diff --git a/common/constants.c b/common/constants.c index e2c3cb37..742bd0a2 100644 --- a/common/constants.c +++ b/common/constants.c @@ -59,6 +59,7 @@ const p11_constant p11_constant_types[] = { CT (CKA_TOKEN, "token") CT (CKA_PRIVATE, "private") CT (CKA_LABEL, "label") + CT (CKA_UNIQUE_ID, "unique-id") CT (CKA_APPLICATION, "application") CT (CKA_VALUE, "value") CT (CKA_OBJECT_ID, "object-id") @@ -74,6 +75,7 @@ const p11_constant p11_constant_types[] = { CT (CKA_URL, "url") CT (CKA_HASH_OF_SUBJECT_PUBLIC_KEY, "hash-of-subject-public-key") CT (CKA_HASH_OF_ISSUER_PUBLIC_KEY, "hash-of-issuer-public-key") + CT (CKA_NAME_HASH_ALGORITHM, "name-hash-algorithm") CT (CKA_CHECK_VALUE, "check-value") CT (CKA_KEY_TYPE, "key-type") CT (CKA_SUBJECT, "subject") @@ -123,6 +125,23 @@ const p11_constant p11_constant_types[] = { CT (CKA_AUTH_PIN_FLAGS, "auth-pin-flags") CT (CKA_ALWAYS_AUTHENTICATE, "always-authenticate") CT (CKA_WRAP_WITH_TRUSTED, "wrap-with-trusted") + CT (CKA_OTP_FORMAT, "otp-format") + CT (CKA_OTP_LENGTH, "otp-length") + CT (CKA_OTP_TIME_INTERVAL, "otp-time-interval") + CT (CKA_OTP_USER_FRIENDLY_MODE, "otp-user-friendly-mode") + CT (CKA_OTP_CHALLENGE_REQUIREMENT, "otp-challenge-requirement") + CT (CKA_OTP_TIME_REQUIREMENT, "otp-time-requirement") + CT (CKA_OTP_COUNTER_REQUIREMENT, "otp-counter-requirement") + CT (CKA_OTP_PIN_REQUIREMENT, "otp-pin-requirement") + CT (CKA_OTP_USER_IDENTIFIER, "otp-user-identifier") + CT (CKA_OTP_SERVICE_IDENTIFIER, "otp-service-identifier") + CT (CKA_OTP_SERVICE_LOGO, "otp-service-logo") + CT (CKA_OTP_SERVICE_LOGO_TYPE, "otp-service-logo-type") + CT (CKA_OTP_COUNTER, "otp-counter") + CT (CKA_OTP_TIME, "otp-time") + CT (CKA_GOSTR3410_PARAMS, "gostr3410-params") + CT (CKA_GOSTR3411_PARAMS, "gostr3411-params") + CT (CKA_GOST28147_PARAMS, "gost28147-params") CT (CKA_HW_FEATURE_TYPE, "hw-feature-type") CT (CKA_RESET_ON_INIT, "reset-on-init") CT (CKA_HAS_RESET, "has-reset") @@ -141,8 +160,32 @@ const p11_constant p11_constant_types[] = { CT (CKA_DEFAULT_CMS_ATTRIBUTES, "default-cms-attributes") CT (CKA_SUPPORTED_CMS_ATTRIBUTES, "supported-cms-attributes") CT (CKA_PROFILE_ID, "profile-id") + CT (CKA_X2RATCHET_BAG, "x2ratchet-bag") + CT (CKA_X2RATCHET_BAGSIZE, "x2ratchet-bagsize") + CT (CKA_X2RATCHET_BOBS1STMSG, "x2ratchet-bobs1stmsg") + CT (CKA_X2RATCHET_CKR, "x2ratchet-ckr") + CT (CKA_X2RATCHET_CKS, "x2ratchet-cks") + CT (CKA_X2RATCHET_DHP, "x2ratchet-dhp") + CT (CKA_X2RATCHET_DHR, "x2ratchet-dhr") + CT (CKA_X2RATCHET_DHS, "x2ratchet-dhs") + CT (CKA_X2RATCHET_HKR, "x2ratchet-hkr") + CT (CKA_X2RATCHET_HKS, "x2ratchet-hks") + CT (CKA_X2RATCHET_ISALICE, "x2ratchet-isalice") + CT (CKA_X2RATCHET_NHKR, "x2ratchet-nhkr") + CT (CKA_X2RATCHET_NHKS, "x2ratchet-nhks") + CT (CKA_X2RATCHET_NR, "x2ratchet-nr") + CT (CKA_X2RATCHET_NS, "x2ratchet-ns") + CT (CKA_X2RATCHET_PNS, "x2ratchet-pns") + CT (CKA_X2RATCHET_RK, "x2ratchet-rk") + CT (CKA_HSS_LEVELS, "hss-levels") + CT (CKA_HSS_LMS_TYPE, "hss-lms-type") + CT (CKA_HSS_LMOTS_TYPE, "hss-lmots-type") + CT (CKA_HSS_LMS_TYPES, "hss-lms-types") + CT (CKA_HSS_LMOTS_TYPES, "hss-lmots-types") + CT (CKA_HSS_KEYS_REMAINING, "hss-keys-remaining") CT (CKA_WRAP_TEMPLATE, "wrap-template") CT (CKA_UNWRAP_TEMPLATE, "unwrap-template") + CT (CKA_DERIVE_TEMPLATE, "derive-template") CT (CKA_ALLOWED_MECHANISMS, "allowed-mechanisms") CT (CKA_IBM_OPAQUE, "ibm-opaque") CT (CKA_IBM_RESTRICTABLE, "ibm-restrictable") @@ -273,6 +316,43 @@ const p11_constant p11_constant_keys[] = { CT (CKK_AES, "aes") CT (CKK_BLOWFISH, "blowfish") CT (CKK_TWOFISH, "twofish") + CT (CKK_SECURID, "ckk-securid") + CT (CKK_HOTP, "ckk-hotp") + CT (CKK_ACTI, "ckk-acti") + CT (CKK_CAMELLIA, "camellia") + CT (CKK_ARIA, "aria") + CT (CKK_MD5_HMAC, "ckk-md5-hmac") + CT (CKK_SHA_1_HMAC, "ckk-sha-1-hmac") + CT (CKK_RIPEMD128_HMAC, "ckk-ripemd128-hmac") + CT (CKK_RIPEMD160_HMAC, "ckk-ripemd160-hmac") + CT (CKK_SHA256_HMAC, "ckk-sha256-hmac") + CT (CKK_SHA384_HMAC, "ckk-sha384-hmac") + CT (CKK_SHA512_HMAC, "ckk-sha512-hmac") + CT (CKK_SHA224_HMAC, "ckk-sha224-hmac") + CT (CKK_SEED, "seed") + CT (CKK_GOSTR3410, "ckk-gostr3410") + CT (CKK_GOSTR3411, "ckk-gostr3411") + CT (CKK_GOST28147, "ckk-gost28147") + CT (CKK_CHACHA20, "ckk-chacha20") + CT (CKK_POLY1305, "ckk-poly1305") + CT (CKK_AES_XTS, "ckk-aes-xts") + CT (CKK_SHA3_224_HMAC, "ckk-sha3-224-hmac") + CT (CKK_SHA3_256_HMAC, "ckk-sha3-256-hmac") + CT (CKK_SHA3_384_HMAC, "ckk-sha3-384-hmac") + CT (CKK_SHA3_512_HMAC, "ckk-sha3-512-hmac") + CT (CKK_BLAKE2B_160_HMAC, "ckk-blake2b-160-hmac") + CT (CKK_BLAKE2B_256_HMAC, "ckk-blake2b-256-hmac") + CT (CKK_BLAKE2B_384_HMAC, "ckk-blake2b-384-hmac") + CT (CKK_BLAKE2B_512_HMAC, "ckk-blake2b-512-hmac") + CT (CKK_SALSA20, "ckk-salsa20") + CT (CKK_X2RATCHET, "x2ratchet") + CT (CKK_EC_EDWARDS, "ec-edwards") + CT (CKK_EC_MONTGOMERY, "ec-montgomery") + CT (CKK_HKDF, "hkdf") + CT (CKK_SHA512_224_HMAC, "ckk-sha512-224-hmac") + CT (CKK_SHA512_256_HMAC, "ckk-sha512-256-hmac") + CT (CKK_SHA512_T_HMAC, "ckk-sha512-t-hmac") + CT (CKK_HSS, "ckk-hss") CT (CKK_IBM_PQC_DILITHIUM, "ibm-dilithium") CT (CKK_NSS_PKCS8, "nss-pkcs8") { CKA_INVALID }, @@ -324,6 +404,7 @@ const p11_constant p11_constant_returns[] = { CT (CKR_ATTRIBUTE_SENSITIVE, NULL) CT (CKR_ATTRIBUTE_TYPE_INVALID, NULL) CT (CKR_ATTRIBUTE_VALUE_INVALID, NULL) + CT (CKR_ACTION_PROHIBITED, NULL) CT (CKR_DATA_INVALID, NULL) CT (CKR_DATA_LEN_RANGE, NULL) CT (CKR_DEVICE_ERROR, NULL) @@ -331,6 +412,7 @@ const p11_constant p11_constant_returns[] = { CT (CKR_DEVICE_REMOVED, NULL) CT (CKR_ENCRYPTED_DATA_INVALID, NULL) CT (CKR_ENCRYPTED_DATA_LEN_RANGE, NULL) + CT (CKR_AEAD_DECRYPT_FAILED, NULL) CT (CKR_FUNCTION_CANCELED, NULL) CT (CKR_FUNCTION_NOT_PARALLEL, NULL) CT (CKR_FUNCTION_NOT_SUPPORTED, NULL) @@ -386,6 +468,7 @@ const p11_constant p11_constant_returns[] = { CT (CKR_RANDOM_SEED_NOT_SUPPORTED, NULL) CT (CKR_RANDOM_NO_RNG, NULL) CT (CKR_DOMAIN_PARAMS_INVALID, NULL) + CT (CKR_CURVE_NOT_SUPPORTED, NULL) CT (CKR_BUFFER_TOO_SMALL, NULL) CT (CKR_SAVED_STATE_INVALID, NULL) CT (CKR_INFORMATION_SENSITIVE, NULL) @@ -394,7 +477,17 @@ const p11_constant p11_constant_returns[] = { CT (CKR_CRYPTOKI_ALREADY_INITIALIZED, NULL) CT (CKR_MUTEX_BAD, NULL) CT (CKR_MUTEX_NOT_LOCKED, NULL) + CT (CKR_NEW_PIN_MODE, NULL) + CT (CKR_NEXT_OTP, NULL) + CT (CKR_EXCEEDED_MAX_ITERATIONS, NULL) + CT (CKR_FIPS_SELF_TEST_FAILED, NULL) + CT (CKR_LIBRARY_LOAD_FAILED, NULL) + CT (CKR_PIN_TOO_WEAK, NULL) + CT (CKR_PUBLIC_KEY_INVALID, NULL) CT (CKR_FUNCTION_REJECTED, NULL) + CT (CKR_TOKEN_RESOURCE_EXCEEDED, NULL) + CT (CKR_OPERATION_CANCEL_FAILED, NULL) + CT (CKR_KEY_EXHAUSTED, NULL) { CKA_INVALID }, }; @@ -417,6 +510,14 @@ const p11_constant p11_constant_mechanisms[] = { CT (CKM_DSA_KEY_PAIR_GEN, "dsa-key-pair-gen") CT (CKM_DSA, NULL) /* "dsa" */ CT (CKM_DSA_SHA1, "dsa-sha1") + CT (CKM_DSA_SHA224, "dsa-sha224") + CT (CKM_DSA_SHA256, "dsa-sha256") + CT (CKM_DSA_SHA384, "dsa-sha384") + CT (CKM_DSA_SHA512, "dsa-sha512") + CT (CKM_DSA_SHA3_224, "dsa-sha3-224") + CT (CKM_DSA_SHA3_256, "dsa-sha3-256") + CT (CKM_DSA_SHA3_384, "dsa-sha3-384") + CT (CKM_DSA_SHA3_512, "dsa-sha3-512") CT (CKM_DH_PKCS_KEY_PAIR_GEN, "dh-pkcs-key-pair-gen") CT (CKM_DH_PKCS_DERIVE, "dh-pkcs-derive") CT (CKM_X9_42_DH_KEY_PAIR_GEN, "x9-42-dh-key-pair-gen") @@ -429,6 +530,28 @@ const p11_constant p11_constant_mechanisms[] = { CT (CKM_SHA256_RSA_PKCS_PSS, "sha256-rsa-pkcs-pss") CT (CKM_SHA384_RSA_PKCS_PSS, "sha384-rsa-pkcs-pss") CT (CKM_SHA512_RSA_PKCS_PSS, "sha512-rsa-pkcs-pss") + CT (CKM_SHA224_RSA_PKCS, "sha224-rsa-pkcs") + CT (CKM_SHA224_RSA_PKCS_PSS, "sha224-rsa-pkcs-pss") + CT (CKM_SHA512_224, "sha512-224") + CT (CKM_SHA512_224_HMAC, "sha512-224-hmac") + CT (CKM_SHA512_224_HMAC_GENERAL, "sha512-224-hmac-general") + CT (CKM_SHA512_224_KEY_DERIVATION, "sha512-224-key-derivation") + CT (CKM_SHA512_256, "sha512-256") + CT (CKM_SHA512_256_HMAC, "sha512-256-hmac") + CT (CKM_SHA512_256_HMAC_GENERAL, "sha512-256-hmac-general") + CT (CKM_SHA512_256_KEY_DERIVATION, "sha512-256-key-derivation") + CT (CKM_SHA512_T, "sha512-t") + CT (CKM_SHA512_T_HMAC, "sha512-t-hmac") + CT (CKM_SHA512_T_HMAC_GENERAL, "sha512-t-hmac-general") + CT (CKM_SHA512_T_KEY_DERIVATION, "sha512-t-key-derivation") + CT (CKM_SHA3_256_RSA_PKCS, "sha3-256-rsa-pkcs") + CT (CKM_SHA3_384_RSA_PKCS, "sha3-384-rsa-pkcs") + CT (CKM_SHA3_512_RSA_PKCS, "sha3-512-rsa-pkcs") + CT (CKM_SHA3_256_RSA_PKCS_PSS, "sha3-256-rsa-pkcs-pss") + CT (CKM_SHA3_384_RSA_PKCS_PSS, "sha3-384-rsa-pkcs-pss") + CT (CKM_SHA3_512_RSA_PKCS_PSS, "sha3-512-rsa-pkcs-pss") + CT (CKM_SHA3_224_RSA_PKCS, "sha3-224-rsa-pkcs") + CT (CKM_SHA3_224_RSA_PKCS_PSS, "sha3-224-rsa-pkcs-pss") CT (CKM_RC2_KEY_GEN, "rc2-key-gen") CT (CKM_RC2_ECB, "rc2-ecb") CT (CKM_RC2_CBC, "rc2-cbc") @@ -450,6 +573,8 @@ const p11_constant p11_constant_mechanisms[] = { CT (CKM_DES3_MAC, "des3-mac") CT (CKM_DES3_MAC_GENERAL, "des3-mac-general") CT (CKM_DES3_CBC_PAD, "des3-cbc-pad") + CT (CKM_DES3_CMAC_GENERAL, "des3-cmac-general") + CT (CKM_DES3_CMAC, "des3-cmac") CT (CKM_CDMF_KEY_GEN, "cdmf-key-gen") CT (CKM_CDMF_ECB, "cdmf-ecb") CT (CKM_CDMF_CBC, "cdmf-cbc") @@ -478,12 +603,37 @@ const p11_constant p11_constant_mechanisms[] = { CT (CKM_SHA256, "sha256") CT (CKM_SHA256_HMAC, "sha256-hmac") CT (CKM_SHA256_HMAC_GENERAL, "sha256-hmac-general") + CT (CKM_SHA224, "sha224") + CT (CKM_SHA224_HMAC, "sha224-hmac") + CT (CKM_SHA224_HMAC_GENERAL, "sha224-hmac-general") CT (CKM_SHA384, "sha384") CT (CKM_SHA384_HMAC, "sha384-hmac") CT (CKM_SHA384_HMAC_GENERAL, "sha384-hmac-general") CT (CKM_SHA512, "sha512") CT (CKM_SHA512_HMAC, "sha512-hmac") CT (CKM_SHA512_HMAC_GENERAL, "sha512-hmac-general") + CT (CKM_SECURID_KEY_GEN, "securid-key-gen") + CT (CKM_SECURID, "securid") + CT (CKM_HOTP_KEY_GEN, "hotp-key-gen") + CT (CKM_HOTP, "hotp") + CT (CKM_ACTI, "acti") + CT (CKM_ACTI_KEY_GEN, "acti-key-gen") + CT (CKM_SHA3_256, "sha3-256") + CT (CKM_SHA3_256_HMAC, "sha3-256-hmac") + CT (CKM_SHA3_256_HMAC_GENERAL, "sha3-256-hmac-general") + CT (CKM_SHA3_256_KEY_GEN, "sha3-256-key-gen") + CT (CKM_SHA3_224, "sha3-224") + CT (CKM_SHA3_224_HMAC, "sha3-224-hmac") + CT (CKM_SHA3_224_HMAC_GENERAL, "sha3-224-hmac-general") + CT (CKM_SHA3_224_KEY_GEN, "sha3-224-key-gen") + CT (CKM_SHA3_384, "sha3-384") + CT (CKM_SHA3_384_HMAC, "sha3-384-hmac") + CT (CKM_SHA3_384_HMAC_GENERAL, "sha3-384-hmac-general") + CT (CKM_SHA3_384_KEY_GEN, "sha3-384-key-gen") + CT (CKM_SHA3_512, "sha3-512") + CT (CKM_SHA3_512_HMAC, "sha3-512-hmac") + CT (CKM_SHA3_512_HMAC_GENERAL, "sha3-512-hmac-general") + CT (CKM_SHA3_512_KEY_GEN, "sha3-512-key-gen") CT (CKM_CAST_KEY_GEN, "cast-key-gen") CT (CKM_CAST_ECB, "cast-ecb") CT (CKM_CAST_CBC, "cast-cbc") @@ -543,6 +693,19 @@ const p11_constant p11_constant_mechanisms[] = { CT (CKM_SHA256_KEY_DERIVATION, "sha256-key-derivation") CT (CKM_SHA384_KEY_DERIVATION, "sha384-key-derivation") CT (CKM_SHA512_KEY_DERIVATION, "sha512-key-derivation") + CT (CKM_SHA224_KEY_DERIVATION, "sha224-key-derivation") + /* CT (CKM_SHA3_256_KEY_DERIVATION) */ + CT (CKM_SHA3_256_KEY_DERIVE, "sha3-256-key-derive") + /* CT (CKM_SHA3_224_KEY_DERIVATION) */ + CT (CKM_SHA3_224_KEY_DERIVE, "sha3-224-key-derive") + /* CT (CKM_SHA3_384_KEY_DERIVATION) */ + CT (CKM_SHA3_384_KEY_DERIVE, "sha3-384-key-derive") + /* CT (CKM_SHA3_512_KEY_DERIVATION) */ + CT (CKM_SHA3_512_KEY_DERIVE, "sha3-512-key-derive") + /* CT (CKM_SHAKE_128_KEY_DERIVATION) */ + CT (CKM_SHAKE_128_KEY_DERIVE, "shake-128-key-derive") + /* CT (CKM_SHAKE_256_KEY_DERIVATION) */ + CT (CKM_SHAKE_256_KEY_DERIVE, "shake-256-key-derive") CT (CKM_PBE_MD2_DES_CBC, "pbe-md2-des-cbc") CT (CKM_PBE_MD5_DES_CBC, "pbe-md5-des-cbc") CT (CKM_PBE_MD5_CAST_CBC, "pbe-md5-cast-cbc") @@ -557,6 +720,9 @@ const p11_constant p11_constant_mechanisms[] = { CT (CKM_PBE_SHA1_DES2_EDE_CBC, "pbe-sha1-des2-ede-cbc") CT (CKM_PBE_SHA1_RC2_128_CBC, "pbe-sha1-rc2-128-cbc") CT (CKM_PBE_SHA1_RC2_40_CBC, "pbe-sha1-rc2-40-cbc") + CT (CKM_SP800_108_COUNTER_KDF, "sp800-108-counter-kdf") + CT (CKM_SP800_108_FEEDBACK_KDF, "sp800-108-feedback-kdf") + CT (CKM_SP800_108_DOUBLE_PIPELINE_KDF, "sp800-108-double-pipeline-kdf") CT (CKM_PKCS5_PBKD2, "pkcs5-pbkd2") CT (CKM_PBA_SHA1_WITH_SHA1_HMAC, "pba-sha1-with-sha1-hmac") CT (CKM_WTLS_PRE_MASTER_KEY_GEN, "wtls-pre-master-key-gen") @@ -565,9 +731,47 @@ const p11_constant p11_constant_mechanisms[] = { CT (CKM_WTLS_PRF, "wtls-prf") CT (CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE, "wtls-server-key-and-mac-derive") CT (CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE, "wtls-client-key-and-mac-derive") + CT (CKM_TLS10_MAC_SERVER, "tls10-mac-server") + CT (CKM_TLS10_MAC_CLIENT, "tls10-mac-client") + CT (CKM_TLS12_MAC, "tls12-mac") + CT (CKM_TLS12_KDF, "tls12-kdf") + CT (CKM_TLS12_MASTER_KEY_DERIVE, "tls12-master-key-derive") + CT (CKM_TLS12_KEY_AND_MAC_DERIVE, "tls12-key-and-mac-derive") + CT (CKM_TLS12_MASTER_KEY_DERIVE_DH, "tls12-master-key-derive-dh") + CT (CKM_TLS12_KEY_SAFE_DERIVE, "tls12-key-safe-derive") + CT (CKM_TLS_MAC, "tls-mac") + CT (CKM_TLS_KDF, "tls-kdf") CT (CKM_KEY_WRAP_LYNKS, "key-wrap-lynks") CT (CKM_KEY_WRAP_SET_OAEP, "key-wrap-set-oaep") CT (CKM_CMS_SIG, "cms-sig") + CT (CKM_KIP_DERIVE, "kip-derive") + CT (CKM_KIP_WRAP, "kip-wrap") + CT (CKM_KIP_MAC, "kip-mac") + CT (CKM_CAMELLIA_KEY_GEN, "camellia-key-gen") + CT (CKM_CAMELLIA_ECB, "camellia-ecb") + CT (CKM_CAMELLIA_CBC, "camellia-cbc") + CT (CKM_CAMELLIA_MAC, "camellia-mac") + CT (CKM_CAMELLIA_MAC_GENERAL, "camellia-mac-general") + CT (CKM_CAMELLIA_CBC_PAD, "camellia-cbc-pad") + CT (CKM_CAMELLIA_ECB_ENCRYPT_DATA, "camellia-ecb-encrypt-data") + CT (CKM_CAMELLIA_CBC_ENCRYPT_DATA, "camellia-cbc-encrypt-data") + CT (CKM_CAMELLIA_CTR, "camellia-ctr") + CT (CKM_ARIA_KEY_GEN, "aria-key-gen") + CT (CKM_ARIA_ECB, "aria-ecb") + CT (CKM_ARIA_CBC, "aria-cbc") + CT (CKM_ARIA_MAC, "aria-mac") + CT (CKM_ARIA_MAC_GENERAL, "aria-mac-general") + CT (CKM_ARIA_CBC_PAD, "aria-cbc-pad") + CT (CKM_ARIA_ECB_ENCRYPT_DATA, "aria-ecb-encrypt-data") + CT (CKM_ARIA_CBC_ENCRYPT_DATA, "aria-cbc-encrypt-data") + CT (CKM_SEED_KEY_GEN, "seed-key-gen") + CT (CKM_SEED_ECB, "seed-ecb") + CT (CKM_SEED_CBC, "seed-cbc") + CT (CKM_SEED_MAC, "seed-mac") + CT (CKM_SEED_MAC_GENERAL, "seed-mac-general") + CT (CKM_SEED_CBC_PAD, "seed-cbc-pad") + CT (CKM_SEED_ECB_ENCRYPT_DATA, "seed-ecb-encrypt-data") + CT (CKM_SEED_CBC_ENCRYPT_DATA, "seed-cbc-encrypt-data") CT (CKM_SKIPJACK_KEY_GEN, "skipjack-key-gen") CT (CKM_SKIPJACK_ECB64, "skipjack-ecb64") CT (CKM_SKIPJACK_CBC64, "skipjack-cbc64") @@ -593,9 +797,22 @@ const p11_constant p11_constant_mechanisms[] = { /* CT (CKM_EC_KEY_PAIR_GEN) */ CT (CKM_ECDSA, "ecdsa") CT (CKM_ECDSA_SHA1, "ecdsa-sha1") + CT (CKM_ECDSA_SHA224, "ecdsa-sha224") + CT (CKM_ECDSA_SHA256, "ecdsa-sha256") + CT (CKM_ECDSA_SHA384, "ecdsa-sha384") + CT (CKM_ECDSA_SHA512, "ecdsa-sha512") + CT (CKM_ECDSA_SHA3_224, "ecdsa-sha3-224") + CT (CKM_ECDSA_SHA3_256, "ecdsa-sha3-256") + CT (CKM_ECDSA_SHA3_384, "ecdsa-sha3-384") + CT (CKM_ECDSA_SHA3_512, "ecdsa-sha3-512") CT (CKM_ECDH1_DERIVE, "ecdh1-derive") CT (CKM_ECDH1_COFACTOR_DERIVE, "ecdh1-cofactor-derive") CT (CKM_ECMQV_DERIVE, "ecmqv-derive") + CT (CKM_ECDH_AES_KEY_WRAP, "ecdh-aes-key-wrap") + CT (CKM_RSA_AES_KEY_WRAP, "rsa-aes-key-wrap") + CT (CKM_EC_EDWARDS_KEY_PAIR_GEN, "ec-edwards-key-pair-gen") + CT (CKM_EC_MONTGOMERY_KEY_PAIR_GEN, "ec-montgomery-key-pair-gen") + CT (CKM_EDDSA, "eddsa") CT (CKM_JUNIPER_KEY_GEN, "juniper-key-gen") CT (CKM_JUNIPER_ECB128, "juniper-ecb128") CT (CKM_JUNIPER_CBC128, "juniper-cbc128") @@ -603,25 +820,119 @@ const p11_constant p11_constant_mechanisms[] = { CT (CKM_JUNIPER_SHUFFLE, "juniper-shuffle") CT (CKM_JUNIPER_WRAP, "juniper-wrap") CT (CKM_FASTHASH, "fasthash") + CT (CKM_AES_XTS, "aes-xts") + CT (CKM_AES_XTS_KEY_GEN, "aes-xts-key-gen") CT (CKM_AES_KEY_GEN, "aes-key-gen") CT (CKM_AES_ECB, "aes-ecb") CT (CKM_AES_CBC, "aes-cbc") CT (CKM_AES_MAC, "aes-mac") CT (CKM_AES_MAC_GENERAL, "aes-mac-general") CT (CKM_AES_CBC_PAD, "aes-cbc-pad") + CT (CKM_AES_CTR, "aes-ctr") + CT (CKM_AES_GCM, "aes-gcm") + CT (CKM_AES_CCM, "aes-ccm") + CT (CKM_AES_CTS, "aes-cts") + CT (CKM_AES_CMAC, "aes-cmac") + CT (CKM_AES_CMAC_GENERAL, "aes-cmac-general") + CT (CKM_AES_XCBC_MAC, "aes-xcbc-mac") + CT (CKM_AES_XCBC_MAC_96, "aes-xcbc-mac-96") + CT (CKM_AES_GMAC, "aes-gmac") CT (CKM_BLOWFISH_KEY_GEN, "blowfish-key-gen") CT (CKM_BLOWFISH_CBC, "blowfish-cbc") CT (CKM_TWOFISH_KEY_GEN, "twofish-key-gen") CT (CKM_TWOFISH_CBC, "twofish-cbc") + CT (CKM_BLOWFISH_CBC_PAD, "blowfish-cbc-pad") + CT (CKM_TWOFISH_CBC_PAD, "twofish-cbc-pad") CT (CKM_DES_ECB_ENCRYPT_DATA, "des-ecb-encrypt-data") CT (CKM_DES_CBC_ENCRYPT_DATA, "des-cbc-encrypt-data") CT (CKM_DES3_ECB_ENCRYPT_DATA, "des3-ecb-encrypt-data") CT (CKM_DES3_CBC_ENCRYPT_DATA, "des3-cbc-encrypt-data") CT (CKM_AES_ECB_ENCRYPT_DATA, "aes-ecb-encrypt-data") CT (CKM_AES_CBC_ENCRYPT_DATA, "aes-cbc-encrypt-data") + CT (CKM_GOSTR3410_KEY_PAIR_GEN, "gostr3410-key-pair-gen") + CT (CKM_GOSTR3410, "gostr3410") + CT (CKM_GOSTR3410_WITH_GOSTR3411, "gostr3410-with-gostr3411") + CT (CKM_GOSTR3410_KEY_WRAP, "gostr3410-key-wrap") + CT (CKM_GOSTR3410_DERIVE, "gostr3410-derive") + CT (CKM_GOSTR3411, "gostr3411") + CT (CKM_GOSTR3411_HMAC, "gostr3411-hmac") + CT (CKM_GOST28147_KEY_GEN, "gost28147-key-gen") + CT (CKM_GOST28147_ECB, "gost28147-ecb") + CT (CKM_GOST28147, "gost28147") + CT (CKM_GOST28147_MAC, "gost28147-mac") + CT (CKM_GOST28147_KEY_WRAP, "gost28147-key-wrap") + CT (CKM_CHACHA20_KEY_GEN, "chacha20-key-gen") + CT (CKM_CHACHA20, "chacha20") + CT (CKM_POLY1305_KEY_GEN, "poly1305-key-gen") + CT (CKM_POLY1305, "poly1305") + CT (CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS, "ec-key-pair-gen-w-extra-bits") CT (CKM_DSA_PARAMETER_GEN, "dsa-parameter-gen") CT (CKM_DH_PKCS_PARAMETER_GEN, "dh-pkcs-parameter-gen") CT (CKM_X9_42_DH_PARAMETER_GEN, "x9-42-dh-parameter-gen") + /* CT (CKM_DSA_PROBABLISTIC_PARAMETER_GEN) */ + CT (CKM_DSA_PROBABILISTIC_PARAMETER_GEN, "dsa-probabilistic-parameter-gen") + CT (CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN, "dsa-shawe-taylor-parameter-gen") + CT (CKM_DSA_FIPS_G_GEN, "dsa-fips-g-gen") + CT (CKM_AES_OFB, "aes-ofb") + CT (CKM_AES_CFB64, "aes-cfb64") + CT (CKM_AES_CFB8, "aes-cfb8") + CT (CKM_AES_CFB128, "aes-cfb128") + CT (CKM_AES_CFB1, "aes-cfb1") + CT (CKM_AES_KEY_WRAP, "aes-key-wrap") + CT (CKM_AES_KEY_WRAP_PAD, "aes-key-wrap-pad") + CT (CKM_AES_KEY_WRAP_KWP, "aes-key-wrap-kwp") + CT (CKM_AES_KEY_WRAP_PKCS7, "aes-key-wrap-pkcs7") + CT (CKM_RSA_PKCS_TPM_1_1, "rsa-pkcs-tpm-1-1") + CT (CKM_RSA_PKCS_OAEP_TPM_1_1, "rsa-pkcs-oaep-tpm-1-1") + CT (CKM_SHA_1_KEY_GEN, "sha-1-key-gen") + CT (CKM_SHA224_KEY_GEN, "sha224-key-gen") + CT (CKM_SHA256_KEY_GEN, "sha256-key-gen") + CT (CKM_SHA384_KEY_GEN, "sha384-key-gen") + CT (CKM_SHA512_KEY_GEN, "sha512-key-gen") + CT (CKM_SHA512_224_KEY_GEN, "sha512-224-key-gen") + CT (CKM_SHA512_256_KEY_GEN, "sha512-256-key-gen") + CT (CKM_SHA512_T_KEY_GEN, "sha512-t-key-gen") + CT (CKM_NULL, "null") + CT (CKM_BLAKE2B_160, "blake2b-160") + CT (CKM_BLAKE2B_160_HMAC, "blake2b-160-hmac") + CT (CKM_BLAKE2B_160_HMAC_GENERAL, "blake2b-160-hmac-general") + CT (CKM_BLAKE2B_160_KEY_DERIVE, "blake2b-160-key-derive") + CT (CKM_BLAKE2B_160_KEY_GEN, "blake2b-160-key-gen") + CT (CKM_BLAKE2B_256, "blake2b-256") + CT (CKM_BLAKE2B_256_HMAC, "blake2b-256-hmac") + CT (CKM_BLAKE2B_256_HMAC_GENERAL, "blake2b-256-hmac-general") + CT (CKM_BLAKE2B_256_KEY_DERIVE, "blake2b-256-key-derive") + CT (CKM_BLAKE2B_256_KEY_GEN, "blake2b-256-key-gen") + CT (CKM_BLAKE2B_384, "blake2b-384") + CT (CKM_BLAKE2B_384_HMAC, "blake2b-384-hmac") + CT (CKM_BLAKE2B_384_HMAC_GENERAL, "blake2b-384-hmac-general") + CT (CKM_BLAKE2B_384_KEY_DERIVE, "blake2b-384-key-derive") + CT (CKM_BLAKE2B_384_KEY_GEN, "blake2b-384-key-gen") + CT (CKM_BLAKE2B_512, "blake2b-512") + CT (CKM_BLAKE2B_512_HMAC, "blake2b-512-hmac") + CT (CKM_BLAKE2B_512_HMAC_GENERAL, "blake2b-512-hmac-general") + CT (CKM_BLAKE2B_512_KEY_DERIVE, "blake2b-512-key-derive") + CT (CKM_BLAKE2B_512_KEY_GEN, "blake2b-512-key-gen") + CT (CKM_SALSA20, "salsa20") + CT (CKM_CHACHA20_POLY1305, "chacha20-poly1305") + CT (CKM_SALSA20_POLY1305, "salsa20-poly1305") + CT (CKM_X3DH_INITIALIZE, "x3dh-initialize") + CT (CKM_X3DH_RESPOND, "x3dh-respond") + CT (CKM_X2RATCHET_INITIALIZE, "x2ratchet-initialize") + CT (CKM_X2RATCHET_RESPOND, "x2ratchet-respond") + CT (CKM_X2RATCHET_ENCRYPT, "x2ratchet-encrypt") + CT (CKM_X2RATCHET_DECRYPT, "x2ratchet-decrypt") + CT (CKM_XEDDSA, "xeddsa") + CT (CKM_HKDF_DERIVE, "hkdf-derive") + CT (CKM_HKDF_DATA, "hkdf-data") + CT (CKM_HKDF_KEY_GEN, "hkdf-key-gen") + CT (CKM_SALSA20_KEY_GEN, "salsa20-key-gen") + CT (CKM_IKE2_PRF_PLUS_DERIVE, "ike2-prf-plus-derive") + CT (CKM_IKE_PRF_DERIVE, "ike-prf-derive") + CT (CKM_IKE1_PRF_DERIVE, "ike1-prf-derive") + CT (CKM_IKE1_EXTENDED_DERIVE, "ike1-extended-derive") + CT (CKM_HSS_KEY_PAIR_GEN, "hss-key-pair-gen") + CT (CKM_HSS, "hss") CT (CKM_IBM_SHA3_224, "ibm-sha3-224") CT (CKM_IBM_SHA3_256, "ibm-sha3-256") CT (CKM_IBM_SHA3_384, "ibm-sha3-384") @@ -649,10 +960,13 @@ const p11_constant p11_constant_hw_features[] = { }; const p11_constant p11_constant_profiles[] = { + CT (CKP_INVALID_ID, "invalid-id") CT (CKP_BASELINE_PROVIDER, "baseline-provider") CT (CKP_EXTENDED_PROVIDER, "extended-provider") CT (CKP_AUTHENTICATION_TOKEN, "authentication-token") CT (CKP_PUBLIC_CERTIFICATES_TOKEN, "public-certificates-token") + CT (CKP_COMPLETE_PROVIDER, "complete-provider") + CT (CKP_HKDF_TLS_TOKEN, "hkdf-tls-token") CT (CKP_VENDOR_DEFINED, "vendor-defined") { CKA_INVALID }, }; diff --git a/common/pkcs11.h b/common/pkcs11.h index 9510148a..8710dc04 100644 --- a/common/pkcs11.h +++ b/common/pkcs11.h @@ -1,7 +1,7 @@ /* pkcs11.h Copyright 2006, 2007 g10 Code GmbH Copyright 2006 Andreas Jellinghaus - Copyright 2017, 2021-2023 Red Hat, Inc. + Copyright 2017, 2021-2025 Red Hat, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without @@ -61,12 +61,12 @@ extern "C" { /* The version of cryptoki we implement. The revision is changed with each modification of this file. */ -#define CRYPTOKI_VERSION_MAJOR 3 -#define CRYPTOKI_VERSION_MINOR 0 -#define CRYPTOKI_VERSION_REVISION 0 -#define CRYPTOKI_LEGACY_VERSION_MAJOR 2 -#define CRYPTOKI_LEGACY_VERSION_MINOR 40 -#define P11_KIT_CRYPTOKI_VERSION_REVISION 0 +#define CRYPTOKI_VERSION_MAJOR 3 +#define CRYPTOKI_VERSION_MINOR 1 +#define CRYPTOKI_VERSION_REVISION 0 +#define CRYPTOKI_LEGACY_VERSION_MAJOR 2 +#define CRYPTOKI_LEGACY_VERSION_MINOR 40 +#define P11_KIT_CRYPTOKI_VERSION_REVISION 0 /* Compatibility interface is default, unless CRYPTOKI_GNU is @@ -104,6 +104,10 @@ extern "C" { #define ck_flags_t CK_FLAGS #define ck_version _CK_VERSION +#define templ pTemplate +#define attribute_count ulAttributeCount +#define key_ptr phKey + #define ck_info _CK_INFO #define cryptoki_version cryptokiVersion #define manufacturer_id manufacturerID @@ -144,8 +148,28 @@ extern "C" { #define ck_object_class_t CK_OBJECT_CLASS #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE #define ck_key_type_t CK_KEY_TYPE +#define ck_certificate_category_t CK_CERTIFICATE_CATEGORY #define ck_certificate_type_t CK_CERTIFICATE_TYPE #define ck_attribute_type_t CK_ATTRIBUTE_TYPE +#define ck_ec_kdf_type_t CK_EC_KDF_TYPE +#define ck_extract_params_t CK_EXTRACT_PARAMS +#define ck_java_midp_security_domain_t CK_JAVA_MIDP_SECURITY_DOMAIN +#define ck_mac_general_params_t CK_MAC_GENERAL_PARAMS +#define ck_otp_param_type_t CK_OTP_PARAM_TYPE +#define ck_pkcs5_pbkd2_pseudo_random_function_type_t CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE +#define ck_pkcs5_pbkdf2_salt_source_type_t CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE +#define ck_prf_data_type_t CK_PRF_DATA_TYPE +#define ck_profile_id_t CK_PROFILE_ID +#define ck_rc2_params_t CK_RC2_PARAMS +#define ck_sp800_108_dkm_length_method_t CK_SP800_108_DKM_LENGTH_METHOD +#define ck_x2ratchet_kdf_type_t CK_X2RATCHET_KDF_TYPE +#define ck_x3dh_kdf_type_t CK_X3DH_KDF_TYPE +#define ck_x9_42_dh_kdf_type_t CK_X9_42_DH_KDF_TYPE +#define ck_xeddsa_hash_type_t CK_XEDDSA_HASH_TYPE +#define ck_sp800_108_prf_type_t CK_SP800_108_PRF_TYPE +#define ck_hss_levels_t CK_HSS_LEVELS +#define ck_lms_type_t CK_LMS_TYPE +#define ck_lmots_type_t CK_LMOTS_TYPE #define ck_attribute _CK_ATTRIBUTE #define value pValue @@ -216,20 +240,1216 @@ extern "C" { #define block_counter_bits blockCounterBits #define nonce_ptr pNonce #define nonce_bits ulNonceBits +#define nonce_fixed_bits ulNonceFixedBits +#define nonce_len ulNonceLen +#define nonce_generator nonceGenerator #define shared_data_len ulSharedDataLen #define shared_data pSharedData #define public_data_len ulPublicDataLen #define public_data pPublicData +#define public_data_len2 ulPublicDataLen2 +#define public_data2 pPublicData2 +#define private_data_len ulPrivateDataLen +#define private_data hPrivateData #define string_data pData #define string_data_len ulLen #define data_params pData +#define data_len ulDataLen +#define mac_ptr pMac +#define mac_len ulMACLen +#define certificate_handle certificateHandle +#define signing_mechanism pSigningMechanism +#define digest_mechanism pDigestMechanism +#define content_type pContentType +#define requested_attributes pRequestedAttributes +#define requested_attributes_len ulRequestedAttributesLen +#define required_attributes pRequiredAttributes +#define required_attributes_len ulRequiredAttributesLen +#define seed_ptr pSeed +#define seed_len ulSeedLen +#define index ulIndex +#define aes_key_bits ulAESKeyBits +#define public_key publicKey +#define flag phFlag +#define context_data_len ulContextDataLen +#define context_data pContextData +#define wrap_oid pWrapOID +#define wrap_oid_len ulWrapOIDLen +#define ukm_ptr pUKM +#define ukm_len ulUKMLen +#define key hKey +#define extract bExtract +#define expand bExpand +#define prf_hash_mechanism prfHashMechanism +#define salt_type ulSaltType +#define salt_ptr pSalt +#define salt_len ulSaltLen +#define salt_key hSaltKey +#define info pInfo +#define info_len ulInfoLen +#define is_sender isSender +#define random_len ulRandomLen +#define random_a RandomA +#define random_b RandomB +#define bc bBC +#define x_ptr pX +#define x_len ulXLen +#define mechanism_ptr pMechanism +#define init_vector pInitVector +#define password_ptr pPassword +#define password_len ulPasswordLen +#define iteration ulIteration +#define salt_source saltSource +#define salt_source_data pSaltSourceData +#define salt_source_data_len ulSaltSourceDataLen +#define prf_data pPrfData +#define prf_data_len ulPrfDataLen +#define effective_bits ulEffectiveBits +#define mac_length ulMacLength +#define word_size ulWordsize +#define rounds ulRounds +#define oaep_params pOAEPParams +#define p_and_g_len ulPAndGLen +#define q_len ulQLen +#define random_a_ptr pRandomA +#define prime_p pPrimeP +#define base_g pBaseG +#define subprime_q pSubprimeQ +#define old_wrapped_x_len ulOldWrappedXLen +#define old_wrapped_x pOldWrappedX +#define old_password_len ulOldPasswordLen +#define old_password pOldPassword +#define old_public_data_len ulOldPublicDataLen +#define old_public_data pOldPublicData +#define old_random_len ulOldRandomLen +#define old_random_a pOldRandomA +#define new_password_len ulNewPasswordLen +#define new_password pNewPassword +#define new_public_data_len ulNewPublicDataLen +#define new_public_data pNewPublicData +#define new_random_len ulNewRandomLen +#define new_random_a pNewRandomA +#define little_endian bLittleEndian +#define width_in_bits ulWidthInBits +#define dkm_length_method dkmLengthMethod +#define prf_type prfType +#define number_of_data_params ulNumberOfDataParams +#define data_params_ptr pDataParams +#define additional_derived_keys_len ulAdditionalDerivedKeys +#define additional_derived_keys pAdditionalDerivedKeys +#define encrypted_header bEncryptedHeader +#define curve eCurve +#define aead_mechanism aeadMechanism +#define kdf_mechanism kdfMechanism +#define peer_identity pPeer_identity +#define peer_prekey pPeer_prekey +#define prekey_signature pPrekey_signature +#define onetime_key pOnetime_key +#define own_identity pOwn_identity +#define own_ephemeral pOwn_ephemeral +#define identity_id pIdentity_id +#define prekey_id pPrekey_id +#define onetime_id pOnetime_id +#define initiator_identity pInitiator_identity +#define initiator_ephemeral pInitiator_ephemeral +#define other_info_len ulOtherInfoLen +#define other_info pOtherInfo +#define prf_mechanism prfMechanism +#define data_as_key bDataAsKey +#define rekey bRekey +#define ni_ptr pNi +#define ni_len ulNiLen +#define nr_ptr pNr +#define nr_len ulNrLen +#define new_key hNewKey +#define has_key_gxy bHasKeygxy +#define key_gxy hKeygxy +#define extra_data pExtraData +#define extra_data_len ulExtraDataLen +#define has_prev_key bHasPrevKey +#define prev_key hPrevKey +#define cky_i_ptr pCKYi +#define cky_i_len ulCKYiLen +#define cky_r_ptr pCKYr +#define cky_r_len ulCKYrLen +#define key_number keyNumber +#define has_seed_key bHasSeedKey +#define seed_key hSeedKey +#define seed_data pSeedData +#define seed_data_len ulSeedDataLen +#endif /* CRYPTOKI_COMPAT */ + + + +/* CK_ATTRIBUTE_TYPE */ +#define CKA_CLASS (0UL) +#define CKA_TOKEN (1UL) +#define CKA_PRIVATE (2UL) +#define CKA_LABEL (3UL) +#define CKA_UNIQUE_ID (4UL) +#define CKA_APPLICATION (0x10UL) +#define CKA_VALUE (0x11UL) +#define CKA_OBJECT_ID (0x12UL) +#define CKA_CERTIFICATE_TYPE (0x80UL) +#define CKA_ISSUER (0x81UL) +#define CKA_SERIAL_NUMBER (0x82UL) +#define CKA_AC_ISSUER (0x83UL) +#define CKA_OWNER (0x84UL) +#define CKA_ATTR_TYPES (0x85UL) +#define CKA_TRUSTED (0x86UL) +#define CKA_CERTIFICATE_CATEGORY (0x87UL) +#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) +#define CKA_URL (0x89UL) +#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) +#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) +#define CKA_NAME_HASH_ALGORITHM (0x8cUL) +#define CKA_CHECK_VALUE (0x90UL) +#define CKA_KEY_TYPE (0x100UL) +#define CKA_SUBJECT (0x101UL) +#define CKA_ID (0x102UL) +#define CKA_SENSITIVE (0x103UL) +#define CKA_ENCRYPT (0x104UL) +#define CKA_DECRYPT (0x105UL) +#define CKA_WRAP (0x106UL) +#define CKA_UNWRAP (0x107UL) +#define CKA_SIGN (0x108UL) +#define CKA_SIGN_RECOVER (0x109UL) +#define CKA_VERIFY (0x10aUL) +#define CKA_VERIFY_RECOVER (0x10bUL) +#define CKA_DERIVE (0x10cUL) +#define CKA_START_DATE (0x110UL) +#define CKA_END_DATE (0x111UL) +#define CKA_MODULUS (0x120UL) +#define CKA_MODULUS_BITS (0x121UL) +#define CKA_PUBLIC_EXPONENT (0x122UL) +#define CKA_PRIVATE_EXPONENT (0x123UL) +#define CKA_PRIME_1 (0x124UL) +#define CKA_PRIME_2 (0x125UL) +#define CKA_EXPONENT_1 (0x126UL) +#define CKA_EXPONENT_2 (0x127UL) +#define CKA_COEFFICIENT (0x128UL) +#define CKA_PUBLIC_KEY_INFO (0x129UL) +#define CKA_PRIME (0x130UL) +#define CKA_SUBPRIME (0x131UL) +#define CKA_BASE (0x132UL) +#define CKA_PRIME_BITS (0x133UL) +#define CKA_SUBPRIME_BITS (0x134UL) +#define CKA_SUB_PRIME_BITS (0x134UL) +#define CKA_VALUE_BITS (0x160UL) +#define CKA_VALUE_LEN (0x161UL) +#define CKA_EXTRACTABLE (0x162UL) +#define CKA_LOCAL (0x163UL) +#define CKA_NEVER_EXTRACTABLE (0x164UL) +#define CKA_ALWAYS_SENSITIVE (0x165UL) +#define CKA_KEY_GEN_MECHANISM (0x166UL) +#define CKA_MODIFIABLE (0x170UL) +#define CKA_COPYABLE (0x171UL) +#define CKA_DESTROYABLE (0x172UL) +#define CKA_ECDSA_PARAMS (0x180UL) +#define CKA_EC_PARAMS (0x180UL) +#define CKA_EC_POINT (0x181UL) +#define CKA_SECONDARY_AUTH (0x200UL) +#define CKA_AUTH_PIN_FLAGS (0x201UL) +#define CKA_ALWAYS_AUTHENTICATE (0x202UL) +#define CKA_WRAP_WITH_TRUSTED (0x210UL) +#define CKA_OTP_FORMAT (0x220UL) +#define CKA_OTP_LENGTH (0x221UL) +#define CKA_OTP_TIME_INTERVAL (0x222UL) +#define CKA_OTP_USER_FRIENDLY_MODE (0x223UL) +#define CKA_OTP_CHALLENGE_REQUIREMENT (0x224UL) +#define CKA_OTP_TIME_REQUIREMENT (0x225UL) +#define CKA_OTP_COUNTER_REQUIREMENT (0x226UL) +#define CKA_OTP_PIN_REQUIREMENT (0x227UL) +#define CKA_OTP_USER_IDENTIFIER (0x22aUL) +#define CKA_OTP_SERVICE_IDENTIFIER (0x22bUL) +#define CKA_OTP_SERVICE_LOGO (0x22cUL) +#define CKA_OTP_SERVICE_LOGO_TYPE (0x22dUL) +#define CKA_OTP_COUNTER (0x22eUL) +#define CKA_OTP_TIME (0x22fUL) +#define CKA_GOSTR3410_PARAMS (0x250UL) +#define CKA_GOSTR3411_PARAMS (0x251UL) +#define CKA_GOST28147_PARAMS (0x252UL) +#define CKA_HW_FEATURE_TYPE (0x300UL) +#define CKA_RESET_ON_INIT (0x301UL) +#define CKA_HAS_RESET (0x302UL) +#define CKA_PIXEL_X (0x400UL) +#define CKA_PIXEL_Y (0x401UL) +#define CKA_RESOLUTION (0x402UL) +#define CKA_CHAR_ROWS (0x403UL) +#define CKA_CHAR_COLUMNS (0x404UL) +#define CKA_COLOR (0x405UL) +#define CKA_BITS_PER_PIXEL (0x406UL) +#define CKA_CHAR_SETS (0x480UL) +#define CKA_ENCODING_METHODS (0x481UL) +#define CKA_MIME_TYPES (0x482UL) +#define CKA_MECHANISM_TYPE (0x500UL) +#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) +#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) +#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) +#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) +#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) +#define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x213UL) +#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) +#define CKA_PROFILE_ID (0x601UL) +#define CKA_X2RATCHET_BAG (0x602UL) +#define CKA_X2RATCHET_BAGSIZE (0x603UL) +#define CKA_X2RATCHET_BOBS1STMSG (0x604UL) +#define CKA_X2RATCHET_CKR (0x605UL) +#define CKA_X2RATCHET_CKS (0x606UL) +#define CKA_X2RATCHET_DHP (0x607UL) +#define CKA_X2RATCHET_DHR (0x608UL) +#define CKA_X2RATCHET_DHS (0x609UL) +#define CKA_X2RATCHET_HKR (0x60aUL) +#define CKA_X2RATCHET_HKS (0x60bUL) +#define CKA_X2RATCHET_ISALICE (0x60cUL) +#define CKA_X2RATCHET_NHKR (0x60dUL) +#define CKA_X2RATCHET_NHKS (0x60eUL) +#define CKA_X2RATCHET_NR (0x60fUL) +#define CKA_X2RATCHET_NS (0x610UL) +#define CKA_X2RATCHET_PNS (0x611UL) +#define CKA_X2RATCHET_RK (0x612UL) +#define CKA_HSS_LEVELS (0x617UL) +#define CKA_HSS_LMS_TYPE (0x618UL) +#define CKA_HSS_LMOTS_TYPE (0x619UL) +#define CKA_HSS_LMS_TYPES (0x61AUL) +#define CKA_HSS_LMOTS_TYPES (0x61BUL) +#define CKA_HSS_KEYS_REMAINING (0x61CUL) +#define CKA_VENDOR_DEFINED ((unsigned long) (1UL << 31)) + +/* CK_CERTIFICATE_CATEGORY */ +#define CK_CERTIFICATE_CATEGORY_UNSPECIFIED (0UL) +#define CK_CERTIFICATE_CATEGORY_TOKEN_USER (1UL) +#define CK_CERTIFICATE_CATEGORY_AUTHORITY (2UL) +#define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY (3UL) + +/* CK_CERTIFICATE_TYPE */ +#define CKC_X_509 (0UL) +#define CKC_X_509_ATTR_CERT (1UL) +#define CKC_WTLS (2UL) +#define CKC_VENDOR_DEFINED ((unsigned long) (1UL << 31)) +#define CKC_OPENPGP (CKC_VENDOR_DEFINED|0x504750UL) + +/* KDFs */ +#define CKD_NULL (0x01UL) +#define CKD_SHA1_KDF (0x02UL) +#define CKD_SHA1_KDF_ASN1 (0x03UL) +#define CKD_SHA1_KDF_CONCATENATE (0x04UL) +#define CKD_SHA224_KDF (0x05UL) +#define CKD_SHA256_KDF (0x06UL) +#define CKD_SHA384_KDF (0x07UL) +#define CKD_SHA512_KDF (0x08UL) +#define CKD_CPDIVERSIFY_KDF (0x09UL) +#define CKD_SHA3_224_KDF (0x0aUL) +#define CKD_SHA3_256_KDF (0x0bUL) +#define CKD_SHA3_384_KDF (0x0cUL) +#define CKD_SHA3_512_KDF (0x0dUL) +#define CKD_SHA1_KDF_SP800 (0x0eUL) +#define CKD_SHA224_KDF_SP800 (0x0fUL) +#define CKD_SHA256_KDF_SP800 (0x10UL) +#define CKD_SHA384_KDF_SP800 (0x11UL) +#define CKD_SHA512_KDF_SP800 (0x12UL) +#define CKD_SHA3_224_KDF_SP800 (0x13UL) +#define CKD_SHA3_256_KDF_SP800 (0x14UL) +#define CKD_SHA3_384_KDF_SP800 (0x15UL) +#define CKD_SHA3_512_KDF_SP800 (0x16UL) +#define CKD_BLAKE2B_160_KDF (0x17UL) +#define CKD_BLAKE2B_256_KDF (0x18UL) +#define CKD_BLAKE2B_384_KDF (0x19UL) +#define CKD_BLAKE2B_512_KDF (0x1aUL) + +/* CK_GENERATOR_FUNCTION */ +#define CKG_NO_GENERATE (0UL) +#define CKG_GENERATE (1UL) +#define CKG_GENERATE_COUNTER (2UL) +#define CKG_GENERATE_RANDOM (3UL) +#define CKG_GENERATE_COUNTER_XOR (4UL) + +/* CK_FLAGS */ +#define CKF_TOKEN_PRESENT (1UL << 0) +#define CKF_REMOVABLE_DEVICE (1UL << 1) +#define CKF_HW_SLOT (1UL << 2) +#define CKF_ARRAY_ATTRIBUTE (1UL << 30) + +#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1UL << 0) +#define CKF_OS_LOCKING_OK (1UL << 1) + +#define CKF_HKDF_SALT_NULL (1UL << 0) +#define CKF_HKDF_SALT_DATA (1UL << 1) +#define CKF_HKDF_SALT_KEY (1UL << 2) + +#define CKF_INTERFACE_FORK_SAFE (1UL) + +#define CKF_EC_F_P (1UL << 20) +#define CKF_EC_F_2M (1UL << 21) +#define CKF_EC_ECPARAMETERS (1UL << 22) +#define CKF_EC_OID (1UL << 23) +#define CKF_EC_NAMEDCURVE (1UL << 23) +#define CKF_EC_UNCOMPRESS (1UL << 24) +#define CKF_EC_COMPRESS (1UL << 25) + +#define CKF_HW (1UL << 0) +#define CKF_MESSAGE_ENCRYPT (1UL << 1) +#define CKF_MESSAGE_DECRYPT (1UL << 2) +#define CKF_MESSAGE_SIGN (1UL << 3) +#define CKF_MESSAGE_VERIFY (1UL << 4) +#define CKF_MULTI_MESSAGE (1UL << 5) +#define CKF_FIND_OBJECTS (1UL << 6) +#define CKF_ENCRYPT (1UL << 8) +#define CKF_DECRYPT (1UL << 9) +#define CKF_DIGEST (1UL << 10) +#define CKF_SIGN (1UL << 11) +#define CKF_SIGN_RECOVER (1UL << 12) +#define CKF_VERIFY (1UL << 13) +#define CKF_VERIFY_RECOVER (1UL << 14) +#define CKF_GENERATE (1UL << 15) +#define CKF_GENERATE_KEY_PAIR (1UL << 16) +#define CKF_WRAP (1UL << 17) +#define CKF_UNWRAP (1UL << 18) +#define CKF_DERIVE (1UL << 19) +#define CKF_EXTENSION ((unsigned long) (1UL << 31)) +/* Flags for message-based functions */ +#define CKF_END_OF_MESSAGE (0x1UL) +/* OTP mechanism flags */ +#define CKF_NEXT_OTP (0x01UL) +#define CKF_EXCLUDE_TIME (0x02UL) +#define CKF_EXCLUDE_COUNTER (0x04UL) +#define CKF_EXCLUDE_CHALLENGE (0x08UL) +#define CKF_EXCLUDE_PIN (0x10UL) +#define CKF_USER_FRIENDLY_OTP (0x20UL) + +/* Flags for C_WaitForSlotEvent. */ +#define CKF_DONT_BLOCK (1UL) + +#define CKF_RW_SESSION (1UL << 1) +#define CKF_SERIAL_SESSION (1UL << 2) + +#define CKF_RNG (1UL << 0) +#define CKF_WRITE_PROTECTED (1UL << 1) +#define CKF_LOGIN_REQUIRED (1UL << 2) +#define CKF_USER_PIN_INITIALIZED (1UL << 3) +#define CKF_RESTORE_KEY_NOT_NEEDED (1UL << 5) +#define CKF_CLOCK_ON_TOKEN (1UL << 6) +#define CKF_PROTECTED_AUTHENTICATION_PATH (1UL << 8) +#define CKF_DUAL_CRYPTO_OPERATIONS (1UL << 9) +#define CKF_TOKEN_INITIALIZED (1UL << 10) +#define CKF_SECONDARY_AUTHENTICATION (1UL << 11) +#define CKF_USER_PIN_COUNT_LOW (1UL << 16) +#define CKF_USER_PIN_FINAL_TRY (1UL << 17) +#define CKF_USER_PIN_LOCKED (1UL << 18) +#define CKF_USER_PIN_TO_BE_CHANGED (1UL << 19) +#define CKF_SO_PIN_COUNT_LOW (1UL << 20) +#define CKF_SO_PIN_FINAL_TRY (1UL << 21) +#define CKF_SO_PIN_LOCKED (1UL << 22) +#define CKF_SO_PIN_TO_BE_CHANGED (1UL << 23) +#define CKF_ERROR_STATE (1UL << 24) + +/* CK_HW_FEATURE_TYPE */ +#define CKH_MONOTONIC_COUNTER (1UL) +#define CKH_CLOCK (2UL) +#define CKH_USER_INTERFACE (3UL) +#define CKH_VENDOR_DEFINED ((unsigned long) (1UL << 31)) + +/* CK_JAVA_MIDP_SECURITY_DOMAIN */ +#define CK_SECURITY_DOMAIN_UNSPECIFIED (0UL) +#define CK_SECURITY_DOMAIN_MANUFACTURER (1UL) +#define CK_SECURITY_DOMAIN_OPERATOR (2UL) +#define CK_SECURITY_DOMAIN_THIRD_PARTY (3UL) + +/* CK_KEY_TYPE */ +#define CKK_RSA (0UL) +#define CKK_DSA (1UL) +#define CKK_DH (2UL) +#define CKK_ECDSA (3UL) +#define CKK_EC (3UL) +#define CKK_X9_42_DH (4UL) +#define CKK_KEA (5UL) +#define CKK_GENERIC_SECRET (0x10UL) +#define CKK_RC2 (0x11UL) +#define CKK_RC4 (0x12UL) +#define CKK_DES (0x13UL) +#define CKK_DES2 (0x14UL) +#define CKK_DES3 (0x15UL) +#define CKK_CAST (0x16UL) +#define CKK_CAST3 (0x17UL) +#define CKK_CAST128 (0x18UL) +#define CKK_RC5 (0x19UL) +#define CKK_IDEA (0x1aUL) +#define CKK_SKIPJACK (0x1bUL) +#define CKK_BATON (0x1cUL) +#define CKK_JUNIPER (0x1dUL) +#define CKK_CDMF (0x1eUL) +#define CKK_AES (0x1fUL) +#define CKK_BLOWFISH (0x20UL) +#define CKK_TWOFISH (0x21UL) +#define CKK_SECURID (0x22UL) +#define CKK_HOTP (0x23UL) +#define CKK_ACTI (0x24UL) +#define CKK_CAMELLIA (0x25UL) +#define CKK_ARIA (0x26UL) +#define CKK_MD5_HMAC (0x27UL) +#define CKK_SHA_1_HMAC (0x28UL) +#define CKK_RIPEMD128_HMAC (0x29UL) +#define CKK_RIPEMD160_HMAC (0x2aUL) +#define CKK_SHA256_HMAC (0x2bUL) +#define CKK_SHA384_HMAC (0x2cUL) +#define CKK_SHA512_HMAC (0x2dUL) +#define CKK_SHA224_HMAC (0x2eUL) +#define CKK_SEED (0x2fUL) +#define CKK_GOSTR3410 (0x30UL) +#define CKK_GOSTR3411 (0x31UL) +#define CKK_GOST28147 (0x32UL) +#define CKK_CHACHA20 (0x33UL) +#define CKK_POLY1305 (0x34UL) +#define CKK_AES_XTS (0x35UL) +#define CKK_SHA3_224_HMAC (0x36UL) +#define CKK_SHA3_256_HMAC (0x37UL) +#define CKK_SHA3_384_HMAC (0x38UL) +#define CKK_SHA3_512_HMAC (0x39UL) +#define CKK_BLAKE2B_160_HMAC (0x3aUL) +#define CKK_BLAKE2B_256_HMAC (0x3bUL) +#define CKK_BLAKE2B_384_HMAC (0x3cUL) +#define CKK_BLAKE2B_512_HMAC (0x3dUL) +#define CKK_SALSA20 (0x3eUL) +#define CKK_X2RATCHET (0x3fUL) +#define CKK_EC_EDWARDS (0x40UL) +#define CKK_EC_MONTGOMERY (0x41UL) +#define CKK_HKDF (0x42UL) +#define CKK_SHA512_224_HMAC (0x43UL) +#define CKK_SHA512_256_HMAC (0x44UL) +#define CKK_SHA512_T_HMAC (0x45UL) +#define CKK_HSS (0x46UL) +#define CKK_VENDOR_DEFINED ((unsigned long) (1UL << 31)) + +/* CK_MECHANISM_TYPE */ +#define CKM_RSA_PKCS_KEY_PAIR_GEN (0UL) +#define CKM_RSA_PKCS (1UL) +#define CKM_RSA_9796 (2UL) +#define CKM_RSA_X_509 (3UL) +#define CKM_MD2_RSA_PKCS (4UL) +#define CKM_MD5_RSA_PKCS (5UL) +#define CKM_SHA1_RSA_PKCS (6UL) +#define CKM_RIPEMD128_RSA_PKCS (7UL) +#define CKM_RIPEMD160_RSA_PKCS (8UL) +#define CKM_RSA_PKCS_OAEP (9UL) +#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xaUL) +#define CKM_RSA_X9_31 (0xbUL) +#define CKM_SHA1_RSA_X9_31 (0xcUL) +#define CKM_RSA_PKCS_PSS (0xdUL) +#define CKM_SHA1_RSA_PKCS_PSS (0xeUL) +#define CKM_DSA_KEY_PAIR_GEN (0x10UL) +#define CKM_DSA (0x11UL) +#define CKM_DSA_SHA1 (0x12UL) +#define CKM_DSA_SHA224 (0x13UL) +#define CKM_DSA_SHA256 (0x14UL) +#define CKM_DSA_SHA384 (0x15UL) +#define CKM_DSA_SHA512 (0x16UL) +#define CKM_DSA_SHA3_224 (0x18UL) +#define CKM_DSA_SHA3_256 (0x19UL) +#define CKM_DSA_SHA3_384 (0x1AUL) +#define CKM_DSA_SHA3_512 (0x1BUL) +#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20UL) +#define CKM_DH_PKCS_DERIVE (0x21UL) +#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30UL) +#define CKM_X9_42_DH_DERIVE (0x31UL) +#define CKM_X9_42_DH_HYBRID_DERIVE (0x32UL) +#define CKM_X9_42_MQV_DERIVE (0x33UL) +#define CKM_SHA256_RSA_PKCS (0x40UL) +#define CKM_SHA384_RSA_PKCS (0x41UL) +#define CKM_SHA512_RSA_PKCS (0x42UL) +#define CKM_SHA256_RSA_PKCS_PSS (0x43UL) +#define CKM_SHA384_RSA_PKCS_PSS (0x44UL) +#define CKM_SHA512_RSA_PKCS_PSS (0x45UL) +#define CKM_SHA224_RSA_PKCS (0x46UL) +#define CKM_SHA224_RSA_PKCS_PSS (0x47UL) +#define CKM_SHA512_224 (0x48UL) +#define CKM_SHA512_224_HMAC (0x49UL) +#define CKM_SHA512_224_HMAC_GENERAL (0x4aUL) +#define CKM_SHA512_224_KEY_DERIVATION (0x4bUL) +#define CKM_SHA512_256 (0x4cUL) +#define CKM_SHA512_256_HMAC (0x4dUL) +#define CKM_SHA512_256_HMAC_GENERAL (0x4eUL) +#define CKM_SHA512_256_KEY_DERIVATION (0x4fUL) +#define CKM_SHA512_T (0x50UL) +#define CKM_SHA512_T_HMAC (0x51UL) +#define CKM_SHA512_T_HMAC_GENERAL (0x52UL) +#define CKM_SHA512_T_KEY_DERIVATION (0x53UL) +#define CKM_SHA3_256_RSA_PKCS (0x60UL) +#define CKM_SHA3_384_RSA_PKCS (0x61UL) +#define CKM_SHA3_512_RSA_PKCS (0x62UL) +#define CKM_SHA3_256_RSA_PKCS_PSS (0x63UL) +#define CKM_SHA3_384_RSA_PKCS_PSS (0x64UL) +#define CKM_SHA3_512_RSA_PKCS_PSS (0x65UL) +#define CKM_SHA3_224_RSA_PKCS (0x66UL) +#define CKM_SHA3_224_RSA_PKCS_PSS (0x67UL) +#define CKM_RC2_KEY_GEN (0x100UL) +#define CKM_RC2_ECB (0x101UL) +#define CKM_RC2_CBC (0x102UL) +#define CKM_RC2_MAC (0x103UL) +#define CKM_RC2_MAC_GENERAL (0x104UL) +#define CKM_RC2_CBC_PAD (0x105UL) +#define CKM_RC4_KEY_GEN (0x110UL) +#define CKM_RC4 (0x111UL) +#define CKM_DES_KEY_GEN (0x120UL) +#define CKM_DES_ECB (0x121UL) +#define CKM_DES_CBC (0x122UL) +#define CKM_DES_MAC (0x123UL) +#define CKM_DES_MAC_GENERAL (0x124UL) +#define CKM_DES_CBC_PAD (0x125UL) +#define CKM_DES2_KEY_GEN (0x130UL) +#define CKM_DES3_KEY_GEN (0x131UL) +#define CKM_DES3_ECB (0x132UL) +#define CKM_DES3_CBC (0x133UL) +#define CKM_DES3_MAC (0x134UL) +#define CKM_DES3_MAC_GENERAL (0x135UL) +#define CKM_DES3_CBC_PAD (0x136UL) +#define CKM_DES3_CMAC_GENERAL (0x137UL) +#define CKM_DES3_CMAC (0x138UL) +#define CKM_CDMF_KEY_GEN (0x140UL) +#define CKM_CDMF_ECB (0x141UL) +#define CKM_CDMF_CBC (0x142UL) +#define CKM_CDMF_MAC (0x143UL) +#define CKM_CDMF_MAC_GENERAL (0x144UL) +#define CKM_CDMF_CBC_PAD (0x145UL) +#define CKM_DES_OFB64 (0x150UL) +#define CKM_DES_OFB8 (0x151UL) +#define CKM_DES_CFB64 (0x152UL) +#define CKM_DES_CFB8 (0x153UL) +#define CKM_MD2 (0x200UL) +#define CKM_MD2_HMAC (0x201UL) +#define CKM_MD2_HMAC_GENERAL (0x202UL) +#define CKM_MD5 (0x210UL) +#define CKM_MD5_HMAC (0x211UL) +#define CKM_MD5_HMAC_GENERAL (0x212UL) +#define CKM_SHA_1 (0x220UL) +#define CKM_SHA_1_HMAC (0x221UL) +#define CKM_SHA_1_HMAC_GENERAL (0x222UL) +#define CKM_RIPEMD128 (0x230UL) +#define CKM_RIPEMD128_HMAC (0x231UL) +#define CKM_RIPEMD128_HMAC_GENERAL (0x232UL) +#define CKM_RIPEMD160 (0x240UL) +#define CKM_RIPEMD160_HMAC (0x241UL) +#define CKM_RIPEMD160_HMAC_GENERAL (0x242UL) +#define CKM_SHA256 (0x250UL) +#define CKM_SHA256_HMAC (0x251UL) +#define CKM_SHA256_HMAC_GENERAL (0x252UL) +#define CKM_SHA224 (0x255UL) +#define CKM_SHA224_HMAC (0x256UL) +#define CKM_SHA224_HMAC_GENERAL (0x257UL) +#define CKM_SHA384 (0x260UL) +#define CKM_SHA384_HMAC (0x261UL) +#define CKM_SHA384_HMAC_GENERAL (0x262UL) +#define CKM_SHA512 (0x270UL) +#define CKM_SHA512_HMAC (0x271UL) +#define CKM_SHA512_HMAC_GENERAL (0x272UL) +#define CKM_SECURID_KEY_GEN (0x280UL) +#define CKM_SECURID (0x282UL) +#define CKM_HOTP_KEY_GEN (0x290UL) +#define CKM_HOTP (0x291UL) +#define CKM_ACTI (0x2a0UL) +#define CKM_ACTI_KEY_GEN (0x2a1UL) +#define CKM_SHA3_256 (0x2b0UL) +#define CKM_SHA3_256_HMAC (0x2b1UL) +#define CKM_SHA3_256_HMAC_GENERAL (0x2b2UL) +#define CKM_SHA3_256_KEY_GEN (0x2b3UL) +#define CKM_SHA3_224 (0x2b5UL) +#define CKM_SHA3_224_HMAC (0x2b6UL) +#define CKM_SHA3_224_HMAC_GENERAL (0x2b7UL) +#define CKM_SHA3_224_KEY_GEN (0x2b8UL) +#define CKM_SHA3_384 (0x2c0UL) +#define CKM_SHA3_384_HMAC (0x2c1UL) +#define CKM_SHA3_384_HMAC_GENERAL (0x2c2UL) +#define CKM_SHA3_384_KEY_GEN (0x2c3UL) +#define CKM_SHA3_512 (0x2d0UL) +#define CKM_SHA3_512_HMAC (0x2d1UL) +#define CKM_SHA3_512_HMAC_GENERAL (0x2d2UL) +#define CKM_SHA3_512_KEY_GEN (0x2d3UL) +#define CKM_CAST_KEY_GEN (0x300UL) +#define CKM_CAST_ECB (0x301UL) +#define CKM_CAST_CBC (0x302UL) +#define CKM_CAST_MAC (0x303UL) +#define CKM_CAST_MAC_GENERAL (0x304UL) +#define CKM_CAST_CBC_PAD (0x305UL) +#define CKM_CAST3_KEY_GEN (0x310UL) +#define CKM_CAST3_ECB (0x311UL) +#define CKM_CAST3_CBC (0x312UL) +#define CKM_CAST3_MAC (0x313UL) +#define CKM_CAST3_MAC_GENERAL (0x314UL) +#define CKM_CAST3_CBC_PAD (0x315UL) +#define CKM_CAST5_KEY_GEN (0x320UL) +#define CKM_CAST128_KEY_GEN (0x320UL) +#define CKM_CAST5_ECB (0x321UL) +#define CKM_CAST128_ECB (0x321UL) +#define CKM_CAST5_CBC (0x322UL) +#define CKM_CAST128_CBC (0x322UL) +#define CKM_CAST5_MAC (0x323UL) +#define CKM_CAST128_MAC (0x323UL) +#define CKM_CAST5_MAC_GENERAL (0x324UL) +#define CKM_CAST128_MAC_GENERAL (0x324UL) +#define CKM_CAST5_CBC_PAD (0x325UL) +#define CKM_CAST128_CBC_PAD (0x325UL) +#define CKM_RC5_KEY_GEN (0x330UL) +#define CKM_RC5_ECB (0x331UL) +#define CKM_RC5_CBC (0x332UL) +#define CKM_RC5_MAC (0x333UL) +#define CKM_RC5_MAC_GENERAL (0x334UL) +#define CKM_RC5_CBC_PAD (0x335UL) +#define CKM_IDEA_KEY_GEN (0x340UL) +#define CKM_IDEA_ECB (0x341UL) +#define CKM_IDEA_CBC (0x342UL) +#define CKM_IDEA_MAC (0x343UL) +#define CKM_IDEA_MAC_GENERAL (0x344UL) +#define CKM_IDEA_CBC_PAD (0x345UL) +#define CKM_GENERIC_SECRET_KEY_GEN (0x350UL) +#define CKM_CONCATENATE_BASE_AND_KEY (0x360UL) +#define CKM_CONCATENATE_BASE_AND_DATA (0x362UL) +#define CKM_CONCATENATE_DATA_AND_BASE (0x363UL) +#define CKM_XOR_BASE_AND_DATA (0x364UL) +#define CKM_EXTRACT_KEY_FROM_KEY (0x365UL) +#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370UL) +#define CKM_SSL3_MASTER_KEY_DERIVE (0x371UL) +#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372UL) +#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373UL) +#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374UL) +#define CKM_TLS_MASTER_KEY_DERIVE (0x375UL) +#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376UL) +#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377UL) +#define CKM_TLS_PRF (0x378UL) +#define CKM_SSL3_MD5_MAC (0x380UL) +#define CKM_SSL3_SHA1_MAC (0x381UL) +#define CKM_MD5_KEY_DERIVATION (0x390UL) +#define CKM_MD2_KEY_DERIVATION (0x391UL) +#define CKM_SHA1_KEY_DERIVATION (0x392UL) +#define CKM_SHA256_KEY_DERIVATION (0x393UL) +#define CKM_SHA384_KEY_DERIVATION (0x394UL) +#define CKM_SHA512_KEY_DERIVATION (0x395UL) +#define CKM_SHA224_KEY_DERIVATION (0x396UL) +#define CKM_SHA3_256_KEY_DERIVATION (0x397UL) +#define CKM_SHA3_256_KEY_DERIVE (0x397UL) +#define CKM_SHA3_224_KEY_DERIVATION (0x398UL) +#define CKM_SHA3_224_KEY_DERIVE (0x398UL) +#define CKM_SHA3_384_KEY_DERIVATION (0x399UL) +#define CKM_SHA3_384_KEY_DERIVE (0x399UL) +#define CKM_SHA3_512_KEY_DERIVATION (0x39aUL) +#define CKM_SHA3_512_KEY_DERIVE (0x39aUL) +#define CKM_SHAKE_128_KEY_DERIVATION (0x39bUL) +#define CKM_SHAKE_128_KEY_DERIVE (0x39bUL) +#define CKM_SHAKE_256_KEY_DERIVATION (0x39cUL) +#define CKM_SHAKE_256_KEY_DERIVE (0x39cUL) +#define CKM_PBE_MD2_DES_CBC (0x3a0UL) +#define CKM_PBE_MD5_DES_CBC (0x3a1UL) +#define CKM_PBE_MD5_CAST_CBC (0x3a2UL) +#define CKM_PBE_MD5_CAST3_CBC (0x3a3UL) +#define CKM_PBE_MD5_CAST5_CBC (0x3a4UL) +#define CKM_PBE_MD5_CAST128_CBC (0x3a4UL) +#define CKM_PBE_SHA1_CAST5_CBC (0x3a5UL) +#define CKM_PBE_SHA1_CAST128_CBC (0x3a5UL) +#define CKM_PBE_SHA1_RC4_128 (0x3a6UL) +#define CKM_PBE_SHA1_RC4_40 (0x3a7UL) +#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8UL) +#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9UL) +#define CKM_PBE_SHA1_RC2_128_CBC (0x3aaUL) +#define CKM_PBE_SHA1_RC2_40_CBC (0x3abUL) +#define CKM_PKCS5_PBKD2 (0x3b0UL) +#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0UL) +#define CKM_WTLS_PRE_MASTER_KEY_GEN (0x3d0UL) +#define CKM_WTLS_MASTER_KEY_DERIVE (0x3d1UL) +#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC (0x3d2UL) +#define CKM_WTLS_PRF (0x3d3UL) +#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE (0x3d4UL) +#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE (0x3d5UL) +#define CKM_TLS10_MAC_SERVER (0x3d6UL) +#define CKM_TLS10_MAC_CLIENT (0x3d7UL) +#define CKM_TLS12_MAC (0x3d8UL) +#define CKM_TLS12_KDF (0x3d9UL) +#define CKM_TLS12_MASTER_KEY_DERIVE (0x3e0UL) +#define CKM_TLS12_KEY_AND_MAC_DERIVE (0x3e1UL) +#define CKM_TLS12_MASTER_KEY_DERIVE_DH (0x3e2UL) +#define CKM_TLS12_KEY_SAFE_DERIVE (0x3e3UL) +#define CKM_TLS_MAC (0x3e4UL) +#define CKM_TLS_KDF (0x3e5UL) +#define CKM_KEY_WRAP_LYNKS (0x400UL) +#define CKM_KEY_WRAP_SET_OAEP (0x401UL) +#define CKM_CMS_SIG (0x500UL) +#define CKM_KIP_DERIVE (0x510UL) +#define CKM_KIP_WRAP (0x511UL) +#define CKM_KIP_MAC (0x512UL) +#define CKM_CAMELLIA_KEY_GEN (0x550UL) +#define CKM_CAMELLIA_ECB (0x551UL) +#define CKM_CAMELLIA_CBC (0x552UL) +#define CKM_CAMELLIA_MAC (0x553UL) +#define CKM_CAMELLIA_MAC_GENERAL (0x554UL) +#define CKM_CAMELLIA_CBC_PAD (0x555UL) +#define CKM_CAMELLIA_ECB_ENCRYPT_DATA (0x556UL) +#define CKM_CAMELLIA_CBC_ENCRYPT_DATA (0x557UL) +#define CKM_CAMELLIA_CTR (0x558UL) +#define CKM_ARIA_KEY_GEN (0x560UL) +#define CKM_ARIA_ECB (0x561UL) +#define CKM_ARIA_CBC (0x562UL) +#define CKM_ARIA_MAC (0x563UL) +#define CKM_ARIA_MAC_GENERAL (0x564UL) +#define CKM_ARIA_CBC_PAD (0x565UL) +#define CKM_ARIA_ECB_ENCRYPT_DATA (0x566UL) +#define CKM_ARIA_CBC_ENCRYPT_DATA (0x567UL) +#define CKM_SEED_KEY_GEN (0x650UL) +#define CKM_SEED_ECB (0x651UL) +#define CKM_SEED_CBC (0x652UL) +#define CKM_SEED_MAC (0x653UL) +#define CKM_SEED_MAC_GENERAL (0x654UL) +#define CKM_SEED_CBC_PAD (0x655UL) +#define CKM_SEED_ECB_ENCRYPT_DATA (0x656UL) +#define CKM_SEED_CBC_ENCRYPT_DATA (0x657UL) +#define CKM_SKIPJACK_KEY_GEN (0x1000UL) +#define CKM_SKIPJACK_ECB64 (0x1001UL) +#define CKM_SKIPJACK_CBC64 (0x1002UL) +#define CKM_SKIPJACK_OFB64 (0x1003UL) +#define CKM_SKIPJACK_CFB64 (0x1004UL) +#define CKM_SKIPJACK_CFB32 (0x1005UL) +#define CKM_SKIPJACK_CFB16 (0x1006UL) +#define CKM_SKIPJACK_CFB8 (0x1007UL) +#define CKM_SKIPJACK_WRAP (0x1008UL) +#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009UL) +#define CKM_SKIPJACK_RELAYX (0x100aUL) +#define CKM_KEA_KEY_PAIR_GEN (0x1010UL) +#define CKM_KEA_KEY_DERIVE (0x1011UL) +#define CKM_FORTEZZA_TIMESTAMP (0x1020UL) +#define CKM_BATON_KEY_GEN (0x1030UL) +#define CKM_BATON_ECB128 (0x1031UL) +#define CKM_BATON_ECB96 (0x1032UL) +#define CKM_BATON_CBC128 (0x1033UL) +#define CKM_BATON_COUNTER (0x1034UL) +#define CKM_BATON_SHUFFLE (0x1035UL) +#define CKM_BATON_WRAP (0x1036UL) +#define CKM_ECDSA_KEY_PAIR_GEN (0x1040UL) +#define CKM_EC_KEY_PAIR_GEN (0x1040UL) +#define CKM_ECDSA (0x1041UL) +#define CKM_ECDSA_SHA1 (0x1042UL) +#define CKM_ECDSA_SHA224 (0x1043UL) +#define CKM_ECDSA_SHA256 (0x1044UL) +#define CKM_ECDSA_SHA384 (0x1045UL) +#define CKM_ECDSA_SHA512 (0x1046UL) +#define CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS (0x140bUL) +#define CKM_ECDH1_DERIVE (0x1050UL) +#define CKM_ECDH1_COFACTOR_DERIVE (0x1051UL) +#define CKM_ECMQV_DERIVE (0x1052UL) +#define CKM_ECDH_AES_KEY_WRAP (0x1053UL) +#define CKM_RSA_AES_KEY_WRAP (0x1054UL) +#define CKM_JUNIPER_KEY_GEN (0x1060UL) +#define CKM_JUNIPER_ECB128 (0x1061UL) +#define CKM_JUNIPER_CBC128 (0x1062UL) +#define CKM_JUNIPER_COUNTER (0x1063UL) +#define CKM_JUNIPER_SHUFFLE (0x1064UL) +#define CKM_JUNIPER_WRAP (0x1065UL) +#define CKM_FASTHASH (0x1070UL) +#define CKM_AES_XTS (0x1071UL) +#define CKM_AES_XTS_KEY_GEN (0x1072UL) +#define CKM_AES_KEY_GEN (0x1080UL) +#define CKM_AES_ECB (0x1081UL) +#define CKM_AES_CBC (0x1082UL) +#define CKM_AES_MAC (0x1083UL) +#define CKM_AES_MAC_GENERAL (0x1084UL) +#define CKM_AES_CBC_PAD (0x1085UL) +#define CKM_AES_CTR (0x1086UL) +#define CKM_AES_GCM (0x1087UL) +#define CKM_AES_CCM (0x1088UL) +#define CKM_AES_CTS (0x1089UL) +#define CKM_AES_CMAC (0x108aUL) +#define CKM_AES_CMAC_GENERAL (0x108bUL) +#define CKM_AES_XCBC_MAC (0x108cUL) +#define CKM_AES_XCBC_MAC_96 (0x108dUL) +#define CKM_AES_GMAC (0x108eUL) +#define CKM_BLOWFISH_KEY_GEN (0x1090UL) +#define CKM_BLOWFISH_CBC (0x1091UL) +#define CKM_TWOFISH_KEY_GEN (0x1092UL) +#define CKM_TWOFISH_CBC (0x1093UL) +#define CKM_BLOWFISH_CBC_PAD (0x1094UL) +#define CKM_TWOFISH_CBC_PAD (0x1095UL) +#define CKM_DES_ECB_ENCRYPT_DATA (0x1100UL) +#define CKM_DES_CBC_ENCRYPT_DATA (0x1101UL) +#define CKM_DES3_ECB_ENCRYPT_DATA (0x1102UL) +#define CKM_DES3_CBC_ENCRYPT_DATA (0x1103UL) +#define CKM_AES_ECB_ENCRYPT_DATA (0x1104UL) +#define CKM_AES_CBC_ENCRYPT_DATA (0x1105UL) +#define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200UL) +#define CKM_GOSTR3410 (0x1201UL) +#define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202UL) +#define CKM_GOSTR3410_KEY_WRAP (0x1203UL) +#define CKM_GOSTR3410_DERIVE (0x1204UL) +#define CKM_GOSTR3411 (0x1210UL) +#define CKM_GOSTR3411_HMAC (0x1211UL) +#define CKM_GOST28147_KEY_GEN (0x1220UL) +#define CKM_GOST28147_ECB (0x1221UL) +#define CKM_GOST28147 (0x1222UL) +#define CKM_GOST28147_MAC (0x1223UL) +#define CKM_GOST28147_KEY_WRAP (0x1224UL) +#define CKM_CHACHA20_KEY_GEN (0x1225UL) +#define CKM_CHACHA20 (0x1226UL) +#define CKM_POLY1305_KEY_GEN (0x1227UL) +#define CKM_POLY1305 (0x1228UL) +#define CKM_DSA_PARAMETER_GEN (0x2000UL) +#define CKM_DH_PKCS_PARAMETER_GEN (0x2001UL) +#define CKM_X9_42_DH_PARAMETER_GEN (0x2002UL) +#define CKM_DSA_PROBABILISTIC_PARAMETER_GEN (0x2003UL) +#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN (0x2003UL) +#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN (0x2004UL) +#define CKM_DSA_FIPS_G_GEN (0x2005UL) +#define CKM_AES_OFB (0x2104UL) +#define CKM_AES_CFB64 (0x2105UL) +#define CKM_AES_CFB8 (0x2106UL) +#define CKM_AES_CFB128 (0x2107UL) +#define CKM_AES_CFB1 (0x2108UL) +#define CKM_AES_KEY_WRAP (0x2109UL) +#define CKM_AES_KEY_WRAP_PAD (0x210aUL) +#define CKM_AES_KEY_WRAP_KWP (0x210BUL) +#define CKM_AES_KEY_WRAP_PKCS7 (0x210CUL) +#define CKM_RSA_PKCS_TPM_1_1 (0x4001UL) +#define CKM_RSA_PKCS_OAEP_TPM_1_1 (0x4002UL) +#define CKM_SHA_1_KEY_GEN (0x4003UL) +#define CKM_SHA224_KEY_GEN (0x4004UL) +#define CKM_SHA256_KEY_GEN (0x4005UL) +#define CKM_SHA384_KEY_GEN (0x4006UL) +#define CKM_SHA512_KEY_GEN (0x4007UL) +#define CKM_SHA512_224_KEY_GEN (0x4008UL) +#define CKM_SHA512_256_KEY_GEN (0x4009UL) +#define CKM_SHA512_T_KEY_GEN (0x400aUL) +#define CKM_NULL (0x400bUL) +#define CKM_BLAKE2B_160 (0x400cUL) +#define CKM_BLAKE2B_160_HMAC (0x400dUL) +#define CKM_BLAKE2B_160_HMAC_GENERAL (0x400eUL) +#define CKM_BLAKE2B_160_KEY_DERIVE (0x400fUL) +#define CKM_BLAKE2B_160_KEY_GEN (0x4010UL) +#define CKM_BLAKE2B_256 (0x4011UL) +#define CKM_BLAKE2B_256_HMAC (0x4012UL) +#define CKM_BLAKE2B_256_HMAC_GENERAL (0x4013UL) +#define CKM_BLAKE2B_256_KEY_DERIVE (0x4014UL) +#define CKM_BLAKE2B_256_KEY_GEN (0x4015UL) +#define CKM_BLAKE2B_384 (0x4016UL) +#define CKM_BLAKE2B_384_HMAC (0x4017UL) +#define CKM_BLAKE2B_384_HMAC_GENERAL (0x4018UL) +#define CKM_BLAKE2B_384_KEY_DERIVE (0x4019UL) +#define CKM_BLAKE2B_384_KEY_GEN (0x401aUL) +#define CKM_BLAKE2B_512 (0x401bUL) +#define CKM_BLAKE2B_512_HMAC (0x401cUL) +#define CKM_BLAKE2B_512_HMAC_GENERAL (0x401dUL) +#define CKM_BLAKE2B_512_KEY_DERIVE (0x401eUL) +#define CKM_BLAKE2B_512_KEY_GEN (0x401fUL) +#define CKM_SALSA20 (0x4020UL) +#define CKM_CHACHA20_POLY1305 (0x4021UL) +#define CKM_SALSA20_POLY1305 (0x4022UL) +#define CKM_X3DH_INITIALIZE (0x4023UL) +#define CKM_X3DH_RESPOND (0x4024UL) +#define CKM_X2RATCHET_INITIALIZE (0x4025UL) +#define CKM_X2RATCHET_RESPOND (0x4026UL) +#define CKM_X2RATCHET_ENCRYPT (0x4027UL) +#define CKM_X2RATCHET_DECRYPT (0x4028UL) +#define CKM_XEDDSA (0x4029UL) +#define CKM_HKDF_DERIVE (0x402aUL) +#define CKM_HKDF_DATA (0x402bUL) +#define CKM_HKDF_KEY_GEN (0x402cUL) +#define CKM_SALSA20_KEY_GEN (0x402dUL) +#define CKM_ECDSA_SHA3_224 (0x1047UL) +#define CKM_ECDSA_SHA3_256 (0x1048UL) +#define CKM_ECDSA_SHA3_384 (0x1049UL) +#define CKM_ECDSA_SHA3_512 (0x104aUL) +#define CKM_EC_EDWARDS_KEY_PAIR_GEN (0x1055UL) +#define CKM_EC_MONTGOMERY_KEY_PAIR_GEN (0x1056UL) +#define CKM_EDDSA (0x1057UL) +#define CKM_SP800_108_COUNTER_KDF (0x3acUL) +#define CKM_SP800_108_FEEDBACK_KDF (0x3adUL) +#define CKM_SP800_108_DOUBLE_PIPELINE_KDF (0x3AEUL) +#define CKM_IKE2_PRF_PLUS_DERIVE (0x402EUL) +#define CKM_IKE_PRF_DERIVE (0x402FUL) +#define CKM_IKE1_PRF_DERIVE (0x4030UL) +#define CKM_IKE1_EXTENDED_DERIVE (0x4031UL) +#define CKM_HSS_KEY_PAIR_GEN (0x4032UL) +#define CKM_HSS (0x4033UL) +#define CKM_VENDOR_DEFINED ((unsigned long) (1UL << 31)) + +/* CK_NOTIFICATION */ +#define CKN_SURRENDER (0UL) +#define CKN_OTP_CHANGED (1UL) + +/* CK_OBJECT_CLASS */ +#define CKO_DATA (0UL) +#define CKO_CERTIFICATE (1UL) +#define CKO_PUBLIC_KEY (2UL) +#define CKO_PRIVATE_KEY (3UL) +#define CKO_SECRET_KEY (4UL) +#define CKO_HW_FEATURE (5UL) +#define CKO_DOMAIN_PARAMETERS (6UL) +#define CKO_MECHANISM (7UL) +#define CKO_OTP_KEY (8UL) +#define CKO_PROFILE (9UL) +#define CKO_VENDOR_DEFINED ((unsigned long) (1UL << 31)) + +/* CK_OTP_PARAM_TYPE */ +#define CK_OTP_VALUE (0UL) +#define CK_OTP_PIN (1UL) +#define CK_OTP_CHALLENGE (2UL) +#define CK_OTP_TIME (3UL) +#define CK_OTP_COUNTER (4UL) +#define CK_OTP_FLAGS (5UL) +#define CK_OTP_OUTPUT_LENGTH (6UL) +#define CK_OTP_OUTPUT_FORMAT (7UL) +#define CK_OTP_FORMAT (7UL) + +/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE */ +#define CKP_PKCS5_PBKD2_HMAC_SHA1 (1UL) +#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 (2UL) +#define CKP_PKCS5_PBKD2_HMAC_SHA224 (3UL) +#define CKP_PKCS5_PBKD2_HMAC_SHA256 (4UL) +#define CKP_PKCS5_PBKD2_HMAC_SHA384 (5UL) +#define CKP_PKCS5_PBKD2_HMAC_SHA512 (6UL) +#define CKP_PKCS5_PBKD2_HMAC_SHA512_224 (7UL) +#define CKP_PKCS5_PBKD2_HMAC_SHA512_256 (8UL) + +/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE */ +#define CKZ_SALT_SPECIFIED (0x1UL) + +/* CK_PRF_DATA_TYPE */ +#define CK_SP800_108_ITERATION_VARIABLE (1UL) +#define CK_SP800_108_OPTIONAL_COUNTER (2UL) +#define CK_SP800_108_COUNTER (2UL) +#define CK_SP800_108_DKM_LENGTH (3UL) +#define CK_SP800_108_BYTE_ARRAY (4UL) + +/* CK_PROFILE_ID */ +#define CKP_INVALID_ID (0UL) +#define CKP_BASELINE_PROVIDER (1UL) +#define CKP_EXTENDED_PROVIDER (2UL) +#define CKP_AUTHENTICATION_TOKEN (3UL) +#define CKP_PUBLIC_CERTIFICATES_TOKEN (4UL) +#define CKP_COMPLETE_PROVIDER (5UL) +#define CKP_HKDF_TLS_TOKEN (6UL) +#define CKP_VENDOR_DEFINED (1UL << 31) + +/* CK_RSA_PKCS_MGF_TYPE */ +#define CKG_MGF1_SHA1 (0x1UL) +#define CKG_MGF1_SHA224 (0x5UL) +#define CKG_MGF1_SHA256 (0x2UL) +#define CKG_MGF1_SHA384 (0x3UL) +#define CKG_MGF1_SHA512 (0x4UL) +#define CKG_MGF1_SHA3_224 (0x6UL) +#define CKG_MGF1_SHA3_256 (0x7UL) +#define CKG_MGF1_SHA3_384 (0x8UL) +#define CKG_MGF1_SHA3_512 (0x9UL) + +/* CK_RSA_PKCS_OAEP_SOURCE_TYPE */ +#define CKZ_DATA_SPECIFIED (0x1UL) + +/* CK_RV */ +#define CKR_OK (0UL) +#define CKR_CANCEL (1UL) +#define CKR_HOST_MEMORY (2UL) +#define CKR_SLOT_ID_INVALID (3UL) +#define CKR_GENERAL_ERROR (5UL) +#define CKR_FUNCTION_FAILED (6UL) +#define CKR_ARGUMENTS_BAD (7UL) +#define CKR_NO_EVENT (8UL) +#define CKR_NEED_TO_CREATE_THREADS (9UL) +#define CKR_CANT_LOCK (0xaUL) +#define CKR_ATTRIBUTE_READ_ONLY (0x10UL) +#define CKR_ATTRIBUTE_SENSITIVE (0x11UL) +#define CKR_ATTRIBUTE_TYPE_INVALID (0x12UL) +#define CKR_ATTRIBUTE_VALUE_INVALID (0x13UL) +#define CKR_ACTION_PROHIBITED (0x1bUL) +#define CKR_DATA_INVALID (0x20UL) +#define CKR_DATA_LEN_RANGE (0x21UL) +#define CKR_DEVICE_ERROR (0x30UL) +#define CKR_DEVICE_MEMORY (0x31UL) +#define CKR_DEVICE_REMOVED (0x32UL) +#define CKR_ENCRYPTED_DATA_INVALID (0x40UL) +#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41UL) +#define CKR_AEAD_DECRYPT_FAILED (0x42UL) +#define CKR_FUNCTION_CANCELED (0x50UL) +#define CKR_FUNCTION_NOT_PARALLEL (0x51UL) +#define CKR_FUNCTION_NOT_SUPPORTED (0x54UL) +#define CKR_KEY_HANDLE_INVALID (0x60UL) +#define CKR_KEY_SIZE_RANGE (0x62UL) +#define CKR_KEY_TYPE_INCONSISTENT (0x63UL) +#define CKR_KEY_NOT_NEEDED (0x64UL) +#define CKR_KEY_CHANGED (0x65UL) +#define CKR_KEY_NEEDED (0x66UL) +#define CKR_KEY_INDIGESTIBLE (0x67UL) +#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68UL) +#define CKR_KEY_NOT_WRAPPABLE (0x69UL) +#define CKR_KEY_UNEXTRACTABLE (0x6aUL) +#define CKR_MECHANISM_INVALID (0x70UL) +#define CKR_MECHANISM_PARAM_INVALID (0x71UL) +#define CKR_OBJECT_HANDLE_INVALID (0x82UL) +#define CKR_OPERATION_ACTIVE (0x90UL) +#define CKR_OPERATION_NOT_INITIALIZED (0x91UL) +#define CKR_PIN_INCORRECT (0xa0UL) +#define CKR_PIN_INVALID (0xa1UL) +#define CKR_PIN_LEN_RANGE (0xa2UL) +#define CKR_PIN_EXPIRED (0xa3UL) +#define CKR_PIN_LOCKED (0xa4UL) +#define CKR_SESSION_CLOSED (0xb0UL) +#define CKR_SESSION_COUNT (0xb1UL) +#define CKR_SESSION_HANDLE_INVALID (0xb3UL) +#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4UL) +#define CKR_SESSION_READ_ONLY (0xb5UL) +#define CKR_SESSION_EXISTS (0xb6UL) +#define CKR_SESSION_READ_ONLY_EXISTS (0xb7UL) +#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8UL) +#define CKR_SIGNATURE_INVALID (0xc0UL) +#define CKR_SIGNATURE_LEN_RANGE (0xc1UL) +#define CKR_TEMPLATE_INCOMPLETE (0xd0UL) +#define CKR_TEMPLATE_INCONSISTENT (0xd1UL) +#define CKR_TOKEN_NOT_PRESENT (0xe0UL) +#define CKR_TOKEN_NOT_RECOGNIZED (0xe1UL) +#define CKR_TOKEN_WRITE_PROTECTED (0xe2UL) +#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0UL) +#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1UL) +#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2UL) +#define CKR_USER_ALREADY_LOGGED_IN (0x100UL) +#define CKR_USER_NOT_LOGGED_IN (0x101UL) +#define CKR_USER_PIN_NOT_INITIALIZED (0x102UL) +#define CKR_USER_TYPE_INVALID (0x103UL) +#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104UL) +#define CKR_USER_TOO_MANY_TYPES (0x105UL) +#define CKR_WRAPPED_KEY_INVALID (0x110UL) +#define CKR_WRAPPED_KEY_LEN_RANGE (0x112UL) +#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113UL) +#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114UL) +#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115UL) +#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120UL) +#define CKR_RANDOM_NO_RNG (0x121UL) +#define CKR_DOMAIN_PARAMS_INVALID (0x130UL) +#define CKR_CURVE_NOT_SUPPORTED (0x140UL) +#define CKR_BUFFER_TOO_SMALL (0x150UL) +#define CKR_SAVED_STATE_INVALID (0x160UL) +#define CKR_INFORMATION_SENSITIVE (0x170UL) +#define CKR_STATE_UNSAVEABLE (0x180UL) +#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190UL) +#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191UL) +#define CKR_MUTEX_BAD (0x1a0UL) +#define CKR_MUTEX_NOT_LOCKED (0x1a1UL) +#define CKR_NEW_PIN_MODE (0x1b0UL) +#define CKR_NEXT_OTP (0x1b1UL) +#define CKR_EXCEEDED_MAX_ITERATIONS (0x1c0UL) +#define CKR_FIPS_SELF_TEST_FAILED (0x1c1UL) +#define CKR_LIBRARY_LOAD_FAILED (0x1c2UL) +#define CKR_PIN_TOO_WEAK (0x1c3UL) +#define CKR_PUBLIC_KEY_INVALID (0x1c4UL) +#define CKR_FUNCTION_REJECTED (0x200UL) +#define CKR_TOKEN_RESOURCE_EXCEEDED (0x201UL) +#define CKR_OPERATION_CANCEL_FAILED (0x202UL) +#define CKR_KEY_EXHAUSTED (0x203UL) +#define CKR_VENDOR_DEFINED ((unsigned long) (1UL << 31)) + +/* CK_SP800_108_DKM_LENGTH_METHOD */ +#define CK_SP800_108_DKM_LENGTH_SUM_OF_KEYS (1UL) +#define CK_SP800_108_DKM_LENGTH_SUM_OF_SEGMENTS (2UL) + +/* CK_STATE */ +#define CKS_RO_PUBLIC_SESSION (0UL) +#define CKS_RO_USER_FUNCTIONS (1UL) +#define CKS_RW_PUBLIC_SESSION (2UL) +#define CKS_RW_USER_FUNCTIONS (3UL) +#define CKS_RW_SO_FUNCTIONS (4UL) + +/* CK_USER_TYPE */ +#define CKU_SO (0UL) +#define CKU_USER (1UL) +#define CKU_CONTEXT_SPECIFIC (2UL) + +/* Attribute and other constants related to OTP */ +#define CK_OTP_FORMAT_DECIMAL (0UL) +#define CK_OTP_FORMAT_HEXADECIMAL (1UL) +#define CK_OTP_FORMAT_ALPHANUMERIC (2UL) +#define CK_OTP_FORMAT_BINARY (3UL) +#define CK_OTP_PARAM_IGNORED (0UL) +#define CK_OTP_PARAM_OPTIONAL (1UL) +#define CK_OTP_PARAM_MANDATORY (2UL) -#define ck_profile_id CK_PROFILE_ID -#endif /* CRYPTOKI_COMPAT */ +#define CK_UNAVAILABLE_INFORMATION ((unsigned long)-1L) +#define CK_EFFECTIVELY_INFINITE (0UL) +#define CK_INVALID_HANDLE (0UL) -typedef unsigned long ck_profile_id; + +typedef unsigned long ck_attribute_type_t; +typedef unsigned long ck_certificate_category_t; +typedef unsigned long ck_certificate_type_t; +typedef unsigned long ck_ec_kdf_type_t; +typedef unsigned long ck_extract_params_t; typedef unsigned long ck_flags_t; +typedef unsigned long ck_generator_function_t; +typedef unsigned long ck_hss_levels_t; +typedef unsigned long ck_hw_feature_type_t; +typedef unsigned long ck_java_midp_security_domain_t; +typedef unsigned long ck_key_type_t; +typedef unsigned long ck_lms_type_t; +typedef unsigned long ck_lmots_type_t; +typedef unsigned long ck_mac_general_params_t; +typedef unsigned long ck_mechanism_type_t; +typedef unsigned long ck_notification_t; +typedef unsigned long ck_object_class_t; +typedef unsigned long ck_object_handle_t; +typedef unsigned long ck_otp_param_type_t; +typedef unsigned long ck_pkcs5_pbkd2_pseudo_random_function_type_t; +typedef unsigned long ck_pkcs5_pbkdf2_salt_source_type_t; +typedef unsigned long ck_prf_data_type_t; +typedef unsigned long ck_profile_id_t; +typedef unsigned long ck_rc2_params_t; +typedef unsigned long ck_rsa_pkcs_mgf_type_t; +typedef unsigned long ck_rsa_pkcs_oaep_source_type_t; +typedef unsigned long ck_rv_t; +typedef unsigned long ck_session_handle_t; +typedef unsigned long ck_slot_id_t; +typedef unsigned long ck_sp800_108_dkm_length_method_t; +typedef unsigned long ck_state_t; +typedef unsigned long ck_user_type_t; +typedef unsigned long ck_x2ratchet_kdf_type_t; +typedef unsigned long ck_x3dh_kdf_type_t; +typedef unsigned long ck_x9_42_dh_kdf_type_t; +typedef unsigned long ck_xeddsa_hash_type_t; + +typedef ck_mechanism_type_t ck_sp800_108_prf_type_t; +typedef ck_otp_param_type_t ck_param_type; +typedef ck_profile_id_t ck_profile_id; +typedef ck_ec_kdf_type_t ck_ec_kdf_t; + +typedef ck_rv_t (*ck_createmutex_t) (void **mutex); +typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); +typedef ck_rv_t (*ck_lockmutex_t) (void *mutex); +typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex); +typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, + ck_notification_t event, + void *application); + + + +struct ck_attribute +{ + ck_attribute_type_t type; + void *value; + unsigned long value_len; +}; + +struct ck_c_initialize_args +{ + ck_createmutex_t create_mutex; + ck_destroymutex_t destroy_mutex; + ck_lockmutex_t lock_mutex; + ck_unlockmutex_t unlock_mutex; + ck_flags_t flags; + void *reserved; +}; + +struct ck_date +{ + unsigned char year[4]; + unsigned char month[2]; + unsigned char day[2]; +}; + +struct ck_derived_key +{ + struct ck_attribute *templ; + unsigned long attribute_count; + ck_object_handle_t *key_ptr; +}; struct ck_version { @@ -237,7 +1457,6 @@ struct ck_version unsigned char minor; }; - struct ck_info { struct ck_version cryptoki_version; @@ -247,14 +1466,33 @@ struct ck_info struct ck_version library_version; }; +struct ck_interface { + char *interface_name_ptr; + void *function_list_ptr; + ck_flags_t flags; +}; -typedef unsigned long ck_notification_t; - -#define CKN_SURRENDER (0UL) - +struct ck_mechanism +{ + ck_mechanism_type_t mechanism; + void *parameter; + unsigned long parameter_len; +}; -typedef unsigned long ck_slot_id_t; +struct ck_mechanism_info +{ + unsigned long min_key_size; + unsigned long max_key_size; + ck_flags_t flags; +}; +struct ck_session_info +{ + ck_slot_id_t slot_id; + ck_state_t state; + ck_flags_t flags; + unsigned long device_error; +}; struct ck_slot_info { @@ -265,13 +1503,6 @@ struct ck_slot_info struct ck_version firmware_version; }; - -#define CKF_TOKEN_PRESENT (1UL << 0) -#define CKF_REMOVABLE_DEVICE (1UL << 1) -#define CKF_HW_SLOT (1UL << 2) -#define CKF_ARRAY_ATTRIBUTE (1UL << 30) - - struct ck_token_info { unsigned char label[32]; @@ -294,692 +1525,230 @@ struct ck_token_info unsigned char utc_time[16]; }; - -#define CKF_RNG (1UL << 0) -#define CKF_WRITE_PROTECTED (1UL << 1) -#define CKF_LOGIN_REQUIRED (1UL << 2) -#define CKF_USER_PIN_INITIALIZED (1UL << 3) -#define CKF_RESTORE_KEY_NOT_NEEDED (1UL << 5) -#define CKF_CLOCK_ON_TOKEN (1UL << 6) -#define CKF_PROTECTED_AUTHENTICATION_PATH (1UL << 8) -#define CKF_DUAL_CRYPTO_OPERATIONS (1UL << 9) -#define CKF_TOKEN_INITIALIZED (1UL << 10) -#define CKF_SECONDARY_AUTHENTICATION (1UL << 11) -#define CKF_USER_PIN_COUNT_LOW (1UL << 16) -#define CKF_USER_PIN_FINAL_TRY (1UL << 17) -#define CKF_USER_PIN_LOCKED (1UL << 18) -#define CKF_USER_PIN_TO_BE_CHANGED (1UL << 19) -#define CKF_SO_PIN_COUNT_LOW (1UL << 20) -#define CKF_SO_PIN_FINAL_TRY (1UL << 21) -#define CKF_SO_PIN_LOCKED (1UL << 22) -#define CKF_SO_PIN_TO_BE_CHANGED (1UL << 23) - -#define CK_UNAVAILABLE_INFORMATION ((unsigned long)-1L) -#define CK_EFFECTIVELY_INFINITE (0UL) - - -typedef unsigned long ck_session_handle_t; - -#define CK_INVALID_HANDLE (0UL) - - -typedef unsigned long ck_user_type_t; - -#define CKU_SO (0UL) -#define CKU_USER (1UL) -#define CKU_CONTEXT_SPECIFIC (2UL) - - -typedef unsigned long ck_state_t; - -#define CKS_RO_PUBLIC_SESSION (0UL) -#define CKS_RO_USER_FUNCTIONS (1UL) -#define CKS_RW_PUBLIC_SESSION (2UL) -#define CKS_RW_USER_FUNCTIONS (3UL) -#define CKS_RW_SO_FUNCTIONS (4UL) - - -struct ck_session_info -{ - ck_slot_id_t slot_id; - ck_state_t state; - ck_flags_t flags; - unsigned long device_error; +struct ck_aes_cbc_encrypt_data_params { + unsigned char iv[16]; + unsigned char *data_params; + unsigned long length; }; -#define CKF_RW_SESSION (1UL << 1) -#define CKF_SERIAL_SESSION (1UL << 2) - - -typedef unsigned long ck_object_handle_t; - - -typedef unsigned long ck_object_class_t; - -#define CKO_DATA (0UL) -#define CKO_CERTIFICATE (1UL) -#define CKO_PUBLIC_KEY (2UL) -#define CKO_PRIVATE_KEY (3UL) -#define CKO_SECRET_KEY (4UL) -#define CKO_HW_FEATURE (5UL) -#define CKO_DOMAIN_PARAMETERS (6UL) -#define CKO_MECHANISM (7UL) -#define CKO_OTP_KEY (8UL) -#define CKO_PROFILE (9UL) -#define CKO_VENDOR_DEFINED ((unsigned long) (1UL << 31)) - - -/* Profiles from PKCS #11 3.0 */ -#define CKP_INVALID_ID (0UL) -#define CKP_BASELINE_PROVIDER (1UL) -#define CKP_EXTENDED_PROVIDER (2UL) -#define CKP_AUTHENTICATION_TOKEN (3UL) -#define CKP_PUBLIC_CERTIFICATES_TOKEN (4UL) -#define CKP_VENDOR_DEFINED (1UL << 31) +struct ck_aes_ccm_params { + unsigned long data_len; + unsigned char *nonce_ptr; + unsigned long nonce_len; + unsigned char *aad_ptr; + unsigned long aad_len; + unsigned long mac_len; +}; -typedef unsigned long ck_hw_feature_type_t; +struct ck_aes_ctr_params { + unsigned long counter_bits; + unsigned char cb[16]; +}; -#define CKH_MONOTONIC_COUNTER (1UL) -#define CKH_CLOCK (2UL) -#define CKH_USER_INTERFACE (3UL) -#define CKH_VENDOR_DEFINED ((unsigned long) (1UL << 31)) +struct ck_aes_gcm_params { + unsigned char *iv_ptr; + unsigned long iv_len; + unsigned long iv_bits; + unsigned char *aad_ptr; + unsigned long aad_len; + unsigned long tag_bits; +}; +struct ck_aria_cbc_encrypt_data_params { + unsigned char iv[16]; + unsigned char *data_params; + unsigned long length; +}; -typedef unsigned long ck_key_type_t; +struct ck_camellia_cbc_encrypt_data_params { + unsigned char iv[16]; + unsigned char *data_params; + unsigned long length; +}; -#define CKK_RSA (0UL) -#define CKK_DSA (1UL) -#define CKK_DH (2UL) -#define CKK_ECDSA (3UL) -#define CKK_EC (3UL) -#define CKK_X9_42_DH (4UL) -#define CKK_KEA (5UL) -#define CKK_GENERIC_SECRET (0x10UL) -#define CKK_RC2 (0x11UL) -#define CKK_RC4 (0x12UL) -#define CKK_DES (0x13UL) -#define CKK_DES2 (0x14UL) -#define CKK_DES3 (0x15UL) -#define CKK_CAST (0x16UL) -#define CKK_CAST3 (0x17UL) -#define CKK_CAST128 (0x18UL) -#define CKK_RC5 (0x19UL) -#define CKK_IDEA (0x1aUL) -#define CKK_SKIPJACK (0x1bUL) -#define CKK_BATON (0x1cUL) -#define CKK_JUNIPER (0x1dUL) -#define CKK_CDMF (0x1eUL) -#define CKK_AES (0x1fUL) -#define CKK_BLOWFISH (0x20UL) -#define CKK_TWOFISH (0x21UL) -#define CKK_SECURID (0x22UL) -#define CKK_HOTP (0x23UL) -#define CKK_ACTI (0x24UL) -#define CKK_CAMELLIA (0x25UL) -#define CKK_ARIA (0x26UL) -#define CKK_MD5_HMAC (0x27UL) -#define CKK_SHA_1_HMAC (0x28UL) -#define CKK_RIPEMD128_HMAC (0x29UL) -#define CKK_RIPEMD160_HMAC (0x2aUL) -#define CKK_SHA256_HMAC (0x2bUL) -#define CKK_SHA384_HMAC (0x2cUL) -#define CKK_SHA512_HMAC (0x2dUL) -#define CKK_SHA224_HMAC (0x2eUL) -#define CKK_SEED (0x2fUL) -#define CKK_GOSTR3410 (0x30UL) -#define CKK_GOSTR3411 (0x31UL) -#define CKK_GOST28147 (0x32UL) -#define CKK_CHACHA20 (0x33UL) -#define CKK_POLY1305 (0x34UL) -#define CKK_SALSA20 (0x3eUL) -#define CKK_EC_EDWARDS (0x40UL) -#define CKK_EC_MONTGOMERY (0x41UL) -#define CKK_VENDOR_DEFINED ((unsigned long) (1UL << 31)) +struct ck_camellia_ctr_params { + unsigned long counter_bits; + unsigned char cb[16]; +}; +struct ck_ccm_message_params { + unsigned long data_len; + unsigned char *nonce_ptr; + unsigned long nonce_len; + unsigned long nonce_fixed_bits; + ck_generator_function_t nonce_generator; + unsigned char *mac_ptr; + unsigned long mac_len; +}; -typedef unsigned long ck_certificate_type_t; +struct ck_ccm_params { + unsigned long data_len; + unsigned char *nonce; + unsigned long nonce_len; + unsigned char *aad; + unsigned long aad_len; + unsigned long mac_len; +}; -#define CKC_X_509 (0UL) -#define CKC_X_509_ATTR_CERT (1UL) -#define CKC_WTLS (2UL) -#define CKC_VENDOR_DEFINED ((unsigned long) (1UL << 31)) +struct ck_chacha20_params { + unsigned char *block_counter; + unsigned long block_counter_bits; + unsigned char *nonce_ptr; + unsigned long nonce_bits; +}; -#define CKC_OPENPGP (CKC_VENDOR_DEFINED|0x504750UL) +struct ck_cms_sig_params { + ck_object_handle_t certificate_handle; + struct ck_mechanism *signing_mechanism; + struct ck_mechanism *digest_mechanism; + unsigned char *content_type; + unsigned char *requested_attributes; + unsigned long requested_attributes_len; + unsigned char *required_attributes; + unsigned long required_attributes_len; +}; -typedef unsigned long ck_attribute_type_t; +struct ck_des_cbc_encrypt_data_params { + unsigned char iv[8]; + unsigned char *data_params; + unsigned long length; +}; -#define CKA_CLASS (0UL) -#define CKA_TOKEN (1UL) -#define CKA_PRIVATE (2UL) -#define CKA_LABEL (3UL) -#define CKA_APPLICATION (0x10UL) -#define CKA_VALUE (0x11UL) -#define CKA_OBJECT_ID (0x12UL) -#define CKA_CERTIFICATE_TYPE (0x80UL) -#define CKA_ISSUER (0x81UL) -#define CKA_SERIAL_NUMBER (0x82UL) -#define CKA_AC_ISSUER (0x83UL) -#define CKA_OWNER (0x84UL) -#define CKA_ATTR_TYPES (0x85UL) -#define CKA_TRUSTED (0x86UL) -#define CKA_CERTIFICATE_CATEGORY (0x87UL) -#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) -#define CKA_URL (0x89UL) -#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) -#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) -#define CKA_NAME_HASH_ALGORITHM (0x8cUL) -#define CKA_CHECK_VALUE (0x90UL) -#define CKA_KEY_TYPE (0x100UL) -#define CKA_SUBJECT (0x101UL) -#define CKA_ID (0x102UL) -#define CKA_SENSITIVE (0x103UL) -#define CKA_ENCRYPT (0x104UL) -#define CKA_DECRYPT (0x105UL) -#define CKA_WRAP (0x106UL) -#define CKA_UNWRAP (0x107UL) -#define CKA_SIGN (0x108UL) -#define CKA_SIGN_RECOVER (0x109UL) -#define CKA_VERIFY (0x10aUL) -#define CKA_VERIFY_RECOVER (0x10bUL) -#define CKA_DERIVE (0x10cUL) -#define CKA_START_DATE (0x110UL) -#define CKA_END_DATE (0x111UL) -#define CKA_MODULUS (0x120UL) -#define CKA_MODULUS_BITS (0x121UL) -#define CKA_PUBLIC_EXPONENT (0x122UL) -#define CKA_PRIVATE_EXPONENT (0x123UL) -#define CKA_PRIME_1 (0x124UL) -#define CKA_PRIME_2 (0x125UL) -#define CKA_EXPONENT_1 (0x126UL) -#define CKA_EXPONENT_2 (0x127UL) -#define CKA_COEFFICIENT (0x128UL) -#define CKA_PUBLIC_KEY_INFO (0x129UL) -#define CKA_PRIME (0x130UL) -#define CKA_SUBPRIME (0x131UL) -#define CKA_BASE (0x132UL) -#define CKA_PRIME_BITS (0x133UL) -#define CKA_SUB_PRIME_BITS (0x134UL) -#define CKA_VALUE_BITS (0x160UL) -#define CKA_VALUE_LEN (0x161UL) -#define CKA_EXTRACTABLE (0x162UL) -#define CKA_LOCAL (0x163UL) -#define CKA_NEVER_EXTRACTABLE (0x164UL) -#define CKA_ALWAYS_SENSITIVE (0x165UL) -#define CKA_KEY_GEN_MECHANISM (0x166UL) -#define CKA_MODIFIABLE (0x170UL) -#define CKA_COPYABLE (0x171UL) -#define CKA_DESTROYABLE (0x172UL) -#define CKA_ECDSA_PARAMS (0x180UL) -#define CKA_EC_PARAMS (0x180UL) -#define CKA_EC_POINT (0x181UL) -#define CKA_SECONDARY_AUTH (0x200UL) -#define CKA_AUTH_PIN_FLAGS (0x201UL) -#define CKA_ALWAYS_AUTHENTICATE (0x202UL) -#define CKA_WRAP_WITH_TRUSTED (0x210UL) -#define CKA_OTP_FORMAT (0x220UL) -#define CKA_OTP_LENGTH (0x221UL) -#define CKA_OTP_TIME_INTERVAL (0x222UL) -#define CKA_OTP_USER_FRIENDLY_MODE (0x223UL) -#define CKA_OTP_CHALLENGE_REQUIREMENT (0x224UL) -#define CKA_OTP_TIME_REQUIREMENT (0x225UL) -#define CKA_OTP_COUNTER_REQUIREMENT (0x226UL) -#define CKA_OTP_PIN_REQUIREMENT (0x227UL) -#define CKA_OTP_USER_IDENTIFIER (0x22AUL) -#define CKA_OTP_SERVICE_IDENTIFIER (0x22BUL) -#define CKA_OTP_SERVICE_LOGO (0x22CUL) -#define CKA_OTP_SERVICE_LOGO_TYPE (0x22DUL) -#define CKA_OTP_COUNTER (0x22EUL) -#define CKA_OTP_TIME (0x22FUL) -#define CKA_GOSTR3410_PARAMS (0x250UL) -#define CKA_GOSTR3411_PARAMS (0x251UL) -#define CKA_GOST28147_PARAMS (0x252UL) -#define CKA_HW_FEATURE_TYPE (0x300UL) -#define CKA_RESET_ON_INIT (0x301UL) -#define CKA_HAS_RESET (0x302UL) -#define CKA_PIXEL_X (0x400UL) -#define CKA_PIXEL_Y (0x401UL) -#define CKA_RESOLUTION (0x402UL) -#define CKA_CHAR_ROWS (0x403UL) -#define CKA_CHAR_COLUMNS (0x404UL) -#define CKA_COLOR (0x405UL) -#define CKA_BITS_PER_PIXEL (0x406UL) -#define CKA_CHAR_SETS (0x480UL) -#define CKA_ENCODING_METHODS (0x481UL) -#define CKA_MIME_TYPES (0x482UL) -#define CKA_MECHANISM_TYPE (0x500UL) -#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) -#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) -#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) -#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) -#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) -#define CKA_DERIVE_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x213UL) -#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) -#define CKA_PROFILE_ID (0x601UL) -#define CKA_VENDOR_DEFINED ((unsigned long) (1UL << 31)) +struct ck_dsa_parameter_gen_param { + ck_mechanism_type_t hash; + unsigned char *seed_ptr; + unsigned long seed_len; + unsigned long index; +}; +struct ck_ecdh_aes_key_wrap_params { + unsigned long aes_key_bits; + ck_ec_kdf_type_t kdf; + unsigned long seed_len; + unsigned long index; +}; -struct ck_attribute -{ - ck_attribute_type_t type; - void *value; - unsigned long value_len; +struct ck_ecdh1_derive_params { + ck_ec_kdf_type_t kdf; + unsigned long shared_data_len; + unsigned char *shared_data; + unsigned long public_data_len; + unsigned char *public_data; }; +struct ck_ecdh2_derive_params { + ck_ec_kdf_type_t kdf; + unsigned long shared_data_len; + unsigned char *shared_data; + unsigned long public_data_len; + unsigned char *public_data; + unsigned long private_data_len; + ck_object_handle_t private_data; + unsigned long public_data_len2; + unsigned char *public_data2; +}; -struct ck_date -{ - unsigned char year[4]; - unsigned char month[2]; - unsigned char day[2]; +struct ck_ecmqv_derive_params { + ck_ec_kdf_type_t kdf; + unsigned long shared_data_len; + unsigned char *shared_data; + unsigned long public_data_len; + unsigned char *public_data; + unsigned long private_data_len; + ck_object_handle_t private_data; + unsigned long public_data_len2; + unsigned char *public_data2; + ck_object_handle_t public_key; }; +struct ck_eddsa_params { + unsigned char flag; + unsigned long context_data_len; + unsigned char *context_data; +}; -typedef unsigned long ck_mechanism_type_t; +struct ck_gcm_message_params { + unsigned char *iv_ptr; + unsigned long iv_len; + unsigned long iv_fixed_bits; + ck_generator_function_t iv_generator; + unsigned char *tag_ptr; + unsigned long tag_bits; +}; -#define CKM_RSA_PKCS_KEY_PAIR_GEN (0UL) -#define CKM_RSA_PKCS (1UL) -#define CKM_RSA_9796 (2UL) -#define CKM_RSA_X_509 (3UL) -#define CKM_MD2_RSA_PKCS (4UL) -#define CKM_MD5_RSA_PKCS (5UL) -#define CKM_SHA1_RSA_PKCS (6UL) -#define CKM_RIPEMD128_RSA_PKCS (7UL) -#define CKM_RIPEMD160_RSA_PKCS (8UL) -#define CKM_RSA_PKCS_OAEP (9UL) -#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xaUL) -#define CKM_RSA_X9_31 (0xbUL) -#define CKM_SHA1_RSA_X9_31 (0xcUL) -#define CKM_RSA_PKCS_PSS (0xdUL) -#define CKM_SHA1_RSA_PKCS_PSS (0xeUL) -#define CKM_DSA_KEY_PAIR_GEN (0x10UL) -#define CKM_DSA (0x11UL) -#define CKM_DSA_SHA1 (0x12UL) -#define CKM_DSA_SHA224 (0x13UL) -#define CKM_DSA_SHA256 (0x14UL) -#define CKM_DSA_SHA384 (0x15UL) -#define CKM_DSA_SHA512 (0x16UL) -#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20UL) -#define CKM_DH_PKCS_DERIVE (0x21UL) -#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30UL) -#define CKM_X9_42_DH_DERIVE (0x31UL) -#define CKM_X9_42_DH_HYBRID_DERIVE (0x32UL) -#define CKM_X9_42_MQV_DERIVE (0x33UL) -#define CKM_SHA256_RSA_PKCS (0x40UL) -#define CKM_SHA384_RSA_PKCS (0x41UL) -#define CKM_SHA512_RSA_PKCS (0x42UL) -#define CKM_SHA256_RSA_PKCS_PSS (0x43UL) -#define CKM_SHA384_RSA_PKCS_PSS (0x44UL) -#define CKM_SHA512_RSA_PKCS_PSS (0x45UL) -#define CKM_SHA512_224 (0x48UL) -#define CKM_SHA512_224_HMAC (0x49UL) -#define CKM_SHA512_224_HMAC_GENERAL (0x4aUL) -#define CKM_SHA512_224_KEY_DERIVATION (0x4bUL) -#define CKM_SHA512_256 (0x4cUL) -#define CKM_SHA512_256_HMAC (0x4dUL) -#define CKM_SHA512_256_HMAC_GENERAL (0x4eUL) -#define CKM_SHA512_256_KEY_DERIVATION (0x4fUL) -#define CKM_SHA512_T (0x50UL) -#define CKM_SHA512_T_HMAC (0x51UL) -#define CKM_SHA512_T_HMAC_GENERAL (0x52UL) -#define CKM_SHA512_T_KEY_DERIVATION (0x53UL) -#define CKM_RC2_KEY_GEN (0x100UL) -#define CKM_RC2_ECB (0x101UL) -#define CKM_RC2_CBC (0x102UL) -#define CKM_RC2_MAC (0x103UL) -#define CKM_RC2_MAC_GENERAL (0x104UL) -#define CKM_RC2_CBC_PAD (0x105UL) -#define CKM_RC4_KEY_GEN (0x110UL) -#define CKM_RC4 (0x111UL) -#define CKM_DES_KEY_GEN (0x120UL) -#define CKM_DES_ECB (0x121UL) -#define CKM_DES_CBC (0x122UL) -#define CKM_DES_MAC (0x123UL) -#define CKM_DES_MAC_GENERAL (0x124UL) -#define CKM_DES_CBC_PAD (0x125UL) -#define CKM_DES2_KEY_GEN (0x130UL) -#define CKM_DES3_KEY_GEN (0x131UL) -#define CKM_DES3_ECB (0x132UL) -#define CKM_DES3_CBC (0x133UL) -#define CKM_DES3_MAC (0x134UL) -#define CKM_DES3_MAC_GENERAL (0x135UL) -#define CKM_DES3_CBC_PAD (0x136UL) -#define CKM_DES3_CMAC_GENERAL (0x137UL) -#define CKM_DES3_CMAC (0x138UL) -#define CKM_CDMF_KEY_GEN (0x140UL) -#define CKM_CDMF_ECB (0x141UL) -#define CKM_CDMF_CBC (0x142UL) -#define CKM_CDMF_MAC (0x143UL) -#define CKM_CDMF_MAC_GENERAL (0x144UL) -#define CKM_CDMF_CBC_PAD (0x145UL) -#define CKM_DES_OFB64 (0x150UL) -#define CKM_DES_OFB8 (0x151UL) -#define CKM_DES_CFB64 (0x152UL) -#define CKM_DES_CFB8 (0x153UL) -#define CKM_MD2 (0x200UL) -#define CKM_MD2_HMAC (0x201UL) -#define CKM_MD2_HMAC_GENERAL (0x202UL) -#define CKM_MD5 (0x210UL) -#define CKM_MD5_HMAC (0x211UL) -#define CKM_MD5_HMAC_GENERAL (0x212UL) -#define CKM_SHA_1 (0x220UL) -#define CKM_SHA_1_HMAC (0x221UL) -#define CKM_SHA_1_HMAC_GENERAL (0x222UL) -#define CKM_RIPEMD128 (0x230UL) -#define CKM_RIPEMD128_HMAC (0x231UL) -#define CKM_RIPEMD128_HMAC_GENERAL (0x232UL) -#define CKM_RIPEMD160 (0x240UL) -#define CKM_RIPEMD160_HMAC (0x241UL) -#define CKM_RIPEMD160_HMAC_GENERAL (0x242UL) -#define CKM_SHA256 (0x250UL) -#define CKM_SHA256_HMAC (0x251UL) -#define CKM_SHA256_HMAC_GENERAL (0x252UL) -#define CKM_SHA384 (0x260UL) -#define CKM_SHA384_HMAC (0x261UL) -#define CKM_SHA384_HMAC_GENERAL (0x262UL) -#define CKM_SHA512 (0x270UL) -#define CKM_SHA512_HMAC (0x271UL) -#define CKM_SHA512_HMAC_GENERAL (0x272UL) -#define CKM_SECURID_KEY_GEN (0x280UL) -#define CKM_SECURID (0x282UL) -#define CKM_HOTP_KEY_GEN (0x290UL) -#define CKM_HOTP (0x291UL) -#define CKM_ACTI (0x2a0UL) -#define CKM_ACTI_KEY_GEN (0x2a1UL) -#define CKM_CAST_KEY_GEN (0x300UL) -#define CKM_CAST_ECB (0x301UL) -#define CKM_CAST_CBC (0x302UL) -#define CKM_CAST_MAC (0x303UL) -#define CKM_CAST_MAC_GENERAL (0x304UL) -#define CKM_CAST_CBC_PAD (0x305UL) -#define CKM_CAST3_KEY_GEN (0x310UL) -#define CKM_CAST3_ECB (0x311UL) -#define CKM_CAST3_CBC (0x312UL) -#define CKM_CAST3_MAC (0x313UL) -#define CKM_CAST3_MAC_GENERAL (0x314UL) -#define CKM_CAST3_CBC_PAD (0x315UL) -#define CKM_CAST5_KEY_GEN (0x320UL) -#define CKM_CAST128_KEY_GEN (0x320UL) -#define CKM_CAST5_ECB (0x321UL) -#define CKM_CAST128_ECB (0x321UL) -#define CKM_CAST5_CBC (0x322UL) -#define CKM_CAST128_CBC (0x322UL) -#define CKM_CAST5_MAC (0x323UL) -#define CKM_CAST128_MAC (0x323UL) -#define CKM_CAST5_MAC_GENERAL (0x324UL) -#define CKM_CAST128_MAC_GENERAL (0x324UL) -#define CKM_CAST5_CBC_PAD (0x325UL) -#define CKM_CAST128_CBC_PAD (0x325UL) -#define CKM_RC5_KEY_GEN (0x330UL) -#define CKM_RC5_ECB (0x331UL) -#define CKM_RC5_CBC (0x332UL) -#define CKM_RC5_MAC (0x333UL) -#define CKM_RC5_MAC_GENERAL (0x334UL) -#define CKM_RC5_CBC_PAD (0x335UL) -#define CKM_IDEA_KEY_GEN (0x340UL) -#define CKM_IDEA_ECB (0x341UL) -#define CKM_IDEA_CBC (0x342UL) -#define CKM_IDEA_MAC (0x343UL) -#define CKM_IDEA_MAC_GENERAL (0x344UL) -#define CKM_IDEA_CBC_PAD (0x345UL) -#define CKM_GENERIC_SECRET_KEY_GEN (0x350UL) -#define CKM_CONCATENATE_BASE_AND_KEY (0x360UL) -#define CKM_CONCATENATE_BASE_AND_DATA (0x362UL) -#define CKM_CONCATENATE_DATA_AND_BASE (0x363UL) -#define CKM_XOR_BASE_AND_DATA (0x364UL) -#define CKM_EXTRACT_KEY_FROM_KEY (0x365UL) -#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370UL) -#define CKM_SSL3_MASTER_KEY_DERIVE (0x371UL) -#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372UL) -#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373UL) -#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374UL) -#define CKM_TLS_MASTER_KEY_DERIVE (0x375UL) -#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376UL) -#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377UL) -#define CKM_TLS_PRF (0x378UL) -#define CKM_SSL3_MD5_MAC (0x380UL) -#define CKM_SSL3_SHA1_MAC (0x381UL) -#define CKM_MD5_KEY_DERIVATION (0x390UL) -#define CKM_MD2_KEY_DERIVATION (0x391UL) -#define CKM_SHA1_KEY_DERIVATION (0x392UL) -#define CKM_SHA256_KEY_DERIVATION (0x393UL) -#define CKM_SHA384_KEY_DERIVATION (0x394UL) -#define CKM_SHA512_KEY_DERIVATION (0x395UL) -#define CKM_PBE_MD2_DES_CBC (0x3a0UL) -#define CKM_PBE_MD5_DES_CBC (0x3a1UL) -#define CKM_PBE_MD5_CAST_CBC (0x3a2UL) -#define CKM_PBE_MD5_CAST3_CBC (0x3a3UL) -#define CKM_PBE_MD5_CAST5_CBC (0x3a4UL) -#define CKM_PBE_MD5_CAST128_CBC (0x3a4UL) -#define CKM_PBE_SHA1_CAST5_CBC (0x3a5UL) -#define CKM_PBE_SHA1_CAST128_CBC (0x3a5UL) -#define CKM_PBE_SHA1_RC4_128 (0x3a6UL) -#define CKM_PBE_SHA1_RC4_40 (0x3a7UL) -#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8UL) -#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9UL) -#define CKM_PBE_SHA1_RC2_128_CBC (0x3aaUL) -#define CKM_PBE_SHA1_RC2_40_CBC (0x3abUL) -#define CKM_PKCS5_PBKD2 (0x3b0UL) -#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0UL) -#define CKM_WTLS_PRE_MASTER_KEY_GEN (0x3d0UL) -#define CKM_WTLS_MASTER_KEY_DERIVE (0x3d1UL) -#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC (0x3d2UL) -#define CKM_WTLS_PRF (0x3d3UL) -#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE (0x3d4UL) -#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE (0x3d5UL) -#define CKM_TLS10_MAC_SERVER (0x3d6UL) -#define CKM_TLS10_MAC_CLIENT (0x3d7UL) -#define CKM_TLS12_MAC (0x3d8UL) -#define CKM_TLS12_KDF (0x3d9UL) -#define CKM_TLS12_MASTER_KEY_DERIVE (0x3e0UL) -#define CKM_TLS12_KEY_AND_MAC_DERIVE (0x3e1UL) -#define CKM_TLS12_MASTER_KEY_DERIVE_DH (0x3e2UL) -#define CKM_TLS12_KEY_SAFE_DERIVE (0x3e3UL) -#define CKM_TLS_MAC (0x3e4UL) -#define CKM_TLS_KDF (0x3e5UL) -#define CKM_KEY_WRAP_LYNKS (0x400UL) -#define CKM_KEY_WRAP_SET_OAEP (0x401UL) -#define CKM_CMS_SIG (0x500UL) -#define CKM_KIP_DERIVE (0x510UL) -#define CKM_KIP_WRAP (0x511UL) -#define CKM_KIP_MAC (0x512UL) -#define CKM_ARIA_KEY_GEN (0x560UL) -#define CKM_ARIA_ECB (0x561UL) -#define CKM_ARIA_CBC (0x562UL) -#define CKM_ARIA_MAC (0x563UL) -#define CKM_ARIA_MAC_GENERAL (0x564UL) -#define CKM_ARIA_CBC_PAD (0x565UL) -#define CKM_ARIA_ECB_ENCRYPT_DATA (0x566UL) -#define CKM_ARIA_CBC_ENCRYPT_DATA (0x567UL) -#define CKM_SEED_KEY_GEN (0x650UL) -#define CKM_SEED_ECB (0x651UL) -#define CKM_SEED_CBC (0x652UL) -#define CKM_SEED_MAC (0x653UL) -#define CKM_SEED_MAC_GENERAL (0x654UL) -#define CKM_SEED_CBC_PAD (0x655UL) -#define CKM_SEED_ECB_ENCRYPT_DATA (0x656UL) -#define CKM_SEED_CBC_ENCRYPT_DATA (0x657UL) -#define CKM_SKIPJACK_KEY_GEN (0x1000UL) -#define CKM_SKIPJACK_ECB64 (0x1001UL) -#define CKM_SKIPJACK_CBC64 (0x1002UL) -#define CKM_SKIPJACK_OFB64 (0x1003UL) -#define CKM_SKIPJACK_CFB64 (0x1004UL) -#define CKM_SKIPJACK_CFB32 (0x1005UL) -#define CKM_SKIPJACK_CFB16 (0x1006UL) -#define CKM_SKIPJACK_CFB8 (0x1007UL) -#define CKM_SKIPJACK_WRAP (0x1008UL) -#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009UL) -#define CKM_SKIPJACK_RELAYX (0x100aUL) -#define CKM_KEA_KEY_PAIR_GEN (0x1010UL) -#define CKM_KEA_KEY_DERIVE (0x1011UL) -#define CKM_FORTEZZA_TIMESTAMP (0x1020UL) -#define CKM_BATON_KEY_GEN (0x1030UL) -#define CKM_BATON_ECB128 (0x1031UL) -#define CKM_BATON_ECB96 (0x1032UL) -#define CKM_BATON_CBC128 (0x1033UL) -#define CKM_BATON_COUNTER (0x1034UL) -#define CKM_BATON_SHUFFLE (0x1035UL) -#define CKM_BATON_WRAP (0x1036UL) -#define CKM_ECDSA_KEY_PAIR_GEN (0x1040UL) -#define CKM_EC_KEY_PAIR_GEN (0x1040UL) -#define CKM_ECDSA (0x1041UL) -#define CKM_ECDSA_SHA1 (0x1042UL) -#define CKM_ECDSA_SHA224 (0x1043UL) -#define CKM_ECDSA_SHA256 (0x1044UL) -#define CKM_ECDSA_SHA384 (0x1045UL) -#define CKM_ECDSA_SHA512 (0x1046UL) -#define CKM_ECDH1_DERIVE (0x1050UL) -#define CKM_ECDH1_COFACTOR_DERIVE (0x1051UL) -#define CKM_ECMQV_DERIVE (0x1052UL) -#define CKM_ECDH_AES_KEY_WRAP (0x1053UL) -#define CKM_RSA_AES_KEY_WRAP (0x1054UL) -#define CKM_JUNIPER_KEY_GEN (0x1060UL) -#define CKM_JUNIPER_ECB128 (0x1061UL) -#define CKM_JUNIPER_CBC128 (0x1062UL) -#define CKM_JUNIPER_COUNTER (0x1063UL) -#define CKM_JUNIPER_SHUFFLE (0x1064UL) -#define CKM_JUNIPER_WRAP (0x1065UL) -#define CKM_FASTHASH (0x1070UL) -#define CKM_AES_KEY_GEN (0x1080UL) -#define CKM_AES_ECB (0x1081UL) -#define CKM_AES_CBC (0x1082UL) -#define CKM_AES_MAC (0x1083UL) -#define CKM_AES_MAC_GENERAL (0x1084UL) -#define CKM_AES_CBC_PAD (0x1085UL) -#define CKM_AES_CTR (0x1086UL) -#define CKM_AES_GCM (0x1087UL) -#define CKM_AES_CCM (0x1088UL) -#define CKM_AES_CTS (0x1089UL) -#define CKM_AES_CMAC (0x108aUL) -#define CKM_AES_CMAC_GENERAL (0x108bUL) -#define CKM_AES_XCBC_MAC (0x108cUL) -#define CKM_AES_XCBC_MAC_96 (0x108dUL) -#define CKM_AES_GMAC (0x108eUL) -#define CKM_BLOWFISH_KEY_GEN (0x1090UL) -#define CKM_BLOWFISH_CBC (0x1091UL) -#define CKM_TWOFISH_KEY_GEN (0x1092UL) -#define CKM_TWOFISH_CBC (0x1093UL) -#define CKM_BLOWFISH_CBC_PAD (0x1094UL) -#define CKM_TWOFISH_CBC_PAD (0x1095UL) -#define CKM_DES_ECB_ENCRYPT_DATA (0x1100UL) -#define CKM_DES_CBC_ENCRYPT_DATA (0x1101UL) -#define CKM_DES3_ECB_ENCRYPT_DATA (0x1102UL) -#define CKM_DES3_CBC_ENCRYPT_DATA (0x1103UL) -#define CKM_AES_ECB_ENCRYPT_DATA (0x1104UL) -#define CKM_AES_CBC_ENCRYPT_DATA (0x1105UL) -#define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200UL) -#define CKM_GOSTR3410 (0x1201UL) -#define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202UL) -#define CKM_GOSTR3410_KEY_WRAP (0x1203UL) -#define CKM_GOSTR3410_DERIVE (0x1204UL) -#define CKM_GOSTR3411 (0x1210UL) -#define CKM_GOSTR3411_HMAC (0x1211UL) -#define CKM_GOST28147_KEY_GEN (0x1220UL) -#define CKM_GOST28147_ECB (0x1221UL) -#define CKM_GOST28147 (0x1222UL) -#define CKM_GOST28147_MAC (0x1223UL) -#define CKM_GOST28147_KEY_WRAP (0x1224UL) -#define CKM_CHACHA20_KEY_GEN (0x1225UL) -#define CKM_CHACHA20 (0x1226UL) -#define CKM_POLY1305_KEY_GEN (0x1227UL) -#define CKM_POLY1305 (0x1228UL) - -#define CKM_DSA_PARAMETER_GEN (0x2000UL) -#define CKM_DH_PKCS_PARAMETER_GEN (0x2001UL) -#define CKM_X9_42_DH_PARAMETER_GEN (0x2002UL) -#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN (0x2003UL) -#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN (0x2004UL) -#define CKM_AES_OFB (0x2104UL) -#define CKM_AES_CFB64 (0x2105UL) -#define CKM_AES_CFB8 (0x2106UL) -#define CKM_AES_CFB128 (0x2107UL) -#define CKM_AES_CFB1 (0x2108UL) - -#define CKM_VENDOR_DEFINED ((unsigned long) (1UL << 31)) - -/* Amendments */ -#define CKM_SHA224 (0x255UL) -#define CKM_SHA224_HMAC (0x256UL) -#define CKM_SHA224_HMAC_GENERAL (0x257UL) -#define CKM_SHA224_RSA_PKCS (0x46UL) -#define CKM_SHA224_RSA_PKCS_PSS (0x47UL) -#define CKM_SHA224_KEY_DERIVATION (0x396UL) - -#define CKM_CAMELLIA_KEY_GEN (0x550UL) -#define CKM_CAMELLIA_ECB (0x551UL) -#define CKM_CAMELLIA_CBC (0x552UL) -#define CKM_CAMELLIA_MAC (0x553UL) -#define CKM_CAMELLIA_MAC_GENERAL (0x554UL) -#define CKM_CAMELLIA_CBC_PAD (0x555UL) -#define CKM_CAMELLIA_ECB_ENCRYPT_DATA (0x556UL) -#define CKM_CAMELLIA_CBC_ENCRYPT_DATA (0x557UL) -#define CKM_CAMELLIA_CTR (0x558UL) - -#define CKM_AES_KEY_WRAP (0x2109UL) -#define CKM_AES_KEY_WRAP_PAD (0x210aUL) - -#define CKM_RSA_PKCS_TPM_1_1 (0x4001UL) -#define CKM_RSA_PKCS_OAEP_TPM_1_1 (0x4002UL) - -/* From version 3.0 */ -#define CKM_EC_EDWARDS_KEY_PAIR_GEN (0x1055UL) -#define CKM_EC_MONTGOMERY_KEY_PAIR_GEN (0x1056UL) -#define CKM_EDDSA (0x1057UL) -#define CKM_XEDDSA (0x4029UL) +struct ck_gcm_params { + unsigned char *iv_ptr; + unsigned long iv_len; + unsigned long iv_bits; + unsigned char *aad_ptr; + unsigned long aad_len; + unsigned long tag_bits; +}; -/* Attribute and other constants related to OTP */ -#define CK_OTP_FORMAT_DECIMAL (0UL) -#define CK_OTP_FORMAT_HEXADECIMAL (1UL) -#define CK_OTP_FORMAT_ALPHANUMERIC (2UL) -#define CK_OTP_FORMAT_BINARY (3UL) -#define CK_OTP_PARAM_IGNORED (0UL) -#define CK_OTP_PARAM_OPTIONAL (1UL) -#define CK_OTP_PARAM_MANDATORY (2UL) - -#define CK_OTP_VALUE (0UL) -#define CK_OTP_PIN (1UL) -#define CK_OTP_CHALLENGE (2UL) -#define CK_OTP_TIME (3UL) -#define CK_OTP_COUNTER (4UL) -#define CK_OTP_FLAGS (5UL) -#define CK_OTP_OUTPUT_LENGTH (6UL) -#define CK_OTP_FORMAT (7UL) +struct ck_gostr3410_derive_params { + ck_ec_kdf_type_t kdf; + unsigned char *public_data; + unsigned long public_data_len; + unsigned char *ukm_ptr; + unsigned long ukm_len; +}; -/* OTP mechanism flags */ -#define CKF_NEXT_OTP (0x01UL) -#define CKF_EXCLUDE_TIME (0x02UL) -#define CKF_EXCLUDE_COUNTER (0x04UL) -#define CKF_EXCLUDE_CHALLENGE (0x08UL) -#define CKF_EXCLUDE_PIN (0x10UL) -#define CKF_USER_FRIENDLY_OTP (0x20UL) +struct ck_gostr3410_key_wrap_params { + unsigned char *wrap_oid; + unsigned long wrap_oid_len; + unsigned char *ukm_ptr; + unsigned long ukm_len; + ck_object_handle_t key; +}; -#define CKN_OTP_CHANGED (0x01UL) +struct ck_hkdf_params { + unsigned char extract; + unsigned char expand; + ck_mechanism_type_t prf_hash_mechanism; + unsigned long salt_type; + unsigned char *salt_ptr; + unsigned long salt_len; + ck_object_handle_t salt_key; + unsigned char *info; + unsigned long info_len; +}; -struct ck_mechanism -{ - ck_mechanism_type_t mechanism; - void *parameter; - unsigned long parameter_len; +struct ck_kea_derive_params { + unsigned char is_sender; + unsigned long random_len; + unsigned char *random_a; + unsigned char *random_b; + unsigned long public_data_len; + unsigned char *public_data; }; +struct ck_key_derivation_string_data { + unsigned char *string_data; + unsigned long string_data_len; +}; -struct ck_mechanism_info -{ - unsigned long min_key_size; - unsigned long max_key_size; - ck_flags_t flags; +struct ck_key_wrap_set_oaep_params { + unsigned char bc; + unsigned char *x_ptr; + unsigned long x_len; }; -typedef unsigned long ck_param_type; +struct ck_kip_params { + struct ck_mechanism *mechanism_ptr; + ck_object_handle_t key; + unsigned char *seed_ptr; + unsigned long seed_len; +}; typedef struct ck_otp_param { - ck_param_type type; - void *value; - unsigned long value_len; + ck_otp_param_type_t type; + void *value; + unsigned long value_len; } ck_otp_param; typedef struct ck_otp_params { - struct ck_otp_param *params; - unsigned long count; + struct ck_otp_param *params; + unsigned long count; } ck_otp_params; typedef struct ck_otp_signature_info @@ -988,22 +1757,72 @@ typedef struct ck_otp_signature_info unsigned long count; } ck_otp_signature_info; -#define CKG_MGF1_SHA1 0x00000001UL -#define CKG_MGF1_SHA224 0x00000005UL -#define CKG_MGF1_SHA256 0x00000002UL -#define CKG_MGF1_SHA384 0x00000003UL -#define CKG_MGF1_SHA512 0x00000004UL +struct ck_pbe_params { + unsigned char *init_vector; + unsigned char *password_ptr; + unsigned long password_len; + unsigned char *salt_ptr; + unsigned long salt_len; + unsigned long iteration; +}; -typedef unsigned long ck_rsa_pkcs_mgf_type_t; -typedef ck_rsa_pkcs_mgf_type_t * CK_RSA_PKCS_MGF_TYPE_PTR; +struct ck_pkcs5_pbkd2_params { + ck_pkcs5_pbkdf2_salt_source_type_t salt_source; + void *salt_source_data; + unsigned long salt_source_data_len; + unsigned long iterations; + ck_pkcs5_pbkd2_pseudo_random_function_type_t prf; + void *prf_data; + unsigned long prf_data_len; + unsigned char *password_ptr; + unsigned long *password_len; +}; -struct ck_rsa_pkcs_pss_params { - ck_mechanism_type_t hash_alg; - ck_rsa_pkcs_mgf_type_t mgf; - unsigned long s_len; +struct ck_pkcs5_pbkd2_params2 { + ck_pkcs5_pbkdf2_salt_source_type_t salt_source; + void *salt_source_data; + unsigned long salt_source_data_len; + unsigned long iterations; + ck_pkcs5_pbkd2_pseudo_random_function_type_t prf; + void *prf_data; + unsigned long prf_data_len; + unsigned char *password_ptr; + unsigned long password_len; }; -typedef unsigned long ck_rsa_pkcs_oaep_source_type_t; +struct ck_prf_data_param { + ck_prf_data_type_t type; + void *value; + unsigned long value_len; +}; + +struct ck_rc2_cbc_params { + unsigned long effective_bits; + unsigned char iv[8]; +}; + +struct ck_rc2_mac_general_params { + unsigned long effective_bits; + unsigned long mac_length; +}; + +struct ck_rc5_cbc_params { + unsigned long word_size; + unsigned long rounds; + unsigned char *iv_ptr; + unsigned long iv_len; +}; + +struct ck_rc5_mac_general_params { + unsigned long word_size; + unsigned long rounds; + unsigned long mac_length; +}; + +struct ck_rc5_params { + unsigned long word_size; + unsigned long rounds; +}; struct ck_rsa_pkcs_oaep_params { ck_mechanism_type_t hash_alg; @@ -1013,567 +1832,643 @@ struct ck_rsa_pkcs_oaep_params { unsigned long source_data_len; }; -struct ck_aes_ctr_params { - unsigned long counter_bits; - unsigned char cb[16]; +struct ck_rsa_aes_key_wrap_params { + unsigned long aes_key_bits; + struct ck_rsa_pkcs_oaep_params *oaep_params; }; -struct ck_gcm_params { - unsigned char *iv_ptr; - unsigned long iv_len; - unsigned long iv_bits; +struct ck_rsa_pkcs_pss_params { + ck_mechanism_type_t hash_alg; + ck_rsa_pkcs_mgf_type_t mgf; + unsigned long s_len; +}; + +struct ck_salsa20_chacha20_poly1305_msg_params { + unsigned char *nonce_ptr; + unsigned long nonce_bits; + unsigned char *tag_ptr; +}; + +struct ck_salsa20_chacha20_poly1305_params { + unsigned char *nonce_ptr; + unsigned long nonce_bits; unsigned char *aad_ptr; unsigned long aad_len; - unsigned long tag_bits; }; -typedef unsigned long ck_generator_function_t; - -struct ck_gcm_message_params { - unsigned char *iv_ptr; - unsigned long iv_len; - unsigned long iv_fixed_bits; - ck_generator_function_t iv_generator; - unsigned char *tag_ptr; - unsigned long tag_bits; +struct ck_salsa20_params { + unsigned char *block_counter; + unsigned char *nonce_ptr; + unsigned long nonce_bits; }; -struct ck_chacha20_params { - unsigned char *block_counter; - unsigned long block_counter_bits; - unsigned char *nonce_ptr; - unsigned long nonce_bits; +struct ck_seed_cbc_encrypt_data_params { + unsigned char iv[16]; + unsigned char *data_params; + unsigned long length; }; -struct ck_salsa20_params { - unsigned char *block_counter; - unsigned char *nonce_ptr; - unsigned long nonce_bits; +struct ck_skipjack_private_wrap_params { + unsigned long password_len; + unsigned char *password_ptr; + unsigned long public_data_len; + unsigned char *public_data; + unsigned long p_and_g_len; + unsigned long q_len; + unsigned long random_len; + unsigned char *random_a_ptr; + unsigned char *prime_p; + unsigned char *base_g; + unsigned char *subprime_q; }; -struct ck_salsa20_chacha20_poly1305_params { - unsigned char *nonce_ptr; - unsigned long nonce_bits; - unsigned char *aad_ptr; - unsigned long aad_len; +struct ck_skipjack_relayx_params { + unsigned long old_wrapped_x_len; + unsigned char *old_wrapped_x; + unsigned long old_password_len; + unsigned char *old_password; + unsigned long old_public_data_len; + unsigned char *old_public_data; + unsigned long old_random_len; + unsigned char *old_random_a; + unsigned long new_password_len; + unsigned char *new_password; + unsigned long new_public_data_len; + unsigned char *new_public_data; + unsigned long new_random_len; + unsigned char *new_random_a; }; -struct ck_salsa20_chacha20_poly1305_msg_params { - unsigned char *nonce_ptr; - unsigned long nonce_bits; - unsigned char *tag_ptr; +struct ck_sp800_108_counter_format { + unsigned char little_endian; + unsigned long width_in_bits; }; -/* The following EC Key Derivation Functions are defined */ -#define CKD_NULL (0x01UL) -#define CKD_SHA1_KDF (0x02UL) +struct ck_sp800_108_dkm_length_format { + ck_sp800_108_dkm_length_method_t dkm_length_method; + unsigned char little_endian; + unsigned long width_in_bits; +}; -/* The following X9.42 DH key derivation functions are defined */ -#define CKD_SHA1_KDF_ASN1 (0x03UL) -#define CKD_SHA1_KDF_CONCATENATE (0x04UL) -#define CKD_SHA224_KDF (0x05UL) -#define CKD_SHA256_KDF (0x06UL) -#define CKD_SHA384_KDF (0x07UL) -#define CKD_SHA512_KDF (0x08UL) -#define CKD_CPDIVERSIFY_KDF (0x09UL) +struct ck_sp800_108_feedback_kdf_params { + ck_sp800_108_prf_type_t prf_type; + unsigned long number_of_data_params; + struct ck_prf_data_param *data_params_ptr; + unsigned long iv_len; + unsigned char *iv_ptr; + unsigned long additional_derived_keys_len; + struct ck_derived_key *additional_derived_keys; +}; -typedef unsigned long ck_ec_kdf_t; +struct ck_sp800_108_kdf_params { + ck_sp800_108_prf_type_t prf_type; + unsigned long number_of_data_params; + struct ck_prf_data_param *data_params_ptr; + unsigned long additional_derived_keys_len; + struct ck_derived_key *additional_derived_keys; +}; -struct ck_ecdh1_derive_params { - ck_ec_kdf_t kdf; - unsigned long shared_data_len; - unsigned char *shared_data; - unsigned long public_data_len; - unsigned char *public_data; +struct ck_x2ratchet_initialize_params { + unsigned char *sk; + ck_object_handle_t peer_public_prekey; + ck_object_handle_t peer_public_identity; + ck_object_handle_t own_public_identity; + unsigned char encrypted_header; + unsigned long curve; + ck_mechanism_type_t aead_mechanism; + ck_x2ratchet_kdf_type_t kdf_mechanism; }; -struct ck_key_derivation_string_data { - unsigned char *string_data; - unsigned long string_data_len; +struct ck_x2ratchet_respond_params { + unsigned char *sk; + ck_object_handle_t own_prekey; + ck_object_handle_t initiator_identity; + ck_object_handle_t own_public_identity; + unsigned char encrypted_header; + unsigned long curve; + ck_mechanism_type_t aead_mechanism; + ck_x2ratchet_kdf_type_t kdf_mechanism; }; -struct ck_des_cbc_encrypt_data_params { - unsigned char iv[8]; - unsigned char *data_params; - unsigned long length; +struct ck_x3dh_initiate_params { + ck_x3dh_kdf_type_t kdf; + ck_object_handle_t peer_identity; + ck_object_handle_t peer_prekey; + unsigned char *prekey_signature; + unsigned char *onetime_key; + ck_object_handle_t own_identity; + ck_object_handle_t own_ephemeral; }; -struct ck_aes_cbc_encrypt_data_params { - unsigned char iv[16]; - unsigned char *data_params; - unsigned long length; +struct ck_x3dh_respond_params { + ck_x3dh_kdf_type_t kdf; + unsigned char *identity_id; + unsigned char *prekey_id; + unsigned char *onetime_id; + ck_object_handle_t initiator_identity; + unsigned char *initiator_ephemeral; }; -#define CKF_HW (1UL << 0) -#define CKF_MESSAGE_ENCRYPT (1UL << 1) -#define CKF_MESSAGE_DECRYPT (1UL << 2) -#define CKF_MESSAGE_SIGN (1UL << 3) -#define CKF_MESSAGE_VERIFY (1UL << 4) -#define CKF_MULTI_MESSAGE (1UL << 5) -#define CKF_FIND_OBJECTS (1UL << 6) -#define CKF_ENCRYPT (1UL << 8) -#define CKF_DECRYPT (1UL << 9) -#define CKF_DIGEST (1UL << 10) -#define CKF_SIGN (1UL << 11) -#define CKF_SIGN_RECOVER (1UL << 12) -#define CKF_VERIFY (1UL << 13) -#define CKF_VERIFY_RECOVER (1UL << 14) -#define CKF_GENERATE (1UL << 15) -#define CKF_GENERATE_KEY_PAIR (1UL << 16) -#define CKF_WRAP (1UL << 17) -#define CKF_UNWRAP (1UL << 18) -#define CKF_DERIVE (1UL << 19) -#define CKF_EXTENSION ((unsigned long) (1UL << 31)) - -#define CKF_EC_F_P (1UL << 20) -#define CKF_EC_NAMEDCURVE (1UL << 23) -#define CKF_EC_UNCOMPRESS (1UL << 24) -#define CKF_EC_COMPRESS (1UL << 25) +struct ck_x9_42_dh1_derive_params { + ck_x9_42_dh_kdf_type_t kdf; + unsigned long other_info_len; + unsigned char *other_info; + unsigned long public_data_len; + unsigned char *public_data; +}; +struct ck_x9_42_dh2_derive_params { + ck_x9_42_dh_kdf_type_t kdf; + unsigned long other_info_len; + unsigned char *other_info; + unsigned long public_data_len; + unsigned char *public_data; + unsigned long private_data_len; + ck_object_handle_t private_data; + unsigned long public_data_len2; + unsigned char *public_data2; +}; -/* Flags for C_WaitForSlotEvent. */ -#define CKF_DONT_BLOCK (1UL) +struct ck_x9_42_mqv_derive_params { + ck_x9_42_dh_kdf_type_t kdf; + unsigned long other_info_len; + unsigned char *other_info; + unsigned long public_data_len; + unsigned char *public_data; + unsigned long private_data_len; + ck_object_handle_t private_data; + unsigned long public_data_len2; + unsigned char *public_data2; + ck_object_handle_t public_key; +}; +struct ck_xeddsa_params { + ck_xeddsa_hash_type_t hash; +}; -typedef unsigned long ck_rv_t; +struct ck_ike_prf_derive_params { + ck_mechanism_type_t prf_mechanism; + unsigned char data_as_key; + unsigned char rekey; + unsigned char *ni_ptr; + unsigned long ni_len; + unsigned char *nr_ptr; + unsigned long nr_len; + ck_object_handle_t new_key; +}; +struct ck_ike1_extended_derive_params { + ck_mechanism_type_t prf_mechanism; + unsigned char has_key_gxy; + ck_object_handle_t key_gxy; + unsigned char *extra_data; + unsigned long extra_data_len; +}; -typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, - ck_notification_t event, void *application); +struct ck_ike1_prf_derive_params { + ck_mechanism_type_t prf_mechanism; + unsigned char has_prev_key; + ck_object_handle_t key_gxy; + ck_object_handle_t prev_key; + unsigned char *cky_i_ptr; + unsigned long cky_i_len; + unsigned char *cky_r_ptr; + unsigned long cky_r_len; + unsigned char key_number; +}; -struct ck_interface { - char *interface_name_ptr; - void *function_list_ptr; - ck_flags_t flags; +struct ck_ike2_prf_plus_derive_params { + ck_mechanism_type_t prf_mechanism; + unsigned char has_seed_key; + ck_object_handle_t seed_key; + unsigned char *seed_data; + unsigned long seed_data_len; }; -#define CKF_INTERFACE_FORK_SAFE (0x00000001UL) -/* Flags for message-based functions */ -#define CKF_END_OF_MESSAGE 0x00000001UL /* Forward reference. */ struct ck_function_list; struct ck_function_list_3_0; -#define _CK_DECLARE_FUNCTION(name, args) \ -typedef ck_rv_t (*CK_ ## name) args; \ +#define _CK_DECLARE_FUNCTION(name, args) \ +typedef ck_rv_t (*CK_ ## name) args; \ ck_rv_t CK_SPEC name args _CK_DECLARE_FUNCTION (C_Initialize, (void *init_args)); _CK_DECLARE_FUNCTION (C_Finalize, (void *reserved)); _CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info)); _CK_DECLARE_FUNCTION (C_GetFunctionList, - (struct ck_function_list **function_list)); + (struct ck_function_list **function_list)); _CK_DECLARE_FUNCTION (C_GetSlotList, - (unsigned char token_present, ck_slot_id_t *slot_list, - unsigned long *count)); + (unsigned char token_present, ck_slot_id_t *slot_list, + unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetSlotInfo, - (ck_slot_id_t slot_id, struct ck_slot_info *info)); + (ck_slot_id_t slot_id, struct ck_slot_info *info)); _CK_DECLARE_FUNCTION (C_GetTokenInfo, - (ck_slot_id_t slot_id, struct ck_token_info *info)); + (ck_slot_id_t slot_id, struct ck_token_info *info)); _CK_DECLARE_FUNCTION (C_WaitForSlotEvent, - (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); + (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); _CK_DECLARE_FUNCTION (C_GetMechanismList, - (ck_slot_id_t slot_id, - ck_mechanism_type_t *mechanism_list, - unsigned long *count)); + (ck_slot_id_t slot_id, + ck_mechanism_type_t *mechanism_list, + unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetMechanismInfo, - (ck_slot_id_t slot_id, ck_mechanism_type_t type, - struct ck_mechanism_info *info)); + (ck_slot_id_t slot_id, ck_mechanism_type_t type, + struct ck_mechanism_info *info)); _CK_DECLARE_FUNCTION (C_InitToken, - (ck_slot_id_t slot_id, unsigned char *pin, - unsigned long pin_len, unsigned char *label)); + (ck_slot_id_t slot_id, unsigned char *pin, + unsigned long pin_len, unsigned char *label)); _CK_DECLARE_FUNCTION (C_InitPIN, - (ck_session_handle_t session, unsigned char *pin, - unsigned long pin_len)); + (ck_session_handle_t session, unsigned char *pin, + unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_SetPIN, - (ck_session_handle_t session, unsigned char *old_pin, - unsigned long old_len, unsigned char *new_pin, - unsigned long new_len)); + (ck_session_handle_t session, unsigned char *old_pin, + unsigned long old_len, unsigned char *new_pin, + unsigned long new_len)); _CK_DECLARE_FUNCTION (C_OpenSession, - (ck_slot_id_t slot_id, ck_flags_t flags, - void *application, ck_notify_t notify, - ck_session_handle_t *session)); + (ck_slot_id_t slot_id, ck_flags_t flags, + void *application, ck_notify_t notify, + ck_session_handle_t *session)); _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id)); _CK_DECLARE_FUNCTION (C_GetSessionInfo, - (ck_session_handle_t session, - struct ck_session_info *info)); + (ck_session_handle_t session, + struct ck_session_info *info)); _CK_DECLARE_FUNCTION (C_GetOperationState, - (ck_session_handle_t session, - unsigned char *operation_state, - unsigned long *operation_state_len)); + (ck_session_handle_t session, + unsigned char *operation_state, + unsigned long *operation_state_len)); _CK_DECLARE_FUNCTION (C_SetOperationState, - (ck_session_handle_t session, - unsigned char *operation_state, - unsigned long operation_state_len, - ck_object_handle_t encryption_key, - ck_object_handle_t authentication_key)); + (ck_session_handle_t session, + unsigned char *operation_state, + unsigned long operation_state_len, + ck_object_handle_t encryption_key, + ck_object_handle_t authentication_key)); _CK_DECLARE_FUNCTION (C_Login, - (ck_session_handle_t session, ck_user_type_t user_type, - unsigned char *pin, unsigned long pin_len)); + (ck_session_handle_t session, ck_user_type_t user_type, + unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CreateObject, - (ck_session_handle_t session, - struct ck_attribute *templ, - unsigned long count, ck_object_handle_t *object)); + (ck_session_handle_t session, + struct ck_attribute *templ, + unsigned long count, ck_object_handle_t *object)); _CK_DECLARE_FUNCTION (C_CopyObject, - (ck_session_handle_t session, ck_object_handle_t object, - struct ck_attribute *templ, unsigned long count, - ck_object_handle_t *new_object)); + (ck_session_handle_t session, ck_object_handle_t object, + struct ck_attribute *templ, unsigned long count, + ck_object_handle_t *new_object)); _CK_DECLARE_FUNCTION (C_DestroyObject, - (ck_session_handle_t session, - ck_object_handle_t object)); + (ck_session_handle_t session, + ck_object_handle_t object)); _CK_DECLARE_FUNCTION (C_GetObjectSize, - (ck_session_handle_t session, - ck_object_handle_t object, - unsigned long *size)); + (ck_session_handle_t session, + ck_object_handle_t object, + unsigned long *size)); _CK_DECLARE_FUNCTION (C_GetAttributeValue, - (ck_session_handle_t session, - ck_object_handle_t object, - struct ck_attribute *templ, - unsigned long count)); + (ck_session_handle_t session, + ck_object_handle_t object, + struct ck_attribute *templ, + unsigned long count)); _CK_DECLARE_FUNCTION (C_SetAttributeValue, - (ck_session_handle_t session, - ck_object_handle_t object, - struct ck_attribute *templ, - unsigned long count)); + (ck_session_handle_t session, + ck_object_handle_t object, + struct ck_attribute *templ, + unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjectsInit, - (ck_session_handle_t session, - struct ck_attribute *templ, - unsigned long count)); + (ck_session_handle_t session, + struct ck_attribute *templ, + unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjects, - (ck_session_handle_t session, - ck_object_handle_t *object, - unsigned long max_object_count, - unsigned long *object_count)); + (ck_session_handle_t session, + ck_object_handle_t *object, + unsigned long max_object_count, + unsigned long *object_count)); _CK_DECLARE_FUNCTION (C_FindObjectsFinal, - (ck_session_handle_t session)); + (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_EncryptInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Encrypt, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *encrypted_data, - unsigned long *encrypted_data_len)); + (ck_session_handle_t session, + unsigned char *data, unsigned long data_len, + unsigned char *encrypted_data, + unsigned long *encrypted_data_len)); _CK_DECLARE_FUNCTION (C_EncryptUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len, - unsigned char *encrypted_part, - unsigned long *encrypted_part_len)); + (ck_session_handle_t session, + unsigned char *part, unsigned long part_len, + unsigned char *encrypted_part, + unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_EncryptFinal, - (ck_session_handle_t session, - unsigned char *last_encrypted_part, - unsigned long *last_encrypted_part_len)); + (ck_session_handle_t session, + unsigned char *last_encrypted_part, + unsigned long *last_encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Decrypt, - (ck_session_handle_t session, - unsigned char *encrypted_data, - unsigned long encrypted_data_len, - unsigned char *data, unsigned long *data_len)); + (ck_session_handle_t session, + unsigned char *encrypted_data, + unsigned long encrypted_data_len, + unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DecryptUpdate, - (ck_session_handle_t session, - unsigned char *encrypted_part, - unsigned long encrypted_part_len, - unsigned char *part, unsigned long *part_len)); + (ck_session_handle_t session, + unsigned char *encrypted_part, + unsigned long encrypted_part_len, + unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_DecryptFinal, - (ck_session_handle_t session, - unsigned char *last_part, - unsigned long *last_part_len)); + (ck_session_handle_t session, + unsigned char *last_part, + unsigned long *last_part_len)); _CK_DECLARE_FUNCTION (C_DigestInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism)); _CK_DECLARE_FUNCTION (C_Digest, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *digest, - unsigned long *digest_len)); + (ck_session_handle_t session, + unsigned char *data, unsigned long data_len, + unsigned char *digest, + unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_DigestUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len)); + (ck_session_handle_t session, + unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_DigestKey, - (ck_session_handle_t session, ck_object_handle_t key)); + (ck_session_handle_t session, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_DigestFinal, - (ck_session_handle_t session, - unsigned char *digest, - unsigned long *digest_len)); + (ck_session_handle_t session, + unsigned char *digest, + unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_SignInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Sign, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *signature, - unsigned long *signature_len)); + (ck_session_handle_t session, + unsigned char *data, unsigned long data_len, + unsigned char *signature, + unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len)); + (ck_session_handle_t session, + unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_SignFinal, - (ck_session_handle_t session, - unsigned char *signature, - unsigned long *signature_len)); + (ck_session_handle_t session, + unsigned char *signature, + unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignRecoverInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_SignRecover, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *signature, - unsigned long *signature_len)); + (ck_session_handle_t session, + unsigned char *data, unsigned long data_len, + unsigned char *signature, + unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_VerifyInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Verify, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *signature, - unsigned long signature_len)); + (ck_session_handle_t session, + unsigned char *data, unsigned long data_len, + unsigned char *signature, + unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len)); + (ck_session_handle_t session, + unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_VerifyFinal, - (ck_session_handle_t session, - unsigned char *signature, - unsigned long signature_len)); + (ck_session_handle_t session, + unsigned char *signature, + unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyRecoverInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_VerifyRecover, - (ck_session_handle_t session, - unsigned char *signature, - unsigned long signature_len, - unsigned char *data, - unsigned long *data_len)); + (ck_session_handle_t session, + unsigned char *signature, + unsigned long signature_len, + unsigned char *data, + unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DigestEncryptUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len, - unsigned char *encrypted_part, - unsigned long *encrypted_part_len)); + (ck_session_handle_t session, + unsigned char *part, unsigned long part_len, + unsigned char *encrypted_part, + unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptDigestUpdate, - (ck_session_handle_t session, - unsigned char *encrypted_part, - unsigned long encrypted_part_len, - unsigned char *part, - unsigned long *part_len)); + (ck_session_handle_t session, + unsigned char *encrypted_part, + unsigned long encrypted_part_len, + unsigned char *part, + unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_SignEncryptUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len, - unsigned char *encrypted_part, - unsigned long *encrypted_part_len)); + (ck_session_handle_t session, + unsigned char *part, unsigned long part_len, + unsigned char *encrypted_part, + unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate, - (ck_session_handle_t session, - unsigned char *encrypted_part, - unsigned long encrypted_part_len, - unsigned char *part, - unsigned long *part_len)); + (ck_session_handle_t session, + unsigned char *encrypted_part, + unsigned long encrypted_part_len, + unsigned char *part, + unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_GenerateKey, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - struct ck_attribute *templ, - unsigned long count, - ck_object_handle_t *key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + struct ck_attribute *templ, + unsigned long count, + ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_GenerateKeyPair, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - struct ck_attribute *public_key_template, - unsigned long public_key_attribute_count, - struct ck_attribute *private_key_template, - unsigned long private_key_attribute_count, - ck_object_handle_t *public_key, - ck_object_handle_t *private_key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + struct ck_attribute *public_key_template, + unsigned long public_key_attribute_count, + struct ck_attribute *private_key_template, + unsigned long private_key_attribute_count, + ck_object_handle_t *public_key, + ck_object_handle_t *private_key)); _CK_DECLARE_FUNCTION (C_WrapKey, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t wrapping_key, - ck_object_handle_t key, - unsigned char *wrapped_key, - unsigned long *wrapped_key_len)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t wrapping_key, + ck_object_handle_t key, + unsigned char *wrapped_key, + unsigned long *wrapped_key_len)); _CK_DECLARE_FUNCTION (C_UnwrapKey, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t unwrapping_key, - unsigned char *wrapped_key, - unsigned long wrapped_key_len, - struct ck_attribute *templ, - unsigned long attribute_count, - ck_object_handle_t *key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t unwrapping_key, + unsigned char *wrapped_key, + unsigned long wrapped_key_len, + struct ck_attribute *templ, + unsigned long attribute_count, + ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_DeriveKey, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t base_key, - struct ck_attribute *templ, - unsigned long attribute_count, - ck_object_handle_t *key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t base_key, + struct ck_attribute *templ, + unsigned long attribute_count, + ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_SeedRandom, - (ck_session_handle_t session, unsigned char *seed, - unsigned long seed_len)); + (ck_session_handle_t session, unsigned char *seed, + unsigned long seed_len)); _CK_DECLARE_FUNCTION (C_GenerateRandom, - (ck_session_handle_t session, - unsigned char *random_data, - unsigned long random_len)); + (ck_session_handle_t session, + unsigned char *random_data, + unsigned long random_len)); _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_GetInterfaceList, - (struct ck_interface *interfaces_list, - unsigned long *count)); + (struct ck_interface *interfaces_list, + unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetInterface, - (unsigned char *interface_name, - struct ck_version *version, - struct ck_interface **interface_, - ck_flags_t flags)); + (unsigned char *interface_name, + struct ck_version *version, + struct ck_interface **interface_, + ck_flags_t flags)); _CK_DECLARE_FUNCTION (C_LoginUser, - (ck_session_handle_t session, - ck_user_type_t user_type, - unsigned char *pin, - unsigned long pin_len, - unsigned char *username, - unsigned long username_len)); + (ck_session_handle_t session, + ck_user_type_t user_type, + unsigned char *pin, + unsigned long pin_len, + unsigned char *username, + unsigned long username_len)); _CK_DECLARE_FUNCTION (C_SessionCancel, - (ck_session_handle_t session, - ck_flags_t flags)); + (ck_session_handle_t session, + ck_flags_t flags)); _CK_DECLARE_FUNCTION (C_MessageEncryptInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_EncryptMessage, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *associated_data, - unsigned long associated_data_len, - unsigned char *plaintext, - unsigned long plaintext_len, - unsigned char *ciphertext, - unsigned long *ciphertext_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *associated_data, + unsigned long associated_data_len, + unsigned char *plaintext, + unsigned long plaintext_len, + unsigned char *ciphertext, + unsigned long *ciphertext_len)); _CK_DECLARE_FUNCTION (C_EncryptMessageBegin, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *associated_data, - unsigned long associated_data_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *associated_data, + unsigned long associated_data_len)); _CK_DECLARE_FUNCTION (C_EncryptMessageNext, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *plaintext_part, - unsigned long plaintext_part_len, - unsigned char *ciphertext_part, - unsigned long *ciphertext_part_len, - ck_flags_t flags)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *plaintext_part, + unsigned long plaintext_part_len, + unsigned char *ciphertext_part, + unsigned long *ciphertext_part_len, + ck_flags_t flags)); _CK_DECLARE_FUNCTION (C_MessageEncryptFinal, - (ck_session_handle_t session)); + (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_MessageDecryptInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_DecryptMessage, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *associated_data, - unsigned long associated_data_len, - unsigned char *ciphertext, - unsigned long ciphertext_len, - unsigned char *plaintext, - unsigned long *plaintext_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *associated_data, + unsigned long associated_data_len, + unsigned char *ciphertext, + unsigned long ciphertext_len, + unsigned char *plaintext, + unsigned long *plaintext_len)); _CK_DECLARE_FUNCTION (C_DecryptMessageBegin, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *associated_data, - unsigned long associated_data_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *associated_data, + unsigned long associated_data_len)); _CK_DECLARE_FUNCTION (C_DecryptMessageNext, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *ciphertext_part, - unsigned long ciphertext_part_len, - unsigned char *plaintext_part, - unsigned long *plaintext_part_len, - ck_flags_t flags)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *ciphertext_part, + unsigned long ciphertext_part_len, + unsigned char *plaintext_part, + unsigned long *plaintext_part_len, + ck_flags_t flags)); _CK_DECLARE_FUNCTION (C_MessageDecryptFinal, - (ck_session_handle_t session)); + (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_MessageSignInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_SignMessage, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *data, - unsigned long data_len, - unsigned char *signature, - unsigned long *signature_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *data, + unsigned long data_len, + unsigned char *signature, + unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignMessageBegin, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len)); _CK_DECLARE_FUNCTION (C_SignMessageNext, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *data, - unsigned long data_len, - unsigned char *signature, - unsigned long *signature_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *data, + unsigned long data_len, + unsigned char *signature, + unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_MessageSignFinal, - (ck_session_handle_t session)); + (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_MessageVerifyInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); + (ck_session_handle_t session, + struct ck_mechanism *mechanism, + ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_VerifyMessage, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *data, - unsigned long data_len, - unsigned char *signature, - unsigned long signature_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *data, + unsigned long data_len, + unsigned char *signature, + unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyMessageBegin, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len)); _CK_DECLARE_FUNCTION (C_VerifyMessageNext, - (ck_session_handle_t session, - void *parameter, - unsigned long parameter_len, - unsigned char *data, - unsigned long data_len, - unsigned char *signature, - unsigned long signature_len)); + (ck_session_handle_t session, + void *parameter, + unsigned long parameter_len, + unsigned char *data, + unsigned long data_len, + unsigned char *signature, + unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_MessageVerifyFinal, - (ck_session_handle_t session)); + (ck_session_handle_t session)); #define CK_FUNCTION_LIST_ \ struct ck_version version; \ @@ -1684,128 +2579,6 @@ struct ck_function_list_3_0 -typedef ck_rv_t (*ck_createmutex_t) (void **mutex); -typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); -typedef ck_rv_t (*ck_lockmutex_t) (void *mutex); -typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex); - - -struct ck_c_initialize_args -{ - ck_createmutex_t create_mutex; - ck_destroymutex_t destroy_mutex; - ck_lockmutex_t lock_mutex; - ck_unlockmutex_t unlock_mutex; - ck_flags_t flags; - void *reserved; -}; - - -#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1UL << 0) -#define CKF_OS_LOCKING_OK (1UL << 1) - -#define CKR_OK (0UL) -#define CKR_CANCEL (1UL) -#define CKR_HOST_MEMORY (2UL) -#define CKR_SLOT_ID_INVALID (3UL) -#define CKR_GENERAL_ERROR (5UL) -#define CKR_FUNCTION_FAILED (6UL) -#define CKR_ARGUMENTS_BAD (7UL) -#define CKR_NO_EVENT (8UL) -#define CKR_NEED_TO_CREATE_THREADS (9UL) -#define CKR_CANT_LOCK (0xaUL) -#define CKR_ATTRIBUTE_READ_ONLY (0x10UL) -#define CKR_ATTRIBUTE_SENSITIVE (0x11UL) -#define CKR_ATTRIBUTE_TYPE_INVALID (0x12UL) -#define CKR_ATTRIBUTE_VALUE_INVALID (0x13UL) -#define CKR_ACTION_PROHIBITED (0x1BUL) -#define CKR_DATA_INVALID (0x20UL) -#define CKR_DATA_LEN_RANGE (0x21UL) -#define CKR_DEVICE_ERROR (0x30UL) -#define CKR_DEVICE_MEMORY (0x31UL) -#define CKR_DEVICE_REMOVED (0x32UL) -#define CKR_ENCRYPTED_DATA_INVALID (0x40UL) -#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41UL) -#define CKR_FUNCTION_CANCELED (0x50UL) -#define CKR_FUNCTION_NOT_PARALLEL (0x51UL) -#define CKR_FUNCTION_NOT_SUPPORTED (0x54UL) -#define CKR_KEY_HANDLE_INVALID (0x60UL) -#define CKR_KEY_SIZE_RANGE (0x62UL) -#define CKR_KEY_TYPE_INCONSISTENT (0x63UL) -#define CKR_KEY_NOT_NEEDED (0x64UL) -#define CKR_KEY_CHANGED (0x65UL) -#define CKR_KEY_NEEDED (0x66UL) -#define CKR_KEY_INDIGESTIBLE (0x67UL) -#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68UL) -#define CKR_KEY_NOT_WRAPPABLE (0x69UL) -#define CKR_KEY_UNEXTRACTABLE (0x6aUL) -#define CKR_MECHANISM_INVALID (0x70UL) -#define CKR_MECHANISM_PARAM_INVALID (0x71UL) -#define CKR_OBJECT_HANDLE_INVALID (0x82UL) -#define CKR_OPERATION_ACTIVE (0x90UL) -#define CKR_OPERATION_NOT_INITIALIZED (0x91UL) -#define CKR_PIN_INCORRECT (0xa0UL) -#define CKR_PIN_INVALID (0xa1UL) -#define CKR_PIN_LEN_RANGE (0xa2UL) -#define CKR_PIN_EXPIRED (0xa3UL) -#define CKR_PIN_LOCKED (0xa4UL) -#define CKR_SESSION_CLOSED (0xb0UL) -#define CKR_SESSION_COUNT (0xb1UL) -#define CKR_SESSION_HANDLE_INVALID (0xb3UL) -#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4UL) -#define CKR_SESSION_READ_ONLY (0xb5UL) -#define CKR_SESSION_EXISTS (0xb6UL) -#define CKR_SESSION_READ_ONLY_EXISTS (0xb7UL) -#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8UL) -#define CKR_SIGNATURE_INVALID (0xc0UL) -#define CKR_SIGNATURE_LEN_RANGE (0xc1UL) -#define CKR_TEMPLATE_INCOMPLETE (0xd0UL) -#define CKR_TEMPLATE_INCONSISTENT (0xd1UL) -#define CKR_TOKEN_NOT_PRESENT (0xe0UL) -#define CKR_TOKEN_NOT_RECOGNIZED (0xe1UL) -#define CKR_TOKEN_WRITE_PROTECTED (0xe2UL) -#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0UL) -#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1UL) -#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2UL) -#define CKR_USER_ALREADY_LOGGED_IN (0x100UL) -#define CKR_USER_NOT_LOGGED_IN (0x101UL) -#define CKR_USER_PIN_NOT_INITIALIZED (0x102UL) -#define CKR_USER_TYPE_INVALID (0x103UL) -#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104UL) -#define CKR_USER_TOO_MANY_TYPES (0x105UL) -#define CKR_WRAPPED_KEY_INVALID (0x110UL) -#define CKR_WRAPPED_KEY_LEN_RANGE (0x112UL) -#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113UL) -#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114UL) -#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115UL) -#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120UL) -#define CKR_RANDOM_NO_RNG (0x121UL) -#define CKR_DOMAIN_PARAMS_INVALID (0x130UL) -#define CKR_CURVE_NOT_SUPPORTED (0x140UL) -#define CKR_BUFFER_TOO_SMALL (0x150UL) -#define CKR_SAVED_STATE_INVALID (0x160UL) -#define CKR_INFORMATION_SENSITIVE (0x170UL) -#define CKR_STATE_UNSAVEABLE (0x180UL) -#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190UL) -#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191UL) -#define CKR_MUTEX_BAD (0x1a0UL) -#define CKR_MUTEX_NOT_LOCKED (0x1a1UL) -#define CKR_NEW_PIN_MODE (0x1b0UL) -#define CKR_NEXT_OTP (0x1b1UL) -#define CKR_EXCEEDED_MAX_ITERATIONS (0x1c0UL) -#define CKR_FIPS_SELF_TEST_FAILED (0x1c1UL) -#define CKR_LIBRARY_LOAD_FAILED (0x1c2UL) -#define CKR_PIN_TOO_WEAK (0x1c3UL) -#define CKR_PUBLIC_KEY_INVALID (0x1c4UL) -#define CKR_FUNCTION_REJECTED (0x200UL) -#define CKR_OPERATION_CANCEL_FAILED (0x202UL) -#define CKR_VENDOR_DEFINED ((unsigned long) (1UL << 31)) - - -#define CKZ_DATA_SPECIFIED (0x01UL) - - - /* Compatibility layer. */ #ifdef CRYPTOKI_COMPAT @@ -1868,6 +2641,9 @@ typedef struct ck_attribute *CK_ATTRIBUTE_PTR; typedef struct ck_date CK_DATE; typedef struct ck_date *CK_DATE_PTR; +typedef struct ck_derived_key CK_DERIVED_KEY; +typedef struct ck_derived_key *CK_DERIVED_KEY_PTR; + typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; typedef struct ck_mechanism CK_MECHANISM; @@ -1894,6 +2670,8 @@ typedef struct ck_function_list_3_0 **CK_FUNCTION_LIST_3_0_PTR_PTR; typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; +typedef ck_rsa_pkcs_mgf_type_t *CK_RSA_PKCS_MGF_TYPE_PTR; + typedef struct ck_rsa_pkcs_pss_params CK_RSA_PKCS_PSS_PARAMS; typedef struct ck_rsa_pkcs_pss_params *CK_RSA_PKCS_PSS_PARAMS_PTR; @@ -1930,6 +2708,153 @@ typedef struct ck_des_cbc_encrypt_data_params *CK_DES_CBC_ENCRYPT_DATA_PARAMS_PT typedef struct ck_aes_cbc_encrypt_data_params CK_AES_CBC_ENCRYPT_DATA_PARAMS; typedef struct ck_aes_cbc_encrypt_data_params *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; +typedef struct ck_aes_ccm_params CK_AES_CCM_PARAMS; +typedef struct ck_aes_ccm_params *CK_AES_CCM_PARAMS_PTR; + +typedef struct ck_aes_gcm_params CK_AES_GCM_PARAMS; +typedef struct ck_aes_gcm_params *CK_AES_GCM_PARAMS_PTR; + +typedef struct ck_aria_cbc_encrypt_data_params CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; +typedef struct ck_aria_cbc_encrypt_data_params *CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; + +typedef struct ck_camellia_cbc_encrypt_data_params CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; +typedef struct ck_camellia_cbc_encrypt_data_params *CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; + +typedef struct ck_camellia_ctr_params CK_CAMELLIA_CTR_PARAMS; +typedef struct ck_camellia_ctr_params *CK_CAMELLIA_CTR_PARAMS_PTR; + +typedef struct ck_ccm_message_params CK_CCM_MESSAGE_PARAMS; +typedef struct ck_ccm_message_params *CK_CCM_MESSAGE_PARAMS_PTR; + +typedef struct ck_ccm_params CK_CCM_PARAMS; +typedef struct ck_ccm_params *CK_CCM_PARAMS_PTR; + +typedef struct ck_cms_sig_params CK_CMS_SIG_PARAMS; +typedef struct ck_cms_sig_params *CK_CMS_SIG_PARAMS_PTR; + +typedef struct ck_dsa_parameter_gen_param CK_DSA_PARAMETER_GEN_PARAM; +typedef struct ck_dsa_parameter_gen_param *CK_DSA_PARAMETER_GEN_PARAM_PTR; + +typedef struct ck_ecdh_aes_key_wrap_params CK_ECDH_AES_KEY_WRAP_PARAMS; +typedef struct ck_ecdh_aes_key_wrap_params *CK_ECDH_AES_KEY_WRAP_PARAMS_PTR; + +typedef struct ck_ecdh2_derive_params CK_ECDH2_DERIVE_PARAMS; +typedef struct ck_ecdh2_derive_params *CK_ECDH2_DERIVE_PARAMS_PTR; + +typedef struct ck_ecmqv_derive_params CK_ECMQV_DERIVE_PARAMS; +typedef struct ck_ecmqv_derive_params *CK_ECMQV_DERIVE_PARAMS_PTR; + +typedef struct ck_eddsa_params CK_EDDSA_PARAMS; +typedef struct ck_eddsa_params *CK_EDDSA_PARAMS_PTR; + +typedef struct ck_gcm_message_params CK_GCM_MESSAGE_PARAMS; +typedef struct ck_gcm_message_params *CK_GCM_MESSAGE_PARAMS_PTR; + +typedef struct ck_gostr3410_derive_params CK_GOSTR3410_DERIVE_PARAMS; +typedef struct ck_gostr3410_derive_params *CK_GOSTR3410_DERIVE_PARAMS_PTR; + +typedef struct ck_gostr3410_key_wrap_params CK_GOSTR3410_KEY_WRAP_PARAMS; +typedef struct ck_gostr3410_key_wrap_params *CK_GOSTR3410_KEY_WRAP_PARAMS_PTR; + +typedef struct ck_hkdf_params CK_HKDF_PARAMS; +typedef struct ck_hkdf_params *CK_HKDF_PARAMS_PTR; + +typedef struct ck_kea_derive_params CK_KEA_DERIVE_PARAMS; +typedef struct ck_kea_derive_params *CK_KEA_DERIVE_PARAMS_PTR; + +typedef struct ck_key_wrap_set_oaep_params CK_KEY_WRAP_SET_OAEP_PARAMS; +typedef struct ck_key_wrap_set_oaep_params *CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; + +typedef struct ck_kip_params CK_KIP_PARAMS; +typedef struct ck_kip_params *CK_KIP_PARAMS_PTR; + +typedef struct ck_pbe_params CK_PBE_PARAMS; +typedef struct ck_pbe_params *CK_PBE_PARAMS_PTR; + +typedef struct ck_pkcs5_pbkd2_params CK_PKCS5_PBKD2_PARAMS; +typedef struct ck_pkcs5_pbkd2_params *CK_PKCS5_PBKD2_PARAMS_PTR; + +typedef struct ck_pkcs5_pbkd2_params2 CK_PKCS5_PBKD2_PARAMS2; +typedef struct ck_pkcs5_pbkd2_params2 *CK_PKCS5_PBKD2_PARAMS2_PTR; + +typedef struct ck_prf_data_param CK_PRF_DATA_PARAM; +typedef struct ck_prf_data_param *CK_PRF_DATA_PARAM_PTR; + +typedef struct ck_rc2_cbc_params CK_RC2_CBC_PARAMS; +typedef struct ck_rc2_cbc_params *CK_RC2_CBC_PARAMS_PTR; + +typedef struct ck_rc2_mac_general_params CK_RC2_MAC_GENERAL_PARAMS; +typedef struct ck_rc2_mac_general_params *CK_RC2_MAC_GENERAL_PARAMS_PTR; + +typedef struct ck_rc5_cbc_params CK_RC5_CBC_PARAMS; +typedef struct ck_rc5_cbc_params *CK_RC5_CBC_PARAMS_PTR; + +typedef struct ck_rc5_mac_general_params CK_RC5_MAC_GENERAL_PARAMS; +typedef struct ck_rc5_mac_general_params *CK_RC5_MAC_GENERAL_PARAMS_PTR; + +typedef struct ck_rc5_params CK_RC5_PARAMS; +typedef struct ck_rc5_params *CK_RC5_PARAMS_PTR; + +typedef struct ck_rsa_aes_key_wrap_params CK_RSA_AES_KEY_WRAP_PARAMS; +typedef struct ck_rsa_aes_key_wrap_params *CK_RSA_AES_KEY_WRAP_PARAMS_PTR; + +typedef struct ck_seed_cbc_encrypt_data_params CK_SEED_CBC_ENCRYPT_DATA_PARAMS; +typedef struct ck_seed_cbc_encrypt_data_params *CK_SEED_CBC_ENCRYPT_DATA_PARAMS_PTR; + +typedef struct ck_skipjack_private_wrap_params CK_SKIPJACK_PRIVATE_WRAP_PARAMS; +typedef struct ck_skipjack_private_wrap_params *CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR; + +typedef struct ck_skipjack_relayx_params CK_SKIPJACK_RELAYX_PARAMS; +typedef struct ck_skipjack_relayx_params *CK_SKIPJACK_RELAYX_PARAMS_PTR; + +typedef struct ck_sp800_108_counter_format CK_SP800_108_COUNTER_FORMAT; +typedef struct ck_sp800_108_counter_format *CK_SP800_108_COUNTER_FORMAT_PTR; + +typedef struct ck_sp800_108_dkm_length_format CK_SP800_108_DKM_LENGTH_FORMAT; +typedef struct ck_sp800_108_dkm_length_format *CK_SP800_108_DKM_LENGTH_FORMAT_PTR; + +typedef struct ck_sp800_108_feedback_kdf_params CK_SP800_108_FEEDBACK_KDF_PARAMS; +typedef struct ck_sp800_108_feedback_kdf_params *CK_SP800_108_FEEDBACK_KDF_PARAMS_PTR; + +typedef struct ck_sp800_108_kdf_params CK_SP800_108_KDF_PARAMS; +typedef struct ck_sp800_108_kdf_params *CK_SP800_108_KDF_PARAMS_PTR; + +typedef struct ck_x2ratchet_initialize_params CK_X2RATCHET_INITIALIZE_PARAMS; +typedef struct ck_x2ratchet_initialize_params *CK_X2RATCHET_INITIALIZE_PARAMS_PTR; + +typedef struct ck_x2ratchet_respond_params CK_X2RATCHET_RESPOND_PARAMS; +typedef struct ck_x2ratchet_respond_params *CK_X2RATCHET_RESPOND_PARAMS_PTR; + +typedef struct ck_x3dh_initiate_params CK_X3DH_INITIATE_PARAMS; +typedef struct ck_x3dh_initiate_params *CK_X3DH_INITIATE_PARAMS_PTR; + +typedef struct ck_x3dh_respond_params CK_X3DH_RESPOND_PARAMS; +typedef struct ck_x3dh_respond_params *CK_X3DH_RESPOND_PARAMS_PTR; + +typedef struct ck_x9_42_dh1_derive_params CK_X9_42_DH1_DERIVE_PARAMS; +typedef struct ck_x9_42_dh1_derive_params *CK_X9_42_DH1_DERIVE_PARAMS_PTR; + +typedef struct ck_x9_42_dh2_derive_params CK_X9_42_DH2_DERIVE_PARAMS; +typedef struct ck_x9_42_dh2_derive_params *CK_X9_42_DH2_DERIVE_PARAMS_PTR; + +typedef struct ck_x9_42_mqv_derive_params CK_X9_42_MQV_DERIVE_PARAMS; +typedef struct ck_x9_42_mqv_derive_params *CK_X9_42_MQV_DERIVE_PARAMS_PTR; + +typedef struct ck_xeddsa_params CK_XEDDSA_PARAMS; +typedef struct ck_xeddsa_params *CK_XEDDSA_PARAMS_PTR; + +typedef struct ck_ike_prf_derive_params CK_IKE_PRF_DERIVE_PARAMS; +typedef struct ck_ike_prf_derive_params *CK_IKE_PRF_DERIVE_PARAMS_PTR; + +typedef struct ck_ike1_extended_derive_params CK_IKE1_EXTENDED_DERIVE_PARAMS; +typedef struct ck_ike1_extended_derive_params *CK_IKE1_EXTENDED_DERIVE_PARAMS_PTR; + +typedef struct ck_ike1_prf_derive_params CK_IKE1_PRF_DERIVE_PARAMS; +typedef struct ck_ike1_prf_derive_params *CK_IKE1_PRF_DERIVE_PARAMS_PTR; + +typedef struct ck_ike2_prf_plus_derive_params CK_IKE2_PRF_PLUS_DERIVE_PARAMS; +typedef struct ck_ike2_prf_plus_derive_params *CK_IKE2_PRF_PLUS_DERIVE_PARAMS_PTR; + #ifndef NULL_PTR #define NULL_PTR NULL #endif @@ -1978,8 +2903,28 @@ typedef struct ck_aes_cbc_encrypt_data_params *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PT #undef ck_object_class_t #undef ck_hw_feature_type_t #undef ck_key_type_t +#undef ck_certificate_category_t #undef ck_certificate_type_t #undef ck_attribute_type_t +#undef ck_ec_kdf_type_t +#undef ck_extract_params_t +#undef ck_java_midp_security_domain_t +#undef ck_mac_general_params_t +#undef ck_otp_param_type_t +#undef ck_pkcs5_pbkd2_pseudo_random_function_type_t +#undef ck_pkcs5_pbkdf2_salt_source_type_t +#undef ck_prf_data_type_t +#undef ck_profile_id_t +#undef ck_rc2_params_t +#undef ck_sp800_108_dkm_length_method_t +#undef ck_x2ratchet_kdf_type_t +#undef ck_x3dh_kdf_type_t +#undef ck_x9_42_dh_kdf_type_t +#undef ck_xeddsa_hash_type_t +#undef ck_sp800_108_prf_type_t +#undef ck_hss_levels_t +#undef ck_lms_type_t +#undef ck_lmots_type_t #undef ck_attribute #undef value @@ -2016,12 +2961,12 @@ typedef struct ck_aes_cbc_encrypt_data_params *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PT #undef ck_function_list #undef ck_function_list_3_0 +#undef ck_c_initialize_args #undef ck_createmutex_t #undef ck_destroymutex_t #undef ck_lockmutex_t #undef ck_unlockmutex_t -#undef ck_c_initialize_args #undef create_mutex #undef destroy_mutex #undef lock_mutex @@ -2050,18 +2995,145 @@ typedef struct ck_aes_cbc_encrypt_data_params *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PT #undef block_counter_bits #undef nonce_ptr #undef nonce_bits +#undef nonce_fixed_bits +#undef nonce_len +#undef nonce_generator #undef shared_data_len #undef shared_data #undef public_data_len #undef public_data +#undef public_data_len2 +#undef public_data2 +#undef private_data_len +#undef private_data #undef string_data #undef string_data_len #undef data_params +#undef data_len +#undef mac_ptr +#undef mac_len +#undef certificate_handle +#undef signing_mechanism +#undef digest_mechanism +#undef content_type +#undef requested_attributes +#undef requested_attributes_len +#undef required_attributes +#undef required_attributes_len +#undef seed_ptr +#undef seed_len +#undef index +#undef aes_key_bits +#undef public_key +#undef flag +#undef context_data_len +#undef context_data +#undef wrap_oid +#undef wrap_oid_len +#undef ukm_ptr +#undef ukm_len +#undef key +#undef extract +#undef expand +#undef prf_hash_mechanism +#undef salt_type +#undef salt_ptr +#undef salt_len +#undef salt_key +#undef info +#undef info_len +#undef is_sender +#undef random_len +#undef random_a +#undef random_b +#undef bc +#undef x_ptr +#undef x_len +#undef mechanism_ptr +#undef init_vector +#undef password_ptr +#undef password_len +#undef iteration +#undef salt_source +#undef salt_source_data +#undef salt_source_data_len +#undef prf_data +#undef prf_data_len +#undef effective_bits +#undef mac_length +#undef word_size +#undef rounds +#undef oaep_params +#undef p_and_g_len +#undef q_len +#undef random_a_ptr +#undef prime_p +#undef base_g +#undef subprime_q +#undef old_wrapped_x_len +#undef old_wrapped_x +#undef old_password_len +#undef old_password +#undef old_public_data_len +#undef old_public_data +#undef old_random_len +#undef old_random_a +#undef new_password_len +#undef new_password +#undef new_public_data_len +#undef new_public_data +#undef new_random_len +#undef new_random_a +#undef little_endian +#undef width_in_bits +#undef dkm_length_method +#undef prf_type +#undef number_of_data_params +#undef data_params_ptr +#undef additional_derived_keys_len +#undef additional_derived_keys +#undef encrypted_header +#undef curve +#undef aead_mechanism +#undef kdf_mechanism +#undef peer_identity +#undef peer_prekey +#undef prekey_signature +#undef onetime_key +#undef own_identity +#undef own_ephemeral +#undef identity_id +#undef prekey_id +#undef onetime_id +#undef initiator_identity +#undef initiator_ephemeral +#undef other_info_len +#undef other_info +#undef prf_mechanism +#undef data_as_key +#undef rekey +#undef ni_ptr +#undef ni_len +#undef nr_ptr +#undef nr_len +#undef new_key +#undef has_key_gxy +#undef key_gxy +#undef extra_data +#undef extra_data_len +#undef has_prev_key +#undef prev_key +#undef cky_i_ptr +#undef cky_i_len +#undef cky_r_ptr +#undef cky_r_len +#undef key_number +#undef has_seed_key +#undef seed_key +#undef seed_data +#undef seed_data_len +#endif /* CRYPTOKI_COMPAT */ -#undef ck_profile_id -#endif /* CRYPTOKI_COMPAT */ - - /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) #pragma pack(pop, cryptoki) @@ -2071,4 +3143,4 @@ typedef struct ck_aes_cbc_encrypt_data_params *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PT } #endif -#endif /* PKCS11_H */ +#endif /* PKCS11_H */ diff --git a/p11-kit/test-mock.c b/p11-kit/test-mock.c index 39a74c77..19ba927f 100644 --- a/p11-kit/test-mock.c +++ b/p11-kit/test-mock.c @@ -2737,7 +2737,7 @@ test_mock_add_tests (const char *prefix, const CK_VERSION *version) p11_test (test_derive_key, "%s/test_derive_key", prefix); p11_test (test_random, "%s/test_random", prefix); /* PKCS #11 3.0 tests */ - if (version && version->major == 3 && version->minor == 0) { + if (version && version->major == 3 && version->minor >= 0) { p11_test (test_login_user, "%s/test_login_user", prefix); p11_test (test_session_cancel, "%s/test_session_cancel", prefix); p11_test (test_message_encrypt, "%s/test_message_encrypt", prefix); diff --git a/p11-kit/test-proxy3.c b/p11-kit/test-proxy3.c index ef52a00b..121c47ec 100644 --- a/p11-kit/test-proxy3.c +++ b/p11-kit/test-proxy3.c @@ -83,7 +83,7 @@ test_initialize_finalize_interface (void) assert (strcmp(interface->pInterfaceName, name) == 0); proxy = interface->pFunctionList; assert (proxy->version.major == 3); - assert (proxy->version.minor == 0); + assert (proxy->version.minor >= 0); assert (p11_proxy_module_check ((CK_FUNCTION_LIST_PTR)proxy));