1 /* pkcs11f.h include file for PKCS #11. */
   2 /* $Revision: 1.4 $ */
   3 
   4 /* License to copy and use this software is granted provided that it is
   5  * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
   6  * (Cryptoki)" in all material mentioning or referencing this software.
   7 
   8  * License is also granted to make and use derivative works provided that
   9  * such works are identified as "derived from the RSA Security Inc. PKCS #11
  10  * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
  11  * referencing the derived work.
  12 
  13  * RSA Security Inc. makes no representations concerning either the
  14  * merchantability of this software or the suitability of this software for
  15  * any particular purpose. It is provided "as is" without express or implied
  16  * warranty of any kind.
  17  */
  18 
  19 /* This header file contains pretty much everything about all the */
  20 /* Cryptoki function prototypes.  Because this information is */
  21 /* used for more than just declaring function prototypes, the */
  22 /* order of the functions appearing herein is important, and */
  23 /* should not be altered. */
  24 
  25 /* General-purpose */
  26 
  27 /* C_Initialize initializes the Cryptoki library. */
  28 CK_PKCS11_FUNCTION_INFO(C_Initialize)
  29 #ifdef CK_NEED_ARG_LIST
  30 (
  31   CK_VOID_PTR   pInitArgs  /* if this is not NULL_PTR, it gets
  32                             * cast to CK_C_INITIALIZE_ARGS_PTR
  33                             * and dereferenced */
  34 );
  35 #endif
  36 
  37 
  38 /* C_Finalize indicates that an application is done with the
  39  * Cryptoki library. */
  40 CK_PKCS11_FUNCTION_INFO(C_Finalize)
  41 #ifdef CK_NEED_ARG_LIST
  42 (
  43   CK_VOID_PTR   pReserved  /* reserved.  Should be NULL_PTR */
  44 );
  45 #endif
  46 
  47 
  48 /* C_GetInfo returns general information about Cryptoki. */
  49 CK_PKCS11_FUNCTION_INFO(C_GetInfo)
  50 #ifdef CK_NEED_ARG_LIST
  51 (
  52   CK_INFO_PTR   pInfo  /* location that receives information */
  53 );
  54 #endif
  55 
  56 
  57 /* C_GetFunctionList returns the function list. */
  58 CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
  59 #ifdef CK_NEED_ARG_LIST
  60 (
  61   CK_FUNCTION_LIST_PTR_PTR ppFunctionList  /* receives pointer to
  62                                             * function list */
  63 );
  64 #endif
  65 
  66 
  67 
  68 /* Slot and token management */
  69 
  70 /* C_GetSlotList obtains a list of slots in the system. */
  71 CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
  72 #ifdef CK_NEED_ARG_LIST
  73 (
  74   CK_BBOOL       tokenPresent,  /* only slots with tokens? */
  75   CK_SLOT_ID_PTR pSlotList,     /* receives array of slot IDs */
  76   CK_ULONG_PTR   pulCount       /* receives number of slots */
  77 );
  78 #endif
  79 
  80 
  81 /* C_GetSlotInfo obtains information about a particular slot in
  82  * the system. */
  83 CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
  84 #ifdef CK_NEED_ARG_LIST
  85 (
  86   CK_SLOT_ID       slotID,  /* the ID of the slot */
  87   CK_SLOT_INFO_PTR pInfo    /* receives the slot information */
  88 );
  89 #endif
  90 
  91 
  92 /* C_GetTokenInfo obtains information about a particular token
  93  * in the system. */
  94 CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
  95 #ifdef CK_NEED_ARG_LIST
  96 (
  97   CK_SLOT_ID        slotID,  /* ID of the token's slot */
  98   CK_TOKEN_INFO_PTR pInfo    /* receives the token information */
  99 );
 100 #endif
 101 
 102 
 103 /* C_GetMechanismList obtains a list of mechanism types
 104  * supported by a token. */
 105 CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
 106 #ifdef CK_NEED_ARG_LIST
 107 (
 108   CK_SLOT_ID            slotID,          /* ID of token's slot */
 109   CK_MECHANISM_TYPE_PTR pMechanismList,  /* gets mech. array */
 110   CK_ULONG_PTR          pulCount         /* gets # of mechs. */
 111 );
 112 #endif
 113 
 114 
 115 /* C_GetMechanismInfo obtains information about a particular
 116  * mechanism possibly supported by a token. */
 117 CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
 118 #ifdef CK_NEED_ARG_LIST
 119 (
 120   CK_SLOT_ID            slotID,  /* ID of the token's slot */
 121   CK_MECHANISM_TYPE     type,    /* type of mechanism */
 122   CK_MECHANISM_INFO_PTR pInfo    /* receives mechanism info */
 123 );
 124 #endif
 125 
 126 
 127 /* C_InitToken initializes a token. */
 128 CK_PKCS11_FUNCTION_INFO(C_InitToken)
 129 #ifdef CK_NEED_ARG_LIST
 130 /* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
 131 (
 132   CK_SLOT_ID      slotID,    /* ID of the token's slot */
 133   CK_UTF8CHAR_PTR pPin,      /* the SO's initial PIN */
 134   CK_ULONG        ulPinLen,  /* length in bytes of the PIN */
 135   CK_UTF8CHAR_PTR pLabel     /* 32-byte token label (blank padded) */
 136 );
 137 #endif
 138 
 139 
 140 /* C_InitPIN initializes the normal user's PIN. */
 141 CK_PKCS11_FUNCTION_INFO(C_InitPIN)
 142 #ifdef CK_NEED_ARG_LIST
 143 (
 144   CK_SESSION_HANDLE hSession,  /* the session's handle */
 145   CK_UTF8CHAR_PTR   pPin,      /* the normal user's PIN */
 146   CK_ULONG          ulPinLen   /* length in bytes of the PIN */
 147 );
 148 #endif
 149 
 150 
 151 /* C_SetPIN modifies the PIN of the user who is logged in. */
 152 CK_PKCS11_FUNCTION_INFO(C_SetPIN)
 153 #ifdef CK_NEED_ARG_LIST
 154 (
 155   CK_SESSION_HANDLE hSession,  /* the session's handle */
 156   CK_UTF8CHAR_PTR   pOldPin,   /* the old PIN */
 157   CK_ULONG          ulOldLen,  /* length of the old PIN */
 158   CK_UTF8CHAR_PTR   pNewPin,   /* the new PIN */
 159   CK_ULONG          ulNewLen   /* length of the new PIN */
 160 );
 161 #endif
 162 
 163 
 164 
 165 /* Session management */
 166 
 167 /* C_OpenSession opens a session between an application and a
 168  * token. */
 169 CK_PKCS11_FUNCTION_INFO(C_OpenSession)
 170 #ifdef CK_NEED_ARG_LIST
 171 (
 172   CK_SLOT_ID            slotID,        /* the slot's ID */
 173   CK_FLAGS              flags,         /* from CK_SESSION_INFO */
 174   CK_VOID_PTR           pApplication,  /* passed to callback */
 175   CK_NOTIFY             Notify,        /* callback function */
 176   CK_SESSION_HANDLE_PTR phSession      /* gets session handle */
 177 );
 178 #endif
 179 
 180 
 181 /* C_CloseSession closes a session between an application and a
 182  * token. */
 183 CK_PKCS11_FUNCTION_INFO(C_CloseSession)
 184 #ifdef CK_NEED_ARG_LIST
 185 (
 186   CK_SESSION_HANDLE hSession  /* the session's handle */
 187 );
 188 #endif
 189 
 190 
 191 /* C_CloseAllSessions closes all sessions with a token. */
 192 CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
 193 #ifdef CK_NEED_ARG_LIST
 194 (
 195   CK_SLOT_ID     slotID  /* the token's slot */
 196 );
 197 #endif
 198 
 199 
 200 /* C_GetSessionInfo obtains information about the session. */
 201 CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
 202 #ifdef CK_NEED_ARG_LIST
 203 (
 204   CK_SESSION_HANDLE   hSession,  /* the session's handle */
 205   CK_SESSION_INFO_PTR pInfo      /* receives session info */
 206 );
 207 #endif
 208 
 209 
 210 /* C_GetOperationState obtains the state of the cryptographic operation
 211  * in a session. */
 212 CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
 213 #ifdef CK_NEED_ARG_LIST
 214 (
 215   CK_SESSION_HANDLE hSession,             /* session's handle */
 216   CK_BYTE_PTR       pOperationState,      /* gets state */
 217   CK_ULONG_PTR      pulOperationStateLen  /* gets state length */
 218 );
 219 #endif
 220 
 221 
 222 /* C_SetOperationState restores the state of the cryptographic
 223  * operation in a session. */
 224 CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
 225 #ifdef CK_NEED_ARG_LIST
 226 (
 227   CK_SESSION_HANDLE hSession,            /* session's handle */
 228   CK_BYTE_PTR      pOperationState,      /* holds state */
 229   CK_ULONG         ulOperationStateLen,  /* holds state length */
 230   CK_OBJECT_HANDLE hEncryptionKey,       /* en/decryption key */
 231   CK_OBJECT_HANDLE hAuthenticationKey    /* sign/verify key */
 232 );
 233 #endif
 234 
 235 
 236 /* C_Login logs a user into a token. */
 237 CK_PKCS11_FUNCTION_INFO(C_Login)
 238 #ifdef CK_NEED_ARG_LIST
 239 (
 240   CK_SESSION_HANDLE hSession,  /* the session's handle */
 241   CK_USER_TYPE      userType,  /* the user type */
 242   CK_UTF8CHAR_PTR   pPin,      /* the user's PIN */
 243   CK_ULONG          ulPinLen   /* the length of the PIN */
 244 );
 245 #endif
 246 
 247 
 248 /* C_Logout logs a user out from a token. */
 249 CK_PKCS11_FUNCTION_INFO(C_Logout)
 250 #ifdef CK_NEED_ARG_LIST
 251 (
 252   CK_SESSION_HANDLE hSession  /* the session's handle */
 253 );
 254 #endif
 255 
 256 
 257 
 258 /* Object management */
 259 
 260 /* C_CreateObject creates a new object. */
 261 CK_PKCS11_FUNCTION_INFO(C_CreateObject)
 262 #ifdef CK_NEED_ARG_LIST
 263 (
 264   CK_SESSION_HANDLE hSession,    /* the session's handle */
 265   CK_ATTRIBUTE_PTR  pTemplate,   /* the object's template */
 266   CK_ULONG          ulCount,     /* attributes in template */
 267   CK_OBJECT_HANDLE_PTR phObject  /* gets new object's handle. */
 268 );
 269 #endif
 270 
 271 
 272 /* C_CopyObject copies an object, creating a new object for the
 273  * copy. */
 274 CK_PKCS11_FUNCTION_INFO(C_CopyObject)
 275 #ifdef CK_NEED_ARG_LIST
 276 (
 277   CK_SESSION_HANDLE    hSession,    /* the session's handle */
 278   CK_OBJECT_HANDLE     hObject,     /* the object's handle */
 279   CK_ATTRIBUTE_PTR     pTemplate,   /* template for new object */
 280   CK_ULONG             ulCount,     /* attributes in template */
 281   CK_OBJECT_HANDLE_PTR phNewObject  /* receives handle of copy */
 282 );
 283 #endif
 284 
 285 
 286 /* C_DestroyObject destroys an object. */
 287 CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
 288 #ifdef CK_NEED_ARG_LIST
 289 (
 290   CK_SESSION_HANDLE hSession,  /* the session's handle */
 291   CK_OBJECT_HANDLE  hObject    /* the object's handle */
 292 );
 293 #endif
 294 
 295 
 296 /* C_GetObjectSize gets the size of an object in bytes. */
 297 CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
 298 #ifdef CK_NEED_ARG_LIST
 299 (
 300   CK_SESSION_HANDLE hSession,  /* the session's handle */
 301   CK_OBJECT_HANDLE  hObject,   /* the object's handle */
 302   CK_ULONG_PTR      pulSize    /* receives size of object */
 303 );
 304 #endif
 305 
 306 
 307 /* C_GetAttributeValue obtains the value of one or more object
 308  * attributes. */
 309 CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
 310 #ifdef CK_NEED_ARG_LIST
 311 (
 312   CK_SESSION_HANDLE hSession,   /* the session's handle */
 313   CK_OBJECT_HANDLE  hObject,    /* the object's handle */
 314   CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs; gets vals */
 315   CK_ULONG          ulCount     /* attributes in template */
 316 );
 317 #endif
 318 
 319 
 320 /* C_SetAttributeValue modifies the value of one or more object
 321  * attributes */
 322 CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
 323 #ifdef CK_NEED_ARG_LIST
 324 (
 325   CK_SESSION_HANDLE hSession,   /* the session's handle */
 326   CK_OBJECT_HANDLE  hObject,    /* the object's handle */
 327   CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs and values */
 328   CK_ULONG          ulCount     /* attributes in template */
 329 );
 330 #endif
 331 
 332 
 333 /* C_FindObjectsInit initializes a search for token and session
 334  * objects that match a template. */
 335 CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
 336 #ifdef CK_NEED_ARG_LIST
 337 (
 338   CK_SESSION_HANDLE hSession,   /* the session's handle */
 339   CK_ATTRIBUTE_PTR  pTemplate,  /* attribute values to match */
 340   CK_ULONG          ulCount     /* attrs in search template */
 341 );
 342 #endif
 343 
 344 
 345 /* C_FindObjects continues a search for token and session
 346  * objects that match a template, obtaining additional object
 347  * handles. */
 348 CK_PKCS11_FUNCTION_INFO(C_FindObjects)
 349 #ifdef CK_NEED_ARG_LIST
 350 (
 351  CK_SESSION_HANDLE    hSession,          /* session's handle */
 352  CK_OBJECT_HANDLE_PTR phObject,          /* gets obj. handles */
 353  CK_ULONG             ulMaxObjectCount,  /* max handles to get */
 354  CK_ULONG_PTR         pulObjectCount     /* actual # returned */
 355 );
 356 #endif
 357 
 358 
 359 /* C_FindObjectsFinal finishes a search for token and session
 360  * objects. */
 361 CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
 362 #ifdef CK_NEED_ARG_LIST
 363 (
 364   CK_SESSION_HANDLE hSession  /* the session's handle */
 365 );
 366 #endif
 367 
 368 
 369 
 370 /* Encryption and decryption */
 371 
 372 /* C_EncryptInit initializes an encryption operation. */
 373 CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
 374 #ifdef CK_NEED_ARG_LIST
 375 (
 376   CK_SESSION_HANDLE hSession,    /* the session's handle */
 377   CK_MECHANISM_PTR  pMechanism,  /* the encryption mechanism */
 378   CK_OBJECT_HANDLE  hKey         /* handle of encryption key */
 379 );
 380 #endif
 381 
 382 
 383 /* C_Encrypt encrypts single-part data. */
 384 CK_PKCS11_FUNCTION_INFO(C_Encrypt)
 385 #ifdef CK_NEED_ARG_LIST
 386 (
 387   CK_SESSION_HANDLE hSession,            /* session's handle */
 388   CK_BYTE_PTR       pData,               /* the plaintext data */
 389   CK_ULONG          ulDataLen,           /* bytes of plaintext */
 390   CK_BYTE_PTR       pEncryptedData,      /* gets ciphertext */
 391   CK_ULONG_PTR      pulEncryptedDataLen  /* gets c-text size */
 392 );
 393 #endif
 394 
 395 
 396 /* C_EncryptUpdate continues a multiple-part encryption
 397  * operation. */
 398 CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
 399 #ifdef CK_NEED_ARG_LIST
 400 (
 401   CK_SESSION_HANDLE hSession,           /* session's handle */
 402   CK_BYTE_PTR       pPart,              /* the plaintext data */
 403   CK_ULONG          ulPartLen,          /* plaintext data len */
 404   CK_BYTE_PTR       pEncryptedPart,     /* gets ciphertext */
 405   CK_ULONG_PTR      pulEncryptedPartLen /* gets c-text size */
 406 );
 407 #endif
 408 
 409 
 410 /* C_EncryptFinal finishes a multiple-part encryption
 411  * operation. */
 412 CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
 413 #ifdef CK_NEED_ARG_LIST
 414 (
 415   CK_SESSION_HANDLE hSession,                /* session handle */
 416   CK_BYTE_PTR       pLastEncryptedPart,      /* last c-text */
 417   CK_ULONG_PTR      pulLastEncryptedPartLen  /* gets last size */
 418 );
 419 #endif
 420 
 421 
 422 /* C_DecryptInit initializes a decryption operation. */
 423 CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
 424 #ifdef CK_NEED_ARG_LIST
 425 (
 426   CK_SESSION_HANDLE hSession,    /* the session's handle */
 427   CK_MECHANISM_PTR  pMechanism,  /* the decryption mechanism */
 428   CK_OBJECT_HANDLE  hKey         /* handle of decryption key */
 429 );
 430 #endif
 431 
 432 
 433 /* C_Decrypt decrypts encrypted data in a single part. */
 434 CK_PKCS11_FUNCTION_INFO(C_Decrypt)
 435 #ifdef CK_NEED_ARG_LIST
 436 (
 437   CK_SESSION_HANDLE hSession,           /* session's handle */
 438   CK_BYTE_PTR       pEncryptedData,     /* ciphertext */
 439   CK_ULONG          ulEncryptedDataLen, /* ciphertext length */
 440   CK_BYTE_PTR       pData,              /* gets plaintext */
 441   CK_ULONG_PTR      pulDataLen          /* gets p-text size */
 442 );
 443 #endif
 444 
 445 
 446 /* C_DecryptUpdate continues a multiple-part decryption
 447  * operation. */
 448 CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
 449 #ifdef CK_NEED_ARG_LIST
 450 (
 451   CK_SESSION_HANDLE hSession,            /* session's handle */
 452   CK_BYTE_PTR       pEncryptedPart,      /* encrypted data */
 453   CK_ULONG          ulEncryptedPartLen,  /* input length */
 454   CK_BYTE_PTR       pPart,               /* gets plaintext */
 455   CK_ULONG_PTR      pulPartLen           /* p-text size */
 456 );
 457 #endif
 458 
 459 
 460 /* C_DecryptFinal finishes a multiple-part decryption
 461  * operation. */
 462 CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
 463 #ifdef CK_NEED_ARG_LIST
 464 (
 465   CK_SESSION_HANDLE hSession,       /* the session's handle */
 466   CK_BYTE_PTR       pLastPart,      /* gets plaintext */
 467   CK_ULONG_PTR      pulLastPartLen  /* p-text size */
 468 );
 469 #endif
 470 
 471 
 472 
 473 /* Message digesting */
 474 
 475 /* C_DigestInit initializes a message-digesting operation. */
 476 CK_PKCS11_FUNCTION_INFO(C_DigestInit)
 477 #ifdef CK_NEED_ARG_LIST
 478 (
 479   CK_SESSION_HANDLE hSession,   /* the session's handle */
 480   CK_MECHANISM_PTR  pMechanism  /* the digesting mechanism */
 481 );
 482 #endif
 483 
 484 
 485 /* C_Digest digests data in a single part. */
 486 CK_PKCS11_FUNCTION_INFO(C_Digest)
 487 #ifdef CK_NEED_ARG_LIST
 488 (
 489   CK_SESSION_HANDLE hSession,     /* the session's handle */
 490   CK_BYTE_PTR       pData,        /* data to be digested */
 491   CK_ULONG          ulDataLen,    /* bytes of data to digest */
 492   CK_BYTE_PTR       pDigest,      /* gets the message digest */
 493   CK_ULONG_PTR      pulDigestLen  /* gets digest length */
 494 );
 495 #endif
 496 
 497 
 498 /* C_DigestUpdate continues a multiple-part message-digesting
 499  * operation. */
 500 CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
 501 #ifdef CK_NEED_ARG_LIST
 502 (
 503   CK_SESSION_HANDLE hSession,  /* the session's handle */
 504   CK_BYTE_PTR       pPart,     /* data to be digested */
 505   CK_ULONG          ulPartLen  /* bytes of data to be digested */
 506 );
 507 #endif
 508 
 509 
 510 /* C_DigestKey continues a multi-part message-digesting
 511  * operation, by digesting the value of a secret key as part of
 512  * the data already digested. */
 513 CK_PKCS11_FUNCTION_INFO(C_DigestKey)
 514 #ifdef CK_NEED_ARG_LIST
 515 (
 516   CK_SESSION_HANDLE hSession,  /* the session's handle */
 517   CK_OBJECT_HANDLE  hKey       /* secret key to digest */
 518 );
 519 #endif
 520 
 521 
 522 /* C_DigestFinal finishes a multiple-part message-digesting
 523  * operation. */
 524 CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
 525 #ifdef CK_NEED_ARG_LIST
 526 (
 527   CK_SESSION_HANDLE hSession,     /* the session's handle */
 528   CK_BYTE_PTR       pDigest,      /* gets the message digest */
 529   CK_ULONG_PTR      pulDigestLen  /* gets byte count of digest */
 530 );
 531 #endif
 532 
 533 
 534 
 535 /* Signing and MACing */
 536 
 537 /* C_SignInit initializes a signature (private key encryption)
 538  * operation, where the signature is (will be) an appendix to
 539  * the data, and plaintext cannot be recovered from the
 540  *signature. */
 541 CK_PKCS11_FUNCTION_INFO(C_SignInit)
 542 #ifdef CK_NEED_ARG_LIST
 543 (
 544   CK_SESSION_HANDLE hSession,    /* the session's handle */
 545   CK_MECHANISM_PTR  pMechanism,  /* the signature mechanism */
 546   CK_OBJECT_HANDLE  hKey         /* handle of signature key */
 547 );
 548 #endif
 549 
 550 
 551 /* C_Sign signs (encrypts with private key) data in a single
 552  * part, where the signature is (will be) an appendix to the
 553  * data, and plaintext cannot be recovered from the signature. */
 554 CK_PKCS11_FUNCTION_INFO(C_Sign)
 555 #ifdef CK_NEED_ARG_LIST
 556 (
 557   CK_SESSION_HANDLE hSession,        /* the session's handle */
 558   CK_BYTE_PTR       pData,           /* the data to sign */
 559   CK_ULONG          ulDataLen,       /* count of bytes to sign */
 560   CK_BYTE_PTR       pSignature,      /* gets the signature */
 561   CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
 562 );
 563 #endif
 564 
 565 
 566 /* C_SignUpdate continues a multiple-part signature operation,
 567  * where the signature is (will be) an appendix to the data,
 568  * and plaintext cannot be recovered from the signature. */
 569 CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
 570 #ifdef CK_NEED_ARG_LIST
 571 (
 572   CK_SESSION_HANDLE hSession,  /* the session's handle */
 573   CK_BYTE_PTR       pPart,     /* the data to sign */
 574   CK_ULONG          ulPartLen  /* count of bytes to sign */
 575 );
 576 #endif
 577 
 578 
 579 /* C_SignFinal finishes a multiple-part signature operation,
 580  * returning the signature. */
 581 CK_PKCS11_FUNCTION_INFO(C_SignFinal)
 582 #ifdef CK_NEED_ARG_LIST
 583 (
 584   CK_SESSION_HANDLE hSession,        /* the session's handle */
 585   CK_BYTE_PTR       pSignature,      /* gets the signature */
 586   CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
 587 );
 588 #endif
 589 
 590 
 591 /* C_SignRecoverInit initializes a signature operation, where
 592  * the data can be recovered from the signature. */
 593 CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
 594 #ifdef CK_NEED_ARG_LIST
 595 (
 596   CK_SESSION_HANDLE hSession,   /* the session's handle */
 597   CK_MECHANISM_PTR  pMechanism, /* the signature mechanism */
 598   CK_OBJECT_HANDLE  hKey        /* handle of the signature key */
 599 );
 600 #endif
 601 
 602 
 603 /* C_SignRecover signs data in a single operation, where the
 604  * data can be recovered from the signature. */
 605 CK_PKCS11_FUNCTION_INFO(C_SignRecover)
 606 #ifdef CK_NEED_ARG_LIST
 607 (
 608   CK_SESSION_HANDLE hSession,        /* the session's handle */
 609   CK_BYTE_PTR       pData,           /* the data to sign */
 610   CK_ULONG          ulDataLen,       /* count of bytes to sign */
 611   CK_BYTE_PTR       pSignature,      /* gets the signature */
 612   CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
 613 );
 614 #endif
 615 
 616 
 617 
 618 /* Verifying signatures and MACs */
 619 
 620 /* C_VerifyInit initializes a verification operation, where the
 621  * signature is an appendix to the data, and plaintext cannot
 622  *  cannot be recovered from the signature (e.g. DSA). */
 623 CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
 624 #ifdef CK_NEED_ARG_LIST
 625 (
 626   CK_SESSION_HANDLE hSession,    /* the session's handle */
 627   CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
 628   CK_OBJECT_HANDLE  hKey         /* verification key */
 629 );
 630 #endif
 631 
 632 
 633 /* C_Verify verifies a signature in a single-part operation,
 634  * where the signature is an appendix to the data, and plaintext
 635  * cannot be recovered from the signature. */
 636 CK_PKCS11_FUNCTION_INFO(C_Verify)
 637 #ifdef CK_NEED_ARG_LIST
 638 (
 639   CK_SESSION_HANDLE hSession,       /* the session's handle */
 640   CK_BYTE_PTR       pData,          /* signed data */
 641   CK_ULONG          ulDataLen,      /* length of signed data */
 642   CK_BYTE_PTR       pSignature,     /* signature */
 643   CK_ULONG          ulSignatureLen  /* signature length*/
 644 );
 645 #endif
 646 
 647 
 648 /* C_VerifyUpdate continues a multiple-part verification
 649  * operation, where the signature is an appendix to the data,
 650  * and plaintext cannot be recovered from the signature. */
 651 CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
 652 #ifdef CK_NEED_ARG_LIST
 653 (
 654   CK_SESSION_HANDLE hSession,  /* the session's handle */
 655   CK_BYTE_PTR       pPart,     /* signed data */
 656   CK_ULONG          ulPartLen  /* length of signed data */
 657 );
 658 #endif
 659 
 660 
 661 /* C_VerifyFinal finishes a multiple-part verification
 662  * operation, checking the signature. */
 663 CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
 664 #ifdef CK_NEED_ARG_LIST
 665 (
 666   CK_SESSION_HANDLE hSession,       /* the session's handle */
 667   CK_BYTE_PTR       pSignature,     /* signature to verify */
 668   CK_ULONG          ulSignatureLen  /* signature length */
 669 );
 670 #endif
 671 
 672 
 673 /* C_VerifyRecoverInit initializes a signature verification
 674  * operation, where the data is recovered from the signature. */
 675 CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
 676 #ifdef CK_NEED_ARG_LIST
 677 (
 678   CK_SESSION_HANDLE hSession,    /* the session's handle */
 679   CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
 680   CK_OBJECT_HANDLE  hKey         /* verification key */
 681 );
 682 #endif
 683 
 684 
 685 /* C_VerifyRecover verifies a signature in a single-part
 686  * operation, where the data is recovered from the signature. */
 687 CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
 688 #ifdef CK_NEED_ARG_LIST
 689 (
 690   CK_SESSION_HANDLE hSession,        /* the session's handle */
 691   CK_BYTE_PTR       pSignature,      /* signature to verify */
 692   CK_ULONG          ulSignatureLen,  /* signature length */
 693   CK_BYTE_PTR       pData,           /* gets signed data */
 694   CK_ULONG_PTR      pulDataLen       /* gets signed data len */
 695 );
 696 #endif
 697 
 698 
 699 
 700 /* Dual-function cryptographic operations */
 701 
 702 /* C_DigestEncryptUpdate continues a multiple-part digesting
 703  * and encryption operation. */
 704 CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
 705 #ifdef CK_NEED_ARG_LIST
 706 (
 707   CK_SESSION_HANDLE hSession,            /* session's handle */
 708   CK_BYTE_PTR       pPart,               /* the plaintext data */
 709   CK_ULONG          ulPartLen,           /* plaintext length */
 710   CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
 711   CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
 712 );
 713 #endif
 714 
 715 
 716 /* C_DecryptDigestUpdate continues a multiple-part decryption and
 717  * digesting operation. */
 718 CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
 719 #ifdef CK_NEED_ARG_LIST
 720 (
 721   CK_SESSION_HANDLE hSession,            /* session's handle */
 722   CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
 723   CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
 724   CK_BYTE_PTR       pPart,               /* gets plaintext */
 725   CK_ULONG_PTR      pulPartLen           /* gets plaintext len */
 726 );
 727 #endif
 728 
 729 
 730 /* C_SignEncryptUpdate continues a multiple-part signing and
 731  * encryption operation. */
 732 CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
 733 #ifdef CK_NEED_ARG_LIST
 734 (
 735   CK_SESSION_HANDLE hSession,            /* session's handle */
 736   CK_BYTE_PTR       pPart,               /* the plaintext data */
 737   CK_ULONG          ulPartLen,           /* plaintext length */
 738   CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
 739   CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
 740 );
 741 #endif
 742 
 743 
 744 /* C_DecryptVerifyUpdate continues a multiple-part decryption and
 745  * verify operation. */
 746 CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
 747 #ifdef CK_NEED_ARG_LIST
 748 (
 749   CK_SESSION_HANDLE hSession,            /* session's handle */
 750   CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
 751   CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
 752   CK_BYTE_PTR       pPart,               /* gets plaintext */
 753   CK_ULONG_PTR      pulPartLen           /* gets p-text length */
 754 );
 755 #endif
 756 
 757 
 758 
 759 /* Key management */
 760 
 761 /* C_GenerateKey generates a secret key, creating a new key
 762  * object. */
 763 CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
 764 #ifdef CK_NEED_ARG_LIST
 765 (
 766   CK_SESSION_HANDLE    hSession,    /* the session's handle */
 767   CK_MECHANISM_PTR     pMechanism,  /* key generation mech. */
 768   CK_ATTRIBUTE_PTR     pTemplate,   /* template for new key */
 769   CK_ULONG             ulCount,     /* # of attrs in template */
 770   CK_OBJECT_HANDLE_PTR phKey        /* gets handle of new key */
 771 );
 772 #endif
 773 
 774 
 775 /* C_GenerateKeyPair generates a public-key/private-key pair,
 776  * creating new key objects. */
 777 CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
 778 #ifdef CK_NEED_ARG_LIST
 779 (
 780   CK_SESSION_HANDLE    hSession,                    /* session
 781                                                      * handle */
 782   CK_MECHANISM_PTR     pMechanism,                  /* key-gen
 783                                                      * mech. */
 784   CK_ATTRIBUTE_PTR     pPublicKeyTemplate,          /* template
 785                                                      * for pub.
 786                                                      * key */
 787   CK_ULONG             ulPublicKeyAttributeCount,   /* # pub.
 788                                                      * attrs. */
 789   CK_ATTRIBUTE_PTR     pPrivateKeyTemplate,         /* template
 790                                                      * for priv.
 791                                                      * key */
 792   CK_ULONG             ulPrivateKeyAttributeCount,  /* # priv.
 793                                                      * attrs. */
 794   CK_OBJECT_HANDLE_PTR phPublicKey,                 /* gets pub.
 795                                                      * key
 796                                                      * handle */
 797   CK_OBJECT_HANDLE_PTR phPrivateKey                 /* gets
 798                                                      * priv. key
 799                                                      * handle */
 800 );
 801 #endif
 802 
 803 
 804 /* C_WrapKey wraps (i.e., encrypts) a key. */
 805 CK_PKCS11_FUNCTION_INFO(C_WrapKey)
 806 #ifdef CK_NEED_ARG_LIST
 807 (
 808   CK_SESSION_HANDLE hSession,        /* the session's handle */
 809   CK_MECHANISM_PTR  pMechanism,      /* the wrapping mechanism */
 810   CK_OBJECT_HANDLE  hWrappingKey,    /* wrapping key */
 811   CK_OBJECT_HANDLE  hKey,            /* key to be wrapped */
 812   CK_BYTE_PTR       pWrappedKey,     /* gets wrapped key */
 813   CK_ULONG_PTR      pulWrappedKeyLen /* gets wrapped key size */
 814 );
 815 #endif
 816 
 817 
 818 /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
 819  * key object. */
 820 CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
 821 #ifdef CK_NEED_ARG_LIST
 822 (
 823   CK_SESSION_HANDLE    hSession,          /* session's handle */
 824   CK_MECHANISM_PTR     pMechanism,        /* unwrapping mech. */
 825   CK_OBJECT_HANDLE     hUnwrappingKey,    /* unwrapping key */
 826   CK_BYTE_PTR          pWrappedKey,       /* the wrapped key */
 827   CK_ULONG             ulWrappedKeyLen,   /* wrapped key len */
 828   CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
 829   CK_ULONG             ulAttributeCount,  /* template length */
 830   CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
 831 );
 832 #endif
 833 
 834 
 835 /* C_DeriveKey derives a key from a base key, creating a new key
 836  * object. */
 837 CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
 838 #ifdef CK_NEED_ARG_LIST
 839 (
 840   CK_SESSION_HANDLE    hSession,          /* session's handle */
 841   CK_MECHANISM_PTR     pMechanism,        /* key deriv. mech. */
 842   CK_OBJECT_HANDLE     hBaseKey,          /* base key */
 843   CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
 844   CK_ULONG             ulAttributeCount,  /* template length */
 845   CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
 846 );
 847 #endif
 848 
 849 
 850 
 851 /* Random number generation */
 852 
 853 /* C_SeedRandom mixes additional seed material into the token's
 854  * random number generator. */
 855 CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
 856 #ifdef CK_NEED_ARG_LIST
 857 (
 858   CK_SESSION_HANDLE hSession,  /* the session's handle */
 859   CK_BYTE_PTR       pSeed,     /* the seed material */
 860   CK_ULONG          ulSeedLen  /* length of seed material */
 861 );
 862 #endif
 863 
 864 
 865 /* C_GenerateRandom generates random data. */
 866 CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
 867 #ifdef CK_NEED_ARG_LIST
 868 (
 869   CK_SESSION_HANDLE hSession,    /* the session's handle */
 870   CK_BYTE_PTR       RandomData,  /* receives the random data */
 871   CK_ULONG          ulRandomLen  /* # of bytes to generate */
 872 );
 873 #endif
 874 
 875 
 876 
 877 /* Parallel function management */
 878 
 879 /* C_GetFunctionStatus is a legacy function; it obtains an
 880  * updated status of a function running in parallel with an
 881  * application. */
 882 CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
 883 #ifdef CK_NEED_ARG_LIST
 884 (
 885   CK_SESSION_HANDLE hSession  /* the session's handle */
 886 );
 887 #endif
 888 
 889 
 890 /* C_CancelFunction is a legacy function; it cancels a function
 891  * running in parallel. */
 892 CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
 893 #ifdef CK_NEED_ARG_LIST
 894 (
 895   CK_SESSION_HANDLE hSession  /* the session's handle */
 896 );
 897 #endif
 898 
 899 
 900 
 901 /* Functions added in for Cryptoki Version 2.01 or later */
 902 
 903 /* C_WaitForSlotEvent waits for a slot event (token insertion,
 904  * removal, etc.) to occur. */
 905 CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
 906 #ifdef CK_NEED_ARG_LIST
 907 (
 908   CK_FLAGS flags,        /* blocking/nonblocking flag */
 909   CK_SLOT_ID_PTR pSlot,  /* location that receives the slot ID */
 910   CK_VOID_PTR pRserved   /* reserved.  Should be NULL_PTR */
 911 );
 912 #endif