1/* Copyright (c) OASIS Open 2016. All Rights Reserved./
2 * /Distributed under the terms of the OASIS IPR Policy,
3 * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
4 * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
5 * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
6 */
7
8/* Latest version of the specification:
9 * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
10 */
11
12/* This header file contains pretty much everything about all the
13 * Cryptoki function prototypes. Because this information is
14 * used for more than just declaring function prototypes, the
15 * order of the functions appearing herein is important, and
16 * should not be altered.
17 */
18
19/* General-purpose */
20
21/* C_Initialize initializes the Cryptoki library. */
22CK_PKCS11_FUNCTION_INFO(C_Initialize)
23#ifdef CK_NEED_ARG_LIST
24(
25 CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
26 * cast to CK_C_INITIALIZE_ARGS_PTR
27 * and dereferenced
28 */
29);
30#endif
31
32
33/* C_Finalize indicates that an application is done with the
34 * Cryptoki library.
35 */
36CK_PKCS11_FUNCTION_INFO(C_Finalize)
37#ifdef CK_NEED_ARG_LIST
38(
39 CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
40);
41#endif
42
43
44/* C_GetInfo returns general information about Cryptoki. */
45CK_PKCS11_FUNCTION_INFO(C_GetInfo)
46#ifdef CK_NEED_ARG_LIST
47(
48 CK_INFO_PTR pInfo /* location that receives information */
49);
50#endif
51
52
53/* C_GetFunctionList returns the function list. */
54CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
55#ifdef CK_NEED_ARG_LIST
56(
57 CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
58 * function list
59 */
60);
61#endif
62
63
64
65/* Slot and token management */
66
67/* C_GetSlotList obtains a list of slots in the system. */
68CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
69#ifdef CK_NEED_ARG_LIST
70(
71 CK_BBOOL tokenPresent, /* only slots with tokens */
72 CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
73 CK_ULONG_PTR pulCount /* receives number of slots */
74);
75#endif
76
77
78/* C_GetSlotInfo obtains information about a particular slot in
79 * the system.
80 */
81CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
82#ifdef CK_NEED_ARG_LIST
83(
84 CK_SLOT_ID slotID, /* the ID of the slot */
85 CK_SLOT_INFO_PTR pInfo /* receives the slot information */
86);
87#endif
88
89
90/* C_GetTokenInfo obtains information about a particular token
91 * in the system.
92 */
93CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
94#ifdef CK_NEED_ARG_LIST
95(
96 CK_SLOT_ID slotID, /* ID of the token's slot */
97 CK_TOKEN_INFO_PTR pInfo /* receives the token information */
98);
99#endif
100
101
102/* C_GetMechanismList obtains a list of mechanism types
103 * supported by a token.
104 */
105CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
106#ifdef CK_NEED_ARG_LIST
107(
108 CK_SLOT_ID slotID, /* ID of token's slot */
109 CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
110 CK_ULONG_PTR pulCount /* gets # of mechs. */
111);
112#endif
113
114
115/* C_GetMechanismInfo obtains information about a particular
116 * mechanism possibly supported by a token.
117 */
118CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
119#ifdef CK_NEED_ARG_LIST
120(
121 CK_SLOT_ID slotID, /* ID of the token's slot */
122 CK_MECHANISM_TYPE type, /* type of mechanism */
123 CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
124);
125#endif
126
127
128/* C_InitToken initializes a token. */
129CK_PKCS11_FUNCTION_INFO(C_InitToken)
130#ifdef CK_NEED_ARG_LIST
131(
132 CK_SLOT_ID slotID, /* ID of the token's slot */
133 CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
134 CK_ULONG ulPinLen, /* length in bytes of the PIN */
135 CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
136);
137#endif
138
139
140/* C_InitPIN initializes the normal user's PIN. */
141CK_PKCS11_FUNCTION_INFO(C_InitPIN)
142#ifdef CK_NEED_ARG_LIST
143(
144 CK_SESSION_HANDLE hSession, /* the session's handle */
145 CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
146 CK_ULONG ulPinLen /* length in bytes of the PIN */
147);
148#endif
149
150
151/* C_SetPIN modifies the PIN of the user who is logged in. */
152CK_PKCS11_FUNCTION_INFO(C_SetPIN)
153#ifdef CK_NEED_ARG_LIST
154(
155 CK_SESSION_HANDLE hSession, /* the session's handle */
156 CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
157 CK_ULONG ulOldLen, /* length of the old PIN */
158 CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
159 CK_ULONG ulNewLen /* length of the new PIN */
160);
161#endif
162
163
164
165/* Session management */
166
167/* C_OpenSession opens a session between an application and a
168 * token.
169 */
170CK_PKCS11_FUNCTION_INFO(C_OpenSession)
171#ifdef CK_NEED_ARG_LIST
172(
173 CK_SLOT_ID slotID, /* the slot's ID */
174 CK_FLAGS flags, /* from CK_SESSION_INFO */
175 CK_VOID_PTR pApplication, /* passed to callback */
176 CK_NOTIFY Notify, /* callback function */
177 CK_SESSION_HANDLE_PTR phSession /* gets session handle */
178);
179#endif
180
181
182/* C_CloseSession closes a session between an application and a
183 * token.
184 */
185CK_PKCS11_FUNCTION_INFO(C_CloseSession)
186#ifdef CK_NEED_ARG_LIST
187(
188 CK_SESSION_HANDLE hSession /* the session's handle */
189);
190#endif
191
192
193/* C_CloseAllSessions closes all sessions with a token. */
194CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
195#ifdef CK_NEED_ARG_LIST
196(
197 CK_SLOT_ID slotID /* the token's slot */
198);
199#endif
200
201
202/* C_GetSessionInfo obtains information about the session. */
203CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
204#ifdef CK_NEED_ARG_LIST
205(
206 CK_SESSION_HANDLE hSession, /* the session's handle */
207 CK_SESSION_INFO_PTR pInfo /* receives session info */
208);
209#endif
210
211
212/* C_GetOperationState obtains the state of the cryptographic operation
213 * in a session.
214 */
215CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
216#ifdef CK_NEED_ARG_LIST
217(
218 CK_SESSION_HANDLE hSession, /* session's handle */
219 CK_BYTE_PTR pOperationState, /* gets state */
220 CK_ULONG_PTR pulOperationStateLen /* gets state length */
221);
222#endif
223
224
225/* C_SetOperationState restores the state of the cryptographic
226 * operation in a session.
227 */
228CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
229#ifdef CK_NEED_ARG_LIST
230(
231 CK_SESSION_HANDLE hSession, /* session's handle */
232 CK_BYTE_PTR pOperationState, /* holds state */
233 CK_ULONG ulOperationStateLen, /* holds state length */
234 CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
235 CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
236);
237#endif
238
239
240/* C_Login logs a user into a token. */
241CK_PKCS11_FUNCTION_INFO(C_Login)
242#ifdef CK_NEED_ARG_LIST
243(
244 CK_SESSION_HANDLE hSession, /* the session's handle */
245 CK_USER_TYPE userType, /* the user type */
246 CK_UTF8CHAR_PTR pPin, /* the user's PIN */
247 CK_ULONG ulPinLen /* the length of the PIN */
248);
249#endif
250
251
252/* C_Logout logs a user out from a token. */
253CK_PKCS11_FUNCTION_INFO(C_Logout)
254#ifdef CK_NEED_ARG_LIST
255(
256 CK_SESSION_HANDLE hSession /* the session's handle */
257);
258#endif
259
260
261
262/* Object management */
263
264/* C_CreateObject creates a new object. */
265CK_PKCS11_FUNCTION_INFO(C_CreateObject)
266#ifdef CK_NEED_ARG_LIST
267(
268 CK_SESSION_HANDLE hSession, /* the session's handle */
269 CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
270 CK_ULONG ulCount, /* attributes in template */
271 CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
272);
273#endif
274
275
276/* C_CopyObject copies an object, creating a new object for the
277 * copy.
278 */
279CK_PKCS11_FUNCTION_INFO(C_CopyObject)
280#ifdef CK_NEED_ARG_LIST
281(
282 CK_SESSION_HANDLE hSession, /* the session's handle */
283 CK_OBJECT_HANDLE hObject, /* the object's handle */
284 CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
285 CK_ULONG ulCount, /* attributes in template */
286 CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
287);
288#endif
289
290
291/* C_DestroyObject destroys an object. */
292CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
293#ifdef CK_NEED_ARG_LIST
294(
295 CK_SESSION_HANDLE hSession, /* the session's handle */
296 CK_OBJECT_HANDLE hObject /* the object's handle */
297);
298#endif
299
300
301/* C_GetObjectSize gets the size of an object in bytes. */
302CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
303#ifdef CK_NEED_ARG_LIST
304(
305 CK_SESSION_HANDLE hSession, /* the session's handle */
306 CK_OBJECT_HANDLE hObject, /* the object's handle */
307 CK_ULONG_PTR pulSize /* receives size of object */
308);
309#endif
310
311
312/* C_GetAttributeValue obtains the value of one or more object
313 * attributes.
314 */
315CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
316#ifdef CK_NEED_ARG_LIST
317(
318 CK_SESSION_HANDLE hSession, /* the session's handle */
319 CK_OBJECT_HANDLE hObject, /* the object's handle */
320 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
321 CK_ULONG ulCount /* attributes in template */
322);
323#endif
324
325
326/* C_SetAttributeValue modifies the value of one or more object
327 * attributes.
328 */
329CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
330#ifdef CK_NEED_ARG_LIST
331(
332 CK_SESSION_HANDLE hSession, /* the session's handle */
333 CK_OBJECT_HANDLE hObject, /* the object's handle */
334 CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
335 CK_ULONG ulCount /* attributes in template */
336);
337#endif
338
339
340/* C_FindObjectsInit initializes a search for token and session
341 * objects that match a template.
342 */
343CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
344#ifdef CK_NEED_ARG_LIST
345(
346 CK_SESSION_HANDLE hSession, /* the session's handle */
347 CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
348 CK_ULONG ulCount /* attrs in search template */
349);
350#endif
351
352
353/* C_FindObjects continues a search for token and session
354 * objects that match a template, obtaining additional object
355 * handles.
356 */
357CK_PKCS11_FUNCTION_INFO(C_FindObjects)
358#ifdef CK_NEED_ARG_LIST
359(
360 CK_SESSION_HANDLE hSession, /* session's handle */
361 CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
362 CK_ULONG ulMaxObjectCount, /* max handles to get */
363 CK_ULONG_PTR pulObjectCount /* actual # returned */
364);
365#endif
366
367
368/* C_FindObjectsFinal finishes a search for token and session
369 * objects.
370 */
371CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
372#ifdef CK_NEED_ARG_LIST
373(
374 CK_SESSION_HANDLE hSession /* the session's handle */
375);
376#endif
377
378
379
380/* Encryption and decryption */
381
382/* C_EncryptInit initializes an encryption operation. */
383CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
384#ifdef CK_NEED_ARG_LIST
385(
386 CK_SESSION_HANDLE hSession, /* the session's handle */
387 CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
388 CK_OBJECT_HANDLE hKey /* handle of encryption key */
389);
390#endif
391
392
393/* C_Encrypt encrypts single-part data. */
394CK_PKCS11_FUNCTION_INFO(C_Encrypt)
395#ifdef CK_NEED_ARG_LIST
396(
397 CK_SESSION_HANDLE hSession, /* session's handle */
398 CK_BYTE_PTR pData, /* the plaintext data */
399 CK_ULONG ulDataLen, /* bytes of plaintext */
400 CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
401 CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
402);
403#endif
404
405
406/* C_EncryptUpdate continues a multiple-part encryption
407 * operation.
408 */
409CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
410#ifdef CK_NEED_ARG_LIST
411(
412 CK_SESSION_HANDLE hSession, /* session's handle */
413 CK_BYTE_PTR pPart, /* the plaintext data */
414 CK_ULONG ulPartLen, /* plaintext data len */
415 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
416 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
417);
418#endif
419
420
421/* C_EncryptFinal finishes a multiple-part encryption
422 * operation.
423 */
424CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
425#ifdef CK_NEED_ARG_LIST
426(
427 CK_SESSION_HANDLE hSession, /* session handle */
428 CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
429 CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
430);
431#endif
432
433
434/* C_DecryptInit initializes a decryption operation. */
435CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
436#ifdef CK_NEED_ARG_LIST
437(
438 CK_SESSION_HANDLE hSession, /* the session's handle */
439 CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
440 CK_OBJECT_HANDLE hKey /* handle of decryption key */
441);
442#endif
443
444
445/* C_Decrypt decrypts encrypted data in a single part. */
446CK_PKCS11_FUNCTION_INFO(C_Decrypt)
447#ifdef CK_NEED_ARG_LIST
448(
449 CK_SESSION_HANDLE hSession, /* session's handle */
450 CK_BYTE_PTR pEncryptedData, /* ciphertext */
451 CK_ULONG ulEncryptedDataLen, /* ciphertext length */
452 CK_BYTE_PTR pData, /* gets plaintext */
453 CK_ULONG_PTR pulDataLen /* gets p-text size */
454);
455#endif
456
457
458/* C_DecryptUpdate continues a multiple-part decryption
459 * operation.
460 */
461CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
462#ifdef CK_NEED_ARG_LIST
463(
464 CK_SESSION_HANDLE hSession, /* session's handle */
465 CK_BYTE_PTR pEncryptedPart, /* encrypted data */
466 CK_ULONG ulEncryptedPartLen, /* input length */
467 CK_BYTE_PTR pPart, /* gets plaintext */
468 CK_ULONG_PTR pulPartLen /* p-text size */
469);
470#endif
471
472
473/* C_DecryptFinal finishes a multiple-part decryption
474 * operation.
475 */
476CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
477#ifdef CK_NEED_ARG_LIST
478(
479 CK_SESSION_HANDLE hSession, /* the session's handle */
480 CK_BYTE_PTR pLastPart, /* gets plaintext */
481 CK_ULONG_PTR pulLastPartLen /* p-text size */
482);
483#endif
484
485
486
487/* Message digesting */
488
489/* C_DigestInit initializes a message-digesting operation. */
490CK_PKCS11_FUNCTION_INFO(C_DigestInit)
491#ifdef CK_NEED_ARG_LIST
492(
493 CK_SESSION_HANDLE hSession, /* the session's handle */
494 CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
495);
496#endif
497
498
499/* C_Digest digests data in a single part. */
500CK_PKCS11_FUNCTION_INFO(C_Digest)
501#ifdef CK_NEED_ARG_LIST
502(
503 CK_SESSION_HANDLE hSession, /* the session's handle */
504 CK_BYTE_PTR pData, /* data to be digested */
505 CK_ULONG ulDataLen, /* bytes of data to digest */
506 CK_BYTE_PTR pDigest, /* gets the message digest */
507 CK_ULONG_PTR pulDigestLen /* gets digest length */
508);
509#endif
510
511
512/* C_DigestUpdate continues a multiple-part message-digesting
513 * operation.
514 */
515CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
516#ifdef CK_NEED_ARG_LIST
517(
518 CK_SESSION_HANDLE hSession, /* the session's handle */
519 CK_BYTE_PTR pPart, /* data to be digested */
520 CK_ULONG ulPartLen /* bytes of data to be digested */
521);
522#endif
523
524
525/* C_DigestKey continues a multi-part message-digesting
526 * operation, by digesting the value of a secret key as part of
527 * the data already digested.
528 */
529CK_PKCS11_FUNCTION_INFO(C_DigestKey)
530#ifdef CK_NEED_ARG_LIST
531(
532 CK_SESSION_HANDLE hSession, /* the session's handle */
533 CK_OBJECT_HANDLE hKey /* secret key to digest */
534);
535#endif
536
537
538/* C_DigestFinal finishes a multiple-part message-digesting
539 * operation.
540 */
541CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
542#ifdef CK_NEED_ARG_LIST
543(
544 CK_SESSION_HANDLE hSession, /* the session's handle */
545 CK_BYTE_PTR pDigest, /* gets the message digest */
546 CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
547);
548#endif
549
550
551
552/* Signing and MACing */
553
554/* C_SignInit initializes a signature (private key encryption)
555 * operation, where the signature is (will be) an appendix to
556 * the data, and plaintext cannot be recovered from the
557 * signature.
558 */
559CK_PKCS11_FUNCTION_INFO(C_SignInit)
560#ifdef CK_NEED_ARG_LIST
561(
562 CK_SESSION_HANDLE hSession, /* the session's handle */
563 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
564 CK_OBJECT_HANDLE hKey /* handle of signature key */
565);
566#endif
567
568
569/* C_Sign signs (encrypts with private key) data in a single
570 * part, where the signature is (will be) an appendix to the
571 * data, and plaintext cannot be recovered from the signature.
572 */
573CK_PKCS11_FUNCTION_INFO(C_Sign)
574#ifdef CK_NEED_ARG_LIST
575(
576 CK_SESSION_HANDLE hSession, /* the session's handle */
577 CK_BYTE_PTR pData, /* the data to sign */
578 CK_ULONG ulDataLen, /* count of bytes to sign */
579 CK_BYTE_PTR pSignature, /* gets the signature */
580 CK_ULONG_PTR pulSignatureLen /* gets signature length */
581);
582#endif
583
584
585/* C_SignUpdate continues a multiple-part signature operation,
586 * where the signature is (will be) an appendix to the data,
587 * and plaintext cannot be recovered from the signature.
588 */
589CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
590#ifdef CK_NEED_ARG_LIST
591(
592 CK_SESSION_HANDLE hSession, /* the session's handle */
593 CK_BYTE_PTR pPart, /* the data to sign */
594 CK_ULONG ulPartLen /* count of bytes to sign */
595);
596#endif
597
598
599/* C_SignFinal finishes a multiple-part signature operation,
600 * returning the signature.
601 */
602CK_PKCS11_FUNCTION_INFO(C_SignFinal)
603#ifdef CK_NEED_ARG_LIST
604(
605 CK_SESSION_HANDLE hSession, /* the session's handle */
606 CK_BYTE_PTR pSignature, /* gets the signature */
607 CK_ULONG_PTR pulSignatureLen /* gets signature length */
608);
609#endif
610
611
612/* C_SignRecoverInit initializes a signature operation, where
613 * the data can be recovered from the signature.
614 */
615CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
616#ifdef CK_NEED_ARG_LIST
617(
618 CK_SESSION_HANDLE hSession, /* the session's handle */
619 CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
620 CK_OBJECT_HANDLE hKey /* handle of the signature key */
621);
622#endif
623
624
625/* C_SignRecover signs data in a single operation, where the
626 * data can be recovered from the signature.
627 */
628CK_PKCS11_FUNCTION_INFO(C_SignRecover)
629#ifdef CK_NEED_ARG_LIST
630(
631 CK_SESSION_HANDLE hSession, /* the session's handle */
632 CK_BYTE_PTR pData, /* the data to sign */
633 CK_ULONG ulDataLen, /* count of bytes to sign */
634 CK_BYTE_PTR pSignature, /* gets the signature */
635 CK_ULONG_PTR pulSignatureLen /* gets signature length */
636);
637#endif
638
639
640
641/* Verifying signatures and MACs */
642
643/* C_VerifyInit initializes a verification operation, where the
644 * signature is an appendix to the data, and plaintext cannot
645 * cannot be recovered from the signature (e.g. DSA).
646 */
647CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
648#ifdef CK_NEED_ARG_LIST
649(
650 CK_SESSION_HANDLE hSession, /* the session's handle */
651 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
652 CK_OBJECT_HANDLE hKey /* verification key */
653);
654#endif
655
656
657/* C_Verify verifies a signature in a single-part operation,
658 * where the signature is an appendix to the data, and plaintext
659 * cannot be recovered from the signature.
660 */
661CK_PKCS11_FUNCTION_INFO(C_Verify)
662#ifdef CK_NEED_ARG_LIST
663(
664 CK_SESSION_HANDLE hSession, /* the session's handle */
665 CK_BYTE_PTR pData, /* signed data */
666 CK_ULONG ulDataLen, /* length of signed data */
667 CK_BYTE_PTR pSignature, /* signature */
668 CK_ULONG ulSignatureLen /* signature length*/
669);
670#endif
671
672
673/* C_VerifyUpdate continues a multiple-part verification
674 * operation, where the signature is an appendix to the data,
675 * and plaintext cannot be recovered from the signature.
676 */
677CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
678#ifdef CK_NEED_ARG_LIST
679(
680 CK_SESSION_HANDLE hSession, /* the session's handle */
681 CK_BYTE_PTR pPart, /* signed data */
682 CK_ULONG ulPartLen /* length of signed data */
683);
684#endif
685
686
687/* C_VerifyFinal finishes a multiple-part verification
688 * operation, checking the signature.
689 */
690CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
691#ifdef CK_NEED_ARG_LIST
692(
693 CK_SESSION_HANDLE hSession, /* the session's handle */
694 CK_BYTE_PTR pSignature, /* signature to verify */
695 CK_ULONG ulSignatureLen /* signature length */
696);
697#endif
698
699
700/* C_VerifyRecoverInit initializes a signature verification
701 * operation, where the data is recovered from the signature.
702 */
703CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
704#ifdef CK_NEED_ARG_LIST
705(
706 CK_SESSION_HANDLE hSession, /* the session's handle */
707 CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
708 CK_OBJECT_HANDLE hKey /* verification key */
709);
710#endif
711
712
713/* C_VerifyRecover verifies a signature in a single-part
714 * operation, where the data is recovered from the signature.
715 */
716CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
717#ifdef CK_NEED_ARG_LIST
718(
719 CK_SESSION_HANDLE hSession, /* the session's handle */
720 CK_BYTE_PTR pSignature, /* signature to verify */
721 CK_ULONG ulSignatureLen, /* signature length */
722 CK_BYTE_PTR pData, /* gets signed data */
723 CK_ULONG_PTR pulDataLen /* gets signed data len */
724);
725#endif
726
727
728
729/* Dual-function cryptographic operations */
730
731/* C_DigestEncryptUpdate continues a multiple-part digesting
732 * and encryption operation.
733 */
734CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
735#ifdef CK_NEED_ARG_LIST
736(
737 CK_SESSION_HANDLE hSession, /* session's handle */
738 CK_BYTE_PTR pPart, /* the plaintext data */
739 CK_ULONG ulPartLen, /* plaintext length */
740 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
741 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
742);
743#endif
744
745
746/* C_DecryptDigestUpdate continues a multiple-part decryption and
747 * digesting operation.
748 */
749CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
750#ifdef CK_NEED_ARG_LIST
751(
752 CK_SESSION_HANDLE hSession, /* session's handle */
753 CK_BYTE_PTR pEncryptedPart, /* ciphertext */
754 CK_ULONG ulEncryptedPartLen, /* ciphertext length */
755 CK_BYTE_PTR pPart, /* gets plaintext */
756 CK_ULONG_PTR pulPartLen /* gets plaintext len */
757);
758#endif
759
760
761/* C_SignEncryptUpdate continues a multiple-part signing and
762 * encryption operation.
763 */
764CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
765#ifdef CK_NEED_ARG_LIST
766(
767 CK_SESSION_HANDLE hSession, /* session's handle */
768 CK_BYTE_PTR pPart, /* the plaintext data */
769 CK_ULONG ulPartLen, /* plaintext length */
770 CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
771 CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
772);
773#endif
774
775
776/* C_DecryptVerifyUpdate continues a multiple-part decryption and
777 * verify operation.
778 */
779CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
780#ifdef CK_NEED_ARG_LIST
781(
782 CK_SESSION_HANDLE hSession, /* session's handle */
783 CK_BYTE_PTR pEncryptedPart, /* ciphertext */
784 CK_ULONG ulEncryptedPartLen, /* ciphertext length */
785 CK_BYTE_PTR pPart, /* gets plaintext */
786 CK_ULONG_PTR pulPartLen /* gets p-text length */
787);
788#endif
789
790
791
792/* Key management */
793
794/* C_GenerateKey generates a secret key, creating a new key
795 * object.
796 */
797CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
798#ifdef CK_NEED_ARG_LIST
799(
800 CK_SESSION_HANDLE hSession, /* the session's handle */
801 CK_MECHANISM_PTR pMechanism, /* key generation mech. */
802 CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
803 CK_ULONG ulCount, /* # of attrs in template */
804 CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
805);
806#endif
807
808
809/* C_GenerateKeyPair generates a public-key/private-key pair,
810 * creating new key objects.
811 */
812CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
813#ifdef CK_NEED_ARG_LIST
814(
815 CK_SESSION_HANDLE hSession, /* session handle */
816 CK_MECHANISM_PTR pMechanism, /* key-gen mech. */
817 CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */
818 CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */
819 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */
820 CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */
821 CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */
822 CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */
823);
824#endif
825
826
827/* C_WrapKey wraps (i.e., encrypts) a key. */
828CK_PKCS11_FUNCTION_INFO(C_WrapKey)
829#ifdef CK_NEED_ARG_LIST
830(
831 CK_SESSION_HANDLE hSession, /* the session's handle */
832 CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
833 CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
834 CK_OBJECT_HANDLE hKey, /* key to be wrapped */
835 CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
836 CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
837);
838#endif
839
840
841/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
842 * key object.
843 */
844CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
845#ifdef CK_NEED_ARG_LIST
846(
847 CK_SESSION_HANDLE hSession, /* session's handle */
848 CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
849 CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
850 CK_BYTE_PTR pWrappedKey, /* the wrapped key */
851 CK_ULONG ulWrappedKeyLen, /* wrapped key len */
852 CK_ATTRIBUTE_PTR pTemplate, /* new key template */
853 CK_ULONG ulAttributeCount, /* template length */
854 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
855);
856#endif
857
858
859/* C_DeriveKey derives a key from a base key, creating a new key
860 * object.
861 */
862CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
863#ifdef CK_NEED_ARG_LIST
864(
865 CK_SESSION_HANDLE hSession, /* session's handle */
866 CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
867 CK_OBJECT_HANDLE hBaseKey, /* base key */
868 CK_ATTRIBUTE_PTR pTemplate, /* new key template */
869 CK_ULONG ulAttributeCount, /* template length */
870 CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
871);
872#endif
873
874
875
876/* Random number generation */
877
878/* C_SeedRandom mixes additional seed material into the token's
879 * random number generator.
880 */
881CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
882#ifdef CK_NEED_ARG_LIST
883(
884 CK_SESSION_HANDLE hSession, /* the session's handle */
885 CK_BYTE_PTR pSeed, /* the seed material */
886 CK_ULONG ulSeedLen /* length of seed material */
887);
888#endif
889
890
891/* C_GenerateRandom generates random data. */
892CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
893#ifdef CK_NEED_ARG_LIST
894(
895 CK_SESSION_HANDLE hSession, /* the session's handle */
896 CK_BYTE_PTR RandomData, /* receives the random data */
897 CK_ULONG ulRandomLen /* # of bytes to generate */
898);
899#endif
900
901
902
903/* Parallel function management */
904
905/* C_GetFunctionStatus is a legacy function; it obtains an
906 * updated status of a function running in parallel with an
907 * application.
908 */
909CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
910#ifdef CK_NEED_ARG_LIST
911(
912 CK_SESSION_HANDLE hSession /* the session's handle */
913);
914#endif
915
916
917/* C_CancelFunction is a legacy function; it cancels a function
918 * running in parallel.
919 */
920CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
921#ifdef CK_NEED_ARG_LIST
922(
923 CK_SESSION_HANDLE hSession /* the session's handle */
924);
925#endif
926
927
928/* C_WaitForSlotEvent waits for a slot event (token insertion,
929 * removal, etc.) to occur.
930 */
931CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
932#ifdef CK_NEED_ARG_LIST
933(
934 CK_FLAGS flags, /* blocking/nonblocking flag */
935 CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
936 CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
937);
938#endif
939
View as plain text