nssckmdt.h
来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C头文件 代码 · 共 2,015 行 · 第 1/5 页
H
2,015 行
* supported by this token. This routine is optional; if * unimplemented, zero is assumed. */ CK_ULONG (PR_CALLBACK *GetMechanismCount)( NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance ); /* * This routine stuffs into the specified array the types * of the mechanisms supported by this token. The Framework * determines the size of the array by calling GetMechanismCount. */ CK_RV (PR_CALLBACK *GetMechanismTypes)( NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, CK_MECHANISM_TYPE types[] ); /* * This routine returns a pointer to a Module mechanism * object corresponding to a specified type. This routine * need only exist for tokens implementing at least one * mechanism. */ NSSCKMDMechanism *(PR_CALLBACK *GetMechanism)( NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSCKFWMechanism *fwMechanism, CK_MECHANISM_TYPE which ); /* * This object may be extended in future versions of the * NSS Cryptoki Framework. To allow for some flexibility * in the area of binary compatibility, this field should * be NULL. */ void *null;};/* * NSSCKMDSession * * This is the basic handle for a session on a PKCS#11 Token. It * is created by NSSCKMDToken->OpenSession, and may be obtained * from the Framework's corresponding NSSCKFWSession object. It * contains a pointer for use by the Module, to store any session- * realted data, and it contains the EPV for a set of routines * which the Module may implement for use by the Framework. Some * of these routines are optional. */struct NSSCKMDSessionStr { /* * The Module may use this pointer for its own purposes. */ void *etc; /* * This routine is called by the Framework when a session is * closed. This call is the last thing called before the * NSSArena in the correspoinding NSSCKFWSession is destroyed. * This routine is optional; if unimplemented, it merely won't * be called. */ void (PR_CALLBACK *Close)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance ); /* * This routine is used to get any device-specific error. * This routine is optional. */ CK_ULONG (PR_CALLBACK *GetDeviceError)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance ); /* * This routine is used to log in a user to the token. This * routine is optional, since the Framework's NSSCKFWSession * object keeps track of the login state. */ CK_RV (PR_CALLBACK *Login)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, CK_USER_TYPE userType, NSSItem *pin, CK_STATE oldState, CK_STATE newState ); /* * This routine is used to log out a user from the token. This * routine is optional, since the Framework's NSSCKFWSession * object keeps track of the login state. */ CK_RV (PR_CALLBACK *Logout)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, CK_STATE oldState, CK_STATE newState ); /* * This routine is used to initialize the normal user's PIN or * password. This will only be called in the "read/write * security officer functions" state. If this token has a * protected authentication path, then the pin argument will * be NULL. This routine is optional; if unimplemented, the * Framework will return the error CKR_TOKEN_WRITE_PROTECTED. */ CK_RV (PR_CALLBACK *InitPIN)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSItem *pin ); /* * This routine is used to modify a user's PIN or password. This * routine will only be called in the "read/write security officer * functions" or "read/write user functions" state. If this token * has a protected authentication path, then the pin arguments * will be NULL. This routine is optional; if unimplemented, the * Framework will return the error CKR_TOKEN_WRITE_PROTECTED. */ CK_RV (PR_CALLBACK *SetPIN)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSItem *oldPin, NSSItem *newPin ); /* * This routine is used to find out how much space would be required * to save the current operational state. This routine is optional; * if unimplemented, the Framework will reject any attempts to save * the operational state with the error CKR_STATE_UNSAVEABLE. This * routine may return zero on error. */ CK_ULONG (PR_CALLBACK *GetOperationStateLen)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, CK_RV *pError ); /* * This routine is used to store the current operational state. This * routine is only required if GetOperationStateLen is implemented * and can return a nonzero value. The buffer in the specified item * will be pre-allocated, and the length will specify the amount of * space available (which may be more than GetOperationStateLen * asked for, but which will not be smaller). */ CK_RV (PR_CALLBACK *GetOperationState)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSItem *buffer ); /* * This routine is used to restore an operational state previously * obtained with GetOperationState. The Framework will take pains * to be sure that the state is (or was at one point) valid; if the * Module notices that the state is invalid, it should return an * error, but it is not required to be paranoid about the issue. * [XXX fgmr-- should (can?) the framework verify the keys match up?] * This routine is required only if GetOperationState is implemented. */ CK_RV (PR_CALLBACK *SetOperationState)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSItem *state, NSSCKMDObject *mdEncryptionKey, NSSCKFWObject *fwEncryptionKey, NSSCKMDObject *mdAuthenticationKey, NSSCKFWObject *fwAuthenticationKey ); /* * This routine is used to create an object. The specified template * will only specify a session object if the Module has indicated * that it wishes to handle its own session objects. This routine * is optional; if unimplemented, the Framework will reject the * operation with the error CKR_TOKEN_WRITE_PROTECTED. Space for * token objects should come from the NSSArena available from the * NSSCKFWToken object; space for session objects (if supported) * should come from the NSSArena available from the NSSCKFWSession * object. The appropriate NSSArena pointer will, as a convenience, * be passed as the handyArenaPointer argument. This routine may * return NULL upon error. */ NSSCKMDObject *(PR_CALLBACK *CreateObject)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSArena *handyArenaPointer, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_RV *pError ); /* * This routine is used to make a copy of an object. It is entirely * optional; if unimplemented, the Framework will try to use * CreateObject instead. If the Module has indicated that it does * not wish to handle session objects, then this routine will only * be called to copy a token object to another token object. * Otherwise, either the original object or the new may be of * either the token or session variety. As with CreateObject, the * handyArenaPointer will point to the appropriate arena for the * new object. This routine may return NULL upon error. */ NSSCKMDObject *(PR_CALLBACK *CopyObject)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSCKMDObject *mdOldObject, NSSCKFWObject *fwOldObject, NSSArena *handyArenaPointer, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_RV *pError ); /* * This routine is used to begin an object search. This routine may * be unimplemented only if the Module does not handle session * objects, and if none of its tokens have token objects. The * NSSCKFWFindObjects pointer has an NSSArena that may be used for * storage for the life of this "find" operation. This routine may * return NULL upon error. If the Module can determine immediately * that the search will not find any matching objects, it may return * NULL, and specify CKR_OK as the error. */ NSSCKMDFindObjects *(PR_CALLBACK *FindObjectsInit)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_RV *pError ); /* * This routine seeds the random-number generator. It is * optional, even if GetRandom is implemented. If unimplemented, * the Framework will issue the error CKR_RANDOM_SEED_NOT_SUPPORTED. */ CK_RV (PR_CALLBACK *SeedRandom)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSItem *seed ); /* * This routine gets random data. It is optional. If unimplemented, * the Framework will issue the error CKR_RANDOM_NO_RNG. */ CK_RV (PR_CALLBACK *GetRandom)( NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSItem *buffer ); /* * This object may be extended in future versions of the * NSS Cryptoki Framework. To allow for some flexibility * in the area of binary compatibility, this field should * be NULL. */ void *null;};/* * NSSCKMDFindObjects * * This is the basic handle for an object search. It is * created by NSSCKMDSession->FindObjectsInit, and may be * obtained from the Framework's corresponding object. * It contains a pointer for use by the Module, to store * any search-related data, and it contains the EPV for a * set of routines which the Module may implement for use * by the Framework. Some of these routines are optional. */struct NSSCKMDFindObjectsStr { /* * The Module may use this pointer for its own purposes. */ void *etc; /* * This routine is called by the Framework to finish a * search operation. Note that the Framework may finish * a search before it has completed. This routine is * optional; if unimplemented, it merely won't be called. */ void (PR_CALLBACK *Final)( NSSCKMDFindObjects *mdFindObjects, NSSCKFWFindObjects *fwFindObjects, NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance ); /* * This routine is used to obtain another pointer to an * object matching the search criteria. This routine is * required. If no (more) objects match the search, it * should return NULL and set the error to CKR_OK. */ NSSCKMDObject *(PR_CALLBACK *Next)( NSSCKMDFindObjects *mdFindObjects, NSSCKFWFindObjects *fwFindObjects, NSSCKMDSession *mdSession, NSSCKFWSession *fwSession, NSSCKMDToken *mdToken, NSSCKFWToken *fwToken, NSSCKMDInstance *mdInstance, NSSCKFWInstance *fwInstance, NSSArena *arena, CK_RV *pError ); /* * This object may be extended in future versions of the * NSS Cryptoki Framework. To allow for some flexibility * in the area of binary compatibility, this field should * be NULL. */ void *null;};/* * NSSCKMDMechanism * */⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?