1fcf3ce4John Forte/*
2fcf3ce4John Forte * The Initial Developer of the Original Code is International
3fcf3ce4John Forte * Business Machines Corporation. Portions created by IBM
4fcf3ce4John Forte * Corporation are Copyright(C) 2005 International Business
5fcf3ce4John Forte * Machines Corporation. All Rights Reserved.
6fcf3ce4John Forte *
7fcf3ce4John Forte * This program is free software; you can redistribute it and/or modify
8fcf3ce4John Forte * it under the terms of the Common Public License as published by
9fcf3ce4John Forte * IBM Corporation; either version 1 of the License, or(at your option)
10fcf3ce4John Forte * any later version.
11fcf3ce4John Forte *
12fcf3ce4John Forte * This program is distributed in the hope that it will be useful,
13fcf3ce4John Forte * but WITHOUT ANY WARRANTY; without even the implied warranty of
14fcf3ce4John Forte * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15fcf3ce4John Forte * Common Public License for more details.
16fcf3ce4John Forte *
17fcf3ce4John Forte * You should have received a copy of the Common Public License
18fcf3ce4John Forte * along with this program; if not, a copy can be viewed at
19fcf3ce4John Forte * http://www.opensource.org/licenses/cpl1.0.php.
20fcf3ce4John Forte */
21fcf3ce4John Forte
22fcf3ce4John Forte/* (C) COPYRIGHT International Business Machines Corp. 2001, 2002, 2005 */
23fcf3ce4John Forte/*
24fcf3ce4John Forte * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
25fcf3ce4John Forte * Use is subject to license terms.
26fcf3ce4John Forte * Copyright 2018 Jason King
27fcf3ce4John Forte */
28fcf3ce4John Forte
29fcf3ce4John Forte#ifndef _TPMTOK_INT_H
30fcf3ce4John Forte#define	_TPMTOK_INT_H
31fcf3ce4John Forte
32fcf3ce4John Forte#include <stdio.h>
33fcf3ce4John Forte#include <pthread.h>
34fcf3ce4John Forte#include <string.h>
35fcf3ce4John Forte#include <strings.h>
36fcf3ce4John Forte#include <sys/md5.h>
37fcf3ce4John Forte#include <sys/sha1.h>
38fcf3ce4John Forte#include <limits.h>
39fcf3ce4John Forte#include <syslog.h>
40fcf3ce4John Forte#include <errno.h>
41fcf3ce4John Forte#include <sys/types.h>
42fcf3ce4John Forte#include <sys/stat.h>
43fcf3ce4John Forte#include <sys/param.h>
44fcf3ce4John Forte#include <sys/byteorder.h>
45fcf3ce4John Forte#include <security/cryptoki.h>
46fcf3ce4John Forte
47fcf3ce4John Forte#include <tss/platform.h>
48fcf3ce4John Forte#include <tss/tss_defines.h>
49fcf3ce4John Forte#include <tss/tss_typedef.h>
50fcf3ce4John Forte#include <tss/tss_structs.h>
51fcf3ce4John Forte#include <tss/tspi.h>
52fcf3ce4John Forte
53fcf3ce4John Forte#define	VERSION_MAJOR 2
54fcf3ce4John Forte#define	VERSION_MINOR 1
55fcf3ce4John Forte
56fcf3ce4John Forte#define	MAX_SESSION_COUNT	64
57fcf3ce4John Forte#define	MAX_PIN_LEN	256
58fcf3ce4John Forte#define	MIN_PIN_LEN	1
59fcf3ce4John Forte
60fcf3ce4John Forte#define	MAX_SLOT_ID	10
61fcf3ce4John Forte
62fcf3ce4John Forte#ifndef MIN
63fcf3ce4John Forte#define	MIN(a, b)  ((a) < (b) ? (a) : (b))
64fcf3ce4John Forte#endif
65fcf3ce4John Forte
66fcf3ce4John Forte#define	MODE_COPY	(1 << 0)
67fcf3ce4John Forte#define	MODE_CREATE	(1 << 1)
68fcf3ce4John Forte#define	MODE_KEYGEN	(1 << 2)
69fcf3ce4John Forte#define	MODE_MODIFY	(1 << 3)
70fcf3ce4John Forte#define	MODE_DERIVE	(1 << 4)
71fcf3ce4John Forte#define	MODE_UNWRAP	(1 << 5)
72fcf3ce4John Forte
73fcf3ce4John Forte// RSA block formatting types
74fcf3ce4John Forte//
75fcf3ce4John Forte#define	PKCS_BT_1	1
76fcf3ce4John Forte#define	PKCS_BT_2	2
77fcf3ce4John Forte
78fcf3ce4John Forte#define	OP_ENCRYPT_INIT 1
79fcf3ce4John Forte#define	OP_DECRYPT_INIT 2
80fcf3ce4John Forte#define	OP_WRAP		3
81fcf3ce4John Forte#define	OP_UNWRAP	4
82fcf3ce4John Forte#define	OP_SIGN_INIT	5
83fcf3ce4John Forte#define	OP_VERIFY_INIT	6
84fcf3ce4John Forte
85fcf3ce4John Forteenum {
86fcf3ce4John Forte	STATE_INVALID = 0,
87fcf3ce4John Forte	STATE_ENCR,
88fcf3ce4John Forte	STATE_DECR,
89fcf3ce4John Forte	STATE_DIGEST,
90fcf3ce4John Forte	STATE_SIGN,
91fcf3ce4John Forte	STATE_VERIFY
92fcf3ce4John Forte};
93fcf3ce4John Forte
94fcf3ce4John Forte#define	SHA1_BLOCK_SIZE 64
95fcf3ce4John Forte#define	SHA1_BLOCK_SIZE_MASK (SHA1_BLOCK_SIZE - 1)
96fcf3ce4John Forte
97fcf3ce4John Forte#define	RSA_BLOCK_SIZE 256
98fcf3ce4John Forte
99fcf3ce4John Forte#ifndef PATH_MAX
100fcf3ce4John Forte#define	PATH_MAX MAXPATHLEN
101fcf3ce4John Forte#endif
102fcf3ce4John Forte
103fcf3ce4John Forte#ifndef PACK_DATA
104fcf3ce4John Forte#define	PACK_DATA
105fcf3ce4John Forte#endif
106fcf3ce4John Forte
107fcf3ce4John Forte#define	MD5_BLOCK_SIZE  64
108fcf3ce4John Forte
109fcf3ce4John Forte#define	DSA_SIGNATURE_SIZE  40
110fcf3ce4John Forte
111fcf3ce4John Forte#define	DEFAULT_SO_PIN  "87654321"
112fcf3ce4John Forte
113fcf3ce4John Fortetypedef enum {
114fcf3ce4John Forte	ALL = 1,
115fcf3ce4John Forte	PRIVATE,
116fcf3ce4John Forte	PUBLIC
117fcf3ce4John Forte} SESS_OBJ_TYPE;
118fcf3ce4John Forte
119fcf3ce4John Fortetypedef struct _DL_NODE
120fcf3ce4John Forte{
121fcf3ce4John Forte	struct _DL_NODE	*next;
122fcf3ce4John Forte	struct _DL_NODE	*prev;
123fcf3ce4John Forte	void  *data;
124fcf3ce4John Forte} DL_NODE;
125fcf3ce4John Forte
126fcf3ce4John Forte#define	TOKEN_DATA_FILE	"token.dat"
127fcf3ce4John Forte#define	TOKEN_OBJ_DIR	"objects"
128fcf3ce4John Forte#define	TOKEN_OBJ_INDEX_FILE "obj.idx"
129fcf3ce4John Forte
130fcf3ce4John Forte#define	TPMTOK_UUID_INDEX_FILENAME "uuids.idx"
131fcf3ce4John Forte
132fcf3ce4John Forte/*
133fcf3ce4John Forte * Filenames used to store migration data.
134fcf3ce4John Forte */
135fcf3ce4John Forte#define	SO_MAKEY_FILENAME	"so_makey.dat"
136fcf3ce4John Forte#define	USER_MAKEY_FILENAME	"user_makey.dat"
137fcf3ce4John Forte#define	SO_KEYBLOB_FILENAME	"so_blob.dat"
138fcf3ce4John Forte#define	USER_KEYBLOB_FILENAME	"user_blob.dat"
139fcf3ce4John Forte
140fcf3ce4John Forte#define	__FUNCTION__ __func__
141fcf3ce4John Forte
142fcf3ce4John Forte//
143fcf3ce4John Forte// Both of the strings below have a length of 32 chars and must be
144fcf3ce4John Forte// padded with spaces, and non - null terminated.
145fcf3ce4John Forte//
146fcf3ce4John Forte#define	PKW_CRYPTOKI_VERSION_MAJOR	2
147fcf3ce4John Forte#define	PKW_CRYPTOKI_VERSION_MINOR	1
148fcf3ce4John Forte#define	PKW_CRYPTOKI_MANUFACTURER	"Sun Microsystems, Inc.	  "
149fcf3ce4John Forte#define	PKW_CRYPTOKI_LIBDESC	    "PKCS#11 Interface for TPM	"
150fcf3ce4John Forte#define	PKW_CRYPTOKI_LIB_VERSION_MAJOR  1
151fcf3ce4John Forte#define	PKW_CRYPTOKI_LIB_VERSION_MINOR  0
152fcf3ce4John Forte#define	PKW_MAX_DEVICES		 10
153fcf3ce4John Forte
154fcf3ce4John Forte#define	MAX_TOK_OBJS  2048
155fcf3ce4John Forte#define	NUMBER_SLOTS_MANAGED 1
156fcf3ce4John Forte#define	TPM_SLOTID 1
157fcf3ce4John Forte
158fcf3ce4John Forte/*
159fcf3ce4John Forte * CKA_HIDDEN will be used to filter return results on
160fcf3ce4John Forte * a C_FindObjects call. Used for objects internal to the
161fcf3ce4John Forte * TPM token for management
162fcf3ce4John Forte */
163fcf3ce4John Forte/* custom attributes for the TPM token */
164fcf3ce4John Forte#define	CKA_HIDDEN	CKA_VENDOR_DEFINED + 0x01
165fcf3ce4John Forte#define	CKA_IBM_OPAQUE	CKA_VENDOR_DEFINED + 0x02
166fcf3ce4John Forte/*
167fcf3ce4John Forte * CKA_ENC_AUTHDATA will be used to store the encrypted SHA-1
168fcf3ce4John Forte * hashes of auth data passed in for TPM keys. The authdata
169fcf3ce4John Forte * will be encrypted using either the public
170fcf3ce4John Forte * leaf key or the private leaf key
171fcf3ce4John Forte */
172fcf3ce4John Forte#define	CKA_ENC_AUTHDATA CKA_VENDOR_DEFINED + 0x03
173fcf3ce4John Forte
174fcf3ce4John Forte/* custom return codes for the TPM token */
175fcf3ce4John Forte#define	CKR_KEY_NOT_FOUND	CKR_VENDOR_DEFINED + 0x01
176fcf3ce4John Forte#define	CKR_FILE_NOT_FOUND	CKR_VENDOR_DEFINED + 0x02
177fcf3ce4John Forte
178fcf3ce4John Fortetypedef struct {
179fcf3ce4John Forte	CK_SLOT_ID  slotID;
180fcf3ce4John Forte	CK_SESSION_HANDLE  sessionh;
181fcf3ce4John Forte} ST_SESSION_T;
182fcf3ce4John Forte
183fcf3ce4John Fortetypedef ST_SESSION_T ST_SESSION_HANDLE;
184fcf3ce4John Forte
185fcf3ce4John Fortetypedef struct {
186fcf3ce4John Forte	void *Previous;
187fcf3ce4John Forte	void *Next;
188fcf3ce4John Forte	CK_SLOT_ID   SltId;
189fcf3ce4John Forte	CK_SESSION_HANDLE  RealHandle;
190fcf3ce4John Forte} Session_Struct_t;
191fcf3ce4John Forte
192fcf3ce4John Fortetypedef Session_Struct_t *SessStructP;
193fcf3ce4John Forte
194fcf3ce4John Fortetypedef struct {
195fcf3ce4John Forte	pid_t Pid;
196fcf3ce4John Forte	pthread_mutex_t  ProcMutex;
197fcf3ce4John Forte	Session_Struct_t *SessListBeg;
198fcf3ce4John Forte	Session_Struct_t *SessListEnd;
199fcf3ce4John Forte	pthread_mutex_t  SessListMutex;
200fcf3ce4John Forte} API_Proc_Struct_t;
201fcf3ce4John Forte
202fcf3ce4John Forte
203fcf3ce4John Forte
204fcf3ce4John Forte
205fcf3ce4John Forteenum {
206fcf3ce4John Forte	PRF_DUMMYFUNCTION = 1,
207fcf3ce4John Forte	PRF_FCVFUNCTION,
208fcf3ce4John Forte	PRF_INITIALIZE,
209fcf3ce4John Forte	PRF_FINALIZE,
210fcf3ce4John Forte	PRF_GETINFO,
211fcf3ce4John Forte	PRF_GETFUNCTIONLIST,
212fcf3ce4John Forte	PRF_GETSLOTLIST,
213fcf3ce4John Forte	PRF_GETSLOTINFO,
214fcf3ce4John Forte	PRF_GETTOKENINFO,
215fcf3ce4John Forte	PRF_GETMECHLIST,
216fcf3ce4John Forte	PRF_GETMECHINFO,
217fcf3ce4John Forte	PRF_INITTOKEN,
218fcf3ce4John Forte	PRF_INITPIN,
219fcf3ce4John Forte	PRF_SETPIN,
220fcf3ce4John Forte	PRF_OPENSESSION,
221fcf3ce4John Forte	PRF_CLOSESESSION,
222fcf3ce4John Forte	PRF_CLOSEALLSESSIONS,
223fcf3ce4John Forte	PRF_GETSESSIONINFO,
224fcf3ce4John Forte	PRF_GETOPERATIONSTATE,
225fcf3ce4John Forte	PRF_SETOPERATIONSTATE,
226fcf3ce4John Forte	PRF_LOGIN,
227fcf3ce4John Forte	PRF_LOGOUT,
228fcf3ce4John Forte	PRF_CREATEOBJECT,
229fcf3ce4John Forte	PRF_COPYOBJECT,
230fcf3ce4John Forte	PRF_DESTROYOBJECT,
231fcf3ce4John Forte	PRF_GETOBJECTSIZE,
232fcf3ce4John Forte	PRF_GETATTRIBUTEVALUE,
233fcf3ce4John Forte	PRF_SETATTRIBUTEVALUE,
234fcf3ce4John Forte	PRF_FINDOBJECTSINIT,
235fcf3ce4John Forte	PRF_FINDOBJECTS,
236fcf3ce4John Forte	PRF_FINDOBJECTSFINAL,
237fcf3ce4John Forte	PRF_ENCRYPTINIT,
238fcf3ce4John Forte	PRF_ENCRYPT,
239fcf3ce4John Forte	PRF_ENCRYPTUPDATE,
240fcf3ce4John Forte	PRF_ENCRYPTFINAL,
241fcf3ce4John Forte	PRF_DECRYPTINIT,
242fcf3ce4John Forte	PRF_DECRYPT,
243fcf3ce4John Forte	PRF_DECRYPTUPDATE,
244fcf3ce4John Forte	PRF_DECRYPTFINAL,
245fcf3ce4John Forte	PRF_DIGESTINIT,
246fcf3ce4John Forte	PRF_DIGEST,
247fcf3ce4John Forte	PRF_DIGESTUPDATE,
248fcf3ce4John Forte	PRF_DIGESTKEY,
249fcf3ce4John Forte	PRF_DIGESTFINAL,
250fcf3ce4John Forte	PRF_SIGNINIT,
251fcf3ce4John Forte	PRF_SIGN,
252fcf3ce4John Forte	PRF_SIGNUPDATE,
253fcf3ce4John Forte	PRF_SIGNFINAL,
254fcf3ce4John Forte	PRF_SIGNRECOVERINIT,
255fcf3ce4John Forte	PRF_SIGNRECOVER,
256fcf3ce4John Forte	PRF_VERIFYINIT,
257fcf3ce4John Forte	PRF_VERIFY,
258fcf3ce4John Forte	PRF_VERIFYUPDATE,
259fcf3ce4John Forte	PRF_VERIFYFINAL,
260fcf3ce4John Forte	PRF_VERIFYRECOVERINIT,
261fcf3ce4John Forte	PRF_VERIFYRECOVER,
262fcf3ce4John Forte	PRF_GENKEY,
263fcf3ce4John Forte	PRF_GENKEYPAIR,
264fcf3ce4John Forte	PRF_WRAPKEY,
265fcf3ce4John Forte	PRF_UNWRAPKEY,
266fcf3ce4John Forte	PRF_DERIVEKEY,
267fcf3ce4John Forte	PRF_GENRND,
268fcf3ce4John Forte	PRF_LASTENTRY
269fcf3ce4John Forte};
270fcf3ce4John Forte
271fcf3ce4John Fortetypedef struct _ENCR_DECR_CONTEXT
272fcf3ce4John Forte{
273fcf3ce4John Forte	CK_OBJECT_HANDLE  key;
274fcf3ce4John Forte	CK_MECHANISM mech;
275fcf3ce4John Forte	CK_BYTE	  *context;
276fcf3ce4John Forte	CK_ULONG  context_len;
277fcf3ce4John Forte	CK_BBOOL  multi;
278fcf3ce4John Forte	CK_BBOOL  active;
279fcf3ce4John Forte} ENCR_DECR_CONTEXT;
280fcf3ce4John Forte
281fcf3ce4John Fortetypedef struct _DIGEST_CONTEXT
282fcf3ce4John Forte{
283fcf3ce4John Forte	CK_MECHANISM   mech;
284fcf3ce4John Forte	union {
285fcf3ce4John Forte		MD5_CTX *md5ctx;
286fcf3ce4John Forte		SHA1_CTX *sha1ctx;
287fcf3ce4John Forte		void *ref; /* reference ptr for the union */
288fcf3ce4John Forte	} context;
289fcf3ce4John Forte	CK_ULONG context_len;
290fcf3ce4John Forte	CK_BBOOL multi;
291fcf3ce4John Forte	CK_BBOOL active;
292fcf3ce4John Forte} DIGEST_CONTEXT;
293fcf3ce4John Forte
294fcf3ce4John Fortetypedef struct _SIGN_VERIFY_CONTEXT
295fcf3ce4John Forte{
296fcf3ce4John Forte	CK_OBJECT_HANDLE key;
297fcf3ce4John Forte	CK_MECHANISM	mech;	// current sign mechanism
298fcf3ce4John Forte	void	 *context;  // temporary work area
299fcf3ce4John Forte	CK_ULONG context_len;
300fcf3ce4John Forte	CK_BBOOL multi;    // is this a multi - part operation?
301fcf3ce4John Forte	CK_BBOOL recover;  // are we in recover mode?
302fcf3ce4John Forte	CK_BBOOL active;
303fcf3ce4John Forte} SIGN_VERIFY_CONTEXT;
304fcf3ce4John Forte
305fcf3ce4John Fortetypedef struct _SESSION
306fcf3ce4John Forte{
307fcf3ce4John Forte	CK_SESSION_HANDLE    handle;
308fcf3ce4John Forte	CK_SESSION_INFO	session_info;
309fcf3ce4John Forte
310fcf3ce4John Forte	CK_OBJECT_HANDLE    *find_list;	// array of CK_OBJECT_HANDLE
311fcf3ce4John Forte	CK_ULONG	find_count;    // # handles in the list
312fcf3ce4John Forte	CK_ULONG	find_len;	// max # of handles in the list
313fcf3ce4John Forte	CK_ULONG	find_idx;	// current position
314fcf3ce4John Forte	CK_BBOOL	find_active;
315fcf3ce4John Forte
316fcf3ce4John Forte	ENCR_DECR_CONTEXT    encr_ctx;
317fcf3ce4John Forte	ENCR_DECR_CONTEXT    decr_ctx;
318fcf3ce4John Forte	DIGEST_CONTEXT	digest_ctx;
319fcf3ce4John Forte	SIGN_VERIFY_CONTEXT  sign_ctx;
320fcf3ce4John Forte	SIGN_VERIFY_CONTEXT  verify_ctx;
321fcf3ce4John Forte
322fcf3ce4John Forte	TSS_HCONTEXT	hContext;
323fcf3ce4John Forte} SESSION;
324fcf3ce4John Forte
325fcf3ce4John Fortetypedef struct _TEMPLATE
326fcf3ce4John Forte{
327fcf3ce4John Forte	DL_NODE  *attribute_list;
328fcf3ce4John Forte} TEMPLATE;
329fcf3ce4John Forte
330fcf3ce4John Fortetypedef struct _OBJECT
331fcf3ce4John Forte{
332fcf3ce4John Forte	CK_OBJECT_CLASS   class;
333fcf3ce4John Forte	CK_BYTE	 name[8];   // for token objects
334fcf3ce4John Forte
335fcf3ce4John Forte	SESSION	 *session;   // creator; only for session objects
336fcf3ce4John Forte	TEMPLATE *template;
337fcf3ce4John Forte	CK_ULONG count_hi;  // only significant for token objects
338fcf3ce4John Forte	CK_ULONG count_lo;  // only significant for token objects
339fcf3ce4John Forte	CK_ULONG index;
340fcf3ce4John Forte} OBJECT;
341fcf3ce4John Forte
342fcf3ce4John Fortetypedef struct _OBJECT_MAP
343fcf3ce4John Forte{
344fcf3ce4John Forte	CK_OBJECT_HANDLE	handle;
345fcf3ce4John Forte	CK_BBOOL is_private;
346fcf3ce4John Forte	CK_BBOOL is_session_obj;
347fcf3ce4John Forte	SESSION	 *session;
348fcf3ce4John Forte	OBJECT   *ptr;
349fcf3ce4John Forte} OBJECT_MAP;
350fcf3ce4John Forte
351fcf3ce4John Fortetypedef struct _ATTRIBUTE_PARSE_LIST
352fcf3ce4John Forte{
353fcf3ce4John Forte	CK_ATTRIBUTE_TYPE type;
354fcf3ce4John Forte	void		*ptr;
355fcf3ce4John Forte	CK_ULONG	  len;
356fcf3ce4John Forte	CK_BBOOL	  found;
357fcf3ce4John Forte} ATTRIBUTE_PARSE_LIST;
358fcf3ce4John Forte
359fcf3ce4John Fortetypedef struct _OP_STATE_DATA
360fcf3ce4John Forte{
361fcf3ce4John Forte	CK_STATE    session_state;
362fcf3ce4John Forte	CK_ULONG    active_operation;
363fcf3ce4John Forte	CK_ULONG    data_len;
364fcf3ce4John Forte} OP_STATE_DATA;
365fcf3ce4John Forte
366fcf3ce4John Fortetypedef struct _TWEAK_VEC
367fcf3ce4John Forte{
368fcf3ce4John Forte	int   allow_key_mods;
369fcf3ce4John Forte} TWEAK_VEC;
370fcf3ce4John Forte
371fcf3ce4John Fortetypedef struct _TOKEN_DATA
372fcf3ce4John Forte{
373fcf3ce4John Forte	CK_TOKEN_INFO token_info;
374fcf3ce4John Forte	CK_BYTE   user_pin_sha[SHA1_DIGEST_LENGTH];
375fcf3ce4John Forte	CK_BYTE   so_pin_sha[SHA1_DIGEST_LENGTH];
376fcf3ce4John Forte	CK_BYTE   next_token_object_name[8];
377fcf3ce4John Forte	TWEAK_VEC tweak_vector;
378fcf3ce4John Forte} TOKEN_DATA;
379fcf3ce4John Forte
380fcf3ce4John Fortetypedef struct _RSA_DIGEST_CONTEXT {
381fcf3ce4John Forte	DIGEST_CONTEXT hash_context;
382fcf3ce4John Forte	CK_BBOOL	flag;
383fcf3ce4John Forte} RSA_DIGEST_CONTEXT;
384fcf3ce4John Forte
385fcf3ce4John Fortetypedef struct _MECH_LIST_ELEMENT
386fcf3ce4John Forte{
387fcf3ce4John Forte	CK_MECHANISM_TYPE    mech_type;
388fcf3ce4John Forte	CK_MECHANISM_INFO    mech_info;
389fcf3ce4John Forte} MECH_LIST_ELEMENT;
390fcf3ce4John Forte
391fcf3ce4John Fortestruct mech_list_item;
392fcf3ce4John Forte
393fcf3ce4John Fortestruct mech_list_item {
394fcf3ce4John Forte	struct mech_list_item *next;
395fcf3ce4John Forte	MECH_LIST_ELEMENT element;
396fcf3ce4John Forte};
397fcf3ce4John Forte
398fcf3ce4John Fortestruct mech_list_item *
399fcf3ce4John Fortefind_mech_list_item_for_type(CK_MECHANISM_TYPE type,
400fcf3ce4John Forte	struct mech_list_item *head);
401fcf3ce4John Forte
402fcf3ce4John Fortetypedef struct _TOK_OBJ_ENTRY
403fcf3ce4John Forte{
404fcf3ce4John Forte	CK_BBOOL  deleted;
405fcf3ce4John Forte	char	name[8];
406fcf3ce4John Forte	CK_ULONG  count_lo;
407fcf3ce4John Forte	CK_ULONG  count_hi;
408fcf3ce4John Forte} TOK_OBJ_ENTRY;
409fcf3ce4John Forte
410fcf3ce4John Fortetypedef struct _LW_SHM_TYPE
411fcf3ce4John Forte{
412fcf3ce4John Forte	pthread_mutex_t	mutex;
413fcf3ce4John Forte	TOKEN_DATA	nv_token_data;
414fcf3ce4John Forte	CK_ULONG	num_priv_tok_obj;
415fcf3ce4John Forte	CK_ULONG	num_publ_tok_obj;
416fcf3ce4John Forte	CK_BBOOL	priv_loaded;
417fcf3ce4John Forte	CK_BBOOL	publ_loaded;
418fcf3ce4John Forte	CK_BBOOL	token_available;
419fcf3ce4John Forte	TOK_OBJ_ENTRY  publ_tok_objs[ MAX_TOK_OBJS ];
420fcf3ce4John Forte	TOK_OBJ_ENTRY  priv_tok_objs[ MAX_TOK_OBJS ];
421fcf3ce4John Forte} LW_SHM_TYPE;
422fcf3ce4John Forte
423fcf3ce4John Fortetypedef unsigned int CK_ULONG_32;
424fcf3ce4John Fortetypedef CK_ULONG_32 CK_OBJECT_CLASS_32;
425fcf3ce4John Fortetypedef CK_ULONG_32 CK_ATTRIBUTE_TYPE_32;
426fcf3ce4John Forte
427fcf3ce4John Fortetypedef struct CK_ATTRIBUTE_32 {
428fcf3ce4John Forte	CK_ATTRIBUTE_TYPE_32 type;
429fcf3ce4John Forte	CK_ULONG_32 pValue;
430fcf3ce4John Forte	CK_ULONG_32 ulValueLen;
431fcf3ce4John Forte} CK_ATTRIBUTE_32;
432fcf3ce4John Forte
433fcf3ce4John Fortechar *get_tpm_keystore_path();
434fcf3ce4John Forte
435fcf3ce4John Fortestruct messages {
436fcf3ce4John Forte	char *msg;
437fcf3ce4John Forte};
438fcf3ce4John Forte
439fcf3ce4John Fortestruct token_specific_struct {
440fcf3ce4John Forte	CK_BYTE  token_debug_tag[MAXPATHLEN];
441fcf3ce4John Forte
442fcf3ce4John Forte	CK_RV  (*t_init)(char *, CK_SLOT_ID, TSS_HCONTEXT *);
443fcf3ce4John Forte	int  (*t_slot2local)();
444fcf3ce4John Forte
445fcf3ce4John Forte	CK_RV  (*t_rng)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
446fcf3ce4John Forte	CK_RV  (*t_session)(CK_SLOT_ID);
447fcf3ce4John Forte	CK_RV  (*t_final)(TSS_HCONTEXT);
448fcf3ce4John Forte	CK_RV (*t_rsa_decrypt)(TSS_HCONTEXT, CK_BYTE *,
449fcf3ce4John Forte		CK_ULONG, CK_BYTE *, CK_ULONG *, OBJECT *);
450fcf3ce4John Forte
451fcf3ce4John Forte	CK_RV (*t_rsa_encrypt)(
452fcf3ce4John Forte		TSS_HCONTEXT,
453fcf3ce4John Forte		CK_BYTE *, CK_ULONG, CK_BYTE *,
454fcf3ce4John Forte		CK_ULONG *, OBJECT *);
455fcf3ce4John Forte
456fcf3ce4John Forte	CK_RV (*t_rsa_sign)(TSS_HCONTEXT,
457fcf3ce4John Forte		CK_BYTE *,
458fcf3ce4John Forte		CK_ULONG,
459fcf3ce4John Forte		CK_BYTE *,
460fcf3ce4John Forte		CK_ULONG *,
461fcf3ce4John Forte		OBJECT *);
462fcf3ce4John Forte
463fcf3ce4John Forte	CK_RV (*t_rsa_verify)(TSS_HCONTEXT,
464fcf3ce4John Forte		CK_BYTE *,
465fcf3ce4John Forte		CK_ULONG,
466fcf3ce4John Forte		CK_BYTE *,
467fcf3ce4John Forte		CK_ULONG,
468fcf3ce4John Forte		OBJECT *);
469fcf3ce4John Forte
470fcf3ce4John Forte	CK_RV (*t_rsa_generate_keypair)(TSS_HCONTEXT, TEMPLATE *, TEMPLATE *);
471fcf3ce4John Forte
472fcf3ce4John Forte	CK_RV (*t_sha_init)(DIGEST_CONTEXT *);
473fcf3ce4John Forte
474fcf3ce4John Forte	CK_RV (*t_sha_update)(
475fcf3ce4John Forte		DIGEST_CONTEXT *,
476fcf3ce4John Forte		CK_BYTE	*,
477fcf3ce4John Forte		CK_ULONG);
478fcf3ce4John Forte
479fcf3ce4John Forte	CK_RV (*t_sha_final)(
480fcf3ce4John Forte		DIGEST_CONTEXT *,
481fcf3ce4John Forte		CK_BYTE *,
482fcf3ce4John Forte		CK_ULONG *);
483fcf3ce4John Forte	CK_RV (*t_login)(TSS_HCONTEXT, CK_USER_TYPE, CK_BYTE *, CK_ULONG);
484fcf3ce4John Forte	CK_RV (*t_logout)(TSS_HCONTEXT);
485fcf3ce4John Forte	CK_RV (*t_init_pin)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
486fcf3ce4John Forte	CK_RV (*t_set_pin)(ST_SESSION_HANDLE, CK_BYTE *,
487fcf3ce4John Forte		CK_ULONG, CK_BYTE *, CK_ULONG);
488fcf3ce4John Forte	CK_RV (*t_verify_so_pin)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
489fcf3ce4John Forte};
490fcf3ce4John Forte
491fcf3ce4John Fortetypedef  struct token_specific_struct token_spec_t;
492fcf3ce4John Forte
493fcf3ce4John Forte/*
494fcf3ce4John Forte * Global Variables
495fcf3ce4John Forte */
496fcf3ce4John Forteextern void copy_slot_info(CK_SLOT_ID, CK_SLOT_INFO_PTR);
497fcf3ce4John Forte
498fcf3ce4John Forteextern struct messages err_msg[];
499fcf3ce4John Forte
500fcf3ce4John Forteextern token_spec_t token_specific;
501fcf3ce4John Forteextern CK_BBOOL initialized;
502fcf3ce4John Forteextern char *card_function_names[];
503fcf3ce4John Forteextern char *total_function_names[];
504fcf3ce4John Forte
505fcf3ce4John Forteextern MECH_LIST_ELEMENT mech_list[];
506fcf3ce4John Forteextern CK_ULONG mech_list_len;
507fcf3ce4John Forte
508fcf3ce4John Forteextern pthread_mutex_t native_mutex;
509fcf3ce4John Forte
510fcf3ce4John Forteextern void *xproclock;
511fcf3ce4John Forte
512fcf3ce4John Forteextern pthread_mutex_t pkcs_mutex, obj_list_mutex,
513fcf3ce4John Forte	sess_list_mutex, login_mutex;
514fcf3ce4John Forte
515fcf3ce4John Forteextern DL_NODE *sess_list;
516fcf3ce4John Forteextern DL_NODE *sess_obj_list;
517fcf3ce4John Forteextern DL_NODE *publ_token_obj_list;
518fcf3ce4John Forteextern DL_NODE *priv_token_obj_list;
519fcf3ce4John Forteextern DL_NODE *object_map;
520fcf3ce4John Forte
521fcf3ce4John Forteextern CK_BYTE so_pin_md5[MD5_DIGEST_LENGTH];
522fcf3ce4John Forteextern CK_BYTE user_pin_md5[MD5_DIGEST_LENGTH];
523fcf3ce4John Forte
524fcf3ce4John Forteextern CK_BYTE default_user_pin_sha[SHA1_DIGEST_LENGTH];
525fcf3ce4John Forteextern CK_BYTE default_so_pin_sha[SHA1_DIGEST_LENGTH];
526fcf3ce4John Forteextern CK_BYTE default_so_pin_md5[MD5_DIGEST_LENGTH];
527fcf3ce4John Forte
528fcf3ce4John Forteextern LW_SHM_TYPE *global_shm;
529fcf3ce4John Forte
530fcf3ce4John Forteextern TOKEN_DATA *nv_token_data;
531fcf3ce4John Forte
532fcf3ce4John Forteextern CK_ULONG next_object_handle;
533fcf3ce4John Forteextern CK_ULONG next_session_handle;
534fcf3ce4John Forte
535fcf3ce4John Forteextern CK_STATE global_login_state;
536fcf3ce4John Forte
537fcf3ce4John Forteextern CK_BYTE	ber_AlgIdRSAEncryption[];
538fcf3ce4John Forteextern CK_ULONG	ber_AlgIdRSAEncryptionLen;
539fcf3ce4John Forteextern CK_BYTE	ber_rsaEncryption[];
540fcf3ce4John Forteextern CK_ULONG	ber_rsaEncryptionLen;
541fcf3ce4John Forteextern CK_BYTE	ber_idDSA[];
542fcf3ce4John Forteextern CK_ULONG	ber_idDSALen;
543fcf3ce4John Forte
544fcf3ce4John Forteextern CK_BYTE ber_md5WithRSAEncryption[];
545fcf3ce4John Forteextern CK_ULONG ber_md5WithRSAEncryptionLen;
546fcf3ce4John Forteextern CK_BYTE ber_sha1WithRSAEncryption[];
547fcf3ce4John Forteextern CK_ULONG ber_sha1WithRSAEncryptionLen;
548fcf3ce4John Forteextern CK_BYTE ber_AlgMd5[];
549fcf3ce4John Forteextern CK_ULONG ber_AlgMd5Len;
550fcf3ce4John Forteextern CK_BYTE ber_AlgSha1[];
551fcf3ce4John Forteextern CK_ULONG ber_AlgSha1Len;
552fcf3ce4John Forte
553fcf3ce4John Forteextern CK_C_INITIALIZE_ARGS cinit_args;
554fcf3ce4John Forte
555fcf3ce4John Forte/*
556fcf3ce4John Forte * Function Prototypes
557fcf3ce4John Forte */
558fcf3ce4John Fortevoid *attach_shared_memory();
559fcf3ce4John Fortevoid  detach_shared_memory(char *);
560fcf3ce4John Forte
561fcf3ce4John Forteint API_Initialized();
562fcf3ce4John Fortevoid Terminate_All_Process_Sessions();
563fcf3ce4John Forteint API_Register();
564fcf3ce4John Fortevoid API_UnRegister();
565fcf3ce4John Forte
566fcf3ce4John Fortevoid CreateXProcLock(void *);
567fcf3ce4John Forteint XProcLock(void *);
568fcf3ce4John Forteint XProcUnLock(void *);
569fcf3ce4John Forte
570fcf3ce4John Fortevoid loginit();
571fcf3ce4John Fortevoid logterm();
572fcf3ce4John Fortevoid logit(int, char *, ...);
573fcf3ce4John Fortevoid AddToSessionList(Session_Struct_t *);
574fcf3ce4John Fortevoid RemoveFromSessionList(Session_Struct_t *);
575fcf3ce4John Forte
576fcf3ce4John Forteint Valid_Session(Session_Struct_t *, ST_SESSION_T *);
577fcf3ce4John Forte
578fcf3ce4John ForteCK_BBOOL pin_expired(CK_SESSION_INFO *, CK_FLAGS);
579fcf3ce4John ForteCK_BBOOL pin_locked(CK_SESSION_INFO *, CK_FLAGS);
580fcf3ce4John Fortevoid set_login_flags(CK_USER_TYPE, CK_FLAGS *);
581fcf3ce4John Forte
582fcf3ce4John Forteextern void init_slot_info(TOKEN_DATA *);
583fcf3ce4John Forte
584fcf3ce4John ForteCK_RV update_migration_data(TSS_HCONTEXT,
585fcf3ce4John Forte	TSS_HKEY, TSS_HKEY, char *, char *, BYTE *, BYTE *);
586fcf3ce4John ForteCK_RV token_rng(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
587fcf3ce4John Forte
588fcf3ce4John ForteTSS_RESULT set_public_modulus(TSS_HCONTEXT, TSS_HKEY,
589fcf3ce4John Forte    unsigned long, unsigned char *);
590fcf3ce4John ForteTSS_RESULT open_tss_context(TSS_HCONTEXT *);
591fcf3ce4John ForteCK_RV token_get_tpm_info(TSS_HCONTEXT, TOKEN_DATA *);
592fcf3ce4John Forte
593fcf3ce4John ForteCK_RV clock_set_default_attributes(TEMPLATE *);
594fcf3ce4John ForteCK_RV clock_check_required_attributes(TEMPLATE *, CK_ULONG);
595fcf3ce4John ForteCK_RV clock_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
596fcf3ce4John Forte
597fcf3ce4John ForteCK_RV counter_set_default_attributes(TEMPLATE *);
598fcf3ce4John ForteCK_RV counter_check_required_attributes(TEMPLATE *, CK_ULONG);
599fcf3ce4John ForteCK_RV counter_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
600fcf3ce4John Forte
601fcf3ce4John ForteCK_RV compute_next_token_obj_name(CK_BYTE *, CK_BYTE *);
602fcf3ce4John Forte
603fcf3ce4John ForteCK_RV save_token_object(TSS_HCONTEXT, OBJECT *);
604fcf3ce4John ForteCK_RV save_public_token_object(OBJECT *);
605fcf3ce4John ForteCK_RV save_private_token_object(TSS_HCONTEXT, OBJECT *);
606fcf3ce4John Forte
607fcf3ce4John ForteCK_RV load_public_token_objects(void);
608fcf3ce4John ForteCK_RV load_private_token_objects(TSS_HCONTEXT);
609fcf3ce4John Forte
610fcf3ce4John ForteCK_RV reload_token_object(TSS_HCONTEXT, OBJECT *);
611fcf3ce4John Forte
612fcf3ce4John ForteCK_RV delete_token_object(OBJECT *);
613fcf3ce4John Forte
614fcf3ce4John ForteCK_RV init_token_data(TSS_HCONTEXT, TOKEN_DATA *);
615fcf3ce4John ForteCK_RV load_token_data(TSS_HCONTEXT, TOKEN_DATA *);
616fcf3ce4John ForteCK_RV save_token_data(TOKEN_DATA *);
617fcf3ce4John Fortevoid copy_slot_info(CK_SLOT_ID, CK_SLOT_INFO_PTR);
618fcf3ce4John Forte
619fcf3ce4John ForteCK_RV compute_sha(CK_BYTE *, CK_ULONG_32, CK_BYTE *);
620fcf3ce4John Forte
621fcf3ce4John ForteCK_RV parity_is_odd(CK_BYTE);
622fcf3ce4John Forte
623fcf3ce4John ForteCK_RV build_attribute(CK_ATTRIBUTE_TYPE,
624fcf3ce4John Forte	CK_BYTE *, CK_ULONG, CK_ATTRIBUTE **);
625fcf3ce4John Forte
626fcf3ce4John ForteCK_RV add_pkcs_padding(CK_BYTE *, UINT32, UINT32, UINT32);
627fcf3ce4John Forte
628fcf3ce4John ForteCK_RV strip_pkcs_padding(CK_BYTE *, UINT32, UINT32 *);
629fcf3ce4John Forte
630fcf3ce4John ForteCK_RV remove_leading_zeros(CK_ATTRIBUTE *);
631fcf3ce4John Forte
632fcf3ce4John ForteCK_RV rsa_pkcs_encrypt(
633fcf3ce4John Forte	SESSION *,
634fcf3ce4John Forte	CK_BBOOL,
635fcf3ce4John Forte	ENCR_DECR_CONTEXT *,
636fcf3ce4John Forte	CK_BYTE *,
637fcf3ce4John Forte	CK_ULONG,
638fcf3ce4John Forte	CK_BYTE *,
639fcf3ce4John Forte	CK_ULONG *);
640fcf3ce4John Forte
641fcf3ce4John ForteCK_RV rsa_pkcs_decrypt(SESSION *,
642fcf3ce4John Forte	CK_BBOOL,
643fcf3ce4John Forte	ENCR_DECR_CONTEXT *,
644fcf3ce4John Forte	CK_BYTE *,
645fcf3ce4John Forte	CK_ULONG,
646fcf3ce4John Forte	CK_BYTE *,
647fcf3ce4John Forte	CK_ULONG *);
648fcf3ce4John Forte
649fcf3ce4John ForteCK_RV rsa_pkcs_sign(SESSION *,
650fcf3ce4John Forte	CK_BBOOL,
651fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
652fcf3ce4John Forte	CK_BYTE *,
653fcf3ce4John Forte	CK_ULONG,
654fcf3ce4John Forte	CK_BYTE *,
655fcf3ce4John Forte	CK_ULONG *);
656fcf3ce4John Forte
657fcf3ce4John ForteCK_RV rsa_pkcs_verify(SESSION *,
658fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
659fcf3ce4John Forte	CK_BYTE *,
660fcf3ce4John Forte	CK_ULONG,
661fcf3ce4John Forte	CK_BYTE *,
662fcf3ce4John Forte	CK_ULONG);
663fcf3ce4John Forte
664fcf3ce4John ForteCK_RV rsa_pkcs_verify_recover(SESSION *,
665fcf3ce4John Forte	CK_BBOOL,
666fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
667fcf3ce4John Forte	CK_BYTE *,
668fcf3ce4John Forte	CK_ULONG,
669fcf3ce4John Forte	CK_BYTE *,
670fcf3ce4John Forte	CK_ULONG *);
671fcf3ce4John Forte
672fcf3ce4John ForteCK_RV rsa_hash_pkcs_sign(SESSION *,
673fcf3ce4John Forte	CK_BBOOL,
674fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
675fcf3ce4John Forte	CK_BYTE *,
676fcf3ce4John Forte	CK_ULONG,
677fcf3ce4John Forte	CK_BYTE *,
678fcf3ce4John Forte	CK_ULONG *);
679fcf3ce4John Forte
680fcf3ce4John ForteCK_RV rsa_hash_pkcs_verify(SESSION *,
681fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
682fcf3ce4John Forte	CK_BYTE *,
683fcf3ce4John Forte	CK_ULONG,
684fcf3ce4John Forte	CK_BYTE *,
685fcf3ce4John Forte	CK_ULONG);
686fcf3ce4John Forte
687fcf3ce4John ForteCK_RV rsa_hash_pkcs_sign_update(SESSION *,
688fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
689fcf3ce4John Forte	CK_BYTE *,
690fcf3ce4John Forte	CK_ULONG);
691fcf3ce4John Forte
692fcf3ce4John ForteCK_RV rsa_hash_pkcs_verify_update(SESSION *,
693fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
694fcf3ce4John Forte	CK_BYTE *,
695fcf3ce4John Forte	CK_ULONG);
696fcf3ce4John Forte
697fcf3ce4John ForteCK_RV rsa_hash_pkcs_sign_final(SESSION *,
698fcf3ce4John Forte	CK_BBOOL,
699fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
700fcf3ce4John Forte	CK_BYTE *,
701fcf3ce4John Forte	CK_ULONG *);
702fcf3ce4John Forte
703fcf3ce4John ForteCK_RV rsa_hash_pkcs_verify_final(SESSION *,
704fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
705fcf3ce4John Forte	CK_BYTE *,
706fcf3ce4John Forte	CK_ULONG);
707fcf3ce4John Forte
708fcf3ce4John Forte
709fcf3ce4John ForteCK_RV ckm_rsa_key_pair_gen(TSS_HCONTEXT, TEMPLATE *, TEMPLATE *);
710fcf3ce4John Forte
711fcf3ce4John ForteCK_RV sha1_hash(SESSION *, CK_BBOOL,
712fcf3ce4John Forte	DIGEST_CONTEXT *,
713fcf3ce4John Forte	CK_BYTE *, CK_ULONG,
714fcf3ce4John Forte	CK_BYTE *, CK_ULONG *);
715fcf3ce4John Forte
716fcf3ce4John ForteCK_RV sha1_hmac_sign(SESSION *, CK_BBOOL,
717fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
718fcf3ce4John Forte	CK_BYTE *,
719fcf3ce4John Forte	CK_ULONG,
720fcf3ce4John Forte	CK_BYTE *,
721fcf3ce4John Forte	CK_ULONG *);
722fcf3ce4John Forte
723fcf3ce4John ForteCK_RV sha1_hmac_verify(SESSION *,
724fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
725fcf3ce4John Forte	CK_BYTE *,
726fcf3ce4John Forte	CK_ULONG,
727fcf3ce4John Forte	CK_BYTE *,
728fcf3ce4John Forte	CK_ULONG);
729fcf3ce4John Forte
730fcf3ce4John ForteCK_RV md5_hash(SESSION *, CK_BBOOL,
731fcf3ce4John Forte	DIGEST_CONTEXT *,
732fcf3ce4John Forte	CK_BYTE *, CK_ULONG,
733fcf3ce4John Forte	CK_BYTE *, CK_ULONG *);
734fcf3ce4John Forte
735fcf3ce4John ForteCK_RV md5_hmac_sign(SESSION *, CK_BBOOL,
736fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
737fcf3ce4John Forte	CK_BYTE *,
738fcf3ce4John Forte	CK_ULONG,
739fcf3ce4John Forte	CK_BYTE *,
740fcf3ce4John Forte	CK_ULONG *);
741fcf3ce4John Forte
742fcf3ce4John ForteCK_RV md5_hmac_verify(SESSION *,
743fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
744fcf3ce4John Forte	CK_BYTE *,
745fcf3ce4John Forte	CK_ULONG,
746fcf3ce4John Forte	CK_BYTE *,
747fcf3ce4John Forte	CK_ULONG);
748fcf3ce4John Forte
749fcf3ce4John ForteDL_NODE *dlist_add_as_first(DL_NODE *, void *);
750fcf3ce4John ForteDL_NODE *dlist_add_as_last(DL_NODE *, void *);
751fcf3ce4John ForteDL_NODE *dlist_find(DL_NODE *, void *);
752fcf3ce4John ForteDL_NODE *dlist_get_first(DL_NODE *);
753fcf3ce4John ForteDL_NODE *dlist_get_last(DL_NODE *);
754fcf3ce4John Forte	CK_ULONG dlist_length(DL_NODE *);
755fcf3ce4John ForteDL_NODE *dlist_next(DL_NODE *);
756fcf3ce4John ForteDL_NODE *dlist_prev(DL_NODE *);
757fcf3ce4John Fortevoid dlist_purge(DL_NODE *);
758fcf3ce4John ForteDL_NODE *dlist_remove_node(DL_NODE *, DL_NODE *);
759fcf3ce4John Forte
760fcf3ce4John ForteCK_RV attach_shm(void);
761fcf3ce4John ForteCK_RV detach_shm(void);
762fcf3ce4John Forte
763fcf3ce4John Forte// encryption manager routines
764fcf3ce4John Forte//
765fcf3ce4John ForteCK_RV encr_mgr_init(SESSION *,
766fcf3ce4John Forte	ENCR_DECR_CONTEXT *,
767fcf3ce4John Forte	CK_ULONG,
768fcf3ce4John Forte	CK_MECHANISM *,
769fcf3ce4John Forte	CK_OBJECT_HANDLE);
770fcf3ce4John Forte
771fcf3ce4John ForteCK_RV encr_mgr_cleanup(ENCR_DECR_CONTEXT *);
772fcf3ce4John Forte
773fcf3ce4John ForteCK_RV encr_mgr_encrypt(SESSION *, CK_BBOOL,
774fcf3ce4John Forte	ENCR_DECR_CONTEXT *,
775fcf3ce4John Forte	CK_BYTE *, CK_ULONG,
776fcf3ce4John Forte	CK_BYTE *, CK_ULONG *);
777fcf3ce4John Forte
778fcf3ce4John ForteCK_RV decr_mgr_init(SESSION *,
779fcf3ce4John Forte	ENCR_DECR_CONTEXT *,
780fcf3ce4John Forte	CK_ULONG,
781fcf3ce4John Forte	CK_MECHANISM *,
782fcf3ce4John Forte	CK_OBJECT_HANDLE);
783fcf3ce4John Forte
784fcf3ce4John ForteCK_RV decr_mgr_cleanup(ENCR_DECR_CONTEXT *);
785fcf3ce4John Forte
786fcf3ce4John ForteCK_RV decr_mgr_decrypt(SESSION *, CK_BBOOL,
787fcf3ce4John Forte	ENCR_DECR_CONTEXT *,
788fcf3ce4John Forte	CK_BYTE *, CK_ULONG,
789fcf3ce4John Forte	CK_BYTE *, CK_ULONG *);
790fcf3ce4John Forte
791fcf3ce4John ForteCK_RV digest_mgr_cleanup(DIGEST_CONTEXT *);
792fcf3ce4John Forte
793fcf3ce4John ForteCK_RV digest_mgr_init(SESSION *,
794fcf3ce4John Forte	DIGEST_CONTEXT *,
795fcf3ce4John Forte	CK_MECHANISM *);
796fcf3ce4John Forte
797fcf3ce4John ForteCK_RV digest_mgr_digest(SESSION *, CK_BBOOL,
798fcf3ce4John Forte	DIGEST_CONTEXT *,
799fcf3ce4John Forte	CK_BYTE *, CK_ULONG,
800fcf3ce4John Forte	CK_BYTE *, CK_ULONG *);
801fcf3ce4John Forte
802fcf3ce4John ForteCK_RV digest_mgr_digest_update(SESSION *,
803fcf3ce4John Forte	DIGEST_CONTEXT *,
804fcf3ce4John Forte	CK_BYTE *, CK_ULONG);
805fcf3ce4John Forte
806fcf3ce4John ForteCK_RV digest_mgr_digest_key(SESSION *,
807fcf3ce4John Forte	DIGEST_CONTEXT *,
808fcf3ce4John Forte	CK_OBJECT_HANDLE);
809fcf3ce4John Forte
810fcf3ce4John ForteCK_RV digest_mgr_digest_final(SESSION *,
811fcf3ce4John Forte	DIGEST_CONTEXT *,
812fcf3ce4John Forte	CK_BYTE *, CK_ULONG *);
813fcf3ce4John Forte
814fcf3ce4John ForteCK_RV key_mgr_generate_key_pair(SESSION *,
815fcf3ce4John Forte	CK_MECHANISM *,
816fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ULONG,
817fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ULONG,
818fcf3ce4John Forte	CK_OBJECT_HANDLE *,
819fcf3ce4John Forte	CK_OBJECT_HANDLE *);
820fcf3ce4John Forte
821fcf3ce4John ForteCK_RV key_mgr_wrap_key(SESSION *,
822fcf3ce4John Forte	CK_BBOOL,
823fcf3ce4John Forte	CK_MECHANISM *,
824fcf3ce4John Forte	CK_OBJECT_HANDLE,
825fcf3ce4John Forte	CK_OBJECT_HANDLE,
826fcf3ce4John Forte	CK_BYTE *,
827fcf3ce4John Forte	CK_ULONG *);
828fcf3ce4John Forte
829fcf3ce4John ForteCK_RV key_mgr_unwrap_key(SESSION *,
830fcf3ce4John Forte	CK_MECHANISM *,
831fcf3ce4John Forte	CK_ATTRIBUTE *,
832fcf3ce4John Forte	CK_ULONG,
833fcf3ce4John Forte	CK_BYTE *,
834fcf3ce4John Forte	CK_ULONG,
835fcf3ce4John Forte	CK_OBJECT_HANDLE,
836fcf3ce4John Forte	CK_OBJECT_HANDLE *);
837fcf3ce4John Forte
838fcf3ce4John ForteCK_RV sign_mgr_init(SESSION *,
839fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
840fcf3ce4John Forte	CK_MECHANISM *,
841fcf3ce4John Forte	CK_BBOOL,
842fcf3ce4John Forte	CK_OBJECT_HANDLE);
843fcf3ce4John Forte
844fcf3ce4John ForteCK_RV sign_mgr_cleanup(SIGN_VERIFY_CONTEXT *);
845fcf3ce4John Forte
846fcf3ce4John ForteCK_RV sign_mgr_sign(SESSION *,
847fcf3ce4John Forte	CK_BBOOL,
848fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
849fcf3ce4John Forte	CK_BYTE *,
850fcf3ce4John Forte	CK_ULONG,
851fcf3ce4John Forte	CK_BYTE *,
852fcf3ce4John Forte	CK_ULONG *);
853fcf3ce4John Forte
854fcf3ce4John ForteCK_RV sign_mgr_sign_recover(SESSION *,
855fcf3ce4John Forte	CK_BBOOL,
856fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
857fcf3ce4John Forte	CK_BYTE *,
858fcf3ce4John Forte	CK_ULONG,
859fcf3ce4John Forte	CK_BYTE *,
860fcf3ce4John Forte	CK_ULONG *);
861fcf3ce4John Forte
862fcf3ce4John ForteCK_RV sign_mgr_sign_final(SESSION *,
863fcf3ce4John Forte	CK_BBOOL,
864fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
865fcf3ce4John Forte	CK_BYTE *,
866fcf3ce4John Forte	CK_ULONG *);
867fcf3ce4John Forte
868fcf3ce4John ForteCK_RV sign_mgr_sign_update(SESSION *,
869fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
870fcf3ce4John Forte	CK_BYTE *,
871fcf3ce4John Forte	CK_ULONG);
872fcf3ce4John Forte
873fcf3ce4John ForteCK_RV verify_mgr_init(SESSION *,
874fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
875fcf3ce4John Forte	CK_MECHANISM *,
876fcf3ce4John Forte	CK_BBOOL,
877fcf3ce4John Forte	CK_OBJECT_HANDLE);
878fcf3ce4John Forte
879fcf3ce4John ForteCK_RV verify_mgr_cleanup(SIGN_VERIFY_CONTEXT *);
880fcf3ce4John Forte
881fcf3ce4John ForteCK_RV verify_mgr_verify(SESSION *,
882fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
883fcf3ce4John Forte	CK_BYTE *,
884fcf3ce4John Forte	CK_ULONG,
885fcf3ce4John Forte	CK_BYTE *,
886fcf3ce4John Forte	CK_ULONG);
887fcf3ce4John Forte
888fcf3ce4John ForteCK_RV verify_mgr_verify_recover(SESSION *,
889fcf3ce4John Forte	CK_BBOOL,
890fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
891fcf3ce4John Forte	CK_BYTE *,
892fcf3ce4John Forte	CK_ULONG,
893fcf3ce4John Forte	CK_BYTE *,
894fcf3ce4John Forte	CK_ULONG *);
895fcf3ce4John Forte
896fcf3ce4John ForteCK_RV verify_mgr_verify_update(SESSION *,
897fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
898fcf3ce4John Forte	CK_BYTE *,
899fcf3ce4John Forte	CK_ULONG);
900fcf3ce4John Forte
901fcf3ce4John ForteCK_RV verify_mgr_verify_final(SESSION *,
902fcf3ce4John Forte	SIGN_VERIFY_CONTEXT *,
903fcf3ce4John Forte	CK_BYTE *,
904fcf3ce4John Forte	CK_ULONG);
905fcf3ce4John Forte
906fcf3ce4John Forte
907fcf3ce4John Forte// session manager routines
908fcf3ce4John Forte//
909fcf3ce4John ForteCK_RV session_mgr_close_all_sessions(void);
910fcf3ce4John ForteCK_RV session_mgr_close_session(SESSION *);
911fcf3ce4John ForteSESSION *session_mgr_find(CK_SESSION_HANDLE);
912fcf3ce4John ForteCK_RV session_mgr_login_all(CK_USER_TYPE);
913fcf3ce4John ForteCK_RV session_mgr_logout_all(void);
914fcf3ce4John ForteCK_RV session_mgr_new(CK_ULONG, SESSION **);
915fcf3ce4John Forte
916fcf3ce4John ForteCK_BBOOL session_mgr_readonly_exists(void);
917fcf3ce4John ForteCK_BBOOL session_mgr_so_session_exists(void);
918fcf3ce4John ForteCK_BBOOL session_mgr_user_session_exists(void);
919fcf3ce4John ForteCK_BBOOL session_mgr_public_session_exists(void);
920fcf3ce4John Forte
921fcf3ce4John ForteCK_RV session_mgr_get_op_state(SESSION *, CK_BBOOL,
922fcf3ce4John Forte	CK_BYTE *, CK_ULONG *);
923fcf3ce4John Forte
924fcf3ce4John ForteCK_RV session_mgr_set_op_state(SESSION *,
925fcf3ce4John Forte	CK_OBJECT_HANDLE, CK_OBJECT_HANDLE, CK_BYTE *);
926fcf3ce4John Forte
927fcf3ce4John ForteCK_RV object_mgr_add(SESSION *,
928fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ULONG, CK_OBJECT_HANDLE *);
929fcf3ce4John Forte
930fcf3ce4John ForteCK_RV object_mgr_add_to_map(SESSION *, OBJECT *, CK_OBJECT_HANDLE *);
931fcf3ce4John Forte
932fcf3ce4John ForteCK_RV object_mgr_add_to_shm(OBJECT *);
933fcf3ce4John ForteCK_RV object_mgr_del_from_shm(OBJECT *);
934fcf3ce4John Forte
935fcf3ce4John ForteCK_RV object_mgr_copy(SESSION *,
936fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ULONG, CK_OBJECT_HANDLE,
937fcf3ce4John Forte	CK_OBJECT_HANDLE *);
938fcf3ce4John Forte
939fcf3ce4John ForteCK_RV object_mgr_create_final(SESSION *,
940fcf3ce4John Forte	OBJECT *, CK_OBJECT_HANDLE *);
941fcf3ce4John Forte
942fcf3ce4John ForteCK_RV object_mgr_create_skel(SESSION *,
943fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ULONG, CK_ULONG,
944fcf3ce4John Forte	CK_ULONG, CK_ULONG, OBJECT **);
945fcf3ce4John Forte
946fcf3ce4John ForteCK_RV object_mgr_destroy_object(SESSION *, CK_OBJECT_HANDLE);
947fcf3ce4John Forte
948fcf3ce4John ForteCK_RV object_mgr_destroy_token_objects(TSS_HCONTEXT);
949fcf3ce4John Forte
950fcf3ce4John ForteCK_RV object_mgr_find_in_map1(TSS_HCONTEXT, CK_OBJECT_HANDLE, OBJECT **);
951fcf3ce4John Forte
952fcf3ce4John ForteCK_RV object_mgr_find_in_map2(TSS_HCONTEXT, OBJECT *, CK_OBJECT_HANDLE *);
953fcf3ce4John Forte
954fcf3ce4John ForteCK_RV object_mgr_find_init(SESSION *, CK_ATTRIBUTE *, CK_ULONG);
955fcf3ce4John Forte
956fcf3ce4John ForteCK_RV object_mgr_find_build_list(SESSION *,
957fcf3ce4John Forte	CK_ATTRIBUTE *,
958fcf3ce4John Forte	CK_ULONG,
959fcf3ce4John Forte	DL_NODE *,
960fcf3ce4John Forte	CK_BBOOL public_only);
961fcf3ce4John Forte
962fcf3ce4John ForteCK_RV object_mgr_find_final(SESSION *);
963fcf3ce4John Forte
964fcf3ce4John ForteCK_RV object_mgr_get_attribute_values(SESSION *,
965fcf3ce4John Forte	CK_OBJECT_HANDLE,
966fcf3ce4John Forte	CK_ATTRIBUTE *,
967fcf3ce4John Forte	CK_ULONG);
968fcf3ce4John Forte
969fcf3ce4John ForteCK_RV object_mgr_get_object_size(TSS_HCONTEXT, CK_OBJECT_HANDLE,
970fcf3ce4John Forte	CK_ULONG *);
971fcf3ce4John Forte
972fcf3ce4John ForteCK_BBOOL object_mgr_invalidate_handle1(CK_OBJECT_HANDLE handle);
973fcf3ce4John Forte
974fcf3ce4John ForteCK_BBOOL object_mgr_invalidate_handle2(OBJECT *);
975fcf3ce4John Forte
976fcf3ce4John ForteCK_BBOOL object_mgr_purge_session_objects(SESSION *, SESS_OBJ_TYPE);
977fcf3ce4John Forte
978fcf3ce4John ForteCK_BBOOL object_mgr_purge_token_objects(TSS_HCONTEXT);
979fcf3ce4John Forte
980fcf3ce4John ForteCK_BBOOL object_mgr_purge_private_token_objects(TSS_HCONTEXT);
981fcf3ce4John Forte
982fcf3ce4John ForteCK_RV object_mgr_remove_from_map(CK_OBJECT_HANDLE);
983fcf3ce4John Forte
984fcf3ce4John ForteCK_RV object_mgr_restore_obj(CK_BYTE *, OBJECT *);
985fcf3ce4John Forte
986fcf3ce4John ForteCK_RV object_mgr_set_attribute_values(SESSION *,
987fcf3ce4John Forte	CK_OBJECT_HANDLE,
988fcf3ce4John Forte	CK_ATTRIBUTE *,
989fcf3ce4John Forte	CK_ULONG);
990fcf3ce4John Forte
991fcf3ce4John ForteCK_BBOOL object_mgr_purge_map(SESSION *, SESS_OBJ_TYPE);
992fcf3ce4John Forte
993fcf3ce4John ForteCK_RV object_create(CK_ATTRIBUTE *, CK_ULONG, OBJECT **);
994fcf3ce4John Forte
995fcf3ce4John ForteCK_RV object_create_skel(CK_ATTRIBUTE *,
996fcf3ce4John Forte	CK_ULONG,
997fcf3ce4John Forte	CK_ULONG,
998fcf3ce4John Forte	CK_ULONG,
999fcf3ce4John Forte	CK_ULONG,
1000fcf3ce4John Forte	OBJECT **);
1001fcf3ce4John Forte
1002fcf3ce4John ForteCK_RV object_copy(CK_ATTRIBUTE *,
1003fcf3ce4John Forte	CK_ULONG,
1004fcf3ce4John Forte	OBJECT *,
1005fcf3ce4John Forte	OBJECT **);
1006fcf3ce4John Forte
1007fcf3ce4John ForteCK_RV object_flatten(OBJECT *,
1008fcf3ce4John Forte	CK_BYTE **,
1009fcf3ce4John Forte	CK_ULONG_32 *);
1010fcf3ce4John Forte
1011fcf3ce4John ForteCK_BBOOL object_free(OBJECT *);
1012fcf3ce4John Forte
1013fcf3ce4John ForteCK_RV object_get_attribute_values(OBJECT *,
1014fcf3ce4John Forte	CK_ATTRIBUTE *,
1015fcf3ce4John Forte	CK_ULONG);
1016fcf3ce4John Forte
1017fcf3ce4John ForteCK_ULONG object_get_size(OBJECT *);
1018fcf3ce4John Forte
1019fcf3ce4John ForteCK_RV object_restore(CK_BYTE *,
1020fcf3ce4John Forte	OBJECT **,
1021fcf3ce4John Forte	CK_BBOOL replace);
1022fcf3ce4John Forte
1023fcf3ce4John ForteCK_RV object_set_attribute_values(OBJECT *,
1024fcf3ce4John Forte	CK_ATTRIBUTE *,
1025fcf3ce4John Forte	CK_ULONG);
1026fcf3ce4John Forte
1027fcf3ce4John ForteCK_BBOOL object_is_modifiable(OBJECT *);
1028fcf3ce4John ForteCK_BBOOL object_is_private(OBJECT *);
1029fcf3ce4John ForteCK_BBOOL object_is_public(OBJECT *);
1030fcf3ce4John ForteCK_BBOOL object_is_token_object(OBJECT *);
1031fcf3ce4John ForteCK_BBOOL object_is_session_object(OBJECT *);
1032fcf3ce4John Forte
1033fcf3ce4John ForteCK_BBOOL is_attribute_defined(CK_ATTRIBUTE_TYPE);
1034fcf3ce4John Forte
1035fcf3ce4John ForteCK_RV template_add_attributes(TEMPLATE *,
1036fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ULONG);
1037fcf3ce4John Forte
1038fcf3ce4John ForteCK_RV template_add_default_attributes(TEMPLATE *,
1039fcf3ce4John Forte	CK_ULONG,
1040fcf3ce4John Forte	CK_ULONG,
1041fcf3ce4John Forte	CK_ULONG);
1042fcf3ce4John Forte
1043fcf3ce4John ForteCK_BBOOL template_attribute_find(TEMPLATE *,
1044fcf3ce4John Forte	CK_ATTRIBUTE_TYPE, CK_ATTRIBUTE **);
1045fcf3ce4John Forte
1046fcf3ce4John Fortevoid template_attribute_find_multiple(TEMPLATE *,
1047fcf3ce4John Forte	ATTRIBUTE_PARSE_LIST *,
1048fcf3ce4John Forte	CK_ULONG);
1049fcf3ce4John Forte
1050fcf3ce4John ForteCK_BBOOL template_check_exportability(TEMPLATE *, CK_ATTRIBUTE_TYPE type);
1051fcf3ce4John Forte
1052fcf3ce4John ForteCK_RV template_check_required_attributes(TEMPLATE *,
1053fcf3ce4John Forte	CK_ULONG, CK_ULONG, CK_ULONG);
1054fcf3ce4John Forte
1055fcf3ce4John ForteCK_RV template_check_required_base_attributes(TEMPLATE *,
1056fcf3ce4John Forte	CK_ULONG);
1057fcf3ce4John Forte
1058fcf3ce4John ForteCK_BBOOL template_compare(CK_ATTRIBUTE *,
1059fcf3ce4John Forte	CK_ULONG, TEMPLATE *);
1060fcf3ce4John Forte
1061fcf3ce4John ForteCK_RV template_copy(TEMPLATE *, TEMPLATE *);
1062fcf3ce4John Forte
1063fcf3ce4John ForteCK_RV template_flatten(TEMPLATE *, CK_BYTE *);
1064fcf3ce4John Forte
1065fcf3ce4John ForteCK_RV template_free(TEMPLATE *);
1066fcf3ce4John Forte
1067fcf3ce4John ForteCK_BBOOL template_get_class(TEMPLATE *, CK_ULONG *, CK_ULONG *);
1068fcf3ce4John Forte
1069fcf3ce4John ForteCK_ULONG template_get_count(TEMPLATE *);
1070fcf3ce4John Forte
1071fcf3ce4John ForteCK_ULONG template_get_size(TEMPLATE *);
1072fcf3ce4John ForteCK_ULONG template_get_compressed_size(TEMPLATE *);
1073fcf3ce4John Forte
1074fcf3ce4John ForteCK_RV template_set_default_common_attributes(TEMPLATE *);
1075fcf3ce4John Forte
1076fcf3ce4John ForteCK_RV template_merge(TEMPLATE *, TEMPLATE **);
1077fcf3ce4John Forte
1078fcf3ce4John ForteCK_RV template_update_attribute(TEMPLATE *, CK_ATTRIBUTE *);
1079fcf3ce4John Forte
1080fcf3ce4John ForteCK_RV template_unflatten(TEMPLATE **, CK_BYTE *, CK_ULONG);
1081fcf3ce4John Forte
1082fcf3ce4John ForteCK_RV template_validate_attribute(TEMPLATE *,
1083fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ULONG, CK_ULONG, CK_ULONG);
1084fcf3ce4John Forte
1085fcf3ce4John ForteCK_RV template_validate_attributes(TEMPLATE *,
1086fcf3ce4John Forte	CK_ULONG, CK_ULONG, CK_ULONG);
1087fcf3ce4John Forte
1088fcf3ce4John ForteCK_RV template_validate_base_attribute(TEMPLATE *,
1089fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ULONG);
1090fcf3ce4John Forte
1091fcf3ce4John Forte
1092fcf3ce4John Forte// DATA OBJECT ROUTINES
1093fcf3ce4John Forte//
1094fcf3ce4John ForteCK_RV data_object_check_required_attributes(TEMPLATE *, CK_ULONG);
1095fcf3ce4John ForteCK_RV data_object_set_default_attributes(TEMPLATE *, CK_ULONG);
1096fcf3ce4John ForteCK_RV data_object_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1097fcf3ce4John Forte
1098fcf3ce4John Forte// CERTIFICATE ROUTINES
1099fcf3ce4John ForteCK_RV cert_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1100fcf3ce4John Forte
1101fcf3ce4John ForteCK_RV cert_x509_check_required_attributes(TEMPLATE *, CK_ULONG);
1102fcf3ce4John ForteCK_RV cert_x509_set_default_attributes(TEMPLATE *, CK_ULONG);
1103fcf3ce4John ForteCK_RV cert_x509_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1104fcf3ce4John ForteCK_RV cert_vendor_check_required_attributes(TEMPLATE *, CK_ULONG);
1105fcf3ce4John ForteCK_RV cert_vendor_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1106fcf3ce4John Forte
1107fcf3ce4John Forte//
1108fcf3ce4John Forte// KEY ROUTINES
1109fcf3ce4John Forte//
1110fcf3ce4John ForteCK_RV key_object_check_required_attributes(TEMPLATE *, CK_ULONG);
1111fcf3ce4John ForteCK_RV key_object_set_default_attributes(TEMPLATE *, CK_ULONG);
1112fcf3ce4John ForteCK_RV key_object_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1113fcf3ce4John Forte
1114fcf3ce4John ForteCK_RV publ_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1115fcf3ce4John ForteCK_RV publ_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1116fcf3ce4John ForteCK_RV publ_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1117fcf3ce4John Forte
1118fcf3ce4John ForteCK_RV priv_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1119fcf3ce4John ForteCK_RV priv_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1120fcf3ce4John ForteCK_RV priv_key_unwrap(TEMPLATE *, CK_ULONG, CK_BYTE *, CK_ULONG);
1121fcf3ce4John ForteCK_RV priv_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1122fcf3ce4John Forte
1123fcf3ce4John Forte	CK_BBOOL secret_key_check_exportability(CK_ATTRIBUTE_TYPE type);
1124fcf3ce4John ForteCK_RV secret_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1125fcf3ce4John ForteCK_RV secret_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1126fcf3ce4John ForteCK_RV secret_key_unwrap(TEMPLATE *, CK_ULONG, CK_BYTE *, CK_ULONG,
1127fcf3ce4John Forte	CK_BBOOL fromend);
1128fcf3ce4John ForteCK_RV secret_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *,
1129fcf3ce4John Forte	CK_ULONG);
1130fcf3ce4John Forte
1131fcf3ce4John Forte// rsa routines
1132fcf3ce4John Forte//
1133fcf3ce4John ForteCK_RV rsa_publ_check_required_attributes(TEMPLATE *, CK_ULONG);
1134fcf3ce4John ForteCK_RV rsa_publ_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1135fcf3ce4John ForteCK_RV rsa_publ_set_default_attributes(TEMPLATE *, CK_ULONG);
1136fcf3ce4John Forte	CK_BBOOL rsa_priv_check_exportability(CK_ATTRIBUTE_TYPE type);
1137fcf3ce4John ForteCK_RV rsa_priv_check_required_attributes(TEMPLATE *, CK_ULONG);
1138fcf3ce4John ForteCK_RV rsa_priv_set_default_attributes(TEMPLATE *, CK_ULONG);
1139fcf3ce4John ForteCK_RV rsa_priv_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1140fcf3ce4John ForteCK_RV rsa_priv_wrap_get_data(TEMPLATE *, CK_BBOOL, CK_BYTE **, CK_ULONG *);
1141fcf3ce4John ForteCK_RV rsa_priv_unwrap(TEMPLATE *, CK_BYTE *, CK_ULONG);
1142fcf3ce4John Forte
1143fcf3ce4John Forte// Generic secret key routines
1144fcf3ce4John ForteCK_RV generic_secret_check_required_attributes(TEMPLATE *, CK_ULONG);
1145fcf3ce4John ForteCK_RV generic_secret_set_default_attributes(TEMPLATE *, CK_ULONG);
1146fcf3ce4John ForteCK_RV generic_secret_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1147fcf3ce4John ForteCK_RV generic_secret_wrap_get_data(TEMPLATE *, CK_BBOOL,
1148fcf3ce4John Forte	CK_BYTE **, CK_ULONG *);
1149fcf3ce4John Forte
1150fcf3ce4John ForteCK_RV generic_secret_unwrap(TEMPLATE *, CK_BYTE *, CK_ULONG, CK_BBOOL fromend);
1151fcf3ce4John Forte
1152fcf3ce4John ForteCK_RV tpm_encrypt_data(TSS_HCONTEXT,
1153fcf3ce4John Forte	TSS_HKEY, CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *);
1154fcf3ce4John Forte
1155fcf3ce4John ForteCK_RV tpm_decrypt_data(TSS_HCONTEXT,
1156fcf3ce4John Forte	TSS_HKEY, CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *);
1157fcf3ce4John Forte
1158fcf3ce4John ForteCK_ULONG ber_encode_INTEGER(CK_BBOOL,
1159fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1160fcf3ce4John Forte
1161fcf3ce4John ForteCK_RV ber_decode_INTEGER(CK_BYTE *,
1162fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_ULONG *);
1163fcf3ce4John Forte
1164fcf3ce4John ForteCK_RV ber_encode_OCTET_STRING(CK_BBOOL,
1165fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1166fcf3ce4John Forte
1167fcf3ce4John ForteCK_RV ber_decode_OCTET_STRING(CK_BYTE *,
1168fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_ULONG *);
1169fcf3ce4John Forte
1170fcf3ce4John ForteCK_RV ber_encode_SEQUENCE(CK_BBOOL,
1171fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1172fcf3ce4John Forte
1173fcf3ce4John ForteCK_RV ber_decode_SEQUENCE(CK_BYTE *,
1174fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_ULONG *);
1175fcf3ce4John Forte
1176fcf3ce4John ForteCK_RV ber_encode_PrivateKeyInfo(CK_BBOOL,
1177fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_BYTE *,
1178fcf3ce4John Forte	CK_ULONG, CK_BYTE *, CK_ULONG);
1179fcf3ce4John Forte
1180fcf3ce4John ForteCK_RV ber_decode_PrivateKeyInfo(CK_BYTE *,
1181fcf3ce4John Forte	CK_ULONG, CK_BYTE **, CK_ULONG *, CK_BYTE **);
1182fcf3ce4John Forte
1183fcf3ce4John ForteCK_RV ber_encode_RSAPrivateKey(CK_BBOOL,
1184fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_ATTRIBUTE *,
1185fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *,
1186fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *,
1187fcf3ce4John Forte	CK_ATTRIBUTE *);
1188fcf3ce4John Forte
1189fcf3ce4John ForteCK_RV ber_decode_RSAPrivateKey(CK_BYTE *,
1190fcf3ce4John Forte	CK_ULONG, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1191fcf3ce4John Forte	CK_ATTRIBUTE **, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1192fcf3ce4John Forte	CK_ATTRIBUTE **, CK_ATTRIBUTE **, CK_ATTRIBUTE **);
1193fcf3ce4John Forte
1194fcf3ce4John Forte
1195fcf3ce4John ForteCK_RV ber_encode_DSAPrivateKey(CK_BBOOL,
1196fcf3ce4John Forte	CK_BYTE **, CK_ULONG *, CK_ATTRIBUTE *,
1197fcf3ce4John Forte	CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *);
1198fcf3ce4John Forte
1199fcf3ce4John ForteCK_RV ber_decode_DSAPrivateKey(CK_BYTE *,
1200fcf3ce4John Forte	CK_ULONG, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1201fcf3ce4John Forte	CK_ATTRIBUTE **, CK_ATTRIBUTE **);
1202fcf3ce4John Forte
1203fcf3ce4John Forte#define	APPID	"TPM_STDLL"
1204fcf3ce4John Forte
1205fcf3ce4John Forte/* log to stdout */
1206fcf3ce4John Forte#define	LogMessage(dest, priority, layer, fmt, ...) \
1207fcf3ce4John Forte	(void) fprintf(dest, "%s %s %s:%d " fmt "\n", (char *)priority, \
1208fcf3ce4John Forte		(char *)layer, (char *)__FILE__,\
1209fcf3ce4John Forte		(int)__LINE__, __VA_ARGS__);
1210fcf3ce4John Forte
1211fcf3ce4John Forte#define	LogMessage1(dest, priority, layer, data) \
1212fcf3ce4John Forte	(void) fprintf(dest, "%s %s %s:%d %s\n", priority, layer, __FILE__, \
1213fcf3ce4John Forte	__LINE__, data);
1214fcf3ce4John Forte
1215fcf3ce4John Forte/* Debug logging */
1216fcf3ce4John Forte#ifdef DEBUG
1217fcf3ce4John Forte#define	LogDebug(fmt, ...) LogMessage(stdout, "LOG_DEBUG", APPID, \
1218fcf3ce4John Forte	fmt, __VA_ARGS__)
1219fcf3ce4John Forte
1220fcf3ce4John Forte#define	LogDebug1(data) LogMessage1(stdout, "LOG_DEBUG", APPID, data)
1221fcf3ce4John Forte
1222fcf3ce4John Forte/* Error logging */
1223fcf3ce4John Forte#define	LogError(fmt, ...) LogMessage(stderr, "LOG_ERR", APPID,\
1224fcf3ce4John Forte	"ERROR: " fmt, __VA_ARGS__)
1225fcf3ce4John Forte
1226fcf3ce4John Forte#define	LogError1(data) LogMessage1(stderr, "LOG_ERR", APPID,\
1227fcf3ce4John Forte	"ERROR: " data)
1228fcf3ce4John Forte
1229fcf3ce4John Forte/* Warn logging */
1230fcf3ce4John Forte#define	LogWarn(fmt, ...) LogMessage(stdout, "LOG_WARNING", APPID,\
1231fcf3ce4John Forte	"WARNING: " fmt, __VA_ARGS__)
1232fcf3ce4John Forte
1233fcf3ce4John Forte#define	LogWarn1(data) LogMessage1(stdout, "LOG_WARNING", APPID,\
1234fcf3ce4John Forte	"WARNING: " data)
1235fcf3ce4John Forte
1236fcf3ce4John Forte/* Info Logging */
1237fcf3ce4John Forte#define	LogInfo(fmt, ...) LogMessage(stdout, "LOG_INFO", APPID,\
1238fcf3ce4John Forte	fmt, __VA_ARGS__)
1239fcf3ce4John Forte
1240fcf3ce4John Forte#define	LogInfo1(data) LogMessage1(stdout, "LOG_INFO", APPID, data)
1241fcf3ce4John Forte
1242fcf3ce4John Forte#define	st_err_log(...) LogMessage(stderr, "ST MSG", APPID,\
1243fcf3ce4John Forte	"", __VA_ARGS__)
1244fcf3ce4John Forte#else
1245fcf3ce4John Forte#define	LogDebug(...)
1246fcf3ce4John Forte#define	LogDebug1(...)
1247fcf3ce4John Forte#define	LogBlob(...)
1248fcf3ce4John Forte#define	LogError(...)
1249fcf3ce4John Forte#define	LogError1(...)
1250fcf3ce4John Forte#define	LogWarn(...)
1251fcf3ce4John Forte#define	LogWarn1(...)
1252fcf3ce4John Forte#define	LogInfo(...)
1253fcf3ce4John Forte#define	LogInfo1(...)
1254fcf3ce4John Forte#define	st_err_log(...)
1255fcf3ce4John Forte#endif
1256fcf3ce4John Forte
1257fcf3ce4John Forte/*
1258fcf3ce4John Forte * CK_FUNCTION_LIST is a structure holding a Cryptoki spec
1259fcf3ce4John Forte * version and pointers of appropriate types to all the
1260fcf3ce4John Forte * Cryptoki functions
1261fcf3ce4John Forte */
1262fcf3ce4John Forte
1263fcf3ce4John Forte/* CK_FUNCTION_LIST is new for v2.0 */
1264fcf3ce4John Forte
1265fcf3ce4John Fortetypedef CK_RV
1266fcf3ce4John Forte	(CK_PTR ST_C_Initialize)
1267fcf3ce4John Forte	(void *ppFunctionList, CK_SLOT_ID slotID, CK_CHAR_PTR pCorrelator);
1268fcf3ce4John Fortetypedef CK_RV
1269fcf3ce4John Forte	(CK_PTR  ST_C_Finalize)
1270fcf3ce4John Forte	(CK_VOID_PTR pReserved);
1271fcf3ce4John Fortetypedef CK_RV
1272fcf3ce4John Forte	(CK_PTR  ST_C_Terminate)();
1273fcf3ce4John Fortetypedef CK_RV
1274fcf3ce4John Forte	(CK_PTR  ST_C_GetInfo)
1275fcf3ce4John Forte	(CK_INFO_PTR pInfo);
1276fcf3ce4John Fortetypedef CK_RV
1277fcf3ce4John Forte	(CK_PTR  ST_C_GetFunctionList)
1278fcf3ce4John Forte	(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
1279fcf3ce4John Fortetypedef CK_RV
1280fcf3ce4John Forte	(CK_PTR  ST_C_GetSlotList)
1281fcf3ce4John Forte	(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList,
1282fcf3ce4John Forte	CK_ULONG_PTR pusCount);
1283fcf3ce4John Fortetypedef CK_RV
1284fcf3ce4John Forte	(CK_PTR  ST_C_GetSlotInfo)
1285fcf3ce4John Forte	(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo);
1286fcf3ce4John Fortetypedef CK_RV
1287fcf3ce4John Forte	(CK_PTR  ST_C_GetTokenInfo)
1288fcf3ce4John Forte	(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo);
1289fcf3ce4John Fortetypedef CK_RV
1290fcf3ce4John Forte	(CK_PTR  ST_C_GetMechanismList)
1291fcf3ce4John Forte	(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList,
1292fcf3ce4John Forte	CK_ULONG_PTR pusCount);
1293fcf3ce4John Fortetypedef CK_RV
1294fcf3ce4John Forte	(CK_PTR  ST_C_GetMechanismInfo)
1295fcf3ce4John Forte	(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
1296fcf3ce4John Forte	CK_MECHANISM_INFO_PTR pInfo);
1297fcf3ce4John Fortetypedef CK_RV
1298fcf3ce4John Forte	(CK_PTR  ST_C_InitToken)
1299fcf3ce4John Forte	(CK_SLOT_ID slotID, CK_CHAR_PTR pPin, CK_ULONG usPinLen,
1300fcf3ce4John Forte	CK_CHAR_PTR pLabel);
1301fcf3ce4John Fortetypedef CK_RV
1302fcf3ce4John Forte	(CK_PTR  ST_C_InitPIN)
1303fcf3ce4John Forte	(ST_SESSION_T hSession, CK_CHAR_PTR pPin,
1304fcf3ce4John Forte	CK_ULONG usPinLen);
1305fcf3ce4John Fortetypedef CK_RV
1306fcf3ce4John Forte	(CK_PTR  ST_C_SetPIN)
1307fcf3ce4John Forte	(ST_SESSION_T hSession, CK_CHAR_PTR pOldPin,
1308fcf3ce4John Forte	CK_ULONG usOldLen, CK_CHAR_PTR pNewPin,
1309fcf3ce4John Forte	CK_ULONG usNewLen);
1310fcf3ce4John Forte
1311fcf3ce4John Fortetypedef CK_RV
1312fcf3ce4John Forte	(CK_PTR  ST_C_OpenSession)
1313fcf3ce4John Forte	(CK_SLOT_ID slotID, CK_FLAGS flags,
1314fcf3ce4John Forte	CK_SESSION_HANDLE_PTR phSession);
1315fcf3ce4John Forte
1316fcf3ce4John Fortetypedef CK_RV
1317fcf3ce4John Forte	(CK_PTR  ST_C_CloseSession)
1318fcf3ce4John Forte	(ST_SESSION_T hSession);
1319fcf3ce4John Fortetypedef CK_RV
1320fcf3ce4John Forte	(CK_PTR  ST_C_CloseAllSessions)
1321fcf3ce4John Forte	(CK_SLOT_ID slotID);
1322fcf3ce4John Fortetypedef CK_RV
1323fcf3ce4John Forte	(CK_PTR  ST_C_GetSessionInfo)
1324fcf3ce4John Forte	(ST_SESSION_T hSession, CK_SESSION_INFO_PTR pInfo);
1325fcf3ce4John Fortetypedef CK_RV
1326fcf3ce4John Forte	(CK_PTR  ST_C_GetOperationState)
1327fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pOperationState,
1328fcf3ce4John Forte	CK_ULONG_PTR pulOperationStateLen);
1329fcf3ce4John Fortetypedef CK_RV
1330fcf3ce4John Forte	(CK_PTR  ST_C_SetOperationState)
1331fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pOperationState,
1332fcf3ce4John Forte	CK_ULONG ulOperationStateLen,
1333fcf3ce4John Forte	CK_OBJECT_HANDLE hEncryptionKey,
1334fcf3ce4John Forte	CK_OBJECT_HANDLE hAuthenticationKey);
1335fcf3ce4John Fortetypedef CK_RV
1336fcf3ce4John Forte	(CK_PTR  ST_C_Login)(ST_SESSION_T hSession,
1337fcf3ce4John Forte	CK_USER_TYPE userType, CK_CHAR_PTR pPin,
1338fcf3ce4John Forte	CK_ULONG usPinLen);
1339fcf3ce4John Fortetypedef CK_RV
1340fcf3ce4John Forte	(CK_PTR  ST_C_Logout)(ST_SESSION_T hSession);
1341fcf3ce4John Fortetypedef CK_RV
1342fcf3ce4John Forte	(CK_PTR  ST_C_CreateObject)
1343fcf3ce4John Forte	(ST_SESSION_T hSession, CK_ATTRIBUTE_PTR pTemplate,
1344fcf3ce4John Forte	CK_ULONG usCount, CK_OBJECT_HANDLE_PTR phObject);
1345fcf3ce4John Forte
1346fcf3ce4John Fortetypedef CK_RV
1347fcf3ce4John Forte	(CK_PTR  ST_C_CopyObject)
1348fcf3ce4John Forte	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1349fcf3ce4John Forte	CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
1350fcf3ce4John Forte	CK_OBJECT_HANDLE_PTR phNewObject);
1351fcf3ce4John Fortetypedef CK_RV
1352fcf3ce4John Forte	(CK_PTR  ST_C_DestroyObject)
1353fcf3ce4John Forte	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject);
1354fcf3ce4John Fortetypedef CK_RV
1355fcf3ce4John Forte	(CK_PTR  ST_C_GetObjectSize)
1356fcf3ce4John Forte	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1357fcf3ce4John Forte	CK_ULONG_PTR pusSize);
1358fcf3ce4John Fortetypedef CK_RV
1359fcf3ce4John Forte	(CK_PTR  ST_C_GetAttributeValue)
1360fcf3ce4John Forte	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1361fcf3ce4John Forte	CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount);
1362fcf3ce4John Fortetypedef CK_RV
1363fcf3ce4John Forte	(CK_PTR  ST_C_SetAttributeValue)
1364fcf3ce4John Forte	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1365fcf3ce4John Forte	CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount);
1366fcf3ce4John Fortetypedef CK_RV
1367fcf3ce4John Forte	(CK_PTR  ST_C_FindObjectsInit)
1368fcf3ce4John Forte	(ST_SESSION_T hSession, CK_ATTRIBUTE_PTR pTemplate,
1369fcf3ce4John Forte	CK_ULONG usCount);
1370fcf3ce4John Fortetypedef CK_RV
1371fcf3ce4John Forte	(CK_PTR  ST_C_FindObjects)
1372fcf3ce4John Forte	(ST_SESSION_T hSession,
1373fcf3ce4John Forte	CK_OBJECT_HANDLE_PTR phObject, CK_ULONG usMaxObjectCount,
1374fcf3ce4John Forte	CK_ULONG_PTR pusObjectCount);
1375fcf3ce4John Fortetypedef CK_RV
1376fcf3ce4John Forte	(CK_PTR  ST_C_FindObjectsFinal)
1377fcf3ce4John Forte	(ST_SESSION_T hSession);
1378fcf3ce4John Fortetypedef CK_RV
1379fcf3ce4John Forte	(CK_PTR  ST_C_EncryptInit)
1380fcf3ce4John Forte	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1381fcf3ce4John Forte	CK_OBJECT_HANDLE hKey);
1382fcf3ce4John Fortetypedef CK_RV
1383fcf3ce4John Forte	(CK_PTR  ST_C_Encrypt)
1384fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pData,
1385fcf3ce4John Forte	CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
1386fcf3ce4John Forte	CK_ULONG_PTR pusEncryptedDataLen);
1387fcf3ce4John Fortetypedef CK_RV
1388fcf3ce4John Forte	(CK_PTR  ST_C_EncryptUpdate)
1389fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1390fcf3ce4John Forte	CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
1391fcf3ce4John Forte	CK_ULONG_PTR pusEncryptedPartLen);
1392fcf3ce4John Fortetypedef CK_RV
1393fcf3ce4John Forte	(CK_PTR  ST_C_EncryptFinal)
1394fcf3ce4John Forte	(ST_SESSION_T hSession,
1395fcf3ce4John Forte	CK_BYTE_PTR pLastEncryptedPart,
1396fcf3ce4John Forte	CK_ULONG_PTR pusLastEncryptedPartLen);
1397fcf3ce4John Fortetypedef CK_RV
1398fcf3ce4John Forte	(CK_PTR  ST_C_DecryptInit)
1399fcf3ce4John Forte	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1400fcf3ce4John Forte	CK_OBJECT_HANDLE hKey);
1401fcf3ce4John Fortetypedef CK_RV
1402fcf3ce4John Forte	(CK_PTR  ST_C_Decrypt)
1403fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedData,
1404fcf3ce4John Forte	CK_ULONG usEncryptedDataLen, CK_BYTE_PTR pData,
1405fcf3ce4John Forte	CK_ULONG_PTR pusDataLen);
1406fcf3ce4John Fortetypedef CK_RV
1407fcf3ce4John Forte	(CK_PTR  ST_C_DecryptUpdate)
1408fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedPart,
1409fcf3ce4John Forte	CK_ULONG usEncryptedPartLen, CK_BYTE_PTR pPart,
1410fcf3ce4John Forte	CK_ULONG_PTR pusPartLen);
1411fcf3ce4John Fortetypedef CK_RV
1412fcf3ce4John Forte	(CK_PTR  ST_C_DecryptFinal)
1413fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pLastPart,
1414fcf3ce4John Forte	CK_ULONG_PTR pusLastPartLen);
1415fcf3ce4John Fortetypedef CK_RV
1416fcf3ce4John Forte	(CK_PTR  ST_C_DigestInit)
1417fcf3ce4John Forte	(ST_SESSION_T hSession,
1418fcf3ce4John Forte	CK_MECHANISM_PTR pMechanism);
1419fcf3ce4John Fortetypedef CK_RV
1420fcf3ce4John Forte	(CK_PTR  ST_C_Digest)
1421fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pData,
1422fcf3ce4John Forte	CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
1423fcf3ce4John Forte	CK_ULONG_PTR pusDigestLen);
1424fcf3ce4John Fortetypedef CK_RV
1425fcf3ce4John Forte	(CK_PTR  ST_C_DigestUpdate)
1426fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1427fcf3ce4John Forte	CK_ULONG usPartLen);
1428fcf3ce4John Fortetypedef CK_RV
1429fcf3ce4John Forte	(CK_PTR  ST_C_DigestKey)
1430fcf3ce4John Forte	(ST_SESSION_T hSession, CK_OBJECT_HANDLE hKey);
1431fcf3ce4John Fortetypedef CK_RV
1432fcf3ce4John Forte	(CK_PTR  ST_C_DigestFinal)
1433fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pDigest,
1434fcf3ce4John Forte	CK_ULONG_PTR pusDigestLen);
1435fcf3ce4John Fortetypedef CK_RV
1436fcf3ce4John Forte	(CK_PTR  ST_C_SignInit)
1437fcf3ce4John Forte	(ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1438fcf3ce4John Forte	CK_OBJECT_HANDLE hKey);
1439fcf3ce4John Fortetypedef CK_RV
1440fcf3ce4John Forte	(CK_PTR  ST_C_Sign)
1441fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pData,
1442fcf3ce4John Forte	CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
1443fcf3ce4John Forte	CK_ULONG_PTR pusSignatureLen);
1444fcf3ce4John Fortetypedef CK_RV
1445fcf3ce4John Forte	(CK_PTR  ST_C_SignUpdate)
1446fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1447fcf3ce4John Forte	CK_ULONG usPartLen);
1448fcf3ce4John Fortetypedef CK_RV
1449fcf3ce4John Forte	(CK_PTR  ST_C_SignFinal)
1450fcf3ce4John Forte	(ST_SESSION_T hSession, CK_BYTE_PTR pSignature,
1451fcf3ce4John Forte	CK_ULONG_PTR pusSigna