xref: /illumos-gate/usr/src/lib/pkcs11/include/pkcs11f.h (revision 89b2a9fbeabf42fa54594df0e5927bcc50a07cc9)
1 /* pkcs11f.h include file for PKCS #11. */
2 /* $Revision: 1.4 $ */
3 
4 /* License to copy and use this software is granted provided that it is
5  * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
6  * (Cryptoki)" in all material mentioning or referencing this software.
7 
8  * License is also granted to make and use derivative works provided that
9  * such works are identified as "derived from the RSA Security Inc. PKCS #11
10  * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
11  * referencing the derived work.
12 
13  * RSA Security Inc. makes no representations concerning either the
14  * merchantability of this software or the suitability of this software for
15  * any particular purpose. It is provided "as is" without express or implied
16  * warranty of any kind.
17  */
18 
19 /* This header file contains pretty much everything about all the */
20 /* Cryptoki function prototypes.  Because this information is */
21 /* used for more than just declaring function prototypes, the */
22 /* order of the functions appearing herein is important, and */
23 /* should not be altered. */
24 
25 /* General-purpose */
26 
27 /* C_Initialize initializes the Cryptoki library. */
28 CK_PKCS11_FUNCTION_INFO(C_Initialize)
29 #ifdef CK_NEED_ARG_LIST
30 (
31   CK_VOID_PTR   pInitArgs  /* if this is not NULL_PTR, it gets
32                             * cast to CK_C_INITIALIZE_ARGS_PTR
33                             * and dereferenced */
34 );
35 #endif
36 
37 
38 /* C_Finalize indicates that an application is done with the
39  * Cryptoki library. */
40 CK_PKCS11_FUNCTION_INFO(C_Finalize)
41 #ifdef CK_NEED_ARG_LIST
42 (
43   CK_VOID_PTR   pReserved  /* reserved.  Should be NULL_PTR */
44 );
45 #endif
46 
47 
48 /* C_GetInfo returns general information about Cryptoki. */
49 CK_PKCS11_FUNCTION_INFO(C_GetInfo)
50 #ifdef CK_NEED_ARG_LIST
51 (
52   CK_INFO_PTR   pInfo  /* location that receives information */
53 );
54 #endif
55 
56 
57 /* C_GetFunctionList returns the function list. */
58 CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
59 #ifdef CK_NEED_ARG_LIST
60 (
61   CK_FUNCTION_LIST_PTR_PTR ppFunctionList  /* receives pointer to
62                                             * function list */
63 );
64 #endif
65 
66 
67 
68 /* Slot and token management */
69 
70 /* C_GetSlotList obtains a list of slots in the system. */
71 CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
72 #ifdef CK_NEED_ARG_LIST
73 (
74   CK_BBOOL       tokenPresent,  /* only slots with tokens? */
75   CK_SLOT_ID_PTR pSlotList,     /* receives array of slot IDs */
76   CK_ULONG_PTR   pulCount       /* receives number of slots */
77 );
78 #endif
79 
80 
81 /* C_GetSlotInfo obtains information about a particular slot in
82  * the system. */
83 CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
84 #ifdef CK_NEED_ARG_LIST
85 (
86   CK_SLOT_ID       slotID,  /* the ID of the slot */
87   CK_SLOT_INFO_PTR pInfo    /* receives the slot information */
88 );
89 #endif
90 
91 
92 /* C_GetTokenInfo obtains information about a particular token
93  * in the system. */
94 CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
95 #ifdef CK_NEED_ARG_LIST
96 (
97   CK_SLOT_ID        slotID,  /* ID of the token's slot */
98   CK_TOKEN_INFO_PTR pInfo    /* receives the token information */
99 );
100 #endif
101 
102 
103 /* C_GetMechanismList obtains a list of mechanism types
104  * supported by a token. */
105 CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
106 #ifdef CK_NEED_ARG_LIST
107 (
108   CK_SLOT_ID            slotID,          /* ID of token's slot */
109   CK_MECHANISM_TYPE_PTR pMechanismList,  /* gets mech. array */
110   CK_ULONG_PTR          pulCount         /* gets # of mechs. */
111 );
112 #endif
113 
114 
115 /* C_GetMechanismInfo obtains information about a particular
116  * mechanism possibly supported by a token. */
117 CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
118 #ifdef CK_NEED_ARG_LIST
119 (
120   CK_SLOT_ID            slotID,  /* ID of the token's slot */
121   CK_MECHANISM_TYPE     type,    /* type of mechanism */
122   CK_MECHANISM_INFO_PTR pInfo    /* receives mechanism info */
123 );
124 #endif
125 
126 
127 /* C_InitToken initializes a token. */
128 CK_PKCS11_FUNCTION_INFO(C_InitToken)
129 #ifdef CK_NEED_ARG_LIST
130 /* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
131 (
132   CK_SLOT_ID      slotID,    /* ID of the token's slot */
133   CK_UTF8CHAR_PTR pPin,      /* the SO's initial PIN */
134   CK_ULONG        ulPinLen,  /* length in bytes of the PIN */
135   CK_UTF8CHAR_PTR pLabel     /* 32-byte token label (blank padded) */
136 );
137 #endif
138 
139 
140 /* C_InitPIN initializes the normal user's PIN. */
141 CK_PKCS11_FUNCTION_INFO(C_InitPIN)
142 #ifdef CK_NEED_ARG_LIST
143 (
144   CK_SESSION_HANDLE hSession,  /* the session's handle */
145   CK_UTF8CHAR_PTR   pPin,      /* the normal user's PIN */
146   CK_ULONG          ulPinLen   /* length in bytes of the PIN */
147 );
148 #endif
149 
150 
151 /* C_SetPIN modifies the PIN of the user who is logged in. */
152 CK_PKCS11_FUNCTION_INFO(C_SetPIN)
153 #ifdef CK_NEED_ARG_LIST
154 (
155   CK_SESSION_HANDLE hSession,  /* the session's handle */
156   CK_UTF8CHAR_PTR   pOldPin,   /* the old PIN */
157   CK_ULONG          ulOldLen,  /* length of the old PIN */
158   CK_UTF8CHAR_PTR   pNewPin,   /* the new PIN */
159   CK_ULONG          ulNewLen   /* length of the new PIN */
160 );
161 #endif
162 
163 
164 
165 /* Session management */
166 
167 /* C_OpenSession opens a session between an application and a
168  * token. */
169 CK_PKCS11_FUNCTION_INFO(C_OpenSession)
170 #ifdef CK_NEED_ARG_LIST
171 (
172   CK_SLOT_ID            slotID,        /* the slot's ID */
173   CK_FLAGS              flags,         /* from CK_SESSION_INFO */
174   CK_VOID_PTR           pApplication,  /* passed to callback */
175   CK_NOTIFY             Notify,        /* callback function */
176   CK_SESSION_HANDLE_PTR phSession      /* gets session handle */
177 );
178 #endif
179 
180 
181 /* C_CloseSession closes a session between an application and a
182  * token. */
183 CK_PKCS11_FUNCTION_INFO(C_CloseSession)
184 #ifdef CK_NEED_ARG_LIST
185 (
186   CK_SESSION_HANDLE hSession  /* the session's handle */
187 );
188 #endif
189 
190 
191 /* C_CloseAllSessions closes all sessions with a token. */
192 CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
193 #ifdef CK_NEED_ARG_LIST
194 (
195   CK_SLOT_ID     slotID  /* the token's slot */
196 );
197 #endif
198 
199 
200 /* C_GetSessionInfo obtains information about the session. */
201 CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
202 #ifdef CK_NEED_ARG_LIST
203 (
204   CK_SESSION_HANDLE   hSession,  /* the session's handle */
205   CK_SESSION_INFO_PTR pInfo      /* receives session info */
206 );
207 #endif
208 
209 
210 /* C_GetOperationState obtains the state of the cryptographic operation
211  * in a session. */
212 CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
213 #ifdef CK_NEED_ARG_LIST
214 (
215   CK_SESSION_HANDLE hSession,             /* session's handle */
216   CK_BYTE_PTR       pOperationState,      /* gets state */
217   CK_ULONG_PTR      pulOperationStateLen  /* gets state length */
218 );
219 #endif
220 
221 
222 /* C_SetOperationState restores the state of the cryptographic
223  * operation in a session. */
224 CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
225 #ifdef CK_NEED_ARG_LIST
226 (
227   CK_SESSION_HANDLE hSession,            /* session's handle */
228   CK_BYTE_PTR      pOperationState,      /* holds state */
229   CK_ULONG         ulOperationStateLen,  /* holds state length */
230   CK_OBJECT_HANDLE hEncryptionKey,       /* en/decryption key */
231   CK_OBJECT_HANDLE hAuthenticationKey    /* sign/verify key */
232 );
233 #endif
234 
235 
236 /* C_Login logs a user into a token. */
237 CK_PKCS11_FUNCTION_INFO(C_Login)
238 #ifdef CK_NEED_ARG_LIST
239 (
240   CK_SESSION_HANDLE hSession,  /* the session's handle */
241   CK_USER_TYPE      userType,  /* the user type */
242   CK_UTF8CHAR_PTR   pPin,      /* the user's PIN */
243   CK_ULONG          ulPinLen   /* the length of the PIN */
244 );
245 #endif
246 
247 
248 /* C_Logout logs a user out from a token. */
249 CK_PKCS11_FUNCTION_INFO(C_Logout)
250 #ifdef CK_NEED_ARG_LIST
251 (
252   CK_SESSION_HANDLE hSession  /* the session's handle */
253 );
254 #endif
255 
256 
257 
258 /* Object management */
259 
260 /* C_CreateObject creates a new object. */
261 CK_PKCS11_FUNCTION_INFO(C_CreateObject)
262 #ifdef CK_NEED_ARG_LIST
263 (
264   CK_SESSION_HANDLE hSession,    /* the session's handle */
265   CK_ATTRIBUTE_PTR  pTemplate,   /* the object's template */
266   CK_ULONG          ulCount,     /* attributes in template */
267   CK_OBJECT_HANDLE_PTR phObject  /* gets new object's handle. */
268 );
269 #endif
270 
271 
272 /* C_CopyObject copies an object, creating a new object for the
273  * copy. */
274 CK_PKCS11_FUNCTION_INFO(C_CopyObject)
275 #ifdef CK_NEED_ARG_LIST
276 (
277   CK_SESSION_HANDLE    hSession,    /* the session's handle */
278   CK_OBJECT_HANDLE     hObject,     /* the object's handle */
279   CK_ATTRIBUTE_PTR     pTemplate,   /* template for new object */
280   CK_ULONG             ulCount,     /* attributes in template */
281   CK_OBJECT_HANDLE_PTR phNewObject  /* receives handle of copy */
282 );
283 #endif
284 
285 
286 /* C_DestroyObject destroys an object. */
287 CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
288 #ifdef CK_NEED_ARG_LIST
289 (
290   CK_SESSION_HANDLE hSession,  /* the session's handle */
291   CK_OBJECT_HANDLE  hObject    /* the object's handle */
292 );
293 #endif
294 
295 
296 /* C_GetObjectSize gets the size of an object in bytes. */
297 CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
298 #ifdef CK_NEED_ARG_LIST
299 (
300   CK_SESSION_HANDLE hSession,  /* the session's handle */
301   CK_OBJECT_HANDLE  hObject,   /* the object's handle */
302   CK_ULONG_PTR      pulSize    /* receives size of object */
303 );
304 #endif
305 
306 
307 /* C_GetAttributeValue obtains the value of one or more object
308  * attributes. */
309 CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
310 #ifdef CK_NEED_ARG_LIST
311 (
312   CK_SESSION_HANDLE hSession,   /* the session's handle */
313   CK_OBJECT_HANDLE  hObject,    /* the object's handle */
314   CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs; gets vals */
315   CK_ULONG          ulCount     /* attributes in template */
316 );
317 #endif
318 
319 
320 /* C_SetAttributeValue modifies the value of one or more object
321  * attributes */
322 CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
323 #ifdef CK_NEED_ARG_LIST
324 (
325   CK_SESSION_HANDLE hSession,   /* the session's handle */
326   CK_OBJECT_HANDLE  hObject,    /* the object's handle */
327   CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs and values */
328   CK_ULONG          ulCount     /* attributes in template */
329 );
330 #endif
331 
332 
333 /* C_FindObjectsInit initializes a search for token and session
334  * objects that match a template. */
335 CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
336 #ifdef CK_NEED_ARG_LIST
337 (
338   CK_SESSION_HANDLE hSession,   /* the session's handle */
339   CK_ATTRIBUTE_PTR  pTemplate,  /* attribute values to match */
340   CK_ULONG          ulCount     /* attrs in search template */
341 );
342 #endif
343 
344 
345 /* C_FindObjects continues a search for token and session
346  * objects that match a template, obtaining additional object
347  * handles. */
348 CK_PKCS11_FUNCTION_INFO(C_FindObjects)
349 #ifdef CK_NEED_ARG_LIST
350 (
351  CK_SESSION_HANDLE    hSession,          /* session's handle */
352  CK_OBJECT_HANDLE_PTR phObject,          /* gets obj. handles */
353  CK_ULONG             ulMaxObjectCount,  /* max handles to get */
354  CK_ULONG_PTR         pulObjectCount     /* actual # returned */
355 );
356 #endif
357 
358 
359 /* C_FindObjectsFinal finishes a search for token and session
360  * objects. */
361 CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
362 #ifdef CK_NEED_ARG_LIST
363 (
364   CK_SESSION_HANDLE hSession  /* the session's handle */
365 );
366 #endif
367 
368 
369 
370 /* Encryption and decryption */
371 
372 /* C_EncryptInit initializes an encryption operation. */
373 CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
374 #ifdef CK_NEED_ARG_LIST
375 (
376   CK_SESSION_HANDLE hSession,    /* the session's handle */
377   CK_MECHANISM_PTR  pMechanism,  /* the encryption mechanism */
378   CK_OBJECT_HANDLE  hKey         /* handle of encryption key */
379 );
380 #endif
381 
382 
383 /* C_Encrypt encrypts single-part data. */
384 CK_PKCS11_FUNCTION_INFO(C_Encrypt)
385 #ifdef CK_NEED_ARG_LIST
386 (
387   CK_SESSION_HANDLE hSession,            /* session's handle */
388   CK_BYTE_PTR       pData,               /* the plaintext data */
389   CK_ULONG          ulDataLen,           /* bytes of plaintext */
390   CK_BYTE_PTR       pEncryptedData,      /* gets ciphertext */
391   CK_ULONG_PTR      pulEncryptedDataLen  /* gets c-text size */
392 );
393 #endif
394 
395 
396 /* C_EncryptUpdate continues a multiple-part encryption
397  * operation. */
398 CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
399 #ifdef CK_NEED_ARG_LIST
400 (
401   CK_SESSION_HANDLE hSession,           /* session's handle */
402   CK_BYTE_PTR       pPart,              /* the plaintext data */
403   CK_ULONG          ulPartLen,          /* plaintext data len */
404   CK_BYTE_PTR       pEncryptedPart,     /* gets ciphertext */
405   CK_ULONG_PTR      pulEncryptedPartLen /* gets c-text size */
406 );
407 #endif
408 
409 
410 /* C_EncryptFinal finishes a multiple-part encryption
411  * operation. */
412 CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
413 #ifdef CK_NEED_ARG_LIST
414 (
415   CK_SESSION_HANDLE hSession,                /* session handle */
416   CK_BYTE_PTR       pLastEncryptedPart,      /* last c-text */
417   CK_ULONG_PTR      pulLastEncryptedPartLen  /* gets last size */
418 );
419 #endif
420 
421 
422 /* C_DecryptInit initializes a decryption operation. */
423 CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
424 #ifdef CK_NEED_ARG_LIST
425 (
426   CK_SESSION_HANDLE hSession,    /* the session's handle */
427   CK_MECHANISM_PTR  pMechanism,  /* the decryption mechanism */
428   CK_OBJECT_HANDLE  hKey         /* handle of decryption key */
429 );
430 #endif
431 
432 
433 /* C_Decrypt decrypts encrypted data in a single part. */
434 CK_PKCS11_FUNCTION_INFO(C_Decrypt)
435 #ifdef CK_NEED_ARG_LIST
436 (
437   CK_SESSION_HANDLE hSession,           /* session's handle */
438   CK_BYTE_PTR       pEncryptedData,     /* ciphertext */
439   CK_ULONG          ulEncryptedDataLen, /* ciphertext length */
440   CK_BYTE_PTR       pData,              /* gets plaintext */
441   CK_ULONG_PTR      pulDataLen          /* gets p-text size */
442 );
443 #endif
444 
445 
446 /* C_DecryptUpdate continues a multiple-part decryption
447  * operation. */
448 CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
449 #ifdef CK_NEED_ARG_LIST
450 (
451   CK_SESSION_HANDLE hSession,            /* session's handle */
452   CK_BYTE_PTR       pEncryptedPart,      /* encrypted data */
453   CK_ULONG          ulEncryptedPartLen,  /* input length */
454   CK_BYTE_PTR       pPart,               /* gets plaintext */
455   CK_ULONG_PTR      pulPartLen           /* p-text size */
456 );
457 #endif
458 
459 
460 /* C_DecryptFinal finishes a multiple-part decryption
461  * operation. */
462 CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
463 #ifdef CK_NEED_ARG_LIST
464 (
465   CK_SESSION_HANDLE hSession,       /* the session's handle */
466   CK_BYTE_PTR       pLastPart,      /* gets plaintext */
467   CK_ULONG_PTR      pulLastPartLen  /* p-text size */
468 );
469 #endif
470 
471 
472 
473 /* Message digesting */
474 
475 /* C_DigestInit initializes a message-digesting operation. */
476 CK_PKCS11_FUNCTION_INFO(C_DigestInit)
477 #ifdef CK_NEED_ARG_LIST
478 (
479   CK_SESSION_HANDLE hSession,   /* the session's handle */
480   CK_MECHANISM_PTR  pMechanism  /* the digesting mechanism */
481 );
482 #endif
483 
484 
485 /* C_Digest digests data in a single part. */
486 CK_PKCS11_FUNCTION_INFO(C_Digest)
487 #ifdef CK_NEED_ARG_LIST
488 (
489   CK_SESSION_HANDLE hSession,     /* the session's handle */
490   CK_BYTE_PTR       pData,        /* data to be digested */
491   CK_ULONG          ulDataLen,    /* bytes of data to digest */
492   CK_BYTE_PTR       pDigest,      /* gets the message digest */
493   CK_ULONG_PTR      pulDigestLen  /* gets digest length */
494 );
495 #endif
496 
497 
498 /* C_DigestUpdate continues a multiple-part message-digesting
499  * operation. */
500 CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
501 #ifdef CK_NEED_ARG_LIST
502 (
503   CK_SESSION_HANDLE hSession,  /* the session's handle */
504   CK_BYTE_PTR       pPart,     /* data to be digested */
505   CK_ULONG          ulPartLen  /* bytes of data to be digested */
506 );
507 #endif
508 
509 
510 /* C_DigestKey continues a multi-part message-digesting
511  * operation, by digesting the value of a secret key as part of
512  * the data already digested. */
513 CK_PKCS11_FUNCTION_INFO(C_DigestKey)
514 #ifdef CK_NEED_ARG_LIST
515 (
516   CK_SESSION_HANDLE hSession,  /* the session's handle */
517   CK_OBJECT_HANDLE  hKey       /* secret key to digest */
518 );
519 #endif
520 
521 
522 /* C_DigestFinal finishes a multiple-part message-digesting
523  * operation. */
524 CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
525 #ifdef CK_NEED_ARG_LIST
526 (
527   CK_SESSION_HANDLE hSession,     /* the session's handle */
528   CK_BYTE_PTR       pDigest,      /* gets the message digest */
529   CK_ULONG_PTR      pulDigestLen  /* gets byte count of digest */
530 );
531 #endif
532 
533 
534 
535 /* Signing and MACing */
536 
537 /* C_SignInit initializes a signature (private key encryption)
538  * operation, where the signature is (will be) an appendix to
539  * the data, and plaintext cannot be recovered from the
540  *signature. */
541 CK_PKCS11_FUNCTION_INFO(C_SignInit)
542 #ifdef CK_NEED_ARG_LIST
543 (
544   CK_SESSION_HANDLE hSession,    /* the session's handle */
545   CK_MECHANISM_PTR  pMechanism,  /* the signature mechanism */
546   CK_OBJECT_HANDLE  hKey         /* handle of signature key */
547 );
548 #endif
549 
550 
551 /* C_Sign signs (encrypts with private key) data in a single
552  * part, where the signature is (will be) an appendix to the
553  * data, and plaintext cannot be recovered from the signature. */
554 CK_PKCS11_FUNCTION_INFO(C_Sign)
555 #ifdef CK_NEED_ARG_LIST
556 (
557   CK_SESSION_HANDLE hSession,        /* the session's handle */
558   CK_BYTE_PTR       pData,           /* the data to sign */
559   CK_ULONG          ulDataLen,       /* count of bytes to sign */
560   CK_BYTE_PTR       pSignature,      /* gets the signature */
561   CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
562 );
563 #endif
564 
565 
566 /* C_SignUpdate continues a multiple-part signature operation,
567  * where the signature is (will be) an appendix to the data,
568  * and plaintext cannot be recovered from the signature. */
569 CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
570 #ifdef CK_NEED_ARG_LIST
571 (
572   CK_SESSION_HANDLE hSession,  /* the session's handle */
573   CK_BYTE_PTR       pPart,     /* the data to sign */
574   CK_ULONG          ulPartLen  /* count of bytes to sign */
575 );
576 #endif
577 
578 
579 /* C_SignFinal finishes a multiple-part signature operation,
580  * returning the signature. */
581 CK_PKCS11_FUNCTION_INFO(C_SignFinal)
582 #ifdef CK_NEED_ARG_LIST
583 (
584   CK_SESSION_HANDLE hSession,        /* the session's handle */
585   CK_BYTE_PTR       pSignature,      /* gets the signature */
586   CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
587 );
588 #endif
589 
590 
591 /* C_SignRecoverInit initializes a signature operation, where
592  * the data can be recovered from the signature. */
593 CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
594 #ifdef CK_NEED_ARG_LIST
595 (
596   CK_SESSION_HANDLE hSession,   /* the session's handle */
597   CK_MECHANISM_PTR  pMechanism, /* the signature mechanism */
598   CK_OBJECT_HANDLE  hKey        /* handle of the signature key */
599 );
600 #endif
601 
602 
603 /* C_SignRecover signs data in a single operation, where the
604  * data can be recovered from the signature. */
605 CK_PKCS11_FUNCTION_INFO(C_SignRecover)
606 #ifdef CK_NEED_ARG_LIST
607 (
608   CK_SESSION_HANDLE hSession,        /* the session's handle */
609   CK_BYTE_PTR       pData,           /* the data to sign */
610   CK_ULONG          ulDataLen,       /* count of bytes to sign */
611   CK_BYTE_PTR       pSignature,      /* gets the signature */
612   CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
613 );
614 #endif
615 
616 
617 
618 /* Verifying signatures and MACs */
619 
620 /* C_VerifyInit initializes a verification operation, where the
621  * signature is an appendix to the data, and plaintext cannot
622  *  cannot be recovered from the signature (e.g. DSA). */
623 CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
624 #ifdef CK_NEED_ARG_LIST
625 (
626   CK_SESSION_HANDLE hSession,    /* the session's handle */
627   CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
628   CK_OBJECT_HANDLE  hKey         /* verification key */
629 );
630 #endif
631 
632 
633 /* C_Verify verifies a signature in a single-part operation,
634  * where the signature is an appendix to the data, and plaintext
635  * cannot be recovered from the signature. */
636 CK_PKCS11_FUNCTION_INFO(C_Verify)
637 #ifdef CK_NEED_ARG_LIST
638 (
639   CK_SESSION_HANDLE hSession,       /* the session's handle */
640   CK_BYTE_PTR       pData,          /* signed data */
641   CK_ULONG          ulDataLen,      /* length of signed data */
642   CK_BYTE_PTR       pSignature,     /* signature */
643   CK_ULONG          ulSignatureLen  /* signature length*/
644 );
645 #endif
646 
647 
648 /* C_VerifyUpdate continues a multiple-part verification
649  * operation, where the signature is an appendix to the data,
650  * and plaintext cannot be recovered from the signature. */
651 CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
652 #ifdef CK_NEED_ARG_LIST
653 (
654   CK_SESSION_HANDLE hSession,  /* the session's handle */
655   CK_BYTE_PTR       pPart,     /* signed data */
656   CK_ULONG          ulPartLen  /* length of signed data */
657 );
658 #endif
659 
660 
661 /* C_VerifyFinal finishes a multiple-part verification
662  * operation, checking the signature. */
663 CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
664 #ifdef CK_NEED_ARG_LIST
665 (
666   CK_SESSION_HANDLE hSession,       /* the session's handle */
667   CK_BYTE_PTR       pSignature,     /* signature to verify */
668   CK_ULONG          ulSignatureLen  /* signature length */
669 );
670 #endif
671 
672 
673 /* C_VerifyRecoverInit initializes a signature verification
674  * operation, where the data is recovered from the signature. */
675 CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
676 #ifdef CK_NEED_ARG_LIST
677 (
678   CK_SESSION_HANDLE hSession,    /* the session's handle */
679   CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
680   CK_OBJECT_HANDLE  hKey         /* verification key */
681 );
682 #endif
683 
684 
685 /* C_VerifyRecover verifies a signature in a single-part
686  * operation, where the data is recovered from the signature. */
687 CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
688 #ifdef CK_NEED_ARG_LIST
689 (
690   CK_SESSION_HANDLE hSession,        /* the session's handle */
691   CK_BYTE_PTR       pSignature,      /* signature to verify */
692   CK_ULONG          ulSignatureLen,  /* signature length */
693   CK_BYTE_PTR       pData,           /* gets signed data */
694   CK_ULONG_PTR      pulDataLen       /* gets signed data len */
695 );
696 #endif
697 
698 
699 
700 /* Dual-function cryptographic operations */
701 
702 /* C_DigestEncryptUpdate continues a multiple-part digesting
703  * and encryption operation. */
704 CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
705 #ifdef CK_NEED_ARG_LIST
706 (
707   CK_SESSION_HANDLE hSession,            /* session's handle */
708   CK_BYTE_PTR       pPart,               /* the plaintext data */
709   CK_ULONG          ulPartLen,           /* plaintext length */
710   CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
711   CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
712 );
713 #endif
714 
715 
716 /* C_DecryptDigestUpdate continues a multiple-part decryption and
717  * digesting operation. */
718 CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
719 #ifdef CK_NEED_ARG_LIST
720 (
721   CK_SESSION_HANDLE hSession,            /* session's handle */
722   CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
723   CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
724   CK_BYTE_PTR       pPart,               /* gets plaintext */
725   CK_ULONG_PTR      pulPartLen           /* gets plaintext len */
726 );
727 #endif
728 
729 
730 /* C_SignEncryptUpdate continues a multiple-part signing and
731  * encryption operation. */
732 CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
733 #ifdef CK_NEED_ARG_LIST
734 (
735   CK_SESSION_HANDLE hSession,            /* session's handle */
736   CK_BYTE_PTR       pPart,               /* the plaintext data */
737   CK_ULONG          ulPartLen,           /* plaintext length */
738   CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
739   CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
740 );
741 #endif
742 
743 
744 /* C_DecryptVerifyUpdate continues a multiple-part decryption and
745  * verify operation. */
746 CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
747 #ifdef CK_NEED_ARG_LIST
748 (
749   CK_SESSION_HANDLE hSession,            /* session's handle */
750   CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
751   CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
752   CK_BYTE_PTR       pPart,               /* gets plaintext */
753   CK_ULONG_PTR      pulPartLen           /* gets p-text length */
754 );
755 #endif
756 
757 
758 
759 /* Key management */
760 
761 /* C_GenerateKey generates a secret key, creating a new key
762  * object. */
763 CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
764 #ifdef CK_NEED_ARG_LIST
765 (
766   CK_SESSION_HANDLE    hSession,    /* the session's handle */
767   CK_MECHANISM_PTR     pMechanism,  /* key generation mech. */
768   CK_ATTRIBUTE_PTR     pTemplate,   /* template for new key */
769   CK_ULONG             ulCount,     /* # of attrs in template */
770   CK_OBJECT_HANDLE_PTR phKey        /* gets handle of new key */
771 );
772 #endif
773 
774 
775 /* C_GenerateKeyPair generates a public-key/private-key pair,
776  * creating new key objects. */
777 CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
778 #ifdef CK_NEED_ARG_LIST
779 (
780   CK_SESSION_HANDLE    hSession,                    /* session
781                                                      * handle */
782   CK_MECHANISM_PTR     pMechanism,                  /* key-gen
783                                                      * mech. */
784   CK_ATTRIBUTE_PTR     pPublicKeyTemplate,          /* template
785                                                      * for pub.
786                                                      * key */
787   CK_ULONG             ulPublicKeyAttributeCount,   /* # pub.
788                                                      * attrs. */
789   CK_ATTRIBUTE_PTR     pPrivateKeyTemplate,         /* template
790                                                      * for priv.
791                                                      * key */
792   CK_ULONG             ulPrivateKeyAttributeCount,  /* # priv.
793                                                      * attrs. */
794   CK_OBJECT_HANDLE_PTR phPublicKey,                 /* gets pub.
795                                                      * key
796                                                      * handle */
797   CK_OBJECT_HANDLE_PTR phPrivateKey                 /* gets
798                                                      * priv. key
799                                                      * handle */
800 );
801 #endif
802 
803 
804 /* C_WrapKey wraps (i.e., encrypts) a key. */
805 CK_PKCS11_FUNCTION_INFO(C_WrapKey)
806 #ifdef CK_NEED_ARG_LIST
807 (
808   CK_SESSION_HANDLE hSession,        /* the session's handle */
809   CK_MECHANISM_PTR  pMechanism,      /* the wrapping mechanism */
810   CK_OBJECT_HANDLE  hWrappingKey,    /* wrapping key */
811   CK_OBJECT_HANDLE  hKey,            /* key to be wrapped */
812   CK_BYTE_PTR       pWrappedKey,     /* gets wrapped key */
813   CK_ULONG_PTR      pulWrappedKeyLen /* gets wrapped key size */
814 );
815 #endif
816 
817 
818 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
819  * key object. */
820 CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
821 #ifdef CK_NEED_ARG_LIST
822 (
823   CK_SESSION_HANDLE    hSession,          /* session's handle */
824   CK_MECHANISM_PTR     pMechanism,        /* unwrapping mech. */
825   CK_OBJECT_HANDLE     hUnwrappingKey,    /* unwrapping key */
826   CK_BYTE_PTR          pWrappedKey,       /* the wrapped key */
827   CK_ULONG             ulWrappedKeyLen,   /* wrapped key len */
828   CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
829   CK_ULONG             ulAttributeCount,  /* template length */
830   CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
831 );
832 #endif
833 
834 
835 /* C_DeriveKey derives a key from a base key, creating a new key
836  * object. */
837 CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
838 #ifdef CK_NEED_ARG_LIST
839 (
840   CK_SESSION_HANDLE    hSession,          /* session's handle */
841   CK_MECHANISM_PTR     pMechanism,        /* key deriv. mech. */
842   CK_OBJECT_HANDLE     hBaseKey,          /* base key */
843   CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
844   CK_ULONG             ulAttributeCount,  /* template length */
845   CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
846 );
847 #endif
848 
849 
850 
851 /* Random number generation */
852 
853 /* C_SeedRandom mixes additional seed material into the token's
854  * random number generator. */
855 CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
856 #ifdef CK_NEED_ARG_LIST
857 (
858   CK_SESSION_HANDLE hSession,  /* the session's handle */
859   CK_BYTE_PTR       pSeed,     /* the seed material */
860   CK_ULONG          ulSeedLen  /* length of seed material */
861 );
862 #endif
863 
864 
865 /* C_GenerateRandom generates random data. */
866 CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
867 #ifdef CK_NEED_ARG_LIST
868 (
869   CK_SESSION_HANDLE hSession,    /* the session's handle */
870   CK_BYTE_PTR       RandomData,  /* receives the random data */
871   CK_ULONG          ulRandomLen  /* # of bytes to generate */
872 );
873 #endif
874 
875 
876 
877 /* Parallel function management */
878 
879 /* C_GetFunctionStatus is a legacy function; it obtains an
880  * updated status of a function running in parallel with an
881  * application. */
882 CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
883 #ifdef CK_NEED_ARG_LIST
884 (
885   CK_SESSION_HANDLE hSession  /* the session's handle */
886 );
887 #endif
888 
889 
890 /* C_CancelFunction is a legacy function; it cancels a function
891  * running in parallel. */
892 CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
893 #ifdef CK_NEED_ARG_LIST
894 (
895   CK_SESSION_HANDLE hSession  /* the session's handle */
896 );
897 #endif
898 
899 
900 
901 /* Functions added in for Cryptoki Version 2.01 or later */
902 
903 /* C_WaitForSlotEvent waits for a slot event (token insertion,
904  * removal, etc.) to occur. */
905 CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
906 #ifdef CK_NEED_ARG_LIST
907 (
908   CK_FLAGS flags,        /* blocking/nonblocking flag */
909   CK_SLOT_ID_PTR pSlot,  /* location that receives the slot ID */
910   CK_VOID_PTR pRserved   /* reserved.  Should be NULL_PTR */
911 );
912 #endif
913