Botan 3.5.0
Crypto and TLS for C&
p11.h
Go to the documentation of this file.
1/*
2* PKCS#11
3* (C) 2016 Daniel Neus, Sirrix AG
4* (C) 2016 Philipp Weber, Sirrix AG
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_P11_H_
10#define BOTAN_P11_H_
11
12#include <botan/exceptn.h>
13#include <botan/secmem.h>
14
15#include <map>
16#include <string>
17#include <vector>
18
19#define CK_PTR *
20
21#if defined(_MSC_VER)
22 #define CK_DECLARE_FUNCTION(returnType, name) returnType __declspec(dllimport) name
23#else
24 #define CK_DECLARE_FUNCTION(returnType, name) returnType name
25#endif
26
27#if defined(_MSC_VER)
28 #define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType __declspec(dllimport)(*name)
29#else
30 #define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType(*name)
31#endif
32
33#define CK_CALLBACK_FUNCTION(returnType, name) returnType(*name)
34
35#ifndef NULL_PTR
36 #define NULL_PTR nullptr
37#endif
38
39#if defined(_MSC_VER)
40 #pragma pack(push, cryptoki, 1)
41#endif
42
43#include "pkcs11.h"
44
45#if defined(_MSC_VER)
46 #pragma pack(pop, cryptoki)
47#endif
48
49static_assert(
50 CRYPTOKI_VERSION_MAJOR == 2 && CRYPTOKI_VERSION_MINOR == 40,
51 "The Botan PKCS#11 module was implemented against PKCS#11 v2.40. Please use the correct PKCS#11 headers.");
52
53namespace Botan {
54
55class Dynamically_Loaded_Library;
56
57namespace PKCS11 {
58
59using secure_string = secure_vector<uint8_t>;
60
61enum class AttributeType : CK_ATTRIBUTE_TYPE {
62 Class = CKA_CLASS,
63 Token = CKA_TOKEN,
64 Private = CKA_PRIVATE,
65 Label = CKA_LABEL,
66 Application = CKA_APPLICATION,
67 Value = CKA_VALUE,
68 ObjectId = CKA_OBJECT_ID,
69 CertificateType = CKA_CERTIFICATE_TYPE,
70 Issuer = CKA_ISSUER,
71 SerialNumber = CKA_SERIAL_NUMBER,
72 AcIssuer = CKA_AC_ISSUER,
73 Owner = CKA_OWNER,
74 AttrTypes = CKA_ATTR_TYPES,
75 Trusted = CKA_TRUSTED,
76 CertificateCategory = CKA_CERTIFICATE_CATEGORY,
77 JavaMidpSecurityDomain = CKA_JAVA_MIDP_SECURITY_DOMAIN,
78 Url = CKA_URL,
79 HashOfSubjectPublicKey = CKA_HASH_OF_SUBJECT_PUBLIC_KEY,
80 HashOfIssuerPublicKey = CKA_HASH_OF_ISSUER_PUBLIC_KEY,
81 NameHashAlgorithm = CKA_NAME_HASH_ALGORITHM,
82 CheckValue = CKA_CHECK_VALUE,
83 KeyType = CKA_KEY_TYPE,
84 Subject = CKA_SUBJECT,
85 Id = CKA_ID,
86 Sensitive = CKA_SENSITIVE,
87 Encrypt = CKA_ENCRYPT,
88 Decrypt = CKA_DECRYPT,
89 Wrap = CKA_WRAP,
90 Unwrap = CKA_UNWRAP,
91 Sign = CKA_SIGN,
92 SignRecover = CKA_SIGN_RECOVER,
93 Verify = CKA_VERIFY,
94 VerifyRecover = CKA_VERIFY_RECOVER,
95 Derive = CKA_DERIVE,
96 StartDate = CKA_START_DATE,
97 EndDate = CKA_END_DATE,
98 Modulus = CKA_MODULUS,
99 ModulusBits = CKA_MODULUS_BITS,
100 PublicExponent = CKA_PUBLIC_EXPONENT,
101 PrivateExponent = CKA_PRIVATE_EXPONENT,
102 Prime1 = CKA_PRIME_1,
103 Prime2 = CKA_PRIME_2,
104 Exponent1 = CKA_EXPONENT_1,
105 Exponent2 = CKA_EXPONENT_2,
106 Coefficient = CKA_COEFFICIENT,
107 PublicKeyInfo = CKA_PUBLIC_KEY_INFO,
108 Prime = CKA_PRIME,
109 Subprime = CKA_SUBPRIME,
110 Base = CKA_BASE,
111 PrimeBits = CKA_PRIME_BITS,
112 SubprimeBits = CKA_SUBPRIME_BITS,
113 SubPrimeBits = CKA_SUB_PRIME_BITS,
114 ValueBits = CKA_VALUE_BITS,
115 ValueLen = CKA_VALUE_LEN,
116 Extractable = CKA_EXTRACTABLE,
117 Local = CKA_LOCAL,
118 NeverExtractable = CKA_NEVER_EXTRACTABLE,
119 AlwaysSensitive = CKA_ALWAYS_SENSITIVE,
120 KeyGenMechanism = CKA_KEY_GEN_MECHANISM,
121 Modifiable = CKA_MODIFIABLE,
122 Copyable = CKA_COPYABLE,
123 Destroyable = CKA_DESTROYABLE,
124 EcdsaParams = CKA_ECDSA_PARAMS,
125 EcParams = CKA_EC_PARAMS,
126 EcPoint = CKA_EC_POINT,
127 SecondaryAuth = CKA_SECONDARY_AUTH,
128 AuthPinFlags = CKA_AUTH_PIN_FLAGS,
129 AlwaysAuthenticate = CKA_ALWAYS_AUTHENTICATE,
130 WrapWithTrusted = CKA_WRAP_WITH_TRUSTED,
131 WrapTemplate = CKA_WRAP_TEMPLATE,
132 UnwrapTemplate = CKA_UNWRAP_TEMPLATE,
133 DeriveTemplate = CKA_DERIVE_TEMPLATE,
134 OtpFormat = CKA_OTP_FORMAT,
135 OtpLength = CKA_OTP_LENGTH,
136 OtpTimeInterval = CKA_OTP_TIME_INTERVAL,
137 OtpUserFriendlyMode = CKA_OTP_USER_FRIENDLY_MODE,
138 OtpChallengeRequirement = CKA_OTP_CHALLENGE_REQUIREMENT,
139 OtpTimeRequirement = CKA_OTP_TIME_REQUIREMENT,
140 OtpCounterRequirement = CKA_OTP_COUNTER_REQUIREMENT,
141 OtpPinRequirement = CKA_OTP_PIN_REQUIREMENT,
142 OtpCounter = CKA_OTP_COUNTER,
143 OtpTime = CKA_OTP_TIME,
144 OtpUserIdentifier = CKA_OTP_USER_IDENTIFIER,
145 OtpServiceIdentifier = CKA_OTP_SERVICE_IDENTIFIER,
146 OtpServiceLogo = CKA_OTP_SERVICE_LOGO,
147 OtpServiceLogoType = CKA_OTP_SERVICE_LOGO_TYPE,
148 Gostr3410Params = CKA_GOSTR3410_PARAMS,
149 Gostr3411Params = CKA_GOSTR3411_PARAMS,
150 Gost28147Params = CKA_GOST28147_PARAMS,
151 HwFeatureType = CKA_HW_FEATURE_TYPE,
152 ResetOnInit = CKA_RESET_ON_INIT,
153 HasReset = CKA_HAS_RESET,
154 PixelX = CKA_PIXEL_X,
155 PixelY = CKA_PIXEL_Y,
156 Resolution = CKA_RESOLUTION,
157 CharRows = CKA_CHAR_ROWS,
158 CharColumns = CKA_CHAR_COLUMNS,
159 Color = CKA_COLOR,
160 BitsPerPixel = CKA_BITS_PER_PIXEL,
161 CharSets = CKA_CHAR_SETS,
162 EncodingMethods = CKA_ENCODING_METHODS,
163 MimeTypes = CKA_MIME_TYPES,
164 MechanismType = CKA_MECHANISM_TYPE,
165 RequiredCmsAttributes = CKA_REQUIRED_CMS_ATTRIBUTES,
166 DefaultCmsAttributes = CKA_DEFAULT_CMS_ATTRIBUTES,
167 SupportedCmsAttributes = CKA_SUPPORTED_CMS_ATTRIBUTES,
168 AllowedMechanisms = CKA_ALLOWED_MECHANISMS,
169 VendorDefined = CKA_VENDOR_DEFINED,
170};
171
178
179/// Indicates if a stored certificate is a user certificate for which the corresponding private key is available
180/// on the token ("token user"), a CA certificate ("authority"), or another end-entity certificate ("other entity").
187
199
200enum class Flag : CK_FLAGS {
201 None = 0,
202 TokenPresent = CKF_TOKEN_PRESENT,
203 RemovableDevice = CKF_REMOVABLE_DEVICE,
204 HwSlot = CKF_HW_SLOT,
205 Rng = CKF_RNG,
206 WriteProtected = CKF_WRITE_PROTECTED,
207 LoginRequired = CKF_LOGIN_REQUIRED,
208 UserPinInitialized = CKF_USER_PIN_INITIALIZED,
209 RestoreKeyNotNeeded = CKF_RESTORE_KEY_NOT_NEEDED,
210 ClockOnToken = CKF_CLOCK_ON_TOKEN,
211 ProtectedAuthenticationPath = CKF_PROTECTED_AUTHENTICATION_PATH,
212 DualCryptoOperations = CKF_DUAL_CRYPTO_OPERATIONS,
213 TokenInitialized = CKF_TOKEN_INITIALIZED,
214 SecondaryAuthentication = CKF_SECONDARY_AUTHENTICATION,
215 UserPinCountLow = CKF_USER_PIN_COUNT_LOW,
216 UserPinFinalTry = CKF_USER_PIN_FINAL_TRY,
217 UserPinLocked = CKF_USER_PIN_LOCKED,
218 UserPinToBeChanged = CKF_USER_PIN_TO_BE_CHANGED,
219 SoPinCountLow = CKF_SO_PIN_COUNT_LOW,
220 SoPinFinalTry = CKF_SO_PIN_FINAL_TRY,
221 SoPinLocked = CKF_SO_PIN_LOCKED,
222 SoPinToBeChanged = CKF_SO_PIN_TO_BE_CHANGED,
223 ErrorState = CKF_ERROR_STATE,
224 RwSession = CKF_RW_SESSION,
225 SerialSession = CKF_SERIAL_SESSION,
226 ArrayAttribute = CKF_ARRAY_ATTRIBUTE,
227 Hw = CKF_HW,
228 Encrypt = CKF_ENCRYPT,
229 Decrypt = CKF_DECRYPT,
230 Digest = CKF_DIGEST,
231 Sign = CKF_SIGN,
232 SignRecover = CKF_SIGN_RECOVER,
233 Verify = CKF_VERIFY,
234 VerifyRecover = CKF_VERIFY_RECOVER,
235 Generate = CKF_GENERATE,
236 GenerateKeyPair = CKF_GENERATE_KEY_PAIR,
237 Wrap = CKF_WRAP,
238 Unwrap = CKF_UNWRAP,
239 Derive = CKF_DERIVE,
240 EcFP = CKF_EC_F_P,
241 EcF2m = CKF_EC_F_2M,
242 EcEcparameters = CKF_EC_ECPARAMETERS,
243 EcNamedcurve = CKF_EC_NAMEDCURVE,
244 EcUncompress = CKF_EC_UNCOMPRESS,
245 EcCompress = CKF_EC_COMPRESS,
246 Extension = CKF_EXTENSION,
247 LibraryCantCreateOsThreads = CKF_LIBRARY_CANT_CREATE_OS_THREADS,
248 OsLockingOk = CKF_OS_LOCKING_OK,
249 DontBlock = CKF_DONT_BLOCK,
250 NextOtp = CKF_NEXT_OTP,
251 ExcludeTime = CKF_EXCLUDE_TIME,
252 ExcludeCounter = CKF_EXCLUDE_COUNTER,
253 ExcludeChallenge = CKF_EXCLUDE_CHALLENGE,
254 ExcludePin = CKF_EXCLUDE_PIN,
255 UserFriendlyOtp = CKF_USER_FRIENDLY_OTP,
256};
257
258inline Flag operator|(Flag a, Flag b) {
259 // NOLINTNEXTLINE(clang-analyzer-optin.core.EnumCastOutOfRange)
260 return static_cast<Flag>(static_cast<CK_FLAGS>(a) | static_cast<CK_FLAGS>(b));
261}
262
271
278
325
326enum class MechanismType : CK_MECHANISM_TYPE {
327 RsaPkcsKeyPairGen = CKM_RSA_PKCS_KEY_PAIR_GEN,
328 RsaPkcs = CKM_RSA_PKCS,
329 Rsa9796 = CKM_RSA_9796,
330 RsaX509 = CKM_RSA_X_509,
331 Md2RsaPkcs = CKM_MD2_RSA_PKCS,
332 Md5RsaPkcs = CKM_MD5_RSA_PKCS,
333 Sha1RsaPkcs = CKM_SHA1_RSA_PKCS,
334 Ripemd128RsaPkcs = CKM_RIPEMD128_RSA_PKCS,
335 Ripemd160RsaPkcs = CKM_RIPEMD160_RSA_PKCS,
336 RsaPkcsOaep = CKM_RSA_PKCS_OAEP,
337 RsaX931KeyPairGen = CKM_RSA_X9_31_KEY_PAIR_GEN,
338 RsaX931 = CKM_RSA_X9_31,
339 Sha1RsaX931 = CKM_SHA1_RSA_X9_31,
340 RsaPkcsPss = CKM_RSA_PKCS_PSS,
341 Sha1RsaPkcsPss = CKM_SHA1_RSA_PKCS_PSS,
342 DsaKeyPairGen = CKM_DSA_KEY_PAIR_GEN,
343 Dsa = CKM_DSA,
344 DsaSha1 = CKM_DSA_SHA1,
345 DsaSha224 = CKM_DSA_SHA224,
346 DsaSha256 = CKM_DSA_SHA256,
347 DsaSha384 = CKM_DSA_SHA384,
348 DsaSha512 = CKM_DSA_SHA512,
349 DhPkcsKeyPairGen = CKM_DH_PKCS_KEY_PAIR_GEN,
350 DhPkcsDerive = CKM_DH_PKCS_DERIVE,
351 X942DhKeyPairGen = CKM_X9_42_DH_KEY_PAIR_GEN,
352 X942DhDerive = CKM_X9_42_DH_DERIVE,
353 X942DhHybridDerive = CKM_X9_42_DH_HYBRID_DERIVE,
354 X942MqvDerive = CKM_X9_42_MQV_DERIVE,
355 Sha256RsaPkcs = CKM_SHA256_RSA_PKCS,
356 Sha384RsaPkcs = CKM_SHA384_RSA_PKCS,
357 Sha512RsaPkcs = CKM_SHA512_RSA_PKCS,
358 Sha256RsaPkcsPss = CKM_SHA256_RSA_PKCS_PSS,
359 Sha384RsaPkcsPss = CKM_SHA384_RSA_PKCS_PSS,
360 Sha512RsaPkcsPss = CKM_SHA512_RSA_PKCS_PSS,
361 Sha224RsaPkcs = CKM_SHA224_RSA_PKCS,
362 Sha224RsaPkcsPss = CKM_SHA224_RSA_PKCS_PSS,
363 Sha512224 = CKM_SHA512_224,
364 Sha512224Hmac = CKM_SHA512_224_HMAC,
365 Sha512224HmacGeneral = CKM_SHA512_224_HMAC_GENERAL,
366 Sha512224KeyDerivation = CKM_SHA512_224_KEY_DERIVATION,
367 Sha512256 = CKM_SHA512_256,
368 Sha512256Hmac = CKM_SHA512_256_HMAC,
369 Sha512256HmacGeneral = CKM_SHA512_256_HMAC_GENERAL,
370 Sha512256KeyDerivation = CKM_SHA512_256_KEY_DERIVATION,
371 Sha512T = CKM_SHA512_T,
372 Sha512THmac = CKM_SHA512_T_HMAC,
373 Sha512THmacGeneral = CKM_SHA512_T_HMAC_GENERAL,
374 Sha512TKeyDerivation = CKM_SHA512_T_KEY_DERIVATION,
375 Rc2KeyGen = CKM_RC2_KEY_GEN,
376 Rc2Ecb = CKM_RC2_ECB,
377 Rc2Cbc = CKM_RC2_CBC,
378 Rc2Mac = CKM_RC2_MAC,
379 Rc2MacGeneral = CKM_RC2_MAC_GENERAL,
380 Rc2CbcPad = CKM_RC2_CBC_PAD,
381 Rc4KeyGen = CKM_RC4_KEY_GEN,
382 Rc4 = CKM_RC4,
383 DesKeyGen = CKM_DES_KEY_GEN,
384 DesEcb = CKM_DES_ECB,
385 DesCbc = CKM_DES_CBC,
386 DesMac = CKM_DES_MAC,
387 DesMacGeneral = CKM_DES_MAC_GENERAL,
388 DesCbcPad = CKM_DES_CBC_PAD,
389 Des2KeyGen = CKM_DES2_KEY_GEN,
390 Des3KeyGen = CKM_DES3_KEY_GEN,
391 Des3Ecb = CKM_DES3_ECB,
392 Des3Cbc = CKM_DES3_CBC,
393 Des3Mac = CKM_DES3_MAC,
394 Des3MacGeneral = CKM_DES3_MAC_GENERAL,
395 Des3CbcPad = CKM_DES3_CBC_PAD,
396 Des3CmacGeneral = CKM_DES3_CMAC_GENERAL,
397 Des3Cmac = CKM_DES3_CMAC,
398 CdmfKeyGen = CKM_CDMF_KEY_GEN,
399 CdmfEcb = CKM_CDMF_ECB,
400 CdmfCbc = CKM_CDMF_CBC,
401 CdmfMac = CKM_CDMF_MAC,
402 CdmfMacGeneral = CKM_CDMF_MAC_GENERAL,
403 CdmfCbcPad = CKM_CDMF_CBC_PAD,
404 DesOfb64 = CKM_DES_OFB64,
405 DesOfb8 = CKM_DES_OFB8,
406 DesCfb64 = CKM_DES_CFB64,
407 DesCfb8 = CKM_DES_CFB8,
408 Md2 = CKM_MD2,
409 Md2Hmac = CKM_MD2_HMAC,
410 Md2HmacGeneral = CKM_MD2_HMAC_GENERAL,
411 Md5 = CKM_MD5,
412 Md5Hmac = CKM_MD5_HMAC,
413 Md5HmacGeneral = CKM_MD5_HMAC_GENERAL,
414 Sha1 = CKM_SHA_1,
415 Sha1Hmac = CKM_SHA_1_HMAC,
416 Sha1HmacGeneral = CKM_SHA_1_HMAC_GENERAL,
417 Ripemd128 = CKM_RIPEMD128,
418 Ripemd128Hmac = CKM_RIPEMD128_HMAC,
419 Ripemd128HmacGeneral = CKM_RIPEMD128_HMAC_GENERAL,
420 Ripemd160 = CKM_RIPEMD160,
421 Ripemd160Hmac = CKM_RIPEMD160_HMAC,
422 Ripemd160HmacGeneral = CKM_RIPEMD160_HMAC_GENERAL,
423 Sha256 = CKM_SHA256,
424 Sha256Hmac = CKM_SHA256_HMAC,
425 Sha256HmacGeneral = CKM_SHA256_HMAC_GENERAL,
426 Sha224 = CKM_SHA224,
427 Sha224Hmac = CKM_SHA224_HMAC,
428 Sha224HmacGeneral = CKM_SHA224_HMAC_GENERAL,
429 Sha384 = CKM_SHA384,
430 Sha384Hmac = CKM_SHA384_HMAC,
431 Sha384HmacGeneral = CKM_SHA384_HMAC_GENERAL,
432 Sha512 = CKM_SHA512,
433 Sha512Hmac = CKM_SHA512_HMAC,
434 Sha512HmacGeneral = CKM_SHA512_HMAC_GENERAL,
435 SecuridKeyGen = CKM_SECURID_KEY_GEN,
436 Securid = CKM_SECURID,
437 HotpKeyGen = CKM_HOTP_KEY_GEN,
438 Hotp = CKM_HOTP,
439 Acti = CKM_ACTI,
440 ActiKeyGen = CKM_ACTI_KEY_GEN,
441 CastKeyGen = CKM_CAST_KEY_GEN,
442 CastEcb = CKM_CAST_ECB,
443 CastCbc = CKM_CAST_CBC,
444 CastMac = CKM_CAST_MAC,
445 CastMacGeneral = CKM_CAST_MAC_GENERAL,
446 CastCbcPad = CKM_CAST_CBC_PAD,
447 Cast3KeyGen = CKM_CAST3_KEY_GEN,
448 Cast3Ecb = CKM_CAST3_ECB,
449 Cast3Cbc = CKM_CAST3_CBC,
450 Cast3Mac = CKM_CAST3_MAC,
451 Cast3MacGeneral = CKM_CAST3_MAC_GENERAL,
452 Cast3CbcPad = CKM_CAST3_CBC_PAD,
453 Cast5KeyGen = CKM_CAST5_KEY_GEN,
454 Cast128KeyGen = CKM_CAST128_KEY_GEN,
455 Cast5Ecb = CKM_CAST5_ECB,
456 Cast128Ecb = CKM_CAST128_ECB,
457 Cast5Cbc = CKM_CAST5_CBC,
458 Cast128Cbc = CKM_CAST128_CBC,
459 Cast5Mac = CKM_CAST5_MAC,
460 Cast128Mac = CKM_CAST128_MAC,
461 Cast5MacGeneral = CKM_CAST5_MAC_GENERAL,
462 Cast128MacGeneral = CKM_CAST128_MAC_GENERAL,
463 Cast5CbcPad = CKM_CAST5_CBC_PAD,
464 Cast128CbcPad = CKM_CAST128_CBC_PAD,
465 Rc5KeyGen = CKM_RC5_KEY_GEN,
466 Rc5Ecb = CKM_RC5_ECB,
467 Rc5Cbc = CKM_RC5_CBC,
468 Rc5Mac = CKM_RC5_MAC,
469 Rc5MacGeneral = CKM_RC5_MAC_GENERAL,
470 Rc5CbcPad = CKM_RC5_CBC_PAD,
471 IdeaKeyGen = CKM_IDEA_KEY_GEN,
472 IdeaEcb = CKM_IDEA_ECB,
473 IdeaCbc = CKM_IDEA_CBC,
474 IdeaMac = CKM_IDEA_MAC,
475 IdeaMacGeneral = CKM_IDEA_MAC_GENERAL,
476 IdeaCbcPad = CKM_IDEA_CBC_PAD,
477 GenericSecretKeyGen = CKM_GENERIC_SECRET_KEY_GEN,
478 ConcatenateBaseAndKey = CKM_CONCATENATE_BASE_AND_KEY,
479 ConcatenateBaseAndData = CKM_CONCATENATE_BASE_AND_DATA,
480 ConcatenateDataAndBase = CKM_CONCATENATE_DATA_AND_BASE,
481 XorBaseAndData = CKM_XOR_BASE_AND_DATA,
482 ExtractKeyFromKey = CKM_EXTRACT_KEY_FROM_KEY,
483 Ssl3PreMasterKeyGen = CKM_SSL3_PRE_MASTER_KEY_GEN,
484 Ssl3MasterKeyDerive = CKM_SSL3_MASTER_KEY_DERIVE,
485 Ssl3KeyAndMacDerive = CKM_SSL3_KEY_AND_MAC_DERIVE,
486 Ssl3MasterKeyDeriveDh = CKM_SSL3_MASTER_KEY_DERIVE_DH,
487 TlsPreMasterKeyGen = CKM_TLS_PRE_MASTER_KEY_GEN,
488 TlsMasterKeyDerive = CKM_TLS_MASTER_KEY_DERIVE,
489 TlsKeyAndMacDerive = CKM_TLS_KEY_AND_MAC_DERIVE,
490 TlsMasterKeyDeriveDh = CKM_TLS_MASTER_KEY_DERIVE_DH,
491 TlsPrf = CKM_TLS_PRF,
492 Ssl3Md5Mac = CKM_SSL3_MD5_MAC,
493 Ssl3Sha1Mac = CKM_SSL3_SHA1_MAC,
494 Md5KeyDerivation = CKM_MD5_KEY_DERIVATION,
495 Md2KeyDerivation = CKM_MD2_KEY_DERIVATION,
496 Sha1KeyDerivation = CKM_SHA1_KEY_DERIVATION,
497 Sha256KeyDerivation = CKM_SHA256_KEY_DERIVATION,
498 Sha384KeyDerivation = CKM_SHA384_KEY_DERIVATION,
499 Sha512KeyDerivation = CKM_SHA512_KEY_DERIVATION,
500 Sha224KeyDerivation = CKM_SHA224_KEY_DERIVATION,
501 PbeMd2DesCbc = CKM_PBE_MD2_DES_CBC,
502 PbeMd5DesCbc = CKM_PBE_MD5_DES_CBC,
503 PbeMd5CastCbc = CKM_PBE_MD5_CAST_CBC,
504 PbeMd5Cast3Cbc = CKM_PBE_MD5_CAST3_CBC,
505 PbeMd5Cast5Cbc = CKM_PBE_MD5_CAST5_CBC,
506 PbeMd5Cast128Cbc = CKM_PBE_MD5_CAST128_CBC,
507 PbeSha1Cast5Cbc = CKM_PBE_SHA1_CAST5_CBC,
508 PbeSha1Cast128Cbc = CKM_PBE_SHA1_CAST128_CBC,
509 PbeSha1Rc4128 = CKM_PBE_SHA1_RC4_128,
510 PbeSha1Rc440 = CKM_PBE_SHA1_RC4_40,
511 PbeSha1Des3EdeCbc = CKM_PBE_SHA1_DES3_EDE_CBC,
512 PbeSha1Des2EdeCbc = CKM_PBE_SHA1_DES2_EDE_CBC,
513 PbeSha1Rc2128Cbc = CKM_PBE_SHA1_RC2_128_CBC,
514 PbeSha1Rc240Cbc = CKM_PBE_SHA1_RC2_40_CBC,
515 Pkcs5Pbkd2 = CKM_PKCS5_PBKD2,
516 PbaSha1WithSha1Hmac = CKM_PBA_SHA1_WITH_SHA1_HMAC,
517 WtlsPreMasterKeyGen = CKM_WTLS_PRE_MASTER_KEY_GEN,
518 WtlsMasterKeyDerive = CKM_WTLS_MASTER_KEY_DERIVE,
519 WtlsMasterKeyDeriveDhEcc = CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC,
520 WtlsPrf = CKM_WTLS_PRF,
521 WtlsServerKeyAndMacDerive = CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE,
522 WtlsClientKeyAndMacDerive = CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE,
523 Tls10MacServer = CKM_TLS10_MAC_SERVER,
524 Tls10MacClient = CKM_TLS10_MAC_CLIENT,
525 Tls12Mac = CKM_TLS12_MAC,
526 Tls12Kdf = CKM_TLS12_KDF,
527 Tls12MasterKeyDerive = CKM_TLS12_MASTER_KEY_DERIVE,
528 Tls12KeyAndMacDerive = CKM_TLS12_KEY_AND_MAC_DERIVE,
529 Tls12MasterKeyDeriveDh = CKM_TLS12_MASTER_KEY_DERIVE_DH,
530 Tls12KeySafeDerive = CKM_TLS12_KEY_SAFE_DERIVE,
531 TlsMac = CKM_TLS_MAC,
532 TlsKdf = CKM_TLS_KDF,
533 KeyWrapLynks = CKM_KEY_WRAP_LYNKS,
534 KeyWrapSetOaep = CKM_KEY_WRAP_SET_OAEP,
535 CmsSig = CKM_CMS_SIG,
536 KipDerive = CKM_KIP_DERIVE,
537 KipWrap = CKM_KIP_WRAP,
538 KipMac = CKM_KIP_MAC,
539 CamelliaKeyGen = CKM_CAMELLIA_KEY_GEN,
540 CamelliaEcb = CKM_CAMELLIA_ECB,
541 CamelliaCbc = CKM_CAMELLIA_CBC,
542 CamelliaMac = CKM_CAMELLIA_MAC,
543 CamelliaMacGeneral = CKM_CAMELLIA_MAC_GENERAL,
544 CamelliaCbcPad = CKM_CAMELLIA_CBC_PAD,
545 CamelliaEcbEncryptData = CKM_CAMELLIA_ECB_ENCRYPT_DATA,
546 CamelliaCbcEncryptData = CKM_CAMELLIA_CBC_ENCRYPT_DATA,
547 CamelliaCtr = CKM_CAMELLIA_CTR,
548 AriaKeyGen = CKM_ARIA_KEY_GEN,
549 AriaEcb = CKM_ARIA_ECB,
550 AriaCbc = CKM_ARIA_CBC,
551 AriaMac = CKM_ARIA_MAC,
552 AriaMacGeneral = CKM_ARIA_MAC_GENERAL,
553 AriaCbcPad = CKM_ARIA_CBC_PAD,
554 AriaEcbEncryptData = CKM_ARIA_ECB_ENCRYPT_DATA,
555 AriaCbcEncryptData = CKM_ARIA_CBC_ENCRYPT_DATA,
556 SeedKeyGen = CKM_SEED_KEY_GEN,
557 SeedEcb = CKM_SEED_ECB,
558 SeedCbc = CKM_SEED_CBC,
559 SeedMac = CKM_SEED_MAC,
560 SeedMacGeneral = CKM_SEED_MAC_GENERAL,
561 SeedCbcPad = CKM_SEED_CBC_PAD,
562 SeedEcbEncryptData = CKM_SEED_ECB_ENCRYPT_DATA,
563 SeedCbcEncryptData = CKM_SEED_CBC_ENCRYPT_DATA,
564 SkipjackKeyGen = CKM_SKIPJACK_KEY_GEN,
565 SkipjackEcb64 = CKM_SKIPJACK_ECB64,
566 SkipjackCbc64 = CKM_SKIPJACK_CBC64,
567 SkipjackOfb64 = CKM_SKIPJACK_OFB64,
568 SkipjackCfb64 = CKM_SKIPJACK_CFB64,
569 SkipjackCfb32 = CKM_SKIPJACK_CFB32,
570 SkipjackCfb16 = CKM_SKIPJACK_CFB16,
571 SkipjackCfb8 = CKM_SKIPJACK_CFB8,
572 SkipjackWrap = CKM_SKIPJACK_WRAP,
573 SkipjackPrivateWrap = CKM_SKIPJACK_PRIVATE_WRAP,
574 SkipjackRelayx = CKM_SKIPJACK_RELAYX,
575 KeaKeyPairGen = CKM_KEA_KEY_PAIR_GEN,
576 KeaKeyDerive = CKM_KEA_KEY_DERIVE,
577 KeaDerive = CKM_KEA_DERIVE,
578 FortezzaTimestamp = CKM_FORTEZZA_TIMESTAMP,
579 BatonKeyGen = CKM_BATON_KEY_GEN,
580 BatonEcb128 = CKM_BATON_ECB128,
581 BatonEcb96 = CKM_BATON_ECB96,
582 BatonCbc128 = CKM_BATON_CBC128,
583 BatonCounter = CKM_BATON_COUNTER,
584 BatonShuffle = CKM_BATON_SHUFFLE,
585 BatonWrap = CKM_BATON_WRAP,
586 EcdsaKeyPairGen = CKM_ECDSA_KEY_PAIR_GEN,
587 EcKeyPairGen = CKM_EC_KEY_PAIR_GEN,
588 Ecdsa = CKM_ECDSA,
589 EcdsaSha1 = CKM_ECDSA_SHA1,
590 EcdsaSha224 = CKM_ECDSA_SHA224,
591 EcdsaSha256 = CKM_ECDSA_SHA256,
592 EcdsaSha384 = CKM_ECDSA_SHA384,
593 EcdsaSha512 = CKM_ECDSA_SHA512,
594 Ecdh1Derive = CKM_ECDH1_DERIVE,
595 Ecdh1CofactorDerive = CKM_ECDH1_COFACTOR_DERIVE,
596 EcmqvDerive = CKM_ECMQV_DERIVE,
597 EcdhAesKeyWrap = CKM_ECDH_AES_KEY_WRAP,
598 RsaAesKeyWrap = CKM_RSA_AES_KEY_WRAP,
599 JuniperKeyGen = CKM_JUNIPER_KEY_GEN,
600 JuniperEcb128 = CKM_JUNIPER_ECB128,
601 JuniperCbc128 = CKM_JUNIPER_CBC128,
602 JuniperCounter = CKM_JUNIPER_COUNTER,
603 JuniperShuffle = CKM_JUNIPER_SHUFFLE,
604 JuniperWrap = CKM_JUNIPER_WRAP,
605 Fasthash = CKM_FASTHASH,
606 AesKeyGen = CKM_AES_KEY_GEN,
607 AesEcb = CKM_AES_ECB,
608 AesCbc = CKM_AES_CBC,
609 AesMac = CKM_AES_MAC,
610 AesMacGeneral = CKM_AES_MAC_GENERAL,
611 AesCbcPad = CKM_AES_CBC_PAD,
612 AesCtr = CKM_AES_CTR,
613 AesGcm = CKM_AES_GCM,
614 AesCcm = CKM_AES_CCM,
615 AesCts = CKM_AES_CTS,
616 AesCmac = CKM_AES_CMAC,
617 AesCmacGeneral = CKM_AES_CMAC_GENERAL,
618 AesXcbcMac = CKM_AES_XCBC_MAC,
619 AesXcbcMac96 = CKM_AES_XCBC_MAC_96,
620 AesGmac = CKM_AES_GMAC,
621 BlowfishKeyGen = CKM_BLOWFISH_KEY_GEN,
622 BlowfishCbc = CKM_BLOWFISH_CBC,
623 TwofishKeyGen = CKM_TWOFISH_KEY_GEN,
624 TwofishCbc = CKM_TWOFISH_CBC,
625 BlowfishCbcPad = CKM_BLOWFISH_CBC_PAD,
626 TwofishCbcPad = CKM_TWOFISH_CBC_PAD,
627 DesEcbEncryptData = CKM_DES_ECB_ENCRYPT_DATA,
628 DesCbcEncryptData = CKM_DES_CBC_ENCRYPT_DATA,
629 Des3EcbEncryptData = CKM_DES3_ECB_ENCRYPT_DATA,
630 Des3CbcEncryptData = CKM_DES3_CBC_ENCRYPT_DATA,
631 AesEcbEncryptData = CKM_AES_ECB_ENCRYPT_DATA,
632 AesCbcEncryptData = CKM_AES_CBC_ENCRYPT_DATA,
633 Gostr3410KeyPairGen = CKM_GOSTR3410_KEY_PAIR_GEN,
634 Gostr3410 = CKM_GOSTR3410,
635 Gostr3410WithGostr3411 = CKM_GOSTR3410_WITH_GOSTR3411,
636 Gostr3410KeyWrap = CKM_GOSTR3410_KEY_WRAP,
637 Gostr3410Derive = CKM_GOSTR3410_DERIVE,
638 Gostr3411 = CKM_GOSTR3411,
639 Gostr3411Hmac = CKM_GOSTR3411_HMAC,
640 Gost28147KeyGen = CKM_GOST28147_KEY_GEN,
641 Gost28147Ecb = CKM_GOST28147_ECB,
642 Gost28147 = CKM_GOST28147,
643 Gost28147Mac = CKM_GOST28147_MAC,
644 Gost28147KeyWrap = CKM_GOST28147_KEY_WRAP,
645 DsaParameterGen = CKM_DSA_PARAMETER_GEN,
646 DhPkcsParameterGen = CKM_DH_PKCS_PARAMETER_GEN,
647 X942DhParameterGen = CKM_X9_42_DH_PARAMETER_GEN,
648 DsaProbablisticParameterGen = CKM_DSA_PROBABLISTIC_PARAMETER_GEN,
649 DsaShaweTaylorParameterGen = CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN,
650 AesOfb = CKM_AES_OFB,
651 AesCfb64 = CKM_AES_CFB64,
652 AesCfb8 = CKM_AES_CFB8,
653 AesCfb128 = CKM_AES_CFB128,
654 AesCfb1 = CKM_AES_CFB1,
655 AesKeyWrap = CKM_AES_KEY_WRAP,
656 AesKeyWrapPad = CKM_AES_KEY_WRAP_PAD,
657 RsaPkcsTpm11 = CKM_RSA_PKCS_TPM_1_1,
658 RsaPkcsOaepTpm11 = CKM_RSA_PKCS_OAEP_TPM_1_1,
659 VendorDefined = CKM_VENDOR_DEFINED,
660};
661
666
679
690
698
699enum class ReturnValue : CK_RV {
700 OK = CKR_OK,
701 Cancel = CKR_CANCEL,
702 HostMemory = CKR_HOST_MEMORY,
703 SlotIdInvalid = CKR_SLOT_ID_INVALID,
704 GeneralError = CKR_GENERAL_ERROR,
705 FunctionFailed = CKR_FUNCTION_FAILED,
706 ArgumentsBad = CKR_ARGUMENTS_BAD,
707 NoEvent = CKR_NO_EVENT,
708 NeedToCreateThreads = CKR_NEED_TO_CREATE_THREADS,
709 CantLock = CKR_CANT_LOCK,
710 AttributeReadOnly = CKR_ATTRIBUTE_READ_ONLY,
711 AttributeSensitive = CKR_ATTRIBUTE_SENSITIVE,
712 AttributeTypeInvalid = CKR_ATTRIBUTE_TYPE_INVALID,
713 AttributeValueInvalid = CKR_ATTRIBUTE_VALUE_INVALID,
714 ActionProhibited = CKR_ACTION_PROHIBITED,
715 DataInvalid = CKR_DATA_INVALID,
716 DataLenRange = CKR_DATA_LEN_RANGE,
717 DeviceError = CKR_DEVICE_ERROR,
718 DeviceMemory = CKR_DEVICE_MEMORY,
719 DeviceRemoved = CKR_DEVICE_REMOVED,
720 EncryptedDataInvalid = CKR_ENCRYPTED_DATA_INVALID,
721 EncryptedDataLenRange = CKR_ENCRYPTED_DATA_LEN_RANGE,
722 FunctionCanceled = CKR_FUNCTION_CANCELED,
723 FunctionNotParallel = CKR_FUNCTION_NOT_PARALLEL,
724 FunctionNotSupported = CKR_FUNCTION_NOT_SUPPORTED,
725 KeyHandleInvalid = CKR_KEY_HANDLE_INVALID,
726 KeySizeRange = CKR_KEY_SIZE_RANGE,
727 KeyTypeInconsistent = CKR_KEY_TYPE_INCONSISTENT,
728 KeyNotNeeded = CKR_KEY_NOT_NEEDED,
729 KeyChanged = CKR_KEY_CHANGED,
730 KeyNeeded = CKR_KEY_NEEDED,
731 KeyIndigestible = CKR_KEY_INDIGESTIBLE,
732 KeyFunctionNotPermitted = CKR_KEY_FUNCTION_NOT_PERMITTED,
733 KeyNotWrappable = CKR_KEY_NOT_WRAPPABLE,
734 KeyUnextractable = CKR_KEY_UNEXTRACTABLE,
735 MechanismInvalid = CKR_MECHANISM_INVALID,
736 MechanismParamInvalid = CKR_MECHANISM_PARAM_INVALID,
737 ObjectHandleInvalid = CKR_OBJECT_HANDLE_INVALID,
738 OperationActive = CKR_OPERATION_ACTIVE,
739 OperationNotInitialized = CKR_OPERATION_NOT_INITIALIZED,
740 PinIncorrect = CKR_PIN_INCORRECT,
741 PinInvalid = CKR_PIN_INVALID,
742 PinLenRange = CKR_PIN_LEN_RANGE,
743 PinExpired = CKR_PIN_EXPIRED,
744 PinLocked = CKR_PIN_LOCKED,
745 SessionClosed = CKR_SESSION_CLOSED,
746 SessionCount = CKR_SESSION_COUNT,
747 SessionHandleInvalid = CKR_SESSION_HANDLE_INVALID,
748 SessionParallelNotSupported = CKR_SESSION_PARALLEL_NOT_SUPPORTED,
749 SessionReadOnly = CKR_SESSION_READ_ONLY,
750 SessionExists = CKR_SESSION_EXISTS,
751 SessionReadOnlyExists = CKR_SESSION_READ_ONLY_EXISTS,
752 SessionReadWriteSoExists = CKR_SESSION_READ_WRITE_SO_EXISTS,
753 SignatureInvalid = CKR_SIGNATURE_INVALID,
754 SignatureLenRange = CKR_SIGNATURE_LEN_RANGE,
755 TemplateIncomplete = CKR_TEMPLATE_INCOMPLETE,
756 TemplateInconsistent = CKR_TEMPLATE_INCONSISTENT,
757 TokenNotPresent = CKR_TOKEN_NOT_PRESENT,
758 TokenNotRecognized = CKR_TOKEN_NOT_RECOGNIZED,
759 TokenWriteProtected = CKR_TOKEN_WRITE_PROTECTED,
760 UnwrappingKeyHandleInvalid = CKR_UNWRAPPING_KEY_HANDLE_INVALID,
761 UnwrappingKeySizeRange = CKR_UNWRAPPING_KEY_SIZE_RANGE,
762 UnwrappingKeyTypeInconsistent = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT,
763 UserAlreadyLoggedIn = CKR_USER_ALREADY_LOGGED_IN,
764 UserNotLoggedIn = CKR_USER_NOT_LOGGED_IN,
765 UserPinNotInitialized = CKR_USER_PIN_NOT_INITIALIZED,
766 UserTypeInvalid = CKR_USER_TYPE_INVALID,
767 UserAnotherAlreadyLoggedIn = CKR_USER_ANOTHER_ALREADY_LOGGED_IN,
768 UserTooManyTypes = CKR_USER_TOO_MANY_TYPES,
769 WrappedKeyInvalid = CKR_WRAPPED_KEY_INVALID,
770 WrappedKeyLenRange = CKR_WRAPPED_KEY_LEN_RANGE,
771 WrappingKeyHandleInvalid = CKR_WRAPPING_KEY_HANDLE_INVALID,
772 WrappingKeySizeRange = CKR_WRAPPING_KEY_SIZE_RANGE,
773 WrappingKeyTypeInconsistent = CKR_WRAPPING_KEY_TYPE_INCONSISTENT,
774 RandomSeedNotSupported = CKR_RANDOM_SEED_NOT_SUPPORTED,
775 RandomNoRng = CKR_RANDOM_NO_RNG,
776 DomainParamsInvalid = CKR_DOMAIN_PARAMS_INVALID,
777 CurveNotSupported = CKR_CURVE_NOT_SUPPORTED,
778 BufferTooSmall = CKR_BUFFER_TOO_SMALL,
779 SavedStateInvalid = CKR_SAVED_STATE_INVALID,
780 InformationSensitive = CKR_INFORMATION_SENSITIVE,
781 StateUnsaveable = CKR_STATE_UNSAVEABLE,
782 CryptokiNotInitialized = CKR_CRYPTOKI_NOT_INITIALIZED,
783 CryptokiAlreadyInitialized = CKR_CRYPTOKI_ALREADY_INITIALIZED,
784 MutexBad = CKR_MUTEX_BAD,
785 MutexNotLocked = CKR_MUTEX_NOT_LOCKED,
786 NewPinMode = CKR_NEW_PIN_MODE,
787 NextOtp = CKR_NEXT_OTP,
788 ExceededMaxIterations = CKR_EXCEEDED_MAX_ITERATIONS,
789 FipsSelfTestFailed = CKR_FIPS_SELF_TEST_FAILED,
790 LibraryLoadFailed = CKR_LIBRARY_LOAD_FAILED,
791 PinTooWeak = CKR_PIN_TOO_WEAK,
792 PublicKeyInvalid = CKR_PUBLIC_KEY_INVALID,
793 FunctionRejected = CKR_FUNCTION_REJECTED,
794 VendorDefined = CKR_VENDOR_DEFINED,
795};
796
802
803enum class PublicPointEncoding : uint32_t { Raw, Der };
804
805using FunctionListPtr = CK_FUNCTION_LIST_PTR;
806using VoidPtr = CK_VOID_PTR;
807using C_InitializeArgs = CK_C_INITIALIZE_ARGS;
808using CreateMutex = CK_CREATEMUTEX;
809using DestroyMutex = CK_DESTROYMUTEX;
810using LockMutex = CK_LOCKMUTEX;
811using UnlockMutex = CK_UNLOCKMUTEX;
812using Flags = CK_FLAGS;
813using Info = CK_INFO;
814using Bbool = CK_BBOOL;
815using SlotId = CK_SLOT_ID;
816using Ulong = CK_ULONG;
817using SlotInfo = CK_SLOT_INFO;
818using TokenInfo = CK_TOKEN_INFO;
819using Mechanism = CK_MECHANISM;
820using MechanismInfo = CK_MECHANISM_INFO;
821using Utf8Char = CK_UTF8CHAR;
822using Notify = CK_NOTIFY;
823using SessionHandle = CK_SESSION_HANDLE;
824using SessionInfo = CK_SESSION_INFO;
825using Attribute = CK_ATTRIBUTE;
826using ObjectHandle = CK_OBJECT_HANDLE;
827using Byte = CK_BYTE;
828using RsaPkcsOaepParams = CK_RSA_PKCS_OAEP_PARAMS;
829using RsaPkcsPssParams = CK_RSA_PKCS_PSS_PARAMS;
830using Ecdh1DeriveParams = CK_ECDH1_DERIVE_PARAMS;
831using Date = CK_DATE;
832
833BOTAN_PUBLIC_API(2, 0) extern ReturnValue* ThrowException;
834
835const Bbool True = CK_TRUE;
836const Bbool False = CK_FALSE;
837
838inline Flags flags(Flag flags) {
839 return static_cast<Flags>(flags);
840}
841
842class Slot;
843
844/**
845* Initializes a token
846* @param slot The slot with the attached token that should be initialized
847* @param label The token label
848* @param so_pin PIN of the security officer. Will be set if the token is uninitialized other this has to be the current SO_PIN
849* @param pin The user PIN that will be set
850*/
851BOTAN_PUBLIC_API(2, 0)
852void initialize_token(Slot& slot, std::string_view label, const secure_string& so_pin, const secure_string& pin);
853
854/**
855* Change PIN with old PIN to new PIN
856* @param slot The slot with the attached token
857* @param old_pin The old user PIN
858* @param new_pin The new user PIN
859*/
860
861BOTAN_PUBLIC_API(2, 0) void change_pin(Slot& slot, const secure_string& old_pin, const secure_string& new_pin);
862
863/**
864* Change SO_PIN with old SO_PIN to new SO_PIN
865* @param slot The slot with the attached token
866* @param old_so_pin The old SO_PIN
867* @param new_so_pin The new SO_PIN
868*/
869BOTAN_PUBLIC_API(2, 0) void change_so_pin(Slot& slot, const secure_string& old_so_pin, const secure_string& new_so_pin);
870
871/**
872* Sets user PIN with SO_PIN
873* @param slot The slot with the attached token
874* @param so_pin PIN of the security officer
875* @param pin The user PIN that should be set
876*/
877BOTAN_PUBLIC_API(2, 0) void set_pin(Slot& slot, const secure_string& so_pin, const secure_string& pin);
878
879/// Provides access to all PKCS#11 functions
880class BOTAN_PUBLIC_API(2, 0) LowLevel {
881 public:
882 /// @param ptr the functon list pointer to use. Can be retrieved via `LowLevel::C_GetFunctionList`
883 explicit LowLevel(FunctionListPtr ptr);
884
885 /****************************** General purpose functions ******************************/
886
887 /**
888 * C_Initialize initializes the Cryptoki library.
889 * @param init_args if this is not nullptr, it gets cast to (`C_InitializeArgs`) and dereferenced
890 * @param return_value default value (`ThrowException`): throw exception on error.
891 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
892 * At least the following PKCS#11 return values may be returned:
893 * \li ArgumentsBad \li CantLock \li CryptokiAlreadyInitialized
894 * \li FunctionFailed \li GeneralError \li HostMemory
895 * \li NeedToCreateThreads \li OK
896 * @return true on success, false otherwise
897 */
898 bool C_Initialize(VoidPtr init_args, ReturnValue* return_value = ThrowException) const;
899
900 /**
901 * C_Finalize indicates that an application is done with the Cryptoki library.
902 * @param reserved reserved. Should be nullptr
903 * @param return_value default value (`ThrowException`): throw exception on error.
904 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
905 * At least the following PKCS#11 return values may be returned:
906 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
907 * \li GeneralError \li HostMemory \li OK
908 * @return true on success, false otherwise
909 */
910 bool C_Finalize(VoidPtr reserved, ReturnValue* return_value = ThrowException) const;
911
912 /**
913 * C_GetInfo returns general information about Cryptoki.
914 * @param info_ptr location that receives information
915 * @param return_value default value (`ThrowException`): throw exception on error.
916 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
917 * At least the following PKCS#11 return values may be returned:
918 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
919 * \li GeneralError \li HostMemory \li OK
920 * @return true on success, false otherwise
921 */
922 bool C_GetInfo(Info* info_ptr, ReturnValue* return_value = ThrowException) const;
923
924 /**
925 * C_GetFunctionList returns the function list.
926 * @param pkcs11_module The PKCS#11 module
927 * @param function_list_ptr_ptr receives pointer to function list
928 * @param return_value default value (`ThrowException`): throw exception on error.
929 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
930 * At least the following PKCS#11 return values may be returned:
931 * \li ArgumentsBad \li FunctionFailed \li GeneralError
932 * \li HostMemory \li OK
933 * @return true on success, false otherwise
934 */
935 static bool C_GetFunctionList(Dynamically_Loaded_Library& pkcs11_module,
936 FunctionListPtr* function_list_ptr_ptr,
937 ReturnValue* return_value = ThrowException);
938
939 /****************************** Slot and token management functions ******************************/
940
941 /**
942 * C_GetSlotList obtains a list of slots in the system.
943 * @param token_present only slots with tokens
944 * @param slot_list_ptr receives array of slot IDs
945 * @param count_ptr receives number of slots
946 * @param return_value default value (`ThrowException`): throw exception on error.
947 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
948 * At least the following PKCS#11 return values may be returned:
949 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
950 * \li FunctionFailed \li GeneralError \li HostMemory
951 * \li OK
952 * @return true on success, false otherwise
953 */
954 bool C_GetSlotList(Bbool token_present,
955 SlotId* slot_list_ptr,
956 Ulong* count_ptr,
957 ReturnValue* return_value = ThrowException) const;
958
959 /**
960 * C_GetSlotList obtains a list of slots in the system.
961 * @param token_present only slots with tokens
962 * @param slot_ids receives vector of slot IDs
963 * @param return_value default value (`ThrowException`): throw exception on error.
964 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
965 * At least the following PKCS#11 return values may be returned:
966 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
967 * \li FunctionFailed \li GeneralError \li HostMemory
968 * \li OK
969 * @return true on success, false otherwise
970 */
971 bool C_GetSlotList(bool token_present,
972 std::vector<SlotId>& slot_ids,
973 ReturnValue* return_value = ThrowException) const;
974
975 /**
976 * C_GetSlotInfo obtains information about a particular slot in the system.
977 * @param slot_id the ID of the slot
978 * @param info_ptr receives the slot information
979 * @param return_value default value (`ThrowException`): throw exception on error.
980 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
981 * At least the following PKCS#11 return values may be returned:
982 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
983 * \li FunctionFailed \li GeneralError \li HostMemory
984 * \li OK \li SlotIdInvalid
985 * @return true on success, false otherwise
986 */
987 bool C_GetSlotInfo(SlotId slot_id, SlotInfo* info_ptr, ReturnValue* return_value = ThrowException) const;
988
989 /**
990 * C_GetTokenInfo obtains information about a particular token in the system.
991 * @param slot_id ID of the token's slot
992 * @param info_ptr receives the token information
993 * @param return_value default value (`ThrowException`): throw exception on error.
994 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
995 * At least the following PKCS#11 return values may be returned:
996 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
997 * \li DeviceRemoved \li FunctionFailed \li GeneralError
998 * \li HostMemory \li OK \li SlotIdInvalid
999 * \li TokenNotPresent \li TokenNotRecognized \li ArgumentsBad
1000 * @return true on success, false otherwise
1001 */
1002 bool C_GetTokenInfo(SlotId slot_id, TokenInfo* info_ptr, ReturnValue* return_value = ThrowException) const;
1003
1004 /**
1005 * C_WaitForSlotEvent waits for a slot event (token insertion, removal, etc.) to occur.
1006 * @param flags blocking/nonblocking flag
1007 * @param slot_ptr location that receives the slot ID
1008 * @param reserved reserved. Should be NULL_PTR
1009 * @param return_value default value (`ThrowException`): throw exception on error.
1010 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1011 * At least the following PKCS#11 return values may be returned:
1012 * \li ArgumentsBad \li CryptokiNotInitialized \li FunctionFailed
1013 * \li GeneralError \li HostMemory \li NoEvent
1014 * \li OK
1015 * @return true on success, false otherwise
1016 */
1017 bool C_WaitForSlotEvent(Flags flags,
1018 SlotId* slot_ptr,
1019 VoidPtr reserved,
1020 ReturnValue* return_value = ThrowException) const;
1021
1022 /**
1023 * C_GetMechanismList obtains a list of mechanism types supported by a token.
1024 * @param slot_id ID of token's slot
1025 * @param mechanism_list_ptr gets mech. array
1026 * @param count_ptr gets # of mechs.
1027 * @param return_value default value (`ThrowException`): throw exception on error.
1028 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1029 * At least the following PKCS#11 return values may be returned:
1030 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1031 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1032 * \li GeneralError \li HostMemory \li OK
1033 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1034 * \li ArgumentsBad
1035 * @return true on success, false otherwise
1036 */
1037 bool C_GetMechanismList(SlotId slot_id,
1038 MechanismType* mechanism_list_ptr,
1039 Ulong* count_ptr,
1040 ReturnValue* return_value = ThrowException) const;
1041
1042 /**
1043 * C_GetMechanismList obtains a list of mechanism types supported by a token.
1044 * @param slot_id ID of token's slot
1045 * @param mechanisms receives vector of supported mechanisms
1046 * @param return_value default value (`ThrowException`): throw exception on error.
1047 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1048 * At least the following PKCS#11 return values may be returned:
1049 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1050 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1051 * \li GeneralError \li HostMemory \li OK
1052 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1053 * \li ArgumentsBad
1054 * @return true on success, false otherwise
1055 */
1056 bool C_GetMechanismList(SlotId slot_id,
1057 std::vector<MechanismType>& mechanisms,
1058 ReturnValue* return_value = ThrowException) const;
1059
1060 /**
1061 * C_GetMechanismInfo obtains information about a particular mechanism possibly supported by a token.
1062 * @param slot_id ID of the token's slot
1063 * @param type type of mechanism
1064 * @param info_ptr receives mechanism info
1065 * @param return_value default value (`ThrowException`): throw exception on error.
1066 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1067 * At least the following PKCS#11 return values may be returned:
1068 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1069 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1070 * \li HostMemory \li MechanismInvalid \li OK
1071 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1072 * \li ArgumentsBad
1073 * @return true on success, false otherwise
1074 */
1075 bool C_GetMechanismInfo(SlotId slot_id,
1076 MechanismType type,
1077 MechanismInfo* info_ptr,
1078 ReturnValue* return_value = ThrowException) const;
1079
1080 /**
1081 * C_InitToken initializes a token.
1082 * @param slot_id ID of the token's slot
1083 * @param so_pin_ptr the SO's initial PIN
1084 * @param so_pin_len length in bytes of the SO_PIN
1085 * @param label_ptr 32-byte token label (blank padded)
1086 * @param return_value default value (`ThrowException`): throw exception on error.
1087 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1088 * At least the following PKCS#11 return values may be returned:
1089 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1090 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1091 * \li GeneralError \li HostMemory \li OK
1092 * \li PinIncorrect \li PinLocked \li SessionExists
1093 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1094 * \li TokenWriteProtected \li ArgumentsBad
1095 * @return true on success, false otherwise
1096 */
1097 bool C_InitToken(SlotId slot_id,
1098 Utf8Char* so_pin_ptr,
1099 Ulong so_pin_len,
1100 Utf8Char* label_ptr,
1101 ReturnValue* return_value = ThrowException) const;
1102
1103 /**
1104 * C_InitToken initializes a token.
1105 * @param slot_id ID of the token's slot
1106 * @param so_pin the SO's initial PIN
1107 * @param label token label (at max 32 bytes long)
1108 * @param return_value default value (`ThrowException`): throw exception on error.
1109 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1110 * At least the following PKCS#11 return values may be returned:
1111 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1112 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1113 * \li GeneralError \li HostMemory \li OK
1114 * \li PinIncorrect \li PinLocked \li SessionExists
1115 * \li SlotIdInvalid \li TokenNotPresent \li TokenNotRecognized
1116 * \li TokenWriteProtected \li ArgumentsBad
1117 * @return true on success, false otherwise
1118 */
1119 template <typename TAlloc>
1120 bool C_InitToken(SlotId slot_id,
1121 const std::vector<uint8_t, TAlloc>& so_pin,
1122 std::string_view label,
1123 ReturnValue* return_value = ThrowException) const {
1124 std::string padded_label(label);
1125 if(label.size() < 32) {
1126 padded_label.insert(padded_label.end(), 32 - label.size(), ' ');
1127 }
1128
1129 return C_InitToken(slot_id,
1130 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(so_pin.data())),
1131 static_cast<Ulong>(so_pin.size()),
1132 reinterpret_cast<Utf8Char*>(const_cast<char*>(padded_label.c_str())),
1133 return_value);
1134 }
1135
1136 /**
1137 * C_InitPIN initializes the normal user's PIN.
1138 * @param session the session's handle
1139 * @param pin_ptr the normal user's PIN
1140 * @param pin_len length in bytes of the PIN
1141 * @param return_value default value (`ThrowException`): throw exception on error.
1142 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1143 * At least the following PKCS#11 return values may be returned:
1144 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1145 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1146 * \li GeneralError \li HostMemory \li OK
1147 * \li PinInvalid \li PinLenRange \li SessionClosed
1148 * \li SessionReadOnly \li SessionHandleInvalid \li TokenWriteProtected
1149 * \li UserNotLoggedIn \li ArgumentsBad
1150 * @return true on success, false otherwise
1151 */
1152 bool C_InitPIN(SessionHandle session,
1153 Utf8Char* pin_ptr,
1154 Ulong pin_len,
1155 ReturnValue* return_value = ThrowException) const;
1156
1157 /**
1158 * C_InitPIN initializes the normal user's PIN.
1159 * @param session the session's handle
1160 * @param pin the normal user's PIN
1161 * @param return_value default value (`ThrowException`): throw exception on error.
1162 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1163 * At least the following PKCS#11 return values may be returned:
1164 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1165 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1166 * \li GeneralError \li HostMemory \li OK
1167 * \li PinInvalid \li PinLenRange \li SessionClosed
1168 * \li SessionReadOnly \li SessionHandleInvalid \li TokenWriteProtected
1169 * \li UserNotLoggedIn \li ArgumentsBad
1170 * @return true on success, false otherwise
1171 */
1172 template <typename TAlloc>
1173 bool C_InitPIN(SessionHandle session,
1174 const std::vector<uint8_t, TAlloc>& pin,
1175 ReturnValue* return_value = ThrowException) const {
1176 return C_InitPIN(session,
1177 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(pin.data())),
1178 static_cast<Ulong>(pin.size()),
1179 return_value);
1180 }
1181
1182 /**
1183 * C_SetPIN modifies the PIN of the user who is logged in.
1184 * @param session the session's handle
1185 * @param old_pin_ptr the old PIN
1186 * @param old_len length of the old PIN
1187 * @param new_pin_ptr the new PIN
1188 * @param new_len length of the new PIN
1189 * @param return_value default value (`ThrowException`): throw exception on error.
1190 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1191 * At least the following PKCS#11 return values may be returned:
1192 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1193 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1194 * \li GeneralError \li HostMemory \li OK
1195 * \li PinIncorrect \li PinInvalid \li PinLenRange
1196 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1197 * \li SessionReadOnly \li TokenWriteProtected \li ArgumentsBad
1198 * @return true on success, false otherwise
1199 */
1200 bool C_SetPIN(SessionHandle session,
1201 Utf8Char* old_pin_ptr,
1202 Ulong old_len,
1203 Utf8Char* new_pin_ptr,
1204 Ulong new_len,
1205 ReturnValue* return_value = ThrowException) const;
1206
1207 /**
1208 * C_SetPIN modifies the PIN of the user who is logged in.
1209 * @param session the session's handle
1210 * @param old_pin the old PIN
1211 * @param new_pin the new PIN
1212 * @param return_value default value (`ThrowException`): throw exception on error.
1213 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1214 * At least the following PKCS#11 return values may be returned:
1215 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1216 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1217 * \li GeneralError \li HostMemory \li OK
1218 * \li PinIncorrect \li PinInvalid \li PinLenRange
1219 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1220 * \li SessionReadOnly \li TokenWriteProtected \li ArgumentsBad
1221 * @return true on success, false otherwise
1222 */
1223 template <typename TAlloc>
1224 bool C_SetPIN(SessionHandle session,
1225 const std::vector<uint8_t, TAlloc>& old_pin,
1226 const std::vector<uint8_t, TAlloc>& new_pin,
1227 ReturnValue* return_value = ThrowException) const {
1228 return C_SetPIN(session,
1229 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(old_pin.data())),
1230 static_cast<Ulong>(old_pin.size()),
1231 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(new_pin.data())),
1232 static_cast<Ulong>(new_pin.size()),
1233 return_value);
1234 }
1235
1236 /****************************** Session management ******************************/
1237
1238 /**
1239 * C_OpenSession opens a session between an application and a token.
1240 * @param slot_id the slot's ID
1241 * @param flags from CK_SESSION_INFO
1242 * @param application passed to callback
1243 * @param notify callback function
1244 * @param session_ptr gets session handle
1245 * @param return_value default value (`ThrowException`): throw exception on error.
1246 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1247 * At least the following PKCS#11 return values may be returned:
1248 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1249 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1250 * \li HostMemory \li OK \li SessionCount
1251 * \li SessionParallelNotSupported \li SessionReadWriteSoExists \li SlotIdInvalid
1252 * \li TokenNotPresent \li TokenNotRecognized \li TokenWriteProtected
1253 * \li ArgumentsBad
1254 * @return true on success, false otherwise
1255 */
1256 bool C_OpenSession(SlotId slot_id,
1257 Flags flags,
1258 VoidPtr application,
1259 Notify notify,
1260 SessionHandle* session_ptr,
1261 ReturnValue* return_value = ThrowException) const;
1262
1263 /**
1264 * C_CloseSession closes a session between an application and a token.
1265 * @param session the session's handle
1266 * @param return_value default value (`ThrowException`): throw exception on error.
1267 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1268 * At least the following PKCS#11 return values may be returned:
1269 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1270 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1271 * \li HostMemory \li OK \li SessionClosed
1272 * \li SessionHandleInvalid
1273 * @return true on success, false otherwise
1274 */
1275 bool C_CloseSession(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1276
1277 /**
1278 * C_CloseAllSessions closes all sessions with a token.
1279 * @param slot_id the token's slot
1280 * @param return_value default value (`ThrowException`): throw exception on error.
1281 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1282 * At least the following PKCS#11 return values may be returned:
1283 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1284 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1285 * \li HostMemory \li OK \li SlotIdInvalid
1286 * \li TokenNotPresent
1287 * @return true on success, false otherwise
1288 */
1289 bool C_CloseAllSessions(SlotId slot_id, ReturnValue* return_value = ThrowException) const;
1290
1291 /**
1292 * C_GetSessionInfo obtains information about the session.
1293 * @param session the session's handle
1294 * @param info_ptr receives session info
1295 * @param return_value default value (`ThrowException`): throw exception on error.
1296 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1297 * At least the following PKCS#11 return values may be returned:
1298 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1299 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1300 * \li HostMemory \li OK \li SessionClosed
1301 * \li SessionHandleInvalid \li ArgumentsBad
1302 * @return true on success, false otherwise
1303 */
1304 bool C_GetSessionInfo(SessionHandle session,
1305 SessionInfo* info_ptr,
1306 ReturnValue* return_value = ThrowException) const;
1307
1308 /**
1309 * C_GetOperationState obtains the state of the cryptographic operation in a session.
1310 * @param session session's handle
1311 * @param operation_state_ptr gets state
1312 * @param operation_state_len_ptr gets state length
1313 * @param return_value default value (`ThrowException`): throw exception on error.
1314 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1315 * At least the following PKCS#11 return values may be returned:
1316 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1317 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1318 * \li GeneralError \li HostMemory \li OK
1319 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1320 * \li StateUnsaveable \li ArgumentsBad
1321 * @return true on success, false otherwise
1322 */
1323 bool C_GetOperationState(SessionHandle session,
1324 Byte* operation_state_ptr,
1325 Ulong* operation_state_len_ptr,
1326 ReturnValue* return_value = ThrowException) const;
1327
1328 /**
1329 * C_SetOperationState restores the state of the cryptographic operation in a session.
1330 * @param session session's handle
1331 * @param operation_state_ptr holds state
1332 * @param operation_state_len holds state length
1333 * @param encryption_key en/decryption key
1334 * @param authentication_key sign/verify key
1335 * @param return_value default value (`ThrowException`): throw exception on error.
1336 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1337 * At least the following PKCS#11 return values may be returned:
1338 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1339 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1340 * \li HostMemory \li KeyChanged \li KeyNeeded
1341 * \li KeyNotNeeded \li OK \li SavedStateInvalid
1342 * \li SessionClosed \li SessionHandleInvalid \li ArgumentsBad
1343 * @return true on success, false otherwise
1344 */
1345 bool C_SetOperationState(SessionHandle session,
1346 Byte* operation_state_ptr,
1347 Ulong operation_state_len,
1348 ObjectHandle encryption_key,
1349 ObjectHandle authentication_key,
1350 ReturnValue* return_value = ThrowException) const;
1351
1352 /**
1353 * C_Login logs a user into a token.
1354 * @param session the session's handle
1355 * @param user_type the user type
1356 * @param pin_ptr the user's PIN
1357 * @param pin_len the length of the PIN
1358 * @param return_value default value (`ThrowException`): throw exception on error.
1359 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1360 * At least the following PKCS#11 return values may be returned:
1361 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1362 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1363 * \li FunctionFailed \li GeneralError \li HostMemory
1364 * \li OK \li OperationNotInitialized \li PinIncorrect
1365 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1366 * \li SessionReadOnlyExists \li UserAlreadyLoggedIn \li UserAnotherAlreadyLoggedIn
1367 * \li UserPinNotInitialized \li UserTooManyTypes \li UserTypeInvalid
1368 * @return true on success, false otherwise
1369 */
1370 bool C_Login(SessionHandle session,
1371 UserType user_type,
1372 Utf8Char* pin_ptr,
1373 Ulong pin_len,
1374 ReturnValue* return_value = ThrowException) const;
1375
1376 /**
1377 * C_Login logs a user into a token.
1378 * @param session the session's handle
1379 * @param user_type the user type
1380 * @param pin the user or security officer's PIN
1381 * @param return_value default value (`ThrowException`): throw exception on error.
1382 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1383 * At least the following PKCS#11 return values may be returned:
1384 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1385 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1386 * \li FunctionFailed \li GeneralError \li HostMemory
1387 * \li OK \li OperationNotInitialized \li PinIncorrect
1388 * \li PinLocked \li SessionClosed \li SessionHandleInvalid
1389 * \li SessionReadOnlyExists \li UserAlreadyLoggedIn \li UserAnotherAlreadyLoggedIn
1390 * \li UserPinNotInitialized \li UserTooManyTypes \li UserTypeInvalid
1391 * @return true on success, false otherwise
1392 */
1393 template <typename TAlloc>
1394 bool C_Login(SessionHandle session,
1395 UserType user_type,
1396 const std::vector<uint8_t, TAlloc>& pin,
1397 ReturnValue* return_value = ThrowException) const {
1398 return C_Login(session,
1399 user_type,
1400 reinterpret_cast<Utf8Char*>(const_cast<uint8_t*>(pin.data())),
1401 static_cast<Ulong>(pin.size()),
1402 return_value);
1403 }
1404
1405 /**
1406 * C_Logout logs a user out from a token.
1407 * @param session the session's handle
1408 * @param return_value default value (`ThrowException`): throw exception on error.
1409 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1410 * At least the following PKCS#11 return values may be returned:
1411 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1412 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1413 * \li HostMemory \li OK \li SessionClosed
1414 * \li SessionHandleInvalid \li UserNotLoggedIn
1415 * @return true on success, false otherwise
1416 */
1417 bool C_Logout(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1418
1419 /****************************** Object management functions ******************************/
1420
1421 /**
1422 * C_CreateObject creates a new object.
1423 * @param session the session's handle
1424 * @param attribute_template_ptr the object's template
1425 * @param count attributes in template
1426 * @param object_ptr gets new object's handle.
1427 * @param return_value default value (`ThrowException`): throw exception on error.
1428 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1429 * At least the following PKCS#11 return values may be returned:
1430 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
1431 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
1432 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1433 * \li DomainParamsInvalid \li FunctionFailed \li GeneralError
1434 * \li HostMemory \li OK \li PinExpired
1435 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
1436 * \li TemplateIncomplete \li TemplateInconsistent \li TokenWriteProtected
1437 * \li UserNotLoggedIn
1438 * @return true on success, false otherwise
1439 */
1440 bool C_CreateObject(SessionHandle session,
1441 Attribute* attribute_template_ptr,
1442 Ulong count,
1443 ObjectHandle* object_ptr,
1444 ReturnValue* return_value = ThrowException) const;
1445
1446 /**
1447 * C_CopyObject copies an object, creating a new object for the copy.
1448 * @param session the session's handle
1449 * @param object the object's handle
1450 * @param attribute_template_ptr template for new object
1451 * @param count attributes in template
1452 * @param new_object_ptr receives handle of copy
1453 * @param return_value default value (`ThrowException`): throw exception on error.
1454 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1455 * At least the following PKCS#11 return values may be returned:
1456 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1457 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1458 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1459 * \li FunctionFailed \li GeneralError \li HostMemory
1460 * \li ObjectHandleInvalid \li OK \li PinExpired
1461 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
1462 * \li TemplateInconsistent \li TokenWriteProtected \li UserNotLoggedIn
1463 * @return true on success, false otherwise
1464 */
1465 bool C_CopyObject(SessionHandle session,
1466 ObjectHandle object,
1467 Attribute* attribute_template_ptr,
1468 Ulong count,
1469 ObjectHandle* new_object_ptr,
1470 ReturnValue* return_value = ThrowException) const;
1471
1472 /**
1473 * C_DestroyObject destroys an object.
1474 * @param session the session's handle
1475 * @param object the object's handle
1476 * @param return_value default value (`ThrowException`): throw exception on error.
1477 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1478 * At least the following PKCS#11 return values may be returned:
1479 * \li ActionProhibited \li CryptokiNotInitialized \li DeviceError
1480 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1481 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1482 * \li OK \li PinExpired \li SessionClosed
1483 * \li SessionHandleInvalid \li SessionReadOnly \li TokenWriteProtected
1484 * @return true on success, false otherwise
1485 */
1486 bool C_DestroyObject(SessionHandle session,
1487 ObjectHandle object,
1488 ReturnValue* return_value = ThrowException) const;
1489
1490 /**
1491 * C_GetObjectSize gets the size of an object in bytes.
1492 * @param session the session's handle
1493 * @param object the object's handle
1494 * @param size_ptr receives size of object
1495 * @param return_value default value (`ThrowException`): throw exception on error.
1496 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1497 * At least the following PKCS#11 return values may be returned:
1498 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1499 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1500 * \li GeneralError \li HostMemory \li InformationSensitive
1501 * \li ObjectHandleInvalid \li OK \li SessionClosed
1502 * \li SessionHandleInvalid
1503 * @return true on success, false otherwise
1504 */
1505 bool C_GetObjectSize(SessionHandle session,
1506 ObjectHandle object,
1507 Ulong* size_ptr,
1508 ReturnValue* return_value = ThrowException) const;
1509
1510 /**
1511 * C_GetAttributeValue obtains the value of one or more object attributes.
1512 * @param session the session's handle
1513 * @param object the object's handle
1514 * @param attribute_template_ptr specifies attrs; gets vals
1515 * @param count attributes in template
1516 * @param return_value default value (`ThrowException`): throw exception on error.
1517 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1518 * At least the following PKCS#11 return values may be returned:
1519 * \li ArgumentsBad \li AttributeSensitive \li AttributeTypeInvalid
1520 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1521 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1522 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1523 * \li OK \li SessionClosed \li SessionHandleInvalid
1524 * @return true on success, false otherwise
1525 */
1526 bool C_GetAttributeValue(SessionHandle session,
1527 ObjectHandle object,
1528 Attribute* attribute_template_ptr,
1529 Ulong count,
1530 ReturnValue* return_value = ThrowException) const;
1531
1532 /**
1533 * C_GetAttributeValue obtains the value of one or more object attributes.
1534 * @param session the session's handle
1535 * @param object the object's handle
1536 * @param attribute_values specifies attrs; gets vals
1537 * @param return_value default value (`ThrowException`): throw exception on error.
1538 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1539 * At least the following PKCS#11 return values may be returned:
1540 * \li ArgumentsBad \li AttributeSensitive \li AttributeTypeInvalid
1541 * \li BufferTooSmall \li CryptokiNotInitialized \li DeviceError
1542 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1543 * \li GeneralError \li HostMemory \li ObjectHandleInvalid
1544 * \li OK \li SessionClosed \li SessionHandleInvalid
1545 * @return true on success, false otherwise
1546 */
1547 template <typename TAlloc>
1548 bool C_GetAttributeValue(SessionHandle session,
1549 ObjectHandle object,
1550 std::map<AttributeType, std::vector<uint8_t, TAlloc>>& attribute_values,
1551 ReturnValue* return_value = ThrowException) const {
1552 std::vector<Attribute> getter_template;
1553
1554 for(const auto& entry : attribute_values) {
1555 getter_template.emplace_back(Attribute{static_cast<CK_ATTRIBUTE_TYPE>(entry.first), nullptr, 0});
1556 }
1557
1558 bool success = C_GetAttributeValue(session,
1559 object,
1560 const_cast<Attribute*>(getter_template.data()),
1561 static_cast<Ulong>(getter_template.size()),
1562 return_value);
1563
1564 if(!success) {
1565 return success;
1566 }
1567
1568 size_t i = 0;
1569 for(auto& entry : attribute_values) {
1570 entry.second.clear();
1571 entry.second.resize(getter_template.at(i).ulValueLen);
1572 getter_template.at(i).pValue = const_cast<uint8_t*>(entry.second.data());
1573 i++;
1574 }
1575
1576 return C_GetAttributeValue(session,
1577 object,
1578 const_cast<Attribute*>(getter_template.data()),
1579 static_cast<Ulong>(getter_template.size()),
1580 return_value);
1581 }
1582
1583 /**
1584 * C_SetAttributeValue modifies the value of one or more object attributes.
1585 * @param session the session's handle
1586 * @param object the object's handle
1587 * @param attribute_template_ptr specifies attrs and values
1588 * @param count attributes in template
1589 * @param return_value default value (`ThrowException`): throw exception on error.
1590 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1591 * At least the following PKCS#11 return values may be returned:
1592 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1593 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1594 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1595 * \li FunctionFailed \li GeneralError \li HostMemory
1596 * \li ObjectHandleInvalid \li OK \li SessionClosed
1597 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateInconsistent
1598 * \li TokenWriteProtected \li UserNotLoggedIn
1599 * @return true on success, false otherwise
1600 */
1601 bool C_SetAttributeValue(SessionHandle session,
1602 ObjectHandle object,
1603 Attribute* attribute_template_ptr,
1604 Ulong count,
1605 ReturnValue* return_value = ThrowException) const;
1606
1607 /**
1608 * C_SetAttributeValue modifies the value of one or more object attributes.
1609 * @param session the session's handle
1610 * @param object the object's handle
1611 * @param attribute_values specifies attrs and values
1612 * @param return_value default value (`ThrowException`): throw exception on error.
1613 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1614 * At least the following PKCS#11 return values may be returned:
1615 * \li ActionProhibited \li ArgumentsBad \li AttributeReadOnly
1616 * \li AttributeTypeInvalid \li AttributeValueInvalid \li CryptokiNotInitialized
1617 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1618 * \li FunctionFailed \li GeneralError \li HostMemory
1619 * \li ObjectHandleInvalid \li OK \li SessionClosed
1620 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateInconsistent
1621 * \li TokenWriteProtected \li UserNotLoggedIn
1622 * @return true on success, false otherwise
1623 */
1624 template <typename TAlloc>
1625 bool C_SetAttributeValue(SessionHandle session,
1626 ObjectHandle object,
1627 std::map<AttributeType, std::vector<uint8_t, TAlloc>>& attribute_values,
1628 ReturnValue* return_value = ThrowException) const {
1629 std::vector<Attribute> setter_template;
1630
1631 for(auto& entry : attribute_values) {
1632 setter_template.emplace_back(Attribute{static_cast<CK_ATTRIBUTE_TYPE>(entry.first),
1633 entry.second.data(),
1634 static_cast<CK_ULONG>(entry.second.size())});
1635 }
1636
1637 return C_SetAttributeValue(session,
1638 object,
1639 const_cast<Attribute*>(setter_template.data()),
1640 static_cast<Ulong>(setter_template.size()),
1641 return_value);
1642 }
1643
1644 /**
1645 * C_FindObjectsInit initializes a search for token and session objects that match a template.
1646 * @param session the session's handle
1647 * @param attribute_template_ptr attribute values to match
1648 * @param count attrs in search template
1649 * @param return_value default value (`ThrowException`): throw exception on error.
1650 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1651 * At least the following PKCS#11 return values may be returned:
1652 * \li ArgumentsBad \li AttributeTypeInvalid \li AttributeValueInvalid
1653 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1654 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1655 * \li HostMemory \li OK \li OperationActive
1656 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
1657 * @return true on success, false otherwise
1658 */
1659 bool C_FindObjectsInit(SessionHandle session,
1660 Attribute* attribute_template_ptr,
1661 Ulong count,
1662 ReturnValue* return_value = ThrowException) const;
1663
1664 /**
1665 * C_FindObjects continues a search for token and session objects that match a template, obtaining additional object handles.
1666 * @param session session's handle
1667 * @param object_ptr gets obj. handles
1668 * @param max_object_count max handles to get
1669 * @param object_count_ptr actual # returned
1670 * @param return_value default value (`ThrowException`): throw exception on error.
1671 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1672 * At least the following PKCS#11 return values may be returned:
1673 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1674 * \li DeviceMemory \li DeviceRemoved \li FunctionFailed
1675 * \li GeneralError \li HostMemory \li OK
1676 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1677 * @return true on success, false otherwise
1678 */
1679 bool C_FindObjects(SessionHandle session,
1680 ObjectHandle* object_ptr,
1681 Ulong max_object_count,
1682 Ulong* object_count_ptr,
1683 ReturnValue* return_value = ThrowException) const;
1684
1685 /**
1686 * C_FindObjectsFinal finishes a search for token and session objects.
1687 * @param session the session's handle
1688 * @param return_value default value (`ThrowException`): throw exception on error.
1689 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1690 * At least the following PKCS#11 return values may be returned:
1691 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1692 * \li DeviceRemoved \li FunctionFailed \li GeneralError
1693 * \li HostMemory \li OK \li OperationNotInitialized
1694 * \li SessionClosed \li SessionHandleInvalid
1695 * @return true on success, false otherwise
1696 */
1697 bool C_FindObjectsFinal(SessionHandle session, ReturnValue* return_value = ThrowException) const;
1698
1699 /****************************** Encryption functions ******************************/
1700
1701 /**
1702 * C_EncryptInit initializes an encryption operation.
1703 * @param session the session's handle
1704 * @param mechanism_ptr the encryption mechanism
1705 * @param key handle of encryption key
1706 * @param return_value default value (`ThrowException`): throw exception on error.
1707 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1708 * At least the following PKCS#11 return values may be returned:
1709 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
1710 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1711 * \li GeneralError \li HostMemory \li KeyFunctionNotPermitted
1712 * \li KeyHandleInvalid \li KeySizeRange \li KeyTypeInconsistent
1713 * \li MechanismInvalid \li MechanismParamInvalid \li OK
1714 * \li OperationActive \li PinExpired \li SessionClosed
1715 * \li SessionHandleInvalid \li UserNotLoggedIn
1716 * @return true on success, false otherwise
1717 */
1718 bool C_EncryptInit(SessionHandle session,
1719 Mechanism* mechanism_ptr,
1720 ObjectHandle key,
1721 ReturnValue* return_value = ThrowException) const;
1722
1723 /**
1724 * C_Encrypt encrypts single-part data.
1725 * @param session session's handle
1726 * @param data_ptr the plaintext data
1727 * @param data_len size of plaintext data in bytes
1728 * @param encrypted_data gets ciphertext
1729 * @param encrypted_data_len_ptr gets c-text size
1730 * @param return_value default value (`ThrowException`): throw exception on error.
1731 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1732 * At least the following PKCS#11 return values may be returned:
1733 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1734 * \li DataInvalid \li DataLenRange \li DeviceError
1735 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1736 * \li FunctionFailed \li GeneralError \li HostMemory
1737 * \li OK \li OperationNotInitialized \li SessionClosed
1738 * \li SessionHandleInvalid
1739 * @return true on success, false otherwise
1740 */
1741 bool C_Encrypt(SessionHandle session,
1742 Byte* data_ptr,
1743 Ulong data_len,
1744 Byte* encrypted_data,
1745 Ulong* encrypted_data_len_ptr,
1746 ReturnValue* return_value = ThrowException) const;
1747
1748 /**
1749 * C_Encrypt encrypts single-part data.
1750 * @param session session's handle
1751 * @param plaintext_data the plaintext data
1752 * @param encrypted_data gets ciphertext
1753 * @param return_value default value (`ThrowException`): throw exception on error.
1754 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1755 * At least the following PKCS#11 return values may be returned:
1756 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1757 * \li DataInvalid \li DataLenRange \li DeviceError
1758 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1759 * \li FunctionFailed \li GeneralError \li HostMemory
1760 * \li OK \li OperationNotInitialized \li SessionClosed
1761 * \li SessionHandleInvalid
1762 * @return true on success, false otherwise
1763 */
1764 template <typename TAllocA, typename TAllocB>
1765 bool C_Encrypt(SessionHandle session,
1766 const std::vector<uint8_t, TAllocA>& plaintext_data,
1767 std::vector<uint8_t, TAllocB>& encrypted_data,
1768 ReturnValue* return_value = ThrowException) const {
1769 Ulong encrypted_size = 0;
1770 if(!C_Encrypt(session,
1771 const_cast<Byte*>((plaintext_data.data())),
1772 static_cast<Ulong>(plaintext_data.size()),
1773 nullptr,
1774 &encrypted_size,
1775 return_value)) {
1776 return false;
1777 }
1778
1779 encrypted_data.resize(encrypted_size);
1780 if(!C_Encrypt(session,
1781 const_cast<Byte*>(plaintext_data.data()),
1782 static_cast<Ulong>(plaintext_data.size()),
1783 encrypted_data.data(),
1784 &encrypted_size,
1785 return_value)) {
1786 return false;
1787 }
1788 encrypted_data.resize(encrypted_size);
1789 return true;
1790 }
1791
1792 /**
1793 * C_EncryptUpdate continues a multiple-part encryption operation.
1794 * @param session session's handle
1795 * @param part_ptr the plaintext data
1796 * @param part_len plaintext data len
1797 * @param encrypted_part_ptr gets ciphertext
1798 * @param encrypted_part_len_ptr gets c-text size
1799 * @param return_value default value (`ThrowException`): throw exception on error.
1800 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1801 * At least the following PKCS#11 return values may be returned:
1802 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1803 * \li DataLenRange \li DeviceError \li DeviceMemory
1804 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1805 * \li GeneralError \li HostMemory \li OK
1806 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1807 * @return true on success, false otherwise
1808 */
1809 bool C_EncryptUpdate(SessionHandle session,
1810 Byte* part_ptr,
1811 Ulong part_len,
1812 Byte* encrypted_part_ptr,
1813 Ulong* encrypted_part_len_ptr,
1814 ReturnValue* return_value = ThrowException) const;
1815
1816 /**
1817 * C_EncryptFinal finishes a multiple-part encryption operation.
1818 * @param session session handle
1819 * @param last_encrypted_part_ptr last c-text
1820 * @param last_encrypted_part_len_ptr gets last size
1821 * @param return_value default value (`ThrowException`): throw exception on error.
1822 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1823 * At least the following PKCS#11 return values may be returned:
1824 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1825 * \li DataLenRange \li DeviceError \li DeviceMemory
1826 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
1827 * \li GeneralError \li HostMemory \li OK
1828 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
1829 * @return true on success, false otherwise
1830 */
1831 bool C_EncryptFinal(SessionHandle session,
1832 Byte* last_encrypted_part_ptr,
1833 Ulong* last_encrypted_part_len_ptr,
1834 ReturnValue* return_value = ThrowException) const;
1835
1836 /****************************** Decryption functions ******************************/
1837
1838 /**
1839 * C_DecryptInit initializes a decryption operation.
1840 * @param session the session's handle
1841 * @param mechanism_ptr the decryption mechanism
1842 * @param key handle of decryption key
1843 * @param return_value default value (`ThrowException`): throw exception on error.
1844 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1845 * At least the following PKCS#11 return values may be returned:
1846 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1847 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1848 * \li FunctionFailed \li GeneralError \li HostMemory
1849 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
1850 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
1851 * \li OK \li OperationActive \li PinExpired
1852 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
1853 * @return true on success, false otherwise
1854 */
1855 bool C_DecryptInit(SessionHandle session,
1856 Mechanism* mechanism_ptr,
1857 ObjectHandle key,
1858 ReturnValue* return_value = ThrowException) const;
1859
1860 /**
1861 * C_Decrypt decrypts encrypted data in a single part.
1862 * @param session session's handle
1863 * @param encrypted_data_ptr ciphertext
1864 * @param encrypted_data_len ciphertext length
1865 * @param data_ptr gets plaintext
1866 * @param data_len_ptr gets p-text size
1867 * @param return_value default value (`ThrowException`): throw exception on error.
1868 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1869 * At least the following PKCS#11 return values may be returned:
1870 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1871 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1872 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1873 * \li FunctionFailed \li GeneralError \li HostMemory
1874 * \li OK \li OperationNotInitialized \li SessionClosed
1875 * \li SessionHandleInvalid \li UserNotLoggedIn
1876 * @return true on success, false otherwise
1877 */
1878 bool C_Decrypt(SessionHandle session,
1879 Byte* encrypted_data_ptr,
1880 Ulong encrypted_data_len,
1881 Byte* data_ptr,
1882 Ulong* data_len_ptr,
1883 ReturnValue* return_value = ThrowException) const;
1884
1885 /**
1886 * C_Decrypt decrypts encrypted data in a single part.
1887 * @param session session's handle
1888 * @param encrypted_data ciphertext
1889 * @param decrypted_data gets plaintext
1890 * @param return_value default value (`ThrowException`): throw exception on error.
1891 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1892 * At least the following PKCS#11 return values may be returned:
1893 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1894 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1895 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1896 * \li FunctionFailed \li GeneralError \li HostMemory
1897 * \li OK \li OperationNotInitialized \li SessionClosed
1898 * \li SessionHandleInvalid \li UserNotLoggedIn
1899 * @return true on success, false otherwise
1900 */
1901 template <typename TAllocA, typename TAllocB>
1902 bool C_Decrypt(SessionHandle session,
1903 const std::vector<uint8_t, TAllocA>& encrypted_data,
1904 std::vector<uint8_t, TAllocB>& decrypted_data,
1905 ReturnValue* return_value = ThrowException) const {
1906 Ulong decrypted_size = 0;
1907 if(!C_Decrypt(session,
1908 const_cast<Byte*>((encrypted_data.data())),
1909 static_cast<Ulong>(encrypted_data.size()),
1910 nullptr,
1911 &decrypted_size,
1912 return_value)) {
1913 return false;
1914 }
1915
1916 decrypted_data.resize(decrypted_size);
1917 if(!C_Decrypt(session,
1918 const_cast<Byte*>(encrypted_data.data()),
1919 static_cast<Ulong>(encrypted_data.size()),
1920 decrypted_data.data(),
1921 &decrypted_size,
1922 return_value)) {
1923 return false;
1924 }
1925 decrypted_data.resize(decrypted_size);
1926 return true;
1927 }
1928
1929 /**
1930 * C_DecryptUpdate continues a multiple-part decryption operation.
1931 * @param session session's handle
1932 * @param encrypted_part_ptr encrypted data
1933 * @param encrypted_part_len input length
1934 * @param part_ptr gets plaintext
1935 * @param part_len_ptr p-text size
1936 * @param return_value default value (`ThrowException`): throw exception on error.
1937 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1938 * At least the following PKCS#11 return values may be returned:
1939 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1940 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1941 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1942 * \li FunctionFailed \li GeneralError \li HostMemory
1943 * \li OK \li OperationNotInitialized \li SessionClosed
1944 * \li SessionHandleInvalid \li UserNotLoggedIn
1945 * @return true on success, false otherwise
1946 */
1947 bool C_DecryptUpdate(SessionHandle session,
1948 Byte* encrypted_part_ptr,
1949 Ulong encrypted_part_len,
1950 Byte* part_ptr,
1951 Ulong* part_len_ptr,
1952 ReturnValue* return_value = ThrowException) const;
1953
1954 /**
1955 * C_DecryptFinal finishes a multiple-part decryption operation.
1956 * @param session the session's handle
1957 * @param last_part_ptr gets plaintext
1958 * @param last_part_len_ptr p-text size
1959 * @param return_value default value (`ThrowException`): throw exception on error.
1960 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1961 * At least the following PKCS#11 return values may be returned:
1962 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
1963 * \li DeviceError \li DeviceMemory \li DeviceRemoved
1964 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
1965 * \li FunctionFailed \li GeneralError \li HostMemory
1966 * \li OK \li OperationNotInitialized \li SessionClosed
1967 * \li SessionHandleInvalid \li UserNotLoggedIn
1968 * @return true on success, false otherwise
1969 */
1970 bool C_DecryptFinal(SessionHandle session,
1971 Byte* last_part_ptr,
1972 Ulong* last_part_len_ptr,
1973 ReturnValue* return_value = ThrowException) const;
1974
1975 /****************************** Message digesting functions ******************************/
1976
1977 /**
1978 * C_DigestInit initializes a message-digesting operation.
1979 * @param session the session's handle
1980 * @param mechanism_ptr the digesting mechanism
1981 * @param return_value default value (`ThrowException`): throw exception on error.
1982 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
1983 * At least the following PKCS#11 return values may be returned:
1984 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
1985 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
1986 * \li FunctionFailed \li GeneralError \li HostMemory
1987 * \li MechanismInvalid \li MechanismParamInvalid \li OK
1988 * \li OperationActive \li PinExpired \li SessionClosed
1989 * \li SessionHandleInvalid \li UserNotLoggedIn
1990 * @return true on success, false otherwise
1991 */
1992 bool C_DigestInit(SessionHandle session,
1993 Mechanism* mechanism_ptr,
1994 ReturnValue* return_value = ThrowException) const;
1995
1996 /**
1997 * C_Digest digests data in a single part.
1998 * @param session the session's handle
1999 * @param data_ptr data to be digested
2000 * @param data_len bytes of data to digest
2001 * @param digest_ptr gets the message digest
2002 * @param digest_len_ptr gets digest length
2003 * @param return_value default value (`ThrowException`): throw exception on error.
2004 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2005 * At least the following PKCS#11 return values may be returned:
2006 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2007 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2008 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2009 * \li HostMemory \li OK \li OperationNotInitialized
2010 * \li SessionClosed \li SessionHandleInvalid
2011 * @return true on success, false otherwise
2012 */
2013 bool C_Digest(SessionHandle session,
2014 Byte* data_ptr,
2015 Ulong data_len,
2016 Byte* digest_ptr,
2017 Ulong* digest_len_ptr,
2018 ReturnValue* return_value = ThrowException) const;
2019
2020 /**
2021 * C_DigestUpdate continues a multiple-part message-digesting operation.
2022 * @param session the session's handle
2023 * @param part_ptr data to be digested
2024 * @param part_len bytes of data to be digested
2025 * @param return_value default value (`ThrowException`): throw exception on error.
2026 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2027 * At least the following PKCS#11 return values may be returned:
2028 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2029 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2030 * \li FunctionFailed \li GeneralError \li HostMemory
2031 * \li OK \li OperationNotInitialized \li SessionClosed
2032 * \li SessionHandleInvalid
2033 * @return true on success, false otherwise
2034 */
2035 bool C_DigestUpdate(SessionHandle session,
2036 Byte* part_ptr,
2037 Ulong part_len,
2038 ReturnValue* return_value = ThrowException) const;
2039
2040 /**
2041 * C_DigestKey continues a multi-part message-digesting operation, by digesting the value of a secret key as part of the data already digested.
2042 * @param session the session's handle
2043 * @param key secret key to digest
2044 * @param return_value default value (`ThrowException`): throw exception on error.
2045 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2046 * At least the following PKCS#11 return values may be returned:
2047 * \li CryptokiNotInitialized \li DeviceError \li DeviceMemory
2048 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2049 * \li GeneralError \li HostMemory \li KeyHandleInvalid
2050 * \li KeyIndigestible \li KeySizeRange \li OK
2051 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2052 * @return true on success, false otherwise
2053 */
2054 bool C_DigestKey(SessionHandle session, ObjectHandle key, ReturnValue* return_value = ThrowException) const;
2055
2056 /**
2057 * C_DigestFinal finishes a multiple-part message-digesting operation.
2058 * @param session the session's handle
2059 * @param digest_ptr gets the message digest
2060 * @param digest_len_ptr gets uint8_t count of digest
2061 * @param return_value default value (`ThrowException`): throw exception on error.
2062 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2063 * At least the following PKCS#11 return values may be returned:
2064 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2065 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2066 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2067 * \li HostMemory \li OK \li OperationNotInitialized
2068 * \li SessionClosed \li SessionHandleInvalid
2069 * @return true on success, false otherwise
2070 */
2071 bool C_DigestFinal(SessionHandle session,
2072 Byte* digest_ptr,
2073 Ulong* digest_len_ptr,
2074 ReturnValue* return_value = ThrowException) const;
2075
2076 /****************************** Signing and MACing functions ******************************/
2077
2078 /**
2079 * C_SignInit initializes a signature (private key encryption) operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2080 * @param session the session's handle
2081 * @param mechanism_ptr the signature mechanism
2082 * @param key handle of signature key
2083 * @param return_value default value (`ThrowException`): throw exception on error.
2084 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2085 * At least the following PKCS#11 return values may be returned:
2086 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2087 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2088 * \li FunctionFailed \li GeneralError \li HostMemory
2089 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2090 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2091 * \li OK \li OperationActive \li PinExpired
2092 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2093 * @return true on success, false otherwise
2094 */
2095 bool C_SignInit(SessionHandle session,
2096 Mechanism* mechanism_ptr,
2097 ObjectHandle key,
2098 ReturnValue* return_value = ThrowException) const;
2099
2100 /**
2101 * C_Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2102 * @param session the session's handle
2103 * @param data_ptr the data to sign
2104 * @param data_len count of bytes to sign
2105 * @param signature_ptr gets the signature
2106 * @param signature_len_ptr gets signature length
2107 * @param return_value default value (`ThrowException`): throw exception on error.
2108 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2109 * At least the following PKCS#11 return values may be returned:
2110 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2111 * \li DataInvalid \li DataLenRange \li DeviceError
2112 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2113 * \li FunctionFailed \li GeneralError \li HostMemory
2114 * \li OK \li OperationNotInitialized \li SessionClosed
2115 * \li SessionHandleInvalid \li UserNotLoggedIn \li FunctionRejected
2116 * @return true on success, false otherwise
2117 */
2118 bool C_Sign(SessionHandle session,
2119 const Byte* data_ptr,
2120 Ulong data_len,
2121 Byte* signature_ptr,
2122 Ulong* signature_len_ptr,
2123 ReturnValue* return_value = ThrowException) const;
2124
2125 /**
2126 * C_Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2127 * @param session the session's handle
2128 * @param data the data to sign
2129 * @param signature gets the signature
2130 * @param return_value default value (`ThrowException`): throw exception on error.
2131 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2132 * At least the following PKCS#11 return values may be returned:
2133 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2134 * \li DataInvalid \li DataLenRange \li DeviceError
2135 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2136 * \li FunctionFailed \li GeneralError \li HostMemory
2137 * \li OK \li OperationNotInitialized \li SessionClosed
2138 * \li SessionHandleInvalid \li UserNotLoggedIn \li FunctionRejected
2139 * @return true on success, false otherwise
2140 */
2141 template <typename TAllocA, typename TAllocB>
2142 bool C_Sign(SessionHandle session,
2143 const std::vector<uint8_t, TAllocA>& data,
2144 std::vector<uint8_t, TAllocB>& signature,
2145 ReturnValue* return_value = ThrowException) const {
2146 Ulong signature_size = 0;
2147 if(!C_Sign(session, data.data(), static_cast<Ulong>(data.size()), nullptr, &signature_size, return_value)) {
2148 return false;
2149 }
2150
2151 signature.resize(signature_size);
2152 if(!C_Sign(session,
2153 data.data(),
2154 static_cast<Ulong>(data.size()),
2155 signature.data(),
2156 &signature_size,
2157 return_value)) {
2158 return false;
2159 }
2160 signature.resize(signature_size);
2161 return true;
2162 }
2163
2164 /**
2165 * C_SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2166 * @param session the session's handle
2167 * @param part_ptr the data to sign
2168 * @param part_len count of bytes to sign
2169 * @param return_value default value (`ThrowException`): throw exception on error.
2170 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2171 * At least the following PKCS#11 return values may be returned:
2172 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2173 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2174 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2175 * \li HostMemory \li OK \li OperationNotInitialized
2176 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2177 * @return true on success, false otherwise
2178 */
2179 bool C_SignUpdate(SessionHandle session,
2180 const Byte* part_ptr,
2181 Ulong part_len,
2182 ReturnValue* return_value = ThrowException) const;
2183
2184 /**
2185 * C_SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
2186 * @param session the session's handle
2187 * @param part the data to sign
2188 * @param return_value default value (`ThrowException`): throw exception on error.
2189 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2190 * At least the following PKCS#11 return values may be returned:
2191 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2192 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2193 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2194 * \li HostMemory \li OK \li OperationNotInitialized
2195 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2196 * @return true on success, false otherwise
2197 */
2198 template <typename TAlloc>
2199 bool C_SignUpdate(SessionHandle session,
2200 const std::vector<uint8_t, TAlloc>& part,
2201 ReturnValue* return_value = ThrowException) const {
2202 return C_SignUpdate(session, part.data(), static_cast<Ulong>(part.size()), return_value);
2203 }
2204
2205 /**
2206 * C_SignFinal finishes a multiple-part signature operation, returning the signature.
2207 * @param session the session's handle
2208 * @param signature_ptr gets the signature
2209 * @param signature_len_ptr gets signature length
2210 * @param return_value default value (`ThrowException`): throw exception on error.
2211 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2212 * At least the following PKCS#11 return values may be returned:
2213 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2214 * \li DataLenRange \li DeviceError \li DeviceMemory
2215 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2216 * \li GeneralError \li HostMemory \li OK
2217 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2218 * \li UserNotLoggedIn \li FunctionRejected
2219 * @return true on success, false otherwise
2220 */
2221 bool C_SignFinal(SessionHandle session,
2222 Byte* signature_ptr,
2223 Ulong* signature_len_ptr,
2224 ReturnValue* return_value = ThrowException) const;
2225
2226 /**
2227 * C_SignFinal finishes a multiple-part signature operation, returning the signature.
2228 * @param session the session's handle
2229 * @param signature gets the signature
2230 * @param return_value default value (`ThrowException`): throw exception on error.
2231 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2232 * At least the following PKCS#11 return values may be returned:
2233 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2234 * \li DataLenRange \li DeviceError \li DeviceMemory
2235 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2236 * \li GeneralError \li HostMemory \li OK
2237 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2238 * \li UserNotLoggedIn \li FunctionRejected
2239 * @return true on success, false otherwise
2240 */
2241 template <typename TAlloc>
2242 bool C_SignFinal(SessionHandle session,
2243 std::vector<uint8_t, TAlloc>& signature,
2244 ReturnValue* return_value = ThrowException) const {
2245 Ulong signature_size = 0;
2246 if(!C_SignFinal(session, nullptr, &signature_size, return_value)) {
2247 return false;
2248 }
2249
2250 signature.resize(signature_size);
2251 if(!C_SignFinal(session, signature.data(), &signature_size, return_value)) {
2252 return false;
2253 }
2254 signature.resize(signature_size);
2255 return true;
2256 }
2257
2258 /**
2259 * C_SignRecoverInit initializes a signature operation, where the data can be recovered from the signature.
2260 * @param session the session's handle
2261 * @param mechanism_ptr the signature mechanism
2262 * @param key handle of the signature key
2263 * @param return_value default value (`ThrowException`): throw exception on error.
2264 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2265 * At least the following PKCS#11 return values may be returned:
2266 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2267 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2268 * \li FunctionFailed \li GeneralError \li HostMemory
2269 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2270 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2271 * \li OK \li OperationActive \li PinExpired
2272 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2273 * @return true on success, false otherwise
2274 */
2275 bool C_SignRecoverInit(SessionHandle session,
2276 Mechanism* mechanism_ptr,
2277 ObjectHandle key,
2278 ReturnValue* return_value = ThrowException) const;
2279
2280 /**
2281 * C_SignRecover signs data in a single operation, where the data can be recovered from the signature.
2282 * @param session the session's handle
2283 * @param data_ptr the data to sign
2284 * @param data_len count of bytes to sign
2285 * @param signature_ptr gets the signature
2286 * @param signature_len_ptr gets signature length
2287 * @param return_value default value (`ThrowException`): throw exception on error.
2288 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2289 * At least the following PKCS#11 return values may be returned:
2290 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2291 * \li DataInvalid \li DataLenRange \li DeviceError
2292 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2293 * \li FunctionFailed \li GeneralError \li HostMemory
2294 * \li OK \li OperationNotInitialized \li SessionClosed
2295 * \li SessionHandleInvalid \li UserNotLoggedIn
2296 * @return true on success, false otherwise
2297 */
2298 bool C_SignRecover(SessionHandle session,
2299 Byte* data_ptr,
2300 Ulong data_len,
2301 Byte* signature_ptr,
2302 Ulong* signature_len_ptr,
2303 ReturnValue* return_value = ThrowException) const;
2304
2305 /****************************** Functions for verifying signatures and MACs ******************************/
2306
2307 /**
2308 * C_VerifyInit initializes a verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature (e.g. DSA).
2309 * @param session the session's handle
2310 * @param mechanism_ptr the verification mechanism
2311 * @param key verification key
2312 * @param return_value default value (`ThrowException`): throw exception on error.
2313 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2314 * At least the following PKCS#11 return values may be returned:
2315 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2316 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2317 * \li FunctionFailed \li GeneralError \li HostMemory
2318 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2319 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2320 * \li OK \li OperationActive \li PinExpired
2321 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2322 * @return true on success, false otherwise
2323 */
2324 bool C_VerifyInit(SessionHandle session,
2325 Mechanism* mechanism_ptr,
2326 ObjectHandle key,
2327 ReturnValue* return_value = ThrowException) const;
2328
2329 /**
2330 * C_Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2331 * @param session the session's handle
2332 * @param data_ptr signed data
2333 * @param data_len length of signed data
2334 * @param signature_ptr signature
2335 * @param signature_len signature length
2336 * @param return_value default value (`ThrowException`): throw exception on error.
2337 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2338 * At least the following PKCS#11 return values may be returned:
2339 * \li ArgumentsBad \li CryptokiNotInitialized \li DataInvalid
2340 * \li DataLenRange \li DeviceError \li DeviceMemory
2341 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2342 * \li GeneralError \li HostMemory \li OK
2343 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2344 * \li SignatureInvalid \li SignatureLenRange
2345 * @return true on success, false otherwise
2346 */
2347 bool C_Verify(SessionHandle session,
2348 const Byte* data_ptr,
2349 Ulong data_len,
2350 const Byte* signature_ptr,
2351 Ulong signature_len,
2352 ReturnValue* return_value = ThrowException) const;
2353
2354 /**
2355 * C_Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2356 * @param session the session's handle
2357 * @param data signed data
2358 * @param signature signature
2359 * @param return_value default value (`ThrowException`): throw exception on error.
2360 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2361 * At least the following PKCS#11 return values may be returned:
2362 * \li ArgumentsBad \li CryptokiNotInitialized \li DataInvalid
2363 * \li DataLenRange \li DeviceError \li DeviceMemory
2364 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2365 * \li GeneralError \li HostMemory \li OK
2366 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2367 * \li SignatureInvalid \li SignatureLenRange
2368 * @return true on success, false otherwise
2369 */
2370 template <typename TAllocA, typename TAllocB>
2371 bool C_Verify(SessionHandle session,
2372 const std::vector<uint8_t, TAllocA>& data,
2373 std::vector<uint8_t, TAllocB>& signature,
2374 ReturnValue* return_value = ThrowException) const {
2375 return C_Verify(session,
2376 data.data(),
2377 static_cast<Ulong>(data.size()),
2378 signature.data(),
2379 static_cast<Ulong>(signature.size()),
2380 return_value);
2381 }
2382
2383 /**
2384 * C_VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2385 * @param session the session's handle
2386 * @param part_ptr signed data
2387 * @param part_len length of signed data
2388 * @param return_value default value (`ThrowException`): throw exception on error.
2389 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2390 * At least the following PKCS#11 return values may be returned:
2391 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2392 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2393 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2394 * \li HostMemory \li OK \li OperationNotInitialized
2395 * \li SessionClosed \li SessionHandleInvalid
2396 * @return true on success, false otherwise
2397 */
2398 bool C_VerifyUpdate(SessionHandle session,
2399 const Byte* part_ptr,
2400 Ulong part_len,
2401 ReturnValue* return_value = ThrowException) const;
2402
2403 /**
2404 * C_VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
2405 * @param session the session's handle
2406 * @param part signed data
2407 * @param return_value default value (`ThrowException`): throw exception on error.
2408 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2409 * At least the following PKCS#11 return values may be returned:
2410 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2411 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2412 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2413 * \li HostMemory \li OK \li OperationNotInitialized
2414 * \li SessionClosed \li SessionHandleInvalid
2415 * @return true on success, false otherwise
2416 */
2417 template <typename TAlloc>
2418 bool C_VerifyUpdate(SessionHandle session,
2419 std::vector<uint8_t, TAlloc> part,
2420 ReturnValue* return_value = ThrowException) const {
2421 return C_VerifyUpdate(session, part.data(), static_cast<Ulong>(part.size()), return_value);
2422 }
2423
2424 /**
2425 * C_VerifyFinal finishes a multiple-part verification operation, checking the signature.
2426 * @param session the session's handle
2427 * @param signature_ptr signature to verify
2428 * @param signature_len signature length
2429 * @param return_value default value (`ThrowException`): throw exception on error.
2430 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2431 * At least the following PKCS#11 return values may be returned:
2432 * \li ArgumentsBad \li CryptokiNotInitialized \li DataLenRange
2433 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2434 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2435 * \li HostMemory \li OK \li OperationNotInitialized
2436 * \li SessionClosed \li SessionHandleInvalid \li SignatureInvalid
2437 * \li SignatureLenRange
2438 * @return true on success, false otherwise
2439 */
2440 bool C_VerifyFinal(SessionHandle session,
2441 const Byte* signature_ptr,
2442 Ulong signature_len,
2443 ReturnValue* return_value = ThrowException) const;
2444
2445 /**
2446 * C_VerifyRecoverInit initializes a signature verification operation, where the data is recovered from the signature.
2447 * @param session the session's handle
2448 * @param mechanism_ptr the verification mechanism
2449 * @param key verification key
2450 * @param return_value default value (`ThrowException`): throw exception on error.
2451 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2452 * At least the following PKCS#11 return values may be returned:
2453 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2454 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2455 * \li FunctionFailed \li GeneralError \li HostMemory
2456 * \li KeyFunctionNotPermitted \li KeyHandleInvalid \li KeySizeRange
2457 * \li KeyTypeInconsistent \li MechanismInvalid \li MechanismParamInvalid
2458 * \li OK \li OperationActive \li PinExpired
2459 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2460 * @return true on success, false otherwise
2461 */
2462 bool C_VerifyRecoverInit(SessionHandle session,
2463 Mechanism* mechanism_ptr,
2464 ObjectHandle key,
2465 ReturnValue* return_value = ThrowException) const;
2466
2467 /**
2468 * C_VerifyRecover verifies a signature in a single-part operation, where the data is recovered from the signature.
2469 * @param session the session's handle
2470 * @param signature_ptr signature to verify
2471 * @param signature_len signature length
2472 * @param data_ptr gets signed data
2473 * @param data_len_ptr gets signed data len
2474 * @param return_value default value (`ThrowException`): throw exception on error.
2475 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2476 * At least the following PKCS#11 return values may be returned:
2477 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2478 * \li DataInvalid \li DataLenRange \li DeviceError
2479 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2480 * \li FunctionFailed \li GeneralError \li HostMemory
2481 * \li OK \li OperationNotInitialized \li SessionClosed
2482 * \li SessionHandleInvalid \li SignatureLenRange \li SignatureInvalid
2483 * @return true on success, false otherwise
2484 */
2485 bool C_VerifyRecover(SessionHandle session,
2486 Byte* signature_ptr,
2487 Ulong signature_len,
2488 Byte* data_ptr,
2489 Ulong* data_len_ptr,
2490 ReturnValue* return_value = ThrowException) const;
2491
2492 /****************************** Dual-purpose cryptographic functions ******************************/
2493
2494 /**
2495 * C_DigestEncryptUpdate continues a multiple-part digesting and encryption operation.
2496 * @param session session's handle
2497 * @param part_ptr the plaintext data
2498 * @param part_len plaintext length
2499 * @param encrypted_part_ptr gets ciphertext
2500 * @param encrypted_part_len_ptr gets c-text length
2501 * @param return_value default value (`ThrowException`): throw exception on error.
2502 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2503 * At least the following PKCS#11 return values may be returned:
2504 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2505 * \li DataLenRange \li DeviceError \li DeviceMemory
2506 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2507 * \li GeneralError \li HostMemory \li OK
2508 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2509 * @return true on success, false otherwise
2510 */
2511 bool C_DigestEncryptUpdate(SessionHandle session,
2512 Byte* part_ptr,
2513 Ulong part_len,
2514 Byte* encrypted_part_ptr,
2515 Ulong* encrypted_part_len_ptr,
2516 ReturnValue* return_value = ThrowException) const;
2517
2518 /**
2519 * C_DecryptDigestUpdate continues a multiple-part decryption and digesting operation.
2520 * @param session session's handle
2521 * @param encrypted_part_ptr ciphertext
2522 * @param encrypted_part_len ciphertext length
2523 * @param part_ptr gets plaintext
2524 * @param part_len_ptr gets plaintext len
2525 * @param return_value default value (`ThrowException`): throw exception on error.
2526 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2527 * At least the following PKCS#11 return values may be returned:
2528 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2529 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2530 * \li EncryptedDataInvalid \li EncryptedDataLenRange \li FunctionCanceled
2531 * \li FunctionFailed \li GeneralError \li HostMemory
2532 * \li OK \li OperationNotInitialized \li SessionClosed
2533 * \li SessionHandleInvalid
2534 * @return true on success, false otherwise
2535 */
2536 bool C_DecryptDigestUpdate(SessionHandle session,
2537 Byte* encrypted_part_ptr,
2538 Ulong encrypted_part_len,
2539 Byte* part_ptr,
2540 Ulong* part_len_ptr,
2541 ReturnValue* return_value = ThrowException) const;
2542
2543 /**
2544 * C_SignEncryptUpdate continues a multiple-part signing and encryption operation.
2545 * @param session session's handle
2546 * @param part_ptr the plaintext data
2547 * @param part_len plaintext length
2548 * @param encrypted_part_ptr gets ciphertext
2549 * @param encrypted_part_len_ptr gets c-text length
2550 * @param return_value default value (`ThrowException`): throw exception on error.
2551 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2552 * At least the following PKCS#11 return values may be returned:
2553 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2554 * \li DataLenRange \li DeviceError \li DeviceMemory
2555 * \li DeviceRemoved \li FunctionCanceled \li FunctionFailed
2556 * \li GeneralError \li HostMemory \li OK
2557 * \li OperationNotInitialized \li SessionClosed \li SessionHandleInvalid
2558 * \li UserNotLoggedIn
2559 * @return true on success, false otherwise
2560 */
2561 bool C_SignEncryptUpdate(SessionHandle session,
2562 Byte* part_ptr,
2563 Ulong part_len,
2564 Byte* encrypted_part_ptr,
2565 Ulong* encrypted_part_len_ptr,
2566 ReturnValue* return_value = ThrowException) const;
2567
2568 /**
2569 * C_DecryptVerifyUpdate continues a multiple-part decryption and verify operation.
2570 * @param session session's handle
2571 * @param encrypted_part_ptr ciphertext
2572 * @param encrypted_part_len ciphertext length
2573 * @param part_ptr gets plaintext
2574 * @param part_len_ptr gets p-text length
2575 * @param return_value default value (`ThrowException`): throw exception on error.
2576 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2577 * At least the following PKCS#11 return values may be returned:
2578 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2579 * \li DataLenRange \li DeviceError \li DeviceMemory
2580 * \li DeviceRemoved \li EncryptedDataInvalid \li EncryptedDataLenRange
2581 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2582 * \li HostMemory \li OK \li OperationNotInitialized
2583 * \li SessionClosed \li SessionHandleInvalid
2584 * @return true on success, false otherwise
2585 */
2586 bool C_DecryptVerifyUpdate(SessionHandle session,
2587 Byte* encrypted_part_ptr,
2588 Ulong encrypted_part_len,
2589 Byte* part_ptr,
2590 Ulong* part_len_ptr,
2591 ReturnValue* return_value = ThrowException) const;
2592
2593 /****************************** Key management functions ******************************/
2594
2595 /**
2596 * C_GenerateKey generates a secret key, creating a new key object.
2597 * @param session the session's handle
2598 * @param mechanism_ptr key generation mech.
2599 * @param attribute_template_ptr template for new key
2600 * @param count # of attrs in template
2601 * @param key_ptr gets handle of new key
2602 * @param return_value default value (`ThrowException`): throw exception on error.
2603 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2604 * At least the following PKCS#11 return values may be returned:
2605 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2606 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2607 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2608 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2609 * \li HostMemory \li MechanismInvalid \li MechanismParamInvalid
2610 * \li OK \li OperationActive \li PinExpired
2611 * \li SessionClosed \li SessionHandleInvalid \li SessionReadOnly
2612 * \li TemplateIncomplete \li TemplateInconsistent \li TokenWriteProtected
2613 * \li UserNotLoggedIn
2614 * @return true on success, false otherwise
2615 */
2616 bool C_GenerateKey(SessionHandle session,
2617 Mechanism* mechanism_ptr,
2618 Attribute* attribute_template_ptr,
2619 Ulong count,
2620 ObjectHandle* key_ptr,
2621 ReturnValue* return_value = ThrowException) const;
2622
2623 /**
2624 * C_GenerateKeyPair generates a public-key/private-key pair, creating new key objects.
2625 * @param session session handle
2626 * @param mechanism_ptr key-gen mech.
2627 * @param public_key_template_ptr template for pub. key
2628 * @param public_key_attribute_count # pub. attrs.
2629 * @param private_key_template_ptr template for priv. key
2630 * @param private_key_attribute_count # priv. attrs.
2631 * @param public_key_ptr gets pub. key handle
2632 * @param private_key_ptr gets priv. key handle
2633 * @param return_value default value (`ThrowException`): throw exception on error.
2634 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2635 * At least the following PKCS#11 return values may be returned:
2636 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2637 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2638 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2639 * \li DomainParamsInvalid \li FunctionCanceled \li FunctionFailed
2640 * \li GeneralError \li HostMemory \li MechanismInvalid
2641 * \li MechanismParamInvalid \li OK \li OperationActive
2642 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2643 * \li SessionReadOnly \li TemplateIncomplete \li TemplateInconsistent
2644 * \li TokenWriteProtected \li UserNotLoggedIn
2645 * @return true on success, false otherwise
2646 */
2647 bool C_GenerateKeyPair(SessionHandle session,
2648 Mechanism* mechanism_ptr,
2649 Attribute* public_key_template_ptr,
2650 Ulong public_key_attribute_count,
2651 Attribute* private_key_template_ptr,
2652 Ulong private_key_attribute_count,
2653 ObjectHandle* public_key_ptr,
2654 ObjectHandle* private_key_ptr,
2655 ReturnValue* return_value = ThrowException) const;
2656
2657 /**
2658 * C_WrapKey wraps (i.e., encrypts) a key.
2659 * @param session the session's handle
2660 * @param mechanism_ptr the wrapping mechanism
2661 * @param wrapping_key wrapping key
2662 * @param key key to be wrapped
2663 * @param wrapped_key_ptr gets wrapped key
2664 * @param wrapped_key_len_ptr gets wrapped key size
2665 * @param return_value default value (`ThrowException`): throw exception on error.
2666 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2667 * At least the following PKCS#11 return values may be returned:
2668 * \li ArgumentsBad \li BufferTooSmall \li CryptokiNotInitialized
2669 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2670 * \li FunctionCanceled \li FunctionFailed \li GeneralError
2671 * \li HostMemory \li KeyHandleInvalid \li KeyNotWrappable
2672 * \li KeySizeRange \li KeyUnextractable \li MechanismInvalid
2673 * \li MechanismParamInvalid \li OK \li OperationActive
2674 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2675 * \li UserNotLoggedIn \li WrappingKeyHandleInvalid \li WrappingKeySizeRange
2676 * \li WrappingKeyTypeInconsistent
2677 * @return true on success, false otherwise
2678 */
2679 bool C_WrapKey(SessionHandle session,
2680 Mechanism* mechanism_ptr,
2681 ObjectHandle wrapping_key,
2682 ObjectHandle key,
2683 Byte* wrapped_key_ptr,
2684 Ulong* wrapped_key_len_ptr,
2685 ReturnValue* return_value = ThrowException) const;
2686
2687 /**
2688 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object.
2689 * @param session session's handle
2690 * @param mechanism_ptr unwrapping mech.
2691 * @param unwrapping_key unwrapping key
2692 * @param wrapped_key_ptr the wrapped key
2693 * @param wrapped_key_len wrapped key len
2694 * @param attribute_template_ptr new key template
2695 * @param attribute_count template length
2696 * @param key_ptr gets new handle
2697 * @param return_value default value (`ThrowException`): throw exception on error.
2698 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2699 * At least the following PKCS#11 return values may be returned:
2700 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2701 * \li AttributeValueInvalid \li BufferTooSmall \li CryptokiNotInitialized
2702 * \li CurveNotSupported \li DeviceError \li DeviceMemory
2703 * \li DeviceRemoved \li DomainParamsInvalid \li FunctionCanceled
2704 * \li FunctionFailed \li GeneralError \li HostMemory
2705 * \li MechanismInvalid \li MechanismParamInvalid \li OK
2706 * \li OperationActive \li PinExpired \li SessionClosed
2707 * \li SessionHandleInvalid \li SessionReadOnly \li TemplateIncomplete
2708 * \li TemplateInconsistent \li TokenWriteProtected \li UnwrappingKeyHandleInvalid
2709 * \li UnwrappingKeySizeRange \li UnwrappingKeyTypeInconsistent \li UserNotLoggedIn
2710 * \li WrappedKeyInvalid \li WrappedKeyLenRange
2711 * @return true on success, false otherwise
2712 */
2713 bool C_UnwrapKey(SessionHandle session,
2714 Mechanism* mechanism_ptr,
2715 ObjectHandle unwrapping_key,
2716 Byte* wrapped_key_ptr,
2717 Ulong wrapped_key_len,
2718 Attribute* attribute_template_ptr,
2719 Ulong attribute_count,
2720 ObjectHandle* key_ptr,
2721 ReturnValue* return_value = ThrowException) const;
2722
2723 /**
2724 * C_DeriveKey derives a key from a base key, creating a new key object.
2725 * @param session session's handle
2726 * @param mechanism_ptr key deriv. mech.
2727 * @param base_key base key
2728 * @param attribute_template_ptr new key template
2729 * @param attribute_count template length
2730 * @param key_ptr gets new handle
2731 * @param return_value default value (`ThrowException`): throw exception on error.
2732 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2733 * At least the following PKCS#11 return values may be returned:
2734 * \li ArgumentsBad \li AttributeReadOnly \li AttributeTypeInvalid
2735 * \li AttributeValueInvalid \li CryptokiNotInitialized \li CurveNotSupported
2736 * \li DeviceError \li DeviceMemory \li DeviceRemoved
2737 * \li DomainParamsInvalid \li FunctionCanceled \li FunctionFailed
2738 * \li GeneralError \li HostMemory \li KeyHandleInvalid
2739 * \li KeySizeRange \li KeyTypeInconsistent \li MechanismInvalid
2740 * \li MechanismParamInvalid \li OK \li OperationActive
2741 * \li PinExpired \li SessionClosed \li SessionHandleInvalid
2742 * \li SessionReadOnly \li TemplateIncomplete \li TemplateInconsistent
2743 * \li TokenWriteProtected \li UserNotLoggedIn
2744 * @return true on success, false otherwise
2745 */
2746 bool C_DeriveKey(SessionHandle session,
2747 Mechanism* mechanism_ptr,
2748 ObjectHandle base_key,
2749 Attribute* attribute_template_ptr,
2750 Ulong attribute_count,
2751 ObjectHandle* key_ptr,
2752 ReturnValue* return_value = ThrowException) const;
2753
2754 /****************************** Random number generation functions ******************************/
2755
2756 /**
2757 * C_SeedRandom mixes additional seed material into the token's random number generator.
2758 * @param session the session's handle
2759 * @param seed_ptr the seed material
2760 * @param seed_len length of seed material
2761 * @param return_value default value (`ThrowException`): throw exception on error.
2762 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2763 * At least the following PKCS#11 return values may be returned:
2764 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2765 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2766 * \li FunctionFailed \li GeneralError \li HostMemory
2767 * \li OK \li OperationActive \li RandomSeedNotSupported
2768 * \li RandomNoRng \li SessionClosed \li SessionHandleInvalid
2769 * \li UserNotLoggedIn
2770 * @return true on success, false otherwise
2771 */
2772 bool C_SeedRandom(SessionHandle session,
2773 const Byte* seed_ptr,
2774 Ulong seed_len,
2775 ReturnValue* return_value = ThrowException) const;
2776
2777 /**
2778 * C_GenerateRandom generates random data.
2779 * @param session the session's handle
2780 * @param random_data_ptr receives the random data
2781 * @param random_len # of bytes to generate
2782 * @param return_value default value (`ThrowException`): throw exception on error.
2783 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2784 * At least the following PKCS#11 return values may be returned:
2785 * \li ArgumentsBad \li CryptokiNotInitialized \li DeviceError
2786 * \li DeviceMemory \li DeviceRemoved \li FunctionCanceled
2787 * \li FunctionFailed \li GeneralError \li HostMemory
2788 * \li OK \li OperationActive \li RandomNoRng
2789 * \li SessionClosed \li SessionHandleInvalid \li UserNotLoggedIn
2790 * @return true on success, false otherwise
2791 */
2792 bool C_GenerateRandom(SessionHandle session,
2793 Byte* random_data_ptr,
2794 Ulong random_len,
2795 ReturnValue* return_value = ThrowException) const;
2796
2797 /****************************** Parallel function management functions ******************************/
2798
2799 /**
2800 * C_GetFunctionStatus is a legacy function; it obtains an updated status of a function running in parallel with an application.
2801 * @param session the session's handle
2802 * @param return_value default value (`ThrowException`): throw exception on error.
2803 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2804 * At least the following PKCS#11 return values may be returned:
2805 * \li CryptokiNotInitialized \li FunctionFailed \li FunctionNotParallel
2806 * \li GeneralError \li HostMemory \li SessionHandleInvalid
2807 * \li SessionClosed
2808 * @return true on success, false otherwise
2809 */
2810 bool C_GetFunctionStatus(SessionHandle session, ReturnValue* return_value = ThrowException) const;
2811
2812 /**
2813 * C_CancelFunction is a legacy function; it cancels a function running in parallel.
2814 * @param session the session's handle
2815 * @param return_value default value (`ThrowException`): throw exception on error.
2816 * if a non-NULL pointer is passed: return_value receives the return value of the PKCS#11 function and no exception is thrown.
2817 * At least the following PKCS#11 return values may be returned:
2818 * \li CryptokiNotInitialized \li FunctionFailed \li FunctionNotParallel
2819 * \li GeneralError \li HostMemory \li SessionHandleInvalid
2820 * \li SessionClosed
2821 * @return true on success, false otherwise
2822 */
2823 bool C_CancelFunction(SessionHandle session, ReturnValue* return_value = ThrowException) const;
2824
2825 /**
2826 * Return the PKCS11 function list that this LowLevel class contains.
2827 *
2828 * This is primarily useful when invoking vendor specific extension
2829 * functions which are not supported directly by LowLevel or the higher
2830 * level PKCS11 API.
2831 */
2832 FunctionListPtr get_functions() const { return m_func_list_ptr; }
2833
2834 protected:
2835 /**
2836 * A helper for error handling. This is exposed as a protected member so that
2837 * it is possible for an application to inherit from LowLevel in order to
2838 * implement wrappers for vendor specific extensions using the same error
2839 * handling mechanisms as the rest of the library.
2840 */
2841 static bool handle_return_value(CK_RV function_result, ReturnValue* return_value);
2842
2843 private:
2844 const FunctionListPtr m_func_list_ptr;
2845};
2846
2847class BOTAN_PUBLIC_API(2, 0) PKCS11_Error : public Exception {
2848 public:
2849 explicit PKCS11_Error(std::string_view what) : Exception("PKCS11 error", what) {}
2850
2851 ErrorType error_type() const noexcept override { return ErrorType::Pkcs11Error; }
2852};
2853
2854class BOTAN_PUBLIC_API(2, 0) PKCS11_ReturnError final : public PKCS11_Error {
2855 public:
2856 explicit PKCS11_ReturnError(ReturnValue return_val) :
2857 PKCS11_Error(std::to_string(static_cast<uint32_t>(return_val))), m_return_val(return_val) {}
2858
2859 inline ReturnValue get_return_value() const { return m_return_val; }
2860
2861 int error_code() const noexcept override { return static_cast<int>(m_return_val); }
2862
2863 private:
2864 const ReturnValue m_return_val;
2865};
2866
2867} // namespace PKCS11
2868
2869} // namespace Botan
2870
2871#endif
Botan::Dynamically_Loaded_Library
Definition dyn_load.h:19
Botan::PKCS11::LowLevel
Provides access to all PKCS#11 functions.
Definition p11.h:880
Botan::PKCS11::LowLevel::C_InitPIN
bool C_InitPIN(SessionHandle session, const std::vector< uint8_t, TAlloc > &pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1173
Botan::PKCS11::LowLevel::C_SetAttributeValue
bool C_SetAttributeValue(SessionHandle session, ObjectHandle object, std::map< AttributeType, std::vector< uint8_t, TAlloc > > &attribute_values, ReturnValue *return_value=ThrowException) const
Definition p11.h:1625
Botan::PKCS11::LowLevel::C_Sign
bool C_Sign(SessionHandle session, const std::vector< uint8_t, TAllocA > &data, std::vector< uint8_t, TAllocB > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2142
Botan::PKCS11::LowLevel::C_SetPIN
bool C_SetPIN(SessionHandle session, const std::vector< uint8_t, TAlloc > &old_pin, const std::vector< uint8_t, TAlloc > &new_pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1224
Botan::PKCS11::LowLevel::C_SignUpdate
bool C_SignUpdate(SessionHandle session, const std::vector< uint8_t, TAlloc > &part, ReturnValue *return_value=ThrowException) const
Definition p11.h:2199
Botan::PKCS11::LowLevel::C_InitToken
bool C_InitToken(SlotId slot_id, const std::vector< uint8_t, TAlloc > &so_pin, std::string_view label, ReturnValue *return_value=ThrowException) const
Definition p11.h:1120
Botan::PKCS11::LowLevel::C_Login
bool C_Login(SessionHandle session, UserType user_type, const std::vector< uint8_t, TAlloc > &pin, ReturnValue *return_value=ThrowException) const
Definition p11.h:1394
Botan::PKCS11::LowLevel::C_Encrypt
bool C_Encrypt(SessionHandle session, const std::vector< uint8_t, TAllocA > &plaintext_data, std::vector< uint8_t, TAllocB > &encrypted_data, ReturnValue *return_value=ThrowException) const
Definition p11.h:1765
Botan::PKCS11::LowLevel::C_Verify
bool C_Verify(SessionHandle session, const std::vector< uint8_t, TAllocA > &data, std::vector< uint8_t, TAllocB > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2371
Botan::PKCS11::LowLevel::C_Decrypt
bool C_Decrypt(SessionHandle session, const std::vector< uint8_t, TAllocA > &encrypted_data, std::vector< uint8_t, TAllocB > &decrypted_data, ReturnValue *return_value=ThrowException) const
Definition p11.h:1902
Botan::PKCS11::LowLevel::C_VerifyUpdate
bool C_VerifyUpdate(SessionHandle session, std::vector< uint8_t, TAlloc > part, ReturnValue *return_value=ThrowException) const
Definition p11.h:2418
Botan::PKCS11::LowLevel::C_SignFinal
bool C_SignFinal(SessionHandle session, std::vector< uint8_t, TAlloc > &signature, ReturnValue *return_value=ThrowException) const
Definition p11.h:2242
Botan::PKCS11::LowLevel::get_functions
FunctionListPtr get_functions() const
Definition p11.h:2832
Botan::PKCS11::LowLevel::C_GetAttributeValue
bool C_GetAttributeValue(SessionHandle session, ObjectHandle object, std::map< AttributeType, std::vector< uint8_t, TAlloc > > &attribute_values, ReturnValue *return_value=ThrowException) const
Definition p11.h:1548
Botan::PKCS11::PKCS11_Error
Definition p11.h:2847
Botan::PKCS11::PKCS11_Error::error_type
ErrorType error_type() const noexcept override
Definition p11.h:2851
Botan::PKCS11::PKCS11_Error::PKCS11_Error
PKCS11_Error(std::string_view what)
Definition p11.h:2849
Botan::PKCS11::PKCS11_ReturnError
Definition p11.h:2854
Botan::PKCS11::PKCS11_ReturnError::error_code
int error_code() const noexcept override
Definition p11.h:2861
Botan::PKCS11::PKCS11_ReturnError::get_return_value
ReturnValue get_return_value() const
Definition p11.h:2859
Botan::PKCS11::PKCS11_ReturnError::PKCS11_ReturnError
PKCS11_ReturnError(ReturnValue return_val)
Definition p11.h:2856
final
int(* final)(unsigned char *, CTX *)
Definition commoncrypto_hash.cpp:29
BOTAN_PUBLIC_API
#define BOTAN_PUBLIC_API(maj, min)
Definition compiler.h:31
Botan::PKCS11::SlotId
CK_SLOT_ID SlotId
Definition p11.h:815
Botan::PKCS11::DestroyMutex
CK_DESTROYMUTEX DestroyMutex
Definition p11.h:809
Botan::PKCS11::ThrowException
ReturnValue * ThrowException
Definition p11.cpp:21
Botan::PKCS11::CreateMutex
CK_CREATEMUTEX CreateMutex
Definition p11.h:808
Botan::PKCS11::PublicPointEncoding
PublicPointEncoding
Definition p11.h:803
Botan::PKCS11::secure_string
secure_vector< uint8_t > secure_string
Definition p11.h:59
Botan::PKCS11::AttributeType
AttributeType
Definition p11.h:61
Botan::PKCS11::Notify
CK_NOTIFY Notify
Definition p11.h:822
Botan::PKCS11::CertificateType
CertificateType
Definition p11.h:172
Botan::PKCS11::change_pin
void change_pin(Slot &slot, const secure_string &old_pin, const secure_string &new_pin)
Definition p11.cpp:46
Botan::PKCS11::ObjectHandle
CK_OBJECT_HANDLE ObjectHandle
Definition p11.h:826
Botan::PKCS11::change_so_pin
void change_so_pin(Slot &slot, const secure_string &old_so_pin, const secure_string &new_so_pin)
Definition p11.cpp:52
Botan::PKCS11::UnlockMutex
CK_UNLOCKMUTEX UnlockMutex
Definition p11.h:811
Botan::PKCS11::FunctionListPtr
CK_FUNCTION_LIST_PTR FunctionListPtr
Definition p11.h:805
Botan::PKCS11::Byte
CK_BYTE Byte
Definition p11.h:827
Botan::PKCS11::VoidPtr
CK_VOID_PTR VoidPtr
Definition p11.h:806
Botan::PKCS11::Flags
CK_FLAGS Flags
Definition p11.h:812
Botan::PKCS11::operator|
Flag operator|(Flag a, Flag b)
Definition p11.h:258
Botan::PKCS11::True
const Bbool True
Definition p11.h:835
Botan::PKCS11::Utf8Char
CK_UTF8CHAR Utf8Char
Definition p11.h:821
Botan::PKCS11::Ulong
CK_ULONG Ulong
Definition p11.h:816
Botan::PKCS11::False
const Bbool False
Definition p11.h:836
Botan::PKCS11::Bbool
CK_BBOOL Bbool
Definition p11.h:814
Botan::PKCS11::set_pin
void set_pin(Slot &slot, const secure_string &so_pin, const secure_string &pin)
Definition p11.cpp:58
Botan::PKCS11::CertificateCategory
CertificateCategory
Definition p11.h:181
Botan::PKCS11::flags
Flags flags(Flag flags)
Definition p11.h:838
Botan::PKCS11::initialize_token
void initialize_token(Slot &slot, std::string_view label, const secure_string &so_pin, const secure_string &pin)
Definition p11.cpp:41
Botan::PKCS11::LockMutex
CK_LOCKMUTEX LockMutex
Definition p11.h:810
Botan::PKCS11::SessionHandle
CK_SESSION_HANDLE SessionHandle
Definition p11.h:823
Botan::ErrorType
ErrorType
Definition exceptn.h:20
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61
CKD_NULL
#define CKD_NULL
Definition pkcs11t.h:1290
CKA_NEVER_EXTRACTABLE
#define CKA_NEVER_EXTRACTABLE
Definition pkcs11t.h:496
CK_DATE
struct CK_DATE CK_DATE
CKM_SEED_KEY_GEN
#define CKM_SEED_KEY_GEN
Definition pkcs11t.h:856
CKM_TLS_MASTER_KEY_DERIVE
#define CKM_TLS_MASTER_KEY_DERIVE
Definition pkcs11t.h:775
CKD_SHA1_KDF
#define CKD_SHA1_KDF
Definition pkcs11t.h:1291
CKD_SHA256_KDF
#define CKD_SHA256_KDF
Definition pkcs11t.h:1297
CKR_NEXT_OTP
#define CKR_NEXT_OTP
Definition pkcs11t.h:1148
CKK_DES3
#define CKK_DES3
Definition pkcs11t.h:351
CKM_DSA_PARAMETER_GEN
#define CKM_DSA_PARAMETER_GEN
Definition pkcs11t.h:957
CKR_SESSION_COUNT
#define CKR_SESSION_COUNT
Definition pkcs11t.h:1097
CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE
#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:816
CKM_CONCATENATE_BASE_AND_DATA
#define CKM_CONCATENATE_BASE_AND_DATA
Definition pkcs11t.h:765
CKM_PKCS5_PBKD2
#define CKM_PKCS5_PBKD2
Definition pkcs11t.h:807
CKM_AES_GMAC
#define CKM_AES_GMAC
Definition pkcs11t.h:928
CKM_KIP_DERIVE
#define CKM_KIP_DERIVE
Definition pkcs11t.h:833
CKR_DEVICE_MEMORY
#define CKR_DEVICE_MEMORY
Definition pkcs11t.h:1061
CKA_JAVA_MIDP_SECURITY_DOMAIN
#define CKA_JAVA_MIDP_SECURITY_DOMAIN
Definition pkcs11t.h:452
CKM_SSL3_SHA1_MAC
#define CKM_SSL3_SHA1_MAC
Definition pkcs11t.h:782
CKA_OTP_TIME_INTERVAL
#define CKA_OTP_TIME_INTERVAL
Definition pkcs11t.h:522
CKK_RC4
#define CKK_RC4
Definition pkcs11t.h:348
CKA_TOKEN
#define CKA_TOKEN
Definition pkcs11t.h:438
CKA_SECONDARY_AUTH
#define CKA_SECONDARY_AUTH
Definition pkcs11t.h:510
CKR_GENERAL_ERROR
#define CKR_GENERAL_ERROR
Definition pkcs11t.h:1043
CKR_MECHANISM_INVALID
#define CKR_MECHANISM_INVALID
Definition pkcs11t.h:1083
CKR_SLOT_ID_INVALID
#define CKR_SLOT_ID_INVALID
Definition pkcs11t.h:1041
CKC_VENDOR_DEFINED
#define CKC_VENDOR_DEFINED
Definition pkcs11t.h:410
CKG_MGF1_SHA256
#define CKG_MGF1_SHA256
Definition pkcs11t.h:1247
CKM_SSL3_MASTER_KEY_DERIVE
#define CKM_SSL3_MASTER_KEY_DERIVE
Definition pkcs11t.h:770
CKM_RSA_PKCS
#define CKM_RSA_PKCS
Definition pkcs11t.h:587
CKM_ECDSA_SHA1
#define CKM_ECDSA_SHA1
Definition pkcs11t.h:892
CKR_KEY_CHANGED
#define CKR_KEY_CHANGED
Definition pkcs11t.h:1076
CKK_SHA224_HMAC
#define CKK_SHA224_HMAC
Definition pkcs11t.h:378
CKM_IDEA_ECB
#define CKM_IDEA_ECB
Definition pkcs11t.h:758
CKD_SHA512_KDF
#define CKD_SHA512_KDF
Definition pkcs11t.h:1299
CKA_START_DATE
#define CKA_START_DATE
Definition pkcs11t.h:472
CKK_DH
#define CKK_DH
Definition pkcs11t.h:341
CKK_RC5
#define CKK_RC5
Definition pkcs11t.h:356
CKR_ATTRIBUTE_TYPE_INVALID
#define CKR_ATTRIBUTE_TYPE_INVALID
Definition pkcs11t.h:1053
CKA_OTP_SERVICE_IDENTIFIER
#define CKA_OTP_SERVICE_IDENTIFIER
Definition pkcs11t.h:531
CK_UTF8CHAR
CK_BYTE CK_UTF8CHAR
Definition pkcs11t.h:42
CKM_GOSTR3411_HMAC
#define CKM_GOSTR3411_HMAC
Definition pkcs11t.h:950
CKM_WTLS_PRE_MASTER_KEY_GEN
#define CKM_WTLS_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:811
CKA_AUTH_PIN_FLAGS
#define CKA_AUTH_PIN_FLAGS
Definition pkcs11t.h:511
CKM_DES3_CMAC
#define CKM_DES3_CMAC
Definition pkcs11t.h:672
CKM_RC2_MAC
#define CKM_RC2_MAC
Definition pkcs11t.h:648
CKM_SHA256_KEY_DERIVATION
#define CKM_SHA256_KEY_DERIVATION
Definition pkcs11t.h:787
CKA_SERIAL_NUMBER
#define CKA_SERIAL_NUMBER
Definition pkcs11t.h:446
CKK_DES2
#define CKK_DES2
Definition pkcs11t.h:350
CKM_CAST5_MAC_GENERAL
#define CKM_CAST5_MAC_GENERAL
Definition pkcs11t.h:747
CKF_LOGIN_REQUIRED
#define CKF_LOGIN_REQUIRED
Definition pkcs11t.h:157
CKF_HW_SLOT
#define CKF_HW_SLOT
Definition pkcs11t.h:124
CKO_PUBLIC_KEY
#define CKO_PUBLIC_KEY
Definition pkcs11t.h:312
CKF_EC_UNCOMPRESS
#define CKF_EC_UNCOMPRESS
Definition pkcs11t.h:1026
CKA_SUB_PRIME_BITS
#define CKA_SUB_PRIME_BITS
Definition pkcs11t.h:490
CKM_RSA_X_509
#define CKM_RSA_X_509
Definition pkcs11t.h:589
CKF_LIBRARY_CANT_CREATE_OS_THREADS
#define CKF_LIBRARY_CANT_CREATE_OS_THREADS
Definition pkcs11t.h:1225
CKM_SEED_MAC_GENERAL
#define CKM_SEED_MAC_GENERAL
Definition pkcs11t.h:860
CKF_PROTECTED_AUTHENTICATION_PATH
#define CKF_PROTECTED_AUTHENTICATION_PATH
Definition pkcs11t.h:177
CKA_ISSUER
#define CKA_ISSUER
Definition pkcs11t.h:445
CKM_ARIA_KEY_GEN
#define CKM_ARIA_KEY_GEN
Definition pkcs11t.h:847
CKA_HASH_OF_SUBJECT_PUBLIC_KEY
#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY
Definition pkcs11t.h:454
CKR_FUNCTION_CANCELED
#define CKR_FUNCTION_CANCELED
Definition pkcs11t.h:1065
CKM_DSA_PROBABLISTIC_PARAMETER_GEN
#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN
Definition pkcs11t.h:960
CKM_AES_CTR
#define CKM_AES_CTR
Definition pkcs11t.h:919
CKM_TLS12_MAC
#define CKM_TLS12_MAC
Definition pkcs11t.h:820
CKM_DES3_CBC
#define CKM_DES3_CBC
Definition pkcs11t.h:666
CKM_TWOFISH_CBC_PAD
#define CKM_TWOFISH_CBC_PAD
Definition pkcs11t.h:935
CKM_AES_CMAC
#define CKM_AES_CMAC
Definition pkcs11t.h:923
CKM_SKIPJACK_CFB8
#define CKM_SKIPJACK_CFB8
Definition pkcs11t.h:872
CKM_RSA_X9_31_KEY_PAIR_GEN
#define CKM_RSA_X9_31_KEY_PAIR_GEN
Definition pkcs11t.h:599
CKR_KEY_UNEXTRACTABLE
#define CKR_KEY_UNEXTRACTABLE
Definition pkcs11t.h:1081
CKR_DATA_INVALID
#define CKR_DATA_INVALID
Definition pkcs11t.h:1058
CKR_UNWRAPPING_KEY_HANDLE_INVALID
#define CKR_UNWRAPPING_KEY_HANDLE_INVALID
Definition pkcs11t.h:1113
CKM_CONCATENATE_BASE_AND_KEY
#define CKM_CONCATENATE_BASE_AND_KEY
Definition pkcs11t.h:764
CKR_NEED_TO_CREATE_THREADS
#define CKR_NEED_TO_CREATE_THREADS
Definition pkcs11t.h:1048
CKK_SHA256_HMAC
#define CKK_SHA256_HMAC
Definition pkcs11t.h:375
CKM_SHA512_256
#define CKM_SHA512_256
Definition pkcs11t.h:635
CKM_SEED_ECB_ENCRYPT_DATA
#define CKM_SEED_ECB_ENCRYPT_DATA
Definition pkcs11t.h:862
CKR_WRAPPING_KEY_SIZE_RANGE
#define CKR_WRAPPING_KEY_SIZE_RANGE
Definition pkcs11t.h:1127
CKM_FORTEZZA_TIMESTAMP
#define CKM_FORTEZZA_TIMESTAMP
Definition pkcs11t.h:879
CKS_RW_PUBLIC_SESSION
#define CKS_RW_PUBLIC_SESSION
Definition pkcs11t.h:274
CKR_MECHANISM_PARAM_INVALID
#define CKR_MECHANISM_PARAM_INVALID
Definition pkcs11t.h:1084
CKA_SUPPORTED_CMS_ATTRIBUTES
#define CKA_SUPPORTED_CMS_ATTRIBUTES
Definition pkcs11t.h:556
CKF_TOKEN_INITIALIZED
#define CKF_TOKEN_INITIALIZED
Definition pkcs11t.h:193
CKR_TOKEN_NOT_RECOGNIZED
#define CKR_TOKEN_NOT_RECOGNIZED
Definition pkcs11t.h:1111
CKM_MD5
#define CKM_MD5
Definition pkcs11t.h:690
CKM_SHA512_HMAC_GENERAL
#define CKM_SHA512_HMAC_GENERAL
Definition pkcs11t.h:718
CKM_CAST3_ECB
#define CKM_CAST3_ECB
Definition pkcs11t.h:733
CKM_SKIPJACK_CFB64
#define CKM_SKIPJACK_CFB64
Definition pkcs11t.h:869
CKM_DES_CBC_ENCRYPT_DATA
#define CKM_DES_CBC_ENCRYPT_DATA
Definition pkcs11t.h:938
CK_FALSE
#define CK_FALSE
Definition pkcs11t.h:24
CKC_WTLS
#define CKC_WTLS
Definition pkcs11t.h:409
CKM_SHA_1_HMAC
#define CKM_SHA_1_HMAC
Definition pkcs11t.h:697
CKD_SHA1_KDF_ASN1
#define CKD_SHA1_KDF_ASN1
Definition pkcs11t.h:1294
CKR_ATTRIBUTE_SENSITIVE
#define CKR_ATTRIBUTE_SENSITIVE
Definition pkcs11t.h:1052
CKG_MGF1_SHA512
#define CKG_MGF1_SHA512
Definition pkcs11t.h:1249
CKM_CAMELLIA_MAC
#define CKM_CAMELLIA_MAC
Definition pkcs11t.h:840
CKM_IDEA_KEY_GEN
#define CKM_IDEA_KEY_GEN
Definition pkcs11t.h:757
CKM_ECDH1_COFACTOR_DERIVE
#define CKM_ECDH1_COFACTOR_DERIVE
Definition pkcs11t.h:899
CKR_RANDOM_NO_RNG
#define CKR_RANDOM_NO_RNG
Definition pkcs11t.h:1131
CKM_ARIA_CBC_ENCRYPT_DATA
#define CKM_ARIA_CBC_ENCRYPT_DATA
Definition pkcs11t.h:854
CKM_CAMELLIA_KEY_GEN
#define CKM_CAMELLIA_KEY_GEN
Definition pkcs11t.h:837
CKR_PIN_LEN_RANGE
#define CKR_PIN_LEN_RANGE
Definition pkcs11t.h:1091
CKC_X_509
#define CKC_X_509
Definition pkcs11t.h:407
CKF_DIGEST
#define CKF_DIGEST
Definition pkcs11t.h:1008
CKF_USER_PIN_FINAL_TRY
#define CKF_USER_PIN_FINAL_TRY
Definition pkcs11t.h:210
CKM_ECDSA_SHA224
#define CKM_ECDSA_SHA224
Definition pkcs11t.h:893
CKF_DERIVE
#define CKF_DERIVE
Definition pkcs11t.h:1017
CKM_BATON_KEY_GEN
#define CKM_BATON_KEY_GEN
Definition pkcs11t.h:880
CKR_DEVICE_ERROR
#define CKR_DEVICE_ERROR
Definition pkcs11t.h:1060
CKA_PRIVATE_EXPONENT
#define CKA_PRIVATE_EXPONENT
Definition pkcs11t.h:477
CKR_RANDOM_SEED_NOT_SUPPORTED
#define CKR_RANDOM_SEED_NOT_SUPPORTED
Definition pkcs11t.h:1129
CKA_RESOLUTION
#define CKA_RESOLUTION
Definition pkcs11t.h:545
CKR_SESSION_PARALLEL_NOT_SUPPORTED
#define CKR_SESSION_PARALLEL_NOT_SUPPORTED
Definition pkcs11t.h:1099
CKM_MD2
#define CKM_MD2
Definition pkcs11t.h:685
CKM_BATON_CBC128
#define CKM_BATON_CBC128
Definition pkcs11t.h:883
CKM_DSA
#define CKM_DSA
Definition pkcs11t.h:606
CKA_ID
#define CKA_ID
Definition pkcs11t.h:461
CKA_OBJECT_ID
#define CKA_OBJECT_ID
Definition pkcs11t.h:443
CKM_AES_CFB8
#define CKM_AES_CFB8
Definition pkcs11t.h:965
CKM_CMS_SIG
#define CKM_CMS_SIG
Definition pkcs11t.h:832
CKA_APPLICATION
#define CKA_APPLICATION
Definition pkcs11t.h:441
CKM_RIPEMD128
#define CKM_RIPEMD128
Definition pkcs11t.h:700
CKF_VERIFY
#define CKF_VERIFY
Definition pkcs11t.h:1011
CKM_AES_CBC_PAD
#define CKM_AES_CBC_PAD
Definition pkcs11t.h:918
CKG_MGF1_SHA224
#define CKG_MGF1_SHA224
Definition pkcs11t.h:1250
CKM_CAST3_CBC
#define CKM_CAST3_CBC
Definition pkcs11t.h:734
CKM_ECDH1_DERIVE
#define CKM_ECDH1_DERIVE
Definition pkcs11t.h:898
CKM_VENDOR_DEFINED
#define CKM_VENDOR_DEFINED
Definition pkcs11t.h:975
CKR_ATTRIBUTE_READ_ONLY
#define CKR_ATTRIBUTE_READ_ONLY
Definition pkcs11t.h:1051
CKR_KEY_FUNCTION_NOT_PERMITTED
#define CKR_KEY_FUNCTION_NOT_PERMITTED
Definition pkcs11t.h:1079
CKA_HW_FEATURE_TYPE
#define CKA_HW_FEATURE_TYPE
Definition pkcs11t.h:539
CKM_TWOFISH_KEY_GEN
#define CKM_TWOFISH_KEY_GEN
Definition pkcs11t.h:932
CKR_WRAPPING_KEY_TYPE_INCONSISTENT
#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1128
CKN_SURRENDER
#define CKN_SURRENDER
Definition pkcs11t.h:101
CKK_CAST128
#define CKK_CAST128
Definition pkcs11t.h:355
CKA_VERIFY_RECOVER
#define CKA_VERIFY_RECOVER
Definition pkcs11t.h:470
CKK_CAST5
#define CKK_CAST5
Definition pkcs11t.h:354
CKM_SHA512_224_HMAC_GENERAL
#define CKM_SHA512_224_HMAC_GENERAL
Definition pkcs11t.h:633
CKM_SKIPJACK_RELAYX
#define CKM_SKIPJACK_RELAYX
Definition pkcs11t.h:875
CK_RV
CK_ULONG CK_RV
Definition pkcs11t.h:1036
CKM_SHA512_224_HMAC
#define CKM_SHA512_224_HMAC
Definition pkcs11t.h:632
CKR_SESSION_EXISTS
#define CKR_SESSION_EXISTS
Definition pkcs11t.h:1101
CKM_MD5_HMAC_GENERAL
#define CKM_MD5_HMAC_GENERAL
Definition pkcs11t.h:693
CKM_MD2_RSA_PKCS
#define CKM_MD2_RSA_PKCS
Definition pkcs11t.h:591
CKR_FUNCTION_REJECTED
#define CKR_FUNCTION_REJECTED
Definition pkcs11t.h:1156
CKM_SHA_1_HMAC_GENERAL
#define CKM_SHA_1_HMAC_GENERAL
Definition pkcs11t.h:698
CKM_TLS10_MAC_CLIENT
#define CKM_TLS10_MAC_CLIENT
Definition pkcs11t.h:819
CK_ULONG
unsigned long int CK_ULONG
Definition pkcs11t.h:48
CKO_SECRET_KEY
#define CKO_SECRET_KEY
Definition pkcs11t.h:314
CKK_RSA
#define CKK_RSA
Definition pkcs11t.h:339
CKM_JUNIPER_ECB128
#define CKM_JUNIPER_ECB128
Definition pkcs11t.h:906
CKA_PUBLIC_EXPONENT
#define CKA_PUBLIC_EXPONENT
Definition pkcs11t.h:476
CKM_SKIPJACK_CBC64
#define CKM_SKIPJACK_CBC64
Definition pkcs11t.h:867
CKM_DES_ECB
#define CKM_DES_ECB
Definition pkcs11t.h:656
CKM_CAST_CBC
#define CKM_CAST_CBC
Definition pkcs11t.h:728
CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE
#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:815
CKM_PBE_SHA1_DES2_EDE_CBC
#define CKM_PBE_SHA1_DES2_EDE_CBC
Definition pkcs11t.h:803
CKM_X9_42_DH_KEY_PAIR_GEN
#define CKM_X9_42_DH_KEY_PAIR_GEN
Definition pkcs11t.h:616
CKK_CAMELLIA
#define CKK_CAMELLIA
Definition pkcs11t.h:368
CKA_MODIFIABLE
#define CKA_MODIFIABLE
Definition pkcs11t.h:500
CRYPTOKI_VERSION_MINOR
#define CRYPTOKI_VERSION_MINOR
Definition pkcs11t.h:20
CKK_SEED
#define CKK_SEED
Definition pkcs11t.h:380
CKM_RC5_MAC
#define CKM_RC5_MAC
Definition pkcs11t.h:754
CKM_RSA_PKCS_KEY_PAIR_GEN
#define CKM_RSA_PKCS_KEY_PAIR_GEN
Definition pkcs11t.h:586
CKR_SESSION_READ_ONLY
#define CKR_SESSION_READ_ONLY
Definition pkcs11t.h:1100
CKK_KEA
#define CKK_KEA
Definition pkcs11t.h:345
CKM_RC2_CBC
#define CKM_RC2_CBC
Definition pkcs11t.h:647
CKA_OTP_TIME_REQUIREMENT
#define CKA_OTP_TIME_REQUIREMENT
Definition pkcs11t.h:525
CKM_PBE_MD5_CAST5_CBC
#define CKM_PBE_MD5_CAST5_CBC
Definition pkcs11t.h:796
CKM_KEA_KEY_DERIVE
#define CKM_KEA_KEY_DERIVE
Definition pkcs11t.h:877
CKC_X_509_ATTR_CERT
#define CKC_X_509_ATTR_CERT
Definition pkcs11t.h:408
CKM_JUNIPER_KEY_GEN
#define CKM_JUNIPER_KEY_GEN
Definition pkcs11t.h:905
CKM_RC5_CBC
#define CKM_RC5_CBC
Definition pkcs11t.h:753
CKM_ARIA_CBC_PAD
#define CKM_ARIA_CBC_PAD
Definition pkcs11t.h:852
CKR_ENCRYPTED_DATA_LEN_RANGE
#define CKR_ENCRYPTED_DATA_LEN_RANGE
Definition pkcs11t.h:1064
CKM_SHA512_KEY_DERIVATION
#define CKM_SHA512_KEY_DERIVATION
Definition pkcs11t.h:789
CKA_BITS_PER_PIXEL
#define CKA_BITS_PER_PIXEL
Definition pkcs11t.h:549
CKR_SIGNATURE_INVALID
#define CKR_SIGNATURE_INVALID
Definition pkcs11t.h:1106
CKA_AC_ISSUER
#define CKA_AC_ISSUER
Definition pkcs11t.h:447
CKM_TLS_KDF
#define CKM_TLS_KDF
Definition pkcs11t.h:827
CKM_AES_MAC_GENERAL
#define CKM_AES_MAC_GENERAL
Definition pkcs11t.h:917
CKM_CAST128_CBC_PAD
#define CKM_CAST128_CBC_PAD
Definition pkcs11t.h:750
CKM_BATON_ECB128
#define CKM_BATON_ECB128
Definition pkcs11t.h:881
CKA_OTP_USER_IDENTIFIER
#define CKA_OTP_USER_IDENTIFIER
Definition pkcs11t.h:530
CKM_BLOWFISH_CBC
#define CKM_BLOWFISH_CBC
Definition pkcs11t.h:931
CKM_FASTHASH
#define CKM_FASTHASH
Definition pkcs11t.h:911
CKR_SESSION_HANDLE_INVALID
#define CKR_SESSION_HANDLE_INVALID
Definition pkcs11t.h:1098
CKF_EC_F_2M
#define CKF_EC_F_2M
Definition pkcs11t.h:1023
CKM_ARIA_ECB
#define CKM_ARIA_ECB
Definition pkcs11t.h:848
CK_CERTIFICATE_CATEGORY_OTHER_ENTITY
#define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY
Definition pkcs11t.h:398
CKO_CERTIFICATE
#define CKO_CERTIFICATE
Definition pkcs11t.h:311
CKA_CHECK_VALUE
#define CKA_CHECK_VALUE
Definition pkcs11t.h:457
CKM_DES_CBC
#define CKM_DES_CBC
Definition pkcs11t.h:657
CKF_USER_PIN_INITIALIZED
#define CKF_USER_PIN_INITIALIZED
Definition pkcs11t.h:158
CK_NOTIFICATION
CK_ULONG CK_NOTIFICATION
Definition pkcs11t.h:100
CKM_CAST5_MAC
#define CKM_CAST5_MAC
Definition pkcs11t.h:745
CK_INFO
struct CK_INFO CK_INFO
CKA_PUBLIC_KEY_INFO
#define CKA_PUBLIC_KEY_INFO
Definition pkcs11t.h:483
CKA_OTP_USER_FRIENDLY_MODE
#define CKA_OTP_USER_FRIENDLY_MODE
Definition pkcs11t.h:523
CKM_SHA384_HMAC_GENERAL
#define CKM_SHA384_HMAC_GENERAL
Definition pkcs11t.h:715
CKF_RW_SESSION
#define CKF_RW_SESSION
Definition pkcs11t.h:289
CKR_USER_ANOTHER_ALREADY_LOGGED_IN
#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN
Definition pkcs11t.h:1121
CKM_SECURID_KEY_GEN
#define CKM_SECURID_KEY_GEN
Definition pkcs11t.h:719
CKM_IDEA_MAC_GENERAL
#define CKM_IDEA_MAC_GENERAL
Definition pkcs11t.h:761
CKS_RO_USER_FUNCTIONS
#define CKS_RO_USER_FUNCTIONS
Definition pkcs11t.h:273
CK_SLOT_INFO
struct CK_SLOT_INFO CK_SLOT_INFO
CKM_TLS_KEY_AND_MAC_DERIVE
#define CKM_TLS_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:776
CKM_GOST28147_ECB
#define CKM_GOST28147_ECB
Definition pkcs11t.h:952
CKA_PRIME
#define CKA_PRIME
Definition pkcs11t.h:484
CKR_ARGUMENTS_BAD
#define CKR_ARGUMENTS_BAD
Definition pkcs11t.h:1046
CK_TOKEN_INFO
struct CK_TOKEN_INFO CK_TOKEN_INFO
CKM_SECURID
#define CKM_SECURID
Definition pkcs11t.h:720
CKM_AES_CCM
#define CKM_AES_CCM
Definition pkcs11t.h:921
CKR_CANCEL
#define CKR_CANCEL
Definition pkcs11t.h:1039
CKM_SHA512_224_KEY_DERIVATION
#define CKM_SHA512_224_KEY_DERIVATION
Definition pkcs11t.h:634
CKM_SHA256
#define CKM_SHA256
Definition pkcs11t.h:707
CKM_IDEA_CBC_PAD
#define CKM_IDEA_CBC_PAD
Definition pkcs11t.h:762
CKM_SHA512_T_HMAC_GENERAL
#define CKM_SHA512_T_HMAC_GENERAL
Definition pkcs11t.h:642
CKK_BLOWFISH
#define CKK_BLOWFISH
Definition pkcs11t.h:363
CKM_CDMF_CBC_PAD
#define CKM_CDMF_CBC_PAD
Definition pkcs11t.h:678
CKU_USER
#define CKU_USER
Definition pkcs11t.h:266
CKR_PIN_TOO_WEAK
#define CKR_PIN_TOO_WEAK
Definition pkcs11t.h:1153
CKA_MODULUS
#define CKA_MODULUS
Definition pkcs11t.h:474
CK_BYTE
unsigned char CK_BYTE
Definition pkcs11t.h:36
CKM_AES_CFB64
#define CKM_AES_CFB64
Definition pkcs11t.h:964
CKM_TLS_MASTER_KEY_DERIVE_DH
#define CKM_TLS_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:777
CKA_PRIVATE
#define CKA_PRIVATE
Definition pkcs11t.h:439
CKM_DES_KEY_GEN
#define CKM_DES_KEY_GEN
Definition pkcs11t.h:655
CK_SLOT_ID
CK_ULONG CK_SLOT_ID
Definition pkcs11t.h:104
CK_FLAGS
CK_ULONG CK_FLAGS
Definition pkcs11t.h:54
CKR_PIN_EXPIRED
#define CKR_PIN_EXPIRED
Definition pkcs11t.h:1093
CKM_CAST3_MAC_GENERAL
#define CKM_CAST3_MAC_GENERAL
Definition pkcs11t.h:736
CK_OBJECT_CLASS
CK_ULONG CK_OBJECT_CLASS
Definition pkcs11t.h:307
CKM_CAST5_CBC_PAD
#define CKM_CAST5_CBC_PAD
Definition pkcs11t.h:749
CKM_PBE_SHA1_RC2_128_CBC
#define CKM_PBE_SHA1_RC2_128_CBC
Definition pkcs11t.h:804
CKG_MGF1_SHA384
#define CKG_MGF1_SHA384
Definition pkcs11t.h:1248
CKR_PIN_LOCKED
#define CKR_PIN_LOCKED
Definition pkcs11t.h:1094
CKA_PRIME_1
#define CKA_PRIME_1
Definition pkcs11t.h:478
CKA_NAME_HASH_ALGORITHM
#define CKA_NAME_HASH_ALGORITHM
Definition pkcs11t.h:456
CKM_DSA_SHA512
#define CKM_DSA_SHA512
Definition pkcs11t.h:611
CKM_SSL3_PRE_MASTER_KEY_GEN
#define CKM_SSL3_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:769
CK_ATTRIBUTE
struct CK_ATTRIBUTE CK_ATTRIBUTE
CKM_SSL3_MASTER_KEY_DERIVE_DH
#define CKM_SSL3_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:773
CKM_IDEA_MAC
#define CKM_IDEA_MAC
Definition pkcs11t.h:760
CKR_LIBRARY_LOAD_FAILED
#define CKR_LIBRARY_LOAD_FAILED
Definition pkcs11t.h:1152
CKM_MD5_RSA_PKCS
#define CKM_MD5_RSA_PKCS
Definition pkcs11t.h:592
CKM_DSA_SHA384
#define CKM_DSA_SHA384
Definition pkcs11t.h:610
CKM_RIPEMD128_HMAC_GENERAL
#define CKM_RIPEMD128_HMAC_GENERAL
Definition pkcs11t.h:702
CKF_WRAP
#define CKF_WRAP
Definition pkcs11t.h:1015
CKK_DES
#define CKK_DES
Definition pkcs11t.h:349
CKM_PBA_SHA1_WITH_SHA1_HMAC
#define CKM_PBA_SHA1_WITH_SHA1_HMAC
Definition pkcs11t.h:809
CKA_OTP_SERVICE_LOGO_TYPE
#define CKA_OTP_SERVICE_LOGO_TYPE
Definition pkcs11t.h:533
CK_SESSION_HANDLE
CK_ULONG CK_SESSION_HANDLE
Definition pkcs11t.h:256
CKA_OTP_CHALLENGE_REQUIREMENT
#define CKA_OTP_CHALLENGE_REQUIREMENT
Definition pkcs11t.h:524
CKK_ACTI
#define CKK_ACTI
Definition pkcs11t.h:367
CKR_CANT_LOCK
#define CKR_CANT_LOCK
Definition pkcs11t.h:1049
CKM_DES_CBC_PAD
#define CKM_DES_CBC_PAD
Definition pkcs11t.h:661
CKR_TOKEN_NOT_PRESENT
#define CKR_TOKEN_NOT_PRESENT
Definition pkcs11t.h:1110
CKA_OTP_FORMAT
#define CKA_OTP_FORMAT
Definition pkcs11t.h:520
CKF_EXTENSION
#define CKF_EXTENSION
Definition pkcs11t.h:1029
CKM_SHA512_T
#define CKM_SHA512_T
Definition pkcs11t.h:640
CKM_DES3_CBC_PAD
#define CKM_DES3_CBC_PAD
Definition pkcs11t.h:670
CKM_SHA512_T_KEY_DERIVATION
#define CKM_SHA512_T_KEY_DERIVATION
Definition pkcs11t.h:643
CKA_EC_POINT
#define CKA_EC_POINT
Definition pkcs11t.h:508
CKR_CRYPTOKI_NOT_INITIALIZED
#define CKR_CRYPTOKI_NOT_INITIALIZED
Definition pkcs11t.h:1142
CKM_KEA_DERIVE
#define CKM_KEA_DERIVE
Definition pkcs11t.h:878
CKM_DH_PKCS_DERIVE
#define CKM_DH_PKCS_DERIVE
Definition pkcs11t.h:614
CKM_CAMELLIA_MAC_GENERAL
#define CKM_CAMELLIA_MAC_GENERAL
Definition pkcs11t.h:841
CKA_SENSITIVE
#define CKA_SENSITIVE
Definition pkcs11t.h:462
CKM_MD2_HMAC_GENERAL
#define CKM_MD2_HMAC_GENERAL
Definition pkcs11t.h:688
CKF_EC_F_P
#define CKF_EC_F_P
Definition pkcs11t.h:1022
CKM_SEED_CBC_ENCRYPT_DATA
#define CKM_SEED_CBC_ENCRYPT_DATA
Definition pkcs11t.h:863
CKM_DES3_CMAC_GENERAL
#define CKM_DES3_CMAC_GENERAL
Definition pkcs11t.h:671
CKR_PIN_INCORRECT
#define CKR_PIN_INCORRECT
Definition pkcs11t.h:1089
CKM_CAST128_MAC_GENERAL
#define CKM_CAST128_MAC_GENERAL
Definition pkcs11t.h:748
CKM_ARIA_CBC
#define CKM_ARIA_CBC
Definition pkcs11t.h:849
CK_CERTIFICATE_CATEGORY_TOKEN_USER
#define CK_CERTIFICATE_CATEGORY_TOKEN_USER
Definition pkcs11t.h:396
CKM_CAMELLIA_CTR
#define CKM_CAMELLIA_CTR
Definition pkcs11t.h:845
CKM_PBE_SHA1_RC4_40
#define CKM_PBE_SHA1_RC4_40
Definition pkcs11t.h:801
CKM_PBE_SHA1_CAST5_CBC
#define CKM_PBE_SHA1_CAST5_CBC
Definition pkcs11t.h:798
CKM_TLS10_MAC_SERVER
#define CKM_TLS10_MAC_SERVER
Definition pkcs11t.h:818
CKM_X9_42_DH_DERIVE
#define CKM_X9_42_DH_DERIVE
Definition pkcs11t.h:617
CKF_GENERATE_KEY_PAIR
#define CKF_GENERATE_KEY_PAIR
Definition pkcs11t.h:1014
CKM_AES_KEY_WRAP
#define CKM_AES_KEY_WRAP
Definition pkcs11t.h:969
CKM_SKIPJACK_PRIVATE_WRAP
#define CKM_SKIPJACK_PRIVATE_WRAP
Definition pkcs11t.h:874
CKF_SIGN_RECOVER
#define CKF_SIGN_RECOVER
Definition pkcs11t.h:1010
CKA_SIGN_RECOVER
#define CKA_SIGN_RECOVER
Definition pkcs11t.h:468
CKM_KEY_WRAP_LYNKS
#define CKM_KEY_WRAP_LYNKS
Definition pkcs11t.h:829
CKM_SHA512_RSA_PKCS_PSS
#define CKM_SHA512_RSA_PKCS_PSS
Definition pkcs11t.h:626
CKM_CAST5_KEY_GEN
#define CKM_CAST5_KEY_GEN
Definition pkcs11t.h:739
CKF_REMOVABLE_DEVICE
#define CKF_REMOVABLE_DEVICE
Definition pkcs11t.h:123
CKP_PKCS5_PBKD2_HMAC_SHA512_256
#define CKP_PKCS5_PBKD2_HMAC_SHA512_256
Definition pkcs11t.h:1726
CKM_CAMELLIA_CBC
#define CKM_CAMELLIA_CBC
Definition pkcs11t.h:839
CKM_ECDSA_SHA512
#define CKM_ECDSA_SHA512
Definition pkcs11t.h:896
CKM_RSA_PKCS_OAEP
#define CKM_RSA_PKCS_OAEP
Definition pkcs11t.h:597
CKM_DES_OFB64
#define CKM_DES_OFB64
Definition pkcs11t.h:680
CKR_WRAPPED_KEY_INVALID
#define CKR_WRAPPED_KEY_INVALID
Definition pkcs11t.h:1124
CKF_SECONDARY_AUTHENTICATION
#define CKF_SECONDARY_AUTHENTICATION
Definition pkcs11t.h:199
CKO_OTP_KEY
#define CKO_OTP_KEY
Definition pkcs11t.h:318
CKM_PBE_SHA1_RC4_128
#define CKM_PBE_SHA1_RC4_128
Definition pkcs11t.h:800
CKM_CDMF_MAC
#define CKM_CDMF_MAC
Definition pkcs11t.h:676
CKM_RSA_PKCS_OAEP_TPM_1_1
#define CKM_RSA_PKCS_OAEP_TPM_1_1
Definition pkcs11t.h:973
CKM_SHA512_RSA_PKCS
#define CKM_SHA512_RSA_PKCS
Definition pkcs11t.h:623
CKA_EXPONENT_1
#define CKA_EXPONENT_1
Definition pkcs11t.h:480
CKM_DES3_MAC_GENERAL
#define CKM_DES3_MAC_GENERAL
Definition pkcs11t.h:669
CKM_CAST_CBC_PAD
#define CKM_CAST_CBC_PAD
Definition pkcs11t.h:731
CKP_PKCS5_PBKD2_HMAC_SHA224
#define CKP_PKCS5_PBKD2_HMAC_SHA224
Definition pkcs11t.h:1721
CK_MECHANISM_INFO
struct CK_MECHANISM_INFO CK_MECHANISM_INFO
CKM_SHA224_HMAC
#define CKM_SHA224_HMAC
Definition pkcs11t.h:711
CKM_CAST5_CBC
#define CKM_CAST5_CBC
Definition pkcs11t.h:743
CKM_SSL3_MD5_MAC
#define CKM_SSL3_MD5_MAC
Definition pkcs11t.h:781
CKM_EXTRACT_KEY_FROM_KEY
#define CKM_EXTRACT_KEY_FROM_KEY
Definition pkcs11t.h:768
CKM_SKIPJACK_CFB32
#define CKM_SKIPJACK_CFB32
Definition pkcs11t.h:870
CKM_ECMQV_DERIVE
#define CKM_ECMQV_DERIVE
Definition pkcs11t.h:900
CKA_SIGN
#define CKA_SIGN
Definition pkcs11t.h:467
CKM_AES_KEY_GEN
#define CKM_AES_KEY_GEN
Definition pkcs11t.h:913
CKF_USER_FRIENDLY_OTP
#define CKF_USER_FRIENDLY_OTP
Definition pkcs11t.h:1814
CKR_WRAPPING_KEY_HANDLE_INVALID
#define CKR_WRAPPING_KEY_HANDLE_INVALID
Definition pkcs11t.h:1126
CKR_MUTEX_NOT_LOCKED
#define CKR_MUTEX_NOT_LOCKED
Definition pkcs11t.h:1145
CKR_USER_TOO_MANY_TYPES
#define CKR_USER_TOO_MANY_TYPES
Definition pkcs11t.h:1122
CKM_CAST_MAC_GENERAL
#define CKM_CAST_MAC_GENERAL
Definition pkcs11t.h:730
CK_USER_TYPE
CK_ULONG CK_USER_TYPE
Definition pkcs11t.h:262
CKF_USER_PIN_COUNT_LOW
#define CKF_USER_PIN_COUNT_LOW
Definition pkcs11t.h:205
CKM_IDEA_CBC
#define CKM_IDEA_CBC
Definition pkcs11t.h:759
CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC
#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC
Definition pkcs11t.h:813
CKR_SESSION_CLOSED
#define CKR_SESSION_CLOSED
Definition pkcs11t.h:1096
CKA_EXPONENT_2
#define CKA_EXPONENT_2
Definition pkcs11t.h:481
CKK_RIPEMD160_HMAC
#define CKK_RIPEMD160_HMAC
Definition pkcs11t.h:374
CK_TRUE
#define CK_TRUE
Definition pkcs11t.h:23
CKM_DSA_KEY_PAIR_GEN
#define CKM_DSA_KEY_PAIR_GEN
Definition pkcs11t.h:605
CKM_RC4_KEY_GEN
#define CKM_RC4_KEY_GEN
Definition pkcs11t.h:653
CKM_ACTI_KEY_GEN
#define CKM_ACTI_KEY_GEN
Definition pkcs11t.h:724
CKM_SHA224
#define CKM_SHA224
Definition pkcs11t.h:710
CKM_SHA1_RSA_X9_31
#define CKM_SHA1_RSA_X9_31
Definition pkcs11t.h:601
CKM_AES_CBC_ENCRYPT_DATA
#define CKM_AES_CBC_ENCRYPT_DATA
Definition pkcs11t.h:942
CKA_VALUE
#define CKA_VALUE
Definition pkcs11t.h:442
CKA_URL
#define CKA_URL
Definition pkcs11t.h:453
CKM_GOSTR3410
#define CKM_GOSTR3410
Definition pkcs11t.h:945
CKM_CAMELLIA_CBC_PAD
#define CKM_CAMELLIA_CBC_PAD
Definition pkcs11t.h:842
CKF_EXCLUDE_COUNTER
#define CKF_EXCLUDE_COUNTER
Definition pkcs11t.h:1811
CK_FUNCTION_LIST_PTR
CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR
Definition pkcs11t.h:1175
CKM_CAMELLIA_ECB_ENCRYPT_DATA
#define CKM_CAMELLIA_ECB_ENCRYPT_DATA
Definition pkcs11t.h:843
CKM_SKIPJACK_CFB16
#define CKM_SKIPJACK_CFB16
Definition pkcs11t.h:871
CKK_JUNIPER
#define CKK_JUNIPER
Definition pkcs11t.h:360
CKM_WTLS_MASTER_KEY_DERIVE
#define CKM_WTLS_MASTER_KEY_DERIVE
Definition pkcs11t.h:812
CKM_SKIPJACK_KEY_GEN
#define CKM_SKIPJACK_KEY_GEN
Definition pkcs11t.h:865
CKH_MONOTONIC_COUNTER
#define CKH_MONOTONIC_COUNTER
Definition pkcs11t.h:330
CKF_ENCRYPT
#define CKF_ENCRYPT
Definition pkcs11t.h:1006
CKF_OS_LOCKING_OK
#define CKF_OS_LOCKING_OK
Definition pkcs11t.h:1226
CKM_GOST28147_KEY_WRAP
#define CKM_GOST28147_KEY_WRAP
Definition pkcs11t.h:955
CKM_SHA224_RSA_PKCS_PSS
#define CKM_SHA224_RSA_PKCS_PSS
Definition pkcs11t.h:629
CKA_LOCAL
#define CKA_LOCAL
Definition pkcs11t.h:495
CKM_MD5_KEY_DERIVATION
#define CKM_MD5_KEY_DERIVATION
Definition pkcs11t.h:783
CKM_BATON_ECB96
#define CKM_BATON_ECB96
Definition pkcs11t.h:882
CKP_PKCS5_PBKD2_HMAC_SHA384
#define CKP_PKCS5_PBKD2_HMAC_SHA384
Definition pkcs11t.h:1723
CKM_CAST3_MAC
#define CKM_CAST3_MAC
Definition pkcs11t.h:735
CK_SESSION_INFO
struct CK_SESSION_INFO CK_SESSION_INFO
CKR_OBJECT_HANDLE_INVALID
#define CKR_OBJECT_HANDLE_INVALID
Definition pkcs11t.h:1086
CKF_EC_ECPARAMETERS
#define CKF_EC_ECPARAMETERS
Definition pkcs11t.h:1024
CKM_CDMF_KEY_GEN
#define CKM_CDMF_KEY_GEN
Definition pkcs11t.h:673
CKA_ECDSA_PARAMS
#define CKA_ECDSA_PARAMS
Definition pkcs11t.h:505
CKM_SHA512_224
#define CKM_SHA512_224
Definition pkcs11t.h:631
CKM_KEA_KEY_PAIR_GEN
#define CKM_KEA_KEY_PAIR_GEN
Definition pkcs11t.h:876
CKM_SHA256_HMAC
#define CKM_SHA256_HMAC
Definition pkcs11t.h:708
CKA_RESET_ON_INIT
#define CKA_RESET_ON_INIT
Definition pkcs11t.h:540
CKA_VERIFY
#define CKA_VERIFY
Definition pkcs11t.h:469
CKR_PIN_INVALID
#define CKR_PIN_INVALID
Definition pkcs11t.h:1090
CKA_OTP_PIN_REQUIREMENT
#define CKA_OTP_PIN_REQUIREMENT
Definition pkcs11t.h:527
CK_RSA_PKCS_MGF_TYPE
CK_ULONG CK_RSA_PKCS_MGF_TYPE
Definition pkcs11t.h:1241
CKR_UNWRAPPING_KEY_SIZE_RANGE
#define CKR_UNWRAPPING_KEY_SIZE_RANGE
Definition pkcs11t.h:1114
CKM_X9_42_MQV_DERIVE
#define CKM_X9_42_MQV_DERIVE
Definition pkcs11t.h:619
CKM_GOST28147
#define CKM_GOST28147
Definition pkcs11t.h:953
CKM_CDMF_ECB
#define CKM_CDMF_ECB
Definition pkcs11t.h:674
CKD_CPDIVERSIFY_KDF
#define CKD_CPDIVERSIFY_KDF
Definition pkcs11t.h:1300
CKM_TLS12_MASTER_KEY_DERIVE
#define CKM_TLS12_MASTER_KEY_DERIVE
Definition pkcs11t.h:822
CKO_DATA
#define CKO_DATA
Definition pkcs11t.h:310
CKM_BATON_SHUFFLE
#define CKM_BATON_SHUFFLE
Definition pkcs11t.h:885
CKO_PRIVATE_KEY
#define CKO_PRIVATE_KEY
Definition pkcs11t.h:313
CKM_SHA512_256_HMAC_GENERAL
#define CKM_SHA512_256_HMAC_GENERAL
Definition pkcs11t.h:637
CKK_IDEA
#define CKK_IDEA
Definition pkcs11t.h:357
CKM_RC5_MAC_GENERAL
#define CKM_RC5_MAC_GENERAL
Definition pkcs11t.h:755
CKD_SHA384_KDF
#define CKD_SHA384_KDF
Definition pkcs11t.h:1298
CKR_ENCRYPTED_DATA_INVALID
#define CKR_ENCRYPTED_DATA_INVALID
Definition pkcs11t.h:1063
CKM_RC2_CBC_PAD
#define CKM_RC2_CBC_PAD
Definition pkcs11t.h:651
CKP_PKCS5_PBKD2_HMAC_GOSTR3411
#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411
Definition pkcs11t.h:1720
CKM_SEED_CBC_PAD
#define CKM_SEED_CBC_PAD
Definition pkcs11t.h:861
CKR_CRYPTOKI_ALREADY_INITIALIZED
#define CKR_CRYPTOKI_ALREADY_INITIALIZED
Definition pkcs11t.h:1143
CKM_GENERIC_SECRET_KEY_GEN
#define CKM_GENERIC_SECRET_KEY_GEN
Definition pkcs11t.h:763
CKM_DH_PKCS_KEY_PAIR_GEN
#define CKM_DH_PKCS_KEY_PAIR_GEN
Definition pkcs11t.h:613
CKM_DES3_ECB_ENCRYPT_DATA
#define CKM_DES3_ECB_ENCRYPT_DATA
Definition pkcs11t.h:939
CKA_ALLOWED_MECHANISMS
#define CKA_ALLOWED_MECHANISMS
Definition pkcs11t.h:557
CKF_SERIAL_SESSION
#define CKF_SERIAL_SESSION
Definition pkcs11t.h:290
CKR_FUNCTION_FAILED
#define CKR_FUNCTION_FAILED
Definition pkcs11t.h:1044
CKM_CDMF_MAC_GENERAL
#define CKM_CDMF_MAC_GENERAL
Definition pkcs11t.h:677
CKH_CLOCK
#define CKH_CLOCK
Definition pkcs11t.h:331
CKA_OTP_COUNTER_REQUIREMENT
#define CKA_OTP_COUNTER_REQUIREMENT
Definition pkcs11t.h:526
CKM_SHA384
#define CKM_SHA384
Definition pkcs11t.h:713
CKA_COPYABLE
#define CKA_COPYABLE
Definition pkcs11t.h:501
CKF_DUAL_CRYPTO_OPERATIONS
#define CKF_DUAL_CRYPTO_OPERATIONS
Definition pkcs11t.h:185
CKA_PRIME_2
#define CKA_PRIME_2
Definition pkcs11t.h:479
CKR_OPERATION_NOT_INITIALIZED
#define CKR_OPERATION_NOT_INITIALIZED
Definition pkcs11t.h:1088
CKR_ACTION_PROHIBITED
#define CKR_ACTION_PROHIBITED
Definition pkcs11t.h:1056
CKF_SO_PIN_TO_BE_CHANGED
#define CKF_SO_PIN_TO_BE_CHANGED
Definition pkcs11t.h:246
CKR_SESSION_READ_ONLY_EXISTS
#define CKR_SESSION_READ_ONLY_EXISTS
Definition pkcs11t.h:1103
CKM_TLS_PRE_MASTER_KEY_GEN
#define CKM_TLS_PRE_MASTER_KEY_GEN
Definition pkcs11t.h:774
CKM_EC_KEY_PAIR_GEN
#define CKM_EC_KEY_PAIR_GEN
Definition pkcs11t.h:889
CKK_DSA
#define CKK_DSA
Definition pkcs11t.h:340
CKR_SESSION_READ_WRITE_SO_EXISTS
#define CKR_SESSION_READ_WRITE_SO_EXISTS
Definition pkcs11t.h:1104
CKM_RC5_KEY_GEN
#define CKM_RC5_KEY_GEN
Definition pkcs11t.h:751
CKK_BATON
#define CKK_BATON
Definition pkcs11t.h:359
CKR_KEY_SIZE_RANGE
#define CKR_KEY_SIZE_RANGE
Definition pkcs11t.h:1072
CKM_AES_GCM
#define CKM_AES_GCM
Definition pkcs11t.h:920
CKM_DH_PKCS_PARAMETER_GEN
#define CKM_DH_PKCS_PARAMETER_GEN
Definition pkcs11t.h:958
CKM_PBE_MD5_CAST128_CBC
#define CKM_PBE_MD5_CAST128_CBC
Definition pkcs11t.h:797
CKM_SHA384_HMAC
#define CKM_SHA384_HMAC
Definition pkcs11t.h:714
CKR_TEMPLATE_INCONSISTENT
#define CKR_TEMPLATE_INCONSISTENT
Definition pkcs11t.h:1109
CKM_CDMF_CBC
#define CKM_CDMF_CBC
Definition pkcs11t.h:675
CKA_COLOR
#define CKA_COLOR
Definition pkcs11t.h:548
CKM_RC5_CBC_PAD
#define CKM_RC5_CBC_PAD
Definition pkcs11t.h:756
CKR_OPERATION_ACTIVE
#define CKR_OPERATION_ACTIVE
Definition pkcs11t.h:1087
CKR_DATA_LEN_RANGE
#define CKR_DATA_LEN_RANGE
Definition pkcs11t.h:1059
CKO_MECHANISM
#define CKO_MECHANISM
Definition pkcs11t.h:317
CKA_UNWRAP
#define CKA_UNWRAP
Definition pkcs11t.h:466
CKM_SHA1_RSA_PKCS
#define CKM_SHA1_RSA_PKCS
Definition pkcs11t.h:593
CKF_ARRAY_ATTRIBUTE
#define CKF_ARRAY_ATTRIBUTE
Definition pkcs11t.h:421
CKK_GOSTR3410
#define CKK_GOSTR3410
Definition pkcs11t.h:381
CKM_SHA512
#define CKM_SHA512
Definition pkcs11t.h:716
CKM_MD2_KEY_DERIVATION
#define CKM_MD2_KEY_DERIVATION
Definition pkcs11t.h:784
CK_KEY_TYPE
CK_ULONG CK_KEY_TYPE
Definition pkcs11t.h:336
CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN
#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN
Definition pkcs11t.h:961
CKA_TRUSTED
#define CKA_TRUSTED
Definition pkcs11t.h:450
CKA_WRAP_WITH_TRUSTED
#define CKA_WRAP_WITH_TRUSTED
Definition pkcs11t.h:515
CKK_GOSTR3411
#define CKK_GOSTR3411
Definition pkcs11t.h:382
CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE
CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE
Definition pkcs11t.h:1714
CKR_BUFFER_TOO_SMALL
#define CKR_BUFFER_TOO_SMALL
Definition pkcs11t.h:1137
CKM_ARIA_MAC_GENERAL
#define CKM_ARIA_MAC_GENERAL
Definition pkcs11t.h:851
CKU_SO
#define CKU_SO
Definition pkcs11t.h:264
CKM_CAMELLIA_CBC_ENCRYPT_DATA
#define CKM_CAMELLIA_CBC_ENCRYPT_DATA
Definition pkcs11t.h:844
CKM_AES_CFB128
#define CKM_AES_CFB128
Definition pkcs11t.h:966
CKS_RW_USER_FUNCTIONS
#define CKS_RW_USER_FUNCTIONS
Definition pkcs11t.h:275
CKM_AES_CMAC_GENERAL
#define CKM_AES_CMAC_GENERAL
Definition pkcs11t.h:924
CKS_RO_PUBLIC_SESSION
#define CKS_RO_PUBLIC_SESSION
Definition pkcs11t.h:272
CKO_HW_FEATURE
#define CKO_HW_FEATURE
Definition pkcs11t.h:315
CKA_DECRYPT
#define CKA_DECRYPT
Definition pkcs11t.h:464
CKM_PBE_MD5_CAST_CBC
#define CKM_PBE_MD5_CAST_CBC
Definition pkcs11t.h:794
CKM_SHA1_KEY_DERIVATION
#define CKM_SHA1_KEY_DERIVATION
Definition pkcs11t.h:785
CKA_OTP_LENGTH
#define CKA_OTP_LENGTH
Definition pkcs11t.h:521
CKF_EXCLUDE_CHALLENGE
#define CKF_EXCLUDE_CHALLENGE
Definition pkcs11t.h:1812
CKO_VENDOR_DEFINED
#define CKO_VENDOR_DEFINED
Definition pkcs11t.h:320
CKP_PKCS5_PBKD2_HMAC_SHA512
#define CKP_PKCS5_PBKD2_HMAC_SHA512
Definition pkcs11t.h:1724
CKA_KEY_TYPE
#define CKA_KEY_TYPE
Definition pkcs11t.h:459
CKR_USER_PIN_NOT_INITIALIZED
#define CKR_USER_PIN_NOT_INITIALIZED
Definition pkcs11t.h:1118
CKN_OTP_CHANGED
#define CKN_OTP_CHANGED
Definition pkcs11t.h:102
CKM_RIPEMD160
#define CKM_RIPEMD160
Definition pkcs11t.h:703
CKA_ALWAYS_AUTHENTICATE
#define CKA_ALWAYS_AUTHENTICATE
Definition pkcs11t.h:513
CKM_RSA_9796
#define CKM_RSA_9796
Definition pkcs11t.h:588
CKK_CAST
#define CKK_CAST
Definition pkcs11t.h:352
CKM_JUNIPER_WRAP
#define CKM_JUNIPER_WRAP
Definition pkcs11t.h:910
CKA_VALUE_LEN
#define CKA_VALUE_LEN
Definition pkcs11t.h:493
CKA_CHAR_ROWS
#define CKA_CHAR_ROWS
Definition pkcs11t.h:546
CKM_CAST_ECB
#define CKM_CAST_ECB
Definition pkcs11t.h:727
CKM_BATON_COUNTER
#define CKM_BATON_COUNTER
Definition pkcs11t.h:884
CKM_CAST3_KEY_GEN
#define CKM_CAST3_KEY_GEN
Definition pkcs11t.h:732
CKM_TLS_PRF
#define CKM_TLS_PRF
Definition pkcs11t.h:779
CKM_JUNIPER_CBC128
#define CKM_JUNIPER_CBC128
Definition pkcs11t.h:907
CKK_RC2
#define CKK_RC2
Definition pkcs11t.h:347
CKM_SHA224_RSA_PKCS
#define CKM_SHA224_RSA_PKCS
Definition pkcs11t.h:628
CKM_PBE_SHA1_DES3_EDE_CBC
#define CKM_PBE_SHA1_DES3_EDE_CBC
Definition pkcs11t.h:802
CKR_USER_ALREADY_LOGGED_IN
#define CKR_USER_ALREADY_LOGGED_IN
Definition pkcs11t.h:1116
CKK_SHA384_HMAC
#define CKK_SHA384_HMAC
Definition pkcs11t.h:376
CKR_STATE_UNSAVEABLE
#define CKR_STATE_UNSAVEABLE
Definition pkcs11t.h:1140
CKM_RIPEMD160_RSA_PKCS
#define CKM_RIPEMD160_RSA_PKCS
Definition pkcs11t.h:596
CKF_RNG
#define CKF_RNG
Definition pkcs11t.h:155
CKP_PKCS5_PBKD2_HMAC_SHA1
#define CKP_PKCS5_PBKD2_HMAC_SHA1
Definition pkcs11t.h:1719
CKM_AES_CTS
#define CKM_AES_CTS
Definition pkcs11t.h:922
CKA_GOST28147_PARAMS
#define CKA_GOST28147_PARAMS
Definition pkcs11t.h:537
CKM_X9_42_DH_PARAMETER_GEN
#define CKM_X9_42_DH_PARAMETER_GEN
Definition pkcs11t.h:959
CKK_RIPEMD128_HMAC
#define CKK_RIPEMD128_HMAC
Definition pkcs11t.h:373
CKF_SIGN
#define CKF_SIGN
Definition pkcs11t.h:1009
CKM_JUNIPER_COUNTER
#define CKM_JUNIPER_COUNTER
Definition pkcs11t.h:908
CKD_SHA1_KDF_CONCATENATE
#define CKD_SHA1_KDF_CONCATENATE
Definition pkcs11t.h:1295
CKF_GENERATE
#define CKF_GENERATE
Definition pkcs11t.h:1013
CKM_SHA512_256_HMAC
#define CKM_SHA512_256_HMAC
Definition pkcs11t.h:636
CKM_KIP_WRAP
#define CKM_KIP_WRAP
Definition pkcs11t.h:834
CK_MECHANISM_TYPE
CK_ULONG CK_MECHANISM_TYPE
Definition pkcs11t.h:583
CKK_GENERIC_SECRET
#define CKK_GENERIC_SECRET
Definition pkcs11t.h:346
CKM_TLS12_KEY_SAFE_DERIVE
#define CKM_TLS12_KEY_SAFE_DERIVE
Definition pkcs11t.h:825
CKM_PBE_SHA1_CAST128_CBC
#define CKM_PBE_SHA1_CAST128_CBC
Definition pkcs11t.h:799
CKU_CONTEXT_SPECIFIC
#define CKU_CONTEXT_SPECIFIC
Definition pkcs11t.h:268
CKP_PKCS5_PBKD2_HMAC_SHA512_224
#define CKP_PKCS5_PBKD2_HMAC_SHA512_224
Definition pkcs11t.h:1725
CKA_VALUE_BITS
#define CKA_VALUE_BITS
Definition pkcs11t.h:492
CKM_TLS12_KDF
#define CKM_TLS12_KDF
Definition pkcs11t.h:821
CKF_SO_PIN_FINAL_TRY
#define CKF_SO_PIN_FINAL_TRY
Definition pkcs11t.h:234
CKF_EXCLUDE_PIN
#define CKF_EXCLUDE_PIN
Definition pkcs11t.h:1813
CKA_COEFFICIENT
#define CKA_COEFFICIENT
Definition pkcs11t.h:482
CKR_INFORMATION_SENSITIVE
#define CKR_INFORMATION_SENSITIVE
Definition pkcs11t.h:1139
CKR_NEW_PIN_MODE
#define CKR_NEW_PIN_MODE
Definition pkcs11t.h:1147
CKM_AES_KEY_WRAP_PAD
#define CKM_AES_KEY_WRAP_PAD
Definition pkcs11t.h:970
CKR_OK
#define CKR_OK
Definition pkcs11t.h:1038
CKM_CONCATENATE_DATA_AND_BASE
#define CKM_CONCATENATE_DATA_AND_BASE
Definition pkcs11t.h:766
CKM_GOSTR3410_KEY_WRAP
#define CKM_GOSTR3410_KEY_WRAP
Definition pkcs11t.h:947
CKA_OWNER
#define CKA_OWNER
Definition pkcs11t.h:448
CKM_XOR_BASE_AND_DATA
#define CKM_XOR_BASE_AND_DATA
Definition pkcs11t.h:767
CKA_DESTROYABLE
#define CKA_DESTROYABLE
Definition pkcs11t.h:503
CKM_ECDSA
#define CKM_ECDSA
Definition pkcs11t.h:891
CKM_ECDSA_SHA384
#define CKM_ECDSA_SHA384
Definition pkcs11t.h:895
CKM_RSA_X9_31
#define CKM_RSA_X9_31
Definition pkcs11t.h:600
CKM_GOST28147_KEY_GEN
#define CKM_GOST28147_KEY_GEN
Definition pkcs11t.h:951
CKK_CAST3
#define CKK_CAST3
Definition pkcs11t.h:353
CKA_SUBPRIME
#define CKA_SUBPRIME
Definition pkcs11t.h:485
CKA_DERIVE
#define CKA_DERIVE
Definition pkcs11t.h:471
CKK_SKIPJACK
#define CKK_SKIPJACK
Definition pkcs11t.h:358
CKR_ATTRIBUTE_VALUE_INVALID
#define CKR_ATTRIBUTE_VALUE_INVALID
Definition pkcs11t.h:1054
CKA_REQUIRED_CMS_ATTRIBUTES
#define CKA_REQUIRED_CMS_ATTRIBUTES
Definition pkcs11t.h:554
CKM_GOSTR3411
#define CKM_GOSTR3411
Definition pkcs11t.h:949
CK_CERTIFICATE_CATEGORY_AUTHORITY
#define CK_CERTIFICATE_CATEGORY_AUTHORITY
Definition pkcs11t.h:397
CKM_PBE_MD2_DES_CBC
#define CKM_PBE_MD2_DES_CBC
Definition pkcs11t.h:792
CKM_DES_OFB8
#define CKM_DES_OFB8
Definition pkcs11t.h:681
CKM_RIPEMD160_HMAC
#define CKM_RIPEMD160_HMAC
Definition pkcs11t.h:704
CKM_HOTP
#define CKM_HOTP
Definition pkcs11t.h:722
CKM_KEY_WRAP_SET_OAEP
#define CKM_KEY_WRAP_SET_OAEP
Definition pkcs11t.h:830
CKM_KIP_MAC
#define CKM_KIP_MAC
Definition pkcs11t.h:835
CKA_MIME_TYPES
#define CKA_MIME_TYPES
Definition pkcs11t.h:552
CKM_CAST3_CBC_PAD
#define CKM_CAST3_CBC_PAD
Definition pkcs11t.h:737
CKA_CERTIFICATE_CATEGORY
#define CKA_CERTIFICATE_CATEGORY
Definition pkcs11t.h:451
CKK_VENDOR_DEFINED
#define CKK_VENDOR_DEFINED
Definition pkcs11t.h:387
CKM_DSA_SHA224
#define CKM_DSA_SHA224
Definition pkcs11t.h:608
CKM_TLS_MAC
#define CKM_TLS_MAC
Definition pkcs11t.h:826
CK_BBOOL
CK_BYTE CK_BBOOL
Definition pkcs11t.h:45
CKR_FUNCTION_NOT_SUPPORTED
#define CKR_FUNCTION_NOT_SUPPORTED
Definition pkcs11t.h:1068
CKF_RESTORE_KEY_NOT_NEEDED
#define CKF_RESTORE_KEY_NOT_NEEDED
Definition pkcs11t.h:165
CKM_CAST5_ECB
#define CKM_CAST5_ECB
Definition pkcs11t.h:741
CKA_GOSTR3410_PARAMS
#define CKA_GOSTR3410_PARAMS
Definition pkcs11t.h:535
CKR_USER_NOT_LOGGED_IN
#define CKR_USER_NOT_LOGGED_IN
Definition pkcs11t.h:1117
CKA_ALWAYS_SENSITIVE
#define CKA_ALWAYS_SENSITIVE
Definition pkcs11t.h:497
CKM_DES_CFB64
#define CKM_DES_CFB64
Definition pkcs11t.h:682
CKK_HOTP
#define CKK_HOTP
Definition pkcs11t.h:366
CKM_AES_CFB1
#define CKM_AES_CFB1
Definition pkcs11t.h:968
CKM_DES_ECB_ENCRYPT_DATA
#define CKM_DES_ECB_ENCRYPT_DATA
Definition pkcs11t.h:937
CKR_DEVICE_REMOVED
#define CKR_DEVICE_REMOVED
Definition pkcs11t.h:1062
CKF_UNWRAP
#define CKF_UNWRAP
Definition pkcs11t.h:1016
CKA_VENDOR_DEFINED
#define CKA_VENDOR_DEFINED
Definition pkcs11t.h:559
CKA_OTP_TIME
#define CKA_OTP_TIME
Definition pkcs11t.h:529
CKM_PBE_SHA1_RC2_40_CBC
#define CKM_PBE_SHA1_RC2_40_CBC
Definition pkcs11t.h:805
CKM_GOSTR3410_DERIVE
#define CKM_GOSTR3410_DERIVE
Definition pkcs11t.h:948
CKA_END_DATE
#define CKA_END_DATE
Definition pkcs11t.h:473
CKG_MGF1_SHA1
#define CKG_MGF1_SHA1
Definition pkcs11t.h:1246
CKK_SECURID
#define CKK_SECURID
Definition pkcs11t.h:365
CKP_PKCS5_PBKD2_HMAC_SHA256
#define CKP_PKCS5_PBKD2_HMAC_SHA256
Definition pkcs11t.h:1722
CKM_SHA256_HMAC_GENERAL
#define CKM_SHA256_HMAC_GENERAL
Definition pkcs11t.h:709
CKA_ATTR_TYPES
#define CKA_ATTR_TYPES
Definition pkcs11t.h:449
CKF_USER_PIN_TO_BE_CHANGED
#define CKF_USER_PIN_TO_BE_CHANGED
Definition pkcs11t.h:223
CKM_AES_ECB_ENCRYPT_DATA
#define CKM_AES_ECB_ENCRYPT_DATA
Definition pkcs11t.h:941
CKM_RIPEMD128_RSA_PKCS
#define CKM_RIPEMD128_RSA_PKCS
Definition pkcs11t.h:595
CK_CERTIFICATE_CATEGORY_UNSPECIFIED
#define CK_CERTIFICATE_CATEGORY_UNSPECIFIED
Definition pkcs11t.h:395
CKR_DOMAIN_PARAMS_INVALID
#define CKR_DOMAIN_PARAMS_INVALID
Definition pkcs11t.h:1133
CKA_CERTIFICATE_TYPE
#define CKA_CERTIFICATE_TYPE
Definition pkcs11t.h:444
CKM_ECDSA_SHA256
#define CKM_ECDSA_SHA256
Definition pkcs11t.h:894
CKM_BATON_WRAP
#define CKM_BATON_WRAP
Definition pkcs11t.h:886
CKF_SO_PIN_LOCKED
#define CKF_SO_PIN_LOCKED
Definition pkcs11t.h:239
CK_CERTIFICATE_TYPE
CK_ULONG CK_CERTIFICATE_TYPE
Definition pkcs11t.h:393
CKM_AES_OFB
#define CKM_AES_OFB
Definition pkcs11t.h:963
CKR_TOKEN_WRITE_PROTECTED
#define CKR_TOKEN_WRITE_PROTECTED
Definition pkcs11t.h:1112
CKA_HASH_OF_ISSUER_PUBLIC_KEY
#define CKA_HASH_OF_ISSUER_PUBLIC_KEY
Definition pkcs11t.h:455
CKM_HOTP_KEY_GEN
#define CKM_HOTP_KEY_GEN
Definition pkcs11t.h:721
CKF_DECRYPT
#define CKF_DECRYPT
Definition pkcs11t.h:1007
CK_RSA_PKCS_PSS_PARAMS
struct CK_RSA_PKCS_PSS_PARAMS CK_RSA_PKCS_PSS_PARAMS
CKH_VENDOR_DEFINED
#define CKH_VENDOR_DEFINED
Definition pkcs11t.h:333
CKM_TWOFISH_CBC
#define CKM_TWOFISH_CBC
Definition pkcs11t.h:933
CKK_CDMF
#define CKK_CDMF
Definition pkcs11t.h:361
CKA_MODULUS_BITS
#define CKA_MODULUS_BITS
Definition pkcs11t.h:475
CK_VOID_PTR
void CK_PTR CK_VOID_PTR
Definition pkcs11t.h:66
CKM_RIPEMD128_HMAC
#define CKM_RIPEMD128_HMAC
Definition pkcs11t.h:701
CKA_LABEL
#define CKA_LABEL
Definition pkcs11t.h:440
CKA_EXTRACTABLE
#define CKA_EXTRACTABLE
Definition pkcs11t.h:494
CKM_ACTI
#define CKM_ACTI
Definition pkcs11t.h:723
CKM_CAST_KEY_GEN
#define CKM_CAST_KEY_GEN
Definition pkcs11t.h:726
CKR_TEMPLATE_INCOMPLETE
#define CKR_TEMPLATE_INCOMPLETE
Definition pkcs11t.h:1108
CKM_DES3_KEY_GEN
#define CKM_DES3_KEY_GEN
Definition pkcs11t.h:664
CKF_EC_COMPRESS
#define CKF_EC_COMPRESS
Definition pkcs11t.h:1027
CKM_DES3_CBC_ENCRYPT_DATA
#define CKM_DES3_CBC_ENCRYPT_DATA
Definition pkcs11t.h:940
CKM_CAST128_MAC
#define CKM_CAST128_MAC
Definition pkcs11t.h:746
CKM_MD5_HMAC
#define CKM_MD5_HMAC
Definition pkcs11t.h:692
CKF_SO_PIN_COUNT_LOW
#define CKF_SO_PIN_COUNT_LOW
Definition pkcs11t.h:229
CK_OBJECT_HANDLE
CK_ULONG CK_OBJECT_HANDLE
Definition pkcs11t.h:298
CKA_ENCODING_METHODS
#define CKA_ENCODING_METHODS
Definition pkcs11t.h:551
CK_HW_FEATURE_TYPE
CK_ULONG CK_HW_FEATURE_TYPE
Definition pkcs11t.h:327
CKM_DES3_ECB
#define CKM_DES3_ECB
Definition pkcs11t.h:665
CKM_AES_CBC
#define CKM_AES_CBC
Definition pkcs11t.h:915
CKM_SEED_MAC
#define CKM_SEED_MAC
Definition pkcs11t.h:859
CKM_AES_MAC
#define CKM_AES_MAC
Definition pkcs11t.h:916
CKM_SHA256_RSA_PKCS_PSS
#define CKM_SHA256_RSA_PKCS_PSS
Definition pkcs11t.h:624
CKR_KEY_NOT_NEEDED
#define CKR_KEY_NOT_NEEDED
Definition pkcs11t.h:1075
CKM_SKIPJACK_WRAP
#define CKM_SKIPJACK_WRAP
Definition pkcs11t.h:873
CKR_NO_EVENT
#define CKR_NO_EVENT
Definition pkcs11t.h:1047
CKR_VENDOR_DEFINED
#define CKR_VENDOR_DEFINED
Definition pkcs11t.h:1158
CKM_SKIPJACK_ECB64
#define CKM_SKIPJACK_ECB64
Definition pkcs11t.h:866
CKA_ENCRYPT
#define CKA_ENCRYPT
Definition pkcs11t.h:463
CKM_SHA384_KEY_DERIVATION
#define CKM_SHA384_KEY_DERIVATION
Definition pkcs11t.h:788
CKA_SUBPRIME_BITS
#define CKA_SUBPRIME_BITS
Definition pkcs11t.h:489
CKM_RSA_PKCS_PSS
#define CKM_RSA_PKCS_PSS
Definition pkcs11t.h:602
CKM_SKIPJACK_OFB64
#define CKM_SKIPJACK_OFB64
Definition pkcs11t.h:868
CKM_GOSTR3410_WITH_GOSTR3411
#define CKM_GOSTR3410_WITH_GOSTR3411
Definition pkcs11t.h:946
CKM_SHA1_RSA_PKCS_PSS
#define CKM_SHA1_RSA_PKCS_PSS
Definition pkcs11t.h:603
CKK_ECDSA
#define CKK_ECDSA
Definition pkcs11t.h:342
CKM_DES2_KEY_GEN
#define CKM_DES2_KEY_GEN
Definition pkcs11t.h:663
CKM_GOSTR3410_KEY_PAIR_GEN
#define CKM_GOSTR3410_KEY_PAIR_GEN
Definition pkcs11t.h:944
CKA_PIXEL_X
#define CKA_PIXEL_X
Definition pkcs11t.h:543
CKA_DEFAULT_CMS_ATTRIBUTES
#define CKA_DEFAULT_CMS_ATTRIBUTES
Definition pkcs11t.h:555
CKR_HOST_MEMORY
#define CKR_HOST_MEMORY
Definition pkcs11t.h:1040
CKM_SHA512_256_KEY_DERIVATION
#define CKM_SHA512_256_KEY_DERIVATION
Definition pkcs11t.h:638
CKA_GOSTR3411_PARAMS
#define CKA_GOSTR3411_PARAMS
Definition pkcs11t.h:536
CKM_SHA384_RSA_PKCS
#define CKM_SHA384_RSA_PKCS
Definition pkcs11t.h:622
CK_ATTRIBUTE_TYPE
CK_ULONG CK_ATTRIBUTE_TYPE
Definition pkcs11t.h:416
CKR_FUNCTION_NOT_PARALLEL
#define CKR_FUNCTION_NOT_PARALLEL
Definition pkcs11t.h:1066
CKK_GOST28147
#define CKK_GOST28147
Definition pkcs11t.h:383
CKA_CHAR_COLUMNS
#define CKA_CHAR_COLUMNS
Definition pkcs11t.h:547
CKA_UNWRAP_TEMPLATE
#define CKA_UNWRAP_TEMPLATE
Definition pkcs11t.h:517
CKR_SIGNATURE_LEN_RANGE
#define CKR_SIGNATURE_LEN_RANGE
Definition pkcs11t.h:1107
CKM_ARIA_MAC
#define CKM_ARIA_MAC
Definition pkcs11t.h:850
CKR_CURVE_NOT_SUPPORTED
#define CKR_CURVE_NOT_SUPPORTED
Definition pkcs11t.h:1135
CKM_SHA224_KEY_DERIVATION
#define CKM_SHA224_KEY_DERIVATION
Definition pkcs11t.h:790
CKA_KEY_GEN_MECHANISM
#define CKA_KEY_GEN_MECHANISM
Definition pkcs11t.h:498
CKR_FIPS_SELF_TEST_FAILED
#define CKR_FIPS_SELF_TEST_FAILED
Definition pkcs11t.h:1151
CKM_JUNIPER_SHUFFLE
#define CKM_JUNIPER_SHUFFLE
Definition pkcs11t.h:909
CKK_TWOFISH
#define CKK_TWOFISH
Definition pkcs11t.h:364
CKR_USER_TYPE_INVALID
#define CKR_USER_TYPE_INVALID
Definition pkcs11t.h:1119
CKM_SEED_ECB
#define CKM_SEED_ECB
Definition pkcs11t.h:857
CK_C_INITIALIZE_ARGS
struct CK_C_INITIALIZE_ARGS CK_C_INITIALIZE_ARGS
CK_MECHANISM
struct CK_MECHANISM CK_MECHANISM
CKM_CAMELLIA_ECB
#define CKM_CAMELLIA_ECB
Definition pkcs11t.h:838
CKM_ECDH_AES_KEY_WRAP
#define CKM_ECDH_AES_KEY_WRAP
Definition pkcs11t.h:902
CRYPTOKI_VERSION_MAJOR
#define CRYPTOKI_VERSION_MAJOR
Definition pkcs11t.h:19
CKO_DOMAIN_PARAMETERS
#define CKO_DOMAIN_PARAMETERS
Definition pkcs11t.h:316
CKM_PBE_MD5_CAST3_CBC
#define CKM_PBE_MD5_CAST3_CBC
Definition pkcs11t.h:795
CKM_RC4
#define CKM_RC4
Definition pkcs11t.h:654
CKM_RSA_AES_KEY_WRAP
#define CKM_RSA_AES_KEY_WRAP
Definition pkcs11t.h:903
CKF_USER_PIN_LOCKED
#define CKF_USER_PIN_LOCKED
Definition pkcs11t.h:216
CKM_PBE_MD5_DES_CBC
#define CKM_PBE_MD5_DES_CBC
Definition pkcs11t.h:793
CKM_SHA512_T_HMAC
#define CKM_SHA512_T_HMAC
Definition pkcs11t.h:641
CKM_SHA512_HMAC
#define CKM_SHA512_HMAC
Definition pkcs11t.h:717
CKM_RIPEMD160_HMAC_GENERAL
#define CKM_RIPEMD160_HMAC_GENERAL
Definition pkcs11t.h:705
CKM_SHA256_RSA_PKCS
#define CKM_SHA256_RSA_PKCS
Definition pkcs11t.h:621
CKR_KEY_HANDLE_INVALID
#define CKR_KEY_HANDLE_INVALID
Definition pkcs11t.h:1070
CKM_CAST_MAC
#define CKM_CAST_MAC
Definition pkcs11t.h:729
CKM_RC2_MAC_GENERAL
#define CKM_RC2_MAC_GENERAL
Definition pkcs11t.h:650
CKM_RC2_KEY_GEN
#define CKM_RC2_KEY_GEN
Definition pkcs11t.h:645
CKR_MUTEX_BAD
#define CKR_MUTEX_BAD
Definition pkcs11t.h:1144
CKM_CAST128_KEY_GEN
#define CKM_CAST128_KEY_GEN
Definition pkcs11t.h:740
CKF_TOKEN_PRESENT
#define CKF_TOKEN_PRESENT
Definition pkcs11t.h:122
CKM_AES_XCBC_MAC
#define CKM_AES_XCBC_MAC
Definition pkcs11t.h:926
CKD_SHA224_KDF
#define CKD_SHA224_KDF
Definition pkcs11t.h:1296
CKM_SHA384_RSA_PKCS_PSS
#define CKM_SHA384_RSA_PKCS_PSS
Definition pkcs11t.h:625
CKM_RSA_PKCS_TPM_1_1
#define CKM_RSA_PKCS_TPM_1_1
Definition pkcs11t.h:972
CKM_SSL3_KEY_AND_MAC_DERIVE
#define CKM_SSL3_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:771
CKM_DES_MAC_GENERAL
#define CKM_DES_MAC_GENERAL
Definition pkcs11t.h:660
CKA_PIXEL_Y
#define CKA_PIXEL_Y
Definition pkcs11t.h:544
CKR_SAVED_STATE_INVALID
#define CKR_SAVED_STATE_INVALID
Definition pkcs11t.h:1138
CKM_CAST128_CBC
#define CKM_CAST128_CBC
Definition pkcs11t.h:744
CKM_AES_ECB
#define CKM_AES_ECB
Definition pkcs11t.h:914
CKM_ARIA_ECB_ENCRYPT_DATA
#define CKM_ARIA_ECB_ENCRYPT_DATA
Definition pkcs11t.h:853
CKK_EC
#define CKK_EC
Definition pkcs11t.h:343
CKA_WRAP_TEMPLATE
#define CKA_WRAP_TEMPLATE
Definition pkcs11t.h:516
CKR_WRAPPED_KEY_LEN_RANGE
#define CKR_WRAPPED_KEY_LEN_RANGE
Definition pkcs11t.h:1125
CKK_ARIA
#define CKK_ARIA
Definition pkcs11t.h:369
CKF_HW
#define CKF_HW
Definition pkcs11t.h:1003
CKM_X9_42_DH_HYBRID_DERIVE
#define CKM_X9_42_DH_HYBRID_DERIVE
Definition pkcs11t.h:618
CKA_PRIME_BITS
#define CKA_PRIME_BITS
Definition pkcs11t.h:488
CKF_EXCLUDE_TIME
#define CKF_EXCLUDE_TIME
Definition pkcs11t.h:1810
CKR_EXCEEDED_MAX_ITERATIONS
#define CKR_EXCEEDED_MAX_ITERATIONS
Definition pkcs11t.h:1150
CKM_BLOWFISH_KEY_GEN
#define CKM_BLOWFISH_KEY_GEN
Definition pkcs11t.h:930
CKM_GOST28147_MAC
#define CKM_GOST28147_MAC
Definition pkcs11t.h:954
CKM_CAST128_ECB
#define CKM_CAST128_ECB
Definition pkcs11t.h:742
CKR_KEY_INDIGESTIBLE
#define CKR_KEY_INDIGESTIBLE
Definition pkcs11t.h:1078
CKK_MD5_HMAC
#define CKK_MD5_HMAC
Definition pkcs11t.h:371
CKH_USER_INTERFACE
#define CKH_USER_INTERFACE
Definition pkcs11t.h:332
CKK_SHA_1_HMAC
#define CKK_SHA_1_HMAC
Definition pkcs11t.h:372
CKA_OTP_COUNTER
#define CKA_OTP_COUNTER
Definition pkcs11t.h:528
CKA_CHAR_SETS
#define CKA_CHAR_SETS
Definition pkcs11t.h:550
CKF_VERIFY_RECOVER
#define CKF_VERIFY_RECOVER
Definition pkcs11t.h:1012
CKA_MECHANISM_TYPE
#define CKA_MECHANISM_TYPE
Definition pkcs11t.h:553
CK_STATE
CK_ULONG CK_STATE
Definition pkcs11t.h:271
CKK_AES
#define CKK_AES
Definition pkcs11t.h:362
CKM_SEED_CBC
#define CKM_SEED_CBC
Definition pkcs11t.h:858
CKA_BASE
#define CKA_BASE
Definition pkcs11t.h:486
CKM_DSA_SHA256
#define CKM_DSA_SHA256
Definition pkcs11t.h:609
CKF_CLOCK_ON_TOKEN
#define CKF_CLOCK_ON_TOKEN
Definition pkcs11t.h:171
CKS_RW_SO_FUNCTIONS
#define CKS_RW_SO_FUNCTIONS
Definition pkcs11t.h:276
CKM_DES_CFB8
#define CKM_DES_CFB8
Definition pkcs11t.h:683
CKR_KEY_NEEDED
#define CKR_KEY_NEEDED
Definition pkcs11t.h:1077
CKM_BLOWFISH_CBC_PAD
#define CKM_BLOWFISH_CBC_PAD
Definition pkcs11t.h:934
CKR_PUBLIC_KEY_INVALID
#define CKR_PUBLIC_KEY_INVALID
Definition pkcs11t.h:1154
CKR_KEY_TYPE_INCONSISTENT
#define CKR_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1073
CKM_SHA_1
#define CKM_SHA_1
Definition pkcs11t.h:695
CKM_DSA_SHA1
#define CKM_DSA_SHA1
Definition pkcs11t.h:607
CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT
#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT
Definition pkcs11t.h:1115
CKM_AES_XCBC_MAC_96
#define CKM_AES_XCBC_MAC_96
Definition pkcs11t.h:927
CKM_ECDSA_KEY_PAIR_GEN
#define CKM_ECDSA_KEY_PAIR_GEN
Definition pkcs11t.h:888
CKK_X9_42_DH
#define CKK_X9_42_DH
Definition pkcs11t.h:344
CKM_WTLS_PRF
#define CKM_WTLS_PRF
Definition pkcs11t.h:814
CKF_ERROR_STATE
#define CKF_ERROR_STATE
Definition pkcs11t.h:248
CKF_WRITE_PROTECTED
#define CKF_WRITE_PROTECTED
Definition pkcs11t.h:156
CKA_EC_PARAMS
#define CKA_EC_PARAMS
Definition pkcs11t.h:506
CKM_DES_MAC
#define CKM_DES_MAC
Definition pkcs11t.h:658
CKM_RC2_ECB
#define CKM_RC2_ECB
Definition pkcs11t.h:646
CKM_TLS12_KEY_AND_MAC_DERIVE
#define CKM_TLS12_KEY_AND_MAC_DERIVE
Definition pkcs11t.h:823
CKA_WRAP
#define CKA_WRAP
Definition pkcs11t.h:465
CKA_CLASS
#define CKA_CLASS
Definition pkcs11t.h:437
CKK_SHA512_HMAC
#define CKK_SHA512_HMAC
Definition pkcs11t.h:377
CKR_KEY_NOT_WRAPPABLE
#define CKR_KEY_NOT_WRAPPABLE
Definition pkcs11t.h:1080
CKM_MD2_HMAC
#define CKM_MD2_HMAC
Definition pkcs11t.h:687
CKA_DERIVE_TEMPLATE
#define CKA_DERIVE_TEMPLATE
Definition pkcs11t.h:518
CKF_EC_NAMEDCURVE
#define CKF_EC_NAMEDCURVE
Definition pkcs11t.h:1025
CKF_NEXT_OTP
#define CKF_NEXT_OTP
Definition pkcs11t.h:1809
CKM_TLS12_MASTER_KEY_DERIVE_DH
#define CKM_TLS12_MASTER_KEY_DERIVE_DH
Definition pkcs11t.h:824
CKM_RC5_ECB
#define CKM_RC5_ECB
Definition pkcs11t.h:752
CKF_DONT_BLOCK
#define CKF_DONT_BLOCK
Definition pkcs11t.h:1234
CK_ECDH1_DERIVE_PARAMS
struct CK_ECDH1_DERIVE_PARAMS CK_ECDH1_DERIVE_PARAMS
CKM_SHA224_HMAC_GENERAL
#define CKM_SHA224_HMAC_GENERAL
Definition pkcs11t.h:712
CK_RSA_PKCS_OAEP_PARAMS
struct CK_RSA_PKCS_OAEP_PARAMS CK_RSA_PKCS_OAEP_PARAMS
CKA_HAS_RESET
#define CKA_HAS_RESET
Definition pkcs11t.h:541
CKA_OTP_SERVICE_LOGO
#define CKA_OTP_SERVICE_LOGO
Definition pkcs11t.h:532
CKA_SUBJECT
#define CKA_SUBJECT
Definition pkcs11t.h:460
CKM_DES3_MAC
#define CKM_DES3_MAC
Definition pkcs11t.h:667
CK_ATTRIBUTE
Definition pkcs11t.h:564
CK_C_INITIALIZE_ARGS
Definition pkcs11t.h:1213
CK_DATE
Definition pkcs11t.h:573
CK_ECDH1_DERIVE_PARAMS
Definition pkcs11t.h:1307
CK_INFO
Definition pkcs11t.h:86
CK_MECHANISM_INFO
Definition pkcs11t.h:995
CK_MECHANISM
Definition pkcs11t.h:983
CK_RSA_PKCS_OAEP_PARAMS
Definition pkcs11t.h:1266
CK_RSA_PKCS_PSS_PARAMS
Definition pkcs11t.h:1279
CK_SESSION_INFO
Definition pkcs11t.h:279
CK_SLOT_INFO
Definition pkcs11t.h:110
CK_TOKEN_INFO
Definition pkcs11t.h:130
Generated by doxygen 1.11.0