pam_pkcs11 0.6.12
pkcs11f.h
Go to the documentation of this file.
1/* pkcs11f.h include file for PKCS #11. */
2/* $Revision: 1.4 $ */
3
4/* License to copy and use this software is granted provided that it is
5 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
6 * (Cryptoki)" in all material mentioning or referencing this software.
7
8 * License is also granted to make and use derivative works provided that
9 * such works are identified as "derived from the RSA Security Inc. PKCS #11
10 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
11 * referencing the derived work.
12
13 * RSA Security Inc. makes no representations concerning either the
14 * merchantability of this software or the suitability of this software for
15 * any particular purpose. It is provided "as is" without express or implied
16 * warranty of any kind.
17 */
18
19/* This header file contains pretty much everything about all the */
20/* Cryptoki function prototypes. Because this information is */
21/* used for more than just declaring function prototypes, the */
22/* order of the functions appearing herein is important, and */
23/* should not be altered. */
24
25/* General-purpose */
26
27/* C_Initialize initializes the Cryptoki library. */
28CK_PKCS11_FUNCTION_INFO(C_Initialize)
29#ifdef CK_NEED_ARG_LIST
30 (CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
31 * cast to CK_C_INITIALIZE_ARGS_PTR
32 * and dereferenced */
33 );
34#endif
35
36
37/* C_Finalize indicates that an application is done with the
38 * Cryptoki library. */
40#ifdef CK_NEED_ARG_LIST
41 (CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
42 );
43#endif
44
45
46/* C_GetInfo returns general information about Cryptoki. */
48#ifdef CK_NEED_ARG_LIST
49 (CK_INFO_PTR pInfo /* location that receives information */
50 );
51#endif
52
53
54/* C_GetFunctionList returns the function list. */
55CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
56#ifdef CK_NEED_ARG_LIST
57 (CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
58 * function list */
59 );
60#endif
61
62
63
64/* Slot and token management */
65
66/* C_GetSlotList obtains a list of slots in the system. */
67CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
68#ifdef CK_NEED_ARG_LIST
69 (CK_BBOOL tokenPresent, /* only slots with tokens? */
70 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
71 CK_ULONG_PTR pulCount /* receives number of slots */
72 );
73#endif
74
75
76/* C_GetSlotInfo obtains information about a particular slot in
77 * the system. */
78CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
79#ifdef CK_NEED_ARG_LIST
80 (CK_SLOT_ID slotID, /* the ID of the slot */
81 CK_SLOT_INFO_PTR pInfo /* receives the slot information */
82 );
83#endif
84
85
86/* C_GetTokenInfo obtains information about a particular token
87 * in the system. */
88CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
89#ifdef CK_NEED_ARG_LIST
90 (CK_SLOT_ID slotID, /* ID of the token's slot */
91 CK_TOKEN_INFO_PTR pInfo /* receives the token information */
92 );
93#endif
94
95
96/* C_GetMechanismList obtains a list of mechanism types
97 * supported by a token. */
98CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
99#ifdef CK_NEED_ARG_LIST
100 (CK_SLOT_ID slotID, /* ID of token's slot */
101 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
102 CK_ULONG_PTR pulCount /* gets # of mechs. */
103 );
104#endif
105
106
107/* C_GetMechanismInfo obtains information about a particular
108 * mechanism possibly supported by a token. */
109CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
110#ifdef CK_NEED_ARG_LIST
111 (CK_SLOT_ID slotID, /* ID of the token's slot */
112 CK_MECHANISM_TYPE type, /* type of mechanism */
113 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
114 );
115#endif
116
117
118/* C_InitToken initializes a token. */
119CK_PKCS11_FUNCTION_INFO(C_InitToken)
120#ifdef CK_NEED_ARG_LIST
121/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
122 (CK_SLOT_ID slotID, /* ID of the token's slot */
123 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
124 CK_ULONG ulPinLen, /* length in bytes of the PIN */
125 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
126 );
127#endif
128
129
130/* C_InitPIN initializes the normal user's PIN. */
132#ifdef CK_NEED_ARG_LIST
133 (CK_SESSION_HANDLE hSession, /* the session's handle */
134 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
135 CK_ULONG ulPinLen /* length in bytes of the PIN */
136 );
137#endif
138
139
140/* C_SetPIN modifies the PIN of the user who is logged in. */
142#ifdef CK_NEED_ARG_LIST
143 (CK_SESSION_HANDLE hSession, /* the session's handle */
144 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
145 CK_ULONG ulOldLen, /* length of the old PIN */
146 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
147 CK_ULONG ulNewLen /* length of the new PIN */
148 );
149#endif
150
151
152
153/* Session management */
154
155/* C_OpenSession opens a session between an application and a
156 * token. */
157CK_PKCS11_FUNCTION_INFO(C_OpenSession)
158#ifdef CK_NEED_ARG_LIST
159 (CK_SLOT_ID slotID, /* the slot's ID */
160 CK_FLAGS flags, /* from CK_SESSION_INFO */
161 CK_VOID_PTR pApplication, /* passed to callback */
162 CK_NOTIFY Notify, /* callback function */
163 CK_SESSION_HANDLE_PTR phSession /* gets session handle */
164 );
165#endif
166
167
168/* C_CloseSession closes a session between an application and a
169 * token. */
170CK_PKCS11_FUNCTION_INFO(C_CloseSession)
171#ifdef CK_NEED_ARG_LIST
172 (CK_SESSION_HANDLE hSession /* the session's handle */
173 );
174#endif
175
176
177/* C_CloseAllSessions closes all sessions with a token. */
178CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
179#ifdef CK_NEED_ARG_LIST
180 (CK_SLOT_ID slotID /* the token's slot */
181 );
182#endif
183
184
185/* C_GetSessionInfo obtains information about the session. */
186CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
187#ifdef CK_NEED_ARG_LIST
188 (CK_SESSION_HANDLE hSession, /* the session's handle */
189 CK_SESSION_INFO_PTR pInfo /* receives session info */
190 );
191#endif
192
193
194/* C_GetOperationState obtains the state of the cryptographic operation
195 * in a session. */
196CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
197#ifdef CK_NEED_ARG_LIST
198 (CK_SESSION_HANDLE hSession, /* session's handle */
199 CK_BYTE_PTR pOperationState, /* gets state */
200 CK_ULONG_PTR pulOperationStateLen /* gets state length */
201 );
202#endif
203
204
205/* C_SetOperationState restores the state of the cryptographic
206 * operation in a session. */
207CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
208#ifdef CK_NEED_ARG_LIST
209 (CK_SESSION_HANDLE hSession, /* session's handle */
210 CK_BYTE_PTR pOperationState, /* holds state */
211 CK_ULONG ulOperationStateLen, /* holds state length */
212 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
213 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
214 );
215#endif
216
217
218/* C_Login logs a user into a token. */
220#ifdef CK_NEED_ARG_LIST
221 (CK_SESSION_HANDLE hSession, /* the session's handle */
222 CK_USER_TYPE userType, /* the user type */
223 CK_UTF8CHAR_PTR pPin, /* the user's PIN */
224 CK_ULONG ulPinLen /* the length of the PIN */
225 );
226#endif
227
228
229/* C_Logout logs a user out from a token. */
231#ifdef CK_NEED_ARG_LIST
232 (CK_SESSION_HANDLE hSession /* the session's handle */
233 );
234#endif
235
236
237
238/* Object management */
239
240/* C_CreateObject creates a new object. */
241CK_PKCS11_FUNCTION_INFO(C_CreateObject)
242#ifdef CK_NEED_ARG_LIST
243 (CK_SESSION_HANDLE hSession, /* the session's handle */
244 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
245 CK_ULONG ulCount, /* attributes in template */
246 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
247 );
248#endif
249
250
251/* C_CopyObject copies an object, creating a new object for the
252 * copy. */
253CK_PKCS11_FUNCTION_INFO(C_CopyObject)
254#ifdef CK_NEED_ARG_LIST
255 (CK_SESSION_HANDLE hSession, /* the session's handle */
256 CK_OBJECT_HANDLE hObject, /* the object's handle */
257 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
258 CK_ULONG ulCount, /* attributes in template */
259 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
260 );
261#endif
262
263
264/* C_DestroyObject destroys an object. */
265CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
266#ifdef CK_NEED_ARG_LIST
267 (CK_SESSION_HANDLE hSession, /* the session's handle */
268 CK_OBJECT_HANDLE hObject /* the object's handle */
269 );
270#endif
271
272
273/* C_GetObjectSize gets the size of an object in bytes. */
274CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
275#ifdef CK_NEED_ARG_LIST
276 (CK_SESSION_HANDLE hSession, /* the session's handle */
277 CK_OBJECT_HANDLE hObject, /* the object's handle */
278 CK_ULONG_PTR pulSize /* receives size of object */
279 );
280#endif
281
282
283/* C_GetAttributeValue obtains the value of one or more object
284 * attributes. */
285CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
286#ifdef CK_NEED_ARG_LIST
287 (CK_SESSION_HANDLE hSession, /* the session's handle */
288 CK_OBJECT_HANDLE hObject, /* the object's handle */
289 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
290 CK_ULONG ulCount /* attributes in template */
291 );
292#endif
293
294
295/* C_SetAttributeValue modifies the value of one or more object
296 * attributes */
297CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
298#ifdef CK_NEED_ARG_LIST
299 (CK_SESSION_HANDLE hSession, /* the session's handle */
300 CK_OBJECT_HANDLE hObject, /* the object's handle */
301 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
302 CK_ULONG ulCount /* attributes in template */
303 );
304#endif
305
306
307/* C_FindObjectsInit initializes a search for token and session
308 * objects that match a template. */
309CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
310#ifdef CK_NEED_ARG_LIST
311 (CK_SESSION_HANDLE hSession, /* the session's handle */
312 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
313 CK_ULONG ulCount /* attrs in search template */
314 );
315#endif
316
317
318/* C_FindObjects continues a search for token and session
319 * objects that match a template, obtaining additional object
320 * handles. */
321CK_PKCS11_FUNCTION_INFO(C_FindObjects)
322#ifdef CK_NEED_ARG_LIST
323 (CK_SESSION_HANDLE hSession, /* session's handle */
324 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
325 CK_ULONG ulMaxObjectCount, /* max handles to get */
326 CK_ULONG_PTR pulObjectCount /* actual # returned */
327 );
328#endif
329
330
331/* C_FindObjectsFinal finishes a search for token and session
332 * objects. */
333CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
334#ifdef CK_NEED_ARG_LIST
335 (CK_SESSION_HANDLE hSession /* the session's handle */
336 );
337#endif
338
339
340
341/* Encryption and decryption */
342
343/* C_EncryptInit initializes an encryption operation. */
344CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
345#ifdef CK_NEED_ARG_LIST
346 (CK_SESSION_HANDLE hSession, /* the session's handle */
347 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
348 CK_OBJECT_HANDLE hKey /* handle of encryption key */
349 );
350#endif
351
352
353/* C_Encrypt encrypts single-part data. */
355#ifdef CK_NEED_ARG_LIST
356 (CK_SESSION_HANDLE hSession, /* session's handle */
357 CK_BYTE_PTR pData, /* the plaintext data */
358 CK_ULONG ulDataLen, /* bytes of plaintext */
359 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
360 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
361 );
362#endif
363
364
365/* C_EncryptUpdate continues a multiple-part encryption
366 * operation. */
367CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
368#ifdef CK_NEED_ARG_LIST
369 (CK_SESSION_HANDLE hSession, /* session's handle */
370 CK_BYTE_PTR pPart, /* the plaintext data */
371 CK_ULONG ulPartLen, /* plaintext data len */
372 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
373 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
374 );
375#endif
376
377
378/* C_EncryptFinal finishes a multiple-part encryption
379 * operation. */
380CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
381#ifdef CK_NEED_ARG_LIST
382 (CK_SESSION_HANDLE hSession, /* session handle */
383 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
384 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
385 );
386#endif
387
388
389/* C_DecryptInit initializes a decryption operation. */
390CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
391#ifdef CK_NEED_ARG_LIST
392 (CK_SESSION_HANDLE hSession, /* the session's handle */
393 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
394 CK_OBJECT_HANDLE hKey /* handle of decryption key */
395 );
396#endif
397
398
399/* C_Decrypt decrypts encrypted data in a single part. */
401#ifdef CK_NEED_ARG_LIST
402 (CK_SESSION_HANDLE hSession, /* session's handle */
403 CK_BYTE_PTR pEncryptedData, /* ciphertext */
404 CK_ULONG ulEncryptedDataLen, /* ciphertext length */
405 CK_BYTE_PTR pData, /* gets plaintext */
406 CK_ULONG_PTR pulDataLen /* gets p-text size */
407 );
408#endif
409
410
411/* C_DecryptUpdate continues a multiple-part decryption
412 * operation. */
413CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
414#ifdef CK_NEED_ARG_LIST
415 (CK_SESSION_HANDLE hSession, /* session's handle */
416 CK_BYTE_PTR pEncryptedPart, /* encrypted data */
417 CK_ULONG ulEncryptedPartLen, /* input length */
418 CK_BYTE_PTR pPart, /* gets plaintext */
419 CK_ULONG_PTR pulPartLen /* p-text size */
420 );
421#endif
422
423
424/* C_DecryptFinal finishes a multiple-part decryption
425 * operation. */
426CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
427#ifdef CK_NEED_ARG_LIST
428 (CK_SESSION_HANDLE hSession, /* the session's handle */
429 CK_BYTE_PTR pLastPart, /* gets plaintext */
430 CK_ULONG_PTR pulLastPartLen /* p-text size */
431 );
432#endif
433
434
435
436/* Message digesting */
437
438/* C_DigestInit initializes a message-digesting operation. */
439CK_PKCS11_FUNCTION_INFO(C_DigestInit)
440#ifdef CK_NEED_ARG_LIST
441 (CK_SESSION_HANDLE hSession, /* the session's handle */
442 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
443 );
444#endif
445
446
447/* C_Digest digests data in a single part. */
449#ifdef CK_NEED_ARG_LIST
450 (CK_SESSION_HANDLE hSession, /* the session's handle */
451 CK_BYTE_PTR pData, /* data to be digested */
452 CK_ULONG ulDataLen, /* bytes of data to digest */
453 CK_BYTE_PTR pDigest, /* gets the message digest */
454 CK_ULONG_PTR pulDigestLen /* gets digest length */
455 );
456#endif
457
458
459/* C_DigestUpdate continues a multiple-part message-digesting
460 * operation. */
461CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
462#ifdef CK_NEED_ARG_LIST
463 (CK_SESSION_HANDLE hSession, /* the session's handle */
464 CK_BYTE_PTR pPart, /* data to be digested */
465 CK_ULONG ulPartLen /* bytes of data to be digested */
466 );
467#endif
468
469
470/* C_DigestKey continues a multi-part message-digesting
471 * operation, by digesting the value of a secret key as part of
472 * the data already digested. */
473CK_PKCS11_FUNCTION_INFO(C_DigestKey)
474#ifdef CK_NEED_ARG_LIST
475 (CK_SESSION_HANDLE hSession, /* the session's handle */
476 CK_OBJECT_HANDLE hKey /* secret key to digest */
477 );
478#endif
479
480
481/* C_DigestFinal finishes a multiple-part message-digesting
482 * operation. */
483CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
484#ifdef CK_NEED_ARG_LIST
485 (CK_SESSION_HANDLE hSession, /* the session's handle */
486 CK_BYTE_PTR pDigest, /* gets the message digest */
487 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
488 );
489#endif
490
491
492
493/* Signing and MACing */
494
495/* C_SignInit initializes a signature (private key encryption)
496 * operation, where the signature is (will be) an appendix to
497 * the data, and plaintext cannot be recovered from the
498 *signature. */
499CK_PKCS11_FUNCTION_INFO(C_SignInit)
500#ifdef CK_NEED_ARG_LIST
501 (CK_SESSION_HANDLE hSession, /* the session's handle */
502 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
503 CK_OBJECT_HANDLE hKey /* handle of signature key */
504 );
505#endif
506
507
508/* C_Sign signs (encrypts with private key) data in a single
509 * part, where the signature is (will be) an appendix to the
510 * data, and plaintext cannot be recovered from the signature. */
512#ifdef CK_NEED_ARG_LIST
513 (CK_SESSION_HANDLE hSession, /* the session's handle */
514 CK_BYTE_PTR pData, /* the data to sign */
515 CK_ULONG ulDataLen, /* count of bytes to sign */
516 CK_BYTE_PTR pSignature, /* gets the signature */
517 CK_ULONG_PTR pulSignatureLen /* gets signature length */
518 );
519#endif
520
521
522/* C_SignUpdate continues a multiple-part signature operation,
523 * where the signature is (will be) an appendix to the data,
524 * and plaintext cannot be recovered from the signature. */
525CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
526#ifdef CK_NEED_ARG_LIST
527 (CK_SESSION_HANDLE hSession, /* the session's handle */
528 CK_BYTE_PTR pPart, /* the data to sign */
529 CK_ULONG ulPartLen /* count of bytes to sign */
530 );
531#endif
532
533
534/* C_SignFinal finishes a multiple-part signature operation,
535 * returning the signature. */
536CK_PKCS11_FUNCTION_INFO(C_SignFinal)
537#ifdef CK_NEED_ARG_LIST
538 (CK_SESSION_HANDLE hSession, /* the session's handle */
539 CK_BYTE_PTR pSignature, /* gets the signature */
540 CK_ULONG_PTR pulSignatureLen /* gets signature length */
541 );
542#endif
543
544
545/* C_SignRecoverInit initializes a signature operation, where
546 * the data can be recovered from the signature. */
547CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
548#ifdef CK_NEED_ARG_LIST
549 (CK_SESSION_HANDLE hSession, /* the session's handle */
550 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
551 CK_OBJECT_HANDLE hKey /* handle of the signature key */
552 );
553#endif
554
555
556/* C_SignRecover signs data in a single operation, where the
557 * data can be recovered from the signature. */
558CK_PKCS11_FUNCTION_INFO(C_SignRecover)
559#ifdef CK_NEED_ARG_LIST
560 (CK_SESSION_HANDLE hSession, /* the session's handle */
561 CK_BYTE_PTR pData, /* the data to sign */
562 CK_ULONG ulDataLen, /* count of bytes to sign */
563 CK_BYTE_PTR pSignature, /* gets the signature */
564 CK_ULONG_PTR pulSignatureLen /* gets signature length */
565 );
566#endif
567
568
569
570/* Verifying signatures and MACs */
571
572/* C_VerifyInit initializes a verification operation, where the
573 * signature is an appendix to the data, and plaintext cannot
574 * cannot be recovered from the signature (e.g. DSA). */
575CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
576#ifdef CK_NEED_ARG_LIST
577 (CK_SESSION_HANDLE hSession, /* the session's handle */
578 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
579 CK_OBJECT_HANDLE hKey /* verification key */
580 );
581#endif
582
583
584/* C_Verify verifies a signature in a single-part operation,
585 * where the signature is an appendix to the data, and plaintext
586 * cannot be recovered from the signature. */
588#ifdef CK_NEED_ARG_LIST
589 (CK_SESSION_HANDLE hSession, /* the session's handle */
590 CK_BYTE_PTR pData, /* signed data */
591 CK_ULONG ulDataLen, /* length of signed data */
592 CK_BYTE_PTR pSignature, /* signature */
593 CK_ULONG ulSignatureLen /* signature length */
594 );
595#endif
596
597
598/* C_VerifyUpdate continues a multiple-part verification
599 * operation, where the signature is an appendix to the data,
600 * and plaintext cannot be recovered from the signature. */
601CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
602#ifdef CK_NEED_ARG_LIST
603 (CK_SESSION_HANDLE hSession, /* the session's handle */
604 CK_BYTE_PTR pPart, /* signed data */
605 CK_ULONG ulPartLen /* length of signed data */
606 );
607#endif
608
609
610/* C_VerifyFinal finishes a multiple-part verification
611 * operation, checking the signature. */
612CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
613#ifdef CK_NEED_ARG_LIST
614 (CK_SESSION_HANDLE hSession, /* the session's handle */
615 CK_BYTE_PTR pSignature, /* signature to verify */
616 CK_ULONG ulSignatureLen /* signature length */
617 );
618#endif
619
620
621/* C_VerifyRecoverInit initializes a signature verification
622 * operation, where the data is recovered from the signature. */
623CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
624#ifdef CK_NEED_ARG_LIST
625 (CK_SESSION_HANDLE hSession, /* the session's handle */
626 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
627 CK_OBJECT_HANDLE hKey /* verification key */
628 );
629#endif
630
631
632/* C_VerifyRecover verifies a signature in a single-part
633 * operation, where the data is recovered from the signature. */
634CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
635#ifdef CK_NEED_ARG_LIST
636 (CK_SESSION_HANDLE hSession, /* the session's handle */
637 CK_BYTE_PTR pSignature, /* signature to verify */
638 CK_ULONG ulSignatureLen, /* signature length */
639 CK_BYTE_PTR pData, /* gets signed data */
640 CK_ULONG_PTR pulDataLen /* gets signed data len */
641 );
642#endif
643
644
645
646/* Dual-function cryptographic operations */
647
648/* C_DigestEncryptUpdate continues a multiple-part digesting
649 * and encryption operation. */
650CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
651#ifdef CK_NEED_ARG_LIST
652 (CK_SESSION_HANDLE hSession, /* session's handle */
653 CK_BYTE_PTR pPart, /* the plaintext data */
654 CK_ULONG ulPartLen, /* plaintext length */
655 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
656 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
657 );
658#endif
659
660
661/* C_DecryptDigestUpdate continues a multiple-part decryption and
662 * digesting operation. */
663CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
664#ifdef CK_NEED_ARG_LIST
665 (CK_SESSION_HANDLE hSession, /* session's handle */
666 CK_BYTE_PTR pEncryptedPart, /* ciphertext */
667 CK_ULONG ulEncryptedPartLen, /* ciphertext length */
668 CK_BYTE_PTR pPart, /* gets plaintext */
669 CK_ULONG_PTR pulPartLen /* gets plaintext len */
670 );
671#endif
672
673
674/* C_SignEncryptUpdate continues a multiple-part signing and
675 * encryption operation. */
676CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
677#ifdef CK_NEED_ARG_LIST
678 (CK_SESSION_HANDLE hSession, /* session's handle */
679 CK_BYTE_PTR pPart, /* the plaintext data */
680 CK_ULONG ulPartLen, /* plaintext length */
681 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
682 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
683 );
684#endif
685
686
687/* C_DecryptVerifyUpdate continues a multiple-part decryption and
688 * verify operation. */
689CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
690#ifdef CK_NEED_ARG_LIST
691 (CK_SESSION_HANDLE hSession, /* session's handle */
692 CK_BYTE_PTR pEncryptedPart, /* ciphertext */
693 CK_ULONG ulEncryptedPartLen, /* ciphertext length */
694 CK_BYTE_PTR pPart, /* gets plaintext */
695 CK_ULONG_PTR pulPartLen /* gets p-text length */
696 );
697#endif
698
699
700
701/* Key management */
702
703/* C_GenerateKey generates a secret key, creating a new key
704 * object. */
705CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
706#ifdef CK_NEED_ARG_LIST
707 (CK_SESSION_HANDLE hSession, /* the session's handle */
708 CK_MECHANISM_PTR pMechanism, /* key generation mech. */
709 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
710 CK_ULONG ulCount, /* # of attrs in template */
711 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
712 );
713#endif
714
715
716/* C_GenerateKeyPair generates a public-key/private-key pair,
717 * creating new key objects. */
718CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
719#ifdef CK_NEED_ARG_LIST
720 (CK_SESSION_HANDLE hSession, /* session
721 * handle */
722 CK_MECHANISM_PTR pMechanism, /* key-gen
723 * mech. */
724 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template
725 * for pub.
726 * key */
727 CK_ULONG ulPublicKeyAttributeCount, /* # pub.
728 * attrs. */
729 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template
730 * for priv.
731 * key */
732 CK_ULONG ulPrivateKeyAttributeCount, /* # priv.
733 * attrs. */
734 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub.
735 * key
736 * handle */
737 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets
738 * priv. key
739 * handle */
740 );
741#endif
742
743
744/* C_WrapKey wraps (i.e., encrypts) a key. */
746#ifdef CK_NEED_ARG_LIST
747 (CK_SESSION_HANDLE hSession, /* the session's handle */
748 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
749 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
750 CK_OBJECT_HANDLE hKey, /* key to be wrapped */
751 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
752 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
753 );
754#endif
755
756
757/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
758 * key object. */
759CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
760#ifdef CK_NEED_ARG_LIST
761 (CK_SESSION_HANDLE hSession, /* session's handle */
762 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
763 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
764 CK_BYTE_PTR pWrappedKey, /* the wrapped key */
765 CK_ULONG ulWrappedKeyLen, /* wrapped key len */
766 CK_ATTRIBUTE_PTR pTemplate, /* new key template */
767 CK_ULONG ulAttributeCount, /* template length */
768 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
769 );
770#endif
771
772
773/* C_DeriveKey derives a key from a base key, creating a new key
774 * object. */
775CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
776#ifdef CK_NEED_ARG_LIST
777 (CK_SESSION_HANDLE hSession, /* session's handle */
778 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
779 CK_OBJECT_HANDLE hBaseKey, /* base key */
780 CK_ATTRIBUTE_PTR pTemplate, /* new key template */
781 CK_ULONG ulAttributeCount, /* template length */
782 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
783 );
784#endif
785
786
787
788/* Random number generation */
789
790/* C_SeedRandom mixes additional seed material into the token's
791 * random number generator. */
792CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
793#ifdef CK_NEED_ARG_LIST
794 (CK_SESSION_HANDLE hSession, /* the session's handle */
795 CK_BYTE_PTR pSeed, /* the seed material */
796 CK_ULONG ulSeedLen /* length of seed material */
797 );
798#endif
799
800
801/* C_GenerateRandom generates random data. */
802CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
803#ifdef CK_NEED_ARG_LIST
804 (CK_SESSION_HANDLE hSession, /* the session's handle */
805 CK_BYTE_PTR RandomData, /* receives the random data */
806 CK_ULONG ulRandomLen /* # of bytes to generate */
807 );
808#endif
809
810
811
812/* Parallel function management */
813
814/* C_GetFunctionStatus is a legacy function; it obtains an
815 * updated status of a function running in parallel with an
816 * application. */
817CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
818#ifdef CK_NEED_ARG_LIST
819 (CK_SESSION_HANDLE hSession /* the session's handle */
820 );
821#endif
822
823
824/* C_CancelFunction is a legacy function; it cancels a function
825 * running in parallel. */
826CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
827#ifdef CK_NEED_ARG_LIST
828 (CK_SESSION_HANDLE hSession /* the session's handle */
829 );
830#endif
831
832
833
834/* Functions added in for Cryptoki Version 2.01 or later */
835
836/* C_WaitForSlotEvent waits for a slot event (token insertion,
837 * removal, etc.) to occur. */
838CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
839#ifdef CK_NEED_ARG_LIST
840 (CK_FLAGS flags, /* blocking/nonblocking flag */
841 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
842 CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
843 );
844#endif
#define CK_PKCS11_FUNCTION_INFO(name)
Definition pkcs11.h:66
CK_NOTIFICATION CK_VOID_PTR pApplication
Definition pkcs11t.h:975
CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR
Definition pkcs11t.h:303
CK_INFO CK_PTR CK_INFO_PTR
Definition pkcs11t.h:102
CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR
Definition pkcs11t.h:986
unsigned long int CK_ULONG
Definition pkcs11t.h:52
CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR
Definition pkcs11t.h:138
CK_BYTE CK_PTR CK_BYTE_PTR
Definition pkcs11t.h:67
CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR
Definition pkcs11t.h:255
CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR
Definition pkcs11t.h:310
CK_ULONG CK_SLOT_ID
Definition pkcs11t.h:113
CK_ULONG CK_FLAGS
Definition pkcs11t.h:59
CK_ULONG CK_SESSION_HANDLE
Definition pkcs11t.h:260
CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR
Definition pkcs11t.h:506
CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR
Definition pkcs11t.h:774
CK_ULONG CK_USER_TYPE
Definition pkcs11t.h:268
CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR
Definition pkcs11t.h:834
CK_ULONG CK_MECHANISM_TYPE
Definition pkcs11t.h:521
CK_BYTE CK_BBOOL
Definition pkcs11t.h:49
void CK_PTR CK_VOID_PTR
Definition pkcs11t.h:71
CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR
Definition pkcs11t.h:115
CK_ULONG CK_OBJECT_HANDLE
Definition pkcs11t.h:308
CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR
Definition pkcs11t.h:262
CK_ULONG CK_PTR CK_ULONG_PTR
Definition pkcs11t.h:70
CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR
Definition pkcs11t.h:69
CK_MECHANISM CK_PTR CK_MECHANISM_PTR
Definition pkcs11t.h:788