fpkcs11t.h

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C头文件 代码 · 共 1,099 行 · 第 1/3 页

/*
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of
 * the License at http://www.mozilla.org/MPL/
 * 
 * Software distributed under the License is distributed on an "AS
 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * rights and limitations under the License.
 * 
 * The Original Code is the Netscape security libraries.
 * 
 * The Initial Developer of the Original Code is Netscape
 * Communications Corporation.  Portions created by Netscape are 
 * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
 * Rights Reserved.
 * 
 * Contributor(s):
 * 
 * Alternatively, the contents of this file may be used under the
 * terms of the GNU General Public License Version 2 or later (the
 * "GPL"), in which case the provisions of the GPL are applicable 
 * instead of those above.  If you wish to allow use of your 
 * version of this file only under the terms of the GPL and not to
 * allow others to use your version of this file under the MPL,
 * indicate your decision by deleting the provisions above and
 * replace them with the notice and other provisions required by
 * the GPL.  If you do not delete the provisions above, a recipient
 * may use your version of this file under either the MPL or the
 * GPL.
 */
/*
 * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
 * is granted provided that it is identified as "RSA Security In.c Public-Key
 * Cryptography Standards (PKCS)" in all material mentioning or referencing
 * this document.
 */
#ifndef _PKCS11T_H_
#define _PKCS11T_H_ 1

/* an unsigned 8-bit value */
typedef unsigned char 	CK_BYTE;

/* an unsigned 8-bit character */
typedef CK_BYTE 	CK_CHAR;

/* a BYTE-sized Boolean flag */
typedef CK_BYTE		CK_BBOOL;

/* an unsigned value, at least 32 bits long */
typedef unsigned long int CK_ULONG;

/* a signed value, the same size as a CK_ULONG */
/* CK_LONG is new for v2.0 */
typedef long int	CK_LONG;

/* at least 32 bits, each bit is a Boolean flag */
typedef CK_ULONG 	CK_FLAGS;

/* some special values for certain CK_ULONG variables */
#define CK_UNAVAILABLE_INFORMATION (~0UL)
#define CK_EFFECTIVELY_INFINITE    0

/* these data types are platform/implementation dependent. */
#if defined(XP_WIN) 
#if defined(_WIN32)
#define CK_ENTRY	
#define CK_PTR		*	/* definition for Win32 */ 
#define NULL_PTR 	0	/* NULL pointer */
#pragma pack(push, cryptoki, 1)
#else /* win16 */
#if defined(__WATCOMC__)
#define CK_ENTRY
#define CK_PTR		*	/* definition for Win16 */ 
#define NULL_PTR 	0	/* NULL pointer */
#pragma pack(push, 1)
#else /* not Watcom 16-bit */
#define CK_ENTRY
#define CK_PTR		*	/* definition for Win16 */ 
#define NULL_PTR 	0	/* NULL pointer */
#pragma pack(1)
#endif
#endif
#else /* not windows */
#define CK_ENTRY
#define CK_PTR		*	/* definition for UNIX */ 
#define NULL_PTR 	0	/* NULL pointer */
#endif


typedef CK_BYTE     CK_PTR	CK_BYTE_PTR;     /* Pointer to a CK_BYTE */
typedef CK_CHAR     CK_PTR	CK_CHAR_PTR;     /* Pointer to a CK_CHAR */
typedef CK_ULONG    CK_PTR	CK_ULONG_PTR;    /* Pointer to a CK_ULONG */
typedef void        CK_PTR	CK_VOID_PTR;     /* Pointer to a void */
typedef CK_VOID_PTR CK_PTR      CK_VOID_PTR_PTR; /* Pointer to a CK_VOID_PTR */

/* The following value is always invalid if used as a session */
/* handle or object handle */
#define CK_INVALID_HANDLE 0

typedef struct CK_VERSION {
    CK_BYTE	major;	/* integer    portion of the version number */
    CK_BYTE	minor;  /* hundredths portion of the version number */
} CK_VERSION;

typedef CK_VERSION CK_PTR CK_VERSION_PTR; /* points to a CK_VERSION */


typedef struct CK_INFO {
    CK_VERSION	cryptokiVersion;	/* PKCS #11 interface version number */
    CK_CHAR	manufacturerID[32];	/* blank padded */
    CK_FLAGS	flags;			/* must be zero */

    /* libraryDescription and libraryVersion are new for v2.0 */
    CK_CHAR	libraryDescription[32];	/* blank padded */
    CK_VERSION	libraryVersion;		/* version of library */
} CK_INFO;

typedef CK_INFO CK_PTR	CK_INFO_PTR;	/* points to a CK_INFO structure */


/* CK_NOTIFICATION enumerates the types of notifications 
 * that PKCS #11 provides to an application.  */
/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG for v2.0 */
typedef CK_ULONG CK_NOTIFICATION;
#define CKN_SURRENDER		0


typedef CK_ULONG	CK_SLOT_ID;

/* CK_SLOT_ID_PTR points to a CK_SLOT_ID.  */
typedef CK_SLOT_ID CK_PTR	CK_SLOT_ID_PTR;


/* CK_SLOT_INFO provides information about a slot. */
typedef struct CK_SLOT_INFO {
    CK_CHAR	slotDescription[64];	/* blank padded */
    CK_CHAR	manufacturerID[32];	/* blank padded */
    CK_FLAGS	flags;

    /* hardwareVersion and firmwareVersion are new for v2.0 */
    CK_VERSION	hardwareVersion;	/* version of hardware */
    CK_VERSION  firmwareVersion;	/* version of firmware */
} CK_SLOT_INFO;

/* flags:	bits flags that provide capabilities of the slot.
 *	Bit Flag		Mask		Meaning
 */
#define CKF_TOKEN_PRESENT	0x00000001	/* a token is present in the slot */
#define CKF_REMOVABLE_DEVICE	0x00000002	/* reader supports removable devices*/
#define CKF_HW_SLOT		0x00000004	/* a hardware slot, not a "soft token"*/

/* CK_SLOT_INFO_PTR points to a CK_SLOT_INFO. */
typedef CK_SLOT_INFO CK_PTR	CK_SLOT_INFO_PTR;


/* CK_TOKEN_INFO provides information about a token. */
typedef struct CK_TOKEN_INFO {
    CK_CHAR	label[32];		/* blank padded */
    CK_CHAR	manufacturerID[32];	/* blank padded */
    CK_CHAR	model[16];		/* blank padded */
    CK_CHAR	serialNumber[16];	/* blank padded */
    CK_FLAGS	flags;			/* see below */

    /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
     * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
     * changed from CK_USHORT to CK_ULONG for v2.0 */
    CK_ULONG	ulMaxSessionCount;	/* max open sessions */
    CK_ULONG	ulSessionCount;		/* sessions currently open */
    CK_ULONG	ulMaxRwSessionCount;	/* max R/W sessions */
    CK_ULONG	ulRwSessionCount;	/* R/W sessions currently open */
    CK_ULONG	ulMaxPinLen;		/* in bytes */
    CK_ULONG	ulMinPinLen;		/* in bytes */
    CK_ULONG	ulTotalPublicMemory;	/* in bytes */
    CK_ULONG	ulFreePublicMemory;	/* in bytes */
    CK_ULONG	ulTotalPrivateMemory;	/* in bytes */
    CK_ULONG	ulFreePrivateMemory;	/* in bytes */

    /* hardwareVersion, firmwareVersion, and time are new for v2.0 */
    CK_VERSION	hardwareVersion;	/* version of hardware */
    CK_VERSION	firmwareVersion;	/* version of firmware */
    CK_CHAR	utcTime[16];		/* time */
} CK_TOKEN_INFO;

/* The flags parameter is defined as follows:
 * Table 7-2, Token Information Flags
 *	Bit Flag		Mask		Meaning 
 */
#define CKF_RNG			       0x00000001  /* has random number generator */
#define CKF_WRITE_PROTECTED	       0x00000002  /* token is write-protected */
#define CKF_LOGIN_REQUIRED	       0x00000004  /* a user must be logged in  */
#define CKF_USER_PIN_INITIALIZED       0x00000008  /* normal user's PIN is initialized */


/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0.  If it is set, then that means */
/* that *every* time the state of cryptographic operations of a session is */
/* successfully saved, all keys needed to continue those operations are */
/* stored in the state. */
#define CKF_RESTORE_KEY_NOT_NEEDED   0x00000020  /* key always saved in saved sessions */

/* CKF_CLOCK_ON_TOKEN is new for v2.0.  If it is set, then that means that */
/* the token has some sort of clock.  The time on that clock is returned in */
/* the token info structure. */
#define CKF_CLOCK_ON_TOKEN           0x00000040  /* token has a clock */

/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0.  If it is true, that means */
/* that there is some way for the user to login without sending a PIN through */
/* the PKCS #11 library itself. */
#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100  /* token has protected path */
/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0.  If it is true, that
 * means that a single session with the token can perform dual
 * simultaneous cryptographic operations (digest and encrypt;
 * decrypt and digest; sign and encrypt; and decrypt and sign) */
#define CKF_DUAL_CRYPTO_OPERATIONS  0x00000200  /* dual crypto operations */

/* CK_TOKEN_INFO_PTR points to a CK_TOKEN_INFO. */
typedef CK_TOKEN_INFO CK_PTR	CK_TOKEN_INFO_PTR;


/* CK_SESSION_HANDLE is a PKCS #11-assigned value that identifies a session. */
typedef CK_ULONG 	CK_SESSION_HANDLE;

/* CK_SESSION_HANDLE_PTR points to a CK_SESSION_HANDLE. */
typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 


/* CK_USER_TYPE enumerates the types of PKCS #11 users */
/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for v2.0 */
typedef CK_ULONG	CK_USER_TYPE;
/* Security Officer */
#define CKU_SO		0
/* Normal user */
#define CKU_USER	1


/* CK_STATE enumerates the session states */
/* CK_STATE has been changed from an enum to a CK_ULONG for v2.0 */
typedef CK_ULONG	CK_STATE;
#define CKS_RO_PUBLIC_SESSION	0
#define CKS_RO_USER_FUNCTIONS	1
#define CKS_RW_PUBLIC_SESSION	2
#define CKS_RW_SO_FUNCTIONS	3
#define CKS_RW_USER_FUNCTIONS	4


/* CK_SESSION_INFO provides information about a session. */
typedef struct CK_SESSION_INFO {
    CK_SLOT_ID	slotID;
    CK_STATE	state;
    CK_FLAGS	flags;		/* see below */

    /* ulDeviceError was changed from CK_USHORT to CK_ULONG for v2.0 */
    CK_ULONG	ulDeviceError;	/* device-dependent error code */
} CK_SESSION_INFO;

/* The flags are defined in the following table. */
/* Table 7-3, Session Information Flags */
/* 	Bit Flag		Mask	   Meaning
 */
#define CKF_RW_SESSION		0x00000002 /* session is read/write; not R/O */
#define CKF_SERIAL_SESSION	0x00000004 /* session doesn't support parallel */

/* CK_SESSION_INFO_PTR points to a CK_SESSION_INFO. */
typedef CK_SESSION_INFO CK_PTR	CK_SESSION_INFO_PTR;


/* CK_OBJECT_HANDLE is a token-specific identifier for an object.  */
typedef CK_ULONG 	CK_OBJECT_HANDLE;

/* CK_OBJECT_HANDLE_PTR points to a CK_OBJECT_HANDLE. */
typedef CK_OBJECT_HANDLE CK_PTR	CK_OBJECT_HANDLE_PTR;


/* CK_OBJECT_CLASS is a value that identifies the classes (or types) 
 * of objects that PKCS #11 recognizes.  It is defined as follows: */
/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for v2.0 */
typedef CK_ULONG	CK_OBJECT_CLASS;

/* The following classes of objects are defined: */
#define CKO_DATA            0x00000000
#define CKO_CERTIFICATE     0x00000001
#define CKO_PUBLIC_KEY      0x00000002
#define CKO_PRIVATE_KEY     0x00000003
#define CKO_SECRET_KEY      0x00000004
#define CKO_VENDOR_DEFINED  0x80000000L

/* CK_OBJECT_CLASS_PTR points to a CK_OBJECT_CLASS structure. */
typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;


/* CK_KEY_TYPE is a value that identifies a key type. */
/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
typedef CK_ULONG 	CK_KEY_TYPE;

/* the following key types are defined: */
#define CKK_RSA			0x00000000
#define CKK_DSA			0x00000001
#define CKK_DH			0x00000002

/* CKK_ECDSA, and CKK_KEA are new for v2.0 */
#define CKK_ECDSA		0x00000003
#define CKK_KEA			0x00000005

#define CKK_GENERIC_SECRET	0x00000010
#define CKK_RC2			0x00000011
#define CKK_RC4			0x00000012
#define CKK_DES			0x00000013
#define CKK_DES2		0x00000014
#define CKK_DES3		0x00000015

/* all these key types are new for v2.0 */
#define CKK_CAST		0x00000016
#define CKK_CAST3		0x00000017
#define CKK_CAST5		0x00000018
#define CKK_RC5			0x00000019
#define CKK_IDEA		0x0000001A
#define CKK_SKIPJACK		0x0000001B
#define CKK_BATON		0x0000001C
#define CKK_JUNIPER		0x0000001D
#define CKK_CDMF		0x0000001E

#define CKK_VENDOR_DEFINED	0x80000000L

/* CK_CERTIFICATE_TYPE is a value that identifies a certificate type. */
/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
typedef CK_ULONG 	CK_CERTIFICATE_TYPE;

/* The following certificate types are defined: */
#define CKC_X_509           0x00000000
#define CKC_VENDOR_DEFINED  0x80000000L


/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute type. */
/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
typedef CK_ULONG	CK_ATTRIBUTE_TYPE;

/* The following attribute types are defined: */
#define CKA_CLASS              0x00000000
#define CKA_TOKEN              0x00000001
#define CKA_PRIVATE            0x00000002
#define CKA_LABEL              0x00000003
#define CKA_APPLICATION        0x00000010
#define CKA_VALUE              0x00000011
#define CKA_CERTIFICATE_TYPE   0x00000080
#define CKA_ISSUER             0x00000081
#define CKA_SERIAL_NUMBER      0x00000082
#define CKA_KEY_TYPE           0x00000100
#define CKA_SUBJECT            0x00000101
#define CKA_ID                 0x00000102
#define CKA_SENSITIVE          0x00000103
#define CKA_ENCRYPT            0x00000104
#define CKA_DECRYPT            0x00000105
#define CKA_WRAP               0x00000106
#define CKA_UNWRAP             0x00000107
#define CKA_SIGN               0x00000108
#define CKA_SIGN_RECOVER       0x00000109
#define CKA_VERIFY             0x0000010A
#define CKA_VERIFY_RECOVER     0x0000010B
#define CKA_DERIVE             0x0000010C
#define CKA_START_DATE         0x00000110
#define CKA_END_DATE           0x00000111
#define CKA_MODULUS            0x00000120
#define CKA_MODULUS_BITS       0x00000121
#define CKA_PUBLIC_EXPONENT    0x00000122
#define CKA_PRIVATE_EXPONENT   0x00000123
#define CKA_PRIME_1            0x00000124