1 /* Copyright (c) OASIS Open 2016. All Rights Reserved./ 2 * /Distributed under the terms of the OASIS IPR Policy, 3 * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY 4 * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A 5 * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. 6 */ 7 8 /* Latest version of the specification: 9 * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html 10 */ 11 12 /* This header file contains pretty much everything about all the 13 * Cryptoki function prototypes. Because this information is 14 * used for more than just declaring function prototypes, the 15 * order of the functions appearing herein is important, and 16 * should not be altered. 17 */ 18 19 /* Written in the D programming language. */ 20 21 module pkcs11.pkcs11f; 22 23 24 import pkcs11.pkcs11t; 25 /* : CK_RV, CK_VOID_PTR, CK_BBOOL, CK_ULONG_PTR, CK_SLOT_ID, CK_SLOT_ID_PTR, 26 CK_SLOT_INFO_PTR, CK_FUNCTION_LIST_PTR_PTR, CK_TOKEN_INFO_PTR, CK_INFO_PTR, CK_MECHANISM_TYPE, 27 CK_MECHANISM_TYPE_PTR, CK_MECHANISM_INFO_PTR, CK_ULONG, CK_UTF8CHAR_PTR, CK_SESSION_HANDLE, CK_FLAGS, CK_NOTIFY, 28 CK_SESSION_HANDLE_PTR, CK_SESSION_INFO_PTR, CK_BYTE_PTR, CK_OBJECT_HANDLE, CK_USER_TYPE, CK_ATTRIBUTE_PTR, 29 CK_OBJECT_HANDLE_PTR, CK_MECHANISM_PTR; 30 */ 31 32 extern(C) nothrow @nogc @system : 33 34 35 version( PKCS11_DYNAMIC_BINDING_ONE) 36 version=PKCS11_DYNAMIC_BINDING; 37 else version(PKCS11_DYNAMIC_BINDING_MULTIPLE) 38 version=PKCS11_DYNAMIC_BINDING; 39 40 version(PKCS11_DYNAMIC_BINDING) {} 41 else { 42 43 /* ============================================================== 44 * Define the "extern" form of all the entry points. 45 * ============================================================== 46 */ 47 48 /* General-purpose */ 49 50 /* C_Initialize initializes the Cryptoki library. */ 51 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Initialize 52 ( 53 CK_VOID_PTR pInitArgs /* if this is not null, it gets 54 * cast to CK_C_INITIALIZE_ARGS_PTR 55 * and dereferenced 56 */ 57 ); 58 59 60 /* C_Finalize indicates that an application is done with the 61 * Cryptoki library. 62 */ 63 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Finalize 64 ( 65 CK_VOID_PTR pReserved /* reserved. Should be null */ 66 ); 67 68 69 /* C_GetInfo returns general information about Cryptoki. */ 70 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetInfo 71 ( 72 CK_INFO_PTR pInfo /* location that receives information */ 73 ); 74 75 76 /* C_GetFunctionList returns the function list. */ 77 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetFunctionList 78 ( 79 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to 80 * function list 81 */ 82 ); 83 84 85 86 /* Slot and token management */ 87 88 /* C_GetSlotList obtains a list of slots in the system. */ 89 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetSlotList 90 ( 91 CK_BBOOL tokenPresent, /* only slots with tokens */ 92 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ 93 CK_ULONG_PTR pulCount /* receives number of slots */ 94 ); 95 96 97 /* C_GetSlotInfo obtains information about a particular slot in 98 * the system. 99 */ 100 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetSlotInfo 101 ( 102 CK_SLOT_ID slotID, /* the ID of the slot */ 103 CK_SLOT_INFO_PTR pInfo /* receives the slot information */ 104 ); 105 106 107 /* C_GetTokenInfo obtains information about a particular token 108 * in the system. 109 */ 110 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetTokenInfo 111 ( 112 CK_SLOT_ID slotID, /* ID of the token's slot */ 113 CK_TOKEN_INFO_PTR pInfo /* receives the token information */ 114 ); 115 116 117 /* C_GetMechanismList obtains a list of mechanism types 118 * supported by a token. 119 */ 120 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetMechanismList 121 ( 122 CK_SLOT_ID slotID, /* ID of token's slot */ 123 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ 124 CK_ULONG_PTR pulCount /* gets # of mechs. */ 125 ); 126 127 128 /* C_GetMechanismInfo obtains information about a particular 129 * mechanism possibly supported by a token. 130 */ 131 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetMechanismInfo 132 ( 133 CK_SLOT_ID slotID, /* ID of the token's slot */ 134 CK_MECHANISM_TYPE type, /* type of mechanism */ 135 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ 136 ); 137 138 139 /* C_InitToken initializes a token. */ 140 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_InitToken 141 ( 142 CK_SLOT_ID slotID, /* ID of the token's slot */ 143 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ 144 CK_ULONG ulPinLen, /* length in bytes of the PIN */ 145 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ 146 ); 147 148 149 /* C_InitPIN initializes the normal user's PIN. */ 150 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_InitPIN 151 ( 152 CK_SESSION_HANDLE hSession, /* the session's handle */ 153 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ 154 CK_ULONG ulPinLen /* length in bytes of the PIN */ 155 ); 156 157 158 /* C_SetPIN modifies the PIN of the user who is logged in. */ 159 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SetPIN 160 ( 161 CK_SESSION_HANDLE hSession, /* the session's handle */ 162 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ 163 CK_ULONG ulOldLen, /* length of the old PIN */ 164 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ 165 CK_ULONG ulNewLen /* length of the new PIN */ 166 ); 167 168 169 170 /* Session management */ 171 172 /* C_OpenSession opens a session between an application and a 173 * token. 174 */ 175 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_OpenSession 176 ( 177 CK_SLOT_ID slotID, /* the slot's ID */ 178 CK_FLAGS flags, /* from CK_SESSION_INFO */ 179 CK_VOID_PTR pApplication, /* passed to callback */ 180 CK_NOTIFY Notify, /* callback function */ 181 CK_SESSION_HANDLE_PTR phSession /* gets session handle */ 182 ); 183 184 185 /* C_CloseSession closes a session between an application and a 186 * token. 187 */ 188 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_CloseSession 189 ( 190 CK_SESSION_HANDLE hSession /* the session's handle */ 191 ); 192 193 194 /* C_CloseAllSessions closes all sessions with a token. */ 195 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_CloseAllSessions 196 ( 197 CK_SLOT_ID slotID /* the token's slot */ 198 ); 199 200 201 /* C_GetSessionInfo obtains information about the session. */ 202 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetSessionInfo 203 ( 204 CK_SESSION_HANDLE hSession, /* the session's handle */ 205 CK_SESSION_INFO_PTR pInfo /* receives session info */ 206 ); 207 208 209 /* C_GetOperationState obtains the state of the cryptographic operation 210 * in a session. 211 */ 212 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetOperationState 213 ( 214 CK_SESSION_HANDLE hSession, /* session's handle */ 215 CK_BYTE_PTR pOperationState, /* gets state */ 216 CK_ULONG_PTR pulOperationStateLen /* gets state length */ 217 ); 218 219 220 /* C_SetOperationState restores the state of the cryptographic 221 * operation in a session. 222 */ 223 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SetOperationState 224 ( 225 CK_SESSION_HANDLE hSession, /* session's handle */ 226 CK_BYTE_PTR pOperationState, /* holds state */ 227 CK_ULONG ulOperationStateLen, /* holds state length */ 228 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ 229 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ 230 ); 231 232 233 /* C_Login logs a user into a token. */ 234 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Login 235 ( 236 CK_SESSION_HANDLE hSession, /* the session's handle */ 237 CK_USER_TYPE userType, /* the user type */ 238 CK_UTF8CHAR_PTR pPin, /* the user's PIN */ 239 CK_ULONG ulPinLen /* the length of the PIN */ 240 ); 241 242 243 /* C_Logout logs a user out from a token. */ 244 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Logout 245 ( 246 CK_SESSION_HANDLE hSession /* the session's handle */ 247 ); 248 249 250 251 /* Object management */ 252 253 /* C_CreateObject creates a new object. */ 254 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_CreateObject 255 ( 256 CK_SESSION_HANDLE hSession, /* the session's handle */ 257 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ 258 CK_ULONG ulCount, /* attributes in template */ 259 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ 260 ); 261 262 263 /* C_CopyObject copies an object, creating a new object for the 264 * copy. 265 */ 266 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_CopyObject 267 ( 268 CK_SESSION_HANDLE hSession, /* the session's handle */ 269 CK_OBJECT_HANDLE hObject, /* the object's handle */ 270 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ 271 CK_ULONG ulCount, /* attributes in template */ 272 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ 273 ); 274 275 276 /* C_DestroyObject destroys an object. */ 277 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DestroyObject 278 ( 279 CK_SESSION_HANDLE hSession, /* the session's handle */ 280 CK_OBJECT_HANDLE hObject /* the object's handle */ 281 ); 282 283 284 /* C_GetObjectSize gets the size of an object in bytes. */ 285 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetObjectSize 286 ( 287 CK_SESSION_HANDLE hSession, /* the session's handle */ 288 CK_OBJECT_HANDLE hObject, /* the object's handle */ 289 CK_ULONG_PTR pulSize /* receives size of object */ 290 ); 291 292 293 /* C_GetAttributeValue obtains the value of one or more object 294 * attributes. 295 */ 296 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetAttributeValue 297 ( 298 CK_SESSION_HANDLE hSession, /* the session's handle */ 299 CK_OBJECT_HANDLE hObject, /* the object's handle */ 300 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ 301 CK_ULONG ulCount /* attributes in template */ 302 ); 303 304 305 /* C_SetAttributeValue modifies the value of one or more object 306 * attributes. 307 */ 308 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SetAttributeValue 309 ( 310 CK_SESSION_HANDLE hSession, /* the session's handle */ 311 CK_OBJECT_HANDLE hObject, /* the object's handle */ 312 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ 313 CK_ULONG ulCount /* attributes in template */ 314 ); 315 316 317 /* C_FindObjectsInit initializes a search for token and session 318 * objects that match a template. 319 */ 320 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_FindObjectsInit 321 ( 322 CK_SESSION_HANDLE hSession, /* the session's handle */ 323 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ 324 CK_ULONG ulCount /* attrs in search template */ 325 ); 326 327 328 /* C_FindObjects continues a search for token and session 329 * objects that match a template, obtaining additional object 330 * handles. 331 */ 332 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_FindObjects 333 ( 334 CK_SESSION_HANDLE hSession, /* session's handle */ 335 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ 336 CK_ULONG ulMaxObjectCount, /* max handles to get */ 337 CK_ULONG_PTR pulObjectCount /* actual # returned */ 338 ); 339 340 341 /* C_FindObjectsFinal finishes a search for token and session 342 * objects. 343 */ 344 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_FindObjectsFinal 345 ( 346 CK_SESSION_HANDLE hSession /* the session's handle */ 347 ); 348 349 350 351 /* Encryption and decryption */ 352 353 /* C_EncryptInit initializes an encryption operation. */ 354 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_EncryptInit 355 ( 356 CK_SESSION_HANDLE hSession, /* the session's handle */ 357 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ 358 CK_OBJECT_HANDLE hKey /* handle of encryption key */ 359 ); 360 361 362 /* C_Encrypt encrypts single-part data. */ 363 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Encrypt 364 ( 365 CK_SESSION_HANDLE hSession, /* session's handle */ 366 CK_BYTE_PTR pData, /* the plaintext data */ 367 CK_ULONG ulDataLen, /* bytes of plaintext */ 368 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ 369 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ 370 ); 371 372 373 /* C_EncryptUpdate continues a multiple-part encryption 374 * operation. 375 */ 376 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_EncryptUpdate 377 ( 378 CK_SESSION_HANDLE hSession, /* session's handle */ 379 CK_BYTE_PTR pPart, /* the plaintext data */ 380 CK_ULONG ulPartLen, /* plaintext data len */ 381 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 382 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ 383 ); 384 385 386 /* C_EncryptFinal finishes a multiple-part encryption 387 * operation. 388 */ 389 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_EncryptFinal 390 ( 391 CK_SESSION_HANDLE hSession, /* session handle */ 392 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ 393 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ 394 ); 395 396 397 /* C_DecryptInit initializes a decryption operation. */ 398 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DecryptInit 399 ( 400 CK_SESSION_HANDLE hSession, /* the session's handle */ 401 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ 402 CK_OBJECT_HANDLE hKey /* handle of decryption key */ 403 ); 404 405 406 /* C_Decrypt decrypts encrypted data in a single part. */ 407 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Decrypt 408 ( 409 CK_SESSION_HANDLE hSession, /* session's handle */ 410 CK_BYTE_PTR pEncryptedData, /* ciphertext */ 411 CK_ULONG ulEncryptedDataLen, /* ciphertext length */ 412 CK_BYTE_PTR pData, /* gets plaintext */ 413 CK_ULONG_PTR pulDataLen /* gets p-text size */ 414 ); 415 416 417 /* C_DecryptUpdate continues a multiple-part decryption 418 * operation. 419 */ 420 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DecryptUpdate 421 ( 422 CK_SESSION_HANDLE hSession, /* session's handle */ 423 CK_BYTE_PTR pEncryptedPart, /* encrypted data */ 424 CK_ULONG ulEncryptedPartLen, /* input length */ 425 CK_BYTE_PTR pPart, /* gets plaintext */ 426 CK_ULONG_PTR pulPartLen /* p-text size */ 427 ); 428 429 430 /* C_DecryptFinal finishes a multiple-part decryption 431 * operation. 432 */ 433 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DecryptFinal 434 ( 435 CK_SESSION_HANDLE hSession, /* the session's handle */ 436 CK_BYTE_PTR pLastPart, /* gets plaintext */ 437 CK_ULONG_PTR pulLastPartLen /* p-text size */ 438 ); 439 440 441 442 /* Message digesting */ 443 444 /* C_DigestInit initializes a message-digesting operation. */ 445 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DigestInit 446 ( 447 CK_SESSION_HANDLE hSession, /* the session's handle */ 448 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ 449 ); 450 451 452 /* C_Digest digests data in a single part. */ 453 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Digest 454 ( 455 CK_SESSION_HANDLE hSession, /* the session's handle */ 456 CK_BYTE_PTR pData, /* data to be digested */ 457 CK_ULONG ulDataLen, /* bytes of data to digest */ 458 CK_BYTE_PTR pDigest, /* gets the message digest */ 459 CK_ULONG_PTR pulDigestLen /* gets digest length */ 460 ); 461 462 463 /* C_DigestUpdate continues a multiple-part message-digesting 464 * operation. 465 */ 466 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DigestUpdate 467 ( 468 CK_SESSION_HANDLE hSession, /* the session's handle */ 469 CK_BYTE_PTR pPart, /* data to be digested */ 470 CK_ULONG ulPartLen /* bytes of data to be digested */ 471 ); 472 473 474 /* C_DigestKey continues a multi-part message-digesting 475 * operation, by digesting the value of a secret key as part of 476 * the data already digested. 477 */ 478 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DigestKey 479 ( 480 CK_SESSION_HANDLE hSession, /* the session's handle */ 481 CK_OBJECT_HANDLE hKey /* secret key to digest */ 482 ); 483 484 485 /* C_DigestFinal finishes a multiple-part message-digesting 486 * operation. 487 */ 488 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DigestFinal 489 ( 490 CK_SESSION_HANDLE hSession, /* the session's handle */ 491 CK_BYTE_PTR pDigest, /* gets the message digest */ 492 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ 493 ); 494 495 496 497 /* Signing and MACing */ 498 499 /* C_SignInit initializes a signature (private key encryption) 500 * operation, where the signature is (will be) an appendix to 501 * the data, and plaintext cannot be recovered from the 502 * signature. 503 */ 504 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SignInit 505 ( 506 CK_SESSION_HANDLE hSession, /* the session's handle */ 507 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 508 CK_OBJECT_HANDLE hKey /* handle of signature key */ 509 ); 510 511 512 /* C_Sign signs (encrypts with private key) data in a single 513 * part, where the signature is (will be) an appendix to the 514 * data, and plaintext cannot be recovered from the signature. 515 */ 516 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Sign 517 ( 518 CK_SESSION_HANDLE hSession, /* the session's handle */ 519 CK_BYTE_PTR pData, /* the data to sign */ 520 CK_ULONG ulDataLen, /* count of bytes to sign */ 521 CK_BYTE_PTR pSignature, /* gets the signature */ 522 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 523 ); 524 525 526 /* C_SignUpdate continues a multiple-part signature operation, 527 * where the signature is (will be) an appendix to the data, 528 * and plaintext cannot be recovered from the signature. 529 */ 530 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SignUpdate 531 ( 532 CK_SESSION_HANDLE hSession, /* the session's handle */ 533 CK_BYTE_PTR pPart, /* the data to sign */ 534 CK_ULONG ulPartLen /* count of bytes to sign */ 535 ); 536 537 538 /* C_SignFinal finishes a multiple-part signature operation, 539 * returning the signature. 540 */ 541 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SignFinal 542 ( 543 CK_SESSION_HANDLE hSession, /* the session's handle */ 544 CK_BYTE_PTR pSignature, /* gets the signature */ 545 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 546 ); 547 548 549 /* C_SignRecoverInit initializes a signature operation, where 550 * the data can be recovered from the signature. 551 */ 552 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SignRecoverInit 553 ( 554 CK_SESSION_HANDLE hSession, /* the session's handle */ 555 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 556 CK_OBJECT_HANDLE hKey /* handle of the signature key */ 557 ); 558 559 560 /* C_SignRecover signs data in a single operation, where the 561 * data can be recovered from the signature. 562 */ 563 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SignRecover 564 ( 565 CK_SESSION_HANDLE hSession, /* the session's handle */ 566 CK_BYTE_PTR pData, /* the data to sign */ 567 CK_ULONG ulDataLen, /* count of bytes to sign */ 568 CK_BYTE_PTR pSignature, /* gets the signature */ 569 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 570 ); 571 572 573 574 /* Verifying signatures and MACs */ 575 576 /* C_VerifyInit initializes a verification operation, where the 577 * signature is an appendix to the data, and plaintext cannot 578 * cannot be recovered from the signature (e.g. DSA). 579 */ 580 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_VerifyInit 581 ( 582 CK_SESSION_HANDLE hSession, /* the session's handle */ 583 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 584 CK_OBJECT_HANDLE hKey /* verification key */ 585 ); 586 587 588 /* C_Verify verifies a signature in a single-part operation, 589 * where the signature is an appendix to the data, and plaintext 590 * cannot be recovered from the signature. 591 */ 592 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_Verify 593 ( 594 CK_SESSION_HANDLE hSession, /* the session's handle */ 595 CK_BYTE_PTR pData, /* signed data */ 596 CK_ULONG ulDataLen, /* length of signed data */ 597 CK_BYTE_PTR pSignature, /* signature */ 598 CK_ULONG ulSignatureLen /* signature length*/ 599 ); 600 601 602 /* C_VerifyUpdate continues a multiple-part verification 603 * operation, where the signature is an appendix to the data, 604 * and plaintext cannot be recovered from the signature. 605 */ 606 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_VerifyUpdate 607 ( 608 CK_SESSION_HANDLE hSession, /* the session's handle */ 609 CK_BYTE_PTR pPart, /* signed data */ 610 CK_ULONG ulPartLen /* length of signed data */ 611 ); 612 613 614 /* C_VerifyFinal finishes a multiple-part verification 615 * operation, checking the signature. 616 */ 617 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_VerifyFinal 618 ( 619 CK_SESSION_HANDLE hSession, /* the session's handle */ 620 CK_BYTE_PTR pSignature, /* signature to verify */ 621 CK_ULONG ulSignatureLen /* signature length */ 622 ); 623 624 625 /* C_VerifyRecoverInit initializes a signature verification 626 * operation, where the data is recovered from the signature. 627 */ 628 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_VerifyRecoverInit 629 ( 630 CK_SESSION_HANDLE hSession, /* the session's handle */ 631 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 632 CK_OBJECT_HANDLE hKey /* verification key */ 633 ); 634 635 636 /* C_VerifyRecover verifies a signature in a single-part 637 * operation, where the data is recovered from the signature. 638 */ 639 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_VerifyRecover 640 ( 641 CK_SESSION_HANDLE hSession, /* the session's handle */ 642 CK_BYTE_PTR pSignature, /* signature to verify */ 643 CK_ULONG ulSignatureLen, /* signature length */ 644 CK_BYTE_PTR pData, /* gets signed data */ 645 CK_ULONG_PTR pulDataLen /* gets signed data len */ 646 ); 647 648 649 650 /* Dual-function cryptographic operations */ 651 652 /* C_DigestEncryptUpdate continues a multiple-part digesting 653 * and encryption operation. 654 */ 655 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DigestEncryptUpdate 656 ( 657 CK_SESSION_HANDLE hSession, /* session's handle */ 658 CK_BYTE_PTR pPart, /* the plaintext data */ 659 CK_ULONG ulPartLen, /* plaintext length */ 660 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 661 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 662 ); 663 664 665 /* C_DecryptDigestUpdate continues a multiple-part decryption and 666 * digesting operation. 667 */ 668 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DecryptDigestUpdate 669 ( 670 CK_SESSION_HANDLE hSession, /* session's handle */ 671 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 672 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 673 CK_BYTE_PTR pPart, /* gets plaintext */ 674 CK_ULONG_PTR pulPartLen /* gets plaintext len */ 675 ); 676 677 678 /* C_SignEncryptUpdate continues a multiple-part signing and 679 * encryption operation. 680 */ 681 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SignEncryptUpdate 682 ( 683 CK_SESSION_HANDLE hSession, /* session's handle */ 684 CK_BYTE_PTR pPart, /* the plaintext data */ 685 CK_ULONG ulPartLen, /* plaintext length */ 686 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 687 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 688 ); 689 690 691 /* C_DecryptVerifyUpdate continues a multiple-part decryption and 692 * verify operation. 693 */ 694 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DecryptVerifyUpdate 695 ( 696 CK_SESSION_HANDLE hSession, /* session's handle */ 697 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 698 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 699 CK_BYTE_PTR pPart, /* gets plaintext */ 700 CK_ULONG_PTR pulPartLen /* gets p-text length */ 701 ); 702 703 704 705 /* Key management */ 706 707 /* C_GenerateKey generates a secret key, creating a new key 708 * object. 709 */ 710 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GenerateKey 711 ( 712 CK_SESSION_HANDLE hSession, /* the session's handle */ 713 CK_MECHANISM_PTR pMechanism, /* key generation mech. */ 714 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ 715 CK_ULONG ulCount, /* # of attrs in template */ 716 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ 717 ); 718 719 720 /* C_GenerateKeyPair generates a public-key/private-key pair, 721 * creating new key objects. 722 */ 723 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GenerateKeyPair 724 ( 725 CK_SESSION_HANDLE hSession, /* session handle */ 726 CK_MECHANISM_PTR pMechanism, /* key-gen mech. */ 727 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */ 728 CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */ 729 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */ 730 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */ 731 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */ 732 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */ 733 ); 734 735 736 /* C_WrapKey wraps (i.e., encrypts) a key. */ 737 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_WrapKey 738 ( 739 CK_SESSION_HANDLE hSession, /* the session's handle */ 740 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ 741 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ 742 CK_OBJECT_HANDLE hKey, /* key to be wrapped */ 743 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ 744 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ 745 ); 746 747 748 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 749 * key object. 750 */ 751 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_UnwrapKey 752 ( 753 CK_SESSION_HANDLE hSession, /* session's handle */ 754 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ 755 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ 756 CK_BYTE_PTR pWrappedKey, /* the wrapped key */ 757 CK_ULONG ulWrappedKeyLen, /* wrapped key len */ 758 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 759 CK_ULONG ulAttributeCount, /* template length */ 760 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 761 ); 762 763 764 /* C_DeriveKey derives a key from a base key, creating a new key 765 * object. 766 */ 767 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_DeriveKey 768 ( 769 CK_SESSION_HANDLE hSession, /* session's handle */ 770 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ 771 CK_OBJECT_HANDLE hBaseKey, /* base key */ 772 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 773 CK_ULONG ulAttributeCount, /* template length */ 774 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 775 ); 776 777 778 779 /* Random number generation */ 780 781 /* C_SeedRandom mixes additional seed material into the token's 782 * random number generator. 783 */ 784 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_SeedRandom 785 ( 786 CK_SESSION_HANDLE hSession, /* the session's handle */ 787 CK_BYTE_PTR pSeed, /* the seed material */ 788 CK_ULONG ulSeedLen /* length of seed material */ 789 ); 790 791 792 /* C_GenerateRandom generates random data. */ 793 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GenerateRandom 794 ( 795 CK_SESSION_HANDLE hSession, /* the session's handle */ 796 CK_BYTE_PTR RandomData, /* receives the random data */ 797 CK_ULONG ulRandomLen /* # of bytes to generate */ 798 ); 799 800 801 802 /* Parallel function management */ 803 804 /* C_GetFunctionStatus is a legacy function; it obtains an 805 * updated status of a function running in parallel with an 806 * application. 807 */ 808 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_GetFunctionStatus 809 ( 810 CK_SESSION_HANDLE hSession /* the session's handle */ 811 ); 812 813 814 /* C_CancelFunction is a legacy function; it cancels a function 815 * running in parallel. 816 */ 817 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_CancelFunction 818 ( 819 CK_SESSION_HANDLE hSession /* the session's handle */ 820 ); 821 822 823 /* C_WaitForSlotEvent waits for a slot event (token insertion, 824 * removal, etc.) to occur. 825 */ 826 extern CK_RV /*CK_DECLARE_FUNCTION*/ C_WaitForSlotEvent 827 ( 828 CK_FLAGS flags, /* blocking/nonblocking flag */ 829 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ 830 CK_VOID_PTR pRserved /* reserved. Should be null */ 831 ); 832 833 } // not version(PKCS11_DYNAMIC_BINDING) 834 835 /* ============================================================== 836 * Define the typedef form of all the entry points. That is, for 837 * each Cryptoki function C_XXX, define a type CK_C_XXX which is 838 * a pointer to that kind of function. 839 * ============================================================== 840 */ 841 842 843 /* General-purpose */ 844 845 /* C_Initialize initializes the Cryptoki library. */ 846 alias CK_C_Initialize = CK_RV function 847 ( 848 CK_VOID_PTR pInitArgs /* if this is not null, it gets 849 * cast to CK_C_INITIALIZE_ARGS_PTR 850 * and dereferenced 851 */ 852 ); 853 854 855 /* C_Finalize indicates that an application is done with the 856 * Cryptoki library. 857 */ 858 alias CK_C_Finalize = CK_RV function 859 ( 860 CK_VOID_PTR pReserved /* reserved. Should be null */ 861 ); 862 863 864 /* C_GetInfo returns general information about Cryptoki. */ 865 alias CK_C_GetInfo = CK_RV function 866 ( 867 CK_INFO_PTR pInfo /* location that receives information */ 868 ); 869 870 871 /* C_GetFunctionList returns the function list. */ 872 alias CK_C_GetFunctionList = CK_RV function 873 ( 874 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to 875 * function list 876 */ 877 ); 878 879 880 881 /* Slot and token management */ 882 883 /* C_GetSlotList obtains a list of slots in the system. */ 884 alias CK_C_GetSlotList = CK_RV function 885 ( 886 CK_BBOOL tokenPresent, /* only slots with tokens */ 887 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ 888 CK_ULONG_PTR pulCount /* receives number of slots */ 889 ); 890 891 892 /* C_GetSlotInfo obtains information about a particular slot in 893 * the system. 894 */ 895 alias CK_C_GetSlotInfo = CK_RV function 896 ( 897 CK_SLOT_ID slotID, /* the ID of the slot */ 898 CK_SLOT_INFO_PTR pInfo /* receives the slot information */ 899 ); 900 901 902 /* C_GetTokenInfo obtains information about a particular token 903 * in the system. 904 */ 905 alias CK_C_GetTokenInfo = CK_RV function 906 ( 907 CK_SLOT_ID slotID, /* ID of the token's slot */ 908 CK_TOKEN_INFO_PTR pInfo /* receives the token information */ 909 ); 910 911 912 /* C_GetMechanismList obtains a list of mechanism types 913 * supported by a token. 914 */ 915 alias CK_C_GetMechanismList = CK_RV function 916 ( 917 CK_SLOT_ID slotID, /* ID of token's slot */ 918 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ 919 CK_ULONG_PTR pulCount /* gets # of mechs. */ 920 ); 921 922 923 /* C_GetMechanismInfo obtains information about a particular 924 * mechanism possibly supported by a token. 925 */ 926 alias CK_C_GetMechanismInfo = CK_RV function 927 ( 928 CK_SLOT_ID slotID, /* ID of the token's slot */ 929 CK_MECHANISM_TYPE type, /* type of mechanism */ 930 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ 931 ); 932 933 934 /* C_InitToken initializes a token. */ 935 alias CK_C_InitToken = CK_RV function 936 ( 937 CK_SLOT_ID slotID, /* ID of the token's slot */ 938 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ 939 CK_ULONG ulPinLen, /* length in bytes of the PIN */ 940 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ 941 ); 942 943 944 /* C_InitPIN initializes the normal user's PIN. */ 945 alias CK_C_InitPIN = CK_RV function 946 ( 947 CK_SESSION_HANDLE hSession, /* the session's handle */ 948 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ 949 CK_ULONG ulPinLen /* length in bytes of the PIN */ 950 ); 951 952 953 /* C_SetPIN modifies the PIN of the user who is logged in. */ 954 alias CK_C_SetPIN = CK_RV function 955 ( 956 CK_SESSION_HANDLE hSession, /* the session's handle */ 957 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ 958 CK_ULONG ulOldLen, /* length of the old PIN */ 959 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ 960 CK_ULONG ulNewLen /* length of the new PIN */ 961 ); 962 963 964 965 /* Session management */ 966 967 /* C_OpenSession opens a session between an application and a 968 * token. 969 */ 970 alias CK_C_OpenSession = CK_RV function 971 ( 972 CK_SLOT_ID slotID, /* the slot's ID */ 973 CK_FLAGS flags, /* from CK_SESSION_INFO */ 974 CK_VOID_PTR pApplication, /* passed to callback */ 975 CK_NOTIFY Notify, /* callback function */ 976 CK_SESSION_HANDLE_PTR phSession /* gets session handle */ 977 ); 978 979 980 /* C_CloseSession closes a session between an application and a 981 * token. 982 */ 983 alias CK_C_CloseSession = CK_RV function 984 ( 985 CK_SESSION_HANDLE hSession /* the session's handle */ 986 ); 987 988 989 /* C_CloseAllSessions closes all sessions with a token. */ 990 alias CK_C_CloseAllSessions = CK_RV function 991 ( 992 CK_SLOT_ID slotID /* the token's slot */ 993 ); 994 995 996 /* C_GetSessionInfo obtains information about the session. */ 997 alias CK_C_GetSessionInfo = CK_RV function 998 ( 999 CK_SESSION_HANDLE hSession, /* the session's handle */ 1000 CK_SESSION_INFO_PTR pInfo /* receives session info */ 1001 ); 1002 1003 1004 /* C_GetOperationState obtains the state of the cryptographic operation 1005 * in a session. 1006 */ 1007 alias CK_C_GetOperationState = CK_RV function 1008 ( 1009 CK_SESSION_HANDLE hSession, /* session's handle */ 1010 CK_BYTE_PTR pOperationState, /* gets state */ 1011 CK_ULONG_PTR pulOperationStateLen /* gets state length */ 1012 ); 1013 1014 1015 /* C_SetOperationState restores the state of the cryptographic 1016 * operation in a session. 1017 */ 1018 alias CK_C_SetOperationState = CK_RV function 1019 ( 1020 CK_SESSION_HANDLE hSession, /* session's handle */ 1021 CK_BYTE_PTR pOperationState, /* holds state */ 1022 CK_ULONG ulOperationStateLen, /* holds state length */ 1023 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ 1024 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ 1025 ); 1026 1027 1028 /* C_Login logs a user into a token. */ 1029 alias CK_C_Login = CK_RV function 1030 ( 1031 CK_SESSION_HANDLE hSession, /* the session's handle */ 1032 CK_USER_TYPE userType, /* the user type */ 1033 CK_UTF8CHAR_PTR pPin, /* the user's PIN */ 1034 CK_ULONG ulPinLen /* the length of the PIN */ 1035 ); 1036 1037 1038 /* C_Logout logs a user out from a token. */ 1039 alias CK_C_Logout = CK_RV function 1040 ( 1041 CK_SESSION_HANDLE hSession /* the session's handle */ 1042 ); 1043 1044 1045 1046 /* Object management */ 1047 1048 /* C_CreateObject creates a new object. */ 1049 alias CK_C_CreateObject = CK_RV function 1050 ( 1051 CK_SESSION_HANDLE hSession, /* the session's handle */ 1052 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ 1053 CK_ULONG ulCount, /* attributes in template */ 1054 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ 1055 ); 1056 1057 1058 /* C_CopyObject copies an object, creating a new object for the 1059 * copy. 1060 */ 1061 alias CK_C_CopyObject = CK_RV function 1062 ( 1063 CK_SESSION_HANDLE hSession, /* the session's handle */ 1064 CK_OBJECT_HANDLE hObject, /* the object's handle */ 1065 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ 1066 CK_ULONG ulCount, /* attributes in template */ 1067 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ 1068 ); 1069 1070 1071 /* C_DestroyObject destroys an object. */ 1072 alias CK_C_DestroyObject = CK_RV function 1073 ( 1074 CK_SESSION_HANDLE hSession, /* the session's handle */ 1075 CK_OBJECT_HANDLE hObject /* the object's handle */ 1076 ); 1077 1078 1079 /* C_GetObjectSize gets the size of an object in bytes. */ 1080 alias CK_C_GetObjectSize = CK_RV function 1081 ( 1082 CK_SESSION_HANDLE hSession, /* the session's handle */ 1083 CK_OBJECT_HANDLE hObject, /* the object's handle */ 1084 CK_ULONG_PTR pulSize /* receives size of object */ 1085 ); 1086 1087 1088 /* C_GetAttributeValue obtains the value of one or more object 1089 * attributes. 1090 */ 1091 alias CK_C_GetAttributeValue = CK_RV function 1092 ( 1093 CK_SESSION_HANDLE hSession, /* the session's handle */ 1094 CK_OBJECT_HANDLE hObject, /* the object's handle */ 1095 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ 1096 CK_ULONG ulCount /* attributes in template */ 1097 ); 1098 1099 1100 /* C_SetAttributeValue modifies the value of one or more object 1101 * attributes. 1102 */ 1103 alias CK_C_SetAttributeValue = CK_RV function 1104 ( 1105 CK_SESSION_HANDLE hSession, /* the session's handle */ 1106 CK_OBJECT_HANDLE hObject, /* the object's handle */ 1107 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ 1108 CK_ULONG ulCount /* attributes in template */ 1109 ); 1110 1111 1112 /* C_FindObjectsInit initializes a search for token and session 1113 * objects that match a template. 1114 */ 1115 alias CK_C_FindObjectsInit = CK_RV function 1116 ( 1117 CK_SESSION_HANDLE hSession, /* the session's handle */ 1118 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ 1119 CK_ULONG ulCount /* attrs in search template */ 1120 ); 1121 1122 1123 /* C_FindObjects continues a search for token and session 1124 * objects that match a template, obtaining additional object 1125 * handles. 1126 */ 1127 alias CK_C_FindObjects = CK_RV function 1128 ( 1129 CK_SESSION_HANDLE hSession, /* session's handle */ 1130 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ 1131 CK_ULONG ulMaxObjectCount, /* max handles to get */ 1132 CK_ULONG_PTR pulObjectCount /* actual # returned */ 1133 ); 1134 1135 1136 /* C_FindObjectsFinal finishes a search for token and session 1137 * objects. 1138 */ 1139 alias CK_C_FindObjectsFinal = CK_RV function 1140 ( 1141 CK_SESSION_HANDLE hSession /* the session's handle */ 1142 ); 1143 1144 1145 1146 /* Encryption and decryption */ 1147 1148 /* C_EncryptInit initializes an encryption operation. */ 1149 alias CK_C_EncryptInit = CK_RV function 1150 ( 1151 CK_SESSION_HANDLE hSession, /* the session's handle */ 1152 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ 1153 CK_OBJECT_HANDLE hKey /* handle of encryption key */ 1154 ); 1155 1156 1157 /* C_Encrypt encrypts single-part data. */ 1158 alias CK_C_Encrypt = CK_RV function 1159 ( 1160 CK_SESSION_HANDLE hSession, /* session's handle */ 1161 CK_BYTE_PTR pData, /* the plaintext data */ 1162 CK_ULONG ulDataLen, /* bytes of plaintext */ 1163 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ 1164 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ 1165 ); 1166 1167 1168 /* C_EncryptUpdate continues a multiple-part encryption 1169 * operation. 1170 */ 1171 alias CK_C_EncryptUpdate = CK_RV function 1172 ( 1173 CK_SESSION_HANDLE hSession, /* session's handle */ 1174 CK_BYTE_PTR pPart, /* the plaintext data */ 1175 CK_ULONG ulPartLen, /* plaintext data len */ 1176 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 1177 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ 1178 ); 1179 1180 1181 /* C_EncryptFinal finishes a multiple-part encryption 1182 * operation. 1183 */ 1184 alias CK_C_EncryptFinal = CK_RV function 1185 ( 1186 CK_SESSION_HANDLE hSession, /* session handle */ 1187 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ 1188 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ 1189 ); 1190 1191 1192 /* C_DecryptInit initializes a decryption operation. */ 1193 alias CK_C_DecryptInit = CK_RV function 1194 ( 1195 CK_SESSION_HANDLE hSession, /* the session's handle */ 1196 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ 1197 CK_OBJECT_HANDLE hKey /* handle of decryption key */ 1198 ); 1199 1200 1201 /* C_Decrypt decrypts encrypted data in a single part. */ 1202 alias CK_C_Decrypt = CK_RV function 1203 ( 1204 CK_SESSION_HANDLE hSession, /* session's handle */ 1205 CK_BYTE_PTR pEncryptedData, /* ciphertext */ 1206 CK_ULONG ulEncryptedDataLen, /* ciphertext length */ 1207 CK_BYTE_PTR pData, /* gets plaintext */ 1208 CK_ULONG_PTR pulDataLen /* gets p-text size */ 1209 ); 1210 1211 1212 /* C_DecryptUpdate continues a multiple-part decryption 1213 * operation. 1214 */ 1215 alias CK_C_DecryptUpdate = CK_RV function 1216 ( 1217 CK_SESSION_HANDLE hSession, /* session's handle */ 1218 CK_BYTE_PTR pEncryptedPart, /* encrypted data */ 1219 CK_ULONG ulEncryptedPartLen, /* input length */ 1220 CK_BYTE_PTR pPart, /* gets plaintext */ 1221 CK_ULONG_PTR pulPartLen /* p-text size */ 1222 ); 1223 1224 1225 /* C_DecryptFinal finishes a multiple-part decryption 1226 * operation. 1227 */ 1228 alias CK_C_DecryptFinal = CK_RV function 1229 ( 1230 CK_SESSION_HANDLE hSession, /* the session's handle */ 1231 CK_BYTE_PTR pLastPart, /* gets plaintext */ 1232 CK_ULONG_PTR pulLastPartLen /* p-text size */ 1233 ); 1234 1235 1236 1237 /* Message digesting */ 1238 1239 /* C_DigestInit initializes a message-digesting operation. */ 1240 alias CK_C_DigestInit = CK_RV function 1241 ( 1242 CK_SESSION_HANDLE hSession, /* the session's handle */ 1243 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ 1244 ); 1245 1246 1247 /* C_Digest digests data in a single part. */ 1248 alias CK_C_Digest = CK_RV function 1249 ( 1250 CK_SESSION_HANDLE hSession, /* the session's handle */ 1251 CK_BYTE_PTR pData, /* data to be digested */ 1252 CK_ULONG ulDataLen, /* bytes of data to digest */ 1253 CK_BYTE_PTR pDigest, /* gets the message digest */ 1254 CK_ULONG_PTR pulDigestLen /* gets digest length */ 1255 ); 1256 1257 1258 /* C_DigestUpdate continues a multiple-part message-digesting 1259 * operation. 1260 */ 1261 alias CK_C_DigestUpdate = CK_RV function 1262 ( 1263 CK_SESSION_HANDLE hSession, /* the session's handle */ 1264 CK_BYTE_PTR pPart, /* data to be digested */ 1265 CK_ULONG ulPartLen /* bytes of data to be digested */ 1266 ); 1267 1268 1269 /* C_DigestKey continues a multi-part message-digesting 1270 * operation, by digesting the value of a secret key as part of 1271 * the data already digested. 1272 */ 1273 alias CK_C_DigestKey = CK_RV function 1274 ( 1275 CK_SESSION_HANDLE hSession, /* the session's handle */ 1276 CK_OBJECT_HANDLE hKey /* secret key to digest */ 1277 ); 1278 1279 1280 /* C_DigestFinal finishes a multiple-part message-digesting 1281 * operation. 1282 */ 1283 alias CK_C_DigestFinal = CK_RV function 1284 ( 1285 CK_SESSION_HANDLE hSession, /* the session's handle */ 1286 CK_BYTE_PTR pDigest, /* gets the message digest */ 1287 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ 1288 ); 1289 1290 1291 1292 /* Signing and MACing */ 1293 1294 /* C_SignInit initializes a signature (private key encryption) 1295 * operation, where the signature is (will be) an appendix to 1296 * the data, and plaintext cannot be recovered from the 1297 * signature. 1298 */ 1299 alias CK_C_SignInit = CK_RV function 1300 ( 1301 CK_SESSION_HANDLE hSession, /* the session's handle */ 1302 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 1303 CK_OBJECT_HANDLE hKey /* handle of signature key */ 1304 ); 1305 1306 1307 /* C_Sign signs (encrypts with private key) data in a single 1308 * part, where the signature is (will be) an appendix to the 1309 * data, and plaintext cannot be recovered from the signature. 1310 */ 1311 alias CK_C_Sign = CK_RV function 1312 ( 1313 CK_SESSION_HANDLE hSession, /* the session's handle */ 1314 CK_BYTE_PTR pData, /* the data to sign */ 1315 CK_ULONG ulDataLen, /* count of bytes to sign */ 1316 CK_BYTE_PTR pSignature, /* gets the signature */ 1317 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 1318 ); 1319 1320 1321 /* C_SignUpdate continues a multiple-part signature operation, 1322 * where the signature is (will be) an appendix to the data, 1323 * and plaintext cannot be recovered from the signature. 1324 */ 1325 alias CK_C_SignUpdate = CK_RV function 1326 ( 1327 CK_SESSION_HANDLE hSession, /* the session's handle */ 1328 CK_BYTE_PTR pPart, /* the data to sign */ 1329 CK_ULONG ulPartLen /* count of bytes to sign */ 1330 ); 1331 1332 1333 /* C_SignFinal finishes a multiple-part signature operation, 1334 * returning the signature. 1335 */ 1336 alias CK_C_SignFinal = CK_RV function 1337 ( 1338 CK_SESSION_HANDLE hSession, /* the session's handle */ 1339 CK_BYTE_PTR pSignature, /* gets the signature */ 1340 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 1341 ); 1342 1343 1344 /* C_SignRecoverInit initializes a signature operation, where 1345 * the data can be recovered from the signature. 1346 */ 1347 alias CK_C_SignRecoverInit = CK_RV function 1348 ( 1349 CK_SESSION_HANDLE hSession, /* the session's handle */ 1350 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 1351 CK_OBJECT_HANDLE hKey /* handle of the signature key */ 1352 ); 1353 1354 1355 /* C_SignRecover signs data in a single operation, where the 1356 * data can be recovered from the signature. 1357 */ 1358 alias CK_C_SignRecover = CK_RV function 1359 ( 1360 CK_SESSION_HANDLE hSession, /* the session's handle */ 1361 CK_BYTE_PTR pData, /* the data to sign */ 1362 CK_ULONG ulDataLen, /* count of bytes to sign */ 1363 CK_BYTE_PTR pSignature, /* gets the signature */ 1364 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 1365 ); 1366 1367 1368 1369 /* Verifying signatures and MACs */ 1370 1371 /* C_VerifyInit initializes a verification operation, where the 1372 * signature is an appendix to the data, and plaintext cannot 1373 * cannot be recovered from the signature (e.g. DSA). 1374 */ 1375 alias CK_C_VerifyInit = CK_RV function 1376 ( 1377 CK_SESSION_HANDLE hSession, /* the session's handle */ 1378 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 1379 CK_OBJECT_HANDLE hKey /* verification key */ 1380 ); 1381 1382 1383 /* C_Verify verifies a signature in a single-part operation, 1384 * where the signature is an appendix to the data, and plaintext 1385 * cannot be recovered from the signature. 1386 */ 1387 alias CK_C_Verify = CK_RV function 1388 ( 1389 CK_SESSION_HANDLE hSession, /* the session's handle */ 1390 CK_BYTE_PTR pData, /* signed data */ 1391 CK_ULONG ulDataLen, /* length of signed data */ 1392 CK_BYTE_PTR pSignature, /* signature */ 1393 CK_ULONG ulSignatureLen /* signature length*/ 1394 ); 1395 1396 1397 /* C_VerifyUpdate continues a multiple-part verification 1398 * operation, where the signature is an appendix to the data, 1399 * and plaintext cannot be recovered from the signature. 1400 */ 1401 alias CK_C_VerifyUpdate = CK_RV function 1402 ( 1403 CK_SESSION_HANDLE hSession, /* the session's handle */ 1404 CK_BYTE_PTR pPart, /* signed data */ 1405 CK_ULONG ulPartLen /* length of signed data */ 1406 ); 1407 1408 1409 /* C_VerifyFinal finishes a multiple-part verification 1410 * operation, checking the signature. 1411 */ 1412 alias CK_C_VerifyFinal = CK_RV function 1413 ( 1414 CK_SESSION_HANDLE hSession, /* the session's handle */ 1415 CK_BYTE_PTR pSignature, /* signature to verify */ 1416 CK_ULONG ulSignatureLen /* signature length */ 1417 ); 1418 1419 1420 /* C_VerifyRecoverInit initializes a signature verification 1421 * operation, where the data is recovered from the signature. 1422 */ 1423 alias CK_C_VerifyRecoverInit = CK_RV function 1424 ( 1425 CK_SESSION_HANDLE hSession, /* the session's handle */ 1426 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 1427 CK_OBJECT_HANDLE hKey /* verification key */ 1428 ); 1429 1430 1431 /* C_VerifyRecover verifies a signature in a single-part 1432 * operation, where the data is recovered from the signature. 1433 */ 1434 alias CK_C_VerifyRecover = CK_RV function 1435 ( 1436 CK_SESSION_HANDLE hSession, /* the session's handle */ 1437 CK_BYTE_PTR pSignature, /* signature to verify */ 1438 CK_ULONG ulSignatureLen, /* signature length */ 1439 CK_BYTE_PTR pData, /* gets signed data */ 1440 CK_ULONG_PTR pulDataLen /* gets signed data len */ 1441 ); 1442 1443 1444 1445 /* Dual-function cryptographic operations */ 1446 1447 /* C_DigestEncryptUpdate continues a multiple-part digesting 1448 * and encryption operation. 1449 */ 1450 alias CK_C_DigestEncryptUpdate = CK_RV function 1451 ( 1452 CK_SESSION_HANDLE hSession, /* session's handle */ 1453 CK_BYTE_PTR pPart, /* the plaintext data */ 1454 CK_ULONG ulPartLen, /* plaintext length */ 1455 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 1456 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 1457 ); 1458 1459 1460 /* C_DecryptDigestUpdate continues a multiple-part decryption and 1461 * digesting operation. 1462 */ 1463 alias CK_C_DecryptDigestUpdate = CK_RV function 1464 ( 1465 CK_SESSION_HANDLE hSession, /* session's handle */ 1466 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 1467 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 1468 CK_BYTE_PTR pPart, /* gets plaintext */ 1469 CK_ULONG_PTR pulPartLen /* gets plaintext len */ 1470 ); 1471 1472 1473 /* C_SignEncryptUpdate continues a multiple-part signing and 1474 * encryption operation. 1475 */ 1476 alias CK_C_SignEncryptUpdate = CK_RV function 1477 ( 1478 CK_SESSION_HANDLE hSession, /* session's handle */ 1479 CK_BYTE_PTR pPart, /* the plaintext data */ 1480 CK_ULONG ulPartLen, /* plaintext length */ 1481 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 1482 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 1483 ); 1484 1485 1486 /* C_DecryptVerifyUpdate continues a multiple-part decryption and 1487 * verify operation. 1488 */ 1489 alias CK_C_DecryptVerifyUpdate = CK_RV function 1490 ( 1491 CK_SESSION_HANDLE hSession, /* session's handle */ 1492 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 1493 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 1494 CK_BYTE_PTR pPart, /* gets plaintext */ 1495 CK_ULONG_PTR pulPartLen /* gets p-text length */ 1496 ); 1497 1498 1499 1500 /* Key management */ 1501 1502 /* C_GenerateKey generates a secret key, creating a new key 1503 * object. 1504 */ 1505 alias CK_C_GenerateKey = CK_RV function 1506 ( 1507 CK_SESSION_HANDLE hSession, /* the session's handle */ 1508 CK_MECHANISM_PTR pMechanism, /* key generation mech. */ 1509 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ 1510 CK_ULONG ulCount, /* # of attrs in template */ 1511 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ 1512 ); 1513 1514 1515 /* C_GenerateKeyPair generates a public-key/private-key pair, 1516 * creating new key objects. 1517 */ 1518 alias CK_C_GenerateKeyPair = CK_RV function 1519 ( 1520 CK_SESSION_HANDLE hSession, /* session handle */ 1521 CK_MECHANISM_PTR pMechanism, /* key-gen mech. */ 1522 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */ 1523 CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */ 1524 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */ 1525 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */ 1526 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */ 1527 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */ 1528 ); 1529 1530 1531 /* C_WrapKey wraps (i.e., encrypts) a key. */ 1532 alias CK_C_WrapKey = CK_RV function 1533 ( 1534 CK_SESSION_HANDLE hSession, /* the session's handle */ 1535 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ 1536 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ 1537 CK_OBJECT_HANDLE hKey, /* key to be wrapped */ 1538 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ 1539 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ 1540 ); 1541 1542 1543 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 1544 * key object. 1545 */ 1546 alias CK_C_UnwrapKey = CK_RV function 1547 ( 1548 CK_SESSION_HANDLE hSession, /* session's handle */ 1549 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ 1550 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ 1551 CK_BYTE_PTR pWrappedKey, /* the wrapped key */ 1552 CK_ULONG ulWrappedKeyLen, /* wrapped key len */ 1553 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 1554 CK_ULONG ulAttributeCount, /* template length */ 1555 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 1556 ); 1557 1558 1559 /* C_DeriveKey derives a key from a base key, creating a new key 1560 * object. 1561 */ 1562 alias CK_C_DeriveKey = CK_RV function 1563 ( 1564 CK_SESSION_HANDLE hSession, /* session's handle */ 1565 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ 1566 CK_OBJECT_HANDLE hBaseKey, /* base key */ 1567 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 1568 CK_ULONG ulAttributeCount, /* template length */ 1569 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 1570 ); 1571 1572 1573 1574 /* Random number generation */ 1575 1576 /* C_SeedRandom mixes additional seed material into the token's 1577 * random number generator. 1578 */ 1579 alias CK_C_SeedRandom = CK_RV function 1580 ( 1581 CK_SESSION_HANDLE hSession, /* the session's handle */ 1582 CK_BYTE_PTR pSeed, /* the seed material */ 1583 CK_ULONG ulSeedLen /* length of seed material */ 1584 ); 1585 1586 1587 /* C_GenerateRandom generates random data. */ 1588 alias CK_C_GenerateRandom = CK_RV function 1589 ( 1590 CK_SESSION_HANDLE hSession, /* the session's handle */ 1591 CK_BYTE_PTR RandomData, /* receives the random data */ 1592 CK_ULONG ulRandomLen /* # of bytes to generate */ 1593 ); 1594 1595 1596 1597 /* Parallel function management */ 1598 1599 /* C_GetFunctionStatus is a legacy function; it obtains an 1600 * updated status of a function running in parallel with an 1601 * application. 1602 */ 1603 alias CK_C_GetFunctionStatus = CK_RV function 1604 ( 1605 CK_SESSION_HANDLE hSession /* the session's handle */ 1606 ); 1607 1608 1609 /* C_CancelFunction is a legacy function; it cancels a function 1610 * running in parallel. 1611 */ 1612 alias CK_C_CancelFunction = CK_RV function 1613 ( 1614 CK_SESSION_HANDLE hSession /* the session's handle */ 1615 ); 1616 1617 1618 /* C_WaitForSlotEvent waits for a slot event (token insertion, 1619 * removal, etc.) to occur. 1620 */ 1621 alias CK_C_WaitForSlotEvent = CK_RV function 1622 ( 1623 CK_FLAGS flags, /* blocking/nonblocking flag */ 1624 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ 1625 CK_VOID_PTR pRserved /* reserved. Should be null */ 1626 ); 1627 1628 1629 mixin template CK_FUNCTION_LIST_FENTRIES() 1630 { 1631 //CK_VERSION version_; /* Cryptoki version */ 1632 1633 /* Pile all the function pointers into the CK_FUNCTION_LIST. */ 1634 /* pkcs11f.h has all the information about the Cryptoki 1635 * function prototypes. 1636 */ 1637 1638 1639 /* General-purpose */ 1640 1641 /* C_Initialize initializes the Cryptoki library. */ 1642 CK_C_Initialize C_Initialize; 1643 1644 1645 /* C_Finalize indicates that an application is done with the 1646 * Cryptoki library. 1647 */ 1648 CK_C_Finalize C_Finalize; 1649 1650 1651 /* C_GetInfo returns general information about Cryptoki. */ 1652 CK_C_GetInfo C_GetInfo; 1653 1654 1655 /* C_GetFunctionList returns the function list. */ 1656 CK_C_GetFunctionList C_GetFunctionList; 1657 1658 1659 1660 /* Slot and token management */ 1661 1662 /* C_GetSlotList obtains a list of slots in the system. */ 1663 CK_C_GetSlotList C_GetSlotList; 1664 1665 1666 /* C_GetSlotInfo obtains information about a particular slot in 1667 * the system. 1668 */ 1669 CK_C_GetSlotInfo C_GetSlotInfo; 1670 1671 1672 /* C_GetTokenInfo obtains information about a particular token 1673 * in the system. 1674 */ 1675 CK_C_GetTokenInfo C_GetTokenInfo; 1676 1677 1678 /* C_GetMechanismList obtains a list of mechanism types 1679 * supported by a token. 1680 */ 1681 CK_C_GetMechanismList C_GetMechanismList; 1682 1683 1684 /* C_GetMechanismInfo obtains information about a particular 1685 * mechanism possibly supported by a token. 1686 */ 1687 CK_C_GetMechanismInfo C_GetMechanismInfo; 1688 1689 1690 /* C_InitToken initializes a token. */ 1691 CK_C_InitToken C_InitToken; 1692 1693 1694 /* C_InitPIN initializes the normal user's PIN. */ 1695 CK_C_InitPIN C_InitPIN; 1696 1697 1698 /* C_SetPIN modifies the PIN of the user who is logged in. */ 1699 CK_C_SetPIN C_SetPIN; 1700 1701 1702 1703 /* Session management */ 1704 1705 /* C_OpenSession opens a session between an application and a 1706 * token. 1707 */ 1708 CK_C_OpenSession C_OpenSession; 1709 1710 1711 /* C_CloseSession closes a session between an application and a 1712 * token. 1713 */ 1714 CK_C_CloseSession C_CloseSession; 1715 1716 1717 /* C_CloseAllSessions closes all sessions with a token. */ 1718 CK_C_CloseAllSessions C_CloseAllSessions; 1719 1720 1721 /* C_GetSessionInfo obtains information about the session. */ 1722 CK_C_GetSessionInfo C_GetSessionInfo; 1723 1724 1725 /* C_GetOperationState obtains the state of the cryptographic operation 1726 * in a session. 1727 */ 1728 CK_C_GetOperationState C_GetOperationState; 1729 1730 1731 /* C_SetOperationState restores the state of the cryptographic 1732 * operation in a session. 1733 */ 1734 CK_C_SetOperationState C_SetOperationState; 1735 1736 1737 /* C_Login logs a user into a token. */ 1738 CK_C_Login C_Login; 1739 1740 1741 /* C_Logout logs a user out from a token. */ 1742 CK_C_Logout C_Logout; 1743 1744 1745 1746 /* Object management */ 1747 1748 /* C_CreateObject creates a new object. */ 1749 CK_C_CreateObject C_CreateObject; 1750 1751 1752 /* C_CopyObject copies an object, creating a new object for the 1753 * copy. 1754 */ 1755 CK_C_CopyObject C_CopyObject; 1756 1757 1758 /* C_DestroyObject destroys an object. */ 1759 CK_C_DestroyObject C_DestroyObject; 1760 1761 1762 /* C_GetObjectSize gets the size of an object in bytes. */ 1763 CK_C_GetObjectSize C_GetObjectSize; 1764 1765 1766 /* C_GetAttributeValue obtains the value of one or more object 1767 * attributes. 1768 */ 1769 CK_C_GetAttributeValue C_GetAttributeValue; 1770 1771 1772 /* C_SetAttributeValue modifies the value of one or more object 1773 * attributes. 1774 */ 1775 CK_C_SetAttributeValue C_SetAttributeValue; 1776 1777 1778 /* C_FindObjectsInit initializes a search for token and session 1779 * objects that match a template. 1780 */ 1781 CK_C_FindObjectsInit C_FindObjectsInit; 1782 1783 1784 /* C_FindObjects continues a search for token and session 1785 * objects that match a template, obtaining additional object 1786 * handles. 1787 */ 1788 CK_C_FindObjects C_FindObjects; 1789 1790 1791 /* C_FindObjectsFinal finishes a search for token and session 1792 * objects. 1793 */ 1794 CK_C_FindObjectsFinal C_FindObjectsFinal; 1795 1796 1797 1798 /* Encryption and decryption */ 1799 1800 /* C_EncryptInit initializes an encryption operation. */ 1801 CK_C_EncryptInit C_EncryptInit; 1802 1803 1804 /* C_Encrypt encrypts single-part data. */ 1805 CK_C_Encrypt C_Encrypt; 1806 1807 1808 /* C_EncryptUpdate continues a multiple-part encryption 1809 * operation. 1810 */ 1811 CK_C_EncryptUpdate C_EncryptUpdate; 1812 1813 1814 /* C_EncryptFinal finishes a multiple-part encryption 1815 * operation. 1816 */ 1817 CK_C_EncryptFinal C_EncryptFinal; 1818 1819 1820 /* C_DecryptInit initializes a decryption operation. */ 1821 CK_C_DecryptInit C_DecryptInit; 1822 1823 1824 /* C_Decrypt decrypts encrypted data in a single part. */ 1825 CK_C_Decrypt C_Decrypt; 1826 1827 1828 /* C_DecryptUpdate continues a multiple-part decryption 1829 * operation. 1830 */ 1831 CK_C_DecryptUpdate C_DecryptUpdate; 1832 1833 1834 /* C_DecryptFinal finishes a multiple-part decryption 1835 * operation. 1836 */ 1837 CK_C_DecryptFinal C_DecryptFinal; 1838 1839 1840 1841 /* Message digesting */ 1842 1843 /* C_DigestInit initializes a message-digesting operation. */ 1844 CK_C_DigestInit C_DigestInit; 1845 1846 1847 /* C_Digest digests data in a single part. */ 1848 CK_C_Digest C_Digest; 1849 1850 1851 /* C_DigestUpdate continues a multiple-part message-digesting 1852 * operation. 1853 */ 1854 CK_C_DigestUpdate C_DigestUpdate; 1855 1856 1857 /* C_DigestKey continues a multi-part message-digesting 1858 * operation, by digesting the value of a secret key as part of 1859 * the data already digested. 1860 */ 1861 CK_C_DigestKey C_DigestKey; 1862 1863 1864 /* C_DigestFinal finishes a multiple-part message-digesting 1865 * operation. 1866 */ 1867 CK_C_DigestFinal C_DigestFinal; 1868 1869 1870 1871 /* Signing and MACing */ 1872 1873 /* C_SignInit initializes a signature (private key encryption) 1874 * operation, where the signature is (will be) an appendix to 1875 * the data, and plaintext cannot be recovered from the 1876 * signature. 1877 */ 1878 CK_C_SignInit C_SignInit; 1879 1880 1881 /* C_Sign signs (encrypts with private key) data in a single 1882 * part, where the signature is (will be) an appendix to the 1883 * data, and plaintext cannot be recovered from the signature. 1884 */ 1885 CK_C_Sign C_Sign; 1886 1887 1888 /* C_SignUpdate continues a multiple-part signature operation, 1889 * where the signature is (will be) an appendix to the data, 1890 * and plaintext cannot be recovered from the signature. 1891 */ 1892 CK_C_SignUpdate C_SignUpdate; 1893 1894 1895 /* C_SignFinal finishes a multiple-part signature operation, 1896 * returning the signature. 1897 */ 1898 CK_C_SignFinal C_SignFinal; 1899 1900 1901 /* C_SignRecoverInit initializes a signature operation, where 1902 * the data can be recovered from the signature. 1903 */ 1904 CK_C_SignRecoverInit C_SignRecoverInit; 1905 1906 1907 /* C_SignRecover signs data in a single operation, where the 1908 * data can be recovered from the signature. 1909 */ 1910 CK_C_SignRecover C_SignRecover; 1911 1912 1913 1914 /* Verifying signatures and MACs */ 1915 1916 /* C_VerifyInit initializes a verification operation, where the 1917 * signature is an appendix to the data, and plaintext cannot 1918 * cannot be recovered from the signature (e.g. DSA). 1919 */ 1920 CK_C_VerifyInit C_VerifyInit; 1921 1922 1923 /* C_Verify verifies a signature in a single-part operation, 1924 * where the signature is an appendix to the data, and plaintext 1925 * cannot be recovered from the signature. 1926 */ 1927 CK_C_Verify C_Verify; 1928 1929 1930 /* C_VerifyUpdate continues a multiple-part verification 1931 * operation, where the signature is an appendix to the data, 1932 * and plaintext cannot be recovered from the signature. 1933 */ 1934 CK_C_VerifyUpdate C_VerifyUpdate; 1935 1936 1937 /* C_VerifyFinal finishes a multiple-part verification 1938 * operation, checking the signature. 1939 */ 1940 CK_C_VerifyFinal C_VerifyFinal; 1941 1942 1943 /* C_VerifyRecoverInit initializes a signature verification 1944 * operation, where the data is recovered from the signature. 1945 */ 1946 CK_C_VerifyRecoverInit C_VerifyRecoverInit; 1947 1948 1949 /* C_VerifyRecover verifies a signature in a single-part 1950 * operation, where the data is recovered from the signature. 1951 */ 1952 CK_C_VerifyRecover C_VerifyRecover; 1953 1954 1955 1956 /* Dual-function cryptographic operations */ 1957 1958 /* C_DigestEncryptUpdate continues a multiple-part digesting 1959 * and encryption operation. 1960 */ 1961 CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; 1962 1963 1964 /* C_DecryptDigestUpdate continues a multiple-part decryption and 1965 * digesting operation. 1966 */ 1967 CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; 1968 1969 1970 /* C_SignEncryptUpdate continues a multiple-part signing and 1971 * encryption operation. 1972 */ 1973 CK_C_SignEncryptUpdate C_SignEncryptUpdate; 1974 1975 1976 /* C_DecryptVerifyUpdate continues a multiple-part decryption and 1977 * verify operation. 1978 */ 1979 CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; 1980 1981 1982 1983 /* Key management */ 1984 1985 /* C_GenerateKey generates a secret key, creating a new key 1986 * object. 1987 */ 1988 CK_C_GenerateKey C_GenerateKey; 1989 1990 1991 /* C_GenerateKeyPair generates a public-key/private-key pair, 1992 * creating new key objects. 1993 */ 1994 CK_C_GenerateKeyPair C_GenerateKeyPair; 1995 1996 1997 /* C_WrapKey wraps (i.e., encrypts) a key. */ 1998 CK_C_WrapKey C_WrapKey; 1999 2000 2001 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 2002 * key object. 2003 */ 2004 CK_C_UnwrapKey C_UnwrapKey; 2005 2006 2007 /* C_DeriveKey derives a key from a base key, creating a new key 2008 * object. 2009 */ 2010 CK_C_DeriveKey C_DeriveKey; 2011 2012 2013 2014 /* Random number generation */ 2015 2016 /* C_SeedRandom mixes additional seed material into the token's 2017 * random number generator. 2018 */ 2019 CK_C_SeedRandom C_SeedRandom; 2020 2021 2022 /* C_GenerateRandom generates random data. */ 2023 CK_C_GenerateRandom C_GenerateRandom; 2024 2025 2026 2027 /* Parallel function management */ 2028 2029 /* C_GetFunctionStatus is a legacy function; it obtains an 2030 * updated status of a function running in parallel with an 2031 * application. 2032 */ 2033 CK_C_GetFunctionStatus C_GetFunctionStatus; 2034 2035 2036 /* C_CancelFunction is a legacy function; it cancels a function 2037 * running in parallel. 2038 */ 2039 CK_C_CancelFunction C_CancelFunction; 2040 2041 2042 /* C_WaitForSlotEvent waits for a slot event (token insertion, 2043 * removal, etc.) to occur. 2044 */ 2045 CK_C_WaitForSlotEvent C_WaitForSlotEvent; 2046 }