Botan 3.9.0
Crypto and TLS for C&
p11.h
Go to the documentation of this file.
1/*
2* PKCS#11
3* (C) 2016 Daniel Neus, Sirrix AG
4* (C) 2016 Philipp Weber, Sirrix AG
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_P11_H_
10#define BOTAN_P11_H_
11
12#include <botan/exceptn.h>
13#include <botan/secmem.h>
14
15#include <map>
16#include <string>
17#include <vector>
18
19// NOLINTBEGIN(*-macro-usage,*-macro-parentheses)
20
21#define CK_PTR *
22
23#if defined(_MSC_VER)
24 #define CK_DECLARE_FUNCTION(returnType, name) returnType __declspec(dllimport) name
25#else
26 #define CK_DECLARE_FUNCTION(returnType, name) returnType name
27#endif
28
29#if defined(_MSC_VER)
30 #define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType __declspec(dllimport)(*name)
31#else
32 #define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType(*name)
33#endif
34
35#define CK_CALLBACK_FUNCTION(returnType, name) returnType(*name)
36
37#ifndef NULL_PTR
38 #define NULL_PTR nullptr
39#endif
40
41#if defined(_MSC_VER)
42 #pragma pack(push, cryptoki, 1)
43#endif
44
45// NOLINTEND(*-macro-usage,*-macro-parentheses)
46
47#include "pkcs11.h"
48
49#if defined(_MSC_VER)
50 #pragma pack(pop, cryptoki)
51#endif
52
53static_assert(
54 // NOLINTNEXTLINE(misc-redundant-expression) clang-tidy doesn't realize there are macros involved here
55 CRYPTOKI_VERSION_MAJOR == 2 && CRYPTOKI_VERSION_MINOR == 40,
56 "The Botan PKCS#11 module was implemented against PKCS#11 v2.40. Please use the correct PKCS#11 headers.");
57
58namespace Botan {
59
60class Dynamically_Loaded_Library;
61
62namespace PKCS11 {
63
64using secure_string = secure_vector<uint8_t>;
65
66// NOLINTBEGIN(*-enum-size)
67
68enum class AttributeType : CK_ATTRIBUTE_TYPE {
69 Class = CKA_CLASS,
70 Token = CKA_TOKEN,
71 Private = CKA_PRIVATE,
72 Label = CKA_LABEL,
73 Application = CKA_APPLICATION,
74 Value = CKA_VALUE,
75 ObjectId = CKA_OBJECT_ID,
76 CertificateType = CKA_CERTIFICATE_TYPE,
77 Issuer = CKA_ISSUER,
78 SerialNumber = CKA_SERIAL_NUMBER,
79 AcIssuer = CKA_AC_ISSUER,
80 Owner = CKA_OWNER,
81 AttrTypes = CKA_ATTR_TYPES,
82 Trusted = CKA_TRUSTED,
83 CertificateCategory = CKA_CERTIFICATE_CATEGORY,
84 JavaMidpSecurityDomain = CKA_JAVA_MIDP_SECURITY_DOMAIN,
85 Url = CKA_URL,
86 HashOfSubjectPublicKey = CKA_HASH_OF_SUBJECT_PUBLIC_KEY,
87 HashOfIssuerPublicKey = CKA_HASH_OF_ISSUER_PUBLIC_KEY,
88 NameHashAlgorithm = CKA_NAME_HASH_ALGORITHM,
89 CheckValue = CKA_CHECK_VALUE,
90 KeyType = CKA_KEY_TYPE,
91 Subject = CKA_SUBJECT,
92 Id = CKA_ID,
93 Sensitive = CKA_SENSITIVE,
94 Encrypt = CKA_ENCRYPT,
95 Decrypt = CKA_DECRYPT,
96 Wrap = CKA_WRAP,
97 Unwrap = CKA_UNWRAP,
98 Sign = CKA_SIGN,
99 SignRecover = CKA_SIGN_RECOVER,
100 Verify = CKA_VERIFY,
101 VerifyRecover = CKA_VERIFY_RECOVER,
102 Derive = CKA_DERIVE,
103 StartDate = CKA_START_DATE,
104 EndDate = CKA_END_DATE,
105 Modulus = CKA_MODULUS,
106 ModulusBits = CKA_MODULUS_BITS,
107 PublicExponent = CKA_PUBLIC_EXPONENT,
108 PrivateExponent = CKA_PRIVATE_EXPONENT,
109 Prime1 = CKA_PRIME_1,
110 Prime2 = CKA_PRIME_2,
111 Exponent1 = CKA_EXPONENT_1,
112 Exponent2 = CKA_EXPONENT_2,
113 Coefficient = CKA_COEFFICIENT,
114 PublicKeyInfo = CKA_PUBLIC_KEY_INFO,
115 Prime = CKA_PRIME,
116 Subprime = CKA_SUBPRIME,
117 Base = CKA_BASE,
118 PrimeBits = CKA_PRIME_BITS,
119 SubprimeBits = CKA_SUBPRIME_BITS,
120 SubPrimeBits = CKA_SUB_PRIME_BITS,
121 ValueBits = CKA_VALUE_BITS,
122 ValueLen = CKA_VALUE_LEN,
123 Extractable = CKA_EXTRACTABLE,
124 Local = CKA_LOCAL,
125 NeverExtractable = CKA_NEVER_EXTRACTABLE,
126 AlwaysSensitive = CKA_ALWAYS_SENSITIVE,
127 KeyGenMechanism = CKA_KEY_GEN_MECHANISM,
128 Modifiable = CKA_MODIFIABLE,
129 Copyable = CKA_COPYABLE,
130 Destroyable = CKA_DESTROYABLE,
131 EcdsaParams = CKA_ECDSA_PARAMS,
132 EcParams = CKA_EC_PARAMS,
133 EcPoint = CKA_EC_POINT,
134 SecondaryAuth = CKA_SECONDARY_AUTH,
135 AuthPinFlags = CKA_AUTH_PIN_FLAGS,
136 AlwaysAuthenticate = CKA_ALWAYS_AUTHENTICATE,
137 WrapWithTrusted = CKA_WRAP_WITH_TRUSTED,
138 WrapTemplate = CKA_WRAP_TEMPLATE,
139 UnwrapTemplate = CKA_UNWRAP_TEMPLATE,
140 DeriveTemplate = CKA_DERIVE_TEMPLATE,
141 OtpFormat = CKA_OTP_FORMAT,
142 OtpLength = CKA_OTP_LENGTH,
143 OtpTimeInterval = CKA_OTP_TIME_INTERVAL,
144 OtpUserFriendlyMode = CKA_OTP_USER_FRIENDLY_MODE,
145 OtpChallengeRequirement = CKA_OTP_CHALLENGE_REQUIREMENT,
146 OtpTimeRequirement = CKA_OTP_TIME_REQUIREMENT,
147 OtpCounterRequirement = CKA_OTP_COUNTER_REQUIREMENT,
148 OtpPinRequirement = CKA_OTP_PIN_REQUIREMENT,
149 OtpCounter = CKA_OTP_COUNTER,
150 OtpTime = CKA_OTP_TIME,
151 OtpUserIdentifier = CKA_OTP_USER_IDENTIFIER,
152 OtpServiceIdentifier = CKA_OTP_SERVICE_IDENTIFIER,
153 OtpServiceLogo = CKA_OTP_SERVICE_LOGO,
154 OtpServiceLogoType = CKA_OTP_SERVICE_LOGO_TYPE,
155 Gostr3410Params = CKA_GOSTR3410_PARAMS,
156 Gostr3411Params = CKA_GOSTR3411_PARAMS,
157 Gost28147Params = CKA_GOST28147_PARAMS,
158 HwFeatureType = CKA_HW_FEATURE_TYPE,
159 ResetOnInit = CKA_RESET_ON_INIT,
160 HasReset = CKA_HAS_RESET,
161 PixelX = CKA_PIXEL_X,
162 PixelY = CKA_PIXEL_Y,
163 Resolution = CKA_RESOLUTION,
164 CharRows = CKA_CHAR_ROWS,
165 CharColumns = CKA_CHAR_COLUMNS,
166 Color = CKA_COLOR,
167 BitsPerPixel = CKA_BITS_PER_PIXEL,
168 CharSets = CKA_CHAR_SETS,
169 EncodingMethods = CKA_ENCODING_METHODS,
170 MimeTypes = CKA_MIME_TYPES,
171 MechanismType = CKA_MECHANISM_TYPE,
172 RequiredCmsAttributes = CKA_REQUIRED_CMS_ATTRIBUTES,
173 DefaultCmsAttributes = CKA_DEFAULT_CMS_ATTRIBUTES,
174 SupportedCmsAttributes = CKA_SUPPORTED_CMS_ATTRIBUTES,
175 AllowedMechanisms = CKA_ALLOWED_MECHANISMS,
176 VendorDefined = CKA_VENDOR_DEFINED,
177};
178
185
186/// Indicates if a stored certificate is a user certificate for which the corresponding private key is available
187/// on the token ("token user"), a CA certificate ("authority"), or another end-entity certificate ("other entity").
194
206
207enum class Flag : CK_FLAGS {
208 None = 0,
209 TokenPresent = CKF_TOKEN_PRESENT,
210 RemovableDevice = CKF_REMOVABLE_DEVICE,
211 HwSlot = CKF_HW_SLOT,
212 Rng = CKF_RNG,
213 WriteProtected = CKF_WRITE_PROTECTED,
214 LoginRequired = CKF_LOGIN_REQUIRED,
215 UserPinInitialized = CKF_USER_PIN_INITIALIZED,
216 RestoreKeyNotNeeded = CKF_RESTORE_KEY_NOT_NEEDED,
217 ClockOnToken = CKF_CLOCK_ON_TOKEN,
218 ProtectedAuthenticationPath = CKF_PROTECTED_AUTHENTICATION_PATH,
219 DualCryptoOperations = CKF_DUAL_CRYPTO_OPERATIONS,
220 TokenInitialized = CKF_TOKEN_INITIALIZED,
221 SecondaryAuthentication = CKF_SECONDARY_AUTHENTICATION,
222 UserPinCountLow = CKF_USER_PIN_COUNT_LOW,
223 UserPinFinalTry = CKF_USER_PIN_FINAL_TRY,
224 UserPinLocked = CKF_USER_PIN_LOCKED,
225 UserPinToBeChanged = CKF_USER_PIN_TO_BE_CHANGED,
226 SoPinCountLow = CKF_SO_PIN_COUNT_LOW,
227 SoPinFinalTry = CKF_SO_PIN_FINAL_TRY,
228 SoPinLocked = CKF_SO_PIN_LOCKED,
229 SoPinToBeChanged = CKF_SO_PIN_TO_BE_CHANGED,
230 ErrorState = CKF_ERROR_STATE,
231 RwSession = CKF_RW_SESSION,
232 SerialSession = CKF_SERIAL_SESSION,
233 ArrayAttribute = CKF_ARRAY_ATTRIBUTE,
234 Hw = CKF_HW,
235 Encrypt = CKF_ENCRYPT,
236 Decrypt = CKF_DECRYPT,
237 Digest = CKF_DIGEST,
238 Sign = CKF_SIGN,
239 SignRecover = CKF_SIGN_RECOVER,
240 Verify = CKF_VERIFY,
241 VerifyRecover = CKF_VERIFY_RECOVER,
242 Generate = CKF_GENERATE,
243 GenerateKeyPair = CKF_GENERATE_KEY_PAIR,
244 Wrap = CKF_WRAP,
245 Unwrap = CKF_UNWRAP,
246 Derive = CKF_DERIVE,
247 EcFP = CKF_EC_F_P,
248 EcF2m = CKF_EC_F_2M,
249 EcEcparameters = CKF_EC_ECPARAMETERS,
250 EcNamedcurve = CKF_EC_NAMEDCURVE,
251 EcUncompress = CKF_EC_UNCOMPRESS,
252 EcCompress = CKF_EC_COMPRESS,
253 Extension = CKF_EXTENSION,
254 LibraryCantCreateOsThreads = CKF_LIBRARY_CANT_CREATE_OS_THREADS,
255 OsLockingOk = CKF_OS_LOCKING_OK,
256 DontBlock = CKF_DONT_BLOCK,
257 NextOtp = CKF_NEXT_OTP,
258 ExcludeTime = CKF_EXCLUDE_TIME,
259 ExcludeCounter = CKF_EXCLUDE_COUNTER,
260 ExcludeChallenge = CKF_EXCLUDE_CHALLENGE,
261 ExcludePin = CKF_EXCLUDE_PIN,
262 UserFriendlyOtp = CKF_USER_FRIENDLY_OTP,
263};
264
265inline Flag operator|(Flag a, Flag b) {
266 // NOLINTNEXTLINE(clang-analyzer-optin.core.EnumCastOutOfRange)
267 return static_cast<Flag>(static_cast<CK_FLAGS>(a) | static_cast<CK_FLAGS>(b));
268}
269
278
285
332
333enum class MechanismType : CK_MECHANISM_TYPE {
334 RsaPkcsKeyPairGen = CKM_RSA_PKCS_KEY_PAIR_GEN,
335 RsaPkcs = CKM_RSA_PKCS,
336 Rsa9796 = CKM_RSA_9796,
337 RsaX509 = CKM_RSA_X_509,
338 Md2RsaPkcs = CKM_MD2_RSA_PKCS,
339 Md5RsaPkcs = CKM_MD5_RSA_PKCS,
340 Sha1RsaPkcs = CKM_SHA1_RSA_PKCS,
341 Ripemd128RsaPkcs = CKM_RIPEMD128_RSA_PKCS,
342 Ripemd160RsaPkcs = CKM_RIPEMD160_RSA_PKCS,
343 RsaPkcsOaep = CKM_RSA_PKCS_OAEP,
344 RsaX931KeyPairGen = CKM_RSA_X9_31_KEY_PAIR_GEN,
345 RsaX931 = CKM_RSA_X9_31,
346 Sha1RsaX931 = CKM_SHA1_RSA_X9_31,
347 RsaPkcsPss = CKM_RSA_PKCS_PSS,
348 Sha1RsaPkcsPss = CKM_SHA1_RSA_PKCS_PSS,
349 DsaKeyPairGen = CKM_DSA_KEY_PAIR_GEN,
350 Dsa = CKM_DSA,
351 DsaSha1 = CKM_DSA_SHA1,
352 DsaSha224 = CKM_DSA_SHA224,
353 DsaSha256 = CKM_DSA_SHA256,
354 DsaSha384 = CKM_DSA_SHA384,
355 DsaSha512 = CKM_DSA_SHA512,
356 DhPkcsKeyPairGen = CKM_DH_PKCS_KEY_PAIR_GEN,
357 DhPkcsDerive = CKM_DH_PKCS_DERIVE,
358 X942DhKeyPairGen = CKM_X9_42_DH_KEY_PAIR_GEN,
359 X942DhDerive = CKM_X9_42_DH_DERIVE,
360 X942DhHybridDerive = CKM_X9_42_DH_HYBRID_DERIVE,
361 X942MqvDerive = CKM_X9_42_MQV_DERIVE,
362 Sha256RsaPkcs = CKM_SHA256_RSA_PKCS,
363 Sha384RsaPkcs = CKM_SHA384_RSA_PKCS,
364 Sha512RsaPkcs = CKM_SHA512_RSA_PKCS,
365 Sha256RsaPkcsPss = CKM_SHA256_RSA_PKCS_PSS,
366 Sha384RsaPkcsPss = CKM_SHA384_RSA_PKCS_PSS,
367 Sha512RsaPkcsPss = CKM_SHA512_RSA_PKCS_PSS,
368 Sha224RsaPkcs = CKM_SHA224_RSA_PKCS,
369 Sha224RsaPkcsPss = CKM_SHA224_RSA_PKCS_PSS,
370 Sha512224 = CKM_SHA512_224,
371 Sha512224Hmac = CKM_SHA512_224_HMAC,
372 Sha512224HmacGeneral = CKM_SHA512_224_HMAC_GENERAL,
373 Sha512224KeyDerivation = CKM_SHA512_224_KEY_DERIVATION,
374 Sha512256 = CKM_SHA512_256,
375 Sha512256Hmac = CKM_SHA512_256_HMAC,
376 Sha512256HmacGeneral = CKM_SHA512_256_HMAC_GENERAL,
377 Sha512256KeyDerivation = CKM_SHA512_256_KEY_DERIVATION,
378 Sha512T = CKM_SHA512_T,
379 Sha512THmac = CKM_SHA512_T_HMAC,
380 Sha512THmacGeneral = CKM_SHA512_T_HMAC_GENERAL,
381 Sha512TKeyDerivation = CKM_SHA512_T_KEY_DERIVATION,
382 Rc2KeyGen = CKM_RC2_KEY_GEN,
383 Rc2Ecb = CKM_RC2_ECB,
384 Rc2Cbc = CKM_RC2_CBC,
385 Rc2Mac = CKM_RC2_MAC,
386 Rc2MacGeneral = CKM_RC2_MAC_GENERAL,
387 Rc2CbcPad = CKM_RC2_CBC_PAD,
388 Rc4KeyGen = CKM_RC4_KEY_GEN,
389 Rc4 = CKM_RC4,
390 DesKeyGen = CKM_DES_KEY_GEN,
391 DesEcb = CKM_DES_ECB,
392 DesCbc = CKM_DES_CBC,
393 DesMac = CKM_DES_MAC,
394 DesMacGeneral = CKM_DES_MAC_GENERAL,
395 DesCbcPad = CKM_DES_CBC_PAD,
396 Des2KeyGen = CKM_DES2_KEY_GEN,
397 Des3KeyGen = CKM_DES3_KEY_GEN,
398 Des3Ecb = CKM_DES3_ECB,
399 Des3Cbc = CKM_DES3_CBC,
400 Des3Mac = CKM_DES3_MAC,
401 Des3MacGeneral = CKM_DES3_MAC_GENERAL,
402 Des3CbcPad = CKM_DES3_CBC_PAD,
403 Des3CmacGeneral = CKM_DES3_CMAC_GENERAL,
404 Des3Cmac = CKM_DES3_CMAC,
405 CdmfKeyGen = CKM_CDMF_KEY_GEN,
406 CdmfEcb = CKM_CDMF_ECB,
407 CdmfCbc = CKM_CDMF_CBC,
408 CdmfMac = CKM_CDMF_MAC,
409 CdmfMacGeneral = CKM_CDMF_MAC_GENERAL,
410 CdmfCbcPad = CKM_CDMF_CBC_PAD,
411 DesOfb64 = CKM_DES_OFB64,
412 DesOfb8 = CKM_DES_OFB8,
413 DesCfb64 = CKM_DES_CFB64,
414 DesCfb8 = CKM_DES_CFB8,
415 Md2 = CKM_MD2,
416 Md2Hmac = CKM_MD2_HMAC,
417 Md2HmacGeneral = CKM_MD2_HMAC_GENERAL,
418 Md5 = CKM_MD5,
419 Md5Hmac = CKM_MD5_HMAC,
420 Md5HmacGeneral = CKM_MD5_HMAC_GENERAL,
421 Sha1 = CKM_SHA_1,
422 Sha1Hmac = CKM_SHA_1_HMAC,
423 Sha1HmacGeneral = CKM_SHA_1_HMAC_GENERAL,
424 Ripemd128 = CKM_RIPEMD128,
425 Ripemd128Hmac = CKM_RIPEMD128_HMAC,
426 Ripemd128HmacGeneral = CKM_RIPEMD128_HMAC_GENERAL,
427 Ripemd160 = CKM_RIPEMD160,
428 Ripemd160Hmac = CKM_RIPEMD160_HMAC,
429 Ripemd160HmacGeneral = CKM_RIPEMD160_HMAC_GENERAL,
430 Sha256 = CKM_SHA256,
431 Sha256Hmac = CKM_SHA256_HMAC,
432 Sha256HmacGeneral = CKM_SHA256_HMAC_GENERAL,
433 Sha224 = CKM_SHA224,
434 Sha224Hmac = CKM_SHA224_HMAC,
435 Sha224HmacGeneral = CKM_SHA224_HMAC_GENERAL,
436 Sha384 = CKM_SHA384,
437 Sha384Hmac = CKM_SHA384_HMAC,
438 Sha384HmacGeneral = CKM_SHA384_HMAC_GENERAL,
439 Sha512 = CKM_SHA512,
440 Sha512Hmac = CKM_SHA512_HMAC,
441 Sha512HmacGeneral = CKM_SHA512_HMAC_GENERAL,
442 SecuridKeyGen = CKM_SECURID_KEY_GEN,
443 Securid = CKM_SECURID,
444 HotpKeyGen = CKM_HOTP_KEY_GEN,
445 Hotp = CKM_HOTP,
446 Acti = CKM_ACTI,
447 ActiKeyGen = CKM_ACTI_KEY_GEN,
448 CastKeyGen = CKM_CAST_KEY_GEN,
449 CastEcb = CKM_CAST_ECB,
450 CastCbc = CKM_CAST_CBC,
451 CastMac = CKM_CAST_MAC,
452 CastMacGeneral = CKM_CAST_MAC_GENERAL,
453 CastCbcPad = CKM_CAST_CBC_PAD,
454 Cast3KeyGen = CKM_CAST3_KEY_GEN,
455 Cast3Ecb = CKM_CAST3_ECB,
456 Cast3Cbc = CKM_CAST3_CBC,
457 Cast3Mac = CKM_CAST3_MAC,
458 Cast3MacGeneral = CKM_CAST3_MAC_GENERAL,
459 Cast3CbcPad = CKM_CAST3_CBC_PAD,
460 Cast5KeyGen = CKM_CAST5_KEY_GEN,
461 Cast128KeyGen = CKM_CAST128_KEY_GEN,
462 Cast5Ecb = CKM_CAST5_ECB,
463 Cast128Ecb = CKM_CAST128_ECB,
464 Cast5Cbc = CKM_CAST5_CBC,
465 Cast128Cbc = CKM_CAST128_CBC,
466 Cast5Mac = CKM_CAST5_MAC,
467 Cast128Mac = CKM_CAST128_MAC,
468 Cast5MacGeneral = CKM_CAST5_MAC_GENERAL,
469 Cast128MacGeneral = CKM_CAST128_MAC_GENERAL,
470 Cast5CbcPad = CKM_CAST5_CBC_PAD,
471 Cast128CbcPad = CKM_CAST128_CBC_PAD,
472 Rc5KeyGen = CKM_RC5_KEY_GEN,
473 Rc5Ecb = CKM_RC5_ECB,
474 Rc5Cbc = CKM_RC5_CBC,
475 Rc5Mac = CKM_RC5_MAC,
476 Rc5MacGeneral = CKM_RC5_MAC_GENERAL,
477 Rc5CbcPad = CKM_RC5_CBC_PAD,
478 IdeaKeyGen = CKM_IDEA_KEY_GEN,
479 IdeaEcb = CKM_IDEA_ECB,
480 IdeaCbc = CKM_IDEA_CBC,
481 IdeaMac = CKM_IDEA_MAC,
482 IdeaMacGeneral = CKM_IDEA_MAC_GENERAL,
483 IdeaCbcPad = CKM_IDEA_CBC_PAD,
484 GenericSecretKeyGen = CKM_GENERIC_SECRET_KEY_GEN,
485 ConcatenateBaseAndKey = CKM_CONCATENATE_BASE_AND_KEY,
486 ConcatenateBaseAndData = CKM_CONCATENATE_BASE_AND_DATA,
487 ConcatenateDataAndBase = CKM_CONCATENATE_DATA_AND_BASE,
488 XorBaseAndData = CKM_XOR_BASE_AND_DATA,
489 ExtractKeyFromKey = CKM_EXTRACT_KEY_FROM_KEY,
490 Ssl3PreMasterKeyGen = CKM_SSL3_PRE_MASTER_KEY_GEN,
491 Ssl3MasterKeyDerive = CKM_SSL3_MASTER_KEY_DERIVE,
492 Ssl3KeyAndMacDerive = CKM_SSL3_KEY_AND_MAC_DERIVE,
493 Ssl3MasterKeyDeriveDh = CKM_SSL3_MASTER_KEY_DERIVE_DH,
494 TlsPreMasterKeyGen = CKM_TLS_PRE_MASTER_KEY_GEN,
495 TlsMasterKeyDerive = CKM_TLS_MASTER_KEY_DERIVE,
496 TlsKeyAndMacDerive = CKM_TLS_KEY_AND_MAC_DERIVE,
497 TlsMasterKeyDeriveDh = CKM_TLS_MASTER_KEY_DERIVE_DH,
498 TlsPrf = CKM_TLS_PRF,
499 Ssl3Md5Mac = CKM_SSL3_MD5_MAC,
500 Ssl3Sha1Mac = CKM_SSL3_SHA1_MAC,
501 Md5KeyDerivation = CKM_MD5_KEY_DERIVATION,
502 Md2KeyDerivation = CKM_MD2_KEY_DERIVATION,
503 Sha1KeyDerivation = CKM_SHA1_KEY_DERIVATION,
504 Sha256KeyDerivation = CKM_SHA256_KEY_DERIVATION,
505 Sha384KeyDerivation = CKM_SHA384_KEY_DERIVATION,
506 Sha512KeyDerivation = CKM_SHA512_KEY_DERIVATION,
507 Sha224KeyDerivation = CKM_SHA224_KEY_DERIVATION,
508 PbeMd2DesCbc = CKM_PBE_MD2_DES_CBC,
509 PbeMd5DesCbc = CKM_PBE_MD5_DES_CBC,
510 PbeMd5CastCbc = CKM_PBE_MD5_CAST_CBC,
511 PbeMd5Cast3Cbc = CKM_PBE_MD5_CAST3_CBC,
512 PbeMd5Cast5Cbc = CKM_PBE_MD5_CAST5_CBC,
513 PbeMd5Cast128Cbc = CKM_PBE_MD5_CAST128_CBC,
514 PbeSha1Cast5Cbc = CKM_PBE_SHA1_CAST5_CBC,
515 PbeSha1Cast128Cbc = CKM_PBE_SHA1_CAST128_CBC,
516 PbeSha1Rc4128 = CKM_PBE_SHA1_RC4_128,
517 PbeSha1Rc440 = CKM_PBE_SHA1_RC4_40,
518 PbeSha1Des3EdeCbc = CKM_PBE_SHA1_DES3_EDE_CBC,
519 PbeSha1Des2EdeCbc = CKM_PBE_SHA1_DES2_EDE_CBC,
520 PbeSha1Rc2128Cbc = CKM_PBE_SHA1_RC2_128_CBC,
521 PbeSha1Rc240Cbc = CKM_PBE_SHA1_RC2_40_CBC,
522 Pkcs5Pbkd2 = CKM_PKCS5_PBKD2,
523 PbaSha1WithSha1Hmac = CKM_PBA_SHA1_WITH_SHA1_HMAC,
524 WtlsPreMasterKeyGen = CKM_WTLS_PRE_MASTER_KEY_GEN,
525 WtlsMasterKeyDerive = CKM_WTLS_MASTER_KEY_DERIVE,
526 WtlsMasterKeyDeriveDhEcc = CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC,
527 WtlsPrf = CKM_WTLS_PRF,
528 WtlsServerKeyAndMacDerive = CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE,
529 WtlsClientKeyAndMacDerive = CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE,
530 Tls10MacServer = CKM_TLS10_MAC_SERVER,
531 Tls10MacClient = CKM_TLS10_MAC_CLIENT,
532 Tls12Mac = CKM_TLS12_MAC,
533 Tls12Kdf = CKM_TLS12_KDF,
534 Tls12MasterKeyDerive = CKM_TLS12_MASTER_KEY_DERIVE,
535 Tls12KeyAndMacDerive = CKM_TLS12_KEY_AND_MAC_DERIVE,
536 Tls12MasterKeyDeriveDh = CKM_TLS12_MASTER_KEY_DERIVE_DH,
537 Tls12KeySafeDerive = CKM_TLS12_KEY_SAFE_DERIVE,
538 TlsMac = CKM_TLS_MAC,
539 TlsKdf = CKM_TLS_KDF,
540 KeyWrapLynks = CKM_KEY_WRAP_LYNKS,
541 KeyWrapSetOaep = CKM_KEY_WRAP_SET_OAEP,
542 CmsSig = CKM_CMS_SIG,
543 KipDerive = CKM_KIP_DERIVE,
544 KipWrap = CKM_KIP_WRAP,
545 KipMac = CKM_KIP_MAC,
546 CamelliaKeyGen = CKM_CAMELLIA_KEY_GEN,
547 CamelliaEcb = CKM_CAMELLIA_ECB,
548 CamelliaCbc = CKM_CAMELLIA_CBC,
549 CamelliaMac = CKM_CAMELLIA_MAC,
550 CamelliaMacGeneral = CKM_CAMELLIA_MAC_GENERAL,
551 CamelliaCbcPad = CKM_CAMELLIA_CBC_PAD,
552 CamelliaEcbEncryptData = CKM_CAMELLIA_ECB_ENCRYPT_DATA,
553 CamelliaCbcEncryptData = CKM_CAMELLIA_CBC_ENCRYPT_DATA,
554 CamelliaCtr = CKM_CAMELLIA_CTR,
555 AriaKeyGen = CKM_ARIA_KEY_GEN,
556 AriaEcb = CKM_ARIA_ECB,
557 AriaCbc = CKM_ARIA_CBC,
558 AriaMac = CKM_ARIA_MAC,
559 AriaMacGeneral = CKM_ARIA_MAC_GENERAL,
560 AriaCbcPad = CKM_ARIA_CBC_PAD,
561 AriaEcbEncryptData = CKM_ARIA_ECB_ENCRYPT_DATA,
562 AriaCbcEncryptData = CKM_ARIA_CBC_ENCRYPT_DATA,
563 SeedKeyGen = CKM_SEED_KEY_GEN,
564 SeedEcb = CKM_SEED_ECB,
565 SeedCbc = CKM_SEED_CBC,
566 SeedMac = CKM_SEED_MAC,
567 SeedMacGeneral = CKM_SEED_MAC_GENERAL,
568 SeedCbcPad = CKM_SEED_CBC_PAD,
569 SeedEcbEncryptData = CKM_SEED_ECB_ENCRYPT_DATA,
570 SeedCbcEncryptData = CKM_SEED_CBC_ENCRYPT_DATA,
571 SkipjackKeyGen = CKM_SKIPJACK_KEY_GEN,
572 SkipjackEcb64 = CKM_SKIPJACK_ECB64,
573 SkipjackCbc64 = CKM_SKIPJACK_CBC64,
574 SkipjackOfb64 = CKM_SKIPJACK_OFB64,
575 SkipjackCfb64 = CKM_SKIPJACK_CFB64,
576 SkipjackCfb32 = CKM_SKIPJACK_CFB32,
577 SkipjackCfb16 = CKM_SKIPJACK_CFB16,
578 SkipjackCfb8 = CKM_SKIPJACK_CFB8,
579 SkipjackWrap = CKM_SKIPJACK_WRAP,
580 SkipjackPrivateWrap = CKM_SKIPJACK_PRIVATE_WRAP,
581 SkipjackRelayx = CKM_SKIPJACK_RELAYX,
582 KeaKeyPairGen = CKM_KEA_KEY_PAIR_GEN,
583 KeaKeyDerive = CKM_KEA_KEY_DERIVE,
584 KeaDerive = CKM_KEA_DERIVE,
585 FortezzaTimestamp = CKM_FORTEZZA_TIMESTAMP,
586 BatonKeyGen = CKM_BATON_KEY_GEN,
587 BatonEcb128 = CKM_BATON_ECB128,
588 BatonEcb96 = CKM_BATON_ECB96,
589 BatonCbc128 = CKM_BATON_CBC128,
590 BatonCounter = CKM_BATON_COUNTER,
591 BatonShuffle = CKM_BATON_SHUFFLE,
592 BatonWrap = CKM_BATON_WRAP,
593 EcdsaKeyPairGen = CKM_ECDSA_KEY_PAIR_GEN,
594 EcKeyPairGen = CKM_EC_KEY_PAIR_GEN,
595 Ecdsa = CKM_ECDSA,
596 EcdsaSha1 = CKM_ECDSA_SHA1,
597 EcdsaSha224 = CKM_ECDSA_SHA224,
598 EcdsaSha256 = CKM_ECDSA_SHA256,
599 EcdsaSha384 = CKM_ECDSA_SHA384,
600 EcdsaSha512 = CKM_ECDSA_SHA512,
601 Ecdh1Derive = CKM_ECDH1_DERIVE,
602 Ecdh1CofactorDerive = CKM_ECDH1_COFACTOR_DERIVE,
603 EcmqvDerive = CKM_ECMQV_DERIVE,
604 EcdhAesKeyWrap = CKM_ECDH_AES_KEY_WRAP,
605 RsaAesKeyWrap = CKM_RSA_AES_KEY_WRAP,
606 JuniperKeyGen = CKM_JUNIPER_KEY_GEN,
607 JuniperEcb128 = CKM_JUNIPER_ECB128,
608 JuniperCbc128 = CKM_JUNIPER_CBC128,
609 JuniperCounter = CKM_JUNIPER_COUNTER,
610 JuniperShuffle = CKM_JUNIPER_SHUFFLE,
611 JuniperWrap = CKM_JUNIPER_WRAP,
612 Fasthash = CKM_FASTHASH,
613 AesKeyGen = CKM_AES_KEY_GEN,
614 AesEcb = CKM_AES_ECB,
615 AesCbc = CKM_AES_CBC,
616 AesMac = CKM_AES_MAC,
617 AesMacGeneral = CKM_AES_MAC_GENERAL,
618 AesCbcPad = CKM_AES_CBC_PAD,
619 AesCtr = CKM_AES_CTR,
620 AesGcm = CKM_AES_GCM,
621 AesCcm = CKM_AES_CCM,
622 AesCts = CKM_AES_CTS,
623 AesCmac = CKM_AES_CMAC,
624 AesCmacGeneral = CKM_AES_CMAC_GENERAL,
625 AesXcbcMac = CKM_AES_XCBC_MAC,
626 AesXcbcMac96 = CKM_AES_XCBC_MAC_96,
627 AesGmac = CKM_AES_GMAC,
628 BlowfishKeyGen = CKM_BLOWFISH_KEY_GEN,
629 BlowfishCbc = CKM_BLOWFISH_CBC,
630 TwofishKeyGen = CKM_TWOFISH_KEY_GEN,
631 TwofishCbc = CKM_TWOFISH_CBC,
632 BlowfishCbcPad = CKM_BLOWFISH_CBC_PAD,
633 TwofishCbcPad = CKM_TWOFISH_CBC_PAD,
634 DesEcbEncryptData = CKM_DES_ECB_ENCRYPT_DATA,
635 DesCbcEncryptData = CKM_DES_CBC_ENCRYPT_DATA,
636 Des3EcbEncryptData = CKM_DES3_ECB_ENCRYPT_DATA,
637 Des3CbcEncryptData = CKM_DES3_CBC_ENCRYPT_DATA,
638 AesEcbEncryptData = CKM_AES_ECB_ENCRYPT_DATA,
639 AesCbcEncryptData = CKM_AES_CBC_ENCRYPT_DATA,
640 Gostr3410KeyPairGen = CKM_GOSTR3410_KEY_PAIR_GEN,
641 Gostr3410 = CKM_GOSTR3410,
642 Gostr3410WithGostr3411 = CKM_GOSTR3410_WITH_GOSTR3411,
643 Gostr3410KeyWrap = CKM_GOSTR3410_KEY_WRAP,
644 Gostr3410Derive = CKM_GOSTR3410_DERIVE,
645 Gostr3411 = CKM_GOSTR3411,
646 Gostr3411Hmac = CKM_GOSTR3411_HMAC,
647 Gost28147KeyGen = CKM_GOST28147_KEY_GEN,
648 Gost28147Ecb = CKM_GOST28147_ECB,
649 Gost28147 = CKM_GOST28147,
650 Gost28147Mac = CKM_GOST28147_MAC,
651 Gost28147KeyWrap = CKM_GOST28147_KEY_WRAP,
652 DsaParameterGen = CKM_DSA_PARAMETER_GEN,
653 DhPkcsParameterGen = CKM_DH_PKCS_PARAMETER_GEN,
654 X942DhParameterGen = CKM_X9_42_DH_PARAMETER_GEN,
655 DsaProbablisticParameterGen = CKM_DSA_PROBABLISTIC_PARAMETER_GEN,
656 DsaShaweTaylorParameterGen = CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN,
657 AesOfb = CKM_AES_OFB,
658 AesCfb64 = CKM_AES_CFB64,
659 AesCfb8 = CKM_AES_CFB8,
660 AesCfb128 = CKM_AES_CFB128,
661 AesCfb1 = CKM_AES_CFB1,
662 AesKeyWrap = CKM_AES_KEY_WRAP,
663 AesKeyWrapPad = CKM_AES_KEY_WRAP_PAD,
664 RsaPkcsTpm11 = CKM_RSA_PKCS_TPM_1_1,
665 RsaPkcsOaepTpm11 = CKM_RSA_PKCS_OAEP_TPM_1_1,
666 VendorDefined = CKM_VENDOR_DEFINED,
667};
668
673
686
697
705
706enum class ReturnValue : CK_RV {
707 OK = CKR_OK,
708 Cancel = CKR_CANCEL,
709 HostMemory = CKR_HOST_MEMORY,
710 SlotIdInvalid = CKR_SLOT_ID_INVALID,
711 GeneralError = CKR_GENERAL_ERROR,
712 FunctionFailed = CKR_FUNCTION_FAILED,
713 ArgumentsBad = CKR_ARGUMENTS_BAD,
714 NoEvent = CKR_NO_EVENT,
715 NeedToCreateThreads = CKR_NEED_TO_CREATE_THREADS,
716 CantLock = CKR_CANT_LOCK,
717 AttributeReadOnly = CKR_ATTRIBUTE_READ_ONLY,
718 AttributeSensitive = CKR_ATTRIBUTE_SENSITIVE,
719 AttributeTypeInvalid = CKR_ATTRIBUTE_TYPE_INVALID,
720 AttributeValueInvalid = CKR_ATTRIBUTE_VALUE_INVALID,
721 ActionProhibited = CKR_ACTION_PROHIBITED,
722 DataInvalid = CKR_DATA_INVALID,
723 DataLenRange = CKR_DATA_LEN_RANGE,
724 DeviceError = CKR_DEVICE_ERROR,
725 DeviceMemory = CKR_DEVICE_MEMORY,
726 DeviceRemoved = CKR_DEVICE_REMOVED,
727 EncryptedDataInvalid = CKR_ENCRYPTED_DATA_INVALID,
728 EncryptedDataLenRange = CKR_ENCRYPTED_DATA_LEN_RANGE,
729 FunctionCanceled = CKR_FUNCTION_CANCELED,
730 FunctionNotParallel = CKR_FUNCTION_NOT_PARALLEL,
731 FunctionNotSupported = CKR_FUNCTION_NOT_SUPPORTED,
732 KeyHandleInvalid = CKR_KEY_HANDLE_INVALID,
733 KeySizeRange = CKR_KEY_SIZE_RANGE,
734 KeyTypeInconsistent = CKR_KEY_TYPE_INCONSISTENT,
735 KeyNotNeeded = CKR_KEY_NOT_NEEDED,
736 KeyChanged = CKR_KEY_CHANGED,
737 KeyNeeded = CKR_KEY_NEEDED,
738 KeyIndigestible = CKR_KEY_INDIGESTIBLE,
739 KeyFunctionNotPermitted = CKR_KEY_FUNCTION_NOT_PERMITTED,
740 KeyNotWrappable = CKR_KEY_NOT_WRAPPABLE,
741 KeyUnextractable = CKR_KEY_UNEXTRACTABLE,
742 MechanismInvalid = CKR_MECHANISM_INVALID,
743 MechanismParamInvalid = CKR_MECHANISM_PARAM_INVALID,
744 ObjectHandleInvalid = CKR_OBJECT_HANDLE_INVALID,
745 OperationActive = CKR_OPERATION_ACTIVE,
746 OperationNotInitialized = CKR_OPERATION_NOT_INITIALIZED,
747 PinIncorrect = CKR_PIN_INCORRECT,
748 PinInvalid = CKR_PIN_INVALID,
749 PinLenRange = CKR_PIN_LEN_RANGE,
750 PinExpired = CKR_PIN_EXPIRED,
751 PinLocked = CKR_PIN_LOCKED,
752 SessionClosed = CKR_SESSION_CLOSED,
753 SessionCount = CKR_SESSION_COUNT,
754 SessionHandleInvalid = CKR_SESSION_HANDLE_INVALID,
755 SessionParallelNotSupported = CKR_SESSION_PARALLEL_NOT_SUPPORTED,
756 SessionReadOnly = CKR_SESSION_READ_ONLY,
757 SessionExists = CKR_SESSION_EXISTS,
758 SessionReadOnlyExists = CKR_SESSION_READ_ONLY_EXISTS,
759 SessionReadWriteSoExists = CKR_SESSION_READ_WRITE_SO_EXISTS,
760 SignatureInvalid = CKR_SIGNATURE_INVALID,
761 SignatureLenRange = CKR_SIGNATURE_LEN_RANGE,
762 TemplateIncomplete = CKR_TEMPLATE_INCOMPLETE,
763 TemplateInconsistent = CKR_TEMPLATE_INCONSISTENT,
764 TokenNotPresent = CKR_TOKEN_NOT_PRESENT,
765 TokenNotRecognized = CKR_TOKEN_NOT_RECOGNIZED,
766 TokenWriteProtected = CKR_TOKEN_WRITE_PROTECTED,
767 UnwrappingKeyHandleInvalid = CKR_UNWRAPPING_KEY_HANDLE_INVALID,
768 UnwrappingKeySizeRange = CKR_UNWRAPPING_KEY_SIZE_RANGE,
769 UnwrappingKeyTypeInconsistent = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT,
770 UserAlreadyLoggedIn = CKR_USER_ALREADY_LOGGED_IN,
771 UserNotLoggedIn = CKR_USER_NOT_LOGGED_IN,
772 UserPinNotInitialized = CKR_USER_PIN_NOT_INITIALIZED,
773 UserTypeInvalid = CKR_USER_TYPE_INVALID,
774 UserAnotherAlreadyLoggedIn = CKR_USER_ANOTHER_ALREADY_LOGGED_IN,
775 UserTooManyTypes = CKR_USER_TOO_MANY_TYPES,
776 WrappedKeyInvalid = CKR_WRAPPED_KEY_INVALID,
777 WrappedKeyLenRange = CKR_WRAPPED_KEY_LEN_RANGE,
778 WrappingKeyHandleInvalid = CKR_WRAPPING_KEY_HANDLE_INVALID,
779 WrappingKeySizeRange = CKR_WRAPPING_KEY_SIZE_RANGE,
780 WrappingKeyTypeInconsistent = CKR_WRAPPING_KEY_TYPE_INCONSISTENT,
781 RandomSeedNotSupported = CKR_RANDOM_SEED_NOT_SUPPORTED,
782 RandomNoRng = CKR_RANDOM_NO_RNG,
783 DomainParamsInvalid = CKR_DOMAIN_PARAMS_INVALID,
784 CurveNotSupported = CKR_CURVE_NOT_SUPPORTED,
785 BufferTooSmall = CKR_BUFFER_TOO_SMALL,
786 SavedStateInvalid = CKR_SAVED_STATE_INVALID,
787 InformationSensitive = CKR_INFORMATION_SENSITIVE,
788 StateUnsaveable = CKR_STATE_UNSAVEABLE,
789 CryptokiNotInitialized = CKR_CRYPTOKI_NOT_INITIALIZED,
790 CryptokiAlreadyInitialized = CKR_CRYPTOKI_ALREADY_INITIALIZED,
791 MutexBad = CKR_MUTEX_BAD,
792 MutexNotLocked = CKR_MUTEX_NOT_LOCKED,
793 NewPinMode = CKR_NEW_PIN_MODE,
794 NextOtp = CKR_NEXT_OTP,
795 ExceededMaxIterations = CKR_EXCEEDED_MAX_ITERATIONS,
796 FipsSelfTestFailed = CKR_FIPS_SELF_TEST_FAILED,
797 LibraryLoadFailed = CKR_LIBRARY_LOAD_FAILED,
798 PinTooWeak = CKR_PIN_TOO_WEAK,
799 PublicKeyInvalid = CKR_PUBLIC_KEY_INVALID,
800 FunctionRejected = CKR_FUNCTION_REJECTED,
801 VendorDefined = CKR_VENDOR_DEFINED,
802};
803
809
810enum class PublicPointEncoding : uint32_t { Raw, Der };
811
812// NOLINTEND(*-enum-size)
813
814using FunctionListPtr = CK_FUNCTION_LIST_PTR;
815using VoidPtr = CK_VOID_PTR;
816using C_InitializeArgs = CK_C_INITIALIZE_ARGS;
817using CreateMutex = CK_CREATEMUTEX;
818using DestroyMutex = CK_DESTROYMUTEX;
819using LockMutex = CK_LOCKMUTEX;
820using UnlockMutex = CK_UNLOCKMUTEX;
821using Flags = CK_FLAGS;
822using Info = CK_INFO;
823using Bbool = CK_BBOOL;
824using SlotId = CK_SLOT_ID;
825using Ulong = CK_ULONG;
826using SlotInfo = CK_SLOT_INFO;
827using TokenInfo = CK_TOKEN_INFO;
828using Mechanism = CK_MECHANISM;
829using MechanismInfo = CK_MECHANISM_INFO;
830using Utf8Char = CK_UTF8CHAR;
831using Notify = CK_NOTIFY;
832using SessionHandle = CK_SESSION_HANDLE;
833using SessionInfo = CK_SESSION_INFO;
834using Attribute = CK_ATTRIBUTE;
835using ObjectHandle = CK_OBJECT_HANDLE;
836using Byte = CK_BYTE;
837using RsaPkcsOaepParams = CK_RSA_PKCS_OAEP_PARAMS;
838using RsaPkcsPssParams = CK_RSA_PKCS_PSS_PARAMS;
839using Ecdh1DeriveParams = CK_ECDH1_DERIVE_PARAMS;
840using Date = CK_DATE;
841
842// NOLINTNEXTLINE(*-avoid-non-const-global-variables) TODO can this be made const?
843BOTAN_PUBLIC_API(2, 0) extern ReturnValue* ThrowException;
844
845const Bbool True = CK_TRUE;
846const Bbool False = CK_FALSE;
847
848inline Flags flags(Flag flags) {
849 return static_cast<Flags>(flags);
850}
851
852class Slot;
853
854/**
855* Initializes a token
856* @param slot The slot with the attached token that should be initialized
857* @param label The token label
858* @param so_pin PIN of the security officer. Will be set if the token is uninitialized other this has to be the current SO_PIN
859* @param pin The user PIN that will be set
860*/
861BOTAN_PUBLIC_API(2, 0)
862void initialize_token(Slot& slot, std::string_view label, const secure_string& so_pin, const secure_string& pin);
863
864/**
865* Change PIN with old PIN to new PIN
866* @param slot The slot with the attached token
867* @param old_pin The old user PIN
868* @param new_pin The new user PIN
869*/
870
871BOTAN_PUBLIC_API(2, 0) void change_pin(Slot& slot, const secure_string& old_pin, const secure_string& new_pin);
872
873/**
874* Change SO_PIN with old SO_PIN to new SO_PIN
875* @param slot The slot with the attached token
876* @param old_so_pin The old SO_PIN
877* @param new_so_pin The new SO_PIN
878*/
879BOTAN_PUBLIC_API(2, 0) void change_so_pin(Slot& slot, const secure_string& old_so_pin, const secure_string& new_so_pin);
880
881/**
882* Sets user PIN with SO_PIN
883* @param slot The slot with the attached token
884* @param so_pin PIN of the security officer
885* @param pin The user PIN that should be set
886*/
887BOTAN_PUBLIC_API(2, 0) void set_pin(Slot& slot, const secure_string& so_pin, const secure_string& pin);
888
889/// Provides access to all PKCS#11 functions
890class BOTAN_PUBLIC_API(2, 0) LowLevel {
891 public:
892 /// @param ptr the functon list pointer to use. Can be retrieved via `LowLevel::C_GetFunctionList`
893 explicit LowLevel(FunctionListPtr ptr);
894
895 /****************************** General purpose functions ******************************/
896
897 /**
898 * C_Initialize initializes the Cryptoki library.
899 * @param init_args if this is not nullptr, it gets cast to (`C_InitializeArgs`) and dereferenced
900 * @param return_value default value (`ThrowException`): throw exception on error.
901 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
902 * At least the following PKCS#11 return values may be returned:
903 * \li ArgumentsBad \li CantLock \li CryptokiAlreadyInitialized
904 * \li FunctionFailed \li GeneralError \li HostMemory
905 * \li NeedToCreateThreads \li OK
906 * @return true on success, false otherwise
907 */
908 bool C_Initialize(VoidPtr init_args, ReturnValue* return_value = ThrowException) const;
909
910 /**
911 * C_Finalize indicates that an application is done with the Cryptoki library.
912 * @param reserved reserved. Should be nullptr
913 * @param return_value default value (`ThrowException`): throw exception on error.
914 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
915 * At least the following PKCS#11 return values may be returned:
916 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
917 * \li GeneralError \li HostMemory \li OK
918 * @return true on success, false otherwise
919 */
920 bool C_Finalize(VoidPtr reserved, ReturnValue* return_value = ThrowException) const;
921
922 /**
923 * C_GetInfo returns general information about Cryptoki.
924 * @param info_ptr location that receives information
925 * @param return_value default value (`ThrowException`): throw exception on error.
926 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
927 * At least the following PKCS#11 return values may be returned:
928 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
929 * \li GeneralError \li HostMemory \li OK
930 * @return true on success, false otherwise
931 */
932 bool C_GetInfo(Info* info_ptr, ReturnValue* return_value = ThrowException) const;
933
934 /**
935 * C_GetFunctionList returns the function list.
936 * @param pkcs11_module The PKCS#11 module
937 * @param function_list_ptr_ptr receives pointer to function list
938 * @param return_value default value (`ThrowException`): throw exception on error.
939 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
940 * At least the following PKCS#11 return values may be returned:
941 * \li ArgumentsBad \li FunctionFailed \li GeneralError
942 * \li HostMemory \li OK
943 * @return true on success, false otherwise
944 */
945 static bool C_GetFunctionList(Dynamically_Loaded_Library& pkcs11_module,
946 FunctionListPtr* function_list_ptr_ptr,
947 ReturnValue* return_value = ThrowException);
948
949 /****************************** Slot and token management functions ******************************/
950
951 /**
952 * C_GetSlotList obtains a list of slots in the system.
953 * @param token_present only slots with tokens
954 * @param slot_list_ptr receives array of slot IDs
955 * @param count_ptr receives number of slots
956 * @param return_value default value (`ThrowException`): throw exception on error.
957 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
958 * At least the following PKCS#11 return values may be returned:
959 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
960 * \li FunctionFailed \li GeneralError \li HostMemory
961 * \li OK
962 * @return true on success, false otherwise
963 */
964 bool C_GetSlotList(Bbool token_present,
965 SlotId* slot_list_ptr,
966 Ulong* count_ptr,
967 ReturnValue* return_value = ThrowException) const;
968
969 /**
970 * C_GetSlotList obtains a list of slots in the system.
971 * @param token_present only slots with tokens
972 * @param slot_ids receives vector of slot IDs
973 * @param return_value default value (`ThrowException`): throw exception on error.
974 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
975 * At least the following PKCS#11 return values may be returned:
976 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
977 * \li FunctionFailed \li GeneralError \li HostMemory
978 * \li OK
979 * @return true on success, false otherwise
980 */
981 bool C_GetSlotList(bool token_present,
982 std::vector<SlotId>& slot_ids,
983 ReturnValue* return_value = ThrowException) const;
984
985 /**
986 * C_GetSlotInfo obtains information about a particular slot in the system.
987 * @param slot_id the ID of the slot
988 * @param info_ptr receives the slot information
989 * @param return_value default value (`ThrowException`): throw exception on error.
990 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
991 * At least the following PKCS#11 return values may be returned:
992 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
993 * \li FunctionFailed \li GeneralError \li HostMemory
994 * \li OK \li SlotIdInvalid
995 * @return true on success, false otherwise
996 */
997 bool C_GetSlotInfo(SlotId slot_id, SlotInfo* info_ptr, ReturnValue* return_value = ThrowException) const;
998
999 /**
1000 * C_GetTokenInfo obtains information about a particular token in the system.
1001 * @param slot_id ID of the token's slot
1002 * @param info_ptr receives the token information
1003 * @param return_value default value (`ThrowException`): throw exception on error.
1004 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1005 * At least the following PKCS#11 return values may be returned:
1006 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1007 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1008 * \li HostMemory \li OK \li SlotIdInvalid
1009 * \li TokenNotPresent \li TokenNotRecognized \li ArgumentsBad
1010 * @return true on success, false otherwise
1011 */
1012 bool C_GetTokenInfo(SlotId slot_id, TokenInfo* info_ptr, ReturnValue* return_value = ThrowException) const;
1013
1014 /**
1015 * C_WaitForSlotEvent waits for a slot event (token insertion, removal, etc.) to occur.
1016 * @param flags blocking/nonblocking flag
1017 * @param slot_ptr location that receives the slot ID
1018 * @param reserved reserved. Should be NULL_PTR
1019 * @param return_value default value (`ThrowException`): throw exception on error.
1020 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1021 * At least the following PKCS#11 return values may be returned:
1022 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
1023 * \li GeneralError \li HostMemory \li NoEvent
1024 * \li OK
1025 * @return true on success, false otherwise
1026 */
1027 bool C_WaitForSlotEvent(Flags flags,
1028 SlotId* slot_ptr,
1029 VoidPtr reserved,
1030 ReturnValue* return_value = ThrowException) const;
1031
1032 /**
1033 * C_GetMechanismList obtains a list of mechanism types supported by a token.
1034 * @param slot_id ID of token's slot
1035 * @param mechanism_list_ptr gets mech. array
1036 * @param count_ptr gets # of mechs.
1037 * @param return_value default value (`ThrowException`): throw exception on error.
1038 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1039 * At least the following PKCS#11 return values may be returned:
1040 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1041 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1042 * \li GeneralError \li HostMemory \li OK
1043 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1044 * \li ArgumentsBad
1045 * @return true on success, false otherwise
1046 */
1047 bool C_GetMechanismList(SlotId slot_id,
1048 MechanismType* mechanism_list_ptr,
1049 Ulong* count_ptr,
1050 ReturnValue* return_value = ThrowException) const;
1051
1052 /**
1053 * C_GetMechanismList obtains a list of mechanism types supported by a token.
1054 * @param slot_id ID of token's slot
1055 * @param mechanisms receives vector of supported mechanisms
1056 * @param return_value default value (`ThrowException`): throw exception on error.
1057 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1058 * At least the following PKCS#11 return values may be returned:
1059 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1060 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1061 * \li GeneralError \li HostMemory \li OK
1062 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1063 * \li ArgumentsBad
1064 * @return true on success, false otherwise
1065 */
1066 bool C_GetMechanismList(SlotId slot_id,
1067 std::vector<MechanismType>& mechanisms,
1068 ReturnValue* return_value = ThrowException) const;
1069
1070 /**
1071 * C_GetMechanismInfo obtains information about a particular mechanism possibly supported by a token.
1072 * @param slot_id ID of the token's slot
1073 * @param type type of mechanism
1074 * @param info_ptr receives mechanism info
1075 * @param return_value default value (`ThrowException`): throw exception on error.
1076 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1077 * At least the following PKCS#11 return values may be returned:
1078 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1079 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1080 * \li HostMemory \li MechanismInvalid \li OK
1081 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1082 * \li ArgumentsBad
1083 * @return true on success, false otherwise
1084 */
1085 bool C_GetMechanismInfo(SlotId slot_id,
1086 MechanismType type,
1087 MechanismInfo* info_ptr,
1088 ReturnValue* return_value = ThrowException) const;
1089
1090 /**
1091 * C_InitToken initializes a token.
1092 * @param slot_id ID of the token's slot
1093 * @param so_pin_ptr the SO's initial PIN
1094 * @param so_pin_len length in bytes of the SO_PIN
1095 * @param label_ptr 32-byte token label (blank padded)
1096 * @param return_value default value (`ThrowException`): throw exception on error.
1097 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1098 * At least the following PKCS#11 return values may be returned:
1099 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1100 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1101 * \li GeneralError \li HostMemory \li OK
1102 * \li PinIncorrect \li PinLocked \li SessionExists
1103 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1104 * \li TokenWriteProtected \li ArgumentsBad
1105 * @return true on success, false otherwise
1106 */
1107 bool C_InitToken(SlotId slot_id,
1108 Utf8Char* so_pin_ptr,
1109 Ulong so_pin_len,
1110 Utf8Char* label_ptr,
1111 ReturnValue* return_value = ThrowException) const;
1112
1113 /**
1114 * C_InitToken initializes a token.
1115 * @param slot_id ID of the token's slot
1116 * @param so_pin the SO's initial PIN
1117 * @param label token label (at max 32 bytes long)
1118 * @param return_value default value (`ThrowException`): throw exception on error.
1119 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1120 * At least the following PKCS#11 return values may be returned:
1121 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1122 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1123 * \li GeneralError \li HostMemory \li OK
1124 * \li PinIncorrect \li PinLocked \li SessionExists
1125 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1126 * \li TokenWriteProtected \li ArgumentsBad
1127 * @return true on success, false otherwise
1128 */
1129 template <typename TAlloc>
1130 bool C_InitToken(SlotId slot_id,
1131 const std::vector<uint8_t, TAlloc>& so_pin,
1132 std::string_view label,
1133 ReturnValue* return_value = ThrowException) const {
1134 std::string padded_label(label);
1135 if(label.size() < 32) {
1136 padded_label.insert(padded_label.end(), 32 - label.size(), ' ');
1137 }
1138
1139 return C_InitToken(slot_id,
1140 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(so_pin.data())),
1141 static_cast<Ulong>(so_pin.size()),
1142 reinterpret_cast<Utf8Char*>(const_cast<char*>(padded_label.c_str())),
1143 return_value);
1144 }
1145
1146 /**
1147 * C_InitPIN initializes the normal user's PIN.
1148 * @param session the session's handle
1149 * @param pin_ptr the normal user's PIN
1150 * @param pin_len length in bytes of the PIN
1151 * @param return_value default value (`ThrowException`): throw exception on error.
1152 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1153 * At least the following PKCS#11 return values may be returned:
1154 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1155 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1156 * \li GeneralError \li HostMemory \li OK
1157 * \li PinInvalid \li PinLenRange \li SessionClosed
1158 * \li SessionReadOnly \li SessionHandleInvalid \li TokenWriteProtected
1159 * \li UserNotLoggedIn \li ArgumentsBad
1160 * @return true on success, false otherwise
1161 */
1162 bool C_InitPIN(SessionHandle session,
1163 Utf8Char* pin_ptr,
1164 Ulong pin_len,
1165 ReturnValue* return_value = ThrowException) const;
1166
1167 /**
1168 * C_InitPIN initializes the normal user's PIN.
1169 * @param session the session's handle
1170 * @param pin the normal user's PIN
1171 * @param return_value default value (`ThrowException`): throw exception on error.
1172 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1173 * At least the following PKCS#11 return values may be returned:
1174 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1175 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1176 * \li GeneralError \li HostMemory \li OK
1177 * \li PinInvalid \li PinLenRange \li SessionClosed
1178 * \li SessionReadOnly \li SessionHandleInvalid \li TokenWriteProtected
1179 * \li UserNotLoggedIn \li ArgumentsBad
1180 * @return true on success, false otherwise
1181 */
1182 template <typename TAlloc>
1183 bool C_InitPIN(SessionHandle session,
1184 const std::vector<uint8_t, TAlloc>& pin,
1185 ReturnValue* return_value = ThrowException) const {
1186 return C_InitPIN(session,
1187 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(pin.data())),
1188 static_cast<Ulong>(pin.size()),
1189 return_value);
1190 }
1191
1192 /**
1193 * C_SetPIN modifies the PIN of the user who is logged in.
1194 * @param session the session's handle
1195 * @param old_pin_ptr the old PIN
1196 * @param old_len length of the old PIN
1197 * @param new_pin_ptr the new PIN
1198 * @param new_len length of the new PIN
1199 * @param return_value default value (`ThrowException`): throw exception on error.
1200 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1201 * At least the following PKCS#11 return values may be returned:
1202 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1203 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1204 * \li GeneralError \li HostMemory \li OK
1205 * \li PinIncorrect \li PinInvalid \li PinLenRange
1206 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1207 * \li SessionReadOnly \li TokenWriteProtected \li ArgumentsBad
1208 * @return true on success, false otherwise
1209 */
1210 bool C_SetPIN(SessionHandle session,
1211 Utf8Char* old_pin_ptr,
1212 Ulong old_len,
1213 Utf8Char* new_pin_ptr,
1214 Ulong new_len,
1215 ReturnValue* return_value = ThrowException) const;
1216
1217 /**
1218 * C_SetPIN modifies the PIN of the user who is logged in.
1219 * @param session the session's handle
1220 * @param old_pin the old PIN
1221 * @param new_pin the new PIN
1222 * @param return_value default value (`ThrowException`): throw exception on error.
1223 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1224 * At least the following PKCS#11 return values may be returned:
1225 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1226 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1227 * \li GeneralError \li HostMemory \li OK
1228 * \li PinIncorrect \li PinInvalid \li PinLenRange
1229 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1230 * \li SessionReadOnly \li TokenWriteProtected \li ArgumentsBad
1231 * @return true on success, false otherwise
1232 */
1233 template <typename TAlloc>
1234 bool C_SetPIN(SessionHandle session,
1235 const std::vector<uint8_t, TAlloc>& old_pin,
1236 const std::vector<uint8_t, TAlloc>& new_pin,
1237 ReturnValue* return_value = ThrowException) const {
1238 return C_SetPIN(session,
1239 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(old_pin.data())),
1240 static_cast<Ulong>(old_pin.size()),
1241 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(new_pin.data())),
1242 static_cast<Ulong>(new_pin.size()),
1243 return_value);
1244 }
1245
1246 /****************************** Session management ******************************/
1247
1248 /**
1249 * C_OpenSession opens a session between an application and a token.
1250 * @param slot_id the slot's ID
1251 * @param flags from CK_SESSION_INFO
1252 * @param application passed to callback
1253 * @param notify callback function
1254 * @param session_ptr gets session handle
1255 * @param return_value default value (`ThrowException`): throw exception on error.
1256 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1257 * At least the following PKCS#11 return values may be returned:
1258 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1259 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1260 * \li HostMemory \li OK \li SessionCount
1261 * \li SessionParallelNotSupported \li SessionReadWriteSoExists \li SlotIdInvalid
1262 * \li TokenNotPresent \li TokenNotRecognized \li TokenWriteProtected
1263 * \li ArgumentsBad
1264 * @return true on success, false otherwise
1265 */
1266 bool C_OpenSession(SlotId slot_id,
1267 Flags flags,
1268 VoidPtr application,
1269 Notify notify,
1270 SessionHandle* session_ptr,
1271 ReturnValue* return_value = ThrowException) const;
1272
1273 /**
1274 * C_CloseSession closes a session between an application and a token.
1275 * @param session the session's handle
1276 * @param return_value default value (`ThrowException`): throw exception on error.
1277 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1278 * At least the following PKCS#11 return values may be returned:
1279 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1280 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1281 * \li HostMemory \li OK \li SessionClosed
1282 * \li SessionHandleInvalid
1283 * @return true on success, false otherwise
1284 */
1285 bool C_CloseSession(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1286
1287 /**
1288 * C_CloseAllSessions closes all sessions with a token.
1289 * @param slot_id the token's slot
1290 * @param return_value default value (`ThrowException`): throw exception on error.
1291 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1292 * At least the following PKCS#11 return values may be returned:
1293 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1294 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1295 * \li HostMemory \li OK \li SlotIdInvalid
1296 * \li TokenNotPresent
1297 * @return true on success, false otherwise
1298 */
1299 bool C_CloseAllSessions(SlotId slot_id, ReturnValue* return_value = ThrowException) const;
1300
1301 /**
1302 * C_GetSessionInfo obtains information about the session.
1303 * @param session the session's handle
1304 * @param info_ptr receives session info
1305 * @param return_value default value (`ThrowException`): throw exception on error.
1306 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1307 * At least the following PKCS#11 return values may be returned:
1308 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1309 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1310 * \li HostMemory \li OK \li SessionClosed
1311 * \li SessionHandleInvalid \li ArgumentsBad
1312 * @return true on success, false otherwise
1313 */
1314 bool C_GetSessionInfo(SessionHandle session,
1315 SessionInfo* info_ptr,
1316 ReturnValue* return_value = ThrowException) const;
1317
1318 /**
1319 * C_GetOperationState obtains the state of the cryptographic operation in a session.
1320 * @param session session's handle
1321 * @param operation_state_ptr gets state
1322 * @param operation_state_len_ptr gets state length
1323 * @param return_value default value (`ThrowException`): throw exception on error.
1324 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1325 * At least the following PKCS#11 return values may be returned:
1326 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1327 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1328 * \li GeneralError \li HostMemory \li OK
1329 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1330 * \li StateUnsaveable \li ArgumentsBad
1331 * @return true on success, false otherwise
1332 */
1333 bool C_GetOperationState(SessionHandle session,
1334 Byte* operation_state_ptr,
1335 Ulong* operation_state_len_ptr,
1336 ReturnValue* return_value = ThrowException) const;
1337
1338 /**
1339 * C_SetOperationState restores the state of the cryptographic operation in a session.
1340 * @param session session's handle
1341 * @param operation_state_ptr holds state
1342 * @param operation_state_len holds state length
1343 * @param encryption_key en/decryption key
1344 * @param authentication_key sign/verify key
1345 * @param return_value default value (`ThrowException`): throw exception on error.
1346 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1347 * At least the following PKCS#11 return values may be returned:
1348 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1349 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1350 * \li HostMemory \li KeyChanged \li KeyNeeded
1351 * \li KeyNotNeeded \li OK \li SavedStateInvalid
1352 * \li SessionClosed \li SessionHandleInvalid \li ArgumentsBad
1353 * @return true on success, false otherwise
1354 */
1355 bool C_SetOperationState(SessionHandle session,
1356 Byte* operation_state_ptr,
1357 Ulong operation_state_len,
1358 ObjectHandle encryption_key,
1359 ObjectHandle authentication_key,
1360 ReturnValue* return_value = ThrowException) const;
1361
1362 /**
1363 * C_Login logs a user into a token.
1364 * @param session the session's handle
1365 * @param user_type the user type
1366 * @param pin_ptr the user's PIN
1367 * @param pin_len the length of the PIN
1368 * @param return_value default value (`ThrowException`): throw exception on error.
1369 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1370 * At least the following PKCS#11 return values may be returned:
1371 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1372 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1373 * \li FunctionFailed \li GeneralError \li HostMemory
1374 * \li OK \li OperationNotInitialized \li PinIncorrect
1375 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1376 * \li SessionReadOnlyExists \li UserAlreadyLoggedIn \li UserAnotherAlreadyLoggedIn
1377 * \li UserPinNotInitialized \li UserTooManyTypes \li UserTypeInvalid
1378 * @return true on success, false otherwise
1379 */
1380 bool C_Login(SessionHandle session,
1381 UserType user_type,
1382 Utf8Char* pin_ptr,
1383 Ulong pin_len,
1384 ReturnValue* return_value = ThrowException) const;
1385
1386 /**
1387 * C_Login logs a user into a token.
1388 * @param session the session's handle
1389 * @param user_type the user type
1390 * @param pin the user or security officer's PIN
1391 * @param return_value default value (`ThrowException`): throw exception on error.
1392 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1393 * At least the following PKCS#11 return values may be returned:
1394 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1395 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1396 * \li FunctionFailed \li GeneralError \li HostMemory
1397 * \li OK \li OperationNotInitialized \li PinIncorrect
1398 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1399 * \li SessionReadOnlyExists \li UserAlreadyLoggedIn \li UserAnotherAlreadyLoggedIn
1400 * \li UserPinNotInitialized \li UserTooManyTypes \li UserTypeInvalid
1401 * @return true on success, false otherwise
1402 */
1403 template <typename TAlloc>
1404 bool C_Login(SessionHandle session,
1405 UserType user_type,
1406 const std::vector<uint8_t, TAlloc>& pin,
1407 ReturnValue* return_value = ThrowException) const {
1408 return C_Login(session,
1409 user_type,
1410 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(pin.data())),
1411 static_cast<Ulong>(pin.size()),
1412 return_value);
1413 }
1414
1415 /**
1416 * C_Logout logs a user out from a token.
1417 * @param session the session's handle
1418 * @param return_value default value (`ThrowException`): throw exception on error.
1419 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1420 * At least the following PKCS#11 return values may be returned:
1421 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1422 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1423 * \li HostMemory \li OK \li SessionClosed
1424 * \li SessionHandleInvalid \li UserNotLoggedIn
1425 * @return true on success, false otherwise
1426 */
1427 bool C_Logout(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1428
1429 /****************************** Object management functions ******************************/
1430
1431 /**
1432 * C_CreateObject creates a new object.
1433 * @param session the session's handle
1434 * @param attribute_template_ptr the object's template
1435 * @param count attributes in template
1436 * @param object_ptr gets new object's handle.
1437 * @param return_value default value (`ThrowException`): throw exception on error.
1438 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1439 * At least the following PKCS#11 return values may be returned:
1440 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
1441 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
1442 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1443 * \li DomainParamsInvalid \li FunctionFailed \li GeneralError
1444 * \li HostMemory \li OK \li PinExpired
1445 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
1446 * \li TemplateIncomplete \li TemplateInconsistent \li TokenWriteProtected
1447 * \li UserNotLoggedIn
1448 * @return true on success, false otherwise
1449 */
1450 bool C_CreateObject(SessionHandle session,
1451 Attribute* attribute_template_ptr,
1452 Ulong count,
1453 ObjectHandle* object_ptr,
1454 ReturnValue* return_value = ThrowException) const;
1455
1456 /**
1457 * C_CopyObject copies an object, creating a new object for the copy.
1458 * @param session the session's handle
1459 * @param object the object's handle
1460 * @param attribute_template_ptr template for new object
1461 * @param count attributes in template
1462 * @param new_object_ptr receives handle of copy
1463 * @param return_value default value (`ThrowException`): throw exception on error.
1464 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1465 * At least the following PKCS#11 return values may be returned:
1466 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1467 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1468 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1469 * \li FunctionFailed \li GeneralError \li HostMemory
1470 * \li ObjectHandleInvalid \li OK \li PinExpired
1471 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
1472 * \li TemplateInconsistent \li TokenWriteProtected \li UserNotLoggedIn
1473 * @return true on success, false otherwise
1474 */
1475 bool C_CopyObject(SessionHandle session,
1476 ObjectHandle object,
1477 Attribute* attribute_template_ptr,
1478 Ulong count,
1479 ObjectHandle* new_object_ptr,
1480 ReturnValue* return_value = ThrowException) const;
1481
1482 /**
1483 * C_DestroyObject destroys an object.
1484 * @param session the session's handle
1485 * @param object the object's handle
1486 * @param return_value default value (`ThrowException`): throw exception on error.
1487 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1488 * At least the following PKCS#11 return values may be returned:
1489 * \li ActionProhibited \li CryptokiNotInitialized \li DeviceError
1490 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1491 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1492 * \li OK \li PinExpired \li SessionClosed
1493 * \li SessionHandleInvalid \li SessionReadOnly \li TokenWriteProtected
1494 * @return true on success, false otherwise
1495 */
1496 bool C_DestroyObject(SessionHandle session,
1497 ObjectHandle object,
1498 ReturnValue* return_value = ThrowException) const;
1499
1500 /**
1501 * C_GetObjectSize gets the size of an object in bytes.
1502 * @param session the session's handle
1503 * @param object the object's handle
1504 * @param size_ptr receives size of object
1505 * @param return_value default value (`ThrowException`): throw exception on error.
1506 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1507 * At least the following PKCS#11 return values may be returned:
1508 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1509 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1510 * \li GeneralError \li HostMemory \li InformationSensitive
1511 * \li ObjectHandleInvalid \li OK \li SessionClosed
1512 * \li SessionHandleInvalid
1513 * @return true on success, false otherwise
1514 */
1515 bool C_GetObjectSize(SessionHandle session,
1516 ObjectHandle object,
1517 Ulong* size_ptr,
1518 ReturnValue* return_value = ThrowException) const;
1519
1520 /**
1521 * C_GetAttributeValue obtains the value of one or more object attributes.
1522 * @param session the session's handle
1523 * @param object the object's handle
1524 * @param attribute_template_ptr specifies attrs; gets vals
1525 * @param count attributes in template
1526 * @param return_value default value (`ThrowException`): throw exception on error.
1527 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1528 * At least the following PKCS#11 return values may be returned:
1529 * \li ArgumentsBad \li AttributeSensitive \li AttributeTypeInvalid
1530 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1531 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1532 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1533 * \li OK \li SessionClosed \li SessionHandleInvalid
1534 * @return true on success, false otherwise
1535 */
1536 bool C_GetAttributeValue(SessionHandle session,
1537 ObjectHandle object,
1538 Attribute* attribute_template_ptr,
1539 Ulong count,
1540 ReturnValue* return_value = ThrowException) const;
1541
1542 /**
1543 * C_GetAttributeValue obtains the value of one or more object attributes.
1544 * @param session the session's handle
1545 * @param object the object's handle
1546 * @param attribute_values specifies attrs; gets vals
1547 * @param return_value default value (`ThrowException`): throw exception on error.
1548 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1549 * At least the following PKCS#11 return values may be returned:
1550 * \li ArgumentsBad \li AttributeSensitive \li AttributeTypeInvalid
1551 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1552 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1553 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1554 * \li OK \li SessionClosed \li SessionHandleInvalid
1555 * @return true on success, false otherwise
1556 */
1557 template <typename TAlloc>
1558 bool C_GetAttributeValue(SessionHandle session,
1559 ObjectHandle object,
1560 std::map<AttributeType, std::vector<uint8_t, TAlloc>>& attribute_values,
1561 ReturnValue* return_value = ThrowException) const {
1562 std::vector<Attribute> getter_template;
1563
1564 getter_template.reserve(attribute_values.size());
1565 for(const auto& entry : attribute_values) {
1566 getter_template.emplace_back(Attribute{static_cast<CK_ATTRIBUTE_TYPE>(entry.first), nullptr, 0});
1567 }
1568
1569 bool success = C_GetAttributeValue(session,
1570 object,
1571 const_cast<Attribute*>(getter_template.data()),
1572 static_cast<Ulong>(getter_template.size()),
1573 return_value);
1574
1575 if(!success) {
1576 return success;
1577 }
1578
1579 size_t i = 0;
1580 for(auto& entry : attribute_values) {
1581 entry.second.clear();
1582 entry.second.resize(getter_template.at(i).ulValueLen);
1583 getter_template.at(i).pValue = const_cast<uint8_t*>(entry.second.data());
1584 i++;
1585 }
1586
1587 return C_GetAttributeValue(session,
1588 object,
1589 const_cast<Attribute*>(getter_template.data()),
1590 static_cast<Ulong>(getter_template.size()),
1591 return_value);
1592 }
1593
1594 /**
1595 * C_SetAttributeValue modifies the value of one or more object attributes.
1596 * @param session the session's handle
1597 * @param object the object's handle
1598 * @param attribute_template_ptr specifies attrs and values
1599 * @param count attributes in template
1600 * @param return_value default value (`ThrowException`): throw exception on error.
1601 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1602 * At least the following PKCS#11 return values may be returned:
1603 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1604 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1605 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1606 * \li FunctionFailed \li GeneralError \li HostMemory
1607 * \li ObjectHandleInvalid \li OK \li SessionClosed
1608 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateInconsistent
1609 * \li TokenWriteProtected \li UserNotLoggedIn
1610 * @return true on success, false otherwise
1611 */
1612 bool C_SetAttributeValue(SessionHandle session,
1613 ObjectHandle object,
1614 Attribute* attribute_template_ptr,
1615 Ulong count,
1616 ReturnValue* return_value = ThrowException) const;
1617
1618 /**
1619 * C_SetAttributeValue modifies the value of one or more object attributes.
1620 * @param session the session's handle
1621 * @param object the object's handle
1622 * @param attribute_values specifies attrs and values
1623 * @param return_value default value (`ThrowException`): throw exception on error.
1624 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1625 * At least the following PKCS#11 return values may be returned:
1626 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1627 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1628 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1629 * \li FunctionFailed \li GeneralError \li HostMemory
1630 * \li ObjectHandleInvalid \li OK \li SessionClosed
1631 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateInconsistent
1632 * \li TokenWriteProtected \li UserNotLoggedIn
1633 * @return true on success, false otherwise
1634 */
1635 template <typename TAlloc>
1636 bool C_SetAttributeValue(SessionHandle session,
1637 ObjectHandle object,
1638 std::map<AttributeType, std::vector<uint8_t, TAlloc>>& attribute_values,
1639 ReturnValue* return_value = ThrowException) const {
1640 std::vector<Attribute> setter_template;
1641
1642 setter_template.reserve(attribute_values.size());
1643 for(auto& entry : attribute_values) {
1644 setter_template.emplace_back(Attribute{static_cast<CK_ATTRIBUTE_TYPE>(entry.first),
1645 entry.second.data(),
1646 static_cast<CK_ULONG>(entry.second.size())});
1647 }
1648
1649 return C_SetAttributeValue(session,
1650 object,
1651 const_cast<Attribute*>(setter_template.data()),
1652 static_cast<Ulong>(setter_template.size()),
1653 return_value);
1654 }
1655
1656 /**
1657 * C_FindObjectsInit initializes a search for token and session objects that match a template.
1658 * @param session the session's handle
1659 * @param attribute_template_ptr attribute values to match
1660 * @param count attrs in search template
1661 * @param return_value default value (`ThrowException`): throw exception on error.
1662 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1663 * At least the following PKCS#11 return values may be returned:
1664 * \li ArgumentsBad \li AttributeTypeInvalid \li AttributeValueInvalid
1665 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1666 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1667 * \li HostMemory \li OK \li OperationActive
1668 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
1669 * @return true on success, false otherwise
1670 */
1671 bool C_FindObjectsInit(SessionHandle session,
1672 Attribute* attribute_template_ptr,
1673 Ulong count,
1674 ReturnValue* return_value = ThrowException) const;
1675
1676 /**
1677 * C_FindObjects continues a search for token and session objects that match a template, obtaining additional object handles.
1678 * @param session session's handle
1679 * @param object_ptr gets obj. handles
1680 * @param max_object_count max handles to get
1681 * @param object_count_ptr actual # returned
1682 * @param return_value default value (`ThrowException`): throw exception on error.
1683 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1684 * At least the following PKCS#11 return values may be returned:
1685 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1686 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1687 * \li GeneralError \li HostMemory \li OK
1688 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1689 * @return true on success, false otherwise
1690 */
1691 bool C_FindObjects(SessionHandle session,
1692 ObjectHandle* object_ptr,
1693 Ulong max_object_count,
1694 Ulong* object_count_ptr,
1695 ReturnValue* return_value = ThrowException) const;
1696
1697 /**
1698 * C_FindObjectsFinal finishes a search for token and session objects.
1699 * @param session the session's handle
1700 * @param return_value default value (`ThrowException`): throw exception on error.
1701 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1702 * At least the following PKCS#11 return values may be returned:
1703 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1704 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1705 * \li HostMemory \li OK \li OperationNotInitialized
1706 * \li SessionClosed \li SessionHandleInvalid
1707 * @return true on success, false otherwise
1708 */
1709 bool C_FindObjectsFinal(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1710
1711 /****************************** Encryption functions ******************************/
1712
1713 /**
1714 * C_EncryptInit initializes an encryption operation.
1715 * @param session the session's handle
1716 * @param mechanism_ptr the encryption mechanism
1717 * @param key handle of encryption key
1718 * @param return_value default value (`ThrowException`): throw exception on error.
1719 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1720 * At least the following PKCS#11 return values may be returned:
1721 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1722 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1723 * \li GeneralError \li HostMemory \li KeyFunctionNotPermitted
1724 * \li KeyHandleInvalid \li KeySizeRange \li KeyTypeInconsistent
1725 * \li MechanismInvalid \li MechanismParamInvalid \li OK
1726 * \li OperationActive \li PinExpired \li SessionClosed
1727 * \li SessionHandleInvalid \li UserNotLoggedIn
1728 * @return true on success, false otherwise
1729 */
1730 bool C_EncryptInit(SessionHandle session,
1731 Mechanism* mechanism_ptr,
1732 ObjectHandle key,
1733 ReturnValue* return_value = ThrowException) const;
1734
1735 /**
1736 * C_Encrypt encrypts single-part data.
1737 * @param session session's handle
1738 * @param data_ptr the plaintext data
1739 * @param data_len size of plaintext data in bytes
1740 * @param encrypted_data gets ciphertext
1741 * @param encrypted_data_len_ptr gets c-text size
1742 * @param return_value default value (`ThrowException`): throw exception on error.
1743 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1744 * At least the following PKCS#11 return values may be returned:
1745 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1746 * \li DataInvalid \li DataLenRange \li DeviceError
1747 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1748 * \li FunctionFailed \li GeneralError \li HostMemory
1749 * \li OK \li OperationNotInitialized \li SessionClosed
1750 * \li SessionHandleInvalid
1751 * @return true on success, false otherwise
1752 */
1753 bool C_Encrypt(SessionHandle session,
1754 Byte* data_ptr,
1755 Ulong data_len,
1756 Byte* encrypted_data,
1757 Ulong* encrypted_data_len_ptr,
1758 ReturnValue* return_value = ThrowException) const;
1759
1760 /**
1761 * C_Encrypt encrypts single-part data.
1762 * @param session session's handle
1763 * @param plaintext_data the plaintext data
1764 * @param encrypted_data gets ciphertext
1765 * @param return_value default value (`ThrowException`): throw exception on error.
1766 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1767 * At least the following PKCS#11 return values may be returned:
1768 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1769 * \li DataInvalid \li DataLenRange \li DeviceError
1770 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1771 * \li FunctionFailed \li GeneralError \li HostMemory
1772 * \li OK \li OperationNotInitialized \li SessionClosed
1773 * \li SessionHandleInvalid
1774 * @return true on success, false otherwise
1775 */
1776 template <typename TAllocA, typename TAllocB>
1777 bool C_Encrypt(SessionHandle session,
1778 const std::vector<uint8_t, TAllocA>& plaintext_data,
1779 std::vector<uint8_t, TAllocB>& encrypted_data,
1780 ReturnValue* return_value = ThrowException) const {
1781 Ulong encrypted_size = 0;
1782 if(!C_Encrypt(session,
1783 const_cast<Byte*>((plaintext_data.data())),
1784 static_cast<Ulong>(plaintext_data.size()),
1785 nullptr,
1786 &encrypted_size,
1787 return_value)) {
1788 return false;
1789 }
1790
1791 encrypted_data.resize(encrypted_size);
1792 if(!C_Encrypt(session,
1793 const_cast<Byte*>(plaintext_data.data()),
1794 static_cast<Ulong>(plaintext_data.size()),
1795 encrypted_data.data(),
1796 &encrypted_size,
1797 return_value)) {
1798 return false;
1799 }
1800 encrypted_data.resize(encrypted_size);
1801 return true;
1802 }
1803
1804 /**
1805 * C_EncryptUpdate continues a multiple-part encryption operation.
1806 * @param session session's handle
1807 * @param part_ptr the plaintext data
1808 * @param part_len plaintext data len
1809 * @param encrypted_part_ptr gets ciphertext
1810 * @param encrypted_part_len_ptr gets c-text size
1811 * @param return_value default value (`ThrowException`): throw exception on error.
1812 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1813 * At least the following PKCS#11 return values may be returned:
1814 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1815 * \li DataLenRange \li DeviceError \li DeviceMemory
1816 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1817 * \li GeneralError \li HostMemory \li OK
1818 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1819 * @return true on success, false otherwise
1820 */
1821 bool C_EncryptUpdate(SessionHandle session,
1822 Byte* part_ptr,
1823 Ulong part_len,
1824 Byte* encrypted_part_ptr,
1825 Ulong* encrypted_part_len_ptr,
1826 ReturnValue* return_value = ThrowException) const;
1827
1828 /**
1829 * C_EncryptFinal finishes a multiple-part encryption operation.
1830 * @param session session handle
1831 * @param last_encrypted_part_ptr last c-text
1832 * @param last_encrypted_part_len_ptr gets last size
1833 * @param return_value default value (`ThrowException`): throw exception on error.
1834 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1835 * At least the following PKCS#11 return values may be returned:
1836 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1837 * \li DataLenRange \li DeviceError \li DeviceMemory
1838 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1839 * \li GeneralError \li HostMemory \li OK
1840 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1841 * @return true on success, false otherwise
1842 */
1843 bool C_EncryptFinal(SessionHandle session,
1844 Byte* last_encrypted_part_ptr,
1845 Ulong* last_encrypted_part_len_ptr,
1846 ReturnValue* return_value = ThrowException) const;
1847
1848 /****************************** Decryption functions ******************************/
1849
1850 /**
1851 * C_DecryptInit initializes a decryption operation.
1852 * @param session the session's handle
1853 * @param mechanism_ptr the decryption mechanism
1854 * @param key handle of decryption key
1855 * @param return_value default value (`ThrowException`): throw exception on error.
1856 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1857 * At least the following PKCS#11 return values may be returned:
1858 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1859 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1860 * \li FunctionFailed \li GeneralError \li HostMemory
1861 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
1862 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
1863 * \li OK \li OperationActive \li PinExpired
1864 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
1865 * @return true on success, false otherwise
1866 */
1867 bool C_DecryptInit(SessionHandle session,
1868 Mechanism* mechanism_ptr,
1869 ObjectHandle key,
1870 ReturnValue* return_value = ThrowException) const;
1871
1872 /**
1873 * C_Decrypt decrypts encrypted data in a single part.
1874 * @param session session's handle
1875 * @param encrypted_data_ptr ciphertext
1876 * @param encrypted_data_len ciphertext length
1877 * @param data_ptr gets plaintext
1878 * @param data_len_ptr gets p-text size
1879 * @param return_value default value (`ThrowException`): throw exception on error.
1880 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1881 * At least the following PKCS#11 return values may be returned:
1882 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1883 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1884 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1885 * \li FunctionFailed \li GeneralError \li HostMemory
1886 * \li OK \li OperationNotInitialized \li SessionClosed
1887 * \li SessionHandleInvalid \li UserNotLoggedIn
1888 * @return true on success, false otherwise
1889 */
1890 bool C_Decrypt(SessionHandle session,
1891 Byte* encrypted_data_ptr,
1892 Ulong encrypted_data_len,
1893 Byte* data_ptr,
1894 Ulong* data_len_ptr,
1895 ReturnValue* return_value = ThrowException) const;
1896
1897 /**
1898 * C_Decrypt decrypts encrypted data in a single part.
1899 * @param session session's handle
1900 * @param encrypted_data ciphertext
1901 * @param decrypted_data gets plaintext
1902 * @param return_value default value (`ThrowException`): throw exception on error.
1903 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1904 * At least the following PKCS#11 return values may be returned:
1905 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1906 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1907 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1908 * \li FunctionFailed \li GeneralError \li HostMemory
1909 * \li OK \li OperationNotInitialized \li SessionClosed
1910 * \li SessionHandleInvalid \li UserNotLoggedIn
1911 * @return true on success, false otherwise
1912 */
1913 template <typename TAllocA, typename TAllocB>
1914 bool C_Decrypt(SessionHandle session,
1915 const std::vector<uint8_t, TAllocA>& encrypted_data,
1916 std::vector<uint8_t, TAllocB>& decrypted_data,
1917 ReturnValue* return_value = ThrowException) const {
1918 Ulong decrypted_size = 0;
1919 if(!C_Decrypt(session,
1920 const_cast<Byte*>((encrypted_data.data())),
1921 static_cast<Ulong>(encrypted_data.size()),
1922 nullptr,
1923 &decrypted_size,
1924 return_value)) {
1925 return false;
1926 }
1927
1928 decrypted_data.resize(decrypted_size);
1929 if(!C_Decrypt(session,
1930 const_cast<Byte*>(encrypted_data.data()),
1931 static_cast<Ulong>(encrypted_data.size()),
1932 decrypted_data.data(),
1933 &decrypted_size,
1934 return_value)) {
1935 return false;
1936 }
1937 decrypted_data.resize(decrypted_size);
1938 return true;
1939 }
1940
1941 /**
1942 * C_DecryptUpdate continues a multiple-part decryption operation.
1943 * @param session session's handle
1944 * @param encrypted_part_ptr encrypted data
1945 * @param encrypted_part_len input length
1946 * @param part_ptr gets plaintext
1947 * @param part_len_ptr p-text size
1948 * @param return_value default value (`ThrowException`): throw exception on error.
1949 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1950 * At least the following PKCS#11 return values may be returned:
1951 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1952 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1953 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1954 * \li FunctionFailed \li GeneralError \li HostMemory
1955 * \li OK \li OperationNotInitialized \li SessionClosed
1956 * \li SessionHandleInvalid \li UserNotLoggedIn
1957 * @return true on success, false otherwise
1958 */
1959 bool C_DecryptUpdate(SessionHandle session,
1960 Byte* encrypted_part_ptr,
1961 Ulong encrypted_part_len,
1962 Byte* part_ptr,
1963 Ulong* part_len_ptr,
1964 ReturnValue* return_value = ThrowException) const;
1965
1966 /**
1967 * C_DecryptFinal finishes a multiple-part decryption operation.
1968 * @param session the session's handle
1969 * @param last_part_ptr gets plaintext
1970 * @param last_part_len_ptr p-text size
1971 * @param return_value default value (`ThrowException`): throw exception on error.
1972 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1973 * At least the following PKCS#11 return values may be returned:
1974 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1975 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1976 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1977 * \li FunctionFailed \li GeneralError \li HostMemory
1978 * \li OK \li OperationNotInitialized \li SessionClosed
1979 * \li SessionHandleInvalid \li UserNotLoggedIn
1980 * @return true on success, false otherwise
1981 */
1982 bool C_DecryptFinal(SessionHandle session,
1983 Byte* last_part_ptr,
1984 Ulong* last_part_len_ptr,
1985 ReturnValue* return_value = ThrowException) const;
1986
1987 /****************************** Message digesting functions ******************************/
1988
1989 /**
1990 * C_DigestInit initializes a message-digesting operation.
1991 * @param session the session's handle
1992 * @param mechanism_ptr the digesting mechanism
1993 * @param return_value default value (`ThrowException`): throw exception on error.
1994 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1995 * At least the following PKCS#11 return values may be returned:
1996 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1997 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1998 * \li FunctionFailed \li GeneralError \li HostMemory
1999 * \li MechanismInvalid \li MechanismParamInvalid \li OK
2000 * \li OperationActive \li PinExpired \li SessionClosed
2001 * \li SessionHandleInvalid \li UserNotLoggedIn
2002 * @return true on success, false otherwise
2003 */
2004 bool C_DigestInit(SessionHandle session,
2005 Mechanism* mechanism_ptr,
2006 ReturnValue* return_value = ThrowException) const;
2007
2008 /**
2009 * C_Digest digests data in a single part.
2010 * @param session the session's handle
2011 * @param data_ptr data to be digested
2012 * @param data_len bytes of data to digest
2013 * @param digest_ptr gets the message digest
2014 * @param digest_len_ptr gets digest length
2015 * @param return_value default value (`ThrowException`): throw exception on error.
2016 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2017 * At least the following PKCS#11 return values may be returned:
2018 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2019 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2020 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2021 * \li HostMemory \li OK \li OperationNotInitialized
2022 * \li SessionClosed \li SessionHandleInvalid
2023 * @return true on success, false otherwise
2024 */
2025 bool C_Digest(SessionHandle session,
2026 Byte* data_ptr,
2027 Ulong data_len,
2028 Byte* digest_ptr,
2029 Ulong* digest_len_ptr,
2030 ReturnValue* return_value = ThrowException) const;
2031
2032 /**
2033 * C_DigestUpdate continues a multiple-part message-digesting operation.
2034 * @param session the session's handle
2035 * @param part_ptr data to be digested
2036 * @param part_len bytes of data to be digested
2037 * @param return_value default value (`ThrowException`): throw exception on error.
2038 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2039 * At least the following PKCS#11 return values may be returned:
2040 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2041 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2042 * \li FunctionFailed \li GeneralError \li HostMemory
2043 * \li OK \li OperationNotInitialized \li SessionClosed
2044 * \li SessionHandleInvalid
2045 * @return true on success, false otherwise
2046 */
2047 bool C_DigestUpdate(SessionHandle session,
2048 Byte* part_ptr,
2049 Ulong part_len,
2050 ReturnValue* return_value = ThrowException) const;
2051
2052 /**
2053 * C_DigestKey continues a multi-part message-digesting operation, by digesting the value of a secret key as part of the data already digested.
2054 * @param session the session's handle
2055 * @param key secret key to digest
2056 * @param return_value default value (`ThrowException`): throw exception on error.
2057 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2058 * At least the following PKCS#11 return values may be returned:
2059 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
2060 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2061 * \li GeneralError \li HostMemory \li KeyHandleInvalid
2062 * \li KeyIndigestible \li KeySizeRange \li OK
2063 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2064 * @return true on success, false otherwise
2065 */
2066 bool C_DigestKey(SessionHandle session, ObjectHandle key, ReturnValue* return_value = ThrowException) const;
2067
2068 /**
2069 * C_DigestFinal finishes a multiple-part message-digesting operation.
2070 * @param session the session's handle
2071 * @param digest_ptr gets the message digest
2072 * @param digest_len_ptr gets uint8_t count of digest
2073 * @param return_value default value (`ThrowException`): throw exception on error.
2074 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2075 * At least the following PKCS#11 return values may be returned:
2076 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2077 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2078 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2079 * \li HostMemory \li OK \li OperationNotInitialized
2080 * \li SessionClosed \li SessionHandleInvalid
2081 * @return true on success, false otherwise
2082 */
2083 bool C_DigestFinal(SessionHandle session,
2084 Byte* digest_ptr,
2085 Ulong* digest_len_ptr,
2086 ReturnValue* return_value = ThrowException) const;
2087
2088 /****************************** Signing and MACing functions ******************************/
2089
2090 /**
2091 * C_SignInit initializes a signature (private key encryption) operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2092 * @param session the session's handle
2093 * @param mechanism_ptr the signature mechanism
2094 * @param key handle of signature key
2095 * @param return_value default value (`ThrowException`): throw exception on error.
2096 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2097 * At least the following PKCS#11 return values may be returned:
2098 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2099 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2100 * \li FunctionFailed \li GeneralError \li HostMemory
2101 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2102 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2103 * \li OK \li OperationActive \li PinExpired
2104 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2105 * @return true on success, false otherwise
2106 */
2107 bool C_SignInit(SessionHandle session,
2108 Mechanism* mechanism_ptr,
2109 ObjectHandle key,
2110 ReturnValue* return_value = ThrowException) const;
2111
2112 /**
2113 * C_Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2114 * @param session the session's handle
2115 * @param data_ptr the data to sign
2116 * @param data_len count of bytes to sign
2117 * @param signature_ptr gets the signature
2118 * @param signature_len_ptr gets signature length
2119 * @param return_value default value (`ThrowException`): throw exception on error.
2120 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2121 * At least the following PKCS#11 return values may be returned:
2122 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2123 * \li DataInvalid \li DataLenRange \li DeviceError
2124 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2125 * \li FunctionFailed \li GeneralError \li HostMemory
2126 * \li OK \li OperationNotInitialized \li SessionClosed
2127 * \li SessionHandleInvalid \li UserNotLoggedIn \li FunctionRejected
2128 * @return true on success, false otherwise
2129 */
2130 bool C_Sign(SessionHandle session,
2131 const Byte* data_ptr,
2132 Ulong data_len,
2133 Byte* signature_ptr,
2134 Ulong* signature_len_ptr,
2135 ReturnValue* return_value = ThrowException) const;
2136
2137 /**
2138 * C_Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2139 * @param session the session's handle
2140 * @param data the data to sign
2141 * @param signature gets the signature
2142 * @param return_value default value (`ThrowException`): throw exception on error.
2143 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2144 * At least the following PKCS#11 return values may be returned:
2145 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2146 * \li DataInvalid \li DataLenRange \li DeviceError
2147 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2148 * \li FunctionFailed \li GeneralError \li HostMemory
2149 * \li OK \li OperationNotInitialized \li SessionClosed
2150 * \li SessionHandleInvalid \li UserNotLoggedIn \li FunctionRejected
2151 * @return true on success, false otherwise
2152 */
2153 template <typename TAllocA, typename TAllocB>
2154 bool C_Sign(SessionHandle session,
2155 const std::vector<uint8_t, TAllocA>& data,
2156 std::vector<uint8_t, TAllocB>& signature,
2157 ReturnValue* return_value = ThrowException) const {
2158 Ulong signature_size = 0;
2159 if(!C_Sign(session, data.data(), static_cast<Ulong>(data.size()), nullptr, &signature_size, return_value)) {
2160 return false;
2161 }
2162
2163 signature.resize(signature_size);
2164 if(!C_Sign(session,
2165 data.data(),
2166 static_cast<Ulong>(data.size()),
2167 signature.data(),
2168 &signature_size,
2169 return_value)) {
2170 return false;
2171 }
2172 signature.resize(signature_size);
2173 return true;
2174 }
2175
2176 /**
2177 * C_SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2178 * @param session the session's handle
2179 * @param part_ptr the data to sign
2180 * @param part_len count of bytes to sign
2181 * @param return_value default value (`ThrowException`): throw exception on error.
2182 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2183 * At least the following PKCS#11 return values may be returned:
2184 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2185 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2186 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2187 * \li HostMemory \li OK \li OperationNotInitialized
2188 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2189 * @return true on success, false otherwise
2190 */
2191 bool C_SignUpdate(SessionHandle session,
2192 const Byte* part_ptr,
2193 Ulong part_len,
2194 ReturnValue* return_value = ThrowException) const;
2195
2196 /**
2197 * C_SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2198 * @param session the session's handle
2199 * @param part the data to sign
2200 * @param return_value default value (`ThrowException`): throw exception on error.
2201 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2202 * At least the following PKCS#11 return values may be returned:
2203 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2204 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2205 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2206 * \li HostMemory \li OK \li OperationNotInitialized
2207 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2208 * @return true on success, false otherwise
2209 */
2210 template <typename TAlloc>
2211 bool C_SignUpdate(SessionHandle session,
2212 const std::vector<uint8_t, TAlloc>& part,
2213 ReturnValue* return_value = ThrowException) const {
2214 return C_SignUpdate(session, part.data(), static_cast<Ulong>(part.size()), return_value);
2215 }
2216
2217 /**
2218 * C_SignFinal finishes a multiple-part signature operation, returning the signature.
2219 * @param session the session's handle
2220 * @param signature_ptr gets the signature
2221 * @param signature_len_ptr gets signature length
2222 * @param return_value default value (`ThrowException`): throw exception on error.
2223 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2224 * At least the following PKCS#11 return values may be returned:
2225 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2226 * \li DataLenRange \li DeviceError \li DeviceMemory
2227 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2228 * \li GeneralError \li HostMemory \li OK
2229 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2230 * \li UserNotLoggedIn \li FunctionRejected
2231 * @return true on success, false otherwise
2232 */
2233 bool C_SignFinal(SessionHandle session,
2234 Byte* signature_ptr,
2235 Ulong* signature_len_ptr,
2236 ReturnValue* return_value = ThrowException) const;
2237
2238 /**
2239 * C_SignFinal finishes a multiple-part signature operation, returning the signature.
2240 * @param session the session's handle
2241 * @param signature gets the signature
2242 * @param return_value default value (`ThrowException`): throw exception on error.
2243 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2244 * At least the following PKCS#11 return values may be returned:
2245 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2246 * \li DataLenRange \li DeviceError \li DeviceMemory
2247 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2248 * \li GeneralError \li HostMemory \li OK
2249 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2250 * \li UserNotLoggedIn \li FunctionRejected
2251 * @return true on success, false otherwise
2252 */
2253 template <typename TAlloc>
2254 bool C_SignFinal(SessionHandle session,
2255 std::vector<uint8_t, TAlloc>& signature,
2256 ReturnValue* return_value = ThrowException) const {
2257 Ulong signature_size = 0;
2258 if(!C_SignFinal(session, nullptr, &signature_size, return_value)) {
2259 return false;
2260 }
2261
2262 signature.resize(signature_size);
2263 if(!C_SignFinal(session, signature.data(), &signature_size, return_value)) {
2264 return false;
2265 }
2266 signature.resize(signature_size);
2267 return true;
2268 }
2269
2270 /**
2271 * C_SignRecoverInit initializes a signature operation, where the data can be recovered from the signature.
2272 * @param session the session's handle
2273 * @param mechanism_ptr the signature mechanism
2274 * @param key handle of the signature key
2275 * @param return_value default value (`ThrowException`): throw exception on error.
2276 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2277 * At least the following PKCS#11 return values may be returned:
2278 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2279 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2280 * \li FunctionFailed \li GeneralError \li HostMemory
2281 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2282 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2283 * \li OK \li OperationActive \li PinExpired
2284 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2285 * @return true on success, false otherwise
2286 */
2287 bool C_SignRecoverInit(SessionHandle session,
2288 Mechanism* mechanism_ptr,
2289 ObjectHandle key,
2290 ReturnValue* return_value = ThrowException) const;
2291
2292 /**
2293 * C_SignRecover signs data in a single operation, where the data can be recovered from the signature.
2294 * @param session the session's handle
2295 * @param data_ptr the data to sign
2296 * @param data_len count of bytes to sign
2297 * @param signature_ptr gets the signature
2298 * @param signature_len_ptr gets signature length
2299 * @param return_value default value (`ThrowException`): throw exception on error.
2300 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2301 * At least the following PKCS#11 return values may be returned:
2302 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2303 * \li DataInvalid \li DataLenRange \li DeviceError
2304 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2305 * \li FunctionFailed \li GeneralError \li HostMemory
2306 * \li OK \li OperationNotInitialized \li SessionClosed
2307 * \li SessionHandleInvalid \li UserNotLoggedIn
2308 * @return true on success, false otherwise
2309 */
2310 bool C_SignRecover(SessionHandle session,
2311 Byte* data_ptr,
2312 Ulong data_len,
2313 Byte* signature_ptr,
2314 Ulong* signature_len_ptr,
2315 ReturnValue* return_value = ThrowException) const;
2316
2317 /****************************** Functions for verifying signatures and MACs ******************************/
2318
2319 /**
2320 * C_VerifyInit initializes a verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature (e.g. DSA).
2321 * @param session the session's handle
2322 * @param mechanism_ptr the verification mechanism
2323 * @param key verification key
2324 * @param return_value default value (`ThrowException`): throw exception on error.
2325 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2326 * At least the following PKCS#11 return values may be returned:
2327 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2328 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2329 * \li FunctionFailed \li GeneralError \li HostMemory
2330 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2331 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2332 * \li OK \li OperationActive \li PinExpired
2333 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2334 * @return true on success, false otherwise
2335 */
2336 bool C_VerifyInit(SessionHandle session,
2337 Mechanism* mechanism_ptr,
2338 ObjectHandle key,
2339 ReturnValue* return_value = ThrowException) const;
2340
2341 /**
2342 * C_Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2343 * @param session the session's handle
2344 * @param data_ptr signed data
2345 * @param data_len length of signed data
2346 * @param signature_ptr signature
2347 * @param signature_len signature length
2348 * @param return_value default value (`ThrowException`): throw exception on error.
2349 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2350 * At least the following PKCS#11 return values may be returned:
2351 * \li ArgumentsBad \li CryptokiNotInitialized \li DataInvalid
2352 * \li DataLenRange \li DeviceError \li DeviceMemory
2353 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2354 * \li GeneralError \li HostMemory \li OK
2355 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2356 * \li SignatureInvalid \li SignatureLenRange
2357 * @return true on success, false otherwise
2358 */
2359 bool C_Verify(SessionHandle session,
2360 const Byte* data_ptr,
2361 Ulong data_len,
2362 const Byte* signature_ptr,
2363 Ulong signature_len,
2364 ReturnValue* return_value = ThrowException) const;
2365
2366 /**
2367 * C_Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2368 * @param session the session's handle
2369 * @param data signed data
2370 * @param signature signature
2371 * @param return_value default value (`ThrowException`): throw exception on error.
2372 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2373 * At least the following PKCS#11 return values may be returned:
2374 * \li ArgumentsBad \li CryptokiNotInitialized \li DataInvalid
2375 * \li DataLenRange \li DeviceError \li DeviceMemory
2376 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2377 * \li GeneralError \li HostMemory \li OK
2378 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2379 * \li SignatureInvalid \li SignatureLenRange
2380 * @return true on success, false otherwise
2381 */
2382 template <typename TAllocA, typename TAllocB>
2383 bool C_Verify(SessionHandle session,
2384 const std::vector<uint8_t, TAllocA>& data,
2385 std::vector<uint8_t, TAllocB>& signature,
2386 ReturnValue* return_value = ThrowException) const {
2387 return C_Verify(session,
2388 data.data(),
2389 static_cast<Ulong>(data.size()),
2390 signature.data(),
2391 static_cast<Ulong>(signature.size()),
2392 return_value);
2393 }
2394
2395 /**
2396 * C_VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2397 * @param session the session's handle
2398 * @param part_ptr signed data
2399 * @param part_len length of signed data
2400 * @param return_value default value (`ThrowException`): throw exception on error.
2401 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2402 * At least the following PKCS#11 return values may be returned:
2403 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2404 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2405 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2406 * \li HostMemory \li OK \li OperationNotInitialized
2407 * \li SessionClosed \li SessionHandleInvalid
2408 * @return true on success, false otherwise
2409 */
2410 bool C_VerifyUpdate(SessionHandle session,
2411 const Byte* part_ptr,
2412 Ulong part_len,
2413 ReturnValue* return_value = ThrowException) const;
2414
2415 /**
2416 * C_VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2417 * @param session the session's handle
2418 * @param part signed data
2419 * @param return_value default value (`ThrowException`): throw exception on error.
2420 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2421 * At least the following PKCS#11 return values may be returned:
2422 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2423 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2424 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2425 * \li HostMemory \li OK \li OperationNotInitialized
2426 * \li SessionClosed \li SessionHandleInvalid
2427 * @return true on success, false otherwise
2428 */
2429 template <typename TAlloc>
2430 bool C_VerifyUpdate(SessionHandle session,
2431 std::vector<uint8_t, TAlloc> part,
2432 ReturnValue* return_value = ThrowException) const {
2433 return C_VerifyUpdate(session, part.data(), static_cast<Ulong>(part.size()), return_value);
2434 }
2435
2436 /**
2437 * C_VerifyFinal finishes a multiple-part verification operation, checking the signature.
2438 * @param session the session's handle
2439 * @param signature_ptr signature to verify
2440 * @param signature_len signature length
2441 * @param return_value default value (`ThrowException`): throw exception on error.
2442 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2443 * At least the following PKCS#11 return values may be returned:
2444 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2445 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2446 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2447 * \li HostMemory \li OK \li OperationNotInitialized
2448 * \li SessionClosed \li SessionHandleInvalid \li SignatureInvalid
2449 * \li SignatureLenRange
2450 * @return true on success, false otherwise
2451 */
2452 bool C_VerifyFinal(SessionHandle session,
2453 const Byte* signature_ptr,
2454 Ulong signature_len,
2455 ReturnValue* return_value = ThrowException) const;
2456
2457 /**
2458 * C_VerifyRecoverInit initializes a signature verification operation, where the data is recovered from the signature.
2459 * @param session the session's handle
2460 * @param mechanism_ptr the verification mechanism
2461 * @param key verification key
2462 * @param return_value default value (`ThrowException`): throw exception on error.
2463 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2464 * At least the following PKCS#11 return values may be returned:
2465 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2466 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2467 * \li FunctionFailed \li GeneralError \li HostMemory
2468 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2469 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2470 * \li OK \li OperationActive \li PinExpired
2471 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2472 * @return true on success, false otherwise
2473 */
2474 bool C_VerifyRecoverInit(SessionHandle session,
2475 Mechanism* mechanism_ptr,
2476 ObjectHandle key,
2477 ReturnValue* return_value = ThrowException) const;
2478
2479 /**
2480 * C_VerifyRecover verifies a signature in a single-part operation, where the data is recovered from the signature.
2481 * @param session the session's handle
2482 * @param signature_ptr signature to verify
2483 * @param signature_len signature length
2484 * @param data_ptr gets signed data
2485 * @param data_len_ptr gets signed data len
2486 * @param return_value default value (`ThrowException`): throw exception on error.
2487 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2488 * At least the following PKCS#11 return values may be returned:
2489 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2490 * \li DataInvalid \li DataLenRange \li DeviceError
2491 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2492 * \li FunctionFailed \li GeneralError \li HostMemory
2493 * \li OK \li OperationNotInitialized \li SessionClosed
2494 * \li SessionHandleInvalid \li SignatureLenRange \li SignatureInvalid
2495 * @return true on success, false otherwise
2496 */
2497 bool C_VerifyRecover(SessionHandle session,
2498 Byte* signature_ptr,
2499 Ulong signature_len,
2500 Byte* data_ptr,
2501 Ulong* data_len_ptr,
2502 ReturnValue* return_value = ThrowException) const;
2503
2504 /****************************** Dual-purpose cryptographic functions ******************************/
2505
2506 /**
2507 * C_DigestEncryptUpdate continues a multiple-part digesting and encryption operation.
2508 * @param session session's handle
2509 * @param part_ptr the plaintext data
2510 * @param part_len plaintext length
2511 * @param encrypted_part_ptr gets ciphertext
2512 * @param encrypted_part_len_ptr gets c-text length
2513 * @param return_value default value (`ThrowException`): throw exception on error.
2514 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2515 * At least the following PKCS#11 return values may be returned:
2516 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2517 * \li DataLenRange \li DeviceError \li DeviceMemory
2518 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2519 * \li GeneralError \li HostMemory \li OK
2520 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2521 * @return true on success, false otherwise
2522 */
2523 bool C_DigestEncryptUpdate(SessionHandle session,
2524 Byte* part_ptr,
2525 Ulong part_len,
2526 Byte* encrypted_part_ptr,
2527 Ulong* encrypted_part_len_ptr,
2528 ReturnValue* return_value = ThrowException) const;
2529
2530 /**
2531 * C_DecryptDigestUpdate continues a multiple-part decryption and digesting operation.
2532 * @param session session's handle
2533 * @param encrypted_part_ptr ciphertext
2534 * @param encrypted_part_len ciphertext length
2535 * @param part_ptr gets plaintext
2536 * @param part_len_ptr gets plaintext len
2537 * @param return_value default value (`ThrowException`): throw exception on error.
2538 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2539 * At least the following PKCS#11 return values may be returned:
2540 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2541 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2542 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
2543 * \li FunctionFailed \li GeneralError \li HostMemory
2544 * \li OK \li OperationNotInitialized \li SessionClosed
2545 * \li SessionHandleInvalid
2546 * @return true on success, false otherwise
2547 */
2548 bool C_DecryptDigestUpdate(SessionHandle session,
2549 Byte* encrypted_part_ptr,
2550 Ulong encrypted_part_len,
2551 Byte* part_ptr,
2552 Ulong* part_len_ptr,
2553 ReturnValue* return_value = ThrowException) const;
2554
2555 /**
2556 * C_SignEncryptUpdate continues a multiple-part signing and encryption operation.
2557 * @param session session's handle
2558 * @param part_ptr the plaintext data
2559 * @param part_len plaintext length
2560 * @param encrypted_part_ptr gets ciphertext
2561 * @param encrypted_part_len_ptr gets c-text length
2562 * @param return_value default value (`ThrowException`): throw exception on error.
2563 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2564 * At least the following PKCS#11 return values may be returned:
2565 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2566 * \li DataLenRange \li DeviceError \li DeviceMemory
2567 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2568 * \li GeneralError \li HostMemory \li OK
2569 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2570 * \li UserNotLoggedIn
2571 * @return true on success, false otherwise
2572 */
2573 bool C_SignEncryptUpdate(SessionHandle session,
2574 Byte* part_ptr,
2575 Ulong part_len,
2576 Byte* encrypted_part_ptr,
2577 Ulong* encrypted_part_len_ptr,
2578 ReturnValue* return_value = ThrowException) const;
2579
2580 /**
2581 * C_DecryptVerifyUpdate continues a multiple-part decryption and verify operation.
2582 * @param session session's handle
2583 * @param encrypted_part_ptr ciphertext
2584 * @param encrypted_part_len ciphertext length
2585 * @param part_ptr gets plaintext
2586 * @param part_len_ptr gets p-text length
2587 * @param return_value default value (`ThrowException`): throw exception on error.
2588 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2589 * At least the following PKCS#11 return values may be returned:
2590 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2591 * \li DataLenRange \li DeviceError \li DeviceMemory
2592 * \li DeviceRemoved \li EncryptedDataInvalid \li EncryptedDataLenRange
2593 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2594 * \li HostMemory \li OK \li OperationNotInitialized
2595 * \li SessionClosed \li SessionHandleInvalid
2596 * @return true on success, false otherwise
2597 */
2598 bool C_DecryptVerifyUpdate(SessionHandle session,
2599 Byte* encrypted_part_ptr,
2600 Ulong encrypted_part_len,
2601 Byte* part_ptr,
2602 Ulong* part_len_ptr,
2603 ReturnValue* return_value = ThrowException) const;
2604
2605 /****************************** Key management functions ******************************/
2606
2607 /**
2608 * C_GenerateKey generates a secret key, creating a new key object.
2609 * @param session the session's handle
2610 * @param mechanism_ptr key generation mech.
2611 * @param attribute_template_ptr template for new key
2612 * @param count # of attrs in template
2613 * @param key_ptr gets handle of new key
2614 * @param return_value default value (`ThrowException`): throw exception on error.
2615 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2616 * At least the following PKCS#11 return values may be returned:
2617 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2618 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2619 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2620 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2621 * \li HostMemory \li MechanismInvalid \li MechanismParamInvalid
2622 * \li OK \li OperationActive \li PinExpired
2623 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
2624 * \li TemplateIncomplete \li TemplateInconsistent \li TokenWriteProtected
2625 * \li UserNotLoggedIn
2626 * @return true on success, false otherwise
2627 */
2628 bool C_GenerateKey(SessionHandle session,
2629 Mechanism* mechanism_ptr,
2630 Attribute* attribute_template_ptr,
2631 Ulong count,
2632 ObjectHandle* key_ptr,
2633 ReturnValue* return_value = ThrowException) const;
2634
2635 /**
2636 * C_GenerateKeyPair generates a public-key/private-key pair, creating new key objects.
2637 * @param session session handle
2638 * @param mechanism_ptr key-gen mech.
2639 * @param public_key_template_ptr template for pub. key
2640 * @param public_key_attribute_count # pub. attrs.
2641 * @param private_key_template_ptr template for priv. key
2642 * @param private_key_attribute_count # priv. attrs.
2643 * @param public_key_ptr gets pub. key handle
2644 * @param private_key_ptr gets priv. key handle
2645 * @param return_value default value (`ThrowException`): throw exception on error.
2646 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2647 * At least the following PKCS#11 return values may be returned:
2648 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2649 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2650 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2651 * \li DomainParamsInvalid \li FunctionCanceled \li FunctionFailed
2652 * \li GeneralError \li HostMemory \li MechanismInvalid
2653 * \li MechanismParamInvalid \li OK \li OperationActive
2654 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2655 * \li SessionReadOnly \li TemplateIncomplete \li TemplateInconsistent
2656 * \li TokenWriteProtected \li UserNotLoggedIn
2657 * @return true on success, false otherwise
2658 */
2659 bool C_GenerateKeyPair(SessionHandle session,
2660 Mechanism* mechanism_ptr,
2661 Attribute* public_key_template_ptr,
2662 Ulong public_key_attribute_count,
2663 Attribute* private_key_template_ptr,
2664 Ulong private_key_attribute_count,
2665 ObjectHandle* public_key_ptr,
2666 ObjectHandle* private_key_ptr,
2667 ReturnValue* return_value = ThrowException) const;
2668
2669 /**
2670 * C_WrapKey wraps (i.e., encrypts) a key.
2671 * @param session the session's handle
2672 * @param mechanism_ptr the wrapping mechanism
2673 * @param wrapping_key wrapping key
2674 * @param key key to be wrapped
2675 * @param wrapped_key_ptr gets wrapped key
2676 * @param wrapped_key_len_ptr gets wrapped key size
2677 * @param return_value default value (`ThrowException`): throw exception on error.
2678 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2679 * At least the following PKCS#11 return values may be returned:
2680 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2681 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2682 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2683 * \li HostMemory \li KeyHandleInvalid \li KeyNotWrappable
2684 * \li KeySizeRange \li KeyUnextractable \li MechanismInvalid
2685 * \li MechanismParamInvalid \li OK \li OperationActive
2686 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2687 * \li UserNotLoggedIn \li WrappingKeyHandleInvalid \li WrappingKeySizeRange
2688 * \li WrappingKeyTypeInconsistent
2689 * @return true on success, false otherwise
2690 */
2691 bool C_WrapKey(SessionHandle session,
2692 Mechanism* mechanism_ptr,
2693 ObjectHandle wrapping_key,
2694 ObjectHandle key,
2695 Byte* wrapped_key_ptr,
2696 Ulong* wrapped_key_len_ptr,
2697 ReturnValue* return_value = ThrowException) const;
2698
2699 /**
2700 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object.
2701 * @param session session's handle
2702 * @param mechanism_ptr unwrapping mech.
2703 * @param unwrapping_key unwrapping key
2704 * @param wrapped_key_ptr the wrapped key
2705 * @param wrapped_key_len wrapped key len
2706 * @param attribute_template_ptr new key template
2707 * @param attribute_count template length
2708 * @param key_ptr gets new handle
2709 * @param return_value default value (`ThrowException`): throw exception on error.
2710 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2711 * At least the following PKCS#11 return values may be returned:
2712 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2713 * \li AttributeValueInvalid \li BufferTooSmall \li CryptokiNotInitialized
2714 * \li CurveNotSupported \li DeviceError \li DeviceMemory
2715 * \li DeviceRemoved \li DomainParamsInvalid \li FunctionCanceled
2716 * \li FunctionFailed \li GeneralError \li HostMemory
2717 * \li MechanismInvalid \li MechanismParamInvalid \li OK
2718 * \li OperationActive \li PinExpired \li SessionClosed
2719 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateIncomplete
2720 * \li TemplateInconsistent \li TokenWriteProtected \li UnwrappingKeyHandleInvalid
2721 * \li UnwrappingKeySizeRange \li UnwrappingKeyTypeInconsistent \li UserNotLoggedIn
2722 * \li WrappedKeyInvalid \li WrappedKeyLenRange
2723 * @return true on success, false otherwise
2724 */
2725 bool C_UnwrapKey(SessionHandle session,
2726 Mechanism* mechanism_ptr,
2727 ObjectHandle unwrapping_key,
2728 Byte* wrapped_key_ptr,
2729 Ulong wrapped_key_len,
2730 Attribute* attribute_template_ptr,
2731 Ulong attribute_count,
2732 ObjectHandle* key_ptr,
2733 ReturnValue* return_value = ThrowException) const;
2734
2735 /**
2736 * C_DeriveKey derives a key from a base key, creating a new key object.
2737 * @param session session's handle
2738 * @param mechanism_ptr key deriv. mech.
2739 * @param base_key base key
2740 * @param attribute_template_ptr new key template
2741 * @param attribute_count template length
2742 * @param key_ptr gets new handle
2743 * @param return_value default value (`ThrowException`): throw exception on error.
2744 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2745 * At least the following PKCS#11 return values may be returned:
2746 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2747 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2748 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2749 * \li DomainParamsInvalid \li FunctionCanceled \li FunctionFailed
2750 * \li GeneralError \li HostMemory \li KeyHandleInvalid
2751 * \li KeySizeRange \li KeyTypeInconsistent \li MechanismInvalid
2752 * \li MechanismParamInvalid \li OK \li OperationActive
2753 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2754 * \li SessionReadOnly \li TemplateIncomplete \li TemplateInconsistent
2755 * \li TokenWriteProtected \li UserNotLoggedIn
2756 * @return true on success, false otherwise
2757 */
2758 bool C_DeriveKey(SessionHandle session,
2759 Mechanism* mechanism_ptr,
2760 ObjectHandle base_key,
2761 Attribute* attribute_template_ptr,
2762 Ulong attribute_count,
2763 ObjectHandle* key_ptr,
2764 ReturnValue* return_value = ThrowException) const;
2765
2766 /****************************** Random number generation functions ******************************/
2767
2768 /**
2769 * C_SeedRandom mixes additional seed material into the token's random number generator.
2770 * @param session the session's handle
2771 * @param seed_ptr the seed material
2772 * @param seed_len length of seed material
2773 * @param return_value default value (`ThrowException`): throw exception on error.
2774 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2775 * At least the following PKCS#11 return values may be returned:
2776 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2777 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2778 * \li FunctionFailed \li GeneralError \li HostMemory
2779 * \li OK \li OperationActive \li RandomSeedNotSupported
2780 * \li RandomNoRng \li SessionClosed \li SessionHandleInvalid
2781 * \li UserNotLoggedIn
2782 * @return true on success, false otherwise
2783 */
2784 bool C_SeedRandom(SessionHandle session,
2785 const Byte* seed_ptr,
2786 Ulong seed_len,
2787 ReturnValue* return_value = ThrowException) const;
2788
2789 /**
2790 * C_GenerateRandom generates random data.
2791 * @param session the session's handle
2792 * @param random_data_ptr receives the random data
2793 * @param random_len # of bytes to generate
2794 * @param return_value default value (`ThrowException`): throw exception on error.
2795 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2796 * At least the following PKCS#11 return values may be returned:
2797 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2798 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2799 * \li FunctionFailed \li GeneralError \li HostMemory
2800 * \li OK \li OperationActive \li RandomNoRng
2801 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2802 * @return true on success, false otherwise
2803 */
2804 bool C_GenerateRandom(SessionHandle session,
2805 Byte* random_data_ptr,
2806 Ulong random_len,
2807 ReturnValue* return_value = ThrowException) const;
2808
2809 /****************************** Parallel function management functions ******************************/
2810
2811 /**
2812 * C_GetFunctionStatus is a legacy function; it obtains an updated status of a function running in parallel with an application.
2813 * @param session the session's handle
2814 * @param return_value default value (`ThrowException`): throw exception on error.
2815 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2816 * At least the following PKCS#11 return values may be returned:
2817 * \li CryptokiNotInitialized \li FunctionFailed \li FunctionNotParallel
2818 * \li GeneralError \li HostMemory \li SessionHandleInvalid
2819 * \li SessionClosed
2820 * @return true on success, false otherwise
2821 */
2822 bool C_GetFunctionStatus(SessionHandle session, ReturnValue* return_value = ThrowException) const;
2823
2824 /**
2825 * C_CancelFunction is a legacy function; it cancels a function running in parallel.
2826 * @param session the session's handle
2827 * @param return_value default value (`ThrowException`): throw exception on error.
2828 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2829 * At least the following PKCS#11 return values may be returned:
2830 * \li CryptokiNotInitialized \li FunctionFailed \li FunctionNotParallel
2831 * \li GeneralError \li HostMemory \li SessionHandleInvalid
2832 * \li SessionClosed
2833 * @return true on success, false otherwise
2834 */
2835 bool C_CancelFunction(SessionHandle session, ReturnValue* return_value = ThrowException) const;
2836
2837 /**
2838 * Return the PKCS11 function list that this LowLevel class contains.
2839 *
2840 * This is primarily useful when invoking vendor specific extension
2841 * functions which are not supported directly by LowLevel or the higher
2842 * level PKCS11 API.
2843 */
2844 FunctionListPtr get_functions() const { return m_func_list_ptr; }
2845
2846 protected:
2847 /**
2848 * A helper for error handling. This is exposed as a protected member so that
2849 * it is possible for an application to inherit from LowLevel in order to
2850 * implement wrappers for vendor specific extensions using the same error
2851 * handling mechanisms as the rest of the library.
2852 */
2853 static bool handle_return_value(CK_RV function_result, ReturnValue* return_value);
2854
2855 private:
2856 const FunctionListPtr m_func_list_ptr;
2857};
2858
2859class BOTAN_PUBLIC_API(2, 0) PKCS11_Error : public Exception {
2860 public:
2861 explicit PKCS11_Error(std::string_view what) : Exception("PKCS11 error", what) {}
2862
2863 ErrorType error_type() const noexcept override { return ErrorType::Pkcs11Error; }
2864};
2865
2866class BOTAN_PUBLIC_API(2, 0) PKCS11_ReturnError final : public PKCS11_Error {
2867 public:
2868 explicit PKCS11_ReturnError(ReturnValue return_val) :
2869 PKCS11_Error(std::to_string(static_cast<uint32_t>(return_val))), m_return_val(return_val) {}
2870
2871 inline ReturnValue get_return_value() const { return m_return_val; }
2872
2873 int error_code() const noexcept override { return static_cast<int>(m_return_val); }
2874
2875 private:
2876 const ReturnValue m_return_val;
2877};
2878
2879} // namespace PKCS11
2880
2881} // namespace Botan
2882
2883#endif
BOTAN_PUBLIC_API
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:21
Botan::Dynamically_Loaded_Library
Definition dyn_load.h:19
Botan::Exception::what
const char * what() const noexcept override
Definition exceptn.h:93
Botan::Exception::Exception
Exception(std::string_view msg)
Definition exceptn.cpp:71
Botan::PKCS11::LowLevel::C_Finalize
bool C_Finalize(VoidPtr reserved, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:76
Botan::PKCS11::LowLevel::C_InitPIN
bool C_InitPIN(SessionHandle session, const std::vector< uint8_t, TAlloc > &pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1183
Botan::PKCS11::LowLevel::C_SetAttributeValue
bool C_SetAttributeValue(SessionHandle session, ObjectHandle object, std::map< AttributeType, std::vector< uint8_t, TAlloc > > &attribute_values, ReturnValue *return_value=ThrowException) const
Definition p11.h:1636
Botan::PKCS11::LowLevel::C_Sign
bool C_Sign(SessionHandle session, const std::vector< uint8_t, TAllocA > &data, std::vector< uint8_t, TAllocB > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2154
Botan::PKCS11::LowLevel::C_SetPIN
bool C_SetPIN(SessionHandle session, const std::vector< uint8_t, TAlloc > &old_pin, const std::vector< uint8_t, TAlloc > &new_pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1234
Botan::PKCS11::LowLevel::C_SignUpdate
bool C_SignUpdate(SessionHandle session, const std::vector< uint8_t, TAlloc > &part, ReturnValue *return_value=ThrowException) const
Definition p11.h:2211
Botan::PKCS11::LowLevel::C_WaitForSlotEvent
bool C_WaitForSlotEvent(Flags flags, SlotId *slot_ptr, VoidPtr reserved, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:128
Botan::PKCS11::LowLevel::C_GetTokenInfo
bool C_GetTokenInfo(SlotId slot_id, TokenInfo *info_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:124
Botan::PKCS11::LowLevel::C_InitToken
bool C_InitToken(SlotId slot_id, const std::vector< uint8_t, TAlloc > &so_pin, std::string_view label, ReturnValue *return_value=ThrowException) const
Definition p11.h:1130
Botan::PKCS11::LowLevel::C_SetAttributeValue
bool C_SetAttributeValue(SessionHandle session, ObjectHandle object, Attribute *attribute_template_ptr, Ulong count, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:282
Botan::PKCS11::LowLevel::C_GetFunctionList
static bool C_GetFunctionList(Dynamically_Loaded_Library &pkcs11_module, FunctionListPtr *function_list_ptr_ptr, ReturnValue *return_value=ThrowException)
Definition p11.cpp:84
Botan::PKCS11::LowLevel::LowLevel
LowLevel(FunctionListPtr ptr)
Definition p11.cpp:64
Botan::PKCS11::LowLevel::C_Login
bool C_Login(SessionHandle session, UserType user_type, const std::vector< uint8_t, TAlloc > &pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1404
Botan::PKCS11::LowLevel::C_GetSlotInfo
bool C_GetSlotInfo(SlotId slot_id, SlotInfo *info_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:120
Botan::PKCS11::LowLevel::C_VerifyUpdate
bool C_VerifyUpdate(SessionHandle session, const Byte *part_ptr, Ulong part_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:492
Botan::PKCS11::LowLevel::C_GetAttributeValue
bool C_GetAttributeValue(SessionHandle session, ObjectHandle object, Attribute *attribute_template_ptr, Ulong count, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:273
Botan::PKCS11::LowLevel::C_InitPIN
bool C_InitPIN(SessionHandle session, Utf8Char *pin_ptr, Ulong pin_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:174
Botan::PKCS11::LowLevel::C_Initialize
bool C_Initialize(VoidPtr init_args, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:72
Botan::PKCS11::LowLevel::C_Sign
bool C_Sign(SessionHandle session, const Byte *data_ptr, Ulong data_len, Byte *signature_ptr, Ulong *signature_len_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:428
Botan::PKCS11::LowLevel::C_Encrypt
bool C_Encrypt(SessionHandle session, const std::vector< uint8_t, TAllocA > &plaintext_data, std::vector< uint8_t, TAllocB > &encrypted_data, ReturnValue *return_value=ThrowException) const
Definition p11.h:1777
Botan::PKCS11::LowLevel::C_SignUpdate
bool C_SignUpdate(SessionHandle session, const Byte *part_ptr, Ulong part_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:439
Botan::PKCS11::LowLevel::C_Verify
bool C_Verify(SessionHandle session, const std::vector< uint8_t, TAllocA > &data, std::vector< uint8_t, TAllocB > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2383
Botan::PKCS11::LowLevel::C_GetInfo
bool C_GetInfo(Info *info_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:80
Botan::PKCS11::LowLevel::C_GetMechanismList
bool C_GetMechanismList(SlotId slot_id, MechanismType *mechanism_list_ptr, Ulong *count_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:132
Botan::PKCS11::LowLevel::C_Decrypt
bool C_Decrypt(SessionHandle session, const std::vector< uint8_t, TAllocA > &encrypted_data, std::vector< uint8_t, TAllocB > &decrypted_data, ReturnValue *return_value=ThrowException) const
Definition p11.h:1914
Botan::PKCS11::LowLevel::C_Decrypt
bool C_Decrypt(SessionHandle session, Byte *encrypted_data_ptr, Ulong encrypted_data_len, Byte *data_ptr, Ulong *data_len_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:359
Botan::PKCS11::LowLevel::C_VerifyUpdate
bool C_VerifyUpdate(SessionHandle session, std::vector< uint8_t, TAlloc > part, ReturnValue *return_value=ThrowException) const
Definition p11.h:2430
Botan::PKCS11::LowLevel::C_Encrypt
bool C_Encrypt(SessionHandle session, Byte *data_ptr, Ulong data_len, Byte *encrypted_data, Ulong *encrypted_data_len_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:320
Botan::PKCS11::LowLevel::C_SignFinal
bool C_SignFinal(SessionHandle session, std::vector< uint8_t, TAlloc > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2254
Botan::PKCS11::LowLevel::C_GetSlotList
bool C_GetSlotList(Bbool token_present, SlotId *slot_list_ptr, Ulong *count_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:96
Botan::PKCS11::LowLevel::C_GetMechanismInfo
bool C_GetMechanismInfo(SlotId slot_id, MechanismType type, MechanismInfo *info_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:161
Botan::PKCS11::LowLevel::C_Login
bool C_Login(SessionHandle session, UserType user_type, Utf8Char *pin_ptr, Ulong pin_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:231
Botan::PKCS11::LowLevel::C_SignFinal
bool C_SignFinal(SessionHandle session, Byte *signature_ptr, Ulong *signature_len_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:447
Botan::PKCS11::LowLevel::get_functions
FunctionListPtr get_functions() const
Definition p11.h:2844
Botan::PKCS11::LowLevel::C_InitToken
bool C_InitToken(SlotId slot_id, Utf8Char *so_pin_ptr, Ulong so_pin_len, Utf8Char *label_ptr, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:169
Botan::PKCS11::LowLevel::C_Verify
bool C_Verify(SessionHandle session, const Byte *data_ptr, Ulong data_len, const Byte *signature_ptr, Ulong signature_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:480
Botan::PKCS11::LowLevel::C_SetPIN
bool C_SetPIN(SessionHandle session, Utf8Char *old_pin_ptr, Ulong old_len, Utf8Char *new_pin_ptr, Ulong new_len, ReturnValue *return_value=ThrowException) const
Definition p11.cpp:178
Botan::PKCS11::LowLevel::C_GetAttributeValue
bool C_GetAttributeValue(SessionHandle session, ObjectHandle object, std::map< AttributeType, std::vector< uint8_t, TAlloc > > &attribute_values, ReturnValue *return_value=ThrowException) const
Definition p11.h:1558
Botan::PKCS11::PKCS11_Error::error_type
ErrorType error_type() const noexcept override
Definition p11.h:2863
Botan::PKCS11::PKCS11_Error::PKCS11_Error
PKCS11_Error(std::string_view what)
Definition p11.h:2861
Botan::PKCS11::PKCS11_ReturnError::error_code
int error_code() const noexcept override
Definition p11.h:2873
Botan::PKCS11::PKCS11_ReturnError::get_return_value
ReturnValue get_return_value() const
Definition p11.h:2871
Botan::PKCS11::PKCS11_ReturnError::PKCS11_ReturnError
PKCS11_ReturnError(ReturnValue return_val)
Definition p11.h:2868
Botan::PKCS11::SlotId
CK_SLOT_ID SlotId
Definition p11.h:824
Botan::PKCS11::RsaPkcsOaepParams
CK_RSA_PKCS_OAEP_PARAMS RsaPkcsOaepParams
Definition p11.h:837
Botan::PKCS11::DestroyMutex
CK_DESTROYMUTEX DestroyMutex
Definition p11.h:818
Botan::PKCS11::ThrowException
ReturnValue * ThrowException
Definition p11.cpp:21
Botan::PKCS11::CreateMutex
CK_CREATEMUTEX CreateMutex
Definition p11.h:817
Botan::PKCS11::PublicPointEncoding
PublicPointEncoding
Definition p11.h:810
Botan::PKCS11::secure_string
secure_vector< uint8_t > secure_string
Definition p11.h:64
Botan::PKCS11::AttributeType
AttributeType
Definition p11.h:68
Botan::PKCS11::C_InitializeArgs
CK_C_INITIALIZE_ARGS C_InitializeArgs
Definition p11.h:816
Botan::PKCS11::Mechanism
CK_MECHANISM Mechanism
Definition p11.h:828
Botan::PKCS11::Notify
CK_NOTIFY Notify
Definition p11.h:831
Botan::PKCS11::CertificateType
CertificateType
Definition p11.h:179
Botan::PKCS11::change_pin
void change_pin(Slot &slot, const secure_string &old_pin, const secure_string &new_pin)
Definition p11.cpp:46
Botan::PKCS11::Ecdh1DeriveParams
CK_ECDH1_DERIVE_PARAMS Ecdh1DeriveParams
Definition p11.h:839
Botan::PKCS11::ObjectHandle
CK_OBJECT_HANDLE ObjectHandle
Definition p11.h:835
Botan::PKCS11::change_so_pin
void change_so_pin(Slot &slot, const secure_string &old_so_pin, const secure_string &new_so_pin)
Definition p11.cpp:52
Botan::PKCS11::UnlockMutex
CK_UNLOCKMUTEX UnlockMutex
Definition p11.h:820
Botan::PKCS11::Attribute
CK_ATTRIBUTE Attribute
Definition p11.h:834
Botan::PKCS11::Flag::LibraryCantCreateOsThreads
@ LibraryCantCreateOsThreads
Definition p11.h:254
Botan::PKCS11::Flag::ProtectedAuthenticationPath
@ ProtectedAuthenticationPath
Definition p11.h:218
Botan::PKCS11::Flag::SecondaryAuthentication
@ SecondaryAuthentication
Definition p11.h:221
Botan::PKCS11::FunctionListPtr
CK_FUNCTION_LIST_PTR FunctionListPtr
Definition p11.h:814
Botan::PKCS11::Byte
CK_BYTE Byte
Definition p11.h:836
Botan::PKCS11::Info
CK_INFO Info
Definition p11.h:822
Botan::PKCS11::SlotInfo
CK_SLOT_INFO SlotInfo
Definition p11.h:826
Botan::PKCS11::VoidPtr
CK_VOID_PTR VoidPtr
Definition p11.h:815
Botan::PKCS11::Flags
CK_FLAGS Flags
Definition p11.h:821
Botan::PKCS11::operator|
Flag operator|(Flag a, Flag b)
Definition p11.h:265
Botan::PKCS11::Date
CK_DATE Date
Definition p11.h:840
Botan::PKCS11::SessionInfo
CK_SESSION_INFO SessionInfo
Definition p11.h:833
Botan::PKCS11::TokenInfo
CK_TOKEN_INFO TokenInfo
Definition p11.h:827
Botan::PKCS11::True
const Bbool True
Definition p11.h:845
Botan::PKCS11::Utf8Char
CK_UTF8CHAR Utf8Char
Definition p11.h:830
Botan::PKCS11::Ulong
CK_ULONG Ulong
Definition p11.h:825
Botan::PKCS11::RsaPkcsPssParams
CK_RSA_PKCS_PSS_PARAMS RsaPkcsPssParams
Definition p11.h:838
Botan::PKCS11::False
const Bbool False
Definition p11.h:846
Botan::PKCS11::Bbool
CK_BBOOL Bbool
Definition p11.h:823
Botan::PKCS11::set_pin
void set_pin(Slot &slot, const secure_string &so_pin, const secure_string &pin)
Definition p11.cpp:58
Botan::PKCS11::MechanismInfo
CK_MECHANISM_INFO MechanismInfo
Definition p11.h:829
Botan::PKCS11::CertificateCategory
CertificateCategory
Definition p11.h:188
Botan::PKCS11::flags
Flags flags(Flag flags)
Definition p11.h:848
Botan::PKCS11::initialize_token
void initialize_token(Slot &slot, std::string_view label, const secure_string &so_pin, const secure_string &pin)
Definition p11.cpp:41
Botan::PKCS11::LockMutex
CK_LOCKMUTEX LockMutex
Definition p11.h:819
Botan::PKCS11::SessionHandle
CK_SESSION_HANDLE SessionHandle
Definition p11.h:832
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69
Botan::to_string
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition exceptn.cpp:13
Botan::ErrorType
ErrorType
Definition exceptn.h:20
CKD_NULL
#define CKD_NULL
Definition pkcs11t.h:1290
CKA_NEVER_EXTRACTABLE
#define CKA_NEVER_EXTRACTABLE
Definition pkcs11t.h:496
CKM_SEED_KEY_GEN
#define CKM_SEED_KEY_GEN
Definition pkcs11t.h:856
CKM_TLS_MASTER_KEY_DERIVE
#define CKM_TLS_MASTER_KEY_DERIVE
Definition pkcs11t.h:775
CKD_SHA1_KDF
#define CKD_SHA1_KDF
Definition pkcs11t.h:1291
CKD_SHA256_KDF
#define CKD_SHA256_KDF
Definition pkcs11t.h:1297
CKR_NEXT_OTP
#define CKR_NEXT_OTP
Definition pkcs11t.h:1148
CKK_DES3
#define CKK_DES3
Definition pkcs11t.h:351
CKM_DSA_PARAMETER_GEN
#define CKM_DSA_PARAMETER_GEN
Definition pkcs11t.h:957
CKR_SESSION_COUNT
#define CKR_SESSION_COUNT
Definition pkcs11t.h:1097
CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE
#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:816
CKM_CONCATENATE_BASE_AND_DATA
#define CKM_CONCATENATE_BASE_AND_DATA
Definition pkcs11t.h:765
CKM_PKCS5_PBKD2
#define CKM_PKCS5_PBKD2
Definition pkcs11t.h:807
CKM_AES_GMAC
#define CKM_AES_GMAC
Definition pkcs11t.h:928
CKM_KIP_DERIVE
#define CKM_KIP_DERIVE
Definition pkcs11t.h:833
CKR_DEVICE_MEMORY
#define CKR_DEVICE_MEMORY
Definition pkcs11t.h:1061
CKA_JAVA_MIDP_SECURITY_DOMAIN
#define CKA_JAVA_MIDP_SECURITY_DOMAIN
Definition pkcs11t.h:452
CKM_SSL3_SHA1_MAC
#define CKM_SSL3_SHA1_MAC
Definition pkcs11t.h:782
CKA_OTP_TIME_INTERVAL
#define CKA_OTP_TIME_INTERVAL
Definition pkcs11t.h:522
CKK_RC4
#define CKK_RC4
Definition pkcs11t.h:348
CKA_TOKEN
#define CKA_TOKEN
Definition pkcs11t.h:438
CKA_SECONDARY_AUTH
#define CKA_SECONDARY_AUTH
Definition pkcs11t.h:510
CKR_GENERAL_ERROR
#define CKR_GENERAL_ERROR
Definition pkcs11t.h:1043
CKR_MECHANISM_INVALID
#define CKR_MECHANISM_INVALID
Definition pkcs11t.h:1083
CKR_SLOT_ID_INVALID
#define CKR_SLOT_ID_INVALID
Definition pkcs11t.h:1041
CKC_VENDOR_DEFINED
#define CKC_VENDOR_DEFINED
Definition pkcs11t.h:410
CKG_MGF1_SHA256
#define CKG_MGF1_SHA256
Definition pkcs11t.h:1247
CKM_SSL3_MASTER_KEY_DERIVE
#define CKM_SSL3_MASTER_KEY_DERIVE
Definition pkcs11t.h:770
CKM_RSA_PKCS
#define CKM_RSA_PKCS
Definition pkcs11t.h:587
CKM_ECDSA_SHA1
#define CKM_ECDSA_SHA1
Definition pkcs11t.h:892
CKR_KEY_CHANGED
#define CKR_KEY_CHANGED
Definition pkcs11t.h:1076
CKK_SHA224_HMAC
#define CKK_SHA224_HMAC
Definition pkcs11t.h:378
CKM_IDEA_ECB
#define CKM_IDEA_ECB
Definition pkcs11t.h:758
CKD_SHA512_KDF
#define CKD_SHA512_KDF
Definition pkcs11t.h:1299
CKA_START_DATE
#define CKA_START_DATE
Definition pkcs11t.h:472
CKK_DH
#define CKK_DH
Definition pkcs11t.h:341
CKK_RC5
#define CKK_RC5
Definition pkcs11t.h:356
CKR_ATTRIBUTE_TYPE_INVALID
#define CKR_ATTRIBUTE_TYPE_INVALID
Definition pkcs11t.h:1053
CKA_OTP_SERVICE_IDENTIFIER
#define CKA_OTP_SERVICE_IDENTIFIER
Definition pkcs11t.h:531
CK_UTF8CHAR
CK_BYTE CK_UTF8CHAR
Definition pkcs11t.h:42
CKM_GOSTR3411_HMAC
#define CKM_GOSTR3411_HMAC
Definition pkcs11t.h:950
CKM_WTLS_PRE_MASTER_KEY_GEN
#define CKM_WTLS_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:811
CKA_AUTH_PIN_FLAGS
#define CKA_AUTH_PIN_FLAGS
Definition pkcs11t.h:511
CKM_DES3_CMAC
#define CKM_DES3_CMAC
Definition pkcs11t.h:672
CKM_RC2_MAC
#define CKM_RC2_MAC
Definition pkcs11t.h:648
CKM_SHA256_KEY_DERIVATION
#define CKM_SHA256_KEY_DERIVATION
Definition pkcs11t.h:787
CKA_SERIAL_NUMBER
#define CKA_SERIAL_NUMBER
Definition pkcs11t.h:446
CKK_DES2
#define CKK_DES2
Definition pkcs11t.h:350
CKM_CAST5_MAC_GENERAL
#define CKM_CAST5_MAC_GENERAL
Definition pkcs11t.h:747
CKF_LOGIN_REQUIRED
#define CKF_LOGIN_REQUIRED
Definition pkcs11t.h:157
CKF_HW_SLOT
#define CKF_HW_SLOT
Definition pkcs11t.h:124
CKO_PUBLIC_KEY
#define CKO_PUBLIC_KEY
Definition pkcs11t.h:312
CKF_EC_UNCOMPRESS
#define CKF_EC_UNCOMPRESS
Definition pkcs11t.h:1026
CKA_SUB_PRIME_BITS
#define CKA_SUB_PRIME_BITS
Definition pkcs11t.h:490
CKM_RSA_X_509
#define CKM_RSA_X_509
Definition pkcs11t.h:589
CKF_LIBRARY_CANT_CREATE_OS_THREADS
#define CKF_LIBRARY_CANT_CREATE_OS_THREADS
Definition pkcs11t.h:1225
CKM_SEED_MAC_GENERAL
#define CKM_SEED_MAC_GENERAL
Definition pkcs11t.h:860
CKF_PROTECTED_AUTHENTICATION_PATH
#define CKF_PROTECTED_AUTHENTICATION_PATH
Definition pkcs11t.h:177
CKA_ISSUER
#define CKA_ISSUER
Definition pkcs11t.h:445
CKM_ARIA_KEY_GEN
#define CKM_ARIA_KEY_GEN
Definition pkcs11t.h:847
CKA_HASH_OF_SUBJECT_PUBLIC_KEY
#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY
Definition pkcs11t.h:454
CKR_FUNCTION_CANCELED
#define CKR_FUNCTION_CANCELED
Definition pkcs11t.h:1065
CKM_DSA_PROBABLISTIC_PARAMETER_GEN
#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN
Definition pkcs11t.h:960
CKM_AES_CTR
#define CKM_AES_CTR
Definition pkcs11t.h:919
CKM_TLS12_MAC
#define CKM_TLS12_MAC
Definition pkcs11t.h:820
CKM_DES3_CBC
#define CKM_DES3_CBC
Definition pkcs11t.h:666
CKM_TWOFISH_CBC_PAD
#define CKM_TWOFISH_CBC_PAD
Definition pkcs11t.h:935
CKM_AES_CMAC
#define CKM_AES_CMAC
Definition pkcs11t.h:923
CKM_SKIPJACK_CFB8
#define CKM_SKIPJACK_CFB8
Definition pkcs11t.h:872
CKM_RSA_X9_31_KEY_PAIR_GEN
#define CKM_RSA_X9_31_KEY_PAIR_GEN
Definition pkcs11t.h:599
CKR_KEY_UNEXTRACTABLE
#define CKR_KEY_UNEXTRACTABLE
Definition pkcs11t.h:1081
CKR_DATA_INVALID
#define CKR_DATA_INVALID
Definition pkcs11t.h:1058
CKR_UNWRAPPING_KEY_HANDLE_INVALID
#define CKR_UNWRAPPING_KEY_HANDLE_INVALID
Definition pkcs11t.h:1113
CKM_CONCATENATE_BASE_AND_KEY
#define CKM_CONCATENATE_BASE_AND_KEY
Definition pkcs11t.h:764
CKR_NEED_TO_CREATE_THREADS
#define CKR_NEED_TO_CREATE_THREADS
Definition pkcs11t.h:1048
CKK_SHA256_HMAC
#define CKK_SHA256_HMAC
Definition pkcs11t.h:375
CKM_SHA512_256
#define CKM_SHA512_256
Definition pkcs11t.h:635
CKM_SEED_ECB_ENCRYPT_DATA
#define CKM_SEED_ECB_ENCRYPT_DATA
Definition pkcs11t.h:862
CKR_WRAPPING_KEY_SIZE_RANGE
#define CKR_WRAPPING_KEY_SIZE_RANGE
Definition pkcs11t.h:1127
CKM_FORTEZZA_TIMESTAMP
#define CKM_FORTEZZA_TIMESTAMP
Definition pkcs11t.h:879
CKS_RW_PUBLIC_SESSION
#define CKS_RW_PUBLIC_SESSION
Definition pkcs11t.h:274
CKR_MECHANISM_PARAM_INVALID
#define CKR_MECHANISM_PARAM_INVALID
Definition pkcs11t.h:1084
CKA_SUPPORTED_CMS_ATTRIBUTES
#define CKA_SUPPORTED_CMS_ATTRIBUTES
Definition pkcs11t.h:556
CKF_TOKEN_INITIALIZED
#define CKF_TOKEN_INITIALIZED
Definition pkcs11t.h:193
CKR_TOKEN_NOT_RECOGNIZED
#define CKR_TOKEN_NOT_RECOGNIZED
Definition pkcs11t.h:1111
CKM_MD5
#define CKM_MD5
Definition pkcs11t.h:690
CKM_SHA512_HMAC_GENERAL
#define CKM_SHA512_HMAC_GENERAL
Definition pkcs11t.h:718
CKM_CAST3_ECB
#define CKM_CAST3_ECB
Definition pkcs11t.h:733
CKM_SKIPJACK_CFB64
#define CKM_SKIPJACK_CFB64
Definition pkcs11t.h:869
CKM_DES_CBC_ENCRYPT_DATA
#define CKM_DES_CBC_ENCRYPT_DATA
Definition pkcs11t.h:938
CK_FALSE
#define CK_FALSE
Definition pkcs11t.h:24
CKC_WTLS
#define CKC_WTLS
Definition pkcs11t.h:409
CKM_SHA_1_HMAC
#define CKM_SHA_1_HMAC
Definition pkcs11t.h:697
CKD_SHA1_KDF_ASN1
#define CKD_SHA1_KDF_ASN1
Definition pkcs11t.h:1294
CKR_ATTRIBUTE_SENSITIVE
#define CKR_ATTRIBUTE_SENSITIVE
Definition pkcs11t.h:1052
CKG_MGF1_SHA512
#define CKG_MGF1_SHA512
Definition pkcs11t.h:1249
CKM_CAMELLIA_MAC
#define CKM_CAMELLIA_MAC
Definition pkcs11t.h:840
CKM_IDEA_KEY_GEN
#define CKM_IDEA_KEY_GEN
Definition pkcs11t.h:757
CKM_ECDH1_COFACTOR_DERIVE
#define CKM_ECDH1_COFACTOR_DERIVE
Definition pkcs11t.h:899
CKR_RANDOM_NO_RNG
#define CKR_RANDOM_NO_RNG
Definition pkcs11t.h:1131
CKM_ARIA_CBC_ENCRYPT_DATA
#define CKM_ARIA_CBC_ENCRYPT_DATA
Definition pkcs11t.h:854
CKM_CAMELLIA_KEY_GEN
#define CKM_CAMELLIA_KEY_GEN
Definition pkcs11t.h:837
CKR_PIN_LEN_RANGE
#define CKR_PIN_LEN_RANGE
Definition pkcs11t.h:1091
CKC_X_509
#define CKC_X_509
Definition pkcs11t.h:407
CKF_DIGEST
#define CKF_DIGEST
Definition pkcs11t.h:1008
CKF_USER_PIN_FINAL_TRY
#define CKF_USER_PIN_FINAL_TRY
Definition pkcs11t.h:210
CKM_ECDSA_SHA224
#define CKM_ECDSA_SHA224
Definition pkcs11t.h:893
CKF_DERIVE
#define CKF_DERIVE
Definition pkcs11t.h:1017
CKM_BATON_KEY_GEN
#define CKM_BATON_KEY_GEN
Definition pkcs11t.h:880
CKR_DEVICE_ERROR
#define CKR_DEVICE_ERROR
Definition pkcs11t.h:1060
CKA_PRIVATE_EXPONENT
#define CKA_PRIVATE_EXPONENT
Definition pkcs11t.h:477
CKR_RANDOM_SEED_NOT_SUPPORTED
#define CKR_RANDOM_SEED_NOT_SUPPORTED
Definition pkcs11t.h:1129
CKA_RESOLUTION
#define CKA_RESOLUTION
Definition pkcs11t.h:545
CKR_SESSION_PARALLEL_NOT_SUPPORTED
#define CKR_SESSION_PARALLEL_NOT_SUPPORTED
Definition pkcs11t.h:1099
CKM_MD2
#define CKM_MD2
Definition pkcs11t.h:685
CKM_BATON_CBC128
#define CKM_BATON_CBC128
Definition pkcs11t.h:883
CKM_DSA
#define CKM_DSA
Definition pkcs11t.h:606
CKA_ID
#define CKA_ID
Definition pkcs11t.h:461
CKA_OBJECT_ID
#define CKA_OBJECT_ID
Definition pkcs11t.h:443
CKM_AES_CFB8
#define CKM_AES_CFB8
Definition pkcs11t.h:965
CKM_CMS_SIG
#define CKM_CMS_SIG
Definition pkcs11t.h:832
CKA_APPLICATION
#define CKA_APPLICATION
Definition pkcs11t.h:441
CKM_RIPEMD128
#define CKM_RIPEMD128
Definition pkcs11t.h:700
CKF_VERIFY
#define CKF_VERIFY
Definition pkcs11t.h:1011
CKM_AES_CBC_PAD
#define CKM_AES_CBC_PAD
Definition pkcs11t.h:918
CKG_MGF1_SHA224
#define CKG_MGF1_SHA224
Definition pkcs11t.h:1250
CKM_CAST3_CBC
#define CKM_CAST3_CBC
Definition pkcs11t.h:734
CKM_ECDH1_DERIVE
#define CKM_ECDH1_DERIVE
Definition pkcs11t.h:898
CKM_VENDOR_DEFINED
#define CKM_VENDOR_DEFINED
Definition pkcs11t.h:975
CKR_ATTRIBUTE_READ_ONLY
#define CKR_ATTRIBUTE_READ_ONLY
Definition pkcs11t.h:1051
CKR_KEY_FUNCTION_NOT_PERMITTED
#define CKR_KEY_FUNCTION_NOT_PERMITTED
Definition pkcs11t.h:1079
CKA_HW_FEATURE_TYPE
#define CKA_HW_FEATURE_TYPE
Definition pkcs11t.h:539
CKM_TWOFISH_KEY_GEN
#define CKM_TWOFISH_KEY_GEN
Definition pkcs11t.h:932
CKR_WRAPPING_KEY_TYPE_INCONSISTENT
#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1128
CKN_SURRENDER
#define CKN_SURRENDER
Definition pkcs11t.h:101
CKK_CAST128
#define CKK_CAST128
Definition pkcs11t.h:355
CKA_VERIFY_RECOVER
#define CKA_VERIFY_RECOVER
Definition pkcs11t.h:470
CKK_CAST5
#define CKK_CAST5
Definition pkcs11t.h:354
CKM_SHA512_224_HMAC_GENERAL
#define CKM_SHA512_224_HMAC_GENERAL
Definition pkcs11t.h:633
CKM_SKIPJACK_RELAYX
#define CKM_SKIPJACK_RELAYX
Definition pkcs11t.h:875
CK_RV
CK_ULONG CK_RV
Definition pkcs11t.h:1036
CKM_SHA512_224_HMAC
#define CKM_SHA512_224_HMAC
Definition pkcs11t.h:632
CKR_SESSION_EXISTS
#define CKR_SESSION_EXISTS
Definition pkcs11t.h:1101
CKM_MD5_HMAC_GENERAL
#define CKM_MD5_HMAC_GENERAL
Definition pkcs11t.h:693
CKM_MD2_RSA_PKCS
#define CKM_MD2_RSA_PKCS
Definition pkcs11t.h:591
CKR_FUNCTION_REJECTED
#define CKR_FUNCTION_REJECTED
Definition pkcs11t.h:1156
CKM_SHA_1_HMAC_GENERAL
#define CKM_SHA_1_HMAC_GENERAL
Definition pkcs11t.h:698
CKM_TLS10_MAC_CLIENT
#define CKM_TLS10_MAC_CLIENT
Definition pkcs11t.h:819
CK_ULONG
unsigned long int CK_ULONG
Definition pkcs11t.h:48
CKO_SECRET_KEY
#define CKO_SECRET_KEY
Definition pkcs11t.h:314
CKK_RSA
#define CKK_RSA
Definition pkcs11t.h:339
CKM_JUNIPER_ECB128
#define CKM_JUNIPER_ECB128
Definition pkcs11t.h:906
CKA_PUBLIC_EXPONENT
#define CKA_PUBLIC_EXPONENT
Definition pkcs11t.h:476
CKM_SKIPJACK_CBC64
#define CKM_SKIPJACK_CBC64
Definition pkcs11t.h:867
CKM_DES_ECB
#define CKM_DES_ECB
Definition pkcs11t.h:656
CKM_CAST_CBC
#define CKM_CAST_CBC
Definition pkcs11t.h:728
CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE
#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:815
CKM_PBE_SHA1_DES2_EDE_CBC
#define CKM_PBE_SHA1_DES2_EDE_CBC
Definition pkcs11t.h:803
CKM_X9_42_DH_KEY_PAIR_GEN
#define CKM_X9_42_DH_KEY_PAIR_GEN
Definition pkcs11t.h:616
CKK_CAMELLIA
#define CKK_CAMELLIA
Definition pkcs11t.h:368
CKA_MODIFIABLE
#define CKA_MODIFIABLE
Definition pkcs11t.h:500
CRYPTOKI_VERSION_MINOR
#define CRYPTOKI_VERSION_MINOR
Definition pkcs11t.h:20
CKK_SEED
#define CKK_SEED
Definition pkcs11t.h:380
CKM_RC5_MAC
#define CKM_RC5_MAC
Definition pkcs11t.h:754
CKM_RSA_PKCS_KEY_PAIR_GEN
#define CKM_RSA_PKCS_KEY_PAIR_GEN
Definition pkcs11t.h:586
CKR_SESSION_READ_ONLY
#define CKR_SESSION_READ_ONLY
Definition pkcs11t.h:1100
CKK_KEA
#define CKK_KEA
Definition pkcs11t.h:345
CKM_RC2_CBC
#define CKM_RC2_CBC
Definition pkcs11t.h:647
CKA_OTP_TIME_REQUIREMENT
#define CKA_OTP_TIME_REQUIREMENT
Definition pkcs11t.h:525
CKM_PBE_MD5_CAST5_CBC
#define CKM_PBE_MD5_CAST5_CBC
Definition pkcs11t.h:796
CKM_KEA_KEY_DERIVE
#define CKM_KEA_KEY_DERIVE
Definition pkcs11t.h:877
CKC_X_509_ATTR_CERT
#define CKC_X_509_ATTR_CERT
Definition pkcs11t.h:408
CKM_JUNIPER_KEY_GEN
#define CKM_JUNIPER_KEY_GEN
Definition pkcs11t.h:905
CKM_RC5_CBC
#define CKM_RC5_CBC
Definition pkcs11t.h:753
CKM_ARIA_CBC_PAD
#define CKM_ARIA_CBC_PAD
Definition pkcs11t.h:852
CKR_ENCRYPTED_DATA_LEN_RANGE
#define CKR_ENCRYPTED_DATA_LEN_RANGE
Definition pkcs11t.h:1064
CKM_SHA512_KEY_DERIVATION
#define CKM_SHA512_KEY_DERIVATION
Definition pkcs11t.h:789
CKA_BITS_PER_PIXEL
#define CKA_BITS_PER_PIXEL
Definition pkcs11t.h:549
CKR_SIGNATURE_INVALID
#define CKR_SIGNATURE_INVALID
Definition pkcs11t.h:1106
CKA_AC_ISSUER
#define CKA_AC_ISSUER
Definition pkcs11t.h:447
CKM_TLS_KDF
#define CKM_TLS_KDF
Definition pkcs11t.h:827
CKM_AES_MAC_GENERAL
#define CKM_AES_MAC_GENERAL
Definition pkcs11t.h:917
CKM_CAST128_CBC_PAD
#define CKM_CAST128_CBC_PAD
Definition pkcs11t.h:750
CKM_BATON_ECB128
#define CKM_BATON_ECB128
Definition pkcs11t.h:881
CKA_OTP_USER_IDENTIFIER
#define CKA_OTP_USER_IDENTIFIER
Definition pkcs11t.h:530
CKM_BLOWFISH_CBC
#define CKM_BLOWFISH_CBC
Definition pkcs11t.h:931
CKM_FASTHASH
#define CKM_FASTHASH
Definition pkcs11t.h:911
CKR_SESSION_HANDLE_INVALID
#define CKR_SESSION_HANDLE_INVALID
Definition pkcs11t.h:1098
CKF_EC_F_2M
#define CKF_EC_F_2M
Definition pkcs11t.h:1023
CKM_ARIA_ECB
#define CKM_ARIA_ECB
Definition pkcs11t.h:848
CK_CERTIFICATE_CATEGORY_OTHER_ENTITY
#define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY
Definition pkcs11t.h:398
CKO_CERTIFICATE
#define CKO_CERTIFICATE
Definition pkcs11t.h:311
CKA_CHECK_VALUE
#define CKA_CHECK_VALUE
Definition pkcs11t.h:457
CKM_DES_CBC
#define CKM_DES_CBC
Definition pkcs11t.h:657
CKF_USER_PIN_INITIALIZED
#define CKF_USER_PIN_INITIALIZED
Definition pkcs11t.h:158
CK_NOTIFICATION
CK_ULONG CK_NOTIFICATION
Definition pkcs11t.h:100
CKM_CAST5_MAC
#define CKM_CAST5_MAC
Definition pkcs11t.h:745
CKA_PUBLIC_KEY_INFO
#define CKA_PUBLIC_KEY_INFO
Definition pkcs11t.h:483
CKA_OTP_USER_FRIENDLY_MODE
#define CKA_OTP_USER_FRIENDLY_MODE
Definition pkcs11t.h:523
CKM_SHA384_HMAC_GENERAL
#define CKM_SHA384_HMAC_GENERAL
Definition pkcs11t.h:715
CKF_RW_SESSION
#define CKF_RW_SESSION
Definition pkcs11t.h:289
CKR_USER_ANOTHER_ALREADY_LOGGED_IN
#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN
Definition pkcs11t.h:1121
CKM_SECURID_KEY_GEN
#define CKM_SECURID_KEY_GEN
Definition pkcs11t.h:719
CKM_IDEA_MAC_GENERAL
#define CKM_IDEA_MAC_GENERAL
Definition pkcs11t.h:761
CKS_RO_USER_FUNCTIONS
#define CKS_RO_USER_FUNCTIONS
Definition pkcs11t.h:273
CKM_TLS_KEY_AND_MAC_DERIVE
#define CKM_TLS_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:776
CKM_GOST28147_ECB
#define CKM_GOST28147_ECB
Definition pkcs11t.h:952
CKA_PRIME
#define CKA_PRIME
Definition pkcs11t.h:484
CKR_ARGUMENTS_BAD
#define CKR_ARGUMENTS_BAD
Definition pkcs11t.h:1046
CKM_SECURID
#define CKM_SECURID
Definition pkcs11t.h:720
CKM_AES_CCM
#define CKM_AES_CCM
Definition pkcs11t.h:921
CKR_CANCEL
#define CKR_CANCEL
Definition pkcs11t.h:1039
CKM_SHA512_224_KEY_DERIVATION
#define CKM_SHA512_224_KEY_DERIVATION
Definition pkcs11t.h:634
CKM_SHA256
#define CKM_SHA256
Definition pkcs11t.h:707
CKM_IDEA_CBC_PAD
#define CKM_IDEA_CBC_PAD
Definition pkcs11t.h:762
CKM_SHA512_T_HMAC_GENERAL
#define CKM_SHA512_T_HMAC_GENERAL
Definition pkcs11t.h:642
CKK_BLOWFISH
#define CKK_BLOWFISH
Definition pkcs11t.h:363
CKM_CDMF_CBC_PAD
#define CKM_CDMF_CBC_PAD
Definition pkcs11t.h:678
CKU_USER
#define CKU_USER
Definition pkcs11t.h:266
CKR_PIN_TOO_WEAK
#define CKR_PIN_TOO_WEAK
Definition pkcs11t.h:1153
CKA_MODULUS
#define CKA_MODULUS
Definition pkcs11t.h:474
CK_BYTE
unsigned char CK_BYTE
Definition pkcs11t.h:36
CKM_AES_CFB64
#define CKM_AES_CFB64
Definition pkcs11t.h:964
CKM_TLS_MASTER_KEY_DERIVE_DH
#define CKM_TLS_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:777
CKA_PRIVATE
#define CKA_PRIVATE
Definition pkcs11t.h:439
CKM_DES_KEY_GEN
#define CKM_DES_KEY_GEN
Definition pkcs11t.h:655
CK_SLOT_ID
CK_ULONG CK_SLOT_ID
Definition pkcs11t.h:104
CK_FLAGS
CK_ULONG CK_FLAGS
Definition pkcs11t.h:54
CKR_PIN_EXPIRED
#define CKR_PIN_EXPIRED
Definition pkcs11t.h:1093
CKM_CAST3_MAC_GENERAL
#define CKM_CAST3_MAC_GENERAL
Definition pkcs11t.h:736
CK_OBJECT_CLASS
CK_ULONG CK_OBJECT_CLASS
Definition pkcs11t.h:307
CKM_CAST5_CBC_PAD
#define CKM_CAST5_CBC_PAD
Definition pkcs11t.h:749
CKM_PBE_SHA1_RC2_128_CBC
#define CKM_PBE_SHA1_RC2_128_CBC
Definition pkcs11t.h:804
CKG_MGF1_SHA384
#define CKG_MGF1_SHA384
Definition pkcs11t.h:1248
CKR_PIN_LOCKED
#define CKR_PIN_LOCKED
Definition pkcs11t.h:1094
CKA_PRIME_1
#define CKA_PRIME_1
Definition pkcs11t.h:478
CKA_NAME_HASH_ALGORITHM
#define CKA_NAME_HASH_ALGORITHM
Definition pkcs11t.h:456
CKM_DSA_SHA512
#define CKM_DSA_SHA512
Definition pkcs11t.h:611
CKM_SSL3_PRE_MASTER_KEY_GEN
#define CKM_SSL3_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:769
CKM_SSL3_MASTER_KEY_DERIVE_DH
#define CKM_SSL3_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:773
CKM_IDEA_MAC
#define CKM_IDEA_MAC
Definition pkcs11t.h:760
CKR_LIBRARY_LOAD_FAILED
#define CKR_LIBRARY_LOAD_FAILED
Definition pkcs11t.h:1152
CKM_MD5_RSA_PKCS
#define CKM_MD5_RSA_PKCS
Definition pkcs11t.h:592
CKM_DSA_SHA384
#define CKM_DSA_SHA384
Definition pkcs11t.h:610
CKM_RIPEMD128_HMAC_GENERAL
#define CKM_RIPEMD128_HMAC_GENERAL
Definition pkcs11t.h:702
CKF_WRAP
#define CKF_WRAP
Definition pkcs11t.h:1015
CKK_DES
#define CKK_DES
Definition pkcs11t.h:349
CKM_PBA_SHA1_WITH_SHA1_HMAC
#define CKM_PBA_SHA1_WITH_SHA1_HMAC
Definition pkcs11t.h:809
CKA_OTP_SERVICE_LOGO_TYPE
#define CKA_OTP_SERVICE_LOGO_TYPE
Definition pkcs11t.h:533
CK_SESSION_HANDLE
CK_ULONG CK_SESSION_HANDLE
Definition pkcs11t.h:256
CKA_OTP_CHALLENGE_REQUIREMENT
#define CKA_OTP_CHALLENGE_REQUIREMENT
Definition pkcs11t.h:524
CKK_ACTI
#define CKK_ACTI
Definition pkcs11t.h:367
CKR_CANT_LOCK
#define CKR_CANT_LOCK
Definition pkcs11t.h:1049
CKM_DES_CBC_PAD
#define CKM_DES_CBC_PAD
Definition pkcs11t.h:661
CKR_TOKEN_NOT_PRESENT
#define CKR_TOKEN_NOT_PRESENT
Definition pkcs11t.h:1110
CKA_OTP_FORMAT
#define CKA_OTP_FORMAT
Definition pkcs11t.h:520
CKF_EXTENSION
#define CKF_EXTENSION
Definition pkcs11t.h:1029
CKM_SHA512_T
#define CKM_SHA512_T
Definition pkcs11t.h:640
CKM_DES3_CBC_PAD
#define CKM_DES3_CBC_PAD
Definition pkcs11t.h:670
CKM_SHA512_T_KEY_DERIVATION
#define CKM_SHA512_T_KEY_DERIVATION
Definition pkcs11t.h:643
CKA_EC_POINT
#define CKA_EC_POINT
Definition pkcs11t.h:508
CKR_CRYPTOKI_NOT_INITIALIZED
#define CKR_CRYPTOKI_NOT_INITIALIZED
Definition pkcs11t.h:1142
CKM_KEA_DERIVE
#define CKM_KEA_DERIVE
Definition pkcs11t.h:878
CKM_DH_PKCS_DERIVE
#define CKM_DH_PKCS_DERIVE
Definition pkcs11t.h:614
CKM_CAMELLIA_MAC_GENERAL
#define CKM_CAMELLIA_MAC_GENERAL
Definition pkcs11t.h:841
CKA_SENSITIVE
#define CKA_SENSITIVE
Definition pkcs11t.h:462
CKM_MD2_HMAC_GENERAL
#define CKM_MD2_HMAC_GENERAL
Definition pkcs11t.h:688
CKF_EC_F_P
#define CKF_EC_F_P
Definition pkcs11t.h:1022
CKM_SEED_CBC_ENCRYPT_DATA
#define CKM_SEED_CBC_ENCRYPT_DATA
Definition pkcs11t.h:863
CKM_DES3_CMAC_GENERAL
#define CKM_DES3_CMAC_GENERAL
Definition pkcs11t.h:671
CKR_PIN_INCORRECT
#define CKR_PIN_INCORRECT
Definition pkcs11t.h:1089
CKM_CAST128_MAC_GENERAL
#define CKM_CAST128_MAC_GENERAL
Definition pkcs11t.h:748
CKM_ARIA_CBC
#define CKM_ARIA_CBC
Definition pkcs11t.h:849
CK_CERTIFICATE_CATEGORY_TOKEN_USER
#define CK_CERTIFICATE_CATEGORY_TOKEN_USER
Definition pkcs11t.h:396
CKM_CAMELLIA_CTR
#define CKM_CAMELLIA_CTR
Definition pkcs11t.h:845
CKM_PBE_SHA1_RC4_40
#define CKM_PBE_SHA1_RC4_40
Definition pkcs11t.h:801
CKM_PBE_SHA1_CAST5_CBC
#define CKM_PBE_SHA1_CAST5_CBC
Definition pkcs11t.h:798
CKM_TLS10_MAC_SERVER
#define CKM_TLS10_MAC_SERVER
Definition pkcs11t.h:818
CKM_X9_42_DH_DERIVE
#define CKM_X9_42_DH_DERIVE
Definition pkcs11t.h:617
CKF_GENERATE_KEY_PAIR
#define CKF_GENERATE_KEY_PAIR
Definition pkcs11t.h:1014
CKM_AES_KEY_WRAP
#define CKM_AES_KEY_WRAP
Definition pkcs11t.h:969
CKM_SKIPJACK_PRIVATE_WRAP
#define CKM_SKIPJACK_PRIVATE_WRAP
Definition pkcs11t.h:874
CKF_SIGN_RECOVER
#define CKF_SIGN_RECOVER
Definition pkcs11t.h:1010
CKA_SIGN_RECOVER
#define CKA_SIGN_RECOVER
Definition pkcs11t.h:468
CKM_KEY_WRAP_LYNKS
#define CKM_KEY_WRAP_LYNKS
Definition pkcs11t.h:829
CKM_SHA512_RSA_PKCS_PSS
#define CKM_SHA512_RSA_PKCS_PSS
Definition pkcs11t.h:626
CKM_CAST5_KEY_GEN
#define CKM_CAST5_KEY_GEN
Definition pkcs11t.h:739
CKF_REMOVABLE_DEVICE
#define CKF_REMOVABLE_DEVICE
Definition pkcs11t.h:123
CKP_PKCS5_PBKD2_HMAC_SHA512_256
#define CKP_PKCS5_PBKD2_HMAC_SHA512_256
Definition pkcs11t.h:1726
CKM_CAMELLIA_CBC
#define CKM_CAMELLIA_CBC
Definition pkcs11t.h:839
CKM_ECDSA_SHA512
#define CKM_ECDSA_SHA512
Definition pkcs11t.h:896
CKM_RSA_PKCS_OAEP
#define CKM_RSA_PKCS_OAEP
Definition pkcs11t.h:597
CKM_DES_OFB64
#define CKM_DES_OFB64
Definition pkcs11t.h:680
CKR_WRAPPED_KEY_INVALID
#define CKR_WRAPPED_KEY_INVALID
Definition pkcs11t.h:1124
CKF_SECONDARY_AUTHENTICATION
#define CKF_SECONDARY_AUTHENTICATION
Definition pkcs11t.h:199
CKO_OTP_KEY
#define CKO_OTP_KEY
Definition pkcs11t.h:318
CKM_PBE_SHA1_RC4_128
#define CKM_PBE_SHA1_RC4_128
Definition pkcs11t.h:800
CKM_CDMF_MAC
#define CKM_CDMF_MAC
Definition pkcs11t.h:676
CKM_RSA_PKCS_OAEP_TPM_1_1
#define CKM_RSA_PKCS_OAEP_TPM_1_1
Definition pkcs11t.h:973
CKM_SHA512_RSA_PKCS
#define CKM_SHA512_RSA_PKCS
Definition pkcs11t.h:623
CKA_EXPONENT_1
#define CKA_EXPONENT_1
Definition pkcs11t.h:480
CKM_DES3_MAC_GENERAL
#define CKM_DES3_MAC_GENERAL
Definition pkcs11t.h:669
CKM_CAST_CBC_PAD
#define CKM_CAST_CBC_PAD
Definition pkcs11t.h:731
CKP_PKCS5_PBKD2_HMAC_SHA224
#define CKP_PKCS5_PBKD2_HMAC_SHA224
Definition pkcs11t.h:1721
CKM_SHA224_HMAC
#define CKM_SHA224_HMAC
Definition pkcs11t.h:711
CKM_CAST5_CBC
#define CKM_CAST5_CBC
Definition pkcs11t.h:743
CKM_SSL3_MD5_MAC
#define CKM_SSL3_MD5_MAC
Definition pkcs11t.h:781
CKM_EXTRACT_KEY_FROM_KEY
#define CKM_EXTRACT_KEY_FROM_KEY
Definition pkcs11t.h:768
CKM_SKIPJACK_CFB32
#define CKM_SKIPJACK_CFB32
Definition pkcs11t.h:870
CKM_ECMQV_DERIVE
#define CKM_ECMQV_DERIVE
Definition pkcs11t.h:900
CKA_SIGN
#define CKA_SIGN
Definition pkcs11t.h:467
CKM_AES_KEY_GEN
#define CKM_AES_KEY_GEN
Definition pkcs11t.h:913
CKF_USER_FRIENDLY_OTP
#define CKF_USER_FRIENDLY_OTP
Definition pkcs11t.h:1814
CKR_WRAPPING_KEY_HANDLE_INVALID
#define CKR_WRAPPING_KEY_HANDLE_INVALID
Definition pkcs11t.h:1126
CKR_MUTEX_NOT_LOCKED
#define CKR_MUTEX_NOT_LOCKED
Definition pkcs11t.h:1145
CKR_USER_TOO_MANY_TYPES
#define CKR_USER_TOO_MANY_TYPES
Definition pkcs11t.h:1122
CKM_CAST_MAC_GENERAL
#define CKM_CAST_MAC_GENERAL
Definition pkcs11t.h:730
CK_USER_TYPE
CK_ULONG CK_USER_TYPE
Definition pkcs11t.h:262
CKF_USER_PIN_COUNT_LOW
#define CKF_USER_PIN_COUNT_LOW
Definition pkcs11t.h:205
CKM_IDEA_CBC
#define CKM_IDEA_CBC
Definition pkcs11t.h:759
CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC
#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC
Definition pkcs11t.h:813
CKR_SESSION_CLOSED
#define CKR_SESSION_CLOSED
Definition pkcs11t.h:1096
CKA_EXPONENT_2
#define CKA_EXPONENT_2
Definition pkcs11t.h:481
CKK_RIPEMD160_HMAC
#define CKK_RIPEMD160_HMAC
Definition pkcs11t.h:374
CK_TRUE
#define CK_TRUE
Definition pkcs11t.h:23
CKM_DSA_KEY_PAIR_GEN
#define CKM_DSA_KEY_PAIR_GEN
Definition pkcs11t.h:605
CKM_RC4_KEY_GEN
#define CKM_RC4_KEY_GEN
Definition pkcs11t.h:653
CKM_ACTI_KEY_GEN
#define CKM_ACTI_KEY_GEN
Definition pkcs11t.h:724
CKM_SHA224
#define CKM_SHA224
Definition pkcs11t.h:710
CKM_SHA1_RSA_X9_31
#define CKM_SHA1_RSA_X9_31
Definition pkcs11t.h:601
CKM_AES_CBC_ENCRYPT_DATA
#define CKM_AES_CBC_ENCRYPT_DATA
Definition pkcs11t.h:942
CKA_VALUE
#define CKA_VALUE
Definition pkcs11t.h:442
CKA_URL
#define CKA_URL
Definition pkcs11t.h:453
CKM_GOSTR3410
#define CKM_GOSTR3410
Definition pkcs11t.h:945
CKM_CAMELLIA_CBC_PAD
#define CKM_CAMELLIA_CBC_PAD
Definition pkcs11t.h:842
CKF_EXCLUDE_COUNTER
#define CKF_EXCLUDE_COUNTER
Definition pkcs11t.h:1811
CK_FUNCTION_LIST_PTR
CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR
Definition pkcs11t.h:1175
CKM_CAMELLIA_ECB_ENCRYPT_DATA
#define CKM_CAMELLIA_ECB_ENCRYPT_DATA
Definition pkcs11t.h:843
CKM_SKIPJACK_CFB16
#define CKM_SKIPJACK_CFB16
Definition pkcs11t.h:871
CKK_JUNIPER
#define CKK_JUNIPER
Definition pkcs11t.h:360
CKM_WTLS_MASTER_KEY_DERIVE
#define CKM_WTLS_MASTER_KEY_DERIVE
Definition pkcs11t.h:812
CKM_SKIPJACK_KEY_GEN
#define CKM_SKIPJACK_KEY_GEN
Definition pkcs11t.h:865
CKH_MONOTONIC_COUNTER
#define CKH_MONOTONIC_COUNTER
Definition pkcs11t.h:330
CKF_ENCRYPT
#define CKF_ENCRYPT
Definition pkcs11t.h:1006
CKF_OS_LOCKING_OK
#define CKF_OS_LOCKING_OK
Definition pkcs11t.h:1226
CKM_GOST28147_KEY_WRAP
#define CKM_GOST28147_KEY_WRAP
Definition pkcs11t.h:955
CKM_SHA224_RSA_PKCS_PSS
#define CKM_SHA224_RSA_PKCS_PSS
Definition pkcs11t.h:629
CKA_LOCAL
#define CKA_LOCAL
Definition pkcs11t.h:495
CKM_MD5_KEY_DERIVATION
#define CKM_MD5_KEY_DERIVATION
Definition pkcs11t.h:783
CKM_BATON_ECB96
#define CKM_BATON_ECB96
Definition pkcs11t.h:882
CKP_PKCS5_PBKD2_HMAC_SHA384
#define CKP_PKCS5_PBKD2_HMAC_SHA384
Definition pkcs11t.h:1723
CKM_CAST3_MAC
#define CKM_CAST3_MAC
Definition pkcs11t.h:735
CKR_OBJECT_HANDLE_INVALID
#define CKR_OBJECT_HANDLE_INVALID
Definition pkcs11t.h:1086
CKF_EC_ECPARAMETERS
#define CKF_EC_ECPARAMETERS
Definition pkcs11t.h:1024
CKM_CDMF_KEY_GEN
#define CKM_CDMF_KEY_GEN
Definition pkcs11t.h:673
CKA_ECDSA_PARAMS
#define CKA_ECDSA_PARAMS
Definition pkcs11t.h:505
CKM_SHA512_224
#define CKM_SHA512_224
Definition pkcs11t.h:631
CKM_KEA_KEY_PAIR_GEN
#define CKM_KEA_KEY_PAIR_GEN
Definition pkcs11t.h:876
CKM_SHA256_HMAC
#define CKM_SHA256_HMAC
Definition pkcs11t.h:708
CKA_RESET_ON_INIT
#define CKA_RESET_ON_INIT
Definition pkcs11t.h:540
CKA_VERIFY
#define CKA_VERIFY
Definition pkcs11t.h:469
CKR_PIN_INVALID
#define CKR_PIN_INVALID
Definition pkcs11t.h:1090
CKA_OTP_PIN_REQUIREMENT
#define CKA_OTP_PIN_REQUIREMENT
Definition pkcs11t.h:527
CK_RSA_PKCS_MGF_TYPE
CK_ULONG CK_RSA_PKCS_MGF_TYPE
Definition pkcs11t.h:1241
CKR_UNWRAPPING_KEY_SIZE_RANGE
#define CKR_UNWRAPPING_KEY_SIZE_RANGE
Definition pkcs11t.h:1114
CKM_X9_42_MQV_DERIVE
#define CKM_X9_42_MQV_DERIVE
Definition pkcs11t.h:619
CKM_GOST28147
#define CKM_GOST28147
Definition pkcs11t.h:953
CKM_CDMF_ECB
#define CKM_CDMF_ECB
Definition pkcs11t.h:674
CKD_CPDIVERSIFY_KDF
#define CKD_CPDIVERSIFY_KDF
Definition pkcs11t.h:1300
CKM_TLS12_MASTER_KEY_DERIVE
#define CKM_TLS12_MASTER_KEY_DERIVE
Definition pkcs11t.h:822
CKO_DATA
#define CKO_DATA
Definition pkcs11t.h:310
CKM_BATON_SHUFFLE
#define CKM_BATON_SHUFFLE
Definition pkcs11t.h:885
CKO_PRIVATE_KEY
#define CKO_PRIVATE_KEY
Definition pkcs11t.h:313
CKM_SHA512_256_HMAC_GENERAL
#define CKM_SHA512_256_HMAC_GENERAL
Definition pkcs11t.h:637
CKK_IDEA
#define CKK_IDEA
Definition pkcs11t.h:357
CKM_RC5_MAC_GENERAL
#define CKM_RC5_MAC_GENERAL
Definition pkcs11t.h:755
CKD_SHA384_KDF
#define CKD_SHA384_KDF
Definition pkcs11t.h:1298
CKR_ENCRYPTED_DATA_INVALID
#define CKR_ENCRYPTED_DATA_INVALID
Definition pkcs11t.h:1063
CKM_RC2_CBC_PAD
#define CKM_RC2_CBC_PAD
Definition pkcs11t.h:651
CKP_PKCS5_PBKD2_HMAC_GOSTR3411
#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411
Definition pkcs11t.h:1720
CKM_SEED_CBC_PAD
#define CKM_SEED_CBC_PAD
Definition pkcs11t.h:861
CKR_CRYPTOKI_ALREADY_INITIALIZED
#define CKR_CRYPTOKI_ALREADY_INITIALIZED
Definition pkcs11t.h:1143
CKM_GENERIC_SECRET_KEY_GEN
#define CKM_GENERIC_SECRET_KEY_GEN
Definition pkcs11t.h:763
CKM_DH_PKCS_KEY_PAIR_GEN
#define CKM_DH_PKCS_KEY_PAIR_GEN
Definition pkcs11t.h:613
CKM_DES3_ECB_ENCRYPT_DATA
#define CKM_DES3_ECB_ENCRYPT_DATA
Definition pkcs11t.h:939
CKA_ALLOWED_MECHANISMS
#define CKA_ALLOWED_MECHANISMS
Definition pkcs11t.h:557
CKF_SERIAL_SESSION
#define CKF_SERIAL_SESSION
Definition pkcs11t.h:290
CKR_FUNCTION_FAILED
#define CKR_FUNCTION_FAILED
Definition pkcs11t.h:1044
CKM_CDMF_MAC_GENERAL
#define CKM_CDMF_MAC_GENERAL
Definition pkcs11t.h:677
CKH_CLOCK
#define CKH_CLOCK
Definition pkcs11t.h:331
CKA_OTP_COUNTER_REQUIREMENT
#define CKA_OTP_COUNTER_REQUIREMENT
Definition pkcs11t.h:526
CKM_SHA384
#define CKM_SHA384
Definition pkcs11t.h:713
CKA_COPYABLE
#define CKA_COPYABLE
Definition pkcs11t.h:501
CKF_DUAL_CRYPTO_OPERATIONS
#define CKF_DUAL_CRYPTO_OPERATIONS
Definition pkcs11t.h:185
CKA_PRIME_2
#define CKA_PRIME_2
Definition pkcs11t.h:479
CKR_OPERATION_NOT_INITIALIZED
#define CKR_OPERATION_NOT_INITIALIZED
Definition pkcs11t.h:1088
CKR_ACTION_PROHIBITED
#define CKR_ACTION_PROHIBITED
Definition pkcs11t.h:1056
CKF_SO_PIN_TO_BE_CHANGED
#define CKF_SO_PIN_TO_BE_CHANGED
Definition pkcs11t.h:246
CKR_SESSION_READ_ONLY_EXISTS
#define CKR_SESSION_READ_ONLY_EXISTS
Definition pkcs11t.h:1103
CKM_TLS_PRE_MASTER_KEY_GEN
#define CKM_TLS_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:774
CKM_EC_KEY_PAIR_GEN
#define CKM_EC_KEY_PAIR_GEN
Definition pkcs11t.h:889
CKK_DSA
#define CKK_DSA
Definition pkcs11t.h:340
CKR_SESSION_READ_WRITE_SO_EXISTS
#define CKR_SESSION_READ_WRITE_SO_EXISTS
Definition pkcs11t.h:1104
CKM_RC5_KEY_GEN
#define CKM_RC5_KEY_GEN
Definition pkcs11t.h:751
CKK_BATON
#define CKK_BATON
Definition pkcs11t.h:359
CKR_KEY_SIZE_RANGE
#define CKR_KEY_SIZE_RANGE
Definition pkcs11t.h:1072
CKM_AES_GCM
#define CKM_AES_GCM
Definition pkcs11t.h:920
CKM_DH_PKCS_PARAMETER_GEN
#define CKM_DH_PKCS_PARAMETER_GEN
Definition pkcs11t.h:958
CKM_PBE_MD5_CAST128_CBC
#define CKM_PBE_MD5_CAST128_CBC
Definition pkcs11t.h:797
CKM_SHA384_HMAC
#define CKM_SHA384_HMAC
Definition pkcs11t.h:714
CKR_TEMPLATE_INCONSISTENT
#define CKR_TEMPLATE_INCONSISTENT
Definition pkcs11t.h:1109
CKM_CDMF_CBC
#define CKM_CDMF_CBC
Definition pkcs11t.h:675
CKA_COLOR
#define CKA_COLOR
Definition pkcs11t.h:548
CKM_RC5_CBC_PAD
#define CKM_RC5_CBC_PAD
Definition pkcs11t.h:756
CKR_OPERATION_ACTIVE
#define CKR_OPERATION_ACTIVE
Definition pkcs11t.h:1087
CKR_DATA_LEN_RANGE
#define CKR_DATA_LEN_RANGE
Definition pkcs11t.h:1059
CKO_MECHANISM
#define CKO_MECHANISM
Definition pkcs11t.h:317
CKA_UNWRAP
#define CKA_UNWRAP
Definition pkcs11t.h:466
CKM_SHA1_RSA_PKCS
#define CKM_SHA1_RSA_PKCS
Definition pkcs11t.h:593
CKF_ARRAY_ATTRIBUTE
#define CKF_ARRAY_ATTRIBUTE
Definition pkcs11t.h:421
CKK_GOSTR3410
#define CKK_GOSTR3410
Definition pkcs11t.h:381
CKM_SHA512
#define CKM_SHA512
Definition pkcs11t.h:716
CKM_MD2_KEY_DERIVATION
#define CKM_MD2_KEY_DERIVATION
Definition pkcs11t.h:784
CK_KEY_TYPE
CK_ULONG CK_KEY_TYPE
Definition pkcs11t.h:336
CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN
#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN
Definition pkcs11t.h:961
CKA_TRUSTED
#define CKA_TRUSTED
Definition pkcs11t.h:450
CKA_WRAP_WITH_TRUSTED
#define CKA_WRAP_WITH_TRUSTED
Definition pkcs11t.h:515
CKK_GOSTR3411
#define CKK_GOSTR3411
Definition pkcs11t.h:382
CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE
CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE
Definition pkcs11t.h:1714
CKR_BUFFER_TOO_SMALL
#define CKR_BUFFER_TOO_SMALL
Definition pkcs11t.h:1137
CKM_ARIA_MAC_GENERAL
#define CKM_ARIA_MAC_GENERAL
Definition pkcs11t.h:851
CKU_SO
#define CKU_SO
Definition pkcs11t.h:264
CKM_CAMELLIA_CBC_ENCRYPT_DATA
#define CKM_CAMELLIA_CBC_ENCRYPT_DATA
Definition pkcs11t.h:844
CKM_AES_CFB128
#define CKM_AES_CFB128
Definition pkcs11t.h:966
CKS_RW_USER_FUNCTIONS
#define CKS_RW_USER_FUNCTIONS
Definition pkcs11t.h:275
CKM_AES_CMAC_GENERAL
#define CKM_AES_CMAC_GENERAL
Definition pkcs11t.h:924
CKS_RO_PUBLIC_SESSION
#define CKS_RO_PUBLIC_SESSION
Definition pkcs11t.h:272
CKO_HW_FEATURE
#define CKO_HW_FEATURE
Definition pkcs11t.h:315
CKA_DECRYPT
#define CKA_DECRYPT
Definition pkcs11t.h:464
CKM_PBE_MD5_CAST_CBC
#define CKM_PBE_MD5_CAST_CBC
Definition pkcs11t.h:794
CKM_SHA1_KEY_DERIVATION
#define CKM_SHA1_KEY_DERIVATION
Definition pkcs11t.h:785
CKA_OTP_LENGTH
#define CKA_OTP_LENGTH
Definition pkcs11t.h:521
CKF_EXCLUDE_CHALLENGE
#define CKF_EXCLUDE_CHALLENGE
Definition pkcs11t.h:1812
CKO_VENDOR_DEFINED
#define CKO_VENDOR_DEFINED
Definition pkcs11t.h:320
CKP_PKCS5_PBKD2_HMAC_SHA512
#define CKP_PKCS5_PBKD2_HMAC_SHA512
Definition pkcs11t.h:1724
CKA_KEY_TYPE
#define CKA_KEY_TYPE
Definition pkcs11t.h:459
CKR_USER_PIN_NOT_INITIALIZED
#define CKR_USER_PIN_NOT_INITIALIZED
Definition pkcs11t.h:1118
CKN_OTP_CHANGED
#define CKN_OTP_CHANGED
Definition pkcs11t.h:102
CKM_RIPEMD160
#define CKM_RIPEMD160
Definition pkcs11t.h:703
CKA_ALWAYS_AUTHENTICATE
#define CKA_ALWAYS_AUTHENTICATE
Definition pkcs11t.h:513
CKM_RSA_9796
#define CKM_RSA_9796
Definition pkcs11t.h:588
CKK_CAST
#define CKK_CAST
Definition pkcs11t.h:352
CKM_JUNIPER_WRAP
#define CKM_JUNIPER_WRAP
Definition pkcs11t.h:910
CKA_VALUE_LEN
#define CKA_VALUE_LEN
Definition pkcs11t.h:493
CKA_CHAR_ROWS
#define CKA_CHAR_ROWS
Definition pkcs11t.h:546
CKM_CAST_ECB
#define CKM_CAST_ECB
Definition pkcs11t.h:727
CKM_BATON_COUNTER
#define CKM_BATON_COUNTER
Definition pkcs11t.h:884
CKM_CAST3_KEY_GEN
#define CKM_CAST3_KEY_GEN
Definition pkcs11t.h:732
CKM_TLS_PRF
#define CKM_TLS_PRF
Definition pkcs11t.h:779
CKM_JUNIPER_CBC128
#define CKM_JUNIPER_CBC128
Definition pkcs11t.h:907
CKK_RC2
#define CKK_RC2
Definition pkcs11t.h:347
CKM_SHA224_RSA_PKCS
#define CKM_SHA224_RSA_PKCS
Definition pkcs11t.h:628
CKM_PBE_SHA1_DES3_EDE_CBC
#define CKM_PBE_SHA1_DES3_EDE_CBC
Definition pkcs11t.h:802
CKR_USER_ALREADY_LOGGED_IN
#define CKR_USER_ALREADY_LOGGED_IN
Definition pkcs11t.h:1116
CKK_SHA384_HMAC
#define CKK_SHA384_HMAC
Definition pkcs11t.h:376
CKR_STATE_UNSAVEABLE
#define CKR_STATE_UNSAVEABLE
Definition pkcs11t.h:1140
CKM_RIPEMD160_RSA_PKCS
#define CKM_RIPEMD160_RSA_PKCS
Definition pkcs11t.h:596
CKF_RNG
#define CKF_RNG
Definition pkcs11t.h:155
CKP_PKCS5_PBKD2_HMAC_SHA1
#define CKP_PKCS5_PBKD2_HMAC_SHA1
Definition pkcs11t.h:1719
CKM_AES_CTS
#define CKM_AES_CTS
Definition pkcs11t.h:922
CKA_GOST28147_PARAMS
#define CKA_GOST28147_PARAMS
Definition pkcs11t.h:537
CKM_X9_42_DH_PARAMETER_GEN
#define CKM_X9_42_DH_PARAMETER_GEN
Definition pkcs11t.h:959
CKK_RIPEMD128_HMAC
#define CKK_RIPEMD128_HMAC
Definition pkcs11t.h:373
CKF_SIGN
#define CKF_SIGN
Definition pkcs11t.h:1009
CKM_JUNIPER_COUNTER
#define CKM_JUNIPER_COUNTER
Definition pkcs11t.h:908
CKD_SHA1_KDF_CONCATENATE
#define CKD_SHA1_KDF_CONCATENATE
Definition pkcs11t.h:1295
CKF_GENERATE
#define CKF_GENERATE
Definition pkcs11t.h:1013
CKM_SHA512_256_HMAC
#define CKM_SHA512_256_HMAC
Definition pkcs11t.h:636
CKM_KIP_WRAP
#define CKM_KIP_WRAP
Definition pkcs11t.h:834
CK_MECHANISM_TYPE
CK_ULONG CK_MECHANISM_TYPE
Definition pkcs11t.h:583
CKK_GENERIC_SECRET
#define CKK_GENERIC_SECRET
Definition pkcs11t.h:346
CKM_TLS12_KEY_SAFE_DERIVE
#define CKM_TLS12_KEY_SAFE_DERIVE
Definition pkcs11t.h:825
CKM_PBE_SHA1_CAST128_CBC
#define CKM_PBE_SHA1_CAST128_CBC
Definition pkcs11t.h:799
CKU_CONTEXT_SPECIFIC
#define CKU_CONTEXT_SPECIFIC
Definition pkcs11t.h:268
CKP_PKCS5_PBKD2_HMAC_SHA512_224
#define CKP_PKCS5_PBKD2_HMAC_SHA512_224
Definition pkcs11t.h:1725
CKA_VALUE_BITS
#define CKA_VALUE_BITS
Definition pkcs11t.h:492
CKM_TLS12_KDF
#define CKM_TLS12_KDF
Definition pkcs11t.h:821
CKF_SO_PIN_FINAL_TRY
#define CKF_SO_PIN_FINAL_TRY
Definition pkcs11t.h:234
CKF_EXCLUDE_PIN
#define CKF_EXCLUDE_PIN
Definition pkcs11t.h:1813
CKA_COEFFICIENT
#define CKA_COEFFICIENT
Definition pkcs11t.h:482
CKR_INFORMATION_SENSITIVE
#define CKR_INFORMATION_SENSITIVE
Definition pkcs11t.h:1139
CKR_NEW_PIN_MODE
#define CKR_NEW_PIN_MODE
Definition pkcs11t.h:1147
CKM_AES_KEY_WRAP_PAD
#define CKM_AES_KEY_WRAP_PAD
Definition pkcs11t.h:970
CKR_OK
#define CKR_OK
Definition pkcs11t.h:1038
CKM_CONCATENATE_DATA_AND_BASE
#define CKM_CONCATENATE_DATA_AND_BASE
Definition pkcs11t.h:766
CKM_GOSTR3410_KEY_WRAP
#define CKM_GOSTR3410_KEY_WRAP
Definition pkcs11t.h:947
CKA_OWNER
#define CKA_OWNER
Definition pkcs11t.h:448
CKM_XOR_BASE_AND_DATA
#define CKM_XOR_BASE_AND_DATA
Definition pkcs11t.h:767
CKA_DESTROYABLE
#define CKA_DESTROYABLE
Definition pkcs11t.h:503
CKM_ECDSA
#define CKM_ECDSA
Definition pkcs11t.h:891
CKM_ECDSA_SHA384
#define CKM_ECDSA_SHA384
Definition pkcs11t.h:895
CKM_RSA_X9_31
#define CKM_RSA_X9_31
Definition pkcs11t.h:600
CKM_GOST28147_KEY_GEN
#define CKM_GOST28147_KEY_GEN
Definition pkcs11t.h:951
CKK_CAST3
#define CKK_CAST3
Definition pkcs11t.h:353
CKA_SUBPRIME
#define CKA_SUBPRIME
Definition pkcs11t.h:485
CKA_DERIVE
#define CKA_DERIVE
Definition pkcs11t.h:471
CKK_SKIPJACK
#define CKK_SKIPJACK
Definition pkcs11t.h:358
CKR_ATTRIBUTE_VALUE_INVALID
#define CKR_ATTRIBUTE_VALUE_INVALID
Definition pkcs11t.h:1054
CKA_REQUIRED_CMS_ATTRIBUTES
#define CKA_REQUIRED_CMS_ATTRIBUTES
Definition pkcs11t.h:554
CKM_GOSTR3411
#define CKM_GOSTR3411
Definition pkcs11t.h:949
CK_CERTIFICATE_CATEGORY_AUTHORITY
#define CK_CERTIFICATE_CATEGORY_AUTHORITY
Definition pkcs11t.h:397
CKM_PBE_MD2_DES_CBC
#define CKM_PBE_MD2_DES_CBC
Definition pkcs11t.h:792
CKM_DES_OFB8
#define CKM_DES_OFB8
Definition pkcs11t.h:681
CKM_RIPEMD160_HMAC
#define CKM_RIPEMD160_HMAC
Definition pkcs11t.h:704
CKM_HOTP
#define CKM_HOTP
Definition pkcs11t.h:722
CKM_KEY_WRAP_SET_OAEP
#define CKM_KEY_WRAP_SET_OAEP
Definition pkcs11t.h:830
CKM_KIP_MAC
#define CKM_KIP_MAC
Definition pkcs11t.h:835
CKA_MIME_TYPES
#define CKA_MIME_TYPES
Definition pkcs11t.h:552
CKM_CAST3_CBC_PAD
#define CKM_CAST3_CBC_PAD
Definition pkcs11t.h:737
CKA_CERTIFICATE_CATEGORY
#define CKA_CERTIFICATE_CATEGORY
Definition pkcs11t.h:451
CKK_VENDOR_DEFINED
#define CKK_VENDOR_DEFINED
Definition pkcs11t.h:387
CKM_DSA_SHA224
#define CKM_DSA_SHA224
Definition pkcs11t.h:608
CKM_TLS_MAC
#define CKM_TLS_MAC
Definition pkcs11t.h:826
CK_BBOOL
CK_BYTE CK_BBOOL
Definition pkcs11t.h:45
CKR_FUNCTION_NOT_SUPPORTED
#define CKR_FUNCTION_NOT_SUPPORTED
Definition pkcs11t.h:1068
CKF_RESTORE_KEY_NOT_NEEDED
#define CKF_RESTORE_KEY_NOT_NEEDED
Definition pkcs11t.h:165
CKM_CAST5_ECB
#define CKM_CAST5_ECB
Definition pkcs11t.h:741
CKA_GOSTR3410_PARAMS
#define CKA_GOSTR3410_PARAMS
Definition pkcs11t.h:535
CKR_USER_NOT_LOGGED_IN
#define CKR_USER_NOT_LOGGED_IN
Definition pkcs11t.h:1117
CKA_ALWAYS_SENSITIVE
#define CKA_ALWAYS_SENSITIVE
Definition pkcs11t.h:497
CKM_DES_CFB64
#define CKM_DES_CFB64
Definition pkcs11t.h:682
CKK_HOTP
#define CKK_HOTP
Definition pkcs11t.h:366
CKM_AES_CFB1
#define CKM_AES_CFB1
Definition pkcs11t.h:968
CKM_DES_ECB_ENCRYPT_DATA
#define CKM_DES_ECB_ENCRYPT_DATA
Definition pkcs11t.h:937
CKR_DEVICE_REMOVED
#define CKR_DEVICE_REMOVED
Definition pkcs11t.h:1062
CKF_UNWRAP
#define CKF_UNWRAP
Definition pkcs11t.h:1016
CKA_VENDOR_DEFINED
#define CKA_VENDOR_DEFINED
Definition pkcs11t.h:559
CKA_OTP_TIME
#define CKA_OTP_TIME
Definition pkcs11t.h:529
CKM_PBE_SHA1_RC2_40_CBC
#define CKM_PBE_SHA1_RC2_40_CBC
Definition pkcs11t.h:805
CKM_GOSTR3410_DERIVE
#define CKM_GOSTR3410_DERIVE
Definition pkcs11t.h:948
CKA_END_DATE
#define CKA_END_DATE
Definition pkcs11t.h:473
CKG_MGF1_SHA1
#define CKG_MGF1_SHA1
Definition pkcs11t.h:1246
CKK_SECURID
#define CKK_SECURID
Definition pkcs11t.h:365
CKP_PKCS5_PBKD2_HMAC_SHA256
#define CKP_PKCS5_PBKD2_HMAC_SHA256
Definition pkcs11t.h:1722
CKM_SHA256_HMAC_GENERAL
#define CKM_SHA256_HMAC_GENERAL
Definition pkcs11t.h:709
CKA_ATTR_TYPES
#define CKA_ATTR_TYPES
Definition pkcs11t.h:449
CKF_USER_PIN_TO_BE_CHANGED
#define CKF_USER_PIN_TO_BE_CHANGED
Definition pkcs11t.h:223
CKM_AES_ECB_ENCRYPT_DATA
#define CKM_AES_ECB_ENCRYPT_DATA
Definition pkcs11t.h:941
CKM_RIPEMD128_RSA_PKCS
#define CKM_RIPEMD128_RSA_PKCS
Definition pkcs11t.h:595
CK_CERTIFICATE_CATEGORY_UNSPECIFIED
#define CK_CERTIFICATE_CATEGORY_UNSPECIFIED
Definition pkcs11t.h:395
CKR_DOMAIN_PARAMS_INVALID
#define CKR_DOMAIN_PARAMS_INVALID
Definition pkcs11t.h:1133
CKA_CERTIFICATE_TYPE
#define CKA_CERTIFICATE_TYPE
Definition pkcs11t.h:444
CKM_ECDSA_SHA256
#define CKM_ECDSA_SHA256
Definition pkcs11t.h:894
CKM_BATON_WRAP
#define CKM_BATON_WRAP
Definition pkcs11t.h:886
CKF_SO_PIN_LOCKED
#define CKF_SO_PIN_LOCKED
Definition pkcs11t.h:239
CK_CERTIFICATE_TYPE
CK_ULONG CK_CERTIFICATE_TYPE
Definition pkcs11t.h:393
CKM_AES_OFB
#define CKM_AES_OFB
Definition pkcs11t.h:963
CKR_TOKEN_WRITE_PROTECTED
#define CKR_TOKEN_WRITE_PROTECTED
Definition pkcs11t.h:1112
CKA_HASH_OF_ISSUER_PUBLIC_KEY
#define CKA_HASH_OF_ISSUER_PUBLIC_KEY
Definition pkcs11t.h:455
CKM_HOTP_KEY_GEN
#define CKM_HOTP_KEY_GEN
Definition pkcs11t.h:721
CKF_DECRYPT
#define CKF_DECRYPT
Definition pkcs11t.h:1007
CKH_VENDOR_DEFINED
#define CKH_VENDOR_DEFINED
Definition pkcs11t.h:333
CKM_TWOFISH_CBC
#define CKM_TWOFISH_CBC
Definition pkcs11t.h:933
CKK_CDMF
#define CKK_CDMF
Definition pkcs11t.h:361
CKA_MODULUS_BITS
#define CKA_MODULUS_BITS
Definition pkcs11t.h:475
CK_VOID_PTR
void CK_PTR CK_VOID_PTR
Definition pkcs11t.h:66
CKM_RIPEMD128_HMAC
#define CKM_RIPEMD128_HMAC
Definition pkcs11t.h:701
CKA_LABEL
#define CKA_LABEL
Definition pkcs11t.h:440
CKA_EXTRACTABLE
#define CKA_EXTRACTABLE
Definition pkcs11t.h:494
CKM_ACTI
#define CKM_ACTI
Definition pkcs11t.h:723
CKM_CAST_KEY_GEN
#define CKM_CAST_KEY_GEN
Definition pkcs11t.h:726
CKR_TEMPLATE_INCOMPLETE
#define CKR_TEMPLATE_INCOMPLETE
Definition pkcs11t.h:1108
CKM_DES3_KEY_GEN
#define CKM_DES3_KEY_GEN
Definition pkcs11t.h:664
CKF_EC_COMPRESS
#define CKF_EC_COMPRESS
Definition pkcs11t.h:1027
CKM_DES3_CBC_ENCRYPT_DATA
#define CKM_DES3_CBC_ENCRYPT_DATA
Definition pkcs11t.h:940
CKM_CAST128_MAC
#define CKM_CAST128_MAC
Definition pkcs11t.h:746
CKM_MD5_HMAC
#define CKM_MD5_HMAC
Definition pkcs11t.h:692
CKF_SO_PIN_COUNT_LOW
#define CKF_SO_PIN_COUNT_LOW
Definition pkcs11t.h:229
CK_OBJECT_HANDLE
CK_ULONG CK_OBJECT_HANDLE
Definition pkcs11t.h:298
CKA_ENCODING_METHODS
#define CKA_ENCODING_METHODS
Definition pkcs11t.h:551
CK_HW_FEATURE_TYPE
CK_ULONG CK_HW_FEATURE_TYPE
Definition pkcs11t.h:327
CKM_DES3_ECB
#define CKM_DES3_ECB
Definition pkcs11t.h:665
CKM_AES_CBC
#define CKM_AES_CBC
Definition pkcs11t.h:915
CKM_SEED_MAC
#define CKM_SEED_MAC
Definition pkcs11t.h:859
CKM_AES_MAC
#define CKM_AES_MAC
Definition pkcs11t.h:916
CKM_SHA256_RSA_PKCS_PSS
#define CKM_SHA256_RSA_PKCS_PSS
Definition pkcs11t.h:624
CKR_KEY_NOT_NEEDED
#define CKR_KEY_NOT_NEEDED
Definition pkcs11t.h:1075
CKM_SKIPJACK_WRAP
#define CKM_SKIPJACK_WRAP
Definition pkcs11t.h:873
CKR_NO_EVENT
#define CKR_NO_EVENT
Definition pkcs11t.h:1047
CKR_VENDOR_DEFINED
#define CKR_VENDOR_DEFINED
Definition pkcs11t.h:1158
CKM_SKIPJACK_ECB64
#define CKM_SKIPJACK_ECB64
Definition pkcs11t.h:866
CKA_ENCRYPT
#define CKA_ENCRYPT
Definition pkcs11t.h:463
CKM_SHA384_KEY_DERIVATION
#define CKM_SHA384_KEY_DERIVATION
Definition pkcs11t.h:788
CKA_SUBPRIME_BITS
#define CKA_SUBPRIME_BITS
Definition pkcs11t.h:489
CKM_RSA_PKCS_PSS
#define CKM_RSA_PKCS_PSS
Definition pkcs11t.h:602
CKM_SKIPJACK_OFB64
#define CKM_SKIPJACK_OFB64
Definition pkcs11t.h:868
CKM_GOSTR3410_WITH_GOSTR3411
#define CKM_GOSTR3410_WITH_GOSTR3411
Definition pkcs11t.h:946
CKM_SHA1_RSA_PKCS_PSS
#define CKM_SHA1_RSA_PKCS_PSS
Definition pkcs11t.h:603
CKK_ECDSA
#define CKK_ECDSA
Definition pkcs11t.h:342
CKM_DES2_KEY_GEN
#define CKM_DES2_KEY_GEN
Definition pkcs11t.h:663
CKM_GOSTR3410_KEY_PAIR_GEN
#define CKM_GOSTR3410_KEY_PAIR_GEN
Definition pkcs11t.h:944
CKA_PIXEL_X
#define CKA_PIXEL_X
Definition pkcs11t.h:543
CKA_DEFAULT_CMS_ATTRIBUTES
#define CKA_DEFAULT_CMS_ATTRIBUTES
Definition pkcs11t.h:555
CKR_HOST_MEMORY
#define CKR_HOST_MEMORY
Definition pkcs11t.h:1040
CKM_SHA512_256_KEY_DERIVATION
#define CKM_SHA512_256_KEY_DERIVATION
Definition pkcs11t.h:638
CKA_GOSTR3411_PARAMS
#define CKA_GOSTR3411_PARAMS
Definition pkcs11t.h:536
CKM_SHA384_RSA_PKCS
#define CKM_SHA384_RSA_PKCS
Definition pkcs11t.h:622
CK_ATTRIBUTE_TYPE
CK_ULONG CK_ATTRIBUTE_TYPE
Definition pkcs11t.h:416
CKR_FUNCTION_NOT_PARALLEL
#define CKR_FUNCTION_NOT_PARALLEL
Definition pkcs11t.h:1066
CKK_GOST28147
#define CKK_GOST28147
Definition pkcs11t.h:383
CKA_CHAR_COLUMNS
#define CKA_CHAR_COLUMNS
Definition pkcs11t.h:547
CKA_UNWRAP_TEMPLATE
#define CKA_UNWRAP_TEMPLATE
Definition pkcs11t.h:517
CKR_SIGNATURE_LEN_RANGE
#define CKR_SIGNATURE_LEN_RANGE
Definition pkcs11t.h:1107
CKM_ARIA_MAC
#define CKM_ARIA_MAC
Definition pkcs11t.h:850
CKR_CURVE_NOT_SUPPORTED
#define CKR_CURVE_NOT_SUPPORTED
Definition pkcs11t.h:1135
CKM_SHA224_KEY_DERIVATION
#define CKM_SHA224_KEY_DERIVATION
Definition pkcs11t.h:790
CKA_KEY_GEN_MECHANISM
#define CKA_KEY_GEN_MECHANISM
Definition pkcs11t.h:498
CKR_FIPS_SELF_TEST_FAILED
#define CKR_FIPS_SELF_TEST_FAILED
Definition pkcs11t.h:1151
CKM_JUNIPER_SHUFFLE
#define CKM_JUNIPER_SHUFFLE
Definition pkcs11t.h:909
CKK_TWOFISH
#define CKK_TWOFISH
Definition pkcs11t.h:364
CKR_USER_TYPE_INVALID
#define CKR_USER_TYPE_INVALID
Definition pkcs11t.h:1119
CKM_SEED_ECB
#define CKM_SEED_ECB
Definition pkcs11t.h:857
CKM_CAMELLIA_ECB
#define CKM_CAMELLIA_ECB
Definition pkcs11t.h:838
CKM_ECDH_AES_KEY_WRAP
#define CKM_ECDH_AES_KEY_WRAP
Definition pkcs11t.h:902
CRYPTOKI_VERSION_MAJOR
#define CRYPTOKI_VERSION_MAJOR
Definition pkcs11t.h:19
CKO_DOMAIN_PARAMETERS
#define CKO_DOMAIN_PARAMETERS
Definition pkcs11t.h:316
CKM_PBE_MD5_CAST3_CBC
#define CKM_PBE_MD5_CAST3_CBC
Definition pkcs11t.h:795
CKM_RC4
#define CKM_RC4
Definition pkcs11t.h:654
CKM_RSA_AES_KEY_WRAP
#define CKM_RSA_AES_KEY_WRAP
Definition pkcs11t.h:903
CKF_USER_PIN_LOCKED
#define CKF_USER_PIN_LOCKED
Definition pkcs11t.h:216
CKM_PBE_MD5_DES_CBC
#define CKM_PBE_MD5_DES_CBC
Definition pkcs11t.h:793
CKM_SHA512_T_HMAC
#define CKM_SHA512_T_HMAC
Definition pkcs11t.h:641
CKM_SHA512_HMAC
#define CKM_SHA512_HMAC
Definition pkcs11t.h:717
CKM_RIPEMD160_HMAC_GENERAL
#define CKM_RIPEMD160_HMAC_GENERAL
Definition pkcs11t.h:705
CKM_SHA256_RSA_PKCS
#define CKM_SHA256_RSA_PKCS
Definition pkcs11t.h:621
CKR_KEY_HANDLE_INVALID
#define CKR_KEY_HANDLE_INVALID
Definition pkcs11t.h:1070
CKM_CAST_MAC
#define CKM_CAST_MAC
Definition pkcs11t.h:729
CKM_RC2_MAC_GENERAL
#define CKM_RC2_MAC_GENERAL
Definition pkcs11t.h:650
CKM_RC2_KEY_GEN
#define CKM_RC2_KEY_GEN
Definition pkcs11t.h:645
CKR_MUTEX_BAD
#define CKR_MUTEX_BAD
Definition pkcs11t.h:1144
CKM_CAST128_KEY_GEN
#define CKM_CAST128_KEY_GEN
Definition pkcs11t.h:740
CKF_TOKEN_PRESENT
#define CKF_TOKEN_PRESENT
Definition pkcs11t.h:122
CKM_AES_XCBC_MAC
#define CKM_AES_XCBC_MAC
Definition pkcs11t.h:926
CKD_SHA224_KDF
#define CKD_SHA224_KDF
Definition pkcs11t.h:1296
CKM_SHA384_RSA_PKCS_PSS
#define CKM_SHA384_RSA_PKCS_PSS
Definition pkcs11t.h:625
CKM_RSA_PKCS_TPM_1_1
#define CKM_RSA_PKCS_TPM_1_1
Definition pkcs11t.h:972
CKM_SSL3_KEY_AND_MAC_DERIVE
#define CKM_SSL3_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:771
CKM_DES_MAC_GENERAL
#define CKM_DES_MAC_GENERAL
Definition pkcs11t.h:660
CKA_PIXEL_Y
#define CKA_PIXEL_Y
Definition pkcs11t.h:544
CKR_SAVED_STATE_INVALID
#define CKR_SAVED_STATE_INVALID
Definition pkcs11t.h:1138
CKM_CAST128_CBC
#define CKM_CAST128_CBC
Definition pkcs11t.h:744
CKM_AES_ECB
#define CKM_AES_ECB
Definition pkcs11t.h:914
CKM_ARIA_ECB_ENCRYPT_DATA
#define CKM_ARIA_ECB_ENCRYPT_DATA
Definition pkcs11t.h:853
CKK_EC
#define CKK_EC
Definition pkcs11t.h:343
CKA_WRAP_TEMPLATE
#define CKA_WRAP_TEMPLATE
Definition pkcs11t.h:516
CKR_WRAPPED_KEY_LEN_RANGE
#define CKR_WRAPPED_KEY_LEN_RANGE
Definition pkcs11t.h:1125
CKK_ARIA
#define CKK_ARIA
Definition pkcs11t.h:369
CKF_HW
#define CKF_HW
Definition pkcs11t.h:1003
CKM_X9_42_DH_HYBRID_DERIVE
#define CKM_X9_42_DH_HYBRID_DERIVE
Definition pkcs11t.h:618
CKA_PRIME_BITS
#define CKA_PRIME_BITS
Definition pkcs11t.h:488
CKF_EXCLUDE_TIME
#define CKF_EXCLUDE_TIME
Definition pkcs11t.h:1810
CKR_EXCEEDED_MAX_ITERATIONS
#define CKR_EXCEEDED_MAX_ITERATIONS
Definition pkcs11t.h:1150
CKM_BLOWFISH_KEY_GEN
#define CKM_BLOWFISH_KEY_GEN
Definition pkcs11t.h:930
CKM_GOST28147_MAC
#define CKM_GOST28147_MAC
Definition pkcs11t.h:954
CKM_CAST128_ECB
#define CKM_CAST128_ECB
Definition pkcs11t.h:742
CKR_KEY_INDIGESTIBLE
#define CKR_KEY_INDIGESTIBLE
Definition pkcs11t.h:1078
CKK_MD5_HMAC
#define CKK_MD5_HMAC
Definition pkcs11t.h:371
CKH_USER_INTERFACE
#define CKH_USER_INTERFACE
Definition pkcs11t.h:332
CKK_SHA_1_HMAC
#define CKK_SHA_1_HMAC
Definition pkcs11t.h:372
CKA_OTP_COUNTER
#define CKA_OTP_COUNTER
Definition pkcs11t.h:528
CKA_CHAR_SETS
#define CKA_CHAR_SETS
Definition pkcs11t.h:550
CKF_VERIFY_RECOVER
#define CKF_VERIFY_RECOVER
Definition pkcs11t.h:1012
CKA_MECHANISM_TYPE
#define CKA_MECHANISM_TYPE
Definition pkcs11t.h:553
CK_STATE
CK_ULONG CK_STATE
Definition pkcs11t.h:271
CKK_AES
#define CKK_AES
Definition pkcs11t.h:362
CKM_SEED_CBC
#define CKM_SEED_CBC
Definition pkcs11t.h:858
CKA_BASE
#define CKA_BASE
Definition pkcs11t.h:486
CKM_DSA_SHA256
#define CKM_DSA_SHA256
Definition pkcs11t.h:609
CKF_CLOCK_ON_TOKEN
#define CKF_CLOCK_ON_TOKEN
Definition pkcs11t.h:171
CKS_RW_SO_FUNCTIONS
#define CKS_RW_SO_FUNCTIONS
Definition pkcs11t.h:276
CKM_DES_CFB8
#define CKM_DES_CFB8
Definition pkcs11t.h:683
CKR_KEY_NEEDED
#define CKR_KEY_NEEDED
Definition pkcs11t.h:1077
CKM_BLOWFISH_CBC_PAD
#define CKM_BLOWFISH_CBC_PAD
Definition pkcs11t.h:934
CKR_PUBLIC_KEY_INVALID
#define CKR_PUBLIC_KEY_INVALID
Definition pkcs11t.h:1154
CKR_KEY_TYPE_INCONSISTENT
#define CKR_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1073
CKM_SHA_1
#define CKM_SHA_1
Definition pkcs11t.h:695
CKM_DSA_SHA1
#define CKM_DSA_SHA1
Definition pkcs11t.h:607
CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT
#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1115
CKM_AES_XCBC_MAC_96
#define CKM_AES_XCBC_MAC_96
Definition pkcs11t.h:927
CKM_ECDSA_KEY_PAIR_GEN
#define CKM_ECDSA_KEY_PAIR_GEN
Definition pkcs11t.h:888
CKK_X9_42_DH
#define CKK_X9_42_DH
Definition pkcs11t.h:344
CKM_WTLS_PRF
#define CKM_WTLS_PRF
Definition pkcs11t.h:814
CKF_ERROR_STATE
#define CKF_ERROR_STATE
Definition pkcs11t.h:248
CKF_WRITE_PROTECTED
#define CKF_WRITE_PROTECTED
Definition pkcs11t.h:156
CKA_EC_PARAMS
#define CKA_EC_PARAMS
Definition pkcs11t.h:506
CKM_DES_MAC
#define CKM_DES_MAC
Definition pkcs11t.h:658
CKM_RC2_ECB
#define CKM_RC2_ECB
Definition pkcs11t.h:646
CKM_TLS12_KEY_AND_MAC_DERIVE
#define CKM_TLS12_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:823
CKA_WRAP
#define CKA_WRAP
Definition pkcs11t.h:465
CKA_CLASS
#define CKA_CLASS
Definition pkcs11t.h:437
CKK_SHA512_HMAC
#define CKK_SHA512_HMAC
Definition pkcs11t.h:377
CKR_KEY_NOT_WRAPPABLE
#define CKR_KEY_NOT_WRAPPABLE
Definition pkcs11t.h:1080
CKM_MD2_HMAC
#define CKM_MD2_HMAC
Definition pkcs11t.h:687
CKA_DERIVE_TEMPLATE
#define CKA_DERIVE_TEMPLATE
Definition pkcs11t.h:518
CKF_EC_NAMEDCURVE
#define CKF_EC_NAMEDCURVE
Definition pkcs11t.h:1025
CKF_NEXT_OTP
#define CKF_NEXT_OTP
Definition pkcs11t.h:1809
CKM_TLS12_MASTER_KEY_DERIVE_DH
#define CKM_TLS12_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:824
CKM_RC5_ECB
#define CKM_RC5_ECB
Definition pkcs11t.h:752
CKF_DONT_BLOCK
#define CKF_DONT_BLOCK
Definition pkcs11t.h:1234
CKM_SHA224_HMAC_GENERAL
#define CKM_SHA224_HMAC_GENERAL
Definition pkcs11t.h:712
CKA_HAS_RESET
#define CKA_HAS_RESET
Definition pkcs11t.h:541
CKA_OTP_SERVICE_LOGO
#define CKA_OTP_SERVICE_LOGO
Definition pkcs11t.h:532
CKA_SUBJECT
#define CKA_SUBJECT
Definition pkcs11t.h:460
CKM_DES3_MAC
#define CKM_DES3_MAC
Definition pkcs11t.h:667
CK_ATTRIBUTE
Definition pkcs11t.h:564
CK_C_INITIALIZE_ARGS
Definition pkcs11t.h:1213
CK_DATE
Definition pkcs11t.h:573
CK_ECDH1_DERIVE_PARAMS
Definition pkcs11t.h:1307
CK_INFO
Definition pkcs11t.h:86
CK_MECHANISM_INFO
Definition pkcs11t.h:995
CK_MECHANISM
Definition pkcs11t.h:983
CK_RSA_PKCS_OAEP_PARAMS
Definition pkcs11t.h:1266
CK_RSA_PKCS_PSS_PARAMS
Definition pkcs11t.h:1279
CK_SESSION_INFO
Definition pkcs11t.h:279
CK_SLOT_INFO
Definition pkcs11t.h:110
CK_TOKEN_INFO
Definition pkcs11t.h:130
Generated by doxygen 1.14.0