1*b106467fSJason King /* Copyright (c) OASIS Open 2016. All Rights Reserved./
2*b106467fSJason King  * /Distributed under the terms of the OASIS IPR Policy,
3*b106467fSJason King  * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
4*b106467fSJason King  * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
5*b106467fSJason King  * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
6*b106467fSJason King  */
77c478bd9Sstevel@tonic-gate 
8*b106467fSJason King /* Latest version of the specification:
9*b106467fSJason King  * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
107c478bd9Sstevel@tonic-gate  */
117c478bd9Sstevel@tonic-gate 
127c478bd9Sstevel@tonic-gate /* See top of pkcs11.h for information about the macros that
137c478bd9Sstevel@tonic-gate  * must be defined and the structure-packing conventions that
14*b106467fSJason King  * must be set before including this file.
15*b106467fSJason King  */
167c478bd9Sstevel@tonic-gate 
177c478bd9Sstevel@tonic-gate #ifndef _PKCS11T_H_
187c478bd9Sstevel@tonic-gate #define _PKCS11T_H_ 1
197c478bd9Sstevel@tonic-gate 
20*b106467fSJason King #define CRYPTOKI_VERSION_MAJOR          2
21*b106467fSJason King #define CRYPTOKI_VERSION_MINOR          40
22*b106467fSJason King #define CRYPTOKI_VERSION_AMENDMENT      0
231e9884acSmcpowers 
24*b106467fSJason King #define CK_TRUE         1
25*b106467fSJason King #define CK_FALSE        0
26f66d273dSizick 
277c478bd9Sstevel@tonic-gate #ifndef CK_DISABLE_TRUE_FALSE
287c478bd9Sstevel@tonic-gate #ifndef FALSE
29f66d273dSizick #define FALSE CK_FALSE
307c478bd9Sstevel@tonic-gate #endif
317c478bd9Sstevel@tonic-gate #ifndef TRUE
32f66d273dSizick #define TRUE CK_TRUE
337c478bd9Sstevel@tonic-gate #endif
347c478bd9Sstevel@tonic-gate #endif
357c478bd9Sstevel@tonic-gate 
367c478bd9Sstevel@tonic-gate /* an unsigned 8-bit value */
377c478bd9Sstevel@tonic-gate typedef unsigned char     CK_BYTE;
387c478bd9Sstevel@tonic-gate 
397c478bd9Sstevel@tonic-gate /* an unsigned 8-bit character */
407c478bd9Sstevel@tonic-gate typedef CK_BYTE           CK_CHAR;
417c478bd9Sstevel@tonic-gate 
427c478bd9Sstevel@tonic-gate /* an 8-bit UTF-8 character */
437c478bd9Sstevel@tonic-gate typedef CK_BYTE           CK_UTF8CHAR;
447c478bd9Sstevel@tonic-gate 
457c478bd9Sstevel@tonic-gate /* a BYTE-sized Boolean flag */
467c478bd9Sstevel@tonic-gate typedef CK_BYTE           CK_BBOOL;
477c478bd9Sstevel@tonic-gate 
487c478bd9Sstevel@tonic-gate /* an unsigned value, at least 32 bits long */
497c478bd9Sstevel@tonic-gate typedef unsigned long int CK_ULONG;
507c478bd9Sstevel@tonic-gate 
517c478bd9Sstevel@tonic-gate /* a signed value, the same size as a CK_ULONG */
527c478bd9Sstevel@tonic-gate typedef long int          CK_LONG;
537c478bd9Sstevel@tonic-gate 
547c478bd9Sstevel@tonic-gate /* at least 32 bits; each bit is a Boolean flag */
557c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_FLAGS;
567c478bd9Sstevel@tonic-gate 
577c478bd9Sstevel@tonic-gate 
587c478bd9Sstevel@tonic-gate /* some special values for certain CK_ULONG variables */
59*b106467fSJason King #define CK_UNAVAILABLE_INFORMATION      (~0UL)
60*b106467fSJason King #define CK_EFFECTIVELY_INFINITE         0UL
617c478bd9Sstevel@tonic-gate 
627c478bd9Sstevel@tonic-gate 
637c478bd9Sstevel@tonic-gate typedef CK_BYTE     CK_PTR   CK_BYTE_PTR;
647c478bd9Sstevel@tonic-gate typedef CK_CHAR     CK_PTR   CK_CHAR_PTR;
657c478bd9Sstevel@tonic-gate typedef CK_UTF8CHAR CK_PTR   CK_UTF8CHAR_PTR;
667c478bd9Sstevel@tonic-gate typedef CK_ULONG    CK_PTR   CK_ULONG_PTR;
677c478bd9Sstevel@tonic-gate typedef void        CK_PTR   CK_VOID_PTR;
687c478bd9Sstevel@tonic-gate 
697c478bd9Sstevel@tonic-gate /* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
707c478bd9Sstevel@tonic-gate typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
717c478bd9Sstevel@tonic-gate 
727c478bd9Sstevel@tonic-gate 
73*b106467fSJason King /* The following value is always invalid if used as a session
74*b106467fSJason King  * handle or object handle
75*b106467fSJason King  */
76*b106467fSJason King #define CK_INVALID_HANDLE       0UL
777c478bd9Sstevel@tonic-gate 
787c478bd9Sstevel@tonic-gate 
797c478bd9Sstevel@tonic-gate typedef struct CK_VERSION {
807c478bd9Sstevel@tonic-gate   CK_BYTE       major;  /* integer portion of version number */
817c478bd9Sstevel@tonic-gate   CK_BYTE       minor;  /* 1/100ths portion of version number */
827c478bd9Sstevel@tonic-gate } CK_VERSION;
837c478bd9Sstevel@tonic-gate 
847c478bd9Sstevel@tonic-gate typedef CK_VERSION CK_PTR CK_VERSION_PTR;
857c478bd9Sstevel@tonic-gate 
867c478bd9Sstevel@tonic-gate 
877c478bd9Sstevel@tonic-gate typedef struct CK_INFO {
887c478bd9Sstevel@tonic-gate   CK_VERSION    cryptokiVersion;     /* Cryptoki interface ver */
897c478bd9Sstevel@tonic-gate   CK_UTF8CHAR   manufacturerID[32];  /* blank padded */
907c478bd9Sstevel@tonic-gate   CK_FLAGS      flags;               /* must be zero */
917c478bd9Sstevel@tonic-gate   CK_UTF8CHAR   libraryDescription[32];  /* blank padded */
927c478bd9Sstevel@tonic-gate   CK_VERSION    libraryVersion;          /* version of library */
937c478bd9Sstevel@tonic-gate } CK_INFO;
947c478bd9Sstevel@tonic-gate 
957c478bd9Sstevel@tonic-gate typedef CK_INFO CK_PTR    CK_INFO_PTR;
967c478bd9Sstevel@tonic-gate 
977c478bd9Sstevel@tonic-gate 
987c478bd9Sstevel@tonic-gate /* CK_NOTIFICATION enumerates the types of notifications that
99*b106467fSJason King  * Cryptoki provides to an application
100*b106467fSJason King  */
1017c478bd9Sstevel@tonic-gate typedef CK_ULONG CK_NOTIFICATION;
102*b106467fSJason King #define CKN_SURRENDER           0UL
103*b106467fSJason King #define CKN_OTP_CHANGED         1UL
1047c478bd9Sstevel@tonic-gate 
1057c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_SLOT_ID;
1067c478bd9Sstevel@tonic-gate 
1077c478bd9Sstevel@tonic-gate typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
1087c478bd9Sstevel@tonic-gate 
1097c478bd9Sstevel@tonic-gate 
1107c478bd9Sstevel@tonic-gate /* CK_SLOT_INFO provides information about a slot */
1117c478bd9Sstevel@tonic-gate typedef struct CK_SLOT_INFO {
1127c478bd9Sstevel@tonic-gate   CK_UTF8CHAR   slotDescription[64];  /* blank padded */
1137c478bd9Sstevel@tonic-gate   CK_UTF8CHAR   manufacturerID[32];   /* blank padded */
1147c478bd9Sstevel@tonic-gate   CK_FLAGS      flags;
1157c478bd9Sstevel@tonic-gate 
1167c478bd9Sstevel@tonic-gate   CK_VERSION    hardwareVersion;  /* version of hardware */
1177c478bd9Sstevel@tonic-gate   CK_VERSION    firmwareVersion;  /* version of firmware */
1187c478bd9Sstevel@tonic-gate } CK_SLOT_INFO;
1197c478bd9Sstevel@tonic-gate 
1207c478bd9Sstevel@tonic-gate /* flags: bit flags that provide capabilities of the slot
1217c478bd9Sstevel@tonic-gate  *      Bit Flag              Mask        Meaning
1227c478bd9Sstevel@tonic-gate  */
123*b106467fSJason King #define CKF_TOKEN_PRESENT     0x00000001UL  /* a token is there */
124*b106467fSJason King #define CKF_REMOVABLE_DEVICE  0x00000002UL  /* removable devices*/
125*b106467fSJason King #define CKF_HW_SLOT           0x00000004UL  /* hardware slot */
1267c478bd9Sstevel@tonic-gate 
1277c478bd9Sstevel@tonic-gate typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
1287c478bd9Sstevel@tonic-gate 
1297c478bd9Sstevel@tonic-gate 
1307c478bd9Sstevel@tonic-gate /* CK_TOKEN_INFO provides information about a token */
1317c478bd9Sstevel@tonic-gate typedef struct CK_TOKEN_INFO {
1327c478bd9Sstevel@tonic-gate   CK_UTF8CHAR   label[32];           /* blank padded */
1337c478bd9Sstevel@tonic-gate   CK_UTF8CHAR   manufacturerID[32];  /* blank padded */
1347c478bd9Sstevel@tonic-gate   CK_UTF8CHAR   model[16];           /* blank padded */
1357c478bd9Sstevel@tonic-gate   CK_CHAR       serialNumber[16];    /* blank padded */
1367c478bd9Sstevel@tonic-gate   CK_FLAGS      flags;               /* see below */
1377c478bd9Sstevel@tonic-gate 
1387c478bd9Sstevel@tonic-gate   CK_ULONG      ulMaxSessionCount;     /* max open sessions */
1397c478bd9Sstevel@tonic-gate   CK_ULONG      ulSessionCount;        /* sess. now open */
1407c478bd9Sstevel@tonic-gate   CK_ULONG      ulMaxRwSessionCount;   /* max R/W sessions */
1417c478bd9Sstevel@tonic-gate   CK_ULONG      ulRwSessionCount;      /* R/W sess. now open */
1427c478bd9Sstevel@tonic-gate   CK_ULONG      ulMaxPinLen;           /* in bytes */
1437c478bd9Sstevel@tonic-gate   CK_ULONG      ulMinPinLen;           /* in bytes */
1447c478bd9Sstevel@tonic-gate   CK_ULONG      ulTotalPublicMemory;   /* in bytes */
1457c478bd9Sstevel@tonic-gate   CK_ULONG      ulFreePublicMemory;    /* in bytes */
1467c478bd9Sstevel@tonic-gate   CK_ULONG      ulTotalPrivateMemory;  /* in bytes */
1477c478bd9Sstevel@tonic-gate   CK_ULONG      ulFreePrivateMemory;   /* in bytes */
1487c478bd9Sstevel@tonic-gate   CK_VERSION    hardwareVersion;       /* version of hardware */
1497c478bd9Sstevel@tonic-gate   CK_VERSION    firmwareVersion;       /* version of firmware */
1507c478bd9Sstevel@tonic-gate   CK_CHAR       utcTime[16];           /* time */
1517c478bd9Sstevel@tonic-gate } CK_TOKEN_INFO;
1527c478bd9Sstevel@tonic-gate 
1537c478bd9Sstevel@tonic-gate /* The flags parameter is defined as follows:
154f66d273dSizick  *      Bit Flag                    Mask        Meaning
1557c478bd9Sstevel@tonic-gate  */
156*b106467fSJason King #define CKF_RNG                     0x00000001UL  /* has random # generator */
157*b106467fSJason King #define CKF_WRITE_PROTECTED         0x00000002UL  /* token is write-protected */
158*b106467fSJason King #define CKF_LOGIN_REQUIRED          0x00000004UL  /* user must login */
159*b106467fSJason King #define CKF_USER_PIN_INITIALIZED    0x00000008UL  /* normal user's PIN is set */
160*b106467fSJason King 
161*b106467fSJason King /* CKF_RESTORE_KEY_NOT_NEEDED.  If it is set,
1627c478bd9Sstevel@tonic-gate  * that means that *every* time the state of cryptographic
1637c478bd9Sstevel@tonic-gate  * operations of a session is successfully saved, all keys
164*b106467fSJason King  * needed to continue those operations are stored in the state
165*b106467fSJason King  */
166*b106467fSJason King #define CKF_RESTORE_KEY_NOT_NEEDED  0x00000020UL
1677c478bd9Sstevel@tonic-gate 
168*b106467fSJason King /* CKF_CLOCK_ON_TOKEN.  If it is set, that means
1697c478bd9Sstevel@tonic-gate  * that the token has some sort of clock.  The time on that
170*b106467fSJason King  * clock is returned in the token info structure
171*b106467fSJason King  */
172*b106467fSJason King #define CKF_CLOCK_ON_TOKEN          0x00000040UL
1737c478bd9Sstevel@tonic-gate 
174*b106467fSJason King /* CKF_PROTECTED_AUTHENTICATION_PATH.  If it is
1757c478bd9Sstevel@tonic-gate  * set, that means that there is some way for the user to login
176*b106467fSJason King  * without sending a PIN through the Cryptoki library itself
177*b106467fSJason King  */
178*b106467fSJason King #define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100UL
1797c478bd9Sstevel@tonic-gate 
180*b106467fSJason King /* CKF_DUAL_CRYPTO_OPERATIONS.  If it is true,
1817c478bd9Sstevel@tonic-gate  * that means that a single session with the token can perform
1827c478bd9Sstevel@tonic-gate  * dual simultaneous cryptographic operations (digest and
1837c478bd9Sstevel@tonic-gate  * encrypt; decrypt and digest; sign and encrypt; and decrypt
184*b106467fSJason King  * and sign)
185*b106467fSJason King  */
186*b106467fSJason King #define CKF_DUAL_CRYPTO_OPERATIONS  0x00000200UL
1877c478bd9Sstevel@tonic-gate 
188*b106467fSJason King /* CKF_TOKEN_INITIALIZED. If it is true, the
189f66d273dSizick  * token has been initialized using C_InitializeToken or an
1907c478bd9Sstevel@tonic-gate  * equivalent mechanism outside the scope of PKCS #11.
191f66d273dSizick  * Calling C_InitializeToken when this flag is set will cause
192*b106467fSJason King  * the token to be reinitialized.
193*b106467fSJason King  */
194*b106467fSJason King #define CKF_TOKEN_INITIALIZED       0x00000400UL
1957c478bd9Sstevel@tonic-gate 
196*b106467fSJason King /* CKF_SECONDARY_AUTHENTICATION. If it is
197f66d273dSizick  * true, the token supports secondary authentication for
198*b106467fSJason King  * private key objects.
199*b106467fSJason King  */
200*b106467fSJason King #define CKF_SECONDARY_AUTHENTICATION  0x00000800UL
2017c478bd9Sstevel@tonic-gate 
202*b106467fSJason King /* CKF_USER_PIN_COUNT_LOW. If it is true, an
203f66d273dSizick  * incorrect user login PIN has been entered at least once
204*b106467fSJason King  * since the last successful authentication.
205*b106467fSJason King  */
206*b106467fSJason King #define CKF_USER_PIN_COUNT_LOW       0x00010000UL
2077c478bd9Sstevel@tonic-gate 
208*b106467fSJason King /* CKF_USER_PIN_FINAL_TRY. If it is true,
209*b106467fSJason King  * supplying an incorrect user PIN will it to become locked.
210*b106467fSJason King  */
211*b106467fSJason King #define CKF_USER_PIN_FINAL_TRY       0x00020000UL
2127c478bd9Sstevel@tonic-gate 
213*b106467fSJason King /* CKF_USER_PIN_LOCKED. If it is true, the
214f66d273dSizick  * user PIN has been locked. User login to the token is not
215*b106467fSJason King  * possible.
216*b106467fSJason King  */
217*b106467fSJason King #define CKF_USER_PIN_LOCKED          0x00040000UL
2187c478bd9Sstevel@tonic-gate 
219*b106467fSJason King /* CKF_USER_PIN_TO_BE_CHANGED. If it is true,
220f66d273dSizick  * the user PIN value is the default value set by token
2217c478bd9Sstevel@tonic-gate  * initialization or manufacturing, or the PIN has been
222*b106467fSJason King  * expired by the card.
223*b106467fSJason King  */
224*b106467fSJason King #define CKF_USER_PIN_TO_BE_CHANGED   0x00080000UL
2257c478bd9Sstevel@tonic-gate 
226*b106467fSJason King /* CKF_SO_PIN_COUNT_LOW. If it is true, an
227f66d273dSizick  * incorrect SO login PIN has been entered at least once since
228*b106467fSJason King  * the last successful authentication.
229*b106467fSJason King  */
230*b106467fSJason King #define CKF_SO_PIN_COUNT_LOW         0x00100000UL
2317c478bd9Sstevel@tonic-gate 
232*b106467fSJason King /* CKF_SO_PIN_FINAL_TRY. If it is true,
233*b106467fSJason King  * supplying an incorrect SO PIN will it to become locked.
234*b106467fSJason King  */
235*b106467fSJason King #define CKF_SO_PIN_FINAL_TRY         0x00200000UL
2367c478bd9Sstevel@tonic-gate 
237*b106467fSJason King /* CKF_SO_PIN_LOCKED. If it is true, the SO
2387c478bd9Sstevel@tonic-gate  * PIN has been locked. SO login to the token is not possible.
2397c478bd9Sstevel@tonic-gate  */
240*b106467fSJason King #define CKF_SO_PIN_LOCKED            0x00400000UL
2417c478bd9Sstevel@tonic-gate 
242*b106467fSJason King /* CKF_SO_PIN_TO_BE_CHANGED. If it is true,
243f66d273dSizick  * the SO PIN value is the default value set by token
2447c478bd9Sstevel@tonic-gate  * initialization or manufacturing, or the PIN has been
245*b106467fSJason King  * expired by the card.
246*b106467fSJason King  */
247*b106467fSJason King #define CKF_SO_PIN_TO_BE_CHANGED     0x00800000UL
248*b106467fSJason King 
249*b106467fSJason King #define CKF_ERROR_STATE              0x01000000UL
2507c478bd9Sstevel@tonic-gate 
2517c478bd9Sstevel@tonic-gate typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
2527c478bd9Sstevel@tonic-gate 
2537c478bd9Sstevel@tonic-gate 
2547c478bd9Sstevel@tonic-gate /* CK_SESSION_HANDLE is a Cryptoki-assigned value that
255*b106467fSJason King  * identifies a session
256*b106467fSJason King  */
2577c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_SESSION_HANDLE;
2587c478bd9Sstevel@tonic-gate 
259f66d273dSizick typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
2607c478bd9Sstevel@tonic-gate 
2617c478bd9Sstevel@tonic-gate 
2627c478bd9Sstevel@tonic-gate /* CK_USER_TYPE enumerates the types of Cryptoki users */
2637c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_USER_TYPE;
2647c478bd9Sstevel@tonic-gate /* Security Officer */
265*b106467fSJason King #define CKU_SO                  0UL
2667c478bd9Sstevel@tonic-gate /* Normal user */
267*b106467fSJason King #define CKU_USER                1UL
268*b106467fSJason King /* Context specific */
269*b106467fSJason King #define CKU_CONTEXT_SPECIFIC    2UL
2707c478bd9Sstevel@tonic-gate 
2717c478bd9Sstevel@tonic-gate /* CK_STATE enumerates the session states */
2727c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_STATE;
273*b106467fSJason King #define CKS_RO_PUBLIC_SESSION   0UL
274*b106467fSJason King #define CKS_RO_USER_FUNCTIONS   1UL
275*b106467fSJason King #define CKS_RW_PUBLIC_SESSION   2UL
276*b106467fSJason King #define CKS_RW_USER_FUNCTIONS   3UL
277*b106467fSJason King #define CKS_RW_SO_FUNCTIONS     4UL
2787c478bd9Sstevel@tonic-gate 
2797c478bd9Sstevel@tonic-gate /* CK_SESSION_INFO provides information about a session */
2807c478bd9Sstevel@tonic-gate typedef struct CK_SESSION_INFO {
2817c478bd9Sstevel@tonic-gate   CK_SLOT_ID    slotID;
2827c478bd9Sstevel@tonic-gate   CK_STATE      state;
2837c478bd9Sstevel@tonic-gate   CK_FLAGS      flags;          /* see below */
2847c478bd9Sstevel@tonic-gate   CK_ULONG      ulDeviceError;  /* device-dependent error code */
2857c478bd9Sstevel@tonic-gate } CK_SESSION_INFO;
2867c478bd9Sstevel@tonic-gate 
2877c478bd9Sstevel@tonic-gate /* The flags are defined in the following table:
2887c478bd9Sstevel@tonic-gate  *      Bit Flag                Mask        Meaning
2897c478bd9Sstevel@tonic-gate  */
290*b106467fSJason King #define CKF_RW_SESSION          0x00000002UL /* session is r/w */
291*b106467fSJason King #define CKF_SERIAL_SESSION      0x00000004UL /* no parallel    */
2927c478bd9Sstevel@tonic-gate 
2937c478bd9Sstevel@tonic-gate typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
2947c478bd9Sstevel@tonic-gate 
2957c478bd9Sstevel@tonic-gate 
2967c478bd9Sstevel@tonic-gate /* CK_OBJECT_HANDLE is a token-specific identifier for an
297*b106467fSJason King  * object
298*b106467fSJason King  */
2997c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_OBJECT_HANDLE;
3007c478bd9Sstevel@tonic-gate 
3017c478bd9Sstevel@tonic-gate typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
3027c478bd9Sstevel@tonic-gate 
3037c478bd9Sstevel@tonic-gate 
3047c478bd9Sstevel@tonic-gate /* CK_OBJECT_CLASS is a value that identifies the classes (or
3057c478bd9Sstevel@tonic-gate  * types) of objects that Cryptoki recognizes.  It is defined
306*b106467fSJason King  * as follows:
307*b106467fSJason King  */
3087c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_OBJECT_CLASS;
3097c478bd9Sstevel@tonic-gate 
3107c478bd9Sstevel@tonic-gate /* The following classes of objects are defined: */
311*b106467fSJason King #define CKO_DATA              0x00000000UL
312*b106467fSJason King #define CKO_CERTIFICATE       0x00000001UL
313*b106467fSJason King #define CKO_PUBLIC_KEY        0x00000002UL
314*b106467fSJason King #define CKO_PRIVATE_KEY       0x00000003UL
315*b106467fSJason King #define CKO_SECRET_KEY        0x00000004UL
316*b106467fSJason King #define CKO_HW_FEATURE        0x00000005UL
317*b106467fSJason King #define CKO_DOMAIN_PARAMETERS 0x00000006UL
318*b106467fSJason King #define CKO_MECHANISM         0x00000007UL
319*b106467fSJason King #define CKO_OTP_KEY           0x00000008UL
320*b106467fSJason King 
321*b106467fSJason King #define CKO_VENDOR_DEFINED    0x80000000UL
3227c478bd9Sstevel@tonic-gate 
3237c478bd9Sstevel@tonic-gate typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
3247c478bd9Sstevel@tonic-gate 
325*b106467fSJason King /* CK_HW_FEATURE_TYPE is a value that identifies the hardware feature type
326*b106467fSJason King  * of an object with CK_OBJECT_CLASS equal to CKO_HW_FEATURE.
327*b106467fSJason King  */
3287c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_HW_FEATURE_TYPE;
329f66d273dSizick 
3307c478bd9Sstevel@tonic-gate /* The following hardware feature types are defined */
331*b106467fSJason King #define CKH_MONOTONIC_COUNTER  0x00000001UL
332*b106467fSJason King #define CKH_CLOCK              0x00000002UL
333*b106467fSJason King #define CKH_USER_INTERFACE     0x00000003UL
334*b106467fSJason King #define CKH_VENDOR_DEFINED     0x80000000UL
3357c478bd9Sstevel@tonic-gate 
3367c478bd9Sstevel@tonic-gate /* CK_KEY_TYPE is a value that identifies a key type */
3377c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_KEY_TYPE;
3387c478bd9Sstevel@tonic-gate 
3397c478bd9Sstevel@tonic-gate /* the following key types are defined: */
340*b106467fSJason King #define CKK_RSA                 0x00000000UL
341*b106467fSJason King #define CKK_DSA                 0x00000001UL
342*b106467fSJason King #define CKK_DH                  0x00000002UL
343*b106467fSJason King #define CKK_ECDSA               0x00000003UL /* Deprecated */
344*b106467fSJason King #define CKK_EC                  0x00000003UL
345*b106467fSJason King #define CKK_X9_42_DH            0x00000004UL
346*b106467fSJason King #define CKK_KEA                 0x00000005UL
347*b106467fSJason King #define CKK_GENERIC_SECRET      0x00000010UL
348*b106467fSJason King #define CKK_RC2                 0x00000011UL
349*b106467fSJason King #define CKK_RC4                 0x00000012UL
350*b106467fSJason King #define CKK_DES                 0x00000013UL
351*b106467fSJason King #define CKK_DES2                0x00000014UL
352*b106467fSJason King #define CKK_DES3                0x00000015UL
353*b106467fSJason King #define CKK_CAST                0x00000016UL
354*b106467fSJason King #define CKK_CAST3               0x00000017UL
355*b106467fSJason King #define CKK_CAST5               0x00000018UL /* Deprecated */
356*b106467fSJason King #define CKK_CAST128             0x00000018UL
357*b106467fSJason King #define CKK_RC5                 0x00000019UL
358*b106467fSJason King #define CKK_IDEA                0x0000001AUL
359*b106467fSJason King #define CKK_SKIPJACK            0x0000001BUL
360*b106467fSJason King #define CKK_BATON               0x0000001CUL
361*b106467fSJason King #define CKK_JUNIPER             0x0000001DUL
362*b106467fSJason King #define CKK_CDMF                0x0000001EUL
363*b106467fSJason King #define CKK_AES                 0x0000001FUL
364*b106467fSJason King #define CKK_BLOWFISH            0x00000020UL
365*b106467fSJason King #define CKK_TWOFISH             0x00000021UL
366*b106467fSJason King #define CKK_SECURID             0x00000022UL
367*b106467fSJason King #define CKK_HOTP                0x00000023UL
368*b106467fSJason King #define CKK_ACTI                0x00000024UL
369*b106467fSJason King #define CKK_CAMELLIA            0x00000025UL
370*b106467fSJason King #define CKK_ARIA                0x00000026UL
371*b106467fSJason King 
372*b106467fSJason King #define CKK_MD5_HMAC            0x00000027UL
373*b106467fSJason King #define CKK_SHA_1_HMAC          0x00000028UL
374*b106467fSJason King #define CKK_RIPEMD128_HMAC      0x00000029UL
375*b106467fSJason King #define CKK_RIPEMD160_HMAC      0x0000002AUL
376*b106467fSJason King #define CKK_SHA256_HMAC         0x0000002BUL
377*b106467fSJason King #define CKK_SHA384_HMAC         0x0000002CUL
378*b106467fSJason King #define CKK_SHA512_HMAC         0x0000002DUL
379*b106467fSJason King #define CKK_SHA224_HMAC         0x0000002EUL
380*b106467fSJason King 
381*b106467fSJason King #define CKK_SEED                0x0000002FUL
382*b106467fSJason King #define CKK_GOSTR3410           0x00000030UL
383*b106467fSJason King #define CKK_GOSTR3411           0x00000031UL
384*b106467fSJason King #define CKK_GOST28147           0x00000032UL
385*b106467fSJason King 
386*b106467fSJason King 
387*b106467fSJason King 
388*b106467fSJason King #define CKK_VENDOR_DEFINED      0x80000000UL
3897c478bd9Sstevel@tonic-gate 
3907c478bd9Sstevel@tonic-gate 
3917c478bd9Sstevel@tonic-gate /* CK_CERTIFICATE_TYPE is a value that identifies a certificate
392*b106467fSJason King  * type
393*b106467fSJason King  */
3947c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_CERTIFICATE_TYPE;
3957c478bd9Sstevel@tonic-gate 
396*b106467fSJason King #define CK_CERTIFICATE_CATEGORY_UNSPECIFIED     0UL
397*b106467fSJason King #define CK_CERTIFICATE_CATEGORY_TOKEN_USER      1UL
398*b106467fSJason King #define CK_CERTIFICATE_CATEGORY_AUTHORITY       2UL
399*b106467fSJason King #define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY    3UL
400*b106467fSJason King 
401*b106467fSJason King #define CK_SECURITY_DOMAIN_UNSPECIFIED     0UL
402*b106467fSJason King #define CK_SECURITY_DOMAIN_MANUFACTURER    1UL
403*b106467fSJason King #define CK_SECURITY_DOMAIN_OPERATOR        2UL
404*b106467fSJason King #define CK_SECURITY_DOMAIN_THIRD_PARTY     3UL
405*b106467fSJason King 
406*b106467fSJason King 
4077c478bd9Sstevel@tonic-gate /* The following certificate types are defined: */
408*b106467fSJason King #define CKC_X_509               0x00000000UL
409*b106467fSJason King #define CKC_X_509_ATTR_CERT     0x00000001UL
410*b106467fSJason King #define CKC_WTLS                0x00000002UL
411*b106467fSJason King #define CKC_VENDOR_DEFINED      0x80000000UL
4127c478bd9Sstevel@tonic-gate 
4137c478bd9Sstevel@tonic-gate 
4147c478bd9Sstevel@tonic-gate /* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
415*b106467fSJason King  * type
416*b106467fSJason King  */
4177c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_ATTRIBUTE_TYPE;
4187c478bd9Sstevel@tonic-gate 
419f66d273dSizick /* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which
420*b106467fSJason King  * consists of an array of values.
421*b106467fSJason King  */
422*b106467fSJason King #define CKF_ARRAY_ATTRIBUTE     0x40000000UL
423*b106467fSJason King 
424*b106467fSJason King /* The following OTP-related defines relate to the CKA_OTP_FORMAT attribute */
425*b106467fSJason King #define CK_OTP_FORMAT_DECIMAL           0UL
426*b106467fSJason King #define CK_OTP_FORMAT_HEXADECIMAL       1UL
427*b106467fSJason King #define CK_OTP_FORMAT_ALPHANUMERIC      2UL
428*b106467fSJason King #define CK_OTP_FORMAT_BINARY            3UL
429*b106467fSJason King 
430*b106467fSJason King /* The following OTP-related defines relate to the CKA_OTP_..._REQUIREMENT
431*b106467fSJason King  * attributes
432*b106467fSJason King  */
433*b106467fSJason King #define CK_OTP_PARAM_IGNORED            0UL
434*b106467fSJason King #define CK_OTP_PARAM_OPTIONAL           1UL
435*b106467fSJason King #define CK_OTP_PARAM_MANDATORY          2UL
4361e9884acSmcpowers 
4377c478bd9Sstevel@tonic-gate /* The following attribute types are defined: */
438*b106467fSJason King #define CKA_CLASS              0x00000000UL
439*b106467fSJason King #define CKA_TOKEN              0x00000001UL
440*b106467fSJason King #define CKA_PRIVATE            0x00000002UL
441*b106467fSJason King #define CKA_LABEL              0x00000003UL
442*b106467fSJason King #define CKA_APPLICATION        0x00000010UL
443*b106467fSJason King #define CKA_VALUE              0x00000011UL
444*b106467fSJason King #define CKA_OBJECT_ID          0x00000012UL
445*b106467fSJason King #define CKA_CERTIFICATE_TYPE   0x00000080UL
446*b106467fSJason King #define CKA_ISSUER             0x00000081UL
447*b106467fSJason King #define CKA_SERIAL_NUMBER      0x00000082UL
448*b106467fSJason King #define CKA_AC_ISSUER          0x00000083UL
449*b106467fSJason King #define CKA_OWNER              0x00000084UL
450*b106467fSJason King #define CKA_ATTR_TYPES         0x00000085UL
451*b106467fSJason King #define CKA_TRUSTED            0x00000086UL
452*b106467fSJason King #define CKA_CERTIFICATE_CATEGORY        0x00000087UL
453*b106467fSJason King #define CKA_JAVA_MIDP_SECURITY_DOMAIN   0x00000088UL
454*b106467fSJason King #define CKA_URL                         0x00000089UL
455*b106467fSJason King #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY  0x0000008AUL
456*b106467fSJason King #define CKA_HASH_OF_ISSUER_PUBLIC_KEY   0x0000008BUL
457*b106467fSJason King #define CKA_NAME_HASH_ALGORITHM         0x0000008CUL
458*b106467fSJason King #define CKA_CHECK_VALUE                 0x00000090UL
459*b106467fSJason King 
460*b106467fSJason King #define CKA_KEY_TYPE           0x00000100UL
461*b106467fSJason King #define CKA_SUBJECT            0x00000101UL
462*b106467fSJason King #define CKA_ID                 0x00000102UL
463*b106467fSJason King #define CKA_SENSITIVE          0x00000103UL
464*b106467fSJason King #define CKA_ENCRYPT            0x00000104UL
465*b106467fSJason King #define CKA_DECRYPT            0x00000105UL
466*b106467fSJason King #define CKA_WRAP               0x00000106UL
467*b106467fSJason King #define CKA_UNWRAP             0x00000107UL
468*b106467fSJason King #define CKA_SIGN               0x00000108UL
469*b106467fSJason King #define CKA_SIGN_RECOVER       0x00000109UL
470*b106467fSJason King #define CKA_VERIFY             0x0000010AUL
471*b106467fSJason King #define CKA_VERIFY_RECOVER     0x0000010BUL
472*b106467fSJason King #define CKA_DERIVE             0x0000010CUL
473*b106467fSJason King #define CKA_START_DATE         0x00000110UL
474*b106467fSJason King #define CKA_END_DATE           0x00000111UL
475*b106467fSJason King #define CKA_MODULUS            0x00000120UL
476*b106467fSJason King #define CKA_MODULUS_BITS       0x00000121UL
477*b106467fSJason King #define CKA_PUBLIC_EXPONENT    0x00000122UL
478*b106467fSJason King #define CKA_PRIVATE_EXPONENT   0x00000123UL
479*b106467fSJason King #define CKA_PRIME_1            0x00000124UL
480*b106467fSJason King #define CKA_PRIME_2            0x00000125UL
481*b106467fSJason King #define CKA_EXPONENT_1         0x00000126UL
482*b106467fSJason King #define CKA_EXPONENT_2         0x00000127UL
483*b106467fSJason King #define CKA_COEFFICIENT        0x00000128UL
484*b106467fSJason King #define CKA_PUBLIC_KEY_INFO    0x00000129UL
485*b106467fSJason King #define CKA_PRIME              0x00000130UL
486*b106467fSJason King #define CKA_SUBPRIME           0x00000131UL
487*b106467fSJason King #define CKA_BASE               0x00000132UL
488*b106467fSJason King 
489*b106467fSJason King #define CKA_PRIME_BITS         0x00000133UL
490*b106467fSJason King #define CKA_SUBPRIME_BITS      0x00000134UL
491f66d273dSizick #define CKA_SUB_PRIME_BITS     CKA_SUBPRIME_BITS
492*b106467fSJason King 
493*b106467fSJason King #define CKA_VALUE_BITS         0x00000160UL
494*b106467fSJason King #define CKA_VALUE_LEN          0x00000161UL
495*b106467fSJason King #define CKA_EXTRACTABLE        0x00000162UL
496*b106467fSJason King #define CKA_LOCAL              0x00000163UL
497*b106467fSJason King #define CKA_NEVER_EXTRACTABLE  0x00000164UL
498*b106467fSJason King #define CKA_ALWAYS_SENSITIVE   0x00000165UL
499*b106467fSJason King #define CKA_KEY_GEN_MECHANISM  0x00000166UL
500*b106467fSJason King 
501*b106467fSJason King #define CKA_MODIFIABLE         0x00000170UL
502*b106467fSJason King #define CKA_COPYABLE           0x00000171UL
503*b106467fSJason King 
504*b106467fSJason King #define CKA_DESTROYABLE        0x00000172UL
505*b106467fSJason King 
506*b106467fSJason King #define CKA_ECDSA_PARAMS       0x00000180UL /* Deprecated */
507*b106467fSJason King #define CKA_EC_PARAMS          0x00000180UL
508*b106467fSJason King 
509*b106467fSJason King #define CKA_EC_POINT           0x00000181UL
510*b106467fSJason King 
511*b106467fSJason King #define CKA_SECONDARY_AUTH     0x00000200UL /* Deprecated */
512*b106467fSJason King #define CKA_AUTH_PIN_FLAGS     0x00000201UL /* Deprecated */
513*b106467fSJason King 
514*b106467fSJason King #define CKA_ALWAYS_AUTHENTICATE  0x00000202UL
515*b106467fSJason King 
516*b106467fSJason King #define CKA_WRAP_WITH_TRUSTED    0x00000210UL
517*b106467fSJason King #define CKA_WRAP_TEMPLATE        (CKF_ARRAY_ATTRIBUTE|0x00000211UL)
518*b106467fSJason King #define CKA_UNWRAP_TEMPLATE      (CKF_ARRAY_ATTRIBUTE|0x00000212UL)
519*b106467fSJason King #define CKA_DERIVE_TEMPLATE      (CKF_ARRAY_ATTRIBUTE|0x00000213UL)
520*b106467fSJason King 
521*b106467fSJason King #define CKA_OTP_FORMAT                0x00000220UL
522*b106467fSJason King #define CKA_OTP_LENGTH                0x00000221UL
523*b106467fSJason King #define CKA_OTP_TIME_INTERVAL         0x00000222UL
524*b106467fSJason King #define CKA_OTP_USER_FRIENDLY_MODE    0x00000223UL
525*b106467fSJason King #define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224UL
526*b106467fSJason King #define CKA_OTP_TIME_REQUIREMENT      0x00000225UL
527*b106467fSJason King #define CKA_OTP_COUNTER_REQUIREMENT   0x00000226UL
528*b106467fSJason King #define CKA_OTP_PIN_REQUIREMENT       0x00000227UL
529*b106467fSJason King #define CKA_OTP_COUNTER               0x0000022EUL
530*b106467fSJason King #define CKA_OTP_TIME                  0x0000022FUL
531*b106467fSJason King #define CKA_OTP_USER_IDENTIFIER       0x0000022AUL
532*b106467fSJason King #define CKA_OTP_SERVICE_IDENTIFIER    0x0000022BUL
533*b106467fSJason King #define CKA_OTP_SERVICE_LOGO          0x0000022CUL
534*b106467fSJason King #define CKA_OTP_SERVICE_LOGO_TYPE     0x0000022DUL
535*b106467fSJason King 
536*b106467fSJason King #define CKA_GOSTR3410_PARAMS            0x00000250UL
537*b106467fSJason King #define CKA_GOSTR3411_PARAMS            0x00000251UL
538*b106467fSJason King #define CKA_GOST28147_PARAMS            0x00000252UL
539*b106467fSJason King 
540*b106467fSJason King #define CKA_HW_FEATURE_TYPE             0x00000300UL
541*b106467fSJason King #define CKA_RESET_ON_INIT               0x00000301UL
542*b106467fSJason King #define CKA_HAS_RESET                   0x00000302UL
543*b106467fSJason King 
544*b106467fSJason King #define CKA_PIXEL_X                     0x00000400UL
545*b106467fSJason King #define CKA_PIXEL_Y                     0x00000401UL
546*b106467fSJason King #define CKA_RESOLUTION                  0x00000402UL
547*b106467fSJason King #define CKA_CHAR_ROWS                   0x00000403UL
548*b106467fSJason King #define CKA_CHAR_COLUMNS                0x00000404UL
549*b106467fSJason King #define CKA_COLOR                       0x00000405UL
550*b106467fSJason King #define CKA_BITS_PER_PIXEL              0x00000406UL
551*b106467fSJason King #define CKA_CHAR_SETS                   0x00000480UL
552*b106467fSJason King #define CKA_ENCODING_METHODS            0x00000481UL
553*b106467fSJason King #define CKA_MIME_TYPES                  0x00000482UL
554*b106467fSJason King #define CKA_MECHANISM_TYPE              0x00000500UL
555*b106467fSJason King #define CKA_REQUIRED_CMS_ATTRIBUTES     0x00000501UL
556*b106467fSJason King #define CKA_DEFAULT_CMS_ATTRIBUTES      0x00000502UL
557*b106467fSJason King #define CKA_SUPPORTED_CMS_ATTRIBUTES    0x00000503UL
558*b106467fSJason King #define CKA_ALLOWED_MECHANISMS          (CKF_ARRAY_ATTRIBUTE|0x00000600UL)
559*b106467fSJason King 
560*b106467fSJason King #define CKA_VENDOR_DEFINED              0x80000000UL
5617c478bd9Sstevel@tonic-gate 
5627c478bd9Sstevel@tonic-gate /* CK_ATTRIBUTE is a structure that includes the type, length
563*b106467fSJason King  * and value of an attribute
564*b106467fSJason King  */
5657c478bd9Sstevel@tonic-gate typedef struct CK_ATTRIBUTE {
5667c478bd9Sstevel@tonic-gate   CK_ATTRIBUTE_TYPE type;
5677c478bd9Sstevel@tonic-gate   CK_VOID_PTR       pValue;
5687c478bd9Sstevel@tonic-gate   CK_ULONG          ulValueLen;  /* in bytes */
5697c478bd9Sstevel@tonic-gate } CK_ATTRIBUTE;
5707c478bd9Sstevel@tonic-gate 
5717c478bd9Sstevel@tonic-gate typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
5727c478bd9Sstevel@tonic-gate 
5737c478bd9Sstevel@tonic-gate /* CK_DATE is a structure that defines a date */
5747c478bd9Sstevel@tonic-gate typedef struct CK_DATE{
5757c478bd9Sstevel@tonic-gate   CK_CHAR       year[4];   /* the year ("1900" - "9999") */
5767c478bd9Sstevel@tonic-gate   CK_CHAR       month[2];  /* the month ("01" - "12") */
5777c478bd9Sstevel@tonic-gate   CK_CHAR       day[2];    /* the day   ("01" - "31") */
5787c478bd9Sstevel@tonic-gate } CK_DATE;
5797c478bd9Sstevel@tonic-gate 
5807c478bd9Sstevel@tonic-gate 
5817c478bd9Sstevel@tonic-gate /* CK_MECHANISM_TYPE is a value that identifies a mechanism
582*b106467fSJason King  * type
583*b106467fSJason King  */
5847c478bd9Sstevel@tonic-gate typedef CK_ULONG          CK_MECHANISM_TYPE;
5857c478bd9Sstevel@tonic-gate 
5867c478bd9Sstevel@tonic-gate /* the following mechanism types are defined: */
587*b106467fSJason King #define CKM_RSA_PKCS_KEY_PAIR_GEN      0x00000000UL
588*b106467fSJason King #define CKM_RSA_PKCS                   0x00000001UL
589*b106467fSJason King #define CKM_RSA_9796                   0x00000002UL
590*b106467fSJason King #define CKM_RSA_X_509                  0x00000003UL
591*b106467fSJason King 
592*b106467fSJason King #define CKM_MD2_RSA_PKCS               0x00000004UL
593*b106467fSJason King #define CKM_MD5_RSA_PKCS               0x00000005UL
594*b106467fSJason King #define CKM_SHA1_RSA_PKCS              0x00000006UL
595*b106467fSJason King 
596*b106467fSJason King #define CKM_RIPEMD128_RSA_PKCS         0x00000007UL
597*b106467fSJason King #define CKM_RIPEMD160_RSA_PKCS         0x00000008UL
598*b106467fSJason King #define CKM_RSA_PKCS_OAEP              0x00000009UL
599*b106467fSJason King 
600*b106467fSJason King #define CKM_RSA_X9_31_KEY_PAIR_GEN     0x0000000AUL
601*b106467fSJason King #define CKM_RSA_X9_31                  0x0000000BUL
602*b106467fSJason King #define CKM_SHA1_RSA_X9_31             0x0000000CUL
603*b106467fSJason King #define CKM_RSA_PKCS_PSS               0x0000000DUL
604*b106467fSJason King #define CKM_SHA1_RSA_PKCS_PSS          0x0000000EUL
605*b106467fSJason King 
606*b106467fSJason King #define CKM_DSA_KEY_PAIR_GEN           0x00000010UL
607*b106467fSJason King #define CKM_DSA                        0x00000011UL
608*b106467fSJason King #define CKM_DSA_SHA1                   0x00000012UL
609*b106467fSJason King #define CKM_DSA_SHA224                 0x00000013UL
610*b106467fSJason King #define CKM_DSA_SHA256                 0x00000014UL
611*b106467fSJason King #define CKM_DSA_SHA384                 0x00000015UL
612*b106467fSJason King #define CKM_DSA_SHA512                 0x00000016UL
613*b106467fSJason King 
614*b106467fSJason King #define CKM_DH_PKCS_KEY_PAIR_GEN       0x00000020UL
615*b106467fSJason King #define CKM_DH_PKCS_DERIVE             0x00000021UL
616*b106467fSJason King 
617*b106467fSJason King #define CKM_X9_42_DH_KEY_PAIR_GEN      0x00000030UL
618*b106467fSJason King #define CKM_X9_42_DH_DERIVE            0x00000031UL
619*b106467fSJason King #define CKM_X9_42_DH_HYBRID_DERIVE     0x00000032UL
620*b106467fSJason King #define CKM_X9_42_MQV_DERIVE           0x00000033UL
621*b106467fSJason King 
622*b106467fSJason King #define CKM_SHA256_RSA_PKCS            0x00000040UL
623*b106467fSJason King #define CKM_SHA384_RSA_PKCS            0x00000041UL
624*b106467fSJason King #define CKM_SHA512_RSA_PKCS            0x00000042UL
625*b106467fSJason King #define CKM_SHA256_RSA_PKCS_PSS        0x00000043UL
626*b106467fSJason King #define CKM_SHA384_RSA_PKCS_PSS        0x00000044UL
627*b106467fSJason King #define CKM_SHA512_RSA_PKCS_PSS        0x00000045UL
628*b106467fSJason King 
629*b106467fSJason King #define CKM_SHA224_RSA_PKCS            0x00000046UL
630*b106467fSJason King #define CKM_SHA224_RSA_PKCS_PSS        0x00000047UL
631*b106467fSJason King 
632*b106467fSJason King #define CKM_SHA512_224                 0x00000048UL
633*b106467fSJason King #define CKM_SHA512_224_HMAC            0x00000049UL
634*b106467fSJason King #define CKM_SHA512_224_HMAC_GENERAL    0x0000004AUL
635*b106467fSJason King #define CKM_SHA512_224_KEY_DERIVATION  0x0000004BUL
636*b106467fSJason King #define CKM_SHA512_256                 0x0000004CUL
637*b106467fSJason King #define CKM_SHA512_256_HMAC            0x0000004DUL
638*b106467fSJason King #define CKM_SHA512_256_HMAC_GENERAL    0x0000004EUL
639*b106467fSJason King #define CKM_SHA512_256_KEY_DERIVATION  0x0000004FUL
640*b106467fSJason King 
641*b106467fSJason King #define CKM_SHA512_T                   0x00000050UL
642*b106467fSJason King #define CKM_SHA512_T_HMAC              0x00000051UL
643*b106467fSJason King #define CKM_SHA512_T_HMAC_GENERAL      0x00000052UL
644*b106467fSJason King #define CKM_SHA512_T_KEY_DERIVATION    0x00000053UL
645*b106467fSJason King 
646*b106467fSJason King #define CKM_RC2_KEY_GEN                0x00000100UL
647*b106467fSJason King #define CKM_RC2_ECB                    0x00000101UL
648*b106467fSJason King #define CKM_RC2_CBC                    0x00000102UL
649*b106467fSJason King #define CKM_RC2_MAC                    0x00000103UL
650*b106467fSJason King 
651*b106467fSJason King #define CKM_RC2_MAC_GENERAL            0x00000104UL
652*b106467fSJason King #define CKM_RC2_CBC_PAD                0x00000105UL
653*b106467fSJason King 
654*b106467fSJason King #define CKM_RC4_KEY_GEN                0x00000110UL
655*b106467fSJason King #define CKM_RC4                        0x00000111UL
656*b106467fSJason King #define CKM_DES_KEY_GEN                0x00000120UL
657*b106467fSJason King #define CKM_DES_ECB                    0x00000121UL
658*b106467fSJason King #define CKM_DES_CBC                    0x00000122UL
659*b106467fSJason King #define CKM_DES_MAC                    0x00000123UL
660*b106467fSJason King 
661*b106467fSJason King #define CKM_DES_MAC_GENERAL            0x00000124UL
662*b106467fSJason King #define CKM_DES_CBC_PAD                0x00000125UL
663*b106467fSJason King 
664*b106467fSJason King #define CKM_DES2_KEY_GEN               0x00000130UL
665*b106467fSJason King #define CKM_DES3_KEY_GEN               0x00000131UL
666*b106467fSJason King #define CKM_DES3_ECB                   0x00000132UL
667*b106467fSJason King #define CKM_DES3_CBC                   0x00000133UL
668*b106467fSJason King #define CKM_DES3_MAC                   0x00000134UL
669*b106467fSJason King 
670*b106467fSJason King #define CKM_DES3_MAC_GENERAL           0x00000135UL
671*b106467fSJason King #define CKM_DES3_CBC_PAD               0x00000136UL
672*b106467fSJason King #define CKM_DES3_CMAC_GENERAL          0x00000137UL
673*b106467fSJason King #define CKM_DES3_CMAC                  0x00000138UL
674*b106467fSJason King #define CKM_CDMF_KEY_GEN               0x00000140UL
675*b106467fSJason King #define CKM_CDMF_ECB                   0x00000141UL
676*b106467fSJason King #define CKM_CDMF_CBC                   0x00000142UL
677*b106467fSJason King #define CKM_CDMF_MAC                   0x00000143UL
678*b106467fSJason King #define CKM_CDMF_MAC_GENERAL           0x00000144UL
679*b106467fSJason King #define CKM_CDMF_CBC_PAD               0x00000145UL
680*b106467fSJason King 
681*b106467fSJason King #define CKM_DES_OFB64                  0x00000150UL
682*b106467fSJason King #define CKM_DES_OFB8                   0x00000151UL
683*b106467fSJason King #define CKM_DES_CFB64                  0x00000152UL
684*b106467fSJason King #define CKM_DES_CFB8                   0x00000153UL
685*b106467fSJason King 
686*b106467fSJason King #define CKM_MD2                        0x00000200UL
687*b106467fSJason King 
688*b106467fSJason King #define CKM_MD2_HMAC                   0x00000201UL
689*b106467fSJason King #define CKM_MD2_HMAC_GENERAL           0x00000202UL
690*b106467fSJason King 
691*b106467fSJason King #define CKM_MD5                        0x00000210UL
692*b106467fSJason King 
693*b106467fSJason King #define CKM_MD5_HMAC                   0x00000211UL
694*b106467fSJason King #define CKM_MD5_HMAC_GENERAL           0x00000212UL
695*b106467fSJason King 
696*b106467fSJason King #define CKM_SHA_1                      0x00000220UL
697*b106467fSJason King 
698*b106467fSJason King #define CKM_SHA_1_HMAC                 0x00000221UL
699*b106467fSJason King #define CKM_SHA_1_HMAC_GENERAL         0x00000222UL
700*b106467fSJason King 
701*b106467fSJason King #define CKM_RIPEMD128                  0x00000230UL
702*b106467fSJason King #define CKM_RIPEMD128_HMAC             0x00000231UL
703*b106467fSJason King #define CKM_RIPEMD128_HMAC_GENERAL     0x00000232UL
704*b106467fSJason King #define CKM_RIPEMD160                  0x00000240UL
705*b106467fSJason King #define CKM_RIPEMD160_HMAC             0x00000241UL
706*b106467fSJason King #define CKM_RIPEMD160_HMAC_GENERAL     0x00000242UL
707*b106467fSJason King 
708*b106467fSJason King #define CKM_SHA256                     0x00000250UL
709*b106467fSJason King #define CKM_SHA256_HMAC                0x00000251UL
710*b106467fSJason King #define CKM_SHA256_HMAC_GENERAL        0x00000252UL
711*b106467fSJason King #define CKM_SHA224                     0x00000255UL
712*b106467fSJason King #define CKM_SHA224_HMAC                0x00000256UL
713*b106467fSJason King #define CKM_SHA224_HMAC_GENERAL        0x00000257UL
714*b106467fSJason King #define CKM_SHA384                     0x00000260UL
715*b106467fSJason King #define CKM_SHA384_HMAC                0x00000261UL
716*b106467fSJason King #define CKM_SHA384_HMAC_GENERAL        0x00000262UL
717*b106467fSJason King #define CKM_SHA512                     0x00000270UL
718*b106467fSJason King #define CKM_SHA512_HMAC                0x00000271UL
719*b106467fSJason King #define CKM_SHA512_HMAC_GENERAL        0x00000272UL
720*b106467fSJason King #define CKM_SECURID_KEY_GEN            0x00000280UL
721*b106467fSJason King #define CKM_SECURID                    0x00000282UL
722*b106467fSJason King #define CKM_HOTP_KEY_GEN               0x00000290UL
723*b106467fSJason King #define CKM_HOTP                       0x00000291UL
724*b106467fSJason King #define CKM_ACTI                       0x000002A0UL
725*b106467fSJason King #define CKM_ACTI_KEY_GEN               0x000002A1UL
726*b106467fSJason King 
727*b106467fSJason King #define CKM_CAST_KEY_GEN               0x00000300UL
728*b106467fSJason King #define CKM_CAST_ECB                   0x00000301UL
729*b106467fSJason King #define CKM_CAST_CBC                   0x00000302UL
730*b106467fSJason King #define CKM_CAST_MAC                   0x00000303UL
731*b106467fSJason King #define CKM_CAST_MAC_GENERAL           0x00000304UL
732*b106467fSJason King #define CKM_CAST_CBC_PAD               0x00000305UL
733*b106467fSJason King #define CKM_CAST3_KEY_GEN              0x00000310UL
734*b106467fSJason King #define CKM_CAST3_ECB                  0x00000311UL
735*b106467fSJason King #define CKM_CAST3_CBC                  0x00000312UL
736*b106467fSJason King #define CKM_CAST3_MAC                  0x00000313UL
737*b106467fSJason King #define CKM_CAST3_MAC_GENERAL          0x00000314UL
738*b106467fSJason King #define CKM_CAST3_CBC_PAD              0x00000315UL
7397c478bd9Sstevel@tonic-gate /* Note that CAST128 and CAST5 are the same algorithm */
740*b106467fSJason King #define CKM_CAST5_KEY_GEN              0x00000320UL
741*b106467fSJason King #define CKM_CAST128_KEY_GEN            0x00000320UL
742*b106467fSJason King #define CKM_CAST5_ECB                  0x00000321UL
743*b106467fSJason King #define CKM_CAST128_ECB                0x00000321UL
744*b106467fSJason King #define CKM_CAST5_CBC                  0x00000322UL /* Deprecated */
745*b106467fSJason King #define CKM_CAST128_CBC                0x00000322UL
746*b106467fSJason King #define CKM_CAST5_MAC                  0x00000323UL /* Deprecated */
747*b106467fSJason King #define CKM_CAST128_MAC                0x00000323UL
748*b106467fSJason King #define CKM_CAST5_MAC_GENERAL          0x00000324UL /* Deprecated */
749*b106467fSJason King #define CKM_CAST128_MAC_GENERAL        0x00000324UL
750*b106467fSJason King #define CKM_CAST5_CBC_PAD              0x00000325UL /* Deprecated */
751*b106467fSJason King #define CKM_CAST128_CBC_PAD            0x00000325UL
752*b106467fSJason King #define CKM_RC5_KEY_GEN                0x00000330UL
753*b106467fSJason King #define CKM_RC5_ECB                    0x00000331UL
754*b106467fSJason King #define CKM_RC5_CBC                    0x00000332UL
755*b106467fSJason King #define CKM_RC5_MAC                    0x00000333UL
756*b106467fSJason King #define CKM_RC5_MAC_GENERAL            0x00000334UL
757*b106467fSJason King #define CKM_RC5_CBC_PAD                0x00000335UL
758*b106467fSJason King #define CKM_IDEA_KEY_GEN               0x00000340UL
759*b106467fSJason King #define CKM_IDEA_ECB                   0x00000341UL
760*b106467fSJason King #define CKM_IDEA_CBC                   0x00000342UL
761*b106467fSJason King #define CKM_IDEA_MAC                   0x00000343UL
762*b106467fSJason King #define CKM_IDEA_MAC_GENERAL           0x00000344UL
763*b106467fSJason King #define CKM_IDEA_CBC_PAD               0x00000345UL
764*b106467fSJason King #define CKM_GENERIC_SECRET_KEY_GEN     0x00000350UL
765*b106467fSJason King #define CKM_CONCATENATE_BASE_AND_KEY   0x00000360UL
766*b106467fSJason King #define CKM_CONCATENATE_BASE_AND_DATA  0x00000362UL
767*b106467fSJason King #define CKM_CONCATENATE_DATA_AND_BASE  0x00000363UL
768*b106467fSJason King #define CKM_XOR_BASE_AND_DATA          0x00000364UL
769*b106467fSJason King #define CKM_EXTRACT_KEY_FROM_KEY       0x00000365UL
770*b106467fSJason King #define CKM_SSL3_PRE_MASTER_KEY_GEN    0x00000370UL
771*b106467fSJason King #define CKM_SSL3_MASTER_KEY_DERIVE     0x00000371UL
772*b106467fSJason King #define CKM_SSL3_KEY_AND_MAC_DERIVE    0x00000372UL
773*b106467fSJason King 
774*b106467fSJason King #define CKM_SSL3_MASTER_KEY_DERIVE_DH  0x00000373UL
775*b106467fSJason King #define CKM_TLS_PRE_MASTER_KEY_GEN     0x00000374UL
776*b106467fSJason King #define