/*
* COPYRIGHT (c) International Business Machines Corp. 2001-2017
*
* This program is provided under the terms of the Common Public License,
* version 1.0 (CPL-1.0). Any use, reproduction or distribution for this
* software constitutes recipient's acceptance of CPL-1.0 terms which can be
* found in the file LICENSE file or at
* https://opensource.org/licenses/cpl1.0.php
*/
/***************************************************************************
Change Log
==========
4/25/03 Kapil Sood (kapil@corrent.com)
Added DH key pair generation and DH shared key derivation
functions.
****************************************************************************/
#ifndef _TOK_SPECIFIC_STRUCT
#define _TOK_SPECIFIC_STRUCT
struct token_specific_struct {
// Used to be in the token_local.h as a #def
char token_directory[PATH_MAX];
// Subdirectory
char token_subdir[PATH_MAX];
// Specifies if the token is using secure keys
CK_BBOOL secure_key_token;
// Information about how token's data should be stored.
struct {
// Use a separate directory for each user
CK_BBOOL per_user;
// Use data store?
CK_BBOOL use_master_key;
// Algorithm used to store private data (should be one of the
// CKM_* macros).
CK_MECHANISM_TYPE encryption_algorithm;
// Default Initialization vectors used for each token. Its size
// depends on the used algorithm.
CK_BYTE *pin_initial_vector;
CK_BYTE *obj_initial_vector;
} data_store;
// Create lockfile if different from standard way.
int (*t_creatlock) (void);
// Create or attach to token's shared memory
CK_RV(*t_attach_shm) (STDLL_TokData_t *, CK_SLOT_ID slot_id);
// Initialization function
CK_RV(*t_init) (STDLL_TokData_t *, CK_SLOT_ID, char *);
// Token data functions
CK_RV(*t_init_token_data) (STDLL_TokData_t *tokdata, CK_SLOT_ID slot_id);
CK_RV(*t_load_token_data) (STDLL_TokData_t *tokdata,
CK_SLOT_ID slot_id, FILE *fh);
CK_RV(*t_save_token_data) (STDLL_TokData_t *tokdata,
CK_SLOT_ID slot_id, FILE *fh);
// Random Number Gen
CK_RV(*t_rng) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG);
// any specific final code
CK_RV(*t_final) (STDLL_TokData_t *, CK_BBOOL);
CK_RV(*t_init_token) (STDLL_TokData_t *, CK_SLOT_ID, CK_CHAR_PTR,
CK_ULONG, CK_CHAR_PTR);
CK_RV(*t_login) (STDLL_TokData_t *, SESSION *, CK_USER_TYPE,
CK_CHAR_PTR, CK_ULONG);
CK_RV(*t_logout) (STDLL_TokData_t *);
CK_RV(*t_init_pin) (STDLL_TokData_t *, SESSION *, CK_CHAR_PTR, CK_ULONG);
CK_RV(*t_set_pin) (STDLL_TokData_t *, SESSION *, CK_CHAR_PTR, CK_ULONG,
CK_CHAR_PTR, CK_ULONG);
CK_RV(*t_des_key_gen) (STDLL_TokData_t *, CK_BYTE **, CK_ULONG *, CK_ULONG,
CK_BBOOL *);
CK_RV(*t_des_ecb) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *, CK_BYTE);
CK_RV(*t_des_cbc) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *, CK_BYTE *, CK_BYTE);
CK_RV(*t_tdes_ecb) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *, CK_BYTE);
CK_RV(*t_tdes_cbc) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *, CK_BYTE *, CK_BYTE);
CK_RV(*t_tdes_ofb) (STDLL_TokData_t *, CK_BYTE *, CK_BYTE *, CK_ULONG,
OBJECT *, CK_BYTE *, uint_32);
CK_RV(*t_tdes_cfb) (STDLL_TokData_t *, CK_BYTE *, CK_BYTE *, CK_ULONG,
OBJECT *, CK_BYTE *, uint_32, uint_32);
CK_RV(*t_tdes_mac) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG, OBJECT *,
CK_BYTE *);
CK_RV(*t_tdes_cmac) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG, OBJECT *,
CK_BYTE *,CK_BBOOL, CK_BBOOL, CK_VOID_PTR *);
CK_RV(*t_rsa_decrypt) (STDLL_TokData_t *, CK_BYTE *,
CK_ULONG, CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_rsa_encrypt) (STDLL_TokData_t *, CK_BYTE *,
CK_ULONG, CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_rsa_sign) (STDLL_TokData_t *, SESSION *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_rsa_verify) (STDLL_TokData_t *, SESSION *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG, OBJECT *);
CK_RV(*t_rsa_verify_recover) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_rsa_x509_decrypt) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_rsa_x509_encrypt) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_rsa_x509_sign) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_rsa_x509_verify) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG, OBJECT *);
CK_RV(*t_rsa_x509_verify_recover) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_rsa_oaep_decrypt) (STDLL_TokData_t *, ENCR_DECR_CONTEXT *,
CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *,
CK_BYTE *, CK_ULONG);
CK_RV(*t_rsa_oaep_encrypt) (STDLL_TokData_t *, ENCR_DECR_CONTEXT *,
CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *,
CK_BYTE *, CK_ULONG);
CK_RV(*t_rsa_pss_sign) (STDLL_TokData_t *, SESSION *,
SIGN_VERIFY_CONTEXT *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *);
CK_RV(*t_rsa_pss_verify) (STDLL_TokData_t *, SESSION *,
SIGN_VERIFY_CONTEXT *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG);
CK_RV(*t_rsa_generate_keypair) (STDLL_TokData_t *tokdata, TEMPLATE *,
TEMPLATE *);
CK_RV(*t_ec_sign) (STDLL_TokData_t *tokdata, SESSION *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *);
CK_RV(*t_ec_verify) (STDLL_TokData_t *tokdata, SESSION *, CK_BYTE *,
CK_ULONG, CK_BYTE *, CK_ULONG, OBJECT *);
CK_RV(*t_ec_generate_keypair) (STDLL_TokData_t *tokdata, TEMPLATE *,
TEMPLATE *);
CK_RV(*t_ecdh_pkcs_derive) (STDLL_TokData_t *tokdata, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *,
CK_BYTE *, CK_ULONG);
/* Begin code contributed by Corrent corp. */
// Token Specific DH functions
CK_RV(*t_dh_pkcs_derive) (STDLL_TokData_t *tokdata, CK_BYTE *,
CK_ULONG *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG);
CK_RV(*t_dh_pkcs_key_pair_gen) (STDLL_TokData_t *tokdata, TEMPLATE *,
TEMPLATE *);
/* End code contributed by Corrent corp. */
// Token Specific SHA1 functions
CK_RV(*t_sha_init) (STDLL_TokData_t *, DIGEST_CONTEXT *, CK_MECHANISM *);
CK_RV(*t_sha) (STDLL_TokData_t *, DIGEST_CONTEXT *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *);
CK_RV(*t_sha_update) (STDLL_TokData_t *, DIGEST_CONTEXT *, CK_BYTE *,
CK_ULONG);
CK_RV(*t_sha_final) (STDLL_TokData_t *, DIGEST_CONTEXT *, CK_BYTE *,
CK_ULONG *);
// Token Specific HMAC
CK_RV(*t_hmac_sign_init) (STDLL_TokData_t *, SESSION *, CK_MECHANISM *,
CK_OBJECT_HANDLE);
CK_RV(*t_hmac_sign) (STDLL_TokData_t *, SESSION *, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *);
CK_RV(*t_hmac_sign_update) (STDLL_TokData_t *, SESSION *, CK_BYTE *,
CK_ULONG);
CK_RV(*t_hmac_sign_final) (STDLL_TokData_t *, SESSION *, CK_BYTE *,
CK_ULONG *);
CK_RV(*t_hmac_verify_init) (STDLL_TokData_t *, SESSION *,
CK_MECHANISM *, CK_OBJECT_HANDLE);
CK_RV(*t_hmac_verify) (STDLL_TokData_t *, SESSION *, CK_BYTE *,
CK_ULONG, CK_BYTE *, CK_ULONG);
CK_RV(*t_hmac_verify_update) (STDLL_TokData_t *, SESSION *, CK_BYTE *,
CK_ULONG);
CK_RV(*t_hmac_verify_final) (STDLL_TokData_t *, SESSION *, CK_BYTE *,
CK_ULONG);
CK_RV(*t_generic_secret_key_gen) (STDLL_TokData_t *, TEMPLATE *);
// Token Specific AES functions
CK_RV(*t_aes_key_gen) (STDLL_TokData_t *, CK_BYTE **, CK_ULONG *, CK_ULONG,
CK_BBOOL *);
CK_RV(*t_aes_ecb) (STDLL_TokData_t *tokdata, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *, CK_BYTE);
CK_RV(*t_aes_cbc) (STDLL_TokData_t *tokdata, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *, CK_BYTE *, CK_BYTE);
CK_RV(*t_aes_ctr) (STDLL_TokData_t *tokdata, CK_BYTE *, CK_ULONG,
CK_BYTE *, CK_ULONG *, OBJECT *, CK_BYTE *, CK_ULONG,
CK_BYTE);
CK_RV(*t_aes_gcm_init) (STDLL_TokData_t *, SESSION *,
ENCR_DECR_CONTEXT *, CK_MECHANISM *,
CK_OBJECT_HANDLE, CK_BYTE);
CK_RV(*t_aes_gcm) (STDLL_TokData_t *, SESSION *, ENCR_DECR_CONTEXT *,
CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *, CK_BYTE);
CK_RV(*t_aes_gcm_update) (STDLL_TokData_t *, SESSION *,
ENCR_DECR_CONTEXT *, CK_BYTE *,
CK_ULONG, CK_BYTE *, CK_ULONG *, CK_BYTE);
CK_RV(*t_aes_gcm_final) (STDLL_TokData_t *, SESSION *,
ENCR_DECR_CONTEXT *, CK_BYTE *,
CK_ULONG *, CK_BYTE);
CK_RV(*t_aes_ofb) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG, CK_BYTE *,
OBJECT *, CK_BYTE *, uint_32);
CK_RV(*t_aes_cfb) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG, CK_BYTE *,
OBJECT *, CK_BYTE *, uint_32, uint_32);
CK_RV(*t_aes_mac) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG, OBJECT *,
CK_BYTE *);
CK_RV(*t_aes_cmac) (STDLL_TokData_t *, CK_BYTE *, CK_ULONG, OBJECT *,
CK_BYTE *, CK_BBOOL, CK_BBOOL, CK_VOID_PTR *);
// Token Specific DSA functions
CK_RV(*t_dsa_generate_keypair) (STDLL_TokData_t *, TEMPLATE *, TEMPLATE *);
CK_RV(*t_dsa_sign) (STDLL_TokData_t *, CK_BYTE *, CK_BYTE *, OBJECT *);
CK_RV(*t_dsa_verify) (STDLL_TokData_t *, CK_BYTE *, CK_BYTE *, OBJECT *);
CK_RV(*t_get_mechanism_list) (STDLL_TokData_t *, CK_MECHANISM_TYPE_PTR,
CK_ULONG_PTR);
CK_RV(*t_get_mechanism_info) (STDLL_TokData_t *, CK_MECHANISM_TYPE,
CK_MECHANISM_INFO_PTR);
CK_RV(*t_object_add) (STDLL_TokData_t *, SESSION *, OBJECT *);
CK_RV(*t_key_wrap) (STDLL_TokData_t *, SESSION *, CK_MECHANISM *, CK_BBOOL,
OBJECT *, OBJECT *, CK_BYTE *, CK_ULONG *, CK_BBOOL *);
CK_RV(*t_key_unwrap) (STDLL_TokData_t *, SESSION *, CK_MECHANISM *,
CK_BYTE *, CK_ULONG, OBJECT *, OBJECT *, CK_BBOOL *);
CK_RV(*t_reencrypt_single) (STDLL_TokData_t *, SESSION *,
ENCR_DECR_CONTEXT *, CK_MECHANISM *, OBJECT *,
ENCR_DECR_CONTEXT *, CK_MECHANISM *, OBJECT *,
CK_BYTE *, CK_ULONG , CK_BYTE *, CK_ULONG *);
};
typedef struct token_specific_struct token_spec_t;
#endif