├── README.md
├── RELATED
└── RFC7512
│ ├── README.MD
│ └── rfc7512.pdf
├── v1.0
├── README.MD
└── pkcs-11.pdf
├── v2.01
├── README.MD
├── errata.txt
├── headers
│ ├── pkcs11.h
│ ├── pkcs11f.h
│ └── pkcs11t.h
└── v201.pdf
├── v2.0_DRAFT
├── README.MD
├── headers
│ ├── pkcs11.h
│ ├── pkcs11f.h
│ └── pkcs11t.h
├── pkcs11v2.pdf
└── v2drft2.pdf
├── v2.10
├── README.MD
├── headers
│ ├── pkcs11.h
│ ├── pkcs11f.h
│ └── pkcs11t.h
├── pkcs11Conformance.pdf
└── pkcs11v2-10.pdf
├── v2.11
├── README.MD
├── headers
│ ├── cryptoki.h
│ ├── pkcs11.h
│ ├── pkcs11f.h
│ └── pkcs11t.h
├── pkcs-11v2-11a1.pdf
├── pkcs-11v2-11errata.txt
├── pkcs-11v2-11mp.pdf
└── pkcs-11v2-11r1.pdf
├── v2.20
├── README.MD
├── headers
│ ├── cryptoki.h
│ ├── pkcs11.h
│ ├── pkcs11f.h
│ └── pkcs11t.h
├── pkcs-11v2-20.pdf
├── pkcs-11v2-20a1.pdf
├── pkcs-11v2-20a2.pdf
├── pkcs-11v2-20a3.pdf
└── pkcs-11v2-20errata.txt
├── v2.30_DRAFT
├── README.MD
├── headers
│ ├── pkcs11.h
│ ├── pkcs11f.h
│ └── pkcs11t.h
├── pkcs-11v2-30-d1.pdf
├── pkcs-11v2-30b-d6.pdf
├── pkcs-11v2-30m1-d7.pdf
└── pkcs-11v2-30m2-d3.pdf
├── v2.40
├── README.MD
├── headers
│ ├── pkcs11.h
│ ├── pkcs11f.h
│ └── pkcs11t.h
├── pkcs11-base-v2.40-errata01-os-complete.pdf
├── pkcs11-base-v2.40-errata01-os.pdf
├── pkcs11-base-v2.40-os.pdf
├── pkcs11-curr-v2.40-errata01-os-complete.pdf
├── pkcs11-curr-v2.40-errata01-os.pdf
├── pkcs11-curr-v2.40-os.pdf
├── pkcs11-hist-v2.40-errata01-os-complete.pdf
├── pkcs11-hist-v2.40-errata01-os.pdf
├── pkcs11-hist-v2.40-os.pdf
├── pkcs11-profiles-v2.40-os.pdf
└── pkcs11-ug-v2.40-cn02.pdf
├── v3.0
├── README.MD
├── headers
│ ├── pkcs11.h
│ ├── pkcs11f.h
│ └── pkcs11t.h
├── pkcs11-base-v3.0-os.pdf
├── pkcs11-curr-v3.0-os.pdf
├── pkcs11-hist-v3.0-os.pdf
└── pkcs11-profiles-v3.0-os.pdf
└── v3.1
├── README.MD
├── headers
├── pkcs11.h
├── pkcs11f.h
└── pkcs11t.h
├── pkcs11-profiles-v3.1-os.pdf
├── pkcs11-spec-v3.1-os.pdf
└── test-cases
├── mandatory
├── AUTH-M-1-31.xml
├── BL-M-1-31.xml
├── CERT-M-1-31.xml
└── EXT-M-1-31.xml
└── optional
└── .gitkeep
/README.md:
--------------------------------------------------------------------------------
1 | PKCS11-SPECS
2 | ============
3 |
4 | All versions of PKCS#11 specification in one place
5 |
6 | PKCS#11 specifications:
7 |
8 | 1995 - [PKCS#11 v1.0](v1.0)
9 | 1997 - [PKCS#11 v2.0](v2.0_DRAFT)
10 | 1997 - [PKCS#11 v2.01](v2.01)
11 | 1999 - [PKCS#11 v2.10](v2.10)
12 | 2001 - [PKCS#11 v2.11](v2.11)
13 | 2004 - [PKCS#11 v2.20](v2.20)
14 | 2009 - [PKCS#11 v2.30](v2.30_DRAFT)
15 | 2015 - [PKCS#11 v2.40](v2.40)
16 | 2020 - [PKCS#11 v3.0](v3.0)
17 | 2023 - [PKCS#11 v3.1](v3.1)
18 |
19 | Related specifications:
20 |
21 | 2015 - [RFC7512 - The PKCS#11 URI Scheme](RELATED/RFC7512)
22 |
--------------------------------------------------------------------------------
/RELATED/RFC7512/README.MD:
--------------------------------------------------------------------------------
1 | **RFC7512 : The PKCS#11 URI Scheme**
2 | [rfc7512.pdf](rfc7512.pdf) - April 2015
3 |
--------------------------------------------------------------------------------
/RELATED/RFC7512/rfc7512.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/RELATED/RFC7512/rfc7512.pdf
--------------------------------------------------------------------------------
/v1.0/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v1.0 : Cryptographic Token Interface Standard**
2 | [pkcs-11.pdf](pkcs-11.pdf) - 28 April 1995
3 |
--------------------------------------------------------------------------------
/v1.0/pkcs-11.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v1.0/pkcs-11.pdf
--------------------------------------------------------------------------------
/v2.01/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v2.01 : Cryptographic Token Interface Standard**
2 | [v201.pdf](v201.pdf) - 22 December 1997
3 |
4 | **PKCS#11 v2.01 : Errata**
5 | [errata.txt](errata.txt)
6 |
--------------------------------------------------------------------------------
/v2.01/errata.txt:
--------------------------------------------------------------------------------
1 | Section references in the Cryptoki Version 2.01 specification are
2 | all 0.
3 |
4 |
--------------------------------------------------------------------------------
/v2.01/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /* pkcs11.h include file for PKCS #11. 1997 December 22 */
2 |
3 | #ifndef _PKCS11_H_
4 | #define _PKCS11_H_ 1
5 |
6 | #ifdef __cplusplus
7 | extern "C" {
8 | #endif
9 |
10 | /* Before including this file (pkcs11.h) (or pkcs11t.h by
11 | * itself), 6 platform-specific macros must be defined. These
12 | * macros are described below, and typical definitions for them
13 | * are also given. Be advised that these definitions can depend
14 | * on both the platform and the compiler used (and possibly also
15 | * on whether a Cryptoki library is linked statically or
16 | * dynamically).
17 | *
18 | * In addition to defining these 6 macros, the packing convention
19 | * for Cryptoki structures should be set. The Cryptoki
20 | * convention on packing is that structures should be 1-byte
21 | * aligned.
22 | *
23 | * If you're using Microsoft Developer Studio 5.0 to produce
24 | * Win32 stuff, this might be done by using the following
25 | * preprocessor directive before including pkcs11.h or pkcs11t.h:
26 | *
27 | * #pragma pack(push, cryptoki, 1)
28 | *
29 | * and using the following preprocessor directive after including
30 | * pkcs11.h or pkcs11t.h:
31 | *
32 | * #pragma pack(pop, cryptoki)
33 | *
34 | * If you're using an earlier version of Microsoft Developer
35 | * Studio to produce Win16 stuff, this might be done by using
36 | * the following preprocessor directive before including
37 | * pkcs11.h or pkcs11t.h:
38 | *
39 | * #pragma pack(1)
40 | *
41 | * In a UNIX environment, you're on your own for this. You might
42 | * not need to do (or be able to do!) anything.
43 | *
44 | *
45 | * Now for the macros:
46 | *
47 | *
48 | * 1. CK_PTR: The indirection string for making a pointer to an
49 | * object. It can be used like this:
50 | *
51 | * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
52 | *
53 | * If you're using Microsoft Developer Studio 5.0 to produce
54 | * Win32 stuff, it might be defined by:
55 | *
56 | * #define CK_PTR *
57 | *
58 | * If you're using an earlier version of Microsoft Developer
59 | * Studio to produce Win16 stuff, it might be defined by:
60 | *
61 | * #define CK_PTR far *
62 | *
63 | * In a typical UNIX environment, it might be defined by:
64 | *
65 | * #define CK_PTR *
66 | *
67 | *
68 | * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
69 | * an exportable Cryptoki library function definition out of a
70 | * return type and a function name. It should be used in the
71 | * following fashion to define the exposed Cryptoki functions in
72 | * a Cryptoki library:
73 | *
74 | * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
75 | * CK_VOID_PTR pReserved
76 | * )
77 | * {
78 | * ...
79 | * }
80 | *
81 | * If you're using Microsoft Developer Studio 5.0 to define a
82 | * function in a Win32 Cryptoki .dll, it might be defined by:
83 | *
84 | * #define CK_DEFINE_FUNCTION(returnType, name) \
85 | * returnType __declspec(dllexport) name
86 | *
87 | * If you're using an earlier version of Microsoft Developer
88 | * Studio to define a function in a Win16 Cryptoki .dll, it
89 | * might be defined by:
90 | *
91 | * #define CK_DEFINE_FUNCTION(returnType, name) \
92 | * returnType __export _far _pascal name
93 | *
94 | * In a UNIX environment, it might be defined by:
95 | *
96 | * #define CK_DEFINE_FUNCTION(returnType, name) \
97 | * returnType name
98 | *
99 | *
100 | * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
101 | * an importable Cryptoki library function declaration out of a
102 | * return type and a function name. It should be used in the
103 | * following fashion:
104 | *
105 | * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
106 | * CK_VOID_PTR pReserved
107 | * );
108 | *
109 | * If you're using Microsoft Developer Studio 5.0 to declare a
110 | * function in a Win32 Cryptoki .dll, it might be defined by:
111 | *
112 | * #define CK_DECLARE_FUNCTION(returnType, name) \
113 | * returnType __declspec(dllimport) name
114 | *
115 | * If you're using an earlier version of Microsoft Developer
116 | * Studio to declare a function in a Win16 Cryptoki .dll, it
117 | * might be defined by:
118 | *
119 | * #define CK_DECLARE_FUNCTION(returnType, name) \
120 | * returnType __export _far _pascal name
121 | *
122 | * In a UNIX environment, it might be defined by:
123 | *
124 | * #define CK_DECLARE_FUNCTION(returnType, name) \
125 | * returnType name
126 | *
127 | *
128 | * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
129 | * which makes a Cryptoki API function pointer declaration or
130 | * function pointer type declaration out of a return type and a
131 | * function name. It should be used in the following fashion:
132 | *
133 | * // Define funcPtr to be a pointer to a Cryptoki API function
134 | * // taking arguments args and returning CK_RV.
135 | * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
136 | *
137 | * or
138 | *
139 | * // Define funcPtrType to be the type of a pointer to a
140 | * // Cryptoki API function taking arguments args and returning
141 | * // CK_RV, and then define funcPtr to be a variable of type
142 | * // funcPtrType.
143 | * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
144 | * funcPtrType funcPtr;
145 | *
146 | * If you're using Microsoft Developer Studio 5.0 to access
147 | * functions in a Win32 Cryptoki .dll, in might be defined by:
148 | *
149 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
150 | * returnType __declspec(dllimport) (* name)
151 | *
152 | * If you're using an earlier version of Microsoft Developer
153 | * Studio to access functions in a Win16 Cryptoki .dll, it might
154 | * be defined by:
155 | *
156 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
157 | * returnType __export _far _pascal (* name)
158 | *
159 | * In a UNIX environment, it might be defined by:
160 | *
161 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
162 | * returnType (* name)
163 | *
164 | *
165 | * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
166 | * a function pointer type for an application callback out of
167 | * a return type for the callback and a name for the callback.
168 | * It should be used in the following fashion:
169 | *
170 | * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
171 | *
172 | * to declare a function pointer, myCallback, to a callback
173 | * which takes arguments args and returns a CK_RV. It can also
174 | * be used like this:
175 | *
176 | * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
177 | * myCallbackType myCallback;
178 | *
179 | * If you're using Microsoft Developer Studio 5.0 to do Win32
180 | * Cryptoki development, it might be defined by:
181 | *
182 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
183 | * returnType (* name)
184 | *
185 | * If you're using an earlier version of Microsoft Developer
186 | * Studio to do Win16 development, it might be defined by:
187 | *
188 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
189 | * returnType _far _pascal (* name)
190 | *
191 | * In a UNIX environment, it might be defined by:
192 | *
193 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
194 | * returnType (* name)
195 | *
196 | *
197 | * 6. NULL_PTR: This macro is the value of a NULL pointer.
198 | *
199 | * In any ANSI/ISO C environment (and in many others as well),
200 | * this should best be defined by
201 | *
202 | * #ifndef NULL_PTR
203 | * #define NULL_PTR 0
204 | * #endif
205 | */
206 |
207 |
208 | /* All the various Cryptoki types and #define'd values are in the
209 | * file pkcs11t.h. */
210 | #include "pkcs11t.h"
211 |
212 | #define __PASTE(x,y) x##y
213 |
214 |
215 | /* ==============================================================
216 | * Define the "extern" form of all the entry points.
217 | * ==============================================================
218 | */
219 |
220 | #define CK_NEED_ARG_LIST 1
221 | #define CK_PKCS11_FUNCTION_INFO(name) \
222 | extern CK_DECLARE_FUNCTION(CK_RV, name)
223 |
224 | /* pkcs11f.h has all the information about the Cryptoki
225 | * function prototypes. */
226 | #include "pkcs11f.h"
227 |
228 | #undef CK_NEED_ARG_LIST
229 | #undef CK_PKCS11_FUNCTION_INFO
230 |
231 |
232 | /* ==============================================================
233 | * Define the typedef form of all the entry points. That is, for
234 | * each Cryptoki function C_XXX, define a type CK_C_XXX which is
235 | * a pointer to that kind of function.
236 | * ==============================================================
237 | */
238 |
239 | #define CK_NEED_ARG_LIST 1
240 | #define CK_PKCS11_FUNCTION_INFO(name) \
241 | typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
242 |
243 | /* pkcs11f.h has all the information about the Cryptoki
244 | * function prototypes. */
245 | #include "pkcs11f.h"
246 |
247 | #undef CK_NEED_ARG_LIST
248 | #undef CK_PKCS11_FUNCTION_INFO
249 |
250 |
251 | /* ==============================================================
252 | * Define structed vector of entry points. A CK_FUNCTION_LIST
253 | * contains a CK_VERSION indicating a library's Cryptoki version
254 | * and then a whole slew of function pointers to the routines in
255 | * the library. This type was declared, but not defined, in
256 | * pkcs11t.h.
257 | * ==============================================================
258 | */
259 |
260 | #define CK_PKCS11_FUNCTION_INFO(name) \
261 | __PASTE(CK_,name) name;
262 |
263 | struct CK_FUNCTION_LIST {
264 |
265 | CK_VERSION version; /* Cryptoki version */
266 |
267 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
268 | /* pkcs11f.h has all the information about the Cryptoki
269 | * function prototypes. */
270 | #include "pkcs11f.h"
271 |
272 | };
273 |
274 | #undef CK_PKCS11_FUNCTION_INFO
275 |
276 |
277 | #undef __PASTE
278 |
279 | #ifdef __cplusplus
280 | }
281 | #endif
282 |
283 | #endif
284 |
--------------------------------------------------------------------------------
/v2.01/headers/pkcs11f.h:
--------------------------------------------------------------------------------
1 | /* pkcs11f.h include file for PKCS #11. 1997 December 22 */
2 |
3 | /* This function contains pretty much everything about all the */
4 | /* Cryptoki function prototypes. Because this information is */
5 | /* used for more than just declaring function prototypes, the */
6 | /* order of the functions appearing herein is important, and */
7 | /* should not be altered. */
8 |
9 |
10 |
11 | /* General-purpose */
12 |
13 | /* C_Initialize initializes the Cryptoki library. */
14 | CK_PKCS11_FUNCTION_INFO(C_Initialize)
15 | #ifdef CK_NEED_ARG_LIST
16 | (
17 | CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
18 | * cast to CK_C_INITIALIZE_ARGS_PTR
19 | * and dereferenced */
20 | );
21 | #endif
22 |
23 |
24 | /* C_Finalize indicates that an application is done with the
25 | * Cryptoki library. */
26 | CK_PKCS11_FUNCTION_INFO(C_Finalize)
27 | #ifdef CK_NEED_ARG_LIST
28 | (
29 | CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
30 | );
31 | #endif
32 |
33 |
34 | /* C_GetInfo returns general information about Cryptoki. */
35 | CK_PKCS11_FUNCTION_INFO(C_GetInfo)
36 | #ifdef CK_NEED_ARG_LIST
37 | (
38 | CK_INFO_PTR pInfo /* location that receives information */
39 | );
40 | #endif
41 |
42 |
43 | /* C_GetFunctionList returns the function list. */
44 | CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
45 | #ifdef CK_NEED_ARG_LIST
46 | (
47 | CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
48 | * function list */
49 | );
50 | #endif
51 |
52 |
53 |
54 | /* Slot and token management */
55 |
56 | /* C_GetSlotList obtains a list of slots in the system. */
57 | CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
58 | #ifdef CK_NEED_ARG_LIST
59 | (
60 | CK_BBOOL tokenPresent, /* only slots with tokens? */
61 | CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
62 | CK_ULONG_PTR pulCount /* receives number of slots */
63 | );
64 | #endif
65 |
66 |
67 | /* C_GetSlotInfo obtains information about a particular slot in
68 | * the system. */
69 | CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
70 | #ifdef CK_NEED_ARG_LIST
71 | (
72 | CK_SLOT_ID slotID, /* the ID of the slot */
73 | CK_SLOT_INFO_PTR pInfo /* receives the slot information */
74 | );
75 | #endif
76 |
77 |
78 | /* C_GetTokenInfo obtains information about a particular token
79 | * in the system. */
80 | CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
81 | #ifdef CK_NEED_ARG_LIST
82 | (
83 | CK_SLOT_ID slotID, /* ID of the token's slot */
84 | CK_TOKEN_INFO_PTR pInfo /* receives the token information */
85 | );
86 | #endif
87 |
88 |
89 | /* C_GetMechanismList obtains a list of mechanism types
90 | * supported by a token. */
91 | CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
92 | #ifdef CK_NEED_ARG_LIST
93 | (
94 | CK_SLOT_ID slotID, /* ID of token's slot */
95 | CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
96 | CK_ULONG_PTR pulCount /* gets # of mechs. */
97 | );
98 | #endif
99 |
100 |
101 | /* C_GetMechanismInfo obtains information about a particular
102 | * mechanism possibly supported by a token. */
103 | CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
104 | #ifdef CK_NEED_ARG_LIST
105 | (
106 | CK_SLOT_ID slotID, /* ID of the token's slot */
107 | CK_MECHANISM_TYPE type, /* type of mechanism */
108 | CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
109 | );
110 | #endif
111 |
112 |
113 | /* C_InitToken initializes a token. */
114 | CK_PKCS11_FUNCTION_INFO(C_InitToken)
115 | #ifdef CK_NEED_ARG_LIST
116 | (
117 | CK_SLOT_ID slotID, /* ID of the token's slot */
118 | CK_CHAR_PTR pPin, /* the SO's initial PIN */
119 | CK_ULONG ulPinLen, /* length in bytes of the PIN */
120 | CK_CHAR_PTR pLabel /* 32-byte token label (blank padded) */
121 | );
122 | #endif
123 |
124 |
125 | /* C_InitPIN initializes the normal user's PIN. */
126 | CK_PKCS11_FUNCTION_INFO(C_InitPIN)
127 | #ifdef CK_NEED_ARG_LIST
128 | (
129 | CK_SESSION_HANDLE hSession, /* the session's handle */
130 | CK_CHAR_PTR pPin, /* the normal user's PIN */
131 | CK_ULONG ulPinLen /* length in bytes of the PIN */
132 | );
133 | #endif
134 |
135 |
136 | /* C_SetPIN modifies the PIN of the user who is logged in. */
137 | CK_PKCS11_FUNCTION_INFO(C_SetPIN)
138 | #ifdef CK_NEED_ARG_LIST
139 | (
140 | CK_SESSION_HANDLE hSession, /* the session's handle */
141 | CK_CHAR_PTR pOldPin, /* the old PIN */
142 | CK_ULONG ulOldLen, /* length of the old PIN */
143 | CK_CHAR_PTR pNewPin, /* the new PIN */
144 | CK_ULONG ulNewLen /* length of the new PIN */
145 | );
146 | #endif
147 |
148 |
149 |
150 | /* Session management */
151 |
152 | /* C_OpenSession opens a session between an application and a
153 | * token. */
154 | CK_PKCS11_FUNCTION_INFO(C_OpenSession)
155 | #ifdef CK_NEED_ARG_LIST
156 | (
157 | CK_SLOT_ID slotID, /* the slot's ID */
158 | CK_FLAGS flags, /* from CK_SESSION_INFO */
159 | CK_VOID_PTR pApplication, /* passed to callback */
160 | CK_NOTIFY Notify, /* callback function */
161 | CK_SESSION_HANDLE_PTR phSession /* gets session handle */
162 | );
163 | #endif
164 |
165 |
166 | /* C_CloseSession closes a session between an application and a
167 | * token. */
168 | CK_PKCS11_FUNCTION_INFO(C_CloseSession)
169 | #ifdef CK_NEED_ARG_LIST
170 | (
171 | CK_SESSION_HANDLE hSession /* the session's handle */
172 | );
173 | #endif
174 |
175 |
176 | /* C_CloseAllSessions closes all sessions with a token. */
177 | CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
178 | #ifdef CK_NEED_ARG_LIST
179 | (
180 | CK_SLOT_ID slotID /* the token's slot */
181 | );
182 | #endif
183 |
184 |
185 | /* C_GetSessionInfo obtains information about the session. */
186 | CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
187 | #ifdef CK_NEED_ARG_LIST
188 | (
189 | CK_SESSION_HANDLE hSession, /* the session's handle */
190 | CK_SESSION_INFO_PTR pInfo /* receives session info */
191 | );
192 | #endif
193 |
194 |
195 | /* C_GetOperationState obtains the state of the cryptographic operation
196 | * in a session. */
197 | CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
198 | #ifdef CK_NEED_ARG_LIST
199 | (
200 | CK_SESSION_HANDLE hSession, /* session's handle */
201 | CK_BYTE_PTR pOperationState, /* gets state */
202 | CK_ULONG_PTR pulOperationStateLen /* gets state length */
203 | );
204 | #endif
205 |
206 |
207 | /* C_SetOperationState restores the state of the cryptographic
208 | * operation in a session. */
209 | CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
210 | #ifdef CK_NEED_ARG_LIST
211 | (
212 | CK_SESSION_HANDLE hSession, /* session's handle */
213 | CK_BYTE_PTR pOperationState, /* holds state */
214 | CK_ULONG ulOperationStateLen, /* holds state length */
215 | CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
216 | CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
217 | );
218 | #endif
219 |
220 |
221 | /* C_Login logs a user into a token. */
222 | CK_PKCS11_FUNCTION_INFO(C_Login)
223 | #ifdef CK_NEED_ARG_LIST
224 | (
225 | CK_SESSION_HANDLE hSession, /* the session's handle */
226 | CK_USER_TYPE userType, /* the user type */
227 | CK_CHAR_PTR pPin, /* the user's PIN */
228 | CK_ULONG ulPinLen /* the length of the PIN */
229 | );
230 | #endif
231 |
232 |
233 | /* C_Logout logs a user out from a token. */
234 | CK_PKCS11_FUNCTION_INFO(C_Logout)
235 | #ifdef CK_NEED_ARG_LIST
236 | (
237 | CK_SESSION_HANDLE hSession /* the session's handle */
238 | );
239 | #endif
240 |
241 |
242 |
243 | /* Object management */
244 |
245 | /* C_CreateObject creates a new object. */
246 | CK_PKCS11_FUNCTION_INFO(C_CreateObject)
247 | #ifdef CK_NEED_ARG_LIST
248 | (
249 | CK_SESSION_HANDLE hSession, /* the session's handle */
250 | CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
251 | CK_ULONG ulCount, /* attributes in template */
252 | CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
253 | );
254 | #endif
255 |
256 |
257 | /* C_CopyObject copies an object, creating a new object for the
258 | * copy. */
259 | CK_PKCS11_FUNCTION_INFO(C_CopyObject)
260 | #ifdef CK_NEED_ARG_LIST
261 | (
262 | CK_SESSION_HANDLE hSession, /* the session's handle */
263 | CK_OBJECT_HANDLE hObject, /* the object's handle */
264 | CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
265 | CK_ULONG ulCount, /* attributes in template */
266 | CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
267 | );
268 | #endif
269 |
270 |
271 | /* C_DestroyObject destroys an object. */
272 | CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
273 | #ifdef CK_NEED_ARG_LIST
274 | (
275 | CK_SESSION_HANDLE hSession, /* the session's handle */
276 | CK_OBJECT_HANDLE hObject /* the object's handle */
277 | );
278 | #endif
279 |
280 |
281 | /* C_GetObjectSize gets the size of an object in bytes. */
282 | CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
283 | #ifdef CK_NEED_ARG_LIST
284 | (
285 | CK_SESSION_HANDLE hSession, /* the session's handle */
286 | CK_OBJECT_HANDLE hObject, /* the object's handle */
287 | CK_ULONG_PTR pulSize /* receives size of object */
288 | );
289 | #endif
290 |
291 |
292 | /* C_GetAttributeValue obtains the value of one or more object
293 | * attributes. */
294 | CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
295 | #ifdef CK_NEED_ARG_LIST
296 | (
297 | CK_SESSION_HANDLE hSession, /* the session's handle */
298 | CK_OBJECT_HANDLE hObject, /* the object's handle */
299 | CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
300 | CK_ULONG ulCount /* attributes in template */
301 | );
302 | #endif
303 |
304 |
305 | /* C_SetAttributeValue modifies the value of one or more object
306 | * attributes */
307 | CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
308 | #ifdef CK_NEED_ARG_LIST
309 | (
310 | CK_SESSION_HANDLE hSession, /* the session's handle */
311 | CK_OBJECT_HANDLE hObject, /* the object's handle */
312 | CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
313 | CK_ULONG ulCount /* attributes in template */
314 | );
315 | #endif
316 |
317 |
318 | /* C_FindObjectsInit initializes a search for token and session
319 | * objects that match a template. */
320 | CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
321 | #ifdef CK_NEED_ARG_LIST
322 | (
323 | CK_SESSION_HANDLE hSession, /* the session's handle */
324 | CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
325 | CK_ULONG ulCount /* attrs in search template */
326 | );
327 | #endif
328 |
329 |
330 | /* C_FindObjects continues a search for token and session
331 | * objects that match a template, obtaining additional object
332 | * handles. */
333 | CK_PKCS11_FUNCTION_INFO(C_FindObjects)
334 | #ifdef CK_NEED_ARG_LIST
335 | (
336 | CK_SESSION_HANDLE hSession, /* session's handle */
337 | CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
338 | CK_ULONG ulMaxObjectCount, /* max handles to get */
339 | CK_ULONG_PTR pulObjectCount /* actual # returned */
340 | );
341 | #endif
342 |
343 |
344 | /* C_FindObjectsFinal finishes a search for token and session
345 | * objects. */
346 | CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
347 | #ifdef CK_NEED_ARG_LIST
348 | (
349 | CK_SESSION_HANDLE hSession /* the session's handle */
350 | );
351 | #endif
352 |
353 |
354 |
355 | /* Encryption and decryption */
356 |
357 | /* C_EncryptInit initializes an encryption operation. */
358 | CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
359 | #ifdef CK_NEED_ARG_LIST
360 | (
361 | CK_SESSION_HANDLE hSession, /* the session's handle */
362 | CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
363 | CK_OBJECT_HANDLE hKey /* handle of encryption key */
364 | );
365 | #endif
366 |
367 |
368 | /* C_Encrypt encrypts single-part data. */
369 | CK_PKCS11_FUNCTION_INFO(C_Encrypt)
370 | #ifdef CK_NEED_ARG_LIST
371 | (
372 | CK_SESSION_HANDLE hSession, /* session's handle */
373 | CK_BYTE_PTR pData, /* the plaintext data */
374 | CK_ULONG ulDataLen, /* bytes of plaintext */
375 | CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
376 | CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
377 | );
378 | #endif
379 |
380 |
381 | /* C_EncryptUpdate continues a multiple-part encryption
382 | * operation. */
383 | CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
384 | #ifdef CK_NEED_ARG_LIST
385 | (
386 | CK_SESSION_HANDLE hSession, /* session's handle */
387 | CK_BYTE_PTR pPart, /* the plaintext data */
388 | CK_ULONG ulPartLen, /* plaintext data len */
389 | CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
390 | CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
391 | );
392 | #endif
393 |
394 |
395 | /* C_EncryptFinal finishes a multiple-part encryption
396 | * operation. */
397 | CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
398 | #ifdef CK_NEED_ARG_LIST
399 | (
400 | CK_SESSION_HANDLE hSession, /* session handle */
401 | CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
402 | CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
403 | );
404 | #endif
405 |
406 |
407 | /* C_DecryptInit initializes a decryption operation. */
408 | CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
409 | #ifdef CK_NEED_ARG_LIST
410 | (
411 | CK_SESSION_HANDLE hSession, /* the session's handle */
412 | CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
413 | CK_OBJECT_HANDLE hKey /* handle of decryption key */
414 | );
415 | #endif
416 |
417 |
418 | /* C_Decrypt decrypts encrypted data in a single part. */
419 | CK_PKCS11_FUNCTION_INFO(C_Decrypt)
420 | #ifdef CK_NEED_ARG_LIST
421 | (
422 | CK_SESSION_HANDLE hSession, /* session's handle */
423 | CK_BYTE_PTR pEncryptedData, /* ciphertext */
424 | CK_ULONG ulEncryptedDataLen, /* ciphertext length */
425 | CK_BYTE_PTR pData, /* gets plaintext */
426 | CK_ULONG_PTR pulDataLen /* gets p-text size */
427 | );
428 | #endif
429 |
430 |
431 | /* C_DecryptUpdate continues a multiple-part decryption
432 | * operation. */
433 | CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
434 | #ifdef CK_NEED_ARG_LIST
435 | (
436 | CK_SESSION_HANDLE hSession, /* session's handle */
437 | CK_BYTE_PTR pEncryptedPart, /* encrypted data */
438 | CK_ULONG ulEncryptedPartLen, /* input length */
439 | CK_BYTE_PTR pPart, /* gets plaintext */
440 | CK_ULONG_PTR pulPartLen /* p-text size */
441 | );
442 | #endif
443 |
444 |
445 | /* C_DecryptFinal finishes a multiple-part decryption
446 | * operation. */
447 | CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
448 | #ifdef CK_NEED_ARG_LIST
449 | (
450 | CK_SESSION_HANDLE hSession, /* the session's handle */
451 | CK_BYTE_PTR pLastPart, /* gets plaintext */
452 | CK_ULONG_PTR pulLastPartLen /* p-text size */
453 | );
454 | #endif
455 |
456 |
457 |
458 | /* Message digesting */
459 |
460 | /* C_DigestInit initializes a message-digesting operation. */
461 | CK_PKCS11_FUNCTION_INFO(C_DigestInit)
462 | #ifdef CK_NEED_ARG_LIST
463 | (
464 | CK_SESSION_HANDLE hSession, /* the session's handle */
465 | CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
466 | );
467 | #endif
468 |
469 |
470 | /* C_Digest digests data in a single part. */
471 | CK_PKCS11_FUNCTION_INFO(C_Digest)
472 | #ifdef CK_NEED_ARG_LIST
473 | (
474 | CK_SESSION_HANDLE hSession, /* the session's handle */
475 | CK_BYTE_PTR pData, /* data to be digested */
476 | CK_ULONG ulDataLen, /* bytes of data to digest */
477 | CK_BYTE_PTR pDigest, /* gets the message digest */
478 | CK_ULONG_PTR pulDigestLen /* gets digest length */
479 | );
480 | #endif
481 |
482 |
483 | /* C_DigestUpdate continues a multiple-part message-digesting
484 | * operation. */
485 | CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
486 | #ifdef CK_NEED_ARG_LIST
487 | (
488 | CK_SESSION_HANDLE hSession, /* the session's handle */
489 | CK_BYTE_PTR pPart, /* data to be digested */
490 | CK_ULONG ulPartLen /* bytes of data to be digested */
491 | );
492 | #endif
493 |
494 |
495 | /* C_DigestKey continues a multi-part message-digesting
496 | * operation, by digesting the value of a secret key as part of
497 | * the data already digested. */
498 | CK_PKCS11_FUNCTION_INFO(C_DigestKey)
499 | #ifdef CK_NEED_ARG_LIST
500 | (
501 | CK_SESSION_HANDLE hSession, /* the session's handle */
502 | CK_OBJECT_HANDLE hKey /* secret key to digest */
503 | );
504 | #endif
505 |
506 |
507 | /* C_DigestFinal finishes a multiple-part message-digesting
508 | * operation. */
509 | CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
510 | #ifdef CK_NEED_ARG_LIST
511 | (
512 | CK_SESSION_HANDLE hSession, /* the session's handle */
513 | CK_BYTE_PTR pDigest, /* gets the message digest */
514 | CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
515 | );
516 | #endif
517 |
518 |
519 |
520 | /* Signing and MACing */
521 |
522 | /* C_SignInit initializes a signature (private key encryption)
523 | * operation, where the signature is (will be) an appendix to
524 | * the data, and plaintext cannot be recovered from the
525 | *signature. */
526 | CK_PKCS11_FUNCTION_INFO(C_SignInit)
527 | #ifdef CK_NEED_ARG_LIST
528 | (
529 | CK_SESSION_HANDLE hSession, /* the session's handle */
530 | CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
531 | CK_OBJECT_HANDLE hKey /* handle of signature key */
532 | );
533 | #endif
534 |
535 |
536 | /* C_Sign signs (encrypts with private key) data in a single
537 | * part, where the signature is (will be) an appendix to the
538 | * data, and plaintext cannot be recovered from the signature. */
539 | CK_PKCS11_FUNCTION_INFO(C_Sign)
540 | #ifdef CK_NEED_ARG_LIST
541 | (
542 | CK_SESSION_HANDLE hSession, /* the session's handle */
543 | CK_BYTE_PTR pData, /* the data to sign */
544 | CK_ULONG ulDataLen, /* count of bytes to sign */
545 | CK_BYTE_PTR pSignature, /* gets the signature */
546 | CK_ULONG_PTR pulSignatureLen /* gets signature length */
547 | );
548 | #endif
549 |
550 |
551 | /* C_SignUpdate continues a multiple-part signature operation,
552 | * where the signature is (will be) an appendix to the data,
553 | * and plaintext cannot be recovered from the signature. */
554 | CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
555 | #ifdef CK_NEED_ARG_LIST
556 | (
557 | CK_SESSION_HANDLE hSession, /* the session's handle */
558 | CK_BYTE_PTR pPart, /* the data to sign */
559 | CK_ULONG ulPartLen /* count of bytes to sign */
560 | );
561 | #endif
562 |
563 |
564 | /* C_SignFinal finishes a multiple-part signature operation,
565 | * returning the signature. */
566 | CK_PKCS11_FUNCTION_INFO(C_SignFinal)
567 | #ifdef CK_NEED_ARG_LIST
568 | (
569 | CK_SESSION_HANDLE hSession, /* the session's handle */
570 | CK_BYTE_PTR pSignature, /* gets the signature */
571 | CK_ULONG_PTR pulSignatureLen /* gets signature length */
572 | );
573 | #endif
574 |
575 |
576 | /* C_SignRecoverInit initializes a signature operation, where
577 | * the data can be recovered from the signature. */
578 | CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
579 | #ifdef CK_NEED_ARG_LIST
580 | (
581 | CK_SESSION_HANDLE hSession, /* the session's handle */
582 | CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
583 | CK_OBJECT_HANDLE hKey /* handle of the signature key */
584 | );
585 | #endif
586 |
587 |
588 | /* C_SignRecover signs data in a single operation, where the
589 | * data can be recovered from the signature. */
590 | CK_PKCS11_FUNCTION_INFO(C_SignRecover)
591 | #ifdef CK_NEED_ARG_LIST
592 | (
593 | CK_SESSION_HANDLE hSession, /* the session's handle */
594 | CK_BYTE_PTR pData, /* the data to sign */
595 | CK_ULONG ulDataLen, /* count of bytes to sign */
596 | CK_BYTE_PTR pSignature, /* gets the signature */
597 | CK_ULONG_PTR pulSignatureLen /* gets signature length */
598 | );
599 | #endif
600 |
601 |
602 |
603 | /* Verifying signatures and MACs */
604 |
605 | /* C_VerifyInit initializes a verification operation, where the
606 | * signature is an appendix to the data, and plaintext cannot
607 | * cannot be recovered from the signature (e.g. DSA). */
608 | CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
609 | #ifdef CK_NEED_ARG_LIST
610 | (
611 | CK_SESSION_HANDLE hSession, /* the session's handle */
612 | CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
613 | CK_OBJECT_HANDLE hKey /* verification key */
614 | );
615 | #endif
616 |
617 |
618 | /* C_Verify verifies a signature in a single-part operation,
619 | * where the signature is an appendix to the data, and plaintext
620 | * cannot be recovered from the signature. */
621 | CK_PKCS11_FUNCTION_INFO(C_Verify)
622 | #ifdef CK_NEED_ARG_LIST
623 | (
624 | CK_SESSION_HANDLE hSession, /* the session's handle */
625 | CK_BYTE_PTR pData, /* signed data */
626 | CK_ULONG ulDataLen, /* length of signed data */
627 | CK_BYTE_PTR pSignature, /* signature */
628 | CK_ULONG ulSignatureLen /* signature length*/
629 | );
630 | #endif
631 |
632 |
633 | /* C_VerifyUpdate continues a multiple-part verification
634 | * operation, where the signature is an appendix to the data,
635 | * and plaintext cannot be recovered from the signature. */
636 | CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
637 | #ifdef CK_NEED_ARG_LIST
638 | (
639 | CK_SESSION_HANDLE hSession, /* the session's handle */
640 | CK_BYTE_PTR pPart, /* signed data */
641 | CK_ULONG ulPartLen /* length of signed data */
642 | );
643 | #endif
644 |
645 |
646 | /* C_VerifyFinal finishes a multiple-part verification
647 | * operation, checking the signature. */
648 | CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
649 | #ifdef CK_NEED_ARG_LIST
650 | (
651 | CK_SESSION_HANDLE hSession, /* the session's handle */
652 | CK_BYTE_PTR pSignature, /* signature to verify */
653 | CK_ULONG ulSignatureLen /* signature length */
654 | );
655 | #endif
656 |
657 |
658 | /* C_VerifyRecoverInit initializes a signature verification
659 | * operation, where the data is recovered from the signature. */
660 | CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
661 | #ifdef CK_NEED_ARG_LIST
662 | (
663 | CK_SESSION_HANDLE hSession, /* the session's handle */
664 | CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
665 | CK_OBJECT_HANDLE hKey /* verification key */
666 | );
667 | #endif
668 |
669 |
670 | /* C_VerifyRecover verifies a signature in a single-part
671 | * operation, where the data is recovered from the signature. */
672 | CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
673 | #ifdef CK_NEED_ARG_LIST
674 | (
675 | CK_SESSION_HANDLE hSession, /* the session's handle */
676 | CK_BYTE_PTR pSignature, /* signature to verify */
677 | CK_ULONG ulSignatureLen, /* signature length */
678 | CK_BYTE_PTR pData, /* gets signed data */
679 | CK_ULONG_PTR pulDataLen /* gets signed data len */
680 | );
681 | #endif
682 |
683 |
684 |
685 | /* Dual-function cryptographic operations */
686 |
687 | /* C_DigestEncryptUpdate continues a multiple-part digesting
688 | * and encryption operation. */
689 | CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
690 | #ifdef CK_NEED_ARG_LIST
691 | (
692 | CK_SESSION_HANDLE hSession, /* session's handle */
693 | CK_BYTE_PTR pPart, /* the plaintext data */
694 | CK_ULONG ulPartLen, /* plaintext length */
695 | CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
696 | CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
697 | );
698 | #endif
699 |
700 |
701 | /* C_DecryptDigestUpdate continues a multiple-part decryption and
702 | * digesting operation. */
703 | CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
704 | #ifdef CK_NEED_ARG_LIST
705 | (
706 | CK_SESSION_HANDLE hSession, /* session's handle */
707 | CK_BYTE_PTR pEncryptedPart, /* ciphertext */
708 | CK_ULONG ulEncryptedPartLen, /* ciphertext length */
709 | CK_BYTE_PTR pPart, /* gets plaintext */
710 | CK_ULONG_PTR pulPartLen /* gets plaintext len */
711 | );
712 | #endif
713 |
714 |
715 | /* C_SignEncryptUpdate continues a multiple-part signing and
716 | * encryption operation. */
717 | CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
718 | #ifdef CK_NEED_ARG_LIST
719 | (
720 | CK_SESSION_HANDLE hSession, /* session's handle */
721 | CK_BYTE_PTR pPart, /* the plaintext data */
722 | CK_ULONG ulPartLen, /* plaintext length */
723 | CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
724 | CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
725 | );
726 | #endif
727 |
728 |
729 | /* C_DecryptVerifyUpdate continues a multiple-part decryption and
730 | * verify operation. */
731 | CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
732 | #ifdef CK_NEED_ARG_LIST
733 | (
734 | CK_SESSION_HANDLE hSession, /* session's handle */
735 | CK_BYTE_PTR pEncryptedPart, /* ciphertext */
736 | CK_ULONG ulEncryptedPartLen, /* ciphertext length */
737 | CK_BYTE_PTR pPart, /* gets plaintext */
738 | CK_ULONG_PTR pulPartLen /* gets p-text length */
739 | );
740 | #endif
741 |
742 |
743 |
744 | /* Key management */
745 |
746 | /* C_GenerateKey generates a secret key, creating a new key
747 | * object. */
748 | CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
749 | #ifdef CK_NEED_ARG_LIST
750 | (
751 | CK_SESSION_HANDLE hSession, /* the session's handle */
752 | CK_MECHANISM_PTR pMechanism, /* key generation mech. */
753 | CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
754 | CK_ULONG ulCount, /* # of attrs in template */
755 | CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
756 | );
757 | #endif
758 |
759 |
760 | /* C_GenerateKeyPair generates a public-key/private-key pair,
761 | * creating new key objects. */
762 | CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
763 | #ifdef CK_NEED_ARG_LIST
764 | (
765 | CK_SESSION_HANDLE hSession, /* session
766 | * handle */
767 | CK_MECHANISM_PTR pMechanism, /* key-gen
768 | * mech. */
769 | CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template
770 | * for pub.
771 | * key */
772 | CK_ULONG ulPublicKeyAttributeCount, /* # pub.
773 | * attrs. */
774 | CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template
775 | * for priv.
776 | * key */
777 | CK_ULONG ulPrivateKeyAttributeCount, /* # priv.
778 | * attrs. */
779 | CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub.
780 | * key
781 | * handle */
782 | CK_OBJECT_HANDLE_PTR phPrivateKey /* gets
783 | * priv. key
784 | * handle */
785 | );
786 | #endif
787 |
788 |
789 | /* C_WrapKey wraps (i.e., encrypts) a key. */
790 | CK_PKCS11_FUNCTION_INFO(C_WrapKey)
791 | #ifdef CK_NEED_ARG_LIST
792 | (
793 | CK_SESSION_HANDLE hSession, /* the session's handle */
794 | CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
795 | CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
796 | CK_OBJECT_HANDLE hKey, /* key to be wrapped */
797 | CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
798 | CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
799 | );
800 | #endif
801 |
802 |
803 | /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
804 | * key object. */
805 | CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
806 | #ifdef CK_NEED_ARG_LIST
807 | (
808 | CK_SESSION_HANDLE hSession, /* session's handle */
809 | CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
810 | CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
811 | CK_BYTE_PTR pWrappedKey, /* the wrapped key */
812 | CK_ULONG ulWrappedKeyLen, /* wrapped key len */
813 | CK_ATTRIBUTE_PTR pTemplate, /* new key template */
814 | CK_ULONG ulAttributeCount, /* template length */
815 | CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
816 | );
817 | #endif
818 |
819 |
820 | /* C_DeriveKey derives a key from a base key, creating a new key
821 | * object. */
822 | CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
823 | #ifdef CK_NEED_ARG_LIST
824 | (
825 | CK_SESSION_HANDLE hSession, /* session's handle */
826 | CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
827 | CK_OBJECT_HANDLE hBaseKey, /* base key */
828 | CK_ATTRIBUTE_PTR pTemplate, /* new key template */
829 | CK_ULONG ulAttributeCount, /* template length */
830 | CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
831 | );
832 | #endif
833 |
834 |
835 |
836 | /* Random number generation */
837 |
838 | /* C_SeedRandom mixes additional seed material into the token's
839 | * random number generator. */
840 | CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
841 | #ifdef CK_NEED_ARG_LIST
842 | (
843 | CK_SESSION_HANDLE hSession, /* the session's handle */
844 | CK_BYTE_PTR pSeed, /* the seed material */
845 | CK_ULONG ulSeedLen /* length of seed material */
846 | );
847 | #endif
848 |
849 |
850 | /* C_GenerateRandom generates random data. */
851 | CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
852 | #ifdef CK_NEED_ARG_LIST
853 | (
854 | CK_SESSION_HANDLE hSession, /* the session's handle */
855 | CK_BYTE_PTR RandomData, /* receives the random data */
856 | CK_ULONG ulRandomLen /* # of bytes to generate */
857 | );
858 | #endif
859 |
860 |
861 |
862 | /* Parallel function management */
863 |
864 | /* C_GetFunctionStatus is a legacy function; it obtains an
865 | * updated status of a function running in parallel with an
866 | * application. */
867 | CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
868 | #ifdef CK_NEED_ARG_LIST
869 | (
870 | CK_SESSION_HANDLE hSession /* the session's handle */
871 | );
872 | #endif
873 |
874 |
875 | /* C_CancelFunction is a legacy function; it cancels a function
876 | * running in parallel. */
877 | CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
878 | #ifdef CK_NEED_ARG_LIST
879 | (
880 | CK_SESSION_HANDLE hSession /* the session's handle */
881 | );
882 | #endif
883 |
884 |
885 |
886 | /* Functions added in for Cryptoki Version 2.01 or later */
887 |
888 | /* C_WaitForSlotEvent waits for a slot event (token insertion,
889 | * removal, etc.) to occur. */
890 | CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
891 | #ifdef CK_NEED_ARG_LIST
892 | (
893 | CK_FLAGS flags, /* blocking/nonblocking flag */
894 | CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
895 | CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
896 | );
897 | #endif
898 |
--------------------------------------------------------------------------------
/v2.01/v201.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.01/v201.pdf
--------------------------------------------------------------------------------
/v2.0_DRAFT/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v2.0 : Cryptographic Token Interface Standard**
2 | [pkcs11v2.pdf](pkcs11v2.pdf) - 15 April 1997
3 |
4 | **PKCS#11 v2.0 : Cryptographic Token Interface Standard**
5 | [v2drft2.pdf](v2drft2.pdf) - Draft 2 - 1 July 1997
6 |
--------------------------------------------------------------------------------
/v2.0_DRAFT/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /* Define API */
2 | #ifndef _PKCS11_H_
3 | #define _PKCS11_H_ 1
4 |
5 | #ifndef FALSE
6 | #define FALSE 0
7 | #endif
8 |
9 | #ifndef TRUE
10 | #define TRUE (!FALSE)
11 | #endif
12 |
13 | #ifdef __cplusplus
14 | extern "C" {
15 | #endif
16 |
17 | /* All the various Cryptoki types and #define'd values are in the file
18 | * pkcs11t.h. CK_PTR should be defined there, too; it's the recipe for
19 | * making pointers. */
20 | #include "pkcs11t.h"
21 |
22 | #define __PASTE(x,y) x##y
23 |
24 | /* =================================================================
25 | * Define the "extern" form of all the entry points */
26 |
27 | #define CK_EXTERN extern
28 | #define CK_FUNC(name) CK_ENTRY name
29 | #define CK_NEED_ARG_LIST 1
30 | #define _CK_RV CK_RV
31 |
32 | /* pkcs11f.h has all the information about the Cryptoki functions. */
33 | #include "pkcs11f.h"
34 |
35 | #undef CK_FUNC
36 | #undef CK_EXTERN
37 | #undef CK_NEED_ARG_LIST
38 | #undef _CK_RV
39 |
40 | /* =================================================================
41 | * Define the typedef form of all the entry points.
42 | * That is, for each Cryptoki function C_XXX, define a type CK_C_XXX
43 | * which is a pointer to that kind of function. */
44 |
45 | #define CK_EXTERN typedef
46 | #define CK_FUNC(name) CK_ENTRY (CK_PTR __PASTE(CK_,name))
47 | #define CK_NEED_ARG_LIST 1
48 | #define _CK_RV CK_RV
49 |
50 | #include "pkcs11f.h"
51 |
52 | #undef CK_FUNC
53 | #undef CK_EXTERN
54 | #undef CK_NEED_ARG_LIST
55 | #undef _CK_RV
56 |
57 | /* =================================================================
58 | * Define structed vector of entry points.
59 | * The CK_FUNCTION_LIST contains a CK_VERSION indicating the Cryptoki
60 | * version, and then a whole slew of function pointers to the routines
61 | * in the library. This type was declared, but not defined, in
62 | * pkcs11t.h. */
63 |
64 |
65 | /* These data types are platform/implementation dependent. */
66 | #if defined(WINDOWS)
67 | #if defined(_WIN32)
68 | #define CK_ENTRY __declspec( dllexport )
69 | #define CK_PTR *
70 | #define NULL_PTR 0
71 | #pragma pack(push, cryptoki, 1)
72 | #else /* win16 */
73 | #define CK_ENTRY _export _far _pascal
74 | #define CK_PTR far *
75 | #define NULL_PTR 0
76 | #pragma pack(push, cryptoki, 1)
77 | #endif
78 | #else /* not windows */
79 | #define CK_ENTRY
80 | #define CK_PTR *
81 | #define NULL_PTR 0
82 | #endif
83 |
84 |
85 | #define CK_EXTERN
86 | #define CK_FUNC(name) __PASTE(CK_,name) name;
87 | #define _CK_RV
88 |
89 | struct CK_FUNCTION_LIST {
90 |
91 | CK_VERSION version; /* Cryptoki version */
92 |
93 | /* Pile all the function pointers into it. */
94 | #include "pkcs11f.h"
95 |
96 | };
97 |
98 | #undef CK_FUNC
99 | #undef CK_EXTERN
100 | #undef _CK_RV
101 |
102 |
103 | #if defined(WINDOWS)
104 | #pragma pack(pop, cryptoki)
105 | #endif
106 |
107 |
108 | #undef __PASTE
109 | /* ================================================================= */
110 |
111 | #ifdef __cplusplus
112 | }
113 | #endif
114 |
115 | #endif
116 |
--------------------------------------------------------------------------------
/v2.0_DRAFT/headers/pkcs11f.h:
--------------------------------------------------------------------------------
1 | /* This function contains pretty much everything about all */
2 | /* the Cryptoki function prototypes. */
3 |
4 |
5 |
6 | /* General-purpose */
7 |
8 | /* C_Initialize initializes the Cryptoki library. */
9 | CK_EXTERN _CK_RV CK_FUNC(C_Initialize)
10 | #ifdef CK_NEED_ARG_LIST
11 | (
12 | CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
13 | );
14 | #endif
15 |
16 |
17 | /* C_Finalize indicates that an application is done with the Cryptoki
18 | * library. */
19 | CK_EXTERN _CK_RV CK_FUNC(C_Finalize)
20 | #ifdef CK_NEED_ARG_LIST
21 | (
22 | CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
23 | );
24 | #endif
25 |
26 |
27 | /* C_GetInfo returns general information about Cryptoki. */
28 | CK_EXTERN _CK_RV CK_FUNC(C_GetInfo)
29 | #ifdef CK_NEED_ARG_LIST
30 | (
31 | CK_INFO_PTR pInfo /* location that receives the information */
32 | );
33 | #endif
34 |
35 |
36 | /* C_GetFunctionList returns the function list. */
37 | CK_EXTERN _CK_RV CK_FUNC(C_GetFunctionList)
38 | #ifdef CK_NEED_ARG_LIST
39 | (
40 | CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives ptr to function list */
41 | );
42 | #endif
43 |
44 |
45 |
46 | /* Slot and token management */
47 |
48 | /* C_GetSlotList obtains a list of slots in the system. */
49 | CK_EXTERN _CK_RV CK_FUNC(C_GetSlotList)
50 | #ifdef CK_NEED_ARG_LIST
51 | (
52 | CK_BBOOL tokenPresent, /* only slots with token present */
53 | CK_SLOT_ID_PTR pSlotList, /* receives the array of slot IDs */
54 | CK_ULONG_PTR pulCount /* receives the number of slots */
55 | );
56 | #endif
57 |
58 |
59 | /* C_GetSlotInfo obtains information about a particular slot in the system. */
60 | CK_EXTERN _CK_RV CK_FUNC(C_GetSlotInfo)
61 | #ifdef CK_NEED_ARG_LIST
62 | (
63 | CK_SLOT_ID slotID, /* the ID of the slot */
64 | CK_SLOT_INFO_PTR pInfo /* receives the slot information */
65 | );
66 | #endif
67 |
68 |
69 | /* C_GetTokenInfo obtains information about a particular token in the
70 | * system. */
71 | CK_EXTERN _CK_RV CK_FUNC(C_GetTokenInfo)
72 | #ifdef CK_NEED_ARG_LIST
73 | (
74 | CK_SLOT_ID slotID, /* ID of the token's slot */
75 | CK_TOKEN_INFO_PTR pInfo /* receives the token information */
76 | );
77 | #endif
78 |
79 |
80 | /* C_GetMechanismList obtains a list of mechanism types supported by
81 | * a token. */
82 | CK_EXTERN _CK_RV CK_FUNC(C_GetMechanismList)
83 | #ifdef CK_NEED_ARG_LIST
84 | (
85 | CK_SLOT_ID slotID, /* ID of the token's slot */
86 | CK_MECHANISM_TYPE_PTR pMechanismList, /* receives mech. types array */
87 | CK_ULONG_PTR pulCount /* receives number of mechs. */
88 | );
89 | #endif
90 |
91 |
92 | /* C_GetMechanismInfo obtains information about a particular mechanism
93 | * possibly supported by a token. */
94 | CK_EXTERN _CK_RV CK_FUNC(C_GetMechanismInfo)
95 | #ifdef CK_NEED_ARG_LIST
96 | (
97 | CK_SLOT_ID slotID, /* ID of the token's slot */
98 | CK_MECHANISM_TYPE type, /* type of mechanism */
99 | CK_MECHANISM_INFO_PTR pInfo /* receives mechanism information */
100 | );
101 | #endif
102 |
103 |
104 | /* C_InitToken initializes a token. */
105 | CK_EXTERN _CK_RV CK_FUNC(C_InitToken)
106 | #ifdef CK_NEED_ARG_LIST
107 | (
108 | CK_SLOT_ID slotID, /* ID of the token's slot */
109 | CK_CHAR_PTR pPin, /* the SO's initial PIN */
110 | CK_ULONG ulPinLen, /* length in bytes of the PIN */
111 | CK_CHAR_PTR pLabel /* 32-byte token label (blank padded) */
112 | );
113 | #endif
114 |
115 |
116 | /* C_InitPIN initializes the normal user's PIN. */
117 | CK_EXTERN _CK_RV CK_FUNC(C_InitPIN)
118 | #ifdef CK_NEED_ARG_LIST
119 | (
120 | CK_SESSION_HANDLE hSession, /* the session's handle */
121 | CK_CHAR_PTR pPin, /* the normal user's PIN */
122 | CK_ULONG ulPinLen /* length in bytes of the PIN */
123 | );
124 | #endif
125 |
126 |
127 | /* C_SetPIN modifies the PIN of user that is currently logged in. */
128 | CK_EXTERN _CK_RV CK_FUNC(C_SetPIN)
129 | #ifdef CK_NEED_ARG_LIST
130 | (
131 | CK_SESSION_HANDLE hSession, /* the session's handle */
132 | CK_CHAR_PTR pOldPin, /* the old PIN */
133 | CK_ULONG ulOldLen, /* length of the old PIN */
134 | CK_CHAR_PTR pNewPin, /* the new PIN */
135 | CK_ULONG ulNewLen /* length of the new PIN */
136 | );
137 | #endif
138 |
139 |
140 |
141 | /* Session management */
142 |
143 | /* C_OpenSession opens a session between an application and a token. */
144 | CK_EXTERN _CK_RV CK_FUNC(C_OpenSession)
145 | #ifdef CK_NEED_ARG_LIST
146 | (
147 | CK_SLOT_ID slotID, /* the slot's ID */
148 | CK_FLAGS flags, /* defined in CK_SESSION_INFO */
149 | CK_VOID_PTR pApplication, /* pointer passed to callback */
150 | CK_NOTIFY Notify, /* notification callback function */
151 | CK_SESSION_HANDLE_PTR phSession /* receives new session handle */
152 | );
153 | #endif
154 |
155 |
156 | /* C_CloseSession closes a session between an application and a token. */
157 | CK_EXTERN _CK_RV CK_FUNC(C_CloseSession)
158 | #ifdef CK_NEED_ARG_LIST
159 | (
160 | CK_SESSION_HANDLE hSession /* the session's handle */
161 | );
162 | #endif
163 |
164 |
165 | /* C_CloseAllSessions closes all sessions with a token. */
166 | CK_EXTERN _CK_RV CK_FUNC(C_CloseAllSessions)
167 | #ifdef CK_NEED_ARG_LIST
168 | (
169 | CK_SLOT_ID slotID /* the token's slot */
170 | );
171 | #endif
172 |
173 |
174 | /* C_GetSessionInfo obtains information about the session. */
175 | CK_EXTERN _CK_RV CK_FUNC(C_GetSessionInfo)
176 | #ifdef CK_NEED_ARG_LIST
177 | (
178 | CK_SESSION_HANDLE hSession, /* the session's handle */
179 | CK_SESSION_INFO_PTR pInfo /* receives session information */
180 | );
181 | #endif
182 |
183 |
184 | /* C_GetOperationState obtains the state of the cryptographic operation
185 | * in a session. */
186 | CK_EXTERN _CK_RV CK_FUNC(C_GetOperationState)
187 | #ifdef CK_NEED_ARG_LIST
188 | (
189 | CK_SESSION_HANDLE hSession, /* the session's handle */
190 | CK_BYTE_PTR pOperationState, /* location receiving state */
191 | CK_ULONG_PTR pulOperationStateLen /* location receiving state length */
192 | );
193 | #endif
194 |
195 |
196 | /* C_SetOperationState restores the state of the cryptographic operation
197 | * in a session. */
198 | CK_EXTERN _CK_RV CK_FUNC(C_SetOperationState)
199 | #ifdef CK_NEED_ARG_LIST
200 | (
201 | CK_SESSION_HANDLE hSession, /* the session's handle */
202 | CK_BYTE_PTR pOperationState, /* the location holding the state */
203 | CK_ULONG ulOperationStateLen, /* location holding state length */
204 | CK_OBJECT_HANDLE hEncryptionKey, /* handle of en/decryption key */
205 | CK_OBJECT_HANDLE hAuthenticationKey /* handle of sign/verify key */
206 | );
207 | #endif
208 |
209 |
210 | /* C_Login logs a user into a token. */
211 | CK_EXTERN _CK_RV CK_FUNC(C_Login)
212 | #ifdef CK_NEED_ARG_LIST
213 | (
214 | CK_SESSION_HANDLE hSession, /* the session's handle */
215 | CK_USER_TYPE userType, /* the user type */
216 | CK_CHAR_PTR pPin, /* the user's PIN */
217 | CK_ULONG ulPinLen /* the length of the PIN */
218 | );
219 | #endif
220 |
221 |
222 | /* C_Logout logs a user out from a token. */
223 | CK_EXTERN _CK_RV CK_FUNC(C_Logout)
224 | #ifdef CK_NEED_ARG_LIST
225 | (
226 | CK_SESSION_HANDLE hSession /* the session's handle */
227 | );
228 | #endif
229 |
230 |
231 |
232 | /* Object management */
233 |
234 | /* C_CreateObject creates a new object. */
235 | CK_EXTERN _CK_RV CK_FUNC(C_CreateObject)
236 | #ifdef CK_NEED_ARG_LIST
237 | (
238 | CK_SESSION_HANDLE hSession, /* the session's handle */
239 | CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
240 | CK_ULONG ulCount, /* attributes in template */
241 | CK_OBJECT_HANDLE_PTR phObject /* receives new object's handle. */
242 | );
243 | #endif
244 |
245 |
246 | /* C_CopyObject copies an object, creating a new object for the copy. */
247 | CK_EXTERN _CK_RV CK_FUNC(C_CopyObject)
248 | #ifdef CK_NEED_ARG_LIST
249 | (
250 | CK_SESSION_HANDLE hSession, /* the session's handle */
251 | CK_OBJECT_HANDLE hObject, /* the object's handle */
252 | CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
253 | CK_ULONG ulCount, /* attributes in template */
254 | CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
255 | );
256 | #endif
257 |
258 |
259 | /* C_DestroyObject destroys an object. */
260 | CK_EXTERN _CK_RV CK_FUNC(C_DestroyObject)
261 | #ifdef CK_NEED_ARG_LIST
262 | (
263 | CK_SESSION_HANDLE hSession, /* the session's handle */
264 | CK_OBJECT_HANDLE hObject /* the object's handle */
265 | );
266 | #endif
267 |
268 |
269 | /* C_GetObjectSize gets the size of an object in bytes. */
270 | CK_EXTERN _CK_RV CK_FUNC(C_GetObjectSize)
271 | #ifdef CK_NEED_ARG_LIST
272 | (
273 | CK_SESSION_HANDLE hSession, /* the session's handle */
274 | CK_OBJECT_HANDLE hObject, /* the object's handle */
275 | CK_ULONG_PTR pulSize /* receives size of object */
276 | );
277 | #endif
278 |
279 |
280 | /* C_GetAttributeValue obtains the value of one or more object attributes. */
281 | CK_EXTERN _CK_RV CK_FUNC(C_GetAttributeValue)
282 | #ifdef CK_NEED_ARG_LIST
283 | (
284 | CK_SESSION_HANDLE hSession, /* the session's handle */
285 | CK_OBJECT_HANDLE hObject, /* the object's handle */
286 | CK_ATTRIBUTE_PTR pTemplate, /* specifies attributes, gets values */
287 | CK_ULONG ulCount /* attributes in template */
288 | );
289 | #endif
290 |
291 |
292 | /* C_SetAttributeValue modifies the value of one or more object attributes */
293 | CK_EXTERN _CK_RV CK_FUNC(C_SetAttributeValue)
294 | #ifdef CK_NEED_ARG_LIST
295 | (
296 | CK_SESSION_HANDLE hSession, /* the session's handle */
297 | CK_OBJECT_HANDLE hObject, /* the object's handle */
298 | CK_ATTRIBUTE_PTR pTemplate, /* specifies attributes and values */
299 | CK_ULONG ulCount /* attributes in template */
300 | );
301 | #endif
302 |
303 |
304 | /* C_FindObjectsInit initializes a search for token and session objects
305 | * that match a template. */
306 | CK_EXTERN _CK_RV CK_FUNC(C_FindObjectsInit)
307 | #ifdef CK_NEED_ARG_LIST
308 | (
309 | CK_SESSION_HANDLE hSession, /* the session's handle */
310 | CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
311 | CK_ULONG ulCount /* attributes in search template */
312 | );
313 | #endif
314 |
315 |
316 | /* C_FindObjects continues a search for token and session objects
317 | * that match a template, obtaining additional object handles. */
318 | CK_EXTERN _CK_RV CK_FUNC(C_FindObjects)
319 | #ifdef CK_NEED_ARG_LIST
320 | (
321 | CK_SESSION_HANDLE hSession, /* the session's handle */
322 | CK_OBJECT_HANDLE_PTR phObject, /* receives object handle array */
323 | CK_ULONG ulMaxObjectCount, /* max handles to be returned */
324 | CK_ULONG_PTR pulObjectCount /* actual number returned */
325 | );
326 | #endif
327 |
328 |
329 | /* C_FindObjectsFinal finishes a search for token and session objects. */
330 | CK_EXTERN _CK_RV CK_FUNC(C_FindObjectsFinal)
331 | #ifdef CK_NEED_ARG_LIST
332 | (
333 | CK_SESSION_HANDLE hSession /* the session's handle */
334 | );
335 | #endif
336 |
337 |
338 |
339 | /* Encryption and decryption */
340 |
341 | /* C_EncryptInit initializes an encryption operation. */
342 | CK_EXTERN _CK_RV CK_FUNC(C_EncryptInit)
343 | #ifdef CK_NEED_ARG_LIST
344 | (
345 | CK_SESSION_HANDLE hSession, /* the session's handle */
346 | CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
347 | CK_OBJECT_HANDLE hKey /* handle of encryption key */
348 | );
349 | #endif
350 |
351 |
352 | /* C_Encrypt encrypts single-part data. */
353 | CK_EXTERN _CK_RV CK_FUNC(C_Encrypt)
354 | #ifdef CK_NEED_ARG_LIST
355 | (
356 | CK_SESSION_HANDLE hSession, /* the session's handle */
357 | CK_BYTE_PTR pData, /* the plaintext data */
358 | CK_ULONG ulDataLen, /* bytes of plaintext data */
359 | CK_BYTE_PTR pEncryptedData, /* receives encrypted data */
360 | CK_ULONG_PTR pulEncryptedDataLen /* receives encrypted byte count */
361 | );
362 | #endif
363 |
364 |
365 | /* C_EncryptUpdate continues a multiple-part encryption operation. */
366 | CK_EXTERN _CK_RV CK_FUNC(C_EncryptUpdate)
367 | #ifdef CK_NEED_ARG_LIST
368 | (
369 | CK_SESSION_HANDLE hSession, /* the session's handle */
370 | CK_BYTE_PTR pPart, /* the plaintext data */
371 | CK_ULONG ulPartLen, /* bytes of plaintext data */
372 | CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
373 | CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte count */
374 | );
375 | #endif
376 |
377 |
378 | /* C_EncryptFinal finishes a multiple-part encryption operation. */
379 | CK_EXTERN _CK_RV CK_FUNC(C_EncryptFinal)
380 | #ifdef CK_NEED_ARG_LIST
381 | (
382 | CK_SESSION_HANDLE hSession, /* the session's handle */
383 | CK_BYTE_PTR pLastEncryptedPart, /* receives encrypted last part */
384 | CK_ULONG_PTR pulLastEncryptedPartLen /* receives byte count */
385 | );
386 | #endif
387 |
388 |
389 | /* C_DecryptInit initializes a decryption operation. */
390 | CK_EXTERN _CK_RV CK_FUNC(C_DecryptInit)
391 | #ifdef CK_NEED_ARG_LIST
392 | (
393 | CK_SESSION_HANDLE hSession, /* the session's handle */
394 | CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
395 | CK_OBJECT_HANDLE hKey /* handle of the decryption key */
396 | );
397 | #endif
398 |
399 |
400 | /* C_Decrypt decrypts encrypted data in a single part. */
401 | CK_EXTERN _CK_RV CK_FUNC(C_Decrypt)
402 | #ifdef CK_NEED_ARG_LIST
403 | (
404 | CK_SESSION_HANDLE hSession, /* the session's handle */
405 | CK_BYTE_PTR pEncryptedData, /* input encrypted data */
406 | CK_ULONG ulEncryptedDataLen, /* count of bytes of input */
407 | CK_BYTE_PTR pData, /* receives decrypted output */
408 | CK_ULONG_PTR pulDataLen /* receives decrypted byte count */
409 | );
410 | #endif
411 |
412 |
413 | /* C_DecryptUpdate continues a multiple-part decryption operation. */
414 | CK_EXTERN _CK_RV CK_FUNC(C_DecryptUpdate)
415 | #ifdef CK_NEED_ARG_LIST
416 | (
417 | CK_SESSION_HANDLE hSession, /* the session's handle */
418 | CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
419 | CK_ULONG ulEncryptedPartLen, /* count of bytes of input */
420 | CK_BYTE_PTR pPart, /* receives decrypted output */
421 | CK_ULONG_PTR pulPartLen /* receives decrypted byte count */
422 | );
423 | #endif
424 |
425 |
426 | /* C_DecryptFinal finishes a multiple-part decryption operation. */
427 | CK_EXTERN _CK_RV CK_FUNC(C_DecryptFinal)
428 | #ifdef CK_NEED_ARG_LIST
429 | (
430 | CK_SESSION_HANDLE hSession, /* the session's handle */
431 | CK_BYTE_PTR pLastPart, /* receives decrypted output */
432 | CK_ULONG_PTR pulLastPartLen /* receives decrypted byte count */
433 | );
434 | #endif
435 |
436 |
437 |
438 | /* Message digesting */
439 |
440 | /* C_DigestInit initializes a message-digesting operation. */
441 | CK_EXTERN _CK_RV CK_FUNC(C_DigestInit)
442 | #ifdef CK_NEED_ARG_LIST
443 | (
444 | CK_SESSION_HANDLE hSession, /* the session's handle */
445 | CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
446 | );
447 | #endif
448 |
449 |
450 | /* C_Digest digests data in a single part. */
451 | CK_EXTERN _CK_RV CK_FUNC(C_Digest)
452 | #ifdef CK_NEED_ARG_LIST
453 | (
454 | CK_SESSION_HANDLE hSession, /* the session's handle */
455 | CK_BYTE_PTR pData, /* data to be digested */
456 | CK_ULONG ulDataLen, /* bytes of data to be digested */
457 | CK_BYTE_PTR pDigest, /* receives the message digest */
458 | CK_ULONG_PTR pulDigestLen /* receives byte length of digest */
459 | );
460 | #endif
461 |
462 |
463 | /* C_DigestUpdate continues a multiple-part message-digesting operation. */
464 | CK_EXTERN _CK_RV CK_FUNC(C_DigestUpdate)
465 | #ifdef CK_NEED_ARG_LIST
466 | (
467 | CK_SESSION_HANDLE hSession, /* the session's handle */
468 | CK_BYTE_PTR pPart, /* data to be digested */
469 | CK_ULONG ulPartLen /* bytes of data to be digested */
470 | );
471 | #endif
472 |
473 |
474 | /* C_DigestKey continues a multi-part message-digesting operation, by
475 | * digesting the value of a secret key as part of the data already digested.
476 | */
477 | CK_EXTERN _CK_RV CK_FUNC(C_DigestKey)
478 | #ifdef CK_NEED_ARG_LIST
479 | (
480 | CK_SESSION_HANDLE hSession, /* the session's handle */
481 | CK_OBJECT_HANDLE hKey /* handle of secret key to digest */
482 | );
483 | #endif
484 |
485 |
486 | /* C_DigestFinal finishes a multiple-part message-digesting operation. */
487 | CK_EXTERN _CK_RV CK_FUNC(C_DigestFinal)
488 | #ifdef CK_NEED_ARG_LIST
489 | (
490 | CK_SESSION_HANDLE hSession, /* the session's handle */
491 | CK_BYTE_PTR pDigest, /* receives the message digest */
492 | CK_ULONG_PTR pulDigestLen /* receives byte count of digest */
493 | );
494 | #endif
495 |
496 |
497 |
498 | /* Signing and MACing */
499 |
500 | /* C_SignInit initializes a signature (private key encryption) operation,
501 | * where the signature is (will be) an appendix to the data,
502 | * and plaintext cannot be recovered from the signature */
503 | CK_EXTERN _CK_RV CK_FUNC(C_SignInit)
504 | #ifdef CK_NEED_ARG_LIST
505 | (
506 | CK_SESSION_HANDLE hSession, /* the session's handle */
507 | CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
508 | CK_OBJECT_HANDLE hKey /* handle of the signature key */
509 | );
510 | #endif
511 |
512 |
513 | /* C_Sign signs (encrypts with private key) data in a single part,
514 | * where the signature is (will be) an appendix to the data,
515 | * and plaintext cannot be recovered from the signature */
516 | CK_EXTERN _CK_RV CK_FUNC(C_Sign)
517 | #ifdef CK_NEED_ARG_LIST
518 | (
519 | CK_SESSION_HANDLE hSession, /* the session's handle */
520 | CK_BYTE_PTR pData, /* the data (digest) to be signed */
521 | CK_ULONG ulDataLen, /* count of bytes to be signed */
522 | CK_BYTE_PTR pSignature, /* receives the signature */
523 | CK_ULONG_PTR pulSignatureLen /* receives byte count of signature */
524 | );
525 | #endif
526 |
527 |
528 | /* C_SignUpdate continues a multiple-part signature operation,
529 | * where the signature is (will be) an appendix to the data,
530 | * and plaintext cannot be recovered from the signature */
531 | CK_EXTERN _CK_RV CK_FUNC(C_SignUpdate)
532 | #ifdef CK_NEED_ARG_LIST
533 | (
534 | CK_SESSION_HANDLE hSession, /* the session's handle */
535 | CK_BYTE_PTR pPart, /* the data (digest) to be signed */
536 | CK_ULONG ulPartLen /* count of bytes to be signed */
537 | );
538 | #endif
539 |
540 |
541 | /* C_SignFinal finishes a multiple-part signature operation,
542 | * returning the signature. */
543 | CK_EXTERN _CK_RV CK_FUNC(C_SignFinal)
544 | #ifdef CK_NEED_ARG_LIST
545 | (
546 | CK_SESSION_HANDLE hSession, /* the session's handle */
547 | CK_BYTE_PTR pSignature, /* receives the signature */
548 | CK_ULONG_PTR pulSignatureLen /* receives byte count of signature */
549 | );
550 | #endif
551 |
552 |
553 | /* C_SignRecoverInit initializes a signature operation,
554 | * where the (digest) data can be recovered from the signature.
555 | * E.g. encryption with the user's private key */
556 | CK_EXTERN _CK_RV CK_FUNC(C_SignRecoverInit)
557 | #ifdef CK_NEED_ARG_LIST
558 | (
559 | CK_SESSION_HANDLE hSession, /* the session's handle */
560 | CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
561 | CK_OBJECT_HANDLE hKey /* handle of the signature key */
562 | );
563 | #endif
564 |
565 |
566 | /* C_SignRecover signs data in a single operation
567 | * where the (digest) data can be recovered from the signature.
568 | * E.g. encryption with the user's private key */
569 | CK_EXTERN _CK_RV CK_FUNC(C_SignRecover)
570 | #ifdef CK_NEED_ARG_LIST
571 | (
572 | CK_SESSION_HANDLE hSession, /* the session's handle */
573 | CK_BYTE_PTR pData, /* the data (digest) to be signed */
574 | CK_ULONG ulDataLen, /* count of bytes to be signed */
575 | CK_BYTE_PTR pSignature, /* receives the signature */
576 | CK_ULONG_PTR pulSignatureLen /* receives byte count of signature */
577 | );
578 | #endif
579 |
580 |
581 |
582 | /* Verifying signatures and MACs */
583 |
584 | /* C_VerifyInit initializes a verification operation,
585 | * where the signature is an appendix to the data,
586 | * and plaintext cannot be recovered from the signature (e.g. DSA) */
587 | CK_EXTERN _CK_RV CK_FUNC(C_VerifyInit)
588 | #ifdef CK_NEED_ARG_LIST
589 | (
590 | CK_SESSION_HANDLE hSession, /* the session's handle */
591 | CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
592 | CK_OBJECT_HANDLE hKey /* handle of the verification key */
593 | );
594 | #endif
595 |
596 |
597 | /* C_Verify verifies a signature in a single-part operation,
598 | * where the signature is an appendix to the data,
599 | * and plaintext cannot be recovered from the signature */
600 | CK_EXTERN _CK_RV CK_FUNC(C_Verify)
601 | #ifdef CK_NEED_ARG_LIST
602 | (
603 | CK_SESSION_HANDLE hSession, /* the session's handle */
604 | CK_BYTE_PTR pData, /* plaintext data (digest) to compare */
605 | CK_ULONG ulDataLen, /* length of data (digest) in bytes */
606 | CK_BYTE_PTR pSignature, /* the signature to be verified */
607 | CK_ULONG ulSignatureLen /* count of bytes of signature */
608 | );
609 | #endif
610 |
611 |
612 | /* C_VerifyUpdate continues a multiple-part verification operation,
613 | * where the signature is an appendix to the data,
614 | * and plaintext cannot be recovered from the signature */
615 | CK_EXTERN _CK_RV CK_FUNC(C_VerifyUpdate)
616 | #ifdef CK_NEED_ARG_LIST
617 | (
618 | CK_SESSION_HANDLE hSession, /* the session's handle */
619 | CK_BYTE_PTR pPart, /* plaintext data (digest) to compare */
620 | CK_ULONG ulPartLen /* length of data (digest) in bytes */
621 | );
622 | #endif
623 |
624 |
625 | /* C_VerifyFinal finishes a multiple-part verification operation,
626 | * checking the signature. */
627 | CK_EXTERN _CK_RV CK_FUNC(C_VerifyFinal)
628 | #ifdef CK_NEED_ARG_LIST
629 | (
630 | CK_SESSION_HANDLE hSession, /* the session's handle */
631 | CK_BYTE_PTR pSignature, /* the signature to be verified */
632 | CK_ULONG ulSignatureLen /* count of bytes of signature */
633 | );
634 | #endif
635 |
636 |
637 | /* C_VerifyRecoverInit initializes a signature verification operation,
638 | * where the data is recovered from the signature.
639 | * E.g. Decryption with the user's public key */
640 | CK_EXTERN _CK_RV CK_FUNC(C_VerifyRecoverInit)
641 | #ifdef CK_NEED_ARG_LIST
642 | (
643 | CK_SESSION_HANDLE hSession, /* the session's handle */
644 | CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
645 | CK_OBJECT_HANDLE hKey /* handle of the verification key */
646 | );
647 | #endif
648 |
649 |
650 | /* C_VerifyRecover verifies a signature in a single-part operation,
651 | * where the data is recovered from the signature.
652 | * E.g. Decryption with the user's public key */
653 | CK_EXTERN _CK_RV CK_FUNC(C_VerifyRecover)
654 | #ifdef CK_NEED_ARG_LIST
655 | (
656 | CK_SESSION_HANDLE hSession, /* the session's handle */
657 | CK_BYTE_PTR pSignature, /* the signature to be verified */
658 | CK_ULONG ulSignatureLen, /* count of bytes of signature */
659 | CK_BYTE_PTR pData, /* receives decrypted data (digest) */
660 | CK_ULONG_PTR pulDataLen /* receives byte count of data */
661 | );
662 | #endif
663 |
664 |
665 |
666 | /* Dual-function cryptographic operations */
667 |
668 | /* C_DigestEncryptUpdate continues a multiple-part digesting and encryption operation. */
669 | CK_EXTERN _CK_RV CK_FUNC(C_DigestEncryptUpdate)
670 | #ifdef CK_NEED_ARG_LIST
671 | (
672 | CK_SESSION_HANDLE hSession, /* the session's handle */
673 | CK_BYTE_PTR pPart, /* the plaintext data */
674 | CK_ULONG ulPartLen, /* bytes of plaintext data */
675 | CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
676 | CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte count */
677 | );
678 | #endif
679 |
680 |
681 | /* C_DecryptDigestUpdate continues a multiple-part decryption and
682 | * digesting operation. */
683 | CK_EXTERN _CK_RV CK_FUNC(C_DecryptDigestUpdate)
684 | #ifdef CK_NEED_ARG_LIST
685 | (
686 | CK_SESSION_HANDLE hSession, /* the session's handle */
687 | CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
688 | CK_ULONG ulEncryptedPartLen, /* count of bytes of input */
689 | CK_BYTE_PTR pPart, /* receives decrypted output */
690 | CK_ULONG_PTR pulPartLen /* receives decrypted byte count */
691 | );
692 | #endif
693 |
694 |
695 | /* C_SignEncryptUpdate continues a multiple-part signing and
696 | * encryption operation. */
697 | CK_EXTERN _CK_RV CK_FUNC(C_SignEncryptUpdate)
698 | #ifdef CK_NEED_ARG_LIST
699 | (
700 | CK_SESSION_HANDLE hSession, /* the session's handle */
701 | CK_BYTE_PTR pPart, /* the plaintext data */
702 | CK_ULONG ulPartLen, /* bytes of plaintext data */
703 | CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
704 | CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte count */
705 | );
706 | #endif
707 |
708 |
709 | /* C_DecryptVerifyUpdate continues a multiple-part decryption and
710 | * verify operation. */
711 | CK_EXTERN _CK_RV CK_FUNC(C_DecryptVerifyUpdate)
712 | #ifdef CK_NEED_ARG_LIST
713 | (
714 | CK_SESSION_HANDLE hSession, /* the session's handle */
715 | CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
716 | CK_ULONG ulEncryptedPartLen, /* count of byes of input */
717 | CK_BYTE_PTR pPart, /* receives decrypted output */
718 | CK_ULONG_PTR pulPartLen /* receives decrypted byte count */
719 | );
720 | #endif
721 |
722 |
723 |
724 | /* Key management */
725 |
726 | /* C_GenerateKey generates a secret key, creating a new key object. */
727 | CK_EXTERN _CK_RV CK_FUNC(C_GenerateKey)
728 | #ifdef CK_NEED_ARG_LIST
729 | (
730 | CK_SESSION_HANDLE hSession, /* the session's handle */
731 | CK_MECHANISM_PTR pMechanism, /* the key generation mechanism */
732 | CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
733 | CK_ULONG ulCount, /* number of attributes in template */
734 | CK_OBJECT_HANDLE_PTR phKey /* receives handle of new key */
735 | );
736 | #endif
737 |
738 |
739 | /* C_GenerateKeyPair generates a public-key/private-key pair,
740 | * creating new key objects. */
741 | CK_EXTERN _CK_RV CK_FUNC(C_GenerateKeyPair)
742 | #ifdef CK_NEED_ARG_LIST
743 | (
744 | CK_SESSION_HANDLE hSession, /* the session's handle */
745 | CK_MECHANISM_PTR pMechanism, /* the key gen. mech. */
746 | CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* pub. attr. template */
747 | CK_ULONG ulPublicKeyAttributeCount, /* # of pub. attrs. */
748 | CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* priv. attr. template */
749 | CK_ULONG ulPrivateKeyAttributeCount, /* # of priv. attrs. */
750 | CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */
751 | CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */
752 | );
753 | #endif
754 |
755 |
756 | /* C_WrapKey wraps (i.e., encrypts) a key. */
757 | CK_EXTERN _CK_RV CK_FUNC(C_WrapKey)
758 | #ifdef CK_NEED_ARG_LIST
759 | (
760 | CK_SESSION_HANDLE hSession, /* the session's handle */
761 | CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
762 | CK_OBJECT_HANDLE hWrappingKey, /* handle of the wrapping key */
763 | CK_OBJECT_HANDLE hKey, /* handle of the key to be wrapped */
764 | CK_BYTE_PTR pWrappedKey, /* receives the wrapped key */
765 | CK_ULONG_PTR pulWrappedKeyLen /* receives byte size of wrapped key */
766 | );
767 | #endif
768 |
769 |
770 | /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
771 | CK_EXTERN _CK_RV CK_FUNC(C_UnwrapKey)
772 | #ifdef CK_NEED_ARG_LIST
773 | (
774 | CK_SESSION_HANDLE hSession, /* the session's handle */
775 | CK_MECHANISM_PTR pMechanism, /* the unwrapping mechanism */
776 | CK_OBJECT_HANDLE hUnwrappingKey, /* handle of the unwrapping key */
777 | CK_BYTE_PTR pWrappedKey, /* the wrapped key */
778 | CK_ULONG ulWrappedKeyLen, /* bytes length of wrapped key */
779 | CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
780 | CK_ULONG ulAttributeCount, /* # of attributes in template */
781 | CK_OBJECT_HANDLE_PTR phKey /* gets handle of recovered key */
782 | );
783 | #endif
784 |
785 |
786 | /* C_DeriveKey derives a key from a base key, creating a new key object. */
787 | CK_EXTERN _CK_RV CK_FUNC(C_DeriveKey)
788 | #ifdef CK_NEED_ARG_LIST
789 | (
790 | CK_SESSION_HANDLE hSession, /* the session's handle */
791 | CK_MECHANISM_PTR pMechanism, /* the key derivation mechanism */
792 | CK_OBJECT_HANDLE hBaseKey, /* handle of the base key */
793 | CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
794 | CK_ULONG ulAttributeCount, /* # of attributes in template */
795 | CK_OBJECT_HANDLE_PTR phKey /* gets handle of derived key */
796 | );
797 | #endif
798 |
799 |
800 |
801 | /* Random number generation */
802 |
803 | /* C_SeedRandom mixes additional seed material into the token's random number
804 | * generator. */
805 | CK_EXTERN _CK_RV CK_FUNC(C_SeedRandom)
806 | #ifdef CK_NEED_ARG_LIST
807 | (
808 | CK_SESSION_HANDLE hSession, /* the session's handle */
809 | CK_BYTE_PTR pSeed, /* the seed material */
810 | CK_ULONG ulSeedLen /* count of bytes of seed material */
811 | );
812 | #endif
813 |
814 |
815 | /* C_GenerateRandom generates random data. */
816 | CK_EXTERN _CK_RV CK_FUNC(C_GenerateRandom)
817 | #ifdef CK_NEED_ARG_LIST
818 | (
819 | CK_SESSION_HANDLE hSession, /* the session's handle */
820 | CK_BYTE_PTR RandomData, /* receives the random data */
821 | CK_ULONG ulRandomLen /* number of bytes to be generated */
822 | );
823 | #endif
824 |
825 |
826 |
827 | /* Parallel function management */
828 |
829 | /* C_GetFunctionStatus obtains an updated status of a function running
830 | * in parallel with an application. */
831 | CK_EXTERN _CK_RV CK_FUNC(C_GetFunctionStatus)
832 | #ifdef CK_NEED_ARG_LIST
833 | (
834 | CK_SESSION_HANDLE hSession /* the session's handle */
835 | );
836 | #endif
837 |
838 |
839 | /* C_CancelFunction cancels a function running in parallel. */
840 | CK_EXTERN _CK_RV CK_FUNC(C_CancelFunction)
841 | #ifdef CK_NEED_ARG_LIST
842 | (
843 | CK_SESSION_HANDLE hSession /* the session's handle */
844 | );
845 | #endif
846 |
--------------------------------------------------------------------------------
/v2.0_DRAFT/pkcs11v2.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.0_DRAFT/pkcs11v2.pdf
--------------------------------------------------------------------------------
/v2.0_DRAFT/v2drft2.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.0_DRAFT/v2drft2.pdf
--------------------------------------------------------------------------------
/v2.10/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v2.10 : Cryptographic Token Interface Standard**
2 | [pkcs11v2-10.pdf](pkcs11v2-10.pdf) - December 1999
3 |
4 | **PKCS#11 v2.10 : Conformance Profile Specification**
5 | [pkcs11Conformance.pdf](pkcs11Conformance.pdf) - 1 October 2000
6 |
--------------------------------------------------------------------------------
/v2.10/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /* pkcs11.h include file for PKCS #11. 2000 January 13 */
2 |
3 | #ifndef _PKCS11_H_
4 | #define _PKCS11_H_ 1
5 |
6 | #ifdef __cplusplus
7 | extern "C" {
8 | #endif
9 |
10 | /* Before including this file (pkcs11.h) (or pkcs11t.h by
11 | * itself), 6 platform-specific macros must be defined. These
12 | * macros are described below, and typical definitions for them
13 | * are also given. Be advised that these definitions can depend
14 | * on both the platform and the compiler used (and possibly also
15 | * on whether a Cryptoki library is linked statically or
16 | * dynamically).
17 | *
18 | * In addition to defining these 6 macros, the packing convention
19 | * for Cryptoki structures should be set. The Cryptoki
20 | * convention on packing is that structures should be 1-byte
21 | * aligned.
22 | *
23 | * If you're using Microsoft Developer Studio 5.0 to produce
24 | * Win32 stuff, this might be done by using the following
25 | * preprocessor directive before including pkcs11.h or pkcs11t.h:
26 | *
27 | * #pragma pack(push, cryptoki, 1)
28 | *
29 | * and using the following preprocessor directive after including
30 | * pkcs11.h or pkcs11t.h:
31 | *
32 | * #pragma pack(pop, cryptoki)
33 | *
34 | * If you're using an earlier version of Microsoft Developer
35 | * Studio to produce Win16 stuff, this might be done by using
36 | * the following preprocessor directive before including
37 | * pkcs11.h or pkcs11t.h:
38 | *
39 | * #pragma pack(1)
40 | *
41 | * In a UNIX environment, you're on your own for this. You might
42 | * not need to do (or be able to do!) anything.
43 | *
44 | *
45 | * Now for the macros:
46 | *
47 | *
48 | * 1. CK_PTR: The indirection string for making a pointer to an
49 | * object. It can be used like this:
50 | *
51 | * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
52 | *
53 | * If you're using Microsoft Developer Studio 5.0 to produce
54 | * Win32 stuff, it might be defined by:
55 | *
56 | * #define CK_PTR *
57 | *
58 | * If you're using an earlier version of Microsoft Developer
59 | * Studio to produce Win16 stuff, it might be defined by:
60 | *
61 | * #define CK_PTR far *
62 | *
63 | * In a typical UNIX environment, it might be defined by:
64 | *
65 | * #define CK_PTR *
66 | *
67 | *
68 | * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
69 | * an exportable Cryptoki library function definition out of a
70 | * return type and a function name. It should be used in the
71 | * following fashion to define the exposed Cryptoki functions in
72 | * a Cryptoki library:
73 | *
74 | * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
75 | * CK_VOID_PTR pReserved
76 | * )
77 | * {
78 | * ...
79 | * }
80 | *
81 | * If you're using Microsoft Developer Studio 5.0 to define a
82 | * function in a Win32 Cryptoki .dll, it might be defined by:
83 | *
84 | * #define CK_DEFINE_FUNCTION(returnType, name) \
85 | * returnType __declspec(dllexport) name
86 | *
87 | * If you're using an earlier version of Microsoft Developer
88 | * Studio to define a function in a Win16 Cryptoki .dll, it
89 | * might be defined by:
90 | *
91 | * #define CK_DEFINE_FUNCTION(returnType, name) \
92 | * returnType __export _far _pascal name
93 | *
94 | * In a UNIX environment, it might be defined by:
95 | *
96 | * #define CK_DEFINE_FUNCTION(returnType, name) \
97 | * returnType name
98 | *
99 | *
100 | * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
101 | * an importable Cryptoki library function declaration out of a
102 | * return type and a function name. It should be used in the
103 | * following fashion:
104 | *
105 | * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
106 | * CK_VOID_PTR pReserved
107 | * );
108 | *
109 | * If you're using Microsoft Developer Studio 5.0 to declare a
110 | * function in a Win32 Cryptoki .dll, it might be defined by:
111 | *
112 | * #define CK_DECLARE_FUNCTION(returnType, name) \
113 | * returnType __declspec(dllimport) name
114 | *
115 | * If you're using an earlier version of Microsoft Developer
116 | * Studio to declare a function in a Win16 Cryptoki .dll, it
117 | * might be defined by:
118 | *
119 | * #define CK_DECLARE_FUNCTION(returnType, name) \
120 | * returnType __export _far _pascal name
121 | *
122 | * In a UNIX environment, it might be defined by:
123 | *
124 | * #define CK_DECLARE_FUNCTION(returnType, name) \
125 | * returnType name
126 | *
127 | *
128 | * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
129 | * which makes a Cryptoki API function pointer declaration or
130 | * function pointer type declaration out of a return type and a
131 | * function name. It should be used in the following fashion:
132 | *
133 | * // Define funcPtr to be a pointer to a Cryptoki API function
134 | * // taking arguments args and returning CK_RV.
135 | * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
136 | *
137 | * or
138 | *
139 | * // Define funcPtrType to be the type of a pointer to a
140 | * // Cryptoki API function taking arguments args and returning
141 | * // CK_RV, and then define funcPtr to be a variable of type
142 | * // funcPtrType.
143 | * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
144 | * funcPtrType funcPtr;
145 | *
146 | * If you're using Microsoft Developer Studio 5.0 to access
147 | * functions in a Win32 Cryptoki .dll, in might be defined by:
148 | *
149 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
150 | * returnType __declspec(dllimport) (* name)
151 | *
152 | * If you're using an earlier version of Microsoft Developer
153 | * Studio to access functions in a Win16 Cryptoki .dll, it might
154 | * be defined by:
155 | *
156 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
157 | * returnType __export _far _pascal (* name)
158 | *
159 | * In a UNIX environment, it might be defined by:
160 | *
161 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
162 | * returnType (* name)
163 | *
164 | *
165 | * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
166 | * a function pointer type for an application callback out of
167 | * a return type for the callback and a name for the callback.
168 | * It should be used in the following fashion:
169 | *
170 | * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
171 | *
172 | * to declare a function pointer, myCallback, to a callback
173 | * which takes arguments args and returns a CK_RV. It can also
174 | * be used like this:
175 | *
176 | * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
177 | * myCallbackType myCallback;
178 | *
179 | * If you're using Microsoft Developer Studio 5.0 to do Win32
180 | * Cryptoki development, it might be defined by:
181 | *
182 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
183 | * returnType (* name)
184 | *
185 | * If you're using an earlier version of Microsoft Developer
186 | * Studio to do Win16 development, it might be defined by:
187 | *
188 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
189 | * returnType _far _pascal (* name)
190 | *
191 | * In a UNIX environment, it might be defined by:
192 | *
193 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
194 | * returnType (* name)
195 | *
196 | *
197 | * 6. NULL_PTR: This macro is the value of a NULL pointer.
198 | *
199 | * In any ANSI/ISO C environment (and in many others as well),
200 | * this should best be defined by
201 | *
202 | * #ifndef NULL_PTR
203 | * #define NULL_PTR 0
204 | * #endif
205 | */
206 |
207 |
208 | /* All the various Cryptoki types and #define'd values are in the
209 | * file pkcs11t.h. */
210 | #include "pkcs11t.h"
211 |
212 | #define __PASTE(x,y) x##y
213 |
214 |
215 | /* ==============================================================
216 | * Define the "extern" form of all the entry points.
217 | * ==============================================================
218 | */
219 |
220 | #define CK_NEED_ARG_LIST 1
221 | #define CK_PKCS11_FUNCTION_INFO(name) \
222 | extern CK_DECLARE_FUNCTION(CK_RV, name)
223 |
224 | /* pkcs11f.h has all the information about the Cryptoki
225 | * function prototypes. */
226 | #include "pkcs11f.h"
227 |
228 | #undef CK_NEED_ARG_LIST
229 | #undef CK_PKCS11_FUNCTION_INFO
230 |
231 |
232 | /* ==============================================================
233 | * Define the typedef form of all the entry points. That is, for
234 | * each Cryptoki function C_XXX, define a type CK_C_XXX which is
235 | * a pointer to that kind of function.
236 | * ==============================================================
237 | */
238 |
239 | #define CK_NEED_ARG_LIST 1
240 | #define CK_PKCS11_FUNCTION_INFO(name) \
241 | typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
242 |
243 | /* pkcs11f.h has all the information about the Cryptoki
244 | * function prototypes. */
245 | #include "pkcs11f.h"
246 |
247 | #undef CK_NEED_ARG_LIST
248 | #undef CK_PKCS11_FUNCTION_INFO
249 |
250 |
251 | /* ==============================================================
252 | * Define structed vector of entry points. A CK_FUNCTION_LIST
253 | * contains a CK_VERSION indicating a library's Cryptoki version
254 | * and then a whole slew of function pointers to the routines in
255 | * the library. This type was declared, but not defined, in
256 | * pkcs11t.h.
257 | * ==============================================================
258 | */
259 |
260 | #define CK_PKCS11_FUNCTION_INFO(name) \
261 | __PASTE(CK_,name) name;
262 |
263 | struct CK_FUNCTION_LIST {
264 |
265 | CK_VERSION version; /* Cryptoki version */
266 |
267 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
268 | /* pkcs11f.h has all the information about the Cryptoki
269 | * function prototypes. */
270 | #include "pkcs11f.h"
271 |
272 | };
273 |
274 | #undef CK_PKCS11_FUNCTION_INFO
275 |
276 |
277 | #undef __PASTE
278 |
279 | #ifdef __cplusplus
280 | }
281 | #endif
282 |
283 | #endif
284 |
--------------------------------------------------------------------------------
/v2.10/pkcs11Conformance.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.10/pkcs11Conformance.pdf
--------------------------------------------------------------------------------
/v2.10/pkcs11v2-10.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.10/pkcs11v2-10.pdf
--------------------------------------------------------------------------------
/v2.11/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v2.11 : Cryptographic Token Interface Standard**
2 | [pkcs-11v2-11r1.pdf](pkcs-11v2-11r1.pdf) - Revision 1 - November 2001
3 |
4 | **PKCS#11 v2.11 Amendment 1**
5 | [pkcs-11v2-11a1.pdf](pkcs-11v2-11a1.pdf) - 28 August 2002
6 |
7 | **PKCS#11 v2.11 rev. 1 Errata**
8 | [pkcs-11v2-11errata.txt](pkcs-11v2-11errata.txt) - January 2003
9 |
10 | **PKCS#11 v2.11 : Profiles For Mobile Devices**
11 | [pkcs-11v2-11mp.pdf](pkcs-11v2-11mp.pdf) - 10 June 2003
12 |
--------------------------------------------------------------------------------
/v2.11/headers/cryptoki.h:
--------------------------------------------------------------------------------
1 | /* cryptoki.h include file for PKCS #11. */
2 | /* $Revision: 1.4 $ */
3 |
4 | /* License to copy and use this software is granted provided that it is
5 | * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
6 | * (Cryptoki)" in all material mentioning or referencing this software.
7 |
8 | * License is also granted to make and use derivative works provided that
9 | * such works are identified as "derived from the RSA Security Inc. PKCS #11
10 | * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
11 | * referencing the derived work.
12 |
13 | * RSA Security Inc. makes no representations concerning either the
14 | * merchantability of this software or the suitability of this software for
15 | * any particular purpose. It is provided "as is" without express or implied
16 | * warranty of any kind.
17 | */
18 |
19 | /* This is a sample file containing the top level include directives
20 | * for building Win32 Cryptoki libraries and applications.
21 | */
22 |
23 | #ifndef ___CRYPTOKI_H_INC___
24 | #define ___CRYPTOKI_H_INC___
25 |
26 | #pragma pack(push, cryptoki, 1)
27 |
28 | /* Specifies that the function is a DLL entry point. */
29 | #define CK_IMPORT_SPEC __declspec(dllimport)
30 |
31 | /* Define CRYPTOKI_EXPORTS during the build of cryptoki libraries. Do
32 | * not define it in applications.
33 | */
34 | #ifdef CRYPTOKI_EXPORTS
35 | /* Specified that the function is an exported DLL entry point. */
36 | #define CK_EXPORT_SPEC __declspec(dllexport)
37 | #else
38 | #define CK_EXPORT_SPEC CK_IMPORT_SPEC
39 | #endif
40 |
41 | /* Ensures the calling convention for Win32 builds */
42 | #define CK_CALL_SPEC __cdecl
43 |
44 | #define CK_PTR *
45 |
46 | #define CK_DEFINE_FUNCTION(returnType, name) \
47 | returnType CK_EXPORT_SPEC CK_CALL_SPEC name
48 |
49 | #define CK_DECLARE_FUNCTION(returnType, name) \
50 | returnType CK_EXPORT_SPEC CK_CALL_SPEC name
51 |
52 | #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
53 | returnType CK_IMPORT_SPEC (CK_CALL_SPEC CK_PTR name)
54 |
55 | #define CK_CALLBACK_FUNCTION(returnType, name) \
56 | returnType (CK_CALL_SPEC CK_PTR name)
57 |
58 | #ifndef NULL_PTR
59 | #define NULL_PTR 0
60 | #endif
61 |
62 | #include "pkcs11.h"
63 |
64 | #pragma pack(pop, cryptoki)
65 |
66 | #endif /* ___CRYPTOKI_H_INC___ */
67 |
--------------------------------------------------------------------------------
/v2.11/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /* pkcs11.h include file for PKCS #11. */
2 | /* $Revision: 1.4 $ */
3 |
4 | /* License to copy and use this software is granted provided that it is
5 | * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
6 | * (Cryptoki)" in all material mentioning or referencing this software.
7 |
8 | * License is also granted to make and use derivative works provided that
9 | * such works are identified as "derived from the RSA Security Inc. PKCS #11
10 | * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
11 | * referencing the derived work.
12 |
13 | * RSA Security Inc. makes no representations concerning either the
14 | * merchantability of this software or the suitability of this software for
15 | * any particular purpose. It is provided "as is" without express or implied
16 | * warranty of any kind.
17 | */
18 |
19 | #ifndef _PKCS11_H_
20 | #define _PKCS11_H_ 1
21 |
22 | #ifdef __cplusplus
23 | extern "C" {
24 | #endif
25 |
26 | /* Before including this file (pkcs11.h) (or pkcs11t.h by
27 | * itself), 6 platform-specific macros must be defined. These
28 | * macros are described below, and typical definitions for them
29 | * are also given. Be advised that these definitions can depend
30 | * on both the platform and the compiler used (and possibly also
31 | * on whether a Cryptoki library is linked statically or
32 | * dynamically).
33 | *
34 | * In addition to defining these 6 macros, the packing convention
35 | * for Cryptoki structures should be set. The Cryptoki
36 | * convention on packing is that structures should be 1-byte
37 | * aligned.
38 | *
39 | * If you're using Microsoft Developer Studio 5.0 to produce
40 | * Win32 stuff, this might be done by using the following
41 | * preprocessor directive before including pkcs11.h or pkcs11t.h:
42 | *
43 | * #pragma pack(push, cryptoki, 1)
44 | *
45 | * and using the following preprocessor directive after including
46 | * pkcs11.h or pkcs11t.h:
47 | *
48 | * #pragma pack(pop, cryptoki)
49 | *
50 | * If you're using an earlier version of Microsoft Developer
51 | * Studio to produce Win16 stuff, this might be done by using
52 | * the following preprocessor directive before including
53 | * pkcs11.h or pkcs11t.h:
54 | *
55 | * #pragma pack(1)
56 | *
57 | * In a UNIX environment, you're on your own for this. You might
58 | * not need to do (or be able to do!) anything.
59 | *
60 | *
61 | * Now for the macros:
62 | *
63 | *
64 | * 1. CK_PTR: The indirection string for making a pointer to an
65 | * object. It can be used like this:
66 | *
67 | * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
68 | *
69 | * If you're using Microsoft Developer Studio 5.0 to produce
70 | * Win32 stuff, it might be defined by:
71 | *
72 | * #define CK_PTR *
73 | *
74 | * If you're using an earlier version of Microsoft Developer
75 | * Studio to produce Win16 stuff, it might be defined by:
76 | *
77 | * #define CK_PTR far *
78 | *
79 | * In a typical UNIX environment, it might be defined by:
80 | *
81 | * #define CK_PTR *
82 | *
83 | *
84 | * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
85 | * an exportable Cryptoki library function definition out of a
86 | * return type and a function name. It should be used in the
87 | * following fashion to define the exposed Cryptoki functions in
88 | * a Cryptoki library:
89 | *
90 | * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
91 | * CK_VOID_PTR pReserved
92 | * )
93 | * {
94 | * ...
95 | * }
96 | *
97 | * If you're using Microsoft Developer Studio 5.0 to define a
98 | * function in a Win32 Cryptoki .dll, it might be defined by:
99 | *
100 | * #define CK_DEFINE_FUNCTION(returnType, name) \
101 | * returnType __declspec(dllexport) name
102 | *
103 | * If you're using an earlier version of Microsoft Developer
104 | * Studio to define a function in a Win16 Cryptoki .dll, it
105 | * might be defined by:
106 | *
107 | * #define CK_DEFINE_FUNCTION(returnType, name) \
108 | * returnType __export _far _pascal name
109 | *
110 | * In a UNIX environment, it might be defined by:
111 | *
112 | * #define CK_DEFINE_FUNCTION(returnType, name) \
113 | * returnType name
114 | *
115 | *
116 | * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
117 | * an importable Cryptoki library function declaration out of a
118 | * return type and a function name. It should be used in the
119 | * following fashion:
120 | *
121 | * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
122 | * CK_VOID_PTR pReserved
123 | * );
124 | *
125 | * If you're using Microsoft Developer Studio 5.0 to declare a
126 | * function in a Win32 Cryptoki .dll, it might be defined by:
127 | *
128 | * #define CK_DECLARE_FUNCTION(returnType, name) \
129 | * returnType __declspec(dllimport) name
130 | *
131 | * If you're using an earlier version of Microsoft Developer
132 | * Studio to declare a function in a Win16 Cryptoki .dll, it
133 | * might be defined by:
134 | *
135 | * #define CK_DECLARE_FUNCTION(returnType, name) \
136 | * returnType __export _far _pascal name
137 | *
138 | * In a UNIX environment, it might be defined by:
139 | *
140 | * #define CK_DECLARE_FUNCTION(returnType, name) \
141 | * returnType name
142 | *
143 | *
144 | * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
145 | * which makes a Cryptoki API function pointer declaration or
146 | * function pointer type declaration out of a return type and a
147 | * function name. It should be used in the following fashion:
148 | *
149 | * // Define funcPtr to be a pointer to a Cryptoki API function
150 | * // taking arguments args and returning CK_RV.
151 | * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
152 | *
153 | * or
154 | *
155 | * // Define funcPtrType to be the type of a pointer to a
156 | * // Cryptoki API function taking arguments args and returning
157 | * // CK_RV, and then define funcPtr to be a variable of type
158 | * // funcPtrType.
159 | * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
160 | * funcPtrType funcPtr;
161 | *
162 | * If you're using Microsoft Developer Studio 5.0 to access
163 | * functions in a Win32 Cryptoki .dll, in might be defined by:
164 | *
165 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
166 | * returnType __declspec(dllimport) (* name)
167 | *
168 | * If you're using an earlier version of Microsoft Developer
169 | * Studio to access functions in a Win16 Cryptoki .dll, it might
170 | * be defined by:
171 | *
172 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
173 | * returnType __export _far _pascal (* name)
174 | *
175 | * In a UNIX environment, it might be defined by:
176 | *
177 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
178 | * returnType (* name)
179 | *
180 | *
181 | * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
182 | * a function pointer type for an application callback out of
183 | * a return type for the callback and a name for the callback.
184 | * It should be used in the following fashion:
185 | *
186 | * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
187 | *
188 | * to declare a function pointer, myCallback, to a callback
189 | * which takes arguments args and returns a CK_RV. It can also
190 | * be used like this:
191 | *
192 | * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
193 | * myCallbackType myCallback;
194 | *
195 | * If you're using Microsoft Developer Studio 5.0 to do Win32
196 | * Cryptoki development, it might be defined by:
197 | *
198 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
199 | * returnType (* name)
200 | *
201 | * If you're using an earlier version of Microsoft Developer
202 | * Studio to do Win16 development, it might be defined by:
203 | *
204 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
205 | * returnType _far _pascal (* name)
206 | *
207 | * In a UNIX environment, it might be defined by:
208 | *
209 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
210 | * returnType (* name)
211 | *
212 | *
213 | * 6. NULL_PTR: This macro is the value of a NULL pointer.
214 | *
215 | * In any ANSI/ISO C environment (and in many others as well),
216 | * this should best be defined by
217 | *
218 | * #ifndef NULL_PTR
219 | * #define NULL_PTR 0
220 | * #endif
221 | */
222 |
223 |
224 | /* All the various Cryptoki types and #define'd values are in the
225 | * file pkcs11t.h. */
226 | #include "pkcs11t.h"
227 |
228 | #define __PASTE(x,y) x##y
229 |
230 |
231 | /* ==============================================================
232 | * Define the "extern" form of all the entry points.
233 | * ==============================================================
234 | */
235 |
236 | #define CK_NEED_ARG_LIST 1
237 | #define CK_PKCS11_FUNCTION_INFO(name) \
238 | extern CK_DECLARE_FUNCTION(CK_RV, name)
239 |
240 | /* pkcs11f.h has all the information about the Cryptoki
241 | * function prototypes. */
242 | #include "pkcs11f.h"
243 |
244 | #undef CK_NEED_ARG_LIST
245 | #undef CK_PKCS11_FUNCTION_INFO
246 |
247 |
248 | /* ==============================================================
249 | * Define the typedef form of all the entry points. That is, for
250 | * each Cryptoki function C_XXX, define a type CK_C_XXX which is
251 | * a pointer to that kind of function.
252 | * ==============================================================
253 | */
254 |
255 | #define CK_NEED_ARG_LIST 1
256 | #define CK_PKCS11_FUNCTION_INFO(name) \
257 | typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
258 |
259 | /* pkcs11f.h has all the information about the Cryptoki
260 | * function prototypes. */
261 | #include "pkcs11f.h"
262 |
263 | #undef CK_NEED_ARG_LIST
264 | #undef CK_PKCS11_FUNCTION_INFO
265 |
266 |
267 | /* ==============================================================
268 | * Define structed vector of entry points. A CK_FUNCTION_LIST
269 | * contains a CK_VERSION indicating a library's Cryptoki version
270 | * and then a whole slew of function pointers to the routines in
271 | * the library. This type was declared, but not defined, in
272 | * pkcs11t.h.
273 | * ==============================================================
274 | */
275 |
276 | #define CK_PKCS11_FUNCTION_INFO(name) \
277 | __PASTE(CK_,name) name;
278 |
279 | struct CK_FUNCTION_LIST {
280 |
281 | CK_VERSION version; /* Cryptoki version */
282 |
283 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
284 | /* pkcs11f.h has all the information about the Cryptoki
285 | * function prototypes. */
286 | #include "pkcs11f.h"
287 |
288 | };
289 |
290 | #undef CK_PKCS11_FUNCTION_INFO
291 |
292 |
293 | #undef __PASTE
294 |
295 | #ifdef __cplusplus
296 | }
297 | #endif
298 |
299 | #endif
300 |
--------------------------------------------------------------------------------
/v2.11/pkcs-11v2-11a1.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.11/pkcs-11v2-11a1.pdf
--------------------------------------------------------------------------------
/v2.11/pkcs-11v2-11errata.txt:
--------------------------------------------------------------------------------
1 | PKCS #11 v2.11 rev. 1 Errata
2 | ----------------------------
3 | $Revision: 1.3 $
4 |
5 | January, 2003
6 |
7 | Copyright (C) 2003 RSA Laboratories, a division of RSA Security
8 | Inc. License to copy this document is granted provided that it is
9 | identified as "RSA Security Inc. Public-Key Cryptography Standards
10 | (PKCS)" in all material mentioning or referencing this document.
11 |
12 | This note lists known errors in PKCS #11: Cryptographic Token
13 | Interface Standard, version 2.11 (Rev. 1), and should be incorporated
14 | into that version.
15 |
16 | -Section 12.36.1: "CKM_WRAP_LYNKS" should be replaced with
17 | "CKM_KEY_WRAP_LYNKS"
18 |
19 |
20 |
--------------------------------------------------------------------------------
/v2.11/pkcs-11v2-11mp.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.11/pkcs-11v2-11mp.pdf
--------------------------------------------------------------------------------
/v2.11/pkcs-11v2-11r1.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.11/pkcs-11v2-11r1.pdf
--------------------------------------------------------------------------------
/v2.20/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v2.20 : Cryptographic Token Interface Standard**
2 | [pkcs-11v2-20.pdf](pkcs-11v2-20.pdf) - 28 June 2004
3 |
4 | **PKCS#11 v2.20 Amendment 1 : PKCS#11 Mechanisms for One-Time Password Tokens**
5 | [pkcs-11v2-20a1.pdf](pkcs-11v2-20a1.pdf) - 27 December 2005
6 |
7 | **PKCS#11 v2.20 Amendment 2 : PKCS#11 Mechanisms for the Cryptographic Token Key Initialization Protocol**
8 | [pkcs-11v2-20a2.pdf](pkcs-11v2-20a2.pdf) - 27 December 2005
9 |
10 | **PKCS#11 v2.20 Errata**
11 | [pkcs-11v2-20errata.txt](pkcs-11v2-20errata.txt) - 14 November 2006
12 |
--------------------------------------------------------------------------------
/v2.20/headers/cryptoki.h:
--------------------------------------------------------------------------------
1 | /* cryptoki.h include file for PKCS #11. */
2 | /* $Revision: 1.4 $ */
3 |
4 | /* License to copy and use this software is granted provided that it is
5 | * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
6 | * (Cryptoki)" in all material mentioning or referencing this software.
7 |
8 | * License is also granted to make and use derivative works provided that
9 | * such works are identified as "derived from the RSA Security Inc. PKCS #11
10 | * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
11 | * referencing the derived work.
12 |
13 | * RSA Security Inc. makes no representations concerning either the
14 | * merchantability of this software or the suitability of this software for
15 | * any particular purpose. It is provided "as is" without express or implied
16 | * warranty of any kind.
17 | */
18 |
19 | /* This is a sample file containing the top level include directives
20 | * for building Win32 Cryptoki libraries and applications.
21 | */
22 |
23 | #ifndef ___CRYPTOKI_H_INC___
24 | #define ___CRYPTOKI_H_INC___
25 |
26 | #pragma pack(push, cryptoki, 1)
27 |
28 | /* Specifies that the function is a DLL entry point. */
29 | #define CK_IMPORT_SPEC __declspec(dllimport)
30 |
31 | /* Define CRYPTOKI_EXPORTS during the build of cryptoki libraries. Do
32 | * not define it in applications.
33 | */
34 | #ifdef CRYPTOKI_EXPORTS
35 | /* Specified that the function is an exported DLL entry point. */
36 | #define CK_EXPORT_SPEC __declspec(dllexport)
37 | #else
38 | #define CK_EXPORT_SPEC CK_IMPORT_SPEC
39 | #endif
40 |
41 | /* Ensures the calling convention for Win32 builds */
42 | #define CK_CALL_SPEC __cdecl
43 |
44 | #define CK_PTR *
45 |
46 | #define CK_DEFINE_FUNCTION(returnType, name) \
47 | returnType CK_EXPORT_SPEC CK_CALL_SPEC name
48 |
49 | #define CK_DECLARE_FUNCTION(returnType, name) \
50 | returnType CK_EXPORT_SPEC CK_CALL_SPEC name
51 |
52 | #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
53 | returnType CK_IMPORT_SPEC (CK_CALL_SPEC CK_PTR name)
54 |
55 | #define CK_CALLBACK_FUNCTION(returnType, name) \
56 | returnType (CK_CALL_SPEC CK_PTR name)
57 |
58 | #ifndef NULL_PTR
59 | #define NULL_PTR 0
60 | #endif
61 |
62 | #include "pkcs11.h"
63 |
64 | #pragma pack(pop, cryptoki)
65 |
66 | #endif /* ___CRYPTOKI_H_INC___ */
67 |
--------------------------------------------------------------------------------
/v2.20/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /* pkcs11.h include file for PKCS #11. */
2 | /* $Revision: 1.4 $ */
3 |
4 | /* License to copy and use this software is granted provided that it is
5 | * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
6 | * (Cryptoki)" in all material mentioning or referencing this software.
7 |
8 | * License is also granted to make and use derivative works provided that
9 | * such works are identified as "derived from the RSA Security Inc. PKCS #11
10 | * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
11 | * referencing the derived work.
12 |
13 | * RSA Security Inc. makes no representations concerning either the
14 | * merchantability of this software or the suitability of this software for
15 | * any particular purpose. It is provided "as is" without express or implied
16 | * warranty of any kind.
17 | */
18 |
19 | #ifndef _PKCS11_H_
20 | #define _PKCS11_H_ 1
21 |
22 | #ifdef __cplusplus
23 | extern "C" {
24 | #endif
25 |
26 | /* Before including this file (pkcs11.h) (or pkcs11t.h by
27 | * itself), 6 platform-specific macros must be defined. These
28 | * macros are described below, and typical definitions for them
29 | * are also given. Be advised that these definitions can depend
30 | * on both the platform and the compiler used (and possibly also
31 | * on whether a Cryptoki library is linked statically or
32 | * dynamically).
33 | *
34 | * In addition to defining these 6 macros, the packing convention
35 | * for Cryptoki structures should be set. The Cryptoki
36 | * convention on packing is that structures should be 1-byte
37 | * aligned.
38 | *
39 | * If you're using Microsoft Developer Studio 5.0 to produce
40 | * Win32 stuff, this might be done by using the following
41 | * preprocessor directive before including pkcs11.h or pkcs11t.h:
42 | *
43 | * #pragma pack(push, cryptoki, 1)
44 | *
45 | * and using the following preprocessor directive after including
46 | * pkcs11.h or pkcs11t.h:
47 | *
48 | * #pragma pack(pop, cryptoki)
49 | *
50 | * If you're using an earlier version of Microsoft Developer
51 | * Studio to produce Win16 stuff, this might be done by using
52 | * the following preprocessor directive before including
53 | * pkcs11.h or pkcs11t.h:
54 | *
55 | * #pragma pack(1)
56 | *
57 | * In a UNIX environment, you're on your own for this. You might
58 | * not need to do (or be able to do!) anything.
59 | *
60 | *
61 | * Now for the macros:
62 | *
63 | *
64 | * 1. CK_PTR: The indirection string for making a pointer to an
65 | * object. It can be used like this:
66 | *
67 | * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
68 | *
69 | * If you're using Microsoft Developer Studio 5.0 to produce
70 | * Win32 stuff, it might be defined by:
71 | *
72 | * #define CK_PTR *
73 | *
74 | * If you're using an earlier version of Microsoft Developer
75 | * Studio to produce Win16 stuff, it might be defined by:
76 | *
77 | * #define CK_PTR far *
78 | *
79 | * In a typical UNIX environment, it might be defined by:
80 | *
81 | * #define CK_PTR *
82 | *
83 | *
84 | * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
85 | * an exportable Cryptoki library function definition out of a
86 | * return type and a function name. It should be used in the
87 | * following fashion to define the exposed Cryptoki functions in
88 | * a Cryptoki library:
89 | *
90 | * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
91 | * CK_VOID_PTR pReserved
92 | * )
93 | * {
94 | * ...
95 | * }
96 | *
97 | * If you're using Microsoft Developer Studio 5.0 to define a
98 | * function in a Win32 Cryptoki .dll, it might be defined by:
99 | *
100 | * #define CK_DEFINE_FUNCTION(returnType, name) \
101 | * returnType __declspec(dllexport) name
102 | *
103 | * If you're using an earlier version of Microsoft Developer
104 | * Studio to define a function in a Win16 Cryptoki .dll, it
105 | * might be defined by:
106 | *
107 | * #define CK_DEFINE_FUNCTION(returnType, name) \
108 | * returnType __export _far _pascal name
109 | *
110 | * In a UNIX environment, it might be defined by:
111 | *
112 | * #define CK_DEFINE_FUNCTION(returnType, name) \
113 | * returnType name
114 | *
115 | *
116 | * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
117 | * an importable Cryptoki library function declaration out of a
118 | * return type and a function name. It should be used in the
119 | * following fashion:
120 | *
121 | * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
122 | * CK_VOID_PTR pReserved
123 | * );
124 | *
125 | * If you're using Microsoft Developer Studio 5.0 to declare a
126 | * function in a Win32 Cryptoki .dll, it might be defined by:
127 | *
128 | * #define CK_DECLARE_FUNCTION(returnType, name) \
129 | * returnType __declspec(dllimport) name
130 | *
131 | * If you're using an earlier version of Microsoft Developer
132 | * Studio to declare a function in a Win16 Cryptoki .dll, it
133 | * might be defined by:
134 | *
135 | * #define CK_DECLARE_FUNCTION(returnType, name) \
136 | * returnType __export _far _pascal name
137 | *
138 | * In a UNIX environment, it might be defined by:
139 | *
140 | * #define CK_DECLARE_FUNCTION(returnType, name) \
141 | * returnType name
142 | *
143 | *
144 | * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
145 | * which makes a Cryptoki API function pointer declaration or
146 | * function pointer type declaration out of a return type and a
147 | * function name. It should be used in the following fashion:
148 | *
149 | * // Define funcPtr to be a pointer to a Cryptoki API function
150 | * // taking arguments args and returning CK_RV.
151 | * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
152 | *
153 | * or
154 | *
155 | * // Define funcPtrType to be the type of a pointer to a
156 | * // Cryptoki API function taking arguments args and returning
157 | * // CK_RV, and then define funcPtr to be a variable of type
158 | * // funcPtrType.
159 | * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
160 | * funcPtrType funcPtr;
161 | *
162 | * If you're using Microsoft Developer Studio 5.0 to access
163 | * functions in a Win32 Cryptoki .dll, in might be defined by:
164 | *
165 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
166 | * returnType __declspec(dllimport) (* name)
167 | *
168 | * If you're using an earlier version of Microsoft Developer
169 | * Studio to access functions in a Win16 Cryptoki .dll, it might
170 | * be defined by:
171 | *
172 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
173 | * returnType __export _far _pascal (* name)
174 | *
175 | * In a UNIX environment, it might be defined by:
176 | *
177 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
178 | * returnType (* name)
179 | *
180 | *
181 | * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
182 | * a function pointer type for an application callback out of
183 | * a return type for the callback and a name for the callback.
184 | * It should be used in the following fashion:
185 | *
186 | * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
187 | *
188 | * to declare a function pointer, myCallback, to a callback
189 | * which takes arguments args and returns a CK_RV. It can also
190 | * be used like this:
191 | *
192 | * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
193 | * myCallbackType myCallback;
194 | *
195 | * If you're using Microsoft Developer Studio 5.0 to do Win32
196 | * Cryptoki development, it might be defined by:
197 | *
198 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
199 | * returnType (* name)
200 | *
201 | * If you're using an earlier version of Microsoft Developer
202 | * Studio to do Win16 development, it might be defined by:
203 | *
204 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
205 | * returnType _far _pascal (* name)
206 | *
207 | * In a UNIX environment, it might be defined by:
208 | *
209 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
210 | * returnType (* name)
211 | *
212 | *
213 | * 6. NULL_PTR: This macro is the value of a NULL pointer.
214 | *
215 | * In any ANSI/ISO C environment (and in many others as well),
216 | * this should best be defined by
217 | *
218 | * #ifndef NULL_PTR
219 | * #define NULL_PTR 0
220 | * #endif
221 | */
222 |
223 |
224 | /* All the various Cryptoki types and #define'd values are in the
225 | * file pkcs11t.h. */
226 | #include "pkcs11t.h"
227 |
228 | #define __PASTE(x,y) x##y
229 |
230 |
231 | /* ==============================================================
232 | * Define the "extern" form of all the entry points.
233 | * ==============================================================
234 | */
235 |
236 | #define CK_NEED_ARG_LIST 1
237 | #define CK_PKCS11_FUNCTION_INFO(name) \
238 | extern CK_DECLARE_FUNCTION(CK_RV, name)
239 |
240 | /* pkcs11f.h has all the information about the Cryptoki
241 | * function prototypes. */
242 | #include "pkcs11f.h"
243 |
244 | #undef CK_NEED_ARG_LIST
245 | #undef CK_PKCS11_FUNCTION_INFO
246 |
247 |
248 | /* ==============================================================
249 | * Define the typedef form of all the entry points. That is, for
250 | * each Cryptoki function C_XXX, define a type CK_C_XXX which is
251 | * a pointer to that kind of function.
252 | * ==============================================================
253 | */
254 |
255 | #define CK_NEED_ARG_LIST 1
256 | #define CK_PKCS11_FUNCTION_INFO(name) \
257 | typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
258 |
259 | /* pkcs11f.h has all the information about the Cryptoki
260 | * function prototypes. */
261 | #include "pkcs11f.h"
262 |
263 | #undef CK_NEED_ARG_LIST
264 | #undef CK_PKCS11_FUNCTION_INFO
265 |
266 |
267 | /* ==============================================================
268 | * Define structed vector of entry points. A CK_FUNCTION_LIST
269 | * contains a CK_VERSION indicating a library's Cryptoki version
270 | * and then a whole slew of function pointers to the routines in
271 | * the library. This type was declared, but not defined, in
272 | * pkcs11t.h.
273 | * ==============================================================
274 | */
275 |
276 | #define CK_PKCS11_FUNCTION_INFO(name) \
277 | __PASTE(CK_,name) name;
278 |
279 | struct CK_FUNCTION_LIST {
280 |
281 | CK_VERSION version; /* Cryptoki version */
282 |
283 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
284 | /* pkcs11f.h has all the information about the Cryptoki
285 | * function prototypes. */
286 | #include "pkcs11f.h"
287 |
288 | };
289 |
290 | #undef CK_PKCS11_FUNCTION_INFO
291 |
292 |
293 | #undef __PASTE
294 |
295 | #ifdef __cplusplus
296 | }
297 | #endif
298 |
299 | #endif
300 |
--------------------------------------------------------------------------------
/v2.20/pkcs-11v2-20.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.20/pkcs-11v2-20.pdf
--------------------------------------------------------------------------------
/v2.20/pkcs-11v2-20a1.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.20/pkcs-11v2-20a1.pdf
--------------------------------------------------------------------------------
/v2.20/pkcs-11v2-20a2.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.20/pkcs-11v2-20a2.pdf
--------------------------------------------------------------------------------
/v2.20/pkcs-11v2-20a3.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.20/pkcs-11v2-20a3.pdf
--------------------------------------------------------------------------------
/v2.20/pkcs-11v2-20errata.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.20/pkcs-11v2-20errata.txt
--------------------------------------------------------------------------------
/v2.30_DRAFT/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v2.30 : Cryptographic Token Interface Standard**
2 | [pkcs-11v2-30-d1.pdf](pkcs-11v2-30-d1.pdf) - 16 April 2009
3 |
4 | **PKCS#11 v2.30 : Other Mechanisms**
5 | [pkcs-11v2-30m2-d3.pdf](pkcs-11v2-30m2-d3.pdf) - 16 April 2009
6 |
7 | **PKCS#11 v2.30 : Base Functionality**
8 | [pkcs-11v2-30b-d6.pdf](pkcs-11v2-30b-d6.pdf) - Draft 4 - 10 July 2009
9 |
10 | **PKCS#11 v2.30 : Mechanisms**
11 | [pkcs-11v2-30m1-d7.pdf](pkcs-11v2-30m1-d7.pdf) - Draft 7 - 29 July 2009
12 |
--------------------------------------------------------------------------------
/v2.30_DRAFT/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /* 02-Sep-2008 from ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/ */
2 |
3 | /* pkcs11.h include file for PKCS #11. */
4 | /* $Revision: 1.4 $ */
5 |
6 | /* License to copy and use this software is granted provided that it is
7 | * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
8 | * (Cryptoki)" in all material mentioning or referencing this software.
9 |
10 | * License is also granted to make and use derivative works provided that
11 | * such works are identified as "derived from the RSA Security Inc. PKCS #11
12 | * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
13 | * referencing the derived work.
14 |
15 | * RSA Security Inc. makes no representations concerning either the
16 | * merchantability of this software or the suitability of this software for
17 | * any particular purpose. It is provided "as is" without express or implied
18 | * warranty of any kind.
19 | */
20 |
21 | #ifndef _PKCS11_H_
22 | #define _PKCS11_H_ 1
23 |
24 | #ifdef __cplusplus
25 | extern "C" {
26 | #endif
27 |
28 | /* Before including this file (pkcs11.h) (or pkcs11t.h by
29 | * itself), 6 platform-specific macros must be defined. These
30 | * macros are described below, and typical definitions for them
31 | * are also given. Be advised that these definitions can depend
32 | * on both the platform and the compiler used (and possibly also
33 | * on whether a Cryptoki library is linked statically or
34 | * dynamically).
35 | *
36 | * In addition to defining these 6 macros, the packing convention
37 | * for Cryptoki structures should be set. The Cryptoki
38 | * convention on packing is that structures should be 1-byte
39 | * aligned.
40 | *
41 | * If you're using Microsoft Developer Studio 5.0 to produce
42 | * Win32 stuff, this might be done by using the following
43 | * preprocessor directive before including pkcs11.h or pkcs11t.h:
44 | *
45 | * #pragma pack(push, cryptoki, 1)
46 | *
47 | * and using the following preprocessor directive after including
48 | * pkcs11.h or pkcs11t.h:
49 | *
50 | * #pragma pack(pop, cryptoki)
51 | *
52 | * If you're using an earlier version of Microsoft Developer
53 | * Studio to produce Win16 stuff, this might be done by using
54 | * the following preprocessor directive before including
55 | * pkcs11.h or pkcs11t.h:
56 | *
57 | * #pragma pack(1)
58 | *
59 | * In a UNIX environment, you're on your own for this. You might
60 | * not need to do (or be able to do!) anything.
61 | *
62 | *
63 | * Now for the macros:
64 | *
65 | *
66 | * 1. CK_PTR: The indirection string for making a pointer to an
67 | * object. It can be used like this:
68 | *
69 | * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
70 | *
71 | * If you're using Microsoft Developer Studio 5.0 to produce
72 | * Win32 stuff, it might be defined by:
73 | *
74 | * #define CK_PTR *
75 | *
76 | * If you're using an earlier version of Microsoft Developer
77 | * Studio to produce Win16 stuff, it might be defined by:
78 | *
79 | * #define CK_PTR far *
80 | *
81 | * In a typical UNIX environment, it might be defined by:
82 | *
83 | * #define CK_PTR *
84 | *
85 | *
86 | * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
87 | * an exportable Cryptoki library function definition out of a
88 | * return type and a function name. It should be used in the
89 | * following fashion to define the exposed Cryptoki functions in
90 | * a Cryptoki library:
91 | *
92 | * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
93 | * CK_VOID_PTR pReserved
94 | * )
95 | * {
96 | * ...
97 | * }
98 | *
99 | * If you're using Microsoft Developer Studio 5.0 to define a
100 | * function in a Win32 Cryptoki .dll, it might be defined by:
101 | *
102 | * #define CK_DEFINE_FUNCTION(returnType, name) \
103 | * returnType __declspec(dllexport) name
104 | *
105 | * If you're using an earlier version of Microsoft Developer
106 | * Studio to define a function in a Win16 Cryptoki .dll, it
107 | * might be defined by:
108 | *
109 | * #define CK_DEFINE_FUNCTION(returnType, name) \
110 | * returnType __export _far _pascal name
111 | *
112 | * In a UNIX environment, it might be defined by:
113 | *
114 | * #define CK_DEFINE_FUNCTION(returnType, name) \
115 | * returnType name
116 | *
117 | *
118 | * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
119 | * an importable Cryptoki library function declaration out of a
120 | * return type and a function name. It should be used in the
121 | * following fashion:
122 | *
123 | * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
124 | * CK_VOID_PTR pReserved
125 | * );
126 | *
127 | * If you're using Microsoft Developer Studio 5.0 to declare a
128 | * function in a Win32 Cryptoki .dll, it might be defined by:
129 | *
130 | * #define CK_DECLARE_FUNCTION(returnType, name) \
131 | * returnType __declspec(dllimport) name
132 | *
133 | * If you're using an earlier version of Microsoft Developer
134 | * Studio to declare a function in a Win16 Cryptoki .dll, it
135 | * might be defined by:
136 | *
137 | * #define CK_DECLARE_FUNCTION(returnType, name) \
138 | * returnType __export _far _pascal name
139 | *
140 | * In a UNIX environment, it might be defined by:
141 | *
142 | * #define CK_DECLARE_FUNCTION(returnType, name) \
143 | * returnType name
144 | *
145 | *
146 | * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
147 | * which makes a Cryptoki API function pointer declaration or
148 | * function pointer type declaration out of a return type and a
149 | * function name. It should be used in the following fashion:
150 | *
151 | * // Define funcPtr to be a pointer to a Cryptoki API function
152 | * // taking arguments args and returning CK_RV.
153 | * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
154 | *
155 | * or
156 | *
157 | * // Define funcPtrType to be the type of a pointer to a
158 | * // Cryptoki API function taking arguments args and returning
159 | * // CK_RV, and then define funcPtr to be a variable of type
160 | * // funcPtrType.
161 | * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
162 | * funcPtrType funcPtr;
163 | *
164 | * If you're using Microsoft Developer Studio 5.0 to access
165 | * functions in a Win32 Cryptoki .dll, in might be defined by:
166 | *
167 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
168 | * returnType __declspec(dllimport) (* name)
169 | *
170 | * If you're using an earlier version of Microsoft Developer
171 | * Studio to access functions in a Win16 Cryptoki .dll, it might
172 | * be defined by:
173 | *
174 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
175 | * returnType __export _far _pascal (* name)
176 | *
177 | * In a UNIX environment, it might be defined by:
178 | *
179 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
180 | * returnType (* name)
181 | *
182 | *
183 | * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
184 | * a function pointer type for an application callback out of
185 | * a return type for the callback and a name for the callback.
186 | * It should be used in the following fashion:
187 | *
188 | * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
189 | *
190 | * to declare a function pointer, myCallback, to a callback
191 | * which takes arguments args and returns a CK_RV. It can also
192 | * be used like this:
193 | *
194 | * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
195 | * myCallbackType myCallback;
196 | *
197 | * If you're using Microsoft Developer Studio 5.0 to do Win32
198 | * Cryptoki development, it might be defined by:
199 | *
200 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
201 | * returnType (* name)
202 | *
203 | * If you're using an earlier version of Microsoft Developer
204 | * Studio to do Win16 development, it might be defined by:
205 | *
206 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
207 | * returnType _far _pascal (* name)
208 | *
209 | * In a UNIX environment, it might be defined by:
210 | *
211 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
212 | * returnType (* name)
213 | *
214 | *
215 | * 6. NULL_PTR: This macro is the value of a NULL pointer.
216 | *
217 | * In any ANSI/ISO C environment (and in many others as well),
218 | * this should best be defined by
219 | *
220 | * #ifndef NULL_PTR
221 | * #define NULL_PTR 0
222 | * #endif
223 | */
224 |
225 |
226 | /* All the various Cryptoki types and #define'd values are in the
227 | * file pkcs11t.h. */
228 | #include "pkcs11t.h"
229 |
230 | #define __PASTE(x,y) x##y
231 |
232 |
233 | /* ==============================================================
234 | * Define the "extern" form of all the entry points.
235 | * ==============================================================
236 | */
237 |
238 | #define CK_NEED_ARG_LIST 1
239 | #define CK_PKCS11_FUNCTION_INFO(name) \
240 | extern CK_DECLARE_FUNCTION(CK_RV, name)
241 |
242 | /* pkcs11f.h has all the information about the Cryptoki
243 | * function prototypes. */
244 | #include "pkcs11f.h"
245 |
246 | #undef CK_NEED_ARG_LIST
247 | #undef CK_PKCS11_FUNCTION_INFO
248 |
249 |
250 | /* ==============================================================
251 | * Define the typedef form of all the entry points. That is, for
252 | * each Cryptoki function C_XXX, define a type CK_C_XXX which is
253 | * a pointer to that kind of function.
254 | * ==============================================================
255 | */
256 |
257 | #define CK_NEED_ARG_LIST 1
258 | #define CK_PKCS11_FUNCTION_INFO(name) \
259 | typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
260 |
261 | /* pkcs11f.h has all the information about the Cryptoki
262 | * function prototypes. */
263 | #include "pkcs11f.h"
264 |
265 | #undef CK_NEED_ARG_LIST
266 | #undef CK_PKCS11_FUNCTION_INFO
267 |
268 |
269 | /* ==============================================================
270 | * Define structed vector of entry points. A CK_FUNCTION_LIST
271 | * contains a CK_VERSION indicating a library's Cryptoki version
272 | * and then a whole slew of function pointers to the routines in
273 | * the library. This type was declared, but not defined, in
274 | * pkcs11t.h.
275 | * ==============================================================
276 | */
277 |
278 | #define CK_PKCS11_FUNCTION_INFO(name) \
279 | __PASTE(CK_,name) name;
280 |
281 | struct CK_FUNCTION_LIST {
282 |
283 | CK_VERSION version; /* Cryptoki version */
284 |
285 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
286 | /* pkcs11f.h has all the information about the Cryptoki
287 | * function prototypes. */
288 | #include "pkcs11f.h"
289 |
290 | };
291 |
292 | #undef CK_PKCS11_FUNCTION_INFO
293 |
294 |
295 | #undef __PASTE
296 |
297 | #ifdef __cplusplus
298 | }
299 | #endif
300 |
301 | #endif
302 |
--------------------------------------------------------------------------------
/v2.30_DRAFT/pkcs-11v2-30-d1.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.30_DRAFT/pkcs-11v2-30-d1.pdf
--------------------------------------------------------------------------------
/v2.30_DRAFT/pkcs-11v2-30b-d6.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.30_DRAFT/pkcs-11v2-30b-d6.pdf
--------------------------------------------------------------------------------
/v2.30_DRAFT/pkcs-11v2-30m1-d7.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.30_DRAFT/pkcs-11v2-30m1-d7.pdf
--------------------------------------------------------------------------------
/v2.30_DRAFT/pkcs-11v2-30m2-d3.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.30_DRAFT/pkcs-11v2-30m2-d3.pdf
--------------------------------------------------------------------------------
/v2.40/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v2.40 : Base Specification**
2 | [pkcs11-base-v2.40-os.pdf](pkcs11-base-v2.40-os.pdf) - OASIS Standard - 14 April 2015
3 | [pkcs11-base-v2.40-errata01-os.pdf](pkcs11-base-v2.40-errata01-os.pdf) - OASIS Approved Errata 01 - 13 May 2016
4 | [pkcs11-base-v2.40-errata01-os-complete.pdf](pkcs11-base-v2.40-errata01-os-complete.pdf) - OASIS Standard Incorporating Approved Errata 01 - 13 May 2016
5 |
6 | **PKCS#11 v2.40 : Current Mechanisms**
7 | [pkcs11-curr-v2.40-os.pdf](pkcs11-curr-v2.40-os.pdf) - OASIS Standard - 14 April 2015
8 | [pkcs11-curr-v2.40-errata01-os.pdf](pkcs11-curr-v2.40-errata01-os.pdf) - OASIS Approved Errata 01 - 13 May 2016
9 | [pkcs11-curr-v2.40-errata01-os-complete.pdf](pkcs11-curr-v2.40-errata01-os-complete.pdf) - OASIS Standard Incorporating Approved Errata 01 - 13 May 2016
10 |
11 | **PKCS#11 v2.40 : Historical Mechanisms**
12 | [pkcs11-hist-v2.40-os.pdf](pkcs11-hist-v2.40-os.pdf) - OASIS Standard - 14 April 2015
13 | [pkcs11-hist-v2.40-errata01-os.pdf](pkcs11-hist-v2.40-errata01-os.pdf) - OASIS Approved Errata 01 - 13 May 2016
14 | [pkcs11-hist-v2.40-errata01-os-complete.pdf](pkcs11-hist-v2.40-errata01-os-complete.pdf) - OASIS Standard Incorporating Approved Errata 01 - 13 May 2016
15 |
16 | **PKCS#11 v2.40 : Profiles**
17 | [pkcs11-profiles-v2.40-os.pdf](pkcs11-profiles-v2.40-os.pdf) - OASIS Standard - 14 April 2015
18 |
19 | **PKCS#11 v2.40 : Usage guide**
20 | [pkcs11-ug-v2.40-cn02.pdf](pkcs11-ug-v2.40-cn02.pdf) - Committee Note 02 - 16 November 2014
21 |
--------------------------------------------------------------------------------
/v2.40/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /* Copyright (c) OASIS Open 2016. All Rights Reserved./
2 | * /Distributed under the terms of the OASIS IPR Policy,
3 | * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
4 | * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
5 | * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
6 | */
7 |
8 | /* Latest version of the specification:
9 | * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
10 | */
11 |
12 | #ifndef _PKCS11_H_
13 | #define _PKCS11_H_ 1
14 |
15 | #ifdef __cplusplus
16 | extern "C" {
17 | #endif
18 |
19 | /* Before including this file (pkcs11.h) (or pkcs11t.h by
20 | * itself), 5 platform-specific macros must be defined. These
21 | * macros are described below, and typical definitions for them
22 | * are also given. Be advised that these definitions can depend
23 | * on both the platform and the compiler used (and possibly also
24 | * on whether a Cryptoki library is linked statically or
25 | * dynamically).
26 | *
27 | * In addition to defining these 5 macros, the packing convention
28 | * for Cryptoki structures should be set. The Cryptoki
29 | * convention on packing is that structures should be 1-byte
30 | * aligned.
31 | *
32 | * If you're using Microsoft Developer Studio 5.0 to produce
33 | * Win32 stuff, this might be done by using the following
34 | * preprocessor directive before including pkcs11.h or pkcs11t.h:
35 | *
36 | * #pragma pack(push, cryptoki, 1)
37 | *
38 | * and using the following preprocessor directive after including
39 | * pkcs11.h or pkcs11t.h:
40 | *
41 | * #pragma pack(pop, cryptoki)
42 | *
43 | * If you're using an earlier version of Microsoft Developer
44 | * Studio to produce Win16 stuff, this might be done by using
45 | * the following preprocessor directive before including
46 | * pkcs11.h or pkcs11t.h:
47 | *
48 | * #pragma pack(1)
49 | *
50 | * In a UNIX environment, you're on your own for this. You might
51 | * not need to do (or be able to do!) anything.
52 | *
53 | *
54 | * Now for the macros:
55 | *
56 | *
57 | * 1. CK_PTR: The indirection string for making a pointer to an
58 | * object. It can be used like this:
59 | *
60 | * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
61 | *
62 | * If you're using Microsoft Developer Studio 5.0 to produce
63 | * Win32 stuff, it might be defined by:
64 | *
65 | * #define CK_PTR *
66 | *
67 | * If you're using an earlier version of Microsoft Developer
68 | * Studio to produce Win16 stuff, it might be defined by:
69 | *
70 | * #define CK_PTR far *
71 | *
72 | * In a typical UNIX environment, it might be defined by:
73 | *
74 | * #define CK_PTR *
75 | *
76 | *
77 | * 2. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
78 | * an importable Cryptoki library function declaration out of a
79 | * return type and a function name. It should be used in the
80 | * following fashion:
81 | *
82 | * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
83 | * CK_VOID_PTR pReserved
84 | * );
85 | *
86 | * If you're using Microsoft Developer Studio 5.0 to declare a
87 | * function in a Win32 Cryptoki .dll, it might be defined by:
88 | *
89 | * #define CK_DECLARE_FUNCTION(returnType, name) \
90 | * returnType __declspec(dllimport) name
91 | *
92 | * If you're using an earlier version of Microsoft Developer
93 | * Studio to declare a function in a Win16 Cryptoki .dll, it
94 | * might be defined by:
95 | *
96 | * #define CK_DECLARE_FUNCTION(returnType, name) \
97 | * returnType __export _far _pascal name
98 | *
99 | * In a UNIX environment, it might be defined by:
100 | *
101 | * #define CK_DECLARE_FUNCTION(returnType, name) \
102 | * returnType name
103 | *
104 | *
105 | * 3. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
106 | * which makes a Cryptoki API function pointer declaration or
107 | * function pointer type declaration out of a return type and a
108 | * function name. It should be used in the following fashion:
109 | *
110 | * // Define funcPtr to be a pointer to a Cryptoki API function
111 | * // taking arguments args and returning CK_RV.
112 | * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
113 | *
114 | * or
115 | *
116 | * // Define funcPtrType to be the type of a pointer to a
117 | * // Cryptoki API function taking arguments args and returning
118 | * // CK_RV, and then define funcPtr to be a variable of type
119 | * // funcPtrType.
120 | * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
121 | * funcPtrType funcPtr;
122 | *
123 | * If you're using Microsoft Developer Studio 5.0 to access
124 | * functions in a Win32 Cryptoki .dll, in might be defined by:
125 | *
126 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
127 | * returnType __declspec(dllimport) (* name)
128 | *
129 | * If you're using an earlier version of Microsoft Developer
130 | * Studio to access functions in a Win16 Cryptoki .dll, it might
131 | * be defined by:
132 | *
133 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
134 | * returnType __export _far _pascal (* name)
135 | *
136 | * In a UNIX environment, it might be defined by:
137 | *
138 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
139 | * returnType (* name)
140 | *
141 | *
142 | * 4. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
143 | * a function pointer type for an application callback out of
144 | * a return type for the callback and a name for the callback.
145 | * It should be used in the following fashion:
146 | *
147 | * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
148 | *
149 | * to declare a function pointer, myCallback, to a callback
150 | * which takes arguments args and returns a CK_RV. It can also
151 | * be used like this:
152 | *
153 | * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
154 | * myCallbackType myCallback;
155 | *
156 | * If you're using Microsoft Developer Studio 5.0 to do Win32
157 | * Cryptoki development, it might be defined by:
158 | *
159 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
160 | * returnType (* name)
161 | *
162 | * If you're using an earlier version of Microsoft Developer
163 | * Studio to do Win16 development, it might be defined by:
164 | *
165 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
166 | * returnType _far _pascal (* name)
167 | *
168 | * In a UNIX environment, it might be defined by:
169 | *
170 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
171 | * returnType (* name)
172 | *
173 | *
174 | * 5. NULL_PTR: This macro is the value of a NULL pointer.
175 | *
176 | * In any ANSI/ISO C environment (and in many others as well),
177 | * this should best be defined by
178 | *
179 | * #ifndef NULL_PTR
180 | * #define NULL_PTR 0
181 | * #endif
182 | */
183 |
184 |
185 | /* All the various Cryptoki types and #define'd values are in the
186 | * file pkcs11t.h.
187 | */
188 | #include "pkcs11t.h"
189 |
190 | #define __PASTE(x,y) x##y
191 |
192 |
193 | /* ==============================================================
194 | * Define the "extern" form of all the entry points.
195 | * ==============================================================
196 | */
197 |
198 | #define CK_NEED_ARG_LIST 1
199 | #define CK_PKCS11_FUNCTION_INFO(name) \
200 | extern CK_DECLARE_FUNCTION(CK_RV, name)
201 |
202 | /* pkcs11f.h has all the information about the Cryptoki
203 | * function prototypes.
204 | */
205 | #include "pkcs11f.h"
206 |
207 | #undef CK_NEED_ARG_LIST
208 | #undef CK_PKCS11_FUNCTION_INFO
209 |
210 |
211 | /* ==============================================================
212 | * Define the typedef form of all the entry points. That is, for
213 | * each Cryptoki function C_XXX, define a type CK_C_XXX which is
214 | * a pointer to that kind of function.
215 | * ==============================================================
216 | */
217 |
218 | #define CK_NEED_ARG_LIST 1
219 | #define CK_PKCS11_FUNCTION_INFO(name) \
220 | typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
221 |
222 | /* pkcs11f.h has all the information about the Cryptoki
223 | * function prototypes.
224 | */
225 | #include "pkcs11f.h"
226 |
227 | #undef CK_NEED_ARG_LIST
228 | #undef CK_PKCS11_FUNCTION_INFO
229 |
230 |
231 | /* ==============================================================
232 | * Define structed vector of entry points. A CK_FUNCTION_LIST
233 | * contains a CK_VERSION indicating a library's Cryptoki version
234 | * and then a whole slew of function pointers to the routines in
235 | * the library. This type was declared, but not defined, in
236 | * pkcs11t.h.
237 | * ==============================================================
238 | */
239 |
240 | #define CK_PKCS11_FUNCTION_INFO(name) \
241 | __PASTE(CK_,name) name;
242 |
243 | struct CK_FUNCTION_LIST {
244 |
245 | CK_VERSION version; /* Cryptoki version */
246 |
247 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
248 | /* pkcs11f.h has all the information about the Cryptoki
249 | * function prototypes.
250 | */
251 | #include "pkcs11f.h"
252 |
253 | };
254 |
255 | #undef CK_PKCS11_FUNCTION_INFO
256 |
257 |
258 | #undef __PASTE
259 |
260 | #ifdef __cplusplus
261 | }
262 | #endif
263 |
264 | #endif /* _PKCS11_H_ */
265 |
266 |
--------------------------------------------------------------------------------
/v2.40/headers/pkcs11f.h:
--------------------------------------------------------------------------------
1 | /* Copyright (c) OASIS Open 2016. All Rights Reserved./
2 | * /Distributed under the terms of the OASIS IPR Policy,
3 | * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
4 | * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
5 | * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
6 | */
7 |
8 | /* Latest version of the specification:
9 | * http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html
10 | */
11 |
12 | /* This header file contains pretty much everything about all the
13 | * Cryptoki function prototypes. Because this information is
14 | * used for more than just declaring function prototypes, the
15 | * order of the functions appearing herein is important, and
16 | * should not be altered.
17 | */
18 |
19 | /* General-purpose */
20 |
21 | /* C_Initialize initializes the Cryptoki library. */
22 | CK_PKCS11_FUNCTION_INFO(C_Initialize)
23 | #ifdef CK_NEED_ARG_LIST
24 | (
25 | CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
26 | * cast to CK_C_INITIALIZE_ARGS_PTR
27 | * and dereferenced
28 | */
29 | );
30 | #endif
31 |
32 |
33 | /* C_Finalize indicates that an application is done with the
34 | * Cryptoki library.
35 | */
36 | CK_PKCS11_FUNCTION_INFO(C_Finalize)
37 | #ifdef CK_NEED_ARG_LIST
38 | (
39 | CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
40 | );
41 | #endif
42 |
43 |
44 | /* C_GetInfo returns general information about Cryptoki. */
45 | CK_PKCS11_FUNCTION_INFO(C_GetInfo)
46 | #ifdef CK_NEED_ARG_LIST
47 | (
48 | CK_INFO_PTR pInfo /* location that receives information */
49 | );
50 | #endif
51 |
52 |
53 | /* C_GetFunctionList returns the function list. */
54 | CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
55 | #ifdef CK_NEED_ARG_LIST
56 | (
57 | CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
58 | * function list
59 | */
60 | );
61 | #endif
62 |
63 |
64 |
65 | /* Slot and token management */
66 |
67 | /* C_GetSlotList obtains a list of slots in the system. */
68 | CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
69 | #ifdef CK_NEED_ARG_LIST
70 | (
71 | CK_BBOOL tokenPresent, /* only slots with tokens */
72 | CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
73 | CK_ULONG_PTR pulCount /* receives number of slots */
74 | );
75 | #endif
76 |
77 |
78 | /* C_GetSlotInfo obtains information about a particular slot in
79 | * the system.
80 | */
81 | CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
82 | #ifdef CK_NEED_ARG_LIST
83 | (
84 | CK_SLOT_ID slotID, /* the ID of the slot */
85 | CK_SLOT_INFO_PTR pInfo /* receives the slot information */
86 | );
87 | #endif
88 |
89 |
90 | /* C_GetTokenInfo obtains information about a particular token
91 | * in the system.
92 | */
93 | CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
94 | #ifdef CK_NEED_ARG_LIST
95 | (
96 | CK_SLOT_ID slotID, /* ID of the token's slot */
97 | CK_TOKEN_INFO_PTR pInfo /* receives the token information */
98 | );
99 | #endif
100 |
101 |
102 | /* C_GetMechanismList obtains a list of mechanism types
103 | * supported by a token.
104 | */
105 | CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
106 | #ifdef CK_NEED_ARG_LIST
107 | (
108 | CK_SLOT_ID slotID, /* ID of token's slot */
109 | CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
110 | CK_ULONG_PTR pulCount /* gets # of mechs. */
111 | );
112 | #endif
113 |
114 |
115 | /* C_GetMechanismInfo obtains information about a particular
116 | * mechanism possibly supported by a token.
117 | */
118 | CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
119 | #ifdef CK_NEED_ARG_LIST
120 | (
121 | CK_SLOT_ID slotID, /* ID of the token's slot */
122 | CK_MECHANISM_TYPE type, /* type of mechanism */
123 | CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
124 | );
125 | #endif
126 |
127 |
128 | /* C_InitToken initializes a token. */
129 | CK_PKCS11_FUNCTION_INFO(C_InitToken)
130 | #ifdef CK_NEED_ARG_LIST
131 | (
132 | CK_SLOT_ID slotID, /* ID of the token's slot */
133 | CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
134 | CK_ULONG ulPinLen, /* length in bytes of the PIN */
135 | CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
136 | );
137 | #endif
138 |
139 |
140 | /* C_InitPIN initializes the normal user's PIN. */
141 | CK_PKCS11_FUNCTION_INFO(C_InitPIN)
142 | #ifdef CK_NEED_ARG_LIST
143 | (
144 | CK_SESSION_HANDLE hSession, /* the session's handle */
145 | CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
146 | CK_ULONG ulPinLen /* length in bytes of the PIN */
147 | );
148 | #endif
149 |
150 |
151 | /* C_SetPIN modifies the PIN of the user who is logged in. */
152 | CK_PKCS11_FUNCTION_INFO(C_SetPIN)
153 | #ifdef CK_NEED_ARG_LIST
154 | (
155 | CK_SESSION_HANDLE hSession, /* the session's handle */
156 | CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
157 | CK_ULONG ulOldLen, /* length of the old PIN */
158 | CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
159 | CK_ULONG ulNewLen /* length of the new PIN */
160 | );
161 | #endif
162 |
163 |
164 |
165 | /* Session management */
166 |
167 | /* C_OpenSession opens a session between an application and a
168 | * token.
169 | */
170 | CK_PKCS11_FUNCTION_INFO(C_OpenSession)
171 | #ifdef CK_NEED_ARG_LIST
172 | (
173 | CK_SLOT_ID slotID, /* the slot's ID */
174 | CK_FLAGS flags, /* from CK_SESSION_INFO */
175 | CK_VOID_PTR pApplication, /* passed to callback */
176 | CK_NOTIFY Notify, /* callback function */
177 | CK_SESSION_HANDLE_PTR phSession /* gets session handle */
178 | );
179 | #endif
180 |
181 |
182 | /* C_CloseSession closes a session between an application and a
183 | * token.
184 | */
185 | CK_PKCS11_FUNCTION_INFO(C_CloseSession)
186 | #ifdef CK_NEED_ARG_LIST
187 | (
188 | CK_SESSION_HANDLE hSession /* the session's handle */
189 | );
190 | #endif
191 |
192 |
193 | /* C_CloseAllSessions closes all sessions with a token. */
194 | CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
195 | #ifdef CK_NEED_ARG_LIST
196 | (
197 | CK_SLOT_ID slotID /* the token's slot */
198 | );
199 | #endif
200 |
201 |
202 | /* C_GetSessionInfo obtains information about the session. */
203 | CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
204 | #ifdef CK_NEED_ARG_LIST
205 | (
206 | CK_SESSION_HANDLE hSession, /* the session's handle */
207 | CK_SESSION_INFO_PTR pInfo /* receives session info */
208 | );
209 | #endif
210 |
211 |
212 | /* C_GetOperationState obtains the state of the cryptographic operation
213 | * in a session.
214 | */
215 | CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
216 | #ifdef CK_NEED_ARG_LIST
217 | (
218 | CK_SESSION_HANDLE hSession, /* session's handle */
219 | CK_BYTE_PTR pOperationState, /* gets state */
220 | CK_ULONG_PTR pulOperationStateLen /* gets state length */
221 | );
222 | #endif
223 |
224 |
225 | /* C_SetOperationState restores the state of the cryptographic
226 | * operation in a session.
227 | */
228 | CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
229 | #ifdef CK_NEED_ARG_LIST
230 | (
231 | CK_SESSION_HANDLE hSession, /* session's handle */
232 | CK_BYTE_PTR pOperationState, /* holds state */
233 | CK_ULONG ulOperationStateLen, /* holds state length */
234 | CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
235 | CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
236 | );
237 | #endif
238 |
239 |
240 | /* C_Login logs a user into a token. */
241 | CK_PKCS11_FUNCTION_INFO(C_Login)
242 | #ifdef CK_NEED_ARG_LIST
243 | (
244 | CK_SESSION_HANDLE hSession, /* the session's handle */
245 | CK_USER_TYPE userType, /* the user type */
246 | CK_UTF8CHAR_PTR pPin, /* the user's PIN */
247 | CK_ULONG ulPinLen /* the length of the PIN */
248 | );
249 | #endif
250 |
251 |
252 | /* C_Logout logs a user out from a token. */
253 | CK_PKCS11_FUNCTION_INFO(C_Logout)
254 | #ifdef CK_NEED_ARG_LIST
255 | (
256 | CK_SESSION_HANDLE hSession /* the session's handle */
257 | );
258 | #endif
259 |
260 |
261 |
262 | /* Object management */
263 |
264 | /* C_CreateObject creates a new object. */
265 | CK_PKCS11_FUNCTION_INFO(C_CreateObject)
266 | #ifdef CK_NEED_ARG_LIST
267 | (
268 | CK_SESSION_HANDLE hSession, /* the session's handle */
269 | CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
270 | CK_ULONG ulCount, /* attributes in template */
271 | CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
272 | );
273 | #endif
274 |
275 |
276 | /* C_CopyObject copies an object, creating a new object for the
277 | * copy.
278 | */
279 | CK_PKCS11_FUNCTION_INFO(C_CopyObject)
280 | #ifdef CK_NEED_ARG_LIST
281 | (
282 | CK_SESSION_HANDLE hSession, /* the session's handle */
283 | CK_OBJECT_HANDLE hObject, /* the object's handle */
284 | CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
285 | CK_ULONG ulCount, /* attributes in template */
286 | CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
287 | );
288 | #endif
289 |
290 |
291 | /* C_DestroyObject destroys an object. */
292 | CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
293 | #ifdef CK_NEED_ARG_LIST
294 | (
295 | CK_SESSION_HANDLE hSession, /* the session's handle */
296 | CK_OBJECT_HANDLE hObject /* the object's handle */
297 | );
298 | #endif
299 |
300 |
301 | /* C_GetObjectSize gets the size of an object in bytes. */
302 | CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
303 | #ifdef CK_NEED_ARG_LIST
304 | (
305 | CK_SESSION_HANDLE hSession, /* the session's handle */
306 | CK_OBJECT_HANDLE hObject, /* the object's handle */
307 | CK_ULONG_PTR pulSize /* receives size of object */
308 | );
309 | #endif
310 |
311 |
312 | /* C_GetAttributeValue obtains the value of one or more object
313 | * attributes.
314 | */
315 | CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
316 | #ifdef CK_NEED_ARG_LIST
317 | (
318 | CK_SESSION_HANDLE hSession, /* the session's handle */
319 | CK_OBJECT_HANDLE hObject, /* the object's handle */
320 | CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
321 | CK_ULONG ulCount /* attributes in template */
322 | );
323 | #endif
324 |
325 |
326 | /* C_SetAttributeValue modifies the value of one or more object
327 | * attributes.
328 | */
329 | CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
330 | #ifdef CK_NEED_ARG_LIST
331 | (
332 | CK_SESSION_HANDLE hSession, /* the session's handle */
333 | CK_OBJECT_HANDLE hObject, /* the object's handle */
334 | CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
335 | CK_ULONG ulCount /* attributes in template */
336 | );
337 | #endif
338 |
339 |
340 | /* C_FindObjectsInit initializes a search for token and session
341 | * objects that match a template.
342 | */
343 | CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
344 | #ifdef CK_NEED_ARG_LIST
345 | (
346 | CK_SESSION_HANDLE hSession, /* the session's handle */
347 | CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
348 | CK_ULONG ulCount /* attrs in search template */
349 | );
350 | #endif
351 |
352 |
353 | /* C_FindObjects continues a search for token and session
354 | * objects that match a template, obtaining additional object
355 | * handles.
356 | */
357 | CK_PKCS11_FUNCTION_INFO(C_FindObjects)
358 | #ifdef CK_NEED_ARG_LIST
359 | (
360 | CK_SESSION_HANDLE hSession, /* session's handle */
361 | CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
362 | CK_ULONG ulMaxObjectCount, /* max handles to get */
363 | CK_ULONG_PTR pulObjectCount /* actual # returned */
364 | );
365 | #endif
366 |
367 |
368 | /* C_FindObjectsFinal finishes a search for token and session
369 | * objects.
370 | */
371 | CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
372 | #ifdef CK_NEED_ARG_LIST
373 | (
374 | CK_SESSION_HANDLE hSession /* the session's handle */
375 | );
376 | #endif
377 |
378 |
379 |
380 | /* Encryption and decryption */
381 |
382 | /* C_EncryptInit initializes an encryption operation. */
383 | CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
384 | #ifdef CK_NEED_ARG_LIST
385 | (
386 | CK_SESSION_HANDLE hSession, /* the session's handle */
387 | CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
388 | CK_OBJECT_HANDLE hKey /* handle of encryption key */
389 | );
390 | #endif
391 |
392 |
393 | /* C_Encrypt encrypts single-part data. */
394 | CK_PKCS11_FUNCTION_INFO(C_Encrypt)
395 | #ifdef CK_NEED_ARG_LIST
396 | (
397 | CK_SESSION_HANDLE hSession, /* session's handle */
398 | CK_BYTE_PTR pData, /* the plaintext data */
399 | CK_ULONG ulDataLen, /* bytes of plaintext */
400 | CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
401 | CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
402 | );
403 | #endif
404 |
405 |
406 | /* C_EncryptUpdate continues a multiple-part encryption
407 | * operation.
408 | */
409 | CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
410 | #ifdef CK_NEED_ARG_LIST
411 | (
412 | CK_SESSION_HANDLE hSession, /* session's handle */
413 | CK_BYTE_PTR pPart, /* the plaintext data */
414 | CK_ULONG ulPartLen, /* plaintext data len */
415 | CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
416 | CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
417 | );
418 | #endif
419 |
420 |
421 | /* C_EncryptFinal finishes a multiple-part encryption
422 | * operation.
423 | */
424 | CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
425 | #ifdef CK_NEED_ARG_LIST
426 | (
427 | CK_SESSION_HANDLE hSession, /* session handle */
428 | CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
429 | CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
430 | );
431 | #endif
432 |
433 |
434 | /* C_DecryptInit initializes a decryption operation. */
435 | CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
436 | #ifdef CK_NEED_ARG_LIST
437 | (
438 | CK_SESSION_HANDLE hSession, /* the session's handle */
439 | CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
440 | CK_OBJECT_HANDLE hKey /* handle of decryption key */
441 | );
442 | #endif
443 |
444 |
445 | /* C_Decrypt decrypts encrypted data in a single part. */
446 | CK_PKCS11_FUNCTION_INFO(C_Decrypt)
447 | #ifdef CK_NEED_ARG_LIST
448 | (
449 | CK_SESSION_HANDLE hSession, /* session's handle */
450 | CK_BYTE_PTR pEncryptedData, /* ciphertext */
451 | CK_ULONG ulEncryptedDataLen, /* ciphertext length */
452 | CK_BYTE_PTR pData, /* gets plaintext */
453 | CK_ULONG_PTR pulDataLen /* gets p-text size */
454 | );
455 | #endif
456 |
457 |
458 | /* C_DecryptUpdate continues a multiple-part decryption
459 | * operation.
460 | */
461 | CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
462 | #ifdef CK_NEED_ARG_LIST
463 | (
464 | CK_SESSION_HANDLE hSession, /* session's handle */
465 | CK_BYTE_PTR pEncryptedPart, /* encrypted data */
466 | CK_ULONG ulEncryptedPartLen, /* input length */
467 | CK_BYTE_PTR pPart, /* gets plaintext */
468 | CK_ULONG_PTR pulPartLen /* p-text size */
469 | );
470 | #endif
471 |
472 |
473 | /* C_DecryptFinal finishes a multiple-part decryption
474 | * operation.
475 | */
476 | CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
477 | #ifdef CK_NEED_ARG_LIST
478 | (
479 | CK_SESSION_HANDLE hSession, /* the session's handle */
480 | CK_BYTE_PTR pLastPart, /* gets plaintext */
481 | CK_ULONG_PTR pulLastPartLen /* p-text size */
482 | );
483 | #endif
484 |
485 |
486 |
487 | /* Message digesting */
488 |
489 | /* C_DigestInit initializes a message-digesting operation. */
490 | CK_PKCS11_FUNCTION_INFO(C_DigestInit)
491 | #ifdef CK_NEED_ARG_LIST
492 | (
493 | CK_SESSION_HANDLE hSession, /* the session's handle */
494 | CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
495 | );
496 | #endif
497 |
498 |
499 | /* C_Digest digests data in a single part. */
500 | CK_PKCS11_FUNCTION_INFO(C_Digest)
501 | #ifdef CK_NEED_ARG_LIST
502 | (
503 | CK_SESSION_HANDLE hSession, /* the session's handle */
504 | CK_BYTE_PTR pData, /* data to be digested */
505 | CK_ULONG ulDataLen, /* bytes of data to digest */
506 | CK_BYTE_PTR pDigest, /* gets the message digest */
507 | CK_ULONG_PTR pulDigestLen /* gets digest length */
508 | );
509 | #endif
510 |
511 |
512 | /* C_DigestUpdate continues a multiple-part message-digesting
513 | * operation.
514 | */
515 | CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
516 | #ifdef CK_NEED_ARG_LIST
517 | (
518 | CK_SESSION_HANDLE hSession, /* the session's handle */
519 | CK_BYTE_PTR pPart, /* data to be digested */
520 | CK_ULONG ulPartLen /* bytes of data to be digested */
521 | );
522 | #endif
523 |
524 |
525 | /* C_DigestKey continues a multi-part message-digesting
526 | * operation, by digesting the value of a secret key as part of
527 | * the data already digested.
528 | */
529 | CK_PKCS11_FUNCTION_INFO(C_DigestKey)
530 | #ifdef CK_NEED_ARG_LIST
531 | (
532 | CK_SESSION_HANDLE hSession, /* the session's handle */
533 | CK_OBJECT_HANDLE hKey /* secret key to digest */
534 | );
535 | #endif
536 |
537 |
538 | /* C_DigestFinal finishes a multiple-part message-digesting
539 | * operation.
540 | */
541 | CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
542 | #ifdef CK_NEED_ARG_LIST
543 | (
544 | CK_SESSION_HANDLE hSession, /* the session's handle */
545 | CK_BYTE_PTR pDigest, /* gets the message digest */
546 | CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
547 | );
548 | #endif
549 |
550 |
551 |
552 | /* Signing and MACing */
553 |
554 | /* C_SignInit initializes a signature (private key encryption)
555 | * operation, where the signature is (will be) an appendix to
556 | * the data, and plaintext cannot be recovered from the
557 | * signature.
558 | */
559 | CK_PKCS11_FUNCTION_INFO(C_SignInit)
560 | #ifdef CK_NEED_ARG_LIST
561 | (
562 | CK_SESSION_HANDLE hSession, /* the session's handle */
563 | CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
564 | CK_OBJECT_HANDLE hKey /* handle of signature key */
565 | );
566 | #endif
567 |
568 |
569 | /* C_Sign signs (encrypts with private key) data in a single
570 | * part, where the signature is (will be) an appendix to the
571 | * data, and plaintext cannot be recovered from the signature.
572 | */
573 | CK_PKCS11_FUNCTION_INFO(C_Sign)
574 | #ifdef CK_NEED_ARG_LIST
575 | (
576 | CK_SESSION_HANDLE hSession, /* the session's handle */
577 | CK_BYTE_PTR pData, /* the data to sign */
578 | CK_ULONG ulDataLen, /* count of bytes to sign */
579 | CK_BYTE_PTR pSignature, /* gets the signature */
580 | CK_ULONG_PTR pulSignatureLen /* gets signature length */
581 | );
582 | #endif
583 |
584 |
585 | /* C_SignUpdate continues a multiple-part signature operation,
586 | * where the signature is (will be) an appendix to the data,
587 | * and plaintext cannot be recovered from the signature.
588 | */
589 | CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
590 | #ifdef CK_NEED_ARG_LIST
591 | (
592 | CK_SESSION_HANDLE hSession, /* the session's handle */
593 | CK_BYTE_PTR pPart, /* the data to sign */
594 | CK_ULONG ulPartLen /* count of bytes to sign */
595 | );
596 | #endif
597 |
598 |
599 | /* C_SignFinal finishes a multiple-part signature operation,
600 | * returning the signature.
601 | */
602 | CK_PKCS11_FUNCTION_INFO(C_SignFinal)
603 | #ifdef CK_NEED_ARG_LIST
604 | (
605 | CK_SESSION_HANDLE hSession, /* the session's handle */
606 | CK_BYTE_PTR pSignature, /* gets the signature */
607 | CK_ULONG_PTR pulSignatureLen /* gets signature length */
608 | );
609 | #endif
610 |
611 |
612 | /* C_SignRecoverInit initializes a signature operation, where
613 | * the data can be recovered from the signature.
614 | */
615 | CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
616 | #ifdef CK_NEED_ARG_LIST
617 | (
618 | CK_SESSION_HANDLE hSession, /* the session's handle */
619 | CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
620 | CK_OBJECT_HANDLE hKey /* handle of the signature key */
621 | );
622 | #endif
623 |
624 |
625 | /* C_SignRecover signs data in a single operation, where the
626 | * data can be recovered from the signature.
627 | */
628 | CK_PKCS11_FUNCTION_INFO(C_SignRecover)
629 | #ifdef CK_NEED_ARG_LIST
630 | (
631 | CK_SESSION_HANDLE hSession, /* the session's handle */
632 | CK_BYTE_PTR pData, /* the data to sign */
633 | CK_ULONG ulDataLen, /* count of bytes to sign */
634 | CK_BYTE_PTR pSignature, /* gets the signature */
635 | CK_ULONG_PTR pulSignatureLen /* gets signature length */
636 | );
637 | #endif
638 |
639 |
640 |
641 | /* Verifying signatures and MACs */
642 |
643 | /* C_VerifyInit initializes a verification operation, where the
644 | * signature is an appendix to the data, and plaintext cannot
645 | * cannot be recovered from the signature (e.g. DSA).
646 | */
647 | CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
648 | #ifdef CK_NEED_ARG_LIST
649 | (
650 | CK_SESSION_HANDLE hSession, /* the session's handle */
651 | CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
652 | CK_OBJECT_HANDLE hKey /* verification key */
653 | );
654 | #endif
655 |
656 |
657 | /* C_Verify verifies a signature in a single-part operation,
658 | * where the signature is an appendix to the data, and plaintext
659 | * cannot be recovered from the signature.
660 | */
661 | CK_PKCS11_FUNCTION_INFO(C_Verify)
662 | #ifdef CK_NEED_ARG_LIST
663 | (
664 | CK_SESSION_HANDLE hSession, /* the session's handle */
665 | CK_BYTE_PTR pData, /* signed data */
666 | CK_ULONG ulDataLen, /* length of signed data */
667 | CK_BYTE_PTR pSignature, /* signature */
668 | CK_ULONG ulSignatureLen /* signature length*/
669 | );
670 | #endif
671 |
672 |
673 | /* C_VerifyUpdate continues a multiple-part verification
674 | * operation, where the signature is an appendix to the data,
675 | * and plaintext cannot be recovered from the signature.
676 | */
677 | CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
678 | #ifdef CK_NEED_ARG_LIST
679 | (
680 | CK_SESSION_HANDLE hSession, /* the session's handle */
681 | CK_BYTE_PTR pPart, /* signed data */
682 | CK_ULONG ulPartLen /* length of signed data */
683 | );
684 | #endif
685 |
686 |
687 | /* C_VerifyFinal finishes a multiple-part verification
688 | * operation, checking the signature.
689 | */
690 | CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
691 | #ifdef CK_NEED_ARG_LIST
692 | (
693 | CK_SESSION_HANDLE hSession, /* the session's handle */
694 | CK_BYTE_PTR pSignature, /* signature to verify */
695 | CK_ULONG ulSignatureLen /* signature length */
696 | );
697 | #endif
698 |
699 |
700 | /* C_VerifyRecoverInit initializes a signature verification
701 | * operation, where the data is recovered from the signature.
702 | */
703 | CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
704 | #ifdef CK_NEED_ARG_LIST
705 | (
706 | CK_SESSION_HANDLE hSession, /* the session's handle */
707 | CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
708 | CK_OBJECT_HANDLE hKey /* verification key */
709 | );
710 | #endif
711 |
712 |
713 | /* C_VerifyRecover verifies a signature in a single-part
714 | * operation, where the data is recovered from the signature.
715 | */
716 | CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
717 | #ifdef CK_NEED_ARG_LIST
718 | (
719 | CK_SESSION_HANDLE hSession, /* the session's handle */
720 | CK_BYTE_PTR pSignature, /* signature to verify */
721 | CK_ULONG ulSignatureLen, /* signature length */
722 | CK_BYTE_PTR pData, /* gets signed data */
723 | CK_ULONG_PTR pulDataLen /* gets signed data len */
724 | );
725 | #endif
726 |
727 |
728 |
729 | /* Dual-function cryptographic operations */
730 |
731 | /* C_DigestEncryptUpdate continues a multiple-part digesting
732 | * and encryption operation.
733 | */
734 | CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
735 | #ifdef CK_NEED_ARG_LIST
736 | (
737 | CK_SESSION_HANDLE hSession, /* session's handle */
738 | CK_BYTE_PTR pPart, /* the plaintext data */
739 | CK_ULONG ulPartLen, /* plaintext length */
740 | CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
741 | CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
742 | );
743 | #endif
744 |
745 |
746 | /* C_DecryptDigestUpdate continues a multiple-part decryption and
747 | * digesting operation.
748 | */
749 | CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
750 | #ifdef CK_NEED_ARG_LIST
751 | (
752 | CK_SESSION_HANDLE hSession, /* session's handle */
753 | CK_BYTE_PTR pEncryptedPart, /* ciphertext */
754 | CK_ULONG ulEncryptedPartLen, /* ciphertext length */
755 | CK_BYTE_PTR pPart, /* gets plaintext */
756 | CK_ULONG_PTR pulPartLen /* gets plaintext len */
757 | );
758 | #endif
759 |
760 |
761 | /* C_SignEncryptUpdate continues a multiple-part signing and
762 | * encryption operation.
763 | */
764 | CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
765 | #ifdef CK_NEED_ARG_LIST
766 | (
767 | CK_SESSION_HANDLE hSession, /* session's handle */
768 | CK_BYTE_PTR pPart, /* the plaintext data */
769 | CK_ULONG ulPartLen, /* plaintext length */
770 | CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
771 | CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
772 | );
773 | #endif
774 |
775 |
776 | /* C_DecryptVerifyUpdate continues a multiple-part decryption and
777 | * verify operation.
778 | */
779 | CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
780 | #ifdef CK_NEED_ARG_LIST
781 | (
782 | CK_SESSION_HANDLE hSession, /* session's handle */
783 | CK_BYTE_PTR pEncryptedPart, /* ciphertext */
784 | CK_ULONG ulEncryptedPartLen, /* ciphertext length */
785 | CK_BYTE_PTR pPart, /* gets plaintext */
786 | CK_ULONG_PTR pulPartLen /* gets p-text length */
787 | );
788 | #endif
789 |
790 |
791 |
792 | /* Key management */
793 |
794 | /* C_GenerateKey generates a secret key, creating a new key
795 | * object.
796 | */
797 | CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
798 | #ifdef CK_NEED_ARG_LIST
799 | (
800 | CK_SESSION_HANDLE hSession, /* the session's handle */
801 | CK_MECHANISM_PTR pMechanism, /* key generation mech. */
802 | CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
803 | CK_ULONG ulCount, /* # of attrs in template */
804 | CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
805 | );
806 | #endif
807 |
808 |
809 | /* C_GenerateKeyPair generates a public-key/private-key pair,
810 | * creating new key objects.
811 | */
812 | CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
813 | #ifdef CK_NEED_ARG_LIST
814 | (
815 | CK_SESSION_HANDLE hSession, /* session handle */
816 | CK_MECHANISM_PTR pMechanism, /* key-gen mech. */
817 | CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template for pub. key */
818 | CK_ULONG ulPublicKeyAttributeCount, /* # pub. attrs. */
819 | CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template for priv. key */
820 | CK_ULONG ulPrivateKeyAttributeCount, /* # priv. attrs. */
821 | CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key handle */
822 | CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key handle */
823 | );
824 | #endif
825 |
826 |
827 | /* C_WrapKey wraps (i.e., encrypts) a key. */
828 | CK_PKCS11_FUNCTION_INFO(C_WrapKey)
829 | #ifdef CK_NEED_ARG_LIST
830 | (
831 | CK_SESSION_HANDLE hSession, /* the session's handle */
832 | CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
833 | CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
834 | CK_OBJECT_HANDLE hKey, /* key to be wrapped */
835 | CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
836 | CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
837 | );
838 | #endif
839 |
840 |
841 | /* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
842 | * key object.
843 | */
844 | CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
845 | #ifdef CK_NEED_ARG_LIST
846 | (
847 | CK_SESSION_HANDLE hSession, /* session's handle */
848 | CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
849 | CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
850 | CK_BYTE_PTR pWrappedKey, /* the wrapped key */
851 | CK_ULONG ulWrappedKeyLen, /* wrapped key len */
852 | CK_ATTRIBUTE_PTR pTemplate, /* new key template */
853 | CK_ULONG ulAttributeCount, /* template length */
854 | CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
855 | );
856 | #endif
857 |
858 |
859 | /* C_DeriveKey derives a key from a base key, creating a new key
860 | * object.
861 | */
862 | CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
863 | #ifdef CK_NEED_ARG_LIST
864 | (
865 | CK_SESSION_HANDLE hSession, /* session's handle */
866 | CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
867 | CK_OBJECT_HANDLE hBaseKey, /* base key */
868 | CK_ATTRIBUTE_PTR pTemplate, /* new key template */
869 | CK_ULONG ulAttributeCount, /* template length */
870 | CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
871 | );
872 | #endif
873 |
874 |
875 |
876 | /* Random number generation */
877 |
878 | /* C_SeedRandom mixes additional seed material into the token's
879 | * random number generator.
880 | */
881 | CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
882 | #ifdef CK_NEED_ARG_LIST
883 | (
884 | CK_SESSION_HANDLE hSession, /* the session's handle */
885 | CK_BYTE_PTR pSeed, /* the seed material */
886 | CK_ULONG ulSeedLen /* length of seed material */
887 | );
888 | #endif
889 |
890 |
891 | /* C_GenerateRandom generates random data. */
892 | CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
893 | #ifdef CK_NEED_ARG_LIST
894 | (
895 | CK_SESSION_HANDLE hSession, /* the session's handle */
896 | CK_BYTE_PTR RandomData, /* receives the random data */
897 | CK_ULONG ulRandomLen /* # of bytes to generate */
898 | );
899 | #endif
900 |
901 |
902 |
903 | /* Parallel function management */
904 |
905 | /* C_GetFunctionStatus is a legacy function; it obtains an
906 | * updated status of a function running in parallel with an
907 | * application.
908 | */
909 | CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
910 | #ifdef CK_NEED_ARG_LIST
911 | (
912 | CK_SESSION_HANDLE hSession /* the session's handle */
913 | );
914 | #endif
915 |
916 |
917 | /* C_CancelFunction is a legacy function; it cancels a function
918 | * running in parallel.
919 | */
920 | CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
921 | #ifdef CK_NEED_ARG_LIST
922 | (
923 | CK_SESSION_HANDLE hSession /* the session's handle */
924 | );
925 | #endif
926 |
927 |
928 | /* C_WaitForSlotEvent waits for a slot event (token insertion,
929 | * removal, etc.) to occur.
930 | */
931 | CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
932 | #ifdef CK_NEED_ARG_LIST
933 | (
934 | CK_FLAGS flags, /* blocking/nonblocking flag */
935 | CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
936 | CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
937 | );
938 | #endif
939 |
940 |
--------------------------------------------------------------------------------
/v2.40/pkcs11-base-v2.40-errata01-os-complete.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-base-v2.40-errata01-os-complete.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-base-v2.40-errata01-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-base-v2.40-errata01-os.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-base-v2.40-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-base-v2.40-os.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-curr-v2.40-errata01-os-complete.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-curr-v2.40-errata01-os-complete.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-curr-v2.40-errata01-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-curr-v2.40-errata01-os.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-curr-v2.40-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-curr-v2.40-os.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-hist-v2.40-errata01-os-complete.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-hist-v2.40-errata01-os-complete.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-hist-v2.40-errata01-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-hist-v2.40-errata01-os.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-hist-v2.40-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-hist-v2.40-os.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-profiles-v2.40-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-profiles-v2.40-os.pdf
--------------------------------------------------------------------------------
/v2.40/pkcs11-ug-v2.40-cn02.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v2.40/pkcs11-ug-v2.40-cn02.pdf
--------------------------------------------------------------------------------
/v3.0/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v3.0 : Base Specification**
2 | [pkcs11-base-v3.0-os.pdf](pkcs11-base-v3.0-os.pdf) - OASIS Standard - 15 June 2020
3 |
4 | **PKCS#11 v3.0 : Current Mechanisms Specification**
5 | [pkcs11-curr-v3.0-os.pdf](pkcs11-curr-v3.0-os.pdf) - OASIS Standard - 15 June 2020
6 |
7 | **PKCS#11 v3.0 : Historical Mechanisms Specification**
8 | [pkcs11-hist-v3.0-os.pdf](pkcs11-hist-v3.0-os.pdf) - OASIS Standard - 15 June 2020
9 |
10 | **PKCS#11 v3.0 : Profiles Version**
11 | [pkcs11-profiles-v3.0-os.pdf](pkcs11-profiles-v3.0-os.pdf) - OASIS Standard - 15 June 2020
--------------------------------------------------------------------------------
/v3.0/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /* Copyright (c) OASIS Open 2016-2020. All Rights Reserved.
2 | * Distributed under the terms of the OASIS IPR Policy,
3 | * [http://www.oasis-open.org/policies-guidelines/ipr], AS-IS, WITHOUT ANY
4 | * IMPLIED OR EXPRESS WARRANTY; there is no warranty of MERCHANTABILITY, FITNESS FOR A
5 | * PARTICULAR PURPOSE or NONINFRINGEMENT of the rights of others.
6 | */
7 |
8 | #ifndef _PKCS11_H_
9 | #define _PKCS11_H_ 1
10 |
11 | #ifdef __cplusplus
12 | extern "C" {
13 | #endif
14 |
15 | /* Before including this file (pkcs11.h) (or pkcs11t.h by
16 | * itself), 5 platform-specific macros must be defined. These
17 | * macros are described below, and typical definitions for them
18 | * are also given. Be advised that these definitions can depend
19 | * on both the platform and the compiler used (and possibly also
20 | * on whether a Cryptoki library is linked statically or
21 | * dynamically).
22 | *
23 | * In addition to defining these 5 macros, the packing convention
24 | * for Cryptoki structures should be set. The Cryptoki
25 | * convention on packing is that structures should be 1-byte
26 | * aligned.
27 | *
28 | * If you're using Windows this might be done by using the following
29 | * preprocessor directive before including pkcs11.h or pkcs11t.h:
30 | *
31 | * #pragma pack(push, cryptoki, 1)
32 | *
33 | * and using the following preprocessor directive after including
34 | * pkcs11.h or pkcs11t.h:
35 | *
36 | * #pragma pack(pop, cryptoki)
37 | *
38 | * In a UNIX environment, you're on your own for this. You might
39 | * not need to do (or be able to do!) anything.
40 | *
41 | *
42 | * Now for the macros:
43 | *
44 | *
45 | * 1. CK_PTR: The indirection string for making a pointer to an
46 | * object. It can be used like this:
47 | *
48 | * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
49 | *
50 | * If you're using windows, it might be defined by:
51 | *
52 | * #define CK_PTR *
53 | *
54 | * In a typical UNIX environment, it might be defined by:
55 | *
56 | * #define CK_PTR *
57 | *
58 | *
59 | * 2. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
60 | * an importable Cryptoki library function declaration out of a
61 | * return type and a function name. It should be used in the
62 | * following fashion:
63 | *
64 | * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
65 | * CK_VOID_PTR pReserved
66 | * );
67 | *
68 | * If you're using Windows to declare a function in a Win32 cryptoki .dll,
69 | * it might be defined by:
70 | *
71 | * #define CK_DECLARE_FUNCTION(returnType, name) \
72 | * returnType __declspec(dllimport) name
73 | *
74 | * In a UNIX environment, it might be defined by:
75 | *
76 | * #define CK_DECLARE_FUNCTION(returnType, name) \
77 | * returnType name
78 | *
79 | *
80 | * 3. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
81 | * which makes a Cryptoki API function pointer declaration or
82 | * function pointer type declaration out of a return type and a
83 | * function name. It should be used in the following fashion:
84 | *
85 | * // Define funcPtr to be a pointer to a Cryptoki API function
86 | * // taking arguments args and returning CK_RV.
87 | * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
88 | *
89 | * or
90 | *
91 | * // Define funcPtrType to be the type of a pointer to a
92 | * // Cryptoki API function taking arguments args and returning
93 | * // CK_RV, and then define funcPtr to be a variable of type
94 | * // funcPtrType.
95 | * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
96 | * funcPtrType funcPtr;
97 | *
98 | * If you're using Windows to access
99 | * functions in a Win32 Cryptoki .dll, in might be defined by:
100 | *
101 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
102 | * returnType __declspec(dllimport) (* name)
103 | *
104 | * In a UNIX environment, it might be defined by:
105 | *
106 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
107 | * returnType (* name)
108 | *
109 | *
110 | * 4. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
111 | * a function pointer type for an application callback out of
112 | * a return type for the callback and a name for the callback.
113 | * It should be used in the following fashion:
114 | *
115 | * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
116 | *
117 | * to declare a function pointer, myCallback, to a callback
118 | * which takes arguments args and returns a CK_RV. It can also
119 | * be used like this:
120 | *
121 | * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
122 | * myCallbackType myCallback;
123 | *
124 | * If you're using Windows, it might be defined by:
125 | *
126 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
127 | * returnType (* name)
128 | *
129 | * In a UNIX environment, it might be defined by:
130 | *
131 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
132 | * returnType (* name)
133 | *
134 | *
135 | * 5. NULL_PTR: This macro is the value of a NULL pointer.
136 | *
137 | * In any ANSI/ISO C environment (and in many others as well),
138 | * this should best be defined by
139 | *
140 | * #ifndef NULL_PTR
141 | * #define NULL_PTR 0
142 | * #endif
143 | */
144 |
145 |
146 | /* All the various Cryptoki types and #define'd values are in the
147 | * file pkcs11t.h.
148 | */
149 | #include "pkcs11t.h"
150 |
151 | #define __PASTE(x,y) x##y
152 |
153 |
154 | /* ==============================================================
155 | * Define the "extern" form of all the entry points.
156 | * ==============================================================
157 | */
158 |
159 | #define CK_NEED_ARG_LIST 1
160 | #define CK_PKCS11_FUNCTION_INFO(name) \
161 | extern CK_DECLARE_FUNCTION(CK_RV, name)
162 |
163 | /* pkcs11f.h has all the information about the Cryptoki
164 | * function prototypes.
165 | */
166 | #include "pkcs11f.h"
167 |
168 | #undef CK_NEED_ARG_LIST
169 | #undef CK_PKCS11_FUNCTION_INFO
170 |
171 |
172 | /* ==============================================================
173 | * Define the typedef form of all the entry points. That is, for
174 | * each Cryptoki function C_XXX, define a type CK_C_XXX which is
175 | * a pointer to that kind of function.
176 | * ==============================================================
177 | */
178 |
179 | #define CK_NEED_ARG_LIST 1
180 | #define CK_PKCS11_FUNCTION_INFO(name) \
181 | typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
182 |
183 | /* pkcs11f.h has all the information about the Cryptoki
184 | * function prototypes.
185 | */
186 | #include "pkcs11f.h"
187 |
188 | #undef CK_NEED_ARG_LIST
189 | #undef CK_PKCS11_FUNCTION_INFO
190 |
191 |
192 | /* ==============================================================
193 | * Define structed vector of entry points. A CK_FUNCTION_LIST
194 | * contains a CK_VERSION indicating a library's Cryptoki version
195 | * and then a whole slew of function pointers to the routines in
196 | * the library. This type was declared, but not defined, in
197 | * pkcs11t.h.
198 | * ==============================================================
199 | */
200 |
201 | #define CK_PKCS11_FUNCTION_INFO(name) \
202 | __PASTE(CK_,name) name;
203 |
204 | /* Create the 3.0 Function list */
205 | struct CK_FUNCTION_LIST_3_0 {
206 |
207 | CK_VERSION version; /* Cryptoki version */
208 |
209 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
210 | /* pkcs11f.h has all the information about the Cryptoki
211 | * function prototypes.
212 | */
213 | #include "pkcs11f.h"
214 |
215 | };
216 |
217 | #define CK_PKCS11_2_0_ONLY 1
218 |
219 | /* Continue to define the old CK_FUNCTION_LIST */
220 | struct CK_FUNCTION_LIST {
221 |
222 | CK_VERSION version; /* Cryptoki version */
223 |
224 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
225 | /* pkcs11f.h has all the information about the Cryptoki
226 | * function prototypes.
227 | */
228 | #include "pkcs11f.h"
229 |
230 | };
231 |
232 | #undef CK_PKCS11_FUNCTION_INFO
233 | #undef CK_PKCS11_2_0_ONLY
234 |
235 |
236 | #undef __PASTE
237 |
238 | #ifdef __cplusplus
239 | }
240 | #endif
241 |
242 | #endif /* _PKCS11_H_ */
243 |
244 |
--------------------------------------------------------------------------------
/v3.0/pkcs11-base-v3.0-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v3.0/pkcs11-base-v3.0-os.pdf
--------------------------------------------------------------------------------
/v3.0/pkcs11-curr-v3.0-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v3.0/pkcs11-curr-v3.0-os.pdf
--------------------------------------------------------------------------------
/v3.0/pkcs11-hist-v3.0-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v3.0/pkcs11-hist-v3.0-os.pdf
--------------------------------------------------------------------------------
/v3.0/pkcs11-profiles-v3.0-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v3.0/pkcs11-profiles-v3.0-os.pdf
--------------------------------------------------------------------------------
/v3.1/README.MD:
--------------------------------------------------------------------------------
1 | **PKCS#11 v3.1 : Specification**
2 | [pkcs11-spec-v3.1-os.pdf](pkcs11-spec-v3.1-os.pdf) - OASIS Standard - 23 July 2023
3 |
4 | **PKCS#11 v3.1 : Profiles**
5 | [pkcs11-profiles-v3.1-os.pdf](pkcs11-profiles-v3.1-os.pdf) - OASIS Standard - 23 July 2023
6 |
--------------------------------------------------------------------------------
/v3.1/headers/pkcs11.h:
--------------------------------------------------------------------------------
1 | /*
2 | * PKCS #11 Specification Version 3.1
3 | * OASIS Standard
4 | * 23 July 2023
5 | * Copyright (c) OASIS Open 2023. All Rights Reserved.
6 | * Source: https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/os/include/pkcs11-v3.1/
7 | * Latest stage of narrative specification: https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/pkcs11-spec-v3.1.html
8 | * TC IPR Statement: https://www.oasis-open.org/committees/pkcs11/ipr.php
9 | */
10 |
11 | #ifndef _PKCS11_H_
12 | #define _PKCS11_H_ 1
13 |
14 | #ifdef __cplusplus
15 | extern "C" {
16 | #endif
17 |
18 | /* Before including this file (pkcs11.h) (or pkcs11t.h by
19 | * itself), 5 platform-specific macros must be defined. These
20 | * macros are described below, and typical definitions for them
21 | * are also given. Be advised that these definitions can depend
22 | * on both the platform and the compiler used (and possibly also
23 | * on whether a Cryptoki library is linked statically or
24 | * dynamically).
25 | *
26 | * In addition to defining these 5 macros, the packing convention
27 | * for Cryptoki structures should be set. The Cryptoki
28 | * convention on packing is that structures should be 1-byte
29 | * aligned.
30 | *
31 | * If you're using Windows this might be done by using the following
32 | * preprocessor directive before including pkcs11.h or pkcs11t.h:
33 | *
34 | * #pragma pack(push, cryptoki, 1)
35 | *
36 | * and using the following preprocessor directive after including
37 | * pkcs11.h or pkcs11t.h:
38 | *
39 | * #pragma pack(pop, cryptoki)
40 | *
41 | * In a UNIX environment, you're on your own for this. You might
42 | * not need to do (or be able to do!) anything.
43 | *
44 | *
45 | * Now for the macros:
46 | *
47 | *
48 | * 1. CK_PTR: The indirection string for making a pointer to an
49 | * object. It can be used like this:
50 | *
51 | * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
52 | *
53 | * If you're using Windows, it might be defined by:
54 | *
55 | * #define CK_PTR *
56 | *
57 | * In a typical UNIX environment, it might be defined by:
58 | *
59 | * #define CK_PTR *
60 | *
61 | *
62 | * 2. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
63 | * an importable Cryptoki library function declaration out of a
64 | * return type and a function name. It should be used in the
65 | * following fashion:
66 | *
67 | * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
68 | * CK_VOID_PTR pReserved
69 | * );
70 | *
71 | * If you're using Windows to declare a function in a Win32 Cryptoki .dll,
72 | * it might be defined by:
73 | *
74 | * #define CK_DECLARE_FUNCTION(returnType, name) \
75 | * returnType __declspec(dllimport) name
76 | *
77 | * In a UNIX environment, it might be defined by:
78 | *
79 | * #define CK_DECLARE_FUNCTION(returnType, name) \
80 | * returnType name
81 | *
82 | *
83 | * 3. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
84 | * which makes a Cryptoki API function pointer declaration or
85 | * function pointer type declaration out of a return type and a
86 | * function name. It should be used in the following fashion:
87 | *
88 | * // Define funcPtr to be a pointer to a Cryptoki API function
89 | * // taking arguments args and returning CK_RV.
90 | * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
91 | *
92 | * or
93 | *
94 | * // Define funcPtrType to be the type of a pointer to a
95 | * // Cryptoki API function taking arguments args and returning
96 | * // CK_RV, and then define funcPtr to be a variable of type
97 | * // funcPtrType.
98 | * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
99 | * funcPtrType funcPtr;
100 | *
101 | * If you're using Windows to access
102 | * functions in a Win32 Cryptoki .dll, in might be defined by:
103 | *
104 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
105 | * returnType __declspec(dllimport) (* name)
106 | *
107 | * In a UNIX environment, it might be defined by:
108 | *
109 | * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
110 | * returnType (* name)
111 | *
112 | *
113 | * 4. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
114 | * a function pointer type for an application callback out of
115 | * a return type for the callback and a name for the callback.
116 | * It should be used in the following fashion:
117 | *
118 | * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
119 | *
120 | * to declare a function pointer, myCallback, to a callback
121 | * which takes arguments args and returns a CK_RV. It can also
122 | * be used like this:
123 | *
124 | * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
125 | * myCallbackType myCallback;
126 | *
127 | * If you're using Windows, it might be defined by:
128 | *
129 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
130 | * returnType (* name)
131 | *
132 | * In a UNIX environment, it might be defined by:
133 | *
134 | * #define CK_CALLBACK_FUNCTION(returnType, name) \
135 | * returnType (* name)
136 | *
137 | *
138 | * 5. NULL_PTR: This macro is the value of a NULL pointer.
139 | *
140 | * In any ANSI/ISO C environment (and in many others as well),
141 | * this should best be defined by
142 | *
143 | * #ifndef NULL_PTR
144 | * #define NULL_PTR 0
145 | * #endif
146 | */
147 |
148 |
149 | /* All the various Cryptoki types and #define'd values are in the
150 | * file pkcs11t.h.
151 | */
152 | #include "pkcs11t.h"
153 |
154 | #define __PASTE(x,y) x##y
155 |
156 |
157 | /* ==============================================================
158 | * Define the "extern" form of all the entry points.
159 | * ==============================================================
160 | */
161 |
162 | #define CK_NEED_ARG_LIST 1
163 | #define CK_PKCS11_FUNCTION_INFO(name) \
164 | extern CK_DECLARE_FUNCTION(CK_RV, name)
165 |
166 | /* pkcs11f.h has all the information about the Cryptoki
167 | * function prototypes.
168 | */
169 | #include "pkcs11f.h"
170 |
171 | #undef CK_NEED_ARG_LIST
172 | #undef CK_PKCS11_FUNCTION_INFO
173 |
174 |
175 | /* ==============================================================
176 | * Define the typedef form of all the entry points. That is, for
177 | * each Cryptoki function C_XXX, define a type CK_C_XXX which is
178 | * a pointer to that kind of function.
179 | * ==============================================================
180 | */
181 |
182 | #define CK_NEED_ARG_LIST 1
183 | #define CK_PKCS11_FUNCTION_INFO(name) \
184 | typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
185 |
186 | /* pkcs11f.h has all the information about the Cryptoki
187 | * function prototypes.
188 | */
189 | #include "pkcs11f.h"
190 |
191 | #undef CK_NEED_ARG_LIST
192 | #undef CK_PKCS11_FUNCTION_INFO
193 |
194 |
195 | /* ==============================================================
196 | * Define structed vector of entry points. A CK_FUNCTION_LIST
197 | * contains a CK_VERSION indicating a library's Cryptoki version
198 | * and then a whole slew of function pointers to the routines in
199 | * the library. This type was declared, but not defined, in
200 | * pkcs11t.h.
201 | * ==============================================================
202 | */
203 |
204 | #define CK_PKCS11_FUNCTION_INFO(name) \
205 | __PASTE(CK_,name) name;
206 |
207 | /* Create the 3.0 Function list */
208 | struct CK_FUNCTION_LIST_3_0 {
209 |
210 | CK_VERSION version; /* Cryptoki version */
211 |
212 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
213 | /* pkcs11f.h has all the information about the Cryptoki
214 | * function prototypes.
215 | */
216 | #include "pkcs11f.h"
217 |
218 | };
219 |
220 | #define CK_PKCS11_2_0_ONLY 1
221 |
222 | /* Continue to define the old CK_FUNCTION_LIST */
223 | struct CK_FUNCTION_LIST {
224 |
225 | CK_VERSION version; /* Cryptoki version */
226 |
227 | /* Pile all the function pointers into the CK_FUNCTION_LIST. */
228 | /* pkcs11f.h has all the information about the Cryptoki
229 | * function prototypes.
230 | */
231 | #include "pkcs11f.h"
232 |
233 | };
234 |
235 | #undef CK_PKCS11_FUNCTION_INFO
236 | #undef CK_PKCS11_2_0_ONLY
237 |
238 |
239 | #undef __PASTE
240 |
241 | #ifdef __cplusplus
242 | }
243 | #endif
244 |
245 | #endif /* _PKCS11_H_ */
246 |
247 |
--------------------------------------------------------------------------------
/v3.1/pkcs11-profiles-v3.1-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v3.1/pkcs11-profiles-v3.1-os.pdf
--------------------------------------------------------------------------------
/v3.1/pkcs11-spec-v3.1-os.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v3.1/pkcs11-spec-v3.1-os.pdf
--------------------------------------------------------------------------------
/v3.1/test-cases/mandatory/AUTH-M-1-31.xml:
--------------------------------------------------------------------------------
1 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
105 |
106 |
107 |
108 |
109 |
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 |
118 |
119 |
120 |
121 |
122 |
123 |
124 |
125 |
126 |
127 |
128 |
129 |
130 |
131 |
132 |
133 |
134 |
135 |
136 |
137 |
138 |
139 |
140 |
141 |
142 |
143 |
--------------------------------------------------------------------------------
/v3.1/test-cases/mandatory/BL-M-1-31.xml:
--------------------------------------------------------------------------------
1 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 |
--------------------------------------------------------------------------------
/v3.1/test-cases/mandatory/CERT-M-1-31.xml:
--------------------------------------------------------------------------------
1 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 |
104 |
105 |
106 |
107 |
108 |
109 |
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 |
118 |
119 |
120 |
121 |
122 |
123 |
124 |
125 |
126 |
127 |
128 |
129 |
130 |
--------------------------------------------------------------------------------
/v3.1/test-cases/mandatory/EXT-M-1-31.xml:
--------------------------------------------------------------------------------
1 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 |
104 |
105 |
106 |
107 |
108 |
109 |
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 |
118 |
119 |
120 |
121 |
122 |
123 |
124 |
125 |
126 |
127 |
128 |
129 |
130 |
131 |
132 |
133 |
134 |
135 |
136 |
137 |
138 |
139 |
140 |
141 |
142 |
143 |
144 |
145 |
146 |
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
157 |
158 |
--------------------------------------------------------------------------------
/v3.1/test-cases/optional/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Pkcs11Interop/PKCS11-SPECS/5b17000edaa7985c85a2f0701739706bd4bd45ce/v3.1/test-cases/optional/.gitkeep
--------------------------------------------------------------------------------