xref: /illumos-gate/usr/src/lib/pkcs11/pkcs11_tpm/common/tpmtok_int.h (revision cea606427170954e8cfcfa5417f3b60394180cb9)
1 /*
2  * The Initial Developer of the Original Code is International
3  * Business Machines Corporation. Portions created by IBM
4  * Corporation are Copyright(C) 2005 International Business
5  * Machines Corporation. All Rights Reserved.
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the Common Public License as published by
9  * IBM Corporation; either version 1 of the License, or(at your option)
10  * any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * Common Public License for more details.
16  *
17  * You should have received a copy of the Common Public License
18  * along with this program; if not, a copy can be viewed at
19  * http://www.opensource.org/licenses/cpl1.0.php.
20  */
21 
22 /* (C) COPYRIGHT International Business Machines Corp. 2001, 2002, 2005 */
23 /*
24  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
25  * Use is subject to license terms.
26  */
27 
28 #ifndef _TPMTOK_INT_H
29 #define	_TPMTOK_INT_H
30 
31 #include <stdio.h>
32 #include <pthread.h>
33 #include <string.h>
34 #include <strings.h>
35 #include <md5.h>
36 #include <sha1.h>
37 #include <limits.h>
38 #include <syslog.h>
39 #include <errno.h>
40 #include <sys/types.h>
41 #include <sys/stat.h>
42 #include <sys/param.h>
43 #include <sys/byteorder.h>
44 #include <security/cryptoki.h>
45 
46 #include <tss/platform.h>
47 #include <tss/tss_defines.h>
48 #include <tss/tss_typedef.h>
49 #include <tss/tss_structs.h>
50 #include <tss/tspi.h>
51 
52 #define	VERSION_MAJOR 2
53 #define	VERSION_MINOR 1
54 
55 #define	MAX_SESSION_COUNT	64
56 #define	MAX_PIN_LEN	256
57 #define	MIN_PIN_LEN	1
58 
59 #define	MAX_SLOT_ID	10
60 
61 #ifndef MIN
62 #define	MIN(a, b)  ((a) < (b) ? (a) : (b))
63 #endif
64 
65 #define	MODE_COPY	(1 << 0)
66 #define	MODE_CREATE	(1 << 1)
67 #define	MODE_KEYGEN	(1 << 2)
68 #define	MODE_MODIFY	(1 << 3)
69 #define	MODE_DERIVE	(1 << 4)
70 #define	MODE_UNWRAP	(1 << 5)
71 
72 // RSA block formatting types
73 //
74 #define	PKCS_BT_1	1
75 #define	PKCS_BT_2	2
76 
77 #define	OP_ENCRYPT_INIT 1
78 #define	OP_DECRYPT_INIT 2
79 #define	OP_WRAP		3
80 #define	OP_UNWRAP	4
81 #define	OP_SIGN_INIT	5
82 #define	OP_VERIFY_INIT	6
83 
84 enum {
85 	STATE_INVALID = 0,
86 	STATE_ENCR,
87 	STATE_DECR,
88 	STATE_DIGEST,
89 	STATE_SIGN,
90 	STATE_VERIFY
91 };
92 
93 #define	SHA1_BLOCK_SIZE 64
94 #define	SHA1_BLOCK_SIZE_MASK (SHA1_BLOCK_SIZE - 1)
95 
96 #define	RSA_BLOCK_SIZE 256
97 
98 #ifndef PATH_MAX
99 #define	PATH_MAX MAXPATHLEN
100 #endif
101 
102 #ifndef PACK_DATA
103 #define	PACK_DATA
104 #endif
105 
106 #define	MD5_BLOCK_SIZE  64
107 
108 #define	DSA_SIGNATURE_SIZE  40
109 
110 #define	DEFAULT_SO_PIN  "87654321"
111 
112 typedef enum {
113 	ALL = 1,
114 	PRIVATE,
115 	PUBLIC
116 } SESS_OBJ_TYPE;
117 
118 typedef struct _DL_NODE
119 {
120 	struct _DL_NODE	*next;
121 	struct _DL_NODE	*prev;
122 	void  *data;
123 } DL_NODE;
124 
125 #define	TOKEN_DATA_FILE	"token.dat"
126 #define	TOKEN_OBJ_DIR	"objects"
127 #define	TOKEN_OBJ_INDEX_FILE "obj.idx"
128 
129 #define	TPMTOK_UUID_INDEX_FILENAME "uuids.idx"
130 
131 /*
132  * Filenames used to store migration data.
133  */
134 #define	SO_MAKEY_FILENAME	"so_makey.dat"
135 #define	USER_MAKEY_FILENAME	"user_makey.dat"
136 #define	SO_KEYBLOB_FILENAME	"so_blob.dat"
137 #define	USER_KEYBLOB_FILENAME	"user_blob.dat"
138 
139 #define	__FUNCTION__ __func__
140 
141 //
142 // Both of the strings below have a length of 32 chars and must be
143 // padded with spaces, and non - null terminated.
144 //
145 #define	PKW_CRYPTOKI_VERSION_MAJOR	2
146 #define	PKW_CRYPTOKI_VERSION_MINOR	1
147 #define	PKW_CRYPTOKI_MANUFACTURER	"Sun Microsystems, Inc.	  "
148 #define	PKW_CRYPTOKI_LIBDESC	    "PKCS#11 Interface for TPM	"
149 #define	PKW_CRYPTOKI_LIB_VERSION_MAJOR  1
150 #define	PKW_CRYPTOKI_LIB_VERSION_MINOR  0
151 #define	PKW_MAX_DEVICES		 10
152 
153 #define	MAX_TOK_OBJS  2048
154 #define	NUMBER_SLOTS_MANAGED 1
155 #define	TPM_SLOTID 1
156 
157 /*
158  * CKA_HIDDEN will be used to filter return results on
159  * a C_FindObjects call. Used for objects internal to the
160  * TPM token for management
161  */
162 /* custom attributes for the TPM token */
163 #define	CKA_HIDDEN	CKA_VENDOR_DEFINED + 0x01
164 #define	CKA_IBM_OPAQUE	CKA_VENDOR_DEFINED + 0x02
165 /*
166  * CKA_ENC_AUTHDATA will be used to store the encrypted SHA-1
167  * hashes of auth data passed in for TPM keys. The authdata
168  * will be encrypted using either the public
169  * leaf key or the private leaf key
170  */
171 #define	CKA_ENC_AUTHDATA CKA_VENDOR_DEFINED + 0x03
172 
173 /* custom return codes for the TPM token */
174 #define	CKR_KEY_NOT_FOUND	CKR_VENDOR_DEFINED + 0x01
175 #define	CKR_FILE_NOT_FOUND	CKR_VENDOR_DEFINED + 0x02
176 
177 typedef struct {
178 	CK_SLOT_ID  slotID;
179 	CK_SESSION_HANDLE  sessionh;
180 } ST_SESSION_T;
181 
182 typedef ST_SESSION_T ST_SESSION_HANDLE;
183 
184 typedef struct {
185 	void *Previous;
186 	void *Next;
187 	CK_SLOT_ID   SltId;
188 	CK_SESSION_HANDLE  RealHandle;
189 } Session_Struct_t;
190 
191 typedef Session_Struct_t *SessStructP;
192 
193 typedef struct {
194 	pid_t Pid;
195 	pthread_mutex_t  ProcMutex;
196 	Session_Struct_t *SessListBeg;
197 	Session_Struct_t *SessListEnd;
198 	pthread_mutex_t  SessListMutex;
199 } API_Proc_Struct_t;
200 
201 
202 
203 
204 enum {
205 	PRF_DUMMYFUNCTION = 1,
206 	PRF_FCVFUNCTION,
207 	PRF_INITIALIZE,
208 	PRF_FINALIZE,
209 	PRF_GETINFO,
210 	PRF_GETFUNCTIONLIST,
211 	PRF_GETSLOTLIST,
212 	PRF_GETSLOTINFO,
213 	PRF_GETTOKENINFO,
214 	PRF_GETMECHLIST,
215 	PRF_GETMECHINFO,
216 	PRF_INITTOKEN,
217 	PRF_INITPIN,
218 	PRF_SETPIN,
219 	PRF_OPENSESSION,
220 	PRF_CLOSESESSION,
221 	PRF_CLOSEALLSESSIONS,
222 	PRF_GETSESSIONINFO,
223 	PRF_GETOPERATIONSTATE,
224 	PRF_SETOPERATIONSTATE,
225 	PRF_LOGIN,
226 	PRF_LOGOUT,
227 	PRF_CREATEOBJECT,
228 	PRF_COPYOBJECT,
229 	PRF_DESTROYOBJECT,
230 	PRF_GETOBJECTSIZE,
231 	PRF_GETATTRIBUTEVALUE,
232 	PRF_SETATTRIBUTEVALUE,
233 	PRF_FINDOBJECTSINIT,
234 	PRF_FINDOBJECTS,
235 	PRF_FINDOBJECTSFINAL,
236 	PRF_ENCRYPTINIT,
237 	PRF_ENCRYPT,
238 	PRF_ENCRYPTUPDATE,
239 	PRF_ENCRYPTFINAL,
240 	PRF_DECRYPTINIT,
241 	PRF_DECRYPT,
242 	PRF_DECRYPTUPDATE,
243 	PRF_DECRYPTFINAL,
244 	PRF_DIGESTINIT,
245 	PRF_DIGEST,
246 	PRF_DIGESTUPDATE,
247 	PRF_DIGESTKEY,
248 	PRF_DIGESTFINAL,
249 	PRF_SIGNINIT,
250 	PRF_SIGN,
251 	PRF_SIGNUPDATE,
252 	PRF_SIGNFINAL,
253 	PRF_SIGNRECOVERINIT,
254 	PRF_SIGNRECOVER,
255 	PRF_VERIFYINIT,
256 	PRF_VERIFY,
257 	PRF_VERIFYUPDATE,
258 	PRF_VERIFYFINAL,
259 	PRF_VERIFYRECOVERINIT,
260 	PRF_VERIFYRECOVER,
261 	PRF_GENKEY,
262 	PRF_GENKEYPAIR,
263 	PRF_WRAPKEY,
264 	PRF_UNWRAPKEY,
265 	PRF_DERIVEKEY,
266 	PRF_GENRND,
267 	PRF_LASTENTRY
268 };
269 
270 typedef struct _ENCR_DECR_CONTEXT
271 {
272 	CK_OBJECT_HANDLE  key;
273 	CK_MECHANISM mech;
274 	CK_BYTE	  *context;
275 	CK_ULONG  context_len;
276 	CK_BBOOL  multi;
277 	CK_BBOOL  active;
278 } ENCR_DECR_CONTEXT;
279 
280 typedef struct _DIGEST_CONTEXT
281 {
282 	CK_MECHANISM   mech;
283 	union {
284 		MD5_CTX *md5ctx;
285 		SHA1_CTX *sha1ctx;
286 		void *ref; /* reference ptr for the union */
287 	} context;
288 	CK_ULONG context_len;
289 	CK_BBOOL multi;
290 	CK_BBOOL active;
291 } DIGEST_CONTEXT;
292 
293 typedef struct _SIGN_VERIFY_CONTEXT
294 {
295 	CK_OBJECT_HANDLE key;
296 	CK_MECHANISM	mech;	// current sign mechanism
297 	void	 *context;  // temporary work area
298 	CK_ULONG context_len;
299 	CK_BBOOL multi;    // is this a multi - part operation?
300 	CK_BBOOL recover;  // are we in recover mode?
301 	CK_BBOOL active;
302 } SIGN_VERIFY_CONTEXT;
303 
304 typedef struct _SESSION
305 {
306 	CK_SESSION_HANDLE    handle;
307 	CK_SESSION_INFO	session_info;
308 
309 	CK_OBJECT_HANDLE    *find_list;	// array of CK_OBJECT_HANDLE
310 	CK_ULONG	find_count;    // # handles in the list
311 	CK_ULONG	find_len;	// max # of handles in the list
312 	CK_ULONG	find_idx;	// current position
313 	CK_BBOOL	find_active;
314 
315 	ENCR_DECR_CONTEXT    encr_ctx;
316 	ENCR_DECR_CONTEXT    decr_ctx;
317 	DIGEST_CONTEXT	digest_ctx;
318 	SIGN_VERIFY_CONTEXT  sign_ctx;
319 	SIGN_VERIFY_CONTEXT  verify_ctx;
320 
321 	TSS_HCONTEXT	hContext;
322 } SESSION;
323 
324 typedef struct _TEMPLATE
325 {
326 	DL_NODE  *attribute_list;
327 } TEMPLATE;
328 
329 typedef struct _OBJECT
330 {
331 	CK_OBJECT_CLASS   class;
332 	CK_BYTE	 name[8];   // for token objects
333 
334 	SESSION	 *session;   // creator; only for session objects
335 	TEMPLATE *template;
336 	CK_ULONG count_hi;  // only significant for token objects
337 	CK_ULONG count_lo;  // only significant for token objects
338 	CK_ULONG index;
339 } OBJECT;
340 
341 typedef struct _OBJECT_MAP
342 {
343 	CK_OBJECT_HANDLE	handle;
344 	CK_BBOOL is_private;
345 	CK_BBOOL is_session_obj;
346 	SESSION	 *session;
347 	OBJECT   *ptr;
348 } OBJECT_MAP;
349 
350 typedef struct _ATTRIBUTE_PARSE_LIST
351 {
352 	CK_ATTRIBUTE_TYPE type;
353 	void		*ptr;
354 	CK_ULONG	  len;
355 	CK_BBOOL	  found;
356 } ATTRIBUTE_PARSE_LIST;
357 
358 typedef struct _OP_STATE_DATA
359 {
360 	CK_STATE    session_state;
361 	CK_ULONG    active_operation;
362 	CK_ULONG    data_len;
363 } OP_STATE_DATA;
364 
365 typedef struct _TWEAK_VEC
366 {
367 	int   allow_key_mods;
368 } TWEAK_VEC;
369 
370 typedef struct _TOKEN_DATA
371 {
372 	CK_TOKEN_INFO token_info;
373 	CK_BYTE   user_pin_sha[SHA1_DIGEST_LENGTH];
374 	CK_BYTE   so_pin_sha[SHA1_DIGEST_LENGTH];
375 	CK_BYTE   next_token_object_name[8];
376 	TWEAK_VEC tweak_vector;
377 } TOKEN_DATA;
378 
379 typedef struct _RSA_DIGEST_CONTEXT {
380 	DIGEST_CONTEXT hash_context;
381 	CK_BBOOL	flag;
382 } RSA_DIGEST_CONTEXT;
383 
384 typedef struct _MECH_LIST_ELEMENT
385 {
386 	CK_MECHANISM_TYPE    mech_type;
387 	CK_MECHANISM_INFO    mech_info;
388 } MECH_LIST_ELEMENT;
389 
390 struct mech_list_item;
391 
392 struct mech_list_item {
393 	struct mech_list_item *next;
394 	MECH_LIST_ELEMENT element;
395 };
396 
397 struct mech_list_item *
398 find_mech_list_item_for_type(CK_MECHANISM_TYPE type,
399 	struct mech_list_item *head);
400 
401 typedef struct _TOK_OBJ_ENTRY
402 {
403 	CK_BBOOL  deleted;
404 	char	name[8];
405 	CK_ULONG  count_lo;
406 	CK_ULONG  count_hi;
407 } TOK_OBJ_ENTRY;
408 
409 typedef struct _LW_SHM_TYPE
410 {
411 	pthread_mutex_t	mutex;
412 	TOKEN_DATA	nv_token_data;
413 	CK_ULONG	num_priv_tok_obj;
414 	CK_ULONG	num_publ_tok_obj;
415 	CK_BBOOL	priv_loaded;
416 	CK_BBOOL	publ_loaded;
417 	CK_BBOOL	token_available;
418 	TOK_OBJ_ENTRY  publ_tok_objs[ MAX_TOK_OBJS ];
419 	TOK_OBJ_ENTRY  priv_tok_objs[ MAX_TOK_OBJS ];
420 } LW_SHM_TYPE;
421 
422 typedef unsigned int CK_ULONG_32;
423 typedef CK_ULONG_32 CK_OBJECT_CLASS_32;
424 typedef CK_ULONG_32 CK_ATTRIBUTE_TYPE_32;
425 
426 typedef struct CK_ATTRIBUTE_32 {
427 	CK_ATTRIBUTE_TYPE_32 type;
428 	CK_ULONG_32 pValue;
429 	CK_ULONG_32 ulValueLen;
430 } CK_ATTRIBUTE_32;
431 
432 char *get_tpm_keystore_path();
433 
434 struct messages {
435 	char *msg;
436 };
437 
438 struct token_specific_struct {
439 	CK_BYTE  token_debug_tag[MAXPATHLEN];
440 
441 	CK_RV  (*t_init)(char *, CK_SLOT_ID, TSS_HCONTEXT *);
442 	int  (*t_slot2local)();
443 
444 	CK_RV  (*t_rng)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
445 	CK_RV  (*t_session)(CK_SLOT_ID);
446 	CK_RV  (*t_final)(TSS_HCONTEXT);
447 	CK_RV (*t_rsa_decrypt)(TSS_HCONTEXT, CK_BYTE *,
448 		CK_ULONG, CK_BYTE *, CK_ULONG *, OBJECT *);
449 
450 	CK_RV (*t_rsa_encrypt)(
451 		TSS_HCONTEXT,
452 		CK_BYTE *, CK_ULONG, CK_BYTE *,
453 		CK_ULONG *, OBJECT *);
454 
455 	CK_RV (*t_rsa_sign)(TSS_HCONTEXT,
456 		CK_BYTE *,
457 		CK_ULONG,
458 		CK_BYTE *,
459 		CK_ULONG *,
460 		OBJECT *);
461 
462 	CK_RV (*t_rsa_verify)(TSS_HCONTEXT,
463 		CK_BYTE *,
464 		CK_ULONG,
465 		CK_BYTE *,
466 		CK_ULONG,
467 		OBJECT *);
468 
469 	CK_RV (*t_rsa_generate_keypair)(TSS_HCONTEXT, TEMPLATE *, TEMPLATE *);
470 
471 	CK_RV (*t_sha_init)(DIGEST_CONTEXT *);
472 
473 	CK_RV (*t_sha_update)(
474 		DIGEST_CONTEXT *,
475 		CK_BYTE	*,
476 		CK_ULONG);
477 
478 	CK_RV (*t_sha_final)(
479 		DIGEST_CONTEXT *,
480 		CK_BYTE *,
481 		CK_ULONG *);
482 	CK_RV (*t_login)(TSS_HCONTEXT, CK_USER_TYPE, CK_BYTE *, CK_ULONG);
483 	CK_RV (*t_logout)(TSS_HCONTEXT);
484 	CK_RV (*t_init_pin)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
485 	CK_RV (*t_set_pin)(ST_SESSION_HANDLE, CK_BYTE *,
486 		CK_ULONG, CK_BYTE *, CK_ULONG);
487 	CK_RV (*t_verify_so_pin)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
488 };
489 
490 typedef  struct token_specific_struct token_spec_t;
491 
492 /*
493  * Global Variables
494  */
495 extern void copy_slot_info(CK_SLOT_ID, CK_SLOT_INFO_PTR);
496 
497 extern struct messages err_msg[];
498 
499 extern token_spec_t token_specific;
500 extern CK_BBOOL initialized;
501 extern char *card_function_names[];
502 extern char *total_function_names[];
503 
504 extern MECH_LIST_ELEMENT mech_list[];
505 extern CK_ULONG mech_list_len;
506 
507 extern pthread_mutex_t native_mutex;
508 
509 extern void *xproclock;
510 
511 extern pthread_mutex_t pkcs_mutex, obj_list_mutex,
512 	sess_list_mutex, login_mutex;
513 
514 extern DL_NODE *sess_list;
515 extern DL_NODE *sess_obj_list;
516 extern DL_NODE *publ_token_obj_list;
517 extern DL_NODE *priv_token_obj_list;
518 extern DL_NODE *object_map;
519 
520 extern CK_BYTE so_pin_md5[MD5_DIGEST_LENGTH];
521 extern CK_BYTE user_pin_md5[MD5_DIGEST_LENGTH];
522 
523 extern CK_BYTE default_user_pin_sha[SHA1_DIGEST_LENGTH];
524 extern CK_BYTE default_so_pin_sha[SHA1_DIGEST_LENGTH];
525 extern CK_BYTE default_so_pin_md5[MD5_DIGEST_LENGTH];
526 
527 extern LW_SHM_TYPE *global_shm;
528 
529 extern TOKEN_DATA *nv_token_data;
530 
531 extern CK_ULONG next_object_handle;
532 extern CK_ULONG next_session_handle;
533 
534 extern CK_STATE global_login_state;
535 
536 extern CK_BYTE	ber_AlgIdRSAEncryption[];
537 extern CK_ULONG	ber_AlgIdRSAEncryptionLen;
538 extern CK_BYTE	ber_rsaEncryption[];
539 extern CK_ULONG	ber_rsaEncryptionLen;
540 extern CK_BYTE	ber_idDSA[];
541 extern CK_ULONG	ber_idDSALen;
542 
543 extern CK_BYTE ber_md5WithRSAEncryption[];
544 extern CK_ULONG ber_md5WithRSAEncryptionLen;
545 extern CK_BYTE ber_sha1WithRSAEncryption[];
546 extern CK_ULONG ber_sha1WithRSAEncryptionLen;
547 extern CK_BYTE ber_AlgMd5[];
548 extern CK_ULONG ber_AlgMd5Len;
549 extern CK_BYTE ber_AlgSha1[];
550 extern CK_ULONG ber_AlgSha1Len;
551 
552 extern CK_C_INITIALIZE_ARGS cinit_args;
553 
554 /*
555  * Function Prototypes
556  */
557 void *attach_shared_memory();
558 void  detach_shared_memory(char *);
559 
560 int API_Initialized();
561 void Terminate_All_Process_Sessions();
562 int API_Register();
563 void API_UnRegister();
564 
565 void CreateXProcLock(void *);
566 int XProcLock(void *);
567 int XProcUnLock(void *);
568 
569 void _init(void);
570 void loginit();
571 void logterm();
572 void logit(int, char *, ...);
573 void AddToSessionList(Session_Struct_t *);
574 void RemoveFromSessionList(Session_Struct_t *);
575 
576 int Valid_Session(Session_Struct_t *, ST_SESSION_T *);
577 
578 CK_BBOOL pin_expired(CK_SESSION_INFO *, CK_FLAGS);
579 CK_BBOOL pin_locked(CK_SESSION_INFO *, CK_FLAGS);
580 void set_login_flags(CK_USER_TYPE, CK_FLAGS *);
581 
582 extern void init_slot_info(TOKEN_DATA *);
583 
584 CK_RV update_migration_data(TSS_HCONTEXT,
585 	TSS_HKEY, TSS_HKEY, char *, char *, BYTE *, BYTE *);
586 CK_RV token_rng(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
587 
588 TSS_RESULT set_public_modulus(TSS_HCONTEXT, TSS_HKEY,
589     unsigned long, unsigned char *);
590 TSS_RESULT open_tss_context(TSS_HCONTEXT *);
591 CK_RV token_get_tpm_info(TSS_HCONTEXT, TOKEN_DATA *);
592 
593 CK_RV clock_set_default_attributes(TEMPLATE *);
594 CK_RV clock_check_required_attributes(TEMPLATE *, CK_ULONG);
595 CK_RV clock_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
596 
597 CK_RV counter_set_default_attributes(TEMPLATE *);
598 CK_RV counter_check_required_attributes(TEMPLATE *, CK_ULONG);
599 CK_RV counter_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
600 
601 CK_RV compute_next_token_obj_name(CK_BYTE *, CK_BYTE *);
602 
603 CK_RV save_token_object(TSS_HCONTEXT, OBJECT *);
604 CK_RV save_public_token_object(OBJECT *);
605 CK_RV save_private_token_object(TSS_HCONTEXT, OBJECT *);
606 
607 CK_RV load_public_token_objects(void);
608 CK_RV load_private_token_objects(TSS_HCONTEXT);
609 
610 CK_RV reload_token_object(TSS_HCONTEXT, OBJECT *);
611 
612 CK_RV delete_token_object(OBJECT *);
613 
614 CK_RV init_token_data(TSS_HCONTEXT, TOKEN_DATA *);
615 CK_RV load_token_data(TSS_HCONTEXT, TOKEN_DATA *);
616 CK_RV save_token_data(TOKEN_DATA *);
617 void copy_slot_info(CK_SLOT_ID, CK_SLOT_INFO_PTR);
618 
619 CK_RV compute_sha(CK_BYTE *, CK_ULONG_32, CK_BYTE *);
620 
621 CK_RV parity_is_odd(CK_BYTE);
622 
623 CK_RV build_attribute(CK_ATTRIBUTE_TYPE,
624 	CK_BYTE *, CK_ULONG, CK_ATTRIBUTE **);
625 
626 CK_RV add_pkcs_padding(CK_BYTE *, UINT32, UINT32, UINT32);
627 
628 CK_RV strip_pkcs_padding(CK_BYTE *, UINT32, UINT32 *);
629 
630 CK_RV remove_leading_zeros(CK_ATTRIBUTE *);
631 
632 CK_RV rsa_pkcs_encrypt(
633 	SESSION *,
634 	CK_BBOOL,
635 	ENCR_DECR_CONTEXT *,
636 	CK_BYTE *,
637 	CK_ULONG,
638 	CK_BYTE *,
639 	CK_ULONG *);
640 
641 CK_RV rsa_pkcs_decrypt(SESSION *,
642 	CK_BBOOL,
643 	ENCR_DECR_CONTEXT *,
644 	CK_BYTE *,
645 	CK_ULONG,
646 	CK_BYTE *,
647 	CK_ULONG *);
648 
649 CK_RV rsa_pkcs_sign(SESSION *,
650 	CK_BBOOL,
651 	SIGN_VERIFY_CONTEXT *,
652 	CK_BYTE *,
653 	CK_ULONG,
654 	CK_BYTE *,
655 	CK_ULONG *);
656 
657 CK_RV rsa_pkcs_verify(SESSION *,
658 	SIGN_VERIFY_CONTEXT *,
659 	CK_BYTE *,
660 	CK_ULONG,
661 	CK_BYTE *,
662 	CK_ULONG);
663 
664 CK_RV rsa_pkcs_verify_recover(SESSION *,
665 	CK_BBOOL,
666 	SIGN_VERIFY_CONTEXT *,
667 	CK_BYTE *,
668 	CK_ULONG,
669 	CK_BYTE *,
670 	CK_ULONG *);
671 
672 CK_RV rsa_hash_pkcs_sign(SESSION *,
673 	CK_BBOOL,
674 	SIGN_VERIFY_CONTEXT *,
675 	CK_BYTE *,
676 	CK_ULONG,
677 	CK_BYTE *,
678 	CK_ULONG *);
679 
680 CK_RV rsa_hash_pkcs_verify(SESSION *,
681 	SIGN_VERIFY_CONTEXT *,
682 	CK_BYTE *,
683 	CK_ULONG,
684 	CK_BYTE *,
685 	CK_ULONG);
686 
687 CK_RV rsa_hash_pkcs_sign_update(SESSION *,
688 	SIGN_VERIFY_CONTEXT *,
689 	CK_BYTE *,
690 	CK_ULONG);
691 
692 CK_RV rsa_hash_pkcs_verify_update(SESSION *,
693 	SIGN_VERIFY_CONTEXT *,
694 	CK_BYTE *,
695 	CK_ULONG);
696 
697 CK_RV rsa_hash_pkcs_sign_final(SESSION *,
698 	CK_BBOOL,
699 	SIGN_VERIFY_CONTEXT *,
700 	CK_BYTE *,
701 	CK_ULONG *);
702 
703 CK_RV rsa_hash_pkcs_verify_final(SESSION *,
704 	SIGN_VERIFY_CONTEXT *,
705 	CK_BYTE *,
706 	CK_ULONG);
707 
708 
709 CK_RV ckm_rsa_key_pair_gen(TSS_HCONTEXT, TEMPLATE *, TEMPLATE *);
710 
711 CK_RV sha1_hash(SESSION *, CK_BBOOL,
712 	DIGEST_CONTEXT *,
713 	CK_BYTE *, CK_ULONG,
714 	CK_BYTE *, CK_ULONG *);
715 
716 CK_RV sha1_hmac_sign(SESSION *, CK_BBOOL,
717 	SIGN_VERIFY_CONTEXT *,
718 	CK_BYTE *,
719 	CK_ULONG,
720 	CK_BYTE *,
721 	CK_ULONG *);
722 
723 CK_RV sha1_hmac_verify(SESSION *,
724 	SIGN_VERIFY_CONTEXT *,
725 	CK_BYTE *,
726 	CK_ULONG,
727 	CK_BYTE *,
728 	CK_ULONG);
729 
730 CK_RV md5_hash(SESSION *, CK_BBOOL,
731 	DIGEST_CONTEXT *,
732 	CK_BYTE *, CK_ULONG,
733 	CK_BYTE *, CK_ULONG *);
734 
735 CK_RV md5_hmac_sign(SESSION *, CK_BBOOL,
736 	SIGN_VERIFY_CONTEXT *,
737 	CK_BYTE *,
738 	CK_ULONG,
739 	CK_BYTE *,
740 	CK_ULONG *);
741 
742 CK_RV md5_hmac_verify(SESSION *,
743 	SIGN_VERIFY_CONTEXT *,
744 	CK_BYTE *,
745 	CK_ULONG,
746 	CK_BYTE *,
747 	CK_ULONG);
748 
749 DL_NODE *dlist_add_as_first(DL_NODE *, void *);
750 DL_NODE *dlist_add_as_last(DL_NODE *, void *);
751 DL_NODE *dlist_find(DL_NODE *, void *);
752 DL_NODE *dlist_get_first(DL_NODE *);
753 DL_NODE *dlist_get_last(DL_NODE *);
754 	CK_ULONG dlist_length(DL_NODE *);
755 DL_NODE *dlist_next(DL_NODE *);
756 DL_NODE *dlist_prev(DL_NODE *);
757 void dlist_purge(DL_NODE *);
758 DL_NODE *dlist_remove_node(DL_NODE *, DL_NODE *);
759 
760 CK_RV attach_shm(void);
761 CK_RV detach_shm(void);
762 
763 // encryption manager routines
764 //
765 CK_RV encr_mgr_init(SESSION *,
766 	ENCR_DECR_CONTEXT *,
767 	CK_ULONG,
768 	CK_MECHANISM *,
769 	CK_OBJECT_HANDLE);
770 
771 CK_RV encr_mgr_cleanup(ENCR_DECR_CONTEXT *);
772 
773 CK_RV encr_mgr_encrypt(SESSION *, CK_BBOOL,
774 	ENCR_DECR_CONTEXT *,
775 	CK_BYTE *, CK_ULONG,
776 	CK_BYTE *, CK_ULONG *);
777 
778 CK_RV decr_mgr_init(SESSION *,
779 	ENCR_DECR_CONTEXT *,
780 	CK_ULONG,
781 	CK_MECHANISM *,
782 	CK_OBJECT_HANDLE);
783 
784 CK_RV decr_mgr_cleanup(ENCR_DECR_CONTEXT *);
785 
786 CK_RV decr_mgr_decrypt(SESSION *, CK_BBOOL,
787 	ENCR_DECR_CONTEXT *,
788 	CK_BYTE *, CK_ULONG,
789 	CK_BYTE *, CK_ULONG *);
790 
791 CK_RV digest_mgr_cleanup(DIGEST_CONTEXT *);
792 
793 CK_RV digest_mgr_init(SESSION *,
794 	DIGEST_CONTEXT *,
795 	CK_MECHANISM *);
796 
797 CK_RV digest_mgr_digest(SESSION *, CK_BBOOL,
798 	DIGEST_CONTEXT *,
799 	CK_BYTE *, CK_ULONG,
800 	CK_BYTE *, CK_ULONG *);
801 
802 CK_RV digest_mgr_digest_update(SESSION *,
803 	DIGEST_CONTEXT *,
804 	CK_BYTE *, CK_ULONG);
805 
806 CK_RV digest_mgr_digest_key(SESSION *,
807 	DIGEST_CONTEXT *,
808 	CK_OBJECT_HANDLE);
809 
810 CK_RV digest_mgr_digest_final(SESSION *,
811 	DIGEST_CONTEXT *,
812 	CK_BYTE *, CK_ULONG *);
813 
814 CK_RV key_mgr_generate_key_pair(SESSION *,
815 	CK_MECHANISM *,
816 	CK_ATTRIBUTE *, CK_ULONG,
817 	CK_ATTRIBUTE *, CK_ULONG,
818 	CK_OBJECT_HANDLE *,
819 	CK_OBJECT_HANDLE *);
820 
821 CK_RV key_mgr_wrap_key(SESSION *,
822 	CK_BBOOL,
823 	CK_MECHANISM *,
824 	CK_OBJECT_HANDLE,
825 	CK_OBJECT_HANDLE,
826 	CK_BYTE *,
827 	CK_ULONG *);
828 
829 CK_RV key_mgr_unwrap_key(SESSION *,
830 	CK_MECHANISM *,
831 	CK_ATTRIBUTE *,
832 	CK_ULONG,
833 	CK_BYTE *,
834 	CK_ULONG,
835 	CK_OBJECT_HANDLE,
836 	CK_OBJECT_HANDLE *);
837 
838 CK_RV sign_mgr_init(SESSION *,
839 	SIGN_VERIFY_CONTEXT *,
840 	CK_MECHANISM *,
841 	CK_BBOOL,
842 	CK_OBJECT_HANDLE);
843 
844 CK_RV sign_mgr_cleanup(SIGN_VERIFY_CONTEXT *);
845 
846 CK_RV sign_mgr_sign(SESSION *,
847 	CK_BBOOL,
848 	SIGN_VERIFY_CONTEXT *,
849 	CK_BYTE *,
850 	CK_ULONG,
851 	CK_BYTE *,
852 	CK_ULONG *);
853 
854 CK_RV sign_mgr_sign_recover(SESSION *,
855 	CK_BBOOL,
856 	SIGN_VERIFY_CONTEXT *,
857 	CK_BYTE *,
858 	CK_ULONG,
859 	CK_BYTE *,
860 	CK_ULONG *);
861 
862 CK_RV sign_mgr_sign_final(SESSION *,
863 	CK_BBOOL,
864 	SIGN_VERIFY_CONTEXT *,
865 	CK_BYTE *,
866 	CK_ULONG *);
867 
868 CK_RV sign_mgr_sign_update(SESSION *,
869 	SIGN_VERIFY_CONTEXT *,
870 	CK_BYTE *,
871 	CK_ULONG);
872 
873 CK_RV verify_mgr_init(SESSION *,
874 	SIGN_VERIFY_CONTEXT *,
875 	CK_MECHANISM *,
876 	CK_BBOOL,
877 	CK_OBJECT_HANDLE);
878 
879 CK_RV verify_mgr_cleanup(SIGN_VERIFY_CONTEXT *);
880 
881 CK_RV verify_mgr_verify(SESSION *,
882 	SIGN_VERIFY_CONTEXT *,
883 	CK_BYTE *,
884 	CK_ULONG,
885 	CK_BYTE *,
886 	CK_ULONG);
887 
888 CK_RV verify_mgr_verify_recover(SESSION *,
889 	CK_BBOOL,
890 	SIGN_VERIFY_CONTEXT *,
891 	CK_BYTE *,
892 	CK_ULONG,
893 	CK_BYTE *,
894 	CK_ULONG *);
895 
896 CK_RV verify_mgr_verify_update(SESSION *,
897 	SIGN_VERIFY_CONTEXT *,
898 	CK_BYTE *,
899 	CK_ULONG);
900 
901 CK_RV verify_mgr_verify_final(SESSION *,
902 	SIGN_VERIFY_CONTEXT *,
903 	CK_BYTE *,
904 	CK_ULONG);
905 
906 
907 // session manager routines
908 //
909 CK_RV session_mgr_close_all_sessions(void);
910 CK_RV session_mgr_close_session(SESSION *);
911 SESSION *session_mgr_find(CK_SESSION_HANDLE);
912 CK_RV session_mgr_login_all(CK_USER_TYPE);
913 CK_RV session_mgr_logout_all(void);
914 CK_RV session_mgr_new(CK_ULONG, SESSION **);
915 
916 CK_BBOOL session_mgr_readonly_exists(void);
917 CK_BBOOL session_mgr_so_session_exists(void);
918 CK_BBOOL session_mgr_user_session_exists(void);
919 CK_BBOOL session_mgr_public_session_exists(void);
920 
921 CK_RV session_mgr_get_op_state(SESSION *, CK_BBOOL,
922 	CK_BYTE *, CK_ULONG *);
923 
924 CK_RV session_mgr_set_op_state(SESSION *,
925 	CK_OBJECT_HANDLE, CK_OBJECT_HANDLE, CK_BYTE *);
926 
927 CK_RV object_mgr_add(SESSION *,
928 	CK_ATTRIBUTE *, CK_ULONG, CK_OBJECT_HANDLE *);
929 
930 CK_RV object_mgr_add_to_map(SESSION *, OBJECT *, CK_OBJECT_HANDLE *);
931 
932 CK_RV object_mgr_add_to_shm(OBJECT *);
933 CK_RV object_mgr_del_from_shm(OBJECT *);
934 
935 CK_RV object_mgr_copy(SESSION *,
936 	CK_ATTRIBUTE *, CK_ULONG, CK_OBJECT_HANDLE,
937 	CK_OBJECT_HANDLE *);
938 
939 CK_RV object_mgr_create_final(SESSION *,
940 	OBJECT *, CK_OBJECT_HANDLE *);
941 
942 CK_RV object_mgr_create_skel(SESSION *,
943 	CK_ATTRIBUTE *, CK_ULONG, CK_ULONG,
944 	CK_ULONG, CK_ULONG, OBJECT **);
945 
946 CK_RV object_mgr_destroy_object(SESSION *, CK_OBJECT_HANDLE);
947 
948 CK_RV object_mgr_destroy_token_objects(TSS_HCONTEXT);
949 
950 CK_RV object_mgr_find_in_map1(TSS_HCONTEXT, CK_OBJECT_HANDLE, OBJECT **);
951 
952 CK_RV object_mgr_find_in_map2(TSS_HCONTEXT, OBJECT *, CK_OBJECT_HANDLE *);
953 
954 CK_RV object_mgr_find_init(SESSION *, CK_ATTRIBUTE *, CK_ULONG);
955 
956 CK_RV object_mgr_find_build_list(SESSION *,
957 	CK_ATTRIBUTE *,
958 	CK_ULONG,
959 	DL_NODE *,
960 	CK_BBOOL public_only);
961 
962 CK_RV object_mgr_find_final(SESSION *);
963 
964 CK_RV object_mgr_get_attribute_values(SESSION *,
965 	CK_OBJECT_HANDLE,
966 	CK_ATTRIBUTE *,
967 	CK_ULONG);
968 
969 CK_RV object_mgr_get_object_size(TSS_HCONTEXT, CK_OBJECT_HANDLE,
970 	CK_ULONG *);
971 
972 CK_BBOOL object_mgr_invalidate_handle1(CK_OBJECT_HANDLE handle);
973 
974 CK_BBOOL object_mgr_invalidate_handle2(OBJECT *);
975 
976 CK_BBOOL object_mgr_purge_session_objects(SESSION *, SESS_OBJ_TYPE);
977 
978 CK_BBOOL object_mgr_purge_token_objects(TSS_HCONTEXT);
979 
980 CK_BBOOL object_mgr_purge_private_token_objects(TSS_HCONTEXT);
981 
982 CK_RV object_mgr_remove_from_map(CK_OBJECT_HANDLE);
983 
984 CK_RV object_mgr_restore_obj(CK_BYTE *, OBJECT *);
985 
986 CK_RV object_mgr_set_attribute_values(SESSION *,
987 	CK_OBJECT_HANDLE,
988 	CK_ATTRIBUTE *,
989 	CK_ULONG);
990 
991 CK_BBOOL object_mgr_purge_map(SESSION *, SESS_OBJ_TYPE);
992 
993 CK_RV object_create(CK_ATTRIBUTE *, CK_ULONG, OBJECT **);
994 
995 CK_RV object_create_skel(CK_ATTRIBUTE *,
996 	CK_ULONG,
997 	CK_ULONG,
998 	CK_ULONG,
999 	CK_ULONG,
1000 	OBJECT **);
1001 
1002 CK_RV object_copy(CK_ATTRIBUTE *,
1003 	CK_ULONG,
1004 	OBJECT *,
1005 	OBJECT **);
1006 
1007 CK_RV object_flatten(OBJECT *,
1008 	CK_BYTE **,
1009 	CK_ULONG_32 *);
1010 
1011 CK_BBOOL object_free(OBJECT *);
1012 
1013 CK_RV object_get_attribute_values(OBJECT *,
1014 	CK_ATTRIBUTE *,
1015 	CK_ULONG);
1016 
1017 CK_ULONG object_get_size(OBJECT *);
1018 
1019 CK_RV object_restore(CK_BYTE *,
1020 	OBJECT **,
1021 	CK_BBOOL replace);
1022 
1023 CK_RV object_set_attribute_values(OBJECT *,
1024 	CK_ATTRIBUTE *,
1025 	CK_ULONG);
1026 
1027 CK_BBOOL object_is_modifiable(OBJECT *);
1028 CK_BBOOL object_is_private(OBJECT *);
1029 CK_BBOOL object_is_public(OBJECT *);
1030 CK_BBOOL object_is_token_object(OBJECT *);
1031 CK_BBOOL object_is_session_object(OBJECT *);
1032 
1033 CK_BBOOL is_attribute_defined(CK_ATTRIBUTE_TYPE);
1034 
1035 CK_RV template_add_attributes(TEMPLATE *,
1036 	CK_ATTRIBUTE *, CK_ULONG);
1037 
1038 CK_RV template_add_default_attributes(TEMPLATE *,
1039 	CK_ULONG,
1040 	CK_ULONG,
1041 	CK_ULONG);
1042 
1043 CK_BBOOL template_attribute_find(TEMPLATE *,
1044 	CK_ATTRIBUTE_TYPE, CK_ATTRIBUTE **);
1045 
1046 void template_attribute_find_multiple(TEMPLATE *,
1047 	ATTRIBUTE_PARSE_LIST *,
1048 	CK_ULONG);
1049 
1050 CK_BBOOL template_check_exportability(TEMPLATE *, CK_ATTRIBUTE_TYPE type);
1051 
1052 CK_RV template_check_required_attributes(TEMPLATE *,
1053 	CK_ULONG, CK_ULONG, CK_ULONG);
1054 
1055 CK_RV template_check_required_base_attributes(TEMPLATE *,
1056 	CK_ULONG);
1057 
1058 CK_BBOOL template_compare(CK_ATTRIBUTE *,
1059 	CK_ULONG, TEMPLATE *);
1060 
1061 CK_RV template_copy(TEMPLATE *, TEMPLATE *);
1062 
1063 CK_RV template_flatten(TEMPLATE *, CK_BYTE *);
1064 
1065 CK_RV template_free(TEMPLATE *);
1066 
1067 CK_BBOOL template_get_class(TEMPLATE *, CK_ULONG *, CK_ULONG *);
1068 
1069 CK_ULONG template_get_count(TEMPLATE *);
1070 
1071 CK_ULONG template_get_size(TEMPLATE *);
1072 CK_ULONG template_get_compressed_size(TEMPLATE *);
1073 
1074 CK_RV template_set_default_common_attributes(TEMPLATE *);
1075 
1076 CK_RV template_merge(TEMPLATE *, TEMPLATE **);
1077 
1078 CK_RV template_update_attribute(TEMPLATE *, CK_ATTRIBUTE *);
1079 
1080 CK_RV template_unflatten(TEMPLATE **, CK_BYTE *, CK_ULONG);
1081 
1082 CK_RV template_validate_attribute(TEMPLATE *,
1083 	CK_ATTRIBUTE *, CK_ULONG, CK_ULONG, CK_ULONG);
1084 
1085 CK_RV template_validate_attributes(TEMPLATE *,
1086 	CK_ULONG, CK_ULONG, CK_ULONG);
1087 
1088 CK_RV template_validate_base_attribute(TEMPLATE *,
1089 	CK_ATTRIBUTE *, CK_ULONG);
1090 
1091 
1092 // DATA OBJECT ROUTINES
1093 //
1094 CK_RV data_object_check_required_attributes(TEMPLATE *, CK_ULONG);
1095 CK_RV data_object_set_default_attributes(TEMPLATE *, CK_ULONG);
1096 CK_RV data_object_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1097 
1098 // CERTIFICATE ROUTINES
1099 CK_RV cert_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1100 
1101 CK_RV cert_x509_check_required_attributes(TEMPLATE *, CK_ULONG);
1102 CK_RV cert_x509_set_default_attributes(TEMPLATE *, CK_ULONG);
1103 CK_RV cert_x509_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1104 CK_RV cert_vendor_check_required_attributes(TEMPLATE *, CK_ULONG);
1105 CK_RV cert_vendor_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1106 
1107 //
1108 // KEY ROUTINES
1109 //
1110 CK_RV key_object_check_required_attributes(TEMPLATE *, CK_ULONG);
1111 CK_RV key_object_set_default_attributes(TEMPLATE *, CK_ULONG);
1112 CK_RV key_object_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1113 
1114 CK_RV publ_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1115 CK_RV publ_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1116 CK_RV publ_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1117 
1118 CK_RV priv_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1119 CK_RV priv_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1120 CK_RV priv_key_unwrap(TEMPLATE *, CK_ULONG, CK_BYTE *, CK_ULONG);
1121 CK_RV priv_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1122 
1123 	CK_BBOOL secret_key_check_exportability(CK_ATTRIBUTE_TYPE type);
1124 CK_RV secret_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1125 CK_RV secret_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1126 CK_RV secret_key_unwrap(TEMPLATE *, CK_ULONG, CK_BYTE *, CK_ULONG,
1127 	CK_BBOOL fromend);
1128 CK_RV secret_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *,
1129 	CK_ULONG);
1130 
1131 // rsa routines
1132 //
1133 CK_RV rsa_publ_check_required_attributes(TEMPLATE *, CK_ULONG);
1134 CK_RV rsa_publ_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1135 CK_RV rsa_publ_set_default_attributes(TEMPLATE *, CK_ULONG);
1136 	CK_BBOOL rsa_priv_check_exportability(CK_ATTRIBUTE_TYPE type);
1137 CK_RV rsa_priv_check_required_attributes(TEMPLATE *, CK_ULONG);
1138 CK_RV rsa_priv_set_default_attributes(TEMPLATE *, CK_ULONG);
1139 CK_RV rsa_priv_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1140 CK_RV rsa_priv_wrap_get_data(TEMPLATE *, CK_BBOOL, CK_BYTE **, CK_ULONG *);
1141 CK_RV rsa_priv_unwrap(TEMPLATE *, CK_BYTE *, CK_ULONG);
1142 
1143 // Generic secret key routines
1144 CK_RV generic_secret_check_required_attributes(TEMPLATE *, CK_ULONG);
1145 CK_RV generic_secret_set_default_attributes(TEMPLATE *, CK_ULONG);
1146 CK_RV generic_secret_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1147 CK_RV generic_secret_wrap_get_data(TEMPLATE *, CK_BBOOL,
1148 	CK_BYTE **, CK_ULONG *);
1149 
1150 CK_RV generic_secret_unwrap(TEMPLATE *, CK_BYTE *, CK_ULONG, CK_BBOOL fromend);
1151 
1152 CK_RV tpm_encrypt_data(TSS_HCONTEXT,
1153 	TSS_HKEY, CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *);
1154 
1155 CK_RV tpm_decrypt_data(TSS_HCONTEXT,
1156 	TSS_HKEY, CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *);
1157 
1158 CK_ULONG ber_encode_INTEGER(CK_BBOOL,
1159 	CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1160 
1161 CK_RV ber_decode_INTEGER(CK_BYTE *,
1162 	CK_BYTE **, CK_ULONG *, CK_ULONG *);
1163 
1164 CK_RV ber_encode_OCTET_STRING(CK_BBOOL,
1165 	CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1166 
1167 CK_RV ber_decode_OCTET_STRING(CK_BYTE *,
1168 	CK_BYTE **, CK_ULONG *, CK_ULONG *);
1169 
1170 CK_RV ber_encode_SEQUENCE(CK_BBOOL,
1171 	CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1172 
1173 CK_RV ber_decode_SEQUENCE(CK_BYTE *,
1174 	CK_BYTE **, CK_ULONG *, CK_ULONG *);
1175 
1176 CK_RV ber_encode_PrivateKeyInfo(CK_BBOOL,
1177 	CK_BYTE **, CK_ULONG *, CK_BYTE *,
1178 	CK_ULONG, CK_BYTE *, CK_ULONG);
1179 
1180 CK_RV ber_decode_PrivateKeyInfo(CK_BYTE *,
1181 	CK_ULONG, CK_BYTE **, CK_ULONG *, CK_BYTE **);
1182 
1183 CK_RV ber_encode_RSAPrivateKey(CK_BBOOL,
1184 	CK_BYTE **, CK_ULONG *, CK_ATTRIBUTE *,
1185 	CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *,
1186 	CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *,
1187 	CK_ATTRIBUTE *);
1188 
1189 CK_RV ber_decode_RSAPrivateKey(CK_BYTE *,
1190 	CK_ULONG, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1191 	CK_ATTRIBUTE **, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1192 	CK_ATTRIBUTE **, CK_ATTRIBUTE **, CK_ATTRIBUTE **);
1193 
1194 
1195 CK_RV ber_encode_DSAPrivateKey(CK_BBOOL,
1196 	CK_BYTE **, CK_ULONG *, CK_ATTRIBUTE *,
1197 	CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *);
1198 
1199 CK_RV ber_decode_DSAPrivateKey(CK_BYTE *,
1200 	CK_ULONG, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1201 	CK_ATTRIBUTE **, CK_ATTRIBUTE **);
1202 
1203 #define	APPID	"TPM_STDLL"
1204 
1205 /* log to stdout */
1206 #define	LogMessage(dest, priority, layer, fmt, ...) \
1207 	(void) fprintf(dest, "%s %s %s:%d " fmt "\n", (char *)priority, \
1208 		(char *)layer, (char *)__FILE__,\
1209 		(int)__LINE__, __VA_ARGS__);
1210 
1211 #define	LogMessage1(dest, priority, layer, data) \
1212 	(void) fprintf(dest, "%s %s %s:%d %s\n", priority, layer, __FILE__, \
1213 	__LINE__, data);
1214 
1215 /* Debug logging */
1216 #ifdef DEBUG
1217 #define	LogDebug(fmt, ...) LogMessage(stdout, "LOG_DEBUG", APPID, \
1218 	fmt, __VA_ARGS__)
1219 
1220 #define	LogDebug1(data) LogMessage1(stdout, "LOG_DEBUG", APPID, data)
1221 
1222 /* Error logging */
1223 #define	LogError(fmt, ...) LogMessage(stderr, "LOG_ERR", APPID,\
1224 	"ERROR: " fmt, __VA_ARGS__)
1225 
1226 #define	LogError1(data) LogMessage1(stderr, "LOG_ERR", APPID,\
1227 	"ERROR: " data)
1228 
1229 /* Warn logging */
1230 #define	LogWarn(fmt, ...) LogMessage(stdout, "LOG_WARNING", APPID,\
1231 	"WARNING: " fmt, __VA_ARGS__)
1232 
1233 #define	LogWarn1(data) LogMessage1(stdout, "LOG_WARNING", APPID,\
1234 	"WARNING: " data)
1235 
1236 /* Info Logging */
1237 #define	LogInfo(fmt, ...) LogMessage(stdout, "LOG_INFO", APPID,\
1238 	fmt, __VA_ARGS__)
1239 
1240 #define	LogInfo1(data) LogMessage1(stdout, "LOG_INFO", APPID, data)
1241 
1242 #define	st_err_log(...) LogMessage(stderr, "ST MSG", APPID,\
1243 	"", __VA_ARGS__)
1244 #else
1245 #define	LogDebug(...)
1246 #define	LogDebug1(...)
1247 #define	LogBlob(...)
1248 #define	LogError(...)
1249 #define	LogError1(...)
1250 #define	LogWarn(...)
1251 #define	LogWarn1(...)
1252 #define	LogInfo(...)
1253 #define	LogInfo1(...)
1254 #define	st_err_log(...)
1255 #endif
1256 
1257 /*
1258  * CK_FUNCTION_LIST is a structure holding a Cryptoki spec
1259  * version and pointers of appropriate types to all the
1260  * Cryptoki functions
1261  */
1262 
1263 /* CK_FUNCTION_LIST is new for v2.0 */
1264 
1265 typedef CK_RV
1266 	(CK_PTR ST_C_Initialize)
1267 	(void *ppFunctionList, CK_SLOT_ID slotID, CK_CHAR_PTR pCorrelator);
1268 typedef CK_RV
1269 	(CK_PTR  ST_C_Finalize)
1270 	(CK_VOID_PTR pReserved);
1271 typedef CK_RV
1272 	(CK_PTR  ST_C_Terminate)();
1273 typedef CK_RV
1274 	(CK_PTR  ST_C_GetInfo)
1275 	(CK_INFO_PTR pInfo);
1276 typedef CK_RV
1277 	(CK_PTR  ST_C_GetFunctionList)
1278 	(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
1279 typedef CK_RV
1280 	(CK_PTR  ST_C_GetSlotList)
1281 	(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList,
1282 	CK_ULONG_PTR pusCount);
1283 typedef CK_RV
1284 	(CK_PTR  ST_C_GetSlotInfo)
1285 	(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo);
1286 typedef CK_RV
1287 	(CK_PTR  ST_C_GetTokenInfo)
1288 	(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo);
1289 typedef CK_RV
1290 	(CK_PTR  ST_C_GetMechanismList)
1291 	(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList,
1292 	CK_ULONG_PTR pusCount);
1293 typedef CK_RV
1294 	(CK_PTR  ST_C_GetMechanismInfo)
1295 	(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
1296 	CK_MECHANISM_INFO_PTR pInfo);
1297 typedef CK_RV
1298 	(CK_PTR  ST_C_InitToken)
1299 	(CK_SLOT_ID slotID, CK_CHAR_PTR pPin, CK_ULONG usPinLen,
1300 	CK_CHAR_PTR pLabel);
1301 typedef CK_RV
1302 	(CK_PTR  ST_C_InitPIN)
1303 	(ST_SESSION_T hSession, CK_CHAR_PTR pPin,
1304 	CK_ULONG usPinLen);
1305 typedef CK_RV
1306 	(CK_PTR  ST_C_SetPIN)
1307 	(ST_SESSION_T hSession, CK_CHAR_PTR pOldPin,
1308 	CK_ULONG usOldLen, CK_CHAR_PTR pNewPin,
1309 	CK_ULONG usNewLen);
1310 
1311 typedef CK_RV
1312 	(CK_PTR  ST_C_OpenSession)
1313 	(CK_SLOT_ID slotID, CK_FLAGS flags,
1314 	CK_SESSION_HANDLE_PTR phSession);
1315 
1316 typedef CK_RV
1317 	(CK_PTR  ST_C_CloseSession)
1318 	(ST_SESSION_T hSession);
1319 typedef CK_RV
1320 	(CK_PTR  ST_C_CloseAllSessions)
1321 	(CK_SLOT_ID slotID);
1322 typedef CK_RV
1323 	(CK_PTR  ST_C_GetSessionInfo)
1324 	(ST_SESSION_T hSession, CK_SESSION_INFO_PTR pInfo);
1325 typedef CK_RV
1326 	(CK_PTR  ST_C_GetOperationState)
1327 	(ST_SESSION_T hSession, CK_BYTE_PTR pOperationState,
1328 	CK_ULONG_PTR pulOperationStateLen);
1329 typedef CK_RV
1330 	(CK_PTR  ST_C_SetOperationState)
1331 	(ST_SESSION_T hSession, CK_BYTE_PTR pOperationState,
1332 	CK_ULONG ulOperationStateLen,
1333 	CK_OBJECT_HANDLE hEncryptionKey,
1334 	CK_OBJECT_HANDLE hAuthenticationKey);
1335 typedef CK_RV
1336 	(CK_PTR  ST_C_Login)(ST_SESSION_T hSession,
1337 	CK_USER_TYPE userType, CK_CHAR_PTR pPin,
1338 	CK_ULONG usPinLen);
1339 typedef CK_RV
1340 	(CK_PTR  ST_C_Logout)(ST_SESSION_T hSession);
1341 typedef CK_RV
1342 	(CK_PTR  ST_C_CreateObject)
1343 	(ST_SESSION_T hSession, CK_ATTRIBUTE_PTR pTemplate,
1344 	CK_ULONG usCount, CK_OBJECT_HANDLE_PTR phObject);
1345 
1346 typedef CK_RV
1347 	(CK_PTR  ST_C_CopyObject)
1348 	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1349 	CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
1350 	CK_OBJECT_HANDLE_PTR phNewObject);
1351 typedef CK_RV
1352 	(CK_PTR  ST_C_DestroyObject)
1353 	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject);
1354 typedef CK_RV
1355 	(CK_PTR  ST_C_GetObjectSize)
1356 	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1357 	CK_ULONG_PTR pusSize);
1358 typedef CK_RV
1359 	(CK_PTR  ST_C_GetAttributeValue)
1360 	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1361 	CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount);
1362 typedef CK_RV
1363 	(CK_PTR  ST_C_SetAttributeValue)
1364 	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1365 	CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount);
1366 typedef CK_RV
1367 	(CK_PTR  ST_C_FindObjectsInit)
1368 	(ST_SESSION_T hSession, CK_ATTRIBUTE_PTR pTemplate,
1369 	CK_ULONG usCount);
1370 typedef CK_RV
1371 	(CK_PTR  ST_C_FindObjects)
1372 	(ST_SESSION_T hSession,
1373 	CK_OBJECT_HANDLE_PTR phObject, CK_ULONG usMaxObjectCount,
1374 	CK_ULONG_PTR pusObjectCount);
1375 typedef CK_RV
1376 	(CK_PTR  ST_C_FindObjectsFinal)
1377 	(ST_SESSION_T hSession);
1378 typedef CK_RV
1379 	(CK_PTR  ST_C_EncryptInit)
1380 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1381 	CK_OBJECT_HANDLE hKey);
1382 typedef CK_RV
1383 	(CK_PTR  ST_C_Encrypt)
1384 	(ST_SESSION_T hSession, CK_BYTE_PTR pData,
1385 	CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
1386 	CK_ULONG_PTR pusEncryptedDataLen);
1387 typedef CK_RV
1388 	(CK_PTR  ST_C_EncryptUpdate)
1389 	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1390 	CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
1391 	CK_ULONG_PTR pusEncryptedPartLen);
1392 typedef CK_RV
1393 	(CK_PTR  ST_C_EncryptFinal)
1394 	(ST_SESSION_T hSession,
1395 	CK_BYTE_PTR pLastEncryptedPart,
1396 	CK_ULONG_PTR pusLastEncryptedPartLen);
1397 typedef CK_RV
1398 	(CK_PTR  ST_C_DecryptInit)
1399 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1400 	CK_OBJECT_HANDLE hKey);
1401 typedef CK_RV
1402 	(CK_PTR  ST_C_Decrypt)
1403 	(ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedData,
1404 	CK_ULONG usEncryptedDataLen, CK_BYTE_PTR pData,
1405 	CK_ULONG_PTR pusDataLen);
1406 typedef CK_RV
1407 	(CK_PTR  ST_C_DecryptUpdate)
1408 	(ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedPart,
1409 	CK_ULONG usEncryptedPartLen, CK_BYTE_PTR pPart,
1410 	CK_ULONG_PTR pusPartLen);
1411 typedef CK_RV
1412 	(CK_PTR  ST_C_DecryptFinal)
1413 	(ST_SESSION_T hSession, CK_BYTE_PTR pLastPart,
1414 	CK_ULONG_PTR pusLastPartLen);
1415 typedef CK_RV
1416 	(CK_PTR  ST_C_DigestInit)
1417 	(ST_SESSION_T hSession,
1418 	CK_MECHANISM_PTR pMechanism);
1419 typedef CK_RV
1420 	(CK_PTR  ST_C_Digest)
1421 	(ST_SESSION_T hSession, CK_BYTE_PTR pData,
1422 	CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
1423 	CK_ULONG_PTR pusDigestLen);
1424 typedef CK_RV
1425 	(CK_PTR  ST_C_DigestUpdate)
1426 	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1427 	CK_ULONG usPartLen);
1428 typedef CK_RV
1429 	(CK_PTR  ST_C_DigestKey)
1430 	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hKey);
1431 typedef CK_RV
1432 	(CK_PTR  ST_C_DigestFinal)
1433 	(ST_SESSION_T hSession, CK_BYTE_PTR pDigest,
1434 	CK_ULONG_PTR pusDigestLen);
1435 typedef CK_RV
1436 	(CK_PTR  ST_C_SignInit)
1437 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1438 	CK_OBJECT_HANDLE hKey);
1439 typedef CK_RV
1440 	(CK_PTR  ST_C_Sign)
1441 	(ST_SESSION_T hSession, CK_BYTE_PTR pData,
1442 	CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
1443 	CK_ULONG_PTR pusSignatureLen);
1444 typedef CK_RV
1445 	(CK_PTR  ST_C_SignUpdate)
1446 	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1447 	CK_ULONG usPartLen);
1448 typedef CK_RV
1449 	(CK_PTR  ST_C_SignFinal)
1450 	(ST_SESSION_T hSession, CK_BYTE_PTR pSignature,
1451 	CK_ULONG_PTR pusSignatureLen);
1452 typedef CK_RV
1453 	(CK_PTR  ST_C_SignRecoverInit)
1454 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1455 	CK_OBJECT_HANDLE hKey);
1456 typedef CK_RV
1457 	(CK_PTR  ST_C_SignRecover)
1458 	(ST_SESSION_T hSession, CK_BYTE_PTR pData,
1459 	CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
1460 	CK_ULONG_PTR pusSignatureLen);
1461 typedef CK_RV
1462 	(CK_PTR  ST_C_VerifyInit)
1463 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1464 	CK_OBJECT_HANDLE hKey);
1465 typedef CK_RV
1466 	(CK_PTR  ST_C_Verify)
1467 	(ST_SESSION_T hSession, CK_BYTE_PTR pData,
1468 	CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
1469 	CK_ULONG usSignatureLen);
1470 typedef CK_RV
1471 	(CK_PTR  ST_C_VerifyUpdate)
1472 	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1473 	CK_ULONG usPartLen);
1474 typedef CK_RV
1475 	(CK_PTR  ST_C_VerifyFinal)
1476 	(ST_SESSION_T hSession, CK_BYTE_PTR pSignature,
1477 	CK_ULONG usSignatureLen);
1478 typedef CK_RV
1479 	(CK_PTR  ST_C_VerifyRecoverInit)
1480 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1481 	CK_OBJECT_HANDLE hKey);
1482 typedef CK_RV
1483 	(CK_PTR  ST_C_VerifyRecover)
1484 	(ST_SESSION_T hSession, CK_BYTE_PTR pSignature,
1485 	CK_ULONG usSignatureLen, CK_BYTE_PTR pData,
1486 	CK_ULONG_PTR pusDataLen);
1487 typedef CK_RV
1488 	(CK_PTR  ST_C_DigestEncryptUpdate)
1489 	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1490 	CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1491 	CK_ULONG_PTR pulEncryptedPartLen);
1492 typedef CK_RV
1493 	(CK_PTR  ST_C_DecryptDigestUpdate)
1494 	(ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedPart,
1495 	CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
1496 	CK_ULONG_PTR pulPartLen);
1497 typedef CK_RV
1498 	(CK_PTR  ST_C_SignEncryptUpdate)
1499 	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1500 	CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1501 	CK_ULONG_PTR pulEncryptedPartLen);
1502 typedef CK_RV
1503 	(CK_PTR  ST_C_DecryptVerifyUpdate)
1504 	(ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedPart,
1505 	CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
1506 	CK_ULONG_PTR pulPartLen);
1507 typedef CK_RV
1508 	(CK_PTR  ST_C_GenerateKey)
1509 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1510 	CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
1511 	CK_OBJECT_HANDLE_PTR phKey);
1512 typedef CK_RV
1513 	(CK_PTR  ST_C_GenerateKeyPair)
1514 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1515 	CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1516 	CK_ULONG usPublicKeyAttributeCount,
1517 	CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
1518 	CK_ULONG usPrivateKeyAttributeCount,
1519 	CK_OBJECT_HANDLE_PTR phPrivateKey,
1520 	CK_OBJECT_HANDLE_PTR phPublicKey);
1521 typedef CK_RV
1522 	(CK_PTR  ST_C_WrapKey)
1523 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1524 	CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
1525 	CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pusWrappedKeyLen);
1526 typedef CK_RV
1527 	(CK_PTR  ST_C_UnwrapKey)
1528 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1529 	CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey,
1530 	CK_ULONG usWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate,
1531 	CK_ULONG usAttributeCount, CK_OBJECT_HANDLE_PTR phKey);
1532 typedef CK_RV
1533 	(CK_PTR  ST_C_DeriveKey)
1534 	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1535 	CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate,
1536 	CK_ULONG usAttributeCount, CK_OBJECT_HANDLE_PTR phKey);
1537 typedef CK_RV
1538 	(CK_PTR  ST_C_SeedRandom)
1539 	(ST_SESSION_T hSession, CK_BYTE_PTR pSeed,
1540 	CK_ULONG usSeedLen);
1541 typedef CK_RV
1542 	(CK_PTR  ST_C_GenerateRandom)
1543 	(ST_SESSION_T hSession, CK_BYTE_PTR pRandomData,
1544 	CK_ULONG usRandomLen);
1545 typedef CK_RV
1546 	(CK_PTR  ST_C_GetFunctionStatus)
1547 	(ST_SESSION_T hSession);
1548 typedef CK_RV
1549 	(CK_PTR  ST_C_CancelFunction)
1550 	(ST_SESSION_T hSession);
1551 typedef CK_RV
1552 	(CK_PTR  ST_Notify)
1553 	(ST_SESSION_T hSession, CK_NOTIFICATION event,
1554 	CK_VOID_PTR pApplication);
1555 typedef CK_RV
1556 	(CK_PTR  ST_C_WaitForSlotEvent)
1557 	(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
1558 	CK_VOID_PTR pReserved);
1559 
1560 
1561 
1562 struct ST_FCN_LIST {
1563 
1564 	ST_C_Initialize ST_Initialize;
1565 	ST_C_Finalize ST_Finalize;
1566 
1567 	ST_C_GetTokenInfo ST_GetTokenInfo;
1568 	ST_C_GetMechanismList ST_GetMechanismList;
1569 	ST_C_GetMechanismInfo ST_GetMechanismInfo;
1570 	ST_C_InitToken ST_InitToken;
1571 	ST_C_InitPIN ST_InitPIN;
1572 	ST_C_SetPIN ST_SetPIN;
1573 
1574 	ST_C_OpenSession ST_OpenSession;
1575 	ST_C_CloseSession ST_CloseSession;
1576 	ST_C_GetSessionInfo ST_GetSessionInfo;
1577 	ST_C_GetOperationState ST_GetOperationState;
1578 	ST_C_SetOperationState ST_SetOperationState;
1579 	ST_C_Login ST_Login;
1580 	ST_C_Logout ST_Logout;
1581 
1582 	ST_C_CreateObject ST_CreateObject;
1583 	ST_C_CopyObject ST_CopyObject;
1584 	ST_C_DestroyObject ST_DestroyObject;
1585 	ST_C_GetObjectSize ST_GetObjectSize;
1586 	ST_C_GetAttributeValue ST_GetAttributeValue;
1587 	ST_C_SetAttributeValue ST_SetAttributeValue;
1588 	ST_C_FindObjectsInit ST_FindObjectsInit;
1589 	ST_C_FindObjects ST_FindObjects;
1590 	ST_C_FindObjectsFinal ST_FindObjectsFinal;
1591 
1592 
1593 	ST_C_EncryptInit ST_EncryptInit;
1594 	ST_C_Encrypt ST_Encrypt;
1595 	ST_C_EncryptUpdate ST_EncryptUpdate;
1596 	ST_C_EncryptFinal ST_EncryptFinal;
1597 	ST_C_DecryptInit ST_DecryptInit;
1598 	ST_C_Decrypt ST_Decrypt;
1599 	ST_C_DecryptUpdate ST_DecryptUpdate;
1600 	ST_C_DecryptFinal ST_DecryptFinal;
1601 	ST_C_DigestInit ST_DigestInit;
1602 	ST_C_Digest ST_Digest;
1603 	ST_C_DigestUpdate ST_DigestUpdate;
1604 	ST_C_DigestKey ST_DigestKey;
1605 	ST_C_DigestFinal ST_DigestFinal;
1606 	ST_C_SignInit ST_SignInit;
1607 	ST_C_Sign ST_Sign;
1608 	ST_C_SignUpdate ST_SignUpdate;
1609 	ST_C_SignFinal ST_SignFinal;
1610 	ST_C_SignRecoverInit ST_SignRecoverInit;
1611 	ST_C_SignRecover ST_SignRecover;
1612 	ST_C_VerifyInit ST_VerifyInit;
1613 	ST_C_Verify ST_Verify;
1614 	ST_C_VerifyUpdate ST_VerifyUpdate;
1615 	ST_C_VerifyFinal ST_VerifyFinal;
1616 	ST_C_VerifyRecoverInit ST_VerifyRecoverInit;
1617 	ST_C_VerifyRecover ST_VerifyRecover;
1618 	ST_C_DigestEncryptUpdate ST_DigestEncryptUpdate;
1619 	ST_C_DecryptDigestUpdate ST_DecryptDigestUpdate;
1620 	ST_C_SignEncryptUpdate ST_SignEncryptUpdate;
1621 	ST_C_DecryptVerifyUpdate ST_DecryptVerifyUpdate;
1622 	ST_C_GenerateKey ST_GenerateKey;
1623 	ST_C_GenerateKeyPair ST_GenerateKeyPair;
1624 	ST_C_WrapKey ST_WrapKey;
1625 	ST_C_UnwrapKey ST_UnwrapKey;
1626 	ST_C_DeriveKey ST_DeriveKey;
1627 	ST_C_SeedRandom ST_SeedRandom;
1628 	ST_C_GenerateRandom ST_GenerateRandom;
1629 	ST_C_GetFunctionStatus ST_GetFunctionStatus;
1630 	ST_C_CancelFunction ST_CancelFunction;
1631 };
1632 
1633 typedef struct ST_FCN_LIST  STDLL_FcnList_t;
1634 
1635 #endif /* _TPMTOK_INT_H */
1636