1 /* Copyright (c) OASIS Open 2016. All Rights Reserved./ 2 * /Distributed under the terms of the OASIS IPR Policy, 3 * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY 4 * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A 5 * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others. 6 */ 7 8 /* Latest version of the specification: 9 * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html 10 */ 11 12 /* This header file contains pretty much everything about all the 13 * Cryptoki function prototypes. Because this information is 14 * used for more than just declaring function prototypes, the 15 * order of the functions appearing herein is important, and 16 * should not be altered. 17 */ 18 19 /* General-purpose */ 20 21 /* C_Initialize initializes the Cryptoki library. */ 22 CK_PKCS11_FUNCTION_INFO(C_Initialize) 23 #ifdef CK_NEED_ARG_LIST 24 ( 25 CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets 26 * cast to CK_C_INITIALIZE_ARGS_PTR 27 * and dereferenced 28 */ 29 ); 30 #endif 31 32 33 /* C_Finalize indicates that an application is done with the 34 * Cryptoki library. 35 */ 36 CK_PKCS11_FUNCTION_INFO(C_Finalize) 37 #ifdef CK_NEED_ARG_LIST 38 ( 39 CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ 40 ); 41 #endif 42 43 44 /* C_GetInfo returns general information about Cryptoki. */ 45 CK_PKCS11_FUNCTION_INFO(C_GetInfo) 46 #ifdef CK_NEED_ARG_LIST 47 ( 48 CK_INFO_PTR pInfo /* location that receives information */ 49 ); 50 #endif 51 52 53 /* C_GetFunctionList returns the function list. */ 54 CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) 55 #ifdef CK_NEED_ARG_LIST 56 ( 57 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to 58 * function list 59 */ 60 ); 61 #endif 62 63 64 65 /* Slot and token management */ 66 67 /* C_GetSlotList obtains a list of slots in the system. */ 68 CK_PKCS11_FUNCTION_INFO(C_GetSlotList) 69 #ifdef CK_NEED_ARG_LIST 70 ( 71 CK_BBOOL tokenPresent, /* only slots with tokens */ 72 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ 73 CK_ULONG_PTR pulCount /* receives number of slots */ 74 ); 75 #endif 76 77 78 /* C_GetSlotInfo obtains information about a particular slot in 79 * the system. 80 */ 81 CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) 82 #ifdef CK_NEED_ARG_LIST 83 ( 84 CK_SLOT_ID slotID, /* the ID of the slot */ 85 CK_SLOT_INFO_PTR pInfo /* receives the slot information */ 86 ); 87 #endif 88 89 90 /* C_GetTokenInfo obtains information about a particular token 91 * in the system. 92 */ 93 CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) 94 #ifdef CK_NEED_ARG_LIST 95 ( 96 CK_SLOT_ID slotID, /* ID of the token's slot */ 97 CK_TOKEN_INFO_PTR pInfo /* receives the token information */ 98 ); 99 #endif 100 101 102 /* C_GetMechanismList obtains a list of mechanism types 103 * supported by a token. 104 */ 105 CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) 106 #ifdef CK_NEED_ARG_LIST 107 ( 108 CK_SLOT_ID slotID, /* ID of token's slot */ 109 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ 110 CK_ULONG_PTR pulCount /* gets # of mechs. */ 111 ); 112 #endif 113 114 115 /* C_GetMechanismInfo obtains information about a particular 116 * mechanism possibly supported by a token. 117 */ 118 CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) 119 #ifdef CK_NEED_ARG_LIST 120 ( 121 CK_SLOT_ID slotID, /* ID of the token's slot */ 122 CK_MECHANISM_TYPE type, /* type of mechanism */ 123 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ 124 ); 125 #endif 126 127 128 /* C_InitToken initializes a token. */ 129 CK_PKCS11_FUNCTION_INFO(C_InitToken) 130 #ifdef CK_NEED_ARG_LIST 131 ( 132 CK_SLOT_ID slotID, /* ID of the token's slot */ 133 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ 134 CK_ULONG ulPinLen, /* length in bytes of the PIN */ 135 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ 136 ); 137 #endif 138 139 140 /* C_InitPIN initializes the normal user's PIN. */ 141 CK_PKCS11_FUNCTION_INFO(C_InitPIN) 142 #ifdef CK_NEED_ARG_LIST 143 ( 144 CK_SESSION_HANDLE hSession, /* the session's handle */ 145 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ 146 CK_ULONG ulPinLen /* length in bytes of the PIN */ 147 ); 148 #endif 149 150 151 /* C_SetPIN modifies the PIN of the user who is logged in. */ 152 CK_PKCS11_FUNCTION_INFO(C_SetPIN) 153 #ifdef CK_NEED_ARG_LIST 154 ( 155 CK_SESSION_HANDLE hSession, /* the session's handle */ 156 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ 157 CK_ULONG ulOldLen, /* length of the old PIN */ 158 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ 159 CK_ULONG ulNewLen /* length of the new PIN */ 160 ); 161 #endif 162 163 164 165 /* Session management */ 166 167 /* C_OpenSession opens a session between an application and a 168 * token. 169 */ 170 CK_PKCS11_FUNCTION_INFO(C_OpenSession) 171 #ifdef CK_NEED_ARG_LIST 172 ( 173 CK_SLOT_ID slotID, /* the slot's ID */ 174 CK_FLAGS flags, /* from CK_SESSION_INFO */ 175 CK_VOID_PTR pApplication, /* passed to callback */ 176 CK_NOTIFY Notify, /* callback function */ 177 CK_SESSION_HANDLE_PTR phSession /* gets session handle */ 178 ); 179 #endif 180 181 182 /* C_CloseSession closes a session between an application and a 183 * token. 184 */ 185 CK_PKCS11_FUNCTION_INFO(C_CloseSession) 186 #ifdef CK_NEED_ARG_LIST 187 ( 188 CK_SESSION_HANDLE hSession /* the session's handle */ 189 ); 190 #endif 191 192 193 /* C_CloseAllSessions closes all sessions with a token. */ 194 CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) 195 #ifdef CK_NEED_ARG_LIST 196 ( 197 CK_SLOT_ID slotID /* the token's slot */ 198 ); 199 #endif 200 201 202 /* C_GetSessionInfo obtains information about the session. */ 203 CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) 204 #ifdef CK_NEED_ARG_LIST 205 ( 206 CK_SESSION_HANDLE hSession, /* the session's handle */ 207 CK_SESSION_INFO_PTR pInfo /* receives session info */ 208 ); 209 #endif 210 211 212 /* C_GetOperationState obtains the state of the cryptographic operation 213 * in a session. 214 */ 215 CK_PKCS11_FUNCTION_INFO(C_GetOperationState) 216 #ifdef CK_NEED_ARG_LIST 217 ( 218 CK_SESSION_HANDLE hSession, /* session's handle */ 219 CK_BYTE_PTR pOperationState, /* gets state */ 220 CK_ULONG_PTR pulOperationStateLen /* gets state length */ 221 ); 222 #endif 223 224 225 /* C_SetOperationState restores the state of the cryptographic 226 * operation in a session. 227 */ 228 CK_PKCS11_FUNCTION_INFO(C_SetOperationState) 229 #ifdef CK_NEED_ARG_LIST 230 ( 231 CK_SESSION_HANDLE hSession, /* session's handle */ 232 CK_BYTE_PTR pOperationState, /* holds state */ 233 CK_ULONG ulOperationStateLen, /* holds state length */ 234 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ 235 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ 236 ); 237 #endif 238 239 240 /* C_Login logs a user into a token. */ 241 CK_PKCS11_FUNCTION_INFO(C_Login) 242 #ifdef CK_NEED_ARG_LIST 243 ( 244 CK_SESSION_HANDLE hSession, /* the session's handle */ 245 CK_USER_TYPE userType, /* the user type */ 246 CK_UTF8CHAR_PTR pPin, /* the user's PIN */ 247 CK_ULONG ulPinLen /* the length of the PIN */ 248 ); 249 #endif 250 251 252 /* C_Logout logs a user out from a token. */ 253 CK_PKCS11_FUNCTION_INFO(C_Logout) 254 #ifdef CK_NEED_ARG_LIST 255 ( 256 CK_SESSION_HANDLE hSession /* the session's handle */ 257 ); 258 #endif 259 260 261 262 /* Object management */ 263 264 /* C_CreateObject creates a new object. */ 265 CK_PKCS11_FUNCTION_INFO(C_CreateObject) 266 #ifdef CK_NEED_ARG_LIST 267 ( 268 CK_SESSION_HANDLE hSession, /* the session's handle */ 269 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ 270 CK_ULONG ulCount, /* attributes in template */ 271 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ 272 ); 273 #endif 274 275 276 /* C_CopyObject copies an object, creating a new object for the 277 * copy. 278 */ 279 CK_PKCS11_FUNCTION_INFO(C_CopyObject) 280 #ifdef CK_NEED_ARG_LIST 281 ( 282 CK_SESSION_HANDLE hSession, /* the session's handle */ 283 CK_OBJECT_HANDLE hObject, /* the object's handle */ 284 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ 285 CK_ULONG ulCount, /* attributes in template */ 286 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ 287 ); 288 #endif 289 290 291 /* C_DestroyObject destroys an object. */ 292 CK_PKCS11_FUNCTION_INFO(C_DestroyObject) 293 #ifdef CK_NEED_ARG_LIST 294 ( 295 CK_SESSION_HANDLE hSession, /* the session's handle */ 296 CK_OBJECT_HANDLE hObject /* the object's handle */ 297 ); 298 #endif 299 300 301 /* C_GetObjectSize gets the size of an object in bytes. */ 302 CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) 303 #ifdef CK_NEED_ARG_LIST 304 ( 305 CK_SESSION_HANDLE hSession, /* the session's handle */ 306 CK_OBJECT_HANDLE hObject, /* the object's handle */ 307 CK_ULONG_PTR pulSize /* receives size of object */ 308 ); 309 #endif 310 311 312 /* C_GetAttributeValue obtains the value of one or more object 313 * attributes. 314 */ 315 CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) 316 #ifdef CK_NEED_ARG_LIST 317 ( 318 CK_SESSION_HANDLE hSession, /* the session's handle */ 319 CK_OBJECT_HANDLE hObject, /* the object's handle */ 320 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ 321 CK_ULONG ulCount /* attributes in template */ 322 ); 323 #endif 324 325 326 /* C_SetAttributeValue modifies the value of one or more object 327 * attributes. 328 */ 329 CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) 330 #ifdef CK_NEED_ARG_LIST 331 ( 332 CK_SESSION_HANDLE hSession, /* the session's handle */ 333 CK_OBJECT_HANDLE hObject, /* the object's handle */ 334 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ 335 CK_ULONG ulCount /* attributes in template */ 336 ); 337 #endif 338 339 340 /* C_FindObjectsInit initializes a search for token and session 341 * objects that match a template. 342 */ 343 CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) 344 #ifdef CK_NEED_ARG_LIST 345 ( 346 CK_SESSION_HANDLE hSession, /* the session's handle */ 347 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ 348 CK_ULONG ulCount /* attrs in search template */ 349 ); 350 #endif 351 352 353 /* C_FindObjects continues a search for token and session 354 * objects that match a template, obtaining additional object 355 * handles. 356 */ 357 CK_PKCS11_FUNCTION_INFO(C_FindObjects) 358 #ifdef CK_NEED_ARG_LIST 359 ( 360 CK_SESSION_HANDLE hSession, /* session's handle */ 361 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ 362 CK_ULONG ulMaxObjectCount, /* max handles to get */ 363 CK_ULONG_PTR pulObjectCount /* actual # returned */ 364 ); 365 #endif 366 367 368 /* C_FindObjectsFinal finishes a search for token and session 369 * objects. 370 */ 371 CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) 372 #ifdef CK_NEED_ARG_LIST 373 ( 374 CK_SESSION_HANDLE hSession /* the session's handle */ 375 ); 376 #endif 377 378 379 380 /* Encryption and decryption */ 381 382 /* C_EncryptInit initializes an encryption operation. */ 383 CK_PKCS11_FUNCTION_INFO(C_EncryptInit) 384 #ifdef CK_NEED_ARG_LIST 385 ( 386 CK_SESSION_HANDLE hSession, /* the session's handle */ 387 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ 388 CK_OBJECT_HANDLE hKey /* handle of encryption key */ 389 ); 390 #endif 391 392 393 /* C_Encrypt encrypts single-part data. */ 394 CK_PKCS11_FUNCTION_INFO(C_Encrypt) 395 #ifdef CK_NEED_ARG_LIST 396 ( 397 CK_SESSION_HANDLE hSession, /* session's handle */ 398 CK_BYTE_PTR pData, /* the plaintext data */ 399 CK_ULONG ulDataLen, /* bytes of plaintext */ 400 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ 401 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ 402 ); 403 #endif 404 405 406 /* C_EncryptUpdate continues a multiple-part encryption 407 * operation. 408 */ 409 CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) 410 #ifdef CK_NEED_ARG_LIST 411 ( 412 CK_SESSION_HANDLE hSession, /* session's handle */ 413 CK_BYTE_PTR pPart, /* the plaintext data */ 414 CK_ULONG ulPartLen, /* plaintext data len */ 415 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 416 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ 417 ); 418 #endif 419 420 421 /* C_EncryptFinal finishes a multiple-part encryption 422 * operation. 423 */ 424 CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) 425 #ifdef CK_NEED_ARG_LIST 426 ( 427 CK_SESSION_HANDLE hSession, /* session handle */ 428 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ 429 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ 430 ); 431 #endif 432 433 434 /* C_DecryptInit initializes a decryption operation. */ 435 CK_PKCS11_FUNCTION_INFO(C_DecryptInit) 436 #ifdef CK_NEED_ARG_LIST 437 ( 438 CK_SESSION_HANDLE hSession, /* the session's handle */ 439 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ 440 CK_OBJECT_HANDLE hKey /* handle of decryption key */ 441 ); 442 #endif 443 444 445 /* C_Decrypt decrypts encrypted data in a single part. */ 446 CK_PKCS11_FUNCTION_INFO(C_Decrypt) 447 #ifdef CK_NEED_ARG_LIST 448 ( 449 CK_SESSION_HANDLE hSession, /* session's handle */ 450 CK_BYTE_PTR pEncryptedData, /* ciphertext */ 451 CK_ULONG ulEncryptedDataLen, /* ciphertext length */ 452 CK_BYTE_PTR pData, /* gets plaintext */ 453 CK_ULONG_PTR pulDataLen /* gets p-text size */ 454 ); 455 #endif 456 457 458 /* C_DecryptUpdate continues a multiple-part decryption 459 * operation. 460 */ 461 CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) 462 #ifdef CK_NEED_ARG_LIST 463 ( 464 CK_SESSION_HANDLE hSession, /* session's handle */ 465 CK_BYTE_PTR pEncryptedPart, /* encrypted data */ 466 CK_ULONG ulEncryptedPartLen, /* input length */ 467 CK_BYTE_PTR pPart, /* gets plaintext */ 468 CK_ULONG_PTR pulPartLen /* p-text size */ 469 ); 470 #endif 471 472 473 /* C_DecryptFinal finishes a multiple-part decryption 474 * operation. 475 */ 476 CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) 477 #ifdef CK_NEED_ARG_LIST 478 ( 479 CK_SESSION_HANDLE hSession, /* the session's handle */ 480 CK_BYTE_PTR pLastPart, /* gets plaintext */ 481 CK_ULONG_PTR pulLastPartLen /* p-text size */ 482 ); 483 #endif 484 485 486 487 /* Message digesting */ 488 489 /* C_DigestInit initializes a message-digesting operation. */ 490 CK_PKCS11_FUNCTION_INFO(C_DigestInit) 491 #ifdef CK_NEED_ARG_LIST 492 ( 493 CK_SESSION_HANDLE hSession, /* the session's handle */ 494 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ 495 ); 496 #endif 497 498 499 /* C_Digest digests data in a single part. */ 500 CK_PKCS11_FUNCTION_INFO(C_Digest) 501 #ifdef CK_NEED_ARG_LIST 502 ( 503 CK_SESSION_HANDLE hSession, /* the session's handle */ 504 CK_BYTE_PTR pData, /* data to be digested */ 505 CK_ULONG ulDataLen, /* bytes of data to digest */ 506 CK_BYTE_PTR pDigest, /* gets the message digest */ 507 CK_ULONG_PTR pulDigestLen /* gets digest length */ 508 ); 509 #endif 510 511 512 /* C_DigestUpdate continues a multiple-part message-digesting 513 * operation. 514 */ 515 CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) 516 #ifdef CK_NEED_ARG_LIST 517 ( 518 CK_SESSION_HANDLE hSession, /* the session's handle */ 519 CK_BYTE_PTR pPart, /* data to be digested */ 520 CK_ULONG ulPartLen /* bytes of data to be digested */ 521 ); 522 #endif 523 524 525 /* C_DigestKey continues a multi-part message-digesting 526 * operation, by digesting the value of a secret key as part of 527 * the data already digested. 528 */ 529 CK_PKCS11_FUNCTION_INFO(C_DigestKey) 530 #ifdef CK_NEED_ARG_LIST 531 ( 532 CK_SESSION_HANDLE hSession, /* the session's handle */ 533 CK_OBJECT_HANDLE hKey /* secret key to digest */ 534 ); 535 #endif 536 537 538 /* C_DigestFinal finishes a multiple-part message-digesting 539 * operation. 540 */ 541 CK_PKCS11_FUNCTION_INFO(C_DigestFinal) 542 #ifdef CK_NEED_ARG_LIST 543 ( 544 CK_SESSION_HANDLE hSession, /* the session's handle */ 545 CK_BYTE_PTR pDigest, /* gets the message digest */ 546 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ 547 ); 548 #endif 549 550 551 552 /* Signing and MACing */ 553 554 /* C_SignInit initializes a signature (private key encryption) 555 * operation, where the signature is (will be) an appendix to 556 * the data, and plaintext cannot be recovered from the 557 * signature. 558 */ 559 CK_PKCS11_FUNCTION_INFO(C_SignInit) 560 #ifdef CK_NEED_ARG_LIST 561 ( 562 CK_SESSION_HANDLE hSession, /* the session's handle */ 563 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 564 CK_OBJECT_HANDLE hKey /* handle of signature key */ 565 ); 566 #endif 567 568 569 /* C_Sign signs (encrypts with private key) data in a single 570 * part, where the signature is (will be) an appendix to the 571 * data, and plaintext cannot be recovered from the signature. 572 */ 573 CK_PKCS11_FUNCTION_INFO(C_Sign) 574 #ifdef CK_NEED_ARG_LIST 575 ( 576 CK_SESSION_HANDLE hSession, /* the session's handle */ 577 CK_BYTE_PTR pData, /* the data to sign */ 578 CK_ULONG ulDataLen, /* count of bytes to sign */ 579 CK_BYTE_PTR pSignature, /* gets the signature */ 580 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 581 ); 582 #endif 583 584 585 /* C_SignUpdate continues a multiple-part signature operation, 586 * where the signature is (will be) an appendix to the data, 587 * and plaintext cannot be recovered from the signature. 588 */ 589 CK_PKCS11_FUNCTION_INFO(C_SignUpdate) 590 #ifdef CK_NEED_ARG_LIST 591 ( 592 CK_SESSION_HANDLE hSession, /* the session's handle */ 593 CK_BYTE_PTR pPart, /* the data to sign */ 594 CK_ULONG ulPartLen /* count of bytes to sign */ 595 ); 596 #endif 597 598 599 /* C_SignFinal finishes a multiple-part signature operation, 600 * returning the signature. 601 */ 602 CK_PKCS11_FUNCTION_INFO(C_SignFinal) 603 #ifdef CK_NEED_ARG_LIST 604 ( 605 CK_SESSION_HANDLE hSession, /* the session's handle */ 606 CK_BYTE_PTR pSignature, /* gets the signature */ 607 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 608 ); 609 #endif 610 611 612 /* C_SignRecoverInit initializes a signature operation, where 613 * the data can be recovered from the signature. 614 */ 615 CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) 616 #ifdef CK_NEED_ARG_LIST 617 ( 618 CK_SESSION_HANDLE hSession, /* the session's handle */ 619 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ 620 CK_OBJECT_HANDLE hKey /* handle of the signature key */ 621 ); 622 #endif 623 624 625 /* C_SignRecover signs data in a single operation, where the 626 * data can be recovered from the signature. 627 */ 628 CK_PKCS11_FUNCTION_INFO(C_SignRecover) 629 #ifdef CK_NEED_ARG_LIST 630 ( 631 CK_SESSION_HANDLE hSession, /* the session's handle */ 632 CK_BYTE_PTR pData, /* the data to sign */ 633 CK_ULONG ulDataLen, /* count of bytes to sign */ 634 CK_BYTE_PTR pSignature, /* gets the signature */ 635 CK_ULONG_PTR pulSignatureLen /* gets signature length */ 636 ); 637 #endif 638 639 640 641 /* Verifying signatures and MACs */ 642 643 /* C_VerifyInit initializes a verification operation, where the 644 * signature is an appendix to the data, and plaintext cannot 645 * cannot be recovered from the signature (e.g. DSA). 646 */ 647 CK_PKCS11_FUNCTION_INFO(C_VerifyInit) 648 #ifdef CK_NEED_ARG_LIST 649 ( 650 CK_SESSION_HANDLE hSession, /* the session's handle */ 651 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 652 CK_OBJECT_HANDLE hKey /* verification key */ 653 ); 654 #endif 655 656 657 /* C_Verify verifies a signature in a single-part operation, 658 * where the signature is an appendix to the data, and plaintext 659 * cannot be recovered from the signature. 660 */ 661 CK_PKCS11_FUNCTION_INFO(C_Verify) 662 #ifdef CK_NEED_ARG_LIST 663 ( 664 CK_SESSION_HANDLE hSession, /* the session's handle */ 665 CK_BYTE_PTR pData, /* signed data */ 666 CK_ULONG ulDataLen, /* length of signed data */ 667 CK_BYTE_PTR pSignature, /* signature */ 668 CK_ULONG ulSignatureLen /* signature length*/ 669 ); 670 #endif 671 672 673 /* C_VerifyUpdate continues a multiple-part verification 674 * operation, where the signature is an appendix to the data, 675 * and plaintext cannot be recovered from the signature. 676 */ 677 CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) 678 #ifdef CK_NEED_ARG_LIST 679 ( 680 CK_SESSION_HANDLE hSession, /* the session's handle */ 681 CK_BYTE_PTR pPart, /* signed data */ 682 CK_ULONG ulPartLen /* length of signed data */ 683 ); 684 #endif 685 686 687 /* C_VerifyFinal finishes a multiple-part verification 688 * operation, checking the signature. 689 */ 690 CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) 691 #ifdef CK_NEED_ARG_LIST 692 ( 693 CK_SESSION_HANDLE hSession, /* the session's handle */ 694 CK_BYTE_PTR pSignature, /* signature to verify */ 695 CK_ULONG ulSignatureLen /* signature length */ 696 ); 697 #endif 698 699 700 /* C_VerifyRecoverInit initializes a signature verification 701 * operation, where the data is recovered from the signature. 702 */ 703 CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) 704 #ifdef CK_NEED_ARG_LIST 705 ( 706 CK_SESSION_HANDLE hSession, /* the session's handle */ 707 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ 708 CK_OBJECT_HANDLE hKey /* verification key */ 709 ); 710 #endif 711 712 713 /* C_VerifyRecover verifies a signature in a single-part 714 * operation, where the data is recovered from the signature. 715 */ 716 CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) 717 #ifdef CK_NEED_ARG_LIST 718 ( 719 CK_SESSION_HANDLE hSession, /* the session's handle */ 720 CK_BYTE_PTR pSignature, /* signature to verify */ 721 CK_ULONG ulSignatureLen, /* signature length */ 722 CK_BYTE_PTR pData, /* gets signed data */ 723 CK_ULONG_PTR pulDataLen /* gets signed data len */ 724 ); 725 #endif 726 727 728 729 /* Dual-function cryptographic operations */ 730 731 /* C_DigestEncryptUpdate continues a multiple-part digesting 732 * and encryption operation. 733 */ 734 CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) 735 #ifdef CK_NEED_ARG_LIST 736 ( 737 CK_SESSION_HANDLE hSession, /* session's handle */ 738 CK_BYTE_PTR pPart, /* the plaintext data */ 739 CK_ULONG ulPartLen, /* plaintext length */ 740 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 741 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 742 ); 743 #endif 744 745 746 /* C_DecryptDigestUpdate continues a multiple-part decryption and 747 * digesting operation. 748 */ 749 CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) 750 #ifdef CK_NEED_ARG_LIST 751 ( 752 CK_SESSION_HANDLE hSession, /* session's handle */ 753 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 754 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 755 CK_BYTE_PTR pPart, /* gets plaintext */ 756 CK_ULONG_PTR pulPartLen /* gets plaintext len */ 757 ); 758 #endif 759 760 761 /* C_SignEncryptUpdate continues a multiple-part signing and 762 * encryption operation. 763 */ 764 CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) 765 #ifdef CK_NEED_ARG_LIST 766 ( 767 CK_SESSION_HANDLE hSession, /* session's handle */ 768 CK_BYTE_PTR pPart, /* the plaintext data */ 769 CK_ULONG ulPartLen, /* plaintext length */ 770 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ 771 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ 772 ); 773 #endif 774 775 776 /* C_DecryptVerifyUpdate continues a multiple-part decryption and 777 * verify operation. 778 */ 779 CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) 780 #ifdef CK_NEED_ARG_LIST 781 ( 782 CK_SESSION_HANDLE hSession, /* session's handle */ 783 CK_BYTE_PTR pEncryptedPart, /* ciphertext */ 784 CK_ULONG ulEncryptedPartLen, /* ciphertext length */ 785 CK_BYTE_PTR pPart, /* gets plaintext */ 786 CK_ULONG_PTR pulPartLen /* gets p-text length */ 787 ); 788 #endif 789 790 791 792 /* Key management */ 793 794 /* C_GenerateKey generates a secret key, creating a new key 795 * object. 796 */ 797 CK_PKCS11_FUNCTION_INFO(C_GenerateKey) 798 #ifdef CK_NEED_ARG_LIST 799 ( 800 CK_SESSION_HANDLE hSession, /* the session's handle */ 801 CK_MECHANISM_PTR pMechanism, /* key generation mech. */ 802 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ 803 CK_ULONG ulCount, /* # of attrs in template */ 804 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ 805 ); 806 #endif 807 808 809 /* C_GenerateKeyPair generates a public-key/private-key pair, 810 * creating new key objects. 811 */ 812 CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) 813 #ifdef CK_NEED_ARG_LIST 814 ( 815 CK_SESSION_HANDLE hSession, /* session handle */ 816 CK_MECHANISM_PTR pMechanism, /* key-gen mech. */ 817 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */ 818 CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */ 819 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */ 820 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */ 821 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */ 822 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */ 823 ); 824 #endif 825 826 827 /* C_WrapKey wraps (i.e., encrypts) a key. */ 828 CK_PKCS11_FUNCTION_INFO(C_WrapKey) 829 #ifdef CK_NEED_ARG_LIST 830 ( 831 CK_SESSION_HANDLE hSession, /* the session's handle */ 832 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ 833 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ 834 CK_OBJECT_HANDLE hKey, /* key to be wrapped */ 835 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ 836 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ 837 ); 838 #endif 839 840 841 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 842 * key object. 843 */ 844 CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) 845 #ifdef CK_NEED_ARG_LIST 846 ( 847 CK_SESSION_HANDLE hSession, /* session's handle */ 848 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ 849 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ 850 CK_BYTE_PTR pWrappedKey, /* the wrapped key */ 851 CK_ULONG ulWrappedKeyLen, /* wrapped key len */ 852 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 853 CK_ULONG ulAttributeCount, /* template length */ 854 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 855 ); 856 #endif 857 858 859 /* C_DeriveKey derives a key from a base key, creating a new key 860 * object. 861 */ 862 CK_PKCS11_FUNCTION_INFO(C_DeriveKey) 863 #ifdef CK_NEED_ARG_LIST 864 ( 865 CK_SESSION_HANDLE hSession, /* session's handle */ 866 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ 867 CK_OBJECT_HANDLE hBaseKey, /* base key */ 868 CK_ATTRIBUTE_PTR pTemplate, /* new key template */ 869 CK_ULONG ulAttributeCount, /* template length */ 870 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ 871 ); 872 #endif 873 874 875 876 /* Random number generation */ 877 878 /* C_SeedRandom mixes additional seed material into the token's 879 * random number generator. 880 */ 881 CK_PKCS11_FUNCTION_INFO(C_SeedRandom) 882 #ifdef CK_NEED_ARG_LIST 883 ( 884 CK_SESSION_HANDLE hSession, /* the session's handle */ 885 CK_BYTE_PTR pSeed, /* the seed material */ 886 CK_ULONG ulSeedLen /* length of seed material */ 887 ); 888 #endif 889 890 891 /* C_GenerateRandom generates random data. */ 892 CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) 893 #ifdef CK_NEED_ARG_LIST 894 ( 895 CK_SESSION_HANDLE hSession, /* the session's handle */ 896 CK_BYTE_PTR RandomData, /* receives the random data */ 897 CK_ULONG ulRandomLen /* # of bytes to generate */ 898 ); 899 #endif 900 901 902 903 /* Parallel function management */ 904 905 /* C_GetFunctionStatus is a legacy function; it obtains an 906 * updated status of a function running in parallel with an 907 * application. 908 */ 909 CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) 910 #ifdef CK_NEED_ARG_LIST 911 ( 912 CK_SESSION_HANDLE hSession /* the session's handle */ 913 ); 914 #endif 915 916 917 /* C_CancelFunction is a legacy function; it cancels a function 918 * running in parallel. 919 */ 920 CK_PKCS11_FUNCTION_INFO(C_CancelFunction) 921 #ifdef CK_NEED_ARG_LIST 922 ( 923 CK_SESSION_HANDLE hSession /* the session's handle */ 924 ); 925 #endif 926 927 928 /* C_WaitForSlotEvent waits for a slot event (token insertion, 929 * removal, etc.) to occur. 930 */ 931 CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) 932 #ifdef CK_NEED_ARG_LIST 933 ( 934 CK_FLAGS flags, /* blocking/nonblocking flag */ 935 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ 936 CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ 937 ); 938 #endif 939