo,
+ (ck_session_handle_t session,
+ struct ck_session_info *info));
+_CK_DECLARE_FUNCTION (C_GetOperationState,
+ (ck_session_handle_t session,
+ unsigned char *operation_state,
+ unsigned long *operation_state_len));
+_CK_DECLARE_FUNCTION (C_SetOperationState,
+ (ck_session_handle_t session,
+ unsigned char *operation_state,
+ unsigned long operation_state_len,
+ ck_object_handle_t encryption_key,
+ ck_object_handle_t authentiation_key));
+_CK_DECLARE_FUNCTION (C_Login,
+ (ck_session_handle_t session, ck_user_type_t user_type,
+ unsigned char *pin, unsigned long pin_len));
+_CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session));
+
+_CK_DECLARE_FUNCTION (C_CreateObject,
+ (ck_session_handle_t session,
+ struct ck_attribute *templ,
+ unsigned long count, ck_object_handle_t *object));
+_CK_DECLARE_FUNCTION (C_CopyObject,
+ (ck_session_handle_t session, ck_object_handle_t object,
+ struct ck_attribute *templ, unsigned long count,
+ ck_object_handle_t *new_object));
+_CK_DECLARE_FUNCTION (C_DestroyObject,
+ (ck_session_handle_t session,
+ ck_object_handle_t object));
+_CK_DECLARE_FUNCTION (C_GetObjectSize,
+ (ck_session_handle_t session,
+ ck_object_handle_t object,
+ unsigned long *size));
+_CK_DECLARE_FUNCTION (C_GetAttributeValue,
+ (ck_session_handle_t session,
+ ck_object_handle_t object,
+ struct ck_attribute *templ,
+ unsigned long count));
+_CK_DECLARE_FUNCTION (C_SetAttributeValue,
+ (ck_session_handle_t session,
+ ck_object_handle_t object,
+ struct ck_attribute *templ,
+ unsigned long count));
+_CK_DECLARE_FUNCTION (C_FindObjectsInit,
+ (ck_session_handle_t session,
+ struct ck_attribute *templ,
+ unsigned long count));
+_CK_DECLARE_FUNCTION (C_FindObjects,
+ (ck_session_handle_t session,
+ ck_object_handle_t *object,
+ unsigned long max_object_count,
+ unsigned long *object_count));
+_CK_DECLARE_FUNCTION (C_FindObjectsFinal,
+ (ck_session_handle_t session));
+
+_CK_DECLARE_FUNCTION (C_EncryptInit,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t key));
+_CK_DECLARE_FUNCTION (C_Encrypt,
+ (ck_session_handle_t session,
+ unsigned char *data, unsigned long data_len,
+ unsigned char *encrypted_data,
+ unsigned long *encrypted_data_len));
+_CK_DECLARE_FUNCTION (C_EncryptUpdate,
+ (ck_session_handle_t session,
+ unsigned char *part, unsigned long part_len,
+ unsigned char *encrypted_part,
+ unsigned long *encrypted_part_len));
+_CK_DECLARE_FUNCTION (C_EncryptFinal,
+ (ck_session_handle_t session,
+ unsigned char *last_encrypted_part,
+ unsigned long *last_encrypted_part_len));
+
+_CK_DECLARE_FUNCTION (C_DecryptInit,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t key));
+_CK_DECLARE_FUNCTION (C_Decrypt,
+ (ck_session_handle_t session,
+ unsigned char *encrypted_data,
+ unsigned long encrypted_data_len,
+ unsigned char *data, unsigned long *data_len));
+_CK_DECLARE_FUNCTION (C_DecryptUpdate,
+ (ck_session_handle_t session,
+ unsigned char *encrypted_part,
+ unsigned long encrypted_part_len,
+ unsigned char *part, unsigned long *part_len));
+_CK_DECLARE_FUNCTION (C_DecryptFinal,
+ (ck_session_handle_t session,
+ unsigned char *last_part,
+ unsigned long *last_part_len));
+
+_CK_DECLARE_FUNCTION (C_DigestInit,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism));
+_CK_DECLARE_FUNCTION (C_Digest,
+ (ck_session_handle_t session,
+ unsigned char *data, unsigned long data_len,
+ unsigned char *digest,
+ unsigned long *digest_len));
+_CK_DECLARE_FUNCTION (C_DigestUpdate,
+ (ck_session_handle_t session,
+ unsigned char *part, unsigned long part_len));
+_CK_DECLARE_FUNCTION (C_DigestKey,
+ (ck_session_handle_t session, ck_object_handle_t key));
+_CK_DECLARE_FUNCTION (C_DigestFinal,
+ (ck_session_handle_t session,
+ unsigned char *digest,
+ unsigned long *digest_len));
+
+_CK_DECLARE_FUNCTION (C_SignInit,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t key));
+_CK_DECLARE_FUNCTION (C_Sign,
+ (ck_session_handle_t session,
+ unsigned char *data, unsigned long data_len,
+ unsigned char *signature,
+ unsigned long *signature_len));
+_CK_DECLARE_FUNCTION (C_SignUpdate,
+ (ck_session_handle_t session,
+ unsigned char *part, unsigned long part_len));
+_CK_DECLARE_FUNCTION (C_SignFinal,
+ (ck_session_handle_t session,
+ unsigned char *signature,
+ unsigned long *signature_len));
+_CK_DECLARE_FUNCTION (C_SignRecoverInit,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t key));
+_CK_DECLARE_FUNCTION (C_SignRecover,
+ (ck_session_handle_t session,
+ unsigned char *data, unsigned long data_len,
+ unsigned char *signature,
+ unsigned long *signature_len));
+
+_CK_DECLARE_FUNCTION (C_VerifyInit,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t key));
+_CK_DECLARE_FUNCTION (C_Verify,
+ (ck_session_handle_t session,
+ unsigned char *data, unsigned long data_len,
+ unsigned char *signature,
+ unsigned long signature_len));
+_CK_DECLARE_FUNCTION (C_VerifyUpdate,
+ (ck_session_handle_t session,
+ unsigned char *part, unsigned long part_len));
+_CK_DECLARE_FUNCTION (C_VerifyFinal,
+ (ck_session_handle_t session,
+ unsigned char *signature,
+ unsigned long signature_len));
+_CK_DECLARE_FUNCTION (C_VerifyRecoverInit,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t key));
+_CK_DECLARE_FUNCTION (C_VerifyRecover,
+ (ck_session_handle_t session,
+ unsigned char *signature,
+ unsigned long signature_len,
+ unsigned char *data,
+ unsigned long *data_len));
+
+_CK_DECLARE_FUNCTION (C_DigestEncryptUpdate,
+ (ck_session_handle_t session,
+ unsigned char *part, unsigned long part_len,
+ unsigned char *encrypted_part,
+ unsigned long *encrypted_part_len));
+_CK_DECLARE_FUNCTION (C_DecryptDigestUpdate,
+ (ck_session_handle_t session,
+ unsigned char *encrypted_part,
+ unsigned long encrypted_part_len,
+ unsigned char *part,
+ unsigned long *part_len));
+_CK_DECLARE_FUNCTION (C_SignEncryptUpdate,
+ (ck_session_handle_t session,
+ unsigned char *part, unsigned long part_len,
+ unsigned char *encrypted_part,
+ unsigned long *encrypted_part_len));
+_CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate,
+ (ck_session_handle_t session,
+ unsigned char *encrypted_part,
+ unsigned long encrypted_part_len,
+ unsigned char *part,
+ unsigned long *part_len));
+
+_CK_DECLARE_FUNCTION (C_GenerateKey,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ struct ck_attribute *templ,
+ unsigned long count,
+ ck_object_handle_t *key));
+_CK_DECLARE_FUNCTION (C_GenerateKeyPair,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ struct ck_attribute *public_key_template,
+ unsigned long public_key_attribute_count,
+ struct ck_attribute *private_key_template,
+ unsigned long private_key_attribute_count,
+ ck_object_handle_t *public_key,
+ ck_object_handle_t *private_key));
+_CK_DECLARE_FUNCTION (C_WrapKey,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t wrapping_key,
+ ck_object_handle_t key,
+ unsigned char *wrapped_key,
+ unsigned long *wrapped_key_len));
+_CK_DECLARE_FUNCTION (C_UnwrapKey,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t unwrapping_key,
+ unsigned char *wrapped_key,
+ unsigned long wrapped_key_len,
+ struct ck_attribute *templ,
+ unsigned long attribute_count,
+ ck_object_handle_t *key));
+_CK_DECLARE_FUNCTION (C_DeriveKey,
+ (ck_session_handle_t session,
+ struct ck_mechanism *mechanism,
+ ck_object_handle_t base_key,
+ struct ck_attribute *templ,
+ unsigned long attribute_count,
+ ck_object_handle_t *key));
+
+_CK_DECLARE_FUNCTION (C_SeedRandom,
+ (ck_session_handle_t session, unsigned char *seed,
+ unsigned long seed_len));
+_CK_DECLARE_FUNCTION (C_GenerateRandom,
+ (ck_session_handle_t session,
+ unsigned char *random_data,
+ unsigned long random_len));
+
+_CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session));
+_CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session));
+
+
+struct ck_function_list
+{
+ struct ck_version version;
+ CK_C_Initialize C_Initialize;
+ CK_C_Finalize C_Finalize;
+ CK_C_GetInfo C_GetInfo;
+ CK_C_GetFunctionList C_GetFunctionList;
+ CK_C_GetSlotList C_GetSlotList;
+ CK_C_GetSlotInfo C_GetSlotInfo;
+ CK_C_GetTokenInfo C_GetTokenInfo;
+ CK_C_GetMechanismList C_GetMechanismList;
+ CK_C_GetMechanismInfo C_GetMechanismInfo;
+ CK_C_InitToken C_InitToken;
+ CK_C_InitPIN C_InitPIN;
+ CK_C_SetPIN C_SetPIN;
+ CK_C_OpenSession C_OpenSession;
+ CK_C_CloseSession C_CloseSession;
+ CK_C_CloseAllSessions C_CloseAllSessions;
+ CK_C_GetSessionInfo C_GetSessionInfo;
+ CK_C_GetOperationState C_GetOperationState;
+ CK_C_SetOperationState C_SetOperationState;
+ CK_C_Login C_Login;
+ CK_C_Logout C_Logout;
+ CK_C_CreateObject C_CreateObject;
+ CK_C_CopyObject C_CopyObject;
+ CK_C_DestroyObject C_DestroyObject;
+ CK_C_GetObjectSize C_GetObjectSize;
+ CK_C_GetAttributeValue C_GetAttributeValue;
+ CK_C_SetAttributeValue C_SetAttributeValue;
+ CK_C_FindObjectsInit C_FindObjectsInit;
+ CK_C_FindObjects C_FindObjects;
+ CK_C_FindObjectsFinal C_FindObjectsFinal;
+ CK_C_EncryptInit C_EncryptInit;
+ CK_C_Encrypt C_Encrypt;
+ CK_C_EncryptUpdate C_EncryptUpdate;
+ CK_C_EncryptFinal C_EncryptFinal;
+ CK_C_DecryptInit C_DecryptInit;
+ CK_C_Decrypt C_Decrypt;
+ CK_C_DecryptUpdate C_DecryptUpdate;
+ CK_C_DecryptFinal C_DecryptFinal;
+ CK_C_DigestInit C_DigestInit;
+ CK_C_Digest C_Digest;
+ CK_C_DigestUpdate C_DigestUpdate;
+ CK_C_DigestKey C_DigestKey;
+ CK_C_DigestFinal C_DigestFinal;
+ CK_C_SignInit C_SignInit;
+ CK_C_Sign C_Sign;
+ CK_C_SignUpdate C_SignUpdate;
+ CK_C_SignFinal C_SignFinal;
+ CK_C_SignRecoverInit C_SignRecoverInit;
+ CK_C_SignRecover C_SignRecover;
+ CK_C_VerifyInit C_VerifyInit;
+ CK_C_Verify C_Verify;
+ CK_C_VerifyUpdate C_VerifyUpdate;
+ CK_C_VerifyFinal C_VerifyFinal;
+ CK_C_VerifyRecoverInit C_VerifyRecoverInit;
+ CK_C_VerifyRecover C_VerifyRecover;
+ CK_C_DigestEncryptUpdate C_DigestEncryptUpdate;
+ CK_C_DecryptDigestUpdate C_DecryptDigestUpdate;
+ CK_C_SignEncryptUpdate C_SignEncryptUpdate;
+ CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate;
+ CK_C_GenerateKey C_GenerateKey;
+ CK_C_GenerateKeyPair C_GenerateKeyPair;
+ CK_C_WrapKey C_WrapKey;
+ CK_C_UnwrapKey C_UnwrapKey;
+ CK_C_DeriveKey C_DeriveKey;
+ CK_C_SeedRandom C_SeedRandom;
+ CK_C_GenerateRandom C_GenerateRandom;
+ CK_C_GetFunctionStatus C_GetFunctionStatus;
+ CK_C_CancelFunction C_CancelFunction;
+ CK_C_WaitForSlotEvent C_WaitForSlotEvent;
+};
+
+
+typedef ck_rv_t (*ck_createmutex_t) (void **mutex);
+typedef ck_rv_t (*ck_destroymutex_t) (void *mutex);
+typedef ck_rv_t (*ck_lockmutex_t) (void *mutex);
+typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex);
+
+
+struct ck_c_initialize_args
+{
+ ck_createmutex_t create_mutex;
+ ck_destroymutex_t destroy_mutex;
+ ck_lockmutex_t lock_mutex;
+ ck_unlockmutex_t unlock_mutex;
+ ck_flags_t flags;
+ void *reserved;
+};
+
+
+#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1UL << 0)
+#define CKF_OS_LOCKING_OK (1UL << 1)
+
+#define CKR_OK (0UL)
+#define CKR_CANCEL (1UL)
+#define CKR_HOST_MEMORY (2UL)
+#define CKR_SLOT_ID_INVALID (3UL)
+#define CKR_GENERAL_ERROR (5UL)
+#define CKR_FUNCTION_FAILED (6UL)
+#define CKR_ARGUMENTS_BAD (7UL)
+#define CKR_NO_EVENT (8UL)
+#define CKR_NEED_TO_CREATE_THREADS (9UL)
+#define CKR_CANT_LOCK (0xaUL)
+#define CKR_ATTRIBUTE_READ_ONLY (0x10UL)
+#define CKR_ATTRIBUTE_SENSITIVE (0x11UL)
+#define CKR_ATTRIBUTE_TYPE_INVALID (0x12UL)
+#define CKR_ATTRIBUTE_VALUE_INVALID (0x13UL)
+#define CKR_ACTION_PROHIBITED (0x1BUL)
+#define CKR_DATA_INVALID (0x20UL)
+#define CKR_DATA_LEN_RANGE (0x21UL)
+#define CKR_DEVICE_ERROR (0x30UL)
+#define CKR_DEVICE_MEMORY (0x31UL)
+#define CKR_DEVICE_REMOVED (0x32UL)
+#define CKR_ENCRYPTED_DATA_INVALID (0x40UL)
+#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41UL)
+#define CKR_FUNCTION_CANCELED (0x50UL)
+#define CKR_FUNCTION_NOT_PARALLEL (0x51UL)
+#define CKR_FUNCTION_NOT_SUPPORTED (0x54UL)
+#define CKR_KEY_HANDLE_INVALID (0x60UL)
+#define CKR_KEY_SIZE_RANGE (0x62UL)
+#define CKR_KEY_TYPE_INCONSISTENT (0x63UL)
+#define CKR_KEY_NOT_NEEDED (0x64UL)
+#define CKR_KEY_CHANGED (0x65UL)
+#define CKR_KEY_NEEDED (0x66UL)
+#define CKR_KEY_INDIGESTIBLE (0x67UL)
+#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68UL)
+#define CKR_KEY_NOT_WRAPPABLE (0x69UL)
+#define CKR_KEY_UNEXTRACTABLE (0x6aUL)
+#define CKR_MECHANISM_INVALID (0x70UL)
+#define CKR_MECHANISM_PARAM_INVALID (0x71UL)
+#define CKR_OBJECT_HANDLE_INVALID (0x82UL)
+#define CKR_OPERATION_ACTIVE (0x90UL)
+#define CKR_OPERATION_NOT_INITIALIZED (0x91UL)
+#define CKR_PIN_INCORRECT (0xa0UL)
+#define CKR_PIN_INVALID (0xa1UL)
+#define CKR_PIN_LEN_RANGE (0xa2UL)
+#define CKR_PIN_EXPIRED (0xa3UL)
+#define CKR_PIN_LOCKED (0xa4UL)
+#define CKR_SESSION_CLOSED (0xb0UL)
+#define CKR_SESSION_COUNT (0xb1UL)
+#define CKR_SESSION_HANDLE_INVALID (0xb3UL)
+#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4UL)
+#define CKR_SESSION_READ_ONLY (0xb5UL)
+#define CKR_SESSION_EXISTS (0xb6UL)
+#define CKR_SESSION_READ_ONLY_EXISTS (0xb7UL)
+#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8UL)
+#define CKR_SIGNATURE_INVALID (0xc0UL)
+#define CKR_SIGNATURE_LEN_RANGE (0xc1UL)
+#define CKR_TEMPLATE_INCOMPLETE (0xd0UL)
+#define CKR_TEMPLATE_INCONSISTENT (0xd1UL)
+#define CKR_TOKEN_NOT_PRESENT (0xe0UL)
+#define CKR_TOKEN_NOT_RECOGNIZED (0xe1UL)
+#define CKR_TOKEN_WRITE_PROTECTED (0xe2UL)
+#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0UL)
+#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1UL)
+#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2UL)
+#define CKR_USER_ALREADY_LOGGED_IN (0x100UL)
+#define CKR_USER_NOT_LOGGED_IN (0x101UL)
+#define CKR_USER_PIN_NOT_INITIALIZED (0x102UL)
+#define CKR_USER_TYPE_INVALID (0x103UL)
+#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104UL)
+#define CKR_USER_TOO_MANY_TYPES (0x105UL)
+#define CKR_WRAPPED_KEY_INVALID (0x110UL)
+#define CKR_WRAPPED_KEY_LEN_RANGE (0x112UL)
+#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113UL)
+#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114UL)
+#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115UL)
+#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120UL)
+#define CKR_RANDOM_NO_RNG (0x121UL)
+#define CKR_DOMAIN_PARAMS_INVALID (0x130UL)
+#define CKR_BUFFER_TOO_SMALL (0x150UL)
+#define CKR_SAVED_STATE_INVALID (0x160UL)
+#define CKR_INFORMATION_SENSITIVE (0x170UL)
+#define CKR_STATE_UNSAVEABLE (0x180UL)
+#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190UL)
+#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191UL)
+#define CKR_MUTEX_BAD (0x1a0UL)
+#define CKR_MUTEX_NOT_LOCKED (0x1a1UL)
+#define CKR_NEW_PIN_MODE (0x1b0UL)
+#define CKR_NEXT_OTP (0x1b1UL)
+#define CKR_EXCEEDED_MAX_ITERATIONS (0x1c0UL)
+#define CKR_FIPS_SELF_TEST_FAILED (0x1c1UL)
+#define CKR_LIBRARY_LOAD_FAILED (0x1c2UL)
+#define CKR_PIN_TOO_WEAK (0x1c3UL)
+#define CKR_PUBLIC_KEY_INVALID (0x1c4UL)
+#define CKR_FUNCTION_REJECTED (0x200UL)
+#define CKR_VENDOR_DEFINED ((unsigned long) (1UL << 31))
+
+
+#define CKZ_DATA_SPECIFIED (0x01UL)
+
+
+
+/* Compatibility layer. */
+
+#ifdef CRYPTOKI_COMPAT
+
+#undef CK_DEFINE_FUNCTION
+#define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name
+
+/* For NULL. */
+#include <stddef.h>
+
+typedef unsigned char CK_BYTE;
+typedef unsigned char CK_CHAR;
+typedef unsigned char CK_UTF8CHAR;
+typedef unsigned char CK_BBOOL;
+typedef unsigned long int CK_ULONG;
+typedef long int CK_LONG;
+typedef CK_BYTE *CK_BYTE_PTR;
+typedef CK_CHAR *CK_CHAR_PTR;
+typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR;
+typedef CK_ULONG *CK_ULONG_PTR;
+typedef void *CK_VOID_PTR;
+typedef void **CK_VOID_PTR_PTR;
+#define CK_FALSE 0
+#define CK_TRUE 1
+#ifndef CK_DISABLE_TRUE_FALSE
+#ifndef FALSE
+#define FALSE 0
+#endif
+#ifndef TRUE
+#define TRUE 1
+#endif
+#endif
+
+typedef struct ck_version CK_VERSION;
+typedef struct ck_version *CK_VERSION_PTR;
+
+typedef struct ck_info CK_INFO;
+typedef struct ck_info *CK_INFO_PTR;
+
+typedef ck_slot_id_t *CK_SLOT_ID_PTR;
+
+typedef struct ck_slot_info CK_SLOT_INFO;
+typedef struct ck_slot_info *CK_SLOT_INFO_PTR;
+
+typedef struct ck_token_info CK_TOKEN_INFO;
+typedef struct ck_token_info *CK_TOKEN_INFO_PTR;
+
+typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR;
+
+typedef struct ck_session_info CK_SESSION_INFO;
+typedef struct ck_session_info *CK_SESSION_INFO_PTR;
+
+typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR;
+
+typedef ck_object_class_t *CK_OBJECT_CLASS_PTR;
+
+typedef struct ck_attribute CK_ATTRIBUTE;
+typedef struct ck_attribute *CK_ATTRIBUTE_PTR;
+
+typedef struct ck_date CK_DATE;
+typedef struct ck_date *CK_DATE_PTR;
+
+typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR;
+
+typedef struct ck_mechanism CK_MECHANISM;
+typedef struct ck_mechanism *CK_MECHANISM_PTR;
+
+typedef struct ck_mechanism_info CK_MECHANISM_INFO;
+typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR;
+
+typedef struct ck_otp_mechanism_info CK_OTP_MECHANISM_INFO;
+typedef struct ck_otp_mechanism_info *CK_OTP_MECHANISM_INFO_PTR;
+
+typedef struct ck_function_list CK_FUNCTION_LIST;
+typedef struct ck_function_list *CK_FUNCTION_LIST_PTR;
+typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR;
+
+typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS;
+typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR;
+
+typedef struct ck_rsa_pkcs_pss_params CK_RSA_PKCS_PSS_PARAMS;
+typedef struct ck_rsa_pkcs_pss_params *CK_RSA_PKCS_PSS_PARAMS_PTR;
+
+typedef struct ck_rsa_pkcs_oaep_params CK_RSA_PKCS_OAEP_PARAMS;
+typedef struct ck_rsa_pkcs_oaep_params *CK_RSA_PKCS_OAEP_PARAMS_PTR;
+
+typedef struct ck_aes_ctr_params CK_AES_CTR_PARAMS;
+typedef struct ck_aes_ctr_params *CK_AES_CTR_PARAMS_PTR;
+
+typedef struct ck_gcm_params CK_GCM_PARAMS;
+typedef struct ck_gcm_params *CK_GCM_PARAMS_PTR;
+
+typedef struct ck_ecdh1_derive_params CK_ECDH1_DERIVE_PARAMS;
+typedef struct ck_ecdh1_derive_params *CK_ECDH1_DERIVE_PARAMS_PTR;
+
+typedef struct ck_key_derivation_string_data CK_KEY_DERIVATION_STRING_DATA;
+typedef struct ck_key_derivation_string_data *CK_KEY_DERIVATION_STRING_DATA_PTR;
+
+typedef struct ck_des_cbc_encrypt_data_params CK_DES_CBC_ENCRYPT_DATA_PARAMS;
+typedef struct ck_des_cbc_encrypt_data_params *CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR;
+
+typedef struct ck_aes_cbc_encrypt_data_params CK_AES_CBC_ENCRYPT_DATA_PARAMS;
+typedef struct ck_aes_cbc_encrypt_data_params *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;
+
+#ifndef NULL_PTR
+#define NULL_PTR NULL
#endif
-#endif /* _PKCS11_H_ */
+/* Delete the helper macros defined at the top of the file. */
+#undef ck_flags_t
+#undef ck_version
+
+#undef ck_info
+#undef cryptoki_version
+#undef manufacturer_id
+#undef library_description
+#undef library_version
+
+#undef ck_notification_t
+#undef ck_slot_id_t
+
+#undef ck_slot_info
+#undef slot_description
+#undef hardware_version
+#undef firmware_version
+
+#undef ck_token_info
+#undef serial_number
+#undef max_session_count
+#undef session_count
+#undef max_rw_session_count
+#undef rw_session_count
+#undef max_pin_len
+#undef min_pin_len
+#undef total_public_memory
+#undef free_public_memory
+#undef total_private_memory
+#undef free_private_memory
+#undef utc_time
+
+#undef ck_session_handle_t
+#undef ck_user_type_t
+#undef ck_state_t
+
+#undef ck_session_info
+#undef slot_id
+#undef device_error
+
+#undef ck_object_handle_t
+#undef ck_object_class_t
+#undef ck_hw_feature_type_t
+#undef ck_key_type_t
+#undef ck_certificate_type_t
+#undef ck_attribute_type_t
+
+#undef ck_attribute
+#undef value
+#undef value_len
+
+#undef params
+#undef count
+
+#undef ck_date
+
+#undef ck_mechanism_type_t
+
+#undef ck_mechanism
+#undef parameter
+#undef parameter_len
+
+#undef ck_mechanism_info
+
+#undef ck_param_type
+#undef ck_otp_param
+#undef ck_otp_params
+#undef ck_otp_signature_info
+
+#undef min_key_size
+#undef max_key_size
+
+#undef ck_rv_t
+#undef ck_notify_t
+
+#undef ck_function_list
+
+#undef ck_createmutex_t
+#undef ck_destroymutex_t
+#undef ck_lockmutex_t
+#undef ck_unlockmutex_t
+
+#undef ck_c_initialize_args
+#undef create_mutex
+#undef destroy_mutex
+#undef lock_mutex
+#undef unlock_mutex
+#undef reserved
+
+#endif /* CRYPTOKI_COMPAT */
+
+
+/* System dependencies. */
+#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32)
+#pragma pack(pop, cryptoki)
+#endif
+
+#if defined(__cplusplus)
+}
+#endif
+#endif /* PKCS11_H */
diff --git a/src/lib/pkcs11/pkcs11f.h b/src/lib/pkcs11/pkcs11f.h
deleted file mode 100644
index ed90aff..0000000
--- a/src/lib/pkcs11/pkcs11f.h
+++ /dev/null
@@ -1,939 +0,0 @@
-/* Copyright (c) OASIS Open 2016. All Rights Reserved./
- * /Distributed under the terms of the OASIS IPR Policy,
- * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
- * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
- * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
- */
-
-/* Latest version of the specification:
- * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
- */
-
-/* This header file contains pretty much everything about all the
- * Cryptoki function prototypes. Because this information is
- * used for more than just declaring function prototypes, the
- * order of the functions appearing herein is important, and
- * should not be altered.
- */
-
-/* General-purpose */
-
-/* C_Initialize initializes the Cryptoki library. */
-CK_PKCS11_FUNCTION_INFO(C_Initialize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
- * cast to CK_C_INITIALIZE_ARGS_PTR
- * and dereferenced
- */
-);
-#endif
-
-
-/* C_Finalize indicates that an application is done with the
- * Cryptoki library.
- */
-CK_PKCS11_FUNCTION_INFO(C_Finalize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
-);
-#endif
-
-
-/* C_GetInfo returns general information about Cryptoki. */
-CK_PKCS11_FUNCTION_INFO(C_GetInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_INFO_PTR pInfo /* location that receives information */
-);
-#endif
-
-
-/* C_GetFunctionList returns the function list. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
- * function list
- */
-);
-#endif
-
-
-
-/* Slot and token management */
-
-/* C_GetSlotList obtains a list of slots in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_BBOOL tokenPresent, /* only slots with tokens */
- CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
- CK_ULONG_PTR pulCount /* receives number of slots */
-);
-#endif
-
-
-/* C_GetSlotInfo obtains information about a particular slot in
- * the system.
- */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the ID of the slot */
- CK_SLOT_INFO_PTR pInfo /* receives the slot information */
-);
-#endif
-
-
-/* C_GetTokenInfo obtains information about a particular token
- * in the system.
- */
-CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_TOKEN_INFO_PTR pInfo /* receives the token information */
-);
-#endif
-
-
-/* C_GetMechanismList obtains a list of mechanism types
- * supported by a token.
- */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of token's slot */
- CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
- CK_ULONG_PTR pulCount /* gets # of mechs. */
-);
-#endif
-
-
-/* C_GetMechanismInfo obtains information about a particular
- * mechanism possibly supported by a token.
- */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_MECHANISM_TYPE type, /* type of mechanism */
- CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
-);
-#endif
-
-
-/* C_InitToken initializes a token. */
-CK_PKCS11_FUNCTION_INFO(C_InitToken)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
- CK_ULONG ulPinLen, /* length in bytes of the PIN */
- CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
-);
-#endif
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-CK_PKCS11_FUNCTION_INFO(C_InitPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
- CK_ULONG ulPinLen /* length in bytes of the PIN */
-);
-#endif
-
-
-/* C_SetPIN modifies the PIN of the user who is logged in. */
-CK_PKCS11_FUNCTION_INFO(C_SetPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
- CK_ULONG ulOldLen, /* length of the old PIN */
- CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
- CK_ULONG ulNewLen /* length of the new PIN */
-);
-#endif
-
-
-
-/* Session management */
-
-/* C_OpenSession opens a session between an application and a
- * token.
- */
-CK_PKCS11_FUNCTION_INFO(C_OpenSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the slot's ID */
- CK_FLAGS flags, /* from CK_SESSION_INFO */
- CK_VOID_PTR pApplication, /* passed to callback */
- CK_NOTIFY Notify, /* callback function */
- CK_SESSION_HANDLE_PTR phSession /* gets session handle */
-);
-#endif
-
-
-/* C_CloseSession closes a session between an application and a
- * token.
- */
-CK_PKCS11_FUNCTION_INFO(C_CloseSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID /* the token's slot */
-);
-#endif
-
-
-/* C_GetSessionInfo obtains information about the session. */
-CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_SESSION_INFO_PTR pInfo /* receives session info */
-);
-#endif
-
-
-/* C_GetOperationState obtains the state of the cryptographic operation
- * in a session.
- */
-CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pOperationState, /* gets state */
- CK_ULONG_PTR pulOperationStateLen /* gets state length */
-);
-#endif
-
-
-/* C_SetOperationState restores the state of the cryptographic
- * operation in a session.
- */
-CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pOperationState, /* holds state */
- CK_ULONG ulOperationStateLen, /* holds state length */
- CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
- CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
-);
-#endif
-
-
-/* C_Login logs a user into a token. */
-CK_PKCS11_FUNCTION_INFO(C_Login)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_USER_TYPE userType, /* the user type */
- CK_UTF8CHAR_PTR pPin, /* the user's PIN */
- CK_ULONG ulPinLen /* the length of the PIN */
-);
-#endif
-
-
-/* C_Logout logs a user out from a token. */
-CK_PKCS11_FUNCTION_INFO(C_Logout)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Object management */
-
-/* C_CreateObject creates a new object. */
-CK_PKCS11_FUNCTION_INFO(C_CreateObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
-);
-#endif
-
-
-/* C_CopyObject copies an object, creating a new object for the
- * copy.
- */
-CK_PKCS11_FUNCTION_INFO(C_CopyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
-);
-#endif
-
-
-/* C_DestroyObject destroys an object. */
-CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject /* the object's handle */
-);
-#endif
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ULONG_PTR pulSize /* receives size of object */
-);
-#endif
-
-
-/* C_GetAttributeValue obtains the value of one or more object
- * attributes.
- */
-CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_SetAttributeValue modifies the value of one or more object
- * attributes.
- */
-CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_FindObjectsInit initializes a search for token and session
- * objects that match a template.
- */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
- CK_ULONG ulCount /* attrs in search template */
-);
-#endif
-
-
-/* C_FindObjects continues a search for token and session
- * objects that match a template, obtaining additional object
- * handles.
- */
-CK_PKCS11_FUNCTION_INFO(C_FindObjects)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
- CK_ULONG ulMaxObjectCount, /* max handles to get */
- CK_ULONG_PTR pulObjectCount /* actual # returned */
-);
-#endif
-
-
-/* C_FindObjectsFinal finishes a search for token and session
- * objects.
- */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Encryption and decryption */
-
-/* C_EncryptInit initializes an encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of encryption key */
-);
-#endif
-
-
-/* C_Encrypt encrypts single-part data. */
-CK_PKCS11_FUNCTION_INFO(C_Encrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pData, /* the plaintext data */
- CK_ULONG ulDataLen, /* bytes of plaintext */
- CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptUpdate continues a multiple-part encryption
- * operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext data len */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptFinal finishes a multiple-part encryption
- * operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session handle */
- CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
- CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
-);
-#endif
-
-
-/* C_DecryptInit initializes a decryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of decryption key */
-);
-#endif
-
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Decrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedData, /* ciphertext */
- CK_ULONG ulEncryptedDataLen, /* ciphertext length */
- CK_BYTE_PTR pData, /* gets plaintext */
- CK_ULONG_PTR pulDataLen /* gets p-text size */
-);
-#endif
-
-
-/* C_DecryptUpdate continues a multiple-part decryption
- * operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* encrypted data */
- CK_ULONG ulEncryptedPartLen, /* input length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* p-text size */
-);
-#endif
-
-
-/* C_DecryptFinal finishes a multiple-part decryption
- * operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pLastPart, /* gets plaintext */
- CK_ULONG_PTR pulLastPartLen /* p-text size */
-);
-#endif
-
-
-
-/* Message digesting */
-
-/* C_DigestInit initializes a message-digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
-);
-#endif
-
-
-/* C_Digest digests data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Digest)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* data to be digested */
- CK_ULONG ulDataLen, /* bytes of data to digest */
- CK_BYTE_PTR pDigest, /* gets the message digest */
- CK_ULONG_PTR pulDigestLen /* gets digest length */
-);
-#endif
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting
- * operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* data to be digested */
- CK_ULONG ulPartLen /* bytes of data to be digested */
-);
-#endif
-
-
-/* C_DigestKey continues a multi-part message-digesting
- * operation, by digesting the value of a secret key as part of
- * the data already digested.
- */
-CK_PKCS11_FUNCTION_INFO(C_DigestKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hKey /* secret key to digest */
-);
-#endif
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting
- * operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pDigest, /* gets the message digest */
- CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
-);
-#endif
-
-
-
-/* Signing and MACing */
-
-/* C_SignInit initializes a signature (private key encryption)
- * operation, where the signature is (will be) an appendix to
- * the data, and plaintext cannot be recovered from the
- * signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_SignInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of signature key */
-);
-#endif
-
-
-/* C_Sign signs (encrypts with private key) data in a single
- * part, where the signature is (will be) an appendix to the
- * data, and plaintext cannot be recovered from the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_Sign)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data to sign */
- CK_ULONG ulDataLen, /* count of bytes to sign */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the data to sign */
- CK_ULONG ulPartLen /* count of bytes to sign */
-);
-#endif
-
-
-/* C_SignFinal finishes a multiple-part signature operation,
- * returning the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_SignFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-/* C_SignRecoverInit initializes a signature operation, where
- * the data can be recovered from the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the signature key */
-);
-#endif
-
-
-/* C_SignRecover signs data in a single operation, where the
- * data can be recovered from the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_SignRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data to sign */
- CK_ULONG ulDataLen, /* count of bytes to sign */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-
-/* Verifying signatures and MACs */
-
-/* C_VerifyInit initializes a verification operation, where the
- * signature is an appendix to the data, and plaintext cannot
- * cannot be recovered from the signature (e.g. DSA).
- */
-CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* verification key */
-);
-#endif
-
-
-/* C_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data, and plaintext
- * cannot be recovered from the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_Verify)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* signed data */
- CK_ULONG ulDataLen, /* length of signed data */
- CK_BYTE_PTR pSignature, /* signature */
- CK_ULONG ulSignatureLen /* signature length*/
-);
-#endif
-
-
-/* C_VerifyUpdate continues a multiple-part verification
- * operation, where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* signed data */
- CK_ULONG ulPartLen /* length of signed data */
-);
-#endif
-
-
-/* C_VerifyFinal finishes a multiple-part verification
- * operation, checking the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* signature to verify */
- CK_ULONG ulSignatureLen /* signature length */
-);
-#endif
-
-
-/* C_VerifyRecoverInit initializes a signature verification
- * operation, where the data is recovered from the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* verification key */
-);
-#endif
-
-
-/* C_VerifyRecover verifies a signature in a single-part
- * operation, where the data is recovered from the signature.
- */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* signature to verify */
- CK_ULONG ulSignatureLen, /* signature length */
- CK_BYTE_PTR pData, /* gets signed data */
- CK_ULONG_PTR pulDataLen /* gets signed data len */
-);
-#endif
-
-
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting
- * and encryption operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext length */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* ciphertext */
- CK_ULONG ulEncryptedPartLen, /* ciphertext length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* gets plaintext len */
-);
-#endif
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext length */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and
- * verify operation.
- */
-CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* ciphertext */
- CK_ULONG ulEncryptedPartLen, /* ciphertext length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* gets p-text length */
-);
-#endif
-
-
-
-/* Key management */
-
-/* C_GenerateKey generates a secret key, creating a new key
- * object.
- */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* key generation mech. */
- CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
- CK_ULONG ulCount, /* # of attrs in template */
- CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
-);
-#endif
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects.
- */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session handle */
- CK_MECHANISM_PTR pMechanism, /* key-gen mech. */
- CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */
- CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */
- CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */
- CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */
- CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */
-);
-#endif
-
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-CK_PKCS11_FUNCTION_INFO(C_WrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
- CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
- CK_OBJECT_HANDLE hKey, /* key to be wrapped */
- CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
- CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
-);
-#endif
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
- * key object.
- */
-CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
- CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
- CK_BYTE_PTR pWrappedKey, /* the wrapped key */
- CK_ULONG ulWrappedKeyLen, /* wrapped key len */
- CK_ATTRIBUTE_PTR pTemplate, /* new key template */
- CK_ULONG ulAttributeCount, /* template length */
- CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
-);
-#endif
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key
- * object.
- */
-CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
- CK_OBJECT_HANDLE hBaseKey, /* base key */
- CK_ATTRIBUTE_PTR pTemplate, /* new key template */
- CK_ULONG ulAttributeCount, /* template length */
- CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
-);
-#endif
-
-
-
-/* Random number generation */
-
-/* C_SeedRandom mixes additional seed material into the token's
- * random number generator.
- */
-CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSeed, /* the seed material */
- CK_ULONG ulSeedLen /* length of seed material */
-);
-#endif
-
-
-/* C_GenerateRandom generates random data. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR RandomData, /* receives the random data */
- CK_ULONG ulRandomLen /* # of bytes to generate */
-);
-#endif
-
-
-
-/* Parallel function management */
-
-/* C_GetFunctionStatus is a legacy function; it obtains an
- * updated status of a function running in parallel with an
- * application.
- */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CancelFunction is a legacy function; it cancels a function
- * running in parallel.
- */
-CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_WaitForSlotEvent waits for a slot event (token insertion,
- * removal, etc.) to occur.
- */
-CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FLAGS flags, /* blocking/nonblocking flag */
- CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
- CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
-);
-#endif
-
diff --git a/src/lib/pkcs11/pkcs11t.h b/src/lib/pkcs11/pkcs11t.h
deleted file mode 100644
index 0cf3acc..0000000
--- a/src/lib/pkcs11/pkcs11t.h
+++ /dev/null
@@ -1,2003 +0,0 @@
-/* Copyright (c) OASIS Open 2016. All Rights Reserved./
- * /Distributed under the terms of the OASIS IPR Policy,
- * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
- * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
- * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
- */
-
-/* Latest version of the specification:
- * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
- */
-
-/* See top of pkcs11.h for information about the macros that
- * must be defined and the structure-packing conventions that
- * must be set before including this file.
- */
-
-#ifndef _PKCS11T_H_
-#define _PKCS11T_H_ 1
-
-#define CRYPTOKI_VERSION_MAJOR 2
-#define CRYPTOKI_VERSION_MINOR 40
-#define CRYPTOKI_VERSION_AMENDMENT 0
-
-#define CK_TRUE 1
-#define CK_FALSE 0
-
-#ifndef CK_DISABLE_TRUE_FALSE
-#ifndef FALSE
-#define FALSE CK_FALSE
-#endif
-#ifndef TRUE
-#define TRUE CK_TRUE
-#endif
-#endif
-
-/* an unsigned 8-bit value */
-typedef unsigned char CK_BYTE;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE CK_CHAR;
-
-/* an 8-bit UTF-8 character */
-typedef CK_BYTE CK_UTF8CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef CK_BYTE CK_BBOOL;
-
-/* an unsigned value, at least 32 bits long */
-typedef unsigned long int CK_ULONG;
-
-/* a signed value, the same size as a CK_ULONG */
-typedef long int CK_LONG;
-
-/* at least 32 bits; each bit is a Boolean flag */
-typedef CK_ULONG CK_FLAGS;
-
-
-/* some special values for certain CK_ULONG variables */
-#define CK_UNAVAILABLE_INFORMATION (~0UL)
-#define CK_EFFECTIVELY_INFINITE 0UL
-
-
-typedef CK_BYTE CK_PTR CK_BYTE_PTR;
-typedef CK_CHAR CK_PTR CK_CHAR_PTR;
-typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
-typedef CK_ULONG CK_PTR CK_ULONG_PTR;
-typedef void CK_PTR CK_VOID_PTR;
-
-/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
-typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
-
-
-/* The following value is always invalid if used as a session
- * handle or object handle
- */
-#define CK_INVALID_HANDLE 0UL
-
-
-typedef struct CK_VERSION {
- CK_BYTE major; /* integer portion of version number */
- CK_BYTE minor; /* 1/100ths portion of version number */
-} CK_VERSION;
-
-typedef CK_VERSION CK_PTR CK_VERSION_PTR;
-
-
-typedef struct CK_INFO {
- CK_VERSION cryptokiVersion; /* Cryptoki interface ver */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags; /* must be zero */
- CK_UTF8CHAR libraryDescription[32]; /* blank padded */
- CK_VERSION libraryVersion; /* version of library */
-} CK_INFO;
-
-typedef CK_INFO CK_PTR CK_INFO_PTR;
-
-
-/* CK_NOTIFICATION enumerates the types of notifications that
- * Cryptoki provides to an application
- */
-typedef CK_ULONG CK_NOTIFICATION;
-#define CKN_SURRENDER 0UL
-#define CKN_OTP_CHANGED 1UL
-
-typedef CK_ULONG CK_SLOT_ID;
-
-typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
-
-
-/* CK_SLOT_INFO provides information about a slot */
-typedef struct CK_SLOT_INFO {
- CK_UTF8CHAR slotDescription[64]; /* blank padded */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags;
-
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
-} CK_SLOT_INFO;
-
-/* flags: bit flags that provide capabilities of the slot
- * Bit Flag Mask Meaning
- */
-#define CKF_TOKEN_PRESENT 0x00000001UL /* a token is there */
-#define CKF_REMOVABLE_DEVICE 0x00000002UL /* removable devices*/
-#define CKF_HW_SLOT 0x00000004UL /* hardware slot */
-
-typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
-
-
-/* CK_TOKEN_INFO provides information about a token */
-typedef struct CK_TOKEN_INFO {
- CK_UTF8CHAR label[32]; /* blank padded */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_UTF8CHAR model[16]; /* blank padded */
- CK_CHAR serialNumber[16]; /* blank padded */
- CK_FLAGS flags; /* see below */
-
- CK_ULONG ulMaxSessionCount; /* max open sessions */
- CK_ULONG ulSessionCount; /* sess. now open */
- CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
- CK_ULONG ulRwSessionCount; /* R/W sess. now open */
- CK_ULONG ulMaxPinLen; /* in bytes */
- CK_ULONG ulMinPinLen; /* in bytes */
- CK_ULONG ulTotalPublicMemory; /* in bytes */
- CK_ULONG ulFreePublicMemory; /* in bytes */
- CK_ULONG ulTotalPrivateMemory; /* in bytes */
- CK_ULONG ulFreePrivateMemory; /* in bytes */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
- CK_CHAR utcTime[16]; /* time */
-} CK_TOKEN_INFO;
-
-/* The flags parameter is defined as follows:
- * Bit Flag Mask Meaning
- */
-#define CKF_RNG 0x00000001UL /* has random # generator */
-#define CKF_WRITE_PROTECTED 0x00000002UL /* token is write-protected */
-#define CKF_LOGIN_REQUIRED 0x00000004UL /* user must login */
-#define CKF_USER_PIN_INITIALIZED 0x00000008UL /* normal user's PIN is set */
-
-/* CKF_RESTORE_KEY_NOT_NEEDED. If it is set,
- * that means that *every* time the state of cryptographic
- * operations of a session is successfully saved, all keys
- * needed to continue those operations are stored in the state
- */
-#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020UL
-
-/* CKF_CLOCK_ON_TOKEN. If it is set, that means
- * that the token has some sort of clock. The time on that
- * clock is returned in the token info structure
- */
-#define CKF_CLOCK_ON_TOKEN 0x00000040UL
-
-/* CKF_PROTECTED_AUTHENTICATION_PATH. If it is
- * set, that means that there is some way for the user to login
- * without sending a PIN through the Cryptoki library itself
- */
-#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100UL
-
-/* CKF_DUAL_CRYPTO_OPERATIONS. If it is true,
- * that means that a single session with the token can perform
- * dual simultaneous cryptographic operations (digest and
- * encrypt; decrypt and digest; sign and encrypt; and decrypt
- * and sign)
- */
-#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200UL
-
-/* CKF_TOKEN_INITIALIZED. If it is true, the
- * token has been initialized using C_InitializeToken or an
- * equivalent mechanism outside the scope of PKCS #11.
- * Calling C_InitializeToken when this flag is set will cause
- * the token to be reinitialized.
- */
-#define CKF_TOKEN_INITIALIZED 0x00000400UL
-
-/* CKF_SECONDARY_AUTHENTICATION. If it is
- * true, the token supports secondary authentication for
- * private key objects.
- */
-#define CKF_SECONDARY_AUTHENTICATION 0x00000800UL
-
-/* CKF_USER_PIN_COUNT_LOW. If it is true, an
- * incorrect user login PIN has been entered at least once
- * since the last successful authentication.
- */
-#define CKF_USER_PIN_COUNT_LOW 0x00010000UL
-
-/* CKF_USER_PIN_FINAL_TRY. If it is true,
- * supplying an incorrect user PIN will it to become locked.
- */
-#define CKF_USER_PIN_FINAL_TRY 0x00020000UL
-
-/* CKF_USER_PIN_LOCKED. If it is true, the
- * user PIN has been locked. User login to the token is not
- * possible.
- */
-#define CKF_USER_PIN_LOCKED 0x00040000UL
-
-/* CKF_USER_PIN_TO_BE_CHANGED. If it is true,
- * the user PIN value is the default value set by token
- * initialization or manufacturing, or the PIN has been
- * expired by the card.
- */
-#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000UL
-
-/* CKF_SO_PIN_COUNT_LOW. If it is true, an
- * incorrect SO login PIN has been entered at least once since
- * the last successful authentication.
- */
-#define CKF_SO_PIN_COUNT_LOW 0x00100000UL
-
-/* CKF_SO_PIN_FINAL_TRY. If it is true,
- * supplying an incorrect SO PIN will it to become locked.
- */
-#define CKF_SO_PIN_FINAL_TRY 0x00200000UL
-
-/* CKF_SO_PIN_LOCKED. If it is true, the SO
- * PIN has been locked. SO login to the token is not possible.
- */
-#define CKF_SO_PIN_LOCKED 0x00400000UL
-
-/* CKF_SO_PIN_TO_BE_CHANGED. If it is true,
- * the SO PIN value is the default value set by token
- * initialization or manufacturing, or the PIN has been
- * expired by the card.
- */
-#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000UL
-
-#define CKF_ERROR_STATE 0x01000000UL
-
-typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
-
-
-/* CK_SESSION_HANDLE is a Cryptoki-assigned value that
- * identifies a session
- */
-typedef CK_ULONG CK_SESSION_HANDLE;
-
-typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
-
-
-/* CK_USER_TYPE enumerates the types of Cryptoki users */
-typedef CK_ULONG CK_USER_TYPE;
-/* Security Officer */
-#define CKU_SO 0UL
-/* Normal user */
-#define CKU_USER 1UL
-/* Context specific */
-#define CKU_CONTEXT_SPECIFIC 2UL
-
-/* CK_STATE enumerates the session states */
-typedef CK_ULONG CK_STATE;
-#define CKS_RO_PUBLIC_SESSION 0UL
-#define CKS_RO_USER_FUNCTIONS 1UL
-#define CKS_RW_PUBLIC_SESSION 2UL
-#define CKS_RW_USER_FUNCTIONS 3UL
-#define CKS_RW_SO_FUNCTIONS 4UL
-
-/* CK_SESSION_INFO provides information about a session */
-typedef struct CK_SESSION_INFO {
- CK_SLOT_ID slotID;
- CK_STATE state;
- CK_FLAGS flags; /* see below */
- CK_ULONG ulDeviceError; /* device-dependent error code */
-} CK_SESSION_INFO;
-
-/* The flags are defined in the following table:
- * Bit Flag Mask Meaning
- */
-#define CKF_RW_SESSION 0x00000002UL /* session is r/w */
-#define CKF_SERIAL_SESSION 0x00000004UL /* no parallel */
-
-typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
-
-
-/* CK_OBJECT_HANDLE is a token-specific identifier for an
- * object
- */
-typedef CK_ULONG CK_OBJECT_HANDLE;
-
-typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
-
-
-/* CK_OBJECT_CLASS is a value that identifies the classes (or
- * types) of objects that Cryptoki recognizes. It is defined
- * as follows:
- */
-typedef CK_ULONG CK_OBJECT_CLASS;
-
-/* The following classes of objects are defined: */
-#define CKO_DATA 0x00000000UL
-#define CKO_CERTIFICATE 0x00000001UL
-#define CKO_PUBLIC_KEY 0x00000002UL
-#define CKO_PRIVATE_KEY 0x00000003UL
-#define CKO_SECRET_KEY 0x00000004UL
-#define CKO_HW_FEATURE 0x00000005UL
-#define CKO_DOMAIN_PARAMETERS 0x00000006UL
-#define CKO_MECHANISM 0x00000007UL
-#define CKO_OTP_KEY 0x00000008UL
-
-#define CKO_VENDOR_DEFINED 0x80000000UL
-
-typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
-
-/* CK_HW_FEATURE_TYPE is a value that identifies the hardware feature type
- * of an object with CK_OBJECT_CLASS equal to CKO_HW_FEATURE.
- */
-typedef CK_ULONG CK_HW_FEATURE_TYPE;
-
-/* The following hardware feature types are defined */
-#define CKH_MONOTONIC_COUNTER 0x00000001UL
-#define CKH_CLOCK 0x00000002UL
-#define CKH_USER_INTERFACE 0x00000003UL
-#define CKH_VENDOR_DEFINED 0x80000000UL
-
-/* CK_KEY_TYPE is a value that identifies a key type */
-typedef CK_ULONG CK_KEY_TYPE;
-
-/* the following key types are defined: */
-#define CKK_RSA 0x00000000UL
-#define CKK_DSA 0x00000001UL
-#define CKK_DH 0x00000002UL
-#define CKK_ECDSA 0x00000003UL /* Deprecated */
-#define CKK_EC 0x00000003UL
-#define CKK_X9_42_DH 0x00000004UL
-#define CKK_KEA 0x00000005UL
-#define CKK_GENERIC_SECRET 0x00000010UL
-#define CKK_RC2 0x00000011UL
-#define CKK_RC4 0x00000012UL
-#define CKK_DES 0x00000013UL
-#define CKK_DES2 0x00000014UL
-#define CKK_DES3 0x00000015UL
-#define CKK_CAST 0x00000016UL
-#define CKK_CAST3 0x00000017UL
-#define CKK_CAST5 0x00000018UL /* Deprecated */
-#define CKK_CAST128 0x00000018UL
-#define CKK_RC5 0x00000019UL
-#define CKK_IDEA 0x0000001AUL
-#define CKK_SKIPJACK 0x0000001BUL
-#define CKK_BATON 0x0000001CUL
-#define CKK_JUNIPER 0x0000001DUL
-#define CKK_CDMF 0x0000001EUL
-#define CKK_AES 0x0000001FUL
-#define CKK_BLOWFISH 0x00000020UL
-#define CKK_TWOFISH 0x00000021UL
-#define CKK_SECURID 0x00000022UL
-#define CKK_HOTP 0x00000023UL
-#define CKK_ACTI 0x00000024UL
-#define CKK_CAMELLIA 0x00000025UL
-#define CKK_ARIA 0x00000026UL
-
-#define CKK_MD5_HMAC 0x00000027UL
-#define CKK_SHA_1_HMAC 0x00000028UL
-#define CKK_RIPEMD128_HMAC 0x00000029UL
-#define CKK_RIPEMD160_HMAC 0x0000002AUL
-#define CKK_SHA256_HMAC 0x0000002BUL
-#define CKK_SHA384_HMAC 0x0000002CUL
-#define CKK_SHA512_HMAC 0x0000002DUL
-#define CKK_SHA224_HMAC 0x0000002EUL
-
-#define CKK_SEED 0x0000002FUL
-#define CKK_GOSTR3410 0x00000030UL
-#define CKK_GOSTR3411 0x00000031UL
-#define CKK_GOST28147 0x00000032UL
-
-
-
-#define CKK_VENDOR_DEFINED 0x80000000UL
-
-
-/* CK_CERTIFICATE_TYPE is a value that identifies a certificate
- * type
- */
-typedef CK_ULONG CK_CERTIFICATE_TYPE;
-
-#define CK_CERTIFICATE_CATEGORY_UNSPECIFIED 0UL
-#define CK_CERTIFICATE_CATEGORY_TOKEN_USER 1UL
-#define CK_CERTIFICATE_CATEGORY_AUTHORITY 2UL
-#define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY 3UL
-
-#define CK_SECURITY_DOMAIN_UNSPECIFIED 0UL
-#define CK_SECURITY_DOMAIN_MANUFACTURER 1UL
-#define CK_SECURITY_DOMAIN_OPERATOR 2UL
-#define CK_SECURITY_DOMAIN_THIRD_PARTY 3UL
-
-
-/* The following certificate types are defined: */
-#define CKC_X_509 0x00000000UL
-#define CKC_X_509_ATTR_CERT 0x00000001UL
-#define CKC_WTLS 0x00000002UL
-#define CKC_VENDOR_DEFINED 0x80000000UL
-#define CKC_OPENPGP (CKC_VENDOR_DEFINED|0x00504750)
-
-/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
- * type
- */
-typedef CK_ULONG CK_ATTRIBUTE_TYPE;
-
-/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which
- * consists of an array of values.
- */
-#define CKF_ARRAY_ATTRIBUTE 0x40000000UL
-
-/* The following OTP-related defines relate to the CKA_OTP_FORMAT attribute */
-#define CK_OTP_FORMAT_DECIMAL 0UL
-#define CK_OTP_FORMAT_HEXADECIMAL 1UL
-#define CK_OTP_FORMAT_ALPHANUMERIC 2UL
-#define CK_OTP_FORMAT_BINARY 3UL
-
-/* The following OTP-related defines relate to the CKA_OTP_..._REQUIREMENT
- * attributes
- */
-#define CK_OTP_PARAM_IGNORED 0UL
-#define CK_OTP_PARAM_OPTIONAL 1UL
-#define CK_OTP_PARAM_MANDATORY 2UL
-
-/* The following attribute types are defined: */
-#define CKA_CLASS 0x00000000UL
-#define CKA_TOKEN 0x00000001UL
-#define CKA_PRIVATE 0x00000002UL
-#define CKA_LABEL 0x00000003UL
-#define CKA_APPLICATION 0x00000010UL
-#define CKA_VALUE 0x00000011UL
-#define CKA_OBJECT_ID 0x00000012UL
-#define CKA_CERTIFICATE_TYPE 0x00000080UL
-#define CKA_ISSUER 0x00000081UL
-#define CKA_SERIAL_NUMBER 0x00000082UL
-#define CKA_AC_ISSUER 0x00000083UL
-#define CKA_OWNER 0x00000084UL
-#define CKA_ATTR_TYPES 0x00000085UL
-#define CKA_TRUSTED 0x00000086UL
-#define CKA_CERTIFICATE_CATEGORY 0x00000087UL
-#define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088UL
-#define CKA_URL 0x00000089UL
-#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008AUL
-#define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008BUL
-#define CKA_NAME_HASH_ALGORITHM 0x0000008CUL
-#define CKA_CHECK_VALUE 0x00000090UL
-
-#define CKA_KEY_TYPE 0x00000100UL
-#define CKA_SUBJECT 0x00000101UL
-#define CKA_ID 0x00000102UL
-#define CKA_SENSITIVE 0x00000103UL
-#define CKA_ENCRYPT 0x00000104UL
-#define CKA_DECRYPT 0x00000105UL
-#define CKA_WRAP 0x00000106UL
-#define CKA_UNWRAP 0x00000107UL
-#define CKA_SIGN 0x00000108UL
-#define CKA_SIGN_RECOVER 0x00000109UL
-#define CKA_VERIFY 0x0000010AUL
-#define CKA_VERIFY_RECOVER 0x0000010BUL
-#define CKA_DERIVE 0x0000010CUL
-#define CKA_START_DATE 0x00000110UL
-#define CKA_END_DATE 0x00000111UL
-#define CKA_MODULUS 0x00000120UL
-#define CKA_MODULUS_BITS 0x00000121UL
-#define CKA_PUBLIC_EXPONENT 0x00000122UL
-#define CKA_PRIVATE_EXPONENT 0x00000123UL
-#define CKA_PRIME_1 0x00000124UL
-#define CKA_PRIME_2 0x00000125UL
-#define CKA_EXPONENT_1 0x00000126UL
-#define CKA_EXPONENT_2 0x00000127UL
-#define CKA_COEFFICIENT 0x00000128UL
-#define CKA_PUBLIC_KEY_INFO 0x00000129UL
-#define CKA_PRIME 0x00000130UL
-#define CKA_SUBPRIME 0x00000131UL
-#define CKA_BASE 0x00000132UL
-
-#define CKA_PRIME_BITS 0x00000133UL
-#define CKA_SUBPRIME_BITS 0x00000134UL
-#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS
-
-#define CKA_VALUE_BITS 0x00000160UL
-#define CKA_VALUE_LEN 0x00000161UL
-#define CKA_EXTRACTABLE 0x00000162UL
-#define CKA_LOCAL 0x00000163UL
-#define CKA_NEVER_EXTRACTABLE 0x00000164UL
-#define CKA_ALWAYS_SENSITIVE 0x00000165UL
-#define CKA_KEY_GEN_MECHANISM 0x00000166UL
-
-#define CKA_MODIFIABLE 0x00000170UL
-#define CKA_COPYABLE 0x00000171UL
-
-#define CKA_DESTROYABLE 0x00000172UL
-
-#define CKA_ECDSA_PARAMS 0x00000180UL /* Deprecated */
-#define CKA_EC_PARAMS 0x00000180UL
-
-#define CKA_EC_POINT 0x00000181UL
-
-#define CKA_SECONDARY_AUTH 0x00000200UL /* Deprecated */
-#define CKA_AUTH_PIN_FLAGS 0x00000201UL /* Deprecated */
-
-#define CKA_ALWAYS_AUTHENTICATE 0x00000202UL
-
-#define CKA_WRAP_WITH_TRUSTED 0x00000210UL
-#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211UL)
-#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212UL)
-#define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000213UL)
-
-#define CKA_OTP_FORMAT 0x00000220UL
-#define CKA_OTP_LENGTH 0x00000221UL
-#define CKA_OTP_TIME_INTERVAL 0x00000222UL
-#define CKA_OTP_USER_FRIENDLY_MODE 0x00000223UL
-#define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224UL
-#define CKA_OTP_TIME_REQUIREMENT 0x00000225UL
-#define CKA_OTP_COUNTER_REQUIREMENT 0x00000226UL
-#define CKA_OTP_PIN_REQUIREMENT 0x00000227UL
-#define CKA_OTP_COUNTER 0x0000022EUL
-#define CKA_OTP_TIME 0x0000022FUL
-#define CKA_OTP_USER_IDENTIFIER 0x0000022AUL
-#define CKA_OTP_SERVICE_IDENTIFIER 0x0000022BUL
-#define CKA_OTP_SERVICE_LOGO 0x0000022CUL
-#define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022DUL
-
-#define CKA_GOSTR3410_PARAMS 0x00000250UL
-#define CKA_GOSTR3411_PARAMS 0x00000251UL
-#define CKA_GOST28147_PARAMS 0x00000252UL
-
-#define CKA_HW_FEATURE_TYPE 0x00000300UL
-#define CKA_RESET_ON_INIT 0x00000301UL
-#define CKA_HAS_RESET 0x00000302UL
-
-#define CKA_PIXEL_X 0x00000400UL
-#define CKA_PIXEL_Y 0x00000401UL
-#define CKA_RESOLUTION 0x00000402UL
-#define CKA_CHAR_ROWS 0x00000403UL
-#define CKA_CHAR_COLUMNS 0x00000404UL
-#define CKA_COLOR 0x00000405UL
-#define CKA_BITS_PER_PIXEL 0x00000406UL
-#define CKA_CHAR_SETS 0x00000480UL
-#define CKA_ENCODING_METHODS 0x00000481UL
-#define CKA_MIME_TYPES 0x00000482UL
-#define CKA_MECHANISM_TYPE 0x00000500UL
-#define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501UL
-#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502UL
-#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503UL
-#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600UL)
-
-#define CKA_VENDOR_DEFINED 0x80000000UL
-
-/* CK_ATTRIBUTE is a structure that includes the type, length
- * and value of an attribute
- */
-typedef struct CK_ATTRIBUTE {
- CK_ATTRIBUTE_TYPE type;
- CK_VOID_PTR pValue;
- CK_ULONG ulValueLen; /* in bytes */
-} CK_ATTRIBUTE;
-
-typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
-
-/* CK_DATE is a structure that defines a date */
-typedef struct CK_DATE{
- CK_CHAR year[4]; /* the year ("1900" - "9999") */
- CK_CHAR month[2]; /* the month ("01" - "12") */
- CK_CHAR day[2]; /* the day ("01" - "31") */
-} CK_DATE;
-
-
-/* CK_MECHANISM_TYPE is a value that identifies a mechanism
- * type
- */
-typedef CK_ULONG CK_MECHANISM_TYPE;
-
-/* the following mechanism types are defined: */
-#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000UL
-#define CKM_RSA_PKCS 0x00000001UL
-#define CKM_RSA_9796 0x00000002UL
-#define CKM_RSA_X_509 0x00000003UL
-
-#define CKM_MD2_RSA_PKCS 0x00000004UL
-#define CKM_MD5_RSA_PKCS 0x00000005UL
-#define CKM_SHA1_RSA_PKCS 0x00000006UL
-
-#define CKM_RIPEMD128_RSA_PKCS 0x00000007UL
-#define CKM_RIPEMD160_RSA_PKCS 0x00000008UL
-#define CKM_RSA_PKCS_OAEP 0x00000009UL
-
-#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000AUL
-#define CKM_RSA_X9_31 0x0000000BUL
-#define CKM_SHA1_RSA_X9_31 0x0000000CUL
-#define CKM_RSA_PKCS_PSS 0x0000000DUL
-#define CKM_SHA1_RSA_PKCS_PSS 0x0000000EUL
-
-#define CKM_DSA_KEY_PAIR_GEN 0x00000010UL
-#define CKM_DSA 0x00000011UL
-#define CKM_DSA_SHA1 0x00000012UL
-#define CKM_DSA_SHA224 0x00000013UL
-#define CKM_DSA_SHA256 0x00000014UL
-#define CKM_DSA_SHA384 0x00000015UL
-#define CKM_DSA_SHA512 0x00000016UL
-
-#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020UL
-#define CKM_DH_PKCS_DERIVE 0x00000021UL
-
-#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030UL
-#define CKM_X9_42_DH_DERIVE 0x00000031UL
-#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032UL
-#define CKM_X9_42_MQV_DERIVE 0x00000033UL
-
-#define CKM_SHA256_RSA_PKCS 0x00000040UL
-#define CKM_SHA384_RSA_PKCS 0x00000041UL
-#define CKM_SHA512_RSA_PKCS 0x00000042UL
-#define CKM_SHA256_RSA_PKCS_PSS 0x00000043UL
-#define CKM_SHA384_RSA_PKCS_PSS 0x00000044UL
-#define CKM_SHA512_RSA_PKCS_PSS 0x00000045UL
-
-#define CKM_SHA224_RSA_PKCS 0x00000046UL
-#define CKM_SHA224_RSA_PKCS_PSS 0x00000047UL
-
-#define CKM_SHA512_224 0x00000048UL
-#define CKM_SHA512_224_HMAC 0x00000049UL
-#define CKM_SHA512_224_HMAC_GENERAL 0x0000004AUL
-#define CKM_SHA512_224_KEY_DERIVATION 0x0000004BUL
-#define CKM_SHA512_256 0x0000004CUL
-#define CKM_SHA512_256_HMAC 0x0000004DUL
-#define CKM_SHA512_256_HMAC_GENERAL 0x0000004EUL
-#define CKM_SHA512_256_KEY_DERIVATION 0x0000004FUL
-
-#define CKM_SHA512_T 0x00000050UL
-#define CKM_SHA512_T_HMAC 0x00000051UL
-#define CKM_SHA512_T_HMAC_GENERAL 0x00000052UL
-#define CKM_SHA512_T_KEY_DERIVATION 0x00000053UL
-
-#define CKM_RC2_KEY_GEN 0x00000100UL
-#define CKM_RC2_ECB 0x00000101UL
-#define CKM_RC2_CBC 0x00000102UL
-#define CKM_RC2_MAC 0x00000103UL
-
-#define CKM_RC2_MAC_GENERAL 0x00000104UL
-#define CKM_RC2_CBC_PAD 0x00000105UL
-
-#define CKM_RC4_KEY_GEN 0x00000110UL
-#define CKM_RC4 0x00000111UL
-#define CKM_DES_KEY_GEN 0x00000120UL
-#define CKM_DES_ECB 0x00000121UL
-#define CKM_DES_CBC 0x00000122UL
-#define CKM_DES_MAC 0x00000123UL
-
-#define CKM_DES_MAC_GENERAL 0x00000124UL
-#define CKM_DES_CBC_PAD 0x00000125UL
-
-#define CKM_DES2_KEY_GEN 0x00000130UL
-#define CKM_DES3_KEY_GEN 0x00000131UL
-#define CKM_DES3_ECB 0x00000132UL
-#define CKM_DES3_CBC 0x00000133UL
-#define CKM_DES3_MAC 0x00000134UL
-
-#define CKM_DES3_MAC_GENERAL 0x00000135UL
-#define CKM_DES3_CBC_PAD 0x00000136UL
-#define CKM_DES3_CMAC_GENERAL 0x00000137UL
-#define CKM_DES3_CMAC 0x00000138UL
-#define CKM_CDMF_KEY_GEN 0x00000140UL
-#define CKM_CDMF_ECB 0x00000141UL
-#define CKM_CDMF_CBC 0x00000142UL
-#define CKM_CDMF_MAC 0x00000143UL
-#define CKM_CDMF_MAC_GENERAL 0x00000144UL
-#define CKM_CDMF_CBC_PAD 0x00000145UL
-
-#define CKM_DES_OFB64 0x00000150UL
-#define CKM_DES_OFB8 0x00000151UL
-#define CKM_DES_CFB64 0x00000152UL
-#define CKM_DES_CFB8 0x00000153UL
-
-#define CKM_MD2 0x00000200UL
-
-#define CKM_MD2_HMAC 0x00000201UL
-#define CKM_MD2_HMAC_GENERAL 0x00000202UL
-
-#define CKM_MD5 0x00000210UL
-
-#define CKM_MD5_HMAC 0x00000211UL
-#define CKM_MD5_HMAC_GENERAL 0x00000212UL
-
-#define CKM_SHA_1 0x00000220UL
-
-#define CKM_SHA_1_HMAC 0x00000221UL
-#define CKM_SHA_1_HMAC_GENERAL 0x00000222UL
-
-#define CKM_RIPEMD128 0x00000230UL
-#define CKM_RIPEMD128_HMAC 0x00000231UL
-#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232UL
-#define CKM_RIPEMD160 0x00000240UL
-#define CKM_RIPEMD160_HMAC 0x00000241UL
-#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242UL
-
-#define CKM_SHA256 0x00000250UL
-#define CKM_SHA256_HMAC 0x00000251UL
-#define CKM_SHA256_HMAC_GENERAL 0x00000252UL
-#define CKM_SHA224 0x00000255UL
-#define CKM_SHA224_HMAC 0x00000256UL
-#define CKM_SHA224_HMAC_GENERAL 0x00000257UL
-#define CKM_SHA384 0x00000260UL
-#define CKM_SHA384_HMAC 0x00000261UL
-#define CKM_SHA384_HMAC_GENERAL 0x00000262UL
-#define CKM_SHA512 0x00000270UL
-#define CKM_SHA512_HMAC 0x00000271UL
-#define CKM_SHA512_HMAC_GENERAL 0x00000272UL
-#define CKM_SECURID_KEY_GEN 0x00000280UL
-#define CKM_SECURID 0x00000282UL
-#define CKM_HOTP_KEY_GEN 0x00000290UL
-#define CKM_HOTP 0x00000291UL
-#define CKM_ACTI 0x000002A0UL
-#define CKM_ACTI_KEY_GEN 0x000002A1UL
-
-#define CKM_CAST_KEY_GEN 0x00000300UL
-#define CKM_CAST_ECB 0x00000301UL
-#define CKM_CAST_CBC 0x00000302UL
-#define CKM_CAST_MAC 0x00000303UL
-#define CKM_CAST_MAC_GENERAL 0x00000304UL
-#define CKM_CAST_CBC_PAD 0x00000305UL
-#define CKM_CAST3_KEY_GEN 0x00000310UL
-#define CKM_CAST3_ECB 0x00000311UL
-#define CKM_CAST3_CBC 0x00000312UL
-#define CKM_CAST3_MAC 0x00000313UL
-#define CKM_CAST3_MAC_GENERAL 0x00000314UL
-#define CKM_CAST3_CBC_PAD 0x00000315UL
-/* Note that CAST128 and CAST5 are the same algorithm */
-#define CKM_CAST5_KEY_GEN 0x00000320UL
-#define CKM_CAST128_KEY_GEN 0x00000320UL
-#define CKM_CAST5_ECB 0x00000321UL
-#define CKM_CAST128_ECB 0x00000321UL
-#define CKM_CAST5_CBC 0x00000322UL /* Deprecated */
-#define CKM_CAST128_CBC 0x00000322UL
-#define CKM_CAST5_MAC 0x00000323UL /* Deprecated */
-#define CKM_CAST128_MAC 0x00000323UL
-#define CKM_CAST5_MAC_GENERAL 0x00000324UL /* Deprecated */
-#define CKM_CAST128_MAC_GENERAL 0x00000324UL
-#define CKM_CAST5_CBC_PAD 0x00000325UL /* Deprecated */
-#define CKM_CAST128_CBC_PAD 0x00000325UL
-#define CKM_RC5_KEY_GEN 0x00000330UL
-#define CKM_RC5_ECB 0x00000331UL
-#define CKM_RC5_CBC 0x00000332UL
-#define CKM_RC5_MAC 0x00000333UL
-#define CKM_RC5_MAC_GENERAL 0x00000334UL
-#define CKM_RC5_CBC_PAD 0x00000335UL
-#define CKM_IDEA_KEY_GEN 0x00000340UL
-#define CKM_IDEA_ECB 0x00000341UL
-#define CKM_IDEA_CBC 0x00000342UL
-#define CKM_IDEA_MAC 0x00000343UL
-#define CKM_IDEA_MAC_GENERAL 0x00000344UL
-#define CKM_IDEA_CBC_PAD 0x00000345UL
-#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350UL
-#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360UL
-#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362UL
-#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363UL
-#define CKM_XOR_BASE_AND_DATA 0x00000364UL
-#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365UL
-#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370UL
-#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371UL
-#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372UL
-
-#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373UL
-#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374UL
-#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375UL
-#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376UL
-#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377UL
-
-#define CKM_TLS_PRF 0x00000378UL
-
-#define CKM_SSL3_MD5_MAC 0x00000380UL
-#define CKM_SSL3_SHA1_MAC 0x00000381UL
-#define CKM_MD5_KEY_DERIVATION 0x00000390UL
-#define CKM_MD2_KEY_DERIVATION 0x00000391UL
-#define CKM_SHA1_KEY_DERIVATION 0x00000392UL
-
-#define CKM_SHA256_KEY_DERIVATION 0x00000393UL
-#define CKM_SHA384_KEY_DERIVATION 0x00000394UL
-#define CKM_SHA512_KEY_DERIVATION 0x00000395UL
-#define CKM_SHA224_KEY_DERIVATION 0x00000396UL
-
-#define CKM_PBE_MD2_DES_CBC 0x000003A0UL
-#define CKM_PBE_MD5_DES_CBC 0x000003A1UL
-#define CKM_PBE_MD5_CAST_CBC 0x000003A2UL
-#define CKM_PBE_MD5_CAST3_CBC 0x000003A3UL
-#define CKM_PBE_MD5_CAST5_CBC 0x000003A4UL /* Deprecated */
-#define CKM_PBE_MD5_CAST128_CBC 0x000003A4UL
-#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5UL /* Deprecated */
-#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5UL
-#define CKM_PBE_SHA1_RC4_128 0x000003A6UL
-#define CKM_PBE_SHA1_RC4_40 0x000003A7UL
-#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8UL
-#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9UL
-#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AAUL
-#define CKM_PBE_SHA1_RC2_40_CBC 0x000003ABUL
-
-#define CKM_PKCS5_PBKD2 0x000003B0UL
-
-#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0UL
-
-#define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0UL
-#define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1UL
-#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2UL
-#define CKM_WTLS_PRF 0x000003D3UL
-#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4UL
-#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5UL
-
-#define CKM_TLS10_MAC_SERVER 0x000003D6UL
-#define CKM_TLS10_MAC_CLIENT 0x000003D7UL
-#define CKM_TLS12_MAC 0x000003D8UL
-#define CKM_TLS12_KDF 0x000003D9UL
-#define CKM_TLS12_MASTER_KEY_DERIVE 0x000003E0UL
-#define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003E1UL
-#define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003E2UL
-#define CKM_TLS12_KEY_SAFE_DERIVE 0x000003E3UL
-#define CKM_TLS_MAC 0x000003E4UL
-#define CKM_TLS_KDF 0x000003E5UL
-
-#define CKM_KEY_WRAP_LYNKS 0x00000400UL
-#define CKM_KEY_WRAP_SET_OAEP 0x00000401UL
-
-#define CKM_CMS_SIG 0x00000500UL
-#define CKM_KIP_DERIVE 0x00000510UL
-#define CKM_KIP_WRAP 0x00000511UL
-#define CKM_KIP_MAC 0x00000512UL
-
-#define CKM_CAMELLIA_KEY_GEN 0x00000550UL
-#define CKM_CAMELLIA_ECB 0x00000551UL
-#define CKM_CAMELLIA_CBC 0x00000552UL
-#define CKM_CAMELLIA_MAC 0x00000553UL
-#define CKM_CAMELLIA_MAC_GENERAL 0x00000554UL
-#define CKM_CAMELLIA_CBC_PAD 0x00000555UL
-#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556UL
-#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557UL
-#define CKM_CAMELLIA_CTR 0x00000558UL
-
-#define CKM_ARIA_KEY_GEN 0x00000560UL
-#define CKM_ARIA_ECB 0x00000561UL
-#define CKM_ARIA_CBC 0x00000562UL
-#define CKM_ARIA_MAC 0x00000563UL
-#define CKM_ARIA_MAC_GENERAL 0x00000564UL
-#define CKM_ARIA_CBC_PAD 0x00000565UL
-#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566UL
-#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567UL
-
-#define CKM_SEED_KEY_GEN 0x00000650UL
-#define CKM_SEED_ECB 0x00000651UL
-#define CKM_SEED_CBC 0x00000652UL
-#define CKM_SEED_MAC 0x00000653UL
-#define CKM_SEED_MAC_GENERAL 0x00000654UL
-#define CKM_SEED_CBC_PAD 0x00000655UL
-#define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656UL
-#define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657UL
-
-#define CKM_SKIPJACK_KEY_GEN 0x00001000UL
-#define CKM_SKIPJACK_ECB64 0x00001001UL
-#define CKM_SKIPJACK_CBC64 0x00001002UL
-#define CKM_SKIPJACK_OFB64 0x00001003UL
-#define CKM_SKIPJACK_CFB64 0x00001004UL
-#define CKM_SKIPJACK_CFB32 0x00001005UL
-#define CKM_SKIPJACK_CFB16 0x00001006UL
-#define CKM_SKIPJACK_CFB8 0x00001007UL
-#define CKM_SKIPJACK_WRAP 0x00001008UL
-#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009UL
-#define CKM_SKIPJACK_RELAYX 0x0000100aUL
-#define CKM_KEA_KEY_PAIR_GEN 0x00001010UL
-#define CKM_KEA_KEY_DERIVE 0x00001011UL
-#define CKM_KEA_DERIVE 0x00001012UL
-#define CKM_FORTEZZA_TIMESTAMP 0x00001020UL
-#define CKM_BATON_KEY_GEN 0x00001030UL
-#define CKM_BATON_ECB128 0x00001031UL
-#define CKM_BATON_ECB96 0x00001032UL
-#define CKM_BATON_CBC128 0x00001033UL
-#define CKM_BATON_COUNTER 0x00001034UL
-#define CKM_BATON_SHUFFLE 0x00001035UL
-#define CKM_BATON_WRAP 0x00001036UL
-
-#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040UL /* Deprecated */
-#define CKM_EC_KEY_PAIR_GEN 0x00001040UL
-
-#define CKM_ECDSA 0x00001041UL
-#define CKM_ECDSA_SHA1 0x00001042UL
-#define CKM_ECDSA_SHA224 0x00001043UL
-#define CKM_ECDSA_SHA256 0x00001044UL
-#define CKM_ECDSA_SHA384 0x00001045UL
-#define CKM_ECDSA_SHA512 0x00001046UL
-
-#define CKM_ECDH1_DERIVE 0x00001050UL
-#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051UL
-#define CKM_ECMQV_DERIVE 0x00001052UL
-
-#define CKM_ECDH_AES_KEY_WRAP 0x00001053UL
-#define CKM_RSA_AES_KEY_WRAP 0x00001054UL
-
-#define CKM_JUNIPER_KEY_GEN 0x00001060UL
-#define CKM_JUNIPER_ECB128 0x00001061UL
-#define CKM_JUNIPER_CBC128 0x00001062UL
-#define CKM_JUNIPER_COUNTER 0x00001063UL
-#define CKM_JUNIPER_SHUFFLE 0x00001064UL
-#define CKM_JUNIPER_WRAP 0x00001065UL
-#define CKM_FASTHASH 0x00001070UL
-
-#define CKM_AES_KEY_GEN 0x00001080UL
-#define CKM_AES_ECB 0x00001081UL
-#define CKM_AES_CBC 0x00001082UL
-#define CKM_AES_MAC 0x00001083UL
-#define CKM_AES_MAC_GENERAL 0x00001084UL
-#define CKM_AES_CBC_PAD 0x00001085UL
-#define CKM_AES_CTR 0x00001086UL
-#define CKM_AES_GCM 0x00001087UL
-#define CKM_AES_CCM 0x00001088UL
-#define CKM_AES_CTS 0x00001089UL
-#define CKM_AES_CMAC 0x0000108AUL
-#define CKM_AES_CMAC_GENERAL 0x0000108BUL
-
-#define CKM_AES_XCBC_MAC 0x0000108CUL
-#define CKM_AES_XCBC_MAC_96 0x0000108DUL
-#define CKM_AES_GMAC 0x0000108EUL
-
-#define CKM_BLOWFISH_KEY_GEN 0x00001090UL
-#define CKM_BLOWFISH_CBC 0x00001091UL
-#define CKM_TWOFISH_KEY_GEN 0x00001092UL
-#define CKM_TWOFISH_CBC 0x00001093UL
-#define CKM_BLOWFISH_CBC_PAD 0x00001094UL
-#define CKM_TWOFISH_CBC_PAD 0x00001095UL
-
-#define CKM_DES_ECB_ENCRYPT_DATA 0x00001100UL
-#define CKM_DES_CBC_ENCRYPT_DATA 0x00001101UL
-#define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102UL
-#define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103UL
-#define CKM_AES_ECB_ENCRYPT_DATA 0x00001104UL
-#define CKM_AES_CBC_ENCRYPT_DATA 0x00001105UL
-
-#define CKM_GOSTR3410_KEY_PAIR_GEN 0x00001200UL
-#define CKM_GOSTR3410 0x00001201UL
-#define CKM_GOSTR3410_WITH_GOSTR3411 0x00001202UL
-#define CKM_GOSTR3410_KEY_WRAP 0x00001203UL
-#define CKM_GOSTR3410_DERIVE 0x00001204UL
-#define CKM_GOSTR3411 0x00001210UL
-#define CKM_GOSTR3411_HMAC 0x00001211UL
-#define CKM_GOST28147_KEY_GEN 0x00001220UL
-#define CKM_GOST28147_ECB 0x00001221UL
-#define CKM_GOST28147 0x00001222UL
-#define CKM_GOST28147_MAC 0x00001223UL
-#define CKM_GOST28147_KEY_WRAP 0x00001224UL
-
-#define CKM_DSA_PARAMETER_GEN 0x00002000UL
-#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001UL
-#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002UL
-#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN 0x00002003UL
-#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN 0x00002004UL
-
-#define CKM_AES_OFB 0x00002104UL
-#define CKM_AES_CFB64 0x00002105UL
-#define CKM_AES_CFB8 0x00002106UL
-#define CKM_AES_CFB128 0x00002107UL
-
-#define CKM_AES_CFB1 0x00002108UL
-#define CKM_AES_KEY_WRAP 0x00002109UL /* WAS: 0x00001090 */
-#define CKM_AES_KEY_WRAP_PAD 0x0000210AUL /* WAS: 0x00001091 */
-
-#define CKM_RSA_PKCS_TPM_1_1 0x00004001UL
-#define CKM_RSA_PKCS_OAEP_TPM_1_1 0x00004002UL
-
-#define CKM_VENDOR_DEFINED 0x80000000UL
-
-typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
-
-
-/* CK_MECHANISM is a structure that specifies a particular
- * mechanism
- */
-typedef struct CK_MECHANISM {
- CK_MECHANISM_TYPE mechanism;
- CK_VOID_PTR pParameter;
- CK_ULONG ulParameterLen; /* in bytes */
-} CK_MECHANISM;
-
-typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
-
-
-/* CK_MECHANISM_INFO provides information about a particular
- * mechanism
- */
-typedef struct CK_MECHANISM_INFO {
- CK_ULONG ulMinKeySize;
- CK_ULONG ulMaxKeySize;
- CK_FLAGS flags;
-} CK_MECHANISM_INFO;
-
-/* The flags are defined as follows:
- * Bit Flag Mask Meaning */
-#define CKF_HW 0x00000001UL /* performed by HW */
-
-/* Specify whether or not a mechanism can be used for a particular task */
-#define CKF_ENCRYPT 0x00000100UL
-#define CKF_DECRYPT 0x00000200UL
-#define CKF_DIGEST 0x00000400UL
-#define CKF_SIGN 0x00000800UL
-#define CKF_SIGN_RECOVER 0x00001000UL
-#define CKF_VERIFY 0x00002000UL
-#define CKF_VERIFY_RECOVER 0x00004000UL
-#define CKF_GENERATE 0x00008000UL
-#define CKF_GENERATE_KEY_PAIR 0x00010000UL
-#define CKF_WRAP 0x00020000UL
-#define CKF_UNWRAP 0x00040000UL
-#define CKF_DERIVE 0x00080000UL
-
-/* Describe a token's EC capabilities not available in mechanism
- * information.
- */
-#define CKF_EC_F_P 0x00100000UL
-#define CKF_EC_F_2M 0x00200000UL
-#define CKF_EC_ECPARAMETERS 0x00400000UL
-#define CKF_EC_NAMEDCURVE 0x00800000UL
-#define CKF_EC_UNCOMPRESS 0x01000000UL
-#define CKF_EC_COMPRESS 0x02000000UL
-
-#define CKF_EXTENSION 0x80000000UL
-
-typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
-
-/* CK_RV is a value that identifies the return value of a
- * Cryptoki function
- */
-typedef CK_ULONG CK_RV;
-
-#define CKR_OK 0x00000000UL
-#define CKR_CANCEL 0x00000001UL
-#define CKR_HOST_MEMORY 0x00000002UL
-#define CKR_SLOT_ID_INVALID 0x00000003UL
-
-#define CKR_GENERAL_ERROR 0x00000005UL
-#define CKR_FUNCTION_FAILED 0x00000006UL
-
-#define CKR_ARGUMENTS_BAD 0x00000007UL
-#define CKR_NO_EVENT 0x00000008UL
-#define CKR_NEED_TO_CREATE_THREADS 0x00000009UL
-#define CKR_CANT_LOCK 0x0000000AUL
-
-#define CKR_ATTRIBUTE_READ_ONLY 0x00000010UL
-#define CKR_ATTRIBUTE_SENSITIVE 0x00000011UL
-#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012UL
-#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013UL
-
-#define CKR_ACTION_PROHIBITED 0x0000001BUL
-
-#define CKR_DATA_INVALID 0x00000020UL
-#define CKR_DATA_LEN_RANGE 0x00000021UL
-#define CKR_DEVICE_ERROR 0x00000030UL
-#define CKR_DEVICE_MEMORY 0x00000031UL
-#define CKR_DEVICE_REMOVED 0x00000032UL
-#define CKR_ENCRYPTED_DATA_INVALID 0x00000040UL
-#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041UL
-#define CKR_FUNCTION_CANCELED 0x00000050UL
-#define CKR_FUNCTION_NOT_PARALLEL 0x00000051UL
-
-#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054UL
-
-#define CKR_KEY_HANDLE_INVALID 0x00000060UL
-
-#define CKR_KEY_SIZE_RANGE 0x00000062UL
-#define CKR_KEY_TYPE_INCONSISTENT 0x00000063UL
-
-#define CKR_KEY_NOT_NEEDED 0x00000064UL
-#define CKR_KEY_CHANGED 0x00000065UL
-#define CKR_KEY_NEEDED 0x00000066UL
-#define CKR_KEY_INDIGESTIBLE 0x00000067UL
-#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068UL
-#define CKR_KEY_NOT_WRAPPABLE 0x00000069UL
-#define CKR_KEY_UNEXTRACTABLE 0x0000006AUL
-
-#define CKR_MECHANISM_INVALID 0x00000070UL
-#define CKR_MECHANISM_PARAM_INVALID 0x00000071UL
-
-#define CKR_OBJECT_HANDLE_INVALID 0x00000082UL
-#define CKR_OPERATION_ACTIVE 0x00000090UL
-#define CKR_OPERATION_NOT_INITIALIZED 0x00000091UL
-#define CKR_PIN_INCORRECT 0x000000A0UL
-#define CKR_PIN_INVALID 0x000000A1UL
-#define CKR_PIN_LEN_RANGE 0x000000A2UL
-
-#define CKR_PIN_EXPIRED 0x000000A3UL
-#define CKR_PIN_LOCKED 0x000000A4UL
-
-#define CKR_SESSION_CLOSED 0x000000B0UL
-#define CKR_SESSION_COUNT 0x000000B1UL
-#define CKR_SESSION_HANDLE_INVALID 0x000000B3UL
-#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4UL
-#define CKR_SESSION_READ_ONLY 0x000000B5UL
-#define CKR_SESSION_EXISTS 0x000000B6UL
-
-#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7UL
-#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8UL
-
-#define CKR_SIGNATURE_INVALID 0x000000C0UL
-#define CKR_SIGNATURE_LEN_RANGE 0x000000C1UL
-#define CKR_TEMPLATE_INCOMPLETE 0x000000D0UL
-#define CKR_TEMPLATE_INCONSISTENT 0x000000D1UL
-#define CKR_TOKEN_NOT_PRESENT 0x000000E0UL
-#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1UL
-#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2UL
-#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0UL
-#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1UL
-#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2UL
-#define CKR_USER_ALREADY_LOGGED_IN 0x00000100UL
-#define CKR_USER_NOT_LOGGED_IN 0x00000101UL
-#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102UL
-#define CKR_USER_TYPE_INVALID 0x00000103UL
-
-#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104UL
-#define CKR_USER_TOO_MANY_TYPES 0x00000105UL
-
-#define CKR_WRAPPED_KEY_INVALID 0x00000110UL
-#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112UL
-#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113UL
-#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114UL
-#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115UL
-#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120UL
-
-#define CKR_RANDOM_NO_RNG 0x00000121UL
-
-#define CKR_DOMAIN_PARAMS_INVALID 0x00000130UL
-
-#define CKR_CURVE_NOT_SUPPORTED 0x00000140UL
-
-#define CKR_BUFFER_TOO_SMALL 0x00000150UL
-#define CKR_SAVED_STATE_INVALID 0x00000160UL
-#define CKR_INFORMATION_SENSITIVE 0x00000170UL
-#define CKR_STATE_UNSAVEABLE 0x00000180UL
-
-#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190UL
-#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191UL
-#define CKR_MUTEX_BAD 0x000001A0UL
-#define CKR_MUTEX_NOT_LOCKED 0x000001A1UL
-
-#define CKR_NEW_PIN_MODE 0x000001B0UL
-#define CKR_NEXT_OTP 0x000001B1UL
-
-#define CKR_EXCEEDED_MAX_ITERATIONS 0x000001B5UL
-#define CKR_FIPS_SELF_TEST_FAILED 0x000001B6UL
-#define CKR_LIBRARY_LOAD_FAILED 0x000001B7UL
-#define CKR_PIN_TOO_WEAK 0x000001B8UL
-#define CKR_PUBLIC_KEY_INVALID 0x000001B9UL
-
-#define CKR_FUNCTION_REJECTED 0x00000200UL
-
-#define CKR_VENDOR_DEFINED 0x80000000UL
-
-
-/* CK_NOTIFY is an application callback that processes events */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_NOTIFICATION event,
- CK_VOID_PTR pApplication /* passed to C_OpenSession */
-);
-
-
-/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec
- * version and pointers of appropriate types to all the
- * Cryptoki functions
- */
-typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
-
-typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
-
-typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
-
-
-/* CK_CREATEMUTEX is an application callback for creating a
- * mutex object
- */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
- CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
-);
-
-
-/* CK_DESTROYMUTEX is an application callback for destroying a
- * mutex object
- */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_LOCKMUTEX is an application callback for locking a mutex */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_UNLOCKMUTEX is an application callback for unlocking a
- * mutex
- */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_C_INITIALIZE_ARGS provides the optional arguments to
- * C_Initialize
- */
-typedef struct CK_C_INITIALIZE_ARGS {
- CK_CREATEMUTEX CreateMutex;
- CK_DESTROYMUTEX DestroyMutex;
- CK_LOCKMUTEX LockMutex;
- CK_UNLOCKMUTEX UnlockMutex;
- CK_FLAGS flags;
- CK_VOID_PTR pReserved;
-} CK_C_INITIALIZE_ARGS;
-
-/* flags: bit flags that provide capabilities of the slot
- * Bit Flag Mask Meaning
- */
-#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001UL
-#define CKF_OS_LOCKING_OK 0x00000002UL
-
-typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
-
-
-/* additional flags for parameters to functions */
-
-/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
-#define CKF_DONT_BLOCK 1
-
-/* CK_RSA_PKCS_MGF_TYPE is used to indicate the Message
- * Generation Function (MGF) applied to a message block when
- * formatting a message block for the PKCS #1 OAEP encryption
- * scheme.
- */
-typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
-
-typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;
-
-/* The following MGFs are defined */
-#define CKG_MGF1_SHA1 0x00000001UL
-#define CKG_MGF1_SHA256 0x00000002UL
-#define CKG_MGF1_SHA384 0x00000003UL
-#define CKG_MGF1_SHA512 0x00000004UL
-#define CKG_MGF1_SHA224 0x00000005UL
-
-/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
- * of the encoding parameter when formatting a message block
- * for the PKCS #1 OAEP encryption scheme.
- */
-typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
-
-typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
-
-/* The following encoding parameter sources are defined */
-#define CKZ_DATA_SPECIFIED 0x00000001UL
-
-/* CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
- * CKM_RSA_PKCS_OAEP mechanism.
- */
-typedef struct CK_RSA_PKCS_OAEP_PARAMS {
- CK_MECHANISM_TYPE hashAlg;
- CK_RSA_PKCS_MGF_TYPE mgf;
- CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
- CK_VOID_PTR pSourceData;
- CK_ULONG ulSourceDataLen;
-} CK_RSA_PKCS_OAEP_PARAMS;
-
-typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
-
-/* CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
- * CKM_RSA_PKCS_PSS mechanism(s).
- */
-typedef struct CK_RSA_PKCS_PSS_PARAMS {
- CK_MECHANISM_TYPE hashAlg;
- CK_RSA_PKCS_MGF_TYPE mgf;
- CK_ULONG sLen;
-} CK_RSA_PKCS_PSS_PARAMS;
-
-typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;
-
-typedef CK_ULONG CK_EC_KDF_TYPE;
-
-/* The following EC Key Derivation Functions are defined */
-#define CKD_NULL 0x00000001UL
-#define CKD_SHA1_KDF 0x00000002UL
-
-/* The following X9.42 DH key derivation functions are defined */
-#define CKD_SHA1_KDF_ASN1 0x00000003UL
-#define CKD_SHA1_KDF_CONCATENATE 0x00000004UL
-#define CKD_SHA224_KDF 0x00000005UL
-#define CKD_SHA256_KDF 0x00000006UL
-#define CKD_SHA384_KDF 0x00000007UL
-#define CKD_SHA512_KDF 0x00000008UL
-#define CKD_CPDIVERSIFY_KDF 0x00000009UL
-
-
-/* CK_ECDH1_DERIVE_PARAMS provides the parameters to the
- * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,
- * where each party contributes one key pair.
- */
-typedef struct CK_ECDH1_DERIVE_PARAMS {
- CK_EC_KDF_TYPE kdf;
- CK_ULONG ulSharedDataLen;
- CK_BYTE_PTR pSharedData;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
-} CK_ECDH1_DERIVE_PARAMS;
-
-typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;
-
-/*
- * CK_ECDH2_DERIVE_PARAMS provides the parameters to the
- * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs.
- */
-typedef struct CK_ECDH2_DERIVE_PARAMS {
- CK_EC_KDF_TYPE kdf;
- CK_ULONG ulSharedDataLen;
- CK_BYTE_PTR pSharedData;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPrivateDataLen;
- CK_OBJECT_HANDLE hPrivateData;
- CK_ULONG ulPublicDataLen2;
- CK_BYTE_PTR pPublicData2;
-} CK_ECDH2_DERIVE_PARAMS;
-
-typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR;
-
-typedef struct CK_ECMQV_DERIVE_PARAMS {
- CK_EC_KDF_TYPE kdf;
- CK_ULONG ulSharedDataLen;
- CK_BYTE_PTR pSharedData;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPrivateDataLen;
- CK_OBJECT_HANDLE hPrivateData;
- CK_ULONG ulPublicDataLen2;
- CK_BYTE_PTR pPublicData2;
- CK_OBJECT_HANDLE publicKey;
-} CK_ECMQV_DERIVE_PARAMS;
-
-typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR;
-
-/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the
- * CKM_X9_42_DH_PARAMETER_GEN mechanisms
- */
-typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;
-typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;
-
-/* CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the
- * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party
- * contributes one key pair
- */
-typedef struct CK_X9_42_DH1_DERIVE_PARAMS {
- CK_X9_42_DH_KDF_TYPE kdf;
- CK_ULONG ulOtherInfoLen;
- CK_BYTE_PTR pOtherInfo;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
-} CK_X9_42_DH1_DERIVE_PARAMS;
-
-typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;
-
-/* CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the
- * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation
- * mechanisms, where each party contributes two key pairs
- */
-typedef struct CK_X9_42_DH2_DERIVE_PARAMS {
- CK_X9_42_DH_KDF_TYPE kdf;
- CK_ULONG ulOtherInfoLen;
- CK_BYTE_PTR pOtherInfo;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPrivateDataLen;
- CK_OBJECT_HANDLE hPrivateData;
- CK_ULONG ulPublicDataLen2;
- CK_BYTE_PTR pPublicData2;
-} CK_X9_42_DH2_DERIVE_PARAMS;
-
-typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;
-
-typedef struct CK_X9_42_MQV_DERIVE_PARAMS {
- CK_X9_42_DH_KDF_TYPE kdf;
- CK_ULONG ulOtherInfoLen;
- CK_BYTE_PTR pOtherInfo;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPrivateDataLen;
- CK_OBJECT_HANDLE hPrivateData;
- CK_ULONG ulPublicDataLen2;
- CK_BYTE_PTR pPublicData2;
- CK_OBJECT_HANDLE publicKey;
-} CK_X9_42_MQV_DERIVE_PARAMS;
-
-typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR;
-
-/* CK_KEA_DERIVE_PARAMS provides the parameters to the
- * CKM_KEA_DERIVE mechanism
- */
-typedef struct CK_KEA_DERIVE_PARAMS {
- CK_BBOOL isSender;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pRandomB;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
-} CK_KEA_DERIVE_PARAMS;
-
-typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
-
-
-/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
- * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
- * holds the effective keysize
- */
-typedef CK_ULONG CK_RC2_PARAMS;
-
-typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
-
-
-/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
- * mechanism
- */
-typedef struct CK_RC2_CBC_PARAMS {
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
- CK_BYTE iv[8]; /* IV for CBC mode */
-} CK_RC2_CBC_PARAMS;
-
-typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
-
-
-/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
- * CKM_RC2_MAC_GENERAL mechanism
- */
-typedef struct CK_RC2_MAC_GENERAL_PARAMS {
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC2_MAC_GENERAL_PARAMS;
-
-typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
- CK_RC2_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
- * CKM_RC5_MAC mechanisms
- */
-typedef struct CK_RC5_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
-} CK_RC5_PARAMS;
-
-typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
-
-
-/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
- * mechanism
- */
-typedef struct CK_RC5_CBC_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_BYTE_PTR pIv; /* pointer to IV */
- CK_ULONG ulIvLen; /* length of IV in bytes */
-} CK_RC5_CBC_PARAMS;
-
-typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
-
-
-/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
- * CKM_RC5_MAC_GENERAL mechanism
- */
-typedef struct CK_RC5_MAC_GENERAL_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC5_MAC_GENERAL_PARAMS;
-
-typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
- CK_RC5_MAC_GENERAL_PARAMS_PTR;
-
-/* CK_MAC_GENERAL_PARAMS provides the parameters to most block
- * ciphers' MAC_GENERAL mechanisms. Its value is the length of
- * the MAC
- */
-typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
-
-typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
-
-typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS {
- CK_BYTE iv[8];
- CK_BYTE_PTR pData;
- CK_ULONG length;
-} CK_DES_CBC_ENCRYPT_DATA_PARAMS;
-
-typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR;
-
-typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS {
- CK_BYTE iv[16];
- CK_BYTE_PTR pData;
- CK_ULONG length;
-} CK_AES_CBC_ENCRYPT_DATA_PARAMS;
-
-typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
- * CKM_SKIPJACK_PRIVATE_WRAP mechanism
- */
-typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
- CK_ULONG ulPasswordLen;
- CK_BYTE_PTR pPassword;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPAndGLen;
- CK_ULONG ulQLen;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pPrimeP;
- CK_BYTE_PTR pBaseG;
- CK_BYTE_PTR pSubprimeQ;
-} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
-
-typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
- CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR;
-
-
-/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
- * CKM_SKIPJACK_RELAYX mechanism
- */
-typedef struct CK_SKIPJACK_RELAYX_PARAMS {
- CK_ULONG ulOldWrappedXLen;
- CK_BYTE_PTR pOldWrappedX;
- CK_ULONG ulOldPasswordLen;
- CK_BYTE_PTR pOldPassword;
- CK_ULONG ulOldPublicDataLen;
- CK_BYTE_PTR pOldPublicData;
- CK_ULONG ulOldRandomLen;
- CK_BYTE_PTR pOldRandomA;
- CK_ULONG ulNewPasswordLen;
- CK_BYTE_PTR pNewPassword;
- CK_ULONG ulNewPublicDataLen;
- CK_BYTE_PTR pNewPublicData;
- CK_ULONG ulNewRandomLen;
- CK_BYTE_PTR pNewRandomA;
-} CK_SKIPJACK_RELAYX_PARAMS;
-
-typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
- CK_SKIPJACK_RELAYX_PARAMS_PTR;
-
-
-typedef struct CK_PBE_PARAMS {
- CK_BYTE_PTR pInitVector;
- CK_UTF8CHAR_PTR pPassword;
- CK_ULONG ulPasswordLen;
- CK_BYTE_PTR pSalt;
- CK_ULONG ulSaltLen;
- CK_ULONG ulIteration;
-} CK_PBE_PARAMS;
-
-typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
-
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
- * CKM_KEY_WRAP_SET_OAEP mechanism
- */
-typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
- CK_BYTE bBC; /* block contents byte */
- CK_BYTE_PTR pX; /* extra data */
- CK_ULONG ulXLen; /* length of extra data in bytes */
-} CK_KEY_WRAP_SET_OAEP_PARAMS;
-
-typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
-
-typedef struct CK_SSL3_RANDOM_DATA {
- CK_BYTE_PTR pClientRandom;
- CK_ULONG ulClientRandomLen;
- CK_BYTE_PTR pServerRandom;
- CK_ULONG ulServerRandomLen;
-} CK_SSL3_RANDOM_DATA;
-
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_VERSION_PTR pVersion;
-} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-typedef struct CK_SSL3_KEY_MAT_OUT {
- CK_OBJECT_HANDLE hClientMacSecret;
- CK_OBJECT_HANDLE hServerMacSecret;
- CK_OBJECT_HANDLE hClientKey;
- CK_OBJECT_HANDLE hServerKey;
- CK_BYTE_PTR pIVClient;
- CK_BYTE_PTR pIVServer;
-} CK_SSL3_KEY_MAT_OUT;
-
-typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_PARAMS {
- CK_ULONG ulMacSizeInBits;
- CK_ULONG ulKeySizeInBits;
- CK_ULONG ulIVSizeInBits;
- CK_BBOOL bIsExport;
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
-} CK_SSL3_KEY_MAT_PARAMS;
-
-typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
-
-typedef struct CK_TLS_PRF_PARAMS {
- CK_BYTE_PTR pSeed;
- CK_ULONG ulSeedLen;
- CK_BYTE_PTR pLabel;
- CK_ULONG ulLabelLen;
- CK_BYTE_PTR pOutput;
- CK_ULONG_PTR pulOutputLen;
-} CK_TLS_PRF_PARAMS;
-
-typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR;
-
-typedef struct CK_WTLS_RANDOM_DATA {
- CK_BYTE_PTR pClientRandom;
- CK_ULONG ulClientRandomLen;
- CK_BYTE_PTR pServerRandom;
- CK_ULONG ulServerRandomLen;
-} CK_WTLS_RANDOM_DATA;
-
-typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR;
-
-typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS {
- CK_MECHANISM_TYPE DigestMechanism;
- CK_WTLS_RANDOM_DATA RandomInfo;
- CK_BYTE_PTR pVersion;
-} CK_WTLS_MASTER_KEY_DERIVE_PARAMS;
-
-typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \
- CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-typedef struct CK_WTLS_PRF_PARAMS {
- CK_MECHANISM_TYPE DigestMechanism;
- CK_BYTE_PTR pSeed;
- CK_ULONG ulSeedLen;
- CK_BYTE_PTR pLabel;
- CK_ULONG ulLabelLen;
- CK_BYTE_PTR pOutput;
- CK_ULONG_PTR pulOutputLen;
-} CK_WTLS_PRF_PARAMS;
-
-typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR;
-
-typedef struct CK_WTLS_KEY_MAT_OUT {
- CK_OBJECT_HANDLE hMacSecret;
- CK_OBJECT_HANDLE hKey;
- CK_BYTE_PTR pIV;
-} CK_WTLS_KEY_MAT_OUT;
-
-typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR;
-
-typedef struct CK_WTLS_KEY_MAT_PARAMS {
- CK_MECHANISM_TYPE DigestMechanism;
- CK_ULONG ulMacSizeInBits;
- CK_ULONG ulKeySizeInBits;
- CK_ULONG ulIVSizeInBits;
- CK_ULONG ulSequenceNumber;
- CK_BBOOL bIsExport;
- CK_WTLS_RANDOM_DATA RandomInfo;
- CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
-} CK_WTLS_KEY_MAT_PARAMS;
-
-typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR;
-
-typedef struct CK_CMS_SIG_PARAMS {
- CK_OBJECT_HANDLE certificateHandle;
- CK_MECHANISM_PTR pSigningMechanism;
- CK_MECHANISM_PTR pDigestMechanism;
- CK_UTF8CHAR_PTR pContentType;
- CK_BYTE_PTR pRequestedAttributes;
- CK_ULONG ulRequestedAttributesLen;
- CK_BYTE_PTR pRequiredAttributes;
- CK_ULONG ulRequiredAttributesLen;
-} CK_CMS_SIG_PARAMS;
-
-typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR;
-
-typedef struct CK_KEY_DERIVATION_STRING_DATA {
- CK_BYTE_PTR pData;
- CK_ULONG ulLen;
-} CK_KEY_DERIVATION_STRING_DATA;
-
-typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
- CK_KEY_DERIVATION_STRING_DATA_PTR;
-
-
-/* The CK_EXTRACT_PARAMS is used for the
- * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
- * of the base key should be used as the first bit of the
- * derived key
- */
-typedef CK_ULONG CK_EXTRACT_PARAMS;
-
-typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
-
-/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
- * indicate the Pseudo-Random Function (PRF) used to generate
- * key bits using PKCS #5 PBKDF2.
- */
-typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
-
-typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR \
- CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
-
-#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001UL
-#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 0x00000002UL
-#define CKP_PKCS5_PBKD2_HMAC_SHA224 0x00000003UL
-#define CKP_PKCS5_PBKD2_HMAC_SHA256 0x00000004UL
-#define CKP_PKCS5_PBKD2_HMAC_SHA384 0x00000005UL
-#define CKP_PKCS5_PBKD2_HMAC_SHA512 0x00000006UL
-#define CKP_PKCS5_PBKD2_HMAC_SHA512_224 0x00000007UL
-#define CKP_PKCS5_PBKD2_HMAC_SHA512_256 0x00000008UL
-
-/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the
- * source of the salt value when deriving a key using PKCS #5
- * PBKDF2.
- */
-typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
-
-typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR \
- CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
-
-/* The following salt value sources are defined in PKCS #5 v2.0. */
-#define CKZ_SALT_SPECIFIED 0x00000001UL
-
-/* CK_PKCS5_PBKD2_PARAMS is a structure that provides the
- * parameters to the CKM_PKCS5_PBKD2 mechanism.
- */
-typedef struct CK_PKCS5_PBKD2_PARAMS {
- CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
- CK_VOID_PTR pSaltSourceData;
- CK_ULONG ulSaltSourceDataLen;
- CK_ULONG iterations;
- CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
- CK_VOID_PTR pPrfData;
- CK_ULONG ulPrfDataLen;
- CK_UTF8CHAR_PTR pPassword;
- CK_ULONG_PTR ulPasswordLen;
-} CK_PKCS5_PBKD2_PARAMS;
-
-typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
-
-/* CK_PKCS5_PBKD2_PARAMS2 is a corrected version of the CK_PKCS5_PBKD2_PARAMS
- * structure that provides the parameters to the CKM_PKCS5_PBKD2 mechanism
- * noting that the ulPasswordLen field is a CK_ULONG and not a CK_ULONG_PTR.
- */
-typedef struct CK_PKCS5_PBKD2_PARAMS2 {
- CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
- CK_VOID_PTR pSaltSourceData;
- CK_ULONG ulSaltSourceDataLen;
- CK_ULONG iterations;
- CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
- CK_VOID_PTR pPrfData;
- CK_ULONG ulPrfDataLen;
- CK_UTF8CHAR_PTR pPassword;
- CK_ULONG ulPasswordLen;
-} CK_PKCS5_PBKD2_PARAMS2;
-
-typedef CK_PKCS5_PBKD2_PARAMS2 CK_PTR CK_PKCS5_PBKD2_PARAMS2_PTR;
-
-typedef CK_ULONG CK_OTP_PARAM_TYPE;
-typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* backward compatibility */
-
-typedef struct CK_OTP_PARAM {
- CK_OTP_PARAM_TYPE type;
- CK_VOID_PTR pValue;
- CK_ULONG ulValueLen;
-} CK_OTP_PARAM;
-
-typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR;
-
-typedef struct CK_OTP_PARAMS {
- CK_OTP_PARAM_PTR pParams;
- CK_ULONG ulCount;
-} CK_OTP_PARAMS;
-
-typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR;
-
-typedef struct CK_OTP_SIGNATURE_INFO {
- CK_OTP_PARAM_PTR pParams;
- CK_ULONG ulCount;
-} CK_OTP_SIGNATURE_INFO;
-
-typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR;
-
-#define CK_OTP_VALUE 0UL
-#define CK_OTP_PIN 1UL
-#define CK_OTP_CHALLENGE 2UL
-#define CK_OTP_TIME 3UL
-#define CK_OTP_COUNTER 4UL
-#define CK_OTP_FLAGS 5UL
-#define CK_OTP_OUTPUT_LENGTH 6UL
-#define CK_OTP_OUTPUT_FORMAT 7UL
-
-#define CKF_NEXT_OTP 0x00000001UL
-#define CKF_EXCLUDE_TIME 0x00000002UL
-#define CKF_EXCLUDE_COUNTER 0x00000004UL
-#define CKF_EXCLUDE_CHALLENGE 0x00000008UL
-#define CKF_EXCLUDE_PIN 0x00000010UL
-#define CKF_USER_FRIENDLY_OTP 0x00000020UL
-
-typedef struct CK_KIP_PARAMS {
- CK_MECHANISM_PTR pMechanism;
- CK_OBJECT_HANDLE hKey;
- CK_BYTE_PTR pSeed;
- CK_ULONG ulSeedLen;
-} CK_KIP_PARAMS;
-
-typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR;
-
-typedef struct CK_AES_CTR_PARAMS {
- CK_ULONG ulCounterBits;
- CK_BYTE cb[16];
-} CK_AES_CTR_PARAMS;
-
-typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR;
-
-typedef struct CK_GCM_PARAMS {
- CK_BYTE_PTR pIv;
- CK_ULONG ulIvLen;
- CK_ULONG ulIvBits;
- CK_BYTE_PTR pAAD;
- CK_ULONG ulAADLen;
- CK_ULONG ulTagBits;
-} CK_GCM_PARAMS;
-
-typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR;
-
-typedef struct CK_CCM_PARAMS {
- CK_ULONG ulDataLen;
- CK_BYTE_PTR pNonce;
- CK_ULONG ulNonceLen;
- CK_BYTE_PTR pAAD;
- CK_ULONG ulAADLen;
- CK_ULONG ulMACLen;
-} CK_CCM_PARAMS;
-
-typedef CK_CCM_PARAMS CK_PTR CK_CCM_PARAMS_PTR;
-
-/* Deprecated. Use CK_GCM_PARAMS */
-typedef struct CK_AES_GCM_PARAMS {
- CK_BYTE_PTR pIv;
- CK_ULONG ulIvLen;
- CK_ULONG ulIvBits;
- CK_BYTE_PTR pAAD;
- CK_ULONG ulAADLen;
- CK_ULONG ulTagBits;
-} CK_AES_GCM_PARAMS;
-
-typedef CK_AES_GCM_PARAMS CK_PTR CK_AES_GCM_PARAMS_PTR;
-
-/* Deprecated. Use CK_CCM_PARAMS */
-typedef struct CK_AES_CCM_PARAMS {
- CK_ULONG ulDataLen;
- CK_BYTE_PTR pNonce;
- CK_ULONG ulNonceLen;
- CK_BYTE_PTR pAAD;
- CK_ULONG ulAADLen;
- CK_ULONG ulMACLen;
-} CK_AES_CCM_PARAMS;
-
-typedef CK_AES_CCM_PARAMS CK_PTR CK_AES_CCM_PARAMS_PTR;
-
-typedef struct CK_CAMELLIA_CTR_PARAMS {
- CK_ULONG ulCounterBits;
- CK_BYTE cb[16];
-} CK_CAMELLIA_CTR_PARAMS;
-
-typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR;
-
-typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS {
- CK_BYTE iv[16];
- CK_BYTE_PTR pData;
- CK_ULONG length;
-} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS;
-
-typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR \
- CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
-
-typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS {
- CK_BYTE iv[16];
- CK_BYTE_PTR pData;
- CK_ULONG length;
-} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS;
-
-typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR \
- CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR;
-
-typedef struct CK_DSA_PARAMETER_GEN_PARAM {
- CK_MECHANISM_TYPE hash;
- CK_BYTE_PTR pSeed;
- CK_ULONG ulSeedLen;
- CK_ULONG ulIndex;
-} CK_DSA_PARAMETER_GEN_PARAM;
-
-typedef CK_DSA_PARAMETER_GEN_PARAM CK_PTR CK_DSA_PARAMETER_GEN_PARAM_PTR;
-
-typedef struct CK_ECDH_AES_KEY_WRAP_PARAMS {
- CK_ULONG ulAESKeyBits;
- CK_EC_KDF_TYPE kdf;
- CK_ULONG ulSharedDataLen;
- CK_BYTE_PTR pSharedData;
-} CK_ECDH_AES_KEY_WRAP_PARAMS;
-
-typedef CK_ECDH_AES_KEY_WRAP_PARAMS CK_PTR CK_ECDH_AES_KEY_WRAP_PARAMS_PTR;
-
-typedef CK_ULONG CK_JAVA_MIDP_SECURITY_DOMAIN;
-
-typedef CK_ULONG CK_CERTIFICATE_CATEGORY;
-
-typedef struct CK_RSA_AES_KEY_WRAP_PARAMS {
- CK_ULONG ulAESKeyBits;
- CK_RSA_PKCS_OAEP_PARAMS_PTR pOAEPParams;
-} CK_RSA_AES_KEY_WRAP_PARAMS;
-
-typedef CK_RSA_AES_KEY_WRAP_PARAMS CK_PTR CK_RSA_AES_KEY_WRAP_PARAMS_PTR;
-
-typedef struct CK_TLS12_MASTER_KEY_DERIVE_PARAMS {
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_VERSION_PTR pVersion;
- CK_MECHANISM_TYPE prfHashMechanism;
-} CK_TLS12_MASTER_KEY_DERIVE_PARAMS;
-
-typedef CK_TLS12_MASTER_KEY_DERIVE_PARAMS CK_PTR \
- CK_TLS12_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-typedef struct CK_TLS12_KEY_MAT_PARAMS {
- CK_ULONG ulMacSizeInBits;
- CK_ULONG ulKeySizeInBits;
- CK_ULONG ulIVSizeInBits;
- CK_BBOOL bIsExport;
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
- CK_MECHANISM_TYPE prfHashMechanism;
-} CK_TLS12_KEY_MAT_PARAMS;
-
-typedef CK_TLS12_KEY_MAT_PARAMS CK_PTR CK_TLS12_KEY_MAT_PARAMS_PTR;
-
-typedef struct CK_TLS_KDF_PARAMS {
- CK_MECHANISM_TYPE prfMechanism;
- CK_BYTE_PTR pLabel;
- CK_ULONG ulLabelLength;
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_BYTE_PTR pContextData;
- CK_ULONG ulContextDataLength;
-} CK_TLS_KDF_PARAMS;
-
-typedef CK_TLS_KDF_PARAMS CK_PTR CK_TLS_KDF_PARAMS_PTR;
-
-typedef struct CK_TLS_MAC_PARAMS {
- CK_MECHANISM_TYPE prfHashMechanism;
- CK_ULONG ulMacLength;
- CK_ULONG ulServerOrClient;
-} CK_TLS_MAC_PARAMS;
-
-typedef CK_TLS_MAC_PARAMS CK_PTR CK_TLS_MAC_PARAMS_PTR;
-
-typedef struct CK_GOSTR3410_DERIVE_PARAMS {
- CK_EC_KDF_TYPE kdf;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pUKM;
- CK_ULONG ulUKMLen;
-} CK_GOSTR3410_DERIVE_PARAMS;
-
-typedef CK_GOSTR3410_DERIVE_PARAMS CK_PTR CK_GOSTR3410_DERIVE_PARAMS_PTR;
-
-typedef struct CK_GOSTR3410_KEY_WRAP_PARAMS {
- CK_BYTE_PTR pWrapOID;
- CK_ULONG ulWrapOIDLen;
- CK_BYTE_PTR pUKM;
- CK_ULONG ulUKMLen;
- CK_OBJECT_HANDLE hKey;
-} CK_GOSTR3410_KEY_WRAP_PARAMS;
-
-typedef CK_GOSTR3410_KEY_WRAP_PARAMS CK_PTR CK_GOSTR3410_KEY_WRAP_PARAMS_PTR;
-
-typedef struct CK_SEED_CBC_ENCRYPT_DATA_PARAMS {
- CK_BYTE iv[16];
- CK_BYTE_PTR pData;
- CK_ULONG length;
-} CK_SEED_CBC_ENCRYPT_DATA_PARAMS;
-
-typedef CK_SEED_CBC_ENCRYPT_DATA_PARAMS CK_PTR \
- CK_SEED_CBC_ENCRYPT_DATA_PARAMS_PTR;
-
-#endif /* _PKCS11T_H_ */
-
--
2.17.1
Reference in New Issue View Git Blame Copy Permalink