Botan 3.5.0
Crypto and TLS for C&
pkcs11f.h
Go to the documentation of this file.
1/*
2 * PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Errata 01
3 * Committee Specification Draft 01 / Public Review Draft 01
4 * 09 December 2015
5 * Copyright (c) OASIS Open 2015. All Rights Reserved.
6 * Source: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/csprd01/include/pkcs11-v2.40/
7 * Latest version of the specification: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
8 * https://www.oasis-open.org/policies-guidelines/ipr
9 */
10
11/* This header file contains pretty much everything about all the
12 * Cryptoki function prototypes. Because this information is
13 * used for more than just declaring function prototypes, the
14 * order of the functions appearing herein is important, and
15 * should not be altered.
16 */
17
18/* General-purpose */
19
20/* C_Initialize initializes the Cryptoki library. */
21CK_PKCS11_FUNCTION_INFO(C_Initialize)
22#ifdef CK_NEED_ARG_LIST
23(
24 CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
25 * cast to CK_C_INITIALIZE_ARGS_PTR
26 * and dereferenced
27 */
28);
29#endif
30
31
32/* C_Finalize indicates that an application is done with the
33 * Cryptoki library.
34 */
36#ifdef CK_NEED_ARG_LIST
37(
38 CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
39);
40#endif
41
42
43/* C_GetInfo returns general information about Cryptoki. */
45#ifdef CK_NEED_ARG_LIST
46(
47 CK_INFO_PTR pInfo /* location that receives information */
48);
49#endif
50
51
52/* C_GetFunctionList returns the function list. */
53CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
54#ifdef CK_NEED_ARG_LIST
55(
56 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
57 * function list
58 */
59);
60#endif
61
62
63
64/* Slot and token management */
65
66/* C_GetSlotList obtains a list of slots in the system. */
67CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
68#ifdef CK_NEED_ARG_LIST
69(
70 CK_BBOOL tokenPresent, /* only slots with tokens */
71 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
72 CK_ULONG_PTR pulCount /* receives number of slots */
73);
74#endif
75
76
77/* C_GetSlotInfo obtains information about a particular slot in
78 * the system.
79 */
80CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
81#ifdef CK_NEED_ARG_LIST
82(
83 CK_SLOT_ID slotID, /* the ID of the slot */
84 CK_SLOT_INFO_PTR pInfo /* receives the slot information */
85);
86#endif
87
88
89/* C_GetTokenInfo obtains information about a particular token
90 * in the system.
91 */
92CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
93#ifdef CK_NEED_ARG_LIST
94(
95 CK_SLOT_ID slotID, /* ID of the token's slot */
96 CK_TOKEN_INFO_PTR pInfo /* receives the token information */
97);
98#endif
99
100
101/* C_GetMechanismList obtains a list of mechanism types
102 * supported by a token.
103 */
104CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
105#ifdef CK_NEED_ARG_LIST
106(
107 CK_SLOT_ID slotID, /* ID of token's slot */
108 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
109 CK_ULONG_PTR pulCount /* gets # of mechs. */
110);
111#endif
112
113
114/* C_GetMechanismInfo obtains information about a particular
115 * mechanism possibly supported by a token.
116 */
117CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
118#ifdef CK_NEED_ARG_LIST
119(
120 CK_SLOT_ID slotID, /* ID of the token's slot */
121 CK_MECHANISM_TYPE type, /* type of mechanism */
122 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
123);
124#endif
125
126
127/* C_InitToken initializes a token. */
128CK_PKCS11_FUNCTION_INFO(C_InitToken)
129#ifdef CK_NEED_ARG_LIST
130(
131 CK_SLOT_ID slotID, /* ID of the token's slot */
132 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
133 CK_ULONG ulPinLen, /* length in bytes of the PIN */
134 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
135);
136#endif
137
138
139/* C_InitPIN initializes the normal user's PIN. */
141#ifdef CK_NEED_ARG_LIST
142(
143 CK_SESSION_HANDLE hSession, /* the session's handle */
144 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
145 CK_ULONG ulPinLen /* length in bytes of the PIN */
146);
147#endif
148
149
150/* C_SetPIN modifies the PIN of the user who is logged in. */
152#ifdef CK_NEED_ARG_LIST
153(
154 CK_SESSION_HANDLE hSession, /* the session's handle */
155 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
156 CK_ULONG ulOldLen, /* length of the old PIN */
157 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
158 CK_ULONG ulNewLen /* length of the new PIN */
159);
160#endif
161
162
163
164/* Session management */
165
166/* C_OpenSession opens a session between an application and a
167 * token.
168 */
169CK_PKCS11_FUNCTION_INFO(C_OpenSession)
170#ifdef CK_NEED_ARG_LIST
171(
172 CK_SLOT_ID slotID, /* the slot's ID */
173 CK_FLAGS flags, /* from CK_SESSION_INFO */
174 CK_VOID_PTR pApplication, /* passed to callback */
175 CK_NOTIFY Notify, /* callback function */
176 CK_SESSION_HANDLE_PTR phSession /* gets session handle */
177);
178#endif
179
180
181/* C_CloseSession closes a session between an application and a
182 * token.
183 */
184CK_PKCS11_FUNCTION_INFO(C_CloseSession)
185#ifdef CK_NEED_ARG_LIST
186(
187 CK_SESSION_HANDLE hSession /* the session's handle */
188);
189#endif
190
191
192/* C_CloseAllSessions closes all sessions with a token. */
193CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
194#ifdef CK_NEED_ARG_LIST
195(
196 CK_SLOT_ID slotID /* the token's slot */
197);
198#endif
199
200
201/* C_GetSessionInfo obtains information about the session. */
202CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
203#ifdef CK_NEED_ARG_LIST
204(
205 CK_SESSION_HANDLE hSession, /* the session's handle */
206 CK_SESSION_INFO_PTR pInfo /* receives session info */
207);
208#endif
209
210
211/* C_GetOperationState obtains the state of the cryptographic operation
212 * in a session.
213 */
214CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
215#ifdef CK_NEED_ARG_LIST
216(
217 CK_SESSION_HANDLE hSession, /* session's handle */
218 CK_BYTE_PTR pOperationState, /* gets state */
219 CK_ULONG_PTR pulOperationStateLen /* gets state length */
220);
221#endif
222
223
224/* C_SetOperationState restores the state of the cryptographic
225 * operation in a session.
226 */
227CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
228#ifdef CK_NEED_ARG_LIST
229(
230 CK_SESSION_HANDLE hSession, /* session's handle */
231 CK_BYTE_PTR pOperationState, /* holds state */
232 CK_ULONG ulOperationStateLen, /* holds state length */
233 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
234 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
235);
236#endif
237
238
239/* C_Login logs a user into a token. */
241#ifdef CK_NEED_ARG_LIST
242(
243 CK_SESSION_HANDLE hSession, /* the session's handle */
244 CK_USER_TYPE userType, /* the user type */
245 CK_UTF8CHAR_PTR pPin, /* the user's PIN */
246 CK_ULONG ulPinLen /* the length of the PIN */
247);
248#endif
249
250
251/* C_Logout logs a user out from a token. */
253#ifdef CK_NEED_ARG_LIST
254(
255 CK_SESSION_HANDLE hSession /* the session's handle */
256);
257#endif
258
259
260
261/* Object management */
262
263/* C_CreateObject creates a new object. */
264CK_PKCS11_FUNCTION_INFO(C_CreateObject)
265#ifdef CK_NEED_ARG_LIST
266(
267 CK_SESSION_HANDLE hSession, /* the session's handle */
268 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
269 CK_ULONG ulCount, /* attributes in template */
270 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
271);
272#endif
273
274
275/* C_CopyObject copies an object, creating a new object for the
276 * copy.
277 */
278CK_PKCS11_FUNCTION_INFO(C_CopyObject)
279#ifdef CK_NEED_ARG_LIST
280(
281 CK_SESSION_HANDLE hSession, /* the session's handle */
282 CK_OBJECT_HANDLE hObject, /* the object's handle */
283 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
284 CK_ULONG ulCount, /* attributes in template */
285 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
286);
287#endif
288
289
290/* C_DestroyObject destroys an object. */
291CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
292#ifdef CK_NEED_ARG_LIST
293(
294 CK_SESSION_HANDLE hSession, /* the session's handle */
295 CK_OBJECT_HANDLE hObject /* the object's handle */
296);
297#endif
298
299
300/* C_GetObjectSize gets the size of an object in bytes. */
301CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
302#ifdef CK_NEED_ARG_LIST
303(
304 CK_SESSION_HANDLE hSession, /* the session's handle */
305 CK_OBJECT_HANDLE hObject, /* the object's handle */
306 CK_ULONG_PTR pulSize /* receives size of object */
307);
308#endif
309
310
311/* C_GetAttributeValue obtains the value of one or more object
312 * attributes.
313 */
314CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
315#ifdef CK_NEED_ARG_LIST
316(
317 CK_SESSION_HANDLE hSession, /* the session's handle */
318 CK_OBJECT_HANDLE hObject, /* the object's handle */
319 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
320 CK_ULONG ulCount /* attributes in template */
321);
322#endif
323
324
325/* C_SetAttributeValue modifies the value of one or more object
326 * attributes.
327 */
328CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
329#ifdef CK_NEED_ARG_LIST
330(
331 CK_SESSION_HANDLE hSession, /* the session's handle */
332 CK_OBJECT_HANDLE hObject, /* the object's handle */
333 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
334 CK_ULONG ulCount /* attributes in template */
335);
336#endif
337
338
339/* C_FindObjectsInit initializes a search for token and session
340 * objects that match a template.
341 */
342CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
343#ifdef CK_NEED_ARG_LIST
344(
345 CK_SESSION_HANDLE hSession, /* the session's handle */
346 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
347 CK_ULONG ulCount /* attrs in search template */
348);
349#endif
350
351
352/* C_FindObjects continues a search for token and session
353 * objects that match a template, obtaining additional object
354 * handles.
355 */
356CK_PKCS11_FUNCTION_INFO(C_FindObjects)
357#ifdef CK_NEED_ARG_LIST
358(
359 CK_SESSION_HANDLE hSession, /* session's handle */
360 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
361 CK_ULONG ulMaxObjectCount, /* max handles to get */
362 CK_ULONG_PTR pulObjectCount /* actual # returned */
363);
364#endif
365
366
367/* C_FindObjectsFinal finishes a search for token and session
368 * objects.
369 */
370CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
371#ifdef CK_NEED_ARG_LIST
372(
373 CK_SESSION_HANDLE hSession /* the session's handle */
374);
375#endif
376
377
378
379/* Encryption and decryption */
380
381/* C_EncryptInit initializes an encryption operation. */
382CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
383#ifdef CK_NEED_ARG_LIST
384(
385 CK_SESSION_HANDLE hSession, /* the session's handle */
386 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
387 CK_OBJECT_HANDLE hKey /* handle of encryption key */
388);
389#endif
390
391
392/* C_Encrypt encrypts single-part data. */
394#ifdef CK_NEED_ARG_LIST
395(
396 CK_SESSION_HANDLE hSession, /* session's handle */
397 CK_BYTE_PTR pData, /* the plaintext data */
398 CK_ULONG ulDataLen, /* bytes of plaintext */
399 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
400 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
401);
402#endif
403
404
405/* C_EncryptUpdate continues a multiple-part encryption
406 * operation.
407 */
408CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
409#ifdef CK_NEED_ARG_LIST
410(
411 CK_SESSION_HANDLE hSession, /* session's handle */
412 CK_BYTE_PTR pPart, /* the plaintext data */
413 CK_ULONG ulPartLen, /* plaintext data len */
414 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
415 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
416);
417#endif
418
419
420/* C_EncryptFinal finishes a multiple-part encryption
421 * operation.
422 */
423CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
424#ifdef CK_NEED_ARG_LIST
425(
426 CK_SESSION_HANDLE hSession, /* session handle */
427 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
428 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
429);
430#endif
431
432
433/* C_DecryptInit initializes a decryption operation. */
434CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
435#ifdef CK_NEED_ARG_LIST
436(
437 CK_SESSION_HANDLE hSession, /* the session's handle */
438 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
439 CK_OBJECT_HANDLE hKey /* handle of decryption key */
440);
441#endif
442
443
444/* C_Decrypt decrypts encrypted data in a single part. */
446#ifdef CK_NEED_ARG_LIST
447(
448 CK_SESSION_HANDLE hSession, /* session's handle */
449 CK_BYTE_PTR pEncryptedData, /* ciphertext */
450 CK_ULONG ulEncryptedDataLen, /* ciphertext length */
451 CK_BYTE_PTR pData, /* gets plaintext */
452 CK_ULONG_PTR pulDataLen /* gets p-text size */
453);
454#endif
455
456
457/* C_DecryptUpdate continues a multiple-part decryption
458 * operation.
459 */
460CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
461#ifdef CK_NEED_ARG_LIST
462(
463 CK_SESSION_HANDLE hSession, /* session's handle */
464 CK_BYTE_PTR pEncryptedPart, /* encrypted data */
465 CK_ULONG ulEncryptedPartLen, /* input length */
466 CK_BYTE_PTR pPart, /* gets plaintext */
467 CK_ULONG_PTR pulPartLen /* p-text size */
468);
469#endif
470
471
472/* C_DecryptFinal finishes a multiple-part decryption
473 * operation.
474 */
475CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
476#ifdef CK_NEED_ARG_LIST
477(
478 CK_SESSION_HANDLE hSession, /* the session's handle */
479 CK_BYTE_PTR pLastPart, /* gets plaintext */
480 CK_ULONG_PTR pulLastPartLen /* p-text size */
481);
482#endif
483
484
485
486/* Message digesting */
487
488/* C_DigestInit initializes a message-digesting operation. */
489CK_PKCS11_FUNCTION_INFO(C_DigestInit)
490#ifdef CK_NEED_ARG_LIST
491(
492 CK_SESSION_HANDLE hSession, /* the session's handle */
493 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
494);
495#endif
496
497
498/* C_Digest digests data in a single part. */
500#ifdef CK_NEED_ARG_LIST
501(
502 CK_SESSION_HANDLE hSession, /* the session's handle */
503 CK_BYTE_PTR pData, /* data to be digested */
504 CK_ULONG ulDataLen, /* bytes of data to digest */
505 CK_BYTE_PTR pDigest, /* gets the message digest */
506 CK_ULONG_PTR pulDigestLen /* gets digest length */
507);
508#endif
509
510
511/* C_DigestUpdate continues a multiple-part message-digesting
512 * operation.
513 */
514CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
515#ifdef CK_NEED_ARG_LIST
516(
517 CK_SESSION_HANDLE hSession, /* the session's handle */
518 CK_BYTE_PTR pPart, /* data to be digested */
519 CK_ULONG ulPartLen /* bytes of data to be digested */
520);
521#endif
522
523
524/* C_DigestKey continues a multi-part message-digesting
525 * operation, by digesting the value of a secret key as part of
526 * the data already digested.
527 */
528CK_PKCS11_FUNCTION_INFO(C_DigestKey)
529#ifdef CK_NEED_ARG_LIST
530(
531 CK_SESSION_HANDLE hSession, /* the session's handle */
532 CK_OBJECT_HANDLE hKey /* secret key to digest */
533);
534#endif
535
536
537/* C_DigestFinal finishes a multiple-part message-digesting
538 * operation.
539 */
540CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
541#ifdef CK_NEED_ARG_LIST
542(
543 CK_SESSION_HANDLE hSession, /* the session's handle */
544 CK_BYTE_PTR pDigest, /* gets the message digest */
545 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
546);
547#endif
548
549
550
551/* Signing and MACing */
552
553/* C_SignInit initializes a signature (private key encryption)
554 * operation, where the signature is (will be) an appendix to
555 * the data, and plaintext cannot be recovered from the
556 * signature.
557 */
558CK_PKCS11_FUNCTION_INFO(C_SignInit)
559#ifdef CK_NEED_ARG_LIST
560(
561 CK_SESSION_HANDLE hSession, /* the session's handle */
562 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
563 CK_OBJECT_HANDLE hKey /* handle of signature key */
564);
565#endif
566
567
568/* C_Sign signs (encrypts with private key) data in a single
569 * part, where the signature is (will be) an appendix to the
570 * data, and plaintext cannot be recovered from the signature.
571 */
573#ifdef CK_NEED_ARG_LIST
574(
575 CK_SESSION_HANDLE hSession, /* the session's handle */
576 CK_BYTE_PTR pData, /* the data to sign */
577 CK_ULONG ulDataLen, /* count of bytes to sign */
578 CK_BYTE_PTR pSignature, /* gets the signature */
579 CK_ULONG_PTR pulSignatureLen /* gets signature length */
580);
581#endif
582
583
584/* C_SignUpdate continues a multiple-part signature operation,
585 * where the signature is (will be) an appendix to the data,
586 * and plaintext cannot be recovered from the signature.
587 */
588CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
589#ifdef CK_NEED_ARG_LIST
590(
591 CK_SESSION_HANDLE hSession, /* the session's handle */
592 CK_BYTE_PTR pPart, /* the data to sign */
593 CK_ULONG ulPartLen /* count of bytes to sign */
594);
595#endif
596
597
598/* C_SignFinal finishes a multiple-part signature operation,
599 * returning the signature.
600 */
601CK_PKCS11_FUNCTION_INFO(C_SignFinal)
602#ifdef CK_NEED_ARG_LIST
603(
604 CK_SESSION_HANDLE hSession, /* the session's handle */
605 CK_BYTE_PTR pSignature, /* gets the signature */
606 CK_ULONG_PTR pulSignatureLen /* gets signature length */
607);
608#endif
609
610
611/* C_SignRecoverInit initializes a signature operation, where
612 * the data can be recovered from the signature.
613 */
614CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
615#ifdef CK_NEED_ARG_LIST
616(
617 CK_SESSION_HANDLE hSession, /* the session's handle */
618 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
619 CK_OBJECT_HANDLE hKey /* handle of the signature key */
620);
621#endif
622
623
624/* C_SignRecover signs data in a single operation, where the
625 * data can be recovered from the signature.
626 */
627CK_PKCS11_FUNCTION_INFO(C_SignRecover)
628#ifdef CK_NEED_ARG_LIST
629(
630 CK_SESSION_HANDLE hSession, /* the session's handle */
631 CK_BYTE_PTR pData, /* the data to sign */
632 CK_ULONG ulDataLen, /* count of bytes to sign */
633 CK_BYTE_PTR pSignature, /* gets the signature */
634 CK_ULONG_PTR pulSignatureLen /* gets signature length */
635);
636#endif
637
638
639
640/* Verifying signatures and MACs */
641
642/* C_VerifyInit initializes a verification operation, where the
643 * signature is an appendix to the data, and plaintext cannot
644 * cannot be recovered from the signature (e.g. DSA).
645 */
646CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
647#ifdef CK_NEED_ARG_LIST
648(
649 CK_SESSION_HANDLE hSession, /* the session's handle */
650 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
651 CK_OBJECT_HANDLE hKey /* verification key */
652);
653#endif
654
655
656/* C_Verify verifies a signature in a single-part operation,
657 * where the signature is an appendix to the data, and plaintext
658 * cannot be recovered from the signature.
659 */
661#ifdef CK_NEED_ARG_LIST
662(
663 CK_SESSION_HANDLE hSession, /* the session's handle */
664 CK_BYTE_PTR pData, /* signed data */
665 CK_ULONG ulDataLen, /* length of signed data */
666 CK_BYTE_PTR pSignature, /* signature */
667 CK_ULONG ulSignatureLen /* signature length*/
668);
669#endif
670
671
672/* C_VerifyUpdate continues a multiple-part verification
673 * operation, where the signature is an appendix to the data,
674 * and plaintext cannot be recovered from the signature.
675 */
676CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
677#ifdef CK_NEED_ARG_LIST
678(
679 CK_SESSION_HANDLE hSession, /* the session's handle */
680 CK_BYTE_PTR pPart, /* signed data */
681 CK_ULONG ulPartLen /* length of signed data */
682);
683#endif
684
685
686/* C_VerifyFinal finishes a multiple-part verification
687 * operation, checking the signature.
688 */
689CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
690#ifdef CK_NEED_ARG_LIST
691(
692 CK_SESSION_HANDLE hSession, /* the session's handle */
693 CK_BYTE_PTR pSignature, /* signature to verify */
694 CK_ULONG ulSignatureLen /* signature length */
695);
696#endif
697
698
699/* C_VerifyRecoverInit initializes a signature verification
700 * operation, where the data is recovered from the signature.
701 */
702CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
703#ifdef CK_NEED_ARG_LIST
704(
705 CK_SESSION_HANDLE hSession, /* the session's handle */
706 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
707 CK_OBJECT_HANDLE hKey /* verification key */
708);
709#endif
710
711
712/* C_VerifyRecover verifies a signature in a single-part
713 * operation, where the data is recovered from the signature.
714 */
715CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
716#ifdef CK_NEED_ARG_LIST
717(
718 CK_SESSION_HANDLE hSession, /* the session's handle */
719 CK_BYTE_PTR pSignature, /* signature to verify */
720 CK_ULONG ulSignatureLen, /* signature length */
721 CK_BYTE_PTR pData, /* gets signed data */
722 CK_ULONG_PTR pulDataLen /* gets signed data len */
723);
724#endif
725
726
727
728/* Dual-function cryptographic operations */
729
730/* C_DigestEncryptUpdate continues a multiple-part digesting
731 * and encryption operation.
732 */
733CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
734#ifdef CK_NEED_ARG_LIST
735(
736 CK_SESSION_HANDLE hSession, /* session's handle */
737 CK_BYTE_PTR pPart, /* the plaintext data */
738 CK_ULONG ulPartLen, /* plaintext length */
739 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
740 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
741);
742#endif
743
744
745/* C_DecryptDigestUpdate continues a multiple-part decryption and
746 * digesting operation.
747 */
748CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
749#ifdef CK_NEED_ARG_LIST
750(
751 CK_SESSION_HANDLE hSession, /* session's handle */
752 CK_BYTE_PTR pEncryptedPart, /* ciphertext */
753 CK_ULONG ulEncryptedPartLen, /* ciphertext length */
754 CK_BYTE_PTR pPart, /* gets plaintext */
755 CK_ULONG_PTR pulPartLen /* gets plaintext len */
756);
757#endif
758
759
760/* C_SignEncryptUpdate continues a multiple-part signing and
761 * encryption operation.
762 */
763CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
764#ifdef CK_NEED_ARG_LIST
765(
766 CK_SESSION_HANDLE hSession, /* session's handle */
767 CK_BYTE_PTR pPart, /* the plaintext data */
768 CK_ULONG ulPartLen, /* plaintext length */
769 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
770 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
771);
772#endif
773
774
775/* C_DecryptVerifyUpdate continues a multiple-part decryption and
776 * verify operation.
777 */
778CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
779#ifdef CK_NEED_ARG_LIST
780(
781 CK_SESSION_HANDLE hSession, /* session's handle */
782 CK_BYTE_PTR pEncryptedPart, /* ciphertext */
783 CK_ULONG ulEncryptedPartLen, /* ciphertext length */
784 CK_BYTE_PTR pPart, /* gets plaintext */
785 CK_ULONG_PTR pulPartLen /* gets p-text length */
786);
787#endif
788
789
790
791/* Key management */
792
793/* C_GenerateKey generates a secret key, creating a new key
794 * object.
795 */
796CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
797#ifdef CK_NEED_ARG_LIST
798(
799 CK_SESSION_HANDLE hSession, /* the session's handle */
800 CK_MECHANISM_PTR pMechanism, /* key generation mech. */
801 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
802 CK_ULONG ulCount, /* # of attrs in template */
803 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
804);
805#endif
806
807
808/* C_GenerateKeyPair generates a public-key/private-key pair,
809 * creating new key objects.
810 */
811CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
812#ifdef CK_NEED_ARG_LIST
813(
814 CK_SESSION_HANDLE hSession, /* session handle */
815 CK_MECHANISM_PTR pMechanism, /* key-gen mech. */
816 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */
817 CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */
818 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */
819 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */
820 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */
821 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */
822);
823#endif
824
825
826/* C_WrapKey wraps (i.e., encrypts) a key. */
828#ifdef CK_NEED_ARG_LIST
829(
830 CK_SESSION_HANDLE hSession, /* the session's handle */
831 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
832 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
833 CK_OBJECT_HANDLE hKey, /* key to be wrapped */
834 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
835 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
836);
837#endif
838
839
840/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
841 * key object.
842 */
843CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
844#ifdef CK_NEED_ARG_LIST
845(
846 CK_SESSION_HANDLE hSession, /* session's handle */
847 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
848 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
849 CK_BYTE_PTR pWrappedKey, /* the wrapped key */
850 CK_ULONG ulWrappedKeyLen, /* wrapped key len */
851 CK_ATTRIBUTE_PTR pTemplate, /* new key template */
852 CK_ULONG ulAttributeCount, /* template length */
853 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
854);
855#endif
856
857
858/* C_DeriveKey derives a key from a base key, creating a new key
859 * object.
860 */
861CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
862#ifdef CK_NEED_ARG_LIST
863(
864 CK_SESSION_HANDLE hSession, /* session's handle */
865 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
866 CK_OBJECT_HANDLE hBaseKey, /* base key */
867 CK_ATTRIBUTE_PTR pTemplate, /* new key template */
868 CK_ULONG ulAttributeCount, /* template length */
869 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
870);
871#endif
872
873
874
875/* Random number generation */
876
877/* C_SeedRandom mixes additional seed material into the token's
878 * random number generator.
879 */
880CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
881#ifdef CK_NEED_ARG_LIST
882(
883 CK_SESSION_HANDLE hSession, /* the session's handle */
884 CK_BYTE_PTR pSeed, /* the seed material */
885 CK_ULONG ulSeedLen /* length of seed material */
886);
887#endif
888
889
890/* C_GenerateRandom generates random data. */
891CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
892#ifdef CK_NEED_ARG_LIST
893(
894 CK_SESSION_HANDLE hSession, /* the session's handle */
895 CK_BYTE_PTR RandomData, /* receives the random data */
896 CK_ULONG ulRandomLen /* # of bytes to generate */
897);
898#endif
899
900
901
902/* Parallel function management */
903
904/* C_GetFunctionStatus is a legacy function; it obtains an
905 * updated status of a function running in parallel with an
906 * application.
907 */
908CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
909#ifdef CK_NEED_ARG_LIST
910(
911 CK_SESSION_HANDLE hSession /* the session's handle */
912);
913#endif
914
915
916/* C_CancelFunction is a legacy function; it cancels a function
917 * running in parallel.
918 */
919CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
920#ifdef CK_NEED_ARG_LIST
921(
922 CK_SESSION_HANDLE hSession /* the session's handle */
923);
924#endif
925
926
927/* C_WaitForSlotEvent waits for a slot event (token insertion,
928 * removal, etc.) to occur.
929 */
930CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
931#ifdef CK_NEED_ARG_LIST
932(
933 CK_FLAGS flags, /* blocking/nonblocking flag */
934 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
935 CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
936);
937#endif
938
CK_NOTIFY Notify
Definition p11.h:822
Flags flags(Flag flags)
Definition p11.h:838
#define CK_PKCS11_FUNCTION_INFO(name)
Definition pkcs11.h:198
CK_NOTIFICATION CK_VOID_PTR pApplication
Definition pkcs11t.h:1166
CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR
Definition pkcs11t.h:292
CK_INFO CK_PTR CK_INFO_PTR
Definition pkcs11t.h:94
CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR
Definition pkcs11t.h:1177
unsigned long int CK_ULONG
Definition pkcs11t.h:48
CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR
Definition pkcs11t.h:126
CK_BYTE CK_PTR CK_BYTE_PTR
Definition pkcs11t.h:62
CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR
Definition pkcs11t.h:250
CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR
Definition pkcs11t.h:300
CK_ULONG CK_SLOT_ID
Definition pkcs11t.h:104
CK_ULONG CK_FLAGS
Definition pkcs11t.h:54
CK_ULONG CK_SESSION_HANDLE
Definition pkcs11t.h:256
CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR
Definition pkcs11t.h:570
CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR
Definition pkcs11t.h:977
CK_ULONG CK_USER_TYPE
Definition pkcs11t.h:262
CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR
Definition pkcs11t.h:1031
CK_ULONG CK_MECHANISM_TYPE
Definition pkcs11t.h:583
CK_BYTE CK_BBOOL
Definition pkcs11t.h:45
void CK_PTR CK_VOID_PTR
Definition pkcs11t.h:66
CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR
Definition pkcs11t.h:106
CK_ULONG CK_OBJECT_HANDLE
Definition pkcs11t.h:298
CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR
Definition pkcs11t.h:258
CK_ULONG CK_PTR CK_ULONG_PTR
Definition pkcs11t.h:65
CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR
Definition pkcs11t.h:64
CK_MECHANISM CK_PTR CK_MECHANISM_PTR
Definition pkcs11t.h:989