diff --git a/working/3-00-current/pkcs11.h b/working/3-00-current/pkcs11.h deleted file mode 100644 index 78cb445..0000000 --- a/working/3-00-current/pkcs11.h +++ /dev/null @@ -1,243 +0,0 @@ -/* Copyright (c) OASIS Open 2016-2019. All Rights Reserved. - * Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -#ifndef _PKCS11_H_ -#define _PKCS11_H_ 1 - -#ifdef __cplusplus -extern "C" { -#endif - -/* Before including this file (pkcs11.h) (or pkcs11t.h by - * itself), 5 platform-specific macros must be defined. These - * macros are described below, and typical definitions for them - * are also given. Be advised that these definitions can depend - * on both the platform and the compiler used (and possibly also - * on whether a Cryptoki library is linked statically or - * dynamically). - * - * In addition to defining these 5 macros, the packing convention - * for Cryptoki structures should be set. The Cryptoki - * convention on packing is that structures should be 1-byte - * aligned. - * - * If you're using Windows this might be done by using the following - * preprocessor directive before including pkcs11.h or pkcs11t.h: - * - * #pragma pack(push, cryptoki, 1) - * - * and using the following preprocessor directive after including - * pkcs11.h or pkcs11t.h: - * - * #pragma pack(pop, cryptoki) - * - * In a UNIX environment, you're on your own for this. You might - * not need to do (or be able to do!) anything. - * - * - * Now for the macros: - * - * - * 1. CK_PTR: The indirection string for making a pointer to an - * object. It can be used like this: - * - * typedef CK_BYTE CK_PTR CK_BYTE_PTR; - * - * If you're using windows, it might be defined by: - * - * #define CK_PTR * - * - * In a typical UNIX environment, it might be defined by: - * - * #define CK_PTR * - * - * - * 2. CK_DECLARE_FUNCTION(returnType, name): A macro which makes - * an importable Cryptoki library function declaration out of a - * return type and a function name. It should be used in the - * following fashion: - * - * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)( - * CK_VOID_PTR pReserved - * ); - * - * If you're using Windows to declare a function in a Win32 cryptoki .dll, - * it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType __declspec(dllimport) name - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType name - * - * - * 3. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro - * which makes a Cryptoki API function pointer declaration or - * function pointer type declaration out of a return type and a - * function name. It should be used in the following fashion: - * - * // Define funcPtr to be a pointer to a Cryptoki API function - * // taking arguments args and returning CK_RV. - * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args); - * - * or - * - * // Define funcPtrType to be the type of a pointer to a - * // Cryptoki API function taking arguments args and returning - * // CK_RV, and then define funcPtr to be a variable of type - * // funcPtrType. - * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args); - * funcPtrType funcPtr; - * - * If you're using Windows to access - * functions in a Win32 Cryptoki .dll, in might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType __declspec(dllimport) (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType (* name) - * - * - * 4. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes - * a function pointer type for an application callback out of - * a return type for the callback and a name for the callback. - * It should be used in the following fashion: - * - * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args); - * - * to declare a function pointer, myCallback, to a callback - * which takes arguments args and returns a CK_RV. It can also - * be used like this: - * - * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args); - * myCallbackType myCallback; - * - * If you're using Windows, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * - * 5. NULL_PTR: This macro is the value of a NULL pointer. - * - * In any ANSI/ISO C environment (and in many others as well), - * this should best be defined by - * - * #ifndef NULL_PTR - * #define NULL_PTR 0 - * #endif - */ - - -/* All the various Cryptoki types and #define'd values are in the - * file pkcs11t.h. - */ -#include "pkcs11t.h" - -#define __PASTE(x,y) x##y - - -/* ============================================================== - * Define the "extern" form of all the entry points. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - extern CK_DECLARE_FUNCTION(CK_RV, name) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define the typedef form of all the entry points. That is, for - * each Cryptoki function C_XXX, define a type CK_C_XXX which is - * a pointer to that kind of function. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name)) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define structed vector of entry points. A CK_FUNCTION_LIST - * contains a CK_VERSION indicating a library's Cryptoki version - * and then a whole slew of function pointers to the routines in - * the library. This type was declared, but not defined, in - * pkcs11t.h. - * ============================================================== - */ - -#define CK_PKCS11_FUNCTION_INFO(name) \ - __PASTE(CK_,name) name; - -/* Create the 3.0 Function list */ -struct CK_FUNCTION_LIST_3_0 { - - CK_VERSION version; /* Cryptoki version */ - -/* Pile all the function pointers into the CK_FUNCTION_LIST. */ -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -}; - -#define CK_PKCS11_2_0_ONLY 1 - -/* Continue to define the old CK_FUNCTION_LIST */ -struct CK_FUNCTION_LIST { - - CK_VERSION version; /* Cryptoki version */ - -/* Pile all the function pointers into the CK_FUNCTION_LIST. */ -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -}; - -#undef CK_PKCS11_FUNCTION_INFO -#undef CK_PKCS11_2_0_ONLY - - -#undef __PASTE - -#ifdef __cplusplus -} -#endif - -#endif /* _PKCS11_H_ */ - diff --git a/working/3-00-current/pkcs11f.h b/working/3-00-current/pkcs11f.h deleted file mode 100644 index a475f6d..0000000 --- a/working/3-00-current/pkcs11f.h +++ /dev/null @@ -1,1196 +0,0 @@ -/* Copyright (c) OASIS Open 2016, 2019. All Rights Reserved./ - * /Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -/* Latest version of the specification: - * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html - */ - -/* This header file contains pretty much everything about all the - * Cryptoki function prototypes. Because this information is - * used for more than just declaring function prototypes, the - * order of the functions appearing herein is important, and - * should not be altered. - */ - -/* General-purpose */ - -/* C_Initialize initializes the Cryptoki library. */ -CK_PKCS11_FUNCTION_INFO(C_Initialize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets - * cast to CK_C_INITIALIZE_ARGS_PTR - * and dereferenced - */ -); -#endif - - -/* C_Finalize indicates that an application is done with the - * Cryptoki library. - */ -CK_PKCS11_FUNCTION_INFO(C_Finalize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ -); -#endif - - -/* C_GetInfo returns general information about Cryptoki. */ -CK_PKCS11_FUNCTION_INFO(C_GetInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_INFO_PTR pInfo /* location that receives information */ -); -#endif - - -/* C_GetFunctionList returns the function list. */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) -#ifdef CK_NEED_ARG_LIST -( - CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to - * function list - */ -); -#endif - - - -/* Slot and token management */ - -/* C_GetSlotList obtains a list of slots in the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotList) -#ifdef CK_NEED_ARG_LIST -( - CK_BBOOL tokenPresent, /* only slots with tokens */ - CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ - CK_ULONG_PTR pulCount /* receives number of slots */ -); -#endif - - -/* C_GetSlotInfo obtains information about a particular slot in - * the system. - */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the ID of the slot */ - CK_SLOT_INFO_PTR pInfo /* receives the slot information */ -); -#endif - - -/* C_GetTokenInfo obtains information about a particular token - * in the system. - */ -CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_TOKEN_INFO_PTR pInfo /* receives the token information */ -); -#endif - - -/* C_GetMechanismList obtains a list of mechanism types - * supported by a token. - */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of token's slot */ - CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ - CK_ULONG_PTR pulCount /* gets # of mechs. */ -); -#endif - - -/* C_GetMechanismInfo obtains information about a particular - * mechanism possibly supported by a token. - */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_MECHANISM_TYPE type, /* type of mechanism */ - CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ -); -#endif - - -/* C_InitToken initializes a token. */ -CK_PKCS11_FUNCTION_INFO(C_InitToken) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ - CK_ULONG ulPinLen, /* length in bytes of the PIN */ - CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ -); -#endif - - -/* C_InitPIN initializes the normal user's PIN. */ -CK_PKCS11_FUNCTION_INFO(C_InitPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ - CK_ULONG ulPinLen /* length in bytes of the PIN */ -); -#endif - - -/* C_SetPIN modifies the PIN of the user who is logged in. */ -CK_PKCS11_FUNCTION_INFO(C_SetPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ - CK_ULONG ulOldLen, /* length of the old PIN */ - CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ - CK_ULONG ulNewLen /* length of the new PIN */ -); -#endif - - - -/* Session management */ - -/* C_OpenSession opens a session between an application and a - * token. - */ -CK_PKCS11_FUNCTION_INFO(C_OpenSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the slot's ID */ - CK_FLAGS flags, /* from CK_SESSION_INFO */ - CK_VOID_PTR pApplication, /* passed to callback */ - CK_NOTIFY Notify, /* callback function */ - CK_SESSION_HANDLE_PTR phSession /* gets session handle */ -); -#endif - - -/* C_CloseSession closes a session between an application and a - * token. - */ -CK_PKCS11_FUNCTION_INFO(C_CloseSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CloseAllSessions closes all sessions with a token. */ -CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID /* the token's slot */ -); -#endif - - -/* C_GetSessionInfo obtains information about the session. */ -CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_SESSION_INFO_PTR pInfo /* receives session info */ -); -#endif - - -/* C_GetOperationState obtains the state of the cryptographic operation - * in a session. - */ -CK_PKCS11_FUNCTION_INFO(C_GetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* gets state */ - CK_ULONG_PTR pulOperationStateLen /* gets state length */ -); -#endif - - -/* C_SetOperationState restores the state of the cryptographic - * operation in a session. - */ -CK_PKCS11_FUNCTION_INFO(C_SetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* holds state */ - CK_ULONG ulOperationStateLen, /* holds state length */ - CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ - CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ -); -#endif - - -/* C_Login logs a user into a token. */ -CK_PKCS11_FUNCTION_INFO(C_Login) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_USER_TYPE userType, /* the user type */ - CK_UTF8CHAR_PTR pPin, /* the user's PIN */ - CK_ULONG ulPinLen /* the length of the PIN */ -); -#endif - - -/* C_Logout logs a user out from a token. */ -CK_PKCS11_FUNCTION_INFO(C_Logout) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Object management */ - -/* C_CreateObject creates a new object. */ -CK_PKCS11_FUNCTION_INFO(C_CreateObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ -); -#endif - - -/* C_CopyObject copies an object, creating a new object for the - * copy. - */ -CK_PKCS11_FUNCTION_INFO(C_CopyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ -); -#endif - - -/* C_DestroyObject destroys an object. */ -CK_PKCS11_FUNCTION_INFO(C_DestroyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject /* the object's handle */ -); -#endif - - -/* C_GetObjectSize gets the size of an object in bytes. */ -CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ULONG_PTR pulSize /* receives size of object */ -); -#endif - - -/* C_GetAttributeValue obtains the value of one or more object - * attributes. - */ -CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_SetAttributeValue modifies the value of one or more object - * attributes. - */ -CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_FindObjectsInit initializes a search for token and session - * objects that match a template. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ - CK_ULONG ulCount /* attrs in search template */ -); -#endif - - -/* C_FindObjects continues a search for token and session - * objects that match a template, obtaining additional object - * handles. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjects) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ - CK_ULONG ulMaxObjectCount, /* max handles to get */ - CK_ULONG_PTR pulObjectCount /* actual # returned */ -); -#endif - - -/* C_FindObjectsFinal finishes a search for token and session - * objects. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Encryption and decryption */ - -/* C_EncryptInit initializes an encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of encryption key */ -); -#endif - - -/* C_Encrypt encrypts single-part data. */ -CK_PKCS11_FUNCTION_INFO(C_Encrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pData, /* the plaintext data */ - CK_ULONG ulDataLen, /* bytes of plaintext */ - CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ -); -#endif - - -/* C_EncryptUpdate continues a multiple-part encryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext data len */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ -); -#endif - - -/* C_EncryptFinal finishes a multiple-part encryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session handle */ - CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ - CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ -); -#endif - - -/* C_DecryptInit initializes a decryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of decryption key */ -); -#endif - - -/* C_Decrypt decrypts encrypted data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Decrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedData, /* ciphertext */ - CK_ULONG ulEncryptedDataLen, /* ciphertext length */ - CK_BYTE_PTR pData, /* gets plaintext */ - CK_ULONG_PTR pulDataLen /* gets p-text size */ -); -#endif - - -/* C_DecryptUpdate continues a multiple-part decryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* encrypted data */ - CK_ULONG ulEncryptedPartLen, /* input length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* p-text size */ -); -#endif - - -/* C_DecryptFinal finishes a multiple-part decryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pLastPart, /* gets plaintext */ - CK_ULONG_PTR pulLastPartLen /* p-text size */ -); -#endif - - - -/* Message digesting */ - -/* C_DigestInit initializes a message-digesting operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ -); -#endif - - -/* C_Digest digests data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Digest) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* data to be digested */ - CK_ULONG ulDataLen, /* bytes of data to digest */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets digest length */ -); -#endif - - -/* C_DigestUpdate continues a multiple-part message-digesting - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* data to be digested */ - CK_ULONG ulPartLen /* bytes of data to be digested */ -); -#endif - - -/* C_DigestKey continues a multi-part message-digesting - * operation, by digesting the value of a secret key as part of - * the data already digested. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hKey /* secret key to digest */ -); -#endif - - -/* C_DigestFinal finishes a multiple-part message-digesting - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ -); -#endif - - - -/* Signing and MACing */ - -/* C_SignInit initializes a signature (private key encryption) - * operation, where the signature is (will be) an appendix to - * the data, and plaintext cannot be recovered from the - * signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signature key */ -); -#endif - - -/* C_Sign signs (encrypts with private key) data in a single - * part, where the signature is (will be) an appendix to the - * data, and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_Sign) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignUpdate continues a multiple-part signature operation, - * where the signature is (will be) an appendix to the data, - * and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* the data to sign */ - CK_ULONG ulPartLen /* count of bytes to sign */ -); -#endif - - -/* C_SignFinal finishes a multiple-part signature operation, - * returning the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignRecoverInit initializes a signature operation, where - * the data can be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of the signature key */ -); -#endif - - -/* C_SignRecover signs data in a single operation, where the - * data can be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - - -/* Verifying signatures and MACs */ - -/* C_VerifyInit initializes a verification operation, where the - * signature is an appendix to the data, and plaintext cannot - * cannot be recovered from the signature (e.g. DSA). - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_Verify verifies a signature in a single-part operation, - * where the signature is an appendix to the data, and plaintext - * cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_Verify) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* signed data */ - CK_ULONG ulDataLen, /* length of signed data */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length*/ -); -#endif - - -/* C_VerifyUpdate continues a multiple-part verification - * operation, where the signature is an appendix to the data, - * and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* signed data */ - CK_ULONG ulPartLen /* length of signed data */ -); -#endif - - -/* C_VerifyFinal finishes a multiple-part verification - * operation, checking the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - - -/* C_VerifyRecoverInit initializes a signature verification - * operation, where the data is recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_VerifyRecover verifies a signature in a single-part - * operation, where the data is recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen, /* signature length */ - CK_BYTE_PTR pData, /* gets signed data */ - CK_ULONG_PTR pulDataLen /* gets signed data len */ -); -#endif - - - -/* Dual-function cryptographic operations */ - -/* C_DigestEncryptUpdate continues a multiple-part digesting - * and encryption operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptDigestUpdate continues a multiple-part decryption and - * digesting operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets plaintext len */ -); -#endif - - -/* C_SignEncryptUpdate continues a multiple-part signing and - * encryption operation. - */ -CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptVerifyUpdate continues a multiple-part decryption and - * verify operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets p-text length */ -); -#endif - - - -/* Key management */ - -/* C_GenerateKey generates a secret key, creating a new key - * object. - */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* key generation mech. */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ - CK_ULONG ulCount, /* # of attrs in template */ - CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ -); -#endif - - -/* C_GenerateKeyPair generates a public-key/private-key pair, - * creating new key objects. - */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session handle */ - CK_MECHANISM_PTR pMechanism, /* key-gen mech. */ - CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */ - CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */ - CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */ - CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */ - CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */ - CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */ -); -#endif - - -/* C_WrapKey wraps (i.e., encrypts) a key. */ -CK_PKCS11_FUNCTION_INFO(C_WrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ - CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ - CK_OBJECT_HANDLE hKey, /* key to be wrapped */ - CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ - CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ -); -#endif - - -/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new - * key object. - */ -CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ - CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ - CK_BYTE_PTR pWrappedKey, /* the wrapped key */ - CK_ULONG ulWrappedKeyLen, /* wrapped key len */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - -/* C_DeriveKey derives a key from a base key, creating a new key - * object. - */ -CK_PKCS11_FUNCTION_INFO(C_DeriveKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ - CK_OBJECT_HANDLE hBaseKey, /* base key */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - - -/* Random number generation */ - -/* C_SeedRandom mixes additional seed material into the token's - * random number generator. - */ -CK_PKCS11_FUNCTION_INFO(C_SeedRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSeed, /* the seed material */ - CK_ULONG ulSeedLen /* length of seed material */ -); -#endif - - -/* C_GenerateRandom generates random data. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR RandomData, /* receives the random data */ - CK_ULONG ulRandomLen /* # of bytes to generate */ -); -#endif - - - -/* Parallel function management */ - -/* C_GetFunctionStatus is a legacy function; it obtains an - * updated status of a function running in parallel with an - * application. - */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CancelFunction is a legacy function; it cancels a function - * running in parallel. - */ -CK_PKCS11_FUNCTION_INFO(C_CancelFunction) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_WaitForSlotEvent waits for a slot event (token insertion, - * removal, etc.) to occur. - */ -CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) -#ifdef CK_NEED_ARG_LIST -( - CK_FLAGS flags, /* blocking/nonblocking flag */ - CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ - CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ -); -#endif - -#ifndef CK_PKCS11_2_0_ONLY -/* C_GetInterfaceList returns all the interfaces supported by the module*/ -CK_PKCS11_FUNCTION_INFO(C_GetInterfaceList) -#ifdef CK_NEED_ARG_LIST -( - CK_INTERFACE_PTR pInterfacesList, /* returned interfaces */ - CK_ULONG_PTR pulCount /* number of interfaces returned */ -); -#endif - -/* C_GetInterface returns a specific interface from the module. */ -CK_PKCS11_FUNCTION_INFO(C_GetInterface) -#ifdef CK_NEED_ARG_LIST -( - CK_UTF8CHAR_PTR pInterfaceName, /* name of the interface */ - CK_VERSION_PTR pVersion, /* version of the interface */ - CK_INTERFACE_PTR_PTR ppInterface, /* returned interface */ - CK_FLAGS flags /* flags controlling the semantics - * of the interface */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_LoginUser) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_USER_TYPE userType, /* the user type */ - CK_UTF8CHAR_PTR pPin, /* the user's PIN */ - CK_ULONG ulPinLen, /* the length of the PIN */ - CK_UTF8CHAR_PTR pUsername, /* the user's name */ - CK_ULONG ulUsernameLen /*the length of the user's name */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SessionCancel) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_FLAGS flags /* flags control which sessions are cancelled */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageEncryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of encryption key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen, /* AEAD Associated data length */ - CK_BYTE_PTR pPlaintext, /* plain text */ - CK_ULONG ulPlaintextLen, /* plain text length */ - CK_BYTE_PTR pCiphertext, /* gets cipher text */ - CK_ULONG_PTR pulCiphertextLen /* gets cipher text length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen /* AEAD Associated data length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pPlaintextPart, /* plain text */ - CK_ULONG ulPlaintextPartLen, /* plain text length */ - CK_BYTE_PTR pCiphertextPart, /* gets cipher text */ - CK_ULONG_PTR pulCiphertextPartLen, /* gets cipher text length */ - CK_FLAGS flags /* multi mode flag */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageEncryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageDecryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of decryption key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen, /* AEAD Associated data length */ - CK_BYTE_PTR pCiphertext, /* cipher text */ - CK_ULONG ulCiphertextLen, /* cipher text length */ - CK_BYTE_PTR pPlaintext, /* gets plain text */ - CK_ULONG_PTR pulPlaintextLen /* gets plain text length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen /* AEAD Associated data length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pCiphertextPart, /* cipher text */ - CK_ULONG ulCiphertextPartLen, /* cipher text length */ - CK_BYTE_PTR pPlaintextPart, /* gets plain text */ - CK_ULONG_PTR pulPlaintextPartLen, /* gets plain text length */ - CK_FLAGS flags /* multi mode flag */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageDecryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageSignInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signing mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signing key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* gets signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen /* length of message specific parameter */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* gets signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageSignFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageVerifyInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signing mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signing key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen /* length of message specific parameter */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageVerifyFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -#endif /* CK_PKCS11_2_0_ONLY */ diff --git a/working/3-00-current/pkcs11t.h b/working/3-00-current/pkcs11t.h deleted file mode 100644 index a6a1e00..0000000 --- a/working/3-00-current/pkcs11t.h +++ /dev/null @@ -1,2444 +0,0 @@ -/* Copyright (c) OASIS Open 2016, 2019. All Rights Reserved./ - * /Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -/* Latest version of the specification: - * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html - */ - -/* See top of pkcs11.h for information about the macros that - * must be defined and the structure-packing conventions that - * must be set before including this file. - */ - -#ifndef _PKCS11T_H_ -#define _PKCS11T_H_ 1 - -#define CRYPTOKI_VERSION_MAJOR 3 -#define CRYPTOKI_VERSION_MINOR 0 -#define CRYPTOKI_VERSION_AMENDMENT 0 - -#define CK_TRUE 1 -#define CK_FALSE 0 - -#ifndef CK_DISABLE_TRUE_FALSE -#ifndef FALSE -#define FALSE CK_FALSE -#endif -#ifndef TRUE -#define TRUE CK_TRUE -#endif -#endif - -/* an unsigned 8-bit value */ -typedef unsigned char CK_BYTE; - -/* an unsigned 8-bit character */ -typedef CK_BYTE CK_CHAR; - -/* an 8-bit UTF-8 character */ -typedef CK_BYTE CK_UTF8CHAR; - -/* a BYTE-sized Boolean flag */ -typedef CK_BYTE CK_BBOOL; - -/* an unsigned value, at least 32 bits long */ -typedef unsigned long int CK_ULONG; - -/* a signed value, the same size as a CK_ULONG */ -typedef long int CK_LONG; - -/* at least 32 bits; each bit is a Boolean flag */ -typedef CK_ULONG CK_FLAGS; - - -/* some special values for certain CK_ULONG variables */ -#define CK_UNAVAILABLE_INFORMATION (~0UL) -#define CK_EFFECTIVELY_INFINITE 0UL - - -typedef CK_BYTE CK_PTR CK_BYTE_PTR; -typedef CK_CHAR CK_PTR CK_CHAR_PTR; -typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; -typedef CK_ULONG CK_PTR CK_ULONG_PTR; -typedef void CK_PTR CK_VOID_PTR; - -/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ -typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; - - -/* The following value is always invalid if used as a session - * handle or object handle - */ -#define CK_INVALID_HANDLE 0UL - - -typedef struct CK_VERSION { - CK_BYTE major; /* integer portion of version number */ - CK_BYTE minor; /* 1/100ths portion of version number */ -} CK_VERSION; - -typedef CK_VERSION CK_PTR CK_VERSION_PTR; - - -typedef struct CK_INFO { - CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; /* must be zero */ - CK_UTF8CHAR libraryDescription[32]; /* blank padded */ - CK_VERSION libraryVersion; /* version of library */ -} CK_INFO; - -typedef CK_INFO CK_PTR CK_INFO_PTR; - - -/* CK_NOTIFICATION enumerates the types of notifications that - * Cryptoki provides to an application - */ -typedef CK_ULONG CK_NOTIFICATION; -#define CKN_SURRENDER 0UL -#define CKN_OTP_CHANGED 1UL - -typedef CK_ULONG CK_SLOT_ID; - -typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; - - -/* CK_SLOT_INFO provides information about a slot */ -typedef struct CK_SLOT_INFO { - CK_UTF8CHAR slotDescription[64]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; - - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ -} CK_SLOT_INFO; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_TOKEN_PRESENT 0x00000001UL /* a token is there */ -#define CKF_REMOVABLE_DEVICE 0x00000002UL /* removable devices*/ -#define CKF_HW_SLOT 0x00000004UL /* hardware slot */ - -typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; - - -/* CK_TOKEN_INFO provides information about a token */ -typedef struct CK_TOKEN_INFO { - CK_UTF8CHAR label[32]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_UTF8CHAR model[16]; /* blank padded */ - CK_CHAR serialNumber[16]; /* blank padded */ - CK_FLAGS flags; /* see below */ - - CK_ULONG ulMaxSessionCount; /* max open sessions */ - CK_ULONG ulSessionCount; /* sess. now open */ - CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ - CK_ULONG ulRwSessionCount; /* R/W sess. now open */ - CK_ULONG ulMaxPinLen; /* in bytes */ - CK_ULONG ulMinPinLen; /* in bytes */ - CK_ULONG ulTotalPublicMemory; /* in bytes */ - CK_ULONG ulFreePublicMemory; /* in bytes */ - CK_ULONG ulTotalPrivateMemory; /* in bytes */ - CK_ULONG ulFreePrivateMemory; /* in bytes */ - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ - CK_CHAR utcTime[16]; /* time */ -} CK_TOKEN_INFO; - -/* The flags parameter is defined as follows: - * Bit Flag Mask Meaning - */ -#define CKF_RNG 0x00000001UL /* has random # generator */ -#define CKF_WRITE_PROTECTED 0x00000002UL /* token is write-protected */ -#define CKF_LOGIN_REQUIRED 0x00000004UL /* user must login */ -#define CKF_USER_PIN_INITIALIZED 0x00000008UL /* normal user's PIN is set */ - -/* CKF_RESTORE_KEY_NOT_NEEDED. If it is set, - * that means that *every* time the state of cryptographic - * operations of a session is successfully saved, all keys - * needed to continue those operations are stored in the state - */ -#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020UL - -/* CKF_CLOCK_ON_TOKEN. If it is set, that means - * that the token has some sort of clock. The time on that - * clock is returned in the token info structure - */ -#define CKF_CLOCK_ON_TOKEN 0x00000040UL - -/* CKF_PROTECTED_AUTHENTICATION_PATH. If it is - * set, that means that there is some way for the user to login - * without sending a PIN through the Cryptoki library itself - */ -#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100UL - -/* CKF_DUAL_CRYPTO_OPERATIONS. If it is true, - * that means that a single session with the token can perform - * dual simultaneous cryptographic operations (digest and - * encrypt; decrypt and digest; sign and encrypt; and decrypt - * and sign) - */ -#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200UL - -/* CKF_TOKEN_INITIALIZED. If it is true, the - * token has been initialized using C_InitializeToken or an - * equivalent mechanism outside the scope of PKCS #11. - * Calling C_InitializeToken when this flag is set will cause - * the token to be reinitialized. - */ -#define CKF_TOKEN_INITIALIZED 0x00000400UL - -/* CKF_SECONDARY_AUTHENTICATION. If it is - * true, the token supports secondary authentication for - * private key objects. - */ -#define CKF_SECONDARY_AUTHENTICATION 0x00000800UL - -/* CKF_USER_PIN_COUNT_LOW. If it is true, an - * incorrect user login PIN has been entered at least once - * since the last successful authentication. - */ -#define CKF_USER_PIN_COUNT_LOW 0x00010000UL - -/* CKF_USER_PIN_FINAL_TRY. If it is true, - * supplying an incorrect user PIN will it to become locked. - */ -#define CKF_USER_PIN_FINAL_TRY 0x00020000UL - -/* CKF_USER_PIN_LOCKED. If it is true, the - * user PIN has been locked. User login to the token is not - * possible. - */ -#define CKF_USER_PIN_LOCKED 0x00040000UL - -/* CKF_USER_PIN_TO_BE_CHANGED. If it is true, - * the user PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. - */ -#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000UL - -/* CKF_SO_PIN_COUNT_LOW. If it is true, an - * incorrect SO login PIN has been entered at least once since - * the last successful authentication. - */ -#define CKF_SO_PIN_COUNT_LOW 0x00100000UL - -/* CKF_SO_PIN_FINAL_TRY. If it is true, - * supplying an incorrect SO PIN will it to become locked. - */ -#define CKF_SO_PIN_FINAL_TRY 0x00200000UL - -/* CKF_SO_PIN_LOCKED. If it is true, the SO - * PIN has been locked. SO login to the token is not possible. - */ -#define CKF_SO_PIN_LOCKED 0x00400000UL - -/* CKF_SO_PIN_TO_BE_CHANGED. If it is true, - * the SO PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. - */ -#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000UL - -#define CKF_ERROR_STATE 0x01000000UL - -typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; - - -/* CK_SESSION_HANDLE is a Cryptoki-assigned value that - * identifies a session - */ -typedef CK_ULONG CK_SESSION_HANDLE; - -typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; - - -/* CK_USER_TYPE enumerates the types of Cryptoki users */ -typedef CK_ULONG CK_USER_TYPE; -/* Security Officer */ -#define CKU_SO 0UL -/* Normal user */ -#define CKU_USER 1UL -/* Context specific */ -#define CKU_CONTEXT_SPECIFIC 2UL - -/* CK_STATE enumerates the session states */ -typedef CK_ULONG CK_STATE; -#define CKS_RO_PUBLIC_SESSION 0UL -#define CKS_RO_USER_FUNCTIONS 1UL -#define CKS_RW_PUBLIC_SESSION 2UL -#define CKS_RW_USER_FUNCTIONS 3UL -#define CKS_RW_SO_FUNCTIONS 4UL - -/* CK_SESSION_INFO provides information about a session */ -typedef struct CK_SESSION_INFO { - CK_SLOT_ID slotID; - CK_STATE state; - CK_FLAGS flags; /* see below */ - CK_ULONG ulDeviceError; /* device-dependent error code */ -} CK_SESSION_INFO; - -/* The flags are defined in the following table: - * Bit Flag Mask Meaning - */ -#define CKF_RW_SESSION 0x00000002UL /* session is r/w */ -#define CKF_SERIAL_SESSION 0x00000004UL /* no parallel */ - -typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; - - -/* CK_OBJECT_HANDLE is a token-specific identifier for an - * object - */ -typedef CK_ULONG CK_OBJECT_HANDLE; - -typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; - - -/* CK_OBJECT_CLASS is a value that identifies the classes (or - * types) of objects that Cryptoki recognizes. It is defined - * as follows: - */ -typedef CK_ULONG CK_OBJECT_CLASS; - -/* The following classes of objects are defined: */ -#define CKO_DATA 0x00000000UL -#define CKO_CERTIFICATE 0x00000001UL -#define CKO_PUBLIC_KEY 0x00000002UL -#define CKO_PRIVATE_KEY 0x00000003UL -#define CKO_SECRET_KEY 0x00000004UL -#define CKO_HW_FEATURE 0x00000005UL -#define CKO_DOMAIN_PARAMETERS 0x00000006UL -#define CKO_MECHANISM 0x00000007UL -#define CKO_OTP_KEY 0x00000008UL -#define CKO_PROFILE 0x00000009UL - -#define CKO_VENDOR_DEFINED 0x80000000UL - -typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; - -/* Profile ID's */ -#define CKP_INVALID_ID 0x00000000UL -#define CKP_BASELINE_PROVIDER 0x00000001UL -#define CKP_EXTENDED_PROVIDER 0x00000002UL -#define CKP_AUTHENTICATION_TOKEN 0x00000003UL -#define CKP_PUBLIC_CERTIFICATES_TOKEN 0x00000004UL -#define CKP_VENDOR_DEFINED 0x80000000UL - -/* CK_HW_FEATURE_TYPE is a value that identifies the hardware feature type - * of an object with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. - */ -typedef CK_ULONG CK_HW_FEATURE_TYPE; - -/* The following hardware feature types are defined */ -#define CKH_MONOTONIC_COUNTER 0x00000001UL -#define CKH_CLOCK 0x00000002UL -#define CKH_USER_INTERFACE 0x00000003UL -#define CKH_VENDOR_DEFINED 0x80000000UL - -/* CK_KEY_TYPE is a value that identifies a key type */ -typedef CK_ULONG CK_KEY_TYPE; - -/* the following key types are defined: */ -#define CKK_RSA 0x00000000UL -#define CKK_DSA 0x00000001UL -#define CKK_DH 0x00000002UL -#define CKK_ECDSA 0x00000003UL /* Deprecated */ -#define CKK_EC 0x00000003UL -#define CKK_X9_42_DH 0x00000004UL -#define CKK_KEA 0x00000005UL -#define CKK_GENERIC_SECRET 0x00000010UL -#define CKK_RC2 0x00000011UL -#define CKK_RC4 0x00000012UL -#define CKK_DES 0x00000013UL -#define CKK_DES2 0x00000014UL -#define CKK_DES3 0x00000015UL -#define CKK_CAST 0x00000016UL -#define CKK_CAST3 0x00000017UL -#define CKK_CAST5 0x00000018UL /* Deprecated */ -#define CKK_CAST128 0x00000018UL -#define CKK_RC5 0x00000019UL -#define CKK_IDEA 0x0000001AUL -#define CKK_SKIPJACK 0x0000001BUL -#define CKK_BATON 0x0000001CUL -#define CKK_JUNIPER 0x0000001DUL -#define CKK_CDMF 0x0000001EUL -#define CKK_AES 0x0000001FUL -#define CKK_BLOWFISH 0x00000020UL -#define CKK_TWOFISH 0x00000021UL -#define CKK_SECURID 0x00000022UL -#define CKK_HOTP 0x00000023UL -#define CKK_ACTI 0x00000024UL -#define CKK_CAMELLIA 0x00000025UL -#define CKK_ARIA 0x00000026UL - -/* the following definitions were added in the 2.30 header file, - * but never defined in the spec. */ -#define CKK_MD5_HMAC 0x00000027UL -#define CKK_SHA_1_HMAC 0x00000028UL -#define CKK_RIPEMD128_HMAC 0x00000029UL -#define CKK_RIPEMD160_HMAC 0x0000002AUL -#define CKK_SHA256_HMAC 0x0000002BUL -#define CKK_SHA384_HMAC 0x0000002CUL -#define CKK_SHA512_HMAC 0x0000002DUL -#define CKK_SHA224_HMAC 0x0000002EUL - -#define CKK_SEED 0x0000002FUL -#define CKK_GOSTR3410 0x00000030UL -#define CKK_GOSTR3411 0x00000031UL -#define CKK_GOST28147 0x00000032UL -#define CKK_CHACHA20 0x00000033UL -#define CKK_POLY1305 0x00000034UL -#define CKK_AES_XTS 0x00000035UL -#define CKK_SHA3_224_HMAC 0x00000036UL -#define CKK_SHA3_256_HMAC 0x00000037UL -#define CKK_SHA3_384_HMAC 0x00000038UL -#define CKK_SHA3_512_HMAC 0x00000039UL -#define CKK_BLAKE2B_160_HMAC 0x0000003aUL -#define CKK_BLAKE2B_256_HMAC 0x0000003bUL -#define CKK_BLAKE2B_384_HMAC 0x0000003cUL -#define CKK_BLAKE2B_512_HMAC 0x0000003dUL -#define CKK_SALSA20 0x0000003eUL -#define CKK_X2RATCHET 0x0000003fUL -#define CKK_EC_EDWARDS 0x00000040UL -#define CKK_EC_MONTGOMERY 0x00000041UL -#define CKK_HKDF 0x00000042UL - -#define CKK_SHA512_224_HMAC 0x00000043UL -#define CKK_SHA512_256_HMAC 0x00000044UL -#define CKK_SHA512_T_HMAC 0x00000045UL - -#define CKK_VENDOR_DEFINED 0x80000000UL - - -/* CK_CERTIFICATE_TYPE is a value that identifies a certificate - * type - */ -typedef CK_ULONG CK_CERTIFICATE_TYPE; - -#define CK_CERTIFICATE_CATEGORY_UNSPECIFIED 0UL -#define CK_CERTIFICATE_CATEGORY_TOKEN_USER 1UL -#define CK_CERTIFICATE_CATEGORY_AUTHORITY 2UL -#define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY 3UL - -#define CK_SECURITY_DOMAIN_UNSPECIFIED 0UL -#define CK_SECURITY_DOMAIN_MANUFACTURER 1UL -#define CK_SECURITY_DOMAIN_OPERATOR 2UL -#define CK_SECURITY_DOMAIN_THIRD_PARTY 3UL - - -/* The following certificate types are defined: */ -#define CKC_X_509 0x00000000UL -#define CKC_X_509_ATTR_CERT 0x00000001UL -#define CKC_WTLS 0x00000002UL -#define CKC_VENDOR_DEFINED 0x80000000UL - - -/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute - * type - */ -typedef CK_ULONG CK_ATTRIBUTE_TYPE; - -/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which - * consists of an array of values. - */ -#define CKF_ARRAY_ATTRIBUTE 0x40000000UL - -/* The following OTP-related defines relate to the CKA_OTP_FORMAT attribute */ -#define CK_OTP_FORMAT_DECIMAL 0UL -#define CK_OTP_FORMAT_HEXADECIMAL 1UL -#define CK_OTP_FORMAT_ALPHANUMERIC 2UL -#define CK_OTP_FORMAT_BINARY 3UL - -/* The following OTP-related defines relate to the CKA_OTP_..._REQUIREMENT - * attributes - */ -#define CK_OTP_PARAM_IGNORED 0UL -#define CK_OTP_PARAM_OPTIONAL 1UL -#define CK_OTP_PARAM_MANDATORY 2UL - -/* The following attribute types are defined: */ -#define CKA_CLASS 0x00000000UL -#define CKA_TOKEN 0x00000001UL -#define CKA_PRIVATE 0x00000002UL -#define CKA_LABEL 0x00000003UL -#define CKA_UNIQUE_ID 0x00000004UL -#define CKA_APPLICATION 0x00000010UL -#define CKA_VALUE 0x00000011UL -#define CKA_OBJECT_ID 0x00000012UL -#define CKA_CERTIFICATE_TYPE 0x00000080UL -#define CKA_ISSUER 0x00000081UL -#define CKA_SERIAL_NUMBER 0x00000082UL -#define CKA_AC_ISSUER 0x00000083UL -#define CKA_OWNER 0x00000084UL -#define CKA_ATTR_TYPES 0x00000085UL -#define CKA_TRUSTED 0x00000086UL -#define CKA_CERTIFICATE_CATEGORY 0x00000087UL -#define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088UL -#define CKA_URL 0x00000089UL -#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008AUL -#define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008BUL -#define CKA_NAME_HASH_ALGORITHM 0x0000008CUL -#define CKA_CHECK_VALUE 0x00000090UL - -#define CKA_KEY_TYPE 0x00000100UL -#define CKA_SUBJECT 0x00000101UL -#define CKA_ID 0x00000102UL -#define CKA_SENSITIVE 0x00000103UL -#define CKA_ENCRYPT 0x00000104UL -#define CKA_DECRYPT 0x00000105UL -#define CKA_WRAP 0x00000106UL -#define CKA_UNWRAP 0x00000107UL -#define CKA_SIGN 0x00000108UL -#define CKA_SIGN_RECOVER 0x00000109UL -#define CKA_VERIFY 0x0000010AUL -#define CKA_VERIFY_RECOVER 0x0000010BUL -#define CKA_DERIVE 0x0000010CUL -#define CKA_START_DATE 0x00000110UL -#define CKA_END_DATE 0x00000111UL -#define CKA_MODULUS 0x00000120UL -#define CKA_MODULUS_BITS 0x00000121UL -#define CKA_PUBLIC_EXPONENT 0x00000122UL -#define CKA_PRIVATE_EXPONENT 0x00000123UL -#define CKA_PRIME_1 0x00000124UL -#define CKA_PRIME_2 0x00000125UL -#define CKA_EXPONENT_1 0x00000126UL -#define CKA_EXPONENT_2 0x00000127UL -#define CKA_COEFFICIENT 0x00000128UL -#define CKA_PUBLIC_KEY_INFO 0x00000129UL -#define CKA_PRIME 0x00000130UL -#define CKA_SUBPRIME 0x00000131UL -#define CKA_BASE 0x00000132UL - -#define CKA_PRIME_BITS 0x00000133UL -#define CKA_SUBPRIME_BITS 0x00000134UL -#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS - -#define CKA_VALUE_BITS 0x00000160UL -#define CKA_VALUE_LEN 0x00000161UL -#define CKA_EXTRACTABLE 0x00000162UL -#define CKA_LOCAL 0x00000163UL -#define CKA_NEVER_EXTRACTABLE 0x00000164UL -#define CKA_ALWAYS_SENSITIVE 0x00000165UL -#define CKA_KEY_GEN_MECHANISM 0x00000166UL - -#define CKA_MODIFIABLE 0x00000170UL -#define CKA_COPYABLE 0x00000171UL - -#define CKA_DESTROYABLE 0x00000172UL - -#define CKA_ECDSA_PARAMS 0x00000180UL /* Deprecated */ -#define CKA_EC_PARAMS 0x00000180UL - -#define CKA_EC_POINT 0x00000181UL - -#define CKA_SECONDARY_AUTH 0x00000200UL /* Deprecated */ -#define CKA_AUTH_PIN_FLAGS 0x00000201UL /* Deprecated */ - -#define CKA_ALWAYS_AUTHENTICATE 0x00000202UL - -#define CKA_WRAP_WITH_TRUSTED 0x00000210UL -#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211UL) -#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212UL) -#define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000213UL) - -#define CKA_OTP_FORMAT 0x00000220UL -#define CKA_OTP_LENGTH 0x00000221UL -#define CKA_OTP_TIME_INTERVAL 0x00000222UL -#define CKA_OTP_USER_FRIENDLY_MODE 0x00000223UL -#define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224UL -#define CKA_OTP_TIME_REQUIREMENT 0x00000225UL -#define CKA_OTP_COUNTER_REQUIREMENT 0x00000226UL -#define CKA_OTP_PIN_REQUIREMENT 0x00000227UL -#define CKA_OTP_COUNTER 0x0000022EUL -#define CKA_OTP_TIME 0x0000022FUL -#define CKA_OTP_USER_IDENTIFIER 0x0000022AUL -#define CKA_OTP_SERVICE_IDENTIFIER 0x0000022BUL -#define CKA_OTP_SERVICE_LOGO 0x0000022CUL -#define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022DUL - -#define CKA_GOSTR3410_PARAMS 0x00000250UL -#define CKA_GOSTR3411_PARAMS 0x00000251UL -#define CKA_GOST28147_PARAMS 0x00000252UL - -#define CKA_HW_FEATURE_TYPE 0x00000300UL -#define CKA_RESET_ON_INIT 0x00000301UL -#define CKA_HAS_RESET 0x00000302UL - -#define CKA_PIXEL_X 0x00000400UL -#define CKA_PIXEL_Y 0x00000401UL -#define CKA_RESOLUTION 0x00000402UL -#define CKA_CHAR_ROWS 0x00000403UL -#define CKA_CHAR_COLUMNS 0x00000404UL -#define CKA_COLOR 0x00000405UL -#define CKA_BITS_PER_PIXEL 0x00000406UL -#define CKA_CHAR_SETS 0x00000480UL -#define CKA_ENCODING_METHODS 0x00000481UL -#define CKA_MIME_TYPES 0x00000482UL -#define CKA_MECHANISM_TYPE 0x00000500UL -#define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501UL -#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502UL -#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503UL -#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600UL) -#define CKA_PROFILE_ID 0x00000601UL - -#define CKA_X2RATCHET_BAG 0x00000602UL -#define CKA_X2RATCHET_BAGSIZE 0x00000603UL -#define CKA_X2RATCHET_BOBS1STMSG 0x00000604UL -#define CKA_X2RATCHET_CKR 0x00000605UL -#define CKA_X2RATCHET_CKS 0x00000606UL -#define CKA_X2RATCHET_DHP 0x00000607UL -#define CKA_X2RATCHET_DHR 0x00000608UL -#define CKA_X2RATCHET_DHS 0x00000609UL -#define CKA_X2RATCHET_HKR 0x0000060aUL -#define CKA_X2RATCHET_HKS 0x0000060bUL -#define CKA_X2RATCHET_ISALICE 0x0000060cUL -#define CKA_X2RATCHET_NHKR 0x0000060dUL -#define CKA_X2RATCHET_NHKS 0x0000060eUL -#define CKA_X2RATCHET_NR 0x0000060fUL -#define CKA_X2RATCHET_NS 0x00000610UL -#define CKA_X2RATCHET_PNS 0x00000611UL -#define CKA_X2RATCHET_RK 0x00000612UL - -#define CKA_VENDOR_DEFINED 0x80000000UL - -/* CK_ATTRIBUTE is a structure that includes the type, length - * and value of an attribute - */ -typedef struct CK_ATTRIBUTE { - CK_ATTRIBUTE_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; /* in bytes */ -} CK_ATTRIBUTE; - -typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; - -/* CK_DATE is a structure that defines a date */ -typedef struct CK_DATE{ - CK_CHAR year[4]; /* the year ("1900" - "9999") */ - CK_CHAR month[2]; /* the month ("01" - "12") */ - CK_CHAR day[2]; /* the day ("01" - "31") */ -} CK_DATE; - - -/* CK_MECHANISM_TYPE is a value that identifies a mechanism - * type - */ -typedef CK_ULONG CK_MECHANISM_TYPE; - -/* the following mechanism types are defined: */ -#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000UL -#define CKM_RSA_PKCS 0x00000001UL -#define CKM_RSA_9796 0x00000002UL -#define CKM_RSA_X_509 0x00000003UL - -#define CKM_MD2_RSA_PKCS 0x00000004UL -#define CKM_MD5_RSA_PKCS 0x00000005UL -#define CKM_SHA1_RSA_PKCS 0x00000006UL - -#define CKM_RIPEMD128_RSA_PKCS 0x00000007UL -#define CKM_RIPEMD160_RSA_PKCS 0x00000008UL -#define CKM_RSA_PKCS_OAEP 0x00000009UL - -#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000AUL -#define CKM_RSA_X9_31 0x0000000BUL -#define CKM_SHA1_RSA_X9_31 0x0000000CUL -#define CKM_RSA_PKCS_PSS 0x0000000DUL -#define CKM_SHA1_RSA_PKCS_PSS 0x0000000EUL - -#define CKM_DSA_KEY_PAIR_GEN 0x00000010UL -#define CKM_DSA 0x00000011UL -#define CKM_DSA_SHA1 0x00000012UL -#define CKM_DSA_SHA224 0x00000013UL -#define CKM_DSA_SHA256 0x00000014UL -#define CKM_DSA_SHA384 0x00000015UL -#define CKM_DSA_SHA512 0x00000016UL -#define CKM_DSA_SHA3_224 0x00000018UL -#define CKM_DSA_SHA3_256 0x00000019UL -#define CKM_DSA_SHA3_384 0x0000001AUL -#define CKM_DSA_SHA3_512 0x0000001BUL - -#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020UL -#define CKM_DH_PKCS_DERIVE 0x00000021UL - -#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030UL -#define CKM_X9_42_DH_DERIVE 0x00000031UL -#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032UL -#define CKM_X9_42_MQV_DERIVE 0x00000033UL - -#define CKM_SHA256_RSA_PKCS 0x00000040UL -#define CKM_SHA384_RSA_PKCS 0x00000041UL -#define CKM_SHA512_RSA_PKCS 0x00000042UL -#define CKM_SHA256_RSA_PKCS_PSS 0x00000043UL -#define CKM_SHA384_RSA_PKCS_PSS 0x00000044UL -#define CKM_SHA512_RSA_PKCS_PSS 0x00000045UL - -#define CKM_SHA224_RSA_PKCS 0x00000046UL -#define CKM_SHA224_RSA_PKCS_PSS 0x00000047UL - -#define CKM_SHA512_224 0x00000048UL -#define CKM_SHA512_224_HMAC 0x00000049UL -#define CKM_SHA512_224_HMAC_GENERAL 0x0000004AUL -#define CKM_SHA512_224_KEY_DERIVATION 0x0000004BUL -#define CKM_SHA512_256 0x0000004CUL -#define CKM_SHA512_256_HMAC 0x0000004DUL -#define CKM_SHA512_256_HMAC_GENERAL 0x0000004EUL -#define CKM_SHA512_256_KEY_DERIVATION 0x0000004FUL - -#define CKM_SHA512_T 0x00000050UL -#define CKM_SHA512_T_HMAC 0x00000051UL -#define CKM_SHA512_T_HMAC_GENERAL 0x00000052UL -#define CKM_SHA512_T_KEY_DERIVATION 0x00000053UL - -#define CKM_SHA3_256_RSA_PKCS 0x00000060UL -#define CKM_SHA3_384_RSA_PKCS 0x00000061UL -#define CKM_SHA3_512_RSA_PKCS 0x00000062UL -#define CKM_SHA3_256_RSA_PKCS_PSS 0x00000063UL -#define CKM_SHA3_384_RSA_PKCS_PSS 0x00000064UL -#define CKM_SHA3_512_RSA_PKCS_PSS 0x00000065UL -#define CKM_SHA3_224_RSA_PKCS 0x00000066UL -#define CKM_SHA3_224_RSA_PKCS_PSS 0x00000067UL - -#define CKM_RC2_KEY_GEN 0x00000100UL -#define CKM_RC2_ECB 0x00000101UL -#define CKM_RC2_CBC 0x00000102UL -#define CKM_RC2_MAC 0x00000103UL - -#define CKM_RC2_MAC_GENERAL 0x00000104UL -#define CKM_RC2_CBC_PAD 0x00000105UL - -#define CKM_RC4_KEY_GEN 0x00000110UL -#define CKM_RC4 0x00000111UL -#define CKM_DES_KEY_GEN 0x00000120UL -#define CKM_DES_ECB 0x00000121UL -#define CKM_DES_CBC 0x00000122UL -#define CKM_DES_MAC 0x00000123UL - -#define CKM_DES_MAC_GENERAL 0x00000124UL -#define CKM_DES_CBC_PAD 0x00000125UL - -#define CKM_DES2_KEY_GEN 0x00000130UL -#define CKM_DES3_KEY_GEN 0x00000131UL -#define CKM_DES3_ECB 0x00000132UL -#define CKM_DES3_CBC 0x00000133UL -#define CKM_DES3_MAC 0x00000134UL - -#define CKM_DES3_MAC_GENERAL 0x00000135UL -#define CKM_DES3_CBC_PAD 0x00000136UL -#define CKM_DES3_CMAC_GENERAL 0x00000137UL -#define CKM_DES3_CMAC 0x00000138UL -#define CKM_CDMF_KEY_GEN 0x00000140UL -#define CKM_CDMF_ECB 0x00000141UL -#define CKM_CDMF_CBC 0x00000142UL -#define CKM_CDMF_MAC 0x00000143UL -#define CKM_CDMF_MAC_GENERAL 0x00000144UL -#define CKM_CDMF_CBC_PAD 0x00000145UL - -#define CKM_DES_OFB64 0x00000150UL -#define CKM_DES_OFB8 0x00000151UL -#define CKM_DES_CFB64 0x00000152UL -#define CKM_DES_CFB8 0x00000153UL - -#define CKM_MD2 0x00000200UL - -#define CKM_MD2_HMAC 0x00000201UL -#define CKM_MD2_HMAC_GENERAL 0x00000202UL - -#define CKM_MD5 0x00000210UL - -#define CKM_MD5_HMAC 0x00000211UL -#define CKM_MD5_HMAC_GENERAL 0x00000212UL - -#define CKM_SHA_1 0x00000220UL - -#define CKM_SHA_1_HMAC 0x00000221UL -#define CKM_SHA_1_HMAC_GENERAL 0x00000222UL - -#define CKM_RIPEMD128 0x00000230UL -#define CKM_RIPEMD128_HMAC 0x00000231UL -#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232UL -#define CKM_RIPEMD160 0x00000240UL -#define CKM_RIPEMD160_HMAC 0x00000241UL -#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242UL - -#define CKM_SHA256 0x00000250UL -#define CKM_SHA256_HMAC 0x00000251UL -#define CKM_SHA256_HMAC_GENERAL 0x00000252UL -#define CKM_SHA224 0x00000255UL -#define CKM_SHA224_HMAC 0x00000256UL -#define CKM_SHA224_HMAC_GENERAL 0x00000257UL -#define CKM_SHA384 0x00000260UL -#define CKM_SHA384_HMAC 0x00000261UL -#define CKM_SHA384_HMAC_GENERAL 0x00000262UL -#define CKM_SHA512 0x00000270UL -#define CKM_SHA512_HMAC 0x00000271UL -#define CKM_SHA512_HMAC_GENERAL 0x00000272UL -#define CKM_SECURID_KEY_GEN 0x00000280UL -#define CKM_SECURID 0x00000282UL -#define CKM_HOTP_KEY_GEN 0x00000290UL -#define CKM_HOTP 0x00000291UL -#define CKM_ACTI 0x000002A0UL -#define CKM_ACTI_KEY_GEN 0x000002A1UL - -#define CKM_SHA3_256 0x000002B0UL -#define CKM_SHA3_256_HMAC 0x000002B1UL -#define CKM_SHA3_256_HMAC_GENERAL 0x000002B2UL -#define CKM_SHA3_256_KEY_GEN 0x000002B3UL -#define CKM_SHA3_224 0x000002B5UL -#define CKM_SHA3_224_HMAC 0x000002B6UL -#define CKM_SHA3_224_HMAC_GENERAL 0x000002B7UL -#define CKM_SHA3_224_KEY_GEN 0x000002B8UL -#define CKM_SHA3_384 0x000002C0UL -#define CKM_SHA3_384_HMAC 0x000002C1UL -#define CKM_SHA3_384_HMAC_GENERAL 0x000002C2UL -#define CKM_SHA3_384_KEY_GEN 0x000002C3UL -#define CKM_SHA3_512 0x000002D0UL -#define CKM_SHA3_512_HMAC 0x000002D1UL -#define CKM_SHA3_512_HMAC_GENERAL 0x000002D2UL -#define CKM_SHA3_512_KEY_GEN 0x000002D3UL - - -#define CKM_CAST_KEY_GEN 0x00000300UL -#define CKM_CAST_ECB 0x00000301UL -#define CKM_CAST_CBC 0x00000302UL -#define CKM_CAST_MAC 0x00000303UL -#define CKM_CAST_MAC_GENERAL 0x00000304UL -#define CKM_CAST_CBC_PAD 0x00000305UL -#define CKM_CAST3_KEY_GEN 0x00000310UL -#define CKM_CAST3_ECB 0x00000311UL -#define CKM_CAST3_CBC 0x00000312UL -#define CKM_CAST3_MAC 0x00000313UL -#define CKM_CAST3_MAC_GENERAL 0x00000314UL -#define CKM_CAST3_CBC_PAD 0x00000315UL -/* Note that CAST128 and CAST5 are the same algorithm */ -#define CKM_CAST5_KEY_GEN 0x00000320UL -#define CKM_CAST128_KEY_GEN 0x00000320UL -#define CKM_CAST5_ECB 0x00000321UL -#define CKM_CAST128_ECB 0x00000321UL -#define CKM_CAST5_CBC 0x00000322UL /* Deprecated */ -#define CKM_CAST128_CBC 0x00000322UL -#define CKM_CAST5_MAC 0x00000323UL /* Deprecated */ -#define CKM_CAST128_MAC 0x00000323UL -#define CKM_CAST5_MAC_GENERAL 0x00000324UL /* Deprecated */ -#define CKM_CAST128_MAC_GENERAL 0x00000324UL -#define CKM_CAST5_CBC_PAD 0x00000325UL /* Deprecated */ -#define CKM_CAST128_CBC_PAD 0x00000325UL -#define CKM_RC5_KEY_GEN 0x00000330UL -#define CKM_RC5_ECB 0x00000331UL -#define CKM_RC5_CBC 0x00000332UL -#define CKM_RC5_MAC 0x00000333UL -#define CKM_RC5_MAC_GENERAL 0x00000334UL -#define CKM_RC5_CBC_PAD 0x00000335UL -#define CKM_IDEA_KEY_GEN 0x00000340UL -#define CKM_IDEA_ECB 0x00000341UL -#define CKM_IDEA_CBC 0x00000342UL -#define CKM_IDEA_MAC 0x00000343UL -#define CKM_IDEA_MAC_GENERAL 0x00000344UL -#define CKM_IDEA_CBC_PAD 0x00000345UL -#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350UL -#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360UL -#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362UL -#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363UL -#define CKM_XOR_BASE_AND_DATA 0x00000364UL -#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365UL -#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370UL -#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371UL -#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372UL - -#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373UL -#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374UL -#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375UL -#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376UL -#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377UL - -#define CKM_TLS_PRF 0x00000378UL - -#define CKM_SSL3_MD5_MAC 0x00000380UL -#define CKM_SSL3_SHA1_MAC 0x00000381UL -#define CKM_MD5_KEY_DERIVATION 0x00000390UL -#define CKM_MD2_KEY_DERIVATION 0x00000391UL -#define CKM_SHA1_KEY_DERIVATION 0x00000392UL - -#define CKM_SHA256_KEY_DERIVATION 0x00000393UL -#define CKM_SHA384_KEY_DERIVATION 0x00000394UL -#define CKM_SHA512_KEY_DERIVATION 0x00000395UL -#define CKM_SHA224_KEY_DERIVATION 0x00000396UL -#define CKM_SHA3_256_KEY_DERIVATION 0x00000397UL -#define CKM_SHA3_224_KEY_DERIVATION 0x00000398UL -#define CKM_SHA3_384_KEY_DERIVATION 0x00000399UL -#define CKM_SHA3_512_KEY_DERIVATION 0x0000039AUL -#define CKM_SHAKE_128_KEY_DERIVATION 0x0000039BUL -#define CKM_SHAKE_256_KEY_DERIVATION 0x0000039CUL -#define CKM_SHA3_256_KEY_DERIVE CKM_SHA3_256_KEY_DERIVATION -#define CKM_SHA3_224_KEY_DERIVE CKM_SHA3_224_KEY_DERIVATION -#define CKM_SHA3_384_KEY_DERIVE CKM_SHA3_384_KEY_DERIVATION -#define CKM_SHA3_512_KEY_DERIVE CKM_SHA3_512_KEY_DERIVATION -#define CKM_SHAKE_128_KEY_DERIVE CKM_SHAKE_128_KEY_DERIVATION -#define CKM_SHAKE_256_KEY_DERIVE CKM_SHAKE_256_KEY_DERIVATION - -#define CKM_PBE_MD2_DES_CBC 0x000003A0UL -#define CKM_PBE_MD5_DES_CBC 0x000003A1UL -#define CKM_PBE_MD5_CAST_CBC 0x000003A2UL -#define CKM_PBE_MD5_CAST3_CBC 0x000003A3UL -#define CKM_PBE_MD5_CAST5_CBC 0x000003A4UL /* Deprecated */ -#define CKM_PBE_MD5_CAST128_CBC 0x000003A4UL -#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5UL /* Deprecated */ -#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5UL -#define CKM_PBE_SHA1_RC4_128 0x000003A6UL -#define CKM_PBE_SHA1_RC4_40 0x000003A7UL -#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8UL -#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9UL -#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AAUL -#define CKM_PBE_SHA1_RC2_40_CBC 0x000003ABUL - -#define CKM_PKCS5_PBKD2 0x000003B0UL - -#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0UL - -#define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0UL -#define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1UL -#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2UL -#define CKM_WTLS_PRF 0x000003D3UL -#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4UL -#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5UL - -#define CKM_TLS12_MAC 0x000003D8UL -#define CKM_TLS12_KDF 0x000003D9UL -#define CKM_TLS12_MASTER_KEY_DERIVE 0x000003E0UL -#define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003E1UL -#define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003E2UL -#define CKM_TLS12_KEY_SAFE_DERIVE 0x000003E3UL -#define CKM_TLS_MAC 0x000003E4UL -#define CKM_TLS_KDF 0x000003E5UL - -#define CKM_KEY_WRAP_LYNKS 0x00000400UL -#define CKM_KEY_WRAP_SET_OAEP 0x00000401UL - -#define CKM_CMS_SIG 0x00000500UL -#define CKM_KIP_DERIVE 0x00000510UL -#define CKM_KIP_WRAP 0x00000511UL -#define CKM_KIP_MAC 0x00000512UL - -#define CKM_CAMELLIA_KEY_GEN 0x00000550UL -#define CKM_CAMELLIA_ECB 0x00000551UL -#define CKM_CAMELLIA_CBC 0x00000552UL -#define CKM_CAMELLIA_MAC 0x00000553UL -#define CKM_CAMELLIA_MAC_GENERAL 0x00000554UL -#define CKM_CAMELLIA_CBC_PAD 0x00000555UL -#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556UL -#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557UL -#define CKM_CAMELLIA_CTR 0x00000558UL - -#define CKM_ARIA_KEY_GEN 0x00000560UL -#define CKM_ARIA_ECB 0x00000561UL -#define CKM_ARIA_CBC 0x00000562UL -#define CKM_ARIA_MAC 0x00000563UL -#define CKM_ARIA_MAC_GENERAL 0x00000564UL -#define CKM_ARIA_CBC_PAD 0x00000565UL -#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566UL -#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567UL - -#define CKM_SEED_KEY_GEN 0x00000650UL -#define CKM_SEED_ECB 0x00000651UL -#define CKM_SEED_CBC 0x00000652UL -#define CKM_SEED_MAC 0x00000653UL -#define CKM_SEED_MAC_GENERAL 0x00000654UL -#define CKM_SEED_CBC_PAD 0x00000655UL -#define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656UL -#define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657UL - -#define CKM_SKIPJACK_KEY_GEN 0x00001000UL -#define CKM_SKIPJACK_ECB64 0x00001001UL -#define CKM_SKIPJACK_CBC64 0x00001002UL -#define CKM_SKIPJACK_OFB64 0x00001003UL -#define CKM_SKIPJACK_CFB64 0x00001004UL -#define CKM_SKIPJACK_CFB32 0x00001005UL -#define CKM_SKIPJACK_CFB16 0x00001006UL -#define CKM_SKIPJACK_CFB8 0x00001007UL -#define CKM_SKIPJACK_WRAP 0x00001008UL -#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009UL -#define CKM_SKIPJACK_RELAYX 0x0000100aUL -#define CKM_KEA_KEY_PAIR_GEN 0x00001010UL -#define CKM_KEA_KEY_DERIVE 0x00001011UL -#define CKM_KEA_DERIVE 0x00001012UL -#define CKM_FORTEZZA_TIMESTAMP 0x00001020UL -#define CKM_BATON_KEY_GEN 0x00001030UL -#define CKM_BATON_ECB128 0x00001031UL -#define CKM_BATON_ECB96 0x00001032UL -#define CKM_BATON_CBC128 0x00001033UL -#define CKM_BATON_COUNTER 0x00001034UL -#define CKM_BATON_SHUFFLE 0x00001035UL -#define CKM_BATON_WRAP 0x00001036UL - -#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040UL /* Deprecated */ -#define CKM_EC_KEY_PAIR_GEN 0x00001040UL - -#define CKM_ECDSA 0x00001041UL -#define CKM_ECDSA_SHA1 0x00001042UL -#define CKM_ECDSA_SHA224 0x00001043UL -#define CKM_ECDSA_SHA256 0x00001044UL -#define CKM_ECDSA_SHA384 0x00001045UL -#define CKM_ECDSA_SHA512 0x00001046UL -#define CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS 0x0000140BUL - -#define CKM_ECDH1_DERIVE 0x00001050UL -#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051UL -#define CKM_ECMQV_DERIVE 0x00001052UL - -#define CKM_ECDH_AES_KEY_WRAP 0x00001053UL -#define CKM_RSA_AES_KEY_WRAP 0x00001054UL - -#define CKM_JUNIPER_KEY_GEN 0x00001060UL -#define CKM_JUNIPER_ECB128 0x00001061UL -#define CKM_JUNIPER_CBC128 0x00001062UL -#define CKM_JUNIPER_COUNTER 0x00001063UL -#define CKM_JUNIPER_SHUFFLE 0x00001064UL -#define CKM_JUNIPER_WRAP 0x00001065UL -#define CKM_FASTHASH 0x00001070UL - -#define CKM_AES_XTS 0x00001071UL -#define CKM_AES_XTS_KEY_GEN 0x00001072UL -#define CKM_AES_KEY_GEN 0x00001080UL -#define CKM_AES_ECB 0x00001081UL -#define CKM_AES_CBC 0x00001082UL -#define CKM_AES_MAC 0x00001083UL -#define CKM_AES_MAC_GENERAL 0x00001084UL -#define CKM_AES_CBC_PAD 0x00001085UL -#define CKM_AES_CTR 0x00001086UL -#define CKM_AES_GCM 0x00001087UL -#define CKM_AES_CCM 0x00001088UL -#define CKM_AES_CTS 0x00001089UL -#define CKM_AES_CMAC 0x0000108AUL -#define CKM_AES_CMAC_GENERAL 0x0000108BUL - -#define CKM_AES_XCBC_MAC 0x0000108CUL -#define CKM_AES_XCBC_MAC_96 0x0000108DUL -#define CKM_AES_GMAC 0x0000108EUL - -#define CKM_BLOWFISH_KEY_GEN 0x00001090UL -#define CKM_BLOWFISH_CBC 0x00001091UL -#define CKM_TWOFISH_KEY_GEN 0x00001092UL -#define CKM_TWOFISH_CBC 0x00001093UL -#define CKM_BLOWFISH_CBC_PAD 0x00001094UL -#define CKM_TWOFISH_CBC_PAD 0x00001095UL - -#define CKM_DES_ECB_ENCRYPT_DATA 0x00001100UL -#define CKM_DES_CBC_ENCRYPT_DATA 0x00001101UL -#define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102UL -#define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103UL -#define CKM_AES_ECB_ENCRYPT_DATA 0x00001104UL -#define CKM_AES_CBC_ENCRYPT_DATA 0x00001105UL - -#define CKM_GOSTR3410_KEY_PAIR_GEN 0x00001200UL -#define CKM_GOSTR3410 0x00001201UL -#define CKM_GOSTR3410_WITH_GOSTR3411 0x00001202UL -#define CKM_GOSTR3410_KEY_WRAP 0x00001203UL -#define CKM_GOSTR3410_DERIVE 0x00001204UL -#define CKM_GOSTR3411 0x00001210UL -#define CKM_GOSTR3411_HMAC 0x00001211UL -#define CKM_GOST28147_KEY_GEN 0x00001220UL -#define CKM_GOST28147_ECB 0x00001221UL -#define CKM_GOST28147 0x00001222UL -#define CKM_GOST28147_MAC 0x00001223UL -#define CKM_GOST28147_KEY_WRAP 0x00001224UL -#define CKM_CHACHA20_KEY_GEN 0x00001225UL -#define CKM_CHACHA20 0x00001226UL -#define CKM_POLY1305_KEY_GEN 0x00001227UL -#define CKM_POLY1305 0x00001228UL -#define CKM_DSA_PARAMETER_GEN 0x00002000UL -#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001UL -#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002UL -#define CKM_DSA_PROBABILISTIC_PARAMETER_GEN 0x00002003UL -#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN CKM_DSA_PROBABILISTIC_PARAMETER_GEN -#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN 0x00002004UL -#define CKM_DSA_FIPS_G_GEN 0x00002005UL - -#define CKM_AES_OFB 0x00002104UL -#define CKM_AES_CFB64 0x00002105UL -#define CKM_AES_CFB8 0x00002106UL -#define CKM_AES_CFB128 0x00002107UL - -#define CKM_AES_CFB1 0x00002108UL -#define CKM_AES_KEY_WRAP 0x00002109UL /* WAS: 0x00001090 */ -#define CKM_AES_KEY_WRAP_PAD 0x0000210AUL /* WAS: 0x00001091 */ -#define CKM_AES_KEY_WRAP_KWP 0x0000210BUL - -#define CKM_RSA_PKCS_TPM_1_1 0x00004001UL -#define CKM_RSA_PKCS_OAEP_TPM_1_1 0x00004002UL - -#define CKM_SHA_1_KEY_GEN 0x00004003UL -#define CKM_SHA224_KEY_GEN 0x00004004UL -#define CKM_SHA256_KEY_GEN 0x00004005UL -#define CKM_SHA384_KEY_GEN 0x00004006UL -#define CKM_SHA512_KEY_GEN 0x00004007UL -#define CKM_SHA512_224_KEY_GEN 0x00004008UL -#define CKM_SHA512_256_KEY_GEN 0x00004009UL -#define CKM_SHA512_T_KEY_GEN 0x0000400aUL -#define CKM_NULL 0x0000400bUL -#define CKM_BLAKE2B_160 0x0000400cUL -#define CKM_BLAKE2B_160_HMAC 0x0000400dUL -#define CKM_BLAKE2B_160_HMAC_GENERAL 0x0000400eUL -#define CKM_BLAKE2B_160_KEY_DERIVE 0x0000400fUL -#define CKM_BLAKE2B_160_KEY_GEN 0x00004010UL -#define CKM_BLAKE2B_256 0x00004011UL -#define CKM_BLAKE2B_256_HMAC 0x00004012UL -#define CKM_BLAKE2B_256_HMAC_GENERAL 0x00004013UL -#define CKM_BLAKE2B_256_KEY_DERIVE 0x00004014UL -#define CKM_BLAKE2B_256_KEY_GEN 0x00004015UL -#define CKM_BLAKE2B_384 0x00004016UL -#define CKM_BLAKE2B_384_HMAC 0x00004017UL -#define CKM_BLAKE2B_384_HMAC_GENERAL 0x00004018UL -#define CKM_BLAKE2B_384_KEY_DERIVE 0x00004019UL -#define CKM_BLAKE2B_384_KEY_GEN 0x0000401aUL -#define CKM_BLAKE2B_512 0x0000401bUL -#define CKM_BLAKE2B_512_HMAC 0x0000401cUL -#define CKM_BLAKE2B_512_HMAC_GENERAL 0x0000401dUL -#define CKM_BLAKE2B_512_KEY_DERIVE 0x0000401eUL -#define CKM_BLAKE2B_512_KEY_GEN 0x0000401fUL -#define CKM_SALSA20 0x00004020UL -#define CKM_CHACHA20_POLY1305 0x00004021UL -#define CKM_SALSA20_POLY1305 0x00004022UL -#define CKM_X3DH_INITIALIZE 0x00004023UL -#define CKM_X3DH_RESPOND 0x00004024UL -#define CKM_X2RATCHET_INITIALIZE 0x00004025UL -#define CKM_X2RATCHET_RESPOND 0x00004026UL -#define CKM_X2RATCHET_ENCRYPT 0x00004027UL -#define CKM_X2RATCHET_DECRYPT 0x00004028UL -#define CKM_XEDDSA 0x00004029UL -#define CKM_HKDF_DERIVE 0x0000402aUL -#define CKM_HKDF_DATA 0x0000402bUL -#define CKM_HKDF_KEY_GEN 0x0000402cUL -#define CKM_SALSA20_KEY_GEN 0x0000402dUL - -#define CKM_ECDSA_SHA3_224 0x00001047UL -#define CKM_ECDSA_SHA3_256 0x00001048UL -#define CKM_ECDSA_SHA3_384 0x00001049UL -#define CKM_ECDSA_SHA3_512 0x0000104aUL -#define CKM_EC_EDWARDS_KEY_PAIR_GEN 0x00001055UL -#define CKM_EC_MONTGOMERY_KEY_PAIR_GEN 0x00001056UL -#define CKM_EDDSA 0x00001057UL -#define CKM_SP800_108_COUNTER_KDF 0x000003acUL -#define CKM_SP800_108_FEEDBACK_KDF 0x000003adUL -#define CKM_SP800_108_DOUBLE_PIPELINE_KDF 0x000003aeUL - -#define CKM_VENDOR_DEFINED 0x80000000UL - -typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; - - -/* CK_MECHANISM is a structure that specifies a particular - * mechanism - */ -typedef struct CK_MECHANISM { - CK_MECHANISM_TYPE mechanism; - CK_VOID_PTR pParameter; - CK_ULONG ulParameterLen; /* in bytes */ -} CK_MECHANISM; - -typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; - - -/* CK_MECHANISM_INFO provides information about a particular - * mechanism - */ -typedef struct CK_MECHANISM_INFO { - CK_ULONG ulMinKeySize; - CK_ULONG ulMaxKeySize; - CK_FLAGS flags; -} CK_MECHANISM_INFO; - -/* The flags are defined as follows: - * Bit Flag Mask Meaning */ -#define CKF_HW 0x00000001UL /* performed by HW */ - -/* Specify whether or not a mechanism can be used for a particular task */ -#define CKF_MESSAGE_ENCRYPT 0x00000002UL -#define CKF_MESSAGE_DECRYPT 0x00000004UL -#define CKF_MESSAGE_SIGN 0x00000008UL -#define CKF_MESSAGE_VERIFY 0x00000010UL -#define CKF_MULTI_MESSAGE 0x00000020UL -#define CKF_MULTI_MESSGE CKF_MULTI_MESSAGE -#define CKF_FIND_OBJECTS 0x00000040UL - -#define CKF_ENCRYPT 0x00000100UL -#define CKF_DECRYPT 0x00000200UL -#define CKF_DIGEST 0x00000400UL -#define CKF_SIGN 0x00000800UL -#define CKF_SIGN_RECOVER 0x00001000UL -#define CKF_VERIFY 0x00002000UL -#define CKF_VERIFY_RECOVER 0x00004000UL -#define CKF_GENERATE 0x00008000UL -#define CKF_GENERATE_KEY_PAIR 0x00010000UL -#define CKF_WRAP 0x00020000UL -#define CKF_UNWRAP 0x00040000UL -#define CKF_DERIVE 0x00080000UL - -/* Describe a token's EC capabilities not available in mechanism - * information. - */ -#define CKF_EC_F_P 0x00100000UL -#define CKF_EC_F_2M 0x00200000UL -#define CKF_EC_ECPARAMETERS 0x00400000UL -#define CKF_EC_OID 0x00800000UL -#define CKF_EC_NAMEDCURVE CKF_EC_OID /* deprecated since PKCS#11 3.00 */ -#define CKF_EC_UNCOMPRESS 0x01000000UL -#define CKF_EC_COMPRESS 0x02000000UL -#define CKF_EC_CURVENAME 0x04000000UL - -#define CKF_EXTENSION 0x80000000UL - -typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; - -/* CK_RV is a value that identifies the return value of a - * Cryptoki function - */ -typedef CK_ULONG CK_RV; - -#define CKR_OK 0x00000000UL -#define CKR_CANCEL 0x00000001UL -#define CKR_HOST_MEMORY 0x00000002UL -#define CKR_SLOT_ID_INVALID 0x00000003UL - -#define CKR_GENERAL_ERROR 0x00000005UL -#define CKR_FUNCTION_FAILED 0x00000006UL - -#define CKR_ARGUMENTS_BAD 0x00000007UL -#define CKR_NO_EVENT 0x00000008UL -#define CKR_NEED_TO_CREATE_THREADS 0x00000009UL -#define CKR_CANT_LOCK 0x0000000AUL - -#define CKR_ATTRIBUTE_READ_ONLY 0x00000010UL -#define CKR_ATTRIBUTE_SENSITIVE 0x00000011UL -#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012UL -#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013UL - -#define CKR_ACTION_PROHIBITED 0x0000001BUL - -#define CKR_DATA_INVALID 0x00000020UL -#define CKR_DATA_LEN_RANGE 0x00000021UL -#define CKR_DEVICE_ERROR 0x00000030UL -#define CKR_DEVICE_MEMORY 0x00000031UL -#define CKR_DEVICE_REMOVED 0x00000032UL -#define CKR_ENCRYPTED_DATA_INVALID 0x00000040UL -#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041UL -#define CKR_AEAD_DECRYPT_FAILED 0x00000042UL -#define CKR_FUNCTION_CANCELED 0x00000050UL -#define CKR_FUNCTION_NOT_PARALLEL 0x00000051UL - -#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054UL - -#define CKR_KEY_HANDLE_INVALID 0x00000060UL - -#define CKR_KEY_SIZE_RANGE 0x00000062UL -#define CKR_KEY_TYPE_INCONSISTENT 0x00000063UL - -#define CKR_KEY_NOT_NEEDED 0x00000064UL -#define CKR_KEY_CHANGED 0x00000065UL -#define CKR_KEY_NEEDED 0x00000066UL -#define CKR_KEY_INDIGESTIBLE 0x00000067UL -#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068UL -#define CKR_KEY_NOT_WRAPPABLE 0x00000069UL -#define CKR_KEY_UNEXTRACTABLE 0x0000006AUL - -#define CKR_MECHANISM_INVALID 0x00000070UL -#define CKR_MECHANISM_PARAM_INVALID 0x00000071UL - -#define CKR_OBJECT_HANDLE_INVALID 0x00000082UL -#define CKR_OPERATION_ACTIVE 0x00000090UL -#define CKR_OPERATION_NOT_INITIALIZED 0x00000091UL -#define CKR_PIN_INCORRECT 0x000000A0UL -#define CKR_PIN_INVALID 0x000000A1UL -#define CKR_PIN_LEN_RANGE 0x000000A2UL - -#define CKR_PIN_EXPIRED 0x000000A3UL -#define CKR_PIN_LOCKED 0x000000A4UL - -#define CKR_SESSION_CLOSED 0x000000B0UL -#define CKR_SESSION_COUNT 0x000000B1UL -#define CKR_SESSION_HANDLE_INVALID 0x000000B3UL -#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4UL -#define CKR_SESSION_READ_ONLY 0x000000B5UL -#define CKR_SESSION_EXISTS 0x000000B6UL - -#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7UL -#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8UL - -#define CKR_SIGNATURE_INVALID 0x000000C0UL -#define CKR_SIGNATURE_LEN_RANGE 0x000000C1UL -#define CKR_TEMPLATE_INCOMPLETE 0x000000D0UL -#define CKR_TEMPLATE_INCONSISTENT 0x000000D1UL -#define CKR_TOKEN_NOT_PRESENT 0x000000E0UL -#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1UL -#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2UL -#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0UL -#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1UL -#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2UL -#define CKR_USER_ALREADY_LOGGED_IN 0x00000100UL -#define CKR_USER_NOT_LOGGED_IN 0x00000101UL -#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102UL -#define CKR_USER_TYPE_INVALID 0x00000103UL - -#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104UL -#define CKR_USER_TOO_MANY_TYPES 0x00000105UL - -#define CKR_WRAPPED_KEY_INVALID 0x00000110UL -#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112UL -#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113UL -#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114UL -#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115UL -#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120UL - -#define CKR_RANDOM_NO_RNG 0x00000121UL - -#define CKR_DOMAIN_PARAMS_INVALID 0x00000130UL - -#define CKR_CURVE_NOT_SUPPORTED 0x00000140UL - -#define CKR_BUFFER_TOO_SMALL 0x00000150UL -#define CKR_SAVED_STATE_INVALID 0x00000160UL -#define CKR_INFORMATION_SENSITIVE 0x00000170UL -#define CKR_STATE_UNSAVEABLE 0x00000180UL - -#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190UL -#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191UL -#define CKR_MUTEX_BAD 0x000001A0UL -#define CKR_MUTEX_NOT_LOCKED 0x000001A1UL - -#define CKR_NEW_PIN_MODE 0x000001B0UL -#define CKR_NEXT_OTP 0x000001B1UL - -#define CKR_EXCEEDED_MAX_ITERATIONS 0x000001B5UL -#define CKR_FIPS_SELF_TEST_FAILED 0x000001B6UL -#define CKR_LIBRARY_LOAD_FAILED 0x000001B7UL -#define CKR_PIN_TOO_WEAK 0x000001B8UL -#define CKR_PUBLIC_KEY_INVALID 0x000001B9UL - -#define CKR_FUNCTION_REJECTED 0x00000200UL -#define CKR_TOKEN_RESOURCE_EXCEEDED 0x00000201UL -#define CKR_OPERATION_CANCEL_FAILED 0x00000202UL - -#define CKR_VENDOR_DEFINED 0x80000000UL - - -/* CK_NOTIFY is an application callback that processes events */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_NOTIFICATION event, - CK_VOID_PTR pApplication /* passed to C_OpenSession */ -); - - -/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec - * version and pointers of appropriate types to all the - * Cryptoki functions - */ -typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; -typedef struct CK_FUNCTION_LIST_3_0 CK_FUNCTION_LIST_3_0; - -typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; -typedef CK_FUNCTION_LIST_3_0 CK_PTR CK_FUNCTION_LIST_3_0_PTR; - -typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; -typedef CK_FUNCTION_LIST_3_0_PTR CK_PTR CK_FUNCTION_LIST_3_0_PTR_PTR; - -typedef struct CK_INTERFACE { - CK_CHAR *pInterfaceName; - CK_VOID_PTR pFunctionList; - CK_FLAGS flags; -} CK_INTERFACE; - -typedef CK_INTERFACE CK_PTR CK_INTERFACE_PTR; -typedef CK_INTERFACE_PTR CK_PTR CK_INTERFACE_PTR_PTR; - -#define CKF_END_OF_MESSAGE 0x00000001UL - - -/* CK_CREATEMUTEX is an application callback for creating a - * mutex object - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( - CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ -); - - -/* CK_DESTROYMUTEX is an application callback for destroying a - * mutex object - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_LOCKMUTEX is an application callback for locking a mutex */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_UNLOCKMUTEX is an application callback for unlocking a - * mutex - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - -/* Get functionlist flags */ -#define CKF_INTERFACE_FORK_SAFE 0x00000001UL - -/* CK_C_INITIALIZE_ARGS provides the optional arguments to - * C_Initialize - */ -typedef struct CK_C_INITIALIZE_ARGS { - CK_CREATEMUTEX CreateMutex; - CK_DESTROYMUTEX DestroyMutex; - CK_LOCKMUTEX LockMutex; - CK_UNLOCKMUTEX UnlockMutex; - CK_FLAGS flags; - CK_VOID_PTR pReserved; -} CK_C_INITIALIZE_ARGS; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001UL -#define CKF_OS_LOCKING_OK 0x00000002UL - -typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; - - - -/* additional flags for parameters to functions */ - -/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ -#define CKF_DONT_BLOCK 1 - -/* CK_RSA_PKCS_MGF_TYPE is used to indicate the Message - * Generation Function (MGF) applied to a message block when - * formatting a message block for the PKCS #1 OAEP encryption - * scheme. - */ -typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; - -typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; - -/* The following MGFs are defined */ -#define CKG_MGF1_SHA1 0x00000001UL -#define CKG_MGF1_SHA256 0x00000002UL -#define CKG_MGF1_SHA384 0x00000003UL -#define CKG_MGF1_SHA512 0x00000004UL -#define CKG_MGF1_SHA224 0x00000005UL -#define CKG_MGF1_SHA3_224 0x00000006UL -#define CKG_MGF1_SHA3_256 0x00000007UL -#define CKG_MGF1_SHA3_384 0x00000008UL -#define CKG_MGF1_SHA3_512 0x00000009UL - - -/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source - * of the encoding parameter when formatting a message block - * for the PKCS #1 OAEP encryption scheme. - */ -typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; - -typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; - -/* The following encoding parameter sources are defined */ -#define CKZ_DATA_SPECIFIED 0x00000001UL - -/* CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the - * CKM_RSA_PKCS_OAEP mechanism. - */ -typedef struct CK_RSA_PKCS_OAEP_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_RSA_PKCS_OAEP_SOURCE_TYPE source; - CK_VOID_PTR pSourceData; - CK_ULONG ulSourceDataLen; -} CK_RSA_PKCS_OAEP_PARAMS; - -typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; - -/* CK_RSA_PKCS_PSS_PARAMS provides the parameters to the - * CKM_RSA_PKCS_PSS mechanism(s). - */ -typedef struct CK_RSA_PKCS_PSS_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_ULONG sLen; -} CK_RSA_PKCS_PSS_PARAMS; - -typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; - -typedef CK_ULONG CK_EC_KDF_TYPE; -typedef CK_EC_KDF_TYPE CK_PTR CK_EC_KDF_TYPE_PTR; - -/* The following EC Key Derivation Functions are defined */ -#define CKD_NULL 0x00000001UL -#define CKD_SHA1_KDF 0x00000002UL - -/* The following X9.42 DH key derivation functions are defined */ -#define CKD_SHA1_KDF_ASN1 0x00000003UL -#define CKD_SHA1_KDF_CONCATENATE 0x00000004UL -#define CKD_SHA224_KDF 0x00000005UL -#define CKD_SHA256_KDF 0x00000006UL -#define CKD_SHA384_KDF 0x00000007UL -#define CKD_SHA512_KDF 0x00000008UL -#define CKD_CPDIVERSIFY_KDF 0x00000009UL -#define CKD_SHA3_224_KDF 0x0000000AUL -#define CKD_SHA3_256_KDF 0x0000000BUL -#define CKD_SHA3_384_KDF 0x0000000CUL -#define CKD_SHA3_512_KDF 0x0000000DUL -#define CKD_SHA1_KDF_SP800 0x0000000EUL -#define CKD_SHA224_KDF_SP800 0x0000000FUL -#define CKD_SHA256_KDF_SP800 0x00000010UL -#define CKD_SHA384_KDF_SP800 0x00000011UL -#define CKD_SHA512_KDF_SP800 0x00000012UL -#define CKD_SHA3_224_KDF_SP800 0x00000013UL -#define CKD_SHA3_256_KDF_SP800 0x00000014UL -#define CKD_SHA3_384_KDF_SP800 0x00000015UL -#define CKD_SHA3_512_KDF_SP800 0x00000016UL -#define CKD_BLAKE2B_160_KDF 0x00000017UL -#define CKD_BLAKE2B_256_KDF 0x00000018UL -#define CKD_BLAKE2B_384_KDF 0x00000019UL -#define CKD_BLAKE2B_512_KDF 0x0000001aUL - -/* CK_ECDH1_DERIVE_PARAMS provides the parameters to the - * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, - * where each party contributes one key pair. - */ -typedef struct CK_ECDH1_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_ECDH1_DERIVE_PARAMS; - -typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; - -/* - * CK_ECDH2_DERIVE_PARAMS provides the parameters to the - * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. - */ -typedef struct CK_ECDH2_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; -} CK_ECDH2_DERIVE_PARAMS; - -typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; - -typedef struct CK_ECMQV_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; - CK_OBJECT_HANDLE publicKey; -} CK_ECMQV_DERIVE_PARAMS; - -typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR; - -/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the - * CKM_X9_42_DH_PARAMETER_GEN mechanisms - */ -typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; -typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; - -/* CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the - * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party - * contributes one key pair - */ -typedef struct CK_X9_42_DH1_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_X9_42_DH1_DERIVE_PARAMS; - -typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; - -/* CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the - * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation - * mechanisms, where each party contributes two key pairs - */ -typedef struct CK_X9_42_DH2_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; -} CK_X9_42_DH2_DERIVE_PARAMS; - -typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; - -typedef struct CK_X9_42_MQV_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; - CK_OBJECT_HANDLE publicKey; -} CK_X9_42_MQV_DERIVE_PARAMS; - -typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR; - -/* CK_KEA_DERIVE_PARAMS provides the parameters to the - * CKM_KEA_DERIVE mechanism - */ -typedef struct CK_KEA_DERIVE_PARAMS { - CK_BBOOL isSender; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pRandomB; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_KEA_DERIVE_PARAMS; - -typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; - - -/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and - * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just - * holds the effective keysize - */ -typedef CK_ULONG CK_RC2_PARAMS; - -typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; - - -/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC - * mechanism - */ -typedef struct CK_RC2_CBC_PARAMS { - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - CK_BYTE iv[8]; /* IV for CBC mode */ -} CK_RC2_CBC_PARAMS; - -typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; - - -/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC2_MAC_GENERAL mechanism - */ -typedef struct CK_RC2_MAC_GENERAL_PARAMS { - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC2_MAC_GENERAL_PARAMS; - -typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC2_MAC_GENERAL_PARAMS_PTR; - - -/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and - * CKM_RC5_MAC mechanisms - */ -typedef struct CK_RC5_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ -} CK_RC5_PARAMS; - -typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; - - -/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC - * mechanism - */ -typedef struct CK_RC5_CBC_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_BYTE_PTR pIv; /* pointer to IV */ - CK_ULONG ulIvLen; /* length of IV in bytes */ -} CK_RC5_CBC_PARAMS; - -typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; - - -/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC5_MAC_GENERAL mechanism - */ -typedef struct CK_RC5_MAC_GENERAL_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC5_MAC_GENERAL_PARAMS; - -typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC5_MAC_GENERAL_PARAMS_PTR; - -/* CK_MAC_GENERAL_PARAMS provides the parameters to most block - * ciphers' MAC_GENERAL mechanisms. Its value is the length of - * the MAC - */ -typedef CK_ULONG CK_MAC_GENERAL_PARAMS; - -typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; - -typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[8]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_DES_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_AES_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; - -/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the - * CKM_SKIPJACK_PRIVATE_WRAP mechanism - */ -typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pPassword; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPAndGLen; - CK_ULONG ulQLen; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pPrimeP; - CK_BYTE_PTR pBaseG; - CK_BYTE_PTR pSubprimeQ; -} CK_SKIPJACK_PRIVATE_WRAP_PARAMS; - -typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ - CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR; - - -/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the - * CKM_SKIPJACK_RELAYX mechanism - */ -typedef struct CK_SKIPJACK_RELAYX_PARAMS { - CK_ULONG ulOldWrappedXLen; - CK_BYTE_PTR pOldWrappedX; - CK_ULONG ulOldPasswordLen; - CK_BYTE_PTR pOldPassword; - CK_ULONG ulOldPublicDataLen; - CK_BYTE_PTR pOldPublicData; - CK_ULONG ulOldRandomLen; - CK_BYTE_PTR pOldRandomA; - CK_ULONG ulNewPasswordLen; - CK_BYTE_PTR pNewPassword; - CK_ULONG ulNewPublicDataLen; - CK_BYTE_PTR pNewPublicData; - CK_ULONG ulNewRandomLen; - CK_BYTE_PTR pNewRandomA; -} CK_SKIPJACK_RELAYX_PARAMS; - -typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ - CK_SKIPJACK_RELAYX_PARAMS_PTR; - - -typedef struct CK_PBE_PARAMS { - CK_BYTE_PTR pInitVector; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pSalt; - CK_ULONG ulSaltLen; - CK_ULONG ulIteration; -} CK_PBE_PARAMS; - -typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; - - -/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the - * CKM_KEY_WRAP_SET_OAEP mechanism - */ -typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { - CK_BYTE bBC; /* block contents byte */ - CK_BYTE_PTR pX; /* extra data */ - CK_ULONG ulXLen; /* length of extra data in bytes */ -} CK_KEY_WRAP_SET_OAEP_PARAMS; - -typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; - -typedef struct CK_SSL3_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_SSL3_RANDOM_DATA; - - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { - CK_SSL3_RANDOM_DATA RandomInfo; - CK_VERSION_PTR pVersion; -} CK_SSL3_MASTER_KEY_DERIVE_PARAMS; - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_SSL3_KEY_MAT_OUT { - CK_OBJECT_HANDLE hClientMacSecret; - CK_OBJECT_HANDLE hServerMacSecret; - CK_OBJECT_HANDLE hClientKey; - CK_OBJECT_HANDLE hServerKey; - CK_BYTE_PTR pIVClient; - CK_BYTE_PTR pIVServer; -} CK_SSL3_KEY_MAT_OUT; - -typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; - - -typedef struct CK_SSL3_KEY_MAT_PARAMS { - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_BBOOL bIsExport; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_SSL3_KEY_MAT_PARAMS; - -typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; - -typedef struct CK_TLS_PRF_PARAMS { - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; -} CK_TLS_PRF_PARAMS; - -typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; - -typedef struct CK_WTLS_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_WTLS_RANDOM_DATA; - -typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR; - -typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_WTLS_RANDOM_DATA RandomInfo; - CK_BYTE_PTR pVersion; -} CK_WTLS_MASTER_KEY_DERIVE_PARAMS; - -typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_WTLS_PRF_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; -} CK_WTLS_PRF_PARAMS; - -typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR; - -typedef struct CK_WTLS_KEY_MAT_OUT { - CK_OBJECT_HANDLE hMacSecret; - CK_OBJECT_HANDLE hKey; - CK_BYTE_PTR pIV; -} CK_WTLS_KEY_MAT_OUT; - -typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR; - -typedef struct CK_WTLS_KEY_MAT_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_ULONG ulSequenceNumber; - CK_BBOOL bIsExport; - CK_WTLS_RANDOM_DATA RandomInfo; - CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_WTLS_KEY_MAT_PARAMS; - -typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR; - -typedef struct CK_CMS_SIG_PARAMS { - CK_OBJECT_HANDLE certificateHandle; - CK_MECHANISM_PTR pSigningMechanism; - CK_MECHANISM_PTR pDigestMechanism; - CK_UTF8CHAR_PTR pContentType; - CK_BYTE_PTR pRequestedAttributes; - CK_ULONG ulRequestedAttributesLen; - CK_BYTE_PTR pRequiredAttributes; - CK_ULONG ulRequiredAttributesLen; -} CK_CMS_SIG_PARAMS; - -typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR; - -typedef struct CK_KEY_DERIVATION_STRING_DATA { - CK_BYTE_PTR pData; - CK_ULONG ulLen; -} CK_KEY_DERIVATION_STRING_DATA; - -typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ - CK_KEY_DERIVATION_STRING_DATA_PTR; - - -/* The CK_EXTRACT_PARAMS is used for the - * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit - * of the base key should be used as the first bit of the - * derived key - */ -typedef CK_ULONG CK_EXTRACT_PARAMS; - -typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; - -/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to - * indicate the Pseudo-Random Function (PRF) used to generate - * key bits using PKCS #5 PBKDF2. - */ -typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; - -typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR \ - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; - -#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001UL -#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 0x00000002UL -#define CKP_PKCS5_PBKD2_HMAC_SHA224 0x00000003UL -#define CKP_PKCS5_PBKD2_HMAC_SHA256 0x00000004UL -#define CKP_PKCS5_PBKD2_HMAC_SHA384 0x00000005UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512 0x00000006UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512_224 0x00000007UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512_256 0x00000008UL - -/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the - * source of the salt value when deriving a key using PKCS #5 - * PBKDF2. - */ -typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; - -typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR \ - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; - -/* The following salt value sources are defined in PKCS #5 v2.0. */ -#define CKZ_SALT_SPECIFIED 0x00000001UL - -/* CK_PKCS5_PBKD2_PARAMS is a structure that provides the - * parameters to the CKM_PKCS5_PBKD2 mechanism. - */ -typedef struct CK_PKCS5_PBKD2_PARAMS { - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; - CK_VOID_PTR pSaltSourceData; - CK_ULONG ulSaltSourceDataLen; - CK_ULONG iterations; - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; - CK_VOID_PTR pPrfData; - CK_ULONG ulPrfDataLen; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG_PTR ulPasswordLen; -} CK_PKCS5_PBKD2_PARAMS; - -typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; - -/* CK_PKCS5_PBKD2_PARAMS2 is a corrected version of the CK_PKCS5_PBKD2_PARAMS - * structure that provides the parameters to the CKM_PKCS5_PBKD2 mechanism - * noting that the ulPasswordLen field is a CK_ULONG and not a CK_ULONG_PTR. - */ -typedef struct CK_PKCS5_PBKD2_PARAMS2 { - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; - CK_VOID_PTR pSaltSourceData; - CK_ULONG ulSaltSourceDataLen; - CK_ULONG iterations; - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; - CK_VOID_PTR pPrfData; - CK_ULONG ulPrfDataLen; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG ulPasswordLen; -} CK_PKCS5_PBKD2_PARAMS2; - -typedef CK_PKCS5_PBKD2_PARAMS2 CK_PTR CK_PKCS5_PBKD2_PARAMS2_PTR; - -typedef CK_ULONG CK_OTP_PARAM_TYPE; -typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* backward compatibility */ - -typedef struct CK_OTP_PARAM { - CK_OTP_PARAM_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; -} CK_OTP_PARAM; - -typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR; - -typedef struct CK_OTP_PARAMS { - CK_OTP_PARAM_PTR pParams; - CK_ULONG ulCount; -} CK_OTP_PARAMS; - -typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR; - -typedef struct CK_OTP_SIGNATURE_INFO { - CK_OTP_PARAM_PTR pParams; - CK_ULONG ulCount; -} CK_OTP_SIGNATURE_INFO; - -typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR; - -#define CK_OTP_VALUE 0UL -#define CK_OTP_PIN 1UL -#define CK_OTP_CHALLENGE 2UL -#define CK_OTP_TIME 3UL -#define CK_OTP_COUNTER 4UL -#define CK_OTP_FLAGS 5UL -#define CK_OTP_OUTPUT_LENGTH 6UL -#define CK_OTP_OUTPUT_FORMAT 7UL - -#define CKF_NEXT_OTP 0x00000001UL -#define CKF_EXCLUDE_TIME 0x00000002UL -#define CKF_EXCLUDE_COUNTER 0x00000004UL -#define CKF_EXCLUDE_CHALLENGE 0x00000008UL -#define CKF_EXCLUDE_PIN 0x00000010UL -#define CKF_USER_FRIENDLY_OTP 0x00000020UL - -typedef struct CK_KIP_PARAMS { - CK_MECHANISM_PTR pMechanism; - CK_OBJECT_HANDLE hKey; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; -} CK_KIP_PARAMS; - -typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR; - -typedef struct CK_AES_CTR_PARAMS { - CK_ULONG ulCounterBits; - CK_BYTE cb[16]; -} CK_AES_CTR_PARAMS; - -typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; - -typedef struct CK_GCM_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvBits; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulTagBits; -} CK_GCM_PARAMS; - -typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR; - -typedef CK_ULONG CK_GENERATOR_FUNCTION; -#define CKG_NO_GENERATE 0x00000000UL -#define CKG_GENERATE 0x00000001UL -#define CKG_GENERATE_COUNTER 0x00000002UL -#define CKG_GENERATE_RANDOM 0x00000003UL - -typedef struct CK_GCM_MESSAGE_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvFixedBits; - CK_GENERATOR_FUNCTION ivGenerator; - CK_BYTE_PTR pTag; - CK_ULONG ulTagBits; -} CK_GCM_MESSAGE_PARAMS; - -typedef CK_GCM_MESSAGE_PARAMS CK_GCM_MESSAGE_PARAMS_PTR; - -typedef struct CK_CCM_PARAMS { - CK_ULONG ulDataLen; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulMACLen; -} CK_CCM_PARAMS; - -typedef CK_CCM_PARAMS CK_PTR CK_CCM_PARAMS_PTR; - -typedef struct CK_CCM_MESSAGE_PARAMS { - CK_ULONG ulDataLen; /*plaintext or ciphertext*/ - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_ULONG ulNonceFixedBits; - CK_GENERATOR_FUNCTION nonceGenerator; - CK_BYTE_PTR pMAC; - CK_ULONG ulMACLen; -} CK_CCM_MESSAGE_PARAMS; - -typedef CK_CCM_MESSAGE_PARAMS CK_CCM_MESSAGE_PARAMS_PTR; - -/* Deprecated. Use CK_GCM_PARAMS */ -typedef struct CK_AES_GCM_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvBits; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulTagBits; -} CK_AES_GCM_PARAMS; - -typedef CK_AES_GCM_PARAMS CK_PTR CK_AES_GCM_PARAMS_PTR; - -/* Deprecated. Use CK_CCM_PARAMS */ -typedef struct CK_AES_CCM_PARAMS { - CK_ULONG ulDataLen; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulMACLen; -} CK_AES_CCM_PARAMS; - -typedef CK_AES_CCM_PARAMS CK_PTR CK_AES_CCM_PARAMS_PTR; - -typedef struct CK_CAMELLIA_CTR_PARAMS { - CK_ULONG ulCounterBits; - CK_BYTE cb[16]; -} CK_CAMELLIA_CTR_PARAMS; - -typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR; - -typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_DSA_PARAMETER_GEN_PARAM { - CK_MECHANISM_TYPE hash; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_ULONG ulIndex; -} CK_DSA_PARAMETER_GEN_PARAM; - -typedef CK_DSA_PARAMETER_GEN_PARAM CK_PTR CK_DSA_PARAMETER_GEN_PARAM_PTR; - -typedef struct CK_ECDH_AES_KEY_WRAP_PARAMS { - CK_ULONG ulAESKeyBits; - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; -} CK_ECDH_AES_KEY_WRAP_PARAMS; - -typedef CK_ECDH_AES_KEY_WRAP_PARAMS CK_PTR CK_ECDH_AES_KEY_WRAP_PARAMS_PTR; - -typedef CK_ULONG CK_JAVA_MIDP_SECURITY_DOMAIN; - -typedef CK_ULONG CK_CERTIFICATE_CATEGORY; - -typedef struct CK_RSA_AES_KEY_WRAP_PARAMS { - CK_ULONG ulAESKeyBits; - CK_RSA_PKCS_OAEP_PARAMS_PTR pOAEPParams; -} CK_RSA_AES_KEY_WRAP_PARAMS; - -typedef CK_RSA_AES_KEY_WRAP_PARAMS CK_PTR CK_RSA_AES_KEY_WRAP_PARAMS_PTR; - -typedef struct CK_TLS12_MASTER_KEY_DERIVE_PARAMS { - CK_SSL3_RANDOM_DATA RandomInfo; - CK_VERSION_PTR pVersion; - CK_MECHANISM_TYPE prfHashMechanism; -} CK_TLS12_MASTER_KEY_DERIVE_PARAMS; - -typedef CK_TLS12_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_TLS12_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_TLS12_KEY_MAT_PARAMS { - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_BBOOL bIsExport; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; - CK_MECHANISM_TYPE prfHashMechanism; -} CK_TLS12_KEY_MAT_PARAMS; - -typedef CK_TLS12_KEY_MAT_PARAMS CK_PTR CK_TLS12_KEY_MAT_PARAMS_PTR; - -typedef struct CK_TLS_KDF_PARAMS { - CK_MECHANISM_TYPE prfMechanism; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLength; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_BYTE_PTR pContextData; - CK_ULONG ulContextDataLength; -} CK_TLS_KDF_PARAMS; - -typedef CK_TLS_KDF_PARAMS CK_PTR CK_TLS_KDF_PARAMS_PTR; - -typedef struct CK_TLS_MAC_PARAMS { - CK_MECHANISM_TYPE prfHashMechanism; - CK_ULONG ulMacLength; - CK_ULONG ulServerOrClient; -} CK_TLS_MAC_PARAMS; - -typedef CK_TLS_MAC_PARAMS CK_PTR CK_TLS_MAC_PARAMS_PTR; - -typedef struct CK_GOSTR3410_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pUKM; - CK_ULONG ulUKMLen; -} CK_GOSTR3410_DERIVE_PARAMS; - -typedef CK_GOSTR3410_DERIVE_PARAMS CK_PTR CK_GOSTR3410_DERIVE_PARAMS_PTR; - -typedef struct CK_GOSTR3410_KEY_WRAP_PARAMS { - CK_BYTE_PTR pWrapOID; - CK_ULONG ulWrapOIDLen; - CK_BYTE_PTR pUKM; - CK_ULONG ulUKMLen; - CK_OBJECT_HANDLE hKey; -} CK_GOSTR3410_KEY_WRAP_PARAMS; - -typedef CK_GOSTR3410_KEY_WRAP_PARAMS CK_PTR CK_GOSTR3410_KEY_WRAP_PARAMS_PTR; - -typedef struct CK_SEED_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_SEED_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_SEED_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_SEED_CBC_ENCRYPT_DATA_PARAMS_PTR; - -/* - * New PKCS 11 v3.0 data structures. - */ - -typedef CK_ULONG CK_PROFILE_ID; -typedef CK_PROFILE_ID CK_PTR CK_PROFILE_ID_PTR; - -/* Typedefs for Flexible KDF */ -typedef CK_ULONG CK_PRF_DATA_TYPE; -typedef CK_MECHANISM_TYPE CK_SP800_108_PRF_TYPE; -#define CK_SP800_108_ITERATION_VARIABLE 0x00000001UL -#define CK_SP800_108_OPTIONAL_COUNTER 0x00000002UL -#define CK_SP800_108_DKM_LENGTH 0x00000003UL -#define CK_SP800_108_BYTE_ARRAY 0x00000004UL -#define CK_SP800_108_COUNTER CK_SP800_108_OPTIONAL_COUNTER - -typedef struct CK_PRF_DATA_PARAM -{ - CK_PRF_DATA_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; -} CK_PRF_DATA_PARAM; - -typedef CK_PRF_DATA_PARAM CK_PTR CK_PRF_DATA_PARAM_PTR; - - -typedef struct CK_SP800_108_COUNTER_FORMAT -{ - CK_BBOOL bLittleEndian; - CK_ULONG ulWidthInBits; -} CK_SP800_108_COUNTER_FORMAT; - -typedef CK_SP800_108_COUNTER_FORMAT CK_PTR CK_SP800_108_COUNTER_FORMAT_PTR; - -typedef CK_ULONG CK_SP800_108_DKM_LENGTH_METHOD; -#define CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS 0x00000001UL -#define CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS 0x00000002UL - -typedef struct CK_SP800_108_DKM_LENGTH_FORMAT -{ - CK_SP800_108_DKM_LENGTH_METHOD dkmLengthMethod; - CK_BBOOL bLittleEndian; - CK_ULONG ulWidthInBits; -} CK_SP800_108_DKM_LENGTH_FORMAT; - -typedef CK_SP800_108_DKM_LENGTH_FORMAT \ - CK_PTR CK_SP800_108_DKM_LENGTH_FORMAT_PTR; - -typedef struct CK_DERIVED_KEY -{ - CK_ATTRIBUTE_PTR pTemplate; - CK_ULONG ulAttributeCount; - CK_OBJECT_HANDLE_PTR phKey; -} CK_DERIVED_KEY; - -typedef CK_DERIVED_KEY CK_PTR CK_DERIVED_KEY_PTR; - -typedef struct CK_SP800_108_KDF_PARAMS -{ - CK_SP800_108_PRF_TYPE prfType; - CK_ULONG ulNumberOfDataParams; - CK_PRF_DATA_PARAM_PTR pDataParams; - CK_ULONG ulAdditionalDerivedKeys; - CK_DERIVED_KEY_PTR pAdditionalDerivedKeys; -} CK_SP800_108_KDF_PARAMS; - -typedef CK_SP800_108_KDF_PARAMS CK_PTR CK_SP800_108_KDF_PARAMS_PTR; - -typedef struct CK_SP800_108_FEEDBACK_KDF_PARAMS -{ - CK_SP800_108_PRF_TYPE prfType; - CK_ULONG ulNumberOfDataParams; - CK_PRF_DATA_PARAM_PTR pDataParams; - CK_ULONG ulIVLen; - CK_BYTE_PTR pIV; - CK_ULONG ulAdditionalDerivedKeys; - CK_DERIVED_KEY_PTR pAdditionalDerivedKeys; -} CK_SP800_108_FEEDBACK_KDF_PARAMS; - -typedef CK_SP800_108_FEEDBACK_KDF_PARAMS \ - CK_PTR CK_SP800_108_FEEDBACK_KDF_PARAMS_PTR; - -/* EDDSA */ -typedef struct CK_EDDSA_PARAMS { - CK_BBOOL phFlag; - CK_ULONG ulContextDataLen; - CK_BYTE_PTR pContextData; -} CK_EDDSA_PARAMS; - -typedef CK_EDDSA_PARAMS CK_PTR CK_EDDSA_PARAMS_PTR; - -/* Extended ChaCha20/Salsa20 support*/ -typedef struct CK_CHACHA20_PARAMS { - CK_BYTE_PTR pBlockCounter; - CK_ULONG blockCounterBits; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceBits; -} CK_CHACHA20_PARAMS; - -typedef CK_CHACHA20_PARAMS CK_PTR CK_CHACHA20_PARAMS_PTR; - -typedef struct CK_SALSA20_PARAMS { - CK_BYTE_PTR pBlockCounter; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceBits; -} CK_SALSA20_PARAMS; -typedef CK_SALSA20_PARAMS CK_PTR CK_SALSA20_PARAMS_PTR; - -typedef struct CK_SALSA20_CHACHA20_POLY1305_PARAMS { - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; -} CK_SALSA20_CHACHA20_POLY1305_PARAMS; - -typedef CK_SALSA20_CHACHA20_POLY1305_PARAMS \ - CK_PTR CK_SALSA20_CHACHA20_POLY1305_PARAMS_PTR; - -typedef struct CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS { - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pTag; -} CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS; - -typedef CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS \ - CK_PTR CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS_PTR; - -typedef CK_ULONG CK_X3DH_KDF_TYPE; -typedef CK_X3DH_KDF_TYPE CK_PTR CK_X3DH_KDF_TYPE_PTR; - -/* X3dh, ratchet */ -typedef struct CK_X3DH_INITIATE_PARAMS { - CK_X3DH_KDF_TYPE kdf; - CK_OBJECT_HANDLE pPeer_identity; - CK_OBJECT_HANDLE pPeer_prekey; - CK_BYTE_PTR pPrekey_signature; - CK_BYTE_PTR pOnetime_key; - CK_OBJECT_HANDLE pOwn_identity; - CK_OBJECT_HANDLE pOwn_ephemeral; -} CK_X3DH_INITIATE_PARAMS; - -typedef struct CK_X3DH_RESPOND_PARAMS { - CK_X3DH_KDF_TYPE kdf; - CK_BYTE_PTR pIdentity_id; - CK_BYTE_PTR pPrekey_id; - CK_BYTE_PTR pOnetime_id; - CK_OBJECT_HANDLE pInitiator_identity; - CK_BYTE_PTR pInitiator_ephemeral; -} CK_X3DH_RESPOND_PARAMS; - -typedef CK_ULONG CK_X2RATCHET_KDF_TYPE; -typedef CK_X2RATCHET_KDF_TYPE CK_PTR CK_X2RATCHET_KDF_TYPE_PTR; - -typedef struct CK_X2RATCHET_INITIALIZE_PARAMS { - CK_BYTE_PTR sk; - CK_OBJECT_HANDLE peer_public_prekey; - CK_OBJECT_HANDLE peer_public_identity; - CK_OBJECT_HANDLE own_public_identity; - CK_BBOOL bEncryptedHeader; - CK_ULONG eCurve; - CK_MECHANISM_TYPE aeadMechanism; - CK_X2RATCHET_KDF_TYPE kdfMechanism; -} CK_X2RATCHET_INITIALIZE_PARAMS; - -typedef CK_X2RATCHET_INITIALIZE_PARAMS \ - CK_PTR CK_X2RATCHET_INITIALIZE_PARAMS_PTR; - -typedef struct CK_X2RATCHET_RESPOND_PARAMS { - CK_BYTE_PTR sk; - CK_OBJECT_HANDLE own_prekey; - CK_OBJECT_HANDLE initiator_identity; - CK_OBJECT_HANDLE own_public_identity; - CK_BBOOL bEncryptedHeader; - CK_ULONG eCurve; - CK_MECHANISM_TYPE aeadMechanism; - CK_X2RATCHET_KDF_TYPE kdfMechanism; -} CK_X2RATCHET_RESPOND_PARAMS; -typedef CK_X2RATCHET_RESPOND_PARAMS \ - CK_PTR CK_X2RATCHET_RESPOND_PARAMS_PTR; - -typedef CK_ULONG CK_XEDDSA_HASH_TYPE; -typedef CK_XEDDSA_HASH_TYPE CK_PTR CK_XEDDSA_HASH_TYPE_PTR; - -/* XEDDSA */ -typedef struct CK_XEDDSA_PARAMS { - CK_XEDDSA_HASH_TYPE hash; -} CK_XEDDSA_PARAMS; -typedef CK_XEDDSA_PARAMS CK_PTR CK_XEDDSA_PARAMS_PTR; - -typedef struct CK_HKDF_PARAMS { - CK_BBOOL bExtract; - CK_BBOOL bExpand; - CK_MECHANISM_TYPE prfHashMechanism; - CK_ULONG ulSaltType; - CK_BYTE_PTR pSalt; - CK_ULONG ulSaltLen; - CK_OBJECT_HANDLE hSaltKey; - CK_BYTE_PTR pInfo; - CK_ULONG ulInfoLen; -} CK_HKDF_PARAMS; -typedef CK_HKDF_PARAMS CK_PTR CK_HKDF_PARAMS_PTR; - -#define CKF_HKDF_SALT_NULL 0x00000001UL -#define CKF_HKDF_SALT_DATA 0x00000002UL -#define CKF_HKDF_SALT_KEY 0x00000004UL - -#endif /* _PKCS11T_H_ */ - diff --git a/working/3-00-wd-01/pkcs11.h b/working/3-00-wd-01/pkcs11.h deleted file mode 100644 index cf520ce..0000000 --- a/working/3-00-wd-01/pkcs11.h +++ /dev/null @@ -1,247 +0,0 @@ -/* Copyright (c) OASIS Open 2016,2019. All Rights Reserved./ - * /Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -/* Latest version of the specification: - * http://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/pkcs11-base-v3.0.html - */ - -#ifndef _PKCS11_H_ -#define _PKCS11_H_ 1 - -#ifdef __cplusplus -extern "C" { -#endif - -/* Before including this file (pkcs11.h) (or pkcs11t.h by - * itself), 5 platform-specific macros must be defined. These - * macros are described below, and typical definitions for them - * are also given. Be advised that these definitions can depend - * on both the platform and the compiler used (and possibly also - * on whether a Cryptoki library is linked statically or - * dynamically). - * - * In addition to defining these 5 macros, the packing convention - * for Cryptoki structures should be set. The Cryptoki - * convention on packing is that structures should be 1-byte - * aligned. - * - * If you're using Windows this might be done by using the following - * preprocessor directive before including pkcs11.h or pkcs11t.h: - * - * #pragma pack(push, cryptoki, 1) - * - * and using the following preprocessor directive after including - * pkcs11.h or pkcs11t.h: - * - * #pragma pack(pop, cryptoki) - * - * In a UNIX environment, you're on your own for this. You might - * not need to do (or be able to do!) anything. - * - * - * Now for the macros: - * - * - * 1. CK_PTR: The indirection string for making a pointer to an - * object. It can be used like this: - * - * typedef CK_BYTE CK_PTR CK_BYTE_PTR; - * - * If you're using Windows, it might be defined by: - * - * #define CK_PTR * - * - * In a typical UNIX environment, it might be defined by: - * - * #define CK_PTR * - * - * - * 2. CK_DECLARE_FUNCTION(returnType, name): A macro which makes - * an importable Cryptoki library function declaration out of a - * return type and a function name. It should be used in the - * following fashion: - * - * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)( - * CK_VOID_PTR pReserved - * ); - * - * If you're using Windows to declare a function in a Win32 Cryptoki .dll, - * it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType __declspec(dllimport) name - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType name - * - * - * 3. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro - * which makes a Cryptoki API function pointer declaration or - * function pointer type declaration out of a return type and a - * function name. It should be used in the following fashion: - * - * // Define funcPtr to be a pointer to a Cryptoki API function - * // taking arguments args and returning CK_RV. - * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args); - * - * or - * - * // Define funcPtrType to be the type of a pointer to a - * // Cryptoki API function taking arguments args and returning - * // CK_RV, and then define funcPtr to be a variable of type - * // funcPtrType. - * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args); - * funcPtrType funcPtr; - * - * If you're using Windows to access - * functions in a Win32 Cryptoki .dll, in might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType __declspec(dllimport) (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType (* name) - * - * - * 4. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes - * a function pointer type for an application callback out of - * a return type for the callback and a name for the callback. - * It should be used in the following fashion: - * - * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args); - * - * to declare a function pointer, myCallback, to a callback - * which takes arguments args and returns a CK_RV. It can also - * be used like this: - * - * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args); - * myCallbackType myCallback; - * - * If you're using Windows, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * - * 5. NULL_PTR: This macro is the value of a NULL pointer. - * - * In any ANSI/ISO C environment (and in many others as well), - * this should best be defined by - * - * #ifndef NULL_PTR - * #define NULL_PTR 0 - * #endif - */ - - -/* All the various Cryptoki types and #define'd values are in the - * file pkcs11t.h. - */ -#include "pkcs11t.h" - -#define __PASTE(x,y) x##y - - -/* ============================================================== - * Define the "extern" form of all the entry points. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - extern CK_DECLARE_FUNCTION(CK_RV, name) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define the typedef form of all the entry points. That is, for - * each Cryptoki function C_XXX, define a type CK_C_XXX which is - * a pointer to that kind of function. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name)) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define structed vector of entry points. A CK_FUNCTION_LIST - * contains a CK_VERSION indicating a library's Cryptoki version - * and then a whole slew of function pointers to the routines in - * the library. This type was declared, but not defined, in - * pkcs11t.h. - * ============================================================== - */ - -#define CK_PKCS11_FUNCTION_INFO(name) \ - __PASTE(CK_,name) name; - -/* Create the 3.0 Function list */ -struct CK_FUNCTION_LIST_3_0 { - - CK_VERSION version; /* Cryptoki version */ - -/* Pile all the function pointers into the CK_FUNCTION_LIST. */ -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -}; - -#define CK_PKCS11_2_0_ONLY 1 - -/* Continue to define the old CK_FUNCTION_LIST */ -struct CK_FUNCTION_LIST { - - CK_VERSION version; /* Cryptoki version */ - -/* Pile all the function pointers into the CK_FUNCTION_LIST. */ -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -}; - -#undef CK_PKCS11_FUNCTION_INFO -#undef CK_PKCS11_2_0_ONLY - - -#undef __PASTE - -#ifdef __cplusplus -} -#endif - -#endif /* _PKCS11_H_ */ - diff --git a/working/3-00-wd-01/pkcs11f.h b/working/3-00-wd-01/pkcs11f.h deleted file mode 100644 index a475f6d..0000000 --- a/working/3-00-wd-01/pkcs11f.h +++ /dev/null @@ -1,1196 +0,0 @@ -/* Copyright (c) OASIS Open 2016, 2019. All Rights Reserved./ - * /Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -/* Latest version of the specification: - * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html - */ - -/* This header file contains pretty much everything about all the - * Cryptoki function prototypes. Because this information is - * used for more than just declaring function prototypes, the - * order of the functions appearing herein is important, and - * should not be altered. - */ - -/* General-purpose */ - -/* C_Initialize initializes the Cryptoki library. */ -CK_PKCS11_FUNCTION_INFO(C_Initialize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets - * cast to CK_C_INITIALIZE_ARGS_PTR - * and dereferenced - */ -); -#endif - - -/* C_Finalize indicates that an application is done with the - * Cryptoki library. - */ -CK_PKCS11_FUNCTION_INFO(C_Finalize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ -); -#endif - - -/* C_GetInfo returns general information about Cryptoki. */ -CK_PKCS11_FUNCTION_INFO(C_GetInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_INFO_PTR pInfo /* location that receives information */ -); -#endif - - -/* C_GetFunctionList returns the function list. */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) -#ifdef CK_NEED_ARG_LIST -( - CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to - * function list - */ -); -#endif - - - -/* Slot and token management */ - -/* C_GetSlotList obtains a list of slots in the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotList) -#ifdef CK_NEED_ARG_LIST -( - CK_BBOOL tokenPresent, /* only slots with tokens */ - CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ - CK_ULONG_PTR pulCount /* receives number of slots */ -); -#endif - - -/* C_GetSlotInfo obtains information about a particular slot in - * the system. - */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the ID of the slot */ - CK_SLOT_INFO_PTR pInfo /* receives the slot information */ -); -#endif - - -/* C_GetTokenInfo obtains information about a particular token - * in the system. - */ -CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_TOKEN_INFO_PTR pInfo /* receives the token information */ -); -#endif - - -/* C_GetMechanismList obtains a list of mechanism types - * supported by a token. - */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of token's slot */ - CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ - CK_ULONG_PTR pulCount /* gets # of mechs. */ -); -#endif - - -/* C_GetMechanismInfo obtains information about a particular - * mechanism possibly supported by a token. - */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_MECHANISM_TYPE type, /* type of mechanism */ - CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ -); -#endif - - -/* C_InitToken initializes a token. */ -CK_PKCS11_FUNCTION_INFO(C_InitToken) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ - CK_ULONG ulPinLen, /* length in bytes of the PIN */ - CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ -); -#endif - - -/* C_InitPIN initializes the normal user's PIN. */ -CK_PKCS11_FUNCTION_INFO(C_InitPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ - CK_ULONG ulPinLen /* length in bytes of the PIN */ -); -#endif - - -/* C_SetPIN modifies the PIN of the user who is logged in. */ -CK_PKCS11_FUNCTION_INFO(C_SetPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ - CK_ULONG ulOldLen, /* length of the old PIN */ - CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ - CK_ULONG ulNewLen /* length of the new PIN */ -); -#endif - - - -/* Session management */ - -/* C_OpenSession opens a session between an application and a - * token. - */ -CK_PKCS11_FUNCTION_INFO(C_OpenSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the slot's ID */ - CK_FLAGS flags, /* from CK_SESSION_INFO */ - CK_VOID_PTR pApplication, /* passed to callback */ - CK_NOTIFY Notify, /* callback function */ - CK_SESSION_HANDLE_PTR phSession /* gets session handle */ -); -#endif - - -/* C_CloseSession closes a session between an application and a - * token. - */ -CK_PKCS11_FUNCTION_INFO(C_CloseSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CloseAllSessions closes all sessions with a token. */ -CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID /* the token's slot */ -); -#endif - - -/* C_GetSessionInfo obtains information about the session. */ -CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_SESSION_INFO_PTR pInfo /* receives session info */ -); -#endif - - -/* C_GetOperationState obtains the state of the cryptographic operation - * in a session. - */ -CK_PKCS11_FUNCTION_INFO(C_GetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* gets state */ - CK_ULONG_PTR pulOperationStateLen /* gets state length */ -); -#endif - - -/* C_SetOperationState restores the state of the cryptographic - * operation in a session. - */ -CK_PKCS11_FUNCTION_INFO(C_SetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* holds state */ - CK_ULONG ulOperationStateLen, /* holds state length */ - CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ - CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ -); -#endif - - -/* C_Login logs a user into a token. */ -CK_PKCS11_FUNCTION_INFO(C_Login) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_USER_TYPE userType, /* the user type */ - CK_UTF8CHAR_PTR pPin, /* the user's PIN */ - CK_ULONG ulPinLen /* the length of the PIN */ -); -#endif - - -/* C_Logout logs a user out from a token. */ -CK_PKCS11_FUNCTION_INFO(C_Logout) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Object management */ - -/* C_CreateObject creates a new object. */ -CK_PKCS11_FUNCTION_INFO(C_CreateObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ -); -#endif - - -/* C_CopyObject copies an object, creating a new object for the - * copy. - */ -CK_PKCS11_FUNCTION_INFO(C_CopyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ -); -#endif - - -/* C_DestroyObject destroys an object. */ -CK_PKCS11_FUNCTION_INFO(C_DestroyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject /* the object's handle */ -); -#endif - - -/* C_GetObjectSize gets the size of an object in bytes. */ -CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ULONG_PTR pulSize /* receives size of object */ -); -#endif - - -/* C_GetAttributeValue obtains the value of one or more object - * attributes. - */ -CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_SetAttributeValue modifies the value of one or more object - * attributes. - */ -CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_FindObjectsInit initializes a search for token and session - * objects that match a template. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ - CK_ULONG ulCount /* attrs in search template */ -); -#endif - - -/* C_FindObjects continues a search for token and session - * objects that match a template, obtaining additional object - * handles. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjects) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ - CK_ULONG ulMaxObjectCount, /* max handles to get */ - CK_ULONG_PTR pulObjectCount /* actual # returned */ -); -#endif - - -/* C_FindObjectsFinal finishes a search for token and session - * objects. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Encryption and decryption */ - -/* C_EncryptInit initializes an encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of encryption key */ -); -#endif - - -/* C_Encrypt encrypts single-part data. */ -CK_PKCS11_FUNCTION_INFO(C_Encrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pData, /* the plaintext data */ - CK_ULONG ulDataLen, /* bytes of plaintext */ - CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ -); -#endif - - -/* C_EncryptUpdate continues a multiple-part encryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext data len */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ -); -#endif - - -/* C_EncryptFinal finishes a multiple-part encryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session handle */ - CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ - CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ -); -#endif - - -/* C_DecryptInit initializes a decryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of decryption key */ -); -#endif - - -/* C_Decrypt decrypts encrypted data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Decrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedData, /* ciphertext */ - CK_ULONG ulEncryptedDataLen, /* ciphertext length */ - CK_BYTE_PTR pData, /* gets plaintext */ - CK_ULONG_PTR pulDataLen /* gets p-text size */ -); -#endif - - -/* C_DecryptUpdate continues a multiple-part decryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* encrypted data */ - CK_ULONG ulEncryptedPartLen, /* input length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* p-text size */ -); -#endif - - -/* C_DecryptFinal finishes a multiple-part decryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pLastPart, /* gets plaintext */ - CK_ULONG_PTR pulLastPartLen /* p-text size */ -); -#endif - - - -/* Message digesting */ - -/* C_DigestInit initializes a message-digesting operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ -); -#endif - - -/* C_Digest digests data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Digest) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* data to be digested */ - CK_ULONG ulDataLen, /* bytes of data to digest */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets digest length */ -); -#endif - - -/* C_DigestUpdate continues a multiple-part message-digesting - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* data to be digested */ - CK_ULONG ulPartLen /* bytes of data to be digested */ -); -#endif - - -/* C_DigestKey continues a multi-part message-digesting - * operation, by digesting the value of a secret key as part of - * the data already digested. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hKey /* secret key to digest */ -); -#endif - - -/* C_DigestFinal finishes a multiple-part message-digesting - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ -); -#endif - - - -/* Signing and MACing */ - -/* C_SignInit initializes a signature (private key encryption) - * operation, where the signature is (will be) an appendix to - * the data, and plaintext cannot be recovered from the - * signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signature key */ -); -#endif - - -/* C_Sign signs (encrypts with private key) data in a single - * part, where the signature is (will be) an appendix to the - * data, and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_Sign) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignUpdate continues a multiple-part signature operation, - * where the signature is (will be) an appendix to the data, - * and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* the data to sign */ - CK_ULONG ulPartLen /* count of bytes to sign */ -); -#endif - - -/* C_SignFinal finishes a multiple-part signature operation, - * returning the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignRecoverInit initializes a signature operation, where - * the data can be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of the signature key */ -); -#endif - - -/* C_SignRecover signs data in a single operation, where the - * data can be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - - -/* Verifying signatures and MACs */ - -/* C_VerifyInit initializes a verification operation, where the - * signature is an appendix to the data, and plaintext cannot - * cannot be recovered from the signature (e.g. DSA). - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_Verify verifies a signature in a single-part operation, - * where the signature is an appendix to the data, and plaintext - * cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_Verify) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* signed data */ - CK_ULONG ulDataLen, /* length of signed data */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length*/ -); -#endif - - -/* C_VerifyUpdate continues a multiple-part verification - * operation, where the signature is an appendix to the data, - * and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* signed data */ - CK_ULONG ulPartLen /* length of signed data */ -); -#endif - - -/* C_VerifyFinal finishes a multiple-part verification - * operation, checking the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - - -/* C_VerifyRecoverInit initializes a signature verification - * operation, where the data is recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_VerifyRecover verifies a signature in a single-part - * operation, where the data is recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen, /* signature length */ - CK_BYTE_PTR pData, /* gets signed data */ - CK_ULONG_PTR pulDataLen /* gets signed data len */ -); -#endif - - - -/* Dual-function cryptographic operations */ - -/* C_DigestEncryptUpdate continues a multiple-part digesting - * and encryption operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptDigestUpdate continues a multiple-part decryption and - * digesting operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets plaintext len */ -); -#endif - - -/* C_SignEncryptUpdate continues a multiple-part signing and - * encryption operation. - */ -CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptVerifyUpdate continues a multiple-part decryption and - * verify operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets p-text length */ -); -#endif - - - -/* Key management */ - -/* C_GenerateKey generates a secret key, creating a new key - * object. - */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* key generation mech. */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ - CK_ULONG ulCount, /* # of attrs in template */ - CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ -); -#endif - - -/* C_GenerateKeyPair generates a public-key/private-key pair, - * creating new key objects. - */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session handle */ - CK_MECHANISM_PTR pMechanism, /* key-gen mech. */ - CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */ - CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */ - CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */ - CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */ - CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */ - CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */ -); -#endif - - -/* C_WrapKey wraps (i.e., encrypts) a key. */ -CK_PKCS11_FUNCTION_INFO(C_WrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ - CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ - CK_OBJECT_HANDLE hKey, /* key to be wrapped */ - CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ - CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ -); -#endif - - -/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new - * key object. - */ -CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ - CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ - CK_BYTE_PTR pWrappedKey, /* the wrapped key */ - CK_ULONG ulWrappedKeyLen, /* wrapped key len */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - -/* C_DeriveKey derives a key from a base key, creating a new key - * object. - */ -CK_PKCS11_FUNCTION_INFO(C_DeriveKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ - CK_OBJECT_HANDLE hBaseKey, /* base key */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - - -/* Random number generation */ - -/* C_SeedRandom mixes additional seed material into the token's - * random number generator. - */ -CK_PKCS11_FUNCTION_INFO(C_SeedRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSeed, /* the seed material */ - CK_ULONG ulSeedLen /* length of seed material */ -); -#endif - - -/* C_GenerateRandom generates random data. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR RandomData, /* receives the random data */ - CK_ULONG ulRandomLen /* # of bytes to generate */ -); -#endif - - - -/* Parallel function management */ - -/* C_GetFunctionStatus is a legacy function; it obtains an - * updated status of a function running in parallel with an - * application. - */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CancelFunction is a legacy function; it cancels a function - * running in parallel. - */ -CK_PKCS11_FUNCTION_INFO(C_CancelFunction) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_WaitForSlotEvent waits for a slot event (token insertion, - * removal, etc.) to occur. - */ -CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) -#ifdef CK_NEED_ARG_LIST -( - CK_FLAGS flags, /* blocking/nonblocking flag */ - CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ - CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ -); -#endif - -#ifndef CK_PKCS11_2_0_ONLY -/* C_GetInterfaceList returns all the interfaces supported by the module*/ -CK_PKCS11_FUNCTION_INFO(C_GetInterfaceList) -#ifdef CK_NEED_ARG_LIST -( - CK_INTERFACE_PTR pInterfacesList, /* returned interfaces */ - CK_ULONG_PTR pulCount /* number of interfaces returned */ -); -#endif - -/* C_GetInterface returns a specific interface from the module. */ -CK_PKCS11_FUNCTION_INFO(C_GetInterface) -#ifdef CK_NEED_ARG_LIST -( - CK_UTF8CHAR_PTR pInterfaceName, /* name of the interface */ - CK_VERSION_PTR pVersion, /* version of the interface */ - CK_INTERFACE_PTR_PTR ppInterface, /* returned interface */ - CK_FLAGS flags /* flags controlling the semantics - * of the interface */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_LoginUser) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_USER_TYPE userType, /* the user type */ - CK_UTF8CHAR_PTR pPin, /* the user's PIN */ - CK_ULONG ulPinLen, /* the length of the PIN */ - CK_UTF8CHAR_PTR pUsername, /* the user's name */ - CK_ULONG ulUsernameLen /*the length of the user's name */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SessionCancel) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_FLAGS flags /* flags control which sessions are cancelled */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageEncryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of encryption key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen, /* AEAD Associated data length */ - CK_BYTE_PTR pPlaintext, /* plain text */ - CK_ULONG ulPlaintextLen, /* plain text length */ - CK_BYTE_PTR pCiphertext, /* gets cipher text */ - CK_ULONG_PTR pulCiphertextLen /* gets cipher text length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen /* AEAD Associated data length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pPlaintextPart, /* plain text */ - CK_ULONG ulPlaintextPartLen, /* plain text length */ - CK_BYTE_PTR pCiphertextPart, /* gets cipher text */ - CK_ULONG_PTR pulCiphertextPartLen, /* gets cipher text length */ - CK_FLAGS flags /* multi mode flag */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageEncryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageDecryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of decryption key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen, /* AEAD Associated data length */ - CK_BYTE_PTR pCiphertext, /* cipher text */ - CK_ULONG ulCiphertextLen, /* cipher text length */ - CK_BYTE_PTR pPlaintext, /* gets plain text */ - CK_ULONG_PTR pulPlaintextLen /* gets plain text length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen /* AEAD Associated data length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pCiphertextPart, /* cipher text */ - CK_ULONG ulCiphertextPartLen, /* cipher text length */ - CK_BYTE_PTR pPlaintextPart, /* gets plain text */ - CK_ULONG_PTR pulPlaintextPartLen, /* gets plain text length */ - CK_FLAGS flags /* multi mode flag */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageDecryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageSignInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signing mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signing key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* gets signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen /* length of message specific parameter */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* gets signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageSignFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageVerifyInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signing mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signing key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen /* length of message specific parameter */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageVerifyFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -#endif /* CK_PKCS11_2_0_ONLY */ diff --git a/working/3-00-wd-01/pkcs11t.h b/working/3-00-wd-01/pkcs11t.h deleted file mode 100644 index a6a1e00..0000000 --- a/working/3-00-wd-01/pkcs11t.h +++ /dev/null @@ -1,2444 +0,0 @@ -/* Copyright (c) OASIS Open 2016, 2019. All Rights Reserved./ - * /Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -/* Latest version of the specification: - * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html - */ - -/* See top of pkcs11.h for information about the macros that - * must be defined and the structure-packing conventions that - * must be set before including this file. - */ - -#ifndef _PKCS11T_H_ -#define _PKCS11T_H_ 1 - -#define CRYPTOKI_VERSION_MAJOR 3 -#define CRYPTOKI_VERSION_MINOR 0 -#define CRYPTOKI_VERSION_AMENDMENT 0 - -#define CK_TRUE 1 -#define CK_FALSE 0 - -#ifndef CK_DISABLE_TRUE_FALSE -#ifndef FALSE -#define FALSE CK_FALSE -#endif -#ifndef TRUE -#define TRUE CK_TRUE -#endif -#endif - -/* an unsigned 8-bit value */ -typedef unsigned char CK_BYTE; - -/* an unsigned 8-bit character */ -typedef CK_BYTE CK_CHAR; - -/* an 8-bit UTF-8 character */ -typedef CK_BYTE CK_UTF8CHAR; - -/* a BYTE-sized Boolean flag */ -typedef CK_BYTE CK_BBOOL; - -/* an unsigned value, at least 32 bits long */ -typedef unsigned long int CK_ULONG; - -/* a signed value, the same size as a CK_ULONG */ -typedef long int CK_LONG; - -/* at least 32 bits; each bit is a Boolean flag */ -typedef CK_ULONG CK_FLAGS; - - -/* some special values for certain CK_ULONG variables */ -#define CK_UNAVAILABLE_INFORMATION (~0UL) -#define CK_EFFECTIVELY_INFINITE 0UL - - -typedef CK_BYTE CK_PTR CK_BYTE_PTR; -typedef CK_CHAR CK_PTR CK_CHAR_PTR; -typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; -typedef CK_ULONG CK_PTR CK_ULONG_PTR; -typedef void CK_PTR CK_VOID_PTR; - -/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ -typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; - - -/* The following value is always invalid if used as a session - * handle or object handle - */ -#define CK_INVALID_HANDLE 0UL - - -typedef struct CK_VERSION { - CK_BYTE major; /* integer portion of version number */ - CK_BYTE minor; /* 1/100ths portion of version number */ -} CK_VERSION; - -typedef CK_VERSION CK_PTR CK_VERSION_PTR; - - -typedef struct CK_INFO { - CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; /* must be zero */ - CK_UTF8CHAR libraryDescription[32]; /* blank padded */ - CK_VERSION libraryVersion; /* version of library */ -} CK_INFO; - -typedef CK_INFO CK_PTR CK_INFO_PTR; - - -/* CK_NOTIFICATION enumerates the types of notifications that - * Cryptoki provides to an application - */ -typedef CK_ULONG CK_NOTIFICATION; -#define CKN_SURRENDER 0UL -#define CKN_OTP_CHANGED 1UL - -typedef CK_ULONG CK_SLOT_ID; - -typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; - - -/* CK_SLOT_INFO provides information about a slot */ -typedef struct CK_SLOT_INFO { - CK_UTF8CHAR slotDescription[64]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; - - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ -} CK_SLOT_INFO; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_TOKEN_PRESENT 0x00000001UL /* a token is there */ -#define CKF_REMOVABLE_DEVICE 0x00000002UL /* removable devices*/ -#define CKF_HW_SLOT 0x00000004UL /* hardware slot */ - -typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; - - -/* CK_TOKEN_INFO provides information about a token */ -typedef struct CK_TOKEN_INFO { - CK_UTF8CHAR label[32]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_UTF8CHAR model[16]; /* blank padded */ - CK_CHAR serialNumber[16]; /* blank padded */ - CK_FLAGS flags; /* see below */ - - CK_ULONG ulMaxSessionCount; /* max open sessions */ - CK_ULONG ulSessionCount; /* sess. now open */ - CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ - CK_ULONG ulRwSessionCount; /* R/W sess. now open */ - CK_ULONG ulMaxPinLen; /* in bytes */ - CK_ULONG ulMinPinLen; /* in bytes */ - CK_ULONG ulTotalPublicMemory; /* in bytes */ - CK_ULONG ulFreePublicMemory; /* in bytes */ - CK_ULONG ulTotalPrivateMemory; /* in bytes */ - CK_ULONG ulFreePrivateMemory; /* in bytes */ - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ - CK_CHAR utcTime[16]; /* time */ -} CK_TOKEN_INFO; - -/* The flags parameter is defined as follows: - * Bit Flag Mask Meaning - */ -#define CKF_RNG 0x00000001UL /* has random # generator */ -#define CKF_WRITE_PROTECTED 0x00000002UL /* token is write-protected */ -#define CKF_LOGIN_REQUIRED 0x00000004UL /* user must login */ -#define CKF_USER_PIN_INITIALIZED 0x00000008UL /* normal user's PIN is set */ - -/* CKF_RESTORE_KEY_NOT_NEEDED. If it is set, - * that means that *every* time the state of cryptographic - * operations of a session is successfully saved, all keys - * needed to continue those operations are stored in the state - */ -#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020UL - -/* CKF_CLOCK_ON_TOKEN. If it is set, that means - * that the token has some sort of clock. The time on that - * clock is returned in the token info structure - */ -#define CKF_CLOCK_ON_TOKEN 0x00000040UL - -/* CKF_PROTECTED_AUTHENTICATION_PATH. If it is - * set, that means that there is some way for the user to login - * without sending a PIN through the Cryptoki library itself - */ -#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100UL - -/* CKF_DUAL_CRYPTO_OPERATIONS. If it is true, - * that means that a single session with the token can perform - * dual simultaneous cryptographic operations (digest and - * encrypt; decrypt and digest; sign and encrypt; and decrypt - * and sign) - */ -#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200UL - -/* CKF_TOKEN_INITIALIZED. If it is true, the - * token has been initialized using C_InitializeToken or an - * equivalent mechanism outside the scope of PKCS #11. - * Calling C_InitializeToken when this flag is set will cause - * the token to be reinitialized. - */ -#define CKF_TOKEN_INITIALIZED 0x00000400UL - -/* CKF_SECONDARY_AUTHENTICATION. If it is - * true, the token supports secondary authentication for - * private key objects. - */ -#define CKF_SECONDARY_AUTHENTICATION 0x00000800UL - -/* CKF_USER_PIN_COUNT_LOW. If it is true, an - * incorrect user login PIN has been entered at least once - * since the last successful authentication. - */ -#define CKF_USER_PIN_COUNT_LOW 0x00010000UL - -/* CKF_USER_PIN_FINAL_TRY. If it is true, - * supplying an incorrect user PIN will it to become locked. - */ -#define CKF_USER_PIN_FINAL_TRY 0x00020000UL - -/* CKF_USER_PIN_LOCKED. If it is true, the - * user PIN has been locked. User login to the token is not - * possible. - */ -#define CKF_USER_PIN_LOCKED 0x00040000UL - -/* CKF_USER_PIN_TO_BE_CHANGED. If it is true, - * the user PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. - */ -#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000UL - -/* CKF_SO_PIN_COUNT_LOW. If it is true, an - * incorrect SO login PIN has been entered at least once since - * the last successful authentication. - */ -#define CKF_SO_PIN_COUNT_LOW 0x00100000UL - -/* CKF_SO_PIN_FINAL_TRY. If it is true, - * supplying an incorrect SO PIN will it to become locked. - */ -#define CKF_SO_PIN_FINAL_TRY 0x00200000UL - -/* CKF_SO_PIN_LOCKED. If it is true, the SO - * PIN has been locked. SO login to the token is not possible. - */ -#define CKF_SO_PIN_LOCKED 0x00400000UL - -/* CKF_SO_PIN_TO_BE_CHANGED. If it is true, - * the SO PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. - */ -#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000UL - -#define CKF_ERROR_STATE 0x01000000UL - -typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; - - -/* CK_SESSION_HANDLE is a Cryptoki-assigned value that - * identifies a session - */ -typedef CK_ULONG CK_SESSION_HANDLE; - -typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; - - -/* CK_USER_TYPE enumerates the types of Cryptoki users */ -typedef CK_ULONG CK_USER_TYPE; -/* Security Officer */ -#define CKU_SO 0UL -/* Normal user */ -#define CKU_USER 1UL -/* Context specific */ -#define CKU_CONTEXT_SPECIFIC 2UL - -/* CK_STATE enumerates the session states */ -typedef CK_ULONG CK_STATE; -#define CKS_RO_PUBLIC_SESSION 0UL -#define CKS_RO_USER_FUNCTIONS 1UL -#define CKS_RW_PUBLIC_SESSION 2UL -#define CKS_RW_USER_FUNCTIONS 3UL -#define CKS_RW_SO_FUNCTIONS 4UL - -/* CK_SESSION_INFO provides information about a session */ -typedef struct CK_SESSION_INFO { - CK_SLOT_ID slotID; - CK_STATE state; - CK_FLAGS flags; /* see below */ - CK_ULONG ulDeviceError; /* device-dependent error code */ -} CK_SESSION_INFO; - -/* The flags are defined in the following table: - * Bit Flag Mask Meaning - */ -#define CKF_RW_SESSION 0x00000002UL /* session is r/w */ -#define CKF_SERIAL_SESSION 0x00000004UL /* no parallel */ - -typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; - - -/* CK_OBJECT_HANDLE is a token-specific identifier for an - * object - */ -typedef CK_ULONG CK_OBJECT_HANDLE; - -typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; - - -/* CK_OBJECT_CLASS is a value that identifies the classes (or - * types) of objects that Cryptoki recognizes. It is defined - * as follows: - */ -typedef CK_ULONG CK_OBJECT_CLASS; - -/* The following classes of objects are defined: */ -#define CKO_DATA 0x00000000UL -#define CKO_CERTIFICATE 0x00000001UL -#define CKO_PUBLIC_KEY 0x00000002UL -#define CKO_PRIVATE_KEY 0x00000003UL -#define CKO_SECRET_KEY 0x00000004UL -#define CKO_HW_FEATURE 0x00000005UL -#define CKO_DOMAIN_PARAMETERS 0x00000006UL -#define CKO_MECHANISM 0x00000007UL -#define CKO_OTP_KEY 0x00000008UL -#define CKO_PROFILE 0x00000009UL - -#define CKO_VENDOR_DEFINED 0x80000000UL - -typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; - -/* Profile ID's */ -#define CKP_INVALID_ID 0x00000000UL -#define CKP_BASELINE_PROVIDER 0x00000001UL -#define CKP_EXTENDED_PROVIDER 0x00000002UL -#define CKP_AUTHENTICATION_TOKEN 0x00000003UL -#define CKP_PUBLIC_CERTIFICATES_TOKEN 0x00000004UL -#define CKP_VENDOR_DEFINED 0x80000000UL - -/* CK_HW_FEATURE_TYPE is a value that identifies the hardware feature type - * of an object with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. - */ -typedef CK_ULONG CK_HW_FEATURE_TYPE; - -/* The following hardware feature types are defined */ -#define CKH_MONOTONIC_COUNTER 0x00000001UL -#define CKH_CLOCK 0x00000002UL -#define CKH_USER_INTERFACE 0x00000003UL -#define CKH_VENDOR_DEFINED 0x80000000UL - -/* CK_KEY_TYPE is a value that identifies a key type */ -typedef CK_ULONG CK_KEY_TYPE; - -/* the following key types are defined: */ -#define CKK_RSA 0x00000000UL -#define CKK_DSA 0x00000001UL -#define CKK_DH 0x00000002UL -#define CKK_ECDSA 0x00000003UL /* Deprecated */ -#define CKK_EC 0x00000003UL -#define CKK_X9_42_DH 0x00000004UL -#define CKK_KEA 0x00000005UL -#define CKK_GENERIC_SECRET 0x00000010UL -#define CKK_RC2 0x00000011UL -#define CKK_RC4 0x00000012UL -#define CKK_DES 0x00000013UL -#define CKK_DES2 0x00000014UL -#define CKK_DES3 0x00000015UL -#define CKK_CAST 0x00000016UL -#define CKK_CAST3 0x00000017UL -#define CKK_CAST5 0x00000018UL /* Deprecated */ -#define CKK_CAST128 0x00000018UL -#define CKK_RC5 0x00000019UL -#define CKK_IDEA 0x0000001AUL -#define CKK_SKIPJACK 0x0000001BUL -#define CKK_BATON 0x0000001CUL -#define CKK_JUNIPER 0x0000001DUL -#define CKK_CDMF 0x0000001EUL -#define CKK_AES 0x0000001FUL -#define CKK_BLOWFISH 0x00000020UL -#define CKK_TWOFISH 0x00000021UL -#define CKK_SECURID 0x00000022UL -#define CKK_HOTP 0x00000023UL -#define CKK_ACTI 0x00000024UL -#define CKK_CAMELLIA 0x00000025UL -#define CKK_ARIA 0x00000026UL - -/* the following definitions were added in the 2.30 header file, - * but never defined in the spec. */ -#define CKK_MD5_HMAC 0x00000027UL -#define CKK_SHA_1_HMAC 0x00000028UL -#define CKK_RIPEMD128_HMAC 0x00000029UL -#define CKK_RIPEMD160_HMAC 0x0000002AUL -#define CKK_SHA256_HMAC 0x0000002BUL -#define CKK_SHA384_HMAC 0x0000002CUL -#define CKK_SHA512_HMAC 0x0000002DUL -#define CKK_SHA224_HMAC 0x0000002EUL - -#define CKK_SEED 0x0000002FUL -#define CKK_GOSTR3410 0x00000030UL -#define CKK_GOSTR3411 0x00000031UL -#define CKK_GOST28147 0x00000032UL -#define CKK_CHACHA20 0x00000033UL -#define CKK_POLY1305 0x00000034UL -#define CKK_AES_XTS 0x00000035UL -#define CKK_SHA3_224_HMAC 0x00000036UL -#define CKK_SHA3_256_HMAC 0x00000037UL -#define CKK_SHA3_384_HMAC 0x00000038UL -#define CKK_SHA3_512_HMAC 0x00000039UL -#define CKK_BLAKE2B_160_HMAC 0x0000003aUL -#define CKK_BLAKE2B_256_HMAC 0x0000003bUL -#define CKK_BLAKE2B_384_HMAC 0x0000003cUL -#define CKK_BLAKE2B_512_HMAC 0x0000003dUL -#define CKK_SALSA20 0x0000003eUL -#define CKK_X2RATCHET 0x0000003fUL -#define CKK_EC_EDWARDS 0x00000040UL -#define CKK_EC_MONTGOMERY 0x00000041UL -#define CKK_HKDF 0x00000042UL - -#define CKK_SHA512_224_HMAC 0x00000043UL -#define CKK_SHA512_256_HMAC 0x00000044UL -#define CKK_SHA512_T_HMAC 0x00000045UL - -#define CKK_VENDOR_DEFINED 0x80000000UL - - -/* CK_CERTIFICATE_TYPE is a value that identifies a certificate - * type - */ -typedef CK_ULONG CK_CERTIFICATE_TYPE; - -#define CK_CERTIFICATE_CATEGORY_UNSPECIFIED 0UL -#define CK_CERTIFICATE_CATEGORY_TOKEN_USER 1UL -#define CK_CERTIFICATE_CATEGORY_AUTHORITY 2UL -#define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY 3UL - -#define CK_SECURITY_DOMAIN_UNSPECIFIED 0UL -#define CK_SECURITY_DOMAIN_MANUFACTURER 1UL -#define CK_SECURITY_DOMAIN_OPERATOR 2UL -#define CK_SECURITY_DOMAIN_THIRD_PARTY 3UL - - -/* The following certificate types are defined: */ -#define CKC_X_509 0x00000000UL -#define CKC_X_509_ATTR_CERT 0x00000001UL -#define CKC_WTLS 0x00000002UL -#define CKC_VENDOR_DEFINED 0x80000000UL - - -/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute - * type - */ -typedef CK_ULONG CK_ATTRIBUTE_TYPE; - -/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which - * consists of an array of values. - */ -#define CKF_ARRAY_ATTRIBUTE 0x40000000UL - -/* The following OTP-related defines relate to the CKA_OTP_FORMAT attribute */ -#define CK_OTP_FORMAT_DECIMAL 0UL -#define CK_OTP_FORMAT_HEXADECIMAL 1UL -#define CK_OTP_FORMAT_ALPHANUMERIC 2UL -#define CK_OTP_FORMAT_BINARY 3UL - -/* The following OTP-related defines relate to the CKA_OTP_..._REQUIREMENT - * attributes - */ -#define CK_OTP_PARAM_IGNORED 0UL -#define CK_OTP_PARAM_OPTIONAL 1UL -#define CK_OTP_PARAM_MANDATORY 2UL - -/* The following attribute types are defined: */ -#define CKA_CLASS 0x00000000UL -#define CKA_TOKEN 0x00000001UL -#define CKA_PRIVATE 0x00000002UL -#define CKA_LABEL 0x00000003UL -#define CKA_UNIQUE_ID 0x00000004UL -#define CKA_APPLICATION 0x00000010UL -#define CKA_VALUE 0x00000011UL -#define CKA_OBJECT_ID 0x00000012UL -#define CKA_CERTIFICATE_TYPE 0x00000080UL -#define CKA_ISSUER 0x00000081UL -#define CKA_SERIAL_NUMBER 0x00000082UL -#define CKA_AC_ISSUER 0x00000083UL -#define CKA_OWNER 0x00000084UL -#define CKA_ATTR_TYPES 0x00000085UL -#define CKA_TRUSTED 0x00000086UL -#define CKA_CERTIFICATE_CATEGORY 0x00000087UL -#define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088UL -#define CKA_URL 0x00000089UL -#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008AUL -#define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008BUL -#define CKA_NAME_HASH_ALGORITHM 0x0000008CUL -#define CKA_CHECK_VALUE 0x00000090UL - -#define CKA_KEY_TYPE 0x00000100UL -#define CKA_SUBJECT 0x00000101UL -#define CKA_ID 0x00000102UL -#define CKA_SENSITIVE 0x00000103UL -#define CKA_ENCRYPT 0x00000104UL -#define CKA_DECRYPT 0x00000105UL -#define CKA_WRAP 0x00000106UL -#define CKA_UNWRAP 0x00000107UL -#define CKA_SIGN 0x00000108UL -#define CKA_SIGN_RECOVER 0x00000109UL -#define CKA_VERIFY 0x0000010AUL -#define CKA_VERIFY_RECOVER 0x0000010BUL -#define CKA_DERIVE 0x0000010CUL -#define CKA_START_DATE 0x00000110UL -#define CKA_END_DATE 0x00000111UL -#define CKA_MODULUS 0x00000120UL -#define CKA_MODULUS_BITS 0x00000121UL -#define CKA_PUBLIC_EXPONENT 0x00000122UL -#define CKA_PRIVATE_EXPONENT 0x00000123UL -#define CKA_PRIME_1 0x00000124UL -#define CKA_PRIME_2 0x00000125UL -#define CKA_EXPONENT_1 0x00000126UL -#define CKA_EXPONENT_2 0x00000127UL -#define CKA_COEFFICIENT 0x00000128UL -#define CKA_PUBLIC_KEY_INFO 0x00000129UL -#define CKA_PRIME 0x00000130UL -#define CKA_SUBPRIME 0x00000131UL -#define CKA_BASE 0x00000132UL - -#define CKA_PRIME_BITS 0x00000133UL -#define CKA_SUBPRIME_BITS 0x00000134UL -#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS - -#define CKA_VALUE_BITS 0x00000160UL -#define CKA_VALUE_LEN 0x00000161UL -#define CKA_EXTRACTABLE 0x00000162UL -#define CKA_LOCAL 0x00000163UL -#define CKA_NEVER_EXTRACTABLE 0x00000164UL -#define CKA_ALWAYS_SENSITIVE 0x00000165UL -#define CKA_KEY_GEN_MECHANISM 0x00000166UL - -#define CKA_MODIFIABLE 0x00000170UL -#define CKA_COPYABLE 0x00000171UL - -#define CKA_DESTROYABLE 0x00000172UL - -#define CKA_ECDSA_PARAMS 0x00000180UL /* Deprecated */ -#define CKA_EC_PARAMS 0x00000180UL - -#define CKA_EC_POINT 0x00000181UL - -#define CKA_SECONDARY_AUTH 0x00000200UL /* Deprecated */ -#define CKA_AUTH_PIN_FLAGS 0x00000201UL /* Deprecated */ - -#define CKA_ALWAYS_AUTHENTICATE 0x00000202UL - -#define CKA_WRAP_WITH_TRUSTED 0x00000210UL -#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211UL) -#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212UL) -#define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000213UL) - -#define CKA_OTP_FORMAT 0x00000220UL -#define CKA_OTP_LENGTH 0x00000221UL -#define CKA_OTP_TIME_INTERVAL 0x00000222UL -#define CKA_OTP_USER_FRIENDLY_MODE 0x00000223UL -#define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224UL -#define CKA_OTP_TIME_REQUIREMENT 0x00000225UL -#define CKA_OTP_COUNTER_REQUIREMENT 0x00000226UL -#define CKA_OTP_PIN_REQUIREMENT 0x00000227UL -#define CKA_OTP_COUNTER 0x0000022EUL -#define CKA_OTP_TIME 0x0000022FUL -#define CKA_OTP_USER_IDENTIFIER 0x0000022AUL -#define CKA_OTP_SERVICE_IDENTIFIER 0x0000022BUL -#define CKA_OTP_SERVICE_LOGO 0x0000022CUL -#define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022DUL - -#define CKA_GOSTR3410_PARAMS 0x00000250UL -#define CKA_GOSTR3411_PARAMS 0x00000251UL -#define CKA_GOST28147_PARAMS 0x00000252UL - -#define CKA_HW_FEATURE_TYPE 0x00000300UL -#define CKA_RESET_ON_INIT 0x00000301UL -#define CKA_HAS_RESET 0x00000302UL - -#define CKA_PIXEL_X 0x00000400UL -#define CKA_PIXEL_Y 0x00000401UL -#define CKA_RESOLUTION 0x00000402UL -#define CKA_CHAR_ROWS 0x00000403UL -#define CKA_CHAR_COLUMNS 0x00000404UL -#define CKA_COLOR 0x00000405UL -#define CKA_BITS_PER_PIXEL 0x00000406UL -#define CKA_CHAR_SETS 0x00000480UL -#define CKA_ENCODING_METHODS 0x00000481UL -#define CKA_MIME_TYPES 0x00000482UL -#define CKA_MECHANISM_TYPE 0x00000500UL -#define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501UL -#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502UL -#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503UL -#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600UL) -#define CKA_PROFILE_ID 0x00000601UL - -#define CKA_X2RATCHET_BAG 0x00000602UL -#define CKA_X2RATCHET_BAGSIZE 0x00000603UL -#define CKA_X2RATCHET_BOBS1STMSG 0x00000604UL -#define CKA_X2RATCHET_CKR 0x00000605UL -#define CKA_X2RATCHET_CKS 0x00000606UL -#define CKA_X2RATCHET_DHP 0x00000607UL -#define CKA_X2RATCHET_DHR 0x00000608UL -#define CKA_X2RATCHET_DHS 0x00000609UL -#define CKA_X2RATCHET_HKR 0x0000060aUL -#define CKA_X2RATCHET_HKS 0x0000060bUL -#define CKA_X2RATCHET_ISALICE 0x0000060cUL -#define CKA_X2RATCHET_NHKR 0x0000060dUL -#define CKA_X2RATCHET_NHKS 0x0000060eUL -#define CKA_X2RATCHET_NR 0x0000060fUL -#define CKA_X2RATCHET_NS 0x00000610UL -#define CKA_X2RATCHET_PNS 0x00000611UL -#define CKA_X2RATCHET_RK 0x00000612UL - -#define CKA_VENDOR_DEFINED 0x80000000UL - -/* CK_ATTRIBUTE is a structure that includes the type, length - * and value of an attribute - */ -typedef struct CK_ATTRIBUTE { - CK_ATTRIBUTE_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; /* in bytes */ -} CK_ATTRIBUTE; - -typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; - -/* CK_DATE is a structure that defines a date */ -typedef struct CK_DATE{ - CK_CHAR year[4]; /* the year ("1900" - "9999") */ - CK_CHAR month[2]; /* the month ("01" - "12") */ - CK_CHAR day[2]; /* the day ("01" - "31") */ -} CK_DATE; - - -/* CK_MECHANISM_TYPE is a value that identifies a mechanism - * type - */ -typedef CK_ULONG CK_MECHANISM_TYPE; - -/* the following mechanism types are defined: */ -#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000UL -#define CKM_RSA_PKCS 0x00000001UL -#define CKM_RSA_9796 0x00000002UL -#define CKM_RSA_X_509 0x00000003UL - -#define CKM_MD2_RSA_PKCS 0x00000004UL -#define CKM_MD5_RSA_PKCS 0x00000005UL -#define CKM_SHA1_RSA_PKCS 0x00000006UL - -#define CKM_RIPEMD128_RSA_PKCS 0x00000007UL -#define CKM_RIPEMD160_RSA_PKCS 0x00000008UL -#define CKM_RSA_PKCS_OAEP 0x00000009UL - -#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000AUL -#define CKM_RSA_X9_31 0x0000000BUL -#define CKM_SHA1_RSA_X9_31 0x0000000CUL -#define CKM_RSA_PKCS_PSS 0x0000000DUL -#define CKM_SHA1_RSA_PKCS_PSS 0x0000000EUL - -#define CKM_DSA_KEY_PAIR_GEN 0x00000010UL -#define CKM_DSA 0x00000011UL -#define CKM_DSA_SHA1 0x00000012UL -#define CKM_DSA_SHA224 0x00000013UL -#define CKM_DSA_SHA256 0x00000014UL -#define CKM_DSA_SHA384 0x00000015UL -#define CKM_DSA_SHA512 0x00000016UL -#define CKM_DSA_SHA3_224 0x00000018UL -#define CKM_DSA_SHA3_256 0x00000019UL -#define CKM_DSA_SHA3_384 0x0000001AUL -#define CKM_DSA_SHA3_512 0x0000001BUL - -#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020UL -#define CKM_DH_PKCS_DERIVE 0x00000021UL - -#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030UL -#define CKM_X9_42_DH_DERIVE 0x00000031UL -#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032UL -#define CKM_X9_42_MQV_DERIVE 0x00000033UL - -#define CKM_SHA256_RSA_PKCS 0x00000040UL -#define CKM_SHA384_RSA_PKCS 0x00000041UL -#define CKM_SHA512_RSA_PKCS 0x00000042UL -#define CKM_SHA256_RSA_PKCS_PSS 0x00000043UL -#define CKM_SHA384_RSA_PKCS_PSS 0x00000044UL -#define CKM_SHA512_RSA_PKCS_PSS 0x00000045UL - -#define CKM_SHA224_RSA_PKCS 0x00000046UL -#define CKM_SHA224_RSA_PKCS_PSS 0x00000047UL - -#define CKM_SHA512_224 0x00000048UL -#define CKM_SHA512_224_HMAC 0x00000049UL -#define CKM_SHA512_224_HMAC_GENERAL 0x0000004AUL -#define CKM_SHA512_224_KEY_DERIVATION 0x0000004BUL -#define CKM_SHA512_256 0x0000004CUL -#define CKM_SHA512_256_HMAC 0x0000004DUL -#define CKM_SHA512_256_HMAC_GENERAL 0x0000004EUL -#define CKM_SHA512_256_KEY_DERIVATION 0x0000004FUL - -#define CKM_SHA512_T 0x00000050UL -#define CKM_SHA512_T_HMAC 0x00000051UL -#define CKM_SHA512_T_HMAC_GENERAL 0x00000052UL -#define CKM_SHA512_T_KEY_DERIVATION 0x00000053UL - -#define CKM_SHA3_256_RSA_PKCS 0x00000060UL -#define CKM_SHA3_384_RSA_PKCS 0x00000061UL -#define CKM_SHA3_512_RSA_PKCS 0x00000062UL -#define CKM_SHA3_256_RSA_PKCS_PSS 0x00000063UL -#define CKM_SHA3_384_RSA_PKCS_PSS 0x00000064UL -#define CKM_SHA3_512_RSA_PKCS_PSS 0x00000065UL -#define CKM_SHA3_224_RSA_PKCS 0x00000066UL -#define CKM_SHA3_224_RSA_PKCS_PSS 0x00000067UL - -#define CKM_RC2_KEY_GEN 0x00000100UL -#define CKM_RC2_ECB 0x00000101UL -#define CKM_RC2_CBC 0x00000102UL -#define CKM_RC2_MAC 0x00000103UL - -#define CKM_RC2_MAC_GENERAL 0x00000104UL -#define CKM_RC2_CBC_PAD 0x00000105UL - -#define CKM_RC4_KEY_GEN 0x00000110UL -#define CKM_RC4 0x00000111UL -#define CKM_DES_KEY_GEN 0x00000120UL -#define CKM_DES_ECB 0x00000121UL -#define CKM_DES_CBC 0x00000122UL -#define CKM_DES_MAC 0x00000123UL - -#define CKM_DES_MAC_GENERAL 0x00000124UL -#define CKM_DES_CBC_PAD 0x00000125UL - -#define CKM_DES2_KEY_GEN 0x00000130UL -#define CKM_DES3_KEY_GEN 0x00000131UL -#define CKM_DES3_ECB 0x00000132UL -#define CKM_DES3_CBC 0x00000133UL -#define CKM_DES3_MAC 0x00000134UL - -#define CKM_DES3_MAC_GENERAL 0x00000135UL -#define CKM_DES3_CBC_PAD 0x00000136UL -#define CKM_DES3_CMAC_GENERAL 0x00000137UL -#define CKM_DES3_CMAC 0x00000138UL -#define CKM_CDMF_KEY_GEN 0x00000140UL -#define CKM_CDMF_ECB 0x00000141UL -#define CKM_CDMF_CBC 0x00000142UL -#define CKM_CDMF_MAC 0x00000143UL -#define CKM_CDMF_MAC_GENERAL 0x00000144UL -#define CKM_CDMF_CBC_PAD 0x00000145UL - -#define CKM_DES_OFB64 0x00000150UL -#define CKM_DES_OFB8 0x00000151UL -#define CKM_DES_CFB64 0x00000152UL -#define CKM_DES_CFB8 0x00000153UL - -#define CKM_MD2 0x00000200UL - -#define CKM_MD2_HMAC 0x00000201UL -#define CKM_MD2_HMAC_GENERAL 0x00000202UL - -#define CKM_MD5 0x00000210UL - -#define CKM_MD5_HMAC 0x00000211UL -#define CKM_MD5_HMAC_GENERAL 0x00000212UL - -#define CKM_SHA_1 0x00000220UL - -#define CKM_SHA_1_HMAC 0x00000221UL -#define CKM_SHA_1_HMAC_GENERAL 0x00000222UL - -#define CKM_RIPEMD128 0x00000230UL -#define CKM_RIPEMD128_HMAC 0x00000231UL -#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232UL -#define CKM_RIPEMD160 0x00000240UL -#define CKM_RIPEMD160_HMAC 0x00000241UL -#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242UL - -#define CKM_SHA256 0x00000250UL -#define CKM_SHA256_HMAC 0x00000251UL -#define CKM_SHA256_HMAC_GENERAL 0x00000252UL -#define CKM_SHA224 0x00000255UL -#define CKM_SHA224_HMAC 0x00000256UL -#define CKM_SHA224_HMAC_GENERAL 0x00000257UL -#define CKM_SHA384 0x00000260UL -#define CKM_SHA384_HMAC 0x00000261UL -#define CKM_SHA384_HMAC_GENERAL 0x00000262UL -#define CKM_SHA512 0x00000270UL -#define CKM_SHA512_HMAC 0x00000271UL -#define CKM_SHA512_HMAC_GENERAL 0x00000272UL -#define CKM_SECURID_KEY_GEN 0x00000280UL -#define CKM_SECURID 0x00000282UL -#define CKM_HOTP_KEY_GEN 0x00000290UL -#define CKM_HOTP 0x00000291UL -#define CKM_ACTI 0x000002A0UL -#define CKM_ACTI_KEY_GEN 0x000002A1UL - -#define CKM_SHA3_256 0x000002B0UL -#define CKM_SHA3_256_HMAC 0x000002B1UL -#define CKM_SHA3_256_HMAC_GENERAL 0x000002B2UL -#define CKM_SHA3_256_KEY_GEN 0x000002B3UL -#define CKM_SHA3_224 0x000002B5UL -#define CKM_SHA3_224_HMAC 0x000002B6UL -#define CKM_SHA3_224_HMAC_GENERAL 0x000002B7UL -#define CKM_SHA3_224_KEY_GEN 0x000002B8UL -#define CKM_SHA3_384 0x000002C0UL -#define CKM_SHA3_384_HMAC 0x000002C1UL -#define CKM_SHA3_384_HMAC_GENERAL 0x000002C2UL -#define CKM_SHA3_384_KEY_GEN 0x000002C3UL -#define CKM_SHA3_512 0x000002D0UL -#define CKM_SHA3_512_HMAC 0x000002D1UL -#define CKM_SHA3_512_HMAC_GENERAL 0x000002D2UL -#define CKM_SHA3_512_KEY_GEN 0x000002D3UL - - -#define CKM_CAST_KEY_GEN 0x00000300UL -#define CKM_CAST_ECB 0x00000301UL -#define CKM_CAST_CBC 0x00000302UL -#define CKM_CAST_MAC 0x00000303UL -#define CKM_CAST_MAC_GENERAL 0x00000304UL -#define CKM_CAST_CBC_PAD 0x00000305UL -#define CKM_CAST3_KEY_GEN 0x00000310UL -#define CKM_CAST3_ECB 0x00000311UL -#define CKM_CAST3_CBC 0x00000312UL -#define CKM_CAST3_MAC 0x00000313UL -#define CKM_CAST3_MAC_GENERAL 0x00000314UL -#define CKM_CAST3_CBC_PAD 0x00000315UL -/* Note that CAST128 and CAST5 are the same algorithm */ -#define CKM_CAST5_KEY_GEN 0x00000320UL -#define CKM_CAST128_KEY_GEN 0x00000320UL -#define CKM_CAST5_ECB 0x00000321UL -#define CKM_CAST128_ECB 0x00000321UL -#define CKM_CAST5_CBC 0x00000322UL /* Deprecated */ -#define CKM_CAST128_CBC 0x00000322UL -#define CKM_CAST5_MAC 0x00000323UL /* Deprecated */ -#define CKM_CAST128_MAC 0x00000323UL -#define CKM_CAST5_MAC_GENERAL 0x00000324UL /* Deprecated */ -#define CKM_CAST128_MAC_GENERAL 0x00000324UL -#define CKM_CAST5_CBC_PAD 0x00000325UL /* Deprecated */ -#define CKM_CAST128_CBC_PAD 0x00000325UL -#define CKM_RC5_KEY_GEN 0x00000330UL -#define CKM_RC5_ECB 0x00000331UL -#define CKM_RC5_CBC 0x00000332UL -#define CKM_RC5_MAC 0x00000333UL -#define CKM_RC5_MAC_GENERAL 0x00000334UL -#define CKM_RC5_CBC_PAD 0x00000335UL -#define CKM_IDEA_KEY_GEN 0x00000340UL -#define CKM_IDEA_ECB 0x00000341UL -#define CKM_IDEA_CBC 0x00000342UL -#define CKM_IDEA_MAC 0x00000343UL -#define CKM_IDEA_MAC_GENERAL 0x00000344UL -#define CKM_IDEA_CBC_PAD 0x00000345UL -#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350UL -#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360UL -#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362UL -#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363UL -#define CKM_XOR_BASE_AND_DATA 0x00000364UL -#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365UL -#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370UL -#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371UL -#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372UL - -#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373UL -#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374UL -#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375UL -#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376UL -#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377UL - -#define CKM_TLS_PRF 0x00000378UL - -#define CKM_SSL3_MD5_MAC 0x00000380UL -#define CKM_SSL3_SHA1_MAC 0x00000381UL -#define CKM_MD5_KEY_DERIVATION 0x00000390UL -#define CKM_MD2_KEY_DERIVATION 0x00000391UL -#define CKM_SHA1_KEY_DERIVATION 0x00000392UL - -#define CKM_SHA256_KEY_DERIVATION 0x00000393UL -#define CKM_SHA384_KEY_DERIVATION 0x00000394UL -#define CKM_SHA512_KEY_DERIVATION 0x00000395UL -#define CKM_SHA224_KEY_DERIVATION 0x00000396UL -#define CKM_SHA3_256_KEY_DERIVATION 0x00000397UL -#define CKM_SHA3_224_KEY_DERIVATION 0x00000398UL -#define CKM_SHA3_384_KEY_DERIVATION 0x00000399UL -#define CKM_SHA3_512_KEY_DERIVATION 0x0000039AUL -#define CKM_SHAKE_128_KEY_DERIVATION 0x0000039BUL -#define CKM_SHAKE_256_KEY_DERIVATION 0x0000039CUL -#define CKM_SHA3_256_KEY_DERIVE CKM_SHA3_256_KEY_DERIVATION -#define CKM_SHA3_224_KEY_DERIVE CKM_SHA3_224_KEY_DERIVATION -#define CKM_SHA3_384_KEY_DERIVE CKM_SHA3_384_KEY_DERIVATION -#define CKM_SHA3_512_KEY_DERIVE CKM_SHA3_512_KEY_DERIVATION -#define CKM_SHAKE_128_KEY_DERIVE CKM_SHAKE_128_KEY_DERIVATION -#define CKM_SHAKE_256_KEY_DERIVE CKM_SHAKE_256_KEY_DERIVATION - -#define CKM_PBE_MD2_DES_CBC 0x000003A0UL -#define CKM_PBE_MD5_DES_CBC 0x000003A1UL -#define CKM_PBE_MD5_CAST_CBC 0x000003A2UL -#define CKM_PBE_MD5_CAST3_CBC 0x000003A3UL -#define CKM_PBE_MD5_CAST5_CBC 0x000003A4UL /* Deprecated */ -#define CKM_PBE_MD5_CAST128_CBC 0x000003A4UL -#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5UL /* Deprecated */ -#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5UL -#define CKM_PBE_SHA1_RC4_128 0x000003A6UL -#define CKM_PBE_SHA1_RC4_40 0x000003A7UL -#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8UL -#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9UL -#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AAUL -#define CKM_PBE_SHA1_RC2_40_CBC 0x000003ABUL - -#define CKM_PKCS5_PBKD2 0x000003B0UL - -#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0UL - -#define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0UL -#define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1UL -#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2UL -#define CKM_WTLS_PRF 0x000003D3UL -#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4UL -#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5UL - -#define CKM_TLS12_MAC 0x000003D8UL -#define CKM_TLS12_KDF 0x000003D9UL -#define CKM_TLS12_MASTER_KEY_DERIVE 0x000003E0UL -#define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003E1UL -#define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003E2UL -#define CKM_TLS12_KEY_SAFE_DERIVE 0x000003E3UL -#define CKM_TLS_MAC 0x000003E4UL -#define CKM_TLS_KDF 0x000003E5UL - -#define CKM_KEY_WRAP_LYNKS 0x00000400UL -#define CKM_KEY_WRAP_SET_OAEP 0x00000401UL - -#define CKM_CMS_SIG 0x00000500UL -#define CKM_KIP_DERIVE 0x00000510UL -#define CKM_KIP_WRAP 0x00000511UL -#define CKM_KIP_MAC 0x00000512UL - -#define CKM_CAMELLIA_KEY_GEN 0x00000550UL -#define CKM_CAMELLIA_ECB 0x00000551UL -#define CKM_CAMELLIA_CBC 0x00000552UL -#define CKM_CAMELLIA_MAC 0x00000553UL -#define CKM_CAMELLIA_MAC_GENERAL 0x00000554UL -#define CKM_CAMELLIA_CBC_PAD 0x00000555UL -#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556UL -#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557UL -#define CKM_CAMELLIA_CTR 0x00000558UL - -#define CKM_ARIA_KEY_GEN 0x00000560UL -#define CKM_ARIA_ECB 0x00000561UL -#define CKM_ARIA_CBC 0x00000562UL -#define CKM_ARIA_MAC 0x00000563UL -#define CKM_ARIA_MAC_GENERAL 0x00000564UL -#define CKM_ARIA_CBC_PAD 0x00000565UL -#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566UL -#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567UL - -#define CKM_SEED_KEY_GEN 0x00000650UL -#define CKM_SEED_ECB 0x00000651UL -#define CKM_SEED_CBC 0x00000652UL -#define CKM_SEED_MAC 0x00000653UL -#define CKM_SEED_MAC_GENERAL 0x00000654UL -#define CKM_SEED_CBC_PAD 0x00000655UL -#define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656UL -#define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657UL - -#define CKM_SKIPJACK_KEY_GEN 0x00001000UL -#define CKM_SKIPJACK_ECB64 0x00001001UL -#define CKM_SKIPJACK_CBC64 0x00001002UL -#define CKM_SKIPJACK_OFB64 0x00001003UL -#define CKM_SKIPJACK_CFB64 0x00001004UL -#define CKM_SKIPJACK_CFB32 0x00001005UL -#define CKM_SKIPJACK_CFB16 0x00001006UL -#define CKM_SKIPJACK_CFB8 0x00001007UL -#define CKM_SKIPJACK_WRAP 0x00001008UL -#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009UL -#define CKM_SKIPJACK_RELAYX 0x0000100aUL -#define CKM_KEA_KEY_PAIR_GEN 0x00001010UL -#define CKM_KEA_KEY_DERIVE 0x00001011UL -#define CKM_KEA_DERIVE 0x00001012UL -#define CKM_FORTEZZA_TIMESTAMP 0x00001020UL -#define CKM_BATON_KEY_GEN 0x00001030UL -#define CKM_BATON_ECB128 0x00001031UL -#define CKM_BATON_ECB96 0x00001032UL -#define CKM_BATON_CBC128 0x00001033UL -#define CKM_BATON_COUNTER 0x00001034UL -#define CKM_BATON_SHUFFLE 0x00001035UL -#define CKM_BATON_WRAP 0x00001036UL - -#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040UL /* Deprecated */ -#define CKM_EC_KEY_PAIR_GEN 0x00001040UL - -#define CKM_ECDSA 0x00001041UL -#define CKM_ECDSA_SHA1 0x00001042UL -#define CKM_ECDSA_SHA224 0x00001043UL -#define CKM_ECDSA_SHA256 0x00001044UL -#define CKM_ECDSA_SHA384 0x00001045UL -#define CKM_ECDSA_SHA512 0x00001046UL -#define CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS 0x0000140BUL - -#define CKM_ECDH1_DERIVE 0x00001050UL -#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051UL -#define CKM_ECMQV_DERIVE 0x00001052UL - -#define CKM_ECDH_AES_KEY_WRAP 0x00001053UL -#define CKM_RSA_AES_KEY_WRAP 0x00001054UL - -#define CKM_JUNIPER_KEY_GEN 0x00001060UL -#define CKM_JUNIPER_ECB128 0x00001061UL -#define CKM_JUNIPER_CBC128 0x00001062UL -#define CKM_JUNIPER_COUNTER 0x00001063UL -#define CKM_JUNIPER_SHUFFLE 0x00001064UL -#define CKM_JUNIPER_WRAP 0x00001065UL -#define CKM_FASTHASH 0x00001070UL - -#define CKM_AES_XTS 0x00001071UL -#define CKM_AES_XTS_KEY_GEN 0x00001072UL -#define CKM_AES_KEY_GEN 0x00001080UL -#define CKM_AES_ECB 0x00001081UL -#define CKM_AES_CBC 0x00001082UL -#define CKM_AES_MAC 0x00001083UL -#define CKM_AES_MAC_GENERAL 0x00001084UL -#define CKM_AES_CBC_PAD 0x00001085UL -#define CKM_AES_CTR 0x00001086UL -#define CKM_AES_GCM 0x00001087UL -#define CKM_AES_CCM 0x00001088UL -#define CKM_AES_CTS 0x00001089UL -#define CKM_AES_CMAC 0x0000108AUL -#define CKM_AES_CMAC_GENERAL 0x0000108BUL - -#define CKM_AES_XCBC_MAC 0x0000108CUL -#define CKM_AES_XCBC_MAC_96 0x0000108DUL -#define CKM_AES_GMAC 0x0000108EUL - -#define CKM_BLOWFISH_KEY_GEN 0x00001090UL -#define CKM_BLOWFISH_CBC 0x00001091UL -#define CKM_TWOFISH_KEY_GEN 0x00001092UL -#define CKM_TWOFISH_CBC 0x00001093UL -#define CKM_BLOWFISH_CBC_PAD 0x00001094UL -#define CKM_TWOFISH_CBC_PAD 0x00001095UL - -#define CKM_DES_ECB_ENCRYPT_DATA 0x00001100UL -#define CKM_DES_CBC_ENCRYPT_DATA 0x00001101UL -#define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102UL -#define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103UL -#define CKM_AES_ECB_ENCRYPT_DATA 0x00001104UL -#define CKM_AES_CBC_ENCRYPT_DATA 0x00001105UL - -#define CKM_GOSTR3410_KEY_PAIR_GEN 0x00001200UL -#define CKM_GOSTR3410 0x00001201UL -#define CKM_GOSTR3410_WITH_GOSTR3411 0x00001202UL -#define CKM_GOSTR3410_KEY_WRAP 0x00001203UL -#define CKM_GOSTR3410_DERIVE 0x00001204UL -#define CKM_GOSTR3411 0x00001210UL -#define CKM_GOSTR3411_HMAC 0x00001211UL -#define CKM_GOST28147_KEY_GEN 0x00001220UL -#define CKM_GOST28147_ECB 0x00001221UL -#define CKM_GOST28147 0x00001222UL -#define CKM_GOST28147_MAC 0x00001223UL -#define CKM_GOST28147_KEY_WRAP 0x00001224UL -#define CKM_CHACHA20_KEY_GEN 0x00001225UL -#define CKM_CHACHA20 0x00001226UL -#define CKM_POLY1305_KEY_GEN 0x00001227UL -#define CKM_POLY1305 0x00001228UL -#define CKM_DSA_PARAMETER_GEN 0x00002000UL -#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001UL -#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002UL -#define CKM_DSA_PROBABILISTIC_PARAMETER_GEN 0x00002003UL -#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN CKM_DSA_PROBABILISTIC_PARAMETER_GEN -#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN 0x00002004UL -#define CKM_DSA_FIPS_G_GEN 0x00002005UL - -#define CKM_AES_OFB 0x00002104UL -#define CKM_AES_CFB64 0x00002105UL -#define CKM_AES_CFB8 0x00002106UL -#define CKM_AES_CFB128 0x00002107UL - -#define CKM_AES_CFB1 0x00002108UL -#define CKM_AES_KEY_WRAP 0x00002109UL /* WAS: 0x00001090 */ -#define CKM_AES_KEY_WRAP_PAD 0x0000210AUL /* WAS: 0x00001091 */ -#define CKM_AES_KEY_WRAP_KWP 0x0000210BUL - -#define CKM_RSA_PKCS_TPM_1_1 0x00004001UL -#define CKM_RSA_PKCS_OAEP_TPM_1_1 0x00004002UL - -#define CKM_SHA_1_KEY_GEN 0x00004003UL -#define CKM_SHA224_KEY_GEN 0x00004004UL -#define CKM_SHA256_KEY_GEN 0x00004005UL -#define CKM_SHA384_KEY_GEN 0x00004006UL -#define CKM_SHA512_KEY_GEN 0x00004007UL -#define CKM_SHA512_224_KEY_GEN 0x00004008UL -#define CKM_SHA512_256_KEY_GEN 0x00004009UL -#define CKM_SHA512_T_KEY_GEN 0x0000400aUL -#define CKM_NULL 0x0000400bUL -#define CKM_BLAKE2B_160 0x0000400cUL -#define CKM_BLAKE2B_160_HMAC 0x0000400dUL -#define CKM_BLAKE2B_160_HMAC_GENERAL 0x0000400eUL -#define CKM_BLAKE2B_160_KEY_DERIVE 0x0000400fUL -#define CKM_BLAKE2B_160_KEY_GEN 0x00004010UL -#define CKM_BLAKE2B_256 0x00004011UL -#define CKM_BLAKE2B_256_HMAC 0x00004012UL -#define CKM_BLAKE2B_256_HMAC_GENERAL 0x00004013UL -#define CKM_BLAKE2B_256_KEY_DERIVE 0x00004014UL -#define CKM_BLAKE2B_256_KEY_GEN 0x00004015UL -#define CKM_BLAKE2B_384 0x00004016UL -#define CKM_BLAKE2B_384_HMAC 0x00004017UL -#define CKM_BLAKE2B_384_HMAC_GENERAL 0x00004018UL -#define CKM_BLAKE2B_384_KEY_DERIVE 0x00004019UL -#define CKM_BLAKE2B_384_KEY_GEN 0x0000401aUL -#define CKM_BLAKE2B_512 0x0000401bUL -#define CKM_BLAKE2B_512_HMAC 0x0000401cUL -#define CKM_BLAKE2B_512_HMAC_GENERAL 0x0000401dUL -#define CKM_BLAKE2B_512_KEY_DERIVE 0x0000401eUL -#define CKM_BLAKE2B_512_KEY_GEN 0x0000401fUL -#define CKM_SALSA20 0x00004020UL -#define CKM_CHACHA20_POLY1305 0x00004021UL -#define CKM_SALSA20_POLY1305 0x00004022UL -#define CKM_X3DH_INITIALIZE 0x00004023UL -#define CKM_X3DH_RESPOND 0x00004024UL -#define CKM_X2RATCHET_INITIALIZE 0x00004025UL -#define CKM_X2RATCHET_RESPOND 0x00004026UL -#define CKM_X2RATCHET_ENCRYPT 0x00004027UL -#define CKM_X2RATCHET_DECRYPT 0x00004028UL -#define CKM_XEDDSA 0x00004029UL -#define CKM_HKDF_DERIVE 0x0000402aUL -#define CKM_HKDF_DATA 0x0000402bUL -#define CKM_HKDF_KEY_GEN 0x0000402cUL -#define CKM_SALSA20_KEY_GEN 0x0000402dUL - -#define CKM_ECDSA_SHA3_224 0x00001047UL -#define CKM_ECDSA_SHA3_256 0x00001048UL -#define CKM_ECDSA_SHA3_384 0x00001049UL -#define CKM_ECDSA_SHA3_512 0x0000104aUL -#define CKM_EC_EDWARDS_KEY_PAIR_GEN 0x00001055UL -#define CKM_EC_MONTGOMERY_KEY_PAIR_GEN 0x00001056UL -#define CKM_EDDSA 0x00001057UL -#define CKM_SP800_108_COUNTER_KDF 0x000003acUL -#define CKM_SP800_108_FEEDBACK_KDF 0x000003adUL -#define CKM_SP800_108_DOUBLE_PIPELINE_KDF 0x000003aeUL - -#define CKM_VENDOR_DEFINED 0x80000000UL - -typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; - - -/* CK_MECHANISM is a structure that specifies a particular - * mechanism - */ -typedef struct CK_MECHANISM { - CK_MECHANISM_TYPE mechanism; - CK_VOID_PTR pParameter; - CK_ULONG ulParameterLen; /* in bytes */ -} CK_MECHANISM; - -typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; - - -/* CK_MECHANISM_INFO provides information about a particular - * mechanism - */ -typedef struct CK_MECHANISM_INFO { - CK_ULONG ulMinKeySize; - CK_ULONG ulMaxKeySize; - CK_FLAGS flags; -} CK_MECHANISM_INFO; - -/* The flags are defined as follows: - * Bit Flag Mask Meaning */ -#define CKF_HW 0x00000001UL /* performed by HW */ - -/* Specify whether or not a mechanism can be used for a particular task */ -#define CKF_MESSAGE_ENCRYPT 0x00000002UL -#define CKF_MESSAGE_DECRYPT 0x00000004UL -#define CKF_MESSAGE_SIGN 0x00000008UL -#define CKF_MESSAGE_VERIFY 0x00000010UL -#define CKF_MULTI_MESSAGE 0x00000020UL -#define CKF_MULTI_MESSGE CKF_MULTI_MESSAGE -#define CKF_FIND_OBJECTS 0x00000040UL - -#define CKF_ENCRYPT 0x00000100UL -#define CKF_DECRYPT 0x00000200UL -#define CKF_DIGEST 0x00000400UL -#define CKF_SIGN 0x00000800UL -#define CKF_SIGN_RECOVER 0x00001000UL -#define CKF_VERIFY 0x00002000UL -#define CKF_VERIFY_RECOVER 0x00004000UL -#define CKF_GENERATE 0x00008000UL -#define CKF_GENERATE_KEY_PAIR 0x00010000UL -#define CKF_WRAP 0x00020000UL -#define CKF_UNWRAP 0x00040000UL -#define CKF_DERIVE 0x00080000UL - -/* Describe a token's EC capabilities not available in mechanism - * information. - */ -#define CKF_EC_F_P 0x00100000UL -#define CKF_EC_F_2M 0x00200000UL -#define CKF_EC_ECPARAMETERS 0x00400000UL -#define CKF_EC_OID 0x00800000UL -#define CKF_EC_NAMEDCURVE CKF_EC_OID /* deprecated since PKCS#11 3.00 */ -#define CKF_EC_UNCOMPRESS 0x01000000UL -#define CKF_EC_COMPRESS 0x02000000UL -#define CKF_EC_CURVENAME 0x04000000UL - -#define CKF_EXTENSION 0x80000000UL - -typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; - -/* CK_RV is a value that identifies the return value of a - * Cryptoki function - */ -typedef CK_ULONG CK_RV; - -#define CKR_OK 0x00000000UL -#define CKR_CANCEL 0x00000001UL -#define CKR_HOST_MEMORY 0x00000002UL -#define CKR_SLOT_ID_INVALID 0x00000003UL - -#define CKR_GENERAL_ERROR 0x00000005UL -#define CKR_FUNCTION_FAILED 0x00000006UL - -#define CKR_ARGUMENTS_BAD 0x00000007UL -#define CKR_NO_EVENT 0x00000008UL -#define CKR_NEED_TO_CREATE_THREADS 0x00000009UL -#define CKR_CANT_LOCK 0x0000000AUL - -#define CKR_ATTRIBUTE_READ_ONLY 0x00000010UL -#define CKR_ATTRIBUTE_SENSITIVE 0x00000011UL -#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012UL -#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013UL - -#define CKR_ACTION_PROHIBITED 0x0000001BUL - -#define CKR_DATA_INVALID 0x00000020UL -#define CKR_DATA_LEN_RANGE 0x00000021UL -#define CKR_DEVICE_ERROR 0x00000030UL -#define CKR_DEVICE_MEMORY 0x00000031UL -#define CKR_DEVICE_REMOVED 0x00000032UL -#define CKR_ENCRYPTED_DATA_INVALID 0x00000040UL -#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041UL -#define CKR_AEAD_DECRYPT_FAILED 0x00000042UL -#define CKR_FUNCTION_CANCELED 0x00000050UL -#define CKR_FUNCTION_NOT_PARALLEL 0x00000051UL - -#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054UL - -#define CKR_KEY_HANDLE_INVALID 0x00000060UL - -#define CKR_KEY_SIZE_RANGE 0x00000062UL -#define CKR_KEY_TYPE_INCONSISTENT 0x00000063UL - -#define CKR_KEY_NOT_NEEDED 0x00000064UL -#define CKR_KEY_CHANGED 0x00000065UL -#define CKR_KEY_NEEDED 0x00000066UL -#define CKR_KEY_INDIGESTIBLE 0x00000067UL -#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068UL -#define CKR_KEY_NOT_WRAPPABLE 0x00000069UL -#define CKR_KEY_UNEXTRACTABLE 0x0000006AUL - -#define CKR_MECHANISM_INVALID 0x00000070UL -#define CKR_MECHANISM_PARAM_INVALID 0x00000071UL - -#define CKR_OBJECT_HANDLE_INVALID 0x00000082UL -#define CKR_OPERATION_ACTIVE 0x00000090UL -#define CKR_OPERATION_NOT_INITIALIZED 0x00000091UL -#define CKR_PIN_INCORRECT 0x000000A0UL -#define CKR_PIN_INVALID 0x000000A1UL -#define CKR_PIN_LEN_RANGE 0x000000A2UL - -#define CKR_PIN_EXPIRED 0x000000A3UL -#define CKR_PIN_LOCKED 0x000000A4UL - -#define CKR_SESSION_CLOSED 0x000000B0UL -#define CKR_SESSION_COUNT 0x000000B1UL -#define CKR_SESSION_HANDLE_INVALID 0x000000B3UL -#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4UL -#define CKR_SESSION_READ_ONLY 0x000000B5UL -#define CKR_SESSION_EXISTS 0x000000B6UL - -#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7UL -#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8UL - -#define CKR_SIGNATURE_INVALID 0x000000C0UL -#define CKR_SIGNATURE_LEN_RANGE 0x000000C1UL -#define CKR_TEMPLATE_INCOMPLETE 0x000000D0UL -#define CKR_TEMPLATE_INCONSISTENT 0x000000D1UL -#define CKR_TOKEN_NOT_PRESENT 0x000000E0UL -#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1UL -#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2UL -#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0UL -#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1UL -#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2UL -#define CKR_USER_ALREADY_LOGGED_IN 0x00000100UL -#define CKR_USER_NOT_LOGGED_IN 0x00000101UL -#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102UL -#define CKR_USER_TYPE_INVALID 0x00000103UL - -#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104UL -#define CKR_USER_TOO_MANY_TYPES 0x00000105UL - -#define CKR_WRAPPED_KEY_INVALID 0x00000110UL -#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112UL -#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113UL -#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114UL -#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115UL -#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120UL - -#define CKR_RANDOM_NO_RNG 0x00000121UL - -#define CKR_DOMAIN_PARAMS_INVALID 0x00000130UL - -#define CKR_CURVE_NOT_SUPPORTED 0x00000140UL - -#define CKR_BUFFER_TOO_SMALL 0x00000150UL -#define CKR_SAVED_STATE_INVALID 0x00000160UL -#define CKR_INFORMATION_SENSITIVE 0x00000170UL -#define CKR_STATE_UNSAVEABLE 0x00000180UL - -#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190UL -#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191UL -#define CKR_MUTEX_BAD 0x000001A0UL -#define CKR_MUTEX_NOT_LOCKED 0x000001A1UL - -#define CKR_NEW_PIN_MODE 0x000001B0UL -#define CKR_NEXT_OTP 0x000001B1UL - -#define CKR_EXCEEDED_MAX_ITERATIONS 0x000001B5UL -#define CKR_FIPS_SELF_TEST_FAILED 0x000001B6UL -#define CKR_LIBRARY_LOAD_FAILED 0x000001B7UL -#define CKR_PIN_TOO_WEAK 0x000001B8UL -#define CKR_PUBLIC_KEY_INVALID 0x000001B9UL - -#define CKR_FUNCTION_REJECTED 0x00000200UL -#define CKR_TOKEN_RESOURCE_EXCEEDED 0x00000201UL -#define CKR_OPERATION_CANCEL_FAILED 0x00000202UL - -#define CKR_VENDOR_DEFINED 0x80000000UL - - -/* CK_NOTIFY is an application callback that processes events */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_NOTIFICATION event, - CK_VOID_PTR pApplication /* passed to C_OpenSession */ -); - - -/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec - * version and pointers of appropriate types to all the - * Cryptoki functions - */ -typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; -typedef struct CK_FUNCTION_LIST_3_0 CK_FUNCTION_LIST_3_0; - -typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; -typedef CK_FUNCTION_LIST_3_0 CK_PTR CK_FUNCTION_LIST_3_0_PTR; - -typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; -typedef CK_FUNCTION_LIST_3_0_PTR CK_PTR CK_FUNCTION_LIST_3_0_PTR_PTR; - -typedef struct CK_INTERFACE { - CK_CHAR *pInterfaceName; - CK_VOID_PTR pFunctionList; - CK_FLAGS flags; -} CK_INTERFACE; - -typedef CK_INTERFACE CK_PTR CK_INTERFACE_PTR; -typedef CK_INTERFACE_PTR CK_PTR CK_INTERFACE_PTR_PTR; - -#define CKF_END_OF_MESSAGE 0x00000001UL - - -/* CK_CREATEMUTEX is an application callback for creating a - * mutex object - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( - CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ -); - - -/* CK_DESTROYMUTEX is an application callback for destroying a - * mutex object - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_LOCKMUTEX is an application callback for locking a mutex */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_UNLOCKMUTEX is an application callback for unlocking a - * mutex - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - -/* Get functionlist flags */ -#define CKF_INTERFACE_FORK_SAFE 0x00000001UL - -/* CK_C_INITIALIZE_ARGS provides the optional arguments to - * C_Initialize - */ -typedef struct CK_C_INITIALIZE_ARGS { - CK_CREATEMUTEX CreateMutex; - CK_DESTROYMUTEX DestroyMutex; - CK_LOCKMUTEX LockMutex; - CK_UNLOCKMUTEX UnlockMutex; - CK_FLAGS flags; - CK_VOID_PTR pReserved; -} CK_C_INITIALIZE_ARGS; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001UL -#define CKF_OS_LOCKING_OK 0x00000002UL - -typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; - - - -/* additional flags for parameters to functions */ - -/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ -#define CKF_DONT_BLOCK 1 - -/* CK_RSA_PKCS_MGF_TYPE is used to indicate the Message - * Generation Function (MGF) applied to a message block when - * formatting a message block for the PKCS #1 OAEP encryption - * scheme. - */ -typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; - -typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; - -/* The following MGFs are defined */ -#define CKG_MGF1_SHA1 0x00000001UL -#define CKG_MGF1_SHA256 0x00000002UL -#define CKG_MGF1_SHA384 0x00000003UL -#define CKG_MGF1_SHA512 0x00000004UL -#define CKG_MGF1_SHA224 0x00000005UL -#define CKG_MGF1_SHA3_224 0x00000006UL -#define CKG_MGF1_SHA3_256 0x00000007UL -#define CKG_MGF1_SHA3_384 0x00000008UL -#define CKG_MGF1_SHA3_512 0x00000009UL - - -/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source - * of the encoding parameter when formatting a message block - * for the PKCS #1 OAEP encryption scheme. - */ -typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; - -typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; - -/* The following encoding parameter sources are defined */ -#define CKZ_DATA_SPECIFIED 0x00000001UL - -/* CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the - * CKM_RSA_PKCS_OAEP mechanism. - */ -typedef struct CK_RSA_PKCS_OAEP_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_RSA_PKCS_OAEP_SOURCE_TYPE source; - CK_VOID_PTR pSourceData; - CK_ULONG ulSourceDataLen; -} CK_RSA_PKCS_OAEP_PARAMS; - -typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; - -/* CK_RSA_PKCS_PSS_PARAMS provides the parameters to the - * CKM_RSA_PKCS_PSS mechanism(s). - */ -typedef struct CK_RSA_PKCS_PSS_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_ULONG sLen; -} CK_RSA_PKCS_PSS_PARAMS; - -typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; - -typedef CK_ULONG CK_EC_KDF_TYPE; -typedef CK_EC_KDF_TYPE CK_PTR CK_EC_KDF_TYPE_PTR; - -/* The following EC Key Derivation Functions are defined */ -#define CKD_NULL 0x00000001UL -#define CKD_SHA1_KDF 0x00000002UL - -/* The following X9.42 DH key derivation functions are defined */ -#define CKD_SHA1_KDF_ASN1 0x00000003UL -#define CKD_SHA1_KDF_CONCATENATE 0x00000004UL -#define CKD_SHA224_KDF 0x00000005UL -#define CKD_SHA256_KDF 0x00000006UL -#define CKD_SHA384_KDF 0x00000007UL -#define CKD_SHA512_KDF 0x00000008UL -#define CKD_CPDIVERSIFY_KDF 0x00000009UL -#define CKD_SHA3_224_KDF 0x0000000AUL -#define CKD_SHA3_256_KDF 0x0000000BUL -#define CKD_SHA3_384_KDF 0x0000000CUL -#define CKD_SHA3_512_KDF 0x0000000DUL -#define CKD_SHA1_KDF_SP800 0x0000000EUL -#define CKD_SHA224_KDF_SP800 0x0000000FUL -#define CKD_SHA256_KDF_SP800 0x00000010UL -#define CKD_SHA384_KDF_SP800 0x00000011UL -#define CKD_SHA512_KDF_SP800 0x00000012UL -#define CKD_SHA3_224_KDF_SP800 0x00000013UL -#define CKD_SHA3_256_KDF_SP800 0x00000014UL -#define CKD_SHA3_384_KDF_SP800 0x00000015UL -#define CKD_SHA3_512_KDF_SP800 0x00000016UL -#define CKD_BLAKE2B_160_KDF 0x00000017UL -#define CKD_BLAKE2B_256_KDF 0x00000018UL -#define CKD_BLAKE2B_384_KDF 0x00000019UL -#define CKD_BLAKE2B_512_KDF 0x0000001aUL - -/* CK_ECDH1_DERIVE_PARAMS provides the parameters to the - * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, - * where each party contributes one key pair. - */ -typedef struct CK_ECDH1_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_ECDH1_DERIVE_PARAMS; - -typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; - -/* - * CK_ECDH2_DERIVE_PARAMS provides the parameters to the - * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. - */ -typedef struct CK_ECDH2_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; -} CK_ECDH2_DERIVE_PARAMS; - -typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; - -typedef struct CK_ECMQV_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; - CK_OBJECT_HANDLE publicKey; -} CK_ECMQV_DERIVE_PARAMS; - -typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR; - -/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the - * CKM_X9_42_DH_PARAMETER_GEN mechanisms - */ -typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; -typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; - -/* CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the - * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party - * contributes one key pair - */ -typedef struct CK_X9_42_DH1_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_X9_42_DH1_DERIVE_PARAMS; - -typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; - -/* CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the - * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation - * mechanisms, where each party contributes two key pairs - */ -typedef struct CK_X9_42_DH2_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; -} CK_X9_42_DH2_DERIVE_PARAMS; - -typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; - -typedef struct CK_X9_42_MQV_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; - CK_OBJECT_HANDLE publicKey; -} CK_X9_42_MQV_DERIVE_PARAMS; - -typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR; - -/* CK_KEA_DERIVE_PARAMS provides the parameters to the - * CKM_KEA_DERIVE mechanism - */ -typedef struct CK_KEA_DERIVE_PARAMS { - CK_BBOOL isSender; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pRandomB; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_KEA_DERIVE_PARAMS; - -typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; - - -/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and - * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just - * holds the effective keysize - */ -typedef CK_ULONG CK_RC2_PARAMS; - -typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; - - -/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC - * mechanism - */ -typedef struct CK_RC2_CBC_PARAMS { - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - CK_BYTE iv[8]; /* IV for CBC mode */ -} CK_RC2_CBC_PARAMS; - -typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; - - -/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC2_MAC_GENERAL mechanism - */ -typedef struct CK_RC2_MAC_GENERAL_PARAMS { - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC2_MAC_GENERAL_PARAMS; - -typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC2_MAC_GENERAL_PARAMS_PTR; - - -/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and - * CKM_RC5_MAC mechanisms - */ -typedef struct CK_RC5_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ -} CK_RC5_PARAMS; - -typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; - - -/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC - * mechanism - */ -typedef struct CK_RC5_CBC_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_BYTE_PTR pIv; /* pointer to IV */ - CK_ULONG ulIvLen; /* length of IV in bytes */ -} CK_RC5_CBC_PARAMS; - -typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; - - -/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC5_MAC_GENERAL mechanism - */ -typedef struct CK_RC5_MAC_GENERAL_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC5_MAC_GENERAL_PARAMS; - -typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC5_MAC_GENERAL_PARAMS_PTR; - -/* CK_MAC_GENERAL_PARAMS provides the parameters to most block - * ciphers' MAC_GENERAL mechanisms. Its value is the length of - * the MAC - */ -typedef CK_ULONG CK_MAC_GENERAL_PARAMS; - -typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; - -typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[8]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_DES_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_AES_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; - -/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the - * CKM_SKIPJACK_PRIVATE_WRAP mechanism - */ -typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pPassword; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPAndGLen; - CK_ULONG ulQLen; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pPrimeP; - CK_BYTE_PTR pBaseG; - CK_BYTE_PTR pSubprimeQ; -} CK_SKIPJACK_PRIVATE_WRAP_PARAMS; - -typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ - CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR; - - -/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the - * CKM_SKIPJACK_RELAYX mechanism - */ -typedef struct CK_SKIPJACK_RELAYX_PARAMS { - CK_ULONG ulOldWrappedXLen; - CK_BYTE_PTR pOldWrappedX; - CK_ULONG ulOldPasswordLen; - CK_BYTE_PTR pOldPassword; - CK_ULONG ulOldPublicDataLen; - CK_BYTE_PTR pOldPublicData; - CK_ULONG ulOldRandomLen; - CK_BYTE_PTR pOldRandomA; - CK_ULONG ulNewPasswordLen; - CK_BYTE_PTR pNewPassword; - CK_ULONG ulNewPublicDataLen; - CK_BYTE_PTR pNewPublicData; - CK_ULONG ulNewRandomLen; - CK_BYTE_PTR pNewRandomA; -} CK_SKIPJACK_RELAYX_PARAMS; - -typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ - CK_SKIPJACK_RELAYX_PARAMS_PTR; - - -typedef struct CK_PBE_PARAMS { - CK_BYTE_PTR pInitVector; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pSalt; - CK_ULONG ulSaltLen; - CK_ULONG ulIteration; -} CK_PBE_PARAMS; - -typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; - - -/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the - * CKM_KEY_WRAP_SET_OAEP mechanism - */ -typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { - CK_BYTE bBC; /* block contents byte */ - CK_BYTE_PTR pX; /* extra data */ - CK_ULONG ulXLen; /* length of extra data in bytes */ -} CK_KEY_WRAP_SET_OAEP_PARAMS; - -typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; - -typedef struct CK_SSL3_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_SSL3_RANDOM_DATA; - - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { - CK_SSL3_RANDOM_DATA RandomInfo; - CK_VERSION_PTR pVersion; -} CK_SSL3_MASTER_KEY_DERIVE_PARAMS; - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_SSL3_KEY_MAT_OUT { - CK_OBJECT_HANDLE hClientMacSecret; - CK_OBJECT_HANDLE hServerMacSecret; - CK_OBJECT_HANDLE hClientKey; - CK_OBJECT_HANDLE hServerKey; - CK_BYTE_PTR pIVClient; - CK_BYTE_PTR pIVServer; -} CK_SSL3_KEY_MAT_OUT; - -typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; - - -typedef struct CK_SSL3_KEY_MAT_PARAMS { - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_BBOOL bIsExport; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_SSL3_KEY_MAT_PARAMS; - -typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; - -typedef struct CK_TLS_PRF_PARAMS { - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; -} CK_TLS_PRF_PARAMS; - -typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; - -typedef struct CK_WTLS_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_WTLS_RANDOM_DATA; - -typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR; - -typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_WTLS_RANDOM_DATA RandomInfo; - CK_BYTE_PTR pVersion; -} CK_WTLS_MASTER_KEY_DERIVE_PARAMS; - -typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_WTLS_PRF_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; -} CK_WTLS_PRF_PARAMS; - -typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR; - -typedef struct CK_WTLS_KEY_MAT_OUT { - CK_OBJECT_HANDLE hMacSecret; - CK_OBJECT_HANDLE hKey; - CK_BYTE_PTR pIV; -} CK_WTLS_KEY_MAT_OUT; - -typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR; - -typedef struct CK_WTLS_KEY_MAT_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_ULONG ulSequenceNumber; - CK_BBOOL bIsExport; - CK_WTLS_RANDOM_DATA RandomInfo; - CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_WTLS_KEY_MAT_PARAMS; - -typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR; - -typedef struct CK_CMS_SIG_PARAMS { - CK_OBJECT_HANDLE certificateHandle; - CK_MECHANISM_PTR pSigningMechanism; - CK_MECHANISM_PTR pDigestMechanism; - CK_UTF8CHAR_PTR pContentType; - CK_BYTE_PTR pRequestedAttributes; - CK_ULONG ulRequestedAttributesLen; - CK_BYTE_PTR pRequiredAttributes; - CK_ULONG ulRequiredAttributesLen; -} CK_CMS_SIG_PARAMS; - -typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR; - -typedef struct CK_KEY_DERIVATION_STRING_DATA { - CK_BYTE_PTR pData; - CK_ULONG ulLen; -} CK_KEY_DERIVATION_STRING_DATA; - -typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ - CK_KEY_DERIVATION_STRING_DATA_PTR; - - -/* The CK_EXTRACT_PARAMS is used for the - * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit - * of the base key should be used as the first bit of the - * derived key - */ -typedef CK_ULONG CK_EXTRACT_PARAMS; - -typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; - -/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to - * indicate the Pseudo-Random Function (PRF) used to generate - * key bits using PKCS #5 PBKDF2. - */ -typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; - -typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR \ - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; - -#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001UL -#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 0x00000002UL -#define CKP_PKCS5_PBKD2_HMAC_SHA224 0x00000003UL -#define CKP_PKCS5_PBKD2_HMAC_SHA256 0x00000004UL -#define CKP_PKCS5_PBKD2_HMAC_SHA384 0x00000005UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512 0x00000006UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512_224 0x00000007UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512_256 0x00000008UL - -/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the - * source of the salt value when deriving a key using PKCS #5 - * PBKDF2. - */ -typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; - -typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR \ - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; - -/* The following salt value sources are defined in PKCS #5 v2.0. */ -#define CKZ_SALT_SPECIFIED 0x00000001UL - -/* CK_PKCS5_PBKD2_PARAMS is a structure that provides the - * parameters to the CKM_PKCS5_PBKD2 mechanism. - */ -typedef struct CK_PKCS5_PBKD2_PARAMS { - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; - CK_VOID_PTR pSaltSourceData; - CK_ULONG ulSaltSourceDataLen; - CK_ULONG iterations; - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; - CK_VOID_PTR pPrfData; - CK_ULONG ulPrfDataLen; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG_PTR ulPasswordLen; -} CK_PKCS5_PBKD2_PARAMS; - -typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; - -/* CK_PKCS5_PBKD2_PARAMS2 is a corrected version of the CK_PKCS5_PBKD2_PARAMS - * structure that provides the parameters to the CKM_PKCS5_PBKD2 mechanism - * noting that the ulPasswordLen field is a CK_ULONG and not a CK_ULONG_PTR. - */ -typedef struct CK_PKCS5_PBKD2_PARAMS2 { - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; - CK_VOID_PTR pSaltSourceData; - CK_ULONG ulSaltSourceDataLen; - CK_ULONG iterations; - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; - CK_VOID_PTR pPrfData; - CK_ULONG ulPrfDataLen; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG ulPasswordLen; -} CK_PKCS5_PBKD2_PARAMS2; - -typedef CK_PKCS5_PBKD2_PARAMS2 CK_PTR CK_PKCS5_PBKD2_PARAMS2_PTR; - -typedef CK_ULONG CK_OTP_PARAM_TYPE; -typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* backward compatibility */ - -typedef struct CK_OTP_PARAM { - CK_OTP_PARAM_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; -} CK_OTP_PARAM; - -typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR; - -typedef struct CK_OTP_PARAMS { - CK_OTP_PARAM_PTR pParams; - CK_ULONG ulCount; -} CK_OTP_PARAMS; - -typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR; - -typedef struct CK_OTP_SIGNATURE_INFO { - CK_OTP_PARAM_PTR pParams; - CK_ULONG ulCount; -} CK_OTP_SIGNATURE_INFO; - -typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR; - -#define CK_OTP_VALUE 0UL -#define CK_OTP_PIN 1UL -#define CK_OTP_CHALLENGE 2UL -#define CK_OTP_TIME 3UL -#define CK_OTP_COUNTER 4UL -#define CK_OTP_FLAGS 5UL -#define CK_OTP_OUTPUT_LENGTH 6UL -#define CK_OTP_OUTPUT_FORMAT 7UL - -#define CKF_NEXT_OTP 0x00000001UL -#define CKF_EXCLUDE_TIME 0x00000002UL -#define CKF_EXCLUDE_COUNTER 0x00000004UL -#define CKF_EXCLUDE_CHALLENGE 0x00000008UL -#define CKF_EXCLUDE_PIN 0x00000010UL -#define CKF_USER_FRIENDLY_OTP 0x00000020UL - -typedef struct CK_KIP_PARAMS { - CK_MECHANISM_PTR pMechanism; - CK_OBJECT_HANDLE hKey; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; -} CK_KIP_PARAMS; - -typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR; - -typedef struct CK_AES_CTR_PARAMS { - CK_ULONG ulCounterBits; - CK_BYTE cb[16]; -} CK_AES_CTR_PARAMS; - -typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; - -typedef struct CK_GCM_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvBits; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulTagBits; -} CK_GCM_PARAMS; - -typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR; - -typedef CK_ULONG CK_GENERATOR_FUNCTION; -#define CKG_NO_GENERATE 0x00000000UL -#define CKG_GENERATE 0x00000001UL -#define CKG_GENERATE_COUNTER 0x00000002UL -#define CKG_GENERATE_RANDOM 0x00000003UL - -typedef struct CK_GCM_MESSAGE_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvFixedBits; - CK_GENERATOR_FUNCTION ivGenerator; - CK_BYTE_PTR pTag; - CK_ULONG ulTagBits; -} CK_GCM_MESSAGE_PARAMS; - -typedef CK_GCM_MESSAGE_PARAMS CK_GCM_MESSAGE_PARAMS_PTR; - -typedef struct CK_CCM_PARAMS { - CK_ULONG ulDataLen; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulMACLen; -} CK_CCM_PARAMS; - -typedef CK_CCM_PARAMS CK_PTR CK_CCM_PARAMS_PTR; - -typedef struct CK_CCM_MESSAGE_PARAMS { - CK_ULONG ulDataLen; /*plaintext or ciphertext*/ - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_ULONG ulNonceFixedBits; - CK_GENERATOR_FUNCTION nonceGenerator; - CK_BYTE_PTR pMAC; - CK_ULONG ulMACLen; -} CK_CCM_MESSAGE_PARAMS; - -typedef CK_CCM_MESSAGE_PARAMS CK_CCM_MESSAGE_PARAMS_PTR; - -/* Deprecated. Use CK_GCM_PARAMS */ -typedef struct CK_AES_GCM_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvBits; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulTagBits; -} CK_AES_GCM_PARAMS; - -typedef CK_AES_GCM_PARAMS CK_PTR CK_AES_GCM_PARAMS_PTR; - -/* Deprecated. Use CK_CCM_PARAMS */ -typedef struct CK_AES_CCM_PARAMS { - CK_ULONG ulDataLen; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulMACLen; -} CK_AES_CCM_PARAMS; - -typedef CK_AES_CCM_PARAMS CK_PTR CK_AES_CCM_PARAMS_PTR; - -typedef struct CK_CAMELLIA_CTR_PARAMS { - CK_ULONG ulCounterBits; - CK_BYTE cb[16]; -} CK_CAMELLIA_CTR_PARAMS; - -typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR; - -typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_DSA_PARAMETER_GEN_PARAM { - CK_MECHANISM_TYPE hash; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_ULONG ulIndex; -} CK_DSA_PARAMETER_GEN_PARAM; - -typedef CK_DSA_PARAMETER_GEN_PARAM CK_PTR CK_DSA_PARAMETER_GEN_PARAM_PTR; - -typedef struct CK_ECDH_AES_KEY_WRAP_PARAMS { - CK_ULONG ulAESKeyBits; - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; -} CK_ECDH_AES_KEY_WRAP_PARAMS; - -typedef CK_ECDH_AES_KEY_WRAP_PARAMS CK_PTR CK_ECDH_AES_KEY_WRAP_PARAMS_PTR; - -typedef CK_ULONG CK_JAVA_MIDP_SECURITY_DOMAIN; - -typedef CK_ULONG CK_CERTIFICATE_CATEGORY; - -typedef struct CK_RSA_AES_KEY_WRAP_PARAMS { - CK_ULONG ulAESKeyBits; - CK_RSA_PKCS_OAEP_PARAMS_PTR pOAEPParams; -} CK_RSA_AES_KEY_WRAP_PARAMS; - -typedef CK_RSA_AES_KEY_WRAP_PARAMS CK_PTR CK_RSA_AES_KEY_WRAP_PARAMS_PTR; - -typedef struct CK_TLS12_MASTER_KEY_DERIVE_PARAMS { - CK_SSL3_RANDOM_DATA RandomInfo; - CK_VERSION_PTR pVersion; - CK_MECHANISM_TYPE prfHashMechanism; -} CK_TLS12_MASTER_KEY_DERIVE_PARAMS; - -typedef CK_TLS12_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_TLS12_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_TLS12_KEY_MAT_PARAMS { - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_BBOOL bIsExport; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; - CK_MECHANISM_TYPE prfHashMechanism; -} CK_TLS12_KEY_MAT_PARAMS; - -typedef CK_TLS12_KEY_MAT_PARAMS CK_PTR CK_TLS12_KEY_MAT_PARAMS_PTR; - -typedef struct CK_TLS_KDF_PARAMS { - CK_MECHANISM_TYPE prfMechanism; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLength; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_BYTE_PTR pContextData; - CK_ULONG ulContextDataLength; -} CK_TLS_KDF_PARAMS; - -typedef CK_TLS_KDF_PARAMS CK_PTR CK_TLS_KDF_PARAMS_PTR; - -typedef struct CK_TLS_MAC_PARAMS { - CK_MECHANISM_TYPE prfHashMechanism; - CK_ULONG ulMacLength; - CK_ULONG ulServerOrClient; -} CK_TLS_MAC_PARAMS; - -typedef CK_TLS_MAC_PARAMS CK_PTR CK_TLS_MAC_PARAMS_PTR; - -typedef struct CK_GOSTR3410_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pUKM; - CK_ULONG ulUKMLen; -} CK_GOSTR3410_DERIVE_PARAMS; - -typedef CK_GOSTR3410_DERIVE_PARAMS CK_PTR CK_GOSTR3410_DERIVE_PARAMS_PTR; - -typedef struct CK_GOSTR3410_KEY_WRAP_PARAMS { - CK_BYTE_PTR pWrapOID; - CK_ULONG ulWrapOIDLen; - CK_BYTE_PTR pUKM; - CK_ULONG ulUKMLen; - CK_OBJECT_HANDLE hKey; -} CK_GOSTR3410_KEY_WRAP_PARAMS; - -typedef CK_GOSTR3410_KEY_WRAP_PARAMS CK_PTR CK_GOSTR3410_KEY_WRAP_PARAMS_PTR; - -typedef struct CK_SEED_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_SEED_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_SEED_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_SEED_CBC_ENCRYPT_DATA_PARAMS_PTR; - -/* - * New PKCS 11 v3.0 data structures. - */ - -typedef CK_ULONG CK_PROFILE_ID; -typedef CK_PROFILE_ID CK_PTR CK_PROFILE_ID_PTR; - -/* Typedefs for Flexible KDF */ -typedef CK_ULONG CK_PRF_DATA_TYPE; -typedef CK_MECHANISM_TYPE CK_SP800_108_PRF_TYPE; -#define CK_SP800_108_ITERATION_VARIABLE 0x00000001UL -#define CK_SP800_108_OPTIONAL_COUNTER 0x00000002UL -#define CK_SP800_108_DKM_LENGTH 0x00000003UL -#define CK_SP800_108_BYTE_ARRAY 0x00000004UL -#define CK_SP800_108_COUNTER CK_SP800_108_OPTIONAL_COUNTER - -typedef struct CK_PRF_DATA_PARAM -{ - CK_PRF_DATA_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; -} CK_PRF_DATA_PARAM; - -typedef CK_PRF_DATA_PARAM CK_PTR CK_PRF_DATA_PARAM_PTR; - - -typedef struct CK_SP800_108_COUNTER_FORMAT -{ - CK_BBOOL bLittleEndian; - CK_ULONG ulWidthInBits; -} CK_SP800_108_COUNTER_FORMAT; - -typedef CK_SP800_108_COUNTER_FORMAT CK_PTR CK_SP800_108_COUNTER_FORMAT_PTR; - -typedef CK_ULONG CK_SP800_108_DKM_LENGTH_METHOD; -#define CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS 0x00000001UL -#define CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS 0x00000002UL - -typedef struct CK_SP800_108_DKM_LENGTH_FORMAT -{ - CK_SP800_108_DKM_LENGTH_METHOD dkmLengthMethod; - CK_BBOOL bLittleEndian; - CK_ULONG ulWidthInBits; -} CK_SP800_108_DKM_LENGTH_FORMAT; - -typedef CK_SP800_108_DKM_LENGTH_FORMAT \ - CK_PTR CK_SP800_108_DKM_LENGTH_FORMAT_PTR; - -typedef struct CK_DERIVED_KEY -{ - CK_ATTRIBUTE_PTR pTemplate; - CK_ULONG ulAttributeCount; - CK_OBJECT_HANDLE_PTR phKey; -} CK_DERIVED_KEY; - -typedef CK_DERIVED_KEY CK_PTR CK_DERIVED_KEY_PTR; - -typedef struct CK_SP800_108_KDF_PARAMS -{ - CK_SP800_108_PRF_TYPE prfType; - CK_ULONG ulNumberOfDataParams; - CK_PRF_DATA_PARAM_PTR pDataParams; - CK_ULONG ulAdditionalDerivedKeys; - CK_DERIVED_KEY_PTR pAdditionalDerivedKeys; -} CK_SP800_108_KDF_PARAMS; - -typedef CK_SP800_108_KDF_PARAMS CK_PTR CK_SP800_108_KDF_PARAMS_PTR; - -typedef struct CK_SP800_108_FEEDBACK_KDF_PARAMS -{ - CK_SP800_108_PRF_TYPE prfType; - CK_ULONG ulNumberOfDataParams; - CK_PRF_DATA_PARAM_PTR pDataParams; - CK_ULONG ulIVLen; - CK_BYTE_PTR pIV; - CK_ULONG ulAdditionalDerivedKeys; - CK_DERIVED_KEY_PTR pAdditionalDerivedKeys; -} CK_SP800_108_FEEDBACK_KDF_PARAMS; - -typedef CK_SP800_108_FEEDBACK_KDF_PARAMS \ - CK_PTR CK_SP800_108_FEEDBACK_KDF_PARAMS_PTR; - -/* EDDSA */ -typedef struct CK_EDDSA_PARAMS { - CK_BBOOL phFlag; - CK_ULONG ulContextDataLen; - CK_BYTE_PTR pContextData; -} CK_EDDSA_PARAMS; - -typedef CK_EDDSA_PARAMS CK_PTR CK_EDDSA_PARAMS_PTR; - -/* Extended ChaCha20/Salsa20 support*/ -typedef struct CK_CHACHA20_PARAMS { - CK_BYTE_PTR pBlockCounter; - CK_ULONG blockCounterBits; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceBits; -} CK_CHACHA20_PARAMS; - -typedef CK_CHACHA20_PARAMS CK_PTR CK_CHACHA20_PARAMS_PTR; - -typedef struct CK_SALSA20_PARAMS { - CK_BYTE_PTR pBlockCounter; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceBits; -} CK_SALSA20_PARAMS; -typedef CK_SALSA20_PARAMS CK_PTR CK_SALSA20_PARAMS_PTR; - -typedef struct CK_SALSA20_CHACHA20_POLY1305_PARAMS { - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; -} CK_SALSA20_CHACHA20_POLY1305_PARAMS; - -typedef CK_SALSA20_CHACHA20_POLY1305_PARAMS \ - CK_PTR CK_SALSA20_CHACHA20_POLY1305_PARAMS_PTR; - -typedef struct CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS { - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pTag; -} CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS; - -typedef CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS \ - CK_PTR CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS_PTR; - -typedef CK_ULONG CK_X3DH_KDF_TYPE; -typedef CK_X3DH_KDF_TYPE CK_PTR CK_X3DH_KDF_TYPE_PTR; - -/* X3dh, ratchet */ -typedef struct CK_X3DH_INITIATE_PARAMS { - CK_X3DH_KDF_TYPE kdf; - CK_OBJECT_HANDLE pPeer_identity; - CK_OBJECT_HANDLE pPeer_prekey; - CK_BYTE_PTR pPrekey_signature; - CK_BYTE_PTR pOnetime_key; - CK_OBJECT_HANDLE pOwn_identity; - CK_OBJECT_HANDLE pOwn_ephemeral; -} CK_X3DH_INITIATE_PARAMS; - -typedef struct CK_X3DH_RESPOND_PARAMS { - CK_X3DH_KDF_TYPE kdf; - CK_BYTE_PTR pIdentity_id; - CK_BYTE_PTR pPrekey_id; - CK_BYTE_PTR pOnetime_id; - CK_OBJECT_HANDLE pInitiator_identity; - CK_BYTE_PTR pInitiator_ephemeral; -} CK_X3DH_RESPOND_PARAMS; - -typedef CK_ULONG CK_X2RATCHET_KDF_TYPE; -typedef CK_X2RATCHET_KDF_TYPE CK_PTR CK_X2RATCHET_KDF_TYPE_PTR; - -typedef struct CK_X2RATCHET_INITIALIZE_PARAMS { - CK_BYTE_PTR sk; - CK_OBJECT_HANDLE peer_public_prekey; - CK_OBJECT_HANDLE peer_public_identity; - CK_OBJECT_HANDLE own_public_identity; - CK_BBOOL bEncryptedHeader; - CK_ULONG eCurve; - CK_MECHANISM_TYPE aeadMechanism; - CK_X2RATCHET_KDF_TYPE kdfMechanism; -} CK_X2RATCHET_INITIALIZE_PARAMS; - -typedef CK_X2RATCHET_INITIALIZE_PARAMS \ - CK_PTR CK_X2RATCHET_INITIALIZE_PARAMS_PTR; - -typedef struct CK_X2RATCHET_RESPOND_PARAMS { - CK_BYTE_PTR sk; - CK_OBJECT_HANDLE own_prekey; - CK_OBJECT_HANDLE initiator_identity; - CK_OBJECT_HANDLE own_public_identity; - CK_BBOOL bEncryptedHeader; - CK_ULONG eCurve; - CK_MECHANISM_TYPE aeadMechanism; - CK_X2RATCHET_KDF_TYPE kdfMechanism; -} CK_X2RATCHET_RESPOND_PARAMS; -typedef CK_X2RATCHET_RESPOND_PARAMS \ - CK_PTR CK_X2RATCHET_RESPOND_PARAMS_PTR; - -typedef CK_ULONG CK_XEDDSA_HASH_TYPE; -typedef CK_XEDDSA_HASH_TYPE CK_PTR CK_XEDDSA_HASH_TYPE_PTR; - -/* XEDDSA */ -typedef struct CK_XEDDSA_PARAMS { - CK_XEDDSA_HASH_TYPE hash; -} CK_XEDDSA_PARAMS; -typedef CK_XEDDSA_PARAMS CK_PTR CK_XEDDSA_PARAMS_PTR; - -typedef struct CK_HKDF_PARAMS { - CK_BBOOL bExtract; - CK_BBOOL bExpand; - CK_MECHANISM_TYPE prfHashMechanism; - CK_ULONG ulSaltType; - CK_BYTE_PTR pSalt; - CK_ULONG ulSaltLen; - CK_OBJECT_HANDLE hSaltKey; - CK_BYTE_PTR pInfo; - CK_ULONG ulInfoLen; -} CK_HKDF_PARAMS; -typedef CK_HKDF_PARAMS CK_PTR CK_HKDF_PARAMS_PTR; - -#define CKF_HKDF_SALT_NULL 0x00000001UL -#define CKF_HKDF_SALT_DATA 0x00000002UL -#define CKF_HKDF_SALT_KEY 0x00000004UL - -#endif /* _PKCS11T_H_ */ - diff --git a/working/3-01-wd-01/pkcs11.h b/working/3-01-wd-01/pkcs11.h deleted file mode 100644 index cf520ce..0000000 --- a/working/3-01-wd-01/pkcs11.h +++ /dev/null @@ -1,247 +0,0 @@ -/* Copyright (c) OASIS Open 2016,2019. All Rights Reserved./ - * /Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -/* Latest version of the specification: - * http://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/pkcs11-base-v3.0.html - */ - -#ifndef _PKCS11_H_ -#define _PKCS11_H_ 1 - -#ifdef __cplusplus -extern "C" { -#endif - -/* Before including this file (pkcs11.h) (or pkcs11t.h by - * itself), 5 platform-specific macros must be defined. These - * macros are described below, and typical definitions for them - * are also given. Be advised that these definitions can depend - * on both the platform and the compiler used (and possibly also - * on whether a Cryptoki library is linked statically or - * dynamically). - * - * In addition to defining these 5 macros, the packing convention - * for Cryptoki structures should be set. The Cryptoki - * convention on packing is that structures should be 1-byte - * aligned. - * - * If you're using Windows this might be done by using the following - * preprocessor directive before including pkcs11.h or pkcs11t.h: - * - * #pragma pack(push, cryptoki, 1) - * - * and using the following preprocessor directive after including - * pkcs11.h or pkcs11t.h: - * - * #pragma pack(pop, cryptoki) - * - * In a UNIX environment, you're on your own for this. You might - * not need to do (or be able to do!) anything. - * - * - * Now for the macros: - * - * - * 1. CK_PTR: The indirection string for making a pointer to an - * object. It can be used like this: - * - * typedef CK_BYTE CK_PTR CK_BYTE_PTR; - * - * If you're using Windows, it might be defined by: - * - * #define CK_PTR * - * - * In a typical UNIX environment, it might be defined by: - * - * #define CK_PTR * - * - * - * 2. CK_DECLARE_FUNCTION(returnType, name): A macro which makes - * an importable Cryptoki library function declaration out of a - * return type and a function name. It should be used in the - * following fashion: - * - * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)( - * CK_VOID_PTR pReserved - * ); - * - * If you're using Windows to declare a function in a Win32 Cryptoki .dll, - * it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType __declspec(dllimport) name - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType name - * - * - * 3. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro - * which makes a Cryptoki API function pointer declaration or - * function pointer type declaration out of a return type and a - * function name. It should be used in the following fashion: - * - * // Define funcPtr to be a pointer to a Cryptoki API function - * // taking arguments args and returning CK_RV. - * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args); - * - * or - * - * // Define funcPtrType to be the type of a pointer to a - * // Cryptoki API function taking arguments args and returning - * // CK_RV, and then define funcPtr to be a variable of type - * // funcPtrType. - * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args); - * funcPtrType funcPtr; - * - * If you're using Windows to access - * functions in a Win32 Cryptoki .dll, in might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType __declspec(dllimport) (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType (* name) - * - * - * 4. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes - * a function pointer type for an application callback out of - * a return type for the callback and a name for the callback. - * It should be used in the following fashion: - * - * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args); - * - * to declare a function pointer, myCallback, to a callback - * which takes arguments args and returns a CK_RV. It can also - * be used like this: - * - * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args); - * myCallbackType myCallback; - * - * If you're using Windows, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * - * 5. NULL_PTR: This macro is the value of a NULL pointer. - * - * In any ANSI/ISO C environment (and in many others as well), - * this should best be defined by - * - * #ifndef NULL_PTR - * #define NULL_PTR 0 - * #endif - */ - - -/* All the various Cryptoki types and #define'd values are in the - * file pkcs11t.h. - */ -#include "pkcs11t.h" - -#define __PASTE(x,y) x##y - - -/* ============================================================== - * Define the "extern" form of all the entry points. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - extern CK_DECLARE_FUNCTION(CK_RV, name) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define the typedef form of all the entry points. That is, for - * each Cryptoki function C_XXX, define a type CK_C_XXX which is - * a pointer to that kind of function. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name)) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define structed vector of entry points. A CK_FUNCTION_LIST - * contains a CK_VERSION indicating a library's Cryptoki version - * and then a whole slew of function pointers to the routines in - * the library. This type was declared, but not defined, in - * pkcs11t.h. - * ============================================================== - */ - -#define CK_PKCS11_FUNCTION_INFO(name) \ - __PASTE(CK_,name) name; - -/* Create the 3.0 Function list */ -struct CK_FUNCTION_LIST_3_0 { - - CK_VERSION version; /* Cryptoki version */ - -/* Pile all the function pointers into the CK_FUNCTION_LIST. */ -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -}; - -#define CK_PKCS11_2_0_ONLY 1 - -/* Continue to define the old CK_FUNCTION_LIST */ -struct CK_FUNCTION_LIST { - - CK_VERSION version; /* Cryptoki version */ - -/* Pile all the function pointers into the CK_FUNCTION_LIST. */ -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. - */ -#include "pkcs11f.h" - -}; - -#undef CK_PKCS11_FUNCTION_INFO -#undef CK_PKCS11_2_0_ONLY - - -#undef __PASTE - -#ifdef __cplusplus -} -#endif - -#endif /* _PKCS11_H_ */ - diff --git a/working/3-01-wd-01/pkcs11f.h b/working/3-01-wd-01/pkcs11f.h deleted file mode 100644 index a475f6d..0000000 --- a/working/3-01-wd-01/pkcs11f.h +++ /dev/null @@ -1,1196 +0,0 @@ -/* Copyright (c) OASIS Open 2016, 2019. All Rights Reserved./ - * /Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -/* Latest version of the specification: - * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html - */ - -/* This header file contains pretty much everything about all the - * Cryptoki function prototypes. Because this information is - * used for more than just declaring function prototypes, the - * order of the functions appearing herein is important, and - * should not be altered. - */ - -/* General-purpose */ - -/* C_Initialize initializes the Cryptoki library. */ -CK_PKCS11_FUNCTION_INFO(C_Initialize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets - * cast to CK_C_INITIALIZE_ARGS_PTR - * and dereferenced - */ -); -#endif - - -/* C_Finalize indicates that an application is done with the - * Cryptoki library. - */ -CK_PKCS11_FUNCTION_INFO(C_Finalize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ -); -#endif - - -/* C_GetInfo returns general information about Cryptoki. */ -CK_PKCS11_FUNCTION_INFO(C_GetInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_INFO_PTR pInfo /* location that receives information */ -); -#endif - - -/* C_GetFunctionList returns the function list. */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) -#ifdef CK_NEED_ARG_LIST -( - CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to - * function list - */ -); -#endif - - - -/* Slot and token management */ - -/* C_GetSlotList obtains a list of slots in the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotList) -#ifdef CK_NEED_ARG_LIST -( - CK_BBOOL tokenPresent, /* only slots with tokens */ - CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ - CK_ULONG_PTR pulCount /* receives number of slots */ -); -#endif - - -/* C_GetSlotInfo obtains information about a particular slot in - * the system. - */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the ID of the slot */ - CK_SLOT_INFO_PTR pInfo /* receives the slot information */ -); -#endif - - -/* C_GetTokenInfo obtains information about a particular token - * in the system. - */ -CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_TOKEN_INFO_PTR pInfo /* receives the token information */ -); -#endif - - -/* C_GetMechanismList obtains a list of mechanism types - * supported by a token. - */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of token's slot */ - CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ - CK_ULONG_PTR pulCount /* gets # of mechs. */ -); -#endif - - -/* C_GetMechanismInfo obtains information about a particular - * mechanism possibly supported by a token. - */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_MECHANISM_TYPE type, /* type of mechanism */ - CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ -); -#endif - - -/* C_InitToken initializes a token. */ -CK_PKCS11_FUNCTION_INFO(C_InitToken) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ - CK_ULONG ulPinLen, /* length in bytes of the PIN */ - CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ -); -#endif - - -/* C_InitPIN initializes the normal user's PIN. */ -CK_PKCS11_FUNCTION_INFO(C_InitPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ - CK_ULONG ulPinLen /* length in bytes of the PIN */ -); -#endif - - -/* C_SetPIN modifies the PIN of the user who is logged in. */ -CK_PKCS11_FUNCTION_INFO(C_SetPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ - CK_ULONG ulOldLen, /* length of the old PIN */ - CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ - CK_ULONG ulNewLen /* length of the new PIN */ -); -#endif - - - -/* Session management */ - -/* C_OpenSession opens a session between an application and a - * token. - */ -CK_PKCS11_FUNCTION_INFO(C_OpenSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the slot's ID */ - CK_FLAGS flags, /* from CK_SESSION_INFO */ - CK_VOID_PTR pApplication, /* passed to callback */ - CK_NOTIFY Notify, /* callback function */ - CK_SESSION_HANDLE_PTR phSession /* gets session handle */ -); -#endif - - -/* C_CloseSession closes a session between an application and a - * token. - */ -CK_PKCS11_FUNCTION_INFO(C_CloseSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CloseAllSessions closes all sessions with a token. */ -CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID /* the token's slot */ -); -#endif - - -/* C_GetSessionInfo obtains information about the session. */ -CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_SESSION_INFO_PTR pInfo /* receives session info */ -); -#endif - - -/* C_GetOperationState obtains the state of the cryptographic operation - * in a session. - */ -CK_PKCS11_FUNCTION_INFO(C_GetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* gets state */ - CK_ULONG_PTR pulOperationStateLen /* gets state length */ -); -#endif - - -/* C_SetOperationState restores the state of the cryptographic - * operation in a session. - */ -CK_PKCS11_FUNCTION_INFO(C_SetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* holds state */ - CK_ULONG ulOperationStateLen, /* holds state length */ - CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ - CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ -); -#endif - - -/* C_Login logs a user into a token. */ -CK_PKCS11_FUNCTION_INFO(C_Login) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_USER_TYPE userType, /* the user type */ - CK_UTF8CHAR_PTR pPin, /* the user's PIN */ - CK_ULONG ulPinLen /* the length of the PIN */ -); -#endif - - -/* C_Logout logs a user out from a token. */ -CK_PKCS11_FUNCTION_INFO(C_Logout) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Object management */ - -/* C_CreateObject creates a new object. */ -CK_PKCS11_FUNCTION_INFO(C_CreateObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ -); -#endif - - -/* C_CopyObject copies an object, creating a new object for the - * copy. - */ -CK_PKCS11_FUNCTION_INFO(C_CopyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ -); -#endif - - -/* C_DestroyObject destroys an object. */ -CK_PKCS11_FUNCTION_INFO(C_DestroyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject /* the object's handle */ -); -#endif - - -/* C_GetObjectSize gets the size of an object in bytes. */ -CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ULONG_PTR pulSize /* receives size of object */ -); -#endif - - -/* C_GetAttributeValue obtains the value of one or more object - * attributes. - */ -CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_SetAttributeValue modifies the value of one or more object - * attributes. - */ -CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_FindObjectsInit initializes a search for token and session - * objects that match a template. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ - CK_ULONG ulCount /* attrs in search template */ -); -#endif - - -/* C_FindObjects continues a search for token and session - * objects that match a template, obtaining additional object - * handles. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjects) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ - CK_ULONG ulMaxObjectCount, /* max handles to get */ - CK_ULONG_PTR pulObjectCount /* actual # returned */ -); -#endif - - -/* C_FindObjectsFinal finishes a search for token and session - * objects. - */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Encryption and decryption */ - -/* C_EncryptInit initializes an encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of encryption key */ -); -#endif - - -/* C_Encrypt encrypts single-part data. */ -CK_PKCS11_FUNCTION_INFO(C_Encrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pData, /* the plaintext data */ - CK_ULONG ulDataLen, /* bytes of plaintext */ - CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ -); -#endif - - -/* C_EncryptUpdate continues a multiple-part encryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext data len */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ -); -#endif - - -/* C_EncryptFinal finishes a multiple-part encryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session handle */ - CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ - CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ -); -#endif - - -/* C_DecryptInit initializes a decryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of decryption key */ -); -#endif - - -/* C_Decrypt decrypts encrypted data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Decrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedData, /* ciphertext */ - CK_ULONG ulEncryptedDataLen, /* ciphertext length */ - CK_BYTE_PTR pData, /* gets plaintext */ - CK_ULONG_PTR pulDataLen /* gets p-text size */ -); -#endif - - -/* C_DecryptUpdate continues a multiple-part decryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* encrypted data */ - CK_ULONG ulEncryptedPartLen, /* input length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* p-text size */ -); -#endif - - -/* C_DecryptFinal finishes a multiple-part decryption - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pLastPart, /* gets plaintext */ - CK_ULONG_PTR pulLastPartLen /* p-text size */ -); -#endif - - - -/* Message digesting */ - -/* C_DigestInit initializes a message-digesting operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ -); -#endif - - -/* C_Digest digests data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Digest) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* data to be digested */ - CK_ULONG ulDataLen, /* bytes of data to digest */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets digest length */ -); -#endif - - -/* C_DigestUpdate continues a multiple-part message-digesting - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* data to be digested */ - CK_ULONG ulPartLen /* bytes of data to be digested */ -); -#endif - - -/* C_DigestKey continues a multi-part message-digesting - * operation, by digesting the value of a secret key as part of - * the data already digested. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hKey /* secret key to digest */ -); -#endif - - -/* C_DigestFinal finishes a multiple-part message-digesting - * operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ -); -#endif - - - -/* Signing and MACing */ - -/* C_SignInit initializes a signature (private key encryption) - * operation, where the signature is (will be) an appendix to - * the data, and plaintext cannot be recovered from the - * signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signature key */ -); -#endif - - -/* C_Sign signs (encrypts with private key) data in a single - * part, where the signature is (will be) an appendix to the - * data, and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_Sign) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignUpdate continues a multiple-part signature operation, - * where the signature is (will be) an appendix to the data, - * and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* the data to sign */ - CK_ULONG ulPartLen /* count of bytes to sign */ -); -#endif - - -/* C_SignFinal finishes a multiple-part signature operation, - * returning the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignRecoverInit initializes a signature operation, where - * the data can be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of the signature key */ -); -#endif - - -/* C_SignRecover signs data in a single operation, where the - * data can be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_SignRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - - -/* Verifying signatures and MACs */ - -/* C_VerifyInit initializes a verification operation, where the - * signature is an appendix to the data, and plaintext cannot - * cannot be recovered from the signature (e.g. DSA). - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_Verify verifies a signature in a single-part operation, - * where the signature is an appendix to the data, and plaintext - * cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_Verify) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* signed data */ - CK_ULONG ulDataLen, /* length of signed data */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length*/ -); -#endif - - -/* C_VerifyUpdate continues a multiple-part verification - * operation, where the signature is an appendix to the data, - * and plaintext cannot be recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* signed data */ - CK_ULONG ulPartLen /* length of signed data */ -); -#endif - - -/* C_VerifyFinal finishes a multiple-part verification - * operation, checking the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - - -/* C_VerifyRecoverInit initializes a signature verification - * operation, where the data is recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_VerifyRecover verifies a signature in a single-part - * operation, where the data is recovered from the signature. - */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen, /* signature length */ - CK_BYTE_PTR pData, /* gets signed data */ - CK_ULONG_PTR pulDataLen /* gets signed data len */ -); -#endif - - - -/* Dual-function cryptographic operations */ - -/* C_DigestEncryptUpdate continues a multiple-part digesting - * and encryption operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptDigestUpdate continues a multiple-part decryption and - * digesting operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets plaintext len */ -); -#endif - - -/* C_SignEncryptUpdate continues a multiple-part signing and - * encryption operation. - */ -CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptVerifyUpdate continues a multiple-part decryption and - * verify operation. - */ -CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets p-text length */ -); -#endif - - - -/* Key management */ - -/* C_GenerateKey generates a secret key, creating a new key - * object. - */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* key generation mech. */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ - CK_ULONG ulCount, /* # of attrs in template */ - CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ -); -#endif - - -/* C_GenerateKeyPair generates a public-key/private-key pair, - * creating new key objects. - */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session handle */ - CK_MECHANISM_PTR pMechanism, /* key-gen mech. */ - CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */ - CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */ - CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */ - CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */ - CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */ - CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */ -); -#endif - - -/* C_WrapKey wraps (i.e., encrypts) a key. */ -CK_PKCS11_FUNCTION_INFO(C_WrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ - CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ - CK_OBJECT_HANDLE hKey, /* key to be wrapped */ - CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ - CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ -); -#endif - - -/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new - * key object. - */ -CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ - CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ - CK_BYTE_PTR pWrappedKey, /* the wrapped key */ - CK_ULONG ulWrappedKeyLen, /* wrapped key len */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - -/* C_DeriveKey derives a key from a base key, creating a new key - * object. - */ -CK_PKCS11_FUNCTION_INFO(C_DeriveKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ - CK_OBJECT_HANDLE hBaseKey, /* base key */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - - -/* Random number generation */ - -/* C_SeedRandom mixes additional seed material into the token's - * random number generator. - */ -CK_PKCS11_FUNCTION_INFO(C_SeedRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSeed, /* the seed material */ - CK_ULONG ulSeedLen /* length of seed material */ -); -#endif - - -/* C_GenerateRandom generates random data. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR RandomData, /* receives the random data */ - CK_ULONG ulRandomLen /* # of bytes to generate */ -); -#endif - - - -/* Parallel function management */ - -/* C_GetFunctionStatus is a legacy function; it obtains an - * updated status of a function running in parallel with an - * application. - */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CancelFunction is a legacy function; it cancels a function - * running in parallel. - */ -CK_PKCS11_FUNCTION_INFO(C_CancelFunction) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_WaitForSlotEvent waits for a slot event (token insertion, - * removal, etc.) to occur. - */ -CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) -#ifdef CK_NEED_ARG_LIST -( - CK_FLAGS flags, /* blocking/nonblocking flag */ - CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ - CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ -); -#endif - -#ifndef CK_PKCS11_2_0_ONLY -/* C_GetInterfaceList returns all the interfaces supported by the module*/ -CK_PKCS11_FUNCTION_INFO(C_GetInterfaceList) -#ifdef CK_NEED_ARG_LIST -( - CK_INTERFACE_PTR pInterfacesList, /* returned interfaces */ - CK_ULONG_PTR pulCount /* number of interfaces returned */ -); -#endif - -/* C_GetInterface returns a specific interface from the module. */ -CK_PKCS11_FUNCTION_INFO(C_GetInterface) -#ifdef CK_NEED_ARG_LIST -( - CK_UTF8CHAR_PTR pInterfaceName, /* name of the interface */ - CK_VERSION_PTR pVersion, /* version of the interface */ - CK_INTERFACE_PTR_PTR ppInterface, /* returned interface */ - CK_FLAGS flags /* flags controlling the semantics - * of the interface */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_LoginUser) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_USER_TYPE userType, /* the user type */ - CK_UTF8CHAR_PTR pPin, /* the user's PIN */ - CK_ULONG ulPinLen, /* the length of the PIN */ - CK_UTF8CHAR_PTR pUsername, /* the user's name */ - CK_ULONG ulUsernameLen /*the length of the user's name */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SessionCancel) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_FLAGS flags /* flags control which sessions are cancelled */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageEncryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of encryption key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen, /* AEAD Associated data length */ - CK_BYTE_PTR pPlaintext, /* plain text */ - CK_ULONG ulPlaintextLen, /* plain text length */ - CK_BYTE_PTR pCiphertext, /* gets cipher text */ - CK_ULONG_PTR pulCiphertextLen /* gets cipher text length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen /* AEAD Associated data length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_EncryptMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pPlaintextPart, /* plain text */ - CK_ULONG ulPlaintextPartLen, /* plain text length */ - CK_BYTE_PTR pCiphertextPart, /* gets cipher text */ - CK_ULONG_PTR pulCiphertextPartLen, /* gets cipher text length */ - CK_FLAGS flags /* multi mode flag */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageEncryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageDecryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of decryption key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen, /* AEAD Associated data length */ - CK_BYTE_PTR pCiphertext, /* cipher text */ - CK_ULONG ulCiphertextLen, /* cipher text length */ - CK_BYTE_PTR pPlaintext, /* gets plain text */ - CK_ULONG_PTR pulPlaintextLen /* gets plain text length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pAssociatedData, /* AEAD Associated data */ - CK_ULONG ulAssociatedDataLen /* AEAD Associated data length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_DecryptMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pCiphertextPart, /* cipher text */ - CK_ULONG ulCiphertextPartLen, /* cipher text length */ - CK_BYTE_PTR pPlaintextPart, /* gets plain text */ - CK_ULONG_PTR pulPlaintextPartLen, /* gets plain text length */ - CK_FLAGS flags /* multi mode flag */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageDecryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageSignInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signing mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signing key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* gets signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen /* length of message specific parameter */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_SignMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* gets signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageSignFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageVerifyInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signing mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signing key */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessage) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessageBegin) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen /* length of message specific parameter */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_VerifyMessageNext) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_VOID_PTR pParameter, /* message specific parameter */ - CK_ULONG ulParameterLen, /* length of message specific parameter */ - CK_BYTE_PTR pData, /* data to sign */ - CK_ULONG ulDataLen, /* data to sign length */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - -CK_PKCS11_FUNCTION_INFO(C_MessageVerifyFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - -#endif /* CK_PKCS11_2_0_ONLY */ diff --git a/working/3-01-wd-01/pkcs11t.h b/working/3-01-wd-01/pkcs11t.h deleted file mode 100644 index f68ce2f..0000000 --- a/working/3-01-wd-01/pkcs11t.h +++ /dev/null @@ -1,2524 +0,0 @@ -/* Copyright (c) OASIS Open 2016, 2019. All Rights Reserved./ - * /Distributed under the terms of the OASIS IPR Policy, - * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY - * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A - * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. - */ - -/* Latest version of the specification: - * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html - */ - -/* See top of pkcs11.h for information about the macros that - * must be defined and the structure-packing conventions that - * must be set before including this file. - */ - -#ifndef _PKCS11T_H_ -#define _PKCS11T_H_ 1 - -#define CRYPTOKI_VERSION_MAJOR 3 -#define CRYPTOKI_VERSION_MINOR 1 -#define CRYPTOKI_VERSION_AMENDMENT 0 - -#define CK_TRUE 1 -#define CK_FALSE 0 - -#ifndef CK_DISABLE_TRUE_FALSE -#ifndef FALSE -#define FALSE CK_FALSE -#endif -#ifndef TRUE -#define TRUE CK_TRUE -#endif -#endif - -/* an unsigned 8-bit value */ -typedef unsigned char CK_BYTE; - -/* an unsigned 8-bit character */ -typedef CK_BYTE CK_CHAR; - -/* an 8-bit UTF-8 character */ -typedef CK_BYTE CK_UTF8CHAR; - -/* a BYTE-sized Boolean flag */ -typedef CK_BYTE CK_BBOOL; - -/* an unsigned value, at least 32 bits long */ -typedef unsigned long int CK_ULONG; - -/* a signed value, the same size as a CK_ULONG */ -typedef long int CK_LONG; - -/* at least 32 bits; each bit is a Boolean flag */ -typedef CK_ULONG CK_FLAGS; - - -/* some special values for certain CK_ULONG variables */ -#define CK_UNAVAILABLE_INFORMATION (~0UL) -#define CK_EFFECTIVELY_INFINITE 0UL - - -typedef CK_BYTE CK_PTR CK_BYTE_PTR; -typedef CK_CHAR CK_PTR CK_CHAR_PTR; -typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; -typedef CK_ULONG CK_PTR CK_ULONG_PTR; -typedef void CK_PTR CK_VOID_PTR; - -/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ -typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; - - -/* The following value is always invalid if used as a session - * handle or object handle - */ -#define CK_INVALID_HANDLE 0UL - - -typedef struct CK_VERSION { - CK_BYTE major; /* integer portion of version number */ - CK_BYTE minor; /* 1/100ths portion of version number */ -} CK_VERSION; - -typedef CK_VERSION CK_PTR CK_VERSION_PTR; - - -typedef struct CK_INFO { - CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; /* must be zero */ - CK_UTF8CHAR libraryDescription[32]; /* blank padded */ - CK_VERSION libraryVersion; /* version of library */ -} CK_INFO; - -typedef CK_INFO CK_PTR CK_INFO_PTR; - - -/* CK_NOTIFICATION enumerates the types of notifications that - * Cryptoki provides to an application - */ -typedef CK_ULONG CK_NOTIFICATION; -#define CKN_SURRENDER 0UL -#define CKN_OTP_CHANGED 1UL - -typedef CK_ULONG CK_SLOT_ID; - -typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; - - -/* CK_SLOT_INFO provides information about a slot */ -typedef struct CK_SLOT_INFO { - CK_UTF8CHAR slotDescription[64]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; - - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ -} CK_SLOT_INFO; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_TOKEN_PRESENT 0x00000001UL /* a token is there */ -#define CKF_REMOVABLE_DEVICE 0x00000002UL /* removable devices*/ -#define CKF_HW_SLOT 0x00000004UL /* hardware slot */ - -typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; - - -/* CK_TOKEN_INFO provides information about a token */ -typedef struct CK_TOKEN_INFO { - CK_UTF8CHAR label[32]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_UTF8CHAR model[16]; /* blank padded */ - CK_CHAR serialNumber[16]; /* blank padded */ - CK_FLAGS flags; /* see below */ - - CK_ULONG ulMaxSessionCount; /* max open sessions */ - CK_ULONG ulSessionCount; /* sess. now open */ - CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ - CK_ULONG ulRwSessionCount; /* R/W sess. now open */ - CK_ULONG ulMaxPinLen; /* in bytes */ - CK_ULONG ulMinPinLen; /* in bytes */ - CK_ULONG ulTotalPublicMemory; /* in bytes */ - CK_ULONG ulFreePublicMemory; /* in bytes */ - CK_ULONG ulTotalPrivateMemory; /* in bytes */ - CK_ULONG ulFreePrivateMemory; /* in bytes */ - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ - CK_CHAR utcTime[16]; /* time */ -} CK_TOKEN_INFO; - -/* The flags parameter is defined as follows: - * Bit Flag Mask Meaning - */ -#define CKF_RNG 0x00000001UL /* has random # generator */ -#define CKF_WRITE_PROTECTED 0x00000002UL /* token is write-protected */ -#define CKF_LOGIN_REQUIRED 0x00000004UL /* user must login */ -#define CKF_USER_PIN_INITIALIZED 0x00000008UL /* normal user's PIN is set */ - -/* CKF_RESTORE_KEY_NOT_NEEDED. If it is set, - * that means that *every* time the state of cryptographic - * operations of a session is successfully saved, all keys - * needed to continue those operations are stored in the state - */ -#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020UL - -/* CKF_CLOCK_ON_TOKEN. If it is set, that means - * that the token has some sort of clock. The time on that - * clock is returned in the token info structure - */ -#define CKF_CLOCK_ON_TOKEN 0x00000040UL - -/* CKF_PROTECTED_AUTHENTICATION_PATH. If it is - * set, that means that there is some way for the user to login - * without sending a PIN through the Cryptoki library itself - */ -#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100UL - -/* CKF_DUAL_CRYPTO_OPERATIONS. If it is true, - * that means that a single session with the token can perform - * dual simultaneous cryptographic operations (digest and - * encrypt; decrypt and digest; sign and encrypt; and decrypt - * and sign) - */ -#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200UL - -/* CKF_TOKEN_INITIALIZED. If it is true, the - * token has been initialized using C_InitializeToken or an - * equivalent mechanism outside the scope of PKCS #11. - * Calling C_InitializeToken when this flag is set will cause - * the token to be reinitialized. - */ -#define CKF_TOKEN_INITIALIZED 0x00000400UL - -/* CKF_SECONDARY_AUTHENTICATION. If it is - * true, the token supports secondary authentication for - * private key objects. - */ -#define CKF_SECONDARY_AUTHENTICATION 0x00000800UL - -/* CKF_USER_PIN_COUNT_LOW. If it is true, an - * incorrect user login PIN has been entered at least once - * since the last successful authentication. - */ -#define CKF_USER_PIN_COUNT_LOW 0x00010000UL - -/* CKF_USER_PIN_FINAL_TRY. If it is true, - * supplying an incorrect user PIN will it to become locked. - */ -#define CKF_USER_PIN_FINAL_TRY 0x00020000UL - -/* CKF_USER_PIN_LOCKED. If it is true, the - * user PIN has been locked. User login to the token is not - * possible. - */ -#define CKF_USER_PIN_LOCKED 0x00040000UL - -/* CKF_USER_PIN_TO_BE_CHANGED. If it is true, - * the user PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. - */ -#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000UL - -/* CKF_SO_PIN_COUNT_LOW. If it is true, an - * incorrect SO login PIN has been entered at least once since - * the last successful authentication. - */ -#define CKF_SO_PIN_COUNT_LOW 0x00100000UL - -/* CKF_SO_PIN_FINAL_TRY. If it is true, - * supplying an incorrect SO PIN will it to become locked. - */ -#define CKF_SO_PIN_FINAL_TRY 0x00200000UL - -/* CKF_SO_PIN_LOCKED. If it is true, the SO - * PIN has been locked. SO login to the token is not possible. - */ -#define CKF_SO_PIN_LOCKED 0x00400000UL - -/* CKF_SO_PIN_TO_BE_CHANGED. If it is true, - * the SO PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. - */ -#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000UL - -#define CKF_ERROR_STATE 0x01000000UL - -typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; - - -/* CK_SESSION_HANDLE is a Cryptoki-assigned value that - * identifies a session - */ -typedef CK_ULONG CK_SESSION_HANDLE; - -typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; - - -/* CK_USER_TYPE enumerates the types of Cryptoki users */ -typedef CK_ULONG CK_USER_TYPE; -/* Security Officer */ -#define CKU_SO 0UL -/* Normal user */ -#define CKU_USER 1UL -/* Context specific */ -#define CKU_CONTEXT_SPECIFIC 2UL - -/* CK_STATE enumerates the session states */ -typedef CK_ULONG CK_STATE; -#define CKS_RO_PUBLIC_SESSION 0UL -#define CKS_RO_USER_FUNCTIONS 1UL -#define CKS_RW_PUBLIC_SESSION 2UL -#define CKS_RW_USER_FUNCTIONS 3UL -#define CKS_RW_SO_FUNCTIONS 4UL - -/* CK_SESSION_INFO provides information about a session */ -typedef struct CK_SESSION_INFO { - CK_SLOT_ID slotID; - CK_STATE state; - CK_FLAGS flags; /* see below */ - CK_ULONG ulDeviceError; /* device-dependent error code */ -} CK_SESSION_INFO; - -/* The flags are defined in the following table: - * Bit Flag Mask Meaning - */ -#define CKF_RW_SESSION 0x00000002UL /* session is r/w */ -#define CKF_SERIAL_SESSION 0x00000004UL /* no parallel */ - -typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; - - -/* CK_OBJECT_HANDLE is a token-specific identifier for an - * object - */ -typedef CK_ULONG CK_OBJECT_HANDLE; - -typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; - - -/* CK_OBJECT_CLASS is a value that identifies the classes (or - * types) of objects that Cryptoki recognizes. It is defined - * as follows: - */ -typedef CK_ULONG CK_OBJECT_CLASS; - -/* The following classes of objects are defined: */ -#define CKO_DATA 0x00000000UL -#define CKO_CERTIFICATE 0x00000001UL -#define CKO_PUBLIC_KEY 0x00000002UL -#define CKO_PRIVATE_KEY 0x00000003UL -#define CKO_SECRET_KEY 0x00000004UL -#define CKO_HW_FEATURE 0x00000005UL -#define CKO_DOMAIN_PARAMETERS 0x00000006UL -#define CKO_MECHANISM 0x00000007UL -#define CKO_OTP_KEY 0x00000008UL -#define CKO_PROFILE 0x00000009UL - -#define CKO_VENDOR_DEFINED 0x80000000UL - -typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; - -/* Profile ID's */ -#define CKP_INVALID_ID 0x00000000UL -#define CKP_BASELINE_PROVIDER 0x00000001UL -#define CKP_EXTENDED_PROVIDER 0x00000002UL -#define CKP_AUTHENTICATION_TOKEN 0x00000003UL -#define CKP_PUBLIC_CERTIFICATES_TOKEN 0x00000004UL -#define CKP_COMPLETE_PROVIDER 0x00000005UL -#define CKP_HKDF_TLS_TOKEN 0x00000006UL -#define CKP_VENDOR_DEFINED 0x80000000UL - - -/* CK_HW_FEATURE_TYPE is a value that identifies the hardware feature type - * of an object with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. - */ -typedef CK_ULONG CK_HW_FEATURE_TYPE; - -/* The following hardware feature types are defined */ -#define CKH_MONOTONIC_COUNTER 0x00000001UL -#define CKH_CLOCK 0x00000002UL -#define CKH_USER_INTERFACE 0x00000003UL -#define CKH_VENDOR_DEFINED 0x80000000UL - -/* CK_KEY_TYPE is a value that identifies a key type */ -typedef CK_ULONG CK_KEY_TYPE; - -/* the following key types are defined: */ -#define CKK_RSA 0x00000000UL -#define CKK_DSA 0x00000001UL -#define CKK_DH 0x00000002UL -#define CKK_ECDSA 0x00000003UL /* Deprecated */ -#define CKK_EC 0x00000003UL -#define CKK_X9_42_DH 0x00000004UL -#define CKK_KEA 0x00000005UL -#define CKK_GENERIC_SECRET 0x00000010UL -#define CKK_RC2 0x00000011UL -#define CKK_RC4 0x00000012UL -#define CKK_DES 0x00000013UL -#define CKK_DES2 0x00000014UL -#define CKK_DES3 0x00000015UL -#define CKK_CAST 0x00000016UL -#define CKK_CAST3 0x00000017UL -#define CKK_CAST5 0x00000018UL /* Deprecated */ -#define CKK_CAST128 0x00000018UL -#define CKK_RC5 0x00000019UL -#define CKK_IDEA 0x0000001AUL -#define CKK_SKIPJACK 0x0000001BUL -#define CKK_BATON 0x0000001CUL -#define CKK_JUNIPER 0x0000001DUL -#define CKK_CDMF 0x0000001EUL -#define CKK_AES 0x0000001FUL -#define CKK_BLOWFISH 0x00000020UL -#define CKK_TWOFISH 0x00000021UL -#define CKK_SECURID 0x00000022UL -#define CKK_HOTP 0x00000023UL -#define CKK_ACTI 0x00000024UL -#define CKK_CAMELLIA 0x00000025UL -#define CKK_ARIA 0x00000026UL - -/* the following definitions were added in the 2.30 header file, - * but never defined in the spec. */ -#define CKK_MD5_HMAC 0x00000027UL -#define CKK_SHA_1_HMAC 0x00000028UL -#define CKK_RIPEMD128_HMAC 0x00000029UL -#define CKK_RIPEMD160_HMAC 0x0000002AUL -#define CKK_SHA256_HMAC 0x0000002BUL -#define CKK_SHA384_HMAC 0x0000002CUL -#define CKK_SHA512_HMAC 0x0000002DUL -#define CKK_SHA224_HMAC 0x0000002EUL - -#define CKK_SEED 0x0000002FUL -#define CKK_GOSTR3410 0x00000030UL -#define CKK_GOSTR3411 0x00000031UL -#define CKK_GOST28147 0x00000032UL -#define CKK_CHACHA20 0x00000033UL -#define CKK_POLY1305 0x00000034UL -#define CKK_AES_XTS 0x00000035UL -#define CKK_SHA3_224_HMAC 0x00000036UL -#define CKK_SHA3_256_HMAC 0x00000037UL -#define CKK_SHA3_384_HMAC 0x00000038UL -#define CKK_SHA3_512_HMAC 0x00000039UL -#define CKK_BLAKE2B_160_HMAC 0x0000003aUL -#define CKK_BLAKE2B_256_HMAC 0x0000003bUL -#define CKK_BLAKE2B_384_HMAC 0x0000003cUL -#define CKK_BLAKE2B_512_HMAC 0x0000003dUL -#define CKK_SALSA20 0x0000003eUL -#define CKK_X2RATCHET 0x0000003fUL -#define CKK_EC_EDWARDS 0x00000040UL -#define CKK_EC_MONTGOMERY 0x00000041UL -#define CKK_HKDF 0x00000042UL - -#define CKK_SHA512_224_HMAC 0x00000043UL -#define CKK_SHA512_256_HMAC 0x00000044UL -#define CKK_SHA512_T_HMAC 0x00000045UL -#define CKK_HSS 0x00000046UL - -#define CKK_VENDOR_DEFINED 0x80000000UL - - -/* CK_CERTIFICATE_TYPE is a value that identifies a certificate - * type - */ -typedef CK_ULONG CK_CERTIFICATE_TYPE; - -#define CK_CERTIFICATE_CATEGORY_UNSPECIFIED 0UL -#define CK_CERTIFICATE_CATEGORY_TOKEN_USER 1UL -#define CK_CERTIFICATE_CATEGORY_AUTHORITY 2UL -#define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY 3UL - -#define CK_SECURITY_DOMAIN_UNSPECIFIED 0UL -#define CK_SECURITY_DOMAIN_MANUFACTURER 1UL -#define CK_SECURITY_DOMAIN_OPERATOR 2UL -#define CK_SECURITY_DOMAIN_THIRD_PARTY 3UL - - -/* The following certificate types are defined: */ -#define CKC_X_509 0x00000000UL -#define CKC_X_509_ATTR_CERT 0x00000001UL -#define CKC_WTLS 0x00000002UL -#define CKC_VENDOR_DEFINED 0x80000000UL - - -/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute - * type - */ -typedef CK_ULONG CK_ATTRIBUTE_TYPE; - -/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which - * consists of an array of values. - */ -#define CKF_ARRAY_ATTRIBUTE 0x40000000UL - -/* The following OTP-related defines relate to the CKA_OTP_FORMAT attribute */ -#define CK_OTP_FORMAT_DECIMAL 0UL -#define CK_OTP_FORMAT_HEXADECIMAL 1UL -#define CK_OTP_FORMAT_ALPHANUMERIC 2UL -#define CK_OTP_FORMAT_BINARY 3UL - -/* The following OTP-related defines relate to the CKA_OTP_..._REQUIREMENT - * attributes - */ -#define CK_OTP_PARAM_IGNORED 0UL -#define CK_OTP_PARAM_OPTIONAL 1UL -#define CK_OTP_PARAM_MANDATORY 2UL - -/* The following attribute types are defined: */ -#define CKA_CLASS 0x00000000UL -#define CKA_TOKEN 0x00000001UL -#define CKA_PRIVATE 0x00000002UL -#define CKA_LABEL 0x00000003UL -#define CKA_UNIQUE_ID 0x00000004UL -#define CKA_APPLICATION 0x00000010UL -#define CKA_VALUE 0x00000011UL -#define CKA_OBJECT_ID 0x00000012UL -#define CKA_CERTIFICATE_TYPE 0x00000080UL -#define CKA_ISSUER 0x00000081UL -#define CKA_SERIAL_NUMBER 0x00000082UL -#define CKA_AC_ISSUER 0x00000083UL -#define CKA_OWNER 0x00000084UL -#define CKA_ATTR_TYPES 0x00000085UL -#define CKA_TRUSTED 0x00000086UL -#define CKA_CERTIFICATE_CATEGORY 0x00000087UL -#define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088UL -#define CKA_URL 0x00000089UL -#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008aUL -#define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008bUL -#define CKA_NAME_HASH_ALGORITHM 0x0000008cUL -#define CKA_CHECK_VALUE 0x00000090UL - -#define CKA_KEY_TYPE 0x00000100UL -#define CKA_SUBJECT 0x00000101UL -#define CKA_ID 0x00000102UL -#define CKA_SENSITIVE 0x00000103UL -#define CKA_ENCRYPT 0x00000104UL -#define CKA_DECRYPT 0x00000105UL -#define CKA_WRAP 0x00000106UL -#define CKA_UNWRAP 0x00000107UL -#define CKA_SIGN 0x00000108UL -#define CKA_SIGN_RECOVER 0x00000109UL -#define CKA_VERIFY 0x0000010aUL -#define CKA_VERIFY_RECOVER 0x0000010bUL -#define CKA_DERIVE 0x0000010cUL -#define CKA_START_DATE 0x00000110UL -#define CKA_END_DATE 0x00000111UL -#define CKA_MODULUS 0x00000120UL -#define CKA_MODULUS_BITS 0x00000121UL -#define CKA_PUBLIC_EXPONENT 0x00000122UL -#define CKA_PRIVATE_EXPONENT 0x00000123UL -#define CKA_PRIME_1 0x00000124UL -#define CKA_PRIME_2 0x00000125UL -#define CKA_EXPONENT_1 0x00000126UL -#define CKA_EXPONENT_2 0x00000127UL -#define CKA_COEFFICIENT 0x00000128UL -#define CKA_PUBLIC_KEY_INFO 0x00000129UL -#define CKA_PRIME 0x00000130UL -#define CKA_SUBPRIME 0x00000131UL -#define CKA_BASE 0x00000132UL - -#define CKA_PRIME_BITS 0x00000133UL -#define CKA_SUBPRIME_BITS 0x00000134UL -#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS - -#define CKA_VALUE_BITS 0x00000160UL -#define CKA_VALUE_LEN 0x00000161UL -#define CKA_EXTRACTABLE 0x00000162UL -#define CKA_LOCAL 0x00000163UL -#define CKA_NEVER_EXTRACTABLE 0x00000164UL -#define CKA_ALWAYS_SENSITIVE 0x00000165UL -#define CKA_KEY_GEN_MECHANISM 0x00000166UL - -#define CKA_MODIFIABLE 0x00000170UL -#define CKA_COPYABLE 0x00000171UL - -#define CKA_DESTROYABLE 0x00000172UL - -#define CKA_ECDSA_PARAMS 0x00000180UL /* Deprecated */ -#define CKA_EC_PARAMS 0x00000180UL - -#define CKA_EC_POINT 0x00000181UL - -#define CKA_SECONDARY_AUTH 0x00000200UL /* Deprecated */ -#define CKA_AUTH_PIN_FLAGS 0x00000201UL /* Deprecated */ - -#define CKA_ALWAYS_AUTHENTICATE 0x00000202UL - -#define CKA_WRAP_WITH_TRUSTED 0x00000210UL -#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211UL) -#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212UL) -#define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000213UL) - -#define CKA_OTP_FORMAT 0x00000220UL -#define CKA_OTP_LENGTH 0x00000221UL -#define CKA_OTP_TIME_INTERVAL 0x00000222UL -#define CKA_OTP_USER_FRIENDLY_MODE 0x00000223UL -#define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224UL -#define CKA_OTP_TIME_REQUIREMENT 0x00000225UL -#define CKA_OTP_COUNTER_REQUIREMENT 0x00000226UL -#define CKA_OTP_PIN_REQUIREMENT 0x00000227UL -#define CKA_OTP_COUNTER 0x0000022eUL -#define CKA_OTP_TIME 0x0000022fUL -#define CKA_OTP_USER_IDENTIFIER 0x0000022aUL -#define CKA_OTP_SERVICE_IDENTIFIER 0x0000022bUL -#define CKA_OTP_SERVICE_LOGO 0x0000022cUL -#define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022dUL - -#define CKA_GOSTR3410_PARAMS 0x00000250UL -#define CKA_GOSTR3411_PARAMS 0x00000251UL -#define CKA_GOST28147_PARAMS 0x00000252UL - -#define CKA_HW_FEATURE_TYPE 0x00000300UL -#define CKA_RESET_ON_INIT 0x00000301UL -#define CKA_HAS_RESET 0x00000302UL - -#define CKA_PIXEL_X 0x00000400UL -#define CKA_PIXEL_Y 0x00000401UL -#define CKA_RESOLUTION 0x00000402UL -#define CKA_CHAR_ROWS 0x00000403UL -#define CKA_CHAR_COLUMNS 0x00000404UL -#define CKA_COLOR 0x00000405UL -#define CKA_BITS_PER_PIXEL 0x00000406UL -#define CKA_CHAR_SETS 0x00000480UL -#define CKA_ENCODING_METHODS 0x00000481UL -#define CKA_MIME_TYPES 0x00000482UL -#define CKA_MECHANISM_TYPE 0x00000500UL -#define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501UL -#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502UL -#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503UL -#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600UL) -#define CKA_PROFILE_ID 0x00000601UL - -#define CKA_X2RATCHET_BAG 0x00000602UL -#define CKA_X2RATCHET_BAGSIZE 0x00000603UL -#define CKA_X2RATCHET_BOBS1STMSG 0x00000604UL -#define CKA_X2RATCHET_CKR 0x00000605UL -#define CKA_X2RATCHET_CKS 0x00000606UL -#define CKA_X2RATCHET_DHP 0x00000607UL -#define CKA_X2RATCHET_DHR 0x00000608UL -#define CKA_X2RATCHET_DHS 0x00000609UL -#define CKA_X2RATCHET_HKR 0x0000060aUL -#define CKA_X2RATCHET_HKS 0x0000060bUL -#define CKA_X2RATCHET_ISALICE 0x0000060cUL -#define CKA_X2RATCHET_NHKR 0x0000060dUL -#define CKA_X2RATCHET_NHKS 0x0000060eUL -#define CKA_X2RATCHET_NR 0x0000060fUL -#define CKA_X2RATCHET_NS 0x00000610UL -#define CKA_X2RATCHET_PNS 0x00000611UL -#define CKA_X2RATCHET_RK 0x00000612UL -/* HSS */ -#define CKA_HSS_LEVELS 0x00000617UL -#define CKA_HSS_LMS_TYPE 0x00000618UL -#define CKA_HSS_LMOTS_TYPE 0x00000619UL -#define CKA_HSS_LMS_TYPES 0x0000061aUL -#define CKA_HSS_LMOTS_TYPES 0x0000061bUL -#define CKA_HSS_KEYS_REMAINING 0x0000061cUL - -#define CKA_VENDOR_DEFINED 0x80000000UL - -/* CK_ATTRIBUTE is a structure that includes the type, length - * and value of an attribute - */ -typedef struct CK_ATTRIBUTE { - CK_ATTRIBUTE_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; /* in bytes */ -} CK_ATTRIBUTE; - -typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; - -/* CK_DATE is a structure that defines a date */ -typedef struct CK_DATE{ - CK_CHAR year[4]; /* the year ("1900" - "9999") */ - CK_CHAR month[2]; /* the month ("01" - "12") */ - CK_CHAR day[2]; /* the day ("01" - "31") */ -} CK_DATE; - - -/* CK_MECHANISM_TYPE is a value that identifies a mechanism - * type - */ -typedef CK_ULONG CK_MECHANISM_TYPE; - -/* the following mechanism types are defined: */ -#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000UL -#define CKM_RSA_PKCS 0x00000001UL -#define CKM_RSA_9796 0x00000002UL -#define CKM_RSA_X_509 0x00000003UL - -#define CKM_MD2_RSA_PKCS 0x00000004UL -#define CKM_MD5_RSA_PKCS 0x00000005UL -#define CKM_SHA1_RSA_PKCS 0x00000006UL - -#define CKM_RIPEMD128_RSA_PKCS 0x00000007UL -#define CKM_RIPEMD160_RSA_PKCS 0x00000008UL -#define CKM_RSA_PKCS_OAEP 0x00000009UL - -#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000aUL -#define CKM_RSA_X9_31 0x0000000bUL -#define CKM_SHA1_RSA_X9_31 0x0000000cUL -#define CKM_RSA_PKCS_PSS 0x0000000dUL -#define CKM_SHA1_RSA_PKCS_PSS 0x0000000eUL - -#define CKM_DSA_KEY_PAIR_GEN 0x00000010UL -#define CKM_DSA 0x00000011UL -#define CKM_DSA_SHA1 0x00000012UL -#define CKM_DSA_SHA224 0x00000013UL -#define CKM_DSA_SHA256 0x00000014UL -#define CKM_DSA_SHA384 0x00000015UL -#define CKM_DSA_SHA512 0x00000016UL -#define CKM_DSA_SHA3_224 0x00000018UL -#define CKM_DSA_SHA3_256 0x00000019UL -#define CKM_DSA_SHA3_384 0x0000001aUL -#define CKM_DSA_SHA3_512 0x0000001bUL - -#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020UL -#define CKM_DH_PKCS_DERIVE 0x00000021UL - -#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030UL -#define CKM_X9_42_DH_DERIVE 0x00000031UL -#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032UL -#define CKM_X9_42_MQV_DERIVE 0x00000033UL - -#define CKM_SHA256_RSA_PKCS 0x00000040UL -#define CKM_SHA384_RSA_PKCS 0x00000041UL -#define CKM_SHA512_RSA_PKCS 0x00000042UL -#define CKM_SHA256_RSA_PKCS_PSS 0x00000043UL -#define CKM_SHA384_RSA_PKCS_PSS 0x00000044UL -#define CKM_SHA512_RSA_PKCS_PSS 0x00000045UL - -#define CKM_SHA224_RSA_PKCS 0x00000046UL -#define CKM_SHA224_RSA_PKCS_PSS 0x00000047UL - -#define CKM_SHA512_224 0x00000048UL -#define CKM_SHA512_224_HMAC 0x00000049UL -#define CKM_SHA512_224_HMAC_GENERAL 0x0000004aUL -#define CKM_SHA512_224_KEY_DERIVATION 0x0000004bUL -#define CKM_SHA512_256 0x0000004cUL -#define CKM_SHA512_256_HMAC 0x0000004dUL -#define CKM_SHA512_256_HMAC_GENERAL 0x0000004eUL -#define CKM_SHA512_256_KEY_DERIVATION 0x0000004fUL - -#define CKM_SHA512_T 0x00000050UL -#define CKM_SHA512_T_HMAC 0x00000051UL -#define CKM_SHA512_T_HMAC_GENERAL 0x00000052UL -#define CKM_SHA512_T_KEY_DERIVATION 0x00000053UL - -#define CKM_SHA3_256_RSA_PKCS 0x00000060UL -#define CKM_SHA3_384_RSA_PKCS 0x00000061UL -#define CKM_SHA3_512_RSA_PKCS 0x00000062UL -#define CKM_SHA3_256_RSA_PKCS_PSS 0x00000063UL -#define CKM_SHA3_384_RSA_PKCS_PSS 0x00000064UL -#define CKM_SHA3_512_RSA_PKCS_PSS 0x00000065UL -#define CKM_SHA3_224_RSA_PKCS 0x00000066UL -#define CKM_SHA3_224_RSA_PKCS_PSS 0x00000067UL - -#define CKM_RC2_KEY_GEN 0x00000100UL -#define CKM_RC2_ECB 0x00000101UL -#define CKM_RC2_CBC 0x00000102UL -#define CKM_RC2_MAC 0x00000103UL - -#define CKM_RC2_MAC_GENERAL 0x00000104UL -#define CKM_RC2_CBC_PAD 0x00000105UL - -#define CKM_RC4_KEY_GEN 0x00000110UL -#define CKM_RC4 0x00000111UL -#define CKM_DES_KEY_GEN 0x00000120UL -#define CKM_DES_ECB 0x00000121UL -#define CKM_DES_CBC 0x00000122UL -#define CKM_DES_MAC 0x00000123UL - -#define CKM_DES_MAC_GENERAL 0x00000124UL -#define CKM_DES_CBC_PAD 0x00000125UL - -#define CKM_DES2_KEY_GEN 0x00000130UL -#define CKM_DES3_KEY_GEN 0x00000131UL -#define CKM_DES3_ECB 0x00000132UL -#define CKM_DES3_CBC 0x00000133UL -#define CKM_DES3_MAC 0x00000134UL - -#define CKM_DES3_MAC_GENERAL 0x00000135UL -#define CKM_DES3_CBC_PAD 0x00000136UL -#define CKM_DES3_CMAC_GENERAL 0x00000137UL -#define CKM_DES3_CMAC 0x00000138UL -#define CKM_CDMF_KEY_GEN 0x00000140UL -#define CKM_CDMF_ECB 0x00000141UL -#define CKM_CDMF_CBC 0x00000142UL -#define CKM_CDMF_MAC 0x00000143UL -#define CKM_CDMF_MAC_GENERAL 0x00000144UL -#define CKM_CDMF_CBC_PAD 0x00000145UL - -#define CKM_DES_OFB64 0x00000150UL -#define CKM_DES_OFB8 0x00000151UL -#define CKM_DES_CFB64 0x00000152UL -#define CKM_DES_CFB8 0x00000153UL - -#define CKM_MD2 0x00000200UL - -#define CKM_MD2_HMAC 0x00000201UL -#define CKM_MD2_HMAC_GENERAL 0x00000202UL - -#define CKM_MD5 0x00000210UL - -#define CKM_MD5_HMAC 0x00000211UL -#define CKM_MD5_HMAC_GENERAL 0x00000212UL - -#define CKM_SHA_1 0x00000220UL - -#define CKM_SHA_1_HMAC 0x00000221UL -#define CKM_SHA_1_HMAC_GENERAL 0x00000222UL - -#define CKM_RIPEMD128 0x00000230UL -#define CKM_RIPEMD128_HMAC 0x00000231UL -#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232UL -#define CKM_RIPEMD160 0x00000240UL -#define CKM_RIPEMD160_HMAC 0x00000241UL -#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242UL - -#define CKM_SHA256 0x00000250UL -#define CKM_SHA256_HMAC 0x00000251UL -#define CKM_SHA256_HMAC_GENERAL 0x00000252UL -#define CKM_SHA224 0x00000255UL -#define CKM_SHA224_HMAC 0x00000256UL -#define CKM_SHA224_HMAC_GENERAL 0x00000257UL -#define CKM_SHA384 0x00000260UL -#define CKM_SHA384_HMAC 0x00000261UL -#define CKM_SHA384_HMAC_GENERAL 0x00000262UL -#define CKM_SHA512 0x00000270UL -#define CKM_SHA512_HMAC 0x00000271UL -#define CKM_SHA512_HMAC_GENERAL 0x00000272UL -#define CKM_SECURID_KEY_GEN 0x00000280UL -#define CKM_SECURID 0x00000282UL -#define CKM_HOTP_KEY_GEN 0x00000290UL -#define CKM_HOTP 0x00000291UL -#define CKM_ACTI 0x000002a0UL -#define CKM_ACTI_KEY_GEN 0x000002a1UL - -#define CKM_SHA3_256 0x000002b0UL -#define CKM_SHA3_256_HMAC 0x000002b1UL -#define CKM_SHA3_256_HMAC_GENERAL 0x000002b2UL -#define CKM_SHA3_256_KEY_GEN 0x000002b3UL -#define CKM_SHA3_224 0x000002b5UL -#define CKM_SHA3_224_HMAC 0x000002b6UL -#define CKM_SHA3_224_HMAC_GENERAL 0x000002b7UL -#define CKM_SHA3_224_KEY_GEN 0x000002b8UL -#define CKM_SHA3_384 0x000002c0UL -#define CKM_SHA3_384_HMAC 0x000002c1UL -#define CKM_SHA3_384_HMAC_GENERAL 0x000002c2UL -#define CKM_SHA3_384_KEY_GEN 0x000002c3UL -#define CKM_SHA3_512 0x000002d0UL -#define CKM_SHA3_512_HMAC 0x000002d1UL -#define CKM_SHA3_512_HMAC_GENERAL 0x000002d2UL -#define CKM_SHA3_512_KEY_GEN 0x000002d3UL - - -#define CKM_CAST_KEY_GEN 0x00000300UL -#define CKM_CAST_ECB 0x00000301UL -#define CKM_CAST_CBC 0x00000302UL -#define CKM_CAST_MAC 0x00000303UL -#define CKM_CAST_MAC_GENERAL 0x00000304UL -#define CKM_CAST_CBC_PAD 0x00000305UL -#define CKM_CAST3_KEY_GEN 0x00000310UL -#define CKM_CAST3_ECB 0x00000311UL -#define CKM_CAST3_CBC 0x00000312UL -#define CKM_CAST3_MAC 0x00000313UL -#define CKM_CAST3_MAC_GENERAL 0x00000314UL -#define CKM_CAST3_CBC_PAD 0x00000315UL -/* Note that CAST128 and CAST5 are the same algorithm */ -#define CKM_CAST5_KEY_GEN 0x00000320UL -#define CKM_CAST128_KEY_GEN 0x00000320UL -#define CKM_CAST5_ECB 0x00000321UL -#define CKM_CAST128_ECB 0x00000321UL -#define CKM_CAST5_CBC 0x00000322UL /* Deprecated */ -#define CKM_CAST128_CBC 0x00000322UL -#define CKM_CAST5_MAC 0x00000323UL /* Deprecated */ -#define CKM_CAST128_MAC 0x00000323UL -#define CKM_CAST5_MAC_GENERAL 0x00000324UL /* Deprecated */ -#define CKM_CAST128_MAC_GENERAL 0x00000324UL -#define CKM_CAST5_CBC_PAD 0x00000325UL /* Deprecated */ -#define CKM_CAST128_CBC_PAD 0x00000325UL -#define CKM_RC5_KEY_GEN 0x00000330UL -#define CKM_RC5_ECB 0x00000331UL -#define CKM_RC5_CBC 0x00000332UL -#define CKM_RC5_MAC 0x00000333UL -#define CKM_RC5_MAC_GENERAL 0x00000334UL -#define CKM_RC5_CBC_PAD 0x00000335UL -#define CKM_IDEA_KEY_GEN 0x00000340UL -#define CKM_IDEA_ECB 0x00000341UL -#define CKM_IDEA_CBC 0x00000342UL -#define CKM_IDEA_MAC 0x00000343UL -#define CKM_IDEA_MAC_GENERAL 0x00000344UL -#define CKM_IDEA_CBC_PAD 0x00000345UL -#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350UL -#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360UL -#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362UL -#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363UL -#define CKM_XOR_BASE_AND_DATA 0x00000364UL -#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365UL -#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370UL -#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371UL -#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372UL - -#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373UL -#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374UL -#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375UL -#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376UL -#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377UL - -#define CKM_TLS_PRF 0x00000378UL - -#define CKM_SSL3_MD5_MAC 0x00000380UL -#define CKM_SSL3_SHA1_MAC 0x00000381UL -#define CKM_MD5_KEY_DERIVATION 0x00000390UL -#define CKM_MD2_KEY_DERIVATION 0x00000391UL -#define CKM_SHA1_KEY_DERIVATION 0x00000392UL - -#define CKM_SHA256_KEY_DERIVATION 0x00000393UL -#define CKM_SHA384_KEY_DERIVATION 0x00000394UL -#define CKM_SHA512_KEY_DERIVATION 0x00000395UL -#define CKM_SHA224_KEY_DERIVATION 0x00000396UL -#define CKM_SHA3_256_KEY_DERIVATION 0x00000397UL -#define CKM_SHA3_224_KEY_DERIVATION 0x00000398UL -#define CKM_SHA3_384_KEY_DERIVATION 0x00000399UL -#define CKM_SHA3_512_KEY_DERIVATION 0x0000039aUL -#define CKM_SHAKE_128_KEY_DERIVATION 0x0000039bUL -#define CKM_SHAKE_256_KEY_DERIVATION 0x0000039cUL -#define CKM_SHA3_256_KEY_DERIVE CKM_SHA3_256_KEY_DERIVATION -#define CKM_SHA3_224_KEY_DERIVE CKM_SHA3_224_KEY_DERIVATION -#define CKM_SHA3_384_KEY_DERIVE CKM_SHA3_384_KEY_DERIVATION -#define CKM_SHA3_512_KEY_DERIVE CKM_SHA3_512_KEY_DERIVATION -#define CKM_SHAKE_128_KEY_DERIVE CKM_SHAKE_128_KEY_DERIVATION -#define CKM_SHAKE_256_KEY_DERIVE CKM_SHAKE_256_KEY_DERIVATION - -#define CKM_PBE_MD2_DES_CBC 0x000003a0UL -#define CKM_PBE_MD5_DES_CBC 0x000003a1UL -#define CKM_PBE_MD5_CAST_CBC 0x000003a2UL -#define CKM_PBE_MD5_CAST3_CBC 0x000003a3UL -#define CKM_PBE_MD5_CAST5_CBC 0x000003a4UL /* Deprecated */ -#define CKM_PBE_MD5_CAST128_CBC 0x000003a4UL -#define CKM_PBE_SHA1_CAST5_CBC 0x000003a5UL /* Deprecated */ -#define CKM_PBE_SHA1_CAST128_CBC 0x000003a5UL -#define CKM_PBE_SHA1_RC4_128 0x000003a6UL -#define CKM_PBE_SHA1_RC4_40 0x000003a7UL -#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003a8UL -#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003a9UL -#define CKM_PBE_SHA1_RC2_128_CBC 0x000003aaUL -#define CKM_PBE_SHA1_RC2_40_CBC 0x000003abUL - -#define CKM_PKCS5_PBKD2 0x000003b0UL - -#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003c0UL - -#define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003d0UL -#define CKM_WTLS_MASTER_KEY_DERIVE 0x000003d1UL -#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003d2UL -#define CKM_WTLS_PRF 0x000003d3UL -#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003d4UL -#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003d5UL - -#define CKM_TLS10_MAC_SERVER 0x000003d6UL -#define CKM_TLS10_MAC_CLIENT 0x000003d7UL -#define CKM_TLS12_MAC 0x000003d8UL -#define CKM_TLS12_KDF 0x000003d9UL -#define CKM_TLS12_MASTER_KEY_DERIVE 0x000003e0UL -#define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003e1UL -#define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003e2UL -#define CKM_TLS12_KEY_SAFE_DERIVE 0x000003e3UL -#define CKM_TLS_MAC 0x000003e4UL -#define CKM_TLS_KDF 0x000003e5UL - -#define CKM_KEY_WRAP_LYNKS 0x00000400UL -#define CKM_KEY_WRAP_SET_OAEP 0x00000401UL - -#define CKM_CMS_SIG 0x00000500UL -#define CKM_KIP_DERIVE 0x00000510UL -#define CKM_KIP_WRAP 0x00000511UL -#define CKM_KIP_MAC 0x00000512UL - -#define CKM_CAMELLIA_KEY_GEN 0x00000550UL -#define CKM_CAMELLIA_ECB 0x00000551UL -#define CKM_CAMELLIA_CBC 0x00000552UL -#define CKM_CAMELLIA_MAC 0x00000553UL -#define CKM_CAMELLIA_MAC_GENERAL 0x00000554UL -#define CKM_CAMELLIA_CBC_PAD 0x00000555UL -#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556UL -#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557UL -#define CKM_CAMELLIA_CTR 0x00000558UL - -#define CKM_ARIA_KEY_GEN 0x00000560UL -#define CKM_ARIA_ECB 0x00000561UL -#define CKM_ARIA_CBC 0x00000562UL -#define CKM_ARIA_MAC 0x00000563UL -#define CKM_ARIA_MAC_GENERAL 0x00000564UL -#define CKM_ARIA_CBC_PAD 0x00000565UL -#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566UL -#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567UL - -#define CKM_SEED_KEY_GEN 0x00000650UL -#define CKM_SEED_ECB 0x00000651UL -#define CKM_SEED_CBC 0x00000652UL -#define CKM_SEED_MAC 0x00000653UL -#define CKM_SEED_MAC_GENERAL 0x00000654UL -#define CKM_SEED_CBC_PAD 0x00000655UL -#define CKM_SEED_ECB_ENCRYPT_DATA 0x00000656UL -#define CKM_SEED_CBC_ENCRYPT_DATA 0x00000657UL - -#define CKM_SKIPJACK_KEY_GEN 0x00001000UL -#define CKM_SKIPJACK_ECB64 0x00001001UL -#define CKM_SKIPJACK_CBC64 0x00001002UL -#define CKM_SKIPJACK_OFB64 0x00001003UL -#define CKM_SKIPJACK_CFB64 0x00001004UL -#define CKM_SKIPJACK_CFB32 0x00001005UL -#define CKM_SKIPJACK_CFB16 0x00001006UL -#define CKM_SKIPJACK_CFB8 0x00001007UL -#define CKM_SKIPJACK_WRAP 0x00001008UL -#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009UL -#define CKM_SKIPJACK_RELAYX 0x0000100aUL -#define CKM_KEA_KEY_PAIR_GEN 0x00001010UL -#define CKM_KEA_KEY_DERIVE 0x00001011UL -#define CKM_KEA_DERIVE 0x00001012UL -#define CKM_FORTEZZA_TIMESTAMP 0x00001020UL -#define CKM_BATON_KEY_GEN 0x00001030UL -#define CKM_BATON_ECB128 0x00001031UL -#define CKM_BATON_ECB96 0x00001032UL -#define CKM_BATON_CBC128 0x00001033UL -#define CKM_BATON_COUNTER 0x00001034UL -#define CKM_BATON_SHUFFLE 0x00001035UL -#define CKM_BATON_WRAP 0x00001036UL - -#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040UL /* Deprecated */ -#define CKM_EC_KEY_PAIR_GEN 0x00001040UL - -#define CKM_ECDSA 0x00001041UL -#define CKM_ECDSA_SHA1 0x00001042UL -#define CKM_ECDSA_SHA224 0x00001043UL -#define CKM_ECDSA_SHA256 0x00001044UL -#define CKM_ECDSA_SHA384 0x00001045UL -#define CKM_ECDSA_SHA512 0x00001046UL -#define CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS 0x0000140bUL - -#define CKM_ECDH1_DERIVE 0x00001050UL -#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051UL -#define CKM_ECMQV_DERIVE 0x00001052UL - -#define CKM_ECDH_AES_KEY_WRAP 0x00001053UL -#define CKM_RSA_AES_KEY_WRAP 0x00001054UL - -#define CKM_JUNIPER_KEY_GEN 0x00001060UL -#define CKM_JUNIPER_ECB128 0x00001061UL -#define CKM_JUNIPER_CBC128 0x00001062UL -#define CKM_JUNIPER_COUNTER 0x00001063UL -#define CKM_JUNIPER_SHUFFLE 0x00001064UL -#define CKM_JUNIPER_WRAP 0x00001065UL -#define CKM_FASTHASH 0x00001070UL - -#define CKM_AES_XTS 0x00001071UL -#define CKM_AES_XTS_KEY_GEN 0x00001072UL -#define CKM_AES_KEY_GEN 0x00001080UL -#define CKM_AES_ECB 0x00001081UL -#define CKM_AES_CBC 0x00001082UL -#define CKM_AES_MAC 0x00001083UL -#define CKM_AES_MAC_GENERAL 0x00001084UL -#define CKM_AES_CBC_PAD 0x00001085UL -#define CKM_AES_CTR 0x00001086UL -#define CKM_AES_GCM 0x00001087UL -#define CKM_AES_CCM 0x00001088UL -#define CKM_AES_CTS 0x00001089UL -#define CKM_AES_CMAC 0x0000108aUL -#define CKM_AES_CMAC_GENERAL 0x0000108bUL - -#define CKM_AES_XCBC_MAC 0x0000108cUL -#define CKM_AES_XCBC_MAC_96 0x0000108dUL -#define CKM_AES_GMAC 0x0000108eUL - -#define CKM_BLOWFISH_KEY_GEN 0x00001090UL -#define CKM_BLOWFISH_CBC 0x00001091UL -#define CKM_TWOFISH_KEY_GEN 0x00001092UL -#define CKM_TWOFISH_CBC 0x00001093UL -#define CKM_BLOWFISH_CBC_PAD 0x00001094UL -#define CKM_TWOFISH_CBC_PAD 0x00001095UL - -#define CKM_DES_ECB_ENCRYPT_DATA 0x00001100UL -#define CKM_DES_CBC_ENCRYPT_DATA 0x00001101UL -#define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102UL -#define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103UL -#define CKM_AES_ECB_ENCRYPT_DATA 0x00001104UL -#define CKM_AES_CBC_ENCRYPT_DATA 0x00001105UL - -#define CKM_GOSTR3410_KEY_PAIR_GEN 0x00001200UL -#define CKM_GOSTR3410 0x00001201UL -#define CKM_GOSTR3410_WITH_GOSTR3411 0x00001202UL -#define CKM_GOSTR3410_KEY_WRAP 0x00001203UL -#define CKM_GOSTR3410_DERIVE 0x00001204UL -#define CKM_GOSTR3411 0x00001210UL -#define CKM_GOSTR3411_HMAC 0x00001211UL -#define CKM_GOST28147_KEY_GEN 0x00001220UL -#define CKM_GOST28147_ECB 0x00001221UL -#define CKM_GOST28147 0x00001222UL -#define CKM_GOST28147_MAC 0x00001223UL -#define CKM_GOST28147_KEY_WRAP 0x00001224UL -#define CKM_CHACHA20_KEY_GEN 0x00001225UL -#define CKM_CHACHA20 0x00001226UL -#define CKM_POLY1305_KEY_GEN 0x00001227UL -#define CKM_POLY1305 0x00001228UL -#define CKM_DSA_PARAMETER_GEN 0x00002000UL -#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001UL -#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002UL -#define CKM_DSA_PROBABILISTIC_PARAMETER_GEN 0x00002003UL -#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN CKM_DSA_PROBABILISTIC_PARAMETER_GEN -#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN 0x00002004UL -#define CKM_DSA_FIPS_G_GEN 0x00002005UL - -#define CKM_AES_OFB 0x00002104UL -#define CKM_AES_CFB64 0x00002105UL -#define CKM_AES_CFB8 0x00002106UL -#define CKM_AES_CFB128 0x00002107UL - -#define CKM_AES_CFB1 0x00002108UL -#define CKM_AES_KEY_WRAP 0x00002109UL /* WAS: 0x00001090 */ -#define CKM_AES_KEY_WRAP_PAD 0x0000210AUL /* WAS: 0x00001091 */ -#define CKM_AES_KEY_WRAP_KWP 0x0000210BUL -#define CKM_AES_KEY_WRAP_PKCS7 0x0000210CUL - -#define CKM_RSA_PKCS_TPM_1_1 0x00004001UL -#define CKM_RSA_PKCS_OAEP_TPM_1_1 0x00004002UL - -#define CKM_SHA_1_KEY_GEN 0x00004003UL -#define CKM_SHA224_KEY_GEN 0x00004004UL -#define CKM_SHA256_KEY_GEN 0x00004005UL -#define CKM_SHA384_KEY_GEN 0x00004006UL -#define CKM_SHA512_KEY_GEN 0x00004007UL -#define CKM_SHA512_224_KEY_GEN 0x00004008UL -#define CKM_SHA512_256_KEY_GEN 0x00004009UL -#define CKM_SHA512_T_KEY_GEN 0x0000400aUL -#define CKM_NULL 0x0000400bUL -#define CKM_BLAKE2B_160 0x0000400cUL -#define CKM_BLAKE2B_160_HMAC 0x0000400dUL -#define CKM_BLAKE2B_160_HMAC_GENERAL 0x0000400eUL -#define CKM_BLAKE2B_160_KEY_DERIVE 0x0000400fUL -#define CKM_BLAKE2B_160_KEY_GEN 0x00004010UL -#define CKM_BLAKE2B_256 0x00004011UL -#define CKM_BLAKE2B_256_HMAC 0x00004012UL -#define CKM_BLAKE2B_256_HMAC_GENERAL 0x00004013UL -#define CKM_BLAKE2B_256_KEY_DERIVE 0x00004014UL -#define CKM_BLAKE2B_256_KEY_GEN 0x00004015UL -#define CKM_BLAKE2B_384 0x00004016UL -#define CKM_BLAKE2B_384_HMAC 0x00004017UL -#define CKM_BLAKE2B_384_HMAC_GENERAL 0x00004018UL -#define CKM_BLAKE2B_384_KEY_DERIVE 0x00004019UL -#define CKM_BLAKE2B_384_KEY_GEN 0x0000401aUL -#define CKM_BLAKE2B_512 0x0000401bUL -#define CKM_BLAKE2B_512_HMAC 0x0000401cUL -#define CKM_BLAKE2B_512_HMAC_GENERAL 0x0000401dUL -#define CKM_BLAKE2B_512_KEY_DERIVE 0x0000401eUL -#define CKM_BLAKE2B_512_KEY_GEN 0x0000401fUL -#define CKM_SALSA20 0x00004020UL -#define CKM_CHACHA20_POLY1305 0x00004021UL -#define CKM_SALSA20_POLY1305 0x00004022UL -#define CKM_X3DH_INITIALIZE 0x00004023UL -#define CKM_X3DH_RESPOND 0x00004024UL -#define CKM_X2RATCHET_INITIALIZE 0x00004025UL -#define CKM_X2RATCHET_RESPOND 0x00004026UL -#define CKM_X2RATCHET_ENCRYPT 0x00004027UL -#define CKM_X2RATCHET_DECRYPT 0x00004028UL -#define CKM_XEDDSA 0x00004029UL -#define CKM_HKDF_DERIVE 0x0000402aUL -#define CKM_HKDF_DATA 0x0000402bUL -#define CKM_HKDF_KEY_GEN 0x0000402cUL -#define CKM_SALSA20_KEY_GEN 0x0000402dUL - -#define CKM_ECDSA_SHA3_224 0x00001047UL -#define CKM_ECDSA_SHA3_256 0x00001048UL -#define CKM_ECDSA_SHA3_384 0x00001049UL -#define CKM_ECDSA_SHA3_512 0x0000104aUL -#define CKM_EC_EDWARDS_KEY_PAIR_GEN 0x00001055UL -#define CKM_EC_MONTGOMERY_KEY_PAIR_GEN 0x00001056UL -#define CKM_EDDSA 0x00001057UL -#define CKM_SP800_108_COUNTER_KDF 0x000003acUL -#define CKM_SP800_108_FEEDBACK_KDF 0x000003adUL -#define CKM_SP800_108_DOUBLE_PIPELINE_KDF 0x000003aeUL - -#define CKM_IKE2_PRF_PLUS_DERIVE 0x0000402eUL -#define CKM_IKE_PRF_DERIVE 0x0000402fUL -#define CKM_IKE1_PRF_DERIVE 0x00004030UL -#define CKM_IKE1_EXTENDED_DERIVE 0x00004031UL -#define CKM_HSS_KEY_PAIR_GEN 0x00004032UL -#define CKM_HSS 0x00004033UL - - -#define CKM_VENDOR_DEFINED 0x80000000UL - -typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; - - -/* CK_MECHANISM is a structure that specifies a particular - * mechanism - */ -typedef struct CK_MECHANISM { - CK_MECHANISM_TYPE mechanism; - CK_VOID_PTR pParameter; - CK_ULONG ulParameterLen; /* in bytes */ -} CK_MECHANISM; - -typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; - - -/* CK_MECHANISM_INFO provides information about a particular - * mechanism - */ -typedef struct CK_MECHANISM_INFO { - CK_ULONG ulMinKeySize; - CK_ULONG ulMaxKeySize; - CK_FLAGS flags; -} CK_MECHANISM_INFO; - -/* The flags are defined as follows: - * Bit Flag Mask Meaning */ -#define CKF_HW 0x00000001UL /* performed by HW */ - -/* Specify whether or not a mechanism can be used for a particular task */ -#define CKF_MESSAGE_ENCRYPT 0x00000002UL -#define CKF_MESSAGE_DECRYPT 0x00000004UL -#define CKF_MESSAGE_SIGN 0x00000008UL -#define CKF_MESSAGE_VERIFY 0x00000010UL -#define CKF_MULTI_MESSAGE 0x00000020UL -#define CKF_MULTI_MESSGE CKF_MULTI_MESSAGE -#define CKF_FIND_OBJECTS 0x00000040UL - -#define CKF_ENCRYPT 0x00000100UL -#define CKF_DECRYPT 0x00000200UL -#define CKF_DIGEST 0x00000400UL -#define CKF_SIGN 0x00000800UL -#define CKF_SIGN_RECOVER 0x00001000UL -#define CKF_VERIFY 0x00002000UL -#define CKF_VERIFY_RECOVER 0x00004000UL -#define CKF_GENERATE 0x00008000UL -#define CKF_GENERATE_KEY_PAIR 0x00010000UL -#define CKF_WRAP 0x00020000UL -#define CKF_UNWRAP 0x00040000UL -#define CKF_DERIVE 0x00080000UL - -/* Describe a token's EC capabilities not available in mechanism - * information. - */ -#define CKF_EC_F_P 0x00100000UL -#define CKF_EC_F_2M 0x00200000UL -#define CKF_EC_ECPARAMETERS 0x00400000UL -#define CKF_EC_OID 0x00800000UL -#define CKF_EC_NAMEDCURVE CKF_EC_OID /* deprecated since PKCS#11 3.00 */ -#define CKF_EC_UNCOMPRESS 0x01000000UL -#define CKF_EC_COMPRESS 0x02000000UL -#define CKF_EC_CURVENAME 0x04000000UL - -#define CKF_EXTENSION 0x80000000UL - -typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; - -/* CK_RV is a value that identifies the return value of a - * Cryptoki function - */ -typedef CK_ULONG CK_RV; - -#define CKR_OK 0x00000000UL -#define CKR_CANCEL 0x00000001UL -#define CKR_HOST_MEMORY 0x00000002UL -#define CKR_SLOT_ID_INVALID 0x00000003UL - -#define CKR_GENERAL_ERROR 0x00000005UL -#define CKR_FUNCTION_FAILED 0x00000006UL - -#define CKR_ARGUMENTS_BAD 0x00000007UL -#define CKR_NO_EVENT 0x00000008UL -#define CKR_NEED_TO_CREATE_THREADS 0x00000009UL -#define CKR_CANT_LOCK 0x0000000AUL - -#define CKR_ATTRIBUTE_READ_ONLY 0x00000010UL -#define CKR_ATTRIBUTE_SENSITIVE 0x00000011UL -#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012UL -#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013UL - -#define CKR_ACTION_PROHIBITED 0x0000001BUL - -#define CKR_DATA_INVALID 0x00000020UL -#define CKR_DATA_LEN_RANGE 0x00000021UL -#define CKR_DEVICE_ERROR 0x00000030UL -#define CKR_DEVICE_MEMORY 0x00000031UL -#define CKR_DEVICE_REMOVED 0x00000032UL -#define CKR_ENCRYPTED_DATA_INVALID 0x00000040UL -#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041UL -#define CKR_AEAD_DECRYPT_FAILED 0x00000042UL -#define CKR_FUNCTION_CANCELED 0x00000050UL -#define CKR_FUNCTION_NOT_PARALLEL 0x00000051UL - -#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054UL - -#define CKR_KEY_HANDLE_INVALID 0x00000060UL - -#define CKR_KEY_SIZE_RANGE 0x00000062UL -#define CKR_KEY_TYPE_INCONSISTENT 0x00000063UL - -#define CKR_KEY_NOT_NEEDED 0x00000064UL -#define CKR_KEY_CHANGED 0x00000065UL -#define CKR_KEY_NEEDED 0x00000066UL -#define CKR_KEY_INDIGESTIBLE 0x00000067UL -#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068UL -#define CKR_KEY_NOT_WRAPPABLE 0x00000069UL -#define CKR_KEY_UNEXTRACTABLE 0x0000006AUL - -#define CKR_MECHANISM_INVALID 0x00000070UL -#define CKR_MECHANISM_PARAM_INVALID 0x00000071UL - -#define CKR_OBJECT_HANDLE_INVALID 0x00000082UL -#define CKR_OPERATION_ACTIVE 0x00000090UL -#define CKR_OPERATION_NOT_INITIALIZED 0x00000091UL -#define CKR_PIN_INCORRECT 0x000000A0UL -#define CKR_PIN_INVALID 0x000000A1UL -#define CKR_PIN_LEN_RANGE 0x000000A2UL - -#define CKR_PIN_EXPIRED 0x000000A3UL -#define CKR_PIN_LOCKED 0x000000A4UL - -#define CKR_SESSION_CLOSED 0x000000B0UL -#define CKR_SESSION_COUNT 0x000000B1UL -#define CKR_SESSION_HANDLE_INVALID 0x000000B3UL -#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4UL -#define CKR_SESSION_READ_ONLY 0x000000B5UL -#define CKR_SESSION_EXISTS 0x000000B6UL - -#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7UL -#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8UL - -#define CKR_SIGNATURE_INVALID 0x000000C0UL -#define CKR_SIGNATURE_LEN_RANGE 0x000000C1UL -#define CKR_TEMPLATE_INCOMPLETE 0x000000D0UL -#define CKR_TEMPLATE_INCONSISTENT 0x000000D1UL -#define CKR_TOKEN_NOT_PRESENT 0x000000E0UL -#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1UL -#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2UL -#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0UL -#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1UL -#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2UL -#define CKR_USER_ALREADY_LOGGED_IN 0x00000100UL -#define CKR_USER_NOT_LOGGED_IN 0x00000101UL -#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102UL -#define CKR_USER_TYPE_INVALID 0x00000103UL - -#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104UL -#define CKR_USER_TOO_MANY_TYPES 0x00000105UL - -#define CKR_WRAPPED_KEY_INVALID 0x00000110UL -#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112UL -#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113UL -#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114UL -#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115UL -#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120UL - -#define CKR_RANDOM_NO_RNG 0x00000121UL - -#define CKR_DOMAIN_PARAMS_INVALID 0x00000130UL - -#define CKR_CURVE_NOT_SUPPORTED 0x00000140UL - -#define CKR_BUFFER_TOO_SMALL 0x00000150UL -#define CKR_SAVED_STATE_INVALID 0x00000160UL -#define CKR_INFORMATION_SENSITIVE 0x00000170UL -#define CKR_STATE_UNSAVEABLE 0x00000180UL - -#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190UL -#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191UL -#define CKR_MUTEX_BAD 0x000001A0UL -#define CKR_MUTEX_NOT_LOCKED 0x000001A1UL - -#define CKR_NEW_PIN_MODE 0x000001B0UL -#define CKR_NEXT_OTP 0x000001B1UL - -#define CKR_EXCEEDED_MAX_ITERATIONS 0x000001B5UL -#define CKR_FIPS_SELF_TEST_FAILED 0x000001B6UL -#define CKR_LIBRARY_LOAD_FAILED 0x000001B7UL -#define CKR_PIN_TOO_WEAK 0x000001B8UL -#define CKR_PUBLIC_KEY_INVALID 0x000001B9UL - -#define CKR_FUNCTION_REJECTED 0x00000200UL -#define CKR_TOKEN_RESOURCE_EXCEEDED 0x00000201UL -#define CKR_OPERATION_CANCEL_FAILED 0x00000202UL -#define CKR_KEY_EXHAUSTED 0x00000203UL - -#define CKR_VENDOR_DEFINED 0x80000000UL - - -/* CK_NOTIFY is an application callback that processes events */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_NOTIFICATION event, - CK_VOID_PTR pApplication /* passed to C_OpenSession */ -); - - -/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec - * version and pointers of appropriate types to all the - * Cryptoki functions - */ -typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; -typedef struct CK_FUNCTION_LIST_3_0 CK_FUNCTION_LIST_3_0; - -typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; -typedef CK_FUNCTION_LIST_3_0 CK_PTR CK_FUNCTION_LIST_3_0_PTR; - -typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; -typedef CK_FUNCTION_LIST_3_0_PTR CK_PTR CK_FUNCTION_LIST_3_0_PTR_PTR; - -typedef struct CK_INTERFACE { - CK_CHAR *pInterfaceName; - CK_VOID_PTR pFunctionList; - CK_FLAGS flags; -} CK_INTERFACE; - -typedef CK_INTERFACE CK_PTR CK_INTERFACE_PTR; -typedef CK_INTERFACE_PTR CK_PTR CK_INTERFACE_PTR_PTR; - -#define CKF_END_OF_MESSAGE 0x00000001UL - - -/* CK_CREATEMUTEX is an application callback for creating a - * mutex object - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( - CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ -); - - -/* CK_DESTROYMUTEX is an application callback for destroying a - * mutex object - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_LOCKMUTEX is an application callback for locking a mutex */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_UNLOCKMUTEX is an application callback for unlocking a - * mutex - */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - -/* Get functionlist flags */ -#define CKF_INTERFACE_FORK_SAFE 0x00000001UL - -/* CK_C_INITIALIZE_ARGS provides the optional arguments to - * C_Initialize - */ -typedef struct CK_C_INITIALIZE_ARGS { - CK_CREATEMUTEX CreateMutex; - CK_DESTROYMUTEX DestroyMutex; - CK_LOCKMUTEX LockMutex; - CK_UNLOCKMUTEX UnlockMutex; - CK_FLAGS flags; - CK_VOID_PTR pReserved; -} CK_C_INITIALIZE_ARGS; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001UL -#define CKF_OS_LOCKING_OK 0x00000002UL - -typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; - - - -/* additional flags for parameters to functions */ - -/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ -#define CKF_DONT_BLOCK 1 - -/* CK_RSA_PKCS_MGF_TYPE is used to indicate the Message - * Generation Function (MGF) applied to a message block when - * formatting a message block for the PKCS #1 OAEP encryption - * scheme. - */ -typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; - -typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; - -/* The following MGFs are defined */ -#define CKG_MGF1_SHA1 0x00000001UL -#define CKG_MGF1_SHA256 0x00000002UL -#define CKG_MGF1_SHA384 0x00000003UL -#define CKG_MGF1_SHA512 0x00000004UL -#define CKG_MGF1_SHA224 0x00000005UL -#define CKG_MGF1_SHA3_224 0x00000006UL -#define CKG_MGF1_SHA3_256 0x00000007UL -#define CKG_MGF1_SHA3_384 0x00000008UL -#define CKG_MGF1_SHA3_512 0x00000009UL - - -/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source - * of the encoding parameter when formatting a message block - * for the PKCS #1 OAEP encryption scheme. - */ -typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; - -typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; - -/* The following encoding parameter sources are defined */ -#define CKZ_DATA_SPECIFIED 0x00000001UL - -/* CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the - * CKM_RSA_PKCS_OAEP mechanism. - */ -typedef struct CK_RSA_PKCS_OAEP_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_RSA_PKCS_OAEP_SOURCE_TYPE source; - CK_VOID_PTR pSourceData; - CK_ULONG ulSourceDataLen; -} CK_RSA_PKCS_OAEP_PARAMS; - -typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; - -/* CK_RSA_PKCS_PSS_PARAMS provides the parameters to the - * CKM_RSA_PKCS_PSS mechanism(s). - */ -typedef struct CK_RSA_PKCS_PSS_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_ULONG sLen; -} CK_RSA_PKCS_PSS_PARAMS; - -typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; - -typedef CK_ULONG CK_EC_KDF_TYPE; -typedef CK_EC_KDF_TYPE CK_PTR CK_EC_KDF_TYPE_PTR; - -/* The following EC Key Derivation Functions are defined */ -#define CKD_NULL 0x00000001UL -#define CKD_SHA1_KDF 0x00000002UL - -/* The following X9.42 DH key derivation functions are defined */ -#define CKD_SHA1_KDF_ASN1 0x00000003UL -#define CKD_SHA1_KDF_CONCATENATE 0x00000004UL -#define CKD_SHA224_KDF 0x00000005UL -#define CKD_SHA256_KDF 0x00000006UL -#define CKD_SHA384_KDF 0x00000007UL -#define CKD_SHA512_KDF 0x00000008UL -#define CKD_CPDIVERSIFY_KDF 0x00000009UL -#define CKD_SHA3_224_KDF 0x0000000AUL -#define CKD_SHA3_256_KDF 0x0000000BUL -#define CKD_SHA3_384_KDF 0x0000000CUL -#define CKD_SHA3_512_KDF 0x0000000DUL -#define CKD_SHA1_KDF_SP800 0x0000000EUL -#define CKD_SHA224_KDF_SP800 0x0000000FUL -#define CKD_SHA256_KDF_SP800 0x00000010UL -#define CKD_SHA384_KDF_SP800 0x00000011UL -#define CKD_SHA512_KDF_SP800 0x00000012UL -#define CKD_SHA3_224_KDF_SP800 0x00000013UL -#define CKD_SHA3_256_KDF_SP800 0x00000014UL -#define CKD_SHA3_384_KDF_SP800 0x00000015UL -#define CKD_SHA3_512_KDF_SP800 0x00000016UL -#define CKD_BLAKE2B_160_KDF 0x00000017UL -#define CKD_BLAKE2B_256_KDF 0x00000018UL -#define CKD_BLAKE2B_384_KDF 0x00000019UL -#define CKD_BLAKE2B_512_KDF 0x0000001aUL - -/* CK_ECDH1_DERIVE_PARAMS provides the parameters to the - * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, - * where each party contributes one key pair. - */ -typedef struct CK_ECDH1_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_ECDH1_DERIVE_PARAMS; - -typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; - -/* - * CK_ECDH2_DERIVE_PARAMS provides the parameters to the - * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. - */ -typedef struct CK_ECDH2_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; -} CK_ECDH2_DERIVE_PARAMS; - -typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; - -typedef struct CK_ECMQV_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; - CK_OBJECT_HANDLE publicKey; -} CK_ECMQV_DERIVE_PARAMS; - -typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR; - -/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the - * CKM_X9_42_DH_PARAMETER_GEN mechanisms - */ -typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; -typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; - -/* CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the - * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party - * contributes one key pair - */ -typedef struct CK_X9_42_DH1_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_X9_42_DH1_DERIVE_PARAMS; - -typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; - -/* CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the - * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation - * mechanisms, where each party contributes two key pairs - */ -typedef struct CK_X9_42_DH2_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; -} CK_X9_42_DH2_DERIVE_PARAMS; - -typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; - -typedef struct CK_X9_42_MQV_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; - CK_OBJECT_HANDLE publicKey; -} CK_X9_42_MQV_DERIVE_PARAMS; - -typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR; - -/* CK_KEA_DERIVE_PARAMS provides the parameters to the - * CKM_KEA_DERIVE mechanism - */ -typedef struct CK_KEA_DERIVE_PARAMS { - CK_BBOOL isSender; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pRandomB; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_KEA_DERIVE_PARAMS; - -typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; - - -/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and - * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just - * holds the effective keysize - */ -typedef CK_ULONG CK_RC2_PARAMS; - -typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; - - -/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC - * mechanism - */ -typedef struct CK_RC2_CBC_PARAMS { - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - CK_BYTE iv[8]; /* IV for CBC mode */ -} CK_RC2_CBC_PARAMS; - -typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; - - -/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC2_MAC_GENERAL mechanism - */ -typedef struct CK_RC2_MAC_GENERAL_PARAMS { - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC2_MAC_GENERAL_PARAMS; - -typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC2_MAC_GENERAL_PARAMS_PTR; - - -/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and - * CKM_RC5_MAC mechanisms - */ -typedef struct CK_RC5_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ -} CK_RC5_PARAMS; - -typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; - - -/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC - * mechanism - */ -typedef struct CK_RC5_CBC_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_BYTE_PTR pIv; /* pointer to IV */ - CK_ULONG ulIvLen; /* length of IV in bytes */ -} CK_RC5_CBC_PARAMS; - -typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; - - -/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC5_MAC_GENERAL mechanism - */ -typedef struct CK_RC5_MAC_GENERAL_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC5_MAC_GENERAL_PARAMS; - -typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC5_MAC_GENERAL_PARAMS_PTR; - -/* CK_MAC_GENERAL_PARAMS provides the parameters to most block - * ciphers' MAC_GENERAL mechanisms. Its value is the length of - * the MAC - */ -typedef CK_ULONG CK_MAC_GENERAL_PARAMS; - -typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; - -typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[8]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_DES_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_AES_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; - -/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the - * CKM_SKIPJACK_PRIVATE_WRAP mechanism - */ -typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pPassword; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPAndGLen; - CK_ULONG ulQLen; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pPrimeP; - CK_BYTE_PTR pBaseG; - CK_BYTE_PTR pSubprimeQ; -} CK_SKIPJACK_PRIVATE_WRAP_PARAMS; - -typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ - CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR; - - -/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the - * CKM_SKIPJACK_RELAYX mechanism - */ -typedef struct CK_SKIPJACK_RELAYX_PARAMS { - CK_ULONG ulOldWrappedXLen; - CK_BYTE_PTR pOldWrappedX; - CK_ULONG ulOldPasswordLen; - CK_BYTE_PTR pOldPassword; - CK_ULONG ulOldPublicDataLen; - CK_BYTE_PTR pOldPublicData; - CK_ULONG ulOldRandomLen; - CK_BYTE_PTR pOldRandomA; - CK_ULONG ulNewPasswordLen; - CK_BYTE_PTR pNewPassword; - CK_ULONG ulNewPublicDataLen; - CK_BYTE_PTR pNewPublicData; - CK_ULONG ulNewRandomLen; - CK_BYTE_PTR pNewRandomA; -} CK_SKIPJACK_RELAYX_PARAMS; - -typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ - CK_SKIPJACK_RELAYX_PARAMS_PTR; - - -typedef struct CK_PBE_PARAMS { - CK_BYTE_PTR pInitVector; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pSalt; - CK_ULONG ulSaltLen; - CK_ULONG ulIteration; -} CK_PBE_PARAMS; - -typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; - - -/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the - * CKM_KEY_WRAP_SET_OAEP mechanism - */ -typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { - CK_BYTE bBC; /* block contents byte */ - CK_BYTE_PTR pX; /* extra data */ - CK_ULONG ulXLen; /* length of extra data in bytes */ -} CK_KEY_WRAP_SET_OAEP_PARAMS; - -typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; - -typedef struct CK_SSL3_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_SSL3_RANDOM_DATA; - - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { - CK_SSL3_RANDOM_DATA RandomInfo; - CK_VERSION_PTR pVersion; -} CK_SSL3_MASTER_KEY_DERIVE_PARAMS; - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_SSL3_KEY_MAT_OUT { - CK_OBJECT_HANDLE hClientMacSecret; - CK_OBJECT_HANDLE hServerMacSecret; - CK_OBJECT_HANDLE hClientKey; - CK_OBJECT_HANDLE hServerKey; - CK_BYTE_PTR pIVClient; - CK_BYTE_PTR pIVServer; -} CK_SSL3_KEY_MAT_OUT; - -typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; - - -typedef struct CK_SSL3_KEY_MAT_PARAMS { - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_BBOOL bIsExport; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_SSL3_KEY_MAT_PARAMS; - -typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; - -typedef struct CK_TLS_PRF_PARAMS { - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; -} CK_TLS_PRF_PARAMS; - -typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; - -typedef struct CK_WTLS_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_WTLS_RANDOM_DATA; - -typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR; - -typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_WTLS_RANDOM_DATA RandomInfo; - CK_BYTE_PTR pVersion; -} CK_WTLS_MASTER_KEY_DERIVE_PARAMS; - -typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_WTLS_PRF_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; -} CK_WTLS_PRF_PARAMS; - -typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR; - -typedef struct CK_WTLS_KEY_MAT_OUT { - CK_OBJECT_HANDLE hMacSecret; - CK_OBJECT_HANDLE hKey; - CK_BYTE_PTR pIV; -} CK_WTLS_KEY_MAT_OUT; - -typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR; - -typedef struct CK_WTLS_KEY_MAT_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_ULONG ulSequenceNumber; - CK_BBOOL bIsExport; - CK_WTLS_RANDOM_DATA RandomInfo; - CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_WTLS_KEY_MAT_PARAMS; - -typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR; - -typedef struct CK_CMS_SIG_PARAMS { - CK_OBJECT_HANDLE certificateHandle; - CK_MECHANISM_PTR pSigningMechanism; - CK_MECHANISM_PTR pDigestMechanism; - CK_UTF8CHAR_PTR pContentType; - CK_BYTE_PTR pRequestedAttributes; - CK_ULONG ulRequestedAttributesLen; - CK_BYTE_PTR pRequiredAttributes; - CK_ULONG ulRequiredAttributesLen; -} CK_CMS_SIG_PARAMS; - -typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR; - -typedef struct CK_KEY_DERIVATION_STRING_DATA { - CK_BYTE_PTR pData; - CK_ULONG ulLen; -} CK_KEY_DERIVATION_STRING_DATA; - -typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ - CK_KEY_DERIVATION_STRING_DATA_PTR; - - -/* The CK_EXTRACT_PARAMS is used for the - * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit - * of the base key should be used as the first bit of the - * derived key - */ -typedef CK_ULONG CK_EXTRACT_PARAMS; - -typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; - -/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to - * indicate the Pseudo-Random Function (PRF) used to generate - * key bits using PKCS #5 PBKDF2. - */ -typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; - -typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR \ - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; - -#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001UL -#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 0x00000002UL -#define CKP_PKCS5_PBKD2_HMAC_SHA224 0x00000003UL -#define CKP_PKCS5_PBKD2_HMAC_SHA256 0x00000004UL -#define CKP_PKCS5_PBKD2_HMAC_SHA384 0x00000005UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512 0x00000006UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512_224 0x00000007UL -#define CKP_PKCS5_PBKD2_HMAC_SHA512_256 0x00000008UL - -/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the - * source of the salt value when deriving a key using PKCS #5 - * PBKDF2. - */ -typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; - -typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR \ - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; - -/* The following salt value sources are defined in PKCS #5 v2.0. */ -#define CKZ_SALT_SPECIFIED 0x00000001UL - -/* CK_PKCS5_PBKD2_PARAMS is a structure that provides the - * parameters to the CKM_PKCS5_PBKD2 mechanism. - */ -typedef struct CK_PKCS5_PBKD2_PARAMS { - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; - CK_VOID_PTR pSaltSourceData; - CK_ULONG ulSaltSourceDataLen; - CK_ULONG iterations; - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; - CK_VOID_PTR pPrfData; - CK_ULONG ulPrfDataLen; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG_PTR ulPasswordLen; -} CK_PKCS5_PBKD2_PARAMS; - -typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; - -/* CK_PKCS5_PBKD2_PARAMS2 is a corrected version of the CK_PKCS5_PBKD2_PARAMS - * structure that provides the parameters to the CKM_PKCS5_PBKD2 mechanism - * noting that the ulPasswordLen field is a CK_ULONG and not a CK_ULONG_PTR. - */ -typedef struct CK_PKCS5_PBKD2_PARAMS2 { - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; - CK_VOID_PTR pSaltSourceData; - CK_ULONG ulSaltSourceDataLen; - CK_ULONG iterations; - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; - CK_VOID_PTR pPrfData; - CK_ULONG ulPrfDataLen; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG ulPasswordLen; -} CK_PKCS5_PBKD2_PARAMS2; - -typedef CK_PKCS5_PBKD2_PARAMS2 CK_PTR CK_PKCS5_PBKD2_PARAMS2_PTR; - -typedef CK_ULONG CK_OTP_PARAM_TYPE; -typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* backward compatibility */ - -typedef struct CK_OTP_PARAM { - CK_OTP_PARAM_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; -} CK_OTP_PARAM; - -typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR; - -typedef struct CK_OTP_PARAMS { - CK_OTP_PARAM_PTR pParams; - CK_ULONG ulCount; -} CK_OTP_PARAMS; - -typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR; - -typedef struct CK_OTP_SIGNATURE_INFO { - CK_OTP_PARAM_PTR pParams; - CK_ULONG ulCount; -} CK_OTP_SIGNATURE_INFO; - -typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR; - -#define CK_OTP_VALUE 0UL -#define CK_OTP_PIN 1UL -#define CK_OTP_CHALLENGE 2UL -#define CK_OTP_TIME 3UL -#define CK_OTP_COUNTER 4UL -#define CK_OTP_FLAGS 5UL -#define CK_OTP_OUTPUT_LENGTH 6UL -#define CK_OTP_OUTPUT_FORMAT 7UL - -#define CKF_NEXT_OTP 0x00000001UL -#define CKF_EXCLUDE_TIME 0x00000002UL -#define CKF_EXCLUDE_COUNTER 0x00000004UL -#define CKF_EXCLUDE_CHALLENGE 0x00000008UL -#define CKF_EXCLUDE_PIN 0x00000010UL -#define CKF_USER_FRIENDLY_OTP 0x00000020UL - -typedef struct CK_KIP_PARAMS { - CK_MECHANISM_PTR pMechanism; - CK_OBJECT_HANDLE hKey; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; -} CK_KIP_PARAMS; - -typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR; - -typedef struct CK_AES_CTR_PARAMS { - CK_ULONG ulCounterBits; - CK_BYTE cb[16]; -} CK_AES_CTR_PARAMS; - -typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; - -typedef struct CK_GCM_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvBits; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulTagBits; -} CK_GCM_PARAMS; - -typedef CK_GCM_PARAMS CK_PTR CK_GCM_PARAMS_PTR; - -typedef CK_ULONG CK_GENERATOR_FUNCTION; -#define CKG_NO_GENERATE 0x00000000UL -#define CKG_GENERATE 0x00000001UL -#define CKG_GENERATE_COUNTER 0x00000002UL -#define CKG_GENERATE_RANDOM 0x00000003UL -#define CKG_GENERATE_COUNTER_XOR 0x00000004UL - -typedef struct CK_GCM_MESSAGE_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvFixedBits; - CK_GENERATOR_FUNCTION ivGenerator; - CK_BYTE_PTR pTag; - CK_ULONG ulTagBits; -} CK_GCM_MESSAGE_PARAMS; - -typedef CK_GCM_MESSAGE_PARAMS CK_PTR CK_GCM_MESSAGE_PARAMS_PTR; - -typedef struct CK_CCM_PARAMS { - CK_ULONG ulDataLen; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulMACLen; -} CK_CCM_PARAMS; - -typedef CK_CCM_PARAMS CK_PTR CK_CCM_PARAMS_PTR; - -typedef struct CK_CCM_MESSAGE_PARAMS { - CK_ULONG ulDataLen; /*plaintext or ciphertext*/ - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_ULONG ulNonceFixedBits; - CK_GENERATOR_FUNCTION nonceGenerator; - CK_BYTE_PTR pMAC; - CK_ULONG ulMACLen; -} CK_CCM_MESSAGE_PARAMS; - -typedef CK_CCM_MESSAGE_PARAMS CK_PTR CK_CCM_MESSAGE_PARAMS_PTR; - -/* Deprecated. Use CK_GCM_PARAMS */ -typedef struct CK_AES_GCM_PARAMS { - CK_BYTE_PTR pIv; - CK_ULONG ulIvLen; - CK_ULONG ulIvBits; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulTagBits; -} CK_AES_GCM_PARAMS; - -typedef CK_AES_GCM_PARAMS CK_PTR CK_AES_GCM_PARAMS_PTR; - -/* Deprecated. Use CK_CCM_PARAMS */ -typedef struct CK_AES_CCM_PARAMS { - CK_ULONG ulDataLen; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; - CK_ULONG ulMACLen; -} CK_AES_CCM_PARAMS; - -typedef CK_AES_CCM_PARAMS CK_PTR CK_AES_CCM_PARAMS_PTR; - -typedef struct CK_CAMELLIA_CTR_PARAMS { - CK_ULONG ulCounterBits; - CK_BYTE cb[16]; -} CK_CAMELLIA_CTR_PARAMS; - -typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR; - -typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_DSA_PARAMETER_GEN_PARAM { - CK_MECHANISM_TYPE hash; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_ULONG ulIndex; -} CK_DSA_PARAMETER_GEN_PARAM; - -typedef CK_DSA_PARAMETER_GEN_PARAM CK_PTR CK_DSA_PARAMETER_GEN_PARAM_PTR; - -typedef struct CK_ECDH_AES_KEY_WRAP_PARAMS { - CK_ULONG ulAESKeyBits; - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; -} CK_ECDH_AES_KEY_WRAP_PARAMS; - -typedef CK_ECDH_AES_KEY_WRAP_PARAMS CK_PTR CK_ECDH_AES_KEY_WRAP_PARAMS_PTR; - -typedef CK_ULONG CK_JAVA_MIDP_SECURITY_DOMAIN; - -typedef CK_ULONG CK_CERTIFICATE_CATEGORY; - -typedef struct CK_RSA_AES_KEY_WRAP_PARAMS { - CK_ULONG ulAESKeyBits; - CK_RSA_PKCS_OAEP_PARAMS_PTR pOAEPParams; -} CK_RSA_AES_KEY_WRAP_PARAMS; - -typedef CK_RSA_AES_KEY_WRAP_PARAMS CK_PTR CK_RSA_AES_KEY_WRAP_PARAMS_PTR; - -typedef struct CK_TLS12_MASTER_KEY_DERIVE_PARAMS { - CK_SSL3_RANDOM_DATA RandomInfo; - CK_VERSION_PTR pVersion; - CK_MECHANISM_TYPE prfHashMechanism; -} CK_TLS12_MASTER_KEY_DERIVE_PARAMS; - -typedef CK_TLS12_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_TLS12_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_TLS12_KEY_MAT_PARAMS { - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_BBOOL bIsExport; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; - CK_MECHANISM_TYPE prfHashMechanism; -} CK_TLS12_KEY_MAT_PARAMS; - -typedef CK_TLS12_KEY_MAT_PARAMS CK_PTR CK_TLS12_KEY_MAT_PARAMS_PTR; - -typedef struct CK_TLS_KDF_PARAMS { - CK_MECHANISM_TYPE prfMechanism; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLength; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_BYTE_PTR pContextData; - CK_ULONG ulContextDataLength; -} CK_TLS_KDF_PARAMS; - -typedef CK_TLS_KDF_PARAMS CK_PTR CK_TLS_KDF_PARAMS_PTR; - -typedef struct CK_TLS_MAC_PARAMS { - CK_MECHANISM_TYPE prfHashMechanism; - CK_ULONG ulMacLength; - CK_ULONG ulServerOrClient; -} CK_TLS_MAC_PARAMS; - -typedef CK_TLS_MAC_PARAMS CK_PTR CK_TLS_MAC_PARAMS_PTR; - -typedef struct CK_GOSTR3410_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pUKM; - CK_ULONG ulUKMLen; -} CK_GOSTR3410_DERIVE_PARAMS; - -typedef CK_GOSTR3410_DERIVE_PARAMS CK_PTR CK_GOSTR3410_DERIVE_PARAMS_PTR; - -typedef struct CK_GOSTR3410_KEY_WRAP_PARAMS { - CK_BYTE_PTR pWrapOID; - CK_ULONG ulWrapOIDLen; - CK_BYTE_PTR pUKM; - CK_ULONG ulUKMLen; - CK_OBJECT_HANDLE hKey; -} CK_GOSTR3410_KEY_WRAP_PARAMS; - -typedef CK_GOSTR3410_KEY_WRAP_PARAMS CK_PTR CK_GOSTR3410_KEY_WRAP_PARAMS_PTR; - -typedef struct CK_SEED_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_SEED_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_SEED_CBC_ENCRYPT_DATA_PARAMS CK_PTR \ - CK_SEED_CBC_ENCRYPT_DATA_PARAMS_PTR; - -/* - * New PKCS 11 v3.0 data structures. - */ - -typedef CK_ULONG CK_PROFILE_ID; -typedef CK_PROFILE_ID CK_PTR CK_PROFILE_ID_PTR; - -/* Typedefs for Flexible KDF */ -typedef CK_ULONG CK_PRF_DATA_TYPE; -typedef CK_MECHANISM_TYPE CK_SP800_108_PRF_TYPE; -#define CK_SP800_108_ITERATION_VARIABLE 0x00000001UL -#define CK_SP800_108_OPTIONAL_COUNTER 0x00000002UL -#define CK_SP800_108_DKM_LENGTH 0x00000003UL -#define CK_SP800_108_BYTE_ARRAY 0x00000004UL -#define CK_SP800_108_COUNTER CK_SP800_108_OPTIONAL_COUNTER - -typedef struct CK_PRF_DATA_PARAM -{ - CK_PRF_DATA_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; -} CK_PRF_DATA_PARAM; - -typedef CK_PRF_DATA_PARAM CK_PTR CK_PRF_DATA_PARAM_PTR; - - -typedef struct CK_SP800_108_COUNTER_FORMAT -{ - CK_BBOOL bLittleEndian; - CK_ULONG ulWidthInBits; -} CK_SP800_108_COUNTER_FORMAT; - -typedef CK_SP800_108_COUNTER_FORMAT CK_PTR CK_SP800_108_COUNTER_FORMAT_PTR; - -typedef CK_ULONG CK_SP800_108_DKM_LENGTH_METHOD; -#define CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS 0x00000001UL -#define CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS 0x00000002UL - -typedef struct CK_SP800_108_DKM_LENGTH_FORMAT -{ - CK_SP800_108_DKM_LENGTH_METHOD dkmLengthMethod; - CK_BBOOL bLittleEndian; - CK_ULONG ulWidthInBits; -} CK_SP800_108_DKM_LENGTH_FORMAT; - -typedef CK_SP800_108_DKM_LENGTH_FORMAT \ - CK_PTR CK_SP800_108_DKM_LENGTH_FORMAT_PTR; - -typedef struct CK_DERIVED_KEY -{ - CK_ATTRIBUTE_PTR pTemplate; - CK_ULONG ulAttributeCount; - CK_OBJECT_HANDLE_PTR phKey; -} CK_DERIVED_KEY; - -typedef CK_DERIVED_KEY CK_PTR CK_DERIVED_KEY_PTR; - -typedef struct CK_SP800_108_KDF_PARAMS -{ - CK_SP800_108_PRF_TYPE prfType; - CK_ULONG ulNumberOfDataParams; - CK_PRF_DATA_PARAM_PTR pDataParams; - CK_ULONG ulAdditionalDerivedKeys; - CK_DERIVED_KEY_PTR pAdditionalDerivedKeys; -} CK_SP800_108_KDF_PARAMS; - -typedef CK_SP800_108_KDF_PARAMS CK_PTR CK_SP800_108_KDF_PARAMS_PTR; - -typedef struct CK_SP800_108_FEEDBACK_KDF_PARAMS -{ - CK_SP800_108_PRF_TYPE prfType; - CK_ULONG ulNumberOfDataParams; - CK_PRF_DATA_PARAM_PTR pDataParams; - CK_ULONG ulIVLen; - CK_BYTE_PTR pIV; - CK_ULONG ulAdditionalDerivedKeys; - CK_DERIVED_KEY_PTR pAdditionalDerivedKeys; -} CK_SP800_108_FEEDBACK_KDF_PARAMS; - -typedef CK_SP800_108_FEEDBACK_KDF_PARAMS \ - CK_PTR CK_SP800_108_FEEDBACK_KDF_PARAMS_PTR; - -/* EDDSA */ -typedef struct CK_EDDSA_PARAMS { - CK_BBOOL phFlag; - CK_ULONG ulContextDataLen; - CK_BYTE_PTR pContextData; -} CK_EDDSA_PARAMS; - -typedef CK_EDDSA_PARAMS CK_PTR CK_EDDSA_PARAMS_PTR; - -/* Extended ChaCha20/Salsa20 support*/ -typedef struct CK_CHACHA20_PARAMS { - CK_BYTE_PTR pBlockCounter; - CK_ULONG blockCounterBits; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceBits; -} CK_CHACHA20_PARAMS; - -typedef CK_CHACHA20_PARAMS CK_PTR CK_CHACHA20_PARAMS_PTR; - -typedef struct CK_SALSA20_PARAMS { - CK_BYTE_PTR pBlockCounter; - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceBits; -} CK_SALSA20_PARAMS; -typedef CK_SALSA20_PARAMS CK_PTR CK_SALSA20_PARAMS_PTR; - -typedef struct CK_SALSA20_CHACHA20_POLY1305_PARAMS { - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pAAD; - CK_ULONG ulAADLen; -} CK_SALSA20_CHACHA20_POLY1305_PARAMS; - -typedef CK_SALSA20_CHACHA20_POLY1305_PARAMS \ - CK_PTR CK_SALSA20_CHACHA20_POLY1305_PARAMS_PTR; - -typedef struct CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS { - CK_BYTE_PTR pNonce; - CK_ULONG ulNonceLen; - CK_BYTE_PTR pTag; -} CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS; - -typedef CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS \ - CK_PTR CK_SALSA20_CHACHA20_POLY1305_MSG_PARAMS_PTR; - -typedef CK_ULONG CK_X3DH_KDF_TYPE; -typedef CK_X3DH_KDF_TYPE CK_PTR CK_X3DH_KDF_TYPE_PTR; - -/* X3dh, ratchet */ -typedef struct CK_X3DH_INITIATE_PARAMS { - CK_X3DH_KDF_TYPE kdf; - CK_OBJECT_HANDLE pPeer_identity; - CK_OBJECT_HANDLE pPeer_prekey; - CK_BYTE_PTR pPrekey_signature; - CK_BYTE_PTR pOnetime_key; - CK_OBJECT_HANDLE pOwn_identity; - CK_OBJECT_HANDLE pOwn_ephemeral; -} CK_X3DH_INITIATE_PARAMS; - -typedef struct CK_X3DH_RESPOND_PARAMS { - CK_X3DH_KDF_TYPE kdf; - CK_BYTE_PTR pIdentity_id; - CK_BYTE_PTR pPrekey_id; - CK_BYTE_PTR pOnetime_id; - CK_OBJECT_HANDLE pInitiator_identity; - CK_BYTE_PTR pInitiator_ephemeral; -} CK_X3DH_RESPOND_PARAMS; - -typedef CK_ULONG CK_X2RATCHET_KDF_TYPE; -typedef CK_X2RATCHET_KDF_TYPE CK_PTR CK_X2RATCHET_KDF_TYPE_PTR; - -typedef struct CK_X2RATCHET_INITIALIZE_PARAMS { - CK_BYTE_PTR sk; - CK_OBJECT_HANDLE peer_public_prekey; - CK_OBJECT_HANDLE peer_public_identity; - CK_OBJECT_HANDLE own_public_identity; - CK_BBOOL bEncryptedHeader; - CK_ULONG eCurve; - CK_MECHANISM_TYPE aeadMechanism; - CK_X2RATCHET_KDF_TYPE kdfMechanism; -} CK_X2RATCHET_INITIALIZE_PARAMS; - -typedef CK_X2RATCHET_INITIALIZE_PARAMS \ - CK_PTR CK_X2RATCHET_INITIALIZE_PARAMS_PTR; - -typedef struct CK_X2RATCHET_RESPOND_PARAMS { - CK_BYTE_PTR sk; - CK_OBJECT_HANDLE own_prekey; - CK_OBJECT_HANDLE initiator_identity; - CK_OBJECT_HANDLE own_public_identity; - CK_BBOOL bEncryptedHeader; - CK_ULONG eCurve; - CK_MECHANISM_TYPE aeadMechanism; - CK_X2RATCHET_KDF_TYPE kdfMechanism; -} CK_X2RATCHET_RESPOND_PARAMS; -typedef CK_X2RATCHET_RESPOND_PARAMS \ - CK_PTR CK_X2RATCHET_RESPOND_PARAMS_PTR; - -typedef CK_ULONG CK_XEDDSA_HASH_TYPE; -typedef CK_XEDDSA_HASH_TYPE CK_PTR CK_XEDDSA_HASH_TYPE_PTR; - -/* XEDDSA */ -typedef struct CK_XEDDSA_PARAMS { - CK_XEDDSA_HASH_TYPE hash; -} CK_XEDDSA_PARAMS; -typedef CK_XEDDSA_PARAMS CK_PTR CK_XEDDSA_PARAMS_PTR; - -/* HKDF params */ -typedef struct CK_HKDF_PARAMS { - CK_BBOOL bExtract; - CK_BBOOL bExpand; - CK_MECHANISM_TYPE prfHashMechanism; - CK_ULONG ulSaltType; - CK_BYTE_PTR pSalt; - CK_ULONG ulSaltLen; - CK_OBJECT_HANDLE hSaltKey; - CK_BYTE_PTR pInfo; - CK_ULONG ulInfoLen; -} CK_HKDF_PARAMS; -typedef CK_HKDF_PARAMS CK_PTR CK_HKDF_PARAMS_PTR; - -#define CKF_HKDF_SALT_NULL 0x00000001UL -#define CKF_HKDF_SALT_DATA 0x00000002UL -#define CKF_HKDF_SALT_KEY 0x00000004UL - -/* HSS */ -typedef CK_ULONG CK_HSS_LEVELS; -typedef CK_ULONG CK_LMS_TYPE; -typedef CK_ULONG CK_LMOTS_TYPE; - -typedef struct specifiedParams { - CK_HSS_LEVELS levels; - CK_LMS_TYPE lm_type[8]; - CK_LMOTS_TYPE lm_ots_type[8]; -} specifiedParams; - -/* IKE Params */ -typedef struct CK_IKE2_PRF_PLUS_DERIVE_PARAMS { - CK_MECHANISM_TYPE prfMechanism; - CK_BBOOL bHasSeedKey; - CK_OBJECT_HANDLE hSeedKey; - CK_BYTE_PTR pSeedData; - CK_ULONG ulSeedDataLen; -} CK_IKE2_PRF_PLUS_DERIVE_PARAMS; -typedef CK_IKE2_PRF_PLUS_DERIVE_PARAMS CK_PTR CK_IKE2_PRF_PLUS_DERIVE_PARAMS_PTR; - -typedef struct CK_IKE_PRF_DERIVE_PARAMS { - CK_MECHANISM_TYPE prfMechanism; - CK_BBOOL bDataAsKey; - CK_BBOOL bRekey; - CK_BYTE_PTR pNi; - CK_ULONG ulNiLen; - CK_BYTE_PTR pNr; - CK_ULONG ulNrLen; - CK_OBJECT_HANDLE hNewKey; -} CK_IKE_PRF_DERIVE_PARAMS; -typedef CK_IKE_PRF_DERIVE_PARAMS CK_PTR CK_IKE_PRF_DERIVE_PARAMS_PTR; - -typedef struct CK_IKE1_PRF_DERIVE_PARAMS { - CK_MECHANISM_TYPE prfMechanism; - CK_BBOOL bHasPrevKey; - CK_OBJECT_HANDLE hKeygxy - CK_OBJECT_HANDLE hPrevKey; - CK_BYTE_PTR pCKYi; - CK_ULONG ulCKYiLen; - CK_BYTE_PTR pCKYr; - CK_ULONG ulCKYrLen; - CK_BYTE keyNumber; -} CK_IKE1_PRF_DERIVE_PARAMS; -typedef CK_IKE1_PRF_DERIVE_PARAMS CK_PTR CK_IKE1_PRF_DERIVE_PARAMS_PTR; - -typedef struct CK_IKE1_EXTENDED_DERIVE_PARAMS { - CK_MECHANISM_TYPE prfMechanism; - CK_BBOOL bHasKeygxy; - CK_OBJECT_HANDLE hKeygxy; - CK_BYTE_PTR pExtraData; - CK_ULONG ulExtraDataLen; -} CK_IKE1_EXTENDED_DERIVE_PARAMS; -typedef CK_IKE1_EXTENDED_DERIVE_PARAMS CK_PTR CK_IKE1_EXTENDED_DERIVE_PARAMS_PTR; - -#endif /* _PKCS11T_H_ */ - diff --git a/working/identifier_db/README b/working/identifier_db/README deleted file mode 100644 index bf62e54..0000000 --- a/working/identifier_db/README +++ /dev/null @@ -1,98 +0,0 @@ -The following directory contains tools for helping allocate values for -identifiers in the OASIS PKCS #11 spec. Under the current TC policy, these -identifier values are allocated by the TC co-chairs and handed off to the -proposers when their spec nears the time for TC balloting. - -These are only tools to help the co-chairs manage allocating identifier values -for proposals. The official identifier values can be found in the balloted -proposals on the OASIS PKCS #11 page. - -The tools in this directory include: -1) sample.prop - a sample proposal -2) ./process_proposal.pl - perl script to allocate idenifiers for a proposal. -3) ./approve_proposal.pl - perl script to move proposed mechanisms to approved mechanisms -4) ./release.pl - perl script to move approved identifiers to spec identifies. -5) ./verify.pl - perl script to verify the integrity of the database. -6) raw_ids.db - database of allocated identifiers. - ------------------------------------------------------------------ - -How to allocate identifiers for a new proposal: - -1) Create a new proposal. Proposals have: - 1.1) first line is the proposal name - 1.2) type of identifier. you can list the types with: - $ ./verify.pl types - 1.3) list of identifiers and proposed values of the form: - #define - value must be a hex value. If value is zero, then a new identifer value - will be allocated. - 1.4) optionally next type of identifer, followed by it's list. - Blank lines are ignored. - -2) pull the git repository. -3) run ./process_proposal.pl as follows: - $ ./process_proposal.pl myproposal.prop myproposal.result -4) git add raw_ids.db -5) commit and push raw_ids.db -6) send myproposal.result to the other co-chair and the proposer. - ------------------------------------------------------------------ - -How to mark identifiers approved once the proposal passes the ballot. - -run ./approve_proposal.pl myproposal.result - -where myproposal.result is the result file created in the ./process_proposal.pl step - ----------------------------------------------------------------------- -How to examine the database: - -./verify.pl will check the database for invalid and duplicate entries. -In addition, you can supply any of the following keywords: - -help: get a list of the commands. -dump: displays the entire database values. -types: list the valid types currently in the database as well as the next - unallocated identifer, or the unallocated flag bits. - list all identifiers of type - list all identifiers of a particular dispostion (proposed, approved, spec) ect. -header [full] [path]: verify that the pkcs11t.h header is consistant with the -database. If full is specified, then it expects identifiers that are -disposition=proposed to be in the header, othersize './verify.pl header' checks -that only approved and spec are in the header. The output include: - - Entries that are in the database, but missing from the header. - - Entries that are in both the database and the header, but their value - is inconsistant. - - Entries that are in the header, but not in the database. In this last - case there are some special entries that help reduce the noise of false - positives. 1) the aliases.db contain a list of entries that are deprecated - in favor of the 'official' name. The aliases may show up in the header. - 2) Entries of the form CK?_VENDOR_DEFINED and have the value 0x80000000UL - are ignored. - ----------------------------------------------------------------------- -How to lookup an identifier in the database: - -./lookup identifier - -if identifier is a type or disposition, it does the same as ./verify.pl. ----------------------------------------------------------------------- - -Format of raw_ids.db: - -each line is a record. -{identifier},{value},{type},{disposition} - -{identifier} is the PKCS #11 #define value (example: CKM_AES_CBC). -{value} is the value of the identifier in hex. -{type} is the type of identifier. Multiple identifiers with the same type and value is prohibited. Valid types can be listed with: - $ ./verify.pl types -{dispositon} what is the state of this identifier value pair: - spec - identifer is in an approved OASIS PKCS #11 spec - proposed - identifer has been allocated for a proposal - approved - the proposal with this identifer has been approved by the TC. - ------------------------------------------------------------------------- - - diff --git a/working/identifier_db/aliases.db b/working/identifier_db/aliases.db deleted file mode 100644 index eab1e5f..0000000 --- a/working/identifier_db/aliases.db +++ /dev/null @@ -1,25 +0,0 @@ - CKF_EC_NAMEDCURVE CKF_EC_OID - CKA_ECDSA_PARAMS CKA_EC_PARAMS - CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS - CKK_CAST5 CKK_CAST128 - CKK_ECDSA CKK_EC - CK_SP800_108_COUNTER CK_SP800_108_OPTIONAL_COUNTER - CKM_CAST5_CBC CKM_CAST128_CBC - CKM_CAST5_CBC_PAD CKM_CAST128_CBC_PAD - CKM_CAST5_ECB CKM_CAST128_ECB - CKM_CAST5_KEY_GEN CKM_CAST128_KEY_GEN - CKM_CAST5_MAC CKM_CAST128_MAC - CKM_CAST5_MAC_GENERAL CKM_CAST128_MAC_GENERAL - CKM_ECDSA_KEY_PAIR_GEN CKM_EC_KEY_PAIR_GEN - CKM_PBE_MD5_CAST5_CBC CKM_PBE_MD5_CAST128_CBC - CKM_PBE_SHA1_CAST5_CBC CKM_PBE_SHA1_CAST128_CBC - CKM_SHA3_224_KEY_DERIVE CKM_SHA3_224_KEY_DERIVATION - CKM_SHA3_256_KEY_DERIVE CKM_SHA3_256_KEY_DERIVATION - CKM_SHA3_384_KEY_DERIVE CKM_SHA3_384_KEY_DERIVATION - CKM_SHA3_512_KEY_DERIVE CKM_SHA3_512_KEY_DERIVATION - CKM_SHAKE_128_KEY_DERIVE CKM_SHAKE_128_KEY_DERIVATION - CKM_SHAKE_256_KEY_DERIVE CKM_SHAKE_256_KEY_DERIVATION - CKM_DSA_PROBABLISTIC_PARAMETER_GEN CKM_DSA_PROBABILISTIC_PARAMETER_GEN - CKF_MULTI_MESSGE CKF_MULTI_MESSAGE - FALSE CK_FALSE - TRUE CK_TRUE diff --git a/working/identifier_db/approved_proposal.pl b/working/identifier_db/approved_proposal.pl deleted file mode 100755 index 989f904..0000000 --- a/working/identifier_db/approved_proposal.pl +++ /dev/null @@ -1,123 +0,0 @@ -#!/bin/perl -# -# get the source file -# read the database -sub print_types; - -my $database_file="raw_ids.db"; -my $source_file=$ARGV[0]; -glob %types = (); -glob %database_name = (); -glob %database_number = (); -glob %database_disposition = (); -glob %types_max = (); -glob %types_bits = (); -my %source_types = (); -my $source_type_order = ""; -my %source_max_len = (); -my %conflict_names = (); -my %conflict_old_number = (); -my %conflict_new_number = (); - -if ($source_file eq "" ) { - die "usage: approve.pl "; -} - -open(my $database, "<", $database_file) or die "Can't open $database_file: $!"; -while (<$database>){ - chomp; - @db = split(","); - $name = $db[0]; - $number_string = $db[1]; - $type = $db[2]; - $disposition = $db[3]; - $number=hex($number_string); - #if ($number eq 0) die "invalid db entry\n >> $_"; - $index=$type."_".$number; - $types{$type}=$types{$type}." ".$number; - if ($types_max{$type} < $number) { - $types_max{$type} = $number; - } - $types_bits{$type} |= $number; - $database_name{$index} = $name; - $database_disposition{$index} = $disposition; - #printf "#define $name 0x%08xUL /* $type - $disposition */\n", $number; -} -close($database); - -# read the source -open(my $source, "<", $source_file) or die "Can't open $source_file: $!"; -$type=""; -$proposal=""; -$skip=0; -while (<$source>) { - chomp; # clear out new line - next if /^$/; # skip blank line - if ($skip < 2 ) { # skip the first 2 lines - $skip = $skip + 1; - next; - } - @db = split(" "); - if ($db[0] eq "This") { # end of defines result - last; - } - if ($db[0] ne "#define") { # lines without a #define are a new type - my $proposed_type=lc $_; - $proposed_type =~ s/ /_/g; - $proposed_type =~ s/:$//; - if (!exists $types{$proposed_type} ) { - printf "unknown type: $db[0]\n"; - print_types(); - die "unknown type: $db[0]\n"; - } - $type = $proposed_type; - $source_type_order=$source_type_order." ".$type; - printf " Type = $type\n"; - next; - } - if ($type eq "") { # if we haven't set a type, then error - die "No type specified"; - } - $name=$db[1]; - $number=hex($db[2]); - printf " processing $name = 0x%08x (%d) (type=$type)",$number,$number; - # see if the proposed number conflicts. If it does pick a new one - $index=$type."_".$number; - #if ($number == 0) { - # printf "\n"; - # die "invalid result file, no allocated number"; - #} - if (!exists $database_name{$index}) { - printf "\n"; - die "proposal has not been allocated"; - } - if ($database_name{$index} ne $name) { - printf "\n"; - die "$name != $database_name{$index} inconsistent database/proposal result"; - } - if ($database_disposition{$index} ne "proposed") { - printf "\n"; - die " entry is not in proposed state (disposition = $database_disposition{$index})"; - } - printf " proposed -> approved\n"; - $database_disposition{$index} = "approved"; -} - -#output the new database -open(my $database, ">", $database_file) or die "Can't write $database_file: $!"; -for $type (sort keys %types) { - for (sort split(" ",$types{$type}) ) { - $index=$type."_".$_; - printf $database "$database_name{$index},0x%08x,$type,$database_disposition{$index}\n",$_; - } -} -close($database); - -sub print_types -{ - print "Valid Type:\n"; - for $type (sort keys %types) { - print " $type\n"; - } -} - diff --git a/working/identifier_db/lookup.pl b/working/identifier_db/lookup.pl deleted file mode 100755 index 283fba9..0000000 --- a/working/identifier_db/lookup.pl +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/perl -# -# get the source file -# read the database -sub find_number; -sub print_types; - -my $database_file="raw_ids.db"; -glob %type_list = (); -glob %disposition_list = (); -glob %database_index = (); -glob %database_name = (); -glob %database_number = (); -glob %database_disposition = (); -glob %database_type = (); - -glob $search_name=$ARGV[0]; - -open(my $database, "<", $database_file) or die "Can't open $database_file: $!"; -while (<$database>){ - chomp; - @db = split(","); - $name = $db[0]; - $number_string = $db[1]; - $type = $db[2]; - $disposition = $db[3]; - $number=hex($number_string); - #if ($number eq 0) die "invalid db entry\n >> $_"; - $index=$type."_".$number; - $database_index{$name} = ${index}; - $database_name{$index} = $name; - $database_disposition{$index} = $disposition; - $database_type{$index} = ${type}; - $database_number{$index} = ${number}; - $disposition_list{$disposition}=$disposition_list{$disposition}." ".$index; - $type_list{$type}=$type_list{$type}." ".$index; - #printf "#define $name 0x%08xUL /* $type - $disposition */\n", $number; -} -close($database); - -if (exists $database_index{$search_name}) { - print_entry($database_index{$search_name}); -} -if (exists $type_list{$search_name}) { - for $index ( sort split(" ",$type_list{$search_name}) ) { - print_entry($index); - } -} -if (exists $disposition_list{$search_name}) { - for $index ( sort split(" ",$disposition_list{$search_name}) ) { - print_entry($index); - } -} - -sub print_entry -{ - my ($index) = @_; - printf "#define %-20s 0x%08xUL /* %s - %s */\n", - $database_name{$index}, $database_number{$index}, $database_type{$index} -, $database_disposition{$index}; -} - - diff --git a/working/identifier_db/pkcs11v3.0/additional_ECC.prop b/working/identifier_db/pkcs11v3.0/additional_ECC.prop deleted file mode 100644 index a2c295e..0000000 --- a/working/identifier_db/pkcs11v3.0/additional_ECC.prop +++ /dev/null @@ -1,11 +0,0 @@ -Additional ECC Curves - -Mechanisms -#define CKM_EC_EDWARDS_KEY_PAIR_GEN 0x1055 -#define CKM_EC_MONTGOMERY_KEY_PAIR_GEN 0x1056 -#define CKM_EDDSA 0x1057 - -Key Types -#define CKK_EC_EDWARDS TBD -#define CKK_EC_MONTGOMERY TBD - diff --git a/working/identifier_db/pkcs11v3.0/additional_ECC.result b/working/identifier_db/pkcs11v3.0/additional_ECC.result deleted file mode 100644 index 76a0f31..0000000 --- a/working/identifier_db/pkcs11v3.0/additional_ECC.result +++ /dev/null @@ -1,19 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "Additional ECC Curves". - -Mechanisms: - - #define CKM_EC_EDWARDS_KEY_PAIR_GEN 0x00001055UL - #define CKM_EC_MONTGOMERY_KEY_PAIR_GEN 0x00001056UL - #define CKM_EDDSA 0x00001057UL - -Key types: - - #define CKK_EC_EDWARDS 0x00000040UL - #define CKK_EC_MONTGOMERY 0x00000041UL - -This represents the following changes to your original proposal: - CKK_EC_EDWARDS was allocated 0x40 because no number was proposed - CKK_EC_MONTGOMERY was allocated 0x41 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/aead.prop b/working/identifier_db/pkcs11v3.0/aead.prop deleted file mode 100644 index e5b2671..0000000 --- a/working/identifier_db/pkcs11v3.0/aead.prop +++ /dev/null @@ -1,16 +0,0 @@ -AES GCM, AEAD and New Functions - -New Message Flags -#define CKF_END_OF_MESSAGE 0x00000001 - -Errors -#define CKR_AEAD_DECRYPT_FAILED 0x00000042 (not allocated!) - -New Function Flags -#define CKF_FORK_SAFE_INTERFACE 0x00000001UL - -New Generator Functions -#define CKG_NO_GENERATE 0x0 -#define CKG_GENERATE 0x1 -#define CKG_GENERATE_COUNTER 0x2 -#define CKG_GENERATE_RANDOM 0x3 diff --git a/working/identifier_db/pkcs11v3.0/aead.result b/working/identifier_db/pkcs11v3.0/aead.result deleted file mode 100644 index 3c8a2c4..0000000 --- a/working/identifier_db/pkcs11v3.0/aead.result +++ /dev/null @@ -1,23 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "AES GCM, AEAD and New Functions". - -Message flags: - - #define CKF_END_OF_MESSAGE 0x00000001UL - -Errors: - - #define CKR_AEAD_DECRYPT_FAILED 0x00000042UL - -Function flags: - - #define CKF_FORK_SAFE_INTERFACE 0x00000001UL - -Generator functions: - - #define CKG_NO_GENERATE 0x00000000UL - #define CKG_GENERATE 0x00000001UL - #define CKG_GENERATE_COUNTER 0x00000002UL - #define CKG_GENERATE_RANDOM 0x00000003UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/aes_key_wrap.prop b/working/identifier_db/pkcs11v3.0/aes_key_wrap.prop deleted file mode 100644 index 20ccb47..0000000 --- a/working/identifier_db/pkcs11v3.0/aes_key_wrap.prop +++ /dev/null @@ -1,4 +0,0 @@ -AES Key Wrap Update - -Mechanisms -#define CKM_AES_KEY_WRAP_KWP 0x0000210BUL diff --git a/working/identifier_db/pkcs11v3.0/aes_key_wrap.result b/working/identifier_db/pkcs11v3.0/aes_key_wrap.result deleted file mode 100644 index 4a9009a..0000000 --- a/working/identifier_db/pkcs11v3.0/aes_key_wrap.result +++ /dev/null @@ -1,14 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "AES Key Wrap Update". - -Mechanisms: - - #define CKM_AES_KEY_WRAP_KWP 0x0000210bUL - -This represents the following changes to your original proposal: - -CKM_AES_KEY_WRAP_KWP 0x0000tbd -> 0x0000210bUL - -Please update your proposal before any ballot. - - diff --git a/working/identifier_db/pkcs11v3.0/aes_xts.prop b/working/identifier_db/pkcs11v3.0/aes_xts.prop deleted file mode 100644 index a769cff..0000000 --- a/working/identifier_db/pkcs11v3.0/aes_xts.prop +++ /dev/null @@ -1,8 +0,0 @@ -AES XTS - -Key_types -#define CKK_AES_XTS 0x0000002A - -Mechanisms -#define CKM_AES_XTS 0x00001071 -#define CKM_AES_XTS_KEY_GEN 0x00001072 diff --git a/working/identifier_db/pkcs11v3.0/aes_xts.result b/working/identifier_db/pkcs11v3.0/aes_xts.result deleted file mode 100644 index 604159a..0000000 --- a/working/identifier_db/pkcs11v3.0/aes_xts.result +++ /dev/null @@ -1,21 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "AES XTS". - -Key types: - - #define CKK_AES_XTS 0x00000035UL - -Mechanisms: - - #define CKM_AES_XTS 0x00001071UL - #define CKM_AES_XTS_KEY_GEN 0x00001072UL - -This represents the following changes to your original proposal: - CKK_AES_XTS was changed to 0x35 because the proposed 0x2a - conflicted with CKK_RIPEMD160_HMAC - CKM_AES_XTS was changed to 0x1071 because the proposed 0x108e - conflicts with CKM_AES_GMAC - CKM_AES_XTS_KEY_GEN was changed to 0x1072 to keep it close to - CKM_AES_XTS - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/blake2.prop b/working/identifier_db/pkcs11v3.0/blake2.prop deleted file mode 100644 index 3ebbf6c..0000000 --- a/working/identifier_db/pkcs11v3.0/blake2.prop +++ /dev/null @@ -1,35 +0,0 @@ -Blake 2 - -KDF -#define CKD_BLAKE2B_160_KDF TBA -#define CKD_BLAKE2B_256_KDF TBA -#define CKD_BLAKE2B_384_KDF TBA -#define CKD_BLAKE2B_512_KDF TBA - -Key_types -#define CKK_BLAKE2B_160_HMAC TBA -#define CKK_BLAKE2B_256_HMAC TBA -#define CKK_BLAKE2B_384_HMAC TBA -#define CKK_BLAKE2B_512_HMAC TBA - -Mechanisms -#define CKM_BLAKE2B_160 0x2B5UL -#define CKM_BLAKE2B_160_HMAC 0x2B6UL -#define CKM_BLAKE2B_160_HMAC_GENERAL 0x2B7UL -#define CKM_BLAKE2B_160_KEY_DERIVE 0x398UL -#define CKM_BLAKE2B_160_KEY_GEN 0x2B8UL -#define CKM_BLAKE2B_256 0x2B0UL -#define CKM_BLAKE2B_256_HMAC 0x2B1UL -#define CKM_BLAKE2B_256_HMAC_GENERAL 0x2B2UL -#define CKM_BLAKE2B_256_KEY_DERIVE 0x397UL -#define CKM_BLAKE2B_256_KEY_GEN 0x2B3UL -#define CKM_BLAKE2B_384 0x2C0UL -#define CKM_BLAKE2B_384_HMAC 0x2C1UL -#define CKM_BLAKE2B_384_HMAC_GENERAL 0x2C2UL -#define CKM_BLAKE2B_384_KEY_DERIVE 0x399UL -#define CKM_BLAKE2B_384_KEY_GEN 0x2C3UL -#define CKM_BLAKE2B_512 0x2D0UL -#define CKM_BLAKE2B_512_HMAC 0x2D1UL -#define CKM_BLAKE2B_512_HMAC_GENERAL 0x2D2UL -#define CKM_BLAKE2B_512_KEY_DERIVE 0x39AUL -#define CKM_BLAKE2B_512_KEY_GEN 0x2D3UL diff --git a/working/identifier_db/pkcs11v3.0/blake2.result b/working/identifier_db/pkcs11v3.0/blake2.result deleted file mode 100644 index 798a1ad..0000000 --- a/working/identifier_db/pkcs11v3.0/blake2.result +++ /dev/null @@ -1,95 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "Blake 2". - -Kdf: - - #define CKD_BLAKE2B_160_KDF 0x00000017UL - #define CKD_BLAKE2B_256_KDF 0x00000018UL - #define CKD_BLAKE2B_384_KDF 0x00000019UL - #define CKD_BLAKE2B_512_KDF 0x0000001aUL - -Key types: - - #define CKK_BLAKE2B_160_HMAC 0x0000003aUL - #define CKK_BLAKE2B_256_HMAC 0x0000003bUL - #define CKK_BLAKE2B_384_HMAC 0x0000003cUL - #define CKK_BLAKE2B_512_HMAC 0x0000003dUL - -Mechanisms: - - #define CKM_BLAKE2B_160 0x0000400cUL - #define CKM_BLAKE2B_160_HMAC 0x0000400dUL - #define CKM_BLAKE2B_160_HMAC_GENERAL 0x0000400eUL - #define CKM_BLAKE2B_160_KEY_DERIVE 0x0000400fUL - #define CKM_BLAKE2B_160_KEY_GEN 0x00004010UL - #define CKM_BLAKE2B_256 0x00004011UL - #define CKM_BLAKE2B_256_HMAC 0x00004012UL - #define CKM_BLAKE2B_256_HMAC_GENERAL 0x00004013UL - #define CKM_BLAKE2B_256_KEY_DERIVE 0x00004014UL - #define CKM_BLAKE2B_256_KEY_GEN 0x00004015UL - #define CKM_BLAKE2B_384 0x00004016UL - #define CKM_BLAKE2B_384_HMAC 0x00004017UL - #define CKM_BLAKE2B_384_HMAC_GENERAL 0x00004018UL - #define CKM_BLAKE2B_384_KEY_DERIVE 0x00004019UL - #define CKM_BLAKE2B_384_KEY_GEN 0x0000401aUL - #define CKM_BLAKE2B_512 0x0000401bUL - #define CKM_BLAKE2B_512_HMAC 0x0000401cUL - #define CKM_BLAKE2B_512_HMAC_GENERAL 0x0000401dUL - #define CKM_BLAKE2B_512_KEY_DERIVE 0x0000401eUL - #define CKM_BLAKE2B_512_KEY_GEN 0x0000401fUL - -This represents the following changes to your original proposal: - CKM_BLAKE2B_160 was changed to 0x400c because the proposed 0x2b5 - conflicted with CKM_SHA3_224 - CKM_BLAKE2B_160_HMAC was changed to 0x400d because the proposed 0x2b6 - conflicted with CKM_SHA3_224_HMAC - CKM_BLAKE2B_160_HMAC_GENERAL was changed to 0x400e because the proposed 0x2b7 - conflicted with CKM_SHA3_224_HMAC_GENERAL - CKM_BLAKE2B_160_KEY_DERIVE was changed to 0x400f because the proposed 0x398 - conflicted with CKM_SHA3_224_KEY_DERIVE - CKM_BLAKE2B_160_KEY_GEN was changed to 0x4010 because the proposed 0x2b8 - conflicted with CKM_SHA3_224_KEYGEN - CKM_BLAKE2B_256 was changed to 0x4011 because the proposed 0x2b0 - conflicted with CKM_SHA3_256 - CKM_BLAKE2B_256_HMAC was changed to 0x4012 because the proposed 0x2b1 - conflicted with CKM_SHA3_256_HMAC - CKM_BLAKE2B_256_HMAC_GENERAL was changed to 0x4013 because the proposed 0x2b2 - conflicted with CKM_SHA3_256_HMAC_GENERAL - CKM_BLAKE2B_256_KEY_DERIVE was changed to 0x4014 because the proposed 0x397 - conflicted with CKM_SHA3_256_KEY_DERIVE - CKM_BLAKE2B_256_KEY_GEN was changed to 0x4015 because the proposed 0x2b3 - conflicted with CKM_SHA3_256_KEYGEN - CKM_BLAKE2B_384 was changed to 0x4016 because the proposed 0x2c0 - conflicted with CKM_SHA3_384 - CKM_BLAKE2B_384_HMAC was changed to 0x4017 because the proposed 0x2c1 - conflicted with CKM_SHA3_384_HMAC - CKM_BLAKE2B_384_HMAC_GENERAL was changed to 0x4018 because the proposed 0x2c2 - conflicted with CKM_SHA3_384_HMAC_GENERAL - CKM_BLAKE2B_384_KEY_DERIVE was changed to 0x4019 because the proposed 0x399 - conflicted with CKM_SHA3_384_KEY_DERIVE - CKM_BLAKE2B_384_KEY_GEN was changed to 0x401a because the proposed 0x2c3 - conflicted with CKM_SHA3_384_KEYGEN - CKM_BLAKE2B_512 was changed to 0x401b because the proposed 0x2d0 - conflicted with CKM_SHA3_512 - CKM_BLAKE2B_512_HMAC was changed to 0x401c because the proposed 0x2d1 - conflicted with CKM_SHA3_512_HMAC - CKM_BLAKE2B_512_HMAC_GENERAL was changed to 0x401d because the proposed 0x2d2 - conflicted with CKM_SHA3_512_HMAC_GENERAL - CKM_BLAKE2B_512_KEY_DERIVE was changed to 0x401e because the proposed 0x39a - conflicted with CKM_SHA3_512_KEY_DERIVE - CKM_BLAKE2B_512_KEY_GEN was changed to 0x401f because the proposed 0x2d3 - conflicted with CKM_SHA3_512_KEYGEN - -Please update your spec before sending it to ballot. - CKK_BLAKE2B_160_HMAC was allocated 0x3a because no number was proposed - CKK_BLAKE2B_256_HMAC was allocated 0x3b because no number was proposed - CKK_BLAKE2B_384_HMAC was allocated 0x3c because no number was proposed - CKK_BLAKE2B_512_HMAC was allocated 0x3d because no number was proposed - -Please update your spec before sending it to ballot. - CKD_BLAKE2B_160_KDF was allocated 0xe because no number was proposed - CKD_BLAKE2B_256_KDF was allocated 0xf because no number was proposed - CKD_BLAKE2B_384_KDF was allocated 0x10 because no number was proposed - CKD_BLAKE2B_512_KDF was allocated 0x11 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/chacha20.prop b/working/identifier_db/pkcs11v3.0/chacha20.prop deleted file mode 100644 index de2efa7..0000000 --- a/working/identifier_db/pkcs11v3.0/chacha20.prop +++ /dev/null @@ -1,11 +0,0 @@ -ChaCha20 and Poly1305 - -Key_types -#define CKK_CHACHA20 0x0000002A -#define CKK_POLY1305 0x0000002B - -Mechanisms -#define CKM_CHACHA20_KEY_GEN 0x00001225 -#define CKM_CHACHA20 0x00001226 -#define CKM_POLY1305_KEY_GEN 0x00001227 -#define CKM_POLY1305 0x00001228 diff --git a/working/identifier_db/pkcs11v3.0/chacha20.result b/working/identifier_db/pkcs11v3.0/chacha20.result deleted file mode 100644 index 4ed4928..0000000 --- a/working/identifier_db/pkcs11v3.0/chacha20.result +++ /dev/null @@ -1,22 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "ChaCha20 and Poly1305". - -Key types: - - #define CKK_CHACHA20 0x00000033UL - #define CKK_POLY1305 0x00000034UL - -Mechanisms: - - #define CKM_CHACHA20_KEY_GEN 0x00001225UL - #define CKM_CHACHA20 0x00001226UL - #define CKM_POLY1305_KEY_GEN 0x00001227UL - #define CKM_POLY1305 0x00001228UL - -This represents the following changes to your original proposal: - CKK_CHACHA20 was changed to 0x33 because the proposed 0x2a - conflicted with CKK_RIPEMD160_HMAC - CKK_POLY1305 was changed to 0x34 because the proposed 0x2b - conflicted with CKK_SHA256_HMAC - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/chacha_salsa.prop b/working/identifier_db/pkcs11v3.0/chacha_salsa.prop deleted file mode 100644 index d1fcc8d..0000000 --- a/working/identifier_db/pkcs11v3.0/chacha_salsa.prop +++ /dev/null @@ -1,9 +0,0 @@ -Chacha/Poly Salsa/Poly Algorithms - -Key_types -#define CKK_SALSA20 TBD - -Mechanisms -#define CKM_SALSA20 TBD -#define CKM_CHACHA20_POLY1305 TBD -#define CKM_SALSA20_POLY1305 TBD diff --git a/working/identifier_db/pkcs11v3.0/chacha_salsa.result b/working/identifier_db/pkcs11v3.0/chacha_salsa.result deleted file mode 100644 index 33be2ee..0000000 --- a/working/identifier_db/pkcs11v3.0/chacha_salsa.result +++ /dev/null @@ -1,22 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "Chacha/Poly Salsa/Poly Algorithms". - -Key types: - - #define CKK_SALSA20 0x0000003eUL - -Mechanisms: - - #define CKM_SALSA20 0x00004020UL - #define CKM_CHACHA20_POLY1305 0x00004021UL - #define CKM_SALSA20_POLY1305 0x00004022UL - -This represents the following changes to your original proposal: - CKM_SALSA20 was allocated 0x4020 because no number was proposed - CKM_CHACHA20_POLY1305 was allocated 0x4021 because no number was proposed - CKM_SALSA20_POLY1305 was allocated 0x4022 because no number was proposed - -Please update your spec before sending it to ballot. - CKK_SALSA20 was allocated 0x3e because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/cleanup.prop b/working/identifier_db/pkcs11v3.0/cleanup.prop deleted file mode 100644 index 6f1b6c7..0000000 --- a/working/identifier_db/pkcs11v3.0/cleanup.prop +++ /dev/null @@ -1,6 +0,0 @@ -Add mechanisms created in previous spec but never allocated. - -Mechanisms -#define CKM_DSA_FIPS_G_GEN 0x02005 -#define CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS 0x0140B -#define CKM_SALSA20_KEY_GEN XXXX diff --git a/working/identifier_db/pkcs11v3.0/cleanup.result b/working/identifier_db/pkcs11v3.0/cleanup.result deleted file mode 100644 index 0ec2310..0000000 --- a/working/identifier_db/pkcs11v3.0/cleanup.result +++ /dev/null @@ -1,13 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "Add mechanisms created in previous spec but never allocated.". - -Mechanisms: - - #define CKM_DSA_FIPS_G_GEN 0x00002005UL - #define CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS 0x0000140bUL - #define CKM_SALSA20_KEY_GEN 0x0000402dUL - -This represents the following changes to your original proposal: - CKM_SALSA20_KEY_GEN was allocated 0x402d because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/ec_curvename_flag.prop b/working/identifier_db/pkcs11v3.0/ec_curvename_flag.prop deleted file mode 100644 index 88d25f6..0000000 --- a/working/identifier_db/pkcs11v3.0/ec_curvename_flag.prop +++ /dev/null @@ -1,4 +0,0 @@ -Add EC Curvename - -Mechanisms Flags -#define CKF_EC_CURVENAME 0x04000000UL diff --git a/working/identifier_db/pkcs11v3.0/ec_curvename_flag.result b/working/identifier_db/pkcs11v3.0/ec_curvename_flag.result deleted file mode 100644 index 1b77d5d..0000000 --- a/working/identifier_db/pkcs11v3.0/ec_curvename_flag.result +++ /dev/null @@ -1,8 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "Add EC Curvename". - -Mechanisms flags: - - #define CKF_EC_CURVENAME 0x04000000UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/hkdf.prop b/working/identifier_db/pkcs11v3.0/hkdf.prop deleted file mode 100644 index 3c8db9b..0000000 --- a/working/identifier_db/pkcs11v3.0/hkdf.prop +++ /dev/null @@ -1,10 +0,0 @@ -HKDF mechanisms. - -Mechanisms -#define CKM_HKDF_DERIVE 0x00000000 -#define CKM_HKDF_DATA 0x00000000 -#define CKM_HKDF_KEY_GEN 0x00000000 - -Key Types -#define CKK_HKDF 0x00000000 - diff --git a/working/identifier_db/pkcs11v3.0/hkdf.result b/working/identifier_db/pkcs11v3.0/hkdf.result deleted file mode 100644 index e0ec421..0000000 --- a/working/identifier_db/pkcs11v3.0/hkdf.result +++ /dev/null @@ -1,22 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "HKDF mechanisms.". - -Mechanisms: - - #define CKM_HKDF_DERIVE 0x0000402aUL - #define CKM_HKDF_DATA 0x0000402bUL - #define CKM_HKDF_KEY_GEN 0x0000402cUL - -Key types: - - #define CKK_HKDF 0x00000042UL - -This represents the following changes to your original proposal: - CKK_HKDF was allocated 0x42 because no number was proposed - -Please update your spec before sending it to ballot. - CKM_HKDF_DERIVE was allocated 0x402a because no number was proposed - CKM_HKDF_DATA was allocated 0x402b because no number was proposed - CKM_HKDF_KEY_GEN was allocated 0x402c because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/hkdf2.prop b/working/identifier_db/pkcs11v3.0/hkdf2.prop deleted file mode 100644 index 6d4b161..0000000 --- a/working/identifier_db/pkcs11v3.0/hkdf2.prop +++ /dev/null @@ -1,7 +0,0 @@ -HKDF flags - -New HKDF Flags -#define CKF_HKDF_SALT_NULL 0x00000001 -#define CKF_HKDF_SALT_DATA 0x00000002 -#define CKF_HKDF_SALT_KEY 0x00000004 - diff --git a/working/identifier_db/pkcs11v3.0/hkdf2.result b/working/identifier_db/pkcs11v3.0/hkdf2.result deleted file mode 100644 index 2cc19ee..0000000 --- a/working/identifier_db/pkcs11v3.0/hkdf2.result +++ /dev/null @@ -1,10 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "HKDF flags". - -Hkdf flags: - - #define CKF_HKDF_SALT_NULL 0x00000001UL - #define CKF_HKDF_SALT_DATA 0x00000002UL - #define CKF_HKDF_SALT_KEY 0x00000004UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/kdf_sp800.prop b/working/identifier_db/pkcs11v3.0/kdf_sp800.prop deleted file mode 100644 index acc0ce2..0000000 --- a/working/identifier_db/pkcs11v3.0/kdf_sp800.prop +++ /dev/null @@ -1,12 +0,0 @@ -SP 800 KDF - -KDF - #define CKD_SHA1_KDF_SP800 0x0000000EUL - #define CKD_SHA224_KDF_SP800 0x0000000FUL - #define CKD_SHA256_KDF_SP800 0x00000010UL - #define CKD_SHA384_KDF_SP800 0x00000011UL - #define CKD_SHA512_KDF_SP800 0x00000012UL - #define CKD_SHA3_224_KDF_SP800 0x00000013UL - #define CKD_SHA3_256_KDF_SP800 0x00000014UL - #define CKD_SHA3_384_KDF_SP800 0x00000015UL - #define CKD_SHA3_512_KDF_SP800 0x00000016UL diff --git a/working/identifier_db/pkcs11v3.0/kdf_sp800.result b/working/identifier_db/pkcs11v3.0/kdf_sp800.result deleted file mode 100644 index 429947c..0000000 --- a/working/identifier_db/pkcs11v3.0/kdf_sp800.result +++ /dev/null @@ -1,16 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "SP 800 KDF". - -Kdf: - - #define CKD_SHA1_KDF_SP800 0x0000000eUL - #define CKD_SHA224_KDF_SP800 0x0000000fUL - #define CKD_SHA256_KDF_SP800 0x00000010UL - #define CKD_SHA384_KDF_SP800 0x00000011UL - #define CKD_SHA512_KDF_SP800 0x00000012UL - #define CKD_SHA3_224_KDF_SP800 0x00000013UL - #define CKD_SHA3_256_KDF_SP800 0x00000014UL - #define CKD_SHA3_384_KDF_SP800 0x00000015UL - #define CKD_SHA3_512_KDF_SP800 0x00000016UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/message.prop b/working/identifier_db/pkcs11v3.0/message.prop deleted file mode 100644 index 2a8fad9..0000000 --- a/working/identifier_db/pkcs11v3.0/message.prop +++ /dev/null @@ -1,9 +0,0 @@ -AEAD Message based encryption proposal - -Mechanisms_flags -#define CKF_MESSAGE_ENCRYPT 0x00100000 -#define CKF_MESSAGE_DECRYPT 0x00200000 -#define CKF_MESSAGE_SIGN 0x00400000 -#define CKF_MESSAGE_VERIFY 0x00800000 -#define CKF_MULTI_MESSGE 0x01000000 - diff --git a/working/identifier_db/pkcs11v3.0/message.result b/working/identifier_db/pkcs11v3.0/message.result deleted file mode 100644 index 5ee5bcd..0000000 --- a/working/identifier_db/pkcs11v3.0/message.result +++ /dev/null @@ -1,24 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "AEAD Message based encryption proposal". - -Mechanisms flags: - - #define CKF_MESSAGE_ENCRYPT 0x00000002UL - #define CKF_MESSAGE_DECRYPT 0x00000004UL - #define CKF_MESSAGE_SIGN 0x00000008UL - #define CKF_MESSAGE_VERIFY 0x00000010UL - #define CKF_MULTI_MESSGE 0x00000020UL - -This represents the following changes to your original proposal: - CKF_MESSAGE_ENCRYPT was changed to 0x2 because the proposed 0x100000 - conflicted with CKF_EC_F_P - CKF_MESSAGE_DECRYPT was changed to 0x4 because the proposed 0x200000 - conflicted with CKF_EC_F_2M - CKF_MESSAGE_SIGN was changed to 0x8 because the proposed 0x400000 - conflicted with CKF_EC_ECPARAMETERS - CKF_MESSAGE_VERIFY was changed to 0x10 because the proposed 0x800000 - conflicted with CKF_EC_NAMEDCURVE - CKF_MULTI_MESSGE was changed to 0x20 because the proposed 0x1000000 - conflicted with CKF_EC_UNCOMPRESS - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/null.prop b/working/identifier_db/pkcs11v3.0/null.prop deleted file mode 100644 index e93301e..0000000 --- a/working/identifier_db/pkcs11v3.0/null.prop +++ /dev/null @@ -1,4 +0,0 @@ -NULL mechanism - -Mechanisms -#define CKM_NULL 0x00000000 diff --git a/working/identifier_db/pkcs11v3.0/null.result b/working/identifier_db/pkcs11v3.0/null.result deleted file mode 100644 index f1a294d..0000000 --- a/working/identifier_db/pkcs11v3.0/null.result +++ /dev/null @@ -1,11 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "NULL mechanism". - -Mechanisms: - - #define CKM_NULL 0x0000400bUL - -This represents the following changes to your original proposal: - CKM_NULL was allocated 0x400b because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/profile_object.prop b/working/identifier_db/pkcs11v3.0/profile_object.prop deleted file mode 100644 index 6d3e88b..0000000 --- a/working/identifier_db/pkcs11v3.0/profile_object.prop +++ /dev/null @@ -1,15 +0,0 @@ -Profile Object - -Objects -#define CKO_PROFILE TDB - -Attributes -#define CKA_PROFILE_ID TBD - -New Profile ID -#define CKP_INVALID_ID 0x00000000UL -#define CKP_VENDOR_DEFINED 0x80000000UL -#define CKP_BASELINE_PROVIDER 0x00000001UL -#define CKP_EXTENDED_PROVIDER 0x00000002UL -#define CKP_AUTHENTICATION_TOKEN 0x00000003UL - diff --git a/working/identifier_db/pkcs11v3.0/profile_object.result b/working/identifier_db/pkcs11v3.0/profile_object.result deleted file mode 100644 index 67dba75..0000000 --- a/working/identifier_db/pkcs11v3.0/profile_object.result +++ /dev/null @@ -1,26 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "Profile Object ". - -Objects: - - #define CKO_PROFILE 0x00000009UL - -Attributes: - - #define CKA_PROFILE_ID 0x00000601UL - -Profile id: - - #define CKP_INVALID_ID 0x00000000UL - #define CKP_VENDOR_DEFINED 0x80000000UL - #define CKP_BASELINE_PROVIDER 0x00000001UL - #define CKP_EXTENDED_PROVIDER 0x00000002UL - #define CKP_AUTHENTICATION_TOKEN 0x00000003UL - -This represents the following changes to your original proposal: - CKO_PROFILE was allocated 0x9 because no number was proposed - -Please update your spec before sending it to ballot. - CKA_PROFILE_ID was allocated 0x601 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/public_readable.prop b/working/identifier_db/pkcs11v3.0/public_readable.prop deleted file mode 100644 index 12349bf..0000000 --- a/working/identifier_db/pkcs11v3.0/public_readable.prop +++ /dev/null @@ -1,5 +0,0 @@ -Profile Object - -New Profile ID -#define PUBLIC_CERTIFICATES_TOKEN 0x00000004UL - diff --git a/working/identifier_db/pkcs11v3.0/public_readable.result b/working/identifier_db/pkcs11v3.0/public_readable.result deleted file mode 100644 index 74726cd..0000000 --- a/working/identifier_db/pkcs11v3.0/public_readable.result +++ /dev/null @@ -1,8 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "Profile Object ". - -Profile id: - - #define CKP_PUBLIC_CERTIFICATES_TOKEN 0x00000004UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/rsaoaep.prop b/working/identifier_db/pkcs11v3.0/rsaoaep.prop deleted file mode 100644 index a0b5d16..0000000 --- a/working/identifier_db/pkcs11v3.0/rsaoaep.prop +++ /dev/null @@ -1,8 +0,0 @@ -RSA OAEP update with sha3 - -mgf -#define CKG_MGF1_SHA3_224 0x00000006 -#define CKG_MGF1_SHA3_256 0x00000007 -#define CKG_MGF1_SHA3_384 0x00000008 -#define CKG_MGF1_SHA3_512 0x00000009 - diff --git a/working/identifier_db/pkcs11v3.0/rsaoaep.result b/working/identifier_db/pkcs11v3.0/rsaoaep.result deleted file mode 100644 index b7dcba5..0000000 --- a/working/identifier_db/pkcs11v3.0/rsaoaep.result +++ /dev/null @@ -1,11 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "RSA OAEP update with sha3". - -Mgf: - - #define CKG_MGF1_SHA3_224 0x00000006UL - #define CKG_MGF1_SHA3_256 0x00000007UL - #define CKG_MGF1_SHA3_384 0x00000008UL - #define CKG_MGF1_SHA3_512 0x00000009UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/session_cancel.prop b/working/identifier_db/pkcs11v3.0/session_cancel.prop deleted file mode 100644 index 6bf32be..0000000 --- a/working/identifier_db/pkcs11v3.0/session_cancel.prop +++ /dev/null @@ -1,4 +0,0 @@ -C_SessionCancel - -Mechanisms flags -#define CKF_FIND_OBJECTS 0x00000040 diff --git a/working/identifier_db/pkcs11v3.0/session_cancel.result b/working/identifier_db/pkcs11v3.0/session_cancel.result deleted file mode 100644 index 21c39a8..0000000 --- a/working/identifier_db/pkcs11v3.0/session_cancel.result +++ /dev/null @@ -1,8 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "C_SessionCancel". - -Mechanisms flags: - - #define CKF_FIND_OBJECTS 0x00000040UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/session_cancel_2.prop b/working/identifier_db/pkcs11v3.0/session_cancel_2.prop deleted file mode 100644 index 514460e..0000000 --- a/working/identifier_db/pkcs11v3.0/session_cancel_2.prop +++ /dev/null @@ -1,4 +0,0 @@ -C_SessionCancel - error messages - -Errors -#define CKR_OPERATION_CANCEL_FAILED 0x00000000 diff --git a/working/identifier_db/pkcs11v3.0/session_cancel_2.result b/working/identifier_db/pkcs11v3.0/session_cancel_2.result deleted file mode 100644 index bcc3ba0..0000000 --- a/working/identifier_db/pkcs11v3.0/session_cancel_2.result +++ /dev/null @@ -1,11 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "C_SessionCancel - error messages". - -Errors: - - #define CKR_OPERATION_CANCEL_FAILED 0x00000202UL - -This represents the following changes to your original proposal: - CKR_OPERATION_CANCEL_FAILED was allocated 0x202 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/sha2_update.prop b/working/identifier_db/pkcs11v3.0/sha2_update.prop deleted file mode 100644 index 7894e2f..0000000 --- a/working/identifier_db/pkcs11v3.0/sha2_update.prop +++ /dev/null @@ -1,11 +0,0 @@ -SHA2 update - -Mechanisms -#define CKM_SHA_1_KEY_GEN 0x00000XXXUL -#define CKM_SHA224_KEY_GEN 0x00000XXXUL -#define CKM_SHA256_KEY_GEN 0x00000XXXUL -#define CKM_SHA384_KEY_GEN 0x00000XXXUL -#define CKM_SHA512_KEY_GEN 0x00000XXXUL -#define CKM_SHA512_224_KEY_GEN 0x00000XXXUL -#define CKM_SHA512_256_KEY_GEN 0x00000XXXUL -#define CKM_SHA512_T_KEY_GEN 0x00000XXXUL diff --git a/working/identifier_db/pkcs11v3.0/sha2_update.result b/working/identifier_db/pkcs11v3.0/sha2_update.result deleted file mode 100644 index f3ab80a..0000000 --- a/working/identifier_db/pkcs11v3.0/sha2_update.result +++ /dev/null @@ -1,24 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "SHA2 update". - -Mechanisms: - - #define CKM_SHA_1_KEY_GEN 0x00004003UL - #define CKM_SHA224_KEY_GEN 0x00004004UL - #define CKM_SHA256_KEY_GEN 0x00004005UL - #define CKM_SHA384_KEY_GEN 0x00004006UL - #define CKM_SHA512_KEY_GEN 0x00004007UL - #define CKM_SHA512_224_KEY_GEN 0x00004008UL - #define CKM_SHA512_256_KEY_GEN 0x00004009UL - #define CKM_SHA512_T_KEY_GEN 0x0000400aUL - -This represents the following changes to your original proposal: - CKM_SHA_1_KEY_GEN was allocated 0x4003 because no number was proposed - CKM_SHA224_KEY_GEN was allocated 0x4004 because no number was proposed - CKM_SHA256_KEY_GEN was allocated 0x4005 because no number was proposed - CKM_SHA384_KEY_GEN was allocated 0x4006 because no number was proposed - CKM_SHA512_KEY_GEN was allocated 0x4007 because no number was proposed - CKM_SHA512_224_KEY_GEN was allocated 0x4008 because no number was proposed - CKM_SHA512_256_KEY_GEN was allocated 0x4009 because no number was proposed - CKM_SHA512_T_KEY_GEN was allocated 0x400a because no number was proposed - diff --git a/working/identifier_db/pkcs11v3.0/sha2_update2.prop b/working/identifier_db/pkcs11v3.0/sha2_update2.prop deleted file mode 100644 index 9ce7820..0000000 --- a/working/identifier_db/pkcs11v3.0/sha2_update2.prop +++ /dev/null @@ -1,7 +0,0 @@ -SHA2 update 2 - -Key Types -#define CKK_SHA512_224_HMAC TBD -#define CKK_SHA512_256_HMAC TBD -#define CKK_SHA512_T_HMAC TBD - diff --git a/working/identifier_db/pkcs11v3.0/sha2_update2.result b/working/identifier_db/pkcs11v3.0/sha2_update2.result deleted file mode 100644 index 95bc7ad..0000000 --- a/working/identifier_db/pkcs11v3.0/sha2_update2.result +++ /dev/null @@ -1,15 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "SHA2 update 2". - -Key types: - - #define CKK_SHA512_224_HMAC 0x00000043UL - #define CKK_SHA512_256_HMAC 0x00000044UL - #define CKK_SHA512_T_HMAC 0x00000045UL - -This represents the following changes to your original proposal: - CKK_SHA512_224_HMAC was allocated 0x43 because no number was proposed - CKK_SHA512_256_HMAC was allocated 0x44 because no number was proposed - CKK_SHA512_T_HMAC was allocated 0x45 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/sha3.prop b/working/identifier_db/pkcs11v3.0/sha3.prop deleted file mode 100644 index f096153..0000000 --- a/working/identifier_db/pkcs11v3.0/sha3.prop +++ /dev/null @@ -1,43 +0,0 @@ -SHA3 - -Key_types -#define CKK_SHA3_224_HMAC 0x000000xx -#define CKK_SHA3_256_HMAC 0x000000xx -#define CKK_SHA3_384_HMAC 0x000000xx -#define CKK_SHA3_512_HMAC 0x000000xx - -Mechanisms -#define CKM_DSA_SHA3_224 0x00000018 -#define CKM_DSA_SHA3_256 0x00000019 -#define CKM_DSA_SHA3_384 0x0000001A -#define CKM_DSA_SHA3_512 0x0000001B - -#define CKM_SHA3_256_RSA_PKCS 0x00000060 -#define CKM_SHA3_384_RSA_PKCS 0x00000061 -#define CKM_SHA3_512_RSA_PKCS 0x00000062 -#define CKM_SHA3_256_RSA_PKCS_PSS 0x00000063 -#define CKM_SHA3_384_RSA_PKCS_PSS 0x00000064 -#define CKM_SHA3_512_RSA_PKCS_PSS 0x00000065 -#define CKM_SHA3_224_RSA_PKCS 0x00000066 -#define CKM_SHA3_224_RSA_PKCS_PSS 0x00000067 - -#define CKM_SHA3_256 0x000002B0 -#define CKM_SHA3_256_HMAC 0x000002B1 -#define CKM_SHA3_256_HMAC_GENERAL 0x000002B2 -#define CKM_SHA3_224 0x000002B5 -#define CKM_SHA3_224_HMAC 0x000002B6 -#define CKM_SHA3_224_HMAC_GENERAL 0x000002B7 -#define CKM_SHA3_384 0x000002C0 -#define CKM_SHA3_384_HMAC 0x000002C1 -#define CKM_SHA3_384_HMAC_GENERAL 0x000002C2 -#define CKM_SHA3_512 0x000002D0 -#define CKM_SHA3_512_HMAC 0x000002D1 -#define CKM_SHA3_512_HMAC_GENERAL 0x000002D2 - -#define CKM_SHA3_256_KEY_DERIVE 0x00000397 -#define CKM_SHA3_224_KEY_DERIVE 0x00000398 -#define CKM_SHA3_384_KEY_DERIVE 0x00000399 -#define CKM_SHA3_512_KEY_DERIVE 0x0000039A -#define CKM_SHAKE_128_KEY_DERIVE 0x0000039B -#define CKM_SHAKE_256_KEY_DERIVE 0x0000039C - diff --git a/working/identifier_db/pkcs11v3.0/sha3.result b/working/identifier_db/pkcs11v3.0/sha3.result deleted file mode 100644 index 8e4e00b..0000000 --- a/working/identifier_db/pkcs11v3.0/sha3.result +++ /dev/null @@ -1,50 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "SHA3". - -Key types: - - #define CKK_SHA3_224_HMAC 0x00000036UL - #define CKK_SHA3_256_HMAC 0x00000037UL - #define CKK_SHA3_384_HMAC 0x00000038UL - #define CKK_SHA3_512_HMAC 0x00000039UL - -Mechanisms: - - #define CKM_DSA_SHA3_224 0x00000018UL - #define CKM_DSA_SHA3_256 0x00000019UL - #define CKM_DSA_SHA3_384 0x0000001aUL - #define CKM_DSA_SHA3_512 0x0000001bUL - #define CKM_SHA3_256_RSA_PKCS 0x00000060UL - #define CKM_SHA3_384_RSA_PKCS 0x00000061UL - #define CKM_SHA3_512_RSA_PKCS 0x00000062UL - #define CKM_SHA3_256_RSA_PKCS_PSS 0x00000063UL - #define CKM_SHA3_384_RSA_PKCS_PSS 0x00000064UL - #define CKM_SHA3_512_RSA_PKCS_PSS 0x00000065UL - #define CKM_SHA3_224_RSA_PKCS 0x00000066UL - #define CKM_SHA3_224_RSA_PKCS_PSS 0x00000067UL - #define CKM_SHA3_256 0x000002b0UL - #define CKM_SHA3_256_HMAC 0x000002b1UL - #define CKM_SHA3_256_HMAC_GENERAL 0x000002b2UL - #define CKM_SHA3_224 0x000002b5UL - #define CKM_SHA3_224_HMAC 0x000002b6UL - #define CKM_SHA3_224_HMAC_GENERAL 0x000002b7UL - #define CKM_SHA3_384 0x000002c0UL - #define CKM_SHA3_384_HMAC 0x000002c1UL - #define CKM_SHA3_384_HMAC_GENERAL 0x000002c2UL - #define CKM_SHA3_512 0x000002d0UL - #define CKM_SHA3_512_HMAC 0x000002d1UL - #define CKM_SHA3_512_HMAC_GENERAL 0x000002d2UL - #define CKM_SHA3_256_KEY_DERIVE 0x00000397UL - #define CKM_SHA3_224_KEY_DERIVE 0x00000398UL - #define CKM_SHA3_384_KEY_DERIVE 0x00000399UL - #define CKM_SHA3_512_KEY_DERIVE 0x0000039aUL - #define CKM_SHAKE_128_KEY_DERIVE 0x0000039bUL - #define CKM_SHAKE_256_KEY_DERIVE 0x0000039cUL - -This represents the following changes to your original proposal: - CKK_SHA3_224_HMAC was allocated 0x36 because no number was proposed - CKK_SHA3_256_HMAC was allocated 0x37 because no number was proposed - CKK_SHA3_384_HMAC was allocated 0x38 because no number was proposed - CKK_SHA3_512_HMAC was allocated 0x39 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/sha3_ecdsa.prop b/working/identifier_db/pkcs11v3.0/sha3_ecdsa.prop deleted file mode 100644 index 555ce64..0000000 --- a/working/identifier_db/pkcs11v3.0/sha3_ecdsa.prop +++ /dev/null @@ -1,8 +0,0 @@ -SHA3 ECDSA - -Mechanisms -#define CKM_ECDSA_SHA3_224 0x00001047UL -#define CKM_ECDSA_SHA3_256 0x00001048UL -#define CKM_ECDSA_SHA3_384 0x00001049UL -#define CKM_ECDSA_SHA3_512 0x0000104aUL - diff --git a/working/identifier_db/pkcs11v3.0/sha3_ecdsa.result b/working/identifier_db/pkcs11v3.0/sha3_ecdsa.result deleted file mode 100644 index 3c0e927..0000000 --- a/working/identifier_db/pkcs11v3.0/sha3_ecdsa.result +++ /dev/null @@ -1,11 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "SHA3 ECDSA". - -Mechanisms: - - #define CKM_ECDSA_SHA3_224 0x00001047UL - #define CKM_ECDSA_SHA3_256 0x00001048UL - #define CKM_ECDSA_SHA3_384 0x00001049UL - #define CKM_ECDSA_SHA3_512 0x0000104aUL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/sha3_kdf.prop b/working/identifier_db/pkcs11v3.0/sha3_kdf.prop deleted file mode 100644 index 989cbf1..0000000 --- a/working/identifier_db/pkcs11v3.0/sha3_kdf.prop +++ /dev/null @@ -1,8 +0,0 @@ -SHA3 KDF - -KDF -#define CKD_SHA3_224_KDF 0x0000000A -#define CKD_SHA3_256_KDF 0x0000000B -#define CKD_SHA3_384_KDF 0x0000000C -#define CKD_SHA3_512_KDF 0x0000000D - diff --git a/working/identifier_db/pkcs11v3.0/sha3_kdf.result b/working/identifier_db/pkcs11v3.0/sha3_kdf.result deleted file mode 100644 index 63d2246..0000000 --- a/working/identifier_db/pkcs11v3.0/sha3_kdf.result +++ /dev/null @@ -1,11 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "SHA3 KDF". - -Kdf: - - #define CKD_SHA3_224_KDF 0x0000000aUL - #define CKD_SHA3_256_KDF 0x0000000bUL - #define CKD_SHA3_384_KDF 0x0000000cUL - #define CKD_SHA3_512_KDF 0x0000000dUL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/sha3_key_gen.prop b/working/identifier_db/pkcs11v3.0/sha3_key_gen.prop deleted file mode 100644 index 476f1de..0000000 --- a/working/identifier_db/pkcs11v3.0/sha3_key_gen.prop +++ /dev/null @@ -1,10 +0,0 @@ -SHA3 Key Gen - -Mechanisms - -#define CKM_SHA3_256_KEYGEN 0x000002B3 -#define CKM_SHA3_224_KEYGEN 0x000002B8 -#define CKM_SHA3_384_KEYGEN 0x000002C3 -#define CKM_SHA3_512_KEYGEN 0x000002D3 - - diff --git a/working/identifier_db/pkcs11v3.0/sha3_key_gen.result b/working/identifier_db/pkcs11v3.0/sha3_key_gen.result deleted file mode 100644 index ceb41be..0000000 --- a/working/identifier_db/pkcs11v3.0/sha3_key_gen.result +++ /dev/null @@ -1,11 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "SHA3 Key Gen". - -Mechanisms: - - #define CKM_SHA3_256_KEY_GEN 0x000002b3UL - #define CKM_SHA3_224_KEY_GEN 0x000002b8UL - #define CKM_SHA3_384_KEY_GEN 0x000002c3UL - #define CKM_SHA3_512_KEY_GEN 0x000002d3UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf.prop b/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf.prop deleted file mode 100644 index daa7b6d..0000000 --- a/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf.prop +++ /dev/null @@ -1,12 +0,0 @@ -P800 Flexible Symmetric KDF (Darren Johnson) - -Mechanisms -#define CKM_SP800_108_COUNTER_KDF 0x3ac -#define CKM_SP800_108_FEEDBACK_KDF 0x3ad -#define CKM_SP800_108_DOUBLE_PIPELINE_KDF 0x3ae - -New SP800 Type -#define CK_SP800_108_ITERATION_VARIABLE TBD -#define CK_SP800_108_OPTIONAL_COUNTER TBD -#define CK_SP800_108_DKM_LENGTH TBD -#define CK_SP800_108_BYTE_ARRAY TBD diff --git a/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf.result b/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf.result deleted file mode 100644 index 398b5f4..0000000 --- a/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf.result +++ /dev/null @@ -1,23 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "P800 Flexible Symmetric KDF (Darren Johnson)". - -Mechanisms: - - #define CKM_SP800_108_COUNTER_KDF 0x000003acUL - #define CKM_SP800_108_FEEDBACK_KDF 0x000003adUL - #define CKM_SP800_108_DOUBLE_PIPELINE_KDF 0x000003aeUL - -Sp800 type: - - #define CK_SP800_108_ITERATION_VARIABLE 0x00000001UL - #define CK_SP800_108_OPTIONAL_COUNTER 0x00000002UL - #define CK_SP800_108_DKM_LENGTH 0x00000003UL - #define CK_SP800_108_BYTE_ARRAY 0x00000004UL - -This represents the following changes to your original proposal: - CK_SP800_108_ITERATION_VARIABLE was allocated 0x1 because no number was proposed - CK_SP800_108_OPTIONAL_COUNTER was allocated 0x2 because no number was proposed - CK_SP800_108_DKM_LENGTH was allocated 0x3 because no number was proposed - CK_SP800_108_BYTE_ARRAY was allocated 0x4 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf_addendum.prop b/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf_addendum.prop deleted file mode 100644 index 3ce4a37..0000000 --- a/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf_addendum.prop +++ /dev/null @@ -1,5 +0,0 @@ -P800 Flexible Symmetric KDF Adendum (Darren Johnson) - -New SP800 DKM Length Method -#define CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS TBD -#define CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS TBD diff --git a/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf_addendum.result b/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf_addendum.result deleted file mode 100644 index bf9ee23..0000000 --- a/working/identifier_db/pkcs11v3.0/sp800_flexible_kdf_addendum.result +++ /dev/null @@ -1,13 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "P800 Flexible Symmetric KDF Adendum (Darren Johnson)". - -Sp800 dkm length method: - - #define CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS 0x00000001UL - #define CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS 0x00000002UL - -This represents the following changes to your original proposal: - CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS was allocated 0x1 because no number was proposed - CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS was allocated 0x2 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/token_resource_error.prop b/working/identifier_db/pkcs11v3.0/token_resource_error.prop deleted file mode 100644 index f2c50d8..0000000 --- a/working/identifier_db/pkcs11v3.0/token_resource_error.prop +++ /dev/null @@ -1,5 +0,0 @@ -Token Resource Error - -Errors - #define CKR_TOKEN_RESOURCE_EXCEEDED tba - diff --git a/working/identifier_db/pkcs11v3.0/token_resource_error.result b/working/identifier_db/pkcs11v3.0/token_resource_error.result deleted file mode 100644 index d781711..0000000 --- a/working/identifier_db/pkcs11v3.0/token_resource_error.result +++ /dev/null @@ -1,11 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "Token Resource Error". - -Errors: - - #define CKR_TOKEN_RESOURCE_EXCEEDED 0x00000201UL - -This represents the following changes to your original proposal: - CKR_TOKEN_RESOURCE_EXCEEDED was allocated 0x201 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/unique_id.prop b/working/identifier_db/pkcs11v3.0/unique_id.prop deleted file mode 100644 index 40116a3..0000000 --- a/working/identifier_db/pkcs11v3.0/unique_id.prop +++ /dev/null @@ -1,5 +0,0 @@ -Unique ID - -Attributes -#define CKA_UNIQUE_ID 0x00000004 - diff --git a/working/identifier_db/pkcs11v3.0/unique_id.result b/working/identifier_db/pkcs11v3.0/unique_id.result deleted file mode 100644 index 23b443e..0000000 --- a/working/identifier_db/pkcs11v3.0/unique_id.result +++ /dev/null @@ -1,7 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "Unique ID". - -Attributes: - - #define CKA_UNIQUE_ID 0x00000004UL - diff --git a/working/identifier_db/pkcs11v3.0/x3dh_ratched.prop b/working/identifier_db/pkcs11v3.0/x3dh_ratched.prop deleted file mode 100644 index c7e9015..0000000 --- a/working/identifier_db/pkcs11v3.0/x3dh_ratched.prop +++ /dev/null @@ -1,12 +0,0 @@ -Chacha/Poly Salsa/Poly Algorithms - -Key_types -#define CKK_X2RATCHET tbd - -Mechanisms -#define CKM_X3DH_INITIALIZE TBD -#define CKM_X3DH_RESPOND TBD -#define CKM_X2RATCHET_INITIALIZE tbd -#define CKM_X2RATCHET_RESPOND tbd -#define CKM_X2RATCHET_ENCRYPT tbd -#define CKM_X2RATCHET_DECRYPT tbd diff --git a/working/identifier_db/pkcs11v3.0/x3dh_ratched.result b/working/identifier_db/pkcs11v3.0/x3dh_ratched.result deleted file mode 100644 index d87fa6d..0000000 --- a/working/identifier_db/pkcs11v3.0/x3dh_ratched.result +++ /dev/null @@ -1,28 +0,0 @@ -In accourdance to our standing rules, the following identifiers have been -allocated for your proposal "Chacha/Poly Salsa/Poly Algorithms". - -Key types: - - #define CKK_X2RATCHET 0x0000003fUL - -Mechanisms: - - #define CKM_X3DH_INITIALIZE 0x00004023UL - #define CKM_X3DH_RESPOND 0x00004024UL - #define CKM_X2RATCHET_INITIALIZE 0x00004025UL - #define CKM_X2RATCHET_RESPOND 0x00004026UL - #define CKM_X2RATCHET_ENCRYPT 0x00004027UL - #define CKM_X2RATCHET_DECRYPT 0x00004028UL - -This represents the following changes to your original proposal: - CKM_X3DH_INITIALIZE was allocated 0x4023 because no number was proposed - CKM_X3DH_RESPOND was allocated 0x4024 because no number was proposed - CKM_X2RATCHET_INITIALIZE was allocated 0x4025 because no number was proposed - CKM_X2RATCHET_RESPOND was allocated 0x4026 because no number was proposed - CKM_X2RATCHET_ENCRYPT was allocated 0x4027 because no number was proposed - CKM_X2RATCHET_DECRYPT was allocated 0x4028 because no number was proposed - -Please update your spec before sending it to ballot. - CKK_X2RATCHET was allocated 0x3f because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/x3dh_ratched2.prop b/working/identifier_db/pkcs11v3.0/x3dh_ratched2.prop deleted file mode 100644 index b3c7573..0000000 --- a/working/identifier_db/pkcs11v3.0/x3dh_ratched2.prop +++ /dev/null @@ -1,20 +0,0 @@ -Chacha/Poly Salsa/Poly Algorithms attributes - -Attributes -#define CKA_X2RATCHET_BAG TBD -#define CKA_X2RATCHET_BAGSIZE TBD -#define CKA_X2RATCHET_BOBS1STMSG TBD -#define CKA_X2RATCHET_CKR TBD -#define CKA_X2RATCHET_CKS TBD -#define CKA_X2RATCHET_DHP TBD -#define CKA_X2RATCHET_DHR TBD -#define CKA_X2RATCHET_DHS TBD -#define CKA_X2RATCHET_HKR TBD -#define CKA_X2RATCHET_HKS TBD -#define CKA_X2RATCHET_ISALICE TBD -#define CKA_X2RATCHET_NHKR TBD -#define CKA_X2RATCHET_NHKS TBD -#define CKA_X2RATCHET_NR TBD -#define CKA_X2RATCHET_NS TBD -#define CKA_X2RATCHET_PNS TBD -#define CKA_X2RATCHET_RK TBD diff --git a/working/identifier_db/pkcs11v3.0/x3dh_ratched2.result b/working/identifier_db/pkcs11v3.0/x3dh_ratched2.result deleted file mode 100644 index 992ced8..0000000 --- a/working/identifier_db/pkcs11v3.0/x3dh_ratched2.result +++ /dev/null @@ -1,43 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "Chacha/Poly Salsa/Poly Algorithms attributes". - -Attributes: - - #define CKA_X2RATCHET_BAG 0x00000602UL - #define CKA_X2RATCHET_BAGSIZE 0x00000603UL - #define CKA_X2RATCHET_BOBS1STMSG 0x00000604UL - #define CKA_X2RATCHET_CKR 0x00000605UL - #define CKA_X2RATCHET_CKS 0x00000606UL - #define CKA_X2RATCHET_DHP 0x00000607UL - #define CKA_X2RATCHET_DHR 0x00000608UL - #define CKA_X2RATCHET_DHS 0x00000609UL - #define CKA_X2RATCHET_HKR 0x0000060aUL - #define CKA_X2RATCHET_HKS 0x0000060bUL - #define CKA_X2RATCHET_ISALICE 0x0000060cUL - #define CKA_X2RATCHET_NHKR 0x0000060dUL - #define CKA_X2RATCHET_NHKS 0x0000060eUL - #define CKA_X2RATCHET_NR 0x0000060fUL - #define CKA_X2RATCHET_NS 0x00000610UL - #define CKA_X2RATCHET_PNS 0x00000611UL - #define CKA_X2RATCHET_RK 0x00000612UL - -This represents the following changes to your original proposal: - CKA_X2RATCHET_BAG was allocated 0x602 because no number was proposed - CKA_X2RATCHET_BAGSIZE was allocated 0x603 because no number was proposed - CKA_X2RATCHET_BOBS1STMSG was allocated 0x604 because no number was proposed - CKA_X2RATCHET_CKR was allocated 0x605 because no number was proposed - CKA_X2RATCHET_CKS was allocated 0x606 because no number was proposed - CKA_X2RATCHET_DHP was allocated 0x607 because no number was proposed - CKA_X2RATCHET_DHR was allocated 0x608 because no number was proposed - CKA_X2RATCHET_DHS was allocated 0x609 because no number was proposed - CKA_X2RATCHET_HKR was allocated 0x60a because no number was proposed - CKA_X2RATCHET_HKS was allocated 0x60b because no number was proposed - CKA_X2RATCHET_ISALICE was allocated 0x60c because no number was proposed - CKA_X2RATCHET_NHKR was allocated 0x60d because no number was proposed - CKA_X2RATCHET_NHKS was allocated 0x60e because no number was proposed - CKA_X2RATCHET_NR was allocated 0x60f because no number was proposed - CKA_X2RATCHET_NS was allocated 0x610 because no number was proposed - CKA_X2RATCHET_PNS was allocated 0x611 because no number was proposed - CKA_X2RATCHET_RK was allocated 0x612 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.0/xeddsa.prop b/working/identifier_db/pkcs11v3.0/xeddsa.prop deleted file mode 100644 index 13efa9a..0000000 --- a/working/identifier_db/pkcs11v3.0/xeddsa.prop +++ /dev/null @@ -1,4 +0,0 @@ -XEDDSA (embedded in your xedh spec) - -Mechanisms -#define CKM_XEDDSA tba diff --git a/working/identifier_db/pkcs11v3.0/xeddsa.result b/working/identifier_db/pkcs11v3.0/xeddsa.result deleted file mode 100644 index 4ddaa5d..0000000 --- a/working/identifier_db/pkcs11v3.0/xeddsa.result +++ /dev/null @@ -1,11 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "XEDDSA (embedded in your xedh spec)". - -Mechanisms: - - #define CKM_XEDDSA 0x00004029UL - -This represents the following changes to your original proposal: - CKM_XEDDSA was allocated 0x4029 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.1/aes_new_key_wrap.prop b/working/identifier_db/pkcs11v3.1/aes_new_key_wrap.prop deleted file mode 100644 index 6c505a0..0000000 --- a/working/identifier_db/pkcs11v3.1/aes_new_key_wrap.prop +++ /dev/null @@ -1,4 +0,0 @@ -AES Key Wrap Update 2 - -Mechanisms -#define CKM_AES_KEY_WRAP_PKCS7 0x0000210CUL diff --git a/working/identifier_db/pkcs11v3.1/aes_new_key_wrap.result b/working/identifier_db/pkcs11v3.1/aes_new_key_wrap.result deleted file mode 100644 index 9789600..0000000 --- a/working/identifier_db/pkcs11v3.1/aes_new_key_wrap.result +++ /dev/null @@ -1,8 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "AES Key Wrap Update 2". - -Mechanisms: - - #define CKM_AES_KEY_WRAP_PKCS7 0x0000210cUL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/pkcs11v3.1/hss.prop b/working/identifier_db/pkcs11v3.1/hss.prop deleted file mode 100644 index 6b950f4..0000000 --- a/working/identifier_db/pkcs11v3.1/hss.prop +++ /dev/null @@ -1,14 +0,0 @@ -HSS stateful hash based signatures - -Errors -#define CKR_KEY_EXHAUSTED 0x0 - -Key_types -#define CKK_HSS 0x0 - -Mechanisms -#define CKM_HSS_KEY_PAIR_GEN 0x0 -#define CKM_HSS 0x0 - -Attributes -#define CKA_HSS_PARAMS 0x0 diff --git a/working/identifier_db/pkcs11v3.1/hss.result b/working/identifier_db/pkcs11v3.1/hss.result deleted file mode 100644 index 4b03c75..0000000 --- a/working/identifier_db/pkcs11v3.1/hss.result +++ /dev/null @@ -1,34 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "HSS stateful hash based signatures". - -Errors: - - #define CKR_KEY_EXHAUSTED 0x00000203UL - -Key types: - - #define CKK_HSS 0x00000046UL - -Mechanisms: - - #define CKM_HSS_KEY_PAIR_GEN 0x00004032UL - #define CKM_HSS 0x00004033UL - -Attributes: - - #define CKA_HSS_PARAMS 0x00000613UL - -This represents the following changes to your original proposal: - CKR_KEY_EXHAUSTED was allocated 0x203 because no number was proposed - -Please update your spec before sending it to ballot. - CKM_HSS_KEY_PAIR_GEN was allocated 0x4032 because no number was proposed - CKM_HSS was allocated 0x4033 because no number was proposed - -Please update your spec before sending it to ballot. - CKK_HSS was allocated 0x46 because no number was proposed - -Please update your spec before sending it to ballot. - CKA_HSS_PARAMS was allocated 0x613 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.1/hss2.prop b/working/identifier_db/pkcs11v3.1/hss2.prop deleted file mode 100644 index bc3ae07..0000000 --- a/working/identifier_db/pkcs11v3.1/hss2.prop +++ /dev/null @@ -1,9 +0,0 @@ -HSS stateful hash based signatures 2 - -Attributes -#define CKA_HSS_LEVELS 0x0 -#define CKA_HSS_LMS_TYPE 0x0 -#define CKA_HSS_LMOTS_TYPE 0x0 -#define CKA_HSS_LMS_TYPES 0x0 -#define CKA_HSS_LMOTS_TYPES 0x0 -#define CKA_HSS_KEYS_REMAINING 0x0 diff --git a/working/identifier_db/pkcs11v3.1/hss2.result b/working/identifier_db/pkcs11v3.1/hss2.result deleted file mode 100644 index ac7d47f..0000000 --- a/working/identifier_db/pkcs11v3.1/hss2.result +++ /dev/null @@ -1,21 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "HSS stateful hash based signatures 2". - -Attributes: - - #define CKA_HSS_LEVELS 0x00000617UL - #define CKA_HSS_LMS_TYPE 0x00000618UL - #define CKA_HSS_LMOTS_TYPE 0x00000619UL - #define CKA_HSS_LMS_TYPES 0x0000061aUL - #define CKA_HSS_LMOTS_TYPES 0x0000061bUL - #define CKA_HSS_KEYS_REMAINING 0x0000061cUL - -This represents the following changes to your original proposal: - CKA_HSS_LEVELS was allocated 0x617 because no number was proposed - CKA_HSS_LMS_TYPE was allocated 0x618 because no number was proposed - CKA_HSS_LMOTS_TYPE was allocated 0x619 because no number was proposed - CKA_HSS_LMS_TYPES was allocated 0x61a because no number was proposed - CKA_HSS_LMOTS_TYPES was allocated 0x61b because no number was proposed - CKA_HSS_KEYS_REMAINING was allocated 0x61c because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.1/ike.prop b/working/identifier_db/pkcs11v3.1/ike.prop deleted file mode 100644 index 4199bc2..0000000 --- a/working/identifier_db/pkcs11v3.1/ike.prop +++ /dev/null @@ -1,8 +0,0 @@ -IKE PRF derives - -Mechanisms -#define CKM_IKE2_PRF_PLUS_DERIVE 0x0 -#define CKM_IKE_PRF_DERIVE 0x0 -#define CKM_IKE1_PRF_DERIVE 0x0 -#define CKM_IKE1_EXTENDED_DERIVE 0x0 - diff --git a/working/identifier_db/pkcs11v3.1/ike.result b/working/identifier_db/pkcs11v3.1/ike.result deleted file mode 100644 index 1b5e99d..0000000 --- a/working/identifier_db/pkcs11v3.1/ike.result +++ /dev/null @@ -1,17 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "IKE PRF derives". - -Mechanisms: - - #define CKM_IKE2_PRF_PLUS_DERIVE 0x0000402eUL - #define CKM_IKE_PRF_DERIVE 0x0000402fUL - #define CKM_IKE1_PRF_DERIVE 0x00004030UL - #define CKM_IKE1_EXTENDED_DERIVE 0x00004031UL - -This represents the following changes to your original proposal: - CKM_IKE2_PRF_PLUS_DERIVE was allocated 0x402e because no number was proposed - CKM_IKE_PRF_DERIVE was allocated 0x402f because no number was proposed - CKM_IKE1_PRF_DERIVE was allocated 0x4030 because no number was proposed - CKM_IKE1_EXTENDED_DERIVE was allocated 0x4031 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.1/profile_update.prop b/working/identifier_db/pkcs11v3.1/profile_update.prop deleted file mode 100644 index 6457bc1..0000000 --- a/working/identifier_db/pkcs11v3.1/profile_update.prop +++ /dev/null @@ -1,5 +0,0 @@ -Profile Update 3.1 - -Profile ID -#define CKP_COMPLETE_PROVIDER TBD -#define CKP_HKDF_TLS_TOKEN TBD diff --git a/working/identifier_db/pkcs11v3.1/profile_update.result b/working/identifier_db/pkcs11v3.1/profile_update.result deleted file mode 100644 index 7debce1..0000000 --- a/working/identifier_db/pkcs11v3.1/profile_update.result +++ /dev/null @@ -1,13 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "Profile Update 3.1". - -Profile id: - - #define CKP_COMPLETE_PROVIDER 0x00000005UL - #define CKP_HKDF_TLS_TOKEN 0x00000006UL - -This represents the following changes to your original proposal: - CKP_COMPLETE_PROVIDER was allocated 0x5 because no number was proposed - CKP_HKDF_TLS_TOKEN was allocated 0x6 because no number was proposed - -Please update your spec before sending it to ballot. diff --git a/working/identifier_db/pkcs11v3.1/tls_generator.prop b/working/identifier_db/pkcs11v3.1/tls_generator.prop deleted file mode 100644 index 9cdaa26..0000000 --- a/working/identifier_db/pkcs11v3.1/tls_generator.prop +++ /dev/null @@ -1,4 +0,0 @@ -TLS AEAD generator - -Generator Functions -#define CKG_GENERATE_RANDOM_XOR 0x4 diff --git a/working/identifier_db/pkcs11v3.1/tls_generator.result b/working/identifier_db/pkcs11v3.1/tls_generator.result deleted file mode 100644 index 668c4f6..0000000 --- a/working/identifier_db/pkcs11v3.1/tls_generator.result +++ /dev/null @@ -1,8 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "TLS AEAD generator". - -Generator functions: - - #define CKG_GENERATE_RANDOM_XOR 0x00000004UL - -This represents the following changes to your original proposal: diff --git a/working/identifier_db/process_proposal.pl b/working/identifier_db/process_proposal.pl deleted file mode 100755 index cd3b55f..0000000 --- a/working/identifier_db/process_proposal.pl +++ /dev/null @@ -1,226 +0,0 @@ -#!/bin/perl -# -# get the source file -# read the database -use File::Basename; -sub find_number; -sub print_types; - -my $database_file="raw_ids.db"; -my $source_file=$ARGV[0]; -my $dest_file=$ARGV[1]; -glob %types = (); -glob %database_name = (); -glob %database_index = (); -glob %database_number = (); -glob %database_type = (); -glob %database_disposition = (); -glob %types_max = (); -glob %types_bits = (); -my %source_types = (); -my $source_type_order = ""; -my %source_max_len = (); -my %conflict_names = (); -my %conflict_old_number = (); -my %conflict_new_number = (); - -if ($source_file eq "") { - die "usage: process_proposal.pl []"; -} - -if ($dest_file eq "") { - $dest_file = basename($source_file,".prop").".result"; -} -print "source=$source_file dest=$dest_file\n"; - -open(my $database, "<", $database_file) or die "Can't open $database_file: $!"; -while (<$database>){ - chomp; - @db = split(","); - $name = $db[0]; - $number_string = $db[1]; - $type = $db[2]; - $disposition = $db[3]; - $number=hex($number_string); - #if ($number eq 0) die "invalid db entry\n >> $_"; - $index=$type."_".$number; - $types{$type}=$types{$type}." ".$number; - if ($types_max{$type} < $number) { - $types_max{$type} = $number; - } - $types_bits{$type} |= $number; - $database_name{$index} = $name; - $database_index{$name} = $index; - $database_number{$index} = $number; - $database_type{$index} = $type; - $database_disposition{$index} = $disposition; - #printf "#define $name 0x%08xUL /* $type - $disposition */\n", $number; -} -close($database); - -# read the source -open(my $source, "<", $source_file) or die "Can't open $source_file: $!"; -$type=""; -$proposal=""; -while (<$source>) { - chomp; # clear out new line - next if /^$/; # skip blank line - if ($proposal eq "") { # first line is the proposal name - $proposal = $_; - print "Proposal is \"$proposal\"\n"; - next; - } - @db = split(" "); - if ($db[0] ne "#define") { # lines without a #define are a new type - my $new = 0; - my $proposed_type=lc $_; - - if ( lc $db[0] eq "new") { - $proposed_type =~ s/new //; - $new = 1; - } - $proposed_type =~ s/ /_/g; - $proposed_type =~ s/:$//; - if (!$new && !exists $types{$proposed_type} ) { - printf "unknown type: $db[0]\n"; - print_types(); - die "unknown type: $db[0]\n"; - } - $type = $proposed_type; - $source_type_order=$source_type_order." ".$type; - printf " Type = $type\n"; - next; - } - if ($type eq "") { # if we haven't set a type, then error - die "No type specified"; - } - $name=$db[1]; - $number=hex($db[2]); - printf " processing $name = 0x%08x (%d) (type=$type)\n",$number,$number; - # first see if the name already exists in the database. - if (exists $database_index{$name}) { - $index = $database_index{$name}; - # if the types mismatch blow up. - if ($type ne $database_type{$index}) { - printf " $type doesn't match type for $name\n"; - die "Type missmatch $type, $datbase_type{$index} for $name\n"; - } - #if the numbers mismatch, treat it as a conflict or 'new' allocation - if ($number == $database_number{$index}) { - printf " $name already defined\n"; - } else { - printf " $name already defined, using old value 0x%08x\n" ,$database_number{$index}; - $conflict_name{$type} = $conflict_name{$type}." ".$name; - $conflict_old_number{$name} = $number; - $number = $database_number{$index}; - $conflict_new_number{$name} = $number; - } - $source_types{$type}=$source_types{$type}." ".$number; - $source_name{$index} = $name; - if ($source_max_len{$type} < length $name) { - $source_max_len{$type} = length $name; - } - next; - } - # see if the proposed number conflicts. If it does pick a new one - $index=$type."_".$number; - if (exists $database_name{$index} or $number == 0) { - $conflict_name{$type}=$conflict_name{$type}." ".$name; - $conflict_old_number{$name}=$number; - $number = find_number($type); - $conflict_new_number{$name}=$number; - if ($conflict_old_number{$name} == 0) { - printf " allocating new value is 0x%08x\n",$number; - } else { - printf " conflicts with $database_name{$index}, new value is 0x%08x\n",$number; - } - } - $index=$type."_".$number; - $source_types{$type}=$source_types{$type}." ".$number; - $source_name{$index} = $name; - if ($source_max_len{$type} < length $name) { - $source_max_len{$type} = length $name; - } - $types{$type}=$types{$type}." ".$number; - $database_name{$index} = $name; - $database_disposition{$index} = "proposed"; -} - -# output results -# first the message to the user. -open(my $DEST, ">", $dest_file) or die "Can't write $dest_file: $!"; -printf $DEST "In accordance to our standing rules, the following identifiers have been\nallocated for your proposal \"$proposal\".\n"; - -for $type (split(" ",$source_type_order)) { - my $print_type =ucfirst($type); - $print_type =~ s/_/ /g; - printf $DEST "\n%s:\n\n", $print_type; - for (split(" ",$source_types{$type}) ) { - $index=$type."_".$_; - $len = $source_max_len{$type} - length $source_name{$index}; - printf $DEST " #define %*s 0x%08xUL\n",-$source_max_len{$type}, - $source_name{$index},$_; - } -} - -if (keys %conflict_name eq () ) { - printf $DEST "\nThis represents the same values from your original proposal.\n"; -} else { - printf $DEST "\nThis represents the following changes to your original proposal:\n"; - for $type (keys %conflict_name) { - for (split(" ",$conflict_name{$type}) ) { - $old_number = $conflict_old_number{$_}; - $new_number = $conflict_new_number{$_}; - $index=$type."_".$old_number; - if ($old_number == 0) { - printf $DEST " $_ was allocated 0x%x because no number was proposed\n", $new_number; - } else { - printf $DEST " $_ was changed to 0x%x because the proposed 0x%x\n", $new_number, $old_number; - printf $DEST " conflicted with $database_name{$index}\n"; - } - } - printf $DEST "\nPlease update your spec before sending it to ballot.\n"; - } -} -close($DEST); - -#output the new database -open(my $database, ">", $database_file) or die "Can't write $database_file: $!"; -for $type (sort keys %types) { - for (sort split(" ",$types{$type}) ) { - $index=$type."_".$_; - printf $database "$database_name{$index},0x%08x,$type,$database_disposition{$index}\n",$_; - } -} -close($database); - -sub print_types -{ - print "Valid Type:\n"; - for $type (sort keys %types) { - print " $type\n"; - } -} - -sub isflag -{ - my ($type) = @_; - return substr($type,-6) eq "_flags"; -} - -sub find_number -{ - my ($type) = @_; - if (!isflag($type)) { - $types_max{$type}++; - return $types_max{$type}; - } - for ($i=1; $i < 32; $i++) { - $bit = 1 << $i; - next if ($types_bits{$type} & $bit); - $types_bits{$type} |= $bit; - return $bit; - } - die "No flags left in type $type"; -} - diff --git a/working/identifier_db/raw_ids.db b/working/identifier_db/raw_ids.db deleted file mode 100644 index 1bd913c..0000000 --- a/working/identifier_db/raw_ids.db +++ /dev/null @@ -1,900 +0,0 @@ -CKA_CLASS,0x00000000,attributes,spec -CKA_TOKEN,0x00000001,attributes,spec -CKA_PIXEL_X,0x00000400,attributes,spec -CKA_PIXEL_Y,0x00000401,attributes,spec -CKA_RESOLUTION,0x00000402,attributes,spec -CKA_CHAR_ROWS,0x00000403,attributes,spec -CKA_CHAR_COLUMNS,0x00000404,attributes,spec -CKA_COLOR,0x00000405,attributes,spec -CKA_BITS_PER_PIXEL,0x00000406,attributes,spec -CKA_CHAR_SETS,0x00000480,attributes,spec -CKA_ENCODING_METHODS,0x00000481,attributes,spec -CKA_MIME_TYPES,0x00000482,attributes,spec -CKA_CERTIFICATE_TYPE,0x00000080,attributes,spec -CKA_MECHANISM_TYPE,0x00000500,attributes,spec -CKA_REQUIRED_CMS_ATTRIBUTES,0x00000501,attributes,spec -CKA_DEFAULT_CMS_ATTRIBUTES,0x00000502,attributes,spec -CKA_SUPPORTED_CMS_ATTRIBUTES,0x00000503,attributes,spec -CKA_ISSUER,0x00000081,attributes,spec -CKA_SERIAL_NUMBER,0x00000082,attributes,spec -CKA_AC_ISSUER,0x00000083,attributes,spec -CKA_OWNER,0x00000084,attributes,spec -CKA_ATTR_TYPES,0x00000085,attributes,spec -CKA_TRUSTED,0x00000086,attributes,spec -CKA_CERTIFICATE_CATEGORY,0x00000087,attributes,spec -CKA_JAVA_MIDP_SECURITY_DOMAIN,0x00000088,attributes,spec -CKA_URL,0x00000089,attributes,spec -CKA_HASH_OF_SUBJECT_PUBLIC_KEY,0x0000008a,attributes,spec -CKA_HASH_OF_ISSUER_PUBLIC_KEY,0x0000008b,attributes,spec -CKA_NAME_HASH_ALGORITHM,0x0000008c,attributes,spec -CKA_CHECK_VALUE,0x00000090,attributes,spec -CKA_ALLOWED_MECHANISMS,0x00000600,attributes,spec -CKA_PROFILE_ID,0x00000601,attributes,spec -CKA_X2RATCHET_BAG,0x00000602,attributes,spec -CKA_X2RATCHET_BAGSIZE,0x00000603,attributes,spec -CKA_X2RATCHET_BOBS1STMSG,0x00000604,attributes,spec -CKA_X2RATCHET_CKR,0x00000605,attributes,spec -CKA_X2RATCHET_CKS,0x00000606,attributes,spec -CKA_X2RATCHET_DHP,0x00000607,attributes,spec -CKA_X2RATCHET_DHR,0x00000608,attributes,spec -CKA_X2RATCHET_DHS,0x00000609,attributes,spec -CKA_X2RATCHET_HKR,0x0000060a,attributes,spec -CKA_X2RATCHET_HKS,0x0000060b,attributes,spec -CKA_X2RATCHET_ISALICE,0x0000060c,attributes,spec -CKA_X2RATCHET_NHKR,0x0000060d,attributes,spec -CKA_X2RATCHET_NHKS,0x0000060e,attributes,spec -CKA_X2RATCHET_NR,0x0000060f,attributes,spec -CKA_X2RATCHET_NS,0x00000610,attributes,spec -CKA_X2RATCHET_PNS,0x00000611,attributes,spec -CKA_X2RATCHET_RK,0x00000612,attributes,spec -CKA_XMSS_PARAMS,0x00000615,attributes,proposed -CKA_XMSSMT_PARAMS,0x00000616,attributes,proposed -CKA_HSS_LEVELS,0x00000617,attributes,approved -CKA_HSS_LMS_TYPE,0x00000618,attributes,approved -CKA_HSS_LMOTS_TYPE,0x00000619,attributes,approved -CKA_HSS_LMS_TYPES,0x0000061a,attributes,approved -CKA_HSS_LMOTS_TYPES,0x0000061b,attributes,approved -CKA_HSS_KEYS_REMAINING,0x0000061c,attributes,approved -CKA_APPLICATION,0x00000010,attributes,spec -CKA_VALUE,0x00000011,attributes,spec -CKA_OBJECT_ID,0x00000012,attributes,spec -CKA_PRIVATE,0x00000002,attributes,spec -CKA_KEY_TYPE,0x00000100,attributes,spec -CKA_SUBJECT,0x00000101,attributes,spec -CKA_ID,0x00000102,attributes,spec -CKA_SENSITIVE,0x00000103,attributes,spec -CKA_ENCRYPT,0x00000104,attributes,spec -CKA_DECRYPT,0x00000105,attributes,spec -CKA_WRAP,0x00000106,attributes,spec -CKA_UNWRAP,0x00000107,attributes,spec -CKA_SIGN,0x00000108,attributes,spec -CKA_SIGN_RECOVER,0x00000109,attributes,spec -CKA_VERIFY,0x0000010a,attributes,spec -CKA_VERIFY_RECOVER,0x0000010b,attributes,spec -CKA_DERIVE,0x0000010c,attributes,spec -CKA_START_DATE,0x00000110,attributes,spec -CKA_END_DATE,0x00000111,attributes,spec -CKA_MODULUS,0x00000120,attributes,spec -CKA_MODULUS_BITS,0x00000121,attributes,spec -CKA_PUBLIC_EXPONENT,0x00000122,attributes,spec -CKA_PRIVATE_EXPONENT,0x00000123,attributes,spec -CKA_PRIME_1,0x00000124,attributes,spec -CKA_PRIME_2,0x00000125,attributes,spec -CKA_EXPONENT_1,0x00000126,attributes,spec -CKA_EXPONENT_2,0x00000127,attributes,spec -CKA_COEFFICIENT,0x00000128,attributes,spec -CKA_PUBLIC_KEY_INFO,0x00000129,attributes,spec -CKA_LABEL,0x00000003,attributes,spec -CKA_PRIME,0x00000130,attributes,spec -CKA_SUBPRIME,0x00000131,attributes,spec -CKA_BASE,0x00000132,attributes,spec -CKA_PRIME_BITS,0x00000133,attributes,spec -CKA_SUBPRIME_BITS,0x00000134,attributes,spec -CKA_VALUE_BITS,0x00000160,attributes,spec -CKA_VALUE_LEN,0x00000161,attributes,spec -CKA_EXTRACTABLE,0x00000162,attributes,spec -CKA_LOCAL,0x00000163,attributes,spec -CKA_NEVER_EXTRACTABLE,0x00000164,attributes,spec -CKA_ALWAYS_SENSITIVE,0x00000165,attributes,spec -CKA_KEY_GEN_MECHANISM,0x00000166,attributes,spec -CKA_MODIFIABLE,0x00000170,attributes,spec -CKA_COPYABLE,0x00000171,attributes,spec -CKA_DESTROYABLE,0x00000172,attributes,spec -CKA_EC_PARAMS,0x00000180,attributes,spec -CKA_EC_POINT,0x00000181,attributes,spec -CKA_UNIQUE_ID,0x00000004,attributes,spec -CKA_SECONDARY_AUTH,0x00000200,attributes,spec -CKA_AUTH_PIN_FLAGS,0x00000201,attributes,spec -CKA_ALWAYS_AUTHENTICATE,0x00000202,attributes,spec -CKA_WRAP_WITH_TRUSTED,0x00000210,attributes,spec -CKA_WRAP_TEMPLATE,0x00000211,attributes,spec -CKA_UNWRAP_TEMPLATE,0x00000212,attributes,spec -CKA_DERIVE_TEMPLATE,0x00000213,attributes,spec -CKA_OTP_FORMAT,0x00000220,attributes,spec -CKA_OTP_LENGTH,0x00000221,attributes,spec -CKA_OTP_TIME_INTERVAL,0x00000222,attributes,spec -CKA_OTP_USER_FRIENDLY_MODE,0x00000223,attributes,spec -CKA_OTP_CHALLENGE_REQUIREMENT,0x00000224,attributes,spec -CKA_OTP_TIME_REQUIREMENT,0x00000225,attributes,spec -CKA_OTP_COUNTER_REQUIREMENT,0x00000226,attributes,spec -CKA_OTP_PIN_REQUIREMENT,0x00000227,attributes,spec -CKA_OTP_USER_IDENTIFIER,0x0000022a,attributes,spec -CKA_OTP_SERVICE_IDENTIFIER,0x0000022b,attributes,spec -CKA_OTP_SERVICE_LOGO,0x0000022c,attributes,spec -CKA_OTP_SERVICE_LOGO_TYPE,0x0000022d,attributes,spec -CKA_OTP_COUNTER,0x0000022e,attributes,spec -CKA_OTP_TIME,0x0000022f,attributes,spec -CKA_GOSTR3410_PARAMS,0x00000250,attributes,spec -CKA_GOSTR3411_PARAMS,0x00000251,attributes,spec -CKA_GOST28147_PARAMS,0x00000252,attributes,spec -CKA_HW_FEATURE_TYPE,0x00000300,attributes,spec -CKA_RESET_ON_INIT,0x00000301,attributes,spec -CKA_HAS_RESET,0x00000302,attributes,spec -CK_CERTIFICATE_CATEGORY_UNSPECIFIED,0x00000000,certificate_category,spec -CK_CERTIFICATE_CATEGORY_TOKEN_USER,0x00000001,certificate_category,spec -CK_CERTIFICATE_CATEGORY_AUTHORITY,0x00000002,certificate_category,spec -CK_CERTIFICATE_CATEGORY_OTHER_ENTITY,0x00000003,certificate_category,spec -CKC_X_509,0x00000000,certificate_types,spec -CKC_X_509_ATTR_CERT,0x00000001,certificate_types,spec -CKC_WTLS,0x00000002,certificate_types,spec -CKZ_DATA_SPECIFIED,0x00000001,endoding_param,spec -CKR_OK,0x00000000,errors,spec -CKR_CANCEL,0x00000001,errors,spec -CKR_CANT_LOCK,0x0000000a,errors,spec -CKR_KEY_NOT_NEEDED,0x00000064,errors,spec -CKR_KEY_CHANGED,0x00000065,errors,spec -CKR_KEY_NEEDED,0x00000066,errors,spec -CKR_KEY_INDIGESTIBLE,0x00000067,errors,spec -CKR_KEY_FUNCTION_NOT_PERMITTED,0x00000068,errors,spec -CKR_KEY_NOT_WRAPPABLE,0x00000069,errors,spec -CKR_KEY_UNEXTRACTABLE,0x0000006a,errors,spec -CKR_MECHANISM_INVALID,0x00000070,errors,spec -CKR_MECHANISM_PARAM_INVALID,0x00000071,errors,spec -CKR_OBJECT_HANDLE_INVALID,0x00000082,errors,spec -CKR_OPERATION_ACTIVE,0x00000090,errors,spec -CKR_OPERATION_NOT_INITIALIZED,0x00000091,errors,spec -CKR_ATTRIBUTE_READ_ONLY,0x00000010,errors,spec -CKR_PIN_INCORRECT,0x000000a0,errors,spec -CKR_PIN_INVALID,0x000000a1,errors,spec -CKR_PIN_LEN_RANGE,0x000000a2,errors,spec -CKR_PIN_EXPIRED,0x000000a3,errors,spec -CKR_PIN_LOCKED,0x000000a4,errors,spec -CKR_ATTRIBUTE_SENSITIVE,0x00000011,errors,spec -CKR_SESSION_CLOSED,0x000000b0,errors,spec -CKR_SESSION_COUNT,0x000000b1,errors,spec -CKR_SESSION_HANDLE_INVALID,0x000000b3,errors,spec -CKR_ATTRIBUTE_TYPE_INVALID,0x00000012,errors,spec -CKR_SESSION_PARALLEL_NOT_SUPPORTED,0x000000b4,errors,spec -CKR_SESSION_READ_ONLY,0x000000b5,errors,spec -CKR_SESSION_EXISTS,0x000000b6,errors,spec -CKR_SESSION_READ_ONLY_EXISTS,0x000000b7,errors,spec -CKR_SESSION_READ_WRITE_SO_EXISTS,0x000000b8,errors,spec -CKR_ATTRIBUTE_VALUE_INVALID,0x00000013,errors,spec -CKR_SIGNATURE_INVALID,0x000000c0,errors,spec -CKR_SIGNATURE_LEN_RANGE,0x000000c1,errors,spec -CKR_HOST_MEMORY,0x00000002,errors,spec -CKR_TEMPLATE_INCOMPLETE,0x000000d0,errors,spec -CKR_TEMPLATE_INCONSISTENT,0x000000d1,errors,spec -CKR_TOKEN_NOT_PRESENT,0x000000e0,errors,spec -CKR_TOKEN_NOT_RECOGNIZED,0x000000e1,errors,spec -CKR_TOKEN_WRITE_PROTECTED,0x000000e2,errors,spec -CKR_UNWRAPPING_KEY_HANDLE_INVALID,0x000000f0,errors,spec -CKR_UNWRAPPING_KEY_SIZE_RANGE,0x000000f1,errors,spec -CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT,0x000000f2,errors,spec -CKR_USER_ALREADY_LOGGED_IN,0x00000100,errors,spec -CKR_USER_NOT_LOGGED_IN,0x00000101,errors,spec -CKR_USER_PIN_NOT_INITIALIZED,0x00000102,errors,spec -CKR_USER_TYPE_INVALID,0x00000103,errors,spec -CKR_USER_ANOTHER_ALREADY_LOGGED_IN,0x00000104,errors,spec -CKR_USER_TOO_MANY_TYPES,0x00000105,errors,spec -CKR_ACTION_PROHIBITED,0x0000001b,errors,spec -CKR_WRAPPED_KEY_INVALID,0x00000110,errors,spec -CKR_WRAPPED_KEY_LEN_RANGE,0x00000112,errors,spec -CKR_WRAPPING_KEY_HANDLE_INVALID,0x00000113,errors,spec -CKR_WRAPPING_KEY_SIZE_RANGE,0x00000114,errors,spec -CKR_WRAPPING_KEY_TYPE_INCONSISTENT,0x00000115,errors,spec -CKR_RANDOM_SEED_NOT_SUPPORTED,0x00000120,errors,spec -CKR_RANDOM_NO_RNG,0x00000121,errors,spec -CKR_SLOT_ID_INVALID,0x00000003,errors,spec -CKR_DOMAIN_PARAMS_INVALID,0x00000130,errors,spec -CKR_DATA_INVALID,0x00000020,errors,spec -CKR_CURVE_NOT_SUPPORTED,0x00000140,errors,spec -CKR_DATA_LEN_RANGE,0x00000021,errors,spec -CKR_BUFFER_TOO_SMALL,0x00000150,errors,spec -CKR_SAVED_STATE_INVALID,0x00000160,errors,spec -CKR_INFORMATION_SENSITIVE,0x00000170,errors,spec -CKR_STATE_UNSAVEABLE,0x00000180,errors,spec -CKR_CRYPTOKI_NOT_INITIALIZED,0x00000190,errors,spec -CKR_CRYPTOKI_ALREADY_INITIALIZED,0x00000191,errors,spec -CKR_MUTEX_BAD,0x000001a0,errors,spec -CKR_MUTEX_NOT_LOCKED,0x000001a1,errors,spec -CKR_NEW_PIN_MODE,0x000001b0,errors,spec -CKR_NEXT_OTP,0x000001b1,errors,spec -CKR_EXCEEDED_MAX_ITERATIONS,0x000001b5,errors,spec -CKR_FIPS_SELF_TEST_FAILED,0x000001b6,errors,spec -CKR_LIBRARY_LOAD_FAILED,0x000001b7,errors,spec -CKR_PIN_TOO_WEAK,0x000001b8,errors,spec -CKR_PUBLIC_KEY_INVALID,0x000001b9,errors,spec -CKR_DEVICE_ERROR,0x00000030,errors,spec -CKR_DEVICE_MEMORY,0x00000031,errors,spec -CKR_GENERAL_ERROR,0x00000005,errors,spec -CKR_DEVICE_REMOVED,0x00000032,errors,spec -CKR_FUNCTION_REJECTED,0x00000200,errors,spec -CKR_TOKEN_RESOURCE_EXCEEDED,0x00000201,errors,spec -CKR_OPERATION_CANCEL_FAILED,0x00000202,errors,spec -CKR_KEY_EXHAUSTED,0x00000203,errors,approved -CKR_FUNCTION_FAILED,0x00000006,errors,spec -CKR_ENCRYPTED_DATA_INVALID,0x00000040,errors,spec -CKR_ENCRYPTED_DATA_LEN_RANGE,0x00000041,errors,spec -CKR_AEAD_DECRYPT_FAILED,0x00000042,errors,spec -CKR_ARGUMENTS_BAD,0x00000007,errors,spec -CKR_NO_EVENT,0x00000008,errors,spec -CKR_FUNCTION_CANCELED,0x00000050,errors,spec -CKR_FUNCTION_NOT_PARALLEL,0x00000051,errors,spec -CKR_FUNCTION_NOT_SUPPORTED,0x00000054,errors,spec -CKR_NEED_TO_CREATE_THREADS,0x00000009,errors,spec -CKR_KEY_HANDLE_INVALID,0x00000060,errors,spec -CKR_KEY_SIZE_RANGE,0x00000062,errors,spec -CKR_KEY_TYPE_INCONSISTENT,0x00000063,errors,spec -CKF_INTERFACE_FORK_SAFE,0x00000001,function_flags,spec -CKG_NO_GENERATE,0x00000000,generator_functions,spec -CKG_GENERATE,0x00000001,generator_functions,spec -CKG_GENERATE_COUNTER,0x00000002,generator_functions,spec -CKG_GENERATE_RANDOM,0x00000003,generator_functions,spec -CKG_GENERATE_COUNTER_XOR,0x00000004,generator_functions,approved -CKH_MONOTONIC_COUNTER,0x00000001,hardware_features,spec -CKH_CLOCK,0x00000002,hardware_features,spec -CKH_USER_INTERFACE,0x00000003,hardware_features,spec -CKF_HKDF_SALT_NULL,0x00000001,hkdf_flags,spec -CKF_HKDF_SALT_DATA,0x00000002,hkdf_flags,spec -CKF_HKDF_SALT_KEY,0x00000004,hkdf_flags,spec -CKF_LIBRARY_CANT_CREATE_OS_THREADS,0x00000001,init_flags,spec -CKF_OS_LOCKING_OK,0x00000002,init_flags,spec -CKD_NULL,0x00000001,kdf,spec -CKD_SHA3_224_KDF,0x0000000a,kdf,spec -CKD_SHA3_256_KDF,0x0000000b,kdf,spec -CKD_SHA3_384_KDF,0x0000000c,kdf,spec -CKD_SHA3_512_KDF,0x0000000d,kdf,spec -CKD_SHA1_KDF_SP800,0x0000000e,kdf,spec -CKD_SHA224_KDF_SP800,0x0000000f,kdf,spec -CKD_SHA256_KDF_SP800,0x00000010,kdf,spec -CKD_SHA384_KDF_SP800,0x00000011,kdf,spec -CKD_SHA512_KDF_SP800,0x00000012,kdf,spec -CKD_SHA3_224_KDF_SP800,0x00000013,kdf,spec -CKD_SHA1_KDF,0x00000002,kdf,spec -CKD_SHA3_256_KDF_SP800,0x00000014,kdf,spec -CKD_SHA3_384_KDF_SP800,0x00000015,kdf,spec -CKD_SHA3_512_KDF_SP800,0x00000016,kdf,spec -CKD_BLAKE2B_160_KDF,0x00000017,kdf,spec -CKD_BLAKE2B_256_KDF,0x00000018,kdf,spec -CKD_BLAKE2B_384_KDF,0x00000019,kdf,spec -CKD_BLAKE2B_512_KDF,0x0000001a,kdf,spec -CKD_SHA1_KDF_ASN1,0x00000003,kdf,spec -CKD_SHA1_KDF_CONCATENATE,0x00000004,kdf,spec -CKD_SHA224_KDF,0x00000005,kdf,spec -CKD_SHA256_KDF,0x00000006,kdf,spec -CKD_SHA384_KDF,0x00000007,kdf,spec -CKD_SHA512_KDF,0x00000008,kdf,spec -CKD_CPDIVERSIFY_KDF,0x00000009,kdf,spec -CKK_RSA,0x00000000,key_types,spec -CKK_DSA,0x00000001,key_types,spec -CKK_GENERIC_SECRET,0x00000010,key_types,spec -CKK_RC2,0x00000011,key_types,spec -CKK_RC4,0x00000012,key_types,spec -CKK_DES,0x00000013,key_types,spec -CKK_DH,0x00000002,key_types,spec -CKK_DES2,0x00000014,key_types,spec -CKK_DES3,0x00000015,key_types,spec -CKK_CAST,0x00000016,key_types,spec -CKK_CAST3,0x00000017,key_types,spec -CKK_CAST128,0x00000018,key_types,spec -CKK_RC5,0x00000019,key_types,spec -CKK_IDEA,0x0000001a,key_types,spec -CKK_SKIPJACK,0x0000001b,key_types,spec -CKK_BATON,0x0000001c,key_types,spec -CKK_JUNIPER,0x0000001d,key_types,spec -CKK_EC,0x00000003,key_types,spec -CKK_CDMF,0x0000001e,key_types,spec -CKK_AES,0x0000001f,key_types,spec -CKK_BLOWFISH,0x00000020,key_types,spec -CKK_TWOFISH,0x00000021,key_types,spec -CKK_SECURID,0x00000022,key_types,spec -CKK_HOTP,0x00000023,key_types,spec -CKK_ACTI,0x00000024,key_types,spec -CKK_CAMELLIA,0x00000025,key_types,spec -CKK_ARIA,0x00000026,key_types,spec -CKK_MD5_HMAC,0x00000027,key_types,spec -CKK_X9_42_DH,0x00000004,key_types,spec -CKK_SHA_1_HMAC,0x00000028,key_types,spec -CKK_RIPEMD128_HMAC,0x00000029,key_types,spec -CKK_RIPEMD160_HMAC,0x0000002a,key_types,spec -CKK_SHA256_HMAC,0x0000002b,key_types,spec -CKK_SHA384_HMAC,0x0000002c,key_types,spec -CKK_SHA512_HMAC,0x0000002d,key_types,spec -CKK_SHA224_HMAC,0x0000002e,key_types,spec -CKK_SEED,0x0000002f,key_types,spec -CKK_GOSTR3410,0x00000030,key_types,spec -CKK_GOSTR3411,0x00000031,key_types,spec -CKK_KEA,0x00000005,key_types,spec -CKK_GOST28147,0x00000032,key_types,spec -CKK_CHACHA20,0x00000033,key_types,spec -CKK_POLY1305,0x00000034,key_types,spec -CKK_AES_XTS,0x00000035,key_types,spec -CKK_SHA3_224_HMAC,0x00000036,key_types,spec -CKK_SHA3_256_HMAC,0x00000037,key_types,spec -CKK_SHA3_384_HMAC,0x00000038,key_types,spec -CKK_SHA3_512_HMAC,0x00000039,key_types,spec -CKK_BLAKE2B_160_HMAC,0x0000003a,key_types,spec -CKK_BLAKE2B_256_HMAC,0x0000003b,key_types,spec -CKK_BLAKE2B_384_HMAC,0x0000003c,key_types,spec -CKK_BLAKE2B_512_HMAC,0x0000003d,key_types,spec -CKK_SALSA20,0x0000003e,key_types,spec -CKK_X2RATCHET,0x0000003f,key_types,spec -CKK_EC_EDWARDS,0x00000040,key_types,spec -CKK_EC_MONTGOMERY,0x00000041,key_types,spec -CKK_HKDF,0x00000042,key_types,spec -CKK_SHA512_224_HMAC,0x00000043,key_types,spec -CKK_SHA512_256_HMAC,0x00000044,key_types,spec -CKK_SHA512_T_HMAC,0x00000045,key_types,spec -CKK_HSS,0x00000046,key_types,approved -CKK_XMSS,0x00000047,key_types,proposed -CKK_XMSSMT,0x00000048,key_types,proposed -CKM_RSA_PKCS_KEY_PAIR_GEN,0x00000000,mechanisms,spec -CKM_RSA_PKCS,0x00000001,mechanisms,spec -CKM_RSA_X9_31_KEY_PAIR_GEN,0x0000000a,mechanisms,spec -CKM_SHA3_384_RSA_PKCS_PSS,0x00000064,mechanisms,spec -CKM_SHA3_512_RSA_PKCS_PSS,0x00000065,mechanisms,spec -CKM_SHA3_224_RSA_PKCS,0x00000066,mechanisms,spec -CKM_KEY_WRAP_LYNKS,0x00000400,mechanisms,spec -CKM_KEY_WRAP_SET_OAEP,0x00000401,mechanisms,spec -CKM_SHA3_224_RSA_PKCS_PSS,0x00000067,mechanisms,spec -CKM_RSA_X9_31,0x0000000b,mechanisms,spec -CKM_SHA1_RSA_X9_31,0x0000000c,mechanisms,spec -CKM_CMS_SIG,0x00000500,mechanisms,spec -CKM_KIP_DERIVE,0x00000510,mechanisms,spec -CKM_KIP_WRAP,0x00000511,mechanisms,spec -CKM_KIP_MAC,0x00000512,mechanisms,spec -CKM_RSA_PKCS_PSS,0x0000000d,mechanisms,spec -CKM_CAMELLIA_KEY_GEN,0x00000550,mechanisms,spec -CKM_CAMELLIA_ECB,0x00000551,mechanisms,spec -CKM_CAMELLIA_CBC,0x00000552,mechanisms,spec -CKM_CAMELLIA_MAC,0x00000553,mechanisms,spec -CKM_CAMELLIA_MAC_GENERAL,0x00000554,mechanisms,spec -CKM_CAMELLIA_CBC_PAD,0x00000555,mechanisms,spec -CKM_CAMELLIA_ECB_ENCRYPT_DATA,0x00000556,mechanisms,spec -CKM_CAMELLIA_CBC_ENCRYPT_DATA,0x00000557,mechanisms,spec -CKM_CAMELLIA_CTR,0x00000558,mechanisms,spec -CKM_ARIA_KEY_GEN,0x00000560,mechanisms,spec -CKM_ARIA_ECB,0x00000561,mechanisms,spec -CKM_ARIA_CBC,0x00000562,mechanisms,spec -CKM_ARIA_MAC,0x00000563,mechanisms,spec -CKM_ARIA_MAC_GENERAL,0x00000564,mechanisms,spec -CKM_ARIA_CBC_PAD,0x00000565,mechanisms,spec -CKM_ARIA_ECB_ENCRYPT_DATA,0x00000566,mechanisms,spec -CKM_ARIA_CBC_ENCRYPT_DATA,0x00000567,mechanisms,spec -CKM_SHA1_RSA_PKCS_PSS,0x0000000e,mechanisms,spec -CKM_DSA_KEY_PAIR_GEN,0x00000010,mechanisms,spec -CKM_SEED_KEY_GEN,0x00000650,mechanisms,spec -CKM_SEED_ECB,0x00000651,mechanisms,spec -CKM_SEED_CBC,0x00000652,mechanisms,spec -CKM_SEED_MAC,0x00000653,mechanisms,spec -CKM_SEED_MAC_GENERAL,0x00000654,mechanisms,spec -CKM_SEED_CBC_PAD,0x00000655,mechanisms,spec -CKM_SEED_ECB_ENCRYPT_DATA,0x00000656,mechanisms,spec -CKM_SEED_CBC_ENCRYPT_DATA,0x00000657,mechanisms,spec -CKM_RSA_PKCS_TPM_1_1,0x00004001,mechanisms,spec -CKM_RSA_PKCS_OAEP_TPM_1_1,0x00004002,mechanisms,spec -CKM_SHA_1_KEY_GEN,0x00004003,mechanisms,spec -CKM_SHA224_KEY_GEN,0x00004004,mechanisms,spec -CKM_SHA256_KEY_GEN,0x00004005,mechanisms,spec -CKM_SHA384_KEY_GEN,0x00004006,mechanisms,spec -CKM_SHA512_KEY_GEN,0x00004007,mechanisms,spec -CKM_SHA512_224_KEY_GEN,0x00004008,mechanisms,spec -CKM_SHA512_256_KEY_GEN,0x00004009,mechanisms,spec -CKM_SHA512_T_KEY_GEN,0x0000400a,mechanisms,spec -CKM_NULL,0x0000400b,mechanisms,spec -CKM_BLAKE2B_160,0x0000400c,mechanisms,spec -CKM_BLAKE2B_160_HMAC,0x0000400d,mechanisms,spec -CKM_BLAKE2B_160_HMAC_GENERAL,0x0000400e,mechanisms,spec -CKM_BLAKE2B_160_KEY_DERIVE,0x0000400f,mechanisms,spec -CKM_BLAKE2B_160_KEY_GEN,0x00004010,mechanisms,spec -CKM_BLAKE2B_256,0x00004011,mechanisms,spec -CKM_BLAKE2B_256_HMAC,0x00004012,mechanisms,spec -CKM_BLAKE2B_256_HMAC_GENERAL,0x00004013,mechanisms,spec -CKM_BLAKE2B_256_KEY_DERIVE,0x00004014,mechanisms,spec -CKM_BLAKE2B_256_KEY_GEN,0x00004015,mechanisms,spec -CKM_BLAKE2B_384,0x00004016,mechanisms,spec -CKM_BLAKE2B_384_HMAC,0x00004017,mechanisms,spec -CKM_BLAKE2B_384_HMAC_GENERAL,0x00004018,mechanisms,spec -CKM_BLAKE2B_384_KEY_DERIVE,0x00004019,mechanisms,spec -CKM_BLAKE2B_384_KEY_GEN,0x0000401a,mechanisms,spec -CKM_BLAKE2B_512,0x0000401b,mechanisms,spec -CKM_BLAKE2B_512_HMAC,0x0000401c,mechanisms,spec -CKM_BLAKE2B_512_HMAC_GENERAL,0x0000401d,mechanisms,spec -CKM_BLAKE2B_512_KEY_DERIVE,0x0000401e,mechanisms,spec -CKM_BLAKE2B_512_KEY_GEN,0x0000401f,mechanisms,spec -CKM_SALSA20,0x00004020,mechanisms,spec -CKM_CHACHA20_POLY1305,0x00004021,mechanisms,spec -CKM_SALSA20_POLY1305,0x00004022,mechanisms,spec -CKM_X3DH_INITIALIZE,0x00004023,mechanisms,spec -CKM_X3DH_RESPOND,0x00004024,mechanisms,spec -CKM_X2RATCHET_INITIALIZE,0x00004025,mechanisms,spec -CKM_X2RATCHET_RESPOND,0x00004026,mechanisms,spec -CKM_X2RATCHET_ENCRYPT,0x00004027,mechanisms,spec -CKM_X2RATCHET_DECRYPT,0x00004028,mechanisms,spec -CKM_XEDDSA,0x00004029,mechanisms,spec -CKM_HKDF_DERIVE,0x0000402a,mechanisms,spec -CKM_HKDF_DATA,0x0000402b,mechanisms,spec -CKM_HKDF_KEY_GEN,0x0000402c,mechanisms,spec -CKM_SALSA20_KEY_GEN,0x0000402d,mechanisms,spec -CKM_IKE2_PRF_PLUS_DERIVE,0x0000402e,mechanisms,approved -CKM_IKE_PRF_DERIVE,0x0000402f,mechanisms,approved -CKM_IKE1_PRF_DERIVE,0x00004030,mechanisms,approved -CKM_IKE1_EXTENDED_DERIVE,0x00004031,mechanisms,approved -CKM_HSS_KEY_PAIR_GEN,0x00004032,mechanisms,approved -CKM_HSS,0x00004033,mechanisms,approved -CKM_XMSS_KEY_PAIR_GEN,0x00004034,mechanisms,proposed -CKM_XMSSMT_KEY_PAIR_GEN,0x00004035,mechanisms,proposed -CKM_XMSS,0x00004036,mechanisms,proposed -CKM_XMSSMT,0x00004037,mechanisms,proposed -CKM_DSA,0x00000011,mechanisms,spec -CKM_DSA_SHA1,0x00000012,mechanisms,spec -CKM_DSA_SHA224,0x00000013,mechanisms,spec -CKM_RSA_9796,0x00000002,mechanisms,spec -CKM_DSA_SHA256,0x00000014,mechanisms,spec -CKM_DSA_SHA384,0x00000015,mechanisms,spec -CKM_DSA_SHA512,0x00000016,mechanisms,spec -CKM_DSA_SHA3_224,0x00000018,mechanisms,spec -CKM_DSA_SHA3_256,0x00000019,mechanisms,spec -CKM_RC2_KEY_GEN,0x00000100,mechanisms,spec -CKM_RC2_ECB,0x00000101,mechanisms,spec -CKM_RC2_CBC,0x00000102,mechanisms,spec -CKM_RC2_MAC,0x00000103,mechanisms,spec -CKM_DSA_SHA3_384,0x0000001a,mechanisms,spec -CKM_RC2_MAC_GENERAL,0x00000104,mechanisms,spec -CKM_RC2_CBC_PAD,0x00000105,mechanisms,spec -CKM_DSA_SHA3_512,0x0000001b,mechanisms,spec -CKM_RC4_KEY_GEN,0x00000110,mechanisms,spec -CKM_RC4,0x00000111,mechanisms,spec -CKM_DES_KEY_GEN,0x00000120,mechanisms,spec -CKM_DES_ECB,0x00000121,mechanisms,spec -CKM_DES_CBC,0x00000122,mechanisms,spec -CKM_DES_MAC,0x00000123,mechanisms,spec -CKM_DES_MAC_GENERAL,0x00000124,mechanisms,spec -CKM_DES_CBC_PAD,0x00000125,mechanisms,spec -CKM_RSA_X_509,0x00000003,mechanisms,spec -CKM_DES2_KEY_GEN,0x00000130,mechanisms,spec -CKM_DES3_KEY_GEN,0x00000131,mechanisms,spec -CKM_DES3_ECB,0x00000132,mechanisms,spec -CKM_DES3_CBC,0x00000133,mechanisms,spec -CKM_DES3_MAC,0x00000134,mechanisms,spec -CKM_DES3_MAC_GENERAL,0x00000135,mechanisms,spec -CKM_DES3_CBC_PAD,0x00000136,mechanisms,spec -CKM_DES3_CMAC_GENERAL,0x00000137,mechanisms,spec -CKM_DES3_CMAC,0x00000138,mechanisms,spec -CKM_DH_PKCS_KEY_PAIR_GEN,0x00000020,mechanisms,spec -CKM_CDMF_KEY_GEN,0x00000140,mechanisms,spec -CKM_CDMF_ECB,0x00000141,mechanisms,spec -CKM_CDMF_CBC,0x00000142,mechanisms,spec -CKM_CDMF_MAC,0x00000143,mechanisms,spec -CKM_CDMF_MAC_GENERAL,0x00000144,mechanisms,spec -CKM_CDMF_CBC_PAD,0x00000145,mechanisms,spec -CKM_DH_PKCS_DERIVE,0x00000021,mechanisms,spec -CKM_DES_OFB64,0x00000150,mechanisms,spec -CKM_DES_OFB8,0x00000151,mechanisms,spec -CKM_DES_CFB64,0x00000152,mechanisms,spec -CKM_DES_CFB8,0x00000153,mechanisms,spec -CKM_MD2_RSA_PKCS,0x00000004,mechanisms,spec -CKM_SKIPJACK_KEY_GEN,0x00001000,mechanisms,spec -CKM_SKIPJACK_ECB64,0x00001001,mechanisms,spec -CKM_SKIPJACK_CBC64,0x00001002,mechanisms,spec -CKM_SKIPJACK_OFB64,0x00001003,mechanisms,spec -CKM_SKIPJACK_CFB64,0x00001004,mechanisms,spec -CKM_SKIPJACK_CFB32,0x00001005,mechanisms,spec -CKM_SKIPJACK_CFB16,0x00001006,mechanisms,spec -CKM_SKIPJACK_CFB8,0x00001007,mechanisms,spec -CKM_SKIPJACK_WRAP,0x00001008,mechanisms,spec -CKM_SKIPJACK_PRIVATE_WRAP,0x00001009,mechanisms,spec -CKM_SKIPJACK_RELAYX,0x0000100a,mechanisms,spec -CKM_KEA_KEY_PAIR_GEN,0x00001010,mechanisms,spec -CKM_KEA_KEY_DERIVE,0x00001011,mechanisms,spec -CKM_KEA_DERIVE,0x00001012,mechanisms,spec -CKM_FORTEZZA_TIMESTAMP,0x00001020,mechanisms,spec -CKM_BATON_KEY_GEN,0x00001030,mechanisms,spec -CKM_BATON_ECB128,0x00001031,mechanisms,spec -CKM_BATON_ECB96,0x00001032,mechanisms,spec -CKM_BATON_CBC128,0x00001033,mechanisms,spec -CKM_BATON_COUNTER,0x00001034,mechanisms,spec -CKM_BATON_SHUFFLE,0x00001035,mechanisms,spec -CKM_BATON_WRAP,0x00001036,mechanisms,spec -CKM_EC_KEY_PAIR_GEN,0x00001040,mechanisms,spec -CKM_ECDSA,0x00001041,mechanisms,spec -CKM_ECDSA_SHA1,0x00001042,mechanisms,spec -CKM_ECDSA_SHA224,0x00001043,mechanisms,spec -CKM_ECDSA_SHA256,0x00001044,mechanisms,spec -CKM_ECDSA_SHA384,0x00001045,mechanisms,spec -CKM_ECDSA_SHA512,0x00001046,mechanisms,spec -CKM_ECDSA_SHA3_224,0x00001047,mechanisms,spec -CKM_ECDSA_SHA3_256,0x00001048,mechanisms,spec -CKM_ECDSA_SHA3_384,0x00001049,mechanisms,spec -CKM_ECDSA_SHA3_512,0x0000104a,mechanisms,spec -CKM_ECDH1_DERIVE,0x00001050,mechanisms,spec -CKM_ECDH1_COFACTOR_DERIVE,0x00001051,mechanisms,spec -CKM_ECMQV_DERIVE,0x00001052,mechanisms,spec -CKM_ECDH_AES_KEY_WRAP,0x00001053,mechanisms,spec -CKM_RSA_AES_KEY_WRAP,0x00001054,mechanisms,spec -CKM_EC_EDWARDS_KEY_PAIR_GEN,0x00001055,mechanisms,spec -CKM_EC_MONTGOMERY_KEY_PAIR_GEN,0x00001056,mechanisms,spec -CKM_EDDSA,0x00001057,mechanisms,spec -CKM_JUNIPER_KEY_GEN,0x00001060,mechanisms,spec -CKM_JUNIPER_ECB128,0x00001061,mechanisms,spec -CKM_JUNIPER_CBC128,0x00001062,mechanisms,spec -CKM_JUNIPER_COUNTER,0x00001063,mechanisms,spec -CKM_JUNIPER_SHUFFLE,0x00001064,mechanisms,spec -CKM_JUNIPER_WRAP,0x00001065,mechanisms,spec -CKM_FASTHASH,0x00001070,mechanisms,spec -CKM_AES_XTS,0x00001071,mechanisms,spec -CKM_AES_XTS_KEY_GEN,0x00001072,mechanisms,spec -CKM_AES_KEY_GEN,0x00001080,mechanisms,spec -CKM_AES_ECB,0x00001081,mechanisms,spec -CKM_AES_CBC,0x00001082,mechanisms,spec -CKM_AES_MAC,0x00001083,mechanisms,spec -CKM_AES_MAC_GENERAL,0x00001084,mechanisms,spec -CKM_AES_CBC_PAD,0x00001085,mechanisms,spec -CKM_AES_CTR,0x00001086,mechanisms,spec -CKM_AES_GCM,0x00001087,mechanisms,spec -CKM_AES_CCM,0x00001088,mechanisms,spec -CKM_AES_CTS,0x00001089,mechanisms,spec -CKM_AES_CMAC,0x0000108a,mechanisms,spec -CKM_AES_CMAC_GENERAL,0x0000108b,mechanisms,spec -CKM_AES_XCBC_MAC,0x0000108c,mechanisms,spec -CKM_AES_XCBC_MAC_96,0x0000108d,mechanisms,spec -CKM_AES_GMAC,0x0000108e,mechanisms,spec -CKM_BLOWFISH_KEY_GEN,0x00001090,mechanisms,spec -CKM_BLOWFISH_CBC,0x00001091,mechanisms,spec -CKM_TWOFISH_KEY_GEN,0x00001092,mechanisms,spec -CKM_TWOFISH_CBC,0x00001093,mechanisms,spec -CKM_BLOWFISH_CBC_PAD,0x00001094,mechanisms,spec -CKM_TWOFISH_CBC_PAD,0x00001095,mechanisms,spec -CKM_DES_ECB_ENCRYPT_DATA,0x00001100,mechanisms,spec -CKM_DES_CBC_ENCRYPT_DATA,0x00001101,mechanisms,spec -CKM_DES3_ECB_ENCRYPT_DATA,0x00001102,mechanisms,spec -CKM_DES3_CBC_ENCRYPT_DATA,0x00001103,mechanisms,spec -CKM_AES_ECB_ENCRYPT_DATA,0x00001104,mechanisms,spec -CKM_AES_CBC_ENCRYPT_DATA,0x00001105,mechanisms,spec -CKM_GOSTR3410_KEY_PAIR_GEN,0x00001200,mechanisms,spec -CKM_GOSTR3410,0x00001201,mechanisms,spec -CKM_GOSTR3410_WITH_GOSTR3411,0x00001202,mechanisms,spec -CKM_GOSTR3410_KEY_WRAP,0x00001203,mechanisms,spec -CKM_GOSTR3410_DERIVE,0x00001204,mechanisms,spec -CKM_GOSTR3411,0x00001210,mechanisms,spec -CKM_GOSTR3411_HMAC,0x00001211,mechanisms,spec -CKM_GOST28147_KEY_GEN,0x00001220,mechanisms,spec -CKM_GOST28147_ECB,0x00001221,mechanisms,spec -CKM_GOST28147,0x00001222,mechanisms,spec -CKM_GOST28147_MAC,0x00001223,mechanisms,spec -CKM_GOST28147_KEY_WRAP,0x00001224,mechanisms,spec -CKM_CHACHA20_KEY_GEN,0x00001225,mechanisms,spec -CKM_CHACHA20,0x00001226,mechanisms,spec -CKM_POLY1305_KEY_GEN,0x00001227,mechanisms,spec -CKM_POLY1305,0x00001228,mechanisms,spec -CKM_X9_42_DH_KEY_PAIR_GEN,0x00000030,mechanisms,spec -CKM_X9_42_DH_DERIVE,0x00000031,mechanisms,spec -CKM_MD5_RSA_PKCS,0x00000005,mechanisms,spec -CKM_X9_42_DH_HYBRID_DERIVE,0x00000032,mechanisms,spec -CKM_X9_42_MQV_DERIVE,0x00000033,mechanisms,spec -CKM_MD2,0x00000200,mechanisms,spec -CKM_MD2_HMAC,0x00000201,mechanisms,spec -CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS,0x0000140b,mechanisms,spec -CKM_MD2_HMAC_GENERAL,0x00000202,mechanisms,spec -CKM_MD5,0x00000210,mechanisms,spec -CKM_MD5_HMAC,0x00000211,mechanisms,spec -CKM_MD5_HMAC_GENERAL,0x00000212,mechanisms,spec -CKM_SHA_1,0x00000220,mechanisms,spec -CKM_SHA_1_HMAC,0x00000221,mechanisms,spec -CKM_SHA_1_HMAC_GENERAL,0x00000222,mechanisms,spec -CKM_RIPEMD128,0x00000230,mechanisms,spec -CKM_RIPEMD128_HMAC,0x00000231,mechanisms,spec -CKM_RIPEMD128_HMAC_GENERAL,0x00000232,mechanisms,spec -CKM_RIPEMD160,0x00000240,mechanisms,spec -CKM_RIPEMD160_HMAC,0x00000241,mechanisms,spec -CKM_RIPEMD160_HMAC_GENERAL,0x00000242,mechanisms,spec -CKM_SHA256,0x00000250,mechanisms,spec -CKM_SHA256_HMAC,0x00000251,mechanisms,spec -CKM_SHA256_HMAC_GENERAL,0x00000252,mechanisms,spec -CKM_SHA224,0x00000255,mechanisms,spec -CKM_SHA224_HMAC,0x00000256,mechanisms,spec -CKM_SHA224_HMAC_GENERAL,0x00000257,mechanisms,spec -CKM_SHA1_RSA_PKCS,0x00000006,mechanisms,spec -CKM_SHA384,0x00000260,mechanisms,spec -CKM_SHA384_HMAC,0x00000261,mechanisms,spec -CKM_SHA384_HMAC_GENERAL,0x00000262,mechanisms,spec -CKM_SHA512,0x00000270,mechanisms,spec -CKM_SHA512_HMAC,0x00000271,mechanisms,spec -CKM_SHA512_HMAC_GENERAL,0x00000272,mechanisms,spec -CKM_SHA256_RSA_PKCS,0x00000040,mechanisms,spec -CKM_SECURID_KEY_GEN,0x00000280,mechanisms,spec -CKM_SECURID,0x00000282,mechanisms,spec -CKM_SHA384_RSA_PKCS,0x00000041,mechanisms,spec -CKM_HOTP_KEY_GEN,0x00000290,mechanisms,spec -CKM_HOTP,0x00000291,mechanisms,spec -CKM_SHA512_RSA_PKCS,0x00000042,mechanisms,spec -CKM_SHA256_RSA_PKCS_PSS,0x00000043,mechanisms,spec -CKM_ACTI,0x000002a0,mechanisms,spec -CKM_ACTI_KEY_GEN,0x000002a1,mechanisms,spec -CKM_SHA384_RSA_PKCS_PSS,0x00000044,mechanisms,spec -CKM_SHA3_256,0x000002b0,mechanisms,spec -CKM_SHA3_256_HMAC,0x000002b1,mechanisms,spec -CKM_SHA512_RSA_PKCS_PSS,0x00000045,mechanisms,spec -CKM_SHA3_256_HMAC_GENERAL,0x000002b2,mechanisms,spec -CKM_SHA3_256_KEY_GEN,0x000002b3,mechanisms,spec -CKM_SHA3_224,0x000002b5,mechanisms,spec -CKM_SHA3_224_HMAC,0x000002b6,mechanisms,spec -CKM_SHA3_224_HMAC_GENERAL,0x000002b7,mechanisms,spec -CKM_SHA3_224_KEY_GEN,0x000002b8,mechanisms,spec -CKM_RIPEMD128_RSA_PKCS,0x00000007,mechanisms,spec -CKM_SHA224_RSA_PKCS,0x00000046,mechanisms,spec -CKM_SHA3_384,0x000002c0,mechanisms,spec -CKM_SHA3_384_HMAC,0x000002c1,mechanisms,spec -CKM_SHA3_384_HMAC_GENERAL,0x000002c2,mechanisms,spec -CKM_SHA3_384_KEY_GEN,0x000002c3,mechanisms,spec -CKM_SHA224_RSA_PKCS_PSS,0x00000047,mechanisms,spec -CKM_SHA512_224,0x00000048,mechanisms,spec -CKM_SHA3_512,0x000002d0,mechanisms,spec -CKM_SHA3_512_HMAC,0x000002d1,mechanisms,spec -CKM_SHA3_512_HMAC_GENERAL,0x000002d2,mechanisms,spec -CKM_SHA3_512_KEY_GEN,0x000002d3,mechanisms,spec -CKM_SHA512_224_HMAC,0x00000049,mechanisms,spec -CKM_SHA512_224_HMAC_GENERAL,0x0000004a,mechanisms,spec -CKM_SHA512_224_KEY_DERIVATION,0x0000004b,mechanisms,spec -CKM_SHA512_256,0x0000004c,mechanisms,spec -CKM_CAST_KEY_GEN,0x00000300,mechanisms,spec -CKM_CAST_ECB,0x00000301,mechanisms,spec -CKM_SHA512_256_HMAC,0x0000004d,mechanisms,spec -CKM_CAST_CBC,0x00000302,mechanisms,spec -CKM_CAST_MAC,0x00000303,mechanisms,spec -CKM_CAST_MAC_GENERAL,0x00000304,mechanisms,spec -CKM_CAST_CBC_PAD,0x00000305,mechanisms,spec -CKM_SHA512_256_HMAC_GENERAL,0x0000004e,mechanisms,spec -CKM_CAST3_KEY_GEN,0x00000310,mechanisms,spec -CKM_CAST3_ECB,0x00000311,mechanisms,spec -CKM_CAST3_CBC,0x00000312,mechanisms,spec -CKM_CAST3_MAC,0x00000313,mechanisms,spec -CKM_CAST3_MAC_GENERAL,0x00000314,mechanisms,spec -CKM_CAST3_CBC_PAD,0x00000315,mechanisms,spec -CKM_SHA512_256_KEY_DERIVATION,0x0000004f,mechanisms,spec -CKM_RIPEMD160_RSA_PKCS,0x00000008,mechanisms,spec -CKM_SHA512_T,0x00000050,mechanisms,spec -CKM_CAST128_KEY_GEN,0x00000320,mechanisms,spec -CKM_CAST128_ECB,0x00000321,mechanisms,spec -CKM_CAST128_CBC,0x00000322,mechanisms,spec -CKM_CAST128_MAC,0x00000323,mechanisms,spec -CKM_CAST128_MAC_GENERAL,0x00000324,mechanisms,spec -CKM_CAST128_CBC_PAD,0x00000325,mechanisms,spec -CKM_SHA512_T_HMAC,0x00000051,mechanisms,spec -CKM_RC5_KEY_GEN,0x00000330,mechanisms,spec -CKM_RC5_ECB,0x00000331,mechanisms,spec -CKM_RC5_CBC,0x00000332,mechanisms,spec -CKM_RC5_MAC,0x00000333,mechanisms,spec -CKM_DSA_PARAMETER_GEN,0x00002000,mechanisms,spec -CKM_DH_PKCS_PARAMETER_GEN,0x00002001,mechanisms,spec -CKM_X9_42_DH_PARAMETER_GEN,0x00002002,mechanisms,spec -CKM_DSA_PROBABILISTIC_PARAMETER_GEN,0x00002003,mechanisms,spec -CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN,0x00002004,mechanisms,spec -CKM_DSA_FIPS_G_GEN,0x00002005,mechanisms,spec -CKM_SHA512_T_HMAC_GENERAL,0x00000052,mechanisms,spec -CKM_RC5_MAC_GENERAL,0x00000334,mechanisms,spec -CKM_RC5_CBC_PAD,0x00000335,mechanisms,spec -CKM_SHA512_T_KEY_DERIVATION,0x00000053,mechanisms,spec -CKM_IDEA_KEY_GEN,0x00000340,mechanisms,spec -CKM_IDEA_ECB,0x00000341,mechanisms,spec -CKM_IDEA_CBC,0x00000342,mechanisms,spec -CKM_IDEA_MAC,0x00000343,mechanisms,spec -CKM_IDEA_MAC_GENERAL,0x00000344,mechanisms,spec -CKM_IDEA_CBC_PAD,0x00000345,mechanisms,spec -CKM_AES_OFB,0x00002104,mechanisms,spec -CKM_AES_CFB64,0x00002105,mechanisms,spec -CKM_AES_CFB8,0x00002106,mechanisms,spec -CKM_AES_CFB128,0x00002107,mechanisms,spec -CKM_AES_CFB1,0x00002108,mechanisms,spec -CKM_AES_KEY_WRAP,0x00002109,mechanisms,spec -CKM_AES_KEY_WRAP_PAD,0x0000210a,mechanisms,spec -CKM_AES_KEY_WRAP_KWP,0x0000210b,mechanisms,spec -CKM_AES_KEY_WRAP_PKCS7,0x0000210c,mechanisms,approved -CKM_GENERIC_SECRET_KEY_GEN,0x00000350,mechanisms,spec -CKM_CONCATENATE_BASE_AND_KEY,0x00000360,mechanisms,spec -CKM_CONCATENATE_BASE_AND_DATA,0x00000362,mechanisms,spec -CKM_CONCATENATE_DATA_AND_BASE,0x00000363,mechanisms,spec -CKM_XOR_BASE_AND_DATA,0x00000364,mechanisms,spec -CKM_EXTRACT_KEY_FROM_KEY,0x00000365,mechanisms,spec -CKM_SSL3_PRE_MASTER_KEY_GEN,0x00000370,mechanisms,spec -CKM_SSL3_MASTER_KEY_DERIVE,0x00000371,mechanisms,spec -CKM_SSL3_KEY_AND_MAC_DERIVE,0x00000372,mechanisms,spec -CKM_SSL3_MASTER_KEY_DERIVE_DH,0x00000373,mechanisms,spec -CKM_TLS_PRE_MASTER_KEY_GEN,0x00000374,mechanisms,spec -CKM_TLS_MASTER_KEY_DERIVE,0x00000375,mechanisms,spec -CKM_TLS_KEY_AND_MAC_DERIVE,0x00000376,mechanisms,spec -CKM_TLS_MASTER_KEY_DERIVE_DH,0x00000377,mechanisms,spec -CKM_TLS_PRF,0x00000378,mechanisms,spec -CKM_SSL3_MD5_MAC,0x00000380,mechanisms,spec -CKM_SSL3_SHA1_MAC,0x00000381,mechanisms,spec -CKM_RSA_PKCS_OAEP,0x00000009,mechanisms,spec -CKM_MD5_KEY_DERIVATION,0x00000390,mechanisms,spec -CKM_MD2_KEY_DERIVATION,0x00000391,mechanisms,spec -CKM_SHA1_KEY_DERIVATION,0x00000392,mechanisms,spec -CKM_SHA256_KEY_DERIVATION,0x00000393,mechanisms,spec -CKM_SHA384_KEY_DERIVATION,0x00000394,mechanisms,spec -CKM_SHA512_KEY_DERIVATION,0x00000395,mechanisms,spec -CKM_SHA224_KEY_DERIVATION,0x00000396,mechanisms,spec -CKM_SHA3_256_KEY_DERIVATION,0x00000397,mechanisms,spec -CKM_SHA3_224_KEY_DERIVATION,0x00000398,mechanisms,spec -CKM_SHA3_384_KEY_DERIVATION,0x00000399,mechanisms,spec -CKM_SHA3_512_KEY_DERIVATION,0x0000039a,mechanisms,spec -CKM_SHAKE_128_KEY_DERIVATION,0x0000039b,mechanisms,spec -CKM_SHAKE_256_KEY_DERIVATION,0x0000039c,mechanisms,spec -CKM_PBE_MD2_DES_CBC,0x000003a0,mechanisms,spec -CKM_PBE_MD5_DES_CBC,0x000003a1,mechanisms,spec -CKM_PBE_MD5_CAST_CBC,0x000003a2,mechanisms,spec -CKM_PBE_MD5_CAST3_CBC,0x000003a3,mechanisms,spec -CKM_PBE_MD5_CAST128_CBC,0x000003a4,mechanisms,spec -CKM_PBE_SHA1_CAST128_CBC,0x000003a5,mechanisms,spec -CKM_PBE_SHA1_RC4_128,0x000003a6,mechanisms,spec -CKM_PBE_SHA1_RC4_40,0x000003a7,mechanisms,spec -CKM_PBE_SHA1_DES3_EDE_CBC,0x000003a8,mechanisms,spec -CKM_PBE_SHA1_DES2_EDE_CBC,0x000003a9,mechanisms,spec -CKM_PBE_SHA1_RC2_128_CBC,0x000003aa,mechanisms,spec -CKM_PBE_SHA1_RC2_40_CBC,0x000003ab,mechanisms,spec -CKM_SP800_108_COUNTER_KDF,0x000003ac,mechanisms,spec -CKM_SP800_108_FEEDBACK_KDF,0x000003ad,mechanisms,spec -CKM_SP800_108_DOUBLE_PIPELINE_KDF,0x000003ae,mechanisms,spec -CKM_PKCS5_PBKD2,0x000003b0,mechanisms,spec -CKM_SHA3_256_RSA_PKCS,0x00000060,mechanisms,spec -CKM_PBA_SHA1_WITH_SHA1_HMAC,0x000003c0,mechanisms,spec -CKM_SHA3_384_RSA_PKCS,0x00000061,mechanisms,spec -CKM_WTLS_PRE_MASTER_KEY_GEN,0x000003d0,mechanisms,spec -CKM_WTLS_MASTER_KEY_DERIVE,0x000003d1,mechanisms,spec -CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC,0x000003d2,mechanisms,spec -CKM_WTLS_PRF,0x000003d3,mechanisms,spec -CKM_SHA3_512_RSA_PKCS,0x00000062,mechanisms,spec -CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE,0x000003d4,mechanisms,spec -CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE,0x000003d5,mechanisms,spec -CKM_TLS10_MAC_SERVER,0x000003d6,mechanisms,spec -CKM_TLS10_MAC_CLIENT,0x000003d7,mechanisms,spec -CKM_TLS12_MAC,0x000003d8,mechanisms,spec -CKM_TLS12_KDF,0x000003d9,mechanisms,spec -CKM_SHA3_256_RSA_PKCS_PSS,0x00000063,mechanisms,spec -CKM_TLS12_MASTER_KEY_DERIVE,0x000003e0,mechanisms,spec -CKM_TLS12_KEY_AND_MAC_DERIVE,0x000003e1,mechanisms,spec -CKM_TLS12_MASTER_KEY_DERIVE_DH,0x000003e2,mechanisms,spec -CKM_TLS12_KEY_SAFE_DERIVE,0x000003e3,mechanisms,spec -CKM_TLS_MAC,0x000003e4,mechanisms,spec -CKM_TLS_KDF,0x000003e5,mechanisms,spec -CKF_HW,0x00000001,mechanisms_flags,spec -CKF_DIGEST,0x00000400,mechanisms_flags,spec -CKF_EC_F_P,0x00100000,mechanisms_flags,spec -CKF_WRAP,0x00020000,mechanisms_flags,spec -CKF_MESSAGE_VERIFY,0x00000010,mechanisms_flags,spec -CKF_VERIFY_RECOVER,0x00004000,mechanisms_flags,spec -CKF_EC_UNCOMPRESS,0x01000000,mechanisms_flags,spec -CKF_MESSAGE_ENCRYPT,0x00000002,mechanisms_flags,spec -CKF_SIGN,0x00000800,mechanisms_flags,spec -CKF_EC_F_2M,0x00200000,mechanisms_flags,spec -CKF_EXTENSION,0x80000000,mechanisms_flags,spec -CKF_ENCRYPT,0x00000100,mechanisms_flags,spec -CKF_UNWRAP,0x00040000,mechanisms_flags,spec -CKF_MULTI_MESSAGE,0x00000020,mechanisms_flags,spec -CKF_GENERATE,0x00008000,mechanisms_flags,spec -CKF_EC_COMPRESS,0x02000000,mechanisms_flags,spec -CKF_MESSAGE_DECRYPT,0x00000004,mechanisms_flags,spec -CKF_SIGN_RECOVER,0x00001000,mechanisms_flags,spec -CKF_EC_ECPARAMETERS,0x00400000,mechanisms_flags,spec -CKF_DECRYPT,0x00000200,mechanisms_flags,spec -CKF_DERIVE,0x00080000,mechanisms_flags,spec -CKF_FIND_OBJECTS,0x00000040,mechanisms_flags,spec -CKF_GENERATE_KEY_PAIR,0x00010000,mechanisms_flags,spec -CKF_EC_CURVENAME,0x04000000,mechanisms_flags,spec -CKF_MESSAGE_SIGN,0x00000008,mechanisms_flags,spec -CKF_VERIFY,0x00002000,mechanisms_flags,spec -CKF_EC_OID,0x00800000,mechanisms_flags,spec -CKF_END_OF_MESSAGE,0x00000001,message_flags,spec -CKG_MGF1_SHA1,0x00000001,mgf,spec -CKG_MGF1_SHA256,0x00000002,mgf,spec -CKG_MGF1_SHA384,0x00000003,mgf,spec -CKG_MGF1_SHA512,0x00000004,mgf,spec -CKG_MGF1_SHA224,0x00000005,mgf,spec -CKG_MGF1_SHA3_224,0x00000006,mgf,spec -CKG_MGF1_SHA3_256,0x00000007,mgf,spec -CKG_MGF1_SHA3_384,0x00000008,mgf,spec -CKG_MGF1_SHA3_512,0x00000009,mgf,spec -CKN_SURRENDER,0x00000000,notifications,spec -CKN_OTP_CHANGED,0x00000001,notifications,spec -CKO_DATA,0x00000000,objects,spec -CKO_CERTIFICATE,0x00000001,objects,spec -CKO_PUBLIC_KEY,0x00000002,objects,spec -CKO_PRIVATE_KEY,0x00000003,objects,spec -CKO_SECRET_KEY,0x00000004,objects,spec -CKO_HW_FEATURE,0x00000005,objects,spec -CKO_DOMAIN_PARAMETERS,0x00000006,objects,spec -CKO_MECHANISM,0x00000007,objects,spec -CKO_OTP_KEY,0x00000008,objects,spec -CKO_PROFILE,0x00000009,objects,spec -CKF_NEXT_OTP,0x00000001,opt_flags,spec -CKF_EXCLUDE_PIN,0x00000010,opt_flags,spec -CKF_EXCLUDE_TIME,0x00000002,opt_flags,spec -CKF_USER_FRIENDLY_OTP,0x00000020,opt_flags,spec -CKF_EXCLUDE_COUNTER,0x00000004,opt_flags,spec -CKF_EXCLUDE_CHALLENGE,0x00000008,opt_flags,spec -CK_OTP_FORMAT_DECIMAL,0x00000000,otp_format,spec -CK_OTP_FORMAT_HEXADECIMAL,0x00000001,otp_format,spec -CK_OTP_FORMAT_ALPHANUMERIC,0x00000002,otp_format,spec -CK_OTP_FORMAT_BINARY,0x00000003,otp_format,spec -CK_OTP_PARAM_IGNORED,0x00000000,otp_param,spec -CK_OTP_PARAM_OPTIONAL,0x00000001,otp_param,spec -CK_OTP_PARAM_MANDATORY,0x00000002,otp_param,spec -CK_OTP_VALUE,0x00000000,otp_types,spec -CK_OTP_PIN,0x00000001,otp_types,spec -CK_OTP_CHALLENGE,0x00000002,otp_types,spec -CK_OTP_TIME,0x00000003,otp_types,spec -CK_OTP_COUNTER,0x00000004,otp_types,spec -CK_OTP_FLAGS,0x00000005,otp_types,spec -CK_OTP_OUTPUT_LENGTH,0x00000006,otp_types,spec -CK_OTP_OUTPUT_FORMAT,0x00000007,otp_types,spec -CKP_INVALID_ID,0x00000000,profile_id,spec -CKP_BASELINE_PROVIDER,0x00000001,profile_id,spec -CKP_EXTENDED_PROVIDER,0x00000002,profile_id,spec -CKP_AUTHENTICATION_TOKEN,0x00000003,profile_id,spec -CKP_PUBLIC_CERTIFICATES_TOKEN,0x00000004,profile_id,spec -CKP_COMPLETE_PROVIDER,0x00000005,profile_id,approved -CKP_HKDF_TLS_TOKEN,0x00000006,profile_id,approved -CKP_PKCS5_PBKD2_HMAC_SHA1,0x00000001,pseudo_random_function,spec -CKP_PKCS5_PBKD2_HMAC_GOSTR3411,0x00000002,pseudo_random_function,spec -CKP_PKCS5_PBKD2_HMAC_SHA224,0x00000003,pseudo_random_function,spec -CKP_PKCS5_PBKD2_HMAC_SHA256,0x00000004,pseudo_random_function,spec -CKP_PKCS5_PBKD2_HMAC_SHA384,0x00000005,pseudo_random_function,spec -CKP_PKCS5_PBKD2_HMAC_SHA512,0x00000006,pseudo_random_function,spec -CKP_PKCS5_PBKD2_HMAC_SHA512_224,0x00000007,pseudo_random_function,spec -CKP_PKCS5_PBKD2_HMAC_SHA512_256,0x00000008,pseudo_random_function,spec -CKZ_SALT_SPECIFIED,0x00000001,psuedo_sourse,spec -CK_SECURITY_DOMAIN_UNSPECIFIED,0x00000000,security_domain,spec -CK_SECURITY_DOMAIN_MANUFACTURER,0x00000001,security_domain,spec -CK_SECURITY_DOMAIN_OPERATOR,0x00000002,security_domain,spec -CK_SECURITY_DOMAIN_THIRD_PARTY,0x00000003,security_domain,spec -CKF_RW_SESSION,0x00000002,session_flags,spec -CKF_SERIAL_SESSION,0x00000004,session_flags,spec -CKS_RO_PUBLIC_SESSION,0x00000000,session_states,spec -CKS_RO_USER_FUNCTIONS,0x00000001,session_states,spec -CKS_RW_PUBLIC_SESSION,0x00000002,session_states,spec -CKS_RW_USER_FUNCTIONS,0x00000003,session_states,spec -CKS_RW_SO_FUNCTIONS,0x00000004,session_states,spec -CKF_DONT_BLOCK,0x00000001,slot_event_flags,spec -CKF_TOKEN_PRESENT,0x00000001,slot_info_flags,spec -CKF_REMOVABLE_DEVICE,0x00000002,slot_info_flags,spec -CKF_HW_SLOT,0x00000004,slot_info_flags,spec -CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS,0x00000001,sp800_dkm_length_method,spec -CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS,0x00000002,sp800_dkm_length_method,spec -CK_SP800_108_ITERATION_VARIABLE,0x00000001,sp800_type,spec -CK_SP800_108_OPTIONAL_COUNTER,0x00000002,sp800_type,spec -CK_SP800_108_DKM_LENGTH,0x00000003,sp800_type,spec -CK_SP800_108_BYTE_ARRAY,0x00000004,sp800_type,spec -CKF_RNG,0x00000001,token_info_flags,spec -CKF_TOKEN_INITIALIZED,0x00000400,token_info_flags,spec -CKF_SO_PIN_COUNT_LOW,0x00100000,token_info_flags,spec -CKF_USER_PIN_FINAL_TRY,0x00020000,token_info_flags,spec -CKF_ERROR_STATE,0x01000000,token_info_flags,spec -CKF_WRITE_PROTECTED,0x00000002,token_info_flags,spec -CKF_SECONDARY_AUTHENTICATION,0x00000800,token_info_flags,spec -CKF_SO_PIN_FINAL_TRY,0x00200000,token_info_flags,spec -CKF_PROTECTED_AUTHENTICATION_PATH,0x00000100,token_info_flags,spec -CKF_USER_PIN_LOCKED,0x00040000,token_info_flags,spec -CKF_RESTORE_KEY_NOT_NEEDED,0x00000020,token_info_flags,spec -CKF_LOGIN_REQUIRED,0x00000004,token_info_flags,spec -CKF_SO_PIN_LOCKED,0x00400000,token_info_flags,spec -CKF_DUAL_CRYPTO_OPERATIONS,0x00000200,token_info_flags,spec -CKF_USER_PIN_TO_BE_CHANGED,0x00080000,token_info_flags,spec -CKF_CLOCK_ON_TOKEN,0x00000040,token_info_flags,spec -CKF_USER_PIN_COUNT_LOW,0x00010000,token_info_flags,spec -CKF_USER_PIN_INITIALIZED,0x00000008,token_info_flags,spec -CKF_SO_PIN_TO_BE_CHANGED,0x00800000,token_info_flags,spec -CKU_SO,0x00000000,user_types,spec -CKU_USER,0x00000001,user_types,spec -CKU_CONTEXT_SPECIFIC,0x00000002,user_types,spec diff --git a/working/identifier_db/release.pl b/working/identifier_db/release.pl deleted file mode 100755 index c55d92b..0000000 --- a/working/identifier_db/release.pl +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/perl -# -# get the source file -# read the database -sub print_types; - -my $database_file="raw_ids.db"; -glob %types = (); -glob %database_name = (); -glob %database_number = (); -glob %database_disposition = (); -glob %types_max = (); -glob %types_bits = (); -my %source_types = (); -my $source_type_order = ""; -my %source_max_len = (); -my %conflict_names = (); -my %conflict_old_number = (); -my %conflict_new_number = (); - -open(my $database, "<", $database_file) or die "Can't open $database_file: $!"; -while (<$database>){ - chomp; - @db = split(","); - $name = $db[0]; - $number_string = $db[1]; - $type = $db[2]; - $disposition = $db[3]; - $number=hex($number_string); - #if ($number eq 0) die "invalid db entry\n >> $_"; - $index=$type."_".$number; - $types{$type}=$types{$type}." ".$number; - if ($types_max{$type} < $number) { - $types_max{$type} = $number; - } - $types_bits{$type} |= $number; - $database_name{$index} = $name; - $database_disposition{$index} = $disposition; - if ($disposition eq "proposed") { - printf "warning proposed identifier: $name 0x%08xUL ($type)\n", $number; - } - if ($disposition eq "approved") { - printf "moving $name 0x%08xUL ($type) from approved->spec\n", $number; - $database_disposition{$index} = "spec"; - } -} -close($database); - -#output the new database -open(my $database, ">", $database_file) or die "Can't write $database_file: $!"; -for $type (sort keys %types) { - for (sort split(" ",$types{$type}) ) { - $index=$type."_".$_; - printf $database "$database_name{$index},0x%08x,$type,$database_disposition{$index}\n",$_; - } -} -close($database); diff --git a/working/identifier_db/sample.prop b/working/identifier_db/sample.prop deleted file mode 100644 index 22793dc..0000000 --- a/working/identifier_db/sample.prop +++ /dev/null @@ -1,11 +0,0 @@ -Sample proposal - -Key_types -#define CKK_SAMPLE 0x00000022 - -Mechanisms -#define CKM_SAMPLE_KEY_GEN 0x000000XX -#define CKM_SAMPLE 0x000000XX - -Slot_info_flags -#define CKF_SAMPLE 0x00000002 diff --git a/working/identifier_db/system_ids.db b/working/identifier_db/system_ids.db deleted file mode 100644 index 1513356..0000000 --- a/working/identifier_db/system_ids.db +++ /dev/null @@ -1,5 +0,0 @@ -CKF_ARRAY_ATTRIBUTE,0x40000000,system_values,spec -CK_INVALID_HANDLE,0x00000000,system_values,spec -CK_EFFECTIVELY_INFINITE,0x00000000,system_values,spec -CK_FALSE,0x00000000,system_values,spec -CK_TRUE,0x00000001,system_values,spec diff --git a/working/identifier_db/verify.pl b/working/identifier_db/verify.pl deleted file mode 100755 index 5f74fac..0000000 --- a/working/identifier_db/verify.pl +++ /dev/null @@ -1,274 +0,0 @@ -#!/bin/perl -# -# get the source file -# read the database -sub print_types; -sub isflag; - -my $database_file="raw_ids.db"; -my $system_file="system_ids.db"; -my $alias_file="aliases.db"; -my $default_header = "../3-01-wd-01/pkcs11t.h"; -glob %types = (); -glob %database_name = (); -glob %database_number = (); -glob %database_disposition = (); -glob %header_number = (); -glob %header_found = (); -glob %header_present = (); -glob %aliases= (); -glob %types_max = (); -glob %types_bits = (); -glob $verifyHeaderFull=0; - - -if ($ARGV[0] eq "help") { - print "usage: verify.pl [dump|types|{type}|{disposition}|header [full] {path}|help]\n"; - print " no args: look for inconsistances within the database\n"; - print " dump: dump the full database as #defines\n"; - print " types: list all the current types in the database\n"; - print " {type}: supply a type value. All entries of type {type} are printed\n"; - print " {disposition}: supply a disposition value. All entries of disposition\n"; - print " {disposition} are printed\n"; - print " header: verify the header against the database.\n"; - print " If full is specified, then expect proposed entries to be\n"; - print " the database. If it's not specified then proposed entries\n"; - print " are not expected to be in the database.\n"; - print " If {path} is not suppled, $default_header will be read.\n"; - exit 0; -} - -if ($ARGV[0] eq "header") { - my $header_file = $ARGV[1]; - - if ($header_file eq "full") { - $header_file = $ARGV[2]; - $verifyHeaderFull = 1; - } - if ($header_file eq "") { - $header_file = $default_header; - } - - # read the source - open(my $header, "<", $header_file) or die "Can't open $header_file: $!"; - while (<$header>) { - chomp; # clear out new line - next if /^$/; # skip blank line - @db = split(" "); - if ($db[0] ne "#define") { # only interested in #define lines - next; - } - $name=$db[1]; - $number=hex($db[2]); - # Some attributes have the CKF_ARRAY_ATTRIBUTE flag - if (($number == 0) and (substr($db[2],1,19) eq "CKF_ARRAY_ATTRIBUTE")) { - $number=hex(substr($db[2],21)); - } - # handle a substitution - if (($number == 0xc) and (substr($db[2],0,2) eq "CK")) { - $number = $header_number{$db[2]}; - } - $header_number{$name} = $number; - $header_found{$name} = 0; - $header_present{$name} = 1; - $header_line{$name} = $_; - # give VENDER_DEFINED a pass - if (($number == 0x80000000) && (substr($name,4) eq "VENDOR_DEFINED")) { - $header_found{$name} = 1; - } - } - close ($header); - - #read in aliases - open(my $alias, "<", $alias_file); - while (<$alias>) { - chomp; # clear out new line - next if /^$/; # skip blank line - @db = split(" "); - $aliases{$db[0]} = $db[1]; - } - close($alias); - print "Defines missing from header or mismatched\n"; -} - -open(my $database, "<", $database_file) or die "Can't open $database_file: $!"; -while (<$database>){ - chomp; - @db = split(","); - $name = $db[0]; - $number_string = $db[1]; - $type = $db[2]; - $disposition = $db[3]; - $number=hex($number_string); -# if ($number eq 0) { -# printf "invalid db entry: number is zero\n >> $_\n"; -# next; -# } - if (isflag($type)) { - if ($type_bits{$type} & $number) { - printf("invalid db entry: overlapping flags: $name, 0x%08x\n >>$_\n",$number); - next; - } - } - my $index=$type."_".$number; - if (exists $database_name{$index}) { - printf "invalid db entry: duplicate value for\n"; - printf "$database_name{$index} and $name\n >>$_\n"; - next; - } - if (exists $database_number{$name}) { - printf "invalid db entry: duplicate name: $name \n"; - printf "0x%08x and 0x%08x\n >>$_\n",$databas_number{$name},$number; - next; - } - $types{$type}=$types{$type}." ".$number; - if ($types_max{$type} < $number) { - $types_max{$type} = $number; - } - $types_bits{$type} |= $number; - $database_name{$index} = $name; - $database_disposition{$index} = $disposition; - $datase_number{$name} = $number; - if ($ARGV[0] eq "header") { - $flag_missing = 0; - if (($verifyHeaderFull == 1) or ($disposition ne "proposed")) { - $flag_missing = 1; - } - if ($header_present{$name} == 1) { - $header_found{$name} = 1; - } - - if (($flag_missing == 1) and ($header_present{$name} == 0)) { - - printf " missing: #define %-20s 0x%08xUL /*$type - $disposition*/\n", - $name, $number; - next; - } - if ($flag_missing == 0) { - if ($header_present{$name} == 1) { - printf " proposed in header: $header_line{$name}\n"; - printf " #define %-20s 0x%08xUL /*$type - $disposition*/\n", - $name, $number; - } - next; - } - if ($header_number{$name} != $number) { - printf " mismatch: $name, header: $header_line{$name}\n"; - printf " #define %-20s 0x%08xUL /* $type - $disposition db */\n", - $name, $number; - } - next; - } - if ($ARGV[0] eq "dump") { - printf "#define %-20s 0x%08xUL /* $type - $disposition */\n", $name,$number; - } - if ($ARGV[0] eq $disposition) { - printf "#define %-20s 0x%08xUL /* $type */\n", $name,$number; - } - if ($ARGV[0] eq $type) { - printf "#define %-20s 0x%08xUL /* $disposition */\n", $name, $number; - } -} -close($database); - -open(my $systembase, "<", $system_file) or die "Can't open $system_file: $!"; -while (<$systembase>){ - chomp; - @db = split(","); - $name = $db[0]; - $number_string = $db[1]; - $type = $db[2]; - $disposition = $db[3]; - $number=hex($number_string); - if (exists $system_number{$name}) { - printf "invalid db entry: duplicate name: $name \n"; - printf "0x%08x and 0x%08x\n >>$_\n",$databas_number{$name},$number; - next; - } - $system_number{$name} = $number; - if ($ARGV[0] eq "header") { - $flag_missing = 0; - if (($verifyHeaderFull == 1) or ($disposition ne "proposed")) { - $flag_missing = 1; - } - if ($header_present{$name} == 1) { - $header_found{$name} = 1; - } - - if (($flag_missing == 1) and ($header_present{$name} == 0)) { - - printf " missing: #define %-20s 0x%08xUL /* system - $disposition*/\n", - $name, $number; - next; - } - if ($flag_missing == 0) { - if ($header_present{$name} == 1) { - printf " proposed in header: $header_line{$name}\n"; - printf " #define %-20s 0x%08xUL /* system - $disposition*/\n", - $name, $number; - } - next; - } - if ($header_number{$name} != $number) { - printf " mismatch: $name, header: $header_line{$name}\n"; - printf " #define %-20s 0x%08xUL /* system - $disposition db */\n", - $name, $number; - } - next; - } - if ($ARGV[0] eq "dump") { - printf "#define %-20s 0x%08xUL /* system - $disposition */\n", $name,$number; - } - if ($ARGV[0] eq $disposition) { - printf "#define %-20s 0x%08xUL /* system */\n", $name,$number; - } - if ($ARGV[0] eq "system") { - printf "#define %-20s 0x%08xUL /* $disposition */\n", $name, $number; - } -} -close($systembase); - -# output results -# -if ($ARGV[0] eq "dump" or $ARGV[0] eq "types") { - print_types(); -} - -if ($ARGV[0] eq "header") { - print_not_tracked(); -} - - -sub print_types -{ - print "Valid Type:\n"; - for $type (sort keys %types) { - print " $type"; - if (isflag($type)) { - printf " flagBits=0x%08x open=0x%08x\n",$types_bits{$type}, - (~$types_bits{$type} & 0xffffffff); - } else { - printf " nextValue=0x%08x\n",$types_max{$type}+1; - } - } -} - -sub isflag -{ - my ($type) = @_; - return substr($type,-6) eq "_flags"; -} - -sub print_not_tracked -{ - print "Defines not tracked in the database:\n"; - for $name (sort keys %header_found) { - if ($header_found{$name} == 0 ) { - if ($header_found{$aliases{$name}} == 1) { - next; - } - printf(" $header_line{$name}\n"); - #printf(" #define %-20s 0x%08xUL\n",$name,$header_number{$name}); - } - } -} diff --git a/working/identifier_db/xmss.prop b/working/identifier_db/xmss.prop deleted file mode 100644 index 12cc13b..0000000 --- a/working/identifier_db/xmss.prop +++ /dev/null @@ -1,21 +0,0 @@ -XMSS and XMSSMT definitions - -Errors: -#define CKR_KEY_EXHAUSTED 0x00000203UL - - -Key types: -#define CKK_XMSS 0x00000047UL -#define CKK_XMSSMT 0x00000048UL - - -Mechanisms: -#define CKM_XMSS_KEY_PAIR_GEN 0x00004033UL -#define CKM_XMSSMT_KEY_PAIR_GEN 0x00004034UL -#define CKM_XMSS 0x00004035UL -#define CKM_XMSSMT 0x00004036UL - - -Attributes: -#define CKA_XMSS_PARAMS 0x00000615UL -#define CKA_XMSSMT_PARAMS 0x00000616UL diff --git a/working/identifier_db/xmss.result b/working/identifier_db/xmss.result deleted file mode 100644 index 28f6f17..0000000 --- a/working/identifier_db/xmss.result +++ /dev/null @@ -1,35 +0,0 @@ -In accordance to our standing rules, the following identifiers have been -allocated for your proposal "XMSS and XMSSMT proposal". - -Errors: - - #define CKR_KEY_EXHAUSTED 0x00000203UL - -Key types: - - #define CKK_XMSS 0x00000047UL - #define CKK_XMSSMT 0x00000048UL - -Mechanisms: - - #define CKM_XMSS_KEY_PAIR_GEN 0x00004034UL - #define CKM_XMSSMT_KEY_PAIR_GEN 0x00004035UL - #define CKM_XMSS 0x00004036UL - #define CKM_XMSSMT 0x00004037UL - -Attributes: - - #define CKA_XMSS_PARAMS 0x00000615UL - #define CKA_XMSSMT_PARAMS 0x00000616UL - -This represents the following changes to your original proposal: - CKM_XMSS_KEY_PAIR_GEN was changed to 0x4034 because the proposed 0x4033 - conflicted with CKM_HSS - CKM_XMSSMT_KEY_PAIR_GEN was changed to 0x4035 because the proposed 0x4034 - conflicted with CKM_XMSS_KEY_PAIR_GEN - CKM_XMSS was changed to 0x4036 because the proposed 0x4035 - conflicted with CKM_XMSSMT_KEY_PAIR_GEN - CKM_XMSSMT was changed to 0x4037 because the proposed 0x4036 - conflicted with CKM_XMSS - -Please update your spec before sending it to ballot.