1*7c478bd9Sstevel@tonic-gate /* pkcs11t.h include file for PKCS #11. */ 2*7c478bd9Sstevel@tonic-gate /* $Revision: 1.4 $ */ 3*7c478bd9Sstevel@tonic-gate 4*7c478bd9Sstevel@tonic-gate /* License to copy and use this software is granted provided that it is 5*7c478bd9Sstevel@tonic-gate * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface 6*7c478bd9Sstevel@tonic-gate * (Cryptoki)" in all material mentioning or referencing this software. 7*7c478bd9Sstevel@tonic-gate 8*7c478bd9Sstevel@tonic-gate * License is also granted to make and use derivative works provided that 9*7c478bd9Sstevel@tonic-gate * such works are identified as "derived from the RSA Security Inc. PKCS #11 10*7c478bd9Sstevel@tonic-gate * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 11*7c478bd9Sstevel@tonic-gate * referencing the derived work. 12*7c478bd9Sstevel@tonic-gate 13*7c478bd9Sstevel@tonic-gate * RSA Security Inc. makes no representations concerning either the 14*7c478bd9Sstevel@tonic-gate * merchantability of this software or the suitability of this software for 15*7c478bd9Sstevel@tonic-gate * any particular purpose. It is provided "as is" without express or implied 16*7c478bd9Sstevel@tonic-gate * warranty of any kind. 17*7c478bd9Sstevel@tonic-gate */ 18*7c478bd9Sstevel@tonic-gate 19*7c478bd9Sstevel@tonic-gate /* See top of pkcs11.h for information about the macros that 20*7c478bd9Sstevel@tonic-gate * must be defined and the structure-packing conventions that 21*7c478bd9Sstevel@tonic-gate * must be set before including this file. */ 22*7c478bd9Sstevel@tonic-gate 23*7c478bd9Sstevel@tonic-gate #ifndef _PKCS11T_H_ 24*7c478bd9Sstevel@tonic-gate #define _PKCS11T_H_ 1 25*7c478bd9Sstevel@tonic-gate 26*7c478bd9Sstevel@tonic-gate #ifndef CK_DISABLE_TRUE_FALSE 27*7c478bd9Sstevel@tonic-gate #ifndef FALSE 28*7c478bd9Sstevel@tonic-gate #define FALSE 0 29*7c478bd9Sstevel@tonic-gate #endif 30*7c478bd9Sstevel@tonic-gate 31*7c478bd9Sstevel@tonic-gate #ifndef TRUE 32*7c478bd9Sstevel@tonic-gate #define TRUE !(FALSE) 33*7c478bd9Sstevel@tonic-gate #endif 34*7c478bd9Sstevel@tonic-gate #endif 35*7c478bd9Sstevel@tonic-gate 36*7c478bd9Sstevel@tonic-gate #define CK_TRUE 1 37*7c478bd9Sstevel@tonic-gate #define CK_FALSE 0 38*7c478bd9Sstevel@tonic-gate 39*7c478bd9Sstevel@tonic-gate /* an unsigned 8-bit value */ 40*7c478bd9Sstevel@tonic-gate typedef unsigned char CK_BYTE; 41*7c478bd9Sstevel@tonic-gate 42*7c478bd9Sstevel@tonic-gate /* an unsigned 8-bit character */ 43*7c478bd9Sstevel@tonic-gate typedef CK_BYTE CK_CHAR; 44*7c478bd9Sstevel@tonic-gate 45*7c478bd9Sstevel@tonic-gate /* an 8-bit UTF-8 character */ 46*7c478bd9Sstevel@tonic-gate typedef CK_BYTE CK_UTF8CHAR; 47*7c478bd9Sstevel@tonic-gate 48*7c478bd9Sstevel@tonic-gate /* a BYTE-sized Boolean flag */ 49*7c478bd9Sstevel@tonic-gate typedef CK_BYTE CK_BBOOL; 50*7c478bd9Sstevel@tonic-gate 51*7c478bd9Sstevel@tonic-gate /* an unsigned value, at least 32 bits long */ 52*7c478bd9Sstevel@tonic-gate typedef unsigned long int CK_ULONG; 53*7c478bd9Sstevel@tonic-gate 54*7c478bd9Sstevel@tonic-gate /* a signed value, the same size as a CK_ULONG */ 55*7c478bd9Sstevel@tonic-gate /* CK_LONG is new for v2.0 */ 56*7c478bd9Sstevel@tonic-gate typedef long int CK_LONG; 57*7c478bd9Sstevel@tonic-gate 58*7c478bd9Sstevel@tonic-gate /* at least 32 bits; each bit is a Boolean flag */ 59*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_FLAGS; 60*7c478bd9Sstevel@tonic-gate 61*7c478bd9Sstevel@tonic-gate 62*7c478bd9Sstevel@tonic-gate /* some special values for certain CK_ULONG variables */ 63*7c478bd9Sstevel@tonic-gate #define CK_UNAVAILABLE_INFORMATION (~0UL) 64*7c478bd9Sstevel@tonic-gate #define CK_EFFECTIVELY_INFINITE 0 65*7c478bd9Sstevel@tonic-gate 66*7c478bd9Sstevel@tonic-gate 67*7c478bd9Sstevel@tonic-gate typedef CK_BYTE CK_PTR CK_BYTE_PTR; 68*7c478bd9Sstevel@tonic-gate typedef CK_CHAR CK_PTR CK_CHAR_PTR; 69*7c478bd9Sstevel@tonic-gate typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; 70*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_PTR CK_ULONG_PTR; 71*7c478bd9Sstevel@tonic-gate typedef void CK_PTR CK_VOID_PTR; 72*7c478bd9Sstevel@tonic-gate 73*7c478bd9Sstevel@tonic-gate /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ 74*7c478bd9Sstevel@tonic-gate typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; 75*7c478bd9Sstevel@tonic-gate 76*7c478bd9Sstevel@tonic-gate 77*7c478bd9Sstevel@tonic-gate /* The following value is always invalid if used as a session */ 78*7c478bd9Sstevel@tonic-gate /* handle or object handle */ 79*7c478bd9Sstevel@tonic-gate #define CK_INVALID_HANDLE 0 80*7c478bd9Sstevel@tonic-gate 81*7c478bd9Sstevel@tonic-gate 82*7c478bd9Sstevel@tonic-gate typedef struct CK_VERSION { 83*7c478bd9Sstevel@tonic-gate CK_BYTE major; /* integer portion of version number */ 84*7c478bd9Sstevel@tonic-gate CK_BYTE minor; /* 1/100ths portion of version number */ 85*7c478bd9Sstevel@tonic-gate } CK_VERSION; 86*7c478bd9Sstevel@tonic-gate 87*7c478bd9Sstevel@tonic-gate typedef CK_VERSION CK_PTR CK_VERSION_PTR; 88*7c478bd9Sstevel@tonic-gate 89*7c478bd9Sstevel@tonic-gate 90*7c478bd9Sstevel@tonic-gate typedef struct CK_INFO { 91*7c478bd9Sstevel@tonic-gate /* manufacturerID and libraryDecription have been changed from 92*7c478bd9Sstevel@tonic-gate * CK_CHAR to CK_UTF8CHAR for v2.10 */ 93*7c478bd9Sstevel@tonic-gate CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ 94*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 95*7c478bd9Sstevel@tonic-gate CK_FLAGS flags; /* must be zero */ 96*7c478bd9Sstevel@tonic-gate 97*7c478bd9Sstevel@tonic-gate /* libraryDescription and libraryVersion are new for v2.0 */ 98*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR libraryDescription[32]; /* blank padded */ 99*7c478bd9Sstevel@tonic-gate CK_VERSION libraryVersion; /* version of library */ 100*7c478bd9Sstevel@tonic-gate } CK_INFO; 101*7c478bd9Sstevel@tonic-gate 102*7c478bd9Sstevel@tonic-gate typedef CK_INFO CK_PTR CK_INFO_PTR; 103*7c478bd9Sstevel@tonic-gate 104*7c478bd9Sstevel@tonic-gate 105*7c478bd9Sstevel@tonic-gate /* CK_NOTIFICATION enumerates the types of notifications that 106*7c478bd9Sstevel@tonic-gate * Cryptoki provides to an application */ 107*7c478bd9Sstevel@tonic-gate /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG 108*7c478bd9Sstevel@tonic-gate * for v2.0 */ 109*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_NOTIFICATION; 110*7c478bd9Sstevel@tonic-gate #define CKN_SURRENDER 0 111*7c478bd9Sstevel@tonic-gate 112*7c478bd9Sstevel@tonic-gate 113*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_SLOT_ID; 114*7c478bd9Sstevel@tonic-gate 115*7c478bd9Sstevel@tonic-gate typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; 116*7c478bd9Sstevel@tonic-gate 117*7c478bd9Sstevel@tonic-gate 118*7c478bd9Sstevel@tonic-gate /* CK_SLOT_INFO provides information about a slot */ 119*7c478bd9Sstevel@tonic-gate typedef struct CK_SLOT_INFO { 120*7c478bd9Sstevel@tonic-gate /* slotDescription and manufacturerID have been changed from 121*7c478bd9Sstevel@tonic-gate * CK_CHAR to CK_UTF8CHAR for v2.10 */ 122*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR slotDescription[64]; /* blank padded */ 123*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 124*7c478bd9Sstevel@tonic-gate CK_FLAGS flags; 125*7c478bd9Sstevel@tonic-gate 126*7c478bd9Sstevel@tonic-gate /* hardwareVersion and firmwareVersion are new for v2.0 */ 127*7c478bd9Sstevel@tonic-gate CK_VERSION hardwareVersion; /* version of hardware */ 128*7c478bd9Sstevel@tonic-gate CK_VERSION firmwareVersion; /* version of firmware */ 129*7c478bd9Sstevel@tonic-gate } CK_SLOT_INFO; 130*7c478bd9Sstevel@tonic-gate 131*7c478bd9Sstevel@tonic-gate /* flags: bit flags that provide capabilities of the slot 132*7c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning 133*7c478bd9Sstevel@tonic-gate */ 134*7c478bd9Sstevel@tonic-gate #define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ 135*7c478bd9Sstevel@tonic-gate #define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ 136*7c478bd9Sstevel@tonic-gate #define CKF_HW_SLOT 0x00000004 /* hardware slot */ 137*7c478bd9Sstevel@tonic-gate 138*7c478bd9Sstevel@tonic-gate typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; 139*7c478bd9Sstevel@tonic-gate 140*7c478bd9Sstevel@tonic-gate 141*7c478bd9Sstevel@tonic-gate /* CK_TOKEN_INFO provides information about a token */ 142*7c478bd9Sstevel@tonic-gate typedef struct CK_TOKEN_INFO { 143*7c478bd9Sstevel@tonic-gate /* label, manufacturerID, and model have been changed from 144*7c478bd9Sstevel@tonic-gate * CK_CHAR to CK_UTF8CHAR for v2.10 */ 145*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR label[32]; /* blank padded */ 146*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR manufacturerID[32]; /* blank padded */ 147*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR model[16]; /* blank padded */ 148*7c478bd9Sstevel@tonic-gate CK_CHAR serialNumber[16]; /* blank padded */ 149*7c478bd9Sstevel@tonic-gate CK_FLAGS flags; /* see below */ 150*7c478bd9Sstevel@tonic-gate 151*7c478bd9Sstevel@tonic-gate /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, 152*7c478bd9Sstevel@tonic-gate * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been 153*7c478bd9Sstevel@tonic-gate * changed from CK_USHORT to CK_ULONG for v2.0 */ 154*7c478bd9Sstevel@tonic-gate CK_ULONG ulMaxSessionCount; /* max open sessions */ 155*7c478bd9Sstevel@tonic-gate CK_ULONG ulSessionCount; /* sess. now open */ 156*7c478bd9Sstevel@tonic-gate CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ 157*7c478bd9Sstevel@tonic-gate CK_ULONG ulRwSessionCount; /* R/W sess. now open */ 158*7c478bd9Sstevel@tonic-gate CK_ULONG ulMaxPinLen; /* in bytes */ 159*7c478bd9Sstevel@tonic-gate CK_ULONG ulMinPinLen; /* in bytes */ 160*7c478bd9Sstevel@tonic-gate CK_ULONG ulTotalPublicMemory; /* in bytes */ 161*7c478bd9Sstevel@tonic-gate CK_ULONG ulFreePublicMemory; /* in bytes */ 162*7c478bd9Sstevel@tonic-gate CK_ULONG ulTotalPrivateMemory; /* in bytes */ 163*7c478bd9Sstevel@tonic-gate CK_ULONG ulFreePrivateMemory; /* in bytes */ 164*7c478bd9Sstevel@tonic-gate 165*7c478bd9Sstevel@tonic-gate /* hardwareVersion, firmwareVersion, and time are new for 166*7c478bd9Sstevel@tonic-gate * v2.0 */ 167*7c478bd9Sstevel@tonic-gate CK_VERSION hardwareVersion; /* version of hardware */ 168*7c478bd9Sstevel@tonic-gate CK_VERSION firmwareVersion; /* version of firmware */ 169*7c478bd9Sstevel@tonic-gate CK_CHAR utcTime[16]; /* time */ 170*7c478bd9Sstevel@tonic-gate } CK_TOKEN_INFO; 171*7c478bd9Sstevel@tonic-gate 172*7c478bd9Sstevel@tonic-gate /* The flags parameter is defined as follows: 173*7c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning 174*7c478bd9Sstevel@tonic-gate */ 175*7c478bd9Sstevel@tonic-gate #define CKF_RNG 0x00000001 /* has random # 176*7c478bd9Sstevel@tonic-gate * generator */ 177*7c478bd9Sstevel@tonic-gate #define CKF_WRITE_PROTECTED 0x00000002 /* token is 178*7c478bd9Sstevel@tonic-gate * write- 179*7c478bd9Sstevel@tonic-gate * protected */ 180*7c478bd9Sstevel@tonic-gate #define CKF_LOGIN_REQUIRED 0x00000004 /* user must 181*7c478bd9Sstevel@tonic-gate * login */ 182*7c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's 183*7c478bd9Sstevel@tonic-gate * PIN is set */ 184*7c478bd9Sstevel@tonic-gate 185*7c478bd9Sstevel@tonic-gate /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, 186*7c478bd9Sstevel@tonic-gate * that means that *every* time the state of cryptographic 187*7c478bd9Sstevel@tonic-gate * operations of a session is successfully saved, all keys 188*7c478bd9Sstevel@tonic-gate * needed to continue those operations are stored in the state */ 189*7c478bd9Sstevel@tonic-gate #define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 190*7c478bd9Sstevel@tonic-gate 191*7c478bd9Sstevel@tonic-gate /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means 192*7c478bd9Sstevel@tonic-gate * that the token has some sort of clock. The time on that 193*7c478bd9Sstevel@tonic-gate * clock is returned in the token info structure */ 194*7c478bd9Sstevel@tonic-gate #define CKF_CLOCK_ON_TOKEN 0x00000040 195*7c478bd9Sstevel@tonic-gate 196*7c478bd9Sstevel@tonic-gate /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is 197*7c478bd9Sstevel@tonic-gate * set, that means that there is some way for the user to login 198*7c478bd9Sstevel@tonic-gate * without sending a PIN through the Cryptoki library itself */ 199*7c478bd9Sstevel@tonic-gate #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 200*7c478bd9Sstevel@tonic-gate 201*7c478bd9Sstevel@tonic-gate /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, 202*7c478bd9Sstevel@tonic-gate * that means that a single session with the token can perform 203*7c478bd9Sstevel@tonic-gate * dual simultaneous cryptographic operations (digest and 204*7c478bd9Sstevel@tonic-gate * encrypt; decrypt and digest; sign and encrypt; and decrypt 205*7c478bd9Sstevel@tonic-gate * and sign) */ 206*7c478bd9Sstevel@tonic-gate #define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 207*7c478bd9Sstevel@tonic-gate 208*7c478bd9Sstevel@tonic-gate /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the 209*7c478bd9Sstevel@tonic-gate * token has been initialized using C_InitializeToken or an 210*7c478bd9Sstevel@tonic-gate * equivalent mechanism outside the scope of PKCS #11. 211*7c478bd9Sstevel@tonic-gate * Calling C_InitializeToken when this flag is set will cause 212*7c478bd9Sstevel@tonic-gate * the token to be reinitialized. */ 213*7c478bd9Sstevel@tonic-gate #define CKF_TOKEN_INITIALIZED 0x00000400 214*7c478bd9Sstevel@tonic-gate 215*7c478bd9Sstevel@tonic-gate /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is 216*7c478bd9Sstevel@tonic-gate * true, the token supports secondary authentication for 217*7c478bd9Sstevel@tonic-gate * private key objects. */ 218*7c478bd9Sstevel@tonic-gate #define CKF_SECONDARY_AUTHENTICATION 0x00000800 219*7c478bd9Sstevel@tonic-gate 220*7c478bd9Sstevel@tonic-gate /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an 221*7c478bd9Sstevel@tonic-gate * incorrect user login PIN has been entered at least once 222*7c478bd9Sstevel@tonic-gate * since the last successful authentication. */ 223*7c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_COUNT_LOW 0x00010000 224*7c478bd9Sstevel@tonic-gate 225*7c478bd9Sstevel@tonic-gate /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, 226*7c478bd9Sstevel@tonic-gate * supplying an incorrect user PIN will it to become locked. */ 227*7c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_FINAL_TRY 0x00020000 228*7c478bd9Sstevel@tonic-gate 229*7c478bd9Sstevel@tonic-gate /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the 230*7c478bd9Sstevel@tonic-gate * user PIN has been locked. User login to the token is not 231*7c478bd9Sstevel@tonic-gate * possible. */ 232*7c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_LOCKED 0x00040000 233*7c478bd9Sstevel@tonic-gate 234*7c478bd9Sstevel@tonic-gate /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 235*7c478bd9Sstevel@tonic-gate * the user PIN value is the default value set by token 236*7c478bd9Sstevel@tonic-gate * initialization or manufacturing, or the PIN has been 237*7c478bd9Sstevel@tonic-gate * expired by the card. */ 238*7c478bd9Sstevel@tonic-gate #define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 239*7c478bd9Sstevel@tonic-gate 240*7c478bd9Sstevel@tonic-gate /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an 241*7c478bd9Sstevel@tonic-gate * incorrect SO login PIN has been entered at least once since 242*7c478bd9Sstevel@tonic-gate * the last successful authentication. */ 243*7c478bd9Sstevel@tonic-gate #define CKF_SO_PIN_COUNT_LOW 0x00100000 244*7c478bd9Sstevel@tonic-gate 245*7c478bd9Sstevel@tonic-gate /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, 246*7c478bd9Sstevel@tonic-gate * supplying an incorrect SO PIN will it to become locked. */ 247*7c478bd9Sstevel@tonic-gate #define CKF_SO_PIN_FINAL_TRY 0x00200000 248*7c478bd9Sstevel@tonic-gate 249*7c478bd9Sstevel@tonic-gate /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO 250*7c478bd9Sstevel@tonic-gate * PIN has been locked. SO login to the token is not possible. 251*7c478bd9Sstevel@tonic-gate */ 252*7c478bd9Sstevel@tonic-gate #define CKF_SO_PIN_LOCKED 0x00400000 253*7c478bd9Sstevel@tonic-gate 254*7c478bd9Sstevel@tonic-gate /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 255*7c478bd9Sstevel@tonic-gate * the SO PIN value is the default value set by token 256*7c478bd9Sstevel@tonic-gate * initialization or manufacturing, or the PIN has been 257*7c478bd9Sstevel@tonic-gate * expired by the card. */ 258*7c478bd9Sstevel@tonic-gate #define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 259*7c478bd9Sstevel@tonic-gate 260*7c478bd9Sstevel@tonic-gate typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; 261*7c478bd9Sstevel@tonic-gate 262*7c478bd9Sstevel@tonic-gate 263*7c478bd9Sstevel@tonic-gate /* CK_SESSION_HANDLE is a Cryptoki-assigned value that 264*7c478bd9Sstevel@tonic-gate * identifies a session */ 265*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_SESSION_HANDLE; 266*7c478bd9Sstevel@tonic-gate 267*7c478bd9Sstevel@tonic-gate typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 268*7c478bd9Sstevel@tonic-gate 269*7c478bd9Sstevel@tonic-gate 270*7c478bd9Sstevel@tonic-gate /* CK_USER_TYPE enumerates the types of Cryptoki users */ 271*7c478bd9Sstevel@tonic-gate /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for 272*7c478bd9Sstevel@tonic-gate * v2.0 */ 273*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_USER_TYPE; 274*7c478bd9Sstevel@tonic-gate /* Security Officer */ 275*7c478bd9Sstevel@tonic-gate #define CKU_SO 0 276*7c478bd9Sstevel@tonic-gate /* Normal user */ 277*7c478bd9Sstevel@tonic-gate #define CKU_USER 1 278*7c478bd9Sstevel@tonic-gate 279*7c478bd9Sstevel@tonic-gate 280*7c478bd9Sstevel@tonic-gate /* CK_STATE enumerates the session states */ 281*7c478bd9Sstevel@tonic-gate /* CK_STATE has been changed from an enum to a CK_ULONG for 282*7c478bd9Sstevel@tonic-gate * v2.0 */ 283*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_STATE; 284*7c478bd9Sstevel@tonic-gate #define CKS_RO_PUBLIC_SESSION 0 285*7c478bd9Sstevel@tonic-gate #define CKS_RO_USER_FUNCTIONS 1 286*7c478bd9Sstevel@tonic-gate #define CKS_RW_PUBLIC_SESSION 2 287*7c478bd9Sstevel@tonic-gate #define CKS_RW_USER_FUNCTIONS 3 288*7c478bd9Sstevel@tonic-gate #define CKS_RW_SO_FUNCTIONS 4 289*7c478bd9Sstevel@tonic-gate 290*7c478bd9Sstevel@tonic-gate 291*7c478bd9Sstevel@tonic-gate /* CK_SESSION_INFO provides information about a session */ 292*7c478bd9Sstevel@tonic-gate typedef struct CK_SESSION_INFO { 293*7c478bd9Sstevel@tonic-gate CK_SLOT_ID slotID; 294*7c478bd9Sstevel@tonic-gate CK_STATE state; 295*7c478bd9Sstevel@tonic-gate CK_FLAGS flags; /* see below */ 296*7c478bd9Sstevel@tonic-gate 297*7c478bd9Sstevel@tonic-gate /* ulDeviceError was changed from CK_USHORT to CK_ULONG for 298*7c478bd9Sstevel@tonic-gate * v2.0 */ 299*7c478bd9Sstevel@tonic-gate CK_ULONG ulDeviceError; /* device-dependent error code */ 300*7c478bd9Sstevel@tonic-gate } CK_SESSION_INFO; 301*7c478bd9Sstevel@tonic-gate 302*7c478bd9Sstevel@tonic-gate /* The flags are defined in the following table: 303*7c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning 304*7c478bd9Sstevel@tonic-gate */ 305*7c478bd9Sstevel@tonic-gate #define CKF_RW_SESSION 0x00000002 /* session is r/w */ 306*7c478bd9Sstevel@tonic-gate #define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ 307*7c478bd9Sstevel@tonic-gate 308*7c478bd9Sstevel@tonic-gate typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; 309*7c478bd9Sstevel@tonic-gate 310*7c478bd9Sstevel@tonic-gate 311*7c478bd9Sstevel@tonic-gate /* CK_OBJECT_HANDLE is a token-specific identifier for an 312*7c478bd9Sstevel@tonic-gate * object */ 313*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_OBJECT_HANDLE; 314*7c478bd9Sstevel@tonic-gate 315*7c478bd9Sstevel@tonic-gate typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; 316*7c478bd9Sstevel@tonic-gate 317*7c478bd9Sstevel@tonic-gate 318*7c478bd9Sstevel@tonic-gate /* CK_OBJECT_CLASS is a value that identifies the classes (or 319*7c478bd9Sstevel@tonic-gate * types) of objects that Cryptoki recognizes. It is defined 320*7c478bd9Sstevel@tonic-gate * as follows: */ 321*7c478bd9Sstevel@tonic-gate /* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for 322*7c478bd9Sstevel@tonic-gate * v2.0 */ 323*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_OBJECT_CLASS; 324*7c478bd9Sstevel@tonic-gate 325*7c478bd9Sstevel@tonic-gate /* The following classes of objects are defined: */ 326*7c478bd9Sstevel@tonic-gate /* CKO_HW_FEATURE is new for v2.10 */ 327*7c478bd9Sstevel@tonic-gate /* CKO_DOMAIN_PARAMETERS is new for v2.11 */ 328*7c478bd9Sstevel@tonic-gate #define CKO_DATA 0x00000000 329*7c478bd9Sstevel@tonic-gate #define CKO_CERTIFICATE 0x00000001 330*7c478bd9Sstevel@tonic-gate #define CKO_PUBLIC_KEY 0x00000002 331*7c478bd9Sstevel@tonic-gate #define CKO_PRIVATE_KEY 0x00000003 332*7c478bd9Sstevel@tonic-gate #define CKO_SECRET_KEY 0x00000004 333*7c478bd9Sstevel@tonic-gate #define CKO_HW_FEATURE 0x00000005 334*7c478bd9Sstevel@tonic-gate #define CKO_DOMAIN_PARAMETERS 0x00000006 335*7c478bd9Sstevel@tonic-gate #define CKO_VENDOR_DEFINED 0x80000000 336*7c478bd9Sstevel@tonic-gate 337*7c478bd9Sstevel@tonic-gate typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; 338*7c478bd9Sstevel@tonic-gate 339*7c478bd9Sstevel@tonic-gate /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a 340*7c478bd9Sstevel@tonic-gate * value that identifies the hardware feature type of an object 341*7c478bd9Sstevel@tonic-gate * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ 342*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_HW_FEATURE_TYPE; 343*7c478bd9Sstevel@tonic-gate 344*7c478bd9Sstevel@tonic-gate /* The following hardware feature types are defined */ 345*7c478bd9Sstevel@tonic-gate #define CKH_MONOTONIC_COUNTER 0x00000001 346*7c478bd9Sstevel@tonic-gate #define CKH_CLOCK 0x00000002 347*7c478bd9Sstevel@tonic-gate #define CKH_VENDOR_DEFINED 0x80000000 348*7c478bd9Sstevel@tonic-gate 349*7c478bd9Sstevel@tonic-gate /* CK_KEY_TYPE is a value that identifies a key type */ 350*7c478bd9Sstevel@tonic-gate /* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ 351*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_KEY_TYPE; 352*7c478bd9Sstevel@tonic-gate 353*7c478bd9Sstevel@tonic-gate /* the following key types are defined: */ 354*7c478bd9Sstevel@tonic-gate #define CKK_RSA 0x00000000 355*7c478bd9Sstevel@tonic-gate #define CKK_DSA 0x00000001 356*7c478bd9Sstevel@tonic-gate #define CKK_DH 0x00000002 357*7c478bd9Sstevel@tonic-gate 358*7c478bd9Sstevel@tonic-gate /* CKK_ECDSA and CKK_KEA are new for v2.0 */ 359*7c478bd9Sstevel@tonic-gate /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ 360*7c478bd9Sstevel@tonic-gate #define CKK_ECDSA 0x00000003 361*7c478bd9Sstevel@tonic-gate #define CKK_EC 0x00000003 362*7c478bd9Sstevel@tonic-gate #define CKK_X9_42_DH 0x00000004 363*7c478bd9Sstevel@tonic-gate #define CKK_KEA 0x00000005 364*7c478bd9Sstevel@tonic-gate 365*7c478bd9Sstevel@tonic-gate #define CKK_GENERIC_SECRET 0x00000010 366*7c478bd9Sstevel@tonic-gate #define CKK_RC2 0x00000011 367*7c478bd9Sstevel@tonic-gate #define CKK_RC4 0x00000012 368*7c478bd9Sstevel@tonic-gate #define CKK_DES 0x00000013 369*7c478bd9Sstevel@tonic-gate #define CKK_DES2 0x00000014 370*7c478bd9Sstevel@tonic-gate #define CKK_DES3 0x00000015 371*7c478bd9Sstevel@tonic-gate 372*7c478bd9Sstevel@tonic-gate /* all these key types are new for v2.0 */ 373*7c478bd9Sstevel@tonic-gate #define CKK_CAST 0x00000016 374*7c478bd9Sstevel@tonic-gate #define CKK_CAST3 0x00000017 375*7c478bd9Sstevel@tonic-gate /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ 376*7c478bd9Sstevel@tonic-gate #define CKK_CAST5 0x00000018 377*7c478bd9Sstevel@tonic-gate #define CKK_CAST128 0x00000018 378*7c478bd9Sstevel@tonic-gate #define CKK_RC5 0x00000019 379*7c478bd9Sstevel@tonic-gate #define CKK_IDEA 0x0000001A 380*7c478bd9Sstevel@tonic-gate #define CKK_SKIPJACK 0x0000001B 381*7c478bd9Sstevel@tonic-gate #define CKK_BATON 0x0000001C 382*7c478bd9Sstevel@tonic-gate #define CKK_JUNIPER 0x0000001D 383*7c478bd9Sstevel@tonic-gate #define CKK_CDMF 0x0000001E 384*7c478bd9Sstevel@tonic-gate #define CKK_AES 0x0000001F 385*7c478bd9Sstevel@tonic-gate 386*7c478bd9Sstevel@tonic-gate #define CKK_VENDOR_DEFINED 0x80000000 387*7c478bd9Sstevel@tonic-gate 388*7c478bd9Sstevel@tonic-gate 389*7c478bd9Sstevel@tonic-gate /* CK_CERTIFICATE_TYPE is a value that identifies a certificate 390*7c478bd9Sstevel@tonic-gate * type */ 391*7c478bd9Sstevel@tonic-gate /* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG 392*7c478bd9Sstevel@tonic-gate * for v2.0 */ 393*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_CERTIFICATE_TYPE; 394*7c478bd9Sstevel@tonic-gate 395*7c478bd9Sstevel@tonic-gate /* The following certificate types are defined: */ 396*7c478bd9Sstevel@tonic-gate /* CKC_X_509_ATTR_CERT is new for v2.10 */ 397*7c478bd9Sstevel@tonic-gate #define CKC_X_509 0x00000000 398*7c478bd9Sstevel@tonic-gate #define CKC_X_509_ATTR_CERT 0x00000001 399*7c478bd9Sstevel@tonic-gate #define CKC_VENDOR_DEFINED 0x80000000 400*7c478bd9Sstevel@tonic-gate 401*7c478bd9Sstevel@tonic-gate 402*7c478bd9Sstevel@tonic-gate /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute 403*7c478bd9Sstevel@tonic-gate * type */ 404*7c478bd9Sstevel@tonic-gate /* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for 405*7c478bd9Sstevel@tonic-gate * v2.0 */ 406*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_ATTRIBUTE_TYPE; 407*7c478bd9Sstevel@tonic-gate 408*7c478bd9Sstevel@tonic-gate /* The following attribute types are defined: */ 409*7c478bd9Sstevel@tonic-gate #define CKA_CLASS 0x00000000 410*7c478bd9Sstevel@tonic-gate #define CKA_TOKEN 0x00000001 411*7c478bd9Sstevel@tonic-gate #define CKA_PRIVATE 0x00000002 412*7c478bd9Sstevel@tonic-gate #define CKA_LABEL 0x00000003 413*7c478bd9Sstevel@tonic-gate #define CKA_APPLICATION 0x00000010 414*7c478bd9Sstevel@tonic-gate #define CKA_VALUE 0x00000011 415*7c478bd9Sstevel@tonic-gate 416*7c478bd9Sstevel@tonic-gate /* CKA_OBJECT_ID is new for v2.10 */ 417*7c478bd9Sstevel@tonic-gate #define CKA_OBJECT_ID 0x00000012 418*7c478bd9Sstevel@tonic-gate 419*7c478bd9Sstevel@tonic-gate #define CKA_CERTIFICATE_TYPE 0x00000080 420*7c478bd9Sstevel@tonic-gate #define CKA_ISSUER 0x00000081 421*7c478bd9Sstevel@tonic-gate #define CKA_SERIAL_NUMBER 0x00000082 422*7c478bd9Sstevel@tonic-gate 423*7c478bd9Sstevel@tonic-gate /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new 424*7c478bd9Sstevel@tonic-gate * for v2.10 */ 425*7c478bd9Sstevel@tonic-gate #define CKA_AC_ISSUER 0x00000083 426*7c478bd9Sstevel@tonic-gate #define CKA_OWNER 0x00000084 427*7c478bd9Sstevel@tonic-gate #define CKA_ATTR_TYPES 0x00000085 428*7c478bd9Sstevel@tonic-gate 429*7c478bd9Sstevel@tonic-gate /* CKA_TRUSTED is new for v2.11 */ 430*7c478bd9Sstevel@tonic-gate #define CKA_TRUSTED 0x00000086 431*7c478bd9Sstevel@tonic-gate 432*7c478bd9Sstevel@tonic-gate #define CKA_KEY_TYPE 0x00000100 433*7c478bd9Sstevel@tonic-gate #define CKA_SUBJECT 0x00000101 434*7c478bd9Sstevel@tonic-gate #define CKA_ID 0x00000102 435*7c478bd9Sstevel@tonic-gate #define CKA_SENSITIVE 0x00000103 436*7c478bd9Sstevel@tonic-gate #define CKA_ENCRYPT 0x00000104 437*7c478bd9Sstevel@tonic-gate #define CKA_DECRYPT 0x00000105 438*7c478bd9Sstevel@tonic-gate #define CKA_WRAP 0x00000106 439*7c478bd9Sstevel@tonic-gate #define CKA_UNWRAP 0x00000107 440*7c478bd9Sstevel@tonic-gate #define CKA_SIGN 0x00000108 441*7c478bd9Sstevel@tonic-gate #define CKA_SIGN_RECOVER 0x00000109 442*7c478bd9Sstevel@tonic-gate #define CKA_VERIFY 0x0000010A 443*7c478bd9Sstevel@tonic-gate #define CKA_VERIFY_RECOVER 0x0000010B 444*7c478bd9Sstevel@tonic-gate #define CKA_DERIVE 0x0000010C 445*7c478bd9Sstevel@tonic-gate #define CKA_START_DATE 0x00000110 446*7c478bd9Sstevel@tonic-gate #define CKA_END_DATE 0x00000111 447*7c478bd9Sstevel@tonic-gate #define CKA_MODULUS 0x00000120 448*7c478bd9Sstevel@tonic-gate #define CKA_MODULUS_BITS 0x00000121 449*7c478bd9Sstevel@tonic-gate #define CKA_PUBLIC_EXPONENT 0x00000122 450*7c478bd9Sstevel@tonic-gate #define CKA_PRIVATE_EXPONENT 0x00000123 451*7c478bd9Sstevel@tonic-gate #define CKA_PRIME_1 0x00000124 452*7c478bd9Sstevel@tonic-gate #define CKA_PRIME_2 0x00000125 453*7c478bd9Sstevel@tonic-gate #define CKA_EXPONENT_1 0x00000126 454*7c478bd9Sstevel@tonic-gate #define CKA_EXPONENT_2 0x00000127 455*7c478bd9Sstevel@tonic-gate #define CKA_COEFFICIENT 0x00000128 456*7c478bd9Sstevel@tonic-gate #define CKA_PRIME 0x00000130 457*7c478bd9Sstevel@tonic-gate #define CKA_SUBPRIME 0x00000131 458*7c478bd9Sstevel@tonic-gate #define CKA_BASE 0x00000132 459*7c478bd9Sstevel@tonic-gate 460*7c478bd9Sstevel@tonic-gate /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ 461*7c478bd9Sstevel@tonic-gate #define CKA_PRIME_BITS 0x00000133 462*7c478bd9Sstevel@tonic-gate #define CKA_SUBPRIME_BITS 0x00000134 463*7c478bd9Sstevel@tonic-gate #define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS 464*7c478bd9Sstevel@tonic-gate /* (To retain backwards-compatibility) */ 465*7c478bd9Sstevel@tonic-gate 466*7c478bd9Sstevel@tonic-gate #define CKA_VALUE_BITS 0x00000160 467*7c478bd9Sstevel@tonic-gate #define CKA_VALUE_LEN 0x00000161 468*7c478bd9Sstevel@tonic-gate 469*7c478bd9Sstevel@tonic-gate /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, 470*7c478bd9Sstevel@tonic-gate * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, 471*7c478bd9Sstevel@tonic-gate * and CKA_EC_POINT are new for v2.0 */ 472*7c478bd9Sstevel@tonic-gate #define CKA_EXTRACTABLE 0x00000162 473*7c478bd9Sstevel@tonic-gate #define CKA_LOCAL 0x00000163 474*7c478bd9Sstevel@tonic-gate #define CKA_NEVER_EXTRACTABLE 0x00000164 475*7c478bd9Sstevel@tonic-gate #define CKA_ALWAYS_SENSITIVE 0x00000165 476*7c478bd9Sstevel@tonic-gate 477*7c478bd9Sstevel@tonic-gate /* CKA_KEY_GEN_MECHANISM is new for v2.11 */ 478*7c478bd9Sstevel@tonic-gate #define CKA_KEY_GEN_MECHANISM 0x00000166 479*7c478bd9Sstevel@tonic-gate 480*7c478bd9Sstevel@tonic-gate #define CKA_MODIFIABLE 0x00000170 481*7c478bd9Sstevel@tonic-gate 482*7c478bd9Sstevel@tonic-gate /* CKA_ECDSA_PARAMS is deprecated in v2.11, 483*7c478bd9Sstevel@tonic-gate * CKA_EC_PARAMS is preferred. */ 484*7c478bd9Sstevel@tonic-gate #define CKA_ECDSA_PARAMS 0x00000180 485*7c478bd9Sstevel@tonic-gate #define CKA_EC_PARAMS 0x00000180 486*7c478bd9Sstevel@tonic-gate 487*7c478bd9Sstevel@tonic-gate #define CKA_EC_POINT 0x00000181 488*7c478bd9Sstevel@tonic-gate 489*7c478bd9Sstevel@tonic-gate /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, 490*7c478bd9Sstevel@tonic-gate * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET 491*7c478bd9Sstevel@tonic-gate * are new for v2.10 */ 492*7c478bd9Sstevel@tonic-gate #define CKA_SECONDARY_AUTH 0x00000200 493*7c478bd9Sstevel@tonic-gate #define CKA_AUTH_PIN_FLAGS 0x00000201 494*7c478bd9Sstevel@tonic-gate #define CKA_HW_FEATURE_TYPE 0x00000300 495*7c478bd9Sstevel@tonic-gate #define CKA_RESET_ON_INIT 0x00000301 496*7c478bd9Sstevel@tonic-gate #define CKA_HAS_RESET 0x00000302 497*7c478bd9Sstevel@tonic-gate 498*7c478bd9Sstevel@tonic-gate #define CKA_VENDOR_DEFINED 0x80000000 499*7c478bd9Sstevel@tonic-gate 500*7c478bd9Sstevel@tonic-gate 501*7c478bd9Sstevel@tonic-gate /* CK_ATTRIBUTE is a structure that includes the type, length 502*7c478bd9Sstevel@tonic-gate * and value of an attribute */ 503*7c478bd9Sstevel@tonic-gate typedef struct CK_ATTRIBUTE { 504*7c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_TYPE type; 505*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pValue; 506*7c478bd9Sstevel@tonic-gate 507*7c478bd9Sstevel@tonic-gate /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ 508*7c478bd9Sstevel@tonic-gate CK_ULONG ulValueLen; /* in bytes */ 509*7c478bd9Sstevel@tonic-gate } CK_ATTRIBUTE; 510*7c478bd9Sstevel@tonic-gate 511*7c478bd9Sstevel@tonic-gate typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; 512*7c478bd9Sstevel@tonic-gate 513*7c478bd9Sstevel@tonic-gate 514*7c478bd9Sstevel@tonic-gate /* CK_DATE is a structure that defines a date */ 515*7c478bd9Sstevel@tonic-gate typedef struct CK_DATE{ 516*7c478bd9Sstevel@tonic-gate CK_CHAR year[4]; /* the year ("1900" - "9999") */ 517*7c478bd9Sstevel@tonic-gate CK_CHAR month[2]; /* the month ("01" - "12") */ 518*7c478bd9Sstevel@tonic-gate CK_CHAR day[2]; /* the day ("01" - "31") */ 519*7c478bd9Sstevel@tonic-gate } CK_DATE; 520*7c478bd9Sstevel@tonic-gate 521*7c478bd9Sstevel@tonic-gate 522*7c478bd9Sstevel@tonic-gate /* CK_MECHANISM_TYPE is a value that identifies a mechanism 523*7c478bd9Sstevel@tonic-gate * type */ 524*7c478bd9Sstevel@tonic-gate /* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for 525*7c478bd9Sstevel@tonic-gate * v2.0 */ 526*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_MECHANISM_TYPE; 527*7c478bd9Sstevel@tonic-gate 528*7c478bd9Sstevel@tonic-gate /* the following mechanism types are defined: */ 529*7c478bd9Sstevel@tonic-gate #define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 530*7c478bd9Sstevel@tonic-gate #define CKM_RSA_PKCS 0x00000001 531*7c478bd9Sstevel@tonic-gate #define CKM_RSA_9796 0x00000002 532*7c478bd9Sstevel@tonic-gate #define CKM_RSA_X_509 0x00000003 533*7c478bd9Sstevel@tonic-gate 534*7c478bd9Sstevel@tonic-gate /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS 535*7c478bd9Sstevel@tonic-gate * are new for v2.0. They are mechanisms which hash and sign */ 536*7c478bd9Sstevel@tonic-gate #define CKM_MD2_RSA_PKCS 0x00000004 537*7c478bd9Sstevel@tonic-gate #define CKM_MD5_RSA_PKCS 0x00000005 538*7c478bd9Sstevel@tonic-gate #define CKM_SHA1_RSA_PKCS 0x00000006 539*7c478bd9Sstevel@tonic-gate 540*7c478bd9Sstevel@tonic-gate /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and 541*7c478bd9Sstevel@tonic-gate * CKM_RSA_PKCS_OAEP are new for v2.10 */ 542*7c478bd9Sstevel@tonic-gate #define CKM_RIPEMD128_RSA_PKCS 0x00000007 543*7c478bd9Sstevel@tonic-gate #define CKM_RIPEMD160_RSA_PKCS 0x00000008 544*7c478bd9Sstevel@tonic-gate #define CKM_RSA_PKCS_OAEP 0x00000009 545*7c478bd9Sstevel@tonic-gate 546*7c478bd9Sstevel@tonic-gate /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, 547*7c478bd9Sstevel@tonic-gate * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ 548*7c478bd9Sstevel@tonic-gate #define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A 549*7c478bd9Sstevel@tonic-gate #define CKM_RSA_X9_31 0x0000000B 550*7c478bd9Sstevel@tonic-gate #define CKM_SHA1_RSA_X9_31 0x0000000C 551*7c478bd9Sstevel@tonic-gate #define CKM_RSA_PKCS_PSS 0x0000000D 552*7c478bd9Sstevel@tonic-gate #define CKM_SHA1_RSA_PKCS_PSS 0x0000000E 553*7c478bd9Sstevel@tonic-gate 554*7c478bd9Sstevel@tonic-gate #define CKM_DSA_KEY_PAIR_GEN 0x00000010 555*7c478bd9Sstevel@tonic-gate #define CKM_DSA 0x00000011 556*7c478bd9Sstevel@tonic-gate #define CKM_DSA_SHA1 0x00000012 557*7c478bd9Sstevel@tonic-gate #define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 558*7c478bd9Sstevel@tonic-gate #define CKM_DH_PKCS_DERIVE 0x00000021 559*7c478bd9Sstevel@tonic-gate 560*7c478bd9Sstevel@tonic-gate /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, 561*7c478bd9Sstevel@tonic-gate * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for 562*7c478bd9Sstevel@tonic-gate * v2.11 */ 563*7c478bd9Sstevel@tonic-gate #define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 564*7c478bd9Sstevel@tonic-gate #define CKM_X9_42_DH_DERIVE 0x00000031 565*7c478bd9Sstevel@tonic-gate #define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 566*7c478bd9Sstevel@tonic-gate #define CKM_X9_42_MQV_DERIVE 0x00000033 567*7c478bd9Sstevel@tonic-gate 568*7c478bd9Sstevel@tonic-gate #define CKM_RC2_KEY_GEN 0x00000100 569*7c478bd9Sstevel@tonic-gate #define CKM_RC2_ECB 0x00000101 570*7c478bd9Sstevel@tonic-gate #define CKM_RC2_CBC 0x00000102 571*7c478bd9Sstevel@tonic-gate #define CKM_RC2_MAC 0x00000103 572*7c478bd9Sstevel@tonic-gate 573*7c478bd9Sstevel@tonic-gate /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ 574*7c478bd9Sstevel@tonic-gate #define CKM_RC2_MAC_GENERAL 0x00000104 575*7c478bd9Sstevel@tonic-gate #define CKM_RC2_CBC_PAD 0x00000105 576*7c478bd9Sstevel@tonic-gate 577*7c478bd9Sstevel@tonic-gate #define CKM_RC4_KEY_GEN 0x00000110 578*7c478bd9Sstevel@tonic-gate #define CKM_RC4 0x00000111 579*7c478bd9Sstevel@tonic-gate #define CKM_DES_KEY_GEN 0x00000120 580*7c478bd9Sstevel@tonic-gate #define CKM_DES_ECB 0x00000121 581*7c478bd9Sstevel@tonic-gate #define CKM_DES_CBC 0x00000122 582*7c478bd9Sstevel@tonic-gate #define CKM_DES_MAC 0x00000123 583*7c478bd9Sstevel@tonic-gate 584*7c478bd9Sstevel@tonic-gate /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ 585*7c478bd9Sstevel@tonic-gate #define CKM_DES_MAC_GENERAL 0x00000124 586*7c478bd9Sstevel@tonic-gate #define CKM_DES_CBC_PAD 0x00000125 587*7c478bd9Sstevel@tonic-gate 588*7c478bd9Sstevel@tonic-gate #define CKM_DES2_KEY_GEN 0x00000130 589*7c478bd9Sstevel@tonic-gate #define CKM_DES3_KEY_GEN 0x00000131 590*7c478bd9Sstevel@tonic-gate #define CKM_DES3_ECB 0x00000132 591*7c478bd9Sstevel@tonic-gate #define CKM_DES3_CBC 0x00000133 592*7c478bd9Sstevel@tonic-gate #define CKM_DES3_MAC 0x00000134 593*7c478bd9Sstevel@tonic-gate 594*7c478bd9Sstevel@tonic-gate /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, 595*7c478bd9Sstevel@tonic-gate * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, 596*7c478bd9Sstevel@tonic-gate * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ 597*7c478bd9Sstevel@tonic-gate #define CKM_DES3_MAC_GENERAL 0x00000135 598*7c478bd9Sstevel@tonic-gate #define CKM_DES3_CBC_PAD 0x00000136 599*7c478bd9Sstevel@tonic-gate #define CKM_CDMF_KEY_GEN 0x00000140 600*7c478bd9Sstevel@tonic-gate #define CKM_CDMF_ECB 0x00000141 601*7c478bd9Sstevel@tonic-gate #define CKM_CDMF_CBC 0x00000142 602*7c478bd9Sstevel@tonic-gate #define CKM_CDMF_MAC 0x00000143 603*7c478bd9Sstevel@tonic-gate #define CKM_CDMF_MAC_GENERAL 0x00000144 604*7c478bd9Sstevel@tonic-gate #define CKM_CDMF_CBC_PAD 0x00000145 605*7c478bd9Sstevel@tonic-gate 606*7c478bd9Sstevel@tonic-gate #define CKM_MD2 0x00000200 607*7c478bd9Sstevel@tonic-gate 608*7c478bd9Sstevel@tonic-gate /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ 609*7c478bd9Sstevel@tonic-gate #define CKM_MD2_HMAC 0x00000201 610*7c478bd9Sstevel@tonic-gate #define CKM_MD2_HMAC_GENERAL 0x00000202 611*7c478bd9Sstevel@tonic-gate 612*7c478bd9Sstevel@tonic-gate #define CKM_MD5 0x00000210 613*7c478bd9Sstevel@tonic-gate 614*7c478bd9Sstevel@tonic-gate /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ 615*7c478bd9Sstevel@tonic-gate #define CKM_MD5_HMAC 0x00000211 616*7c478bd9Sstevel@tonic-gate #define CKM_MD5_HMAC_GENERAL 0x00000212 617*7c478bd9Sstevel@tonic-gate 618*7c478bd9Sstevel@tonic-gate #define CKM_SHA_1 0x00000220 619*7c478bd9Sstevel@tonic-gate 620*7c478bd9Sstevel@tonic-gate /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ 621*7c478bd9Sstevel@tonic-gate #define CKM_SHA_1_HMAC 0x00000221 622*7c478bd9Sstevel@tonic-gate #define CKM_SHA_1_HMAC_GENERAL 0x00000222 623*7c478bd9Sstevel@tonic-gate 624*7c478bd9Sstevel@tonic-gate /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, 625*7c478bd9Sstevel@tonic-gate * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, 626*7c478bd9Sstevel@tonic-gate * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ 627*7c478bd9Sstevel@tonic-gate #define CKM_RIPEMD128 0x00000230 628*7c478bd9Sstevel@tonic-gate #define CKM_RIPEMD128_HMAC 0x00000231 629*7c478bd9Sstevel@tonic-gate #define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 630*7c478bd9Sstevel@tonic-gate #define CKM_RIPEMD160 0x00000240 631*7c478bd9Sstevel@tonic-gate #define CKM_RIPEMD160_HMAC 0x00000241 632*7c478bd9Sstevel@tonic-gate #define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 633*7c478bd9Sstevel@tonic-gate 634*7c478bd9Sstevel@tonic-gate /* All of the following mechanisms are new for v2.0 */ 635*7c478bd9Sstevel@tonic-gate /* Note that CAST128 and CAST5 are the same algorithm */ 636*7c478bd9Sstevel@tonic-gate #define CKM_CAST_KEY_GEN 0x00000300 637*7c478bd9Sstevel@tonic-gate #define CKM_CAST_ECB 0x00000301 638*7c478bd9Sstevel@tonic-gate #define CKM_CAST_CBC 0x00000302 639*7c478bd9Sstevel@tonic-gate #define CKM_CAST_MAC 0x00000303 640*7c478bd9Sstevel@tonic-gate #define CKM_CAST_MAC_GENERAL 0x00000304 641*7c478bd9Sstevel@tonic-gate #define CKM_CAST_CBC_PAD 0x00000305 642*7c478bd9Sstevel@tonic-gate #define CKM_CAST3_KEY_GEN 0x00000310 643*7c478bd9Sstevel@tonic-gate #define CKM_CAST3_ECB 0x00000311 644*7c478bd9Sstevel@tonic-gate #define CKM_CAST3_CBC 0x00000312 645*7c478bd9Sstevel@tonic-gate #define CKM_CAST3_MAC 0x00000313 646*7c478bd9Sstevel@tonic-gate #define CKM_CAST3_MAC_GENERAL 0x00000314 647*7c478bd9Sstevel@tonic-gate #define CKM_CAST3_CBC_PAD 0x00000315 648*7c478bd9Sstevel@tonic-gate #define CKM_CAST5_KEY_GEN 0x00000320 649*7c478bd9Sstevel@tonic-gate #define CKM_CAST128_KEY_GEN 0x00000320 650*7c478bd9Sstevel@tonic-gate #define CKM_CAST5_ECB 0x00000321 651*7c478bd9Sstevel@tonic-gate #define CKM_CAST128_ECB 0x00000321 652*7c478bd9Sstevel@tonic-gate #define CKM_CAST5_CBC 0x00000322 653*7c478bd9Sstevel@tonic-gate #define CKM_CAST128_CBC 0x00000322 654*7c478bd9Sstevel@tonic-gate #define CKM_CAST5_MAC 0x00000323 655*7c478bd9Sstevel@tonic-gate #define CKM_CAST128_MAC 0x00000323 656*7c478bd9Sstevel@tonic-gate #define CKM_CAST5_MAC_GENERAL 0x00000324 657*7c478bd9Sstevel@tonic-gate #define CKM_CAST128_MAC_GENERAL 0x00000324 658*7c478bd9Sstevel@tonic-gate #define CKM_CAST5_CBC_PAD 0x00000325 659*7c478bd9Sstevel@tonic-gate #define CKM_CAST128_CBC_PAD 0x00000325 660*7c478bd9Sstevel@tonic-gate #define CKM_RC5_KEY_GEN 0x00000330 661*7c478bd9Sstevel@tonic-gate #define CKM_RC5_ECB 0x00000331 662*7c478bd9Sstevel@tonic-gate #define CKM_RC5_CBC 0x00000332 663*7c478bd9Sstevel@tonic-gate #define CKM_RC5_MAC 0x00000333 664*7c478bd9Sstevel@tonic-gate #define CKM_RC5_MAC_GENERAL 0x00000334 665*7c478bd9Sstevel@tonic-gate #define CKM_RC5_CBC_PAD 0x00000335 666*7c478bd9Sstevel@tonic-gate #define CKM_IDEA_KEY_GEN 0x00000340 667*7c478bd9Sstevel@tonic-gate #define CKM_IDEA_ECB 0x00000341 668*7c478bd9Sstevel@tonic-gate #define CKM_IDEA_CBC 0x00000342 669*7c478bd9Sstevel@tonic-gate #define CKM_IDEA_MAC 0x00000343 670*7c478bd9Sstevel@tonic-gate #define CKM_IDEA_MAC_GENERAL 0x00000344 671*7c478bd9Sstevel@tonic-gate #define CKM_IDEA_CBC_PAD 0x00000345 672*7c478bd9Sstevel@tonic-gate #define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 673*7c478bd9Sstevel@tonic-gate #define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 674*7c478bd9Sstevel@tonic-gate #define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 675*7c478bd9Sstevel@tonic-gate #define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 676*7c478bd9Sstevel@tonic-gate #define CKM_XOR_BASE_AND_DATA 0x00000364 677*7c478bd9Sstevel@tonic-gate #define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 678*7c478bd9Sstevel@tonic-gate #define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 679*7c478bd9Sstevel@tonic-gate #define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 680*7c478bd9Sstevel@tonic-gate #define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 681*7c478bd9Sstevel@tonic-gate 682*7c478bd9Sstevel@tonic-gate /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, 683*7c478bd9Sstevel@tonic-gate * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and 684*7c478bd9Sstevel@tonic-gate * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ 685*7c478bd9Sstevel@tonic-gate #define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 686*7c478bd9Sstevel@tonic-gate #define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 687*7c478bd9Sstevel@tonic-gate #define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 688*7c478bd9Sstevel@tonic-gate #define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 689*7c478bd9Sstevel@tonic-gate #define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 690*7c478bd9Sstevel@tonic-gate 691*7c478bd9Sstevel@tonic-gate #define CKM_SSL3_MD5_MAC 0x00000380 692*7c478bd9Sstevel@tonic-gate #define CKM_SSL3_SHA1_MAC 0x00000381 693*7c478bd9Sstevel@tonic-gate #define CKM_MD5_KEY_DERIVATION 0x00000390 694*7c478bd9Sstevel@tonic-gate #define CKM_MD2_KEY_DERIVATION 0x00000391 695*7c478bd9Sstevel@tonic-gate #define CKM_SHA1_KEY_DERIVATION 0x00000392 696*7c478bd9Sstevel@tonic-gate #define CKM_PBE_MD2_DES_CBC 0x000003A0 697*7c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_DES_CBC 0x000003A1 698*7c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_CAST_CBC 0x000003A2 699*7c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_CAST3_CBC 0x000003A3 700*7c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_CAST5_CBC 0x000003A4 701*7c478bd9Sstevel@tonic-gate #define CKM_PBE_MD5_CAST128_CBC 0x000003A4 702*7c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 703*7c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 704*7c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_RC4_128 0x000003A6 705*7c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_RC4_40 0x000003A7 706*7c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 707*7c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 708*7c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA 709*7c478bd9Sstevel@tonic-gate #define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB 710*7c478bd9Sstevel@tonic-gate 711*7c478bd9Sstevel@tonic-gate /* CKM_PKCS5_PBKD2 is new for v2.10 */ 712*7c478bd9Sstevel@tonic-gate #define CKM_PKCS5_PBKD2 0x000003B0 713*7c478bd9Sstevel@tonic-gate 714*7c478bd9Sstevel@tonic-gate #define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 715*7c478bd9Sstevel@tonic-gate #define CKM_KEY_WRAP_LYNKS 0x00000400 716*7c478bd9Sstevel@tonic-gate #define CKM_KEY_WRAP_SET_OAEP 0x00000401 717*7c478bd9Sstevel@tonic-gate 718*7c478bd9Sstevel@tonic-gate /* Fortezza mechanisms */ 719*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_KEY_GEN 0x00001000 720*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_ECB64 0x00001001 721*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CBC64 0x00001002 722*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_OFB64 0x00001003 723*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CFB64 0x00001004 724*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CFB32 0x00001005 725*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CFB16 0x00001006 726*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_CFB8 0x00001007 727*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_WRAP 0x00001008 728*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 729*7c478bd9Sstevel@tonic-gate #define CKM_SKIPJACK_RELAYX 0x0000100a 730*7c478bd9Sstevel@tonic-gate #define CKM_KEA_KEY_PAIR_GEN 0x00001010 731*7c478bd9Sstevel@tonic-gate #define CKM_KEA_KEY_DERIVE 0x00001011 732*7c478bd9Sstevel@tonic-gate #define CKM_FORTEZZA_TIMESTAMP 0x00001020 733*7c478bd9Sstevel@tonic-gate #define CKM_BATON_KEY_GEN 0x00001030 734*7c478bd9Sstevel@tonic-gate #define CKM_BATON_ECB128 0x00001031 735*7c478bd9Sstevel@tonic-gate #define CKM_BATON_ECB96 0x00001032 736*7c478bd9Sstevel@tonic-gate #define CKM_BATON_CBC128 0x00001033 737*7c478bd9Sstevel@tonic-gate #define CKM_BATON_COUNTER 0x00001034 738*7c478bd9Sstevel@tonic-gate #define CKM_BATON_SHUFFLE 0x00001035 739*7c478bd9Sstevel@tonic-gate #define CKM_BATON_WRAP 0x00001036 740*7c478bd9Sstevel@tonic-gate 741*7c478bd9Sstevel@tonic-gate /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, 742*7c478bd9Sstevel@tonic-gate * CKM_EC_KEY_PAIR_GEN is preferred */ 743*7c478bd9Sstevel@tonic-gate #define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 744*7c478bd9Sstevel@tonic-gate #define CKM_EC_KEY_PAIR_GEN 0x00001040 745*7c478bd9Sstevel@tonic-gate 746*7c478bd9Sstevel@tonic-gate #define CKM_ECDSA 0x00001041 747*7c478bd9Sstevel@tonic-gate #define CKM_ECDSA_SHA1 0x00001042 748*7c478bd9Sstevel@tonic-gate 749*7c478bd9Sstevel@tonic-gate /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE 750*7c478bd9Sstevel@tonic-gate * are new for v2.11 */ 751*7c478bd9Sstevel@tonic-gate #define CKM_ECDH1_DERIVE 0x00001050 752*7c478bd9Sstevel@tonic-gate #define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 753*7c478bd9Sstevel@tonic-gate #define CKM_ECMQV_DERIVE 0x00001052 754*7c478bd9Sstevel@tonic-gate 755*7c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_KEY_GEN 0x00001060 756*7c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_ECB128 0x00001061 757*7c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_CBC128 0x00001062 758*7c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_COUNTER 0x00001063 759*7c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_SHUFFLE 0x00001064 760*7c478bd9Sstevel@tonic-gate #define CKM_JUNIPER_WRAP 0x00001065 761*7c478bd9Sstevel@tonic-gate #define CKM_FASTHASH 0x00001070 762*7c478bd9Sstevel@tonic-gate 763*7c478bd9Sstevel@tonic-gate /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, 764*7c478bd9Sstevel@tonic-gate * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, 765*7c478bd9Sstevel@tonic-gate * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are 766*7c478bd9Sstevel@tonic-gate * new for v2.11 */ 767*7c478bd9Sstevel@tonic-gate #define CKM_AES_KEY_GEN 0x00001080 768*7c478bd9Sstevel@tonic-gate #define CKM_AES_ECB 0x00001081 769*7c478bd9Sstevel@tonic-gate #define CKM_AES_CBC 0x00001082 770*7c478bd9Sstevel@tonic-gate #define CKM_AES_MAC 0x00001083 771*7c478bd9Sstevel@tonic-gate #define CKM_AES_MAC_GENERAL 0x00001084 772*7c478bd9Sstevel@tonic-gate #define CKM_AES_CBC_PAD 0x00001085 773*7c478bd9Sstevel@tonic-gate #define CKM_DSA_PARAMETER_GEN 0x00002000 774*7c478bd9Sstevel@tonic-gate #define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 775*7c478bd9Sstevel@tonic-gate #define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 776*7c478bd9Sstevel@tonic-gate 777*7c478bd9Sstevel@tonic-gate #define CKM_VENDOR_DEFINED 0x80000000 778*7c478bd9Sstevel@tonic-gate 779*7c478bd9Sstevel@tonic-gate typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; 780*7c478bd9Sstevel@tonic-gate 781*7c478bd9Sstevel@tonic-gate 782*7c478bd9Sstevel@tonic-gate /* CK_MECHANISM is a structure that specifies a particular 783*7c478bd9Sstevel@tonic-gate * mechanism */ 784*7c478bd9Sstevel@tonic-gate typedef struct CK_MECHANISM { 785*7c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mechanism; 786*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pParameter; 787*7c478bd9Sstevel@tonic-gate 788*7c478bd9Sstevel@tonic-gate /* ulParameterLen was changed from CK_USHORT to CK_ULONG for 789*7c478bd9Sstevel@tonic-gate * v2.0 */ 790*7c478bd9Sstevel@tonic-gate CK_ULONG ulParameterLen; /* in bytes */ 791*7c478bd9Sstevel@tonic-gate } CK_MECHANISM; 792*7c478bd9Sstevel@tonic-gate 793*7c478bd9Sstevel@tonic-gate typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; 794*7c478bd9Sstevel@tonic-gate 795*7c478bd9Sstevel@tonic-gate 796*7c478bd9Sstevel@tonic-gate /* CK_MECHANISM_INFO provides information about a particular 797*7c478bd9Sstevel@tonic-gate * mechanism */ 798*7c478bd9Sstevel@tonic-gate typedef struct CK_MECHANISM_INFO { 799*7c478bd9Sstevel@tonic-gate CK_ULONG ulMinKeySize; 800*7c478bd9Sstevel@tonic-gate CK_ULONG ulMaxKeySize; 801*7c478bd9Sstevel@tonic-gate CK_FLAGS flags; 802*7c478bd9Sstevel@tonic-gate } CK_MECHANISM_INFO; 803*7c478bd9Sstevel@tonic-gate 804*7c478bd9Sstevel@tonic-gate /* The flags are defined as follows: 805*7c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning */ 806*7c478bd9Sstevel@tonic-gate #define CKF_HW 0x00000001 /* performed by HW */ 807*7c478bd9Sstevel@tonic-gate 808*7c478bd9Sstevel@tonic-gate /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, 809*7c478bd9Sstevel@tonic-gate * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, 810*7c478bd9Sstevel@tonic-gate * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, 811*7c478bd9Sstevel@tonic-gate * and CKF_DERIVE are new for v2.0. They specify whether or not 812*7c478bd9Sstevel@tonic-gate * a mechanism can be used for a particular task */ 813*7c478bd9Sstevel@tonic-gate #define CKF_ENCRYPT 0x00000100 814*7c478bd9Sstevel@tonic-gate #define CKF_DECRYPT 0x00000200 815*7c478bd9Sstevel@tonic-gate #define CKF_DIGEST 0x00000400 816*7c478bd9Sstevel@tonic-gate #define CKF_SIGN 0x00000800 817*7c478bd9Sstevel@tonic-gate #define CKF_SIGN_RECOVER 0x00001000 818*7c478bd9Sstevel@tonic-gate #define CKF_VERIFY 0x00002000 819*7c478bd9Sstevel@tonic-gate #define CKF_VERIFY_RECOVER 0x00004000 820*7c478bd9Sstevel@tonic-gate #define CKF_GENERATE 0x00008000 821*7c478bd9Sstevel@tonic-gate #define CKF_GENERATE_KEY_PAIR 0x00010000 822*7c478bd9Sstevel@tonic-gate #define CKF_WRAP 0x00020000 823*7c478bd9Sstevel@tonic-gate #define CKF_UNWRAP 0x00040000 824*7c478bd9Sstevel@tonic-gate #define CKF_DERIVE 0x00080000 825*7c478bd9Sstevel@tonic-gate 826*7c478bd9Sstevel@tonic-gate /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, 827*7c478bd9Sstevel@tonic-gate * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They 828*7c478bd9Sstevel@tonic-gate * describe a token's EC capabilities not available in mechanism 829*7c478bd9Sstevel@tonic-gate * information. */ 830*7c478bd9Sstevel@tonic-gate #define CKF_EC_F_P 0x00100000 831*7c478bd9Sstevel@tonic-gate #define CKF_EC_F_2M 0x00200000 832*7c478bd9Sstevel@tonic-gate #define CKF_EC_ECPARAMETERS 0x00400000 833*7c478bd9Sstevel@tonic-gate #define CKF_EC_NAMEDCURVE 0x00800000 834*7c478bd9Sstevel@tonic-gate #define CKF_EC_UNCOMPRESS 0x01000000 835*7c478bd9Sstevel@tonic-gate #define CKF_EC_COMPRESS 0x02000000 836*7c478bd9Sstevel@tonic-gate 837*7c478bd9Sstevel@tonic-gate #define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */ 838*7c478bd9Sstevel@tonic-gate 839*7c478bd9Sstevel@tonic-gate typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; 840*7c478bd9Sstevel@tonic-gate 841*7c478bd9Sstevel@tonic-gate 842*7c478bd9Sstevel@tonic-gate /* CK_RV is a value that identifies the return value of a 843*7c478bd9Sstevel@tonic-gate * Cryptoki function */ 844*7c478bd9Sstevel@tonic-gate /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ 845*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_RV; 846*7c478bd9Sstevel@tonic-gate 847*7c478bd9Sstevel@tonic-gate #define CKR_OK 0x00000000 848*7c478bd9Sstevel@tonic-gate #define CKR_CANCEL 0x00000001 849*7c478bd9Sstevel@tonic-gate #define CKR_HOST_MEMORY 0x00000002 850*7c478bd9Sstevel@tonic-gate #define CKR_SLOT_ID_INVALID 0x00000003 851*7c478bd9Sstevel@tonic-gate 852*7c478bd9Sstevel@tonic-gate /* CKR_FLAGS_INVALID was removed for v2.0 */ 853*7c478bd9Sstevel@tonic-gate 854*7c478bd9Sstevel@tonic-gate /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ 855*7c478bd9Sstevel@tonic-gate #define CKR_GENERAL_ERROR 0x00000005 856*7c478bd9Sstevel@tonic-gate #define CKR_FUNCTION_FAILED 0x00000006 857*7c478bd9Sstevel@tonic-gate 858*7c478bd9Sstevel@tonic-gate /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, 859*7c478bd9Sstevel@tonic-gate * and CKR_CANT_LOCK are new for v2.01 */ 860*7c478bd9Sstevel@tonic-gate #define CKR_ARGUMENTS_BAD 0x00000007 861*7c478bd9Sstevel@tonic-gate #define CKR_NO_EVENT 0x00000008 862*7c478bd9Sstevel@tonic-gate #define CKR_NEED_TO_CREATE_THREADS 0x00000009 863*7c478bd9Sstevel@tonic-gate #define CKR_CANT_LOCK 0x0000000A 864*7c478bd9Sstevel@tonic-gate 865*7c478bd9Sstevel@tonic-gate #define CKR_ATTRIBUTE_READ_ONLY 0x00000010 866*7c478bd9Sstevel@tonic-gate #define CKR_ATTRIBUTE_SENSITIVE 0x00000011 867*7c478bd9Sstevel@tonic-gate #define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 868*7c478bd9Sstevel@tonic-gate #define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 869*7c478bd9Sstevel@tonic-gate #define CKR_DATA_INVALID 0x00000020 870*7c478bd9Sstevel@tonic-gate #define CKR_DATA_LEN_RANGE 0x00000021 871*7c478bd9Sstevel@tonic-gate #define CKR_DEVICE_ERROR 0x00000030 872*7c478bd9Sstevel@tonic-gate #define CKR_DEVICE_MEMORY 0x00000031 873*7c478bd9Sstevel@tonic-gate #define CKR_DEVICE_REMOVED 0x00000032 874*7c478bd9Sstevel@tonic-gate #define CKR_ENCRYPTED_DATA_INVALID 0x00000040 875*7c478bd9Sstevel@tonic-gate #define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 876*7c478bd9Sstevel@tonic-gate #define CKR_FUNCTION_CANCELED 0x00000050 877*7c478bd9Sstevel@tonic-gate #define CKR_FUNCTION_NOT_PARALLEL 0x00000051 878*7c478bd9Sstevel@tonic-gate 879*7c478bd9Sstevel@tonic-gate /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ 880*7c478bd9Sstevel@tonic-gate #define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 881*7c478bd9Sstevel@tonic-gate 882*7c478bd9Sstevel@tonic-gate #define CKR_KEY_HANDLE_INVALID 0x00000060 883*7c478bd9Sstevel@tonic-gate 884*7c478bd9Sstevel@tonic-gate /* CKR_KEY_SENSITIVE was removed for v2.0 */ 885*7c478bd9Sstevel@tonic-gate 886*7c478bd9Sstevel@tonic-gate #define CKR_KEY_SIZE_RANGE 0x00000062 887*7c478bd9Sstevel@tonic-gate #define CKR_KEY_TYPE_INCONSISTENT 0x00000063 888*7c478bd9Sstevel@tonic-gate 889*7c478bd9Sstevel@tonic-gate /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, 890*7c478bd9Sstevel@tonic-gate * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, 891*7c478bd9Sstevel@tonic-gate * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for 892*7c478bd9Sstevel@tonic-gate * v2.0 */ 893*7c478bd9Sstevel@tonic-gate #define CKR_KEY_NOT_NEEDED 0x00000064 894*7c478bd9Sstevel@tonic-gate #define CKR_KEY_CHANGED 0x00000065 895*7c478bd9Sstevel@tonic-gate #define CKR_KEY_NEEDED 0x00000066 896*7c478bd9Sstevel@tonic-gate #define CKR_KEY_INDIGESTIBLE 0x00000067 897*7c478bd9Sstevel@tonic-gate #define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 898*7c478bd9Sstevel@tonic-gate #define CKR_KEY_NOT_WRAPPABLE 0x00000069 899*7c478bd9Sstevel@tonic-gate #define CKR_KEY_UNEXTRACTABLE 0x0000006A 900*7c478bd9Sstevel@tonic-gate 901*7c478bd9Sstevel@tonic-gate #define CKR_MECHANISM_INVALID 0x00000070 902*7c478bd9Sstevel@tonic-gate #define CKR_MECHANISM_PARAM_INVALID 0x00000071 903*7c478bd9Sstevel@tonic-gate 904*7c478bd9Sstevel@tonic-gate /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID 905*7c478bd9Sstevel@tonic-gate * were removed for v2.0 */ 906*7c478bd9Sstevel@tonic-gate #define CKR_OBJECT_HANDLE_INVALID 0x00000082 907*7c478bd9Sstevel@tonic-gate #define CKR_OPERATION_ACTIVE 0x00000090 908*7c478bd9Sstevel@tonic-gate #define CKR_OPERATION_NOT_INITIALIZED 0x00000091 909*7c478bd9Sstevel@tonic-gate #define CKR_PIN_INCORRECT 0x000000A0 910*7c478bd9Sstevel@tonic-gate #define CKR_PIN_INVALID 0x000000A1 911*7c478bd9Sstevel@tonic-gate #define CKR_PIN_LEN_RANGE 0x000000A2 912*7c478bd9Sstevel@tonic-gate 913*7c478bd9Sstevel@tonic-gate /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ 914*7c478bd9Sstevel@tonic-gate #define CKR_PIN_EXPIRED 0x000000A3 915*7c478bd9Sstevel@tonic-gate #define CKR_PIN_LOCKED 0x000000A4 916*7c478bd9Sstevel@tonic-gate 917*7c478bd9Sstevel@tonic-gate #define CKR_SESSION_CLOSED 0x000000B0 918*7c478bd9Sstevel@tonic-gate #define CKR_SESSION_COUNT 0x000000B1 919*7c478bd9Sstevel@tonic-gate #define CKR_SESSION_HANDLE_INVALID 0x000000B3 920*7c478bd9Sstevel@tonic-gate #define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 921*7c478bd9Sstevel@tonic-gate #define CKR_SESSION_READ_ONLY 0x000000B5 922*7c478bd9Sstevel@tonic-gate #define CKR_SESSION_EXISTS 0x000000B6 923*7c478bd9Sstevel@tonic-gate 924*7c478bd9Sstevel@tonic-gate /* CKR_SESSION_READ_ONLY_EXISTS and 925*7c478bd9Sstevel@tonic-gate * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ 926*7c478bd9Sstevel@tonic-gate #define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 927*7c478bd9Sstevel@tonic-gate #define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 928*7c478bd9Sstevel@tonic-gate 929*7c478bd9Sstevel@tonic-gate #define CKR_SIGNATURE_INVALID 0x000000C0 930*7c478bd9Sstevel@tonic-gate #define CKR_SIGNATURE_LEN_RANGE 0x000000C1 931*7c478bd9Sstevel@tonic-gate #define CKR_TEMPLATE_INCOMPLETE 0x000000D0 932*7c478bd9Sstevel@tonic-gate #define CKR_TEMPLATE_INCONSISTENT 0x000000D1 933*7c478bd9Sstevel@tonic-gate #define CKR_TOKEN_NOT_PRESENT 0x000000E0 934*7c478bd9Sstevel@tonic-gate #define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 935*7c478bd9Sstevel@tonic-gate #define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 936*7c478bd9Sstevel@tonic-gate #define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 937*7c478bd9Sstevel@tonic-gate #define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 938*7c478bd9Sstevel@tonic-gate #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 939*7c478bd9Sstevel@tonic-gate #define CKR_USER_ALREADY_LOGGED_IN 0x00000100 940*7c478bd9Sstevel@tonic-gate #define CKR_USER_NOT_LOGGED_IN 0x00000101 941*7c478bd9Sstevel@tonic-gate #define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 942*7c478bd9Sstevel@tonic-gate #define CKR_USER_TYPE_INVALID 0x00000103 943*7c478bd9Sstevel@tonic-gate 944*7c478bd9Sstevel@tonic-gate /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES 945*7c478bd9Sstevel@tonic-gate * are new to v2.01 */ 946*7c478bd9Sstevel@tonic-gate #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 947*7c478bd9Sstevel@tonic-gate #define CKR_USER_TOO_MANY_TYPES 0x00000105 948*7c478bd9Sstevel@tonic-gate 949*7c478bd9Sstevel@tonic-gate #define CKR_WRAPPED_KEY_INVALID 0x00000110 950*7c478bd9Sstevel@tonic-gate #define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 951*7c478bd9Sstevel@tonic-gate #define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 952*7c478bd9Sstevel@tonic-gate #define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 953*7c478bd9Sstevel@tonic-gate #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 954*7c478bd9Sstevel@tonic-gate #define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 955*7c478bd9Sstevel@tonic-gate 956*7c478bd9Sstevel@tonic-gate /* These are new to v2.0 */ 957*7c478bd9Sstevel@tonic-gate #define CKR_RANDOM_NO_RNG 0x00000121 958*7c478bd9Sstevel@tonic-gate 959*7c478bd9Sstevel@tonic-gate /* These are new to v2.11 */ 960*7c478bd9Sstevel@tonic-gate #define CKR_DOMAIN_PARAMS_INVALID 0x00000130 961*7c478bd9Sstevel@tonic-gate 962*7c478bd9Sstevel@tonic-gate /* These are new to v2.0 */ 963*7c478bd9Sstevel@tonic-gate #define CKR_BUFFER_TOO_SMALL 0x00000150 964*7c478bd9Sstevel@tonic-gate #define CKR_SAVED_STATE_INVALID 0x00000160 965*7c478bd9Sstevel@tonic-gate #define CKR_INFORMATION_SENSITIVE 0x00000170 966*7c478bd9Sstevel@tonic-gate #define CKR_STATE_UNSAVEABLE 0x00000180 967*7c478bd9Sstevel@tonic-gate 968*7c478bd9Sstevel@tonic-gate /* These are new to v2.01 */ 969*7c478bd9Sstevel@tonic-gate #define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 970*7c478bd9Sstevel@tonic-gate #define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 971*7c478bd9Sstevel@tonic-gate #define CKR_MUTEX_BAD 0x000001A0 972*7c478bd9Sstevel@tonic-gate #define CKR_MUTEX_NOT_LOCKED 0x000001A1 973*7c478bd9Sstevel@tonic-gate 974*7c478bd9Sstevel@tonic-gate #define CKR_VENDOR_DEFINED 0x80000000 975*7c478bd9Sstevel@tonic-gate 976*7c478bd9Sstevel@tonic-gate 977*7c478bd9Sstevel@tonic-gate /* CK_NOTIFY is an application callback that processes events */ 978*7c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( 979*7c478bd9Sstevel@tonic-gate CK_SESSION_HANDLE hSession, /* the session's handle */ 980*7c478bd9Sstevel@tonic-gate CK_NOTIFICATION event, 981*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pApplication /* passed to C_OpenSession */ 982*7c478bd9Sstevel@tonic-gate ); 983*7c478bd9Sstevel@tonic-gate 984*7c478bd9Sstevel@tonic-gate 985*7c478bd9Sstevel@tonic-gate /* CK_FUNCTION_LIST is a structure holding a Cryptoki spec 986*7c478bd9Sstevel@tonic-gate * version and pointers of appropriate types to all the 987*7c478bd9Sstevel@tonic-gate * Cryptoki functions */ 988*7c478bd9Sstevel@tonic-gate /* CK_FUNCTION_LIST is new for v2.0 */ 989*7c478bd9Sstevel@tonic-gate typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; 990*7c478bd9Sstevel@tonic-gate 991*7c478bd9Sstevel@tonic-gate typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; 992*7c478bd9Sstevel@tonic-gate 993*7c478bd9Sstevel@tonic-gate typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; 994*7c478bd9Sstevel@tonic-gate 995*7c478bd9Sstevel@tonic-gate 996*7c478bd9Sstevel@tonic-gate /* CK_CREATEMUTEX is an application callback for creating a 997*7c478bd9Sstevel@tonic-gate * mutex object */ 998*7c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( 999*7c478bd9Sstevel@tonic-gate CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ 1000*7c478bd9Sstevel@tonic-gate ); 1001*7c478bd9Sstevel@tonic-gate 1002*7c478bd9Sstevel@tonic-gate 1003*7c478bd9Sstevel@tonic-gate /* CK_DESTROYMUTEX is an application callback for destroying a 1004*7c478bd9Sstevel@tonic-gate * mutex object */ 1005*7c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( 1006*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pMutex /* pointer to mutex */ 1007*7c478bd9Sstevel@tonic-gate ); 1008*7c478bd9Sstevel@tonic-gate 1009*7c478bd9Sstevel@tonic-gate 1010*7c478bd9Sstevel@tonic-gate /* CK_LOCKMUTEX is an application callback for locking a mutex */ 1011*7c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( 1012*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pMutex /* pointer to mutex */ 1013*7c478bd9Sstevel@tonic-gate ); 1014*7c478bd9Sstevel@tonic-gate 1015*7c478bd9Sstevel@tonic-gate 1016*7c478bd9Sstevel@tonic-gate /* CK_UNLOCKMUTEX is an application callback for unlocking a 1017*7c478bd9Sstevel@tonic-gate * mutex */ 1018*7c478bd9Sstevel@tonic-gate typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( 1019*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pMutex /* pointer to mutex */ 1020*7c478bd9Sstevel@tonic-gate ); 1021*7c478bd9Sstevel@tonic-gate 1022*7c478bd9Sstevel@tonic-gate 1023*7c478bd9Sstevel@tonic-gate /* CK_C_INITIALIZE_ARGS provides the optional arguments to 1024*7c478bd9Sstevel@tonic-gate * C_Initialize */ 1025*7c478bd9Sstevel@tonic-gate typedef struct CK_C_INITIALIZE_ARGS { 1026*7c478bd9Sstevel@tonic-gate CK_CREATEMUTEX CreateMutex; 1027*7c478bd9Sstevel@tonic-gate CK_DESTROYMUTEX DestroyMutex; 1028*7c478bd9Sstevel@tonic-gate CK_LOCKMUTEX LockMutex; 1029*7c478bd9Sstevel@tonic-gate CK_UNLOCKMUTEX UnlockMutex; 1030*7c478bd9Sstevel@tonic-gate CK_FLAGS flags; 1031*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pReserved; 1032*7c478bd9Sstevel@tonic-gate } CK_C_INITIALIZE_ARGS; 1033*7c478bd9Sstevel@tonic-gate 1034*7c478bd9Sstevel@tonic-gate /* flags: bit flags that provide capabilities of the slot 1035*7c478bd9Sstevel@tonic-gate * Bit Flag Mask Meaning 1036*7c478bd9Sstevel@tonic-gate */ 1037*7c478bd9Sstevel@tonic-gate #define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 1038*7c478bd9Sstevel@tonic-gate #define CKF_OS_LOCKING_OK 0x00000002 1039*7c478bd9Sstevel@tonic-gate 1040*7c478bd9Sstevel@tonic-gate typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; 1041*7c478bd9Sstevel@tonic-gate 1042*7c478bd9Sstevel@tonic-gate 1043*7c478bd9Sstevel@tonic-gate /* additional flags for parameters to functions */ 1044*7c478bd9Sstevel@tonic-gate 1045*7c478bd9Sstevel@tonic-gate /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ 1046*7c478bd9Sstevel@tonic-gate #define CKF_DONT_BLOCK 1 1047*7c478bd9Sstevel@tonic-gate 1048*7c478bd9Sstevel@tonic-gate /* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. 1049*7c478bd9Sstevel@tonic-gate * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message 1050*7c478bd9Sstevel@tonic-gate * Generation Function (MGF) applied to a message block when 1051*7c478bd9Sstevel@tonic-gate * formatting a message block for the PKCS #1 OAEP encryption 1052*7c478bd9Sstevel@tonic-gate * scheme. */ 1053*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; 1054*7c478bd9Sstevel@tonic-gate 1055*7c478bd9Sstevel@tonic-gate typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; 1056*7c478bd9Sstevel@tonic-gate 1057*7c478bd9Sstevel@tonic-gate /* The following MGFs are defined */ 1058*7c478bd9Sstevel@tonic-gate #define CKG_MGF1_SHA1 0x00000001 1059*7c478bd9Sstevel@tonic-gate 1060*7c478bd9Sstevel@tonic-gate /* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. 1061*7c478bd9Sstevel@tonic-gate * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source 1062*7c478bd9Sstevel@tonic-gate * of the encoding parameter when formatting a message block 1063*7c478bd9Sstevel@tonic-gate * for the PKCS #1 OAEP encryption scheme. */ 1064*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; 1065*7c478bd9Sstevel@tonic-gate 1066*7c478bd9Sstevel@tonic-gate typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; 1067*7c478bd9Sstevel@tonic-gate 1068*7c478bd9Sstevel@tonic-gate /* The following encoding parameter sources are defined */ 1069*7c478bd9Sstevel@tonic-gate #define CKZ_DATA_SPECIFIED 0x00000001 1070*7c478bd9Sstevel@tonic-gate 1071*7c478bd9Sstevel@tonic-gate /* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. 1072*7c478bd9Sstevel@tonic-gate * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the 1073*7c478bd9Sstevel@tonic-gate * CKM_RSA_PKCS_OAEP mechanism. */ 1074*7c478bd9Sstevel@tonic-gate typedef struct CK_RSA_PKCS_OAEP_PARAMS { 1075*7c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE hashAlg; 1076*7c478bd9Sstevel@tonic-gate CK_RSA_PKCS_MGF_TYPE mgf; 1077*7c478bd9Sstevel@tonic-gate CK_RSA_PKCS_OAEP_SOURCE_TYPE source; 1078*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pSourceData; 1079*7c478bd9Sstevel@tonic-gate CK_ULONG ulSourceDataLen; 1080*7c478bd9Sstevel@tonic-gate } CK_RSA_PKCS_OAEP_PARAMS; 1081*7c478bd9Sstevel@tonic-gate 1082*7c478bd9Sstevel@tonic-gate typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; 1083*7c478bd9Sstevel@tonic-gate 1084*7c478bd9Sstevel@tonic-gate /* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. 1085*7c478bd9Sstevel@tonic-gate * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the 1086*7c478bd9Sstevel@tonic-gate * CKM_RSA_PKCS_PSS mechanism(s). */ 1087*7c478bd9Sstevel@tonic-gate typedef struct CK_RSA_PKCS_PSS_PARAMS { 1088*7c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE hashAlg; 1089*7c478bd9Sstevel@tonic-gate CK_RSA_PKCS_MGF_TYPE mgf; 1090*7c478bd9Sstevel@tonic-gate CK_ULONG sLen; 1091*7c478bd9Sstevel@tonic-gate } CK_RSA_PKCS_PSS_PARAMS; 1092*7c478bd9Sstevel@tonic-gate 1093*7c478bd9Sstevel@tonic-gate typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; 1094*7c478bd9Sstevel@tonic-gate 1095*7c478bd9Sstevel@tonic-gate /* CK_EC_KDF_TYPE is new for v2.11. */ 1096*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_EC_KDF_TYPE; 1097*7c478bd9Sstevel@tonic-gate 1098*7c478bd9Sstevel@tonic-gate /* The following EC Key Derivation Functions are defined */ 1099*7c478bd9Sstevel@tonic-gate #define CKD_NULL 0x00000001 1100*7c478bd9Sstevel@tonic-gate #define CKD_SHA1_KDF 0x00000002 1101*7c478bd9Sstevel@tonic-gate 1102*7c478bd9Sstevel@tonic-gate /* CK_ECDH1_DERIVE_PARAMS is new for v2.11. 1103*7c478bd9Sstevel@tonic-gate * CK_ECDH1_DERIVE_PARAMS provides the parameters to the 1104*7c478bd9Sstevel@tonic-gate * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, 1105*7c478bd9Sstevel@tonic-gate * where each party contributes one key pair. 1106*7c478bd9Sstevel@tonic-gate */ 1107*7c478bd9Sstevel@tonic-gate typedef struct CK_ECDH1_DERIVE_PARAMS { 1108*7c478bd9Sstevel@tonic-gate CK_EC_KDF_TYPE kdf; 1109*7c478bd9Sstevel@tonic-gate CK_ULONG ulSharedDataLen; 1110*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSharedData; 1111*7c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 1112*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 1113*7c478bd9Sstevel@tonic-gate } CK_ECDH1_DERIVE_PARAMS; 1114*7c478bd9Sstevel@tonic-gate 1115*7c478bd9Sstevel@tonic-gate typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; 1116*7c478bd9Sstevel@tonic-gate 1117*7c478bd9Sstevel@tonic-gate 1118*7c478bd9Sstevel@tonic-gate /* CK_ECDH2_DERIVE_PARAMS is new for v2.11. 1119*7c478bd9Sstevel@tonic-gate * CK_ECDH2_DERIVE_PARAMS provides the parameters to the 1120*7c478bd9Sstevel@tonic-gate * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */ 1121*7c478bd9Sstevel@tonic-gate typedef struct CK_ECDH2_DERIVE_PARAMS { 1122*7c478bd9Sstevel@tonic-gate CK_EC_KDF_TYPE kdf; 1123*7c478bd9Sstevel@tonic-gate CK_ULONG ulSharedDataLen; 1124*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSharedData; 1125*7c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 1126*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 1127*7c478bd9Sstevel@tonic-gate CK_ULONG ulPrivateDataLen; 1128*7c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hPrivateData; 1129*7c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen2; 1130*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData2; 1131*7c478bd9Sstevel@tonic-gate } CK_ECDH2_DERIVE_PARAMS; 1132*7c478bd9Sstevel@tonic-gate 1133*7c478bd9Sstevel@tonic-gate typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; 1134*7c478bd9Sstevel@tonic-gate 1135*7c478bd9Sstevel@tonic-gate /* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the 1136*7c478bd9Sstevel@tonic-gate * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */ 1137*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; 1138*7c478bd9Sstevel@tonic-gate typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; 1139*7c478bd9Sstevel@tonic-gate 1140*7c478bd9Sstevel@tonic-gate /* The following X9.42 DH key derivation functions are defined: */ 1141*7c478bd9Sstevel@tonic-gate #define CKD_NULL 0x00000001 1142*7c478bd9Sstevel@tonic-gate #define CKD_SHA1_KDF_ASN1 0x00000003 1143*7c478bd9Sstevel@tonic-gate #define CKD_SHA1_KDF_CONCATENATE 0x00000004 1144*7c478bd9Sstevel@tonic-gate 1145*7c478bd9Sstevel@tonic-gate /* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11. 1146*7c478bd9Sstevel@tonic-gate * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the 1147*7c478bd9Sstevel@tonic-gate * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party 1148*7c478bd9Sstevel@tonic-gate * contributes one key pair */ 1149*7c478bd9Sstevel@tonic-gate typedef struct CK_X9_42_DH1_DERIVE_PARAMS { 1150*7c478bd9Sstevel@tonic-gate CK_X9_42_DH_KDF_TYPE kdf; 1151*7c478bd9Sstevel@tonic-gate CK_ULONG ulOtherInfoLen; 1152*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOtherInfo; 1153*7c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 1154*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 1155*7c478bd9Sstevel@tonic-gate } CK_X9_42_DH1_DERIVE_PARAMS; 1156*7c478bd9Sstevel@tonic-gate 1157*7c478bd9Sstevel@tonic-gate typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; 1158*7c478bd9Sstevel@tonic-gate 1159*7c478bd9Sstevel@tonic-gate /* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11. 1160*7c478bd9Sstevel@tonic-gate * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the 1161*7c478bd9Sstevel@tonic-gate * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation 1162*7c478bd9Sstevel@tonic-gate * mechanisms, where each party contributes two key pairs */ 1163*7c478bd9Sstevel@tonic-gate typedef struct CK_X9_42_DH2_DERIVE_PARAMS { 1164*7c478bd9Sstevel@tonic-gate CK_X9_42_DH_KDF_TYPE kdf; 1165*7c478bd9Sstevel@tonic-gate CK_ULONG ulOtherInfoLen; 1166*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOtherInfo; 1167*7c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 1168*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 1169*7c478bd9Sstevel@tonic-gate CK_ULONG ulPrivateDataLen; 1170*7c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hPrivateData; 1171*7c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen2; 1172*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData2; 1173*7c478bd9Sstevel@tonic-gate } CK_X9_42_DH2_DERIVE_PARAMS; 1174*7c478bd9Sstevel@tonic-gate 1175*7c478bd9Sstevel@tonic-gate typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; 1176*7c478bd9Sstevel@tonic-gate 1177*7c478bd9Sstevel@tonic-gate /* CK_KEA_DERIVE_PARAMS provides the parameters to the 1178*7c478bd9Sstevel@tonic-gate * CKM_KEA_DERIVE mechanism */ 1179*7c478bd9Sstevel@tonic-gate /* CK_KEA_DERIVE_PARAMS is new for v2.0 */ 1180*7c478bd9Sstevel@tonic-gate typedef struct CK_KEA_DERIVE_PARAMS { 1181*7c478bd9Sstevel@tonic-gate CK_BBOOL isSender; 1182*7c478bd9Sstevel@tonic-gate CK_ULONG ulRandomLen; 1183*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pRandomA; 1184*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pRandomB; 1185*7c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 1186*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 1187*7c478bd9Sstevel@tonic-gate } CK_KEA_DERIVE_PARAMS; 1188*7c478bd9Sstevel@tonic-gate 1189*7c478bd9Sstevel@tonic-gate typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; 1190*7c478bd9Sstevel@tonic-gate 1191*7c478bd9Sstevel@tonic-gate 1192*7c478bd9Sstevel@tonic-gate /* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and 1193*7c478bd9Sstevel@tonic-gate * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just 1194*7c478bd9Sstevel@tonic-gate * holds the effective keysize */ 1195*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_RC2_PARAMS; 1196*7c478bd9Sstevel@tonic-gate 1197*7c478bd9Sstevel@tonic-gate typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; 1198*7c478bd9Sstevel@tonic-gate 1199*7c478bd9Sstevel@tonic-gate 1200*7c478bd9Sstevel@tonic-gate /* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC 1201*7c478bd9Sstevel@tonic-gate * mechanism */ 1202*7c478bd9Sstevel@tonic-gate typedef struct CK_RC2_CBC_PARAMS { 1203*7c478bd9Sstevel@tonic-gate /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for 1204*7c478bd9Sstevel@tonic-gate * v2.0 */ 1205*7c478bd9Sstevel@tonic-gate CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 1206*7c478bd9Sstevel@tonic-gate 1207*7c478bd9Sstevel@tonic-gate CK_BYTE iv[8]; /* IV for CBC mode */ 1208*7c478bd9Sstevel@tonic-gate } CK_RC2_CBC_PARAMS; 1209*7c478bd9Sstevel@tonic-gate 1210*7c478bd9Sstevel@tonic-gate typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; 1211*7c478bd9Sstevel@tonic-gate 1212*7c478bd9Sstevel@tonic-gate 1213*7c478bd9Sstevel@tonic-gate /* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the 1214*7c478bd9Sstevel@tonic-gate * CKM_RC2_MAC_GENERAL mechanism */ 1215*7c478bd9Sstevel@tonic-gate /* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ 1216*7c478bd9Sstevel@tonic-gate typedef struct CK_RC2_MAC_GENERAL_PARAMS { 1217*7c478bd9Sstevel@tonic-gate CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ 1218*7c478bd9Sstevel@tonic-gate CK_ULONG ulMacLength; /* Length of MAC in bytes */ 1219*7c478bd9Sstevel@tonic-gate } CK_RC2_MAC_GENERAL_PARAMS; 1220*7c478bd9Sstevel@tonic-gate 1221*7c478bd9Sstevel@tonic-gate typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ 1222*7c478bd9Sstevel@tonic-gate CK_RC2_MAC_GENERAL_PARAMS_PTR; 1223*7c478bd9Sstevel@tonic-gate 1224*7c478bd9Sstevel@tonic-gate 1225*7c478bd9Sstevel@tonic-gate /* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and 1226*7c478bd9Sstevel@tonic-gate * CKM_RC5_MAC mechanisms */ 1227*7c478bd9Sstevel@tonic-gate /* CK_RC5_PARAMS is new for v2.0 */ 1228*7c478bd9Sstevel@tonic-gate typedef struct CK_RC5_PARAMS { 1229*7c478bd9Sstevel@tonic-gate CK_ULONG ulWordsize; /* wordsize in bits */ 1230*7c478bd9Sstevel@tonic-gate CK_ULONG ulRounds; /* number of rounds */ 1231*7c478bd9Sstevel@tonic-gate } CK_RC5_PARAMS; 1232*7c478bd9Sstevel@tonic-gate 1233*7c478bd9Sstevel@tonic-gate typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; 1234*7c478bd9Sstevel@tonic-gate 1235*7c478bd9Sstevel@tonic-gate 1236*7c478bd9Sstevel@tonic-gate /* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC 1237*7c478bd9Sstevel@tonic-gate * mechanism */ 1238*7c478bd9Sstevel@tonic-gate /* CK_RC5_CBC_PARAMS is new for v2.0 */ 1239*7c478bd9Sstevel@tonic-gate typedef struct CK_RC5_CBC_PARAMS { 1240*7c478bd9Sstevel@tonic-gate CK_ULONG ulWordsize; /* wordsize in bits */ 1241*7c478bd9Sstevel@tonic-gate CK_ULONG ulRounds; /* number of rounds */ 1242*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pIv; /* pointer to IV */ 1243*7c478bd9Sstevel@tonic-gate CK_ULONG ulIvLen; /* length of IV in bytes */ 1244*7c478bd9Sstevel@tonic-gate } CK_RC5_CBC_PARAMS; 1245*7c478bd9Sstevel@tonic-gate 1246*7c478bd9Sstevel@tonic-gate typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; 1247*7c478bd9Sstevel@tonic-gate 1248*7c478bd9Sstevel@tonic-gate 1249*7c478bd9Sstevel@tonic-gate /* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the 1250*7c478bd9Sstevel@tonic-gate * CKM_RC5_MAC_GENERAL mechanism */ 1251*7c478bd9Sstevel@tonic-gate /* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ 1252*7c478bd9Sstevel@tonic-gate typedef struct CK_RC5_MAC_GENERAL_PARAMS { 1253*7c478bd9Sstevel@tonic-gate CK_ULONG ulWordsize; /* wordsize in bits */ 1254*7c478bd9Sstevel@tonic-gate CK_ULONG ulRounds; /* number of rounds */ 1255*7c478bd9Sstevel@tonic-gate CK_ULONG ulMacLength; /* Length of MAC in bytes */ 1256*7c478bd9Sstevel@tonic-gate } CK_RC5_MAC_GENERAL_PARAMS; 1257*7c478bd9Sstevel@tonic-gate 1258*7c478bd9Sstevel@tonic-gate typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ 1259*7c478bd9Sstevel@tonic-gate CK_RC5_MAC_GENERAL_PARAMS_PTR; 1260*7c478bd9Sstevel@tonic-gate 1261*7c478bd9Sstevel@tonic-gate 1262*7c478bd9Sstevel@tonic-gate /* CK_MAC_GENERAL_PARAMS provides the parameters to most block 1263*7c478bd9Sstevel@tonic-gate * ciphers' MAC_GENERAL mechanisms. Its value is the length of 1264*7c478bd9Sstevel@tonic-gate * the MAC */ 1265*7c478bd9Sstevel@tonic-gate /* CK_MAC_GENERAL_PARAMS is new for v2.0 */ 1266*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_MAC_GENERAL_PARAMS; 1267*7c478bd9Sstevel@tonic-gate 1268*7c478bd9Sstevel@tonic-gate typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; 1269*7c478bd9Sstevel@tonic-gate 1270*7c478bd9Sstevel@tonic-gate 1271*7c478bd9Sstevel@tonic-gate /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the 1272*7c478bd9Sstevel@tonic-gate * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ 1273*7c478bd9Sstevel@tonic-gate /* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ 1274*7c478bd9Sstevel@tonic-gate typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { 1275*7c478bd9Sstevel@tonic-gate CK_ULONG ulPasswordLen; 1276*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPassword; 1277*7c478bd9Sstevel@tonic-gate CK_ULONG ulPublicDataLen; 1278*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPublicData; 1279*7c478bd9Sstevel@tonic-gate CK_ULONG ulPAndGLen; 1280*7c478bd9Sstevel@tonic-gate CK_ULONG ulQLen; 1281*7c478bd9Sstevel@tonic-gate CK_ULONG ulRandomLen; 1282*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pRandomA; 1283*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPrimeP; 1284*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pBaseG; 1285*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSubprimeQ; 1286*7c478bd9Sstevel@tonic-gate } CK_SKIPJACK_PRIVATE_WRAP_PARAMS; 1287*7c478bd9Sstevel@tonic-gate 1288*7c478bd9Sstevel@tonic-gate typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ 1289*7c478bd9Sstevel@tonic-gate CK_SKIPJACK_PRIVATE_WRAP_PTR; 1290*7c478bd9Sstevel@tonic-gate 1291*7c478bd9Sstevel@tonic-gate 1292*7c478bd9Sstevel@tonic-gate /* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the 1293*7c478bd9Sstevel@tonic-gate * CKM_SKIPJACK_RELAYX mechanism */ 1294*7c478bd9Sstevel@tonic-gate /* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ 1295*7c478bd9Sstevel@tonic-gate typedef struct CK_SKIPJACK_RELAYX_PARAMS { 1296*7c478bd9Sstevel@tonic-gate CK_ULONG ulOldWrappedXLen; 1297*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOldWrappedX; 1298*7c478bd9Sstevel@tonic-gate CK_ULONG ulOldPasswordLen; 1299*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOldPassword; 1300*7c478bd9Sstevel@tonic-gate CK_ULONG ulOldPublicDataLen; 1301*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOldPublicData; 1302*7c478bd9Sstevel@tonic-gate CK_ULONG ulOldRandomLen; 1303*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOldRandomA; 1304*7c478bd9Sstevel@tonic-gate CK_ULONG ulNewPasswordLen; 1305*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pNewPassword; 1306*7c478bd9Sstevel@tonic-gate CK_ULONG ulNewPublicDataLen; 1307*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pNewPublicData; 1308*7c478bd9Sstevel@tonic-gate CK_ULONG ulNewRandomLen; 1309*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pNewRandomA; 1310*7c478bd9Sstevel@tonic-gate } CK_SKIPJACK_RELAYX_PARAMS; 1311*7c478bd9Sstevel@tonic-gate 1312*7c478bd9Sstevel@tonic-gate typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ 1313*7c478bd9Sstevel@tonic-gate CK_SKIPJACK_RELAYX_PARAMS_PTR; 1314*7c478bd9Sstevel@tonic-gate 1315*7c478bd9Sstevel@tonic-gate 1316*7c478bd9Sstevel@tonic-gate typedef struct CK_PBE_PARAMS { 1317*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pInitVector; 1318*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR_PTR pPassword; 1319*7c478bd9Sstevel@tonic-gate CK_ULONG ulPasswordLen; 1320*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSalt; 1321*7c478bd9Sstevel@tonic-gate CK_ULONG ulSaltLen; 1322*7c478bd9Sstevel@tonic-gate CK_ULONG ulIteration; 1323*7c478bd9Sstevel@tonic-gate } CK_PBE_PARAMS; 1324*7c478bd9Sstevel@tonic-gate 1325*7c478bd9Sstevel@tonic-gate typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; 1326*7c478bd9Sstevel@tonic-gate 1327*7c478bd9Sstevel@tonic-gate 1328*7c478bd9Sstevel@tonic-gate /* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the 1329*7c478bd9Sstevel@tonic-gate * CKM_KEY_WRAP_SET_OAEP mechanism */ 1330*7c478bd9Sstevel@tonic-gate /* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ 1331*7c478bd9Sstevel@tonic-gate typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { 1332*7c478bd9Sstevel@tonic-gate CK_BYTE bBC; /* block contents byte */ 1333*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pX; /* extra data */ 1334*7c478bd9Sstevel@tonic-gate CK_ULONG ulXLen; /* length of extra data in bytes */ 1335*7c478bd9Sstevel@tonic-gate } CK_KEY_WRAP_SET_OAEP_PARAMS; 1336*7c478bd9Sstevel@tonic-gate 1337*7c478bd9Sstevel@tonic-gate typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \ 1338*7c478bd9Sstevel@tonic-gate CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; 1339*7c478bd9Sstevel@tonic-gate 1340*7c478bd9Sstevel@tonic-gate 1341*7c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_RANDOM_DATA { 1342*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pClientRandom; 1343*7c478bd9Sstevel@tonic-gate CK_ULONG ulClientRandomLen; 1344*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pServerRandom; 1345*7c478bd9Sstevel@tonic-gate CK_ULONG ulServerRandomLen; 1346*7c478bd9Sstevel@tonic-gate } CK_SSL3_RANDOM_DATA; 1347*7c478bd9Sstevel@tonic-gate 1348*7c478bd9Sstevel@tonic-gate 1349*7c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { 1350*7c478bd9Sstevel@tonic-gate CK_SSL3_RANDOM_DATA RandomInfo; 1351*7c478bd9Sstevel@tonic-gate CK_VERSION_PTR pVersion; 1352*7c478bd9Sstevel@tonic-gate } CK_SSL3_MASTER_KEY_DERIVE_PARAMS; 1353*7c478bd9Sstevel@tonic-gate 1354*7c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ 1355*7c478bd9Sstevel@tonic-gate CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; 1356*7c478bd9Sstevel@tonic-gate 1357*7c478bd9Sstevel@tonic-gate 1358*7c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_KEY_MAT_OUT { 1359*7c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hClientMacSecret; 1360*7c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hServerMacSecret; 1361*7c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hClientKey; 1362*7c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hServerKey; 1363*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pIVClient; 1364*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pIVServer; 1365*7c478bd9Sstevel@tonic-gate } CK_SSL3_KEY_MAT_OUT; 1366*7c478bd9Sstevel@tonic-gate 1367*7c478bd9Sstevel@tonic-gate typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; 1368*7c478bd9Sstevel@tonic-gate 1369*7c478bd9Sstevel@tonic-gate 1370*7c478bd9Sstevel@tonic-gate typedef struct CK_SSL3_KEY_MAT_PARAMS { 1371*7c478bd9Sstevel@tonic-gate CK_ULONG ulMacSizeInBits; 1372*7c478bd9Sstevel@tonic-gate CK_ULONG ulKeySizeInBits; 1373*7c478bd9Sstevel@tonic-gate CK_ULONG ulIVSizeInBits; 1374*7c478bd9Sstevel@tonic-gate CK_BBOOL bIsExport; 1375*7c478bd9Sstevel@tonic-gate CK_SSL3_RANDOM_DATA RandomInfo; 1376*7c478bd9Sstevel@tonic-gate CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; 1377*7c478bd9Sstevel@tonic-gate } CK_SSL3_KEY_MAT_PARAMS; 1378*7c478bd9Sstevel@tonic-gate 1379*7c478bd9Sstevel@tonic-gate typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; 1380*7c478bd9Sstevel@tonic-gate 1381*7c478bd9Sstevel@tonic-gate 1382*7c478bd9Sstevel@tonic-gate typedef struct CK_KEY_DERIVATION_STRING_DATA { 1383*7c478bd9Sstevel@tonic-gate CK_BYTE_PTR pData; 1384*7c478bd9Sstevel@tonic-gate CK_ULONG ulLen; 1385*7c478bd9Sstevel@tonic-gate } CK_KEY_DERIVATION_STRING_DATA; 1386*7c478bd9Sstevel@tonic-gate 1387*7c478bd9Sstevel@tonic-gate typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ 1388*7c478bd9Sstevel@tonic-gate CK_KEY_DERIVATION_STRING_DATA_PTR; 1389*7c478bd9Sstevel@tonic-gate 1390*7c478bd9Sstevel@tonic-gate 1391*7c478bd9Sstevel@tonic-gate /* The CK_EXTRACT_PARAMS is used for the 1392*7c478bd9Sstevel@tonic-gate * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit 1393*7c478bd9Sstevel@tonic-gate * of the base key should be used as the first bit of the 1394*7c478bd9Sstevel@tonic-gate * derived key */ 1395*7c478bd9Sstevel@tonic-gate /* CK_EXTRACT_PARAMS is new for v2.0 */ 1396*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_EXTRACT_PARAMS; 1397*7c478bd9Sstevel@tonic-gate 1398*7c478bd9Sstevel@tonic-gate typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; 1399*7c478bd9Sstevel@tonic-gate 1400*7c478bd9Sstevel@tonic-gate /* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. 1401*7c478bd9Sstevel@tonic-gate * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to 1402*7c478bd9Sstevel@tonic-gate * indicate the Pseudo-Random Function (PRF) used to generate 1403*7c478bd9Sstevel@tonic-gate * key bits using PKCS #5 PBKDF2. */ 1404*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; 1405*7c478bd9Sstevel@tonic-gate 1406*7c478bd9Sstevel@tonic-gate typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; 1407*7c478bd9Sstevel@tonic-gate 1408*7c478bd9Sstevel@tonic-gate /* The following PRFs are defined in PKCS #5 v2.0. */ 1409*7c478bd9Sstevel@tonic-gate #define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 1410*7c478bd9Sstevel@tonic-gate 1411*7c478bd9Sstevel@tonic-gate 1412*7c478bd9Sstevel@tonic-gate /* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. 1413*7c478bd9Sstevel@tonic-gate * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the 1414*7c478bd9Sstevel@tonic-gate * source of the salt value when deriving a key using PKCS #5 1415*7c478bd9Sstevel@tonic-gate * PBKDF2. */ 1416*7c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; 1417*7c478bd9Sstevel@tonic-gate 1418*7c478bd9Sstevel@tonic-gate typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; 1419*7c478bd9Sstevel@tonic-gate 1420*7c478bd9Sstevel@tonic-gate /* The following salt value sources are defined in PKCS #5 v2.0. */ 1421*7c478bd9Sstevel@tonic-gate #define CKZ_SALT_SPECIFIED 0x00000001 1422*7c478bd9Sstevel@tonic-gate 1423*7c478bd9Sstevel@tonic-gate /* CK_PKCS5_PBKD2_PARAMS is new for v2.10. 1424*7c478bd9Sstevel@tonic-gate * CK_PKCS5_PBKD2_PARAMS is a structure that provides the 1425*7c478bd9Sstevel@tonic-gate * parameters to the CKM_PKCS5_PBKD2 mechanism. */ 1426*7c478bd9Sstevel@tonic-gate typedef struct CK_PKCS5_PBKD2_PARAMS { 1427*7c478bd9Sstevel@tonic-gate CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; 1428*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pSaltSourceData; 1429*7c478bd9Sstevel@tonic-gate CK_ULONG ulSaltSourceDataLen; 1430*7c478bd9Sstevel@tonic-gate CK_ULONG iterations; 1431*7c478bd9Sstevel@tonic-gate CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; 1432*7c478bd9Sstevel@tonic-gate CK_VOID_PTR pPrfData; 1433*7c478bd9Sstevel@tonic-gate CK_ULONG ulPrfDataLen; 1434*7c478bd9Sstevel@tonic-gate CK_UTF8CHAR_PTR pPassword; 1435*7c478bd9Sstevel@tonic-gate CK_ULONG_PTR ulPasswordLen; 1436*7c478bd9Sstevel@tonic-gate } CK_PKCS5_PBKD2_PARAMS; 1437*7c478bd9Sstevel@tonic-gate 1438*7c478bd9Sstevel@tonic-gate typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; 1439*7c478bd9Sstevel@tonic-gate 1440*7c478bd9Sstevel@tonic-gate #endif 1441