summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2017-08-01 08:43:45 +0200
committerDaiki Ueno <ueno@gnu.org>2017-08-03 13:28:27 +0200
commit2e5f24b195f11b88825ccdd97af4b8456a2c2a88 (patch)
tree62c8d158826aaac4d22749fa43acebe1e79005aa
parentfebad3a45082167a0b882e9b36dc4915d2e0e02c (diff)
pkcs11.h: added OTP-related mechanisms
-rw-r--r--common/pkcs11.h97
1 files changed, 97 insertions, 0 deletions
diff --git a/common/pkcs11.h b/common/pkcs11.h
index 4b433da..3487d94 100644
--- a/common/pkcs11.h
+++ b/common/pkcs11.h
@@ -1,6 +1,7 @@
/* pkcs11.h
Copyright 2006, 2007 g10 Code GmbH
Copyright 2006 Andreas Jellinghaus
+ Copyright 2017 Red Hat, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
@@ -147,6 +148,8 @@ extern "C" {
#define value pValue
#define value_len ulValueLen
+#define count ulCount
+
#define ck_date _CK_DATE
#define ck_mechanism_type_t CK_MECHANISM_TYPE
@@ -155,10 +158,17 @@ extern "C" {
#define parameter pParameter
#define parameter_len ulParameterLen
+#define params pParams
+
#define ck_mechanism_info _CK_MECHANISM_INFO
#define min_key_size ulMinKeySize
#define max_key_size ulMaxKeySize
+#define ck_param_type CK_PARAM_TYPE
+#define ck_otp_param CK_OTP_PARAM
+#define ck_otp_params CK_OTP_PARAMS
+#define ck_otp_signature_info CK_OTP_SIGNATURE_INFO
+
#define ck_rv_t CK_RV
#define ck_notify_t CK_NOTIFY
@@ -322,6 +332,7 @@ typedef unsigned long ck_object_class_t;
#define CKO_HW_FEATURE (5UL)
#define CKO_DOMAIN_PARAMETERS (6UL)
#define CKO_MECHANISM (7UL)
+#define CKO_OTP_KEY (8UL)
#define CKO_VENDOR_DEFINED ((unsigned long) (1UL << 31))
@@ -438,6 +449,20 @@ typedef unsigned long ck_attribute_type_t;
#define CKA_AUTH_PIN_FLAGS (0x201UL)
#define CKA_ALWAYS_AUTHENTICATE (0x202UL)
#define CKA_WRAP_WITH_TRUSTED (0x210UL)
+#define CKA_OTP_FORMAT (0x220UL)
+#define CKA_OTP_LENGTH (0x221UL)
+#define CKA_OTP_TIME_INTERVAL (0x222UL)
+#define CKA_OTP_USER_FRIENDLY_MODE (0x223UL)
+#define CKA_OTP_CHALLENGE_REQUIREMENT (0x224UL)
+#define CKA_OTP_TIME_REQUIREMENT (0x225UL)
+#define CKA_OTP_COUNTER_REQUIREMENT (0x226UL)
+#define CKA_OTP_PIN_REQUIREMENT (0x227UL)
+#define CKA_OTP_USER_IDENTIFIER (0x22AUL)
+#define CKA_OTP_SERVICE_IDENTIFIER (0x22BUL)
+#define CKA_OTP_SERVICE_LOGO (0x22CUL)
+#define CKA_OTP_SERVICE_LOGO_TYPE (0x22DUL)
+#define CKA_OTP_COUNTER (0x22EUL)
+#define CKA_OTP_TIME (0x22FUL)
#define CKA_GOSTR3410_PARAMS (0x250UL)
#define CKA_GOSTR3411_PARAMS (0x251UL)
#define CKA_GOST28147_PARAMS (0x252UL)
@@ -567,6 +592,12 @@ typedef unsigned long ck_mechanism_type_t;
#define CKM_SHA512 (0x270UL)
#define CKM_SHA512_HMAC (0x271UL)
#define CKM_SHA512_HMAC_GENERAL (0x272UL)
+#define CKM_SECURID_KEY_GEN (0x280UL)
+#define CKM_SECURID (0x282UL)
+#define CKM_HOTP_KEY_GEN (0x290UL)
+#define CKM_HOTP (0x291UL)
+#define CKM_ACTI (0x2a0UL)
+#define CKM_ACTI_KEY_GEN (0x2a1UL)
#define CKM_CAST_KEY_GEN (0x300UL)
#define CKM_CAST_ECB (0x301UL)
#define CKM_CAST_CBC (0x302UL)
@@ -739,6 +770,34 @@ typedef unsigned long ck_mechanism_type_t;
#define CKM_AES_KEY_WRAP (0x2109UL)
#define CKM_AES_KEY_WRAP_PAD (0x210aUL)
+/* Attribute and other constants related to OTP */
+#define CK_OTP_FORMAT_DECIMAL (0UL)
+#define CK_OTP_FORMAT_HEXADECIMAL (1UL)
+#define CK_OTP_FORMAT_ALPHANUMERIC (2UL)
+#define CK_OTP_FORMAT_BINARY (3UL)
+#define CK_OTP_PARAM_IGNORED (0UL)
+#define CK_OTP_PARAM_OPTIONAL (1UL)
+#define CK_OTP_PARAM_MANDATORY (2UL)
+
+#define CK_OTP_VALUE (0UL)
+#define CK_OTP_PIN (1UL)
+#define CK_OTP_CHALLENGE (2UL)
+#define CK_OTP_TIME (3UL)
+#define CK_OTP_COUNTER (4UL)
+#define CK_OTP_FLAGS (5UL)
+#define CK_OTP_OUTPUT_LENGTH (6UL)
+#define CK_OTP_FORMAT (7UL)
+
+/* OTP mechanism flags */
+#define CKF_NEXT_OTP (0x01UL)
+#define CKF_EXCLUDE_TIME (0x02UL)
+#define CKF_EXCLUDE_COUNTER (0x04UL)
+#define CKF_EXCLUDE_CHALLENGE (0x08UL)
+#define CKF_EXCLUDE_PIN (0x10UL)
+#define CKF_USER_FRIENDLY_OTP (0x20UL)
+
+#define CKN_OTP_CHANGED (0x01UL)
+
struct ck_mechanism
{
ck_mechanism_type_t mechanism;
@@ -754,6 +813,25 @@ struct ck_mechanism_info
ck_flags_t flags;
};
+typedef unsigned long ck_param_type;
+
+typedef struct ck_otp_param {
+ ck_param_type type;
+ void *value;
+ unsigned long value_len;
+} ck_otp_param;
+
+typedef struct ck_otp_params {
+ struct ck_otp_param *params;
+ unsigned long count;
+} ck_otp_params;
+
+typedef struct ck_otp_signature_info
+{
+ struct ck_otp_param *params;
+ unsigned long count;
+} ck_otp_signature_info;
+
#define CKG_MGF1_SHA1 0x00000001UL
#define CKG_MGF1_SHA224 0x00000005UL
#define CKG_MGF1_SHA256 0x00000002UL
@@ -1266,6 +1344,13 @@ struct ck_c_initialize_args
#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191UL)
#define CKR_MUTEX_BAD (0x1a0UL)
#define CKR_MUTEX_NOT_LOCKED (0x1a1UL)
+#define CKR_NEW_PIN_MODE (0x1b0UL)
+#define CKR_NEXT_OTP (0x1b1UL)
+#define CKR_EXCEEDED_MAX_ITERATIONS (0x1c0UL)
+#define CKR_FIPS_SELF_TEST_FAILED (0x1c1UL)
+#define CKR_LIBRARY_LOAD_FAILED (0x1c2UL)
+#define CKR_PIN_TOO_WEAK (0x1c3UL)
+#define CKR_PUBLIC_KEY_INVALID (0x1c4UL)
#define CKR_FUNCTION_REJECTED (0x200UL)
#define CKR_VENDOR_DEFINED ((unsigned long) (1UL << 31))
@@ -1341,6 +1426,9 @@ typedef struct ck_mechanism *CK_MECHANISM_PTR;
typedef struct ck_mechanism_info CK_MECHANISM_INFO;
typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR;
+typedef struct ck_otp_mechanism_info CK_OTP_MECHANISM_INFO;
+typedef struct ck_otp_mechanism_info *CK_OTP_MECHANISM_INFO_PTR;
+
typedef struct ck_function_list CK_FUNCTION_LIST;
typedef struct ck_function_list *CK_FUNCTION_LIST_PTR;
typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR;
@@ -1407,6 +1495,9 @@ typedef struct ck_rsa_pkcs_oaep_params *CK_RSA_PKCS_OAEP_PARAMS_PTR;
#undef value
#undef value_len
+#undef params
+#undef count
+
#undef ck_date
#undef ck_mechanism_type_t
@@ -1416,6 +1507,12 @@ typedef struct ck_rsa_pkcs_oaep_params *CK_RSA_PKCS_OAEP_PARAMS_PTR;
#undef parameter_len
#undef ck_mechanism_info
+
+#undef ck_param_type
+#undef ck_otp_param
+#undef ck_otp_params
+#undef ck_otp_signature_info
+
#undef min_key_size
#undef max_key_size