Botan 3.10.0
Crypto and TLS for C&
p11.h
Go to the documentation of this file.
1/*
2* PKCS#11
3* (C) 2016 Daniel Neus, Sirrix AG
4* (C) 2016 Philipp Weber, Sirrix AG
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_P11_H_
10#define BOTAN_P11_H_
11
12#include <botan/exceptn.h>
13#include <botan/secmem.h>
14
15#include <map>
16#include <string>
17#include <vector>
18
19// NOLINTBEGIN(*-macro-usage,*-macro-parentheses)
20
21#define CK_PTR *
22
23#if defined(_MSC_VER)
24 #define CK_DECLARE_FUNCTION(returnType, name) returnType __declspec(dllimport) name
25#else
26 #define CK_DECLARE_FUNCTION(returnType, name) returnType name
27#endif
28
29#define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType(*name)
30
31#define CK_CALLBACK_FUNCTION(returnType, name) returnType(*name)
32
33#ifndef NULL_PTR
34 #define NULL_PTR nullptr
35#endif
36
37#if defined(_MSC_VER)
38 #pragma pack(push, cryptoki, 1)
39#endif
40
41// NOLINTEND(*-macro-usage,*-macro-parentheses)
42
43#include <pkcs11.h>
44
45#if defined(_MSC_VER)
46 #pragma pack(pop, cryptoki)
47#endif
48
49static_assert(
50 // NOLINTNEXTLINE(misc-redundant-expression) clang-tidy doesn't realize there are macros involved here
51 CRYPTOKI_VERSION_MAJOR == 2 && CRYPTOKI_VERSION_MINOR == 40,
52 "The Botan PKCS#11 module was implemented against PKCS#11 v2.40. Please use the correct PKCS#11 headers.");
53
54namespace Botan {
55
56class Dynamically_Loaded_Library;
57
58namespace PKCS11 {
59
60using secure_string = secure_vector<uint8_t>;
61
62// NOLINTBEGIN(*-enum-size)
63
64enum class AttributeType : CK_ATTRIBUTE_TYPE {
65 Class = CKA_CLASS,
66 Token = CKA_TOKEN,
67 Private = CKA_PRIVATE,
68 Label = CKA_LABEL,
69 Application = CKA_APPLICATION,
70 Value = CKA_VALUE,
71 ObjectId = CKA_OBJECT_ID,
72 CertificateType = CKA_CERTIFICATE_TYPE,
73 Issuer = CKA_ISSUER,
74 SerialNumber = CKA_SERIAL_NUMBER,
75 AcIssuer = CKA_AC_ISSUER,
76 Owner = CKA_OWNER,
77 AttrTypes = CKA_ATTR_TYPES,
78 Trusted = CKA_TRUSTED,
79 CertificateCategory = CKA_CERTIFICATE_CATEGORY,
80 JavaMidpSecurityDomain = CKA_JAVA_MIDP_SECURITY_DOMAIN,
81 Url = CKA_URL,
82 HashOfSubjectPublicKey = CKA_HASH_OF_SUBJECT_PUBLIC_KEY,
83 HashOfIssuerPublicKey = CKA_HASH_OF_ISSUER_PUBLIC_KEY,
84 NameHashAlgorithm = CKA_NAME_HASH_ALGORITHM,
85 CheckValue = CKA_CHECK_VALUE,
86 KeyType = CKA_KEY_TYPE,
87 Subject = CKA_SUBJECT,
88 Id = CKA_ID,
89 Sensitive = CKA_SENSITIVE,
90 Encrypt = CKA_ENCRYPT,
91 Decrypt = CKA_DECRYPT,
92 Wrap = CKA_WRAP,
93 Unwrap = CKA_UNWRAP,
94 Sign = CKA_SIGN,
95 SignRecover = CKA_SIGN_RECOVER,
96 Verify = CKA_VERIFY,
97 VerifyRecover = CKA_VERIFY_RECOVER,
98 Derive = CKA_DERIVE,
99 StartDate = CKA_START_DATE,
100 EndDate = CKA_END_DATE,
101 Modulus = CKA_MODULUS,
102 ModulusBits = CKA_MODULUS_BITS,
103 PublicExponent = CKA_PUBLIC_EXPONENT,
104 PrivateExponent = CKA_PRIVATE_EXPONENT,
105 Prime1 = CKA_PRIME_1,
106 Prime2 = CKA_PRIME_2,
107 Exponent1 = CKA_EXPONENT_1,
108 Exponent2 = CKA_EXPONENT_2,
109 Coefficient = CKA_COEFFICIENT,
110 PublicKeyInfo = CKA_PUBLIC_KEY_INFO,
111 Prime = CKA_PRIME,
112 Subprime = CKA_SUBPRIME,
113 Base = CKA_BASE,
114 PrimeBits = CKA_PRIME_BITS,
115 SubprimeBits = CKA_SUBPRIME_BITS,
116 SubPrimeBits = CKA_SUB_PRIME_BITS,
117 ValueBits = CKA_VALUE_BITS,
118 ValueLen = CKA_VALUE_LEN,
119 Extractable = CKA_EXTRACTABLE,
120 Local = CKA_LOCAL,
121 NeverExtractable = CKA_NEVER_EXTRACTABLE,
122 AlwaysSensitive = CKA_ALWAYS_SENSITIVE,
123 KeyGenMechanism = CKA_KEY_GEN_MECHANISM,
124 Modifiable = CKA_MODIFIABLE,
125 Copyable = CKA_COPYABLE,
126 Destroyable = CKA_DESTROYABLE,
127 EcdsaParams = CKA_ECDSA_PARAMS,
128 EcParams = CKA_EC_PARAMS,
129 EcPoint = CKA_EC_POINT,
130 SecondaryAuth = CKA_SECONDARY_AUTH,
131 AuthPinFlags = CKA_AUTH_PIN_FLAGS,
132 AlwaysAuthenticate = CKA_ALWAYS_AUTHENTICATE,
133 WrapWithTrusted = CKA_WRAP_WITH_TRUSTED,
134 WrapTemplate = CKA_WRAP_TEMPLATE,
135 UnwrapTemplate = CKA_UNWRAP_TEMPLATE,
136 DeriveTemplate = CKA_DERIVE_TEMPLATE,
137 OtpFormat = CKA_OTP_FORMAT,
138 OtpLength = CKA_OTP_LENGTH,
139 OtpTimeInterval = CKA_OTP_TIME_INTERVAL,
140 OtpUserFriendlyMode = CKA_OTP_USER_FRIENDLY_MODE,
141 OtpChallengeRequirement = CKA_OTP_CHALLENGE_REQUIREMENT,
142 OtpTimeRequirement = CKA_OTP_TIME_REQUIREMENT,
143 OtpCounterRequirement = CKA_OTP_COUNTER_REQUIREMENT,
144 OtpPinRequirement = CKA_OTP_PIN_REQUIREMENT,
145 OtpCounter = CKA_OTP_COUNTER,
146 OtpTime = CKA_OTP_TIME,
147 OtpUserIdentifier = CKA_OTP_USER_IDENTIFIER,
148 OtpServiceIdentifier = CKA_OTP_SERVICE_IDENTIFIER,
149 OtpServiceLogo = CKA_OTP_SERVICE_LOGO,
150 OtpServiceLogoType = CKA_OTP_SERVICE_LOGO_TYPE,
151 Gostr3410Params = CKA_GOSTR3410_PARAMS,
152 Gostr3411Params = CKA_GOSTR3411_PARAMS,
153 Gost28147Params = CKA_GOST28147_PARAMS,
154 HwFeatureType = CKA_HW_FEATURE_TYPE,
155 ResetOnInit = CKA_RESET_ON_INIT,
156 HasReset = CKA_HAS_RESET,
157 PixelX = CKA_PIXEL_X,
158 PixelY = CKA_PIXEL_Y,
159 Resolution = CKA_RESOLUTION,
160 CharRows = CKA_CHAR_ROWS,
161 CharColumns = CKA_CHAR_COLUMNS,
162 Color = CKA_COLOR,
163 BitsPerPixel = CKA_BITS_PER_PIXEL,
164 CharSets = CKA_CHAR_SETS,
165 EncodingMethods = CKA_ENCODING_METHODS,
166 MimeTypes = CKA_MIME_TYPES,
167 MechanismType = CKA_MECHANISM_TYPE,
168 RequiredCmsAttributes = CKA_REQUIRED_CMS_ATTRIBUTES,
169 DefaultCmsAttributes = CKA_DEFAULT_CMS_ATTRIBUTES,
170 SupportedCmsAttributes = CKA_SUPPORTED_CMS_ATTRIBUTES,
171 AllowedMechanisms = CKA_ALLOWED_MECHANISMS,
172 VendorDefined = CKA_VENDOR_DEFINED,
173};
174
181
182/// Indicates if a stored certificate is a user certificate for which the corresponding private key is available
183/// on the token ("token user"), a CA certificate ("authority"), or another end-entity certificate ("other entity").
190
202
203enum class Flag : CK_FLAGS {
204 None = 0,
205 TokenPresent = CKF_TOKEN_PRESENT,
206 RemovableDevice = CKF_REMOVABLE_DEVICE,
207 HwSlot = CKF_HW_SLOT,
208 Rng = CKF_RNG,
209 WriteProtected = CKF_WRITE_PROTECTED,
210 LoginRequired = CKF_LOGIN_REQUIRED,
211 UserPinInitialized = CKF_USER_PIN_INITIALIZED,
212 RestoreKeyNotNeeded = CKF_RESTORE_KEY_NOT_NEEDED,
213 ClockOnToken = CKF_CLOCK_ON_TOKEN,
214 ProtectedAuthenticationPath = CKF_PROTECTED_AUTHENTICATION_PATH,
215 DualCryptoOperations = CKF_DUAL_CRYPTO_OPERATIONS,
216 TokenInitialized = CKF_TOKEN_INITIALIZED,
217 SecondaryAuthentication = CKF_SECONDARY_AUTHENTICATION,
218 UserPinCountLow = CKF_USER_PIN_COUNT_LOW,
219 UserPinFinalTry = CKF_USER_PIN_FINAL_TRY,
220 UserPinLocked = CKF_USER_PIN_LOCKED,
221 UserPinToBeChanged = CKF_USER_PIN_TO_BE_CHANGED,
222 SoPinCountLow = CKF_SO_PIN_COUNT_LOW,
223 SoPinFinalTry = CKF_SO_PIN_FINAL_TRY,
224 SoPinLocked = CKF_SO_PIN_LOCKED,
225 SoPinToBeChanged = CKF_SO_PIN_TO_BE_CHANGED,
226 ErrorState = CKF_ERROR_STATE,
227 RwSession = CKF_RW_SESSION,
228 SerialSession = CKF_SERIAL_SESSION,
229 ArrayAttribute = CKF_ARRAY_ATTRIBUTE,
230 Hw = CKF_HW,
231 Encrypt = CKF_ENCRYPT,
232 Decrypt = CKF_DECRYPT,
233 Digest = CKF_DIGEST,
234 Sign = CKF_SIGN,
235 SignRecover = CKF_SIGN_RECOVER,
236 Verify = CKF_VERIFY,
237 VerifyRecover = CKF_VERIFY_RECOVER,
238 Generate = CKF_GENERATE,
239 GenerateKeyPair = CKF_GENERATE_KEY_PAIR,
240 Wrap = CKF_WRAP,
241 Unwrap = CKF_UNWRAP,
242 Derive = CKF_DERIVE,
243 EcFP = CKF_EC_F_P,
244 EcF2m = CKF_EC_F_2M,
245 EcEcparameters = CKF_EC_ECPARAMETERS,
246 EcNamedcurve = CKF_EC_NAMEDCURVE,
247 EcUncompress = CKF_EC_UNCOMPRESS,
248 EcCompress = CKF_EC_COMPRESS,
249 Extension = CKF_EXTENSION,
250 LibraryCantCreateOsThreads = CKF_LIBRARY_CANT_CREATE_OS_THREADS,
251 OsLockingOk = CKF_OS_LOCKING_OK,
252 DontBlock = CKF_DONT_BLOCK,
253 NextOtp = CKF_NEXT_OTP,
254 ExcludeTime = CKF_EXCLUDE_TIME,
255 ExcludeCounter = CKF_EXCLUDE_COUNTER,
256 ExcludeChallenge = CKF_EXCLUDE_CHALLENGE,
257 ExcludePin = CKF_EXCLUDE_PIN,
258 UserFriendlyOtp = CKF_USER_FRIENDLY_OTP,
259};
260
261inline Flag operator|(Flag a, Flag b) {
262 // NOLINTNEXTLINE(clang-analyzer-optin.core.EnumCastOutOfRange)
263 return static_cast<Flag>(static_cast<CK_FLAGS>(a) | static_cast<CK_FLAGS>(b));
264}
265
274
281
328
329enum class MechanismType : CK_MECHANISM_TYPE {
330 RsaPkcsKeyPairGen = CKM_RSA_PKCS_KEY_PAIR_GEN,
331 RsaPkcs = CKM_RSA_PKCS,
332 Rsa9796 = CKM_RSA_9796,
333 RsaX509 = CKM_RSA_X_509,
334 Md2RsaPkcs = CKM_MD2_RSA_PKCS,
335 Md5RsaPkcs = CKM_MD5_RSA_PKCS,
336 Sha1RsaPkcs = CKM_SHA1_RSA_PKCS,
337 Ripemd128RsaPkcs = CKM_RIPEMD128_RSA_PKCS,
338 Ripemd160RsaPkcs = CKM_RIPEMD160_RSA_PKCS,
339 RsaPkcsOaep = CKM_RSA_PKCS_OAEP,
340 RsaX931KeyPairGen = CKM_RSA_X9_31_KEY_PAIR_GEN,
341 RsaX931 = CKM_RSA_X9_31,
342 Sha1RsaX931 = CKM_SHA1_RSA_X9_31,
343 RsaPkcsPss = CKM_RSA_PKCS_PSS,
344 Sha1RsaPkcsPss = CKM_SHA1_RSA_PKCS_PSS,
345 DsaKeyPairGen = CKM_DSA_KEY_PAIR_GEN,
346 Dsa = CKM_DSA,
347 DsaSha1 = CKM_DSA_SHA1,
348 DsaSha224 = CKM_DSA_SHA224,
349 DsaSha256 = CKM_DSA_SHA256,
350 DsaSha384 = CKM_DSA_SHA384,
351 DsaSha512 = CKM_DSA_SHA512,
352 DhPkcsKeyPairGen = CKM_DH_PKCS_KEY_PAIR_GEN,
353 DhPkcsDerive = CKM_DH_PKCS_DERIVE,
354 X942DhKeyPairGen = CKM_X9_42_DH_KEY_PAIR_GEN,
355 X942DhDerive = CKM_X9_42_DH_DERIVE,
356 X942DhHybridDerive = CKM_X9_42_DH_HYBRID_DERIVE,
357 X942MqvDerive = CKM_X9_42_MQV_DERIVE,
358 Sha256RsaPkcs = CKM_SHA256_RSA_PKCS,
359 Sha384RsaPkcs = CKM_SHA384_RSA_PKCS,
360 Sha512RsaPkcs = CKM_SHA512_RSA_PKCS,
361 Sha256RsaPkcsPss = CKM_SHA256_RSA_PKCS_PSS,
362 Sha384RsaPkcsPss = CKM_SHA384_RSA_PKCS_PSS,
363 Sha512RsaPkcsPss = CKM_SHA512_RSA_PKCS_PSS,
364 Sha224RsaPkcs = CKM_SHA224_RSA_PKCS,
365 Sha224RsaPkcsPss = CKM_SHA224_RSA_PKCS_PSS,
366 Sha512224 = CKM_SHA512_224,
367 Sha512224Hmac = CKM_SHA512_224_HMAC,
368 Sha512224HmacGeneral = CKM_SHA512_224_HMAC_GENERAL,
369 Sha512224KeyDerivation = CKM_SHA512_224_KEY_DERIVATION,
370 Sha512256 = CKM_SHA512_256,
371 Sha512256Hmac = CKM_SHA512_256_HMAC,
372 Sha512256HmacGeneral = CKM_SHA512_256_HMAC_GENERAL,
373 Sha512256KeyDerivation = CKM_SHA512_256_KEY_DERIVATION,
374 Sha512T = CKM_SHA512_T,
375 Sha512THmac = CKM_SHA512_T_HMAC,
376 Sha512THmacGeneral = CKM_SHA512_T_HMAC_GENERAL,
377 Sha512TKeyDerivation = CKM_SHA512_T_KEY_DERIVATION,
378 Rc2KeyGen = CKM_RC2_KEY_GEN,
379 Rc2Ecb = CKM_RC2_ECB,
380 Rc2Cbc = CKM_RC2_CBC,
381 Rc2Mac = CKM_RC2_MAC,
382 Rc2MacGeneral = CKM_RC2_MAC_GENERAL,
383 Rc2CbcPad = CKM_RC2_CBC_PAD,
384 Rc4KeyGen = CKM_RC4_KEY_GEN,
385 Rc4 = CKM_RC4,
386 DesKeyGen = CKM_DES_KEY_GEN,
387 DesEcb = CKM_DES_ECB,
388 DesCbc = CKM_DES_CBC,
389 DesMac = CKM_DES_MAC,
390 DesMacGeneral = CKM_DES_MAC_GENERAL,
391 DesCbcPad = CKM_DES_CBC_PAD,
392 Des2KeyGen = CKM_DES2_KEY_GEN,
393 Des3KeyGen = CKM_DES3_KEY_GEN,
394 Des3Ecb = CKM_DES3_ECB,
395 Des3Cbc = CKM_DES3_CBC,
396 Des3Mac = CKM_DES3_MAC,
397 Des3MacGeneral = CKM_DES3_MAC_GENERAL,
398 Des3CbcPad = CKM_DES3_CBC_PAD,
399 Des3CmacGeneral = CKM_DES3_CMAC_GENERAL,
400 Des3Cmac = CKM_DES3_CMAC,
401 CdmfKeyGen = CKM_CDMF_KEY_GEN,
402 CdmfEcb = CKM_CDMF_ECB,
403 CdmfCbc = CKM_CDMF_CBC,
404 CdmfMac = CKM_CDMF_MAC,
405 CdmfMacGeneral = CKM_CDMF_MAC_GENERAL,
406 CdmfCbcPad = CKM_CDMF_CBC_PAD,
407 DesOfb64 = CKM_DES_OFB64,
408 DesOfb8 = CKM_DES_OFB8,
409 DesCfb64 = CKM_DES_CFB64,
410 DesCfb8 = CKM_DES_CFB8,
411 Md2 = CKM_MD2,
412 Md2Hmac = CKM_MD2_HMAC,
413 Md2HmacGeneral = CKM_MD2_HMAC_GENERAL,
414 Md5 = CKM_MD5,
415 Md5Hmac = CKM_MD5_HMAC,
416 Md5HmacGeneral = CKM_MD5_HMAC_GENERAL,
417 Sha1 = CKM_SHA_1,
418 Sha1Hmac = CKM_SHA_1_HMAC,
419 Sha1HmacGeneral = CKM_SHA_1_HMAC_GENERAL,
420 Ripemd128 = CKM_RIPEMD128,
421 Ripemd128Hmac = CKM_RIPEMD128_HMAC,
422 Ripemd128HmacGeneral = CKM_RIPEMD128_HMAC_GENERAL,
423 Ripemd160 = CKM_RIPEMD160,
424 Ripemd160Hmac = CKM_RIPEMD160_HMAC,
425 Ripemd160HmacGeneral = CKM_RIPEMD160_HMAC_GENERAL,
426 Sha256 = CKM_SHA256,
427 Sha256Hmac = CKM_SHA256_HMAC,
428 Sha256HmacGeneral = CKM_SHA256_HMAC_GENERAL,
429 Sha224 = CKM_SHA224,
430 Sha224Hmac = CKM_SHA224_HMAC,
431 Sha224HmacGeneral = CKM_SHA224_HMAC_GENERAL,
432 Sha384 = CKM_SHA384,
433 Sha384Hmac = CKM_SHA384_HMAC,
434 Sha384HmacGeneral = CKM_SHA384_HMAC_GENERAL,
435 Sha512 = CKM_SHA512,
436 Sha512Hmac = CKM_SHA512_HMAC,
437 Sha512HmacGeneral = CKM_SHA512_HMAC_GENERAL,
438 SecuridKeyGen = CKM_SECURID_KEY_GEN,
439 Securid = CKM_SECURID,
440 HotpKeyGen = CKM_HOTP_KEY_GEN,
441 Hotp = CKM_HOTP,
442 Acti = CKM_ACTI,
443 ActiKeyGen = CKM_ACTI_KEY_GEN,
444 CastKeyGen = CKM_CAST_KEY_GEN,
445 CastEcb = CKM_CAST_ECB,
446 CastCbc = CKM_CAST_CBC,
447 CastMac = CKM_CAST_MAC,
448 CastMacGeneral = CKM_CAST_MAC_GENERAL,
449 CastCbcPad = CKM_CAST_CBC_PAD,
450 Cast3KeyGen = CKM_CAST3_KEY_GEN,
451 Cast3Ecb = CKM_CAST3_ECB,
452 Cast3Cbc = CKM_CAST3_CBC,
453 Cast3Mac = CKM_CAST3_MAC,
454 Cast3MacGeneral = CKM_CAST3_MAC_GENERAL,
455 Cast3CbcPad = CKM_CAST3_CBC_PAD,
456 Cast5KeyGen = CKM_CAST5_KEY_GEN,
457 Cast128KeyGen = CKM_CAST128_KEY_GEN,
458 Cast5Ecb = CKM_CAST5_ECB,
459 Cast128Ecb = CKM_CAST128_ECB,
460 Cast5Cbc = CKM_CAST5_CBC,
461 Cast128Cbc = CKM_CAST128_CBC,
462 Cast5Mac = CKM_CAST5_MAC,
463 Cast128Mac = CKM_CAST128_MAC,
464 Cast5MacGeneral = CKM_CAST5_MAC_GENERAL,
465 Cast128MacGeneral = CKM_CAST128_MAC_GENERAL,
466 Cast5CbcPad = CKM_CAST5_CBC_PAD,
467 Cast128CbcPad = CKM_CAST128_CBC_PAD,
468 Rc5KeyGen = CKM_RC5_KEY_GEN,
469 Rc5Ecb = CKM_RC5_ECB,
470 Rc5Cbc = CKM_RC5_CBC,
471 Rc5Mac = CKM_RC5_MAC,
472 Rc5MacGeneral = CKM_RC5_MAC_GENERAL,
473 Rc5CbcPad = CKM_RC5_CBC_PAD,
474 IdeaKeyGen = CKM_IDEA_KEY_GEN,
475 IdeaEcb = CKM_IDEA_ECB,
476 IdeaCbc = CKM_IDEA_CBC,
477 IdeaMac = CKM_IDEA_MAC,
478 IdeaMacGeneral = CKM_IDEA_MAC_GENERAL,
479 IdeaCbcPad = CKM_IDEA_CBC_PAD,
480 GenericSecretKeyGen = CKM_GENERIC_SECRET_KEY_GEN,
481 ConcatenateBaseAndKey = CKM_CONCATENATE_BASE_AND_KEY,
482 ConcatenateBaseAndData = CKM_CONCATENATE_BASE_AND_DATA,
483 ConcatenateDataAndBase = CKM_CONCATENATE_DATA_AND_BASE,
484 XorBaseAndData = CKM_XOR_BASE_AND_DATA,
485 ExtractKeyFromKey = CKM_EXTRACT_KEY_FROM_KEY,
486 Ssl3PreMasterKeyGen = CKM_SSL3_PRE_MASTER_KEY_GEN,
487 Ssl3MasterKeyDerive = CKM_SSL3_MASTER_KEY_DERIVE,
488 Ssl3KeyAndMacDerive = CKM_SSL3_KEY_AND_MAC_DERIVE,
489 Ssl3MasterKeyDeriveDh = CKM_SSL3_MASTER_KEY_DERIVE_DH,
490 TlsPreMasterKeyGen = CKM_TLS_PRE_MASTER_KEY_GEN,
491 TlsMasterKeyDerive = CKM_TLS_MASTER_KEY_DERIVE,
492 TlsKeyAndMacDerive = CKM_TLS_KEY_AND_MAC_DERIVE,
493 TlsMasterKeyDeriveDh = CKM_TLS_MASTER_KEY_DERIVE_DH,
494 TlsPrf = CKM_TLS_PRF,
495 Ssl3Md5Mac = CKM_SSL3_MD5_MAC,
496 Ssl3Sha1Mac = CKM_SSL3_SHA1_MAC,
497 Md5KeyDerivation = CKM_MD5_KEY_DERIVATION,
498 Md2KeyDerivation = CKM_MD2_KEY_DERIVATION,
499 Sha1KeyDerivation = CKM_SHA1_KEY_DERIVATION,
500 Sha256KeyDerivation = CKM_SHA256_KEY_DERIVATION,
501 Sha384KeyDerivation = CKM_SHA384_KEY_DERIVATION,
502 Sha512KeyDerivation = CKM_SHA512_KEY_DERIVATION,
503 Sha224KeyDerivation = CKM_SHA224_KEY_DERIVATION,
504 PbeMd2DesCbc = CKM_PBE_MD2_DES_CBC,
505 PbeMd5DesCbc = CKM_PBE_MD5_DES_CBC,
506 PbeMd5CastCbc = CKM_PBE_MD5_CAST_CBC,
507 PbeMd5Cast3Cbc = CKM_PBE_MD5_CAST3_CBC,
508 PbeMd5Cast5Cbc = CKM_PBE_MD5_CAST5_CBC,
509 PbeMd5Cast128Cbc = CKM_PBE_MD5_CAST128_CBC,
510 PbeSha1Cast5Cbc = CKM_PBE_SHA1_CAST5_CBC,
511 PbeSha1Cast128Cbc = CKM_PBE_SHA1_CAST128_CBC,
512 PbeSha1Rc4128 = CKM_PBE_SHA1_RC4_128,
513 PbeSha1Rc440 = CKM_PBE_SHA1_RC4_40,
514 PbeSha1Des3EdeCbc = CKM_PBE_SHA1_DES3_EDE_CBC,
515 PbeSha1Des2EdeCbc = CKM_PBE_SHA1_DES2_EDE_CBC,
516 PbeSha1Rc2128Cbc = CKM_PBE_SHA1_RC2_128_CBC,
517 PbeSha1Rc240Cbc = CKM_PBE_SHA1_RC2_40_CBC,
518 Pkcs5Pbkd2 = CKM_PKCS5_PBKD2,
519 PbaSha1WithSha1Hmac = CKM_PBA_SHA1_WITH_SHA1_HMAC,
520 WtlsPreMasterKeyGen = CKM_WTLS_PRE_MASTER_KEY_GEN,
521 WtlsMasterKeyDerive = CKM_WTLS_MASTER_KEY_DERIVE,
522 WtlsMasterKeyDeriveDhEcc = CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC,
523 WtlsPrf = CKM_WTLS_PRF,
524 WtlsServerKeyAndMacDerive = CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE,
525 WtlsClientKeyAndMacDerive = CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE,
526 Tls10MacServer = CKM_TLS10_MAC_SERVER,
527 Tls10MacClient = CKM_TLS10_MAC_CLIENT,
528 Tls12Mac = CKM_TLS12_MAC,
529 Tls12Kdf = CKM_TLS12_KDF,
530 Tls12MasterKeyDerive = CKM_TLS12_MASTER_KEY_DERIVE,
531 Tls12KeyAndMacDerive = CKM_TLS12_KEY_AND_MAC_DERIVE,
532 Tls12MasterKeyDeriveDh = CKM_TLS12_MASTER_KEY_DERIVE_DH,
533 Tls12KeySafeDerive = CKM_TLS12_KEY_SAFE_DERIVE,
534 TlsMac = CKM_TLS_MAC,
535 TlsKdf = CKM_TLS_KDF,
536 KeyWrapLynks = CKM_KEY_WRAP_LYNKS,
537 KeyWrapSetOaep = CKM_KEY_WRAP_SET_OAEP,
538 CmsSig = CKM_CMS_SIG,
539 KipDerive = CKM_KIP_DERIVE,
540 KipWrap = CKM_KIP_WRAP,
541 KipMac = CKM_KIP_MAC,
542 CamelliaKeyGen = CKM_CAMELLIA_KEY_GEN,
543 CamelliaEcb = CKM_CAMELLIA_ECB,
544 CamelliaCbc = CKM_CAMELLIA_CBC,
545 CamelliaMac = CKM_CAMELLIA_MAC,
546 CamelliaMacGeneral = CKM_CAMELLIA_MAC_GENERAL,
547 CamelliaCbcPad = CKM_CAMELLIA_CBC_PAD,
548 CamelliaEcbEncryptData = CKM_CAMELLIA_ECB_ENCRYPT_DATA,
549 CamelliaCbcEncryptData = CKM_CAMELLIA_CBC_ENCRYPT_DATA,
550 CamelliaCtr = CKM_CAMELLIA_CTR,
551 AriaKeyGen = CKM_ARIA_KEY_GEN,
552 AriaEcb = CKM_ARIA_ECB,
553 AriaCbc = CKM_ARIA_CBC,
554 AriaMac = CKM_ARIA_MAC,
555 AriaMacGeneral = CKM_ARIA_MAC_GENERAL,
556 AriaCbcPad = CKM_ARIA_CBC_PAD,
557 AriaEcbEncryptData = CKM_ARIA_ECB_ENCRYPT_DATA,
558 AriaCbcEncryptData = CKM_ARIA_CBC_ENCRYPT_DATA,
559 SeedKeyGen = CKM_SEED_KEY_GEN,
560 SeedEcb = CKM_SEED_ECB,
561 SeedCbc = CKM_SEED_CBC,
562 SeedMac = CKM_SEED_MAC,
563 SeedMacGeneral = CKM_SEED_MAC_GENERAL,
564 SeedCbcPad = CKM_SEED_CBC_PAD,
565 SeedEcbEncryptData = CKM_SEED_ECB_ENCRYPT_DATA,
566 SeedCbcEncryptData = CKM_SEED_CBC_ENCRYPT_DATA,
567 SkipjackKeyGen = CKM_SKIPJACK_KEY_GEN,
568 SkipjackEcb64 = CKM_SKIPJACK_ECB64,
569 SkipjackCbc64 = CKM_SKIPJACK_CBC64,
570 SkipjackOfb64 = CKM_SKIPJACK_OFB64,
571 SkipjackCfb64 = CKM_SKIPJACK_CFB64,
572 SkipjackCfb32 = CKM_SKIPJACK_CFB32,
573 SkipjackCfb16 = CKM_SKIPJACK_CFB16,
574 SkipjackCfb8 = CKM_SKIPJACK_CFB8,
575 SkipjackWrap = CKM_SKIPJACK_WRAP,
576 SkipjackPrivateWrap = CKM_SKIPJACK_PRIVATE_WRAP,
577 SkipjackRelayx = CKM_SKIPJACK_RELAYX,
578 KeaKeyPairGen = CKM_KEA_KEY_PAIR_GEN,
579 KeaKeyDerive = CKM_KEA_KEY_DERIVE,
580 KeaDerive = CKM_KEA_DERIVE,
581 FortezzaTimestamp = CKM_FORTEZZA_TIMESTAMP,
582 BatonKeyGen = CKM_BATON_KEY_GEN,
583 BatonEcb128 = CKM_BATON_ECB128,
584 BatonEcb96 = CKM_BATON_ECB96,
585 BatonCbc128 = CKM_BATON_CBC128,
586 BatonCounter = CKM_BATON_COUNTER,
587 BatonShuffle = CKM_BATON_SHUFFLE,
588 BatonWrap = CKM_BATON_WRAP,
589 EcdsaKeyPairGen = CKM_ECDSA_KEY_PAIR_GEN,
590 EcKeyPairGen = CKM_EC_KEY_PAIR_GEN,
591 Ecdsa = CKM_ECDSA,
592 EcdsaSha1 = CKM_ECDSA_SHA1,
593 EcdsaSha224 = CKM_ECDSA_SHA224,
594 EcdsaSha256 = CKM_ECDSA_SHA256,
595 EcdsaSha384 = CKM_ECDSA_SHA384,
596 EcdsaSha512 = CKM_ECDSA_SHA512,
597 Ecdh1Derive = CKM_ECDH1_DERIVE,
598 Ecdh1CofactorDerive = CKM_ECDH1_COFACTOR_DERIVE,
599 EcmqvDerive = CKM_ECMQV_DERIVE,
600 EcdhAesKeyWrap = CKM_ECDH_AES_KEY_WRAP,
601 RsaAesKeyWrap = CKM_RSA_AES_KEY_WRAP,
602 JuniperKeyGen = CKM_JUNIPER_KEY_GEN,
603 JuniperEcb128 = CKM_JUNIPER_ECB128,
604 JuniperCbc128 = CKM_JUNIPER_CBC128,
605 JuniperCounter = CKM_JUNIPER_COUNTER,
606 JuniperShuffle = CKM_JUNIPER_SHUFFLE,
607 JuniperWrap = CKM_JUNIPER_WRAP,
608 Fasthash = CKM_FASTHASH,
609 AesKeyGen = CKM_AES_KEY_GEN,
610 AesEcb = CKM_AES_ECB,
611 AesCbc = CKM_AES_CBC,
612 AesMac = CKM_AES_MAC,
613 AesMacGeneral = CKM_AES_MAC_GENERAL,
614 AesCbcPad = CKM_AES_CBC_PAD,
615 AesCtr = CKM_AES_CTR,
616 AesGcm = CKM_AES_GCM,
617 AesCcm = CKM_AES_CCM,
618 AesCts = CKM_AES_CTS,
619 AesCmac = CKM_AES_CMAC,
620 AesCmacGeneral = CKM_AES_CMAC_GENERAL,
621 AesXcbcMac = CKM_AES_XCBC_MAC,
622 AesXcbcMac96 = CKM_AES_XCBC_MAC_96,
623 AesGmac = CKM_AES_GMAC,
624 BlowfishKeyGen = CKM_BLOWFISH_KEY_GEN,
625 BlowfishCbc = CKM_BLOWFISH_CBC,
626 TwofishKeyGen = CKM_TWOFISH_KEY_GEN,
627 TwofishCbc = CKM_TWOFISH_CBC,
628 BlowfishCbcPad = CKM_BLOWFISH_CBC_PAD,
629 TwofishCbcPad = CKM_TWOFISH_CBC_PAD,
630 DesEcbEncryptData = CKM_DES_ECB_ENCRYPT_DATA,
631 DesCbcEncryptData = CKM_DES_CBC_ENCRYPT_DATA,
632 Des3EcbEncryptData = CKM_DES3_ECB_ENCRYPT_DATA,
633 Des3CbcEncryptData = CKM_DES3_CBC_ENCRYPT_DATA,
634 AesEcbEncryptData = CKM_AES_ECB_ENCRYPT_DATA,
635 AesCbcEncryptData = CKM_AES_CBC_ENCRYPT_DATA,
636 Gostr3410KeyPairGen = CKM_GOSTR3410_KEY_PAIR_GEN,
637 Gostr3410 = CKM_GOSTR3410,
638 Gostr3410WithGostr3411 = CKM_GOSTR3410_WITH_GOSTR3411,
639 Gostr3410KeyWrap = CKM_GOSTR3410_KEY_WRAP,
640 Gostr3410Derive = CKM_GOSTR3410_DERIVE,
641 Gostr3411 = CKM_GOSTR3411,
642 Gostr3411Hmac = CKM_GOSTR3411_HMAC,
643 Gost28147KeyGen = CKM_GOST28147_KEY_GEN,
644 Gost28147Ecb = CKM_GOST28147_ECB,
645 Gost28147 = CKM_GOST28147,
646 Gost28147Mac = CKM_GOST28147_MAC,
647 Gost28147KeyWrap = CKM_GOST28147_KEY_WRAP,
648 DsaParameterGen = CKM_DSA_PARAMETER_GEN,
649 DhPkcsParameterGen = CKM_DH_PKCS_PARAMETER_GEN,
650 X942DhParameterGen = CKM_X9_42_DH_PARAMETER_GEN,
651 DsaProbablisticParameterGen = CKM_DSA_PROBABLISTIC_PARAMETER_GEN, // TODO(Botan4) remove this typo
652 DsaProbabilisticParameterGen = CKM_DSA_PROBABLISTIC_PARAMETER_GEN,
653 DsaShaweTaylorParameterGen = CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN,
654 AesOfb = CKM_AES_OFB,
655 AesCfb64 = CKM_AES_CFB64,
656 AesCfb8 = CKM_AES_CFB8,
657 AesCfb128 = CKM_AES_CFB128,
658 AesCfb1 = CKM_AES_CFB1,
659 AesKeyWrap = CKM_AES_KEY_WRAP,
660 AesKeyWrapPad = CKM_AES_KEY_WRAP_PAD,
661 RsaPkcsTpm11 = CKM_RSA_PKCS_TPM_1_1,
662 RsaPkcsOaepTpm11 = CKM_RSA_PKCS_OAEP_TPM_1_1,
663 VendorDefined = CKM_VENDOR_DEFINED,
664};
665
670
683
694
702
703enum class ReturnValue : CK_RV {
704 OK = CKR_OK,
705 Cancel = CKR_CANCEL,
706 HostMemory = CKR_HOST_MEMORY,
707 SlotIdInvalid = CKR_SLOT_ID_INVALID,
708 GeneralError = CKR_GENERAL_ERROR,
709 FunctionFailed = CKR_FUNCTION_FAILED,
710 ArgumentsBad = CKR_ARGUMENTS_BAD,
711 NoEvent = CKR_NO_EVENT,
712 NeedToCreateThreads = CKR_NEED_TO_CREATE_THREADS,
713 CantLock = CKR_CANT_LOCK,
714 AttributeReadOnly = CKR_ATTRIBUTE_READ_ONLY,
715 AttributeSensitive = CKR_ATTRIBUTE_SENSITIVE,
716 AttributeTypeInvalid = CKR_ATTRIBUTE_TYPE_INVALID,
717 AttributeValueInvalid = CKR_ATTRIBUTE_VALUE_INVALID,
718 ActionProhibited = CKR_ACTION_PROHIBITED,
719 DataInvalid = CKR_DATA_INVALID,
720 DataLenRange = CKR_DATA_LEN_RANGE,
721 DeviceError = CKR_DEVICE_ERROR,
722 DeviceMemory = CKR_DEVICE_MEMORY,
723 DeviceRemoved = CKR_DEVICE_REMOVED,
724 EncryptedDataInvalid = CKR_ENCRYPTED_DATA_INVALID,
725 EncryptedDataLenRange = CKR_ENCRYPTED_DATA_LEN_RANGE,
726 FunctionCanceled = CKR_FUNCTION_CANCELED,
727 FunctionNotParallel = CKR_FUNCTION_NOT_PARALLEL,
728 FunctionNotSupported = CKR_FUNCTION_NOT_SUPPORTED,
729 KeyHandleInvalid = CKR_KEY_HANDLE_INVALID,
730 KeySizeRange = CKR_KEY_SIZE_RANGE,
731 KeyTypeInconsistent = CKR_KEY_TYPE_INCONSISTENT,
732 KeyNotNeeded = CKR_KEY_NOT_NEEDED,
733 KeyChanged = CKR_KEY_CHANGED,
734 KeyNeeded = CKR_KEY_NEEDED,
735 KeyIndigestible = CKR_KEY_INDIGESTIBLE,
736 KeyFunctionNotPermitted = CKR_KEY_FUNCTION_NOT_PERMITTED,
737 KeyNotWrappable = CKR_KEY_NOT_WRAPPABLE,
738 KeyUnextractable = CKR_KEY_UNEXTRACTABLE,
739 MechanismInvalid = CKR_MECHANISM_INVALID,
740 MechanismParamInvalid = CKR_MECHANISM_PARAM_INVALID,
741 ObjectHandleInvalid = CKR_OBJECT_HANDLE_INVALID,
742 OperationActive = CKR_OPERATION_ACTIVE,
743 OperationNotInitialized = CKR_OPERATION_NOT_INITIALIZED,
744 PinIncorrect = CKR_PIN_INCORRECT,
745 PinInvalid = CKR_PIN_INVALID,
746 PinLenRange = CKR_PIN_LEN_RANGE,
747 PinExpired = CKR_PIN_EXPIRED,
748 PinLocked = CKR_PIN_LOCKED,
749 SessionClosed = CKR_SESSION_CLOSED,
750 SessionCount = CKR_SESSION_COUNT,
751 SessionHandleInvalid = CKR_SESSION_HANDLE_INVALID,
752 SessionParallelNotSupported = CKR_SESSION_PARALLEL_NOT_SUPPORTED,
753 SessionReadOnly = CKR_SESSION_READ_ONLY,
754 SessionExists = CKR_SESSION_EXISTS,
755 SessionReadOnlyExists = CKR_SESSION_READ_ONLY_EXISTS,
756 SessionReadWriteSoExists = CKR_SESSION_READ_WRITE_SO_EXISTS,
757 SignatureInvalid = CKR_SIGNATURE_INVALID,
758 SignatureLenRange = CKR_SIGNATURE_LEN_RANGE,
759 TemplateIncomplete = CKR_TEMPLATE_INCOMPLETE,
760 TemplateInconsistent = CKR_TEMPLATE_INCONSISTENT,
761 TokenNotPresent = CKR_TOKEN_NOT_PRESENT,
762 TokenNotRecognized = CKR_TOKEN_NOT_RECOGNIZED,
763 TokenWriteProtected = CKR_TOKEN_WRITE_PROTECTED,
764 UnwrappingKeyHandleInvalid = CKR_UNWRAPPING_KEY_HANDLE_INVALID,
765 UnwrappingKeySizeRange = CKR_UNWRAPPING_KEY_SIZE_RANGE,
766 UnwrappingKeyTypeInconsistent = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT,
767 UserAlreadyLoggedIn = CKR_USER_ALREADY_LOGGED_IN,
768 UserNotLoggedIn = CKR_USER_NOT_LOGGED_IN,
769 UserPinNotInitialized = CKR_USER_PIN_NOT_INITIALIZED,
770 UserTypeInvalid = CKR_USER_TYPE_INVALID,
771 UserAnotherAlreadyLoggedIn = CKR_USER_ANOTHER_ALREADY_LOGGED_IN,
772 UserTooManyTypes = CKR_USER_TOO_MANY_TYPES,
773 WrappedKeyInvalid = CKR_WRAPPED_KEY_INVALID,
774 WrappedKeyLenRange = CKR_WRAPPED_KEY_LEN_RANGE,
775 WrappingKeyHandleInvalid = CKR_WRAPPING_KEY_HANDLE_INVALID,
776 WrappingKeySizeRange = CKR_WRAPPING_KEY_SIZE_RANGE,
777 WrappingKeyTypeInconsistent = CKR_WRAPPING_KEY_TYPE_INCONSISTENT,
778 RandomSeedNotSupported = CKR_RANDOM_SEED_NOT_SUPPORTED,
779 RandomNoRng = CKR_RANDOM_NO_RNG,
780 DomainParamsInvalid = CKR_DOMAIN_PARAMS_INVALID,
781 CurveNotSupported = CKR_CURVE_NOT_SUPPORTED,
782 BufferTooSmall = CKR_BUFFER_TOO_SMALL,
783 SavedStateInvalid = CKR_SAVED_STATE_INVALID,
784 InformationSensitive = CKR_INFORMATION_SENSITIVE,
785 StateUnsaveable = CKR_STATE_UNSAVEABLE,
786 CryptokiNotInitialized = CKR_CRYPTOKI_NOT_INITIALIZED,
787 CryptokiAlreadyInitialized = CKR_CRYPTOKI_ALREADY_INITIALIZED,
788 MutexBad = CKR_MUTEX_BAD,
789 MutexNotLocked = CKR_MUTEX_NOT_LOCKED,
790 NewPinMode = CKR_NEW_PIN_MODE,
791 NextOtp = CKR_NEXT_OTP,
792 ExceededMaxIterations = CKR_EXCEEDED_MAX_ITERATIONS,
793 FipsSelfTestFailed = CKR_FIPS_SELF_TEST_FAILED,
794 LibraryLoadFailed = CKR_LIBRARY_LOAD_FAILED,
795 PinTooWeak = CKR_PIN_TOO_WEAK,
796 PublicKeyInvalid = CKR_PUBLIC_KEY_INVALID,
797 FunctionRejected = CKR_FUNCTION_REJECTED,
798 VendorDefined = CKR_VENDOR_DEFINED,
799};
800
806
807enum class PublicPointEncoding : uint32_t { Raw, Der };
808
809// NOLINTEND(*-enum-size)
810
811using FunctionListPtr = CK_FUNCTION_LIST_PTR;
812using VoidPtr = CK_VOID_PTR;
813using C_InitializeArgs = CK_C_INITIALIZE_ARGS;
814using CreateMutex = CK_CREATEMUTEX;
815using DestroyMutex = CK_DESTROYMUTEX;
816using LockMutex = CK_LOCKMUTEX;
817using UnlockMutex = CK_UNLOCKMUTEX;
818using Flags = CK_FLAGS;
819using Info = CK_INFO;
820using Bbool = CK_BBOOL;
821using SlotId = CK_SLOT_ID;
822using Ulong = CK_ULONG;
823using SlotInfo = CK_SLOT_INFO;
824using TokenInfo = CK_TOKEN_INFO;
825using Mechanism = CK_MECHANISM;
826using MechanismInfo = CK_MECHANISM_INFO;
827using Utf8Char = CK_UTF8CHAR;
828using Notify = CK_NOTIFY;
829using SessionHandle = CK_SESSION_HANDLE;
830using SessionInfo = CK_SESSION_INFO;
831using Attribute = CK_ATTRIBUTE;
832using ObjectHandle = CK_OBJECT_HANDLE;
833using Byte = CK_BYTE;
834using RsaPkcsOaepParams = CK_RSA_PKCS_OAEP_PARAMS;
835using RsaPkcsPssParams = CK_RSA_PKCS_PSS_PARAMS;
836using Ecdh1DeriveParams = CK_ECDH1_DERIVE_PARAMS;
837using Date = CK_DATE;
838
839// NOLINTNEXTLINE(*-avoid-non-const-global-variables) TODO can this be made const?
840BOTAN_PUBLIC_API(2, 0) extern ReturnValue* ThrowException;
841
842const Bbool True = CK_TRUE;
843const Bbool False = CK_FALSE;
844
845inline Flags flags(Flag flags) {
846 return static_cast<Flags>(flags);
847}
848
849class Slot;
850
851/**
852* Initializes a token
853* @param slot The slot with the attached token that should be initialized
854* @param label The token label
855* @param so_pin PIN of the security officer. Will be set if the token is uninitialized other this has to be the current SO_PIN
856* @param pin The user PIN that will be set
857*/
858BOTAN_PUBLIC_API(2, 0)
859void initialize_token(Slot& slot, std::string_view label, const secure_string& so_pin, const secure_string& pin);
860
861/**
862* Change PIN with old PIN to new PIN
863* @param slot The slot with the attached token
864* @param old_pin The old user PIN
865* @param new_pin The new user PIN
866*/
867
868BOTAN_PUBLIC_API(2, 0) void change_pin(Slot& slot, const secure_string& old_pin, const secure_string& new_pin);
869
870/**
871* Change SO_PIN with old SO_PIN to new SO_PIN
872* @param slot The slot with the attached token
873* @param old_so_pin The old SO_PIN
874* @param new_so_pin The new SO_PIN
875*/
876BOTAN_PUBLIC_API(2, 0) void change_so_pin(Slot& slot, const secure_string& old_so_pin, const secure_string& new_so_pin);
877
878/**
879* Sets user PIN with SO_PIN
880* @param slot The slot with the attached token
881* @param so_pin PIN of the security officer
882* @param pin The user PIN that should be set
883*/
884BOTAN_PUBLIC_API(2, 0) void set_pin(Slot& slot, const secure_string& so_pin, const secure_string& pin);
885
886/// Provides access to all PKCS#11 functions
887class BOTAN_PUBLIC_API(2, 0) LowLevel {
888 public:
889 /// @param ptr the function list pointer to use. Can be retrieved via `LowLevel::C_GetFunctionList`
890 explicit LowLevel(FunctionListPtr ptr);
891
892 /****************************** General purpose functions ******************************/
893
894 /**
895 * C_Initialize initializes the Cryptoki library.
896 * @param init_args if this is not nullptr, it gets cast to (`C_InitializeArgs`) and dereferenced
897 * @param return_value default value (`ThrowException`): throw exception on error.
898 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
899 * At least the following PKCS#11 return values may be returned:
900 * \li ArgumentsBad \li CantLock \li CryptokiAlreadyInitialized
901 * \li FunctionFailed \li GeneralError \li HostMemory
902 * \li NeedToCreateThreads \li OK
903 * @return true on success, false otherwise
904 */
905 bool C_Initialize(VoidPtr init_args, ReturnValue* return_value = ThrowException) const;
906
907 /**
908 * C_Finalize indicates that an application is done with the Cryptoki library.
909 * @param reserved reserved. Should be nullptr
910 * @param return_value default value (`ThrowException`): throw exception on error.
911 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
912 * At least the following PKCS#11 return values may be returned:
913 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
914 * \li GeneralError \li HostMemory \li OK
915 * @return true on success, false otherwise
916 */
917 bool C_Finalize(VoidPtr reserved, ReturnValue* return_value = ThrowException) const;
918
919 /**
920 * C_GetInfo returns general information about Cryptoki.
921 * @param info_ptr location that receives information
922 * @param return_value default value (`ThrowException`): throw exception on error.
923 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
924 * At least the following PKCS#11 return values may be returned:
925 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
926 * \li GeneralError \li HostMemory \li OK
927 * @return true on success, false otherwise
928 */
929 bool C_GetInfo(Info* info_ptr, ReturnValue* return_value = ThrowException) const;
930
931 /**
932 * C_GetFunctionList returns the function list.
933 * @param pkcs11_module The PKCS#11 module
934 * @param function_list_ptr_ptr receives pointer to function list
935 * @param return_value default value (`ThrowException`): throw exception on error.
936 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
937 * At least the following PKCS#11 return values may be returned:
938 * \li ArgumentsBad \li FunctionFailed \li GeneralError
939 * \li HostMemory \li OK
940 * @return true on success, false otherwise
941 */
942 static bool C_GetFunctionList(Dynamically_Loaded_Library& pkcs11_module,
943 FunctionListPtr* function_list_ptr_ptr,
944 ReturnValue* return_value = ThrowException);
945
946 /****************************** Slot and token management functions ******************************/
947
948 /**
949 * C_GetSlotList obtains a list of slots in the system.
950 * @param token_present only slots with tokens
951 * @param slot_list_ptr receives array of slot IDs
952 * @param count_ptr receives number of slots
953 * @param return_value default value (`ThrowException`): throw exception on error.
954 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
955 * At least the following PKCS#11 return values may be returned:
956 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
957 * \li FunctionFailed \li GeneralError \li HostMemory
958 * \li OK
959 * @return true on success, false otherwise
960 */
961 bool C_GetSlotList(Bbool token_present,
962 SlotId* slot_list_ptr,
963 Ulong* count_ptr,
964 ReturnValue* return_value = ThrowException) const;
965
966 /**
967 * C_GetSlotList obtains a list of slots in the system.
968 * @param token_present only slots with tokens
969 * @param slot_ids receives vector of slot IDs
970 * @param return_value default value (`ThrowException`): throw exception on error.
971 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
972 * At least the following PKCS#11 return values may be returned:
973 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
974 * \li FunctionFailed \li GeneralError \li HostMemory
975 * \li OK
976 * @return true on success, false otherwise
977 */
978 bool C_GetSlotList(bool token_present,
979 std::vector<SlotId>& slot_ids,
980 ReturnValue* return_value = ThrowException) const;
981
982 /**
983 * C_GetSlotInfo obtains information about a particular slot in the system.
984 * @param slot_id the ID of the slot
985 * @param info_ptr receives the slot information
986 * @param return_value default value (`ThrowException`): throw exception on error.
987 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
988 * At least the following PKCS#11 return values may be returned:
989 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
990 * \li FunctionFailed \li GeneralError \li HostMemory
991 * \li OK \li SlotIdInvalid
992 * @return true on success, false otherwise
993 */
994 bool C_GetSlotInfo(SlotId slot_id, SlotInfo* info_ptr, ReturnValue* return_value = ThrowException) const;
995
996 /**
997 * C_GetTokenInfo obtains information about a particular token in the system.
998 * @param slot_id ID of the token's slot
999 * @param info_ptr receives the token information
1000 * @param return_value default value (`ThrowException`): throw exception on error.
1001 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1002 * At least the following PKCS#11 return values may be returned:
1003 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1004 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1005 * \li HostMemory \li OK \li SlotIdInvalid
1006 * \li TokenNotPresent \li TokenNotRecognized \li ArgumentsBad
1007 * @return true on success, false otherwise
1008 */
1009 bool C_GetTokenInfo(SlotId slot_id, TokenInfo* info_ptr, ReturnValue* return_value = ThrowException) const;
1010
1011 /**
1012 * C_WaitForSlotEvent waits for a slot event (token insertion, removal, etc.) to occur.
1013 * @param flags blocking/nonblocking flag
1014 * @param slot_ptr location that receives the slot ID
1015 * @param reserved reserved. Should be NULL_PTR
1016 * @param return_value default value (`ThrowException`): throw exception on error.
1017 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1018 * At least the following PKCS#11 return values may be returned:
1019 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
1020 * \li GeneralError \li HostMemory \li NoEvent
1021 * \li OK
1022 * @return true on success, false otherwise
1023 */
1024 bool C_WaitForSlotEvent(Flags flags,
1025 SlotId* slot_ptr,
1026 VoidPtr reserved,
1027 ReturnValue* return_value = ThrowException) const;
1028
1029 /**
1030 * C_GetMechanismList obtains a list of mechanism types supported by a token.
1031 * @param slot_id ID of token's slot
1032 * @param mechanism_list_ptr gets mech. array
1033 * @param count_ptr gets # of mechs.
1034 * @param return_value default value (`ThrowException`): throw exception on error.
1035 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1036 * At least the following PKCS#11 return values may be returned:
1037 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1038 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1039 * \li GeneralError \li HostMemory \li OK
1040 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1041 * \li ArgumentsBad
1042 * @return true on success, false otherwise
1043 */
1044 bool C_GetMechanismList(SlotId slot_id,
1045 MechanismType* mechanism_list_ptr,
1046 Ulong* count_ptr,
1047 ReturnValue* return_value = ThrowException) const;
1048
1049 /**
1050 * C_GetMechanismList obtains a list of mechanism types supported by a token.
1051 * @param slot_id ID of token's slot
1052 * @param mechanisms receives vector of supported mechanisms
1053 * @param return_value default value (`ThrowException`): throw exception on error.
1054 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1055 * At least the following PKCS#11 return values may be returned:
1056 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1057 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1058 * \li GeneralError \li HostMemory \li OK
1059 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1060 * \li ArgumentsBad
1061 * @return true on success, false otherwise
1062 */
1063 bool C_GetMechanismList(SlotId slot_id,
1064 std::vector<MechanismType>& mechanisms,
1065 ReturnValue* return_value = ThrowException) const;
1066
1067 /**
1068 * C_GetMechanismInfo obtains information about a particular mechanism possibly supported by a token.
1069 * @param slot_id ID of the token's slot
1070 * @param type type of mechanism
1071 * @param info_ptr receives mechanism info
1072 * @param return_value default value (`ThrowException`): throw exception on error.
1073 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1074 * At least the following PKCS#11 return values may be returned:
1075 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1076 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1077 * \li HostMemory \li MechanismInvalid \li OK
1078 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1079 * \li ArgumentsBad
1080 * @return true on success, false otherwise
1081 */
1082 bool C_GetMechanismInfo(SlotId slot_id,
1083 MechanismType type,
1084 MechanismInfo* info_ptr,
1085 ReturnValue* return_value = ThrowException) const;
1086
1087 /**
1088 * C_InitToken initializes a token.
1089 * @param slot_id ID of the token's slot
1090 * @param so_pin_ptr the SO's initial PIN
1091 * @param so_pin_len length in bytes of the SO_PIN
1092 * @param label_ptr 32-byte token label (blank padded)
1093 * @param return_value default value (`ThrowException`): throw exception on error.
1094 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1095 * At least the following PKCS#11 return values may be returned:
1096 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1097 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1098 * \li GeneralError \li HostMemory \li OK
1099 * \li PinIncorrect \li PinLocked \li SessionExists
1100 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1101 * \li TokenWriteProtected \li ArgumentsBad
1102 * @return true on success, false otherwise
1103 */
1104 bool C_InitToken(SlotId slot_id,
1105 Utf8Char* so_pin_ptr,
1106 Ulong so_pin_len,
1107 Utf8Char* label_ptr,
1108 ReturnValue* return_value = ThrowException) const;
1109
1110 /**
1111 * C_InitToken initializes a token.
1112 * @param slot_id ID of the token's slot
1113 * @param so_pin the SO's initial PIN
1114 * @param label token label (at max 32 bytes long)
1115 * @param return_value default value (`ThrowException`): throw exception on error.
1116 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1117 * At least the following PKCS#11 return values may be returned:
1118 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1119 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1120 * \li GeneralError \li HostMemory \li OK
1121 * \li PinIncorrect \li PinLocked \li SessionExists
1122 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1123 * \li TokenWriteProtected \li ArgumentsBad
1124 * @return true on success, false otherwise
1125 */
1126 template <typename TAlloc>
1127 bool C_InitToken(SlotId slot_id,
1128 const std::vector<uint8_t, TAlloc>& so_pin,
1129 std::string_view label,
1130 ReturnValue* return_value = ThrowException) const {
1131 std::string padded_label(label);
1132 if(label.size() < 32) {
1133 padded_label.insert(padded_label.end(), 32 - label.size(), ' ');
1134 }
1135
1136 return C_InitToken(slot_id,
1137 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(so_pin.data())),
1138 static_cast<Ulong>(so_pin.size()),
1139 reinterpret_cast<Utf8Char*>(const_cast<char*>(padded_label.c_str())),
1140 return_value);
1141 }
1142
1143 /**
1144 * C_InitPIN initializes the normal user's PIN.
1145 * @param session the session's handle
1146 * @param pin_ptr the normal user's PIN
1147 * @param pin_len length in bytes of the PIN
1148 * @param return_value default value (`ThrowException`): throw exception on error.
1149 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1150 * At least the following PKCS#11 return values may be returned:
1151 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1152 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1153 * \li GeneralError \li HostMemory \li OK
1154 * \li PinInvalid \li PinLenRange \li SessionClosed
1155 * \li SessionReadOnly \li SessionHandleInvalid \li TokenWriteProtected
1156 * \li UserNotLoggedIn \li ArgumentsBad
1157 * @return true on success, false otherwise
1158 */
1159 bool C_InitPIN(SessionHandle session,
1160 Utf8Char* pin_ptr,
1161 Ulong pin_len,
1162 ReturnValue* return_value = ThrowException) const;
1163
1164 /**
1165 * C_InitPIN initializes the normal user's PIN.
1166 * @param session the session's handle
1167 * @param pin the normal user's PIN
1168 * @param return_value default value (`ThrowException`): throw exception on error.
1169 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1170 * At least the following PKCS#11 return values may be returned:
1171 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1172 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1173 * \li GeneralError \li HostMemory \li OK
1174 * \li PinInvalid \li PinLenRange \li SessionClosed
1175 * \li SessionReadOnly \li SessionHandleInvalid \li TokenWriteProtected
1176 * \li UserNotLoggedIn \li ArgumentsBad
1177 * @return true on success, false otherwise
1178 */
1179 template <typename TAlloc>
1180 bool C_InitPIN(SessionHandle session,
1181 const std::vector<uint8_t, TAlloc>& pin,
1182 ReturnValue* return_value = ThrowException) const {
1183 return C_InitPIN(session,
1184 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(pin.data())),
1185 static_cast<Ulong>(pin.size()),
1186 return_value);
1187 }
1188
1189 /**
1190 * C_SetPIN modifies the PIN of the user who is logged in.
1191 * @param session the session's handle
1192 * @param old_pin_ptr the old PIN
1193 * @param old_len length of the old PIN
1194 * @param new_pin_ptr the new PIN
1195 * @param new_len length of the new PIN
1196 * @param return_value default value (`ThrowException`): throw exception on error.
1197 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1198 * At least the following PKCS#11 return values may be returned:
1199 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1200 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1201 * \li GeneralError \li HostMemory \li OK
1202 * \li PinIncorrect \li PinInvalid \li PinLenRange
1203 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1204 * \li SessionReadOnly \li TokenWriteProtected \li ArgumentsBad
1205 * @return true on success, false otherwise
1206 */
1207 bool C_SetPIN(SessionHandle session,
1208 Utf8Char* old_pin_ptr,
1209 Ulong old_len,
1210 Utf8Char* new_pin_ptr,
1211 Ulong new_len,
1212 ReturnValue* return_value = ThrowException) const;
1213
1214 /**
1215 * C_SetPIN modifies the PIN of the user who is logged in.
1216 * @param session the session's handle
1217 * @param old_pin the old PIN
1218 * @param new_pin the new PIN
1219 * @param return_value default value (`ThrowException`): throw exception on error.
1220 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1221 * At least the following PKCS#11 return values may be returned:
1222 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1223 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1224 * \li GeneralError \li HostMemory \li OK
1225 * \li PinIncorrect \li PinInvalid \li PinLenRange
1226 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1227 * \li SessionReadOnly \li TokenWriteProtected \li ArgumentsBad
1228 * @return true on success, false otherwise
1229 */
1230 template <typename TAlloc>
1231 bool C_SetPIN(SessionHandle session,
1232 const std::vector<uint8_t, TAlloc>& old_pin,
1233 const std::vector<uint8_t, TAlloc>& new_pin,
1234 ReturnValue* return_value = ThrowException) const {
1235 return C_SetPIN(session,
1236 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(old_pin.data())),
1237 static_cast<Ulong>(old_pin.size()),
1238 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(new_pin.data())),
1239 static_cast<Ulong>(new_pin.size()),
1240 return_value);
1241 }
1242
1243 /****************************** Session management ******************************/
1244
1245 /**
1246 * C_OpenSession opens a session between an application and a token.
1247 * @param slot_id the slot's ID
1248 * @param flags from CK_SESSION_INFO
1249 * @param application passed to callback
1250 * @param notify callback function
1251 * @param session_ptr gets session handle
1252 * @param return_value default value (`ThrowException`): throw exception on error.
1253 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1254 * At least the following PKCS#11 return values may be returned:
1255 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1256 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1257 * \li HostMemory \li OK \li SessionCount
1258 * \li SessionParallelNotSupported \li SessionReadWriteSoExists \li SlotIdInvalid
1259 * \li TokenNotPresent \li TokenNotRecognized \li TokenWriteProtected
1260 * \li ArgumentsBad
1261 * @return true on success, false otherwise
1262 */
1263 bool C_OpenSession(SlotId slot_id,
1264 Flags flags,
1265 VoidPtr application,
1266 Notify notify,
1267 SessionHandle* session_ptr,
1268 ReturnValue* return_value = ThrowException) const;
1269
1270 /**
1271 * C_CloseSession closes a session between an application and a token.
1272 * @param session the session's handle
1273 * @param return_value default value (`ThrowException`): throw exception on error.
1274 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1275 * At least the following PKCS#11 return values may be returned:
1276 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1277 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1278 * \li HostMemory \li OK \li SessionClosed
1279 * \li SessionHandleInvalid
1280 * @return true on success, false otherwise
1281 */
1282 bool C_CloseSession(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1283
1284 /**
1285 * C_CloseAllSessions closes all sessions with a token.
1286 * @param slot_id the token's slot
1287 * @param return_value default value (`ThrowException`): throw exception on error.
1288 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1289 * At least the following PKCS#11 return values may be returned:
1290 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1291 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1292 * \li HostMemory \li OK \li SlotIdInvalid
1293 * \li TokenNotPresent
1294 * @return true on success, false otherwise
1295 */
1296 bool C_CloseAllSessions(SlotId slot_id, ReturnValue* return_value = ThrowException) const;
1297
1298 /**
1299 * C_GetSessionInfo obtains information about the session.
1300 * @param session the session's handle
1301 * @param info_ptr receives session info
1302 * @param return_value default value (`ThrowException`): throw exception on error.
1303 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1304 * At least the following PKCS#11 return values may be returned:
1305 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1306 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1307 * \li HostMemory \li OK \li SessionClosed
1308 * \li SessionHandleInvalid \li ArgumentsBad
1309 * @return true on success, false otherwise
1310 */
1311 bool C_GetSessionInfo(SessionHandle session,
1312 SessionInfo* info_ptr,
1313 ReturnValue* return_value = ThrowException) const;
1314
1315 /**
1316 * C_GetOperationState obtains the state of the cryptographic operation in a session.
1317 * @param session session's handle
1318 * @param operation_state_ptr gets state
1319 * @param operation_state_len_ptr gets state length
1320 * @param return_value default value (`ThrowException`): throw exception on error.
1321 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1322 * At least the following PKCS#11 return values may be returned:
1323 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1324 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1325 * \li GeneralError \li HostMemory \li OK
1326 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1327 * \li StateUnsaveable \li ArgumentsBad
1328 * @return true on success, false otherwise
1329 */
1330 bool C_GetOperationState(SessionHandle session,
1331 Byte* operation_state_ptr,
1332 Ulong* operation_state_len_ptr,
1333 ReturnValue* return_value = ThrowException) const;
1334
1335 /**
1336 * C_SetOperationState restores the state of the cryptographic operation in a session.
1337 * @param session session's handle
1338 * @param operation_state_ptr holds state
1339 * @param operation_state_len holds state length
1340 * @param encryption_key en/decryption key
1341 * @param authentication_key sign/verify key
1342 * @param return_value default value (`ThrowException`): throw exception on error.
1343 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1344 * At least the following PKCS#11 return values may be returned:
1345 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1346 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1347 * \li HostMemory \li KeyChanged \li KeyNeeded
1348 * \li KeyNotNeeded \li OK \li SavedStateInvalid
1349 * \li SessionClosed \li SessionHandleInvalid \li ArgumentsBad
1350 * @return true on success, false otherwise
1351 */
1352 bool C_SetOperationState(SessionHandle session,
1353 Byte* operation_state_ptr,
1354 Ulong operation_state_len,
1355 ObjectHandle encryption_key,
1356 ObjectHandle authentication_key,
1357 ReturnValue* return_value = ThrowException) const;
1358
1359 /**
1360 * C_Login logs a user into a token.
1361 * @param session the session's handle
1362 * @param user_type the user type
1363 * @param pin_ptr the user's PIN
1364 * @param pin_len the length of the PIN
1365 * @param return_value default value (`ThrowException`): throw exception on error.
1366 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1367 * At least the following PKCS#11 return values may be returned:
1368 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1369 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1370 * \li FunctionFailed \li GeneralError \li HostMemory
1371 * \li OK \li OperationNotInitialized \li PinIncorrect
1372 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1373 * \li SessionReadOnlyExists \li UserAlreadyLoggedIn \li UserAnotherAlreadyLoggedIn
1374 * \li UserPinNotInitialized \li UserTooManyTypes \li UserTypeInvalid
1375 * @return true on success, false otherwise
1376 */
1377 bool C_Login(SessionHandle session,
1378 UserType user_type,
1379 Utf8Char* pin_ptr,
1380 Ulong pin_len,
1381 ReturnValue* return_value = ThrowException) const;
1382
1383 /**
1384 * C_Login logs a user into a token.
1385 * @param session the session's handle
1386 * @param user_type the user type
1387 * @param pin the user or security officer's PIN
1388 * @param return_value default value (`ThrowException`): throw exception on error.
1389 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1390 * At least the following PKCS#11 return values may be returned:
1391 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1392 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1393 * \li FunctionFailed \li GeneralError \li HostMemory
1394 * \li OK \li OperationNotInitialized \li PinIncorrect
1395 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1396 * \li SessionReadOnlyExists \li UserAlreadyLoggedIn \li UserAnotherAlreadyLoggedIn
1397 * \li UserPinNotInitialized \li UserTooManyTypes \li UserTypeInvalid
1398 * @return true on success, false otherwise
1399 */
1400 template <typename TAlloc>
1401 bool C_Login(SessionHandle session,
1402 UserType user_type,
1403 const std::vector<uint8_t, TAlloc>& pin,
1404 ReturnValue* return_value = ThrowException) const {
1405 return C_Login(session,
1406 user_type,
1407 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(pin.data())),
1408 static_cast<Ulong>(pin.size()),
1409 return_value);
1410 }
1411
1412 /**
1413 * C_Logout logs a user out from a token.
1414 * @param session the session's handle
1415 * @param return_value default value (`ThrowException`): throw exception on error.
1416 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1417 * At least the following PKCS#11 return values may be returned:
1418 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1419 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1420 * \li HostMemory \li OK \li SessionClosed
1421 * \li SessionHandleInvalid \li UserNotLoggedIn
1422 * @return true on success, false otherwise
1423 */
1424 bool C_Logout(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1425
1426 /****************************** Object management functions ******************************/
1427
1428 /**
1429 * C_CreateObject creates a new object.
1430 * @param session the session's handle
1431 * @param attribute_template_ptr the object's template
1432 * @param count attributes in template
1433 * @param object_ptr gets new object's handle.
1434 * @param return_value default value (`ThrowException`): throw exception on error.
1435 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1436 * At least the following PKCS#11 return values may be returned:
1437 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
1438 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
1439 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1440 * \li DomainParamsInvalid \li FunctionFailed \li GeneralError
1441 * \li HostMemory \li OK \li PinExpired
1442 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
1443 * \li TemplateIncomplete \li TemplateInconsistent \li TokenWriteProtected
1444 * \li UserNotLoggedIn
1445 * @return true on success, false otherwise
1446 */
1447 bool C_CreateObject(SessionHandle session,
1448 Attribute* attribute_template_ptr,
1449 Ulong count,
1450 ObjectHandle* object_ptr,
1451 ReturnValue* return_value = ThrowException) const;
1452
1453 /**
1454 * C_CopyObject copies an object, creating a new object for the copy.
1455 * @param session the session's handle
1456 * @param object the object's handle
1457 * @param attribute_template_ptr template for new object
1458 * @param count attributes in template
1459 * @param new_object_ptr receives handle of copy
1460 * @param return_value default value (`ThrowException`): throw exception on error.
1461 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1462 * At least the following PKCS#11 return values may be returned:
1463 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1464 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1465 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1466 * \li FunctionFailed \li GeneralError \li HostMemory
1467 * \li ObjectHandleInvalid \li OK \li PinExpired
1468 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
1469 * \li TemplateInconsistent \li TokenWriteProtected \li UserNotLoggedIn
1470 * @return true on success, false otherwise
1471 */
1472 bool C_CopyObject(SessionHandle session,
1473 ObjectHandle object,
1474 Attribute* attribute_template_ptr,
1475 Ulong count,
1476 ObjectHandle* new_object_ptr,
1477 ReturnValue* return_value = ThrowException) const;
1478
1479 /**
1480 * C_DestroyObject destroys an object.
1481 * @param session the session's handle
1482 * @param object the object's handle
1483 * @param return_value default value (`ThrowException`): throw exception on error.
1484 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1485 * At least the following PKCS#11 return values may be returned:
1486 * \li ActionProhibited \li CryptokiNotInitialized \li DeviceError
1487 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1488 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1489 * \li OK \li PinExpired \li SessionClosed
1490 * \li SessionHandleInvalid \li SessionReadOnly \li TokenWriteProtected
1491 * @return true on success, false otherwise
1492 */
1493 bool C_DestroyObject(SessionHandle session,
1494 ObjectHandle object,
1495 ReturnValue* return_value = ThrowException) const;
1496
1497 /**
1498 * C_GetObjectSize gets the size of an object in bytes.
1499 * @param session the session's handle
1500 * @param object the object's handle
1501 * @param size_ptr receives size of object
1502 * @param return_value default value (`ThrowException`): throw exception on error.
1503 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1504 * At least the following PKCS#11 return values may be returned:
1505 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1506 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1507 * \li GeneralError \li HostMemory \li InformationSensitive
1508 * \li ObjectHandleInvalid \li OK \li SessionClosed
1509 * \li SessionHandleInvalid
1510 * @return true on success, false otherwise
1511 */
1512 bool C_GetObjectSize(SessionHandle session,
1513 ObjectHandle object,
1514 Ulong* size_ptr,
1515 ReturnValue* return_value = ThrowException) const;
1516
1517 /**
1518 * C_GetAttributeValue obtains the value of one or more object attributes.
1519 * @param session the session's handle
1520 * @param object the object's handle
1521 * @param attribute_template_ptr specifies attrs; gets vals
1522 * @param count attributes in template
1523 * @param return_value default value (`ThrowException`): throw exception on error.
1524 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1525 * At least the following PKCS#11 return values may be returned:
1526 * \li ArgumentsBad \li AttributeSensitive \li AttributeTypeInvalid
1527 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1528 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1529 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1530 * \li OK \li SessionClosed \li SessionHandleInvalid
1531 * @return true on success, false otherwise
1532 */
1533 bool C_GetAttributeValue(SessionHandle session,
1534 ObjectHandle object,
1535 Attribute* attribute_template_ptr,
1536 Ulong count,
1537 ReturnValue* return_value = ThrowException) const;
1538
1539 /**
1540 * C_GetAttributeValue obtains the value of one or more object attributes.
1541 * @param session the session's handle
1542 * @param object the object's handle
1543 * @param attribute_values specifies attrs; gets vals
1544 * @param return_value default value (`ThrowException`): throw exception on error.
1545 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1546 * At least the following PKCS#11 return values may be returned:
1547 * \li ArgumentsBad \li AttributeSensitive \li AttributeTypeInvalid
1548 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1549 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1550 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1551 * \li OK \li SessionClosed \li SessionHandleInvalid
1552 * @return true on success, false otherwise
1553 */
1554 template <typename TAlloc>
1555 bool C_GetAttributeValue(SessionHandle session,
1556 ObjectHandle object,
1557 std::map<AttributeType, std::vector<uint8_t, TAlloc>>& attribute_values,
1558 ReturnValue* return_value = ThrowException) const {
1559 std::vector<Attribute> getter_template;
1560
1561 getter_template.reserve(attribute_values.size());
1562 for(const auto& entry : attribute_values) {
1563 getter_template.emplace_back(Attribute{static_cast<CK_ATTRIBUTE_TYPE>(entry.first), nullptr, 0});
1564 }
1565
1566 bool success = C_GetAttributeValue(session,
1567 object,
1568 const_cast<Attribute*>(getter_template.data()),
1569 static_cast<Ulong>(getter_template.size()),
1570 return_value);
1571
1572 if(!success) {
1573 return success;
1574 }
1575
1576 size_t i = 0;
1577 for(auto& entry : attribute_values) {
1578 entry.second.clear();
1579 entry.second.resize(getter_template.at(i).ulValueLen);
1580 getter_template.at(i).pValue = const_cast<uint8_t*>(entry.second.data());
1581 i++;
1582 }
1583
1584 return C_GetAttributeValue(session,
1585 object,
1586 const_cast<Attribute*>(getter_template.data()),
1587 static_cast<Ulong>(getter_template.size()),
1588 return_value);
1589 }
1590
1591 /**
1592 * C_SetAttributeValue modifies the value of one or more object attributes.
1593 * @param session the session's handle
1594 * @param object the object's handle
1595 * @param attribute_template_ptr specifies attrs and values
1596 * @param count attributes in template
1597 * @param return_value default value (`ThrowException`): throw exception on error.
1598 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1599 * At least the following PKCS#11 return values may be returned:
1600 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1601 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1602 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1603 * \li FunctionFailed \li GeneralError \li HostMemory
1604 * \li ObjectHandleInvalid \li OK \li SessionClosed
1605 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateInconsistent
1606 * \li TokenWriteProtected \li UserNotLoggedIn
1607 * @return true on success, false otherwise
1608 */
1609 bool C_SetAttributeValue(SessionHandle session,
1610 ObjectHandle object,
1611 Attribute* attribute_template_ptr,
1612 Ulong count,
1613 ReturnValue* return_value = ThrowException) const;
1614
1615 /**
1616 * C_SetAttributeValue modifies the value of one or more object attributes.
1617 * @param session the session's handle
1618 * @param object the object's handle
1619 * @param attribute_values specifies attrs and values
1620 * @param return_value default value (`ThrowException`): throw exception on error.
1621 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1622 * At least the following PKCS#11 return values may be returned:
1623 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1624 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1625 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1626 * \li FunctionFailed \li GeneralError \li HostMemory
1627 * \li ObjectHandleInvalid \li OK \li SessionClosed
1628 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateInconsistent
1629 * \li TokenWriteProtected \li UserNotLoggedIn
1630 * @return true on success, false otherwise
1631 */
1632 template <typename TAlloc>
1633 bool C_SetAttributeValue(SessionHandle session,
1634 ObjectHandle object,
1635 std::map<AttributeType, std::vector<uint8_t, TAlloc>>& attribute_values,
1636 ReturnValue* return_value = ThrowException) const {
1637 std::vector<Attribute> setter_template;
1638
1639 setter_template.reserve(attribute_values.size());
1640 for(auto& entry : attribute_values) {
1641 setter_template.emplace_back(Attribute{static_cast<CK_ATTRIBUTE_TYPE>(entry.first),
1642 entry.second.data(),
1643 static_cast<CK_ULONG>(entry.second.size())});
1644 }
1645
1646 return C_SetAttributeValue(session,
1647 object,
1648 const_cast<Attribute*>(setter_template.data()),
1649 static_cast<Ulong>(setter_template.size()),
1650 return_value);
1651 }
1652
1653 /**
1654 * C_FindObjectsInit initializes a search for token and session objects that match a template.
1655 * @param session the session's handle
1656 * @param attribute_template_ptr attribute values to match
1657 * @param count attrs in search template
1658 * @param return_value default value (`ThrowException`): throw exception on error.
1659 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1660 * At least the following PKCS#11 return values may be returned:
1661 * \li ArgumentsBad \li AttributeTypeInvalid \li AttributeValueInvalid
1662 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1663 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1664 * \li HostMemory \li OK \li OperationActive
1665 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
1666 * @return true on success, false otherwise
1667 */
1668 bool C_FindObjectsInit(SessionHandle session,
1669 Attribute* attribute_template_ptr,
1670 Ulong count,
1671 ReturnValue* return_value = ThrowException) const;
1672
1673 /**
1674 * C_FindObjects continues a search for token and session objects that match a template, obtaining additional object handles.
1675 * @param session session's handle
1676 * @param object_ptr gets obj. handles
1677 * @param max_object_count max handles to get
1678 * @param object_count_ptr actual # returned
1679 * @param return_value default value (`ThrowException`): throw exception on error.
1680 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1681 * At least the following PKCS#11 return values may be returned:
1682 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1683 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1684 * \li GeneralError \li HostMemory \li OK
1685 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1686 * @return true on success, false otherwise
1687 */
1688 bool C_FindObjects(SessionHandle session,
1689 ObjectHandle* object_ptr,
1690 Ulong max_object_count,
1691 Ulong* object_count_ptr,
1692 ReturnValue* return_value = ThrowException) const;
1693
1694 /**
1695 * C_FindObjectsFinal finishes a search for token and session objects.
1696 * @param session the session's handle
1697 * @param return_value default value (`ThrowException`): throw exception on error.
1698 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1699 * At least the following PKCS#11 return values may be returned:
1700 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1701 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1702 * \li HostMemory \li OK \li OperationNotInitialized
1703 * \li SessionClosed \li SessionHandleInvalid
1704 * @return true on success, false otherwise
1705 */
1706 bool C_FindObjectsFinal(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1707
1708 /****************************** Encryption functions ******************************/
1709
1710 /**
1711 * C_EncryptInit initializes an encryption operation.
1712 * @param session the session's handle
1713 * @param mechanism_ptr the encryption mechanism
1714 * @param key handle of encryption key
1715 * @param return_value default value (`ThrowException`): throw exception on error.
1716 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1717 * At least the following PKCS#11 return values may be returned:
1718 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1719 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1720 * \li GeneralError \li HostMemory \li KeyFunctionNotPermitted
1721 * \li KeyHandleInvalid \li KeySizeRange \li KeyTypeInconsistent
1722 * \li MechanismInvalid \li MechanismParamInvalid \li OK
1723 * \li OperationActive \li PinExpired \li SessionClosed
1724 * \li SessionHandleInvalid \li UserNotLoggedIn
1725 * @return true on success, false otherwise
1726 */
1727 bool C_EncryptInit(SessionHandle session,
1728 Mechanism* mechanism_ptr,
1729 ObjectHandle key,
1730 ReturnValue* return_value = ThrowException) const;
1731
1732 /**
1733 * C_Encrypt encrypts single-part data.
1734 * @param session session's handle
1735 * @param data_ptr the plaintext data
1736 * @param data_len size of plaintext data in bytes
1737 * @param encrypted_data gets ciphertext
1738 * @param encrypted_data_len_ptr gets c-text size
1739 * @param return_value default value (`ThrowException`): throw exception on error.
1740 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1741 * At least the following PKCS#11 return values may be returned:
1742 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1743 * \li DataInvalid \li DataLenRange \li DeviceError
1744 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1745 * \li FunctionFailed \li GeneralError \li HostMemory
1746 * \li OK \li OperationNotInitialized \li SessionClosed
1747 * \li SessionHandleInvalid
1748 * @return true on success, false otherwise
1749 */
1750 bool C_Encrypt(SessionHandle session,
1751 Byte* data_ptr,
1752 Ulong data_len,
1753 Byte* encrypted_data,
1754 Ulong* encrypted_data_len_ptr,
1755 ReturnValue* return_value = ThrowException) const;
1756
1757 /**
1758 * C_Encrypt encrypts single-part data.
1759 * @param session session's handle
1760 * @param plaintext_data the plaintext data
1761 * @param encrypted_data gets ciphertext
1762 * @param return_value default value (`ThrowException`): throw exception on error.
1763 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1764 * At least the following PKCS#11 return values may be returned:
1765 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1766 * \li DataInvalid \li DataLenRange \li DeviceError
1767 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1768 * \li FunctionFailed \li GeneralError \li HostMemory
1769 * \li OK \li OperationNotInitialized \li SessionClosed
1770 * \li SessionHandleInvalid
1771 * @return true on success, false otherwise
1772 */
1773 template <typename TAllocA, typename TAllocB>
1774 bool C_Encrypt(SessionHandle session,
1775 const std::vector<uint8_t, TAllocA>& plaintext_data,
1776 std::vector<uint8_t, TAllocB>& encrypted_data,
1777 ReturnValue* return_value = ThrowException) const {
1778 Ulong encrypted_size = 0;
1779 if(!C_Encrypt(session,
1780 const_cast<Byte*>((plaintext_data.data())),
1781 static_cast<Ulong>(plaintext_data.size()),
1782 nullptr,
1783 &encrypted_size,
1784 return_value)) {
1785 return false;
1786 }
1787
1788 encrypted_data.resize(encrypted_size);
1789 if(!C_Encrypt(session,
1790 const_cast<Byte*>(plaintext_data.data()),
1791 static_cast<Ulong>(plaintext_data.size()),
1792 encrypted_data.data(),
1793 &encrypted_size,
1794 return_value)) {
1795 return false;
1796 }
1797 encrypted_data.resize(encrypted_size);
1798 return true;
1799 }
1800
1801 /**
1802 * C_EncryptUpdate continues a multiple-part encryption operation.
1803 * @param session session's handle
1804 * @param part_ptr the plaintext data
1805 * @param part_len plaintext data len
1806 * @param encrypted_part_ptr gets ciphertext
1807 * @param encrypted_part_len_ptr gets c-text size
1808 * @param return_value default value (`ThrowException`): throw exception on error.
1809 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1810 * At least the following PKCS#11 return values may be returned:
1811 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1812 * \li DataLenRange \li DeviceError \li DeviceMemory
1813 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1814 * \li GeneralError \li HostMemory \li OK
1815 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1816 * @return true on success, false otherwise
1817 */
1818 bool C_EncryptUpdate(SessionHandle session,
1819 Byte* part_ptr,
1820 Ulong part_len,
1821 Byte* encrypted_part_ptr,
1822 Ulong* encrypted_part_len_ptr,
1823 ReturnValue* return_value = ThrowException) const;
1824
1825 /**
1826 * C_EncryptFinal finishes a multiple-part encryption operation.
1827 * @param session session handle
1828 * @param last_encrypted_part_ptr last c-text
1829 * @param last_encrypted_part_len_ptr gets last size
1830 * @param return_value default value (`ThrowException`): throw exception on error.
1831 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1832 * At least the following PKCS#11 return values may be returned:
1833 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1834 * \li DataLenRange \li DeviceError \li DeviceMemory
1835 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1836 * \li GeneralError \li HostMemory \li OK
1837 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1838 * @return true on success, false otherwise
1839 */
1840 bool C_EncryptFinal(SessionHandle session,
1841 Byte* last_encrypted_part_ptr,
1842 Ulong* last_encrypted_part_len_ptr,
1843 ReturnValue* return_value = ThrowException) const;
1844
1845 /****************************** Decryption functions ******************************/
1846
1847 /**
1848 * C_DecryptInit initializes a decryption operation.
1849 * @param session the session's handle
1850 * @param mechanism_ptr the decryption mechanism
1851 * @param key handle of decryption key
1852 * @param return_value default value (`ThrowException`): throw exception on error.
1853 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1854 * At least the following PKCS#11 return values may be returned:
1855 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1856 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1857 * \li FunctionFailed \li GeneralError \li HostMemory
1858 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
1859 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
1860 * \li OK \li OperationActive \li PinExpired
1861 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
1862 * @return true on success, false otherwise
1863 */
1864 bool C_DecryptInit(SessionHandle session,
1865 Mechanism* mechanism_ptr,
1866 ObjectHandle key,
1867 ReturnValue* return_value = ThrowException) const;
1868
1869 /**
1870 * C_Decrypt decrypts encrypted data in a single part.
1871 * @param session session's handle
1872 * @param encrypted_data_ptr ciphertext
1873 * @param encrypted_data_len ciphertext length
1874 * @param data_ptr gets plaintext
1875 * @param data_len_ptr gets p-text size
1876 * @param return_value default value (`ThrowException`): throw exception on error.
1877 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1878 * At least the following PKCS#11 return values may be returned:
1879 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1880 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1881 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1882 * \li FunctionFailed \li GeneralError \li HostMemory
1883 * \li OK \li OperationNotInitialized \li SessionClosed
1884 * \li SessionHandleInvalid \li UserNotLoggedIn
1885 * @return true on success, false otherwise
1886 */
1887 bool C_Decrypt(SessionHandle session,
1888 Byte* encrypted_data_ptr,
1889 Ulong encrypted_data_len,
1890 Byte* data_ptr,
1891 Ulong* data_len_ptr,
1892 ReturnValue* return_value = ThrowException) const;
1893
1894 /**
1895 * C_Decrypt decrypts encrypted data in a single part.
1896 * @param session session's handle
1897 * @param encrypted_data ciphertext
1898 * @param decrypted_data gets plaintext
1899 * @param return_value default value (`ThrowException`): throw exception on error.
1900 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1901 * At least the following PKCS#11 return values may be returned:
1902 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1903 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1904 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1905 * \li FunctionFailed \li GeneralError \li HostMemory
1906 * \li OK \li OperationNotInitialized \li SessionClosed
1907 * \li SessionHandleInvalid \li UserNotLoggedIn
1908 * @return true on success, false otherwise
1909 */
1910 template <typename TAllocA, typename TAllocB>
1911 bool C_Decrypt(SessionHandle session,
1912 const std::vector<uint8_t, TAllocA>& encrypted_data,
1913 std::vector<uint8_t, TAllocB>& decrypted_data,
1914 ReturnValue* return_value = ThrowException) const {
1915 Ulong decrypted_size = 0;
1916 if(!C_Decrypt(session,
1917 const_cast<Byte*>((encrypted_data.data())),
1918 static_cast<Ulong>(encrypted_data.size()),
1919 nullptr,
1920 &decrypted_size,
1921 return_value)) {
1922 return false;
1923 }
1924
1925 decrypted_data.resize(decrypted_size);
1926 if(!C_Decrypt(session,
1927 const_cast<Byte*>(encrypted_data.data()),
1928 static_cast<Ulong>(encrypted_data.size()),
1929 decrypted_data.data(),
1930 &decrypted_size,
1931 return_value)) {
1932 return false;
1933 }
1934 decrypted_data.resize(decrypted_size);
1935 return true;
1936 }
1937
1938 /**
1939 * C_DecryptUpdate continues a multiple-part decryption operation.
1940 * @param session session's handle
1941 * @param encrypted_part_ptr encrypted data
1942 * @param encrypted_part_len input length
1943 * @param part_ptr gets plaintext
1944 * @param part_len_ptr p-text size
1945 * @param return_value default value (`ThrowException`): throw exception on error.
1946 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1947 * At least the following PKCS#11 return values may be returned:
1948 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1949 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1950 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1951 * \li FunctionFailed \li GeneralError \li HostMemory
1952 * \li OK \li OperationNotInitialized \li SessionClosed
1953 * \li SessionHandleInvalid \li UserNotLoggedIn
1954 * @return true on success, false otherwise
1955 */
1956 bool C_DecryptUpdate(SessionHandle session,
1957 Byte* encrypted_part_ptr,
1958 Ulong encrypted_part_len,
1959 Byte* part_ptr,
1960 Ulong* part_len_ptr,
1961 ReturnValue* return_value = ThrowException) const;
1962
1963 /**
1964 * C_DecryptFinal finishes a multiple-part decryption operation.
1965 * @param session the session's handle
1966 * @param last_part_ptr gets plaintext
1967 * @param last_part_len_ptr p-text size
1968 * @param return_value default value (`ThrowException`): throw exception on error.
1969 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1970 * At least the following PKCS#11 return values may be returned:
1971 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1972 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1973 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1974 * \li FunctionFailed \li GeneralError \li HostMemory
1975 * \li OK \li OperationNotInitialized \li SessionClosed
1976 * \li SessionHandleInvalid \li UserNotLoggedIn
1977 * @return true on success, false otherwise
1978 */
1979 bool C_DecryptFinal(SessionHandle session,
1980 Byte* last_part_ptr,
1981 Ulong* last_part_len_ptr,
1982 ReturnValue* return_value = ThrowException) const;
1983
1984 /****************************** Message digesting functions ******************************/
1985
1986 /**
1987 * C_DigestInit initializes a message-digesting operation.
1988 * @param session the session's handle
1989 * @param mechanism_ptr the digesting mechanism
1990 * @param return_value default value (`ThrowException`): throw exception on error.
1991 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1992 * At least the following PKCS#11 return values may be returned:
1993 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1994 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1995 * \li FunctionFailed \li GeneralError \li HostMemory
1996 * \li MechanismInvalid \li MechanismParamInvalid \li OK
1997 * \li OperationActive \li PinExpired \li SessionClosed
1998 * \li SessionHandleInvalid \li UserNotLoggedIn
1999 * @return true on success, false otherwise
2000 */
2001 bool C_DigestInit(SessionHandle session,
2002 Mechanism* mechanism_ptr,
2003 ReturnValue* return_value = ThrowException) const;
2004
2005 /**
2006 * C_Digest digests data in a single part.
2007 * @param session the session's handle
2008 * @param data_ptr data to be digested
2009 * @param data_len bytes of data to digest
2010 * @param digest_ptr gets the message digest
2011 * @param digest_len_ptr gets digest length
2012 * @param return_value default value (`ThrowException`): throw exception on error.
2013 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2014 * At least the following PKCS#11 return values may be returned:
2015 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2016 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2017 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2018 * \li HostMemory \li OK \li OperationNotInitialized
2019 * \li SessionClosed \li SessionHandleInvalid
2020 * @return true on success, false otherwise
2021 */
2022 bool C_Digest(SessionHandle session,
2023 Byte* data_ptr,
2024 Ulong data_len,
2025 Byte* digest_ptr,
2026 Ulong* digest_len_ptr,
2027 ReturnValue* return_value = ThrowException) const;
2028
2029 /**
2030 * C_DigestUpdate continues a multiple-part message-digesting operation.
2031 * @param session the session's handle
2032 * @param part_ptr data to be digested
2033 * @param part_len bytes of data to be digested
2034 * @param return_value default value (`ThrowException`): throw exception on error.
2035 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2036 * At least the following PKCS#11 return values may be returned:
2037 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2038 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2039 * \li FunctionFailed \li GeneralError \li HostMemory
2040 * \li OK \li OperationNotInitialized \li SessionClosed
2041 * \li SessionHandleInvalid
2042 * @return true on success, false otherwise
2043 */
2044 bool C_DigestUpdate(SessionHandle session,
2045 Byte* part_ptr,
2046 Ulong part_len,
2047 ReturnValue* return_value = ThrowException) const;
2048
2049 /**
2050 * C_DigestKey continues a multi-part message-digesting operation, by digesting the value of a secret key as part of the data already digested.
2051 * @param session the session's handle
2052 * @param key secret key to digest
2053 * @param return_value default value (`ThrowException`): throw exception on error.
2054 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2055 * At least the following PKCS#11 return values may be returned:
2056 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
2057 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2058 * \li GeneralError \li HostMemory \li KeyHandleInvalid
2059 * \li KeyIndigestible \li KeySizeRange \li OK
2060 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2061 * @return true on success, false otherwise
2062 */
2063 bool C_DigestKey(SessionHandle session, ObjectHandle key, ReturnValue* return_value = ThrowException) const;
2064
2065 /**
2066 * C_DigestFinal finishes a multiple-part message-digesting operation.
2067 * @param session the session's handle
2068 * @param digest_ptr gets the message digest
2069 * @param digest_len_ptr gets uint8_t count of digest
2070 * @param return_value default value (`ThrowException`): throw exception on error.
2071 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2072 * At least the following PKCS#11 return values may be returned:
2073 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2074 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2075 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2076 * \li HostMemory \li OK \li OperationNotInitialized
2077 * \li SessionClosed \li SessionHandleInvalid
2078 * @return true on success, false otherwise
2079 */
2080 bool C_DigestFinal(SessionHandle session,
2081 Byte* digest_ptr,
2082 Ulong* digest_len_ptr,
2083 ReturnValue* return_value = ThrowException) const;
2084
2085 /****************************** Signing and MACing functions ******************************/
2086
2087 /**
2088 * C_SignInit initializes a signature (private key encryption) operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2089 * @param session the session's handle
2090 * @param mechanism_ptr the signature mechanism
2091 * @param key handle of signature key
2092 * @param return_value default value (`ThrowException`): throw exception on error.
2093 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2094 * At least the following PKCS#11 return values may be returned:
2095 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2096 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2097 * \li FunctionFailed \li GeneralError \li HostMemory
2098 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2099 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2100 * \li OK \li OperationActive \li PinExpired
2101 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2102 * @return true on success, false otherwise
2103 */
2104 bool C_SignInit(SessionHandle session,
2105 Mechanism* mechanism_ptr,
2106 ObjectHandle key,
2107 ReturnValue* return_value = ThrowException) const;
2108
2109 /**
2110 * C_Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2111 * @param session the session's handle
2112 * @param data_ptr the data to sign
2113 * @param data_len count of bytes to sign
2114 * @param signature_ptr gets the signature
2115 * @param signature_len_ptr gets signature length
2116 * @param return_value default value (`ThrowException`): throw exception on error.
2117 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2118 * At least the following PKCS#11 return values may be returned:
2119 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2120 * \li DataInvalid \li DataLenRange \li DeviceError
2121 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2122 * \li FunctionFailed \li GeneralError \li HostMemory
2123 * \li OK \li OperationNotInitialized \li SessionClosed
2124 * \li SessionHandleInvalid \li UserNotLoggedIn \li FunctionRejected
2125 * @return true on success, false otherwise
2126 */
2127 bool C_Sign(SessionHandle session,
2128 const Byte* data_ptr,
2129 Ulong data_len,
2130 Byte* signature_ptr,
2131 Ulong* signature_len_ptr,
2132 ReturnValue* return_value = ThrowException) const;
2133
2134 /**
2135 * C_Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2136 * @param session the session's handle
2137 * @param data the data to sign
2138 * @param signature gets the signature
2139 * @param return_value default value (`ThrowException`): throw exception on error.
2140 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2141 * At least the following PKCS#11 return values may be returned:
2142 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2143 * \li DataInvalid \li DataLenRange \li DeviceError
2144 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2145 * \li FunctionFailed \li GeneralError \li HostMemory
2146 * \li OK \li OperationNotInitialized \li SessionClosed
2147 * \li SessionHandleInvalid \li UserNotLoggedIn \li FunctionRejected
2148 * @return true on success, false otherwise
2149 */
2150 template <typename TAllocA, typename TAllocB>
2151 bool C_Sign(SessionHandle session,
2152 const std::vector<uint8_t, TAllocA>& data,
2153 std::vector<uint8_t, TAllocB>& signature,
2154 ReturnValue* return_value = ThrowException) const {
2155 Ulong signature_size = 0;
2156 if(!C_Sign(session, data.data(), static_cast<Ulong>(data.size()), nullptr, &signature_size, return_value)) {
2157 return false;
2158 }
2159
2160 signature.resize(signature_size);
2161 if(!C_Sign(session,
2162 data.data(),
2163 static_cast<Ulong>(data.size()),
2164 signature.data(),
2165 &signature_size,
2166 return_value)) {
2167 return false;
2168 }
2169 signature.resize(signature_size);
2170 return true;
2171 }
2172
2173 /**
2174 * C_SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2175 * @param session the session's handle
2176 * @param part_ptr the data to sign
2177 * @param part_len count of bytes to sign
2178 * @param return_value default value (`ThrowException`): throw exception on error.
2179 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2180 * At least the following PKCS#11 return values may be returned:
2181 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2182 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2183 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2184 * \li HostMemory \li OK \li OperationNotInitialized
2185 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2186 * @return true on success, false otherwise
2187 */
2188 bool C_SignUpdate(SessionHandle session,
2189 const Byte* part_ptr,
2190 Ulong part_len,
2191 ReturnValue* return_value = ThrowException) const;
2192
2193 /**
2194 * C_SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2195 * @param session the session's handle
2196 * @param part the data to sign
2197 * @param return_value default value (`ThrowException`): throw exception on error.
2198 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2199 * At least the following PKCS#11 return values may be returned:
2200 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2201 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2202 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2203 * \li HostMemory \li OK \li OperationNotInitialized
2204 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2205 * @return true on success, false otherwise
2206 */
2207 template <typename TAlloc>
2208 bool C_SignUpdate(SessionHandle session,
2209 const std::vector<uint8_t, TAlloc>& part,
2210 ReturnValue* return_value = ThrowException) const {
2211 return C_SignUpdate(session, part.data(), static_cast<Ulong>(part.size()), return_value);
2212 }
2213
2214 /**
2215 * C_SignFinal finishes a multiple-part signature operation, returning the signature.
2216 * @param session the session's handle
2217 * @param signature_ptr gets the signature
2218 * @param signature_len_ptr gets signature length
2219 * @param return_value default value (`ThrowException`): throw exception on error.
2220 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2221 * At least the following PKCS#11 return values may be returned:
2222 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2223 * \li DataLenRange \li DeviceError \li DeviceMemory
2224 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2225 * \li GeneralError \li HostMemory \li OK
2226 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2227 * \li UserNotLoggedIn \li FunctionRejected
2228 * @return true on success, false otherwise
2229 */
2230 bool C_SignFinal(SessionHandle session,
2231 Byte* signature_ptr,
2232 Ulong* signature_len_ptr,
2233 ReturnValue* return_value = ThrowException) const;
2234
2235 /**
2236 * C_SignFinal finishes a multiple-part signature operation, returning the signature.
2237 * @param session the session's handle
2238 * @param signature gets the signature
2239 * @param return_value default value (`ThrowException`): throw exception on error.
2240 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2241 * At least the following PKCS#11 return values may be returned:
2242 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2243 * \li DataLenRange \li DeviceError \li DeviceMemory
2244 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2245 * \li GeneralError \li HostMemory \li OK
2246 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2247 * \li UserNotLoggedIn \li FunctionRejected
2248 * @return true on success, false otherwise
2249 */
2250 template <typename TAlloc>
2251 bool C_SignFinal(SessionHandle session,
2252 std::vector<uint8_t, TAlloc>& signature,
2253 ReturnValue* return_value = ThrowException) const {
2254 Ulong signature_size = 0;
2255 if(!C_SignFinal(session, nullptr, &signature_size, return_value)) {
2256 return false;
2257 }
2258
2259 signature.resize(signature_size);
2260 if(!C_SignFinal(session, signature.data(), &signature_size, return_value)) {
2261 return false;
2262 }
2263 signature.resize(signature_size);
2264 return true;
2265 }
2266
2267 /**
2268 * C_SignRecoverInit initializes a signature operation, where the data can be recovered from the signature.
2269 * @param session the session's handle
2270 * @param mechanism_ptr the signature mechanism
2271 * @param key handle of the signature key
2272 * @param return_value default value (`ThrowException`): throw exception on error.
2273 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2274 * At least the following PKCS#11 return values may be returned:
2275 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2276 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2277 * \li FunctionFailed \li GeneralError \li HostMemory
2278 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2279 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2280 * \li OK \li OperationActive \li PinExpired
2281 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2282 * @return true on success, false otherwise
2283 */
2284 bool C_SignRecoverInit(SessionHandle session,
2285 Mechanism* mechanism_ptr,
2286 ObjectHandle key,
2287 ReturnValue* return_value = ThrowException) const;
2288
2289 /**
2290 * C_SignRecover signs data in a single operation, where the data can be recovered from the signature.
2291 * @param session the session's handle
2292 * @param data_ptr the data to sign
2293 * @param data_len count of bytes to sign
2294 * @param signature_ptr gets the signature
2295 * @param signature_len_ptr gets signature length
2296 * @param return_value default value (`ThrowException`): throw exception on error.
2297 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2298 * At least the following PKCS#11 return values may be returned:
2299 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2300 * \li DataInvalid \li DataLenRange \li DeviceError
2301 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2302 * \li FunctionFailed \li GeneralError \li HostMemory
2303 * \li OK \li OperationNotInitialized \li SessionClosed
2304 * \li SessionHandleInvalid \li UserNotLoggedIn
2305 * @return true on success, false otherwise
2306 */
2307 bool C_SignRecover(SessionHandle session,
2308 Byte* data_ptr,
2309 Ulong data_len,
2310 Byte* signature_ptr,
2311 Ulong* signature_len_ptr,
2312 ReturnValue* return_value = ThrowException) const;
2313
2314 /****************************** Functions for verifying signatures and MACs ******************************/
2315
2316 /**
2317 * C_VerifyInit initializes a verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature (e.g. DSA).
2318 * @param session the session's handle
2319 * @param mechanism_ptr the verification mechanism
2320 * @param key verification key
2321 * @param return_value default value (`ThrowException`): throw exception on error.
2322 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2323 * At least the following PKCS#11 return values may be returned:
2324 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2325 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2326 * \li FunctionFailed \li GeneralError \li HostMemory
2327 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2328 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2329 * \li OK \li OperationActive \li PinExpired
2330 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2331 * @return true on success, false otherwise
2332 */
2333 bool C_VerifyInit(SessionHandle session,
2334 Mechanism* mechanism_ptr,
2335 ObjectHandle key,
2336 ReturnValue* return_value = ThrowException) const;
2337
2338 /**
2339 * C_Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2340 * @param session the session's handle
2341 * @param data_ptr signed data
2342 * @param data_len length of signed data
2343 * @param signature_ptr signature
2344 * @param signature_len signature length
2345 * @param return_value default value (`ThrowException`): throw exception on error.
2346 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2347 * At least the following PKCS#11 return values may be returned:
2348 * \li ArgumentsBad \li CryptokiNotInitialized \li DataInvalid
2349 * \li DataLenRange \li DeviceError \li DeviceMemory
2350 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2351 * \li GeneralError \li HostMemory \li OK
2352 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2353 * \li SignatureInvalid \li SignatureLenRange
2354 * @return true on success, false otherwise
2355 */
2356 bool C_Verify(SessionHandle session,
2357 const Byte* data_ptr,
2358 Ulong data_len,
2359 const Byte* signature_ptr,
2360 Ulong signature_len,
2361 ReturnValue* return_value = ThrowException) const;
2362
2363 /**
2364 * C_Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2365 * @param session the session's handle
2366 * @param data signed data
2367 * @param signature signature
2368 * @param return_value default value (`ThrowException`): throw exception on error.
2369 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2370 * At least the following PKCS#11 return values may be returned:
2371 * \li ArgumentsBad \li CryptokiNotInitialized \li DataInvalid
2372 * \li DataLenRange \li DeviceError \li DeviceMemory
2373 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2374 * \li GeneralError \li HostMemory \li OK
2375 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2376 * \li SignatureInvalid \li SignatureLenRange
2377 * @return true on success, false otherwise
2378 */
2379 template <typename TAllocA, typename TAllocB>
2380 bool C_Verify(SessionHandle session,
2381 const std::vector<uint8_t, TAllocA>& data,
2382 std::vector<uint8_t, TAllocB>& signature,
2383 ReturnValue* return_value = ThrowException) const {
2384 return C_Verify(session,
2385 data.data(),
2386 static_cast<Ulong>(data.size()),
2387 signature.data(),
2388 static_cast<Ulong>(signature.size()),
2389 return_value);
2390 }
2391
2392 /**
2393 * C_VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2394 * @param session the session's handle
2395 * @param part_ptr signed data
2396 * @param part_len length of signed data
2397 * @param return_value default value (`ThrowException`): throw exception on error.
2398 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2399 * At least the following PKCS#11 return values may be returned:
2400 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2401 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2402 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2403 * \li HostMemory \li OK \li OperationNotInitialized
2404 * \li SessionClosed \li SessionHandleInvalid
2405 * @return true on success, false otherwise
2406 */
2407 bool C_VerifyUpdate(SessionHandle session,
2408 const Byte* part_ptr,
2409 Ulong part_len,
2410 ReturnValue* return_value = ThrowException) const;
2411
2412 /**
2413 * C_VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2414 * @param session the session's handle
2415 * @param part signed data
2416 * @param return_value default value (`ThrowException`): throw exception on error.
2417 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2418 * At least the following PKCS#11 return values may be returned:
2419 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2420 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2421 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2422 * \li HostMemory \li OK \li OperationNotInitialized
2423 * \li SessionClosed \li SessionHandleInvalid
2424 * @return true on success, false otherwise
2425 */
2426 template <typename TAlloc>
2427 bool C_VerifyUpdate(SessionHandle session,
2428 std::vector<uint8_t, TAlloc> part,
2429 ReturnValue* return_value = ThrowException) const {
2430 return C_VerifyUpdate(session, part.data(), static_cast<Ulong>(part.size()), return_value);
2431 }
2432
2433 /**
2434 * C_VerifyFinal finishes a multiple-part verification operation, checking the signature.
2435 * @param session the session's handle
2436 * @param signature_ptr signature to verify
2437 * @param signature_len signature length
2438 * @param return_value default value (`ThrowException`): throw exception on error.
2439 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2440 * At least the following PKCS#11 return values may be returned:
2441 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2442 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2443 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2444 * \li HostMemory \li OK \li OperationNotInitialized
2445 * \li SessionClosed \li SessionHandleInvalid \li SignatureInvalid
2446 * \li SignatureLenRange
2447 * @return true on success, false otherwise
2448 */
2449 bool C_VerifyFinal(SessionHandle session,
2450 const Byte* signature_ptr,
2451 Ulong signature_len,
2452 ReturnValue* return_value = ThrowException) const;
2453
2454 /**
2455 * C_VerifyRecoverInit initializes a signature verification operation, where the data is recovered from the signature.
2456 * @param session the session's handle
2457 * @param mechanism_ptr the verification mechanism
2458 * @param key verification key
2459 * @param return_value default value (`ThrowException`): throw exception on error.
2460 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2461 * At least the following PKCS#11 return values may be returned:
2462 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2463 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2464 * \li FunctionFailed \li GeneralError \li HostMemory
2465 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2466 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2467 * \li OK \li OperationActive \li PinExpired
2468 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2469 * @return true on success, false otherwise
2470 */
2471 bool C_VerifyRecoverInit(SessionHandle session,
2472 Mechanism* mechanism_ptr,
2473 ObjectHandle key,
2474 ReturnValue* return_value = ThrowException) const;
2475
2476 /**
2477 * C_VerifyRecover verifies a signature in a single-part operation, where the data is recovered from the signature.
2478 * @param session the session's handle
2479 * @param signature_ptr signature to verify
2480 * @param signature_len signature length
2481 * @param data_ptr gets signed data
2482 * @param data_len_ptr gets signed data len
2483 * @param return_value default value (`ThrowException`): throw exception on error.
2484 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2485 * At least the following PKCS#11 return values may be returned:
2486 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2487 * \li DataInvalid \li DataLenRange \li DeviceError
2488 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2489 * \li FunctionFailed \li GeneralError \li HostMemory
2490 * \li OK \li OperationNotInitialized \li SessionClosed
2491 * \li SessionHandleInvalid \li SignatureLenRange \li SignatureInvalid
2492 * @return true on success, false otherwise
2493 */
2494 bool C_VerifyRecover(SessionHandle session,
2495 Byte* signature_ptr,
2496 Ulong signature_len,
2497 Byte* data_ptr,
2498 Ulong* data_len_ptr,
2499 ReturnValue* return_value = ThrowException) const;
2500
2501 /****************************** Dual-purpose cryptographic functions ******************************/
2502
2503 /**
2504 * C_DigestEncryptUpdate continues a multiple-part digesting and encryption operation.
2505 * @param session session's handle
2506 * @param part_ptr the plaintext data
2507 * @param part_len plaintext length
2508 * @param encrypted_part_ptr gets ciphertext
2509 * @param encrypted_part_len_ptr gets c-text length
2510 * @param return_value default value (`ThrowException`): throw exception on error.
2511 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2512 * At least the following PKCS#11 return values may be returned:
2513 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2514 * \li DataLenRange \li DeviceError \li DeviceMemory
2515 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2516 * \li GeneralError \li HostMemory \li OK
2517 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2518 * @return true on success, false otherwise
2519 */
2520 bool C_DigestEncryptUpdate(SessionHandle session,
2521 Byte* part_ptr,
2522 Ulong part_len,
2523 Byte* encrypted_part_ptr,
2524 Ulong* encrypted_part_len_ptr,
2525 ReturnValue* return_value = ThrowException) const;
2526
2527 /**
2528 * C_DecryptDigestUpdate continues a multiple-part decryption and digesting operation.
2529 * @param session session's handle
2530 * @param encrypted_part_ptr ciphertext
2531 * @param encrypted_part_len ciphertext length
2532 * @param part_ptr gets plaintext
2533 * @param part_len_ptr gets plaintext len
2534 * @param return_value default value (`ThrowException`): throw exception on error.
2535 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2536 * At least the following PKCS#11 return values may be returned:
2537 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2538 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2539 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
2540 * \li FunctionFailed \li GeneralError \li HostMemory
2541 * \li OK \li OperationNotInitialized \li SessionClosed
2542 * \li SessionHandleInvalid
2543 * @return true on success, false otherwise
2544 */
2545 bool C_DecryptDigestUpdate(SessionHandle session,
2546 Byte* encrypted_part_ptr,
2547 Ulong encrypted_part_len,
2548 Byte* part_ptr,
2549 Ulong* part_len_ptr,
2550 ReturnValue* return_value = ThrowException) const;
2551
2552 /**
2553 * C_SignEncryptUpdate continues a multiple-part signing and encryption operation.
2554 * @param session session's handle
2555 * @param part_ptr the plaintext data
2556 * @param part_len plaintext length
2557 * @param encrypted_part_ptr gets ciphertext
2558 * @param encrypted_part_len_ptr gets c-text length
2559 * @param return_value default value (`ThrowException`): throw exception on error.
2560 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2561 * At least the following PKCS#11 return values may be returned:
2562 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2563 * \li DataLenRange \li DeviceError \li DeviceMemory
2564 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2565 * \li GeneralError \li HostMemory \li OK
2566 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2567 * \li UserNotLoggedIn
2568 * @return true on success, false otherwise
2569 */
2570 bool C_SignEncryptUpdate(SessionHandle session,
2571 Byte* part_ptr,
2572 Ulong part_len,
2573 Byte* encrypted_part_ptr,
2574 Ulong* encrypted_part_len_ptr,
2575 ReturnValue* return_value = ThrowException) const;
2576
2577 /**
2578 * C_DecryptVerifyUpdate continues a multiple-part decryption and verify operation.
2579 * @param session session's handle
2580 * @param encrypted_part_ptr ciphertext
2581 * @param encrypted_part_len ciphertext length
2582 * @param part_ptr gets plaintext
2583 * @param part_len_ptr gets p-text length
2584 * @param return_value default value (`ThrowException`): throw exception on error.
2585 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2586 * At least the following PKCS#11 return values may be returned:
2587 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2588 * \li DataLenRange \li DeviceError \li DeviceMemory
2589 * \li DeviceRemoved \li EncryptedDataInvalid \li EncryptedDataLenRange
2590 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2591 * \li HostMemory \li OK \li OperationNotInitialized
2592 * \li SessionClosed \li SessionHandleInvalid
2593 * @return true on success, false otherwise
2594 */
2595 bool C_DecryptVerifyUpdate(SessionHandle session,
2596 Byte* encrypted_part_ptr,
2597 Ulong encrypted_part_len,
2598 Byte* part_ptr,
2599 Ulong* part_len_ptr,
2600 ReturnValue* return_value = ThrowException) const;
2601
2602 /****************************** Key management functions ******************************/
2603
2604 /**
2605 * C_GenerateKey generates a secret key, creating a new key object.
2606 * @param session the session's handle
2607 * @param mechanism_ptr key generation mech.
2608 * @param attribute_template_ptr template for new key
2609 * @param count # of attrs in template
2610 * @param key_ptr gets handle of new key
2611 * @param return_value default value (`ThrowException`): throw exception on error.
2612 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2613 * At least the following PKCS#11 return values may be returned:
2614 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2615 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2616 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2617 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2618 * \li HostMemory \li MechanismInvalid \li MechanismParamInvalid
2619 * \li OK \li OperationActive \li PinExpired
2620 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
2621 * \li TemplateIncomplete \li TemplateInconsistent \li TokenWriteProtected
2622 * \li UserNotLoggedIn
2623 * @return true on success, false otherwise
2624 */
2625 bool C_GenerateKey(SessionHandle session,
2626 Mechanism* mechanism_ptr,
2627 Attribute* attribute_template_ptr,
2628 Ulong count,
2629 ObjectHandle* key_ptr,
2630 ReturnValue* return_value = ThrowException) const;
2631
2632 /**
2633 * C_GenerateKeyPair generates a public-key/private-key pair, creating new key objects.
2634 * @param session session handle
2635 * @param mechanism_ptr key-gen mech.
2636 * @param public_key_template_ptr template for pub. key
2637 * @param public_key_attribute_count # pub. attrs.
2638 * @param private_key_template_ptr template for priv. key
2639 * @param private_key_attribute_count # priv. attrs.
2640 * @param public_key_ptr gets pub. key handle
2641 * @param private_key_ptr gets priv. key handle
2642 * @param return_value default value (`ThrowException`): throw exception on error.
2643 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2644 * At least the following PKCS#11 return values may be returned:
2645 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2646 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2647 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2648 * \li DomainParamsInvalid \li FunctionCanceled \li FunctionFailed
2649 * \li GeneralError \li HostMemory \li MechanismInvalid
2650 * \li MechanismParamInvalid \li OK \li OperationActive
2651 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2652 * \li SessionReadOnly \li TemplateIncomplete \li TemplateInconsistent
2653 * \li TokenWriteProtected \li UserNotLoggedIn
2654 * @return true on success, false otherwise
2655 */
2656 bool C_GenerateKeyPair(SessionHandle session,
2657 Mechanism* mechanism_ptr,
2658 Attribute* public_key_template_ptr,
2659 Ulong public_key_attribute_count,
2660 Attribute* private_key_template_ptr,
2661 Ulong private_key_attribute_count,
2662 ObjectHandle* public_key_ptr,
2663 ObjectHandle* private_key_ptr,
2664 ReturnValue* return_value = ThrowException) const;
2665
2666 /**
2667 * C_WrapKey wraps (i.e., encrypts) a key.
2668 * @param session the session's handle
2669 * @param mechanism_ptr the wrapping mechanism
2670 * @param wrapping_key wrapping key
2671 * @param key key to be wrapped
2672 * @param wrapped_key_ptr gets wrapped key
2673 * @param wrapped_key_len_ptr gets wrapped key size
2674 * @param return_value default value (`ThrowException`): throw exception on error.
2675 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2676 * At least the following PKCS#11 return values may be returned:
2677 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2678 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2679 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2680 * \li HostMemory \li KeyHandleInvalid \li KeyNotWrappable
2681 * \li KeySizeRange \li KeyUnextractable \li MechanismInvalid
2682 * \li MechanismParamInvalid \li OK \li OperationActive
2683 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2684 * \li UserNotLoggedIn \li WrappingKeyHandleInvalid \li WrappingKeySizeRange
2685 * \li WrappingKeyTypeInconsistent
2686 * @return true on success, false otherwise
2687 */
2688 bool C_WrapKey(SessionHandle session,
2689 Mechanism* mechanism_ptr,
2690 ObjectHandle wrapping_key,
2691 ObjectHandle key,
2692 Byte* wrapped_key_ptr,
2693 Ulong* wrapped_key_len_ptr,
2694 ReturnValue* return_value = ThrowException) const;
2695
2696 /**
2697 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object.
2698 * @param session session's handle
2699 * @param mechanism_ptr unwrapping mech.
2700 * @param unwrapping_key unwrapping key
2701 * @param wrapped_key_ptr the wrapped key
2702 * @param wrapped_key_len wrapped key len
2703 * @param attribute_template_ptr new key template
2704 * @param attribute_count template length
2705 * @param key_ptr gets new handle
2706 * @param return_value default value (`ThrowException`): throw exception on error.
2707 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2708 * At least the following PKCS#11 return values may be returned:
2709 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2710 * \li AttributeValueInvalid \li BufferTooSmall \li CryptokiNotInitialized
2711 * \li CurveNotSupported \li DeviceError \li DeviceMemory
2712 * \li DeviceRemoved \li DomainParamsInvalid \li FunctionCanceled
2713 * \li FunctionFailed \li GeneralError \li HostMemory
2714 * \li MechanismInvalid \li MechanismParamInvalid \li OK
2715 * \li OperationActive \li PinExpired \li SessionClosed
2716 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateIncomplete
2717 * \li TemplateInconsistent \li TokenWriteProtected \li UnwrappingKeyHandleInvalid
2718 * \li UnwrappingKeySizeRange \li UnwrappingKeyTypeInconsistent \li UserNotLoggedIn
2719 * \li WrappedKeyInvalid \li WrappedKeyLenRange
2720 * @return true on success, false otherwise
2721 */
2722 bool C_UnwrapKey(SessionHandle session,
2723 Mechanism* mechanism_ptr,
2724 ObjectHandle unwrapping_key,
2725 Byte* wrapped_key_ptr,
2726 Ulong wrapped_key_len,
2727 Attribute* attribute_template_ptr,
2728 Ulong attribute_count,
2729 ObjectHandle* key_ptr,
2730 ReturnValue* return_value = ThrowException) const;
2731
2732 /**
2733 * C_DeriveKey derives a key from a base key, creating a new key object.
2734 * @param session session's handle
2735 * @param mechanism_ptr key deriv. mech.
2736 * @param base_key base key
2737 * @param attribute_template_ptr new key template
2738 * @param attribute_count template length
2739 * @param key_ptr gets new handle
2740 * @param return_value default value (`ThrowException`): throw exception on error.
2741 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2742 * At least the following PKCS#11 return values may be returned:
2743 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2744 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2745 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2746 * \li DomainParamsInvalid \li FunctionCanceled \li FunctionFailed
2747 * \li GeneralError \li HostMemory \li KeyHandleInvalid
2748 * \li KeySizeRange \li KeyTypeInconsistent \li MechanismInvalid
2749 * \li MechanismParamInvalid \li OK \li OperationActive
2750 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2751 * \li SessionReadOnly \li TemplateIncomplete \li TemplateInconsistent
2752 * \li TokenWriteProtected \li UserNotLoggedIn
2753 * @return true on success, false otherwise
2754 */
2755 bool C_DeriveKey(SessionHandle session,
2756 Mechanism* mechanism_ptr,
2757 ObjectHandle base_key,
2758 Attribute* attribute_template_ptr,
2759 Ulong attribute_count,
2760 ObjectHandle* key_ptr,
2761 ReturnValue* return_value = ThrowException) const;
2762
2763 /****************************** Random number generation functions ******************************/
2764
2765 /**
2766 * C_SeedRandom mixes additional seed material into the token's random number generator.
2767 * @param session the session's handle
2768 * @param seed_ptr the seed material
2769 * @param seed_len length of seed material
2770 * @param return_value default value (`ThrowException`): throw exception on error.
2771 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2772 * At least the following PKCS#11 return values may be returned:
2773 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2774 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2775 * \li FunctionFailed \li GeneralError \li HostMemory
2776 * \li OK \li OperationActive \li RandomSeedNotSupported
2777 * \li RandomNoRng \li SessionClosed \li SessionHandleInvalid
2778 * \li UserNotLoggedIn
2779 * @return true on success, false otherwise
2780 */
2781 bool C_SeedRandom(SessionHandle session,
2782 const Byte* seed_ptr,
2783 Ulong seed_len,
2784 ReturnValue* return_value = ThrowException) const;
2785
2786 /**
2787 * C_GenerateRandom generates random data.
2788 * @param session the session's handle
2789 * @param random_data_ptr receives the random data
2790 * @param random_len # of bytes to generate
2791 * @param return_value default value (`ThrowException`): throw exception on error.
2792 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2793 * At least the following PKCS#11 return values may be returned:
2794 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2795 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2796 * \li FunctionFailed \li GeneralError \li HostMemory
2797 * \li OK \li OperationActive \li RandomNoRng
2798 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2799 * @return true on success, false otherwise
2800 */
2801 bool C_GenerateRandom(SessionHandle session,
2802 Byte* random_data_ptr,
2803 Ulong random_len,
2804 ReturnValue* return_value = ThrowException) const;
2805
2806 /****************************** Parallel function management functions ******************************/
2807
2808 /**
2809 * C_GetFunctionStatus is a legacy function; it obtains an updated status of a function running in parallel with an application.
2810 * @param session the session's handle
2811 * @param return_value default value (`ThrowException`): throw exception on error.
2812 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2813 * At least the following PKCS#11 return values may be returned:
2814 * \li CryptokiNotInitialized \li FunctionFailed \li FunctionNotParallel
2815 * \li GeneralError \li HostMemory \li SessionHandleInvalid
2816 * \li SessionClosed
2817 * @return true on success, false otherwise
2818 */
2819 bool C_GetFunctionStatus(SessionHandle session, ReturnValue* return_value = ThrowException) const;
2820
2821 /**
2822 * C_CancelFunction is a legacy function; it cancels a function running in parallel.
2823 * @param session the session's handle
2824 * @param return_value default value (`ThrowException`): throw exception on error.
2825 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2826 * At least the following PKCS#11 return values may be returned:
2827 * \li CryptokiNotInitialized \li FunctionFailed \li FunctionNotParallel
2828 * \li GeneralError \li HostMemory \li SessionHandleInvalid
2829 * \li SessionClosed
2830 * @return true on success, false otherwise
2831 */
2832 bool C_CancelFunction(SessionHandle session, ReturnValue* return_value = ThrowException) const;
2833
2834 /**
2835 * Return the PKCS11 function list that this LowLevel class contains.
2836 *
2837 * This is primarily useful when invoking vendor specific extension
2838 * functions which are not supported directly by LowLevel or the higher
2839 * level PKCS11 API.
2840 */
2841 FunctionListPtr get_functions() const { return m_func_list_ptr; }
2842
2843 protected:
2844 /**
2845 * A helper for error handling. This is exposed as a protected member so that
2846 * it is possible for an application to inherit from LowLevel in order to
2847 * implement wrappers for vendor specific extensions using the same error
2848 * handling mechanisms as the rest of the library.
2849 */
2850 static bool handle_return_value(CK_RV function_result, ReturnValue* return_value);
2851
2852 private:
2853 const FunctionListPtr m_func_list_ptr;
2854};
2855
2856class BOTAN_PUBLIC_API(2, 0) PKCS11_Error : public Exception {
2857 public:
2858 explicit PKCS11_Error(std::string_view what) : Exception("PKCS11 error", what) {}
2859
2860 ErrorType error_type() const noexcept override { return ErrorType::Pkcs11Error; }
2861};
2862
2863class BOTAN_PUBLIC_API(2, 0) PKCS11_ReturnError final : public PKCS11_Error {
2864 public:
2865 explicit PKCS11_ReturnError(ReturnValue return_val) :
2866 PKCS11_Error(std::to_string(static_cast<uint32_t>(return_val))), m_return_val(return_val) {}
2867
2868 inline ReturnValue get_return_value() const { return m_return_val; }
2869
2870 int error_code() const noexcept override { return static_cast<int>(m_return_val); }
2871
2872 private:
2873 const ReturnValue m_return_val;
2874};
2875
2876} // namespace PKCS11
2877
2878} // namespace Botan
2879
2880#endif
BOTAN_PUBLIC_API
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:21
Botan::Dynamically_Loaded_Library
Definition dyn_load.h:19
Botan::Exception::what
const char * what() const noexcept override
Definition exceptn.h:93
Botan::Exception::Exception
Exception(std::string_view msg)
Definition exceptn.cpp:71
Botan::PKCS11::LowLevel::C_Finalize
bool C_Finalize(VoidPtr reserved, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:74
Botan::PKCS11::LowLevel::C_InitPIN
bool C_InitPIN(SessionHandle session, const std::vector< uint8_t, TAlloc > &pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1180
Botan::PKCS11::LowLevel::C_SetAttributeValue
bool C_SetAttributeValue(SessionHandle session, ObjectHandle object, std::map< AttributeType, std::vector< uint8_t, TAlloc > > &attribute_values, ReturnValue *return_value=ThrowException) const
Definition p11.h:1633
Botan::PKCS11::LowLevel::C_Sign
bool C_Sign(SessionHandle session, const std::vector< uint8_t, TAllocA > &data, std::vector< uint8_t, TAllocB > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2151
Botan::PKCS11::LowLevel::C_SetPIN
bool C_SetPIN(SessionHandle session, const std::vector< uint8_t, TAlloc > &old_pin, const std::vector< uint8_t, TAlloc > &new_pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1231
Botan::PKCS11::LowLevel::C_SignUpdate
bool C_SignUpdate(SessionHandle session, const std::vector< uint8_t, TAlloc > &part, ReturnValue *return_value=ThrowException) const
Definition p11.h:2208
Botan::PKCS11::LowLevel::C_WaitForSlotEvent
bool C_WaitForSlotEvent(Flags flags, SlotId *slot_ptr, VoidPtr reserved, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:126
Botan::PKCS11::LowLevel::C_GetTokenInfo
bool C_GetTokenInfo(SlotId slot_id, TokenInfo *info_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:122
Botan::PKCS11::LowLevel::C_InitToken
bool C_InitToken(SlotId slot_id, const std::vector< uint8_t, TAlloc > &so_pin, std::string_view label, ReturnValue *return_value=ThrowException) const
Definition p11.h:1127
Botan::PKCS11::LowLevel::C_SetAttributeValue
bool C_SetAttributeValue(SessionHandle session, ObjectHandle object, Attribute *attribute_template_ptr, Ulong count, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:280
Botan::PKCS11::LowLevel::C_GetFunctionList
static bool C_GetFunctionList(Dynamically_Loaded_Library &pkcs11_module, FunctionListPtr *function_list_ptr_ptr, ReturnValue *return_value=ThrowException)
Definition p11.cpp:82
Botan::PKCS11::LowLevel::LowLevel
LowLevel(FunctionListPtr ptr)
Definition p11.cpp:62
Botan::PKCS11::LowLevel::C_Login
bool C_Login(SessionHandle session, UserType user_type, const std::vector< uint8_t, TAlloc > &pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1401
Botan::PKCS11::LowLevel::C_GetSlotInfo
bool C_GetSlotInfo(SlotId slot_id, SlotInfo *info_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:118
Botan::PKCS11::LowLevel::C_VerifyUpdate
bool C_VerifyUpdate(SessionHandle session, const Byte *part_ptr, Ulong part_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:490
Botan::PKCS11::LowLevel::C_GetAttributeValue
bool C_GetAttributeValue(SessionHandle session, ObjectHandle object, Attribute *attribute_template_ptr, Ulong count, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:271
Botan::PKCS11::LowLevel::C_InitPIN
bool C_InitPIN(SessionHandle session, Utf8Char *pin_ptr, Ulong pin_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:172
Botan::PKCS11::LowLevel::C_Initialize
bool C_Initialize(VoidPtr init_args, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:70
Botan::PKCS11::LowLevel::C_Sign
bool C_Sign(SessionHandle session, const Byte *data_ptr, Ulong data_len, Byte *signature_ptr, Ulong *signature_len_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:426
Botan::PKCS11::LowLevel::C_Encrypt
bool C_Encrypt(SessionHandle session, const std::vector< uint8_t, TAllocA > &plaintext_data, std::vector< uint8_t, TAllocB > &encrypted_data, ReturnValue *return_value=ThrowException) const
Definition p11.h:1774
Botan::PKCS11::LowLevel::C_SignUpdate
bool C_SignUpdate(SessionHandle session, const Byte *part_ptr, Ulong part_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:437
Botan::PKCS11::LowLevel::C_Verify
bool C_Verify(SessionHandle session, const std::vector< uint8_t, TAllocA > &data, std::vector< uint8_t, TAllocB > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2380
Botan::PKCS11::LowLevel::C_GetInfo
bool C_GetInfo(Info *info_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:78
Botan::PKCS11::LowLevel::C_GetMechanismList
bool C_GetMechanismList(SlotId slot_id, MechanismType *mechanism_list_ptr, Ulong *count_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:130
Botan::PKCS11::LowLevel::C_Decrypt
bool C_Decrypt(SessionHandle session, const std::vector< uint8_t, TAllocA > &encrypted_data, std::vector< uint8_t, TAllocB > &decrypted_data, ReturnValue *return_value=ThrowException) const
Definition p11.h:1911
Botan::PKCS11::LowLevel::C_Decrypt
bool C_Decrypt(SessionHandle session, Byte *encrypted_data_ptr, Ulong encrypted_data_len, Byte *data_ptr, Ulong *data_len_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:357
Botan::PKCS11::LowLevel::C_VerifyUpdate
bool C_VerifyUpdate(SessionHandle session, std::vector< uint8_t, TAlloc > part, ReturnValue *return_value=ThrowException) const
Definition p11.h:2427
Botan::PKCS11::LowLevel::C_Encrypt
bool C_Encrypt(SessionHandle session, Byte *data_ptr, Ulong data_len, Byte *encrypted_data, Ulong *encrypted_data_len_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:318
Botan::PKCS11::LowLevel::C_SignFinal
bool C_SignFinal(SessionHandle session, std::vector< uint8_t, TAlloc > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2251
Botan::PKCS11::LowLevel::C_GetSlotList
bool C_GetSlotList(Bbool token_present, SlotId *slot_list_ptr, Ulong *count_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:94
Botan::PKCS11::LowLevel::C_GetMechanismInfo
bool C_GetMechanismInfo(SlotId slot_id, MechanismType type, MechanismInfo *info_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:159
Botan::PKCS11::LowLevel::C_Login
bool C_Login(SessionHandle session, UserType user_type, Utf8Char *pin_ptr, Ulong pin_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:229
Botan::PKCS11::LowLevel::C_SignFinal
bool C_SignFinal(SessionHandle session, Byte *signature_ptr, Ulong *signature_len_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:445
Botan::PKCS11::LowLevel::get_functions
FunctionListPtr get_functions() const
Definition p11.h:2841
Botan::PKCS11::LowLevel::C_InitToken
bool C_InitToken(SlotId slot_id, Utf8Char *so_pin_ptr, Ulong so_pin_len, Utf8Char *label_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:167
Botan::PKCS11::LowLevel::C_Verify
bool C_Verify(SessionHandle session, const Byte *data_ptr, Ulong data_len, const Byte *signature_ptr, Ulong signature_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:478
Botan::PKCS11::LowLevel::C_SetPIN
bool C_SetPIN(SessionHandle session, Utf8Char *old_pin_ptr, Ulong old_len, Utf8Char *new_pin_ptr, Ulong new_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:176
Botan::PKCS11::LowLevel::C_GetAttributeValue
bool C_GetAttributeValue(SessionHandle session, ObjectHandle object, std::map< AttributeType, std::vector< uint8_t, TAlloc > > &attribute_values, ReturnValue *return_value=ThrowException) const
Definition p11.h:1555
Botan::PKCS11::PKCS11_Error::error_type
ErrorType error_type() const noexcept override
Definition p11.h:2860
Botan::PKCS11::PKCS11_Error::PKCS11_Error
PKCS11_Error(std::string_view what)
Definition p11.h:2858
Botan::PKCS11::PKCS11_ReturnError::error_code
int error_code() const noexcept override
Definition p11.h:2870
Botan::PKCS11::PKCS11_ReturnError::get_return_value
ReturnValue get_return_value() const
Definition p11.h:2868
Botan::PKCS11::PKCS11_ReturnError::PKCS11_ReturnError
PKCS11_ReturnError(ReturnValue return_val)
Definition p11.h:2865
Botan::PKCS11::SlotId
CK_SLOT_ID SlotId
Definition p11.h:821
Botan::PKCS11::RsaPkcsOaepParams
CK_RSA_PKCS_OAEP_PARAMS RsaPkcsOaepParams
Definition p11.h:834
Botan::PKCS11::DestroyMutex
CK_DESTROYMUTEX DestroyMutex
Definition p11.h:815
Botan::PKCS11::ThrowException
ReturnValue * ThrowException
Definition p11.cpp:19
Botan::PKCS11::CreateMutex
CK_CREATEMUTEX CreateMutex
Definition p11.h:814
Botan::PKCS11::PublicPointEncoding
PublicPointEncoding
Definition p11.h:807
Botan::PKCS11::secure_string
secure_vector< uint8_t > secure_string
Definition p11.h:60
Botan::PKCS11::AttributeType
AttributeType
Definition p11.h:64
Botan::PKCS11::C_InitializeArgs
CK_C_INITIALIZE_ARGS C_InitializeArgs
Definition p11.h:813
Botan::PKCS11::Mechanism
CK_MECHANISM Mechanism
Definition p11.h:825
Botan::PKCS11::Notify
CK_NOTIFY Notify
Definition p11.h:828
Botan::PKCS11::CertificateType
CertificateType
Definition p11.h:175
Botan::PKCS11::change_pin
void change_pin(Slot &slot, const secure_string &old_pin, const secure_string &new_pin)
Definition p11.cpp:44
Botan::PKCS11::Ecdh1DeriveParams
CK_ECDH1_DERIVE_PARAMS Ecdh1DeriveParams
Definition p11.h:836
Botan::PKCS11::ObjectHandle
CK_OBJECT_HANDLE ObjectHandle
Definition p11.h:832
Botan::PKCS11::change_so_pin
void change_so_pin(Slot &slot, const secure_string &old_so_pin, const secure_string &new_so_pin)
Definition p11.cpp:50
Botan::PKCS11::UnlockMutex
CK_UNLOCKMUTEX UnlockMutex
Definition p11.h:817
Botan::PKCS11::Attribute
CK_ATTRIBUTE Attribute
Definition p11.h:831
Botan::PKCS11::Flag::LibraryCantCreateOsThreads
@ LibraryCantCreateOsThreads
Definition p11.h:250
Botan::PKCS11::Flag::ProtectedAuthenticationPath
@ ProtectedAuthenticationPath
Definition p11.h:214
Botan::PKCS11::Flag::SecondaryAuthentication
@ SecondaryAuthentication
Definition p11.h:217
Botan::PKCS11::FunctionListPtr
CK_FUNCTION_LIST_PTR FunctionListPtr
Definition p11.h:811
Botan::PKCS11::Byte
CK_BYTE Byte
Definition p11.h:833
Botan::PKCS11::Info
CK_INFO Info
Definition p11.h:819
Botan::PKCS11::SlotInfo
CK_SLOT_INFO SlotInfo
Definition p11.h:823
Botan::PKCS11::VoidPtr
CK_VOID_PTR VoidPtr
Definition p11.h:812
Botan::PKCS11::Flags
CK_FLAGS Flags
Definition p11.h:818
Botan::PKCS11::operator|
Flag operator|(Flag a, Flag b)
Definition p11.h:261
Botan::PKCS11::Date
CK_DATE Date
Definition p11.h:837
Botan::PKCS11::SessionInfo
CK_SESSION_INFO SessionInfo
Definition p11.h:830
Botan::PKCS11::TokenInfo
CK_TOKEN_INFO TokenInfo
Definition p11.h:824
Botan::PKCS11::True
const Bbool True
Definition p11.h:842
Botan::PKCS11::Utf8Char
CK_UTF8CHAR Utf8Char
Definition p11.h:827
Botan::PKCS11::Ulong
CK_ULONG Ulong
Definition p11.h:822
Botan::PKCS11::RsaPkcsPssParams
CK_RSA_PKCS_PSS_PARAMS RsaPkcsPssParams
Definition p11.h:835
Botan::PKCS11::False
const Bbool False
Definition p11.h:843
Botan::PKCS11::Bbool
CK_BBOOL Bbool
Definition p11.h:820
Botan::PKCS11::set_pin
void set_pin(Slot &slot, const secure_string &so_pin, const secure_string &pin)
Definition p11.cpp:56
Botan::PKCS11::MechanismInfo
CK_MECHANISM_INFO MechanismInfo
Definition p11.h:826
Botan::PKCS11::CertificateCategory
CertificateCategory
Definition p11.h:184
Botan::PKCS11::flags
Flags flags(Flag flags)
Definition p11.h:845
Botan::PKCS11::initialize_token
void initialize_token(Slot &slot, std::string_view label, const secure_string &so_pin, const secure_string &pin)
Definition p11.cpp:39
Botan::PKCS11::LockMutex
CK_LOCKMUTEX LockMutex
Definition p11.h:816
Botan::PKCS11::SessionHandle
CK_SESSION_HANDLE SessionHandle
Definition p11.h:829
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69
Botan::to_string
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition exceptn.cpp:13
Botan::ErrorType
ErrorType
Definition exceptn.h:20
CKD_NULL
#define CKD_NULL
Definition pkcs11t.h:1290
CKA_NEVER_EXTRACTABLE
#define CKA_NEVER_EXTRACTABLE
Definition pkcs11t.h:496
CKM_SEED_KEY_GEN
#define CKM_SEED_KEY_GEN
Definition pkcs11t.h:856
CKM_TLS_MASTER_KEY_DERIVE
#define CKM_TLS_MASTER_KEY_DERIVE
Definition pkcs11t.h:775
CKD_SHA1_KDF
#define CKD_SHA1_KDF
Definition pkcs11t.h:1291
CKD_SHA256_KDF
#define CKD_SHA256_KDF
Definition pkcs11t.h:1297
CKR_NEXT_OTP
#define CKR_NEXT_OTP
Definition pkcs11t.h:1148
CKK_DES3
#define CKK_DES3
Definition pkcs11t.h:351
CKM_DSA_PARAMETER_GEN
#define CKM_DSA_PARAMETER_GEN
Definition pkcs11t.h:957
CKR_SESSION_COUNT
#define CKR_SESSION_COUNT
Definition pkcs11t.h:1097
CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE
#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:816
CKM_CONCATENATE_BASE_AND_DATA
#define CKM_CONCATENATE_BASE_AND_DATA
Definition pkcs11t.h:765
CKM_PKCS5_PBKD2
#define CKM_PKCS5_PBKD2
Definition pkcs11t.h:807
CKM_AES_GMAC
#define CKM_AES_GMAC
Definition pkcs11t.h:928
CKM_KIP_DERIVE
#define CKM_KIP_DERIVE
Definition pkcs11t.h:833
CKR_DEVICE_MEMORY
#define CKR_DEVICE_MEMORY
Definition pkcs11t.h:1061
CKA_JAVA_MIDP_SECURITY_DOMAIN
#define CKA_JAVA_MIDP_SECURITY_DOMAIN
Definition pkcs11t.h:452
CKM_SSL3_SHA1_MAC
#define CKM_SSL3_SHA1_MAC
Definition pkcs11t.h:782
CKA_OTP_TIME_INTERVAL
#define CKA_OTP_TIME_INTERVAL
Definition pkcs11t.h:522
CKK_RC4
#define CKK_RC4
Definition pkcs11t.h:348
CKA_TOKEN
#define CKA_TOKEN
Definition pkcs11t.h:438
CKA_SECONDARY_AUTH
#define CKA_SECONDARY_AUTH
Definition pkcs11t.h:510
CKR_GENERAL_ERROR
#define CKR_GENERAL_ERROR
Definition pkcs11t.h:1043
CKR_MECHANISM_INVALID
#define CKR_MECHANISM_INVALID
Definition pkcs11t.h:1083
CKR_SLOT_ID_INVALID
#define CKR_SLOT_ID_INVALID
Definition pkcs11t.h:1041
CKC_VENDOR_DEFINED
#define CKC_VENDOR_DEFINED
Definition pkcs11t.h:410
CKG_MGF1_SHA256
#define CKG_MGF1_SHA256
Definition pkcs11t.h:1247
CKM_SSL3_MASTER_KEY_DERIVE
#define CKM_SSL3_MASTER_KEY_DERIVE
Definition pkcs11t.h:770
CKM_RSA_PKCS
#define CKM_RSA_PKCS
Definition pkcs11t.h:587
CKM_ECDSA_SHA1
#define CKM_ECDSA_SHA1
Definition pkcs11t.h:892
CKR_KEY_CHANGED
#define CKR_KEY_CHANGED
Definition pkcs11t.h:1076
CKK_SHA224_HMAC
#define CKK_SHA224_HMAC
Definition pkcs11t.h:378
CKM_IDEA_ECB
#define CKM_IDEA_ECB
Definition pkcs11t.h:758
CKD_SHA512_KDF
#define CKD_SHA512_KDF
Definition pkcs11t.h:1299
CKA_START_DATE
#define CKA_START_DATE
Definition pkcs11t.h:472
CKK_DH
#define CKK_DH
Definition pkcs11t.h:341
CKK_RC5
#define CKK_RC5
Definition pkcs11t.h:356
CKR_ATTRIBUTE_TYPE_INVALID
#define CKR_ATTRIBUTE_TYPE_INVALID
Definition pkcs11t.h:1053
CKA_OTP_SERVICE_IDENTIFIER
#define CKA_OTP_SERVICE_IDENTIFIER
Definition pkcs11t.h:531
CK_UTF8CHAR
CK_BYTE CK_UTF8CHAR
Definition pkcs11t.h:42
CKM_GOSTR3411_HMAC
#define CKM_GOSTR3411_HMAC
Definition pkcs11t.h:950
CKM_WTLS_PRE_MASTER_KEY_GEN
#define CKM_WTLS_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:811
CKA_AUTH_PIN_FLAGS
#define CKA_AUTH_PIN_FLAGS
Definition pkcs11t.h:511
CKM_DES3_CMAC
#define CKM_DES3_CMAC
Definition pkcs11t.h:672
CKM_RC2_MAC
#define CKM_RC2_MAC
Definition pkcs11t.h:648
CKM_SHA256_KEY_DERIVATION
#define CKM_SHA256_KEY_DERIVATION
Definition pkcs11t.h:787
CKA_SERIAL_NUMBER
#define CKA_SERIAL_NUMBER
Definition pkcs11t.h:446
CKK_DES2
#define CKK_DES2
Definition pkcs11t.h:350
CKM_CAST5_MAC_GENERAL
#define CKM_CAST5_MAC_GENERAL
Definition pkcs11t.h:747
CKF_LOGIN_REQUIRED
#define CKF_LOGIN_REQUIRED
Definition pkcs11t.h:157
CKF_HW_SLOT
#define CKF_HW_SLOT
Definition pkcs11t.h:124
CKO_PUBLIC_KEY
#define CKO_PUBLIC_KEY
Definition pkcs11t.h:312
CKF_EC_UNCOMPRESS
#define CKF_EC_UNCOMPRESS
Definition pkcs11t.h:1026
CKA_SUB_PRIME_BITS
#define CKA_SUB_PRIME_BITS
Definition pkcs11t.h:490
CKM_RSA_X_509
#define CKM_RSA_X_509
Definition pkcs11t.h:589
CKF_LIBRARY_CANT_CREATE_OS_THREADS
#define CKF_LIBRARY_CANT_CREATE_OS_THREADS
Definition pkcs11t.h:1225
CKM_SEED_MAC_GENERAL
#define CKM_SEED_MAC_GENERAL
Definition pkcs11t.h:860
CKF_PROTECTED_AUTHENTICATION_PATH
#define CKF_PROTECTED_AUTHENTICATION_PATH
Definition pkcs11t.h:177
CKA_ISSUER
#define CKA_ISSUER
Definition pkcs11t.h:445
CKM_ARIA_KEY_GEN
#define CKM_ARIA_KEY_GEN
Definition pkcs11t.h:847
CKA_HASH_OF_SUBJECT_PUBLIC_KEY
#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY
Definition pkcs11t.h:454
CKR_FUNCTION_CANCELED
#define CKR_FUNCTION_CANCELED
Definition pkcs11t.h:1065
CKM_DSA_PROBABLISTIC_PARAMETER_GEN
#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN
Definition pkcs11t.h:960
CKM_AES_CTR
#define CKM_AES_CTR
Definition pkcs11t.h:919
CKM_TLS12_MAC
#define CKM_TLS12_MAC
Definition pkcs11t.h:820
CKM_DES3_CBC
#define CKM_DES3_CBC
Definition pkcs11t.h:666
CKM_TWOFISH_CBC_PAD
#define CKM_TWOFISH_CBC_PAD
Definition pkcs11t.h:935
CKM_AES_CMAC
#define CKM_AES_CMAC
Definition pkcs11t.h:923
CKM_SKIPJACK_CFB8
#define CKM_SKIPJACK_CFB8
Definition pkcs11t.h:872
CKM_RSA_X9_31_KEY_PAIR_GEN
#define CKM_RSA_X9_31_KEY_PAIR_GEN
Definition pkcs11t.h:599
CKR_KEY_UNEXTRACTABLE
#define CKR_KEY_UNEXTRACTABLE
Definition pkcs11t.h:1081
CKR_DATA_INVALID
#define CKR_DATA_INVALID
Definition pkcs11t.h:1058
CKR_UNWRAPPING_KEY_HANDLE_INVALID
#define CKR_UNWRAPPING_KEY_HANDLE_INVALID
Definition pkcs11t.h:1113
CKM_CONCATENATE_BASE_AND_KEY
#define CKM_CONCATENATE_BASE_AND_KEY
Definition pkcs11t.h:764
CKR_NEED_TO_CREATE_THREADS
#define CKR_NEED_TO_CREATE_THREADS
Definition pkcs11t.h:1048
CKK_SHA256_HMAC
#define CKK_SHA256_HMAC
Definition pkcs11t.h:375
CKM_SHA512_256
#define CKM_SHA512_256
Definition pkcs11t.h:635
CKM_SEED_ECB_ENCRYPT_DATA
#define CKM_SEED_ECB_ENCRYPT_DATA
Definition pkcs11t.h:862
CKR_WRAPPING_KEY_SIZE_RANGE
#define CKR_WRAPPING_KEY_SIZE_RANGE
Definition pkcs11t.h:1127
CKM_FORTEZZA_TIMESTAMP
#define CKM_FORTEZZA_TIMESTAMP
Definition pkcs11t.h:879
CKS_RW_PUBLIC_SESSION
#define CKS_RW_PUBLIC_SESSION
Definition pkcs11t.h:274
CKR_MECHANISM_PARAM_INVALID
#define CKR_MECHANISM_PARAM_INVALID
Definition pkcs11t.h:1084
CKA_SUPPORTED_CMS_ATTRIBUTES
#define CKA_SUPPORTED_CMS_ATTRIBUTES
Definition pkcs11t.h:556
CKF_TOKEN_INITIALIZED
#define CKF_TOKEN_INITIALIZED
Definition pkcs11t.h:193
CKR_TOKEN_NOT_RECOGNIZED
#define CKR_TOKEN_NOT_RECOGNIZED
Definition pkcs11t.h:1111
CKM_MD5
#define CKM_MD5
Definition pkcs11t.h:690
CKM_SHA512_HMAC_GENERAL
#define CKM_SHA512_HMAC_GENERAL
Definition pkcs11t.h:718
CKM_CAST3_ECB
#define CKM_CAST3_ECB
Definition pkcs11t.h:733
CKM_SKIPJACK_CFB64
#define CKM_SKIPJACK_CFB64
Definition pkcs11t.h:869
CKM_DES_CBC_ENCRYPT_DATA
#define CKM_DES_CBC_ENCRYPT_DATA
Definition pkcs11t.h:938
CK_FALSE
#define CK_FALSE
Definition pkcs11t.h:24
CKC_WTLS
#define CKC_WTLS
Definition pkcs11t.h:409
CKM_SHA_1_HMAC
#define CKM_SHA_1_HMAC
Definition pkcs11t.h:697
CKD_SHA1_KDF_ASN1
#define CKD_SHA1_KDF_ASN1
Definition pkcs11t.h:1294
CKR_ATTRIBUTE_SENSITIVE
#define CKR_ATTRIBUTE_SENSITIVE
Definition pkcs11t.h:1052
CKG_MGF1_SHA512
#define CKG_MGF1_SHA512
Definition pkcs11t.h:1249
CKM_CAMELLIA_MAC
#define CKM_CAMELLIA_MAC
Definition pkcs11t.h:840
CKM_IDEA_KEY_GEN
#define CKM_IDEA_KEY_GEN
Definition pkcs11t.h:757
CKM_ECDH1_COFACTOR_DERIVE
#define CKM_ECDH1_COFACTOR_DERIVE
Definition pkcs11t.h:899
CKR_RANDOM_NO_RNG
#define CKR_RANDOM_NO_RNG
Definition pkcs11t.h:1131
CKM_ARIA_CBC_ENCRYPT_DATA
#define CKM_ARIA_CBC_ENCRYPT_DATA
Definition pkcs11t.h:854
CKM_CAMELLIA_KEY_GEN
#define CKM_CAMELLIA_KEY_GEN
Definition pkcs11t.h:837
CKR_PIN_LEN_RANGE
#define CKR_PIN_LEN_RANGE
Definition pkcs11t.h:1091
CKC_X_509
#define CKC_X_509
Definition pkcs11t.h:407
CKF_DIGEST
#define CKF_DIGEST
Definition pkcs11t.h:1008
CKF_USER_PIN_FINAL_TRY
#define CKF_USER_PIN_FINAL_TRY
Definition pkcs11t.h:210
CKM_ECDSA_SHA224
#define CKM_ECDSA_SHA224
Definition pkcs11t.h:893
CKF_DERIVE
#define CKF_DERIVE
Definition pkcs11t.h:1017
CKM_BATON_KEY_GEN
#define CKM_BATON_KEY_GEN
Definition pkcs11t.h:880
CKR_DEVICE_ERROR
#define CKR_DEVICE_ERROR
Definition pkcs11t.h:1060
CKA_PRIVATE_EXPONENT
#define CKA_PRIVATE_EXPONENT
Definition pkcs11t.h:477
CKR_RANDOM_SEED_NOT_SUPPORTED
#define CKR_RANDOM_SEED_NOT_SUPPORTED
Definition pkcs11t.h:1129
CKA_RESOLUTION
#define CKA_RESOLUTION
Definition pkcs11t.h:545
CKR_SESSION_PARALLEL_NOT_SUPPORTED
#define CKR_SESSION_PARALLEL_NOT_SUPPORTED
Definition pkcs11t.h:1099
CKM_MD2
#define CKM_MD2
Definition pkcs11t.h:685
CKM_BATON_CBC128
#define CKM_BATON_CBC128
Definition pkcs11t.h:883
CKM_DSA
#define CKM_DSA
Definition pkcs11t.h:606
CKA_ID
#define CKA_ID
Definition pkcs11t.h:461
CKA_OBJECT_ID
#define CKA_OBJECT_ID
Definition pkcs11t.h:443
CKM_AES_CFB8
#define CKM_AES_CFB8
Definition pkcs11t.h:965
CKM_CMS_SIG
#define CKM_CMS_SIG
Definition pkcs11t.h:832
CKA_APPLICATION
#define CKA_APPLICATION
Definition pkcs11t.h:441
CKM_RIPEMD128
#define CKM_RIPEMD128
Definition pkcs11t.h:700
CKF_VERIFY
#define CKF_VERIFY
Definition pkcs11t.h:1011
CKM_AES_CBC_PAD
#define CKM_AES_CBC_PAD
Definition pkcs11t.h:918
CKG_MGF1_SHA224
#define CKG_MGF1_SHA224
Definition pkcs11t.h:1250
CKM_CAST3_CBC
#define CKM_CAST3_CBC
Definition pkcs11t.h:734
CKM_ECDH1_DERIVE
#define CKM_ECDH1_DERIVE
Definition pkcs11t.h:898
CKM_VENDOR_DEFINED
#define CKM_VENDOR_DEFINED
Definition pkcs11t.h:975
CKR_ATTRIBUTE_READ_ONLY
#define CKR_ATTRIBUTE_READ_ONLY
Definition pkcs11t.h:1051
CKR_KEY_FUNCTION_NOT_PERMITTED
#define CKR_KEY_FUNCTION_NOT_PERMITTED
Definition pkcs11t.h:1079
CKA_HW_FEATURE_TYPE
#define CKA_HW_FEATURE_TYPE
Definition pkcs11t.h:539
CKM_TWOFISH_KEY_GEN
#define CKM_TWOFISH_KEY_GEN
Definition pkcs11t.h:932
CKR_WRAPPING_KEY_TYPE_INCONSISTENT
#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1128
CKN_SURRENDER
#define CKN_SURRENDER
Definition pkcs11t.h:101
CKK_CAST128
#define CKK_CAST128
Definition pkcs11t.h:355
CKA_VERIFY_RECOVER
#define CKA_VERIFY_RECOVER
Definition pkcs11t.h:470
CKK_CAST5
#define CKK_CAST5
Definition pkcs11t.h:354
CKM_SHA512_224_HMAC_GENERAL
#define CKM_SHA512_224_HMAC_GENERAL
Definition pkcs11t.h:633
CKM_SKIPJACK_RELAYX
#define CKM_SKIPJACK_RELAYX
Definition pkcs11t.h:875
CK_RV
CK_ULONG CK_RV
Definition pkcs11t.h:1036
CKM_SHA512_224_HMAC
#define CKM_SHA512_224_HMAC
Definition pkcs11t.h:632
CKR_SESSION_EXISTS
#define CKR_SESSION_EXISTS
Definition pkcs11t.h:1101
CKM_MD5_HMAC_GENERAL
#define CKM_MD5_HMAC_GENERAL
Definition pkcs11t.h:693
CKM_MD2_RSA_PKCS
#define CKM_MD2_RSA_PKCS
Definition pkcs11t.h:591
CKR_FUNCTION_REJECTED
#define CKR_FUNCTION_REJECTED
Definition pkcs11t.h:1156
CKM_SHA_1_HMAC_GENERAL
#define CKM_SHA_1_HMAC_GENERAL
Definition pkcs11t.h:698
CKM_TLS10_MAC_CLIENT
#define CKM_TLS10_MAC_CLIENT
Definition pkcs11t.h:819
CK_ULONG
unsigned long int CK_ULONG
Definition pkcs11t.h:48
CKO_SECRET_KEY
#define CKO_SECRET_KEY
Definition pkcs11t.h:314
CKK_RSA
#define CKK_RSA
Definition pkcs11t.h:339
CKM_JUNIPER_ECB128
#define CKM_JUNIPER_ECB128
Definition pkcs11t.h:906
CKA_PUBLIC_EXPONENT
#define CKA_PUBLIC_EXPONENT
Definition pkcs11t.h:476
CKM_SKIPJACK_CBC64
#define CKM_SKIPJACK_CBC64
Definition pkcs11t.h:867
CKM_DES_ECB
#define CKM_DES_ECB
Definition pkcs11t.h:656
CKM_CAST_CBC
#define CKM_CAST_CBC
Definition pkcs11t.h:728
CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE
#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:815
CKM_PBE_SHA1_DES2_EDE_CBC
#define CKM_PBE_SHA1_DES2_EDE_CBC
Definition pkcs11t.h:803
CKM_X9_42_DH_KEY_PAIR_GEN
#define CKM_X9_42_DH_KEY_PAIR_GEN
Definition pkcs11t.h:616
CKK_CAMELLIA
#define CKK_CAMELLIA
Definition pkcs11t.h:368
CKA_MODIFIABLE
#define CKA_MODIFIABLE
Definition pkcs11t.h:500
CRYPTOKI_VERSION_MINOR
#define CRYPTOKI_VERSION_MINOR
Definition pkcs11t.h:20
CKK_SEED
#define CKK_SEED
Definition pkcs11t.h:380
CKM_RC5_MAC
#define CKM_RC5_MAC
Definition pkcs11t.h:754
CKM_RSA_PKCS_KEY_PAIR_GEN
#define CKM_RSA_PKCS_KEY_PAIR_GEN
Definition pkcs11t.h:586
CKR_SESSION_READ_ONLY
#define CKR_SESSION_READ_ONLY
Definition pkcs11t.h:1100
CKK_KEA
#define CKK_KEA
Definition pkcs11t.h:345
CKM_RC2_CBC
#define CKM_RC2_CBC
Definition pkcs11t.h:647
CKA_OTP_TIME_REQUIREMENT
#define CKA_OTP_TIME_REQUIREMENT
Definition pkcs11t.h:525
CKM_PBE_MD5_CAST5_CBC
#define CKM_PBE_MD5_CAST5_CBC
Definition pkcs11t.h:796
CKM_KEA_KEY_DERIVE
#define CKM_KEA_KEY_DERIVE
Definition pkcs11t.h:877
CKC_X_509_ATTR_CERT
#define CKC_X_509_ATTR_CERT
Definition pkcs11t.h:408
CKM_JUNIPER_KEY_GEN
#define CKM_JUNIPER_KEY_GEN
Definition pkcs11t.h:905
CKM_RC5_CBC
#define CKM_RC5_CBC
Definition pkcs11t.h:753
CKM_ARIA_CBC_PAD
#define CKM_ARIA_CBC_PAD
Definition pkcs11t.h:852
CKR_ENCRYPTED_DATA_LEN_RANGE
#define CKR_ENCRYPTED_DATA_LEN_RANGE
Definition pkcs11t.h:1064
CKM_SHA512_KEY_DERIVATION
#define CKM_SHA512_KEY_DERIVATION
Definition pkcs11t.h:789
CKA_BITS_PER_PIXEL
#define CKA_BITS_PER_PIXEL
Definition pkcs11t.h:549
CKR_SIGNATURE_INVALID
#define CKR_SIGNATURE_INVALID
Definition pkcs11t.h:1106
CKA_AC_ISSUER
#define CKA_AC_ISSUER
Definition pkcs11t.h:447
CKM_TLS_KDF
#define CKM_TLS_KDF
Definition pkcs11t.h:827
CKM_AES_MAC_GENERAL
#define CKM_AES_MAC_GENERAL
Definition pkcs11t.h:917
CKM_CAST128_CBC_PAD
#define CKM_CAST128_CBC_PAD
Definition pkcs11t.h:750
CKM_BATON_ECB128
#define CKM_BATON_ECB128
Definition pkcs11t.h:881
CKA_OTP_USER_IDENTIFIER
#define CKA_OTP_USER_IDENTIFIER
Definition pkcs11t.h:530
CKM_BLOWFISH_CBC
#define CKM_BLOWFISH_CBC
Definition pkcs11t.h:931
CKM_FASTHASH
#define CKM_FASTHASH
Definition pkcs11t.h:911
CKR_SESSION_HANDLE_INVALID
#define CKR_SESSION_HANDLE_INVALID
Definition pkcs11t.h:1098
CKF_EC_F_2M
#define CKF_EC_F_2M
Definition pkcs11t.h:1023
CKM_ARIA_ECB
#define CKM_ARIA_ECB
Definition pkcs11t.h:848
CK_CERTIFICATE_CATEGORY_OTHER_ENTITY
#define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY
Definition pkcs11t.h:398
CKO_CERTIFICATE
#define CKO_CERTIFICATE
Definition pkcs11t.h:311
CKA_CHECK_VALUE
#define CKA_CHECK_VALUE
Definition pkcs11t.h:457
CKM_DES_CBC
#define CKM_DES_CBC
Definition pkcs11t.h:657
CKF_USER_PIN_INITIALIZED
#define CKF_USER_PIN_INITIALIZED
Definition pkcs11t.h:158
CK_NOTIFICATION
CK_ULONG CK_NOTIFICATION
Definition pkcs11t.h:100
CKM_CAST5_MAC
#define CKM_CAST5_MAC
Definition pkcs11t.h:745
CKA_PUBLIC_KEY_INFO
#define CKA_PUBLIC_KEY_INFO
Definition pkcs11t.h:483
CKA_OTP_USER_FRIENDLY_MODE
#define CKA_OTP_USER_FRIENDLY_MODE
Definition pkcs11t.h:523
CKM_SHA384_HMAC_GENERAL
#define CKM_SHA384_HMAC_GENERAL
Definition pkcs11t.h:715
CKF_RW_SESSION
#define CKF_RW_SESSION
Definition pkcs11t.h:289
CKR_USER_ANOTHER_ALREADY_LOGGED_IN
#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN
Definition pkcs11t.h:1121
CKM_SECURID_KEY_GEN
#define CKM_SECURID_KEY_GEN
Definition pkcs11t.h:719
CKM_IDEA_MAC_GENERAL
#define CKM_IDEA_MAC_GENERAL
Definition pkcs11t.h:761
CKS_RO_USER_FUNCTIONS
#define CKS_RO_USER_FUNCTIONS
Definition pkcs11t.h:273
CKM_TLS_KEY_AND_MAC_DERIVE
#define CKM_TLS_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:776
CKM_GOST28147_ECB
#define CKM_GOST28147_ECB
Definition pkcs11t.h:952
CKA_PRIME
#define CKA_PRIME
Definition pkcs11t.h:484
CKR_ARGUMENTS_BAD
#define CKR_ARGUMENTS_BAD
Definition pkcs11t.h:1046
CKM_SECURID
#define CKM_SECURID
Definition pkcs11t.h:720
CKM_AES_CCM
#define CKM_AES_CCM
Definition pkcs11t.h:921
CKR_CANCEL
#define CKR_CANCEL
Definition pkcs11t.h:1039
CKM_SHA512_224_KEY_DERIVATION
#define CKM_SHA512_224_KEY_DERIVATION
Definition pkcs11t.h:634
CKM_SHA256
#define CKM_SHA256
Definition pkcs11t.h:707
CKM_IDEA_CBC_PAD
#define CKM_IDEA_CBC_PAD
Definition pkcs11t.h:762
CKM_SHA512_T_HMAC_GENERAL
#define CKM_SHA512_T_HMAC_GENERAL
Definition pkcs11t.h:642
CKK_BLOWFISH
#define CKK_BLOWFISH
Definition pkcs11t.h:363
CKM_CDMF_CBC_PAD
#define CKM_CDMF_CBC_PAD
Definition pkcs11t.h:678
CKU_USER
#define CKU_USER
Definition pkcs11t.h:266
CKR_PIN_TOO_WEAK
#define CKR_PIN_TOO_WEAK
Definition pkcs11t.h:1153
CKA_MODULUS
#define CKA_MODULUS
Definition pkcs11t.h:474
CK_BYTE
unsigned char CK_BYTE
Definition pkcs11t.h:36
CKM_AES_CFB64
#define CKM_AES_CFB64
Definition pkcs11t.h:964
CKM_TLS_MASTER_KEY_DERIVE_DH
#define CKM_TLS_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:777
CKA_PRIVATE
#define CKA_PRIVATE
Definition pkcs11t.h:439
CKM_DES_KEY_GEN
#define CKM_DES_KEY_GEN
Definition pkcs11t.h:655
CK_SLOT_ID
CK_ULONG CK_SLOT_ID
Definition pkcs11t.h:104
CK_FLAGS
CK_ULONG CK_FLAGS
Definition pkcs11t.h:54
CKR_PIN_EXPIRED
#define CKR_PIN_EXPIRED
Definition pkcs11t.h:1093
CKM_CAST3_MAC_GENERAL
#define CKM_CAST3_MAC_GENERAL
Definition pkcs11t.h:736
CK_OBJECT_CLASS
CK_ULONG CK_OBJECT_CLASS
Definition pkcs11t.h:307
CKM_CAST5_CBC_PAD
#define CKM_CAST5_CBC_PAD
Definition pkcs11t.h:749
CKM_PBE_SHA1_RC2_128_CBC
#define CKM_PBE_SHA1_RC2_128_CBC
Definition pkcs11t.h:804
CKG_MGF1_SHA384
#define CKG_MGF1_SHA384
Definition pkcs11t.h:1248
CKR_PIN_LOCKED
#define CKR_PIN_LOCKED
Definition pkcs11t.h:1094
CKA_PRIME_1
#define CKA_PRIME_1
Definition pkcs11t.h:478
CKA_NAME_HASH_ALGORITHM
#define CKA_NAME_HASH_ALGORITHM
Definition pkcs11t.h:456
CKM_DSA_SHA512
#define CKM_DSA_SHA512
Definition pkcs11t.h:611
CKM_SSL3_PRE_MASTER_KEY_GEN
#define CKM_SSL3_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:769
CKM_SSL3_MASTER_KEY_DERIVE_DH
#define CKM_SSL3_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:773
CKM_IDEA_MAC
#define CKM_IDEA_MAC
Definition pkcs11t.h:760
CKR_LIBRARY_LOAD_FAILED
#define CKR_LIBRARY_LOAD_FAILED
Definition pkcs11t.h:1152
CKM_MD5_RSA_PKCS
#define CKM_MD5_RSA_PKCS
Definition pkcs11t.h:592
CKM_DSA_SHA384
#define CKM_DSA_SHA384
Definition pkcs11t.h:610
CKM_RIPEMD128_HMAC_GENERAL
#define CKM_RIPEMD128_HMAC_GENERAL
Definition pkcs11t.h:702
CKF_WRAP
#define CKF_WRAP
Definition pkcs11t.h:1015
CKK_DES
#define CKK_DES
Definition pkcs11t.h:349
CKM_PBA_SHA1_WITH_SHA1_HMAC
#define CKM_PBA_SHA1_WITH_SHA1_HMAC
Definition pkcs11t.h:809
CKA_OTP_SERVICE_LOGO_TYPE
#define CKA_OTP_SERVICE_LOGO_TYPE
Definition pkcs11t.h:533
CK_SESSION_HANDLE
CK_ULONG CK_SESSION_HANDLE
Definition pkcs11t.h:256
CKA_OTP_CHALLENGE_REQUIREMENT
#define CKA_OTP_CHALLENGE_REQUIREMENT
Definition pkcs11t.h:524
CKK_ACTI
#define CKK_ACTI
Definition pkcs11t.h:367
CKR_CANT_LOCK
#define CKR_CANT_LOCK
Definition pkcs11t.h:1049
CKM_DES_CBC_PAD
#define CKM_DES_CBC_PAD
Definition pkcs11t.h:661
CKR_TOKEN_NOT_PRESENT
#define CKR_TOKEN_NOT_PRESENT
Definition pkcs11t.h:1110
CKA_OTP_FORMAT
#define CKA_OTP_FORMAT
Definition pkcs11t.h:520
CKF_EXTENSION
#define CKF_EXTENSION
Definition pkcs11t.h:1029
CKM_SHA512_T
#define CKM_SHA512_T
Definition pkcs11t.h:640
CKM_DES3_CBC_PAD
#define CKM_DES3_CBC_PAD
Definition pkcs11t.h:670
CKM_SHA512_T_KEY_DERIVATION
#define CKM_SHA512_T_KEY_DERIVATION
Definition pkcs11t.h:643
CKA_EC_POINT
#define CKA_EC_POINT
Definition pkcs11t.h:508
CKR_CRYPTOKI_NOT_INITIALIZED
#define CKR_CRYPTOKI_NOT_INITIALIZED
Definition pkcs11t.h:1142
CKM_KEA_DERIVE
#define CKM_KEA_DERIVE
Definition pkcs11t.h:878
CKM_DH_PKCS_DERIVE
#define CKM_DH_PKCS_DERIVE
Definition pkcs11t.h:614
CKM_CAMELLIA_MAC_GENERAL
#define CKM_CAMELLIA_MAC_GENERAL
Definition pkcs11t.h:841
CKA_SENSITIVE
#define CKA_SENSITIVE
Definition pkcs11t.h:462
CKM_MD2_HMAC_GENERAL
#define CKM_MD2_HMAC_GENERAL
Definition pkcs11t.h:688
CKF_EC_F_P
#define CKF_EC_F_P
Definition pkcs11t.h:1022
CKM_SEED_CBC_ENCRYPT_DATA
#define CKM_SEED_CBC_ENCRYPT_DATA
Definition pkcs11t.h:863
CKM_DES3_CMAC_GENERAL
#define CKM_DES3_CMAC_GENERAL
Definition pkcs11t.h:671
CKR_PIN_INCORRECT
#define CKR_PIN_INCORRECT
Definition pkcs11t.h:1089
CKM_CAST128_MAC_GENERAL
#define CKM_CAST128_MAC_GENERAL
Definition pkcs11t.h:748
CKM_ARIA_CBC
#define CKM_ARIA_CBC
Definition pkcs11t.h:849
CK_CERTIFICATE_CATEGORY_TOKEN_USER
#define CK_CERTIFICATE_CATEGORY_TOKEN_USER
Definition pkcs11t.h:396
CKM_CAMELLIA_CTR
#define CKM_CAMELLIA_CTR
Definition pkcs11t.h:845
CKM_PBE_SHA1_RC4_40
#define CKM_PBE_SHA1_RC4_40
Definition pkcs11t.h:801
CKM_PBE_SHA1_CAST5_CBC
#define CKM_PBE_SHA1_CAST5_CBC
Definition pkcs11t.h:798
CKM_TLS10_MAC_SERVER
#define CKM_TLS10_MAC_SERVER
Definition pkcs11t.h:818
CKM_X9_42_DH_DERIVE
#define CKM_X9_42_DH_DERIVE
Definition pkcs11t.h:617
CKF_GENERATE_KEY_PAIR
#define CKF_GENERATE_KEY_PAIR
Definition pkcs11t.h:1014
CKM_AES_KEY_WRAP
#define CKM_AES_KEY_WRAP
Definition pkcs11t.h:969
CKM_SKIPJACK_PRIVATE_WRAP
#define CKM_SKIPJACK_PRIVATE_WRAP
Definition pkcs11t.h:874
CKF_SIGN_RECOVER
#define CKF_SIGN_RECOVER
Definition pkcs11t.h:1010
CKA_SIGN_RECOVER
#define CKA_SIGN_RECOVER
Definition pkcs11t.h:468
CKM_KEY_WRAP_LYNKS
#define CKM_KEY_WRAP_LYNKS
Definition pkcs11t.h:829
CKM_SHA512_RSA_PKCS_PSS
#define CKM_SHA512_RSA_PKCS_PSS
Definition pkcs11t.h:626
CKM_CAST5_KEY_GEN
#define CKM_CAST5_KEY_GEN
Definition pkcs11t.h:739
CKF_REMOVABLE_DEVICE
#define CKF_REMOVABLE_DEVICE
Definition pkcs11t.h:123
CKP_PKCS5_PBKD2_HMAC_SHA512_256
#define CKP_PKCS5_PBKD2_HMAC_SHA512_256
Definition pkcs11t.h:1726
CKM_CAMELLIA_CBC
#define CKM_CAMELLIA_CBC
Definition pkcs11t.h:839
CKM_ECDSA_SHA512
#define CKM_ECDSA_SHA512
Definition pkcs11t.h:896
CKM_RSA_PKCS_OAEP
#define CKM_RSA_PKCS_OAEP
Definition pkcs11t.h:597
CKM_DES_OFB64
#define CKM_DES_OFB64
Definition pkcs11t.h:680
CKR_WRAPPED_KEY_INVALID
#define CKR_WRAPPED_KEY_INVALID
Definition pkcs11t.h:1124
CKF_SECONDARY_AUTHENTICATION
#define CKF_SECONDARY_AUTHENTICATION
Definition pkcs11t.h:199
CKO_OTP_KEY
#define CKO_OTP_KEY
Definition pkcs11t.h:318
CKM_PBE_SHA1_RC4_128
#define CKM_PBE_SHA1_RC4_128
Definition pkcs11t.h:800
CKM_CDMF_MAC
#define CKM_CDMF_MAC
Definition pkcs11t.h:676
CKM_RSA_PKCS_OAEP_TPM_1_1
#define CKM_RSA_PKCS_OAEP_TPM_1_1
Definition pkcs11t.h:973
CKM_SHA512_RSA_PKCS
#define CKM_SHA512_RSA_PKCS
Definition pkcs11t.h:623
CKA_EXPONENT_1
#define CKA_EXPONENT_1
Definition pkcs11t.h:480
CKM_DES3_MAC_GENERAL
#define CKM_DES3_MAC_GENERAL
Definition pkcs11t.h:669
CKM_CAST_CBC_PAD
#define CKM_CAST_CBC_PAD
Definition pkcs11t.h:731
CKP_PKCS5_PBKD2_HMAC_SHA224
#define CKP_PKCS5_PBKD2_HMAC_SHA224
Definition pkcs11t.h:1721
CKM_SHA224_HMAC
#define CKM_SHA224_HMAC
Definition pkcs11t.h:711
CKM_CAST5_CBC
#define CKM_CAST5_CBC
Definition pkcs11t.h:743
CKM_SSL3_MD5_MAC
#define CKM_SSL3_MD5_MAC
Definition pkcs11t.h:781
CKM_EXTRACT_KEY_FROM_KEY
#define CKM_EXTRACT_KEY_FROM_KEY
Definition pkcs11t.h:768
CKM_SKIPJACK_CFB32
#define CKM_SKIPJACK_CFB32
Definition pkcs11t.h:870
CKM_ECMQV_DERIVE
#define CKM_ECMQV_DERIVE
Definition pkcs11t.h:900
CKA_SIGN
#define CKA_SIGN
Definition pkcs11t.h:467
CKM_AES_KEY_GEN
#define CKM_AES_KEY_GEN
Definition pkcs11t.h:913
CKF_USER_FRIENDLY_OTP
#define CKF_USER_FRIENDLY_OTP
Definition pkcs11t.h:1814
CKR_WRAPPING_KEY_HANDLE_INVALID
#define CKR_WRAPPING_KEY_HANDLE_INVALID
Definition pkcs11t.h:1126
CKR_MUTEX_NOT_LOCKED
#define CKR_MUTEX_NOT_LOCKED
Definition pkcs11t.h:1145
CKR_USER_TOO_MANY_TYPES
#define CKR_USER_TOO_MANY_TYPES
Definition pkcs11t.h:1122
CKM_CAST_MAC_GENERAL
#define CKM_CAST_MAC_GENERAL
Definition pkcs11t.h:730
CK_USER_TYPE
CK_ULONG CK_USER_TYPE
Definition pkcs11t.h:262
CKF_USER_PIN_COUNT_LOW
#define CKF_USER_PIN_COUNT_LOW
Definition pkcs11t.h:205
CKM_IDEA_CBC
#define CKM_IDEA_CBC
Definition pkcs11t.h:759
CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC
#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC
Definition pkcs11t.h:813
CKR_SESSION_CLOSED
#define CKR_SESSION_CLOSED
Definition pkcs11t.h:1096
CKA_EXPONENT_2
#define CKA_EXPONENT_2
Definition pkcs11t.h:481
CKK_RIPEMD160_HMAC
#define CKK_RIPEMD160_HMAC
Definition pkcs11t.h:374
CK_TRUE
#define CK_TRUE
Definition pkcs11t.h:23
CKM_DSA_KEY_PAIR_GEN
#define CKM_DSA_KEY_PAIR_GEN
Definition pkcs11t.h:605
CKM_RC4_KEY_GEN
#define CKM_RC4_KEY_GEN
Definition pkcs11t.h:653
CKM_ACTI_KEY_GEN
#define CKM_ACTI_KEY_GEN
Definition pkcs11t.h:724
CKM_SHA224
#define CKM_SHA224
Definition pkcs11t.h:710
CKM_SHA1_RSA_X9_31
#define CKM_SHA1_RSA_X9_31
Definition pkcs11t.h:601
CKM_AES_CBC_ENCRYPT_DATA
#define CKM_AES_CBC_ENCRYPT_DATA
Definition pkcs11t.h:942
CKA_VALUE
#define CKA_VALUE
Definition pkcs11t.h:442
CKA_URL
#define CKA_URL
Definition pkcs11t.h:453
CKM_GOSTR3410
#define CKM_GOSTR3410
Definition pkcs11t.h:945
CKM_CAMELLIA_CBC_PAD
#define CKM_CAMELLIA_CBC_PAD
Definition pkcs11t.h:842
CKF_EXCLUDE_COUNTER
#define CKF_EXCLUDE_COUNTER
Definition pkcs11t.h:1811
CK_FUNCTION_LIST_PTR
CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR
Definition pkcs11t.h:1175
CKM_CAMELLIA_ECB_ENCRYPT_DATA
#define CKM_CAMELLIA_ECB_ENCRYPT_DATA
Definition pkcs11t.h:843
CKM_SKIPJACK_CFB16
#define CKM_SKIPJACK_CFB16
Definition pkcs11t.h:871
CKK_JUNIPER
#define CKK_JUNIPER
Definition pkcs11t.h:360
CKM_WTLS_MASTER_KEY_DERIVE
#define CKM_WTLS_MASTER_KEY_DERIVE
Definition pkcs11t.h:812
CKM_SKIPJACK_KEY_GEN
#define CKM_SKIPJACK_KEY_GEN
Definition pkcs11t.h:865
CKH_MONOTONIC_COUNTER
#define CKH_MONOTONIC_COUNTER
Definition pkcs11t.h:330
CKF_ENCRYPT
#define CKF_ENCRYPT
Definition pkcs11t.h:1006
CKF_OS_LOCKING_OK
#define CKF_OS_LOCKING_OK
Definition pkcs11t.h:1226
CKM_GOST28147_KEY_WRAP
#define CKM_GOST28147_KEY_WRAP
Definition pkcs11t.h:955
CKM_SHA224_RSA_PKCS_PSS
#define CKM_SHA224_RSA_PKCS_PSS
Definition pkcs11t.h:629
CKA_LOCAL
#define CKA_LOCAL
Definition pkcs11t.h:495
CKM_MD5_KEY_DERIVATION
#define CKM_MD5_KEY_DERIVATION
Definition pkcs11t.h:783
CKM_BATON_ECB96
#define CKM_BATON_ECB96
Definition pkcs11t.h:882
CKP_PKCS5_PBKD2_HMAC_SHA384
#define CKP_PKCS5_PBKD2_HMAC_SHA384
Definition pkcs11t.h:1723
CKM_CAST3_MAC
#define CKM_CAST3_MAC
Definition pkcs11t.h:735
CKR_OBJECT_HANDLE_INVALID
#define CKR_OBJECT_HANDLE_INVALID
Definition pkcs11t.h:1086
CKF_EC_ECPARAMETERS
#define CKF_EC_ECPARAMETERS
Definition pkcs11t.h:1024
CKM_CDMF_KEY_GEN
#define CKM_CDMF_KEY_GEN
Definition pkcs11t.h:673
CKA_ECDSA_PARAMS
#define CKA_ECDSA_PARAMS
Definition pkcs11t.h:505
CKM_SHA512_224
#define CKM_SHA512_224
Definition pkcs11t.h:631
CKM_KEA_KEY_PAIR_GEN
#define CKM_KEA_KEY_PAIR_GEN
Definition pkcs11t.h:876
CKM_SHA256_HMAC
#define CKM_SHA256_HMAC
Definition pkcs11t.h:708
CKA_RESET_ON_INIT
#define CKA_RESET_ON_INIT
Definition pkcs11t.h:540
CKA_VERIFY
#define CKA_VERIFY
Definition pkcs11t.h:469
CKR_PIN_INVALID
#define CKR_PIN_INVALID
Definition pkcs11t.h:1090
CKA_OTP_PIN_REQUIREMENT
#define CKA_OTP_PIN_REQUIREMENT
Definition pkcs11t.h:527
CK_RSA_PKCS_MGF_TYPE
CK_ULONG CK_RSA_PKCS_MGF_TYPE
Definition pkcs11t.h:1241
CKR_UNWRAPPING_KEY_SIZE_RANGE
#define CKR_UNWRAPPING_KEY_SIZE_RANGE
Definition pkcs11t.h:1114
CKM_X9_42_MQV_DERIVE
#define CKM_X9_42_MQV_DERIVE
Definition pkcs11t.h:619
CKM_GOST28147
#define CKM_GOST28147
Definition pkcs11t.h:953
CKM_CDMF_ECB
#define CKM_CDMF_ECB
Definition pkcs11t.h:674
CKD_CPDIVERSIFY_KDF
#define CKD_CPDIVERSIFY_KDF
Definition pkcs11t.h:1300
CKM_TLS12_MASTER_KEY_DERIVE
#define CKM_TLS12_MASTER_KEY_DERIVE
Definition pkcs11t.h:822
CKO_DATA
#define CKO_DATA
Definition pkcs11t.h:310
CKM_BATON_SHUFFLE
#define CKM_BATON_SHUFFLE
Definition pkcs11t.h:885
CKO_PRIVATE_KEY
#define CKO_PRIVATE_KEY
Definition pkcs11t.h:313
CKM_SHA512_256_HMAC_GENERAL
#define CKM_SHA512_256_HMAC_GENERAL
Definition pkcs11t.h:637
CKK_IDEA
#define CKK_IDEA
Definition pkcs11t.h:357
CKM_RC5_MAC_GENERAL
#define CKM_RC5_MAC_GENERAL
Definition pkcs11t.h:755
CKD_SHA384_KDF
#define CKD_SHA384_KDF
Definition pkcs11t.h:1298
CKR_ENCRYPTED_DATA_INVALID
#define CKR_ENCRYPTED_DATA_INVALID
Definition pkcs11t.h:1063
CKM_RC2_CBC_PAD
#define CKM_RC2_CBC_PAD
Definition pkcs11t.h:651
CKP_PKCS5_PBKD2_HMAC_GOSTR3411
#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411
Definition pkcs11t.h:1720
CKM_SEED_CBC_PAD
#define CKM_SEED_CBC_PAD
Definition pkcs11t.h:861
CKR_CRYPTOKI_ALREADY_INITIALIZED
#define CKR_CRYPTOKI_ALREADY_INITIALIZED
Definition pkcs11t.h:1143
CKM_GENERIC_SECRET_KEY_GEN
#define CKM_GENERIC_SECRET_KEY_GEN
Definition pkcs11t.h:763
CKM_DH_PKCS_KEY_PAIR_GEN
#define CKM_DH_PKCS_KEY_PAIR_GEN
Definition pkcs11t.h:613
CKM_DES3_ECB_ENCRYPT_DATA
#define CKM_DES3_ECB_ENCRYPT_DATA
Definition pkcs11t.h:939
CKA_ALLOWED_MECHANISMS
#define CKA_ALLOWED_MECHANISMS
Definition pkcs11t.h:557
CKF_SERIAL_SESSION
#define CKF_SERIAL_SESSION
Definition pkcs11t.h:290
CKR_FUNCTION_FAILED
#define CKR_FUNCTION_FAILED
Definition pkcs11t.h:1044
CKM_CDMF_MAC_GENERAL
#define CKM_CDMF_MAC_GENERAL
Definition pkcs11t.h:677
CKH_CLOCK
#define CKH_CLOCK
Definition pkcs11t.h:331
CKA_OTP_COUNTER_REQUIREMENT
#define CKA_OTP_COUNTER_REQUIREMENT
Definition pkcs11t.h:526
CKM_SHA384
#define CKM_SHA384
Definition pkcs11t.h:713
CKA_COPYABLE
#define CKA_COPYABLE
Definition pkcs11t.h:501
CKF_DUAL_CRYPTO_OPERATIONS
#define CKF_DUAL_CRYPTO_OPERATIONS
Definition pkcs11t.h:185
CKA_PRIME_2
#define CKA_PRIME_2
Definition pkcs11t.h:479
CKR_OPERATION_NOT_INITIALIZED
#define CKR_OPERATION_NOT_INITIALIZED
Definition pkcs11t.h:1088
CKR_ACTION_PROHIBITED
#define CKR_ACTION_PROHIBITED
Definition pkcs11t.h:1056
CKF_SO_PIN_TO_BE_CHANGED
#define CKF_SO_PIN_TO_BE_CHANGED
Definition pkcs11t.h:246
CKR_SESSION_READ_ONLY_EXISTS
#define CKR_SESSION_READ_ONLY_EXISTS
Definition pkcs11t.h:1103
CKM_TLS_PRE_MASTER_KEY_GEN
#define CKM_TLS_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:774
CKM_EC_KEY_PAIR_GEN
#define CKM_EC_KEY_PAIR_GEN
Definition pkcs11t.h:889
CKK_DSA
#define CKK_DSA
Definition pkcs11t.h:340
CKR_SESSION_READ_WRITE_SO_EXISTS
#define CKR_SESSION_READ_WRITE_SO_EXISTS
Definition pkcs11t.h:1104
CKM_RC5_KEY_GEN
#define CKM_RC5_KEY_GEN
Definition pkcs11t.h:751
CKK_BATON
#define CKK_BATON
Definition pkcs11t.h:359
CKR_KEY_SIZE_RANGE
#define CKR_KEY_SIZE_RANGE
Definition pkcs11t.h:1072
CKM_AES_GCM
#define CKM_AES_GCM
Definition pkcs11t.h:920
CKM_DH_PKCS_PARAMETER_GEN
#define CKM_DH_PKCS_PARAMETER_GEN
Definition pkcs11t.h:958
CKM_PBE_MD5_CAST128_CBC
#define CKM_PBE_MD5_CAST128_CBC
Definition pkcs11t.h:797
CKM_SHA384_HMAC
#define CKM_SHA384_HMAC
Definition pkcs11t.h:714
CKR_TEMPLATE_INCONSISTENT
#define CKR_TEMPLATE_INCONSISTENT
Definition pkcs11t.h:1109
CKM_CDMF_CBC
#define CKM_CDMF_CBC
Definition pkcs11t.h:675
CKA_COLOR
#define CKA_COLOR
Definition pkcs11t.h:548
CKM_RC5_CBC_PAD
#define CKM_RC5_CBC_PAD
Definition pkcs11t.h:756
CKR_OPERATION_ACTIVE
#define CKR_OPERATION_ACTIVE
Definition pkcs11t.h:1087
CKR_DATA_LEN_RANGE
#define CKR_DATA_LEN_RANGE
Definition pkcs11t.h:1059
CKO_MECHANISM
#define CKO_MECHANISM
Definition pkcs11t.h:317
CKA_UNWRAP
#define CKA_UNWRAP
Definition pkcs11t.h:466
CKM_SHA1_RSA_PKCS
#define CKM_SHA1_RSA_PKCS
Definition pkcs11t.h:593
CKF_ARRAY_ATTRIBUTE
#define CKF_ARRAY_ATTRIBUTE
Definition pkcs11t.h:421
CKK_GOSTR3410
#define CKK_GOSTR3410
Definition pkcs11t.h:381
CKM_SHA512
#define CKM_SHA512
Definition pkcs11t.h:716
CKM_MD2_KEY_DERIVATION
#define CKM_MD2_KEY_DERIVATION
Definition pkcs11t.h:784
CK_KEY_TYPE
CK_ULONG CK_KEY_TYPE
Definition pkcs11t.h:336
CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN
#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN
Definition pkcs11t.h:961
CKA_TRUSTED
#define CKA_TRUSTED
Definition pkcs11t.h:450
CKA_WRAP_WITH_TRUSTED
#define CKA_WRAP_WITH_TRUSTED
Definition pkcs11t.h:515
CKK_GOSTR3411
#define CKK_GOSTR3411
Definition pkcs11t.h:382
CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE
CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE
Definition pkcs11t.h:1714
CKR_BUFFER_TOO_SMALL
#define CKR_BUFFER_TOO_SMALL
Definition pkcs11t.h:1137
CKM_ARIA_MAC_GENERAL
#define CKM_ARIA_MAC_GENERAL
Definition pkcs11t.h:851
CKU_SO
#define CKU_SO
Definition pkcs11t.h:264
CKM_CAMELLIA_CBC_ENCRYPT_DATA
#define CKM_CAMELLIA_CBC_ENCRYPT_DATA
Definition pkcs11t.h:844
CKM_AES_CFB128
#define CKM_AES_CFB128
Definition pkcs11t.h:966
CKS_RW_USER_FUNCTIONS
#define CKS_RW_USER_FUNCTIONS
Definition pkcs11t.h:275
CKM_AES_CMAC_GENERAL
#define CKM_AES_CMAC_GENERAL
Definition pkcs11t.h:924
CKS_RO_PUBLIC_SESSION
#define CKS_RO_PUBLIC_SESSION
Definition pkcs11t.h:272
CKO_HW_FEATURE
#define CKO_HW_FEATURE
Definition pkcs11t.h:315
CKA_DECRYPT
#define CKA_DECRYPT
Definition pkcs11t.h:464
CKM_PBE_MD5_CAST_CBC
#define CKM_PBE_MD5_CAST_CBC
Definition pkcs11t.h:794
CKM_SHA1_KEY_DERIVATION
#define CKM_SHA1_KEY_DERIVATION
Definition pkcs11t.h:785
CKA_OTP_LENGTH
#define CKA_OTP_LENGTH
Definition pkcs11t.h:521
CKF_EXCLUDE_CHALLENGE
#define CKF_EXCLUDE_CHALLENGE
Definition pkcs11t.h:1812
CKO_VENDOR_DEFINED
#define CKO_VENDOR_DEFINED
Definition pkcs11t.h:320
CKP_PKCS5_PBKD2_HMAC_SHA512
#define CKP_PKCS5_PBKD2_HMAC_SHA512
Definition pkcs11t.h:1724
CKA_KEY_TYPE
#define CKA_KEY_TYPE
Definition pkcs11t.h:459
CKR_USER_PIN_NOT_INITIALIZED
#define CKR_USER_PIN_NOT_INITIALIZED
Definition pkcs11t.h:1118
CKN_OTP_CHANGED
#define CKN_OTP_CHANGED
Definition pkcs11t.h:102
CKM_RIPEMD160
#define CKM_RIPEMD160
Definition pkcs11t.h:703
CKA_ALWAYS_AUTHENTICATE
#define CKA_ALWAYS_AUTHENTICATE
Definition pkcs11t.h:513
CKM_RSA_9796
#define CKM_RSA_9796
Definition pkcs11t.h:588
CKK_CAST
#define CKK_CAST
Definition pkcs11t.h:352
CKM_JUNIPER_WRAP
#define CKM_JUNIPER_WRAP
Definition pkcs11t.h:910
CKA_VALUE_LEN
#define CKA_VALUE_LEN
Definition pkcs11t.h:493
CKA_CHAR_ROWS
#define CKA_CHAR_ROWS
Definition pkcs11t.h:546
CKM_CAST_ECB
#define CKM_CAST_ECB
Definition pkcs11t.h:727
CKM_BATON_COUNTER
#define CKM_BATON_COUNTER
Definition pkcs11t.h:884
CKM_CAST3_KEY_GEN
#define CKM_CAST3_KEY_GEN
Definition pkcs11t.h:732
CKM_TLS_PRF
#define CKM_TLS_PRF
Definition pkcs11t.h:779
CKM_JUNIPER_CBC128
#define CKM_JUNIPER_CBC128
Definition pkcs11t.h:907
CKK_RC2
#define CKK_RC2
Definition pkcs11t.h:347
CKM_SHA224_RSA_PKCS
#define CKM_SHA224_RSA_PKCS
Definition pkcs11t.h:628
CKM_PBE_SHA1_DES3_EDE_CBC
#define CKM_PBE_SHA1_DES3_EDE_CBC
Definition pkcs11t.h:802
CKR_USER_ALREADY_LOGGED_IN
#define CKR_USER_ALREADY_LOGGED_IN
Definition pkcs11t.h:1116
CKK_SHA384_HMAC
#define CKK_SHA384_HMAC
Definition pkcs11t.h:376
CKR_STATE_UNSAVEABLE
#define CKR_STATE_UNSAVEABLE
Definition pkcs11t.h:1140
CKM_RIPEMD160_RSA_PKCS
#define CKM_RIPEMD160_RSA_PKCS
Definition pkcs11t.h:596
CKF_RNG
#define CKF_RNG
Definition pkcs11t.h:155
CKP_PKCS5_PBKD2_HMAC_SHA1
#define CKP_PKCS5_PBKD2_HMAC_SHA1
Definition pkcs11t.h:1719
CKM_AES_CTS
#define CKM_AES_CTS
Definition pkcs11t.h:922
CKA_GOST28147_PARAMS
#define CKA_GOST28147_PARAMS
Definition pkcs11t.h:537
CKM_X9_42_DH_PARAMETER_GEN
#define CKM_X9_42_DH_PARAMETER_GEN
Definition pkcs11t.h:959
CKK_RIPEMD128_HMAC
#define CKK_RIPEMD128_HMAC
Definition pkcs11t.h:373
CKF_SIGN
#define CKF_SIGN
Definition pkcs11t.h:1009
CKM_JUNIPER_COUNTER
#define CKM_JUNIPER_COUNTER
Definition pkcs11t.h:908
CKD_SHA1_KDF_CONCATENATE
#define CKD_SHA1_KDF_CONCATENATE
Definition pkcs11t.h:1295
CKF_GENERATE
#define CKF_GENERATE
Definition pkcs11t.h:1013
CKM_SHA512_256_HMAC
#define CKM_SHA512_256_HMAC
Definition pkcs11t.h:636
CKM_KIP_WRAP
#define CKM_KIP_WRAP
Definition pkcs11t.h:834
CK_MECHANISM_TYPE
CK_ULONG CK_MECHANISM_TYPE
Definition pkcs11t.h:583
CKK_GENERIC_SECRET
#define CKK_GENERIC_SECRET
Definition pkcs11t.h:346
CKM_TLS12_KEY_SAFE_DERIVE
#define CKM_TLS12_KEY_SAFE_DERIVE
Definition pkcs11t.h:825
CKM_PBE_SHA1_CAST128_CBC
#define CKM_PBE_SHA1_CAST128_CBC
Definition pkcs11t.h:799
CKU_CONTEXT_SPECIFIC
#define CKU_CONTEXT_SPECIFIC
Definition pkcs11t.h:268
CKP_PKCS5_PBKD2_HMAC_SHA512_224
#define CKP_PKCS5_PBKD2_HMAC_SHA512_224
Definition pkcs11t.h:1725
CKA_VALUE_BITS
#define CKA_VALUE_BITS
Definition pkcs11t.h:492
CKM_TLS12_KDF
#define CKM_TLS12_KDF
Definition pkcs11t.h:821
CKF_SO_PIN_FINAL_TRY
#define CKF_SO_PIN_FINAL_TRY
Definition pkcs11t.h:234
CKF_EXCLUDE_PIN
#define CKF_EXCLUDE_PIN
Definition pkcs11t.h:1813
CKA_COEFFICIENT
#define CKA_COEFFICIENT
Definition pkcs11t.h:482
CKR_INFORMATION_SENSITIVE
#define CKR_INFORMATION_SENSITIVE
Definition pkcs11t.h:1139
CKR_NEW_PIN_MODE
#define CKR_NEW_PIN_MODE
Definition pkcs11t.h:1147
CKM_AES_KEY_WRAP_PAD
#define CKM_AES_KEY_WRAP_PAD
Definition pkcs11t.h:970
CKR_OK
#define CKR_OK
Definition pkcs11t.h:1038
CKM_CONCATENATE_DATA_AND_BASE
#define CKM_CONCATENATE_DATA_AND_BASE
Definition pkcs11t.h:766
CKM_GOSTR3410_KEY_WRAP
#define CKM_GOSTR3410_KEY_WRAP
Definition pkcs11t.h:947
CKA_OWNER
#define CKA_OWNER
Definition pkcs11t.h:448
CKM_XOR_BASE_AND_DATA
#define CKM_XOR_BASE_AND_DATA
Definition pkcs11t.h:767
CKA_DESTROYABLE
#define CKA_DESTROYABLE
Definition pkcs11t.h:503
CKM_ECDSA
#define CKM_ECDSA
Definition pkcs11t.h:891
CKM_ECDSA_SHA384
#define CKM_ECDSA_SHA384
Definition pkcs11t.h:895
CKM_RSA_X9_31
#define CKM_RSA_X9_31
Definition pkcs11t.h:600
CKM_GOST28147_KEY_GEN
#define CKM_GOST28147_KEY_GEN
Definition pkcs11t.h:951
CKK_CAST3
#define CKK_CAST3
Definition pkcs11t.h:353
CKA_SUBPRIME
#define CKA_SUBPRIME
Definition pkcs11t.h:485
CKA_DERIVE
#define CKA_DERIVE
Definition pkcs11t.h:471
CKK_SKIPJACK
#define CKK_SKIPJACK
Definition pkcs11t.h:358
CKR_ATTRIBUTE_VALUE_INVALID
#define CKR_ATTRIBUTE_VALUE_INVALID
Definition pkcs11t.h:1054
CKA_REQUIRED_CMS_ATTRIBUTES
#define CKA_REQUIRED_CMS_ATTRIBUTES
Definition pkcs11t.h:554
CKM_GOSTR3411
#define CKM_GOSTR3411
Definition pkcs11t.h:949
CK_CERTIFICATE_CATEGORY_AUTHORITY
#define CK_CERTIFICATE_CATEGORY_AUTHORITY
Definition pkcs11t.h:397
CKM_PBE_MD2_DES_CBC
#define CKM_PBE_MD2_DES_CBC
Definition pkcs11t.h:792
CKM_DES_OFB8
#define CKM_DES_OFB8
Definition pkcs11t.h:681
CKM_RIPEMD160_HMAC
#define CKM_RIPEMD160_HMAC
Definition pkcs11t.h:704
CKM_HOTP
#define CKM_HOTP
Definition pkcs11t.h:722
CKM_KEY_WRAP_SET_OAEP
#define CKM_KEY_WRAP_SET_OAEP
Definition pkcs11t.h:830
CKM_KIP_MAC
#define CKM_KIP_MAC
Definition pkcs11t.h:835
CKA_MIME_TYPES
#define CKA_MIME_TYPES
Definition pkcs11t.h:552
CKM_CAST3_CBC_PAD
#define CKM_CAST3_CBC_PAD
Definition pkcs11t.h:737
CKA_CERTIFICATE_CATEGORY
#define CKA_CERTIFICATE_CATEGORY
Definition pkcs11t.h:451
CKK_VENDOR_DEFINED
#define CKK_VENDOR_DEFINED
Definition pkcs11t.h:387
CKM_DSA_SHA224
#define CKM_DSA_SHA224
Definition pkcs11t.h:608
CKM_TLS_MAC
#define CKM_TLS_MAC
Definition pkcs11t.h:826
CK_BBOOL
CK_BYTE CK_BBOOL
Definition pkcs11t.h:45
CKR_FUNCTION_NOT_SUPPORTED
#define CKR_FUNCTION_NOT_SUPPORTED
Definition pkcs11t.h:1068
CKF_RESTORE_KEY_NOT_NEEDED
#define CKF_RESTORE_KEY_NOT_NEEDED
Definition pkcs11t.h:165
CKM_CAST5_ECB
#define CKM_CAST5_ECB
Definition pkcs11t.h:741
CKA_GOSTR3410_PARAMS
#define CKA_GOSTR3410_PARAMS
Definition pkcs11t.h:535
CKR_USER_NOT_LOGGED_IN
#define CKR_USER_NOT_LOGGED_IN
Definition pkcs11t.h:1117
CKA_ALWAYS_SENSITIVE
#define CKA_ALWAYS_SENSITIVE
Definition pkcs11t.h:497
CKM_DES_CFB64
#define CKM_DES_CFB64
Definition pkcs11t.h:682
CKK_HOTP
#define CKK_HOTP
Definition pkcs11t.h:366
CKM_AES_CFB1
#define CKM_AES_CFB1
Definition pkcs11t.h:968
CKM_DES_ECB_ENCRYPT_DATA
#define CKM_DES_ECB_ENCRYPT_DATA
Definition pkcs11t.h:937
CKR_DEVICE_REMOVED
#define CKR_DEVICE_REMOVED
Definition pkcs11t.h:1062
CKF_UNWRAP
#define CKF_UNWRAP
Definition pkcs11t.h:1016
CKA_VENDOR_DEFINED
#define CKA_VENDOR_DEFINED
Definition pkcs11t.h:559
CKA_OTP_TIME
#define CKA_OTP_TIME
Definition pkcs11t.h:529
CKM_PBE_SHA1_RC2_40_CBC
#define CKM_PBE_SHA1_RC2_40_CBC
Definition pkcs11t.h:805
CKM_GOSTR3410_DERIVE
#define CKM_GOSTR3410_DERIVE
Definition pkcs11t.h:948
CKA_END_DATE
#define CKA_END_DATE
Definition pkcs11t.h:473
CKG_MGF1_SHA1
#define CKG_MGF1_SHA1
Definition pkcs11t.h:1246
CKK_SECURID
#define CKK_SECURID
Definition pkcs11t.h:365
CKP_PKCS5_PBKD2_HMAC_SHA256
#define CKP_PKCS5_PBKD2_HMAC_SHA256
Definition pkcs11t.h:1722
CKM_SHA256_HMAC_GENERAL
#define CKM_SHA256_HMAC_GENERAL
Definition pkcs11t.h:709
CKA_ATTR_TYPES
#define CKA_ATTR_TYPES
Definition pkcs11t.h:449
CKF_USER_PIN_TO_BE_CHANGED
#define CKF_USER_PIN_TO_BE_CHANGED
Definition pkcs11t.h:223
CKM_AES_ECB_ENCRYPT_DATA
#define CKM_AES_ECB_ENCRYPT_DATA
Definition pkcs11t.h:941
CKM_RIPEMD128_RSA_PKCS
#define CKM_RIPEMD128_RSA_PKCS
Definition pkcs11t.h:595
CK_CERTIFICATE_CATEGORY_UNSPECIFIED
#define CK_CERTIFICATE_CATEGORY_UNSPECIFIED
Definition pkcs11t.h:395
CKR_DOMAIN_PARAMS_INVALID
#define CKR_DOMAIN_PARAMS_INVALID
Definition pkcs11t.h:1133
CKA_CERTIFICATE_TYPE
#define CKA_CERTIFICATE_TYPE
Definition pkcs11t.h:444
CKM_ECDSA_SHA256
#define CKM_ECDSA_SHA256
Definition pkcs11t.h:894
CKM_BATON_WRAP
#define CKM_BATON_WRAP
Definition pkcs11t.h:886
CKF_SO_PIN_LOCKED
#define CKF_SO_PIN_LOCKED
Definition pkcs11t.h:239
CK_CERTIFICATE_TYPE
CK_ULONG CK_CERTIFICATE_TYPE
Definition pkcs11t.h:393
CKM_AES_OFB
#define CKM_AES_OFB
Definition pkcs11t.h:963
CKR_TOKEN_WRITE_PROTECTED
#define CKR_TOKEN_WRITE_PROTECTED
Definition pkcs11t.h:1112
CKA_HASH_OF_ISSUER_PUBLIC_KEY
#define CKA_HASH_OF_ISSUER_PUBLIC_KEY
Definition pkcs11t.h:455
CKM_HOTP_KEY_GEN
#define CKM_HOTP_KEY_GEN
Definition pkcs11t.h:721
CKF_DECRYPT
#define CKF_DECRYPT
Definition pkcs11t.h:1007
CKH_VENDOR_DEFINED
#define CKH_VENDOR_DEFINED
Definition pkcs11t.h:333
CKM_TWOFISH_CBC
#define CKM_TWOFISH_CBC
Definition pkcs11t.h:933
CKK_CDMF
#define CKK_CDMF
Definition pkcs11t.h:361
CKA_MODULUS_BITS
#define CKA_MODULUS_BITS
Definition pkcs11t.h:475
CK_VOID_PTR
void CK_PTR CK_VOID_PTR
Definition pkcs11t.h:66
CKM_RIPEMD128_HMAC
#define CKM_RIPEMD128_HMAC
Definition pkcs11t.h:701
CKA_LABEL
#define CKA_LABEL
Definition pkcs11t.h:440
CKA_EXTRACTABLE
#define CKA_EXTRACTABLE
Definition pkcs11t.h:494
CKM_ACTI
#define CKM_ACTI
Definition pkcs11t.h:723
CKM_CAST_KEY_GEN
#define CKM_CAST_KEY_GEN
Definition pkcs11t.h:726
CKR_TEMPLATE_INCOMPLETE
#define CKR_TEMPLATE_INCOMPLETE
Definition pkcs11t.h:1108
CKM_DES3_KEY_GEN
#define CKM_DES3_KEY_GEN
Definition pkcs11t.h:664
CKF_EC_COMPRESS
#define CKF_EC_COMPRESS
Definition pkcs11t.h:1027
CKM_DES3_CBC_ENCRYPT_DATA
#define CKM_DES3_CBC_ENCRYPT_DATA
Definition pkcs11t.h:940
CKM_CAST128_MAC
#define CKM_CAST128_MAC
Definition pkcs11t.h:746
CKM_MD5_HMAC
#define CKM_MD5_HMAC
Definition pkcs11t.h:692
CKF_SO_PIN_COUNT_LOW
#define CKF_SO_PIN_COUNT_LOW
Definition pkcs11t.h:229
CK_OBJECT_HANDLE
CK_ULONG CK_OBJECT_HANDLE
Definition pkcs11t.h:298
CKA_ENCODING_METHODS
#define CKA_ENCODING_METHODS
Definition pkcs11t.h:551
CK_HW_FEATURE_TYPE
CK_ULONG CK_HW_FEATURE_TYPE
Definition pkcs11t.h:327
CKM_DES3_ECB
#define CKM_DES3_ECB
Definition pkcs11t.h:665
CKM_AES_CBC
#define CKM_AES_CBC
Definition pkcs11t.h:915
CKM_SEED_MAC
#define CKM_SEED_MAC
Definition pkcs11t.h:859
CKM_AES_MAC
#define CKM_AES_MAC
Definition pkcs11t.h:916
CKM_SHA256_RSA_PKCS_PSS
#define CKM_SHA256_RSA_PKCS_PSS
Definition pkcs11t.h:624
CKR_KEY_NOT_NEEDED
#define CKR_KEY_NOT_NEEDED
Definition pkcs11t.h:1075
CKM_SKIPJACK_WRAP
#define CKM_SKIPJACK_WRAP
Definition pkcs11t.h:873
CKR_NO_EVENT
#define CKR_NO_EVENT
Definition pkcs11t.h:1047
CKR_VENDOR_DEFINED
#define CKR_VENDOR_DEFINED
Definition pkcs11t.h:1158
CKM_SKIPJACK_ECB64
#define CKM_SKIPJACK_ECB64
Definition pkcs11t.h:866
CKA_ENCRYPT
#define CKA_ENCRYPT
Definition pkcs11t.h:463
CKM_SHA384_KEY_DERIVATION
#define CKM_SHA384_KEY_DERIVATION
Definition pkcs11t.h:788
CKA_SUBPRIME_BITS
#define CKA_SUBPRIME_BITS
Definition pkcs11t.h:489
CKM_RSA_PKCS_PSS
#define CKM_RSA_PKCS_PSS
Definition pkcs11t.h:602
CKM_SKIPJACK_OFB64
#define CKM_SKIPJACK_OFB64
Definition pkcs11t.h:868
CKM_GOSTR3410_WITH_GOSTR3411
#define CKM_GOSTR3410_WITH_GOSTR3411
Definition pkcs11t.h:946
CKM_SHA1_RSA_PKCS_PSS
#define CKM_SHA1_RSA_PKCS_PSS
Definition pkcs11t.h:603
CKK_ECDSA
#define CKK_ECDSA
Definition pkcs11t.h:342
CKM_DES2_KEY_GEN
#define CKM_DES2_KEY_GEN
Definition pkcs11t.h:663
CKM_GOSTR3410_KEY_PAIR_GEN
#define CKM_GOSTR3410_KEY_PAIR_GEN
Definition pkcs11t.h:944
CKA_PIXEL_X
#define CKA_PIXEL_X
Definition pkcs11t.h:543
CKA_DEFAULT_CMS_ATTRIBUTES
#define CKA_DEFAULT_CMS_ATTRIBUTES
Definition pkcs11t.h:555
CKR_HOST_MEMORY
#define CKR_HOST_MEMORY
Definition pkcs11t.h:1040
CKM_SHA512_256_KEY_DERIVATION
#define CKM_SHA512_256_KEY_DERIVATION
Definition pkcs11t.h:638
CKA_GOSTR3411_PARAMS
#define CKA_GOSTR3411_PARAMS
Definition pkcs11t.h:536
CKM_SHA384_RSA_PKCS
#define CKM_SHA384_RSA_PKCS
Definition pkcs11t.h:622
CK_ATTRIBUTE_TYPE
CK_ULONG CK_ATTRIBUTE_TYPE
Definition pkcs11t.h:416
CKR_FUNCTION_NOT_PARALLEL
#define CKR_FUNCTION_NOT_PARALLEL
Definition pkcs11t.h:1066
CKK_GOST28147
#define CKK_GOST28147
Definition pkcs11t.h:383
CKA_CHAR_COLUMNS
#define CKA_CHAR_COLUMNS
Definition pkcs11t.h:547
CKA_UNWRAP_TEMPLATE
#define CKA_UNWRAP_TEMPLATE
Definition pkcs11t.h:517
CKR_SIGNATURE_LEN_RANGE
#define CKR_SIGNATURE_LEN_RANGE
Definition pkcs11t.h:1107
CKM_ARIA_MAC
#define CKM_ARIA_MAC
Definition pkcs11t.h:850
CKR_CURVE_NOT_SUPPORTED
#define CKR_CURVE_NOT_SUPPORTED
Definition pkcs11t.h:1135
CKM_SHA224_KEY_DERIVATION
#define CKM_SHA224_KEY_DERIVATION
Definition pkcs11t.h:790
CKA_KEY_GEN_MECHANISM
#define CKA_KEY_GEN_MECHANISM
Definition pkcs11t.h:498
CKR_FIPS_SELF_TEST_FAILED
#define CKR_FIPS_SELF_TEST_FAILED
Definition pkcs11t.h:1151
CKM_JUNIPER_SHUFFLE
#define CKM_JUNIPER_SHUFFLE
Definition pkcs11t.h:909
CKK_TWOFISH
#define CKK_TWOFISH
Definition pkcs11t.h:364
CKR_USER_TYPE_INVALID
#define CKR_USER_TYPE_INVALID
Definition pkcs11t.h:1119
CKM_SEED_ECB
#define CKM_SEED_ECB
Definition pkcs11t.h:857
CKM_CAMELLIA_ECB
#define CKM_CAMELLIA_ECB
Definition pkcs11t.h:838
CKM_ECDH_AES_KEY_WRAP
#define CKM_ECDH_AES_KEY_WRAP
Definition pkcs11t.h:902
CRYPTOKI_VERSION_MAJOR
#define CRYPTOKI_VERSION_MAJOR
Definition pkcs11t.h:19
CKO_DOMAIN_PARAMETERS
#define CKO_DOMAIN_PARAMETERS
Definition pkcs11t.h:316
CKM_PBE_MD5_CAST3_CBC
#define CKM_PBE_MD5_CAST3_CBC
Definition pkcs11t.h:795
CKM_RC4
#define CKM_RC4
Definition pkcs11t.h:654
CKM_RSA_AES_KEY_WRAP
#define CKM_RSA_AES_KEY_WRAP
Definition pkcs11t.h:903
CKF_USER_PIN_LOCKED
#define CKF_USER_PIN_LOCKED
Definition pkcs11t.h:216
CKM_PBE_MD5_DES_CBC
#define CKM_PBE_MD5_DES_CBC
Definition pkcs11t.h:793
CKM_SHA512_T_HMAC
#define CKM_SHA512_T_HMAC
Definition pkcs11t.h:641
CKM_SHA512_HMAC
#define CKM_SHA512_HMAC
Definition pkcs11t.h:717
CKM_RIPEMD160_HMAC_GENERAL
#define CKM_RIPEMD160_HMAC_GENERAL
Definition pkcs11t.h:705
CKM_SHA256_RSA_PKCS
#define CKM_SHA256_RSA_PKCS
Definition pkcs11t.h:621
CKR_KEY_HANDLE_INVALID
#define CKR_KEY_HANDLE_INVALID
Definition pkcs11t.h:1070
CKM_CAST_MAC
#define CKM_CAST_MAC
Definition pkcs11t.h:729
CKM_RC2_MAC_GENERAL
#define CKM_RC2_MAC_GENERAL
Definition pkcs11t.h:650
CKM_RC2_KEY_GEN
#define CKM_RC2_KEY_GEN
Definition pkcs11t.h:645
CKR_MUTEX_BAD
#define CKR_MUTEX_BAD
Definition pkcs11t.h:1144
CKM_CAST128_KEY_GEN
#define CKM_CAST128_KEY_GEN
Definition pkcs11t.h:740
CKF_TOKEN_PRESENT
#define CKF_TOKEN_PRESENT
Definition pkcs11t.h:122
CKM_AES_XCBC_MAC
#define CKM_AES_XCBC_MAC
Definition pkcs11t.h:926
CKD_SHA224_KDF
#define CKD_SHA224_KDF
Definition pkcs11t.h:1296
CKM_SHA384_RSA_PKCS_PSS
#define CKM_SHA384_RSA_PKCS_PSS
Definition pkcs11t.h:625
CKM_RSA_PKCS_TPM_1_1
#define CKM_RSA_PKCS_TPM_1_1
Definition pkcs11t.h:972
CKM_SSL3_KEY_AND_MAC_DERIVE
#define CKM_SSL3_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:771
CKM_DES_MAC_GENERAL
#define CKM_DES_MAC_GENERAL
Definition pkcs11t.h:660
CKA_PIXEL_Y
#define CKA_PIXEL_Y
Definition pkcs11t.h:544
CKR_SAVED_STATE_INVALID
#define CKR_SAVED_STATE_INVALID
Definition pkcs11t.h:1138
CKM_CAST128_CBC
#define CKM_CAST128_CBC
Definition pkcs11t.h:744
CKM_AES_ECB
#define CKM_AES_ECB
Definition pkcs11t.h:914
CKM_ARIA_ECB_ENCRYPT_DATA
#define CKM_ARIA_ECB_ENCRYPT_DATA
Definition pkcs11t.h:853
CKK_EC
#define CKK_EC
Definition pkcs11t.h:343
CKA_WRAP_TEMPLATE
#define CKA_WRAP_TEMPLATE
Definition pkcs11t.h:516
CKR_WRAPPED_KEY_LEN_RANGE
#define CKR_WRAPPED_KEY_LEN_RANGE
Definition pkcs11t.h:1125
CKK_ARIA
#define CKK_ARIA
Definition pkcs11t.h:369
CKF_HW
#define CKF_HW
Definition pkcs11t.h:1003
CKM_X9_42_DH_HYBRID_DERIVE
#define CKM_X9_42_DH_HYBRID_DERIVE
Definition pkcs11t.h:618
CKA_PRIME_BITS
#define CKA_PRIME_BITS
Definition pkcs11t.h:488
CKF_EXCLUDE_TIME
#define CKF_EXCLUDE_TIME
Definition pkcs11t.h:1810
CKR_EXCEEDED_MAX_ITERATIONS
#define CKR_EXCEEDED_MAX_ITERATIONS
Definition pkcs11t.h:1150
CKM_BLOWFISH_KEY_GEN
#define CKM_BLOWFISH_KEY_GEN
Definition pkcs11t.h:930
CKM_GOST28147_MAC
#define CKM_GOST28147_MAC
Definition pkcs11t.h:954
CKM_CAST128_ECB
#define CKM_CAST128_ECB
Definition pkcs11t.h:742
CKR_KEY_INDIGESTIBLE
#define CKR_KEY_INDIGESTIBLE
Definition pkcs11t.h:1078
CKK_MD5_HMAC
#define CKK_MD5_HMAC
Definition pkcs11t.h:371
CKH_USER_INTERFACE
#define CKH_USER_INTERFACE
Definition pkcs11t.h:332
CKK_SHA_1_HMAC
#define CKK_SHA_1_HMAC
Definition pkcs11t.h:372
CKA_OTP_COUNTER
#define CKA_OTP_COUNTER
Definition pkcs11t.h:528
CKA_CHAR_SETS
#define CKA_CHAR_SETS
Definition pkcs11t.h:550
CKF_VERIFY_RECOVER
#define CKF_VERIFY_RECOVER
Definition pkcs11t.h:1012
CKA_MECHANISM_TYPE
#define CKA_MECHANISM_TYPE
Definition pkcs11t.h:553
CK_STATE
CK_ULONG CK_STATE
Definition pkcs11t.h:271
CKK_AES
#define CKK_AES
Definition pkcs11t.h:362
CKM_SEED_CBC
#define CKM_SEED_CBC
Definition pkcs11t.h:858
CKA_BASE
#define CKA_BASE
Definition pkcs11t.h:486
CKM_DSA_SHA256
#define CKM_DSA_SHA256
Definition pkcs11t.h:609
CKF_CLOCK_ON_TOKEN
#define CKF_CLOCK_ON_TOKEN
Definition pkcs11t.h:171
CKS_RW_SO_FUNCTIONS
#define CKS_RW_SO_FUNCTIONS
Definition pkcs11t.h:276
CKM_DES_CFB8
#define CKM_DES_CFB8
Definition pkcs11t.h:683
CKR_KEY_NEEDED
#define CKR_KEY_NEEDED
Definition pkcs11t.h:1077
CKM_BLOWFISH_CBC_PAD
#define CKM_BLOWFISH_CBC_PAD
Definition pkcs11t.h:934
CKR_PUBLIC_KEY_INVALID
#define CKR_PUBLIC_KEY_INVALID
Definition pkcs11t.h:1154
CKR_KEY_TYPE_INCONSISTENT
#define CKR_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1073
CKM_SHA_1
#define CKM_SHA_1
Definition pkcs11t.h:695
CKM_DSA_SHA1
#define CKM_DSA_SHA1
Definition pkcs11t.h:607
CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT
#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1115
CKM_AES_XCBC_MAC_96
#define CKM_AES_XCBC_MAC_96
Definition pkcs11t.h:927
CKM_ECDSA_KEY_PAIR_GEN
#define CKM_ECDSA_KEY_PAIR_GEN
Definition pkcs11t.h:888
CKK_X9_42_DH
#define CKK_X9_42_DH
Definition pkcs11t.h:344
CKM_WTLS_PRF
#define CKM_WTLS_PRF
Definition pkcs11t.h:814
CKF_ERROR_STATE
#define CKF_ERROR_STATE
Definition pkcs11t.h:248
CKF_WRITE_PROTECTED
#define CKF_WRITE_PROTECTED
Definition pkcs11t.h:156
CKA_EC_PARAMS
#define CKA_EC_PARAMS
Definition pkcs11t.h:506
CKM_DES_MAC
#define CKM_DES_MAC
Definition pkcs11t.h:658
CKM_RC2_ECB
#define CKM_RC2_ECB
Definition pkcs11t.h:646
CKM_TLS12_KEY_AND_MAC_DERIVE
#define CKM_TLS12_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:823
CKA_WRAP
#define CKA_WRAP
Definition pkcs11t.h:465
CKA_CLASS
#define CKA_CLASS
Definition pkcs11t.h:437
CKK_SHA512_HMAC
#define CKK_SHA512_HMAC
Definition pkcs11t.h:377
CKR_KEY_NOT_WRAPPABLE
#define CKR_KEY_NOT_WRAPPABLE
Definition pkcs11t.h:1080
CKM_MD2_HMAC
#define CKM_MD2_HMAC
Definition pkcs11t.h:687
CKA_DERIVE_TEMPLATE
#define CKA_DERIVE_TEMPLATE
Definition pkcs11t.h:518
CKF_EC_NAMEDCURVE
#define CKF_EC_NAMEDCURVE
Definition pkcs11t.h:1025
CKF_NEXT_OTP
#define CKF_NEXT_OTP
Definition pkcs11t.h:1809
CKM_TLS12_MASTER_KEY_DERIVE_DH
#define CKM_TLS12_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:824
CKM_RC5_ECB
#define CKM_RC5_ECB
Definition pkcs11t.h:752
CKF_DONT_BLOCK
#define CKF_DONT_BLOCK
Definition pkcs11t.h:1234
CKM_SHA224_HMAC_GENERAL
#define CKM_SHA224_HMAC_GENERAL
Definition pkcs11t.h:712
CKA_HAS_RESET
#define CKA_HAS_RESET
Definition pkcs11t.h:541
CKA_OTP_SERVICE_LOGO
#define CKA_OTP_SERVICE_LOGO
Definition pkcs11t.h:532
CKA_SUBJECT
#define CKA_SUBJECT
Definition pkcs11t.h:460
CKM_DES3_MAC
#define CKM_DES3_MAC
Definition pkcs11t.h:667
CK_ATTRIBUTE
Definition pkcs11t.h:564
CK_C_INITIALIZE_ARGS
Definition pkcs11t.h:1213
CK_DATE
Definition pkcs11t.h:573
CK_ECDH1_DERIVE_PARAMS
Definition pkcs11t.h:1307
CK_INFO
Definition pkcs11t.h:86
CK_MECHANISM_INFO
Definition pkcs11t.h:995
CK_MECHANISM
Definition pkcs11t.h:983
CK_RSA_PKCS_OAEP_PARAMS
Definition pkcs11t.h:1266
CK_RSA_PKCS_PSS_PARAMS
Definition pkcs11t.h:1279
CK_SESSION_INFO
Definition pkcs11t.h:279
CK_SLOT_INFO
Definition pkcs11t.h:110
CK_TOKEN_INFO
Definition pkcs11t.h:130
Generated by doxygen 1.15.0