pam_pkcs11  0.6.10
pkcs11f.h
Go to the documentation of this file.
1 /* pkcs11f.h include file for PKCS #11. */
2 /* $Revision: 1.4 $ */
3 
4 /* License to copy and use this software is granted provided that it is
5  * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
6  * (Cryptoki)" in all material mentioning or referencing this software.
7 
8  * License is also granted to make and use derivative works provided that
9  * such works are identified as "derived from the RSA Security Inc. PKCS #11
10  * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
11  * referencing the derived work.
12 
13  * RSA Security Inc. makes no representations concerning either the
14  * merchantability of this software or the suitability of this software for
15  * any particular purpose. It is provided "as is" without express or implied
16  * warranty of any kind.
17  */
18 
19 /* This header file contains pretty much everything about all the */
20 /* Cryptoki function prototypes. Because this information is */
21 /* used for more than just declaring function prototypes, the */
22 /* order of the functions appearing herein is important, and */
23 /* should not be altered. */
24 
25 /* General-purpose */
26 
27 /* C_Initialize initializes the Cryptoki library. */
28 CK_PKCS11_FUNCTION_INFO(C_Initialize)
29 #ifdef CK_NEED_ARG_LIST
30  (CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
31  * cast to CK_C_INITIALIZE_ARGS_PTR
32  * and dereferenced */
33  );
34 #endif
35 
36 
37 /* C_Finalize indicates that an application is done with the
38  * Cryptoki library. */
39 CK_PKCS11_FUNCTION_INFO(C_Finalize)
40 #ifdef CK_NEED_ARG_LIST
41  (CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
42  );
43 #endif
44 
45 
46 /* C_GetInfo returns general information about Cryptoki. */
47 CK_PKCS11_FUNCTION_INFO(C_GetInfo)
48 #ifdef CK_NEED_ARG_LIST
49  (CK_INFO_PTR pInfo /* location that receives information */
50  );
51 #endif
52 
53 
54 /* C_GetFunctionList returns the function list. */
55 CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
56 #ifdef CK_NEED_ARG_LIST
57  (CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
58  * function list */
59  );
60 #endif
61 
62 
63 
64 /* Slot and token management */
65 
66 /* C_GetSlotList obtains a list of slots in the system. */
67 CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
68 #ifdef CK_NEED_ARG_LIST
69  (CK_BBOOL tokenPresent, /* only slots with tokens? */
70  CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
71  CK_ULONG_PTR pulCount /* receives number of slots */
72  );
73 #endif
74 
75 
76 /* C_GetSlotInfo obtains information about a particular slot in
77  * the system. */
78 CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
79 #ifdef CK_NEED_ARG_LIST
80  (CK_SLOT_ID slotID, /* the ID of the slot */
81  CK_SLOT_INFO_PTR pInfo /* receives the slot information */
82  );
83 #endif
84 
85 
86 /* C_GetTokenInfo obtains information about a particular token
87  * in the system. */
88 CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
89 #ifdef CK_NEED_ARG_LIST
90  (CK_SLOT_ID slotID, /* ID of the token's slot */
91  CK_TOKEN_INFO_PTR pInfo /* receives the token information */
92  );
93 #endif
94 
95 
96 /* C_GetMechanismList obtains a list of mechanism types
97  * supported by a token. */
98 CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
99 #ifdef CK_NEED_ARG_LIST
100  (CK_SLOT_ID slotID, /* ID of token's slot */
101  CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
102  CK_ULONG_PTR pulCount /* gets # of mechs. */
103  );
104 #endif
105 
106 
107 /* C_GetMechanismInfo obtains information about a particular
108  * mechanism possibly supported by a token. */
109 CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
110 #ifdef CK_NEED_ARG_LIST
111  (CK_SLOT_ID slotID, /* ID of the token's slot */
112  CK_MECHANISM_TYPE type, /* type of mechanism */
113  CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
114  );
115 #endif
116 
117 
118 /* C_InitToken initializes a token. */
119 CK_PKCS11_FUNCTION_INFO(C_InitToken)
120 #ifdef CK_NEED_ARG_LIST
121 /* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
122  (CK_SLOT_ID slotID, /* ID of the token's slot */
123  CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
124  CK_ULONG ulPinLen, /* length in bytes of the PIN */
125  CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
126  );
127 #endif
128 
129 
130 /* C_InitPIN initializes the normal user's PIN. */
131 CK_PKCS11_FUNCTION_INFO(C_InitPIN)
132 #ifdef CK_NEED_ARG_LIST
133  (CK_SESSION_HANDLE hSession, /* the session's handle */
134  CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
135  CK_ULONG ulPinLen /* length in bytes of the PIN */
136  );
137 #endif
138 
139 
140 /* C_SetPIN modifies the PIN of the user who is logged in. */
141 CK_PKCS11_FUNCTION_INFO(C_SetPIN)
142 #ifdef CK_NEED_ARG_LIST
143  (CK_SESSION_HANDLE hSession, /* the session's handle */
144  CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
145  CK_ULONG ulOldLen, /* length of the old PIN */
146  CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
147  CK_ULONG ulNewLen /* length of the new PIN */
148  );
149 #endif
150 
151 
152 
153 /* Session management */
154 
155 /* C_OpenSession opens a session between an application and a
156  * token. */
157 CK_PKCS11_FUNCTION_INFO(C_OpenSession)
158 #ifdef CK_NEED_ARG_LIST
159  (CK_SLOT_ID slotID, /* the slot's ID */
160  CK_FLAGS flags, /* from CK_SESSION_INFO */
161  CK_VOID_PTR pApplication, /* passed to callback */
162  CK_NOTIFY Notify, /* callback function */
163  CK_SESSION_HANDLE_PTR phSession /* gets session handle */
164  );
165 #endif
166 
167 
168 /* C_CloseSession closes a session between an application and a
169  * token. */
170 CK_PKCS11_FUNCTION_INFO(C_CloseSession)
171 #ifdef CK_NEED_ARG_LIST
172  (CK_SESSION_HANDLE hSession /* the session's handle */
173  );
174 #endif
175 
176 
177 /* C_CloseAllSessions closes all sessions with a token. */
178 CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
179 #ifdef CK_NEED_ARG_LIST
180  (CK_SLOT_ID slotID /* the token's slot */
181  );
182 #endif
183 
184 
185 /* C_GetSessionInfo obtains information about the session. */
186 CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
187 #ifdef CK_NEED_ARG_LIST
188  (CK_SESSION_HANDLE hSession, /* the session's handle */
189  CK_SESSION_INFO_PTR pInfo /* receives session info */
190  );
191 #endif
192 
193 
194 /* C_GetOperationState obtains the state of the cryptographic operation
195  * in a session. */
196 CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
197 #ifdef CK_NEED_ARG_LIST
198  (CK_SESSION_HANDLE hSession, /* session's handle */
199  CK_BYTE_PTR pOperationState, /* gets state */
200  CK_ULONG_PTR pulOperationStateLen /* gets state length */
201  );
202 #endif
203 
204 
205 /* C_SetOperationState restores the state of the cryptographic
206  * operation in a session. */
207 CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
208 #ifdef CK_NEED_ARG_LIST
209  (CK_SESSION_HANDLE hSession, /* session's handle */
210  CK_BYTE_PTR pOperationState, /* holds state */
211  CK_ULONG ulOperationStateLen, /* holds state length */
212  CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
213  CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
214  );
215 #endif
216 
217 
218 /* C_Login logs a user into a token. */
220 #ifdef CK_NEED_ARG_LIST
221  (CK_SESSION_HANDLE hSession, /* the session's handle */
222  CK_USER_TYPE userType, /* the user type */
223  CK_UTF8CHAR_PTR pPin, /* the user's PIN */
224  CK_ULONG ulPinLen /* the length of the PIN */
225  );
226 #endif
227 
228 
229 /* C_Logout logs a user out from a token. */
230 CK_PKCS11_FUNCTION_INFO(C_Logout)
231 #ifdef CK_NEED_ARG_LIST
232  (CK_SESSION_HANDLE hSession /* the session's handle */
233  );
234 #endif
235 
236 
237 
238 /* Object management */
239 
240 /* C_CreateObject creates a new object. */
241 CK_PKCS11_FUNCTION_INFO(C_CreateObject)
242 #ifdef CK_NEED_ARG_LIST
243  (CK_SESSION_HANDLE hSession, /* the session's handle */
244  CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
245  CK_ULONG ulCount, /* attributes in template */
246  CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
247  );
248 #endif
249 
250 
251 /* C_CopyObject copies an object, creating a new object for the
252  * copy. */
253 CK_PKCS11_FUNCTION_INFO(C_CopyObject)
254 #ifdef CK_NEED_ARG_LIST
255  (CK_SESSION_HANDLE hSession, /* the session's handle */
256  CK_OBJECT_HANDLE hObject, /* the object's handle */
257  CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
258  CK_ULONG ulCount, /* attributes in template */
259  CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
260  );
261 #endif
262 
263 
264 /* C_DestroyObject destroys an object. */
265 CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
266 #ifdef CK_NEED_ARG_LIST
267  (CK_SESSION_HANDLE hSession, /* the session's handle */
268  CK_OBJECT_HANDLE hObject /* the object's handle */
269  );
270 #endif
271 
272 
273 /* C_GetObjectSize gets the size of an object in bytes. */
274 CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
275 #ifdef CK_NEED_ARG_LIST
276  (CK_SESSION_HANDLE hSession, /* the session's handle */
277  CK_OBJECT_HANDLE hObject, /* the object's handle */
278  CK_ULONG_PTR pulSize /* receives size of object */
279  );
280 #endif
281 
282 
283 /* C_GetAttributeValue obtains the value of one or more object
284  * attributes. */
285 CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
286 #ifdef CK_NEED_ARG_LIST
287  (CK_SESSION_HANDLE hSession, /* the session's handle */
288  CK_OBJECT_HANDLE hObject, /* the object's handle */
289  CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
290  CK_ULONG ulCount /* attributes in template */
291  );
292 #endif
293 
294 
295 /* C_SetAttributeValue modifies the value of one or more object
296  * attributes */
297 CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
298 #ifdef CK_NEED_ARG_LIST
299  (CK_SESSION_HANDLE hSession, /* the session's handle */
300  CK_OBJECT_HANDLE hObject, /* the object's handle */
301  CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
302  CK_ULONG ulCount /* attributes in template */
303  );
304 #endif
305 
306 
307 /* C_FindObjectsInit initializes a search for token and session
308  * objects that match a template. */
309 CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
310 #ifdef CK_NEED_ARG_LIST
311  (CK_SESSION_HANDLE hSession, /* the session's handle */
312  CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
313  CK_ULONG ulCount /* attrs in search template */
314  );
315 #endif
316 
317 
318 /* C_FindObjects continues a search for token and session
319  * objects that match a template, obtaining additional object
320  * handles. */
321 CK_PKCS11_FUNCTION_INFO(C_FindObjects)
322 #ifdef CK_NEED_ARG_LIST
323  (CK_SESSION_HANDLE hSession, /* session's handle */
324  CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
325  CK_ULONG ulMaxObjectCount, /* max handles to get */
326  CK_ULONG_PTR pulObjectCount /* actual # returned */
327  );
328 #endif
329 
330 
331 /* C_FindObjectsFinal finishes a search for token and session
332  * objects. */
333 CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
334 #ifdef CK_NEED_ARG_LIST
335  (CK_SESSION_HANDLE hSession /* the session's handle */
336  );
337 #endif
338 
339 
340 
341 /* Encryption and decryption */
342 
343 /* C_EncryptInit initializes an encryption operation. */
344 CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
345 #ifdef CK_NEED_ARG_LIST
346  (CK_SESSION_HANDLE hSession, /* the session's handle */
347  CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
348  CK_OBJECT_HANDLE hKey /* handle of encryption key */
349  );
350 #endif
351 
352 
353 /* C_Encrypt encrypts single-part data. */
354 CK_PKCS11_FUNCTION_INFO(C_Encrypt)
355 #ifdef CK_NEED_ARG_LIST
356  (CK_SESSION_HANDLE hSession, /* session's handle */
357  CK_BYTE_PTR pData, /* the plaintext data */
358  CK_ULONG ulDataLen, /* bytes of plaintext */
359  CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
360  CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
361  );
362 #endif
363 
364 
365 /* C_EncryptUpdate continues a multiple-part encryption
366  * operation. */
367 CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
368 #ifdef CK_NEED_ARG_LIST
369  (CK_SESSION_HANDLE hSession, /* session's handle */
370  CK_BYTE_PTR pPart, /* the plaintext data */
371  CK_ULONG ulPartLen, /* plaintext data len */
372  CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
373  CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
374  );
375 #endif
376 
377 
378 /* C_EncryptFinal finishes a multiple-part encryption
379  * operation. */
380 CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
381 #ifdef CK_NEED_ARG_LIST
382  (CK_SESSION_HANDLE hSession, /* session handle */
383  CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
384  CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
385  );
386 #endif
387 
388 
389 /* C_DecryptInit initializes a decryption operation. */
390 CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
391 #ifdef CK_NEED_ARG_LIST
392  (CK_SESSION_HANDLE hSession, /* the session's handle */
393  CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
394  CK_OBJECT_HANDLE hKey /* handle of decryption key */
395  );
396 #endif
397 
398 
399 /* C_Decrypt decrypts encrypted data in a single part. */
400 CK_PKCS11_FUNCTION_INFO(C_Decrypt)
401 #ifdef CK_NEED_ARG_LIST
402  (CK_SESSION_HANDLE hSession, /* session's handle */
403  CK_BYTE_PTR pEncryptedData, /* ciphertext */
404  CK_ULONG ulEncryptedDataLen, /* ciphertext length */
405  CK_BYTE_PTR pData, /* gets plaintext */
406  CK_ULONG_PTR pulDataLen /* gets p-text size */
407  );
408 #endif
409 
410 
411 /* C_DecryptUpdate continues a multiple-part decryption
412  * operation. */
413 CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
414 #ifdef CK_NEED_ARG_LIST
415  (CK_SESSION_HANDLE hSession, /* session's handle */
416  CK_BYTE_PTR pEncryptedPart, /* encrypted data */
417  CK_ULONG ulEncryptedPartLen, /* input length */
418  CK_BYTE_PTR pPart, /* gets plaintext */
419  CK_ULONG_PTR pulPartLen /* p-text size */
420  );
421 #endif
422 
423 
424 /* C_DecryptFinal finishes a multiple-part decryption
425  * operation. */
426 CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
427 #ifdef CK_NEED_ARG_LIST
428  (CK_SESSION_HANDLE hSession, /* the session's handle */
429  CK_BYTE_PTR pLastPart, /* gets plaintext */
430  CK_ULONG_PTR pulLastPartLen /* p-text size */
431  );
432 #endif
433 
434 
435 
436 /* Message digesting */
437 
438 /* C_DigestInit initializes a message-digesting operation. */
439 CK_PKCS11_FUNCTION_INFO(C_DigestInit)
440 #ifdef CK_NEED_ARG_LIST
441  (CK_SESSION_HANDLE hSession, /* the session's handle */
442  CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
443  );
444 #endif
445 
446 
447 /* C_Digest digests data in a single part. */
448 CK_PKCS11_FUNCTION_INFO(C_Digest)
449 #ifdef CK_NEED_ARG_LIST
450  (CK_SESSION_HANDLE hSession, /* the session's handle */
451  CK_BYTE_PTR pData, /* data to be digested */
452  CK_ULONG ulDataLen, /* bytes of data to digest */
453  CK_BYTE_PTR pDigest, /* gets the message digest */
454  CK_ULONG_PTR pulDigestLen /* gets digest length */
455  );
456 #endif
457 
458 
459 /* C_DigestUpdate continues a multiple-part message-digesting
460  * operation. */
461 CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
462 #ifdef CK_NEED_ARG_LIST
463  (CK_SESSION_HANDLE hSession, /* the session's handle */
464  CK_BYTE_PTR pPart, /* data to be digested */
465  CK_ULONG ulPartLen /* bytes of data to be digested */
466  );
467 #endif
468 
469 
470 /* C_DigestKey continues a multi-part message-digesting
471  * operation, by digesting the value of a secret key as part of
472  * the data already digested. */
473 CK_PKCS11_FUNCTION_INFO(C_DigestKey)
474 #ifdef CK_NEED_ARG_LIST
475  (CK_SESSION_HANDLE hSession, /* the session's handle */
476  CK_OBJECT_HANDLE hKey /* secret key to digest */
477  );
478 #endif
479 
480 
481 /* C_DigestFinal finishes a multiple-part message-digesting
482  * operation. */
483 CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
484 #ifdef CK_NEED_ARG_LIST
485  (CK_SESSION_HANDLE hSession, /* the session's handle */
486  CK_BYTE_PTR pDigest, /* gets the message digest */
487  CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
488  );
489 #endif
490 
491 
492 
493 /* Signing and MACing */
494 
495 /* C_SignInit initializes a signature (private key encryption)
496  * operation, where the signature is (will be) an appendix to
497  * the data, and plaintext cannot be recovered from the
498  *signature. */
499 CK_PKCS11_FUNCTION_INFO(C_SignInit)
500 #ifdef CK_NEED_ARG_LIST
501  (CK_SESSION_HANDLE hSession, /* the session's handle */
502  CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
503  CK_OBJECT_HANDLE hKey /* handle of signature key */
504  );
505 #endif
506 
507 
508 /* C_Sign signs (encrypts with private key) data in a single
509  * part, where the signature is (will be) an appendix to the
510  * data, and plaintext cannot be recovered from the signature. */
512 #ifdef CK_NEED_ARG_LIST
513  (CK_SESSION_HANDLE hSession, /* the session's handle */
514  CK_BYTE_PTR pData, /* the data to sign */
515  CK_ULONG ulDataLen, /* count of bytes to sign */
516  CK_BYTE_PTR pSignature, /* gets the signature */
517  CK_ULONG_PTR pulSignatureLen /* gets signature length */
518  );
519 #endif
520 
521 
522 /* C_SignUpdate continues a multiple-part signature operation,
523  * where the signature is (will be) an appendix to the data,
524  * and plaintext cannot be recovered from the signature. */
525 CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
526 #ifdef CK_NEED_ARG_LIST
527  (CK_SESSION_HANDLE hSession, /* the session's handle */
528  CK_BYTE_PTR pPart, /* the data to sign */
529  CK_ULONG ulPartLen /* count of bytes to sign */
530  );
531 #endif
532 
533 
534 /* C_SignFinal finishes a multiple-part signature operation,
535  * returning the signature. */
536 CK_PKCS11_FUNCTION_INFO(C_SignFinal)
537 #ifdef CK_NEED_ARG_LIST
538  (CK_SESSION_HANDLE hSession, /* the session's handle */
539  CK_BYTE_PTR pSignature, /* gets the signature */
540  CK_ULONG_PTR pulSignatureLen /* gets signature length */
541  );
542 #endif
543 
544 
545 /* C_SignRecoverInit initializes a signature operation, where
546  * the data can be recovered from the signature. */
547 CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
548 #ifdef CK_NEED_ARG_LIST
549  (CK_SESSION_HANDLE hSession, /* the session's handle */
550  CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
551  CK_OBJECT_HANDLE hKey /* handle of the signature key */
552  );
553 #endif
554 
555 
556 /* C_SignRecover signs data in a single operation, where the
557  * data can be recovered from the signature. */
558 CK_PKCS11_FUNCTION_INFO(C_SignRecover)
559 #ifdef CK_NEED_ARG_LIST
560  (CK_SESSION_HANDLE hSession, /* the session's handle */
561  CK_BYTE_PTR pData, /* the data to sign */
562  CK_ULONG ulDataLen, /* count of bytes to sign */
563  CK_BYTE_PTR pSignature, /* gets the signature */
564  CK_ULONG_PTR pulSignatureLen /* gets signature length */
565  );
566 #endif
567 
568 
569 
570 /* Verifying signatures and MACs */
571 
572 /* C_VerifyInit initializes a verification operation, where the
573  * signature is an appendix to the data, and plaintext cannot
574  * cannot be recovered from the signature (e.g. DSA). */
575 CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
576 #ifdef CK_NEED_ARG_LIST
577  (CK_SESSION_HANDLE hSession, /* the session's handle */
578  CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
579  CK_OBJECT_HANDLE hKey /* verification key */
580  );
581 #endif
582 
583 
584 /* C_Verify verifies a signature in a single-part operation,
585  * where the signature is an appendix to the data, and plaintext
586  * cannot be recovered from the signature. */
587 CK_PKCS11_FUNCTION_INFO(C_Verify)
588 #ifdef CK_NEED_ARG_LIST
589  (CK_SESSION_HANDLE hSession, /* the session's handle */
590  CK_BYTE_PTR pData, /* signed data */
591  CK_ULONG ulDataLen, /* length of signed data */
592  CK_BYTE_PTR pSignature, /* signature */
593  CK_ULONG ulSignatureLen /* signature length */
594  );
595 #endif
596 
597 
598 /* C_VerifyUpdate continues a multiple-part verification
599  * operation, where the signature is an appendix to the data,
600  * and plaintext cannot be recovered from the signature. */
601 CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
602 #ifdef CK_NEED_ARG_LIST
603  (CK_SESSION_HANDLE hSession, /* the session's handle */
604  CK_BYTE_PTR pPart, /* signed data */
605  CK_ULONG ulPartLen /* length of signed data */
606  );
607 #endif
608 
609 
610 /* C_VerifyFinal finishes a multiple-part verification
611  * operation, checking the signature. */
612 CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
613 #ifdef CK_NEED_ARG_LIST
614  (CK_SESSION_HANDLE hSession, /* the session's handle */
615  CK_BYTE_PTR pSignature, /* signature to verify */
616  CK_ULONG ulSignatureLen /* signature length */
617  );
618 #endif
619 
620 
621 /* C_VerifyRecoverInit initializes a signature verification
622  * operation, where the data is recovered from the signature. */
623 CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
624 #ifdef CK_NEED_ARG_LIST
625  (CK_SESSION_HANDLE hSession, /* the session's handle */
626  CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
627  CK_OBJECT_HANDLE hKey /* verification key */
628  );
629 #endif
630 
631 
632 /* C_VerifyRecover verifies a signature in a single-part
633  * operation, where the data is recovered from the signature. */
634 CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
635 #ifdef CK_NEED_ARG_LIST
636  (CK_SESSION_HANDLE hSession, /* the session's handle */
637  CK_BYTE_PTR pSignature, /* signature to verify */
638  CK_ULONG ulSignatureLen, /* signature length */
639  CK_BYTE_PTR pData, /* gets signed data */
640  CK_ULONG_PTR pulDataLen /* gets signed data len */
641  );
642 #endif
643 
644 
645 
646 /* Dual-function cryptographic operations */
647 
648 /* C_DigestEncryptUpdate continues a multiple-part digesting
649  * and encryption operation. */
650 CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
651 #ifdef CK_NEED_ARG_LIST
652  (CK_SESSION_HANDLE hSession, /* session's handle */
653  CK_BYTE_PTR pPart, /* the plaintext data */
654  CK_ULONG ulPartLen, /* plaintext length */
655  CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
656  CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
657  );
658 #endif
659 
660 
661 /* C_DecryptDigestUpdate continues a multiple-part decryption and
662  * digesting operation. */
663 CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
664 #ifdef CK_NEED_ARG_LIST
665  (CK_SESSION_HANDLE hSession, /* session's handle */
666  CK_BYTE_PTR pEncryptedPart, /* ciphertext */
667  CK_ULONG ulEncryptedPartLen, /* ciphertext length */
668  CK_BYTE_PTR pPart, /* gets plaintext */
669  CK_ULONG_PTR pulPartLen /* gets plaintext len */
670  );
671 #endif
672 
673 
674 /* C_SignEncryptUpdate continues a multiple-part signing and
675  * encryption operation. */
676 CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
677 #ifdef CK_NEED_ARG_LIST
678  (CK_SESSION_HANDLE hSession, /* session's handle */
679  CK_BYTE_PTR pPart, /* the plaintext data */
680  CK_ULONG ulPartLen, /* plaintext length */
681  CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
682  CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
683  );
684 #endif
685 
686 
687 /* C_DecryptVerifyUpdate continues a multiple-part decryption and
688  * verify operation. */
689 CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
690 #ifdef CK_NEED_ARG_LIST
691  (CK_SESSION_HANDLE hSession, /* session's handle */
692  CK_BYTE_PTR pEncryptedPart, /* ciphertext */
693  CK_ULONG ulEncryptedPartLen, /* ciphertext length */
694  CK_BYTE_PTR pPart, /* gets plaintext */
695  CK_ULONG_PTR pulPartLen /* gets p-text length */
696  );
697 #endif
698 
699 
700 
701 /* Key management */
702 
703 /* C_GenerateKey generates a secret key, creating a new key
704  * object. */
705 CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
706 #ifdef CK_NEED_ARG_LIST
707  (CK_SESSION_HANDLE hSession, /* the session's handle */
708  CK_MECHANISM_PTR pMechanism, /* key generation mech. */
709  CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
710  CK_ULONG ulCount, /* # of attrs in template */
711  CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
712  );
713 #endif
714 
715 
716 /* C_GenerateKeyPair generates a public-key/private-key pair,
717  * creating new key objects. */
718 CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
719 #ifdef CK_NEED_ARG_LIST
720  (CK_SESSION_HANDLE hSession, /* session
721  * handle */
722  CK_MECHANISM_PTR pMechanism, /* key-gen
723  * mech. */
724  CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template
725  * for pub.
726  * key */
727  CK_ULONG ulPublicKeyAttributeCount, /* # pub.
728  * attrs. */
729  CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template
730  * for priv.
731  * key */
732  CK_ULONG ulPrivateKeyAttributeCount, /* # priv.
733  * attrs. */
734  CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub.
735  * key
736  * handle */
737  CK_OBJECT_HANDLE_PTR phPrivateKey /* gets
738  * priv. key
739  * handle */
740  );
741 #endif
742 
743 
744 /* C_WrapKey wraps (i.e., encrypts) a key. */
745 CK_PKCS11_FUNCTION_INFO(C_WrapKey)
746 #ifdef CK_NEED_ARG_LIST
747  (CK_SESSION_HANDLE hSession, /* the session's handle */
748  CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
749  CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
750  CK_OBJECT_HANDLE hKey, /* key to be wrapped */
751  CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
752  CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
753  );
754 #endif
755 
756 
757 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
758  * key object. */
759 CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
760 #ifdef CK_NEED_ARG_LIST
761  (CK_SESSION_HANDLE hSession, /* session's handle */
762  CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
763  CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
764  CK_BYTE_PTR pWrappedKey, /* the wrapped key */
765  CK_ULONG ulWrappedKeyLen, /* wrapped key len */
766  CK_ATTRIBUTE_PTR pTemplate, /* new key template */
767  CK_ULONG ulAttributeCount, /* template length */
768  CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
769  );
770 #endif
771 
772 
773 /* C_DeriveKey derives a key from a base key, creating a new key
774  * object. */
775 CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
776 #ifdef CK_NEED_ARG_LIST
777  (CK_SESSION_HANDLE hSession, /* session's handle */
778  CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
779  CK_OBJECT_HANDLE hBaseKey, /* base key */
780  CK_ATTRIBUTE_PTR pTemplate, /* new key template */
781  CK_ULONG ulAttributeCount, /* template length */
782  CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
783  );
784 #endif
785 
786 
787 
788 /* Random number generation */
789 
790 /* C_SeedRandom mixes additional seed material into the token's
791  * random number generator. */
792 CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
793 #ifdef CK_NEED_ARG_LIST
794  (CK_SESSION_HANDLE hSession, /* the session's handle */
795  CK_BYTE_PTR pSeed, /* the seed material */
796  CK_ULONG ulSeedLen /* length of seed material */
797  );
798 #endif
799 
800 
801 /* C_GenerateRandom generates random data. */
802 CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
803 #ifdef CK_NEED_ARG_LIST
804  (CK_SESSION_HANDLE hSession, /* the session's handle */
805  CK_BYTE_PTR RandomData, /* receives the random data */
806  CK_ULONG ulRandomLen /* # of bytes to generate */
807  );
808 #endif
809 
810 
811 
812 /* Parallel function management */
813 
814 /* C_GetFunctionStatus is a legacy function; it obtains an
815  * updated status of a function running in parallel with an
816  * application. */
817 CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
818 #ifdef CK_NEED_ARG_LIST
819  (CK_SESSION_HANDLE hSession /* the session's handle */
820  );
821 #endif
822 
823 
824 /* C_CancelFunction is a legacy function; it cancels a function
825  * running in parallel. */
826 CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
827 #ifdef CK_NEED_ARG_LIST
828  (CK_SESSION_HANDLE hSession /* the session's handle */
829  );
830 #endif
831 
832 
833 
834 /* Functions added in for Cryptoki Version 2.01 or later */
835 
836 /* C_WaitForSlotEvent waits for a slot event (token insertion,
837  * removal, etc.) to occur. */
838 CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
839 #ifdef CK_NEED_ARG_LIST
840  (CK_FLAGS flags, /* blocking/nonblocking flag */
841  CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
842  CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
843  );
844 #endif
CK_SLOT_INFO_PTR
CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR
Definition: pkcs11t.h:138
CK_BYTE_PTR
CK_BYTE CK_PTR CK_BYTE_PTR
Definition: pkcs11t.h:67
CK_MECHANISM_TYPE
CK_ULONG CK_MECHANISM_TYPE
Definition: pkcs11t.h:521
pApplication
CK_NOTIFICATION CK_VOID_PTR pApplication
Definition: pkcs11t.h:975
CK_ATTRIBUTE_PTR
CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR
Definition: pkcs11t.h:506
CK_SLOT_ID
CK_ULONG CK_SLOT_ID
Definition: pkcs11t.h:113
CK_OBJECT_HANDLE
CK_ULONG CK_OBJECT_HANDLE
Definition: pkcs11t.h:308
CK_ULONG_PTR
CK_ULONG CK_PTR CK_ULONG_PTR
Definition: pkcs11t.h:70
CK_SESSION_HANDLE
CK_ULONG CK_SESSION_HANDLE
Definition: pkcs11t.h:260
CK_BBOOL
CK_BYTE CK_BBOOL
Definition: pkcs11t.h:49
CK_MECHANISM_TYPE_PTR
CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR
Definition: pkcs11t.h:774
CK_MECHANISM_PTR
CK_MECHANISM CK_PTR CK_MECHANISM_PTR
Definition: pkcs11t.h:788
CK_FUNCTION_LIST_PTR_PTR
CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR
Definition: pkcs11t.h:986
CK_USER_TYPE
CK_ULONG CK_USER_TYPE
Definition: pkcs11t.h:268
CK_ULONG
unsigned long int CK_ULONG
Definition: pkcs11t.h:52
CK_SLOT_ID_PTR
CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR
Definition: pkcs11t.h:115
CK_OBJECT_HANDLE_PTR
CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR
Definition: pkcs11t.h:310
CK_FLAGS
CK_ULONG CK_FLAGS
Definition: pkcs11t.h:59
CK_SESSION_INFO_PTR
CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR
Definition: pkcs11t.h:303
CK_SESSION_HANDLE_PTR
CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR
Definition: pkcs11t.h:262
CK_INFO_PTR
CK_INFO CK_PTR CK_INFO_PTR
Definition: pkcs11t.h:102
CK_MECHANISM_INFO_PTR
CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR
Definition: pkcs11t.h:834
CK_TOKEN_INFO_PTR
CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR
Definition: pkcs11t.h:255
CK_VOID_PTR
void CK_PTR CK_VOID_PTR
Definition: pkcs11t.h:71
CK_PKCS11_FUNCTION_INFO
#define CK_PKCS11_FUNCTION_INFO(name)
Definition: pkcs11.h:105
CK_UTF8CHAR_PTR
CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR
Definition: pkcs11t.h:69