andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: /* andre@0: * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document andre@0: * is granted provided that it is identified as "RSA Security In.c Public-Key andre@0: * Cryptography Standards (PKCS)" in all material mentioning or referencing andre@0: * this document. andre@0: */ andre@0: /* This function contains pretty much everything about all the */ andre@0: /* PKCS #11 function prototypes. Because this information is */ andre@0: /* used for more than just declaring function prototypes, the */ andre@0: /* order of the functions appearing herein is important, and */ andre@0: /* should not be altered. */ andre@0: andre@0: andre@0: andre@0: /* General-purpose */ andre@0: andre@0: /* C_Initialize initializes the PKCS #11 library. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Initialize) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets andre@0: * cast to CK_C_INITIALIZE_ARGS_PTR andre@0: * and dereferenced */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_Finalize indicates that an application is done with the andre@0: * PKCS #11 library. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Finalize) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetInfo returns general information about PKCS #11. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetInfo) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_INFO_PTR pInfo /* location that receives information */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetFunctionList returns the function list. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to andre@0: * function list */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Slot and token management */ andre@0: andre@0: /* C_GetSlotList obtains a list of slots in the system. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetSlotList) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_BBOOL tokenPresent, /* only slots with tokens? */ andre@0: CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ andre@0: CK_ULONG_PTR pulCount /* receives number of slots */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetSlotInfo obtains information about a particular slot in andre@0: * the system. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SLOT_ID slotID, /* the ID of the slot */ andre@0: CK_SLOT_INFO_PTR pInfo /* receives the slot information */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetTokenInfo obtains information about a particular token andre@0: * in the system. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SLOT_ID slotID, /* ID of the token's slot */ andre@0: CK_TOKEN_INFO_PTR pInfo /* receives the token information */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetMechanismList obtains a list of mechanism types andre@0: * supported by a token. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SLOT_ID slotID, /* ID of token's slot */ andre@0: CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ andre@0: CK_ULONG_PTR pulCount /* gets # of mechs. */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetMechanismInfo obtains information about a particular andre@0: * mechanism possibly supported by a token. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SLOT_ID slotID, /* ID of the token's slot */ andre@0: CK_MECHANISM_TYPE type, /* type of mechanism */ andre@0: CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_InitToken initializes a token. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_InitToken) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: /* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ andre@0: ( andre@0: CK_SLOT_ID slotID, /* ID of the token's slot */ andre@0: CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ andre@0: CK_ULONG ulPinLen, /* length in bytes of the PIN */ andre@0: CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_InitPIN initializes the normal user's PIN. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_InitPIN) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ andre@0: CK_ULONG ulPinLen /* length in bytes of the PIN */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_SetPIN modifies the PIN of the user who is logged in. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SetPIN) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ andre@0: CK_ULONG ulOldLen, /* length of the old PIN */ andre@0: CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ andre@0: CK_ULONG ulNewLen /* length of the new PIN */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Session management */ andre@0: andre@0: /* C_OpenSession opens a session between an application and a andre@0: * token. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_OpenSession) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SLOT_ID slotID, /* the slot's ID */ andre@0: CK_FLAGS flags, /* from CK_SESSION_INFO */ andre@0: CK_VOID_PTR pApplication, /* passed to callback */ andre@0: CK_NOTIFY Notify, /* callback function */ andre@0: CK_SESSION_HANDLE_PTR phSession /* gets session handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_CloseSession closes a session between an application and a andre@0: * token. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_CloseSession) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession /* the session's handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_CloseAllSessions closes all sessions with a token. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SLOT_ID slotID /* the token's slot */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetSessionInfo obtains information about the session. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_SESSION_INFO_PTR pInfo /* receives session info */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetOperationState obtains the state of the cryptographic operation andre@0: * in a session. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetOperationState) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pOperationState, /* gets state */ andre@0: CK_ULONG_PTR pulOperationStateLen /* gets state length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_SetOperationState restores the state of the cryptographic andre@0: * operation in a session. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SetOperationState) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pOperationState, /* holds state */ andre@0: CK_ULONG ulOperationStateLen, /* holds state length */ andre@0: CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ andre@0: CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_Login logs a user into a token. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Login) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_USER_TYPE userType, /* the user type */ andre@0: CK_UTF8CHAR_PTR pPin, /* the user's PIN */ andre@0: CK_ULONG ulPinLen /* the length of the PIN */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_Logout logs a user out from a token. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Logout) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession /* the session's handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Object management */ andre@0: andre@0: /* C_CreateObject creates a new object. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_CreateObject) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ andre@0: CK_ULONG ulCount, /* attributes in template */ andre@0: CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_CopyObject copies an object, creating a new object for the andre@0: * copy. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_CopyObject) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_OBJECT_HANDLE hObject, /* the object's handle */ andre@0: CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ andre@0: CK_ULONG ulCount, /* attributes in template */ andre@0: CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DestroyObject destroys an object. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DestroyObject) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_OBJECT_HANDLE hObject /* the object's handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetObjectSize gets the size of an object in bytes. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_OBJECT_HANDLE hObject, /* the object's handle */ andre@0: CK_ULONG_PTR pulSize /* receives size of object */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GetAttributeValue obtains the value of one or more object andre@0: * attributes. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_OBJECT_HANDLE hObject, /* the object's handle */ andre@0: CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ andre@0: CK_ULONG ulCount /* attributes in template */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_SetAttributeValue modifies the value of one or more object andre@0: * attributes */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_OBJECT_HANDLE hObject, /* the object's handle */ andre@0: CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ andre@0: CK_ULONG ulCount /* attributes in template */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_FindObjectsInit initializes a search for token and session andre@0: * objects that match a template. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ andre@0: CK_ULONG ulCount /* attrs in search template */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_FindObjects continues a search for token and session andre@0: * objects that match a template, obtaining additional object andre@0: * handles. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_FindObjects) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ andre@0: CK_ULONG ulMaxObjectCount, /* max handles to get */ andre@0: CK_ULONG_PTR pulObjectCount /* actual # returned */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_FindObjectsFinal finishes a search for token and session andre@0: * objects. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession /* the session's handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Encryption and decryption */ andre@0: andre@0: /* C_EncryptInit initializes an encryption operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_EncryptInit) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ andre@0: CK_OBJECT_HANDLE hKey /* handle of encryption key */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_Encrypt encrypts single-part data. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Encrypt) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pData, /* the plaintext data */ andre@0: CK_ULONG ulDataLen, /* bytes of plaintext */ andre@0: CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ andre@0: CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_EncryptUpdate continues a multiple-part encryption andre@0: * operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pPart, /* the plaintext data */ andre@0: CK_ULONG ulPartLen, /* plaintext data len */ andre@0: CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ andre@0: CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_EncryptFinal finishes a multiple-part encryption andre@0: * operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session handle */ andre@0: CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ andre@0: CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DecryptInit initializes a decryption operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DecryptInit) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ andre@0: CK_OBJECT_HANDLE hKey /* handle of decryption key */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_Decrypt decrypts encrypted data in a single part. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Decrypt) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pEncryptedData, /* ciphertext */ andre@0: CK_ULONG ulEncryptedDataLen, /* ciphertext length */ andre@0: CK_BYTE_PTR pData, /* gets plaintext */ andre@0: CK_ULONG_PTR pulDataLen /* gets p-text size */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DecryptUpdate continues a multiple-part decryption andre@0: * operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pEncryptedPart, /* encrypted data */ andre@0: CK_ULONG ulEncryptedPartLen, /* input length */ andre@0: CK_BYTE_PTR pPart, /* gets plaintext */ andre@0: CK_ULONG_PTR pulPartLen /* p-text size */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DecryptFinal finishes a multiple-part decryption andre@0: * operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pLastPart, /* gets plaintext */ andre@0: CK_ULONG_PTR pulLastPartLen /* p-text size */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Message digesting */ andre@0: andre@0: /* C_DigestInit initializes a message-digesting operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DigestInit) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_Digest digests data in a single part. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Digest) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pData, /* data to be digested */ andre@0: CK_ULONG ulDataLen, /* bytes of data to digest */ andre@0: CK_BYTE_PTR pDigest, /* gets the message digest */ andre@0: CK_ULONG_PTR pulDigestLen /* gets digest length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DigestUpdate continues a multiple-part message-digesting andre@0: * operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pPart, /* data to be digested */ andre@0: CK_ULONG ulPartLen /* bytes of data to be digested */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DigestKey continues a multi-part message-digesting andre@0: * operation, by digesting the value of a secret key as part of andre@0: * the data already digested. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DigestKey) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_OBJECT_HANDLE hKey /* secret key to digest */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DigestFinal finishes a multiple-part message-digesting andre@0: * operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DigestFinal) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pDigest, /* gets the message digest */ andre@0: CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Signing and MACing */ andre@0: andre@0: /* C_SignInit initializes a signature (private key encryption) andre@0: * operation, where the signature is (will be) an appendix to andre@0: * the data, and plaintext cannot be recovered from the andre@0: *signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SignInit) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ andre@0: CK_OBJECT_HANDLE hKey /* handle of signature key */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_Sign signs (encrypts with private key) data in a single andre@0: * part, where the signature is (will be) an appendix to the andre@0: * data, and plaintext cannot be recovered from the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Sign) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pData, /* the data to sign */ andre@0: CK_ULONG ulDataLen, /* count of bytes to sign */ andre@0: CK_BYTE_PTR pSignature, /* gets the signature */ andre@0: CK_ULONG_PTR pulSignatureLen /* gets signature length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_SignUpdate continues a multiple-part signature operation, andre@0: * where the signature is (will be) an appendix to the data, andre@0: * and plaintext cannot be recovered from the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SignUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pPart, /* the data to sign */ andre@0: CK_ULONG ulPartLen /* count of bytes to sign */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_SignFinal finishes a multiple-part signature operation, andre@0: * returning the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SignFinal) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pSignature, /* gets the signature */ andre@0: CK_ULONG_PTR pulSignatureLen /* gets signature length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_SignRecoverInit initializes a signature operation, where andre@0: * the data can be recovered from the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ andre@0: CK_OBJECT_HANDLE hKey /* handle of the signature key */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_SignRecover signs data in a single operation, where the andre@0: * data can be recovered from the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SignRecover) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pData, /* the data to sign */ andre@0: CK_ULONG ulDataLen, /* count of bytes to sign */ andre@0: CK_BYTE_PTR pSignature, /* gets the signature */ andre@0: CK_ULONG_PTR pulSignatureLen /* gets signature length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Verifying signatures and MACs */ andre@0: andre@0: /* C_VerifyInit initializes a verification operation, where the andre@0: * signature is an appendix to the data, and plaintext cannot andre@0: * cannot be recovered from the signature (e.g. DSA). */ andre@0: CK_PKCS11_FUNCTION_INFO(C_VerifyInit) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ andre@0: CK_OBJECT_HANDLE hKey /* verification key */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_Verify verifies a signature in a single-part operation, andre@0: * where the signature is an appendix to the data, and plaintext andre@0: * cannot be recovered from the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_Verify) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pData, /* signed data */ andre@0: CK_ULONG ulDataLen, /* length of signed data */ andre@0: CK_BYTE_PTR pSignature, /* signature */ andre@0: CK_ULONG ulSignatureLen /* signature length*/ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_VerifyUpdate continues a multiple-part verification andre@0: * operation, where the signature is an appendix to the data, andre@0: * and plaintext cannot be recovered from the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pPart, /* signed data */ andre@0: CK_ULONG ulPartLen /* length of signed data */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_VerifyFinal finishes a multiple-part verification andre@0: * operation, checking the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pSignature, /* signature to verify */ andre@0: CK_ULONG ulSignatureLen /* signature length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_VerifyRecoverInit initializes a signature verification andre@0: * operation, where the data is recovered from the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ andre@0: CK_OBJECT_HANDLE hKey /* verification key */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_VerifyRecover verifies a signature in a single-part andre@0: * operation, where the data is recovered from the signature. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pSignature, /* signature to verify */ andre@0: CK_ULONG ulSignatureLen, /* signature length */ andre@0: CK_BYTE_PTR pData, /* gets signed data */ andre@0: CK_ULONG_PTR pulDataLen /* gets signed data len */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Dual-function cryptographic operations */ andre@0: andre@0: /* C_DigestEncryptUpdate continues a multiple-part digesting andre@0: * and encryption operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pPart, /* the plaintext data */ andre@0: CK_ULONG ulPartLen, /* plaintext length */ andre@0: CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ andre@0: CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DecryptDigestUpdate continues a multiple-part decryption and andre@0: * digesting operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pEncryptedPart, /* ciphertext */ andre@0: CK_ULONG ulEncryptedPartLen, /* ciphertext length */ andre@0: CK_BYTE_PTR pPart, /* gets plaintext */ andre@0: CK_ULONG_PTR pulPartLen /* gets plaintext len */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_SignEncryptUpdate continues a multiple-part signing and andre@0: * encryption operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pPart, /* the plaintext data */ andre@0: CK_ULONG ulPartLen, /* plaintext length */ andre@0: CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ andre@0: CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DecryptVerifyUpdate continues a multiple-part decryption and andre@0: * verify operation. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_BYTE_PTR pEncryptedPart, /* ciphertext */ andre@0: CK_ULONG ulEncryptedPartLen, /* ciphertext length */ andre@0: CK_BYTE_PTR pPart, /* gets plaintext */ andre@0: CK_ULONG_PTR pulPartLen /* gets p-text length */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Key management */ andre@0: andre@0: /* C_GenerateKey generates a secret key, creating a new key andre@0: * object. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GenerateKey) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* key generation mech. */ andre@0: CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ andre@0: CK_ULONG ulCount, /* # of attrs in template */ andre@0: CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GenerateKeyPair generates a public-key/private-key pair, andre@0: * creating new key objects. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session andre@0: * handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* key-gen andre@0: * mech. */ andre@0: CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template andre@0: * for pub. andre@0: * key */ andre@0: CK_ULONG ulPublicKeyAttributeCount, /* # pub. andre@0: * attrs. */ andre@0: CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template andre@0: * for priv. andre@0: * key */ andre@0: CK_ULONG ulPrivateKeyAttributeCount, /* # priv. andre@0: * attrs. */ andre@0: CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. andre@0: * key andre@0: * handle */ andre@0: CK_OBJECT_HANDLE_PTR phPrivateKey /* gets andre@0: * priv. key andre@0: * handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_WrapKey wraps (i.e., encrypts) a key. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_WrapKey) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ andre@0: CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ andre@0: CK_OBJECT_HANDLE hKey, /* key to be wrapped */ andre@0: CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ andre@0: CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new andre@0: * key object. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ andre@0: CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ andre@0: CK_BYTE_PTR pWrappedKey, /* the wrapped key */ andre@0: CK_ULONG ulWrappedKeyLen, /* wrapped key len */ andre@0: CK_ATTRIBUTE_PTR pTemplate, /* new key template */ andre@0: CK_ULONG ulAttributeCount, /* template length */ andre@0: CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_DeriveKey derives a key from a base key, creating a new key andre@0: * object. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_DeriveKey) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* session's handle */ andre@0: CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ andre@0: CK_OBJECT_HANDLE hBaseKey, /* base key */ andre@0: CK_ATTRIBUTE_PTR pTemplate, /* new key template */ andre@0: CK_ULONG ulAttributeCount, /* template length */ andre@0: CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Random number generation */ andre@0: andre@0: /* C_SeedRandom mixes additional seed material into the token's andre@0: * random number generator. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_SeedRandom) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR pSeed, /* the seed material */ andre@0: CK_ULONG ulSeedLen /* length of seed material */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_GenerateRandom generates random data. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession, /* the session's handle */ andre@0: CK_BYTE_PTR RandomData, /* receives the random data */ andre@0: CK_ULONG ulRandomLen /* # of bytes to generate */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Parallel function management */ andre@0: andre@0: /* C_GetFunctionStatus is a legacy function; it obtains an andre@0: * updated status of a function running in parallel with an andre@0: * application. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession /* the session's handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: /* C_CancelFunction is a legacy function; it cancels a function andre@0: * running in parallel. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_CancelFunction) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_SESSION_HANDLE hSession /* the session's handle */ andre@0: ); andre@0: #endif andre@0: andre@0: andre@0: andre@0: /* Functions added in for PKCS #11 Version 2.01 or later */ andre@0: andre@0: /* C_WaitForSlotEvent waits for a slot event (token insertion, andre@0: * removal, etc.) to occur. */ andre@0: CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) andre@0: #ifdef CK_NEED_ARG_LIST andre@0: ( andre@0: CK_FLAGS flags, /* blocking/nonblocking flag */ andre@0: CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ andre@0: CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ andre@0: ); andre@0: #endif