/* pkcs11t.h include file for PKCS #11.  2001 June 25 *//* See top of pkcs11.h for information about the macros that * must be defined and the structure-packing conventions that * must be set before including this file. */#ifndef _PKCS11T_H_#define _PKCS11T_H_ 1#ifndef FALSE#define FALSE             0#endif#ifndef TRUE#define TRUE              (!FALSE)#endif/* an unsigned 8-bit value */typedef unsigned char     CK_BYTE;/* an unsigned 8-bit character */typedef CK_BYTE           CK_CHAR;/* an 8-bit UTF-8 character */typedef CK_BYTE           CK_UTF8CHAR;/* a BYTE-sized Boolean flag */typedef CK_BYTE           CK_BBOOL;/* an unsigned value, at least 32 bits long */typedef unsigned long int CK_ULONG;/* a signed value, the same size as a CK_ULONG *//* CK_LONG is new for v2.0 */typedef long int          CK_LONG;/* at least 32 bits; each bit is a Boolean flag */typedef CK_ULONG          CK_FLAGS;/* some special values for certain CK_ULONG variables */#define CK_UNAVAILABLE_INFORMATION (~0UL)#define CK_EFFECTIVELY_INFINITE    0typedef CK_BYTE     CK_PTR   CK_BYTE_PTR;typedef CK_CHAR     CK_PTR   CK_CHAR_PTR;typedef CK_UTF8CHAR CK_PTR   CK_UTF8CHAR_PTR;typedef CK_ULONG    CK_PTR   CK_ULONG_PTR;typedef void        CK_PTR   CK_VOID_PTR;/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;/* The following value is always invalid if used as a session *//* handle or object handle */#define CK_INVALID_HANDLE 0typedef struct CK_VERSION {  CK_BYTE       major;  /* integer portion of version number */  CK_BYTE       minor;  /* 1/100ths portion of version number */} CK_VERSION;typedef CK_VERSION CK_PTR CK_VERSION_PTR;typedef struct CK_INFO {  /* manufacturerID and libraryDecription have been changed from   * CK_CHAR to CK_UTF8CHAR for v2.10 */  CK_VERSION    cryptokiVersion;     /* Cryptoki interface ver */  CK_UTF8CHAR   manufacturerID[32];  /* blank padded */  CK_FLAGS      flags;               /* must be zero */  /* libraryDescription and libraryVersion are new for v2.0 */  CK_UTF8CHAR   libraryDescription[32];  /* blank padded */  CK_VERSION    libraryVersion;          /* version of library */} CK_INFO;typedef CK_INFO CK_PTR    CK_INFO_PTR;/* CK_NOTIFICATION enumerates the types of notifications that * Cryptoki provides to an application *//* CK_NOTIFICATION has been changed from an enum to a CK_ULONG * for v2.0 */typedef CK_ULONG CK_NOTIFICATION;#define CKN_SURRENDER       0typedef CK_ULONG          CK_SLOT_ID;typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;/* CK_SLOT_INFO provides information about a slot */typedef struct CK_SLOT_INFO {  /* slotDescription and manufacturerID have been changed from   * CK_CHAR to CK_UTF8CHAR for v2.10 */  CK_UTF8CHAR   slotDescription[64];  /* blank padded */  CK_UTF8CHAR   manufacturerID[32];   /* blank padded */  CK_FLAGS      flags;  /* hardwareVersion and firmwareVersion are new for v2.0 */  CK_VERSION    hardwareVersion;  /* version of hardware */  CK_VERSION    firmwareVersion;  /* version of firmware */} CK_SLOT_INFO;/* flags: bit flags that provide capabilities of the slot *      Bit Flag              Mask        Meaning */#define CKF_TOKEN_PRESENT     0x00000001  /* a token is there */#define CKF_REMOVABLE_DEVICE  0x00000002  /* removable devices*/#define CKF_HW_SLOT           0x00000004  /* hardware slot */typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;/* CK_TOKEN_INFO provides information about a token */typedef struct CK_TOKEN_INFO {  /* label, manufacturerID, and model have been changed from   * CK_CHAR to CK_UTF8CHAR for v2.10 */  CK_UTF8CHAR   label[32];           /* blank padded */  CK_UTF8CHAR   manufacturerID[32];  /* blank padded */  CK_UTF8CHAR   model[16];           /* blank padded */  CK_CHAR       serialNumber[16];    /* blank padded */  CK_FLAGS      flags;               /* see below */  /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,   * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been   * changed from CK_USHORT to CK_ULONG for v2.0 */  CK_ULONG      ulMaxSessionCount;     /* max open sessions */  CK_ULONG      ulSessionCount;        /* sess. now open */  CK_ULONG      ulMaxRwSessionCount;   /* max R/W sessions */  CK_ULONG      ulRwSessionCount;      /* R/W sess. now open */  CK_ULONG      ulMaxPinLen;           /* in bytes */  CK_ULONG      ulMinPinLen;           /* in bytes */  CK_ULONG      ulTotalPublicMemory;   /* in bytes */  CK_ULONG      ulFreePublicMemory;    /* in bytes */  CK_ULONG      ulTotalPrivateMemory;  /* in bytes */  CK_ULONG      ulFreePrivateMemory;   /* in bytes */  /* hardwareVersion, firmwareVersion, and time are new for   * v2.0 */  CK_VERSION    hardwareVersion;       /* version of hardware */  CK_VERSION    firmwareVersion;       /* version of firmware */  CK_CHAR       utcTime[16];           /* time */} CK_TOKEN_INFO;/* The flags parameter is defined as follows: *      Bit Flag                    Mask        Meaning  */#define CKF_RNG                     0x00000001  /* has random #                                                 * generator */#define CKF_WRITE_PROTECTED         0x00000002  /* token is                                                 * write-                                                 * protected */#define CKF_LOGIN_REQUIRED          0x00000004  /* user must                                                 * login */#define CKF_USER_PIN_INITIALIZED    0x00000008  /* normal user's                                                 * PIN is set *//* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0.  If it is set, * that means that *every* time the state of cryptographic * operations of a session is successfully saved, all keys * needed to continue those operations are stored in the state */#define CKF_RESTORE_KEY_NOT_NEEDED  0x00000020/* CKF_CLOCK_ON_TOKEN is new for v2.0.  If it is set, that means * that the token has some sort of clock.  The time on that * clock is returned in the token info structure */#define CKF_CLOCK_ON_TOKEN          0x00000040/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0.  If it is * set, that means that there is some way for the user to login * without sending a PIN through the Cryptoki library itself */#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0.  If it is true, * that means that a single session with the token can perform * dual simultaneous cryptographic operations (digest and * encrypt; decrypt and digest; sign and encrypt; and decrypt * and sign) */#define CKF_DUAL_CRYPTO_OPERATIONS  0x00000200/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the * token has been initialized using C_InitializeToken or an  * equivalent mechanism outside the scope of PKCS #11. * Calling C_InitializeToken when this flag is set will cause  * the token to be reinitialized. */#define CKF_TOKEN_INITIALIZED       0x00000400/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is  * true, the token supports secondary authentication for  * private key objects. */#define CKF_SECONDARY_AUTHENTICATION  0x00000800/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an  * incorrect user login PIN has been entered at least once  * since the last successful authentication. */#define CKF_USER_PIN_COUNT_LOW       0x00010000/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, * supplying an incorrect user PIN will it to become locked. */#define CKF_USER_PIN_FINAL_TRY       0x00020000/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the  * user PIN has been locked. User login to the token is not  * possible. */#define CKF_USER_PIN_LOCKED          0x00040000/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,  * the user PIN value is the default value set by token  * initialization or manufacturing, or the PIN has been * expired by the card. */#define CKF_USER_PIN_TO_BE_CHANGED   0x00080000/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an  * incorrect SO login PIN has been entered at least once since  * the last successful authentication. */#define CKF_SO_PIN_COUNT_LOW         0x00100000/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, * supplying an incorrect SO PIN will it to become locked. */#define CKF_SO_PIN_FINAL_TRY         0x00200000/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO  * PIN has been locked. SO login to the token is not possible. */#define CKF_SO_PIN_LOCKED            0x00400000/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,  * the SO PIN value is the default value set by token  * initialization or manufacturing, or the PIN has been * expired by the card. */#define CKF_SO_PIN_TO_BE_CHANGED     0x00800000typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;/* CK_SESSION_HANDLE is a Cryptoki-assigned value that * identifies a session */typedef CK_ULONG          CK_SESSION_HANDLE;typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; /* CK_USER_TYPE enumerates the types of Cryptoki users *//* CK_USER_TYPE has been changed from an enum to a CK_ULONG for * v2.0 */typedef CK_ULONG          CK_USER_TYPE;/* Security Officer */#define CKU_SO    0/* Normal user */#define CKU_USER  1/* CK_STATE enumerates the session states *//* CK_STATE has been changed from an enum to a CK_ULONG for * v2.0 */typedef CK_ULONG          CK_STATE;#define CKS_RO_PUBLIC_SESSION  0#define CKS_RO_USER_FUNCTIONS  1#define CKS_RW_PUBLIC_SESSION  2#define CKS_RW_USER_FUNCTIONS  3#define CKS_RW_SO_FUNCTIONS    4/* CK_SESSION_INFO provides information about a session */typedef struct CK_SESSION_INFO {  CK_SLOT_ID    slotID;  CK_STATE      state;  CK_FLAGS      flags;          /* see below */  /* ulDeviceError was changed from CK_USHORT to CK_ULONG for   * v2.0 */  CK_ULONG      ulDeviceError;  /* device-dependent error code */} CK_SESSION_INFO;/* The flags are defined in the following table: *      Bit Flag                Mask        Meaning */#define CKF_RW_SESSION          0x00000002  /* session is r/w */#define CKF_SERIAL_SESSION      0x00000004  /* no parallel */typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;/* CK_OBJECT_HANDLE is a token-specific identifier for an * object  */typedef CK_ULONG          CK_OBJECT_HANDLE;typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;/* CK_OBJECT_CLASS is a value that identifies the classes (or * types) of objects that Cryptoki recognizes.  It is defined * as follows: *//* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for * v2.0 */typedef CK_ULONG          CK_OBJECT_CLASS;/* The following classes of objects are defined: *//* CKO_HW_FEATURE is new for v2.10 *//* CKO_DOMAIN_PARAMETERS is new for v2.11 */#define CKO_DATA              0x00000000#define CKO_CERTIFICATE       0x00000001#define CKO_PUBLIC_KEY        0x00000002#define CKO_PRIVATE_KEY       0x00000003#define CKO_SECRET_KEY        0x00000004#define CKO_HW_FEATURE        0x00000005#define CKO_DOMAIN_PARAMETERS 0x00000006#define CKO_VENDOR_DEFINED    0x80000000typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a * value that identifies the hardware feature type of an object * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */typedef CK_ULONG          CK_HW_FEATURE_TYPE; /* The following hardware feature types are defined */#define CKH_MONOTONIC_COUNTER  0x00000001#define CKH_CLOCK           0x00000002#define CKH_VENDOR_DEFINED  0x80000000/* CK_KEY_TYPE is a value that identifies a key type *//* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */typedef CK_ULONG          CK_KEY_TYPE;/* the following key types are defined: */#define CKK_RSA             0x00000000