17c478bd9Sstevel@tonic-gate /* pkcs11t.h include file for PKCS #11. */ 2*1e9884acSmcpowers /* $Revision: 1.10 $ */ 37c478bd9Sstevel@tonic-gate 47c478bd9Sstevel@tonic-gate /* License to copy and use this software is granted provided that it is 57c478bd9Sstevel@tonic-gate * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 67c478bd9Sstevel@tonic-gate * (Cryptoki)" in all material mentioning or referencing this software. 77c478bd9Sstevel@tonic-gate 87c478bd9Sstevel@tonic-gate * License is also granted to make and use derivative works provided that 97c478bd9Sstevel@tonic-gate * such works are identified as "derived from the RSA Security Inc. PKCS #11 107c478bd9Sstevel@tonic-gate * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 117c478bd9Sstevel@tonic-gate * referencing the derived work. 127c478bd9Sstevel@tonic-gate 137c478bd9Sstevel@tonic-gate * RSA Security Inc. makes no representations concerning either the 147c478bd9Sstevel@tonic-gate * merchantability of this software or the suitability of this software for 157c478bd9Sstevel@tonic-gate * any particular purpose. It is provided "as is" without express or implied 167c478bd9Sstevel@tonic-gate * warranty of any kind. 177c478bd9Sstevel@tonic-gate */ 187c478bd9Sstevel@tonic-gate 197c478bd9Sstevel@tonic-gate /* See top of pkcs11.h for information about the macros that 207c478bd9Sstevel@tonic-gate * must be defined and the structure-packing conventions that 217c478bd9Sstevel@tonic-gate * must be set before including this file. */ 227c478bd9Sstevel@tonic-gate 237c478bd9Sstevel@tonic-gate #ifndef _PKCS11T_H_ 247c478bd9Sstevel@tonic-gate #define _PKCS11T_H_ 1 257c478bd9Sstevel@tonic-gate 26*1e9884acSmcpowers #define CRYPTOKI_VERSION_MAJOR 2 27*1e9884acSmcpowers #define CRYPTOKI_VERSION_MINOR 20 28*1e9884acSmcpowers #define CRYPTOKI_VERSION_AMENDMENT 3 29*1e9884acSmcpowers 30f66d273dSizick #define CK_TRUE 1 31f66d273dSizick #define CK_FALSE 0 32f66d273dSizick 337c478bd9Sstevel@tonic-gate #ifndef CK_DISABLE_TRUE_FALSE 347c478bd9Sstevel@tonic-gate #ifndef FALSE 35f66d273dSizick #define FALSE CK_FALSE 367c478bd9Sstevel@tonic-gate #endif 377c478bd9Sstevel@tonic-gate 387c478bd9Sstevel@tonic-gate #ifndef TRUE 39f66d273dSizick #define TRUE CK_TRUE 407c478bd9Sstevel@tonic-gate #endif 417c478bd9Sstevel@tonic-gate #endif 427c478bd9Sstevel@tonic-gate 437c478bd9Sstevel@tonic-gate /* an unsigned 8-bit value */ 447c478bd9Sstevel@tonic-gate typedef unsigned char CK_BYTE; 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate /* an unsigned 8-bit character */ 477c478bd9Sstevel@tonic-gate typedef CK_BYTE CK_CHAR; 487c478bd9Sstevel@tonic-gate 497c478bd9Sstevel@tonic-gate /* an 8-bit UTF-8 character */ 507c478bd9Sstevel@tonic-gate typedef CK_BYTE CK_UTF8CHAR; 517c478bd9Sstevel@tonic-gate 527c478bd9Sstevel@tonic-gate /* a BYTE-sized Boolean flag */ 537c478bd9Sstevel@tonic-gate typedef CK_BYTE CK_BBOOL; 547c478bd9Sstevel@tonic-gate 557c478bd9Sstevel@tonic-gate /* an unsigned value, at least 32 bits long */ 567c478bd9Sstevel@tonic-gate typedef unsigned long int CK_ULONG; 577c478bd9Sstevel@tonic-gate 587c478bd9Sstevel@tonic-gate /* a signed value, the same size as a CK_ULONG */ 597c478bd9Sstevel@tonic-gate /* CK_LONG is new for v2.0 */ 607c478bd9Sstevel@tonic-gate typedef long int CK_LONG; 617c478bd9Sstevel@tonic-gate 627c478bd9Sstevel@tonic-gate /* at least 32 bits; each bit is a Boolean flag */ 637c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_FLAGS; 647c478bd9Sstevel@tonic-gate 657c478bd9Sstevel@tonic-gate 667c478bd9Sstevel@tonic-gate /* some special values for certain CK_ULONG variables */ 677c478bd9Sstevel@tonic-gate #define CK_UNAVAILABLE_INFORMATION (~0UL) 687c478bd9Sstevel@tonic-gate #define CK_EFFECTIVELY_INFINITE 0 697c478bd9Sstevel@tonic-gate 707c478bd9Sstevel@tonic-gate 717c478bd9Sstevel@tonic-gate typedef CK_BYTE CK_PTR CK_BYTE_PTR; 727c478bd9Sstevel@tonic-gate typedef CK_CHAR CK_PTR CK_CHAR_PTR; 737c478bd9Sstevel@tonic-gate typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; 747c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_PTR CK_ULONG_PTR; 757c478bd9Sstevel@tonic-gate typedef void CK_PTR CK_VOID_PTR; 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ 787c478bd9Sstevel@tonic-gate typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; 797c478bd9Sstevel@tonic-gate 807c478bd9Sstevel@tonic-gate 817c478bd9Sstevel@tonic-gate /* The following value is always invalid if used as a session */ 827c478bd9Sstevel@tonic-gate /* handle or object handle */ 837c478bd9Sstevel@tonic-gate #define CK_INVALID_HANDLE 0 847c478bd9Sstevel@tonic-gate 857c478bd9Sstevel@tonic-gate 867c478bd9Sstevel@tonic-gate typedef struct CK_VERSION { 877c478bd9Sstevel@tonic-gate CK_BYTE major; /* integer portion of version number */ 887c478bd9Sstevel@tonic-gate CK_BYTE minor; /* 1/100ths portion of version number */ 897c478bd9Sstevel@tonic-gate } CK_VERSION; 907c478bd9Sstevel@tonic-gate 917c478bd9Sstevel@tonic-gate typedef CK_VERSION CK_PTR CK_VERSION_PTR; 927c478bd9Sstevel@tonic-gate 937c478bd9Sstevel@tonic-gate 947c478bd9Sstevel@tonic-gate typedef struct CK_INFO { 957c478bd9Sstevel@tonic-gate /* manufacturerID and libraryDecription have been changed from 967c478bd9Sstevel@tonic-gate * CK_CHAR to CK_UTF8CHAR for v2.10 */ 977c478bd9Sstevel@tonic-gate CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ 987c478bd9Sstevel@tonic-gate CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 997c478bd9Sstevel@tonic-gate CK_FLAGS flags; /* must be zero */ 1007c478bd9Sstevel@tonic-gate 1017c478bd9Sstevel@tonic-gate /* libraryDescription and libraryVersion are new for v2.0 */ 1027c478bd9Sstevel@tonic-gate CK_UTF8CHAR libraryDescription[32]; /* blank padded */ 1037c478bd9Sstevel@tonic-gate CK_VERSION libraryVersion; /* version of library */ 1047c478bd9Sstevel@tonic-gate } CK_INFO; 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate typedef CK_INFO CK_PTR CK_INFO_PTR; 1077c478bd9Sstevel@tonic-gate 1087c478bd9Sstevel@tonic-gate 1097c478bd9Sstevel@tonic-gate /* CK_NOTIFICATION enumerates the types of notifications that 1107c478bd9Sstevel@tonic-gate * Cryptoki provides to an application */ 1117c478bd9Sstevel@tonic-gate /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG 1127c478bd9Sstevel@tonic-gate * for v2.0 */ 1137c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_NOTIFICATION; 1147c478bd9Sstevel@tonic-gate #define CKN_SURRENDER 0 1157c478bd9Sstevel@tonic-gate 116*1e9884acSmcpowers /* The following notification is new for PKCS #11 v2.20 amendment 3 */ 117*1e9884acSmcpowers #define CKN_OTP_CHANGED 1 118*1e9884acSmcpowers 1197c478bd9Sstevel@tonic-gate 1207c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_SLOT_ID; 1217c478bd9Sstevel@tonic-gate 1227c478bd9Sstevel@tonic-gate typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; 1237c478bd9Sstevel@tonic-gate 1247c478bd9Sstevel@tonic-gate 1257c478bd9Sstevel@tonic-gate /* CK_SLOT_INFO provides information about a slot */ 1267c478bd9Sstevel@tonic-gate typedef struct CK_SLOT_INFO { 1277c478bd9Sstevel@tonic-gate /* slotDescription and manufacturerID have been changed from 1287c478bd9Sstevel@tonic-gate * CK_CHAR to CK_UTF8CHAR for v2.10 */ 1297c478bd9Sstevel@tonic-gate CK_UTF8CHAR slotDescription[64]; /* blank padded */ 1307c478bd9Sstevel@tonic-gate CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 1317c478bd9Sstevel@tonic-gate CK_FLAGS flags; 1327c478bd9Sstevel@tonic-gate 1337c478bd9Sstevel@tonic-gate /* hardwareVersion and firmwareVersion are new for v2.0 */ 1347c478bd9Sstevel@tonic-gate CK_VERSION hardwareVersion; /* version of hardware */ 1357c478bd9Sstevel@tonic-gate CK_VERSION firmwareVersion; /* version of firmware */ 1367c478bd9Sstevel@tonic-gate } CK_SLOT_INFO; 1377c478bd9Sstevel@tonic-gate 1387c478bd9Sstevel@tonic-gate /* flags: bit flags that provide capabilities of the slot 1397c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning 1407c478bd9Sstevel@tonic-gate */ 1417c478bd9Sstevel@tonic-gate #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ 1427c478bd9Sstevel@tonic-gate #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ 1437c478bd9Sstevel@tonic-gate #define CKF_HW_SLOT 0x00000004 /* hardware slot */ 1447c478bd9Sstevel@tonic-gate 1457c478bd9Sstevel@tonic-gate typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; 1467c478bd9Sstevel@tonic-gate 1477c478bd9Sstevel@tonic-gate 1487c478bd9Sstevel@tonic-gate /* CK_TOKEN_INFO provides information about a token */ 1497c478bd9Sstevel@tonic-gate typedef struct CK_TOKEN_INFO { 1507c478bd9Sstevel@tonic-gate /* label, manufacturerID, and model have been changed from 1517c478bd9Sstevel@tonic-gate * CK_CHAR to CK_UTF8CHAR for v2.10 */ 1527c478bd9Sstevel@tonic-gate CK_UTF8CHAR label[32]; /* blank padded */ 1537c478bd9Sstevel@tonic-gate CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 1547c478bd9Sstevel@tonic-gate CK_UTF8CHAR model[16]; /* blank padded */ 1557c478bd9Sstevel@tonic-gate CK_CHAR serialNumber[16]; /* blank padded */ 1567c478bd9Sstevel@tonic-gate CK_FLAGS flags; /* see below */ 1577c478bd9Sstevel@tonic-gate 1587c478bd9Sstevel@tonic-gate /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, 1597c478bd9Sstevel@tonic-gate * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been 1607c478bd9Sstevel@tonic-gate * changed from CK_USHORT to CK_ULONG for v2.0 */ 1617c478bd9Sstevel@tonic-gate CK_ULONG ulMaxSessionCount; /* max open sessions */ 1627c478bd9Sstevel@tonic-gate CK_ULONG ulSessionCount; /* sess. now open */ 1637c478bd9Sstevel@tonic-gate CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ 1647c478bd9Sstevel@tonic-gate CK_ULONG ulRwSessionCount; /* R/W sess. now open */ 1657c478bd9Sstevel@tonic-gate CK_ULONG ulMaxPinLen; /* in bytes */ 1667c478bd9Sstevel@tonic-gate CK_ULONG ulMinPinLen; /* in bytes */ 1677c478bd9Sstevel@tonic-gate CK_ULONG ulTotalPublicMemory; /* in bytes */ 1687c478bd9Sstevel@tonic-gate CK_ULONG ulFreePublicMemory; /* in bytes */ 1697c478bd9Sstevel@tonic-gate CK_ULONG ulTotalPrivateMemory; /* in bytes */ 1707c478bd9Sstevel@tonic-gate CK_ULONG ulFreePrivateMemory; /* in bytes */ 1717c478bd9Sstevel@tonic-gate 1727c478bd9Sstevel@tonic-gate /* hardwareVersion, firmwareVersion, and time are new for 1737c478bd9Sstevel@tonic-gate * v2.0 */ 1747c478bd9Sstevel@tonic-gate CK_VERSION hardwareVersion; /* version of hardware */ 1757c478bd9Sstevel@tonic-gate CK_VERSION firmwareVersion; /* version of firmware */ 1767c478bd9Sstevel@tonic-gate CK_CHAR utcTime[16]; /* time */ 1777c478bd9Sstevel@tonic-gate } CK_TOKEN_INFO; 1787c478bd9Sstevel@tonic-gate 1797c478bd9Sstevel@tonic-gate /* The flags parameter is defined as follows: 1807c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning 1817c478bd9Sstevel@tonic-gate */ 1827c478bd9Sstevel@tonic-gate #define CKF_RNG 0x00000001 /* has random # 1837c478bd9Sstevel@tonic-gate * generator */ 1847c478bd9Sstevel@tonic-gate #define CKF_WRITE_PROTECTED 0x00000002 /* token is 1857c478bd9Sstevel@tonic-gate * write- 1867c478bd9Sstevel@tonic-gate * protected */ 1877c478bd9Sstevel@tonic-gate #define CKF_LOGIN_REQUIRED 0x00000004 /* user must 1887c478bd9Sstevel@tonic-gate * login */ 1897c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's 1907c478bd9Sstevel@tonic-gate * PIN is set */ 1917c478bd9Sstevel@tonic-gate 1927c478bd9Sstevel@tonic-gate /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, 1937c478bd9Sstevel@tonic-gate * that means that *every* time the state of cryptographic 1947c478bd9Sstevel@tonic-gate * operations of a session is successfully saved, all keys 1957c478bd9Sstevel@tonic-gate * needed to continue those operations are stored in the state */ 1967c478bd9Sstevel@tonic-gate #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 1977c478bd9Sstevel@tonic-gate 1987c478bd9Sstevel@tonic-gate /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means 1997c478bd9Sstevel@tonic-gate * that the token has some sort of clock. The time on that 2007c478bd9Sstevel@tonic-gate * clock is returned in the token info structure */ 2017c478bd9Sstevel@tonic-gate #define CKF_CLOCK_ON_TOKEN 0x00000040 2027c478bd9Sstevel@tonic-gate 2037c478bd9Sstevel@tonic-gate /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is 2047c478bd9Sstevel@tonic-gate * set, that means that there is some way for the user to login 2057c478bd9Sstevel@tonic-gate * without sending a PIN through the Cryptoki library itself */ 2067c478bd9Sstevel@tonic-gate #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 2077c478bd9Sstevel@tonic-gate 2087c478bd9Sstevel@tonic-gate /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, 2097c478bd9Sstevel@tonic-gate * that means that a single session with the token can perform 2107c478bd9Sstevel@tonic-gate * dual simultaneous cryptographic operations (digest and 2117c478bd9Sstevel@tonic-gate * encrypt; decrypt and digest; sign and encrypt; and decrypt 2127c478bd9Sstevel@tonic-gate * and sign) */ 2137c478bd9Sstevel@tonic-gate #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 2147c478bd9Sstevel@tonic-gate 2157c478bd9Sstevel@tonic-gate /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the 2167c478bd9Sstevel@tonic-gate * token has been initialized using C_InitializeToken or an 2177c478bd9Sstevel@tonic-gate * equivalent mechanism outside the scope of PKCS #11. 2187c478bd9Sstevel@tonic-gate * Calling C_InitializeToken when this flag is set will cause 2197c478bd9Sstevel@tonic-gate * the token to be reinitialized. */ 2207c478bd9Sstevel@tonic-gate #define CKF_TOKEN_INITIALIZED 0x00000400 2217c478bd9Sstevel@tonic-gate 2227c478bd9Sstevel@tonic-gate /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is 2237c478bd9Sstevel@tonic-gate * true, the token supports secondary authentication for 224f66d273dSizick * private key objects. This flag is deprecated in v2.11 and 225f66d273dSizick onwards. */ 2267c478bd9Sstevel@tonic-gate #define CKF_SECONDARY_AUTHENTICATION 0x00000800 2277c478bd9Sstevel@tonic-gate 2287c478bd9Sstevel@tonic-gate /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an 2297c478bd9Sstevel@tonic-gate * incorrect user login PIN has been entered at least once 2307c478bd9Sstevel@tonic-gate * since the last successful authentication. */ 2317c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_COUNT_LOW 0x00010000 2327c478bd9Sstevel@tonic-gate 2337c478bd9Sstevel@tonic-gate /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, 2347c478bd9Sstevel@tonic-gate * supplying an incorrect user PIN will it to become locked. */ 2357c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_FINAL_TRY 0x00020000 2367c478bd9Sstevel@tonic-gate 2377c478bd9Sstevel@tonic-gate /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the 2387c478bd9Sstevel@tonic-gate * user PIN has been locked. User login to the token is not 2397c478bd9Sstevel@tonic-gate * possible. */ 2407c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_LOCKED 0x00040000 2417c478bd9Sstevel@tonic-gate 2427c478bd9Sstevel@tonic-gate /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 2437c478bd9Sstevel@tonic-gate * the user PIN value is the default value set by token 2447c478bd9Sstevel@tonic-gate * initialization or manufacturing, or the PIN has been 2457c478bd9Sstevel@tonic-gate * expired by the card. */ 2467c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 2477c478bd9Sstevel@tonic-gate 2487c478bd9Sstevel@tonic-gate /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an 2497c478bd9Sstevel@tonic-gate * incorrect SO login PIN has been entered at least once since 2507c478bd9Sstevel@tonic-gate * the last successful authentication. */ 2517c478bd9Sstevel@tonic-gate #define CKF_SO_PIN_COUNT_LOW 0x00100000 2527c478bd9Sstevel@tonic-gate 2537c478bd9Sstevel@tonic-gate /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, 2547c478bd9Sstevel@tonic-gate * supplying an incorrect SO PIN will it to become locked. */ 2557c478bd9Sstevel@tonic-gate #define CKF_SO_PIN_FINAL_TRY 0x00200000 2567c478bd9Sstevel@tonic-gate 2577c478bd9Sstevel@tonic-gate /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO 2587c478bd9Sstevel@tonic-gate * PIN has been locked. SO login to the token is not possible. 2597c478bd9Sstevel@tonic-gate */ 2607c478bd9Sstevel@tonic-gate #define CKF_SO_PIN_LOCKED 0x00400000 2617c478bd9Sstevel@tonic-gate 2627c478bd9Sstevel@tonic-gate /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 2637c478bd9Sstevel@tonic-gate * the SO PIN value is the default value set by token 2647c478bd9Sstevel@tonic-gate * initialization or manufacturing, or the PIN has been 2657c478bd9Sstevel@tonic-gate * expired by the card. */ 2667c478bd9Sstevel@tonic-gate #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 2677c478bd9Sstevel@tonic-gate 2687c478bd9Sstevel@tonic-gate typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; 2697c478bd9Sstevel@tonic-gate 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate /* CK_SESSION_HANDLE is a Cryptoki-assigned value that 2727c478bd9Sstevel@tonic-gate * identifies a session */ 2737c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_SESSION_HANDLE; 2747c478bd9Sstevel@tonic-gate 2757c478bd9Sstevel@tonic-gate typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 2767c478bd9Sstevel@tonic-gate 2777c478bd9Sstevel@tonic-gate 2787c478bd9Sstevel@tonic-gate /* CK_USER_TYPE enumerates the types of Cryptoki users */ 2797c478bd9Sstevel@tonic-gate /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for 2807c478bd9Sstevel@tonic-gate * v2.0 */ 2817c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_USER_TYPE; 2827c478bd9Sstevel@tonic-gate /* Security Officer */ 2837c478bd9Sstevel@tonic-gate #define CKU_SO 0 2847c478bd9Sstevel@tonic-gate /* Normal user */ 2857c478bd9Sstevel@tonic-gate #define CKU_USER 1 286f66d273dSizick /* Context specific (added in v2.20) */ 287f66d273dSizick #define CKU_CONTEXT_SPECIFIC 2 2887c478bd9Sstevel@tonic-gate 2897c478bd9Sstevel@tonic-gate /* CK_STATE enumerates the session states */ 2907c478bd9Sstevel@tonic-gate /* CK_STATE has been changed from an enum to a CK_ULONG for 2917c478bd9Sstevel@tonic-gate * v2.0 */ 2927c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_STATE; 2937c478bd9Sstevel@tonic-gate #define CKS_RO_PUBLIC_SESSION 0 2947c478bd9Sstevel@tonic-gate #define CKS_RO_USER_FUNCTIONS 1 2957c478bd9Sstevel@tonic-gate #define CKS_RW_PUBLIC_SESSION 2 2967c478bd9Sstevel@tonic-gate #define CKS_RW_USER_FUNCTIONS 3 2977c478bd9Sstevel@tonic-gate #define CKS_RW_SO_FUNCTIONS 4 2987c478bd9Sstevel@tonic-gate 2997c478bd9Sstevel@tonic-gate 3007c478bd9Sstevel@tonic-gate /* CK_SESSION_INFO provides information about a session */ 3017c478bd9Sstevel@tonic-gate typedef struct CK_SESSION_INFO { 3027c478bd9Sstevel@tonic-gate CK_SLOT_ID slotID; 3037c478bd9Sstevel@tonic-gate CK_STATE state; 3047c478bd9Sstevel@tonic-gate CK_FLAGS flags; /* see below */ 3057c478bd9Sstevel@tonic-gate 3067c478bd9Sstevel@tonic-gate /* ulDeviceError was changed from CK_USHORT to CK_ULONG for 3077c478bd9Sstevel@tonic-gate * v2.0 */ 3087c478bd9Sstevel@tonic-gate CK_ULONG ulDeviceError; /* device-dependent error code */ 3097c478bd9Sstevel@tonic-gate } CK_SESSION_INFO; 3107c478bd9Sstevel@tonic-gate 3117c478bd9Sstevel@tonic-gate /* The flags are defined in the following table: 3127c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning 3137c478bd9Sstevel@tonic-gate */ 3147c478bd9Sstevel@tonic-gate #define CKF_RW_SESSION 0x00000002 /* session is r/w */ 3157c478bd9Sstevel@tonic-gate #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ 3167c478bd9Sstevel@tonic-gate 3177c478bd9Sstevel@tonic-gate typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; 3187c478bd9Sstevel@tonic-gate 3197c478bd9Sstevel@tonic-gate 3207c478bd9Sstevel@tonic-gate /* CK_OBJECT_HANDLE is a token-specific identifier for an 3217c478bd9Sstevel@tonic-gate * object */ 3227c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_OBJECT_HANDLE; 3237c478bd9Sstevel@tonic-gate 3247c478bd9Sstevel@tonic-gate typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; 3257c478bd9Sstevel@tonic-gate 3267c478bd9Sstevel@tonic-gate 3277c478bd9Sstevel@tonic-gate /* CK_OBJECT_CLASS is a value that identifies the classes (or 3287c478bd9Sstevel@tonic-gate * types) of objects that Cryptoki recognizes. It is defined 3297c478bd9Sstevel@tonic-gate * as follows: */ 3307c478bd9Sstevel@tonic-gate /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for 3317c478bd9Sstevel@tonic-gate * v2.0 */ 3327c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_OBJECT_CLASS; 3337c478bd9Sstevel@tonic-gate 3347c478bd9Sstevel@tonic-gate /* The following classes of objects are defined: */ 3357c478bd9Sstevel@tonic-gate /* CKO_HW_FEATURE is new for v2.10 */ 3367c478bd9Sstevel@tonic-gate /* CKO_DOMAIN_PARAMETERS is new for v2.11 */ 337f66d273dSizick /* CKO_MECHANISM is new for v2.20 */ 3387c478bd9Sstevel@tonic-gate #define CKO_DATA 0x00000000 3397c478bd9Sstevel@tonic-gate #define CKO_CERTIFICATE 0x00000001 3407c478bd9Sstevel@tonic-gate #define CKO_PUBLIC_KEY 0x00000002 3417c478bd9Sstevel@tonic-gate #define CKO_PRIVATE_KEY 0x00000003 3427c478bd9Sstevel@tonic-gate #define CKO_SECRET_KEY 0x00000004 3437c478bd9Sstevel@tonic-gate #define CKO_HW_FEATURE 0x00000005 3447c478bd9Sstevel@tonic-gate #define CKO_DOMAIN_PARAMETERS 0x00000006 345f66d273dSizick #define CKO_MECHANISM 0x00000007 346*1e9884acSmcpowers 347*1e9884acSmcpowers /* CKO_OTP_KEY is new for PKCS #11 v2.20 amendment 1 */ 348*1e9884acSmcpowers #define CKO_OTP_KEY 0x00000008 349*1e9884acSmcpowers 3507c478bd9Sstevel@tonic-gate #define CKO_VENDOR_DEFINED 0x80000000 3517c478bd9Sstevel@tonic-gate 3527c478bd9Sstevel@tonic-gate typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; 3537c478bd9Sstevel@tonic-gate 3547c478bd9Sstevel@tonic-gate /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a 3557c478bd9Sstevel@tonic-gate * value that identifies the hardware feature type of an object 3567c478bd9Sstevel@tonic-gate * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ 3577c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_HW_FEATURE_TYPE; 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate /* The following hardware feature types are defined */ 360f66d273dSizick /* CKH_USER_INTERFACE is new for v2.20 */ 3617c478bd9Sstevel@tonic-gate #define CKH_MONOTONIC_COUNTER 0x00000001 3627c478bd9Sstevel@tonic-gate #define CKH_CLOCK 0x00000002 363f66d273dSizick #define CKH_USER_INTERFACE 0x00000003 3647c478bd9Sstevel@tonic-gate #define CKH_VENDOR_DEFINED 0x80000000 3657c478bd9Sstevel@tonic-gate 3667c478bd9Sstevel@tonic-gate /* CK_KEY_TYPE is a value that identifies a key type */ 3677c478bd9Sstevel@tonic-gate /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ 3687c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_KEY_TYPE; 3697c478bd9Sstevel@tonic-gate 3707c478bd9Sstevel@tonic-gate /* the following key types are defined: */ 3717c478bd9Sstevel@tonic-gate #define CKK_RSA 0x00000000 3727c478bd9Sstevel@tonic-gate #define CKK_DSA 0x00000001 3737c478bd9Sstevel@tonic-gate #define CKK_DH 0x00000002 3747c478bd9Sstevel@tonic-gate 3757c478bd9Sstevel@tonic-gate /* CKK_ECDSA and CKK_KEA are new for v2.0 */ 3767c478bd9Sstevel@tonic-gate /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ 3777c478bd9Sstevel@tonic-gate #define CKK_ECDSA 0x00000003 3787c478bd9Sstevel@tonic-gate #define CKK_EC 0x00000003 3797c478bd9Sstevel@tonic-gate #define CKK_X9_42_DH 0x00000004 3807c478bd9Sstevel@tonic-gate #define CKK_KEA 0x00000005 3817c478bd9Sstevel@tonic-gate 3827c478bd9Sstevel@tonic-gate #define CKK_GENERIC_SECRET 0x00000010 3837c478bd9Sstevel@tonic-gate #define CKK_RC2 0x00000011 3847c478bd9Sstevel@tonic-gate #define CKK_RC4 0x00000012 3857c478bd9Sstevel@tonic-gate #define CKK_DES 0x00000013 3867c478bd9Sstevel@tonic-gate #define CKK_DES2 0x00000014 3877c478bd9Sstevel@tonic-gate #define CKK_DES3 0x00000015 3887c478bd9Sstevel@tonic-gate 3897c478bd9Sstevel@tonic-gate /* all these key types are new for v2.0 */ 3907c478bd9Sstevel@tonic-gate #define CKK_CAST 0x00000016 3917c478bd9Sstevel@tonic-gate #define CKK_CAST3 0x00000017 3927c478bd9Sstevel@tonic-gate /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ 3937c478bd9Sstevel@tonic-gate #define CKK_CAST5 0x00000018 3947c478bd9Sstevel@tonic-gate #define CKK_CAST128 0x00000018 3957c478bd9Sstevel@tonic-gate #define CKK_RC5 0x00000019 3967c478bd9Sstevel@tonic-gate #define CKK_IDEA 0x0000001A 3977c478bd9Sstevel@tonic-gate #define CKK_SKIPJACK 0x0000001B 3987c478bd9Sstevel@tonic-gate #define CKK_BATON 0x0000001C 3997c478bd9Sstevel@tonic-gate #define CKK_JUNIPER 0x0000001D 4007c478bd9Sstevel@tonic-gate #define CKK_CDMF 0x0000001E 4017c478bd9Sstevel@tonic-gate #define CKK_AES 0x0000001F 4027c478bd9Sstevel@tonic-gate 403f66d273dSizick /* BlowFish and TwoFish are new for v2.20 */ 404f66d273dSizick #define CKK_BLOWFISH 0x00000020 405f66d273dSizick #define CKK_TWOFISH 0x00000021 406f66d273dSizick 407*1e9884acSmcpowers /* SecurID, HOTP, and ACTI are new for PKCS #11 v2.20 amendment 1 */ 408*1e9884acSmcpowers #define CKK_SECURID 0x00000022 409*1e9884acSmcpowers #define CKK_HOTP 0x00000023 410*1e9884acSmcpowers #define CKK_ACTI 0x00000024 411*1e9884acSmcpowers 412*1e9884acSmcpowers /* Camellia is new for PKCS #11 v2.20 amendment 3 */ 413*1e9884acSmcpowers #define CKK_CAMELLIA 0x00000025 414*1e9884acSmcpowers /* ARIA is new for PKCS #11 v2.20 amendment 3 */ 415*1e9884acSmcpowers #define CKK_ARIA 0x00000026 416*1e9884acSmcpowers 417*1e9884acSmcpowers 4187c478bd9Sstevel@tonic-gate #define CKK_VENDOR_DEFINED 0x80000000 4197c478bd9Sstevel@tonic-gate 4207c478bd9Sstevel@tonic-gate 4217c478bd9Sstevel@tonic-gate /* CK_CERTIFICATE_TYPE is a value that identifies a certificate 4227c478bd9Sstevel@tonic-gate * type */ 4237c478bd9Sstevel@tonic-gate /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG 4247c478bd9Sstevel@tonic-gate * for v2.0 */ 4257c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_CERTIFICATE_TYPE; 4267c478bd9Sstevel@tonic-gate 4277c478bd9Sstevel@tonic-gate /* The following certificate types are defined: */ 4287c478bd9Sstevel@tonic-gate /* CKC_X_509_ATTR_CERT is new for v2.10 */ 429f66d273dSizick /* CKC_WTLS is new for v2.20 */ 4307c478bd9Sstevel@tonic-gate #define CKC_X_509 0x00000000 4317c478bd9Sstevel@tonic-gate #define CKC_X_509_ATTR_CERT 0x00000001 432f66d273dSizick #define CKC_WTLS 0x00000002 4337c478bd9Sstevel@tonic-gate #define CKC_VENDOR_DEFINED 0x80000000 4347c478bd9Sstevel@tonic-gate 4357c478bd9Sstevel@tonic-gate 4367c478bd9Sstevel@tonic-gate /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute 4377c478bd9Sstevel@tonic-gate * type */ 4387c478bd9Sstevel@tonic-gate /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for 4397c478bd9Sstevel@tonic-gate * v2.0 */ 4407c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_ATTRIBUTE_TYPE; 4417c478bd9Sstevel@tonic-gate 442f66d273dSizick /* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which 443f66d273dSizick consists of an array of values. */ 444f66d273dSizick #define CKF_ARRAY_ATTRIBUTE 0x40000000 445f66d273dSizick 446*1e9884acSmcpowers /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 447*1e9884acSmcpowers and relates to the CKA_OTP_FORMAT attribute */ 448*1e9884acSmcpowers #define CK_OTP_FORMAT_DECIMAL 0 449*1e9884acSmcpowers #define CK_OTP_FORMAT_HEXADECIMAL 1 450*1e9884acSmcpowers #define CK_OTP_FORMAT_ALPHANUMERIC 2 451*1e9884acSmcpowers #define CK_OTP_FORMAT_BINARY 3 452*1e9884acSmcpowers 453*1e9884acSmcpowers /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 454*1e9884acSmcpowers and relates to the CKA_OTP_..._REQUIREMENT attributes */ 455*1e9884acSmcpowers #define CK_OTP_PARAM_IGNORED 0 456*1e9884acSmcpowers #define CK_OTP_PARAM_OPTIONAL 1 457*1e9884acSmcpowers #define CK_OTP_PARAM_MANDATORY 2 458*1e9884acSmcpowers 4597c478bd9Sstevel@tonic-gate /* The following attribute types are defined: */ 4607c478bd9Sstevel@tonic-gate #define CKA_CLASS 0x00000000 4617c478bd9Sstevel@tonic-gate #define CKA_TOKEN 0x00000001 4627c478bd9Sstevel@tonic-gate #define CKA_PRIVATE 0x00000002 4637c478bd9Sstevel@tonic-gate #define CKA_LABEL 0x00000003 4647c478bd9Sstevel@tonic-gate #define CKA_APPLICATION 0x00000010 4657c478bd9Sstevel@tonic-gate #define CKA_VALUE 0x00000011 4667c478bd9Sstevel@tonic-gate 4677c478bd9Sstevel@tonic-gate /* CKA_OBJECT_ID is new for v2.10 */ 4687c478bd9Sstevel@tonic-gate #define CKA_OBJECT_ID 0x00000012 4697c478bd9Sstevel@tonic-gate 4707c478bd9Sstevel@tonic-gate #define CKA_CERTIFICATE_TYPE 0x00000080 4717c478bd9Sstevel@tonic-gate #define CKA_ISSUER 0x00000081 4727c478bd9Sstevel@tonic-gate #define CKA_SERIAL_NUMBER 0x00000082 4737c478bd9Sstevel@tonic-gate 4747c478bd9Sstevel@tonic-gate /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new 4757c478bd9Sstevel@tonic-gate * for v2.10 */ 4767c478bd9Sstevel@tonic-gate #define CKA_AC_ISSUER 0x00000083 4777c478bd9Sstevel@tonic-gate #define CKA_OWNER 0x00000084 4787c478bd9Sstevel@tonic-gate #define CKA_ATTR_TYPES 0x00000085 4797c478bd9Sstevel@tonic-gate 4807c478bd9Sstevel@tonic-gate /* CKA_TRUSTED is new for v2.11 */ 4817c478bd9Sstevel@tonic-gate #define CKA_TRUSTED 0x00000086 4827c478bd9Sstevel@tonic-gate 483f66d273dSizick /* CKA_CERTIFICATE_CATEGORY ... 484f66d273dSizick * CKA_CHECK_VALUE are new for v2.20 */ 485f66d273dSizick #define CKA_CERTIFICATE_CATEGORY 0x00000087 486f66d273dSizick #define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088 487f66d273dSizick #define CKA_URL 0x00000089 488f66d273dSizick #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A 489f66d273dSizick #define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B 490f66d273dSizick #define CKA_CHECK_VALUE 0x00000090 491f66d273dSizick 4927c478bd9Sstevel@tonic-gate #define CKA_KEY_TYPE 0x00000100 4937c478bd9Sstevel@tonic-gate #define CKA_SUBJECT 0x00000101 4947c478bd9Sstevel@tonic-gate #define CKA_ID 0x00000102 4957c478bd9Sstevel@tonic-gate #define CKA_SENSITIVE 0x00000103 4967c478bd9Sstevel@tonic-gate #define CKA_ENCRYPT 0x00000104 4977c478bd9Sstevel@tonic-gate #define CKA_DECRYPT 0x00000105 4987c478bd9Sstevel@tonic-gate #define CKA_WRAP 0x00000106 4997c478bd9Sstevel@tonic-gate #define CKA_UNWRAP 0x00000107 5007c478bd9Sstevel@tonic-gate #define CKA_SIGN 0x00000108 5017c478bd9Sstevel@tonic-gate #define CKA_SIGN_RECOVER 0x00000109 5027c478bd9Sstevel@tonic-gate #define CKA_VERIFY 0x0000010A 5037c478bd9Sstevel@tonic-gate #define CKA_VERIFY_RECOVER 0x0000010B 5047c478bd9Sstevel@tonic-gate #define CKA_DERIVE 0x0000010C 5057c478bd9Sstevel@tonic-gate #define CKA_START_DATE 0x00000110 5067c478bd9Sstevel@tonic-gate #define CKA_END_DATE 0x00000111 5077c478bd9Sstevel@tonic-gate #define CKA_MODULUS 0x00000120 5087c478bd9Sstevel@tonic-gate #define CKA_MODULUS_BITS 0x00000121 5097c478bd9Sstevel@tonic-gate #define CKA_PUBLIC_EXPONENT 0x00000122 5107c478bd9Sstevel@tonic-gate #define CKA_PRIVATE_EXPONENT 0x00000123 5117c478bd9Sstevel@tonic-gate #define CKA_PRIME_1 0x00000124 5127c478bd9Sstevel@tonic-gate #define CKA_PRIME_2 0x00000125 5137c478bd9Sstevel@tonic-gate #define CKA_EXPONENT_1 0x00000126 5147c478bd9Sstevel@tonic-gate #define CKA_EXPONENT_2 0x00000127 5157c478bd9Sstevel@tonic-gate #define CKA_COEFFICIENT 0x00000128 5167c478bd9Sstevel@tonic-gate #define CKA_PRIME 0x00000130 5177c478bd9Sstevel@tonic-gate #define CKA_SUBPRIME 0x00000131 5187c478bd9Sstevel@tonic-gate #define CKA_BASE 0x00000132 5197c478bd9Sstevel@tonic-gate 5207c478bd9Sstevel@tonic-gate /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ 5217c478bd9Sstevel@tonic-gate #define CKA_PRIME_BITS 0x00000133 5227c478bd9Sstevel@tonic-gate #define CKA_SUBPRIME_BITS 0x00000134 5237c478bd9Sstevel@tonic-gate #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS 5247c478bd9Sstevel@tonic-gate /* (To retain backwards-compatibility) */ 5257c478bd9Sstevel@tonic-gate 5267c478bd9Sstevel@tonic-gate #define CKA_VALUE_BITS 0x00000160 5277c478bd9Sstevel@tonic-gate #define CKA_VALUE_LEN 0x00000161 5287c478bd9Sstevel@tonic-gate 5297c478bd9Sstevel@tonic-gate /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, 5307c478bd9Sstevel@tonic-gate * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, 5317c478bd9Sstevel@tonic-gate * and CKA_EC_POINT are new for v2.0 */ 5327c478bd9Sstevel@tonic-gate #define CKA_EXTRACTABLE 0x00000162 5337c478bd9Sstevel@tonic-gate #define CKA_LOCAL 0x00000163 5347c478bd9Sstevel@tonic-gate #define CKA_NEVER_EXTRACTABLE 0x00000164 5357c478bd9Sstevel@tonic-gate #define CKA_ALWAYS_SENSITIVE 0x00000165 5367c478bd9Sstevel@tonic-gate 5377c478bd9Sstevel@tonic-gate /* CKA_KEY_GEN_MECHANISM is new for v2.11 */ 5387c478bd9Sstevel@tonic-gate #define CKA_KEY_GEN_MECHANISM 0x00000166 5397c478bd9Sstevel@tonic-gate 5407c478bd9Sstevel@tonic-gate #define CKA_MODIFIABLE 0x00000170 5417c478bd9Sstevel@tonic-gate 5427c478bd9Sstevel@tonic-gate /* CKA_ECDSA_PARAMS is deprecated in v2.11, 5437c478bd9Sstevel@tonic-gate * CKA_EC_PARAMS is preferred. */ 5447c478bd9Sstevel@tonic-gate #define CKA_ECDSA_PARAMS 0x00000180 5457c478bd9Sstevel@tonic-gate #define CKA_EC_PARAMS 0x00000180 5467c478bd9Sstevel@tonic-gate 5477c478bd9Sstevel@tonic-gate #define CKA_EC_POINT 0x00000181 5487c478bd9Sstevel@tonic-gate 5497c478bd9Sstevel@tonic-gate /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, 550f66d273dSizick * are new for v2.10. Deprecated in v2.11 and onwards. */ 5517c478bd9Sstevel@tonic-gate #define CKA_SECONDARY_AUTH 0x00000200 5527c478bd9Sstevel@tonic-gate #define CKA_AUTH_PIN_FLAGS 0x00000201 553f66d273dSizick 554f66d273dSizick /* CKA_ALWAYS_AUTHENTICATE ... 555f66d273dSizick * CKA_UNWRAP_TEMPLATE are new for v2.20 */ 556f66d273dSizick #define CKA_ALWAYS_AUTHENTICATE 0x00000202 557f66d273dSizick 558f66d273dSizick #define CKA_WRAP_WITH_TRUSTED 0x00000210 559f66d273dSizick #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211) 560f66d273dSizick #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212) 561f66d273dSizick 562*1e9884acSmcpowers /* CKA_OTP... atttributes are new for PKCS #11 v2.20 amendment 3. */ 563*1e9884acSmcpowers #define CKA_OTP_FORMAT 0x00000220 564*1e9884acSmcpowers #define CKA_OTP_LENGTH 0x00000221 565*1e9884acSmcpowers #define CKA_OTP_TIME_INTERVAL 0x00000222 566*1e9884acSmcpowers #define CKA_OTP_USER_FRIENDLY_MODE 0x00000223 567*1e9884acSmcpowers #define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224 568*1e9884acSmcpowers #define CKA_OTP_TIME_REQUIREMENT 0x00000225 569*1e9884acSmcpowers #define CKA_OTP_COUNTER_REQUIREMENT 0x00000226 570*1e9884acSmcpowers #define CKA_OTP_PIN_REQUIREMENT 0x00000227 571*1e9884acSmcpowers #define CKA_OTP_COUNTER 0x0000022E 572*1e9884acSmcpowers #define CKA_OTP_TIME 0x0000022F 573*1e9884acSmcpowers #define CKA_OTP_USER_IDENTIFIER 0x0000022A 574*1e9884acSmcpowers #define CKA_OTP_SERVICE_IDENTIFIER 0x0000022B 575*1e9884acSmcpowers #define CKA_OTP_SERVICE_LOGO 0x0000022C 576*1e9884acSmcpowers #define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022D 577*1e9884acSmcpowers 578*1e9884acSmcpowers 579f66d273dSizick /* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET 580f66d273dSizick * are new for v2.10 */ 5817c478bd9Sstevel@tonic-gate #define CKA_HW_FEATURE_TYPE 0x00000300 5827c478bd9Sstevel@tonic-gate #define CKA_RESET_ON_INIT 0x00000301 5837c478bd9Sstevel@tonic-gate #define CKA_HAS_RESET 0x00000302 5847c478bd9Sstevel@tonic-gate 585f66d273dSizick /* The following attributes are new for v2.20 */ 586f66d273dSizick #define CKA_PIXEL_X 0x00000400 587f66d273dSizick #define CKA_PIXEL_Y 0x00000401 588f66d273dSizick #define CKA_RESOLUTION 0x00000402 589f66d273dSizick #define CKA_CHAR_ROWS 0x00000403 590f66d273dSizick #define CKA_CHAR_COLUMNS 0x00000404 591f66d273dSizick #define CKA_COLOR 0x00000405 592f66d273dSizick #define CKA_BITS_PER_PIXEL 0x00000406 593f66d273dSizick #define CKA_CHAR_SETS 0x00000480 594f66d273dSizick #define CKA_ENCODING_METHODS 0x00000481 595f66d273dSizick #define CKA_MIME_TYPES 0x00000482 596f66d273dSizick #define CKA_MECHANISM_TYPE 0x00000500 597f66d273dSizick #define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501 598f66d273dSizick #define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502 599f66d273dSizick #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503 600f66d273dSizick #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600) 601f66d273dSizick 6027c478bd9Sstevel@tonic-gate #define CKA_VENDOR_DEFINED 0x80000000 6037c478bd9Sstevel@tonic-gate 6047c478bd9Sstevel@tonic-gate /* CK_ATTRIBUTE is a structure that includes the type, length 6057c478bd9Sstevel@tonic-gate * and value of an attribute */ 6067c478bd9Sstevel@tonic-gate typedef struct CK_ATTRIBUTE { 6077c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_TYPE type; 6087c478bd9Sstevel@tonic-gate CK_VOID_PTR pValue; 6097c478bd9Sstevel@tonic-gate 6107c478bd9Sstevel@tonic-gate /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ 6117c478bd9Sstevel@tonic-gate CK_ULONG ulValueLen; /* in bytes */ 6127c478bd9Sstevel@tonic-gate } CK_ATTRIBUTE; 6137c478bd9Sstevel@tonic-gate 6147c478bd9Sstevel@tonic-gate typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; 6157c478bd9Sstevel@tonic-gate 6167c478bd9Sstevel@tonic-gate 6177c478bd9Sstevel@tonic-gate /* CK_DATE is a structure that defines a date */ 6187c478bd9Sstevel@tonic-gate typedef struct CK_DATE{ 6197c478bd9Sstevel@tonic-gate CK_CHAR year[4]; /* the year ("1900" - "9999") */ 6207c478bd9Sstevel@tonic-gate CK_CHAR month[2]; /* the month ("01" - "12") */ 6217c478bd9Sstevel@tonic-gate CK_CHAR day[2]; /* the day ("01" - "31") */ 6227c478bd9Sstevel@tonic-gate } CK_DATE; 6237c478bd9Sstevel@tonic-gate 6247c478bd9Sstevel@tonic-gate 6257c478bd9Sstevel@tonic-gate /* CK_MECHANISM_TYPE is a value that identifies a mechanism 6267c478bd9Sstevel@tonic-gate * type */ 6277c478bd9Sstevel@tonic-gate /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for 6287c478bd9Sstevel@tonic-gate * v2.0 */ 6297c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_MECHANISM_TYPE; 6307c478bd9Sstevel@tonic-gate 6317c478bd9Sstevel@tonic-gate /* the following mechanism types are defined: */ 6327c478bd9Sstevel@tonic-gate #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 6337c478bd9Sstevel@tonic-gate #define CKM_RSA_PKCS 0x00000001 6347c478bd9Sstevel@tonic-gate #define CKM_RSA_9796 0x00000002 6357c478bd9Sstevel@tonic-gate #define CKM_RSA_X_509 0x00000003 6367c478bd9Sstevel@tonic-gate 6377c478bd9Sstevel@tonic-gate /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS 6387c478bd9Sstevel@tonic-gate * are new for v2.0. They are mechanisms which hash and sign */ 6397c478bd9Sstevel@tonic-gate #define CKM_MD2_RSA_PKCS 0x00000004 6407c478bd9Sstevel@tonic-gate #define CKM_MD5_RSA_PKCS 0x00000005 6417c478bd9Sstevel@tonic-gate #define CKM_SHA1_RSA_PKCS 0x00000006 6427c478bd9Sstevel@tonic-gate 6437c478bd9Sstevel@tonic-gate /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and 6447c478bd9Sstevel@tonic-gate * CKM_RSA_PKCS_OAEP are new for v2.10 */ 6457c478bd9Sstevel@tonic-gate #define CKM_RIPEMD128_RSA_PKCS 0x00000007 6467c478bd9Sstevel@tonic-gate #define CKM_RIPEMD160_RSA_PKCS 0x00000008 6477c478bd9Sstevel@tonic-gate #define CKM_RSA_PKCS_OAEP 0x00000009 6487c478bd9Sstevel@tonic-gate 6497c478bd9Sstevel@tonic-gate /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, 6507c478bd9Sstevel@tonic-gate * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ 6517c478bd9Sstevel@tonic-gate #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A 6527c478bd9Sstevel@tonic-gate #define CKM_RSA_X9_31 0x0000000B 6537c478bd9Sstevel@tonic-gate #define CKM_SHA1_RSA_X9_31 0x0000000C 6547c478bd9Sstevel@tonic-gate #define CKM_RSA_PKCS_PSS 0x0000000D 6557c478bd9Sstevel@tonic-gate #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E 6567c478bd9Sstevel@tonic-gate 6577c478bd9Sstevel@tonic-gate #define CKM_DSA_KEY_PAIR_GEN 0x00000010 6587c478bd9Sstevel@tonic-gate #define CKM_DSA 0x00000011 6597c478bd9Sstevel@tonic-gate #define CKM_DSA_SHA1 0x00000012 6607c478bd9Sstevel@tonic-gate #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 6617c478bd9Sstevel@tonic-gate #define CKM_DH_PKCS_DERIVE 0x00000021 6627c478bd9Sstevel@tonic-gate 6637c478bd9Sstevel@tonic-gate /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, 6647c478bd9Sstevel@tonic-gate * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for 6657c478bd9Sstevel@tonic-gate * v2.11 */ 6667c478bd9Sstevel@tonic-gate #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 6677c478bd9Sstevel@tonic-gate #define CKM_X9_42_DH_DERIVE 0x00000031 6687c478bd9Sstevel@tonic-gate #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 6697c478bd9Sstevel@tonic-gate #define CKM_X9_42_MQV_DERIVE 0x00000033 6707c478bd9Sstevel@tonic-gate 671f66d273dSizick /* CKM_SHA256/384/512 are new for v2.20 */ 672f66d273dSizick #define CKM_SHA256_RSA_PKCS 0x00000040 673f66d273dSizick #define CKM_SHA384_RSA_PKCS 0x00000041 674f66d273dSizick #define CKM_SHA512_RSA_PKCS 0x00000042 675f66d273dSizick #define CKM_SHA256_RSA_PKCS_PSS 0x00000043 676f66d273dSizick #define CKM_SHA384_RSA_PKCS_PSS 0x00000044 677f66d273dSizick #define CKM_SHA512_RSA_PKCS_PSS 0x00000045 678f66d273dSizick 679*1e9884acSmcpowers /* SHA-224 RSA mechanisms are new for PKCS #11 v2.20 amendment 3 */ 680*1e9884acSmcpowers #define CKM_SHA224_RSA_PKCS 0x00000046 681*1e9884acSmcpowers #define CKM_SHA224_RSA_PKCS_PSS 0x00000047 682*1e9884acSmcpowers 6837c478bd9Sstevel@tonic-gate #define CKM_RC2_KEY_GEN 0x00000100 6847c478bd9Sstevel@tonic-gate #define CKM_RC2_ECB 0x00000101 6857c478bd9Sstevel@tonic-gate #define CKM_RC2_CBC 0x00000102 6867c478bd9Sstevel@tonic-gate #define CKM_RC2_MAC 0x00000103 6877c478bd9Sstevel@tonic-gate 6887c478bd9Sstevel@tonic-gate /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ 6897c478bd9Sstevel@tonic-gate #define CKM_RC2_MAC_GENERAL 0x00000104 6907c478bd9Sstevel@tonic-gate #define CKM_RC2_CBC_PAD 0x00000105 6917c478bd9Sstevel@tonic-gate 6927c478bd9Sstevel@tonic-gate #define CKM_RC4_KEY_GEN 0x00000110 6937c478bd9Sstevel@tonic-gate #define CKM_RC4 0x00000111 6947c478bd9Sstevel@tonic-gate #define CKM_DES_KEY_GEN 0x00000120 6957c478bd9Sstevel@tonic-gate #define CKM_DES_ECB 0x00000121 6967c478bd9Sstevel@tonic-gate #define CKM_DES_CBC 0x00000122 6977c478bd9Sstevel@tonic-gate #define CKM_DES_MAC 0x00000123 6987c478bd9Sstevel@tonic-gate 6997c478bd9Sstevel@tonic-gate /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ 7007c478bd9Sstevel@tonic-gate #define CKM_DES_MAC_GENERAL 0x00000124 7017c478bd9Sstevel@tonic-gate #define CKM_DES_CBC_PAD 0x00000125 7027c478bd9Sstevel@tonic-gate 7037c478bd9Sstevel@tonic-gate #define CKM_DES2_KEY_GEN 0x00000130 7047c478bd9Sstevel@tonic-gate #define CKM_DES3_KEY_GEN 0x00000131 7057c478bd9Sstevel@tonic-gate #define CKM_DES3_ECB 0x00000132 7067c478bd9Sstevel@tonic-gate #define CKM_DES3_CBC 0x00000133 7077c478bd9Sstevel@tonic-gate #define CKM_DES3_MAC 0x00000134 7087c478bd9Sstevel@tonic-gate 7097c478bd9Sstevel@tonic-gate /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, 7107c478bd9Sstevel@tonic-gate * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, 7117c478bd9Sstevel@tonic-gate * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ 7127c478bd9Sstevel@tonic-gate #define CKM_DES3_MAC_GENERAL 0x00000135 7137c478bd9Sstevel@tonic-gate #define CKM_DES3_CBC_PAD 0x00000136 7147c478bd9Sstevel@tonic-gate #define CKM_CDMF_KEY_GEN 0x00000140 7157c478bd9Sstevel@tonic-gate #define CKM_CDMF_ECB 0x00000141 7167c478bd9Sstevel@tonic-gate #define CKM_CDMF_CBC 0x00000142 7177c478bd9Sstevel@tonic-gate #define CKM_CDMF_MAC 0x00000143 7187c478bd9Sstevel@tonic-gate #define CKM_CDMF_MAC_GENERAL 0x00000144 7197c478bd9Sstevel@tonic-gate #define CKM_CDMF_CBC_PAD 0x00000145 7207c478bd9Sstevel@tonic-gate 721f66d273dSizick /* the following four DES mechanisms are new for v2.20 */ 722f66d273dSizick #define CKM_DES_OFB64 0x00000150 723f66d273dSizick #define CKM_DES_OFB8 0x00000151 724f66d273dSizick #define CKM_DES_CFB64 0x00000152 725f66d273dSizick #define CKM_DES_CFB8 0x00000153 726f66d273dSizick 7277c478bd9Sstevel@tonic-gate #define CKM_MD2 0x00000200 7287c478bd9Sstevel@tonic-gate 7297c478bd9Sstevel@tonic-gate /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ 7307c478bd9Sstevel@tonic-gate #define CKM_MD2_HMAC 0x00000201 7317c478bd9Sstevel@tonic-gate #define CKM_MD2_HMAC_GENERAL 0x00000202 7327c478bd9Sstevel@tonic-gate 7337c478bd9Sstevel@tonic-gate #define CKM_MD5 0x00000210 7347c478bd9Sstevel@tonic-gate 7357c478bd9Sstevel@tonic-gate /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ 7367c478bd9Sstevel@tonic-gate #define CKM_MD5_HMAC 0x00000211 7377c478bd9Sstevel@tonic-gate #define CKM_MD5_HMAC_GENERAL 0x00000212 7387c478bd9Sstevel@tonic-gate 7397c478bd9Sstevel@tonic-gate #define CKM_SHA_1 0x00000220 7407c478bd9Sstevel@tonic-gate 7417c478bd9Sstevel@tonic-gate /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ 7427c478bd9Sstevel@tonic-gate #define CKM_SHA_1_HMAC 0x00000221 7437c478bd9Sstevel@tonic-gate #define CKM_SHA_1_HMAC_GENERAL 0x00000222 7447c478bd9Sstevel@tonic-gate 7457c478bd9Sstevel@tonic-gate /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, 7467c478bd9Sstevel@tonic-gate * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, 7477c478bd9Sstevel@tonic-gate * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ 7487c478bd9Sstevel@tonic-gate #define CKM_RIPEMD128 0x00000230 7497c478bd9Sstevel@tonic-gate #define CKM_RIPEMD128_HMAC 0x00000231 7507c478bd9Sstevel@tonic-gate #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 7517c478bd9Sstevel@tonic-gate #define CKM_RIPEMD160 0x00000240 7527c478bd9Sstevel@tonic-gate #define CKM_RIPEMD160_HMAC 0x00000241 7537c478bd9Sstevel@tonic-gate #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 7547c478bd9Sstevel@tonic-gate 755f66d273dSizick /* CKM_SHA256/384/512 are new for v2.20 */ 756f66d273dSizick #define CKM_SHA256 0x00000250 757f66d273dSizick #define CKM_SHA256_HMAC 0x00000251 758f66d273dSizick #define CKM_SHA256_HMAC_GENERAL 0x00000252 759*1e9884acSmcpowers 760*1e9884acSmcpowers /* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ 761*1e9884acSmcpowers #define CKM_SHA224 0x00000255 762*1e9884acSmcpowers #define CKM_SHA224_HMAC 0x00000256 763*1e9884acSmcpowers #define CKM_SHA224_HMAC_GENERAL 0x00000257 764*1e9884acSmcpowers 765f66d273dSizick #define CKM_SHA384 0x00000260 766f66d273dSizick #define CKM_SHA384_HMAC 0x00000261 767f66d273dSizick #define CKM_SHA384_HMAC_GENERAL 0x00000262 768f66d273dSizick #define CKM_SHA512 0x00000270 769f66d273dSizick #define CKM_SHA512_HMAC 0x00000271 770f66d273dSizick #define CKM_SHA512_HMAC_GENERAL 0x00000272 771f66d273dSizick 772*1e9884acSmcpowers /* SecurID is new for PKCS #11 v2.20 amendment 1 */ 773*1e9884acSmcpowers #define CKM_SECURID_KEY_GEN 0x00000280 774*1e9884acSmcpowers #define CKM_SECURID 0x00000282 775*1e9884acSmcpowers 776*1e9884acSmcpowers /* HOTP is new for PKCS #11 v2.20 amendment 1 */ 777*1e9884acSmcpowers #define CKM_HOTP_KEY_GEN 0x00000290 778*1e9884acSmcpowers #define CKM_HOTP 0x00000291 779*1e9884acSmcpowers 780*1e9884acSmcpowers /* ACTI is new for PKCS #11 v2.20 amendment 1 */ 781*1e9884acSmcpowers #define CKM_ACTI 0x000002A0 782*1e9884acSmcpowers #define CKM_ACTI_KEY_GEN 0x000002A1 783*1e9884acSmcpowers 7847c478bd9Sstevel@tonic-gate /* All of the following mechanisms are new for v2.0 */ 7857c478bd9Sstevel@tonic-gate /* Note that CAST128 and CAST5 are the same algorithm */ 7867c478bd9Sstevel@tonic-gate #define CKM_CAST_KEY_GEN 0x00000300 7877c478bd9Sstevel@tonic-gate #define CKM_CAST_ECB 0x00000301 7887c478bd9Sstevel@tonic-gate #define CKM_CAST_CBC 0x00000302 7897c478bd9Sstevel@tonic-gate #define CKM_CAST_MAC 0x00000303 7907c478bd9Sstevel@tonic-gate #define CKM_CAST_MAC_GENERAL 0x00000304 7917c478bd9Sstevel@tonic-gate #define CKM_CAST_CBC_PAD 0x00000305 7927c478bd9Sstevel@tonic-gate #define CKM_CAST3_KEY_GEN 0x00000310 7937c478bd9Sstevel@tonic-gate #define CKM_CAST3_ECB 0x00000311 7947c478bd9Sstevel@tonic-gate #define CKM_CAST3_CBC 0x00000312 7957c478bd9Sstevel@tonic-gate #define CKM_CAST3_MAC 0x00000313 7967c478bd9Sstevel@tonic-gate #define CKM_CAST3_MAC_GENERAL 0x00000314 7977c478bd9Sstevel@tonic-gate #define CKM_CAST3_CBC_PAD 0x00000315 7987c478bd9Sstevel@tonic-gate #define CKM_CAST5_KEY_GEN 0x00000320 7997c478bd9Sstevel@tonic-gate #define CKM_CAST128_KEY_GEN 0x00000320 8007c478bd9Sstevel@tonic-gate #define CKM_CAST5_ECB 0x00000321 8017c478bd9Sstevel@tonic-gate #define CKM_CAST128_ECB 0x00000321 8027c478bd9Sstevel@tonic-gate #define CKM_CAST5_CBC 0x00000322 8037c478bd9Sstevel@tonic-gate #define CKM_CAST128_CBC 0x00000322 8047c478bd9Sstevel@tonic-gate #define CKM_CAST5_MAC 0x00000323 8057c478bd9Sstevel@tonic-gate #define CKM_CAST128_MAC 0x00000323 8067c478bd9Sstevel@tonic-gate #define CKM_CAST5_MAC_GENERAL 0x00000324 8077c478bd9Sstevel@tonic-gate #define CKM_CAST128_MAC_GENERAL 0x00000324 8087c478bd9Sstevel@tonic-gate #define CKM_CAST5_CBC_PAD 0x00000325 8097c478bd9Sstevel@tonic-gate #define CKM_CAST128_CBC_PAD 0x00000325 8107c478bd9Sstevel@tonic-gate #define CKM_RC5_KEY_GEN 0x00000330 8117c478bd9Sstevel@tonic-gate #define CKM_RC5_ECB 0x00000331 8127c478bd9Sstevel@tonic-gate #define CKM_RC5_CBC 0x00000332 8137c478bd9Sstevel@tonic-gate #define CKM_RC5_MAC 0x00000333 8147c478bd9Sstevel@tonic-gate #define CKM_RC5_MAC_GENERAL 0x00000334 8157c478bd9Sstevel@tonic-gate #define CKM_RC5_CBC_PAD 0x00000335 8167c478bd9Sstevel@tonic-gate #define CKM_IDEA_KEY_GEN 0x00000340 8177c478bd9Sstevel@tonic-gate #define CKM_IDEA_ECB 0x00000341 8187c478bd9Sstevel@tonic-gate #define CKM_IDEA_CBC 0x00000342 8197c478bd9Sstevel@tonic-gate #define CKM_IDEA_MAC 0x00000343 8207c478bd9Sstevel@tonic-gate #define CKM_IDEA_MAC_GENERAL 0x00000344 8217c478bd9Sstevel@tonic-gate #define CKM_IDEA_CBC_PAD 0x00000345 8227c478bd9Sstevel@tonic-gate #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 8237c478bd9Sstevel@tonic-gate #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 8247c478bd9Sstevel@tonic-gate #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 8257c478bd9Sstevel@tonic-gate #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 8267c478bd9Sstevel@tonic-gate #define CKM_XOR_BASE_AND_DATA 0x00000364 8277c478bd9Sstevel@tonic-gate #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 8287c478bd9Sstevel@tonic-gate #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 8297c478bd9Sstevel@tonic-gate #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 8307c478bd9Sstevel@tonic-gate #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 8317c478bd9Sstevel@tonic-gate 8327c478bd9Sstevel@tonic-gate /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, 8337c478bd9Sstevel@tonic-gate * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and 8347c478bd9Sstevel@tonic-gate * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ 8357c478bd9Sstevel@tonic-gate #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 8367c478bd9Sstevel@tonic-gate #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 8377c478bd9Sstevel@tonic-gate #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 8387c478bd9Sstevel@tonic-gate #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 8397c478bd9Sstevel@tonic-gate #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 8407c478bd9Sstevel@tonic-gate 841f66d273dSizick /* CKM_TLS_PRF is new for v2.20 */ 842f66d273dSizick #define CKM_TLS_PRF 0x00000378 843f66d273dSizick 8447c478bd9Sstevel@tonic-gate #define CKM_SSL3_MD5_MAC 0x00000380 8457c478bd9Sstevel@tonic-gate #define CKM_SSL3_SHA1_MAC 0x00000381 8467c478bd9Sstevel@tonic-gate #define CKM_MD5_KEY_DERIVATION 0x00000390 8477c478bd9Sstevel@tonic-gate #define CKM_MD2_KEY_DERIVATION 0x00000391 8487c478bd9Sstevel@tonic-gate #define CKM_SHA1_KEY_DERIVATION 0x00000392 849f66d273dSizick 850f66d273dSizick /* CKM_SHA256/384/512 are new for v2.20 */ 851f66d273dSizick #define CKM_SHA256_KEY_DERIVATION 0x00000393 852f66d273dSizick #define CKM_SHA384_KEY_DERIVATION 0x00000394 853f66d273dSizick #define CKM_SHA512_KEY_DERIVATION 0x00000395 854f66d273dSizick 855*1e9884acSmcpowers /* SHA-224 key derivation is new for PKCS #11 v2.20 amendment 3 */ 856*1e9884acSmcpowers #define CKM_SHA224_KEY_DERIVATION 0x00000396 857*1e9884acSmcpowers 8587c478bd9Sstevel@tonic-gate #define CKM_PBE_MD2_DES_CBC 0x000003A0 8597c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_DES_CBC 0x000003A1 8607c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_CAST_CBC 0x000003A2 8617c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_CAST3_CBC 0x000003A3 8627c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_CAST5_CBC 0x000003A4 8637c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_CAST128_CBC 0x000003A4 8647c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 8657c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 8667c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_RC4_128 0x000003A6 8677c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_RC4_40 0x000003A7 8687c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 8697c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 8707c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA 8717c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB 8727c478bd9Sstevel@tonic-gate 8737c478bd9Sstevel@tonic-gate /* CKM_PKCS5_PBKD2 is new for v2.10 */ 8747c478bd9Sstevel@tonic-gate #define CKM_PKCS5_PBKD2 0x000003B0 8757c478bd9Sstevel@tonic-gate 8767c478bd9Sstevel@tonic-gate #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 877f66d273dSizick 878f66d273dSizick /* WTLS mechanisms are new for v2.20 */ 879f66d273dSizick #define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0 880f66d273dSizick #define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1 881f66d273dSizick #define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2 882f66d273dSizick #define CKM_WTLS_PRF 0x000003D3 883f66d273dSizick #define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4 884f66d273dSizick #define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5 885f66d273dSizick 8867c478bd9Sstevel@tonic-gate #define CKM_KEY_WRAP_LYNKS 0x00000400 8877c478bd9Sstevel@tonic-gate #define CKM_KEY_WRAP_SET_OAEP 0x00000401 8887c478bd9Sstevel@tonic-gate 889f66d273dSizick /* CKM_CMS_SIG is new for v2.20 */ 890f66d273dSizick #define CKM_CMS_SIG 0x00000500 891f66d273dSizick 892*1e9884acSmcpowers /* CKM_KIP mechanisms are new for PKCS #11 v2.20 amendment 2 */ 893*1e9884acSmcpowers #define CKM_KIP_DERIVE 0x00000510 894*1e9884acSmcpowers #define CKM_KIP_WRAP 0x00000511 895*1e9884acSmcpowers #define CKM_KIP_MAC 0x00000512 896*1e9884acSmcpowers 897*1e9884acSmcpowers /* Camellia is new for PKCS #11 v2.20 amendment 3 */ 898*1e9884acSmcpowers #define CKM_CAMELLIA_KEY_GEN 0x00000550 899*1e9884acSmcpowers #define CKM_CAMELLIA_ECB 0x00000551 900*1e9884acSmcpowers #define CKM_CAMELLIA_CBC 0x00000552 901*1e9884acSmcpowers #define CKM_CAMELLIA_MAC 0x00000553 902*1e9884acSmcpowers #define CKM_CAMELLIA_MAC_GENERAL 0x00000554 903*1e9884acSmcpowers #define CKM_CAMELLIA_CBC_PAD 0x00000555 904*1e9884acSmcpowers #define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556 905*1e9884acSmcpowers #define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557 906*1e9884acSmcpowers #define CKM_CAMELLIA_CTR 0x00000558 907*1e9884acSmcpowers 908*1e9884acSmcpowers /* ARIA is new for PKCS #11 v2.20 amendment 3 */ 909*1e9884acSmcpowers #define CKM_ARIA_KEY_GEN 0x00000560 910*1e9884acSmcpowers #define CKM_ARIA_ECB 0x00000561 911*1e9884acSmcpowers #define CKM_ARIA_CBC 0x00000562 912*1e9884acSmcpowers #define CKM_ARIA_MAC 0x00000563 913*1e9884acSmcpowers #define CKM_ARIA_MAC_GENERAL 0x00000564 914*1e9884acSmcpowers #define CKM_ARIA_CBC_PAD 0x00000565 915*1e9884acSmcpowers #define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566 916*1e9884acSmcpowers #define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567 917*1e9884acSmcpowers 9187c478bd9Sstevel@tonic-gate /* Fortezza mechanisms */ 9197c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_KEY_GEN 0x00001000 9207c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_ECB64 0x00001001 9217c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CBC64 0x00001002 9227c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_OFB64 0x00001003 9237c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CFB64 0x00001004 9247c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CFB32 0x00001005 9257c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CFB16 0x00001006 9267c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CFB8 0x00001007 9277c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_WRAP 0x00001008 9287c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 9297c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_RELAYX 0x0000100a 9307c478bd9Sstevel@tonic-gate #define CKM_KEA_KEY_PAIR_GEN 0x00001010 9317c478bd9Sstevel@tonic-gate #define CKM_KEA_KEY_DERIVE 0x00001011 9327c478bd9Sstevel@tonic-gate #define CKM_FORTEZZA_TIMESTAMP 0x00001020 9337c478bd9Sstevel@tonic-gate #define CKM_BATON_KEY_GEN 0x00001030 9347c478bd9Sstevel@tonic-gate #define CKM_BATON_ECB128 0x00001031 9357c478bd9Sstevel@tonic-gate #define CKM_BATON_ECB96 0x00001032 9367c478bd9Sstevel@tonic-gate #define CKM_BATON_CBC128 0x00001033 9377c478bd9Sstevel@tonic-gate #define CKM_BATON_COUNTER 0x00001034 9387c478bd9Sstevel@tonic-gate #define CKM_BATON_SHUFFLE 0x00001035 9397c478bd9Sstevel@tonic-gate #define CKM_BATON_WRAP 0x00001036 9407c478bd9Sstevel@tonic-gate 9417c478bd9Sstevel@tonic-gate /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, 9427c478bd9Sstevel@tonic-gate * CKM_EC_KEY_PAIR_GEN is preferred */ 9437c478bd9Sstevel@tonic-gate #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 9447c478bd9Sstevel@tonic-gate #define CKM_EC_KEY_PAIR_GEN 0x00001040 9457c478bd9Sstevel@tonic-gate 9467c478bd9Sstevel@tonic-gate #define CKM_ECDSA 0x00001041 9477c478bd9Sstevel@tonic-gate #define CKM_ECDSA_SHA1 0x00001042 9487c478bd9Sstevel@tonic-gate 9497c478bd9Sstevel@tonic-gate /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE 9507c478bd9Sstevel@tonic-gate * are new for v2.11 */ 9517c478bd9Sstevel@tonic-gate #define CKM_ECDH1_DERIVE 0x00001050 9527c478bd9Sstevel@tonic-gate #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 9537c478bd9Sstevel@tonic-gate #define CKM_ECMQV_DERIVE 0x00001052 9547c478bd9Sstevel@tonic-gate 9557c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_KEY_GEN 0x00001060 9567c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_ECB128 0x00001061 9577c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_CBC128 0x00001062 9587c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_COUNTER 0x00001063 9597c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_SHUFFLE 0x00001064 9607c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_WRAP 0x00001065 9617c478bd9Sstevel@tonic-gate #define CKM_FASTHASH 0x00001070 9627c478bd9Sstevel@tonic-gate 9637c478bd9Sstevel@tonic-gate /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, 9647c478bd9Sstevel@tonic-gate * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, 9657c478bd9Sstevel@tonic-gate * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are 9667c478bd9Sstevel@tonic-gate * new for v2.11 */ 9677c478bd9Sstevel@tonic-gate #define CKM_AES_KEY_GEN 0x00001080 9687c478bd9Sstevel@tonic-gate #define CKM_AES_ECB 0x00001081 9697c478bd9Sstevel@tonic-gate #define CKM_AES_CBC 0x00001082 9707c478bd9Sstevel@tonic-gate #define CKM_AES_MAC 0x00001083 9717c478bd9Sstevel@tonic-gate #define CKM_AES_MAC_GENERAL 0x00001084 9727c478bd9Sstevel@tonic-gate #define CKM_AES_CBC_PAD 0x00001085 973f66d273dSizick 974*1e9884acSmcpowers /* AES counter mode is new for PKCS #11 v2.20 amendment 3 */ 975*1e9884acSmcpowers #define CKM_AES_CTR 0x00001086 976*1e9884acSmcpowers 977f66d273dSizick /* BlowFish and TwoFish are new for v2.20 */ 978f66d273dSizick #define CKM_BLOWFISH_KEY_GEN 0x00001090 979f66d273dSizick #define CKM_BLOWFISH_CBC 0x00001091 980f66d273dSizick #define CKM_TWOFISH_KEY_GEN 0x00001092 981f66d273dSizick #define CKM_TWOFISH_CBC 0x00001093 982f66d273dSizick 983f66d273dSizick 984f66d273dSizick /* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */ 985f66d273dSizick #define CKM_DES_ECB_ENCRYPT_DATA 0x00001100 986f66d273dSizick #define CKM_DES_CBC_ENCRYPT_DATA 0x00001101 987f66d273dSizick #define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102 988f66d273dSizick #define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103 989f66d273dSizick #define CKM_AES_ECB_ENCRYPT_DATA 0x00001104 990f66d273dSizick #define CKM_AES_CBC_ENCRYPT_DATA 0x00001105 991f66d273dSizick 9927c478bd9Sstevel@tonic-gate #define CKM_DSA_PARAMETER_GEN 0x00002000 9937c478bd9Sstevel@tonic-gate #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 9947c478bd9Sstevel@tonic-gate #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 9957c478bd9Sstevel@tonic-gate 9967c478bd9Sstevel@tonic-gate #define CKM_VENDOR_DEFINED 0x80000000 9977c478bd9Sstevel@tonic-gate 9987c478bd9Sstevel@tonic-gate typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; 9997c478bd9Sstevel@tonic-gate 10007c478bd9Sstevel@tonic-gate 10017c478bd9Sstevel@tonic-gate /* CK_MECHANISM is a structure that specifies a particular 10027c478bd9Sstevel@tonic-gate * mechanism */ 10037c478bd9Sstevel@tonic-gate typedef struct CK_MECHANISM { 10047c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mechanism; 10057c478bd9Sstevel@tonic-gate CK_VOID_PTR pParameter; 10067c478bd9Sstevel@tonic-gate 10077c478bd9Sstevel@tonic-gate /* ulParameterLen was changed from CK_USHORT to CK_ULONG for 10087c478bd9Sstevel@tonic-gate * v2.0 */ 10097c478bd9Sstevel@tonic-gate CK_ULONG ulParameterLen; /* in bytes */ 10107c478bd9Sstevel@tonic-gate } CK_MECHANISM; 10117c478bd9Sstevel@tonic-gate 10127c478bd9Sstevel@tonic-gate typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; 10137c478bd9Sstevel@tonic-gate 10147c478bd9Sstevel@tonic-gate 10157c478bd9Sstevel@tonic-gate /* CK_MECHANISM_INFO provides information about a particular 10167c478bd9Sstevel@tonic-gate * mechanism */ 10177c478bd9Sstevel@tonic-gate typedef struct CK_MECHANISM_INFO { 10187c478bd9Sstevel@tonic-gate CK_ULONG ulMinKeySize; 10197c478bd9Sstevel@tonic-gate CK_ULONG ulMaxKeySize; 10207c478bd9Sstevel@tonic-gate CK_FLAGS flags; 10217c478bd9Sstevel@tonic-gate } CK_MECHANISM_INFO; 10227c478bd9Sstevel@tonic-gate 10237c478bd9Sstevel@tonic-gate /* The flags are defined as follows: 10247c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning */ 10257c478bd9Sstevel@tonic-gate #define CKF_HW 0x00000001 /* performed by HW */ 10267c478bd9Sstevel@tonic-gate 10277c478bd9Sstevel@tonic-gate /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, 10287c478bd9Sstevel@tonic-gate * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, 10297c478bd9Sstevel@tonic-gate * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, 10307c478bd9Sstevel@tonic-gate * and CKF_DERIVE are new for v2.0. They specify whether or not 10317c478bd9Sstevel@tonic-gate * a mechanism can be used for a particular task */ 10327c478bd9Sstevel@tonic-gate #define CKF_ENCRYPT 0x00000100 10337c478bd9Sstevel@tonic-gate #define CKF_DECRYPT 0x00000200 10347c478bd9Sstevel@tonic-gate #define CKF_DIGEST 0x00000400 10357c478bd9Sstevel@tonic-gate #define CKF_SIGN 0x00000800 10367c478bd9Sstevel@tonic-gate #define CKF_SIGN_RECOVER 0x00001000 10377c478bd9Sstevel@tonic-gate #define CKF_VERIFY 0x00002000 10387c478bd9Sstevel@tonic-gate #define CKF_VERIFY_RECOVER 0x00004000 10397c478bd9Sstevel@tonic-gate #define CKF_GENERATE 0x00008000 10407c478bd9Sstevel@tonic-gate #define CKF_GENERATE_KEY_PAIR 0x00010000 10417c478bd9Sstevel@tonic-gate #define CKF_WRAP 0x00020000 10427c478bd9Sstevel@tonic-gate #define CKF_UNWRAP 0x00040000 10437c478bd9Sstevel@tonic-gate #define CKF_DERIVE 0x00080000 10447c478bd9Sstevel@tonic-gate 10457c478bd9Sstevel@tonic-gate /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, 10467c478bd9Sstevel@tonic-gate * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They 10477c478bd9Sstevel@tonic-gate * describe a token's EC capabilities not available in mechanism 10487c478bd9Sstevel@tonic-gate * information. */ 10497c478bd9Sstevel@tonic-gate #define CKF_EC_F_P 0x00100000 10507c478bd9Sstevel@tonic-gate #define CKF_EC_F_2M 0x00200000 10517c478bd9Sstevel@tonic-gate #define CKF_EC_ECPARAMETERS 0x00400000 10527c478bd9Sstevel@tonic-gate #define CKF_EC_NAMEDCURVE 0x00800000 10537c478bd9Sstevel@tonic-gate #define CKF_EC_UNCOMPRESS 0x01000000 10547c478bd9Sstevel@tonic-gate #define CKF_EC_COMPRESS 0x02000000 10557c478bd9Sstevel@tonic-gate 1056f66d273dSizick #define CKF_EXTENSION 0x80000000 /* FALSE for this version */ 10577c478bd9Sstevel@tonic-gate 10587c478bd9Sstevel@tonic-gate typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; 10597c478bd9Sstevel@tonic-gate 10607c478bd9Sstevel@tonic-gate 10617c478bd9Sstevel@tonic-gate /* CK_RV is a value that identifies the return value of a 10627c478bd9Sstevel@tonic-gate * Cryptoki function */ 10637c478bd9Sstevel@tonic-gate /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ 10647c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_RV; 10657c478bd9Sstevel@tonic-gate 10667c478bd9Sstevel@tonic-gate #define CKR_OK 0x00000000 10677c478bd9Sstevel@tonic-gate #define CKR_CANCEL 0x00000001 10687c478bd9Sstevel@tonic-gate #define CKR_HOST_MEMORY 0x00000002 10697c478bd9Sstevel@tonic-gate #define CKR_SLOT_ID_INVALID 0x00000003 10707c478bd9Sstevel@tonic-gate 10717c478bd9Sstevel@tonic-gate /* CKR_FLAGS_INVALID was removed for v2.0 */ 10727c478bd9Sstevel@tonic-gate 10737c478bd9Sstevel@tonic-gate /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ 10747c478bd9Sstevel@tonic-gate #define CKR_GENERAL_ERROR 0x00000005 10757c478bd9Sstevel@tonic-gate #define CKR_FUNCTION_FAILED 0x00000006 10767c478bd9Sstevel@tonic-gate 10777c478bd9Sstevel@tonic-gate /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, 10787c478bd9Sstevel@tonic-gate * and CKR_CANT_LOCK are new for v2.01 */ 10797c478bd9Sstevel@tonic-gate #define CKR_ARGUMENTS_BAD 0x00000007 10807c478bd9Sstevel@tonic-gate #define CKR_NO_EVENT 0x00000008 10817c478bd9Sstevel@tonic-gate #define CKR_NEED_TO_CREATE_THREADS 0x00000009 10827c478bd9Sstevel@tonic-gate #define CKR_CANT_LOCK 0x0000000A 10837c478bd9Sstevel@tonic-gate 10847c478bd9Sstevel@tonic-gate #define CKR_ATTRIBUTE_READ_ONLY 0x00000010 10857c478bd9Sstevel@tonic-gate #define CKR_ATTRIBUTE_SENSITIVE 0x00000011 10867c478bd9Sstevel@tonic-gate #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 10877c478bd9Sstevel@tonic-gate #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 10887c478bd9Sstevel@tonic-gate #define CKR_DATA_INVALID 0x00000020 10897c478bd9Sstevel@tonic-gate #define CKR_DATA_LEN_RANGE 0x00000021 10907c478bd9Sstevel@tonic-gate #define CKR_DEVICE_ERROR 0x00000030 10917c478bd9Sstevel@tonic-gate #define CKR_DEVICE_MEMORY 0x00000031 10927c478bd9Sstevel@tonic-gate #define CKR_DEVICE_REMOVED 0x00000032 10937c478bd9Sstevel@tonic-gate #define CKR_ENCRYPTED_DATA_INVALID 0x00000040 10947c478bd9Sstevel@tonic-gate #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 10957c478bd9Sstevel@tonic-gate #define CKR_FUNCTION_CANCELED 0x00000050 10967c478bd9Sstevel@tonic-gate #define CKR_FUNCTION_NOT_PARALLEL 0x00000051 10977c478bd9Sstevel@tonic-gate 10987c478bd9Sstevel@tonic-gate /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ 10997c478bd9Sstevel@tonic-gate #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 11007c478bd9Sstevel@tonic-gate 11017c478bd9Sstevel@tonic-gate #define CKR_KEY_HANDLE_INVALID 0x00000060 11027c478bd9Sstevel@tonic-gate 11037c478bd9Sstevel@tonic-gate /* CKR_KEY_SENSITIVE was removed for v2.0 */ 11047c478bd9Sstevel@tonic-gate 11057c478bd9Sstevel@tonic-gate #define CKR_KEY_SIZE_RANGE 0x00000062 11067c478bd9Sstevel@tonic-gate #define CKR_KEY_TYPE_INCONSISTENT 0x00000063 11077c478bd9Sstevel@tonic-gate 11087c478bd9Sstevel@tonic-gate /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, 11097c478bd9Sstevel@tonic-gate * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, 11107c478bd9Sstevel@tonic-gate * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for 11117c478bd9Sstevel@tonic-gate * v2.0 */ 11127c478bd9Sstevel@tonic-gate #define CKR_KEY_NOT_NEEDED 0x00000064 11137c478bd9Sstevel@tonic-gate #define CKR_KEY_CHANGED 0x00000065 11147c478bd9Sstevel@tonic-gate #define CKR_KEY_NEEDED 0x00000066 11157c478bd9Sstevel@tonic-gate #define CKR_KEY_INDIGESTIBLE 0x00000067 11167c478bd9Sstevel@tonic-gate #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 11177c478bd9Sstevel@tonic-gate #define CKR_KEY_NOT_WRAPPABLE 0x00000069 11187c478bd9Sstevel@tonic-gate #define CKR_KEY_UNEXTRACTABLE 0x0000006A 11197c478bd9Sstevel@tonic-gate 11207c478bd9Sstevel@tonic-gate #define CKR_MECHANISM_INVALID 0x00000070 11217c478bd9Sstevel@tonic-gate #define CKR_MECHANISM_PARAM_INVALID 0x00000071 11227c478bd9Sstevel@tonic-gate 11237c478bd9Sstevel@tonic-gate /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID 11247c478bd9Sstevel@tonic-gate * were removed for v2.0 */ 11257c478bd9Sstevel@tonic-gate #define CKR_OBJECT_HANDLE_INVALID 0x00000082 11267c478bd9Sstevel@tonic-gate #define CKR_OPERATION_ACTIVE 0x00000090 11277c478bd9Sstevel@tonic-gate #define CKR_OPERATION_NOT_INITIALIZED 0x00000091 11287c478bd9Sstevel@tonic-gate #define CKR_PIN_INCORRECT 0x000000A0 11297c478bd9Sstevel@tonic-gate #define CKR_PIN_INVALID 0x000000A1 11307c478bd9Sstevel@tonic-gate #define CKR_PIN_LEN_RANGE 0x000000A2 11317c478bd9Sstevel@tonic-gate 11327c478bd9Sstevel@tonic-gate /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ 11337c478bd9Sstevel@tonic-gate #define CKR_PIN_EXPIRED 0x000000A3 11347c478bd9Sstevel@tonic-gate #define CKR_PIN_LOCKED 0x000000A4 11357c478bd9Sstevel@tonic-gate 11367c478bd9Sstevel@tonic-gate #define CKR_SESSION_CLOSED 0x000000B0 11377c478bd9Sstevel@tonic-gate #define CKR_SESSION_COUNT 0x000000B1 11387c478bd9Sstevel@tonic-gate #define CKR_SESSION_HANDLE_INVALID 0x000000B3 11397c478bd9Sstevel@tonic-gate #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 11407c478bd9Sstevel@tonic-gate #define CKR_SESSION_READ_ONLY 0x000000B5 11417c478bd9Sstevel@tonic-gate #define CKR_SESSION_EXISTS 0x000000B6 11427c478bd9Sstevel@tonic-gate 11437c478bd9Sstevel@tonic-gate /* CKR_SESSION_READ_ONLY_EXISTS and 11447c478bd9Sstevel@tonic-gate * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ 11457c478bd9Sstevel@tonic-gate #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 11467c478bd9Sstevel@tonic-gate #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 11477c478bd9Sstevel@tonic-gate 11487c478bd9Sstevel@tonic-gate #define CKR_SIGNATURE_INVALID 0x000000C0 11497c478bd9Sstevel@tonic-gate #define CKR_SIGNATURE_LEN_RANGE 0x000000C1 11507c478bd9Sstevel@tonic-gate #define CKR_TEMPLATE_INCOMPLETE 0x000000D0 11517c478bd9Sstevel@tonic-gate #define CKR_TEMPLATE_INCONSISTENT 0x000000D1 11527c478bd9Sstevel@tonic-gate #define CKR_TOKEN_NOT_PRESENT 0x000000E0 11537c478bd9Sstevel@tonic-gate #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 11547c478bd9Sstevel@tonic-gate #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 11557c478bd9Sstevel@tonic-gate #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 11567c478bd9Sstevel@tonic-gate #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 11577c478bd9Sstevel@tonic-gate #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 11587c478bd9Sstevel@tonic-gate #define CKR_USER_ALREADY_LOGGED_IN 0x00000100 11597c478bd9Sstevel@tonic-gate #define CKR_USER_NOT_LOGGED_IN 0x00000101 11607c478bd9Sstevel@tonic-gate #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 11617c478bd9Sstevel@tonic-gate #define CKR_USER_TYPE_INVALID 0x00000103 11627c478bd9Sstevel@tonic-gate 11637c478bd9Sstevel@tonic-gate /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES 11647c478bd9Sstevel@tonic-gate * are new to v2.01 */ 11657c478bd9Sstevel@tonic-gate #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 11667c478bd9Sstevel@tonic-gate #define CKR_USER_TOO_MANY_TYPES 0x00000105 11677c478bd9Sstevel@tonic-gate 11687c478bd9Sstevel@tonic-gate #define CKR_WRAPPED_KEY_INVALID 0x00000110 11697c478bd9Sstevel@tonic-gate #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 11707c478bd9Sstevel@tonic-gate #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 11717c478bd9Sstevel@tonic-gate #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 11727c478bd9Sstevel@tonic-gate #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 11737c478bd9Sstevel@tonic-gate #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 11747c478bd9Sstevel@tonic-gate 11757c478bd9Sstevel@tonic-gate /* These are new to v2.0 */ 11767c478bd9Sstevel@tonic-gate #define CKR_RANDOM_NO_RNG 0x00000121 11777c478bd9Sstevel@tonic-gate 11787c478bd9Sstevel@tonic-gate /* These are new to v2.11 */ 11797c478bd9Sstevel@tonic-gate #define CKR_DOMAIN_PARAMS_INVALID 0x00000130 11807c478bd9Sstevel@tonic-gate 11817c478bd9Sstevel@tonic-gate /* These are new to v2.0 */ 11827c478bd9Sstevel@tonic-gate #define CKR_BUFFER_TOO_SMALL 0x00000150 11837c478bd9Sstevel@tonic-gate #define CKR_SAVED_STATE_INVALID 0x00000160 11847c478bd9Sstevel@tonic-gate #define CKR_INFORMATION_SENSITIVE 0x00000170 11857c478bd9Sstevel@tonic-gate #define CKR_STATE_UNSAVEABLE 0x00000180 11867c478bd9Sstevel@tonic-gate 11877c478bd9Sstevel@tonic-gate /* These are new to v2.01 */ 11887c478bd9Sstevel@tonic-gate #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 11897c478bd9Sstevel@tonic-gate #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 11907c478bd9Sstevel@tonic-gate #define CKR_MUTEX_BAD 0x000001A0 11917c478bd9Sstevel@tonic-gate #define CKR_MUTEX_NOT_LOCKED 0x000001A1 11927c478bd9Sstevel@tonic-gate 1193*1e9884acSmcpowers /* The following return values are new for PKCS #11 v2.20 amendment 3 */ 1194*1e9884acSmcpowers #define CKR_NEW_PIN_MODE 0x000001B0 1195*1e9884acSmcpowers #define CKR_NEXT_OTP 0x000001B1 1196*1e9884acSmcpowers 1197f66d273dSizick /* This is new to v2.20 */ 1198f66d273dSizick #define CKR_FUNCTION_REJECTED 0x00000200 1199f66d273dSizick 12007c478bd9Sstevel@tonic-gate #define CKR_VENDOR_DEFINED 0x80000000 12017c478bd9Sstevel@tonic-gate 12027c478bd9Sstevel@tonic-gate 12037c478bd9Sstevel@tonic-gate /* CK_NOTIFY is an application callback that processes events */ 12047c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( 12057c478bd9Sstevel@tonic-gate CK_SESSION_HANDLE hSession, /* the session's handle */ 12067c478bd9Sstevel@tonic-gate CK_NOTIFICATION event, 12077c478bd9Sstevel@tonic-gate CK_VOID_PTR pApplication /* passed to C_OpenSession */ 12087c478bd9Sstevel@tonic-gate ); 12097c478bd9Sstevel@tonic-gate 12107c478bd9Sstevel@tonic-gate 12117c478bd9Sstevel@tonic-gate /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec 12127c478bd9Sstevel@tonic-gate * version and pointers of appropriate types to all the 12137c478bd9Sstevel@tonic-gate * Cryptoki functions */ 12147c478bd9Sstevel@tonic-gate /* CK_FUNCTION_LIST is new for v2.0 */ 12157c478bd9Sstevel@tonic-gate typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 12167c478bd9Sstevel@tonic-gate 12177c478bd9Sstevel@tonic-gate typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; 12187c478bd9Sstevel@tonic-gate 12197c478bd9Sstevel@tonic-gate typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; 12207c478bd9Sstevel@tonic-gate 12217c478bd9Sstevel@tonic-gate 12227c478bd9Sstevel@tonic-gate /* CK_CREATEMUTEX is an application callback for creating a 12237c478bd9Sstevel@tonic-gate * mutex object */ 12247c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( 12257c478bd9Sstevel@tonic-gate CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ 12267c478bd9Sstevel@tonic-gate ); 12277c478bd9Sstevel@tonic-gate 12287c478bd9Sstevel@tonic-gate 12297c478bd9Sstevel@tonic-gate /* CK_DESTROYMUTEX is an application callback for destroying a 12307c478bd9Sstevel@tonic-gate * mutex object */ 12317c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( 12327c478bd9Sstevel@tonic-gate CK_VOID_PTR pMutex /* pointer to mutex */ 12337c478bd9Sstevel@tonic-gate ); 12347c478bd9Sstevel@tonic-gate 12357c478bd9Sstevel@tonic-gate 12367c478bd9Sstevel@tonic-gate /* CK_LOCKMUTEX is an application callback for locking a mutex */ 12377c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( 12387c478bd9Sstevel@tonic-gate CK_VOID_PTR pMutex /* pointer to mutex */ 12397c478bd9Sstevel@tonic-gate ); 12407c478bd9Sstevel@tonic-gate 12417c478bd9Sstevel@tonic-gate 12427c478bd9Sstevel@tonic-gate /* CK_UNLOCKMUTEX is an application callback for unlocking a 12437c478bd9Sstevel@tonic-gate * mutex */ 12447c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( 12457c478bd9Sstevel@tonic-gate CK_VOID_PTR pMutex /* pointer to mutex */ 12467c478bd9Sstevel@tonic-gate ); 12477c478bd9Sstevel@tonic-gate 12487c478bd9Sstevel@tonic-gate 12497c478bd9Sstevel@tonic-gate /* CK_C_INITIALIZE_ARGS provides the optional arguments to 12507c478bd9Sstevel@tonic-gate * C_Initialize */ 12517c478bd9Sstevel@tonic-gate typedef struct CK_C_INITIALIZE_ARGS { 12527c478bd9Sstevel@tonic-gate CK_CREATEMUTEX CreateMutex; 12537c478bd9Sstevel@tonic-gate CK_DESTROYMUTEX DestroyMutex; 12547c478bd9Sstevel@tonic-gate CK_LOCKMUTEX LockMutex; 12557c478bd9Sstevel@tonic-gate CK_UNLOCKMUTEX UnlockMutex; 12567c478bd9Sstevel@tonic-gate CK_FLAGS flags; 12577c478bd9Sstevel@tonic-gate CK_VOID_PTR pReserved; 12587c478bd9Sstevel@tonic-gate } CK_C_INITIALIZE_ARGS; 12597c478bd9Sstevel@tonic-gate 12607c478bd9Sstevel@tonic-gate /* flags: bit flags that provide capabilities of the slot 12617c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning 12627c478bd9Sstevel@tonic-gate */ 12637c478bd9Sstevel@tonic-gate #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 12647c478bd9Sstevel@tonic-gate #define CKF_OS_LOCKING_OK 0x00000002 12657c478bd9Sstevel@tonic-gate 12667c478bd9Sstevel@tonic-gate typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; 12677c478bd9Sstevel@tonic-gate 12687c478bd9Sstevel@tonic-gate 12697c478bd9Sstevel@tonic-gate /* additional flags for parameters to functions */ 12707c478bd9Sstevel@tonic-gate 12717c478bd9Sstevel@tonic-gate /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ 12727c478bd9Sstevel@tonic-gate #define CKF_DONT_BLOCK 1 12737c478bd9Sstevel@tonic-gate 12747c478bd9Sstevel@tonic-gate /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. 12757c478bd9Sstevel@tonic-gate * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message 12767c478bd9Sstevel@tonic-gate * Generation Function (MGF) applied to a message block when 12777c478bd9Sstevel@tonic-gate * formatting a message block for the PKCS #1 OAEP encryption 12787c478bd9Sstevel@tonic-gate * scheme. */ 12797c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 12807c478bd9Sstevel@tonic-gate 12817c478bd9Sstevel@tonic-gate typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; 12827c478bd9Sstevel@tonic-gate 12837c478bd9Sstevel@tonic-gate /* The following MGFs are defined */ 1284f66d273dSizick /* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512 1285f66d273dSizick * are new for v2.20 */ 12867c478bd9Sstevel@tonic-gate #define CKG_MGF1_SHA1 0x00000001 1287f66d273dSizick #define CKG_MGF1_SHA256 0x00000002 1288f66d273dSizick #define CKG_MGF1_SHA384 0x00000003 1289f66d273dSizick #define CKG_MGF1_SHA512 0x00000004 1290*1e9884acSmcpowers /* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ 1291*1e9884acSmcpowers #define CKG_MGF1_SHA224 0x00000005 12927c478bd9Sstevel@tonic-gate 12937c478bd9Sstevel@tonic-gate /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. 12947c478bd9Sstevel@tonic-gate * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source 12957c478bd9Sstevel@tonic-gate * of the encoding parameter when formatting a message block 12967c478bd9Sstevel@tonic-gate * for the PKCS #1 OAEP encryption scheme. */ 12977c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 12987c478bd9Sstevel@tonic-gate 12997c478bd9Sstevel@tonic-gate typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; 13007c478bd9Sstevel@tonic-gate 13017c478bd9Sstevel@tonic-gate /* The following encoding parameter sources are defined */ 13027c478bd9Sstevel@tonic-gate #define CKZ_DATA_SPECIFIED 0x00000001 13037c478bd9Sstevel@tonic-gate 13047c478bd9Sstevel@tonic-gate /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. 13057c478bd9Sstevel@tonic-gate * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the 13067c478bd9Sstevel@tonic-gate * CKM_RSA_PKCS_OAEP mechanism. */ 13077c478bd9Sstevel@tonic-gate typedef struct CK_RSA_PKCS_OAEP_PARAMS { 13087c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE hashAlg; 13097c478bd9Sstevel@tonic-gate CK_RSA_PKCS_MGF_TYPE mgf; 13107c478bd9Sstevel@tonic-gate CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 13117c478bd9Sstevel@tonic-gate CK_VOID_PTR pSourceData; 13127c478bd9Sstevel@tonic-gate CK_ULONG ulSourceDataLen; 13137c478bd9Sstevel@tonic-gate } CK_RSA_PKCS_OAEP_PARAMS; 13147c478bd9Sstevel@tonic-gate 13157c478bd9Sstevel@tonic-gate typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; 13167c478bd9Sstevel@tonic-gate 13177c478bd9Sstevel@tonic-gate /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. 13187c478bd9Sstevel@tonic-gate * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the 13197c478bd9Sstevel@tonic-gate * CKM_RSA_PKCS_PSS mechanism(s). */ 13207c478bd9Sstevel@tonic-gate typedef struct CK_RSA_PKCS_PSS_PARAMS { 13217c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE hashAlg; 13227c478bd9Sstevel@tonic-gate CK_RSA_PKCS_MGF_TYPE mgf; 13237c478bd9Sstevel@tonic-gate CK_ULONG sLen; 13247c478bd9Sstevel@tonic-gate } CK_RSA_PKCS_PSS_PARAMS; 13257c478bd9Sstevel@tonic-gate 13267c478bd9Sstevel@tonic-gate typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; 13277c478bd9Sstevel@tonic-gate 13287c478bd9Sstevel@tonic-gate /* CK_EC_KDF_TYPE is new for v2.11. */ 13297c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_EC_KDF_TYPE; 13307c478bd9Sstevel@tonic-gate 13317c478bd9Sstevel@tonic-gate /* The following EC Key Derivation Functions are defined */ 13327c478bd9Sstevel@tonic-gate #define CKD_NULL 0x00000001 13337c478bd9Sstevel@tonic-gate #define CKD_SHA1_KDF 0x00000002 13347c478bd9Sstevel@tonic-gate 13357c478bd9Sstevel@tonic-gate /* CK_ECDH1_DERIVE_PARAMS is new for v2.11. 13367c478bd9Sstevel@tonic-gate * CK_ECDH1_DERIVE_PARAMS provides the parameters to the 13377c478bd9Sstevel@tonic-gate * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, 13387c478bd9Sstevel@tonic-gate * where each party contributes one key pair. 13397c478bd9Sstevel@tonic-gate */ 13407c478bd9Sstevel@tonic-gate typedef struct CK_ECDH1_DERIVE_PARAMS { 13417c478bd9Sstevel@tonic-gate CK_EC_KDF_TYPE kdf; 13427c478bd9Sstevel@tonic-gate CK_ULONG ulSharedDataLen; 13437c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSharedData; 13447c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 13457c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 13467c478bd9Sstevel@tonic-gate } CK_ECDH1_DERIVE_PARAMS; 13477c478bd9Sstevel@tonic-gate 13487c478bd9Sstevel@tonic-gate typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; 13497c478bd9Sstevel@tonic-gate 13507c478bd9Sstevel@tonic-gate 13517c478bd9Sstevel@tonic-gate /* CK_ECDH2_DERIVE_PARAMS is new for v2.11. 13527c478bd9Sstevel@tonic-gate * CK_ECDH2_DERIVE_PARAMS provides the parameters to the 13537c478bd9Sstevel@tonic-gate * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */ 13547c478bd9Sstevel@tonic-gate typedef struct CK_ECDH2_DERIVE_PARAMS { 13557c478bd9Sstevel@tonic-gate CK_EC_KDF_TYPE kdf; 13567c478bd9Sstevel@tonic-gate CK_ULONG ulSharedDataLen; 13577c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSharedData; 13587c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 13597c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 13607c478bd9Sstevel@tonic-gate CK_ULONG ulPrivateDataLen; 13617c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hPrivateData; 13627c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen2; 13637c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData2; 13647c478bd9Sstevel@tonic-gate } CK_ECDH2_DERIVE_PARAMS; 13657c478bd9Sstevel@tonic-gate 13667c478bd9Sstevel@tonic-gate typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; 13677c478bd9Sstevel@tonic-gate 1368f66d273dSizick typedef struct CK_ECMQV_DERIVE_PARAMS { 1369f66d273dSizick CK_EC_KDF_TYPE kdf; 1370f66d273dSizick CK_ULONG ulSharedDataLen; 1371f66d273dSizick CK_BYTE_PTR pSharedData; 1372f66d273dSizick CK_ULONG ulPublicDataLen; 1373f66d273dSizick CK_BYTE_PTR pPublicData; 1374f66d273dSizick CK_ULONG ulPrivateDataLen; 1375f66d273dSizick CK_OBJECT_HANDLE hPrivateData; 1376f66d273dSizick CK_ULONG ulPublicDataLen2; 1377f66d273dSizick CK_BYTE_PTR pPublicData2; 1378f66d273dSizick CK_OBJECT_HANDLE publicKey; 1379f66d273dSizick } CK_ECMQV_DERIVE_PARAMS; 1380f66d273dSizick 1381f66d273dSizick typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR; 1382f66d273dSizick 13837c478bd9Sstevel@tonic-gate /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the 13847c478bd9Sstevel@tonic-gate * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */ 13857c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; 13867c478bd9Sstevel@tonic-gate typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; 13877c478bd9Sstevel@tonic-gate 1388f66d273dSizick /* The following X9.42 DH key derivation functions are defined 1389f66d273dSizick (besides CKD_NULL already defined : */ 13907c478bd9Sstevel@tonic-gate #define CKD_SHA1_KDF_ASN1 0x00000003 13917c478bd9Sstevel@tonic-gate #define CKD_SHA1_KDF_CONCATENATE 0x00000004 13927c478bd9Sstevel@tonic-gate 13937c478bd9Sstevel@tonic-gate /* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11. 13947c478bd9Sstevel@tonic-gate * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the 13957c478bd9Sstevel@tonic-gate * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party 13967c478bd9Sstevel@tonic-gate * contributes one key pair */ 13977c478bd9Sstevel@tonic-gate typedef struct CK_X9_42_DH1_DERIVE_PARAMS { 13987c478bd9Sstevel@tonic-gate CK_X9_42_DH_KDF_TYPE kdf; 13997c478bd9Sstevel@tonic-gate CK_ULONG ulOtherInfoLen; 14007c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOtherInfo; 14017c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 14027c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 14037c478bd9Sstevel@tonic-gate } CK_X9_42_DH1_DERIVE_PARAMS; 14047c478bd9Sstevel@tonic-gate 14057c478bd9Sstevel@tonic-gate typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; 14067c478bd9Sstevel@tonic-gate 14077c478bd9Sstevel@tonic-gate /* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11. 14087c478bd9Sstevel@tonic-gate * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the 14097c478bd9Sstevel@tonic-gate * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation 14107c478bd9Sstevel@tonic-gate * mechanisms, where each party contributes two key pairs */ 14117c478bd9Sstevel@tonic-gate typedef struct CK_X9_42_DH2_DERIVE_PARAMS { 14127c478bd9Sstevel@tonic-gate CK_X9_42_DH_KDF_TYPE kdf; 14137c478bd9Sstevel@tonic-gate CK_ULONG ulOtherInfoLen; 14147c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOtherInfo; 14157c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 14167c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 14177c478bd9Sstevel@tonic-gate CK_ULONG ulPrivateDataLen; 14187c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hPrivateData; 14197c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen2; 14207c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData2; 14217c478bd9Sstevel@tonic-gate } CK_X9_42_DH2_DERIVE_PARAMS; 14227c478bd9Sstevel@tonic-gate 14237c478bd9Sstevel@tonic-gate typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; 14247c478bd9Sstevel@tonic-gate 1425f66d273dSizick typedef struct CK_X9_42_MQV_DERIVE_PARAMS { 1426f66d273dSizick CK_X9_42_DH_KDF_TYPE kdf; 1427f66d273dSizick CK_ULONG ulOtherInfoLen; 1428f66d273dSizick CK_BYTE_PTR pOtherInfo; 1429f66d273dSizick CK_ULONG ulPublicDataLen; 1430f66d273dSizick CK_BYTE_PTR pPublicData; 1431f66d273dSizick CK_ULONG ulPrivateDataLen; 1432f66d273dSizick CK_OBJECT_HANDLE hPrivateData; 1433f66d273dSizick CK_ULONG ulPublicDataLen2; 1434f66d273dSizick CK_BYTE_PTR pPublicData2; 1435f66d273dSizick CK_OBJECT_HANDLE publicKey; 1436f66d273dSizick } CK_X9_42_MQV_DERIVE_PARAMS; 1437f66d273dSizick 1438f66d273dSizick typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR; 1439f66d273dSizick 14407c478bd9Sstevel@tonic-gate /* CK_KEA_DERIVE_PARAMS provides the parameters to the 14417c478bd9Sstevel@tonic-gate * CKM_KEA_DERIVE mechanism */ 14427c478bd9Sstevel@tonic-gate /* CK_KEA_DERIVE_PARAMS is new for v2.0 */ 14437c478bd9Sstevel@tonic-gate typedef struct CK_KEA_DERIVE_PARAMS { 14447c478bd9Sstevel@tonic-gate CK_BBOOL isSender; 14457c478bd9Sstevel@tonic-gate CK_ULONG ulRandomLen; 14467c478bd9Sstevel@tonic-gate CK_BYTE_PTR pRandomA; 14477c478bd9Sstevel@tonic-gate CK_BYTE_PTR pRandomB; 14487c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 14497c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 14507c478bd9Sstevel@tonic-gate } CK_KEA_DERIVE_PARAMS; 14517c478bd9Sstevel@tonic-gate 14527c478bd9Sstevel@tonic-gate typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; 14537c478bd9Sstevel@tonic-gate 14547c478bd9Sstevel@tonic-gate 14557c478bd9Sstevel@tonic-gate /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and 14567c478bd9Sstevel@tonic-gate * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just 14577c478bd9Sstevel@tonic-gate * holds the effective keysize */ 14587c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_RC2_PARAMS; 14597c478bd9Sstevel@tonic-gate 14607c478bd9Sstevel@tonic-gate typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; 14617c478bd9Sstevel@tonic-gate 14627c478bd9Sstevel@tonic-gate 14637c478bd9Sstevel@tonic-gate /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC 14647c478bd9Sstevel@tonic-gate * mechanism */ 14657c478bd9Sstevel@tonic-gate typedef struct CK_RC2_CBC_PARAMS { 14667c478bd9Sstevel@tonic-gate /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for 14677c478bd9Sstevel@tonic-gate * v2.0 */ 14687c478bd9Sstevel@tonic-gate CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 14697c478bd9Sstevel@tonic-gate 14707c478bd9Sstevel@tonic-gate CK_BYTE iv[8]; /* IV for CBC mode */ 14717c478bd9Sstevel@tonic-gate } CK_RC2_CBC_PARAMS; 14727c478bd9Sstevel@tonic-gate 14737c478bd9Sstevel@tonic-gate typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; 14747c478bd9Sstevel@tonic-gate 14757c478bd9Sstevel@tonic-gate 14767c478bd9Sstevel@tonic-gate /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the 14777c478bd9Sstevel@tonic-gate * CKM_RC2_MAC_GENERAL mechanism */ 14787c478bd9Sstevel@tonic-gate /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ 14797c478bd9Sstevel@tonic-gate typedef struct CK_RC2_MAC_GENERAL_PARAMS { 14807c478bd9Sstevel@tonic-gate CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 14817c478bd9Sstevel@tonic-gate CK_ULONG ulMacLength; /* Length of MAC in bytes */ 14827c478bd9Sstevel@tonic-gate } CK_RC2_MAC_GENERAL_PARAMS; 14837c478bd9Sstevel@tonic-gate 14847c478bd9Sstevel@tonic-gate typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ 14857c478bd9Sstevel@tonic-gate CK_RC2_MAC_GENERAL_PARAMS_PTR; 14867c478bd9Sstevel@tonic-gate 14877c478bd9Sstevel@tonic-gate 14887c478bd9Sstevel@tonic-gate /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and 14897c478bd9Sstevel@tonic-gate * CKM_RC5_MAC mechanisms */ 14907c478bd9Sstevel@tonic-gate /* CK_RC5_PARAMS is new for v2.0 */ 14917c478bd9Sstevel@tonic-gate typedef struct CK_RC5_PARAMS { 14927c478bd9Sstevel@tonic-gate CK_ULONG ulWordsize; /* wordsize in bits */ 14937c478bd9Sstevel@tonic-gate CK_ULONG ulRounds; /* number of rounds */ 14947c478bd9Sstevel@tonic-gate } CK_RC5_PARAMS; 14957c478bd9Sstevel@tonic-gate 14967c478bd9Sstevel@tonic-gate typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; 14977c478bd9Sstevel@tonic-gate 14987c478bd9Sstevel@tonic-gate 14997c478bd9Sstevel@tonic-gate /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC 15007c478bd9Sstevel@tonic-gate * mechanism */ 15017c478bd9Sstevel@tonic-gate /* CK_RC5_CBC_PARAMS is new for v2.0 */ 15027c478bd9Sstevel@tonic-gate typedef struct CK_RC5_CBC_PARAMS { 15037c478bd9Sstevel@tonic-gate CK_ULONG ulWordsize; /* wordsize in bits */ 15047c478bd9Sstevel@tonic-gate CK_ULONG ulRounds; /* number of rounds */ 15057c478bd9Sstevel@tonic-gate CK_BYTE_PTR pIv; /* pointer to IV */ 15067c478bd9Sstevel@tonic-gate CK_ULONG ulIvLen; /* length of IV in bytes */ 15077c478bd9Sstevel@tonic-gate } CK_RC5_CBC_PARAMS; 15087c478bd9Sstevel@tonic-gate 15097c478bd9Sstevel@tonic-gate typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; 15107c478bd9Sstevel@tonic-gate 15117c478bd9Sstevel@tonic-gate 15127c478bd9Sstevel@tonic-gate /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the 15137c478bd9Sstevel@tonic-gate * CKM_RC5_MAC_GENERAL mechanism */ 15147c478bd9Sstevel@tonic-gate /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ 15157c478bd9Sstevel@tonic-gate typedef struct CK_RC5_MAC_GENERAL_PARAMS { 15167c478bd9Sstevel@tonic-gate CK_ULONG ulWordsize; /* wordsize in bits */ 15177c478bd9Sstevel@tonic-gate CK_ULONG ulRounds; /* number of rounds */ 15187c478bd9Sstevel@tonic-gate CK_ULONG ulMacLength; /* Length of MAC in bytes */ 15197c478bd9Sstevel@tonic-gate } CK_RC5_MAC_GENERAL_PARAMS; 15207c478bd9Sstevel@tonic-gate 15217c478bd9Sstevel@tonic-gate typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ 15227c478bd9Sstevel@tonic-gate CK_RC5_MAC_GENERAL_PARAMS_PTR; 15237c478bd9Sstevel@tonic-gate 15247c478bd9Sstevel@tonic-gate 15257c478bd9Sstevel@tonic-gate /* CK_MAC_GENERAL_PARAMS provides the parameters to most block 15267c478bd9Sstevel@tonic-gate * ciphers' MAC_GENERAL mechanisms. Its value is the length of 15277c478bd9Sstevel@tonic-gate * the MAC */ 15287c478bd9Sstevel@tonic-gate /* CK_MAC_GENERAL_PARAMS is new for v2.0 */ 15297c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 15307c478bd9Sstevel@tonic-gate 15317c478bd9Sstevel@tonic-gate typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; 15327c478bd9Sstevel@tonic-gate 1533f66d273dSizick /* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */ 1534f66d273dSizick typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS { 1535f66d273dSizick CK_BYTE iv[8]; 1536f66d273dSizick CK_BYTE_PTR pData; 1537f66d273dSizick CK_ULONG length; 1538f66d273dSizick } CK_DES_CBC_ENCRYPT_DATA_PARAMS; 1539f66d273dSizick 1540f66d273dSizick typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; 1541f66d273dSizick 1542f66d273dSizick typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { 1543f66d273dSizick CK_BYTE iv[16]; 1544f66d273dSizick CK_BYTE_PTR pData; 1545f66d273dSizick CK_ULONG length; 1546f66d273dSizick } CK_AES_CBC_ENCRYPT_DATA_PARAMS; 1547f66d273dSizick 1548f66d273dSizick typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; 15497c478bd9Sstevel@tonic-gate 15507c478bd9Sstevel@tonic-gate /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the 15517c478bd9Sstevel@tonic-gate * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ 15527c478bd9Sstevel@tonic-gate /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ 15537c478bd9Sstevel@tonic-gate typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { 15547c478bd9Sstevel@tonic-gate CK_ULONG ulPasswordLen; 15557c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPassword; 15567c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 15577c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 15587c478bd9Sstevel@tonic-gate CK_ULONG ulPAndGLen; 15597c478bd9Sstevel@tonic-gate CK_ULONG ulQLen; 15607c478bd9Sstevel@tonic-gate CK_ULONG ulRandomLen; 15617c478bd9Sstevel@tonic-gate CK_BYTE_PTR pRandomA; 15627c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPrimeP; 15637c478bd9Sstevel@tonic-gate CK_BYTE_PTR pBaseG; 15647c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSubprimeQ; 15657c478bd9Sstevel@tonic-gate } CK_SKIPJACK_PRIVATE_WRAP_PARAMS; 15667c478bd9Sstevel@tonic-gate 15677c478bd9Sstevel@tonic-gate typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ 15687c478bd9Sstevel@tonic-gate CK_SKIPJACK_PRIVATE_WRAP_PTR; 15697c478bd9Sstevel@tonic-gate 15707c478bd9Sstevel@tonic-gate 15717c478bd9Sstevel@tonic-gate /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the 15727c478bd9Sstevel@tonic-gate * CKM_SKIPJACK_RELAYX mechanism */ 15737c478bd9Sstevel@tonic-gate /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ 15747c478bd9Sstevel@tonic-gate typedef struct CK_SKIPJACK_RELAYX_PARAMS { 15757c478bd9Sstevel@tonic-gate CK_ULONG ulOldWrappedXLen; 15767c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOldWrappedX; 15777c478bd9Sstevel@tonic-gate CK_ULONG ulOldPasswordLen; 15787c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOldPassword; 15797c478bd9Sstevel@tonic-gate CK_ULONG ulOldPublicDataLen; 15807c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOldPublicData; 15817c478bd9Sstevel@tonic-gate CK_ULONG ulOldRandomLen; 15827c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOldRandomA; 15837c478bd9Sstevel@tonic-gate CK_ULONG ulNewPasswordLen; 15847c478bd9Sstevel@tonic-gate CK_BYTE_PTR pNewPassword; 15857c478bd9Sstevel@tonic-gate CK_ULONG ulNewPublicDataLen; 15867c478bd9Sstevel@tonic-gate CK_BYTE_PTR pNewPublicData; 15877c478bd9Sstevel@tonic-gate CK_ULONG ulNewRandomLen; 15887c478bd9Sstevel@tonic-gate CK_BYTE_PTR pNewRandomA; 15897c478bd9Sstevel@tonic-gate } CK_SKIPJACK_RELAYX_PARAMS; 15907c478bd9Sstevel@tonic-gate 15917c478bd9Sstevel@tonic-gate typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ 15927c478bd9Sstevel@tonic-gate CK_SKIPJACK_RELAYX_PARAMS_PTR; 15937c478bd9Sstevel@tonic-gate 15947c478bd9Sstevel@tonic-gate 15957c478bd9Sstevel@tonic-gate typedef struct CK_PBE_PARAMS { 15967c478bd9Sstevel@tonic-gate CK_BYTE_PTR pInitVector; 15977c478bd9Sstevel@tonic-gate CK_UTF8CHAR_PTR pPassword; 15987c478bd9Sstevel@tonic-gate CK_ULONG ulPasswordLen; 15997c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSalt; 16007c478bd9Sstevel@tonic-gate CK_ULONG ulSaltLen; 16017c478bd9Sstevel@tonic-gate CK_ULONG ulIteration; 16027c478bd9Sstevel@tonic-gate } CK_PBE_PARAMS; 16037c478bd9Sstevel@tonic-gate 16047c478bd9Sstevel@tonic-gate typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; 16057c478bd9Sstevel@tonic-gate 16067c478bd9Sstevel@tonic-gate 16077c478bd9Sstevel@tonic-gate /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the 16087c478bd9Sstevel@tonic-gate * CKM_KEY_WRAP_SET_OAEP mechanism */ 16097c478bd9Sstevel@tonic-gate /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ 16107c478bd9Sstevel@tonic-gate typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { 16117c478bd9Sstevel@tonic-gate CK_BYTE bBC; /* block contents byte */ 16127c478bd9Sstevel@tonic-gate CK_BYTE_PTR pX; /* extra data */ 16137c478bd9Sstevel@tonic-gate CK_ULONG ulXLen; /* length of extra data in bytes */ 16147c478bd9Sstevel@tonic-gate } CK_KEY_WRAP_SET_OAEP_PARAMS; 16157c478bd9Sstevel@tonic-gate 16167c478bd9Sstevel@tonic-gate typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \ 16177c478bd9Sstevel@tonic-gate CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; 16187c478bd9Sstevel@tonic-gate 16197c478bd9Sstevel@tonic-gate 16207c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_RANDOM_DATA { 16217c478bd9Sstevel@tonic-gate CK_BYTE_PTR pClientRandom; 16227c478bd9Sstevel@tonic-gate CK_ULONG ulClientRandomLen; 16237c478bd9Sstevel@tonic-gate CK_BYTE_PTR pServerRandom; 16247c478bd9Sstevel@tonic-gate CK_ULONG ulServerRandomLen; 16257c478bd9Sstevel@tonic-gate } CK_SSL3_RANDOM_DATA; 16267c478bd9Sstevel@tonic-gate 16277c478bd9Sstevel@tonic-gate 16287c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { 16297c478bd9Sstevel@tonic-gate CK_SSL3_RANDOM_DATA RandomInfo; 16307c478bd9Sstevel@tonic-gate CK_VERSION_PTR pVersion; 16317c478bd9Sstevel@tonic-gate } CK_SSL3_MASTER_KEY_DERIVE_PARAMS; 16327c478bd9Sstevel@tonic-gate 16337c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ 16347c478bd9Sstevel@tonic-gate CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; 16357c478bd9Sstevel@tonic-gate 16367c478bd9Sstevel@tonic-gate 16377c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_KEY_MAT_OUT { 16387c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hClientMacSecret; 16397c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hServerMacSecret; 16407c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hClientKey; 16417c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hServerKey; 16427c478bd9Sstevel@tonic-gate CK_BYTE_PTR pIVClient; 16437c478bd9Sstevel@tonic-gate CK_BYTE_PTR pIVServer; 16447c478bd9Sstevel@tonic-gate } CK_SSL3_KEY_MAT_OUT; 16457c478bd9Sstevel@tonic-gate 16467c478bd9Sstevel@tonic-gate typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; 16477c478bd9Sstevel@tonic-gate 16487c478bd9Sstevel@tonic-gate 16497c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_KEY_MAT_PARAMS { 16507c478bd9Sstevel@tonic-gate CK_ULONG ulMacSizeInBits; 16517c478bd9Sstevel@tonic-gate CK_ULONG ulKeySizeInBits; 16527c478bd9Sstevel@tonic-gate CK_ULONG ulIVSizeInBits; 16537c478bd9Sstevel@tonic-gate CK_BBOOL bIsExport; 16547c478bd9Sstevel@tonic-gate CK_SSL3_RANDOM_DATA RandomInfo; 16557c478bd9Sstevel@tonic-gate CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 16567c478bd9Sstevel@tonic-gate } CK_SSL3_KEY_MAT_PARAMS; 16577c478bd9Sstevel@tonic-gate 16587c478bd9Sstevel@tonic-gate typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; 16597c478bd9Sstevel@tonic-gate 1660f66d273dSizick /* CK_TLS_PRF_PARAMS is new for version 2.20 */ 1661f66d273dSizick typedef struct CK_TLS_PRF_PARAMS { 1662f66d273dSizick CK_BYTE_PTR pSeed; 1663f66d273dSizick CK_ULONG ulSeedLen; 1664f66d273dSizick CK_BYTE_PTR pLabel; 1665f66d273dSizick CK_ULONG ulLabelLen; 1666f66d273dSizick CK_BYTE_PTR pOutput; 1667f66d273dSizick CK_ULONG_PTR pulOutputLen; 1668f66d273dSizick } CK_TLS_PRF_PARAMS; 1669f66d273dSizick 1670f66d273dSizick typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; 1671f66d273dSizick 1672f66d273dSizick /* WTLS is new for version 2.20 */ 1673f66d273dSizick typedef struct CK_WTLS_RANDOM_DATA { 1674f66d273dSizick CK_BYTE_PTR pClientRandom; 1675f66d273dSizick CK_ULONG ulClientRandomLen; 1676f66d273dSizick CK_BYTE_PTR pServerRandom; 1677f66d273dSizick CK_ULONG ulServerRandomLen; 1678f66d273dSizick } CK_WTLS_RANDOM_DATA; 1679f66d273dSizick 1680f66d273dSizick typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR; 1681f66d273dSizick 1682f66d273dSizick typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { 1683f66d273dSizick CK_MECHANISM_TYPE DigestMechanism; 1684f66d273dSizick CK_WTLS_RANDOM_DATA RandomInfo; 1685f66d273dSizick CK_BYTE_PTR pVersion; 1686f66d273dSizick } CK_WTLS_MASTER_KEY_DERIVE_PARAMS; 1687f66d273dSizick 1688f66d273dSizick typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \ 1689f66d273dSizick CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR; 1690f66d273dSizick 1691f66d273dSizick typedef struct CK_WTLS_PRF_PARAMS { 1692f66d273dSizick CK_MECHANISM_TYPE DigestMechanism; 1693f66d273dSizick CK_BYTE_PTR pSeed; 1694f66d273dSizick CK_ULONG ulSeedLen; 1695f66d273dSizick CK_BYTE_PTR pLabel; 1696f66d273dSizick CK_ULONG ulLabelLen; 1697f66d273dSizick CK_BYTE_PTR pOutput; 1698f66d273dSizick CK_ULONG_PTR pulOutputLen; 1699f66d273dSizick } CK_WTLS_PRF_PARAMS; 1700f66d273dSizick 1701f66d273dSizick typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR; 1702f66d273dSizick 1703f66d273dSizick typedef struct CK_WTLS_KEY_MAT_OUT { 1704f66d273dSizick CK_OBJECT_HANDLE hMacSecret; 1705f66d273dSizick CK_OBJECT_HANDLE hKey; 1706f66d273dSizick CK_BYTE_PTR pIV; 1707f66d273dSizick } CK_WTLS_KEY_MAT_OUT; 1708f66d273dSizick 1709f66d273dSizick typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR; 1710f66d273dSizick 1711f66d273dSizick typedef struct CK_WTLS_KEY_MAT_PARAMS { 1712f66d273dSizick CK_MECHANISM_TYPE DigestMechanism; 1713f66d273dSizick CK_ULONG ulMacSizeInBits; 1714f66d273dSizick CK_ULONG ulKeySizeInBits; 1715f66d273dSizick CK_ULONG ulIVSizeInBits; 1716f66d273dSizick CK_ULONG ulSequenceNumber; 1717f66d273dSizick CK_BBOOL bIsExport; 1718f66d273dSizick CK_WTLS_RANDOM_DATA RandomInfo; 1719f66d273dSizick CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 1720f66d273dSizick } CK_WTLS_KEY_MAT_PARAMS; 1721f66d273dSizick 1722f66d273dSizick typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR; 1723f66d273dSizick 1724f66d273dSizick /* CMS is new for version 2.20 */ 1725f66d273dSizick typedef struct CK_CMS_SIG_PARAMS { 1726f66d273dSizick CK_OBJECT_HANDLE certificateHandle; 1727f66d273dSizick CK_MECHANISM_PTR pSigningMechanism; 1728f66d273dSizick CK_MECHANISM_PTR pDigestMechanism; 1729f66d273dSizick CK_UTF8CHAR_PTR pContentType; 1730f66d273dSizick CK_BYTE_PTR pRequestedAttributes; 1731f66d273dSizick CK_ULONG ulRequestedAttributesLen; 1732f66d273dSizick CK_BYTE_PTR pRequiredAttributes; 1733f66d273dSizick CK_ULONG ulRequiredAttributesLen; 1734f66d273dSizick } CK_CMS_SIG_PARAMS; 1735f66d273dSizick 1736f66d273dSizick typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR; 17377c478bd9Sstevel@tonic-gate 17387c478bd9Sstevel@tonic-gate typedef struct CK_KEY_DERIVATION_STRING_DATA { 17397c478bd9Sstevel@tonic-gate CK_BYTE_PTR pData; 17407c478bd9Sstevel@tonic-gate CK_ULONG ulLen; 17417c478bd9Sstevel@tonic-gate } CK_KEY_DERIVATION_STRING_DATA; 17427c478bd9Sstevel@tonic-gate 17437c478bd9Sstevel@tonic-gate typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ 17447c478bd9Sstevel@tonic-gate CK_KEY_DERIVATION_STRING_DATA_PTR; 17457c478bd9Sstevel@tonic-gate 17467c478bd9Sstevel@tonic-gate 17477c478bd9Sstevel@tonic-gate /* The CK_EXTRACT_PARAMS is used for the 17487c478bd9Sstevel@tonic-gate * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit 17497c478bd9Sstevel@tonic-gate * of the base key should be used as the first bit of the 17507c478bd9Sstevel@tonic-gate * derived key */ 17517c478bd9Sstevel@tonic-gate /* CK_EXTRACT_PARAMS is new for v2.0 */ 17527c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_EXTRACT_PARAMS; 17537c478bd9Sstevel@tonic-gate 17547c478bd9Sstevel@tonic-gate typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; 17557c478bd9Sstevel@tonic-gate 17567c478bd9Sstevel@tonic-gate /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. 17577c478bd9Sstevel@tonic-gate * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to 17587c478bd9Sstevel@tonic-gate * indicate the Pseudo-Random Function (PRF) used to generate 17597c478bd9Sstevel@tonic-gate * key bits using PKCS #5 PBKDF2. */ 17607c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; 17617c478bd9Sstevel@tonic-gate 17627c478bd9Sstevel@tonic-gate typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; 17637c478bd9Sstevel@tonic-gate 17647c478bd9Sstevel@tonic-gate /* The following PRFs are defined in PKCS #5 v2.0. */ 17657c478bd9Sstevel@tonic-gate #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 17667c478bd9Sstevel@tonic-gate 17677c478bd9Sstevel@tonic-gate 17687c478bd9Sstevel@tonic-gate /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. 17697c478bd9Sstevel@tonic-gate * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the 17707c478bd9Sstevel@tonic-gate * source of the salt value when deriving a key using PKCS #5 17717c478bd9Sstevel@tonic-gate * PBKDF2. */ 17727c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; 17737c478bd9Sstevel@tonic-gate 17747c478bd9Sstevel@tonic-gate typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; 17757c478bd9Sstevel@tonic-gate 17767c478bd9Sstevel@tonic-gate /* The following salt value sources are defined in PKCS #5 v2.0. */ 17777c478bd9Sstevel@tonic-gate #define CKZ_SALT_SPECIFIED 0x00000001 17787c478bd9Sstevel@tonic-gate 17797c478bd9Sstevel@tonic-gate /* CK_PKCS5_PBKD2_PARAMS is new for v2.10. 17807c478bd9Sstevel@tonic-gate * CK_PKCS5_PBKD2_PARAMS is a structure that provides the 17817c478bd9Sstevel@tonic-gate * parameters to the CKM_PKCS5_PBKD2 mechanism. */ 17827c478bd9Sstevel@tonic-gate typedef struct CK_PKCS5_PBKD2_PARAMS { 17837c478bd9Sstevel@tonic-gate CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; 17847c478bd9Sstevel@tonic-gate CK_VOID_PTR pSaltSourceData; 17857c478bd9Sstevel@tonic-gate CK_ULONG ulSaltSourceDataLen; 17867c478bd9Sstevel@tonic-gate CK_ULONG iterations; 17877c478bd9Sstevel@tonic-gate CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; 17887c478bd9Sstevel@tonic-gate CK_VOID_PTR pPrfData; 17897c478bd9Sstevel@tonic-gate CK_ULONG ulPrfDataLen; 17907c478bd9Sstevel@tonic-gate CK_UTF8CHAR_PTR pPassword; 17917c478bd9Sstevel@tonic-gate CK_ULONG_PTR ulPasswordLen; 17927c478bd9Sstevel@tonic-gate } CK_PKCS5_PBKD2_PARAMS; 17937c478bd9Sstevel@tonic-gate 17947c478bd9Sstevel@tonic-gate typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; 17957c478bd9Sstevel@tonic-gate 1796*1e9884acSmcpowers /* All CK_OTP structs are new for PKCS #11 v2.20 amendment 3 */ 1797*1e9884acSmcpowers 1798*1e9884acSmcpowers typedef CK_ULONG CK_OTP_PARAM_TYPE; 1799*1e9884acSmcpowers typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* B/w compatibility */ 1800*1e9884acSmcpowers 1801*1e9884acSmcpowers typedef struct CK_OTP_PARAM { 1802*1e9884acSmcpowers CK_OTP_PARAM_TYPE type; 1803*1e9884acSmcpowers CK_VOID_PTR pValue; 1804*1e9884acSmcpowers CK_ULONG ulValueLen; 1805*1e9884acSmcpowers } CK_OTP_PARAM; 1806*1e9884acSmcpowers 1807*1e9884acSmcpowers typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR; 1808*1e9884acSmcpowers 1809*1e9884acSmcpowers typedef struct CK_OTP_PARAMS { 1810*1e9884acSmcpowers CK_OTP_PARAM_PTR pParams; 1811*1e9884acSmcpowers CK_ULONG ulCount; 1812*1e9884acSmcpowers } CK_OTP_PARAMS; 1813*1e9884acSmcpowers 1814*1e9884acSmcpowers typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR; 1815*1e9884acSmcpowers 1816*1e9884acSmcpowers typedef struct CK_OTP_SIGNATURE_INFO { 1817*1e9884acSmcpowers CK_OTP_PARAM_PTR pParams; 1818*1e9884acSmcpowers CK_ULONG ulCount; 1819*1e9884acSmcpowers } CK_OTP_SIGNATURE_INFO; 1820*1e9884acSmcpowers 1821*1e9884acSmcpowers typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR; 1822*1e9884acSmcpowers 1823*1e9884acSmcpowers /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */ 1824*1e9884acSmcpowers #define CK_OTP_VALUE 0 1825*1e9884acSmcpowers #define CK_OTP_PIN 1 1826*1e9884acSmcpowers #define CK_OTP_CHALLENGE 2 1827*1e9884acSmcpowers #define CK_OTP_TIME 3 1828*1e9884acSmcpowers #define CK_OTP_COUNTER 4 1829*1e9884acSmcpowers #define CK_OTP_FLAGS 5 1830*1e9884acSmcpowers #define CK_OTP_OUTPUT_LENGTH 6 1831*1e9884acSmcpowers #define CK_OTP_OUTPUT_FORMAT 7 1832*1e9884acSmcpowers 1833*1e9884acSmcpowers /* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */ 1834*1e9884acSmcpowers #define CKF_NEXT_OTP 0x00000001 1835*1e9884acSmcpowers #define CKF_EXCLUDE_TIME 0x00000002 1836*1e9884acSmcpowers #define CKF_EXCLUDE_COUNTER 0x00000004 1837*1e9884acSmcpowers #define CKF_EXCLUDE_CHALLENGE 0x00000008 1838*1e9884acSmcpowers #define CKF_EXCLUDE_PIN 0x00000010 1839*1e9884acSmcpowers #define CKF_USER_FRIENDLY_OTP 0x00000020 1840*1e9884acSmcpowers 1841*1e9884acSmcpowers /* CK_KIP_PARAMS is new for PKCS #11 v2.20 amendment 2 */ 1842*1e9884acSmcpowers typedef struct CK_KIP_PARAMS { 1843*1e9884acSmcpowers CK_MECHANISM_PTR pMechanism; 1844*1e9884acSmcpowers CK_OBJECT_HANDLE hKey; 1845*1e9884acSmcpowers CK_BYTE_PTR pSeed; 1846*1e9884acSmcpowers CK_ULONG ulSeedLen; 1847*1e9884acSmcpowers } CK_KIP_PARAMS; 1848*1e9884acSmcpowers 1849*1e9884acSmcpowers typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR; 1850*1e9884acSmcpowers 1851*1e9884acSmcpowers /* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 1852*1e9884acSmcpowers typedef struct CK_AES_CTR_PARAMS { 1853*1e9884acSmcpowers CK_ULONG ulCounterBits; 1854*1e9884acSmcpowers CK_BYTE cb[16]; 1855*1e9884acSmcpowers } CK_AES_CTR_PARAMS; 1856*1e9884acSmcpowers 1857*1e9884acSmcpowers typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; 1858*1e9884acSmcpowers 1859*1e9884acSmcpowers /* CK_CAMELLIA_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 1860*1e9884acSmcpowers typedef struct CK_CAMELLIA_CTR_PARAMS { 1861*1e9884acSmcpowers CK_ULONG ulCounterBits; 1862*1e9884acSmcpowers CK_BYTE cb[16]; 1863*1e9884acSmcpowers } CK_CAMELLIA_CTR_PARAMS; 1864*1e9884acSmcpowers 1865*1e9884acSmcpowers typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR; 1866*1e9884acSmcpowers 1867*1e9884acSmcpowers /* CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 1868*1e9884acSmcpowers typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS { 1869*1e9884acSmcpowers CK_BYTE iv[16]; 1870*1e9884acSmcpowers CK_BYTE_PTR pData; 1871*1e9884acSmcpowers CK_ULONG length; 1872*1e9884acSmcpowers } CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; 1873*1e9884acSmcpowers 1874*1e9884acSmcpowers typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; 1875*1e9884acSmcpowers 1876*1e9884acSmcpowers /* CK_ARIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ 1877*1e9884acSmcpowers typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS { 1878*1e9884acSmcpowers CK_BYTE iv[16]; 1879*1e9884acSmcpowers CK_BYTE_PTR pData; 1880*1e9884acSmcpowers CK_ULONG length; 1881*1e9884acSmcpowers } CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; 1882*1e9884acSmcpowers 1883*1e9884acSmcpowers typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; 1884*1e9884acSmcpowers 18857c478bd9Sstevel@tonic-gate #endif 1886