1 /* |
|
2 * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. |
|
3 */ |
|
4 |
|
5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved. |
|
6 * |
|
7 * Redistribution and use in source and binary forms, with or without |
|
8 * modification, are permitted provided that the following conditions are met: |
|
9 * |
|
10 * 1. Redistributions of source code must retain the above copyright notice, |
|
11 * this list of conditions and the following disclaimer. |
|
12 * |
|
13 * 2. Redistributions in binary form must reproduce the above copyright notice, |
|
14 * this list of conditions and the following disclaimer in the documentation |
|
15 * and/or other materials provided with the distribution. |
|
16 * |
|
17 * 3. The end-user documentation included with the redistribution, if any, must |
|
18 * include the following acknowledgment: |
|
19 * |
|
20 * "This product includes software developed by IAIK of Graz University of |
|
21 * Technology." |
|
22 * |
|
23 * Alternately, this acknowledgment may appear in the software itself, if |
|
24 * and wherever such third-party acknowledgments normally appear. |
|
25 * |
|
26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of |
|
27 * Technology" must not be used to endorse or promote products derived from |
|
28 * this software without prior written permission. |
|
29 * |
|
30 * 5. Products derived from this software may not be called |
|
31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior |
|
32 * written permission of Graz University of Technology. |
|
33 * |
|
34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED |
|
35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE |
|
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, |
|
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, |
|
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, |
|
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON |
|
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, |
|
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
|
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
45 * POSSIBILITY OF SUCH DAMAGE. |
|
46 */ |
|
47 |
|
48 package sun.security.pkcs11.wrapper; |
|
49 |
|
50 /** |
|
51 * This interface holds constants of the PKCS#11 v2.11 standard. |
|
52 * This is mainly the content of the 'pkcs11t.h' header file. |
|
53 * |
|
54 * Mapping of primitiv data types to Java types: |
|
55 * <pre> |
|
56 * TRUE .......................................... true |
|
57 * FALSE ......................................... false |
|
58 * CK_BYTE ....................................... byte |
|
59 * CK_CHAR ....................................... char |
|
60 * CK_UTF8CHAR ................................... char |
|
61 * CK_BBOOL ...................................... boolean |
|
62 * CK_ULONG ...................................... long |
|
63 * CK_LONG ....................................... long |
|
64 * CK_FLAGS ...................................... long |
|
65 * CK_NOTIFICATION ............................... long |
|
66 * CK_SLOT_ID .................................... long |
|
67 * CK_SESSION_HANDLE ............................. long |
|
68 * CK_USER_TYPE .................................. long |
|
69 * CK_SESSION_HANDLE ............................. long |
|
70 * CK_STATE ...................................... long |
|
71 * CK_OBJECT_HANDLE .............................. long |
|
72 * CK_OBJECT_CLASS ............................... long |
|
73 * CK_HW_FEATURE_TYPE ............................ long |
|
74 * CK_KEY_TYPE ................................... long |
|
75 * CK_CERTIFICATE_TYPE ........................... long |
|
76 * CK_ATTRIBUTE_TYPE ............................. long |
|
77 * CK_VOID_PTR ................................... Object[] |
|
78 * CK_BYTE_PTR ................................... byte[] |
|
79 * CK_CHAR_PTR ................................... char[] |
|
80 * CK_UTF8CHAR_PTR ............................... char[] |
|
81 * CK_MECHANISM_TYPE ............................. long |
|
82 * CK_RV ......................................... long |
|
83 * CK_RSA_PKCS_OAEP_MGF_TYPE ..................... long |
|
84 * CK_RSA_PKCS_OAEP_SOURCE_TYPE .................. long |
|
85 * CK_RC2_PARAMS ................................. long |
|
86 * CK_MAC_GENERAL_PARAMS ......................... long |
|
87 * CK_EXTRACT_PARAMS ............................. long |
|
88 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE .... long |
|
89 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE .............. long |
|
90 * CK_EC_KDF_TYPE ................................ long |
|
91 * CK_X9_42_DH_KDF_TYPE .......................... long |
|
92 * </pre> |
|
93 * |
|
94 * @author <a href="mailto:Karl.Scheibelhofer@iaik.at"> Karl Scheibelhofer </a> |
|
95 * @invariants |
|
96 */ |
|
97 public interface PKCS11Constants { |
|
98 |
|
99 public static final boolean TRUE = true; |
|
100 |
|
101 public static final boolean FALSE = false; |
|
102 |
|
103 public static final Object NULL_PTR = null; |
|
104 |
|
105 /* some special values for certain CK_ULONG variables */ |
|
106 |
|
107 // Cryptoki defines CK_UNAVAILABLE_INFORMATION as (~0UL) |
|
108 // This means it is 0xffffffff in ILP32/LLP64 but 0xffffffffffffffff in LP64. |
|
109 // To avoid these differences on the Java side, the native code treats |
|
110 // CK_UNAVAILABLE_INFORMATION specially and always returns (long)-1 for it. |
|
111 // See ckULongSpecialToJLong() in pkcs11wrapper.h |
|
112 public static final long CK_UNAVAILABLE_INFORMATION = -1; |
|
113 public static final long CK_EFFECTIVELY_INFINITE = 0L; |
|
114 |
|
115 /* The following value is always invalid if used as a session */ |
|
116 /* handle or object handle */ |
|
117 public static final long CK_INVALID_HANDLE = 0L; |
|
118 |
|
119 /* CK_NOTIFICATION enumerates the types of notifications that |
|
120 * Cryptoki provides to an application */ |
|
121 /* CK_NOTIFICATION has been changed from an enum to a CK_ULONG |
|
122 * for v2.0 */ |
|
123 public static final long CKN_SURRENDER = 0L; |
|
124 |
|
125 /* flags: bit flags that provide capabilities of the slot |
|
126 * Bit Flag Mask Meaning |
|
127 */ |
|
128 public static final long CKF_TOKEN_PRESENT = 0x00000001L; |
|
129 public static final long CKF_REMOVABLE_DEVICE = 0x00000002L; |
|
130 public static final long CKF_HW_SLOT = 0x00000004L; |
|
131 |
|
132 /* The flags parameter is defined as follows: |
|
133 * Bit Flag Mask Meaning |
|
134 */ |
|
135 /* has random # generator */ |
|
136 public static final long CKF_RNG = 0x00000001L; |
|
137 |
|
138 /* token is write-protected */ |
|
139 public static final long CKF_WRITE_PROTECTED = 0x00000002L; |
|
140 |
|
141 /* user must login */ |
|
142 public static final long CKF_LOGIN_REQUIRED = 0x00000004L; |
|
143 |
|
144 /* normal user's PIN is set */ |
|
145 public static final long CKF_USER_PIN_INITIALIZED = 0x00000008L; |
|
146 |
|
147 /* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, |
|
148 * that means that *every* time the state of cryptographic |
|
149 * operations of a session is successfully saved, all keys |
|
150 * needed to continue those operations are stored in the state */ |
|
151 public static final long CKF_RESTORE_KEY_NOT_NEEDED = 0x00000020L; |
|
152 |
|
153 /* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means |
|
154 * that the token has some sort of clock. The time on that |
|
155 * clock is returned in the token info structure */ |
|
156 public static final long CKF_CLOCK_ON_TOKEN = 0x00000040L; |
|
157 |
|
158 /* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is |
|
159 * set, that means that there is some way for the user to login |
|
160 * without sending a PIN through the Cryptoki library itself */ |
|
161 public static final long CKF_PROTECTED_AUTHENTICATION_PATH = 0x00000100L; |
|
162 |
|
163 /* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, |
|
164 * that means that a single session with the token can perform |
|
165 * dual simultaneous cryptographic operations (digest and |
|
166 * encrypt; decrypt and digest; sign and encrypt; and decrypt |
|
167 * and sign) */ |
|
168 public static final long CKF_DUAL_CRYPTO_OPERATIONS = 0x00000200L; |
|
169 |
|
170 /* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the |
|
171 * token has been initialized using C_InitializeToken or an |
|
172 * equivalent mechanism outside the scope of PKCS #11. |
|
173 * Calling C_InitializeToken when this flag is set will cause |
|
174 * the token to be reinitialized. */ |
|
175 public static final long CKF_TOKEN_INITIALIZED = 0x00000400L; |
|
176 |
|
177 /* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is |
|
178 * true, the token supports secondary authentication for |
|
179 * private key objects. */ |
|
180 public static final long CKF_SECONDARY_AUTHENTICATION = 0x00000800L; |
|
181 |
|
182 /* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an |
|
183 * incorrect user login PIN has been entered at least once |
|
184 * since the last successful authentication. */ |
|
185 public static final long CKF_USER_PIN_COUNT_LOW = 0x00010000L; |
|
186 |
|
187 /* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, |
|
188 * supplying an incorrect user PIN will it to become locked. */ |
|
189 public static final long CKF_USER_PIN_FINAL_TRY = 0x00020000L; |
|
190 |
|
191 /* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the |
|
192 * user PIN has been locked. User login to the token is not |
|
193 * possible. */ |
|
194 public static final long CKF_USER_PIN_LOCKED = 0x00040000L; |
|
195 |
|
196 /* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, |
|
197 * the user PIN value is the default value set by token |
|
198 * initialization or manufacturing. */ |
|
199 public static final long CKF_USER_PIN_TO_BE_CHANGED = 0x00080000L; |
|
200 |
|
201 /* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an |
|
202 * incorrect SO login PIN has been entered at least once since |
|
203 * the last successful authentication. */ |
|
204 public static final long CKF_SO_PIN_COUNT_LOW = 0x00100000L; |
|
205 |
|
206 /* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, |
|
207 * supplying an incorrect SO PIN will it to become locked. */ |
|
208 public static final long CKF_SO_PIN_FINAL_TRY = 0x00200000L; |
|
209 |
|
210 /* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO |
|
211 * PIN has been locked. SO login to the token is not possible. |
|
212 */ |
|
213 public static final long CKF_SO_PIN_LOCKED = 0x00400000L; |
|
214 |
|
215 /* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, |
|
216 * the SO PIN value is the default value set by token |
|
217 * initialization or manufacturing. */ |
|
218 public static final long CKF_SO_PIN_TO_BE_CHANGED = 0x00800000L; |
|
219 |
|
220 |
|
221 /* CK_USER_TYPE enumerates the types of Cryptoki users */ |
|
222 /* CK_USER_TYPE has been changed from an enum to a CK_ULONG for |
|
223 * v2.0 */ |
|
224 /* Security Officer */ |
|
225 public static final long CKU_SO = 0L; |
|
226 /* Normal user */ |
|
227 public static final long CKU_USER = 1L; |
|
228 |
|
229 /* CK_STATE enumerates the session states */ |
|
230 /* CK_STATE has been changed from an enum to a CK_ULONG for |
|
231 * v2.0 */ |
|
232 public static final long CKS_RO_PUBLIC_SESSION = 0L; |
|
233 public static final long CKS_RO_USER_FUNCTIONS = 1L; |
|
234 public static final long CKS_RW_PUBLIC_SESSION = 2L; |
|
235 public static final long CKS_RW_USER_FUNCTIONS = 3L; |
|
236 public static final long CKS_RW_SO_FUNCTIONS = 4L; |
|
237 |
|
238 |
|
239 /* The flags are defined in the following table: |
|
240 * Bit Flag Mask Meaning |
|
241 */ |
|
242 /* session is r/w */ |
|
243 public static final long CKF_RW_SESSION = 0x00000002L; |
|
244 /* no parallel */ |
|
245 public static final long CKF_SERIAL_SESSION = 0x00000004L; |
|
246 |
|
247 |
|
248 /* The following classes of objects are defined: */ |
|
249 /* CKO_HW_FEATURE is new for v2.10 */ |
|
250 /* CKO_DOMAIN_PARAMETERS is new for v2.11 */ |
|
251 public static final long CKO_DATA = 0x00000000L; |
|
252 public static final long CKO_CERTIFICATE = 0x00000001L; |
|
253 public static final long CKO_PUBLIC_KEY = 0x00000002L; |
|
254 public static final long CKO_PRIVATE_KEY = 0x00000003L; |
|
255 public static final long CKO_SECRET_KEY = 0x00000004L; |
|
256 public static final long CKO_HW_FEATURE = 0x00000005L; |
|
257 public static final long CKO_DOMAIN_PARAMETERS = 0x00000006L; |
|
258 public static final long CKO_VENDOR_DEFINED = 0x80000000L; |
|
259 |
|
260 // pseudo object class ANY (for template manager) |
|
261 public static final long PCKO_ANY = 0x7FFFFF23L; |
|
262 |
|
263 |
|
264 /* The following hardware feature types are defined */ |
|
265 public static final long CKH_MONOTONIC_COUNTER = 0x00000001L; |
|
266 public static final long CKH_CLOCK = 0x00000002L; |
|
267 public static final long CKH_VENDOR_DEFINED = 0x80000000L; |
|
268 |
|
269 /* the following key types are defined: */ |
|
270 public static final long CKK_RSA = 0x00000000L; |
|
271 public static final long CKK_DSA = 0x00000001L; |
|
272 public static final long CKK_DH = 0x00000002L; |
|
273 |
|
274 /* CKK_ECDSA and CKK_KEA are new for v2.0 */ |
|
275 /* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ |
|
276 public static final long CKK_ECDSA = 0x00000003L; |
|
277 public static final long CKK_EC = 0x00000003L; |
|
278 public static final long CKK_X9_42_DH = 0x00000004L; |
|
279 public static final long CKK_KEA = 0x00000005L; |
|
280 |
|
281 public static final long CKK_GENERIC_SECRET = 0x00000010L; |
|
282 public static final long CKK_RC2 = 0x00000011L; |
|
283 public static final long CKK_RC4 = 0x00000012L; |
|
284 public static final long CKK_DES = 0x00000013L; |
|
285 public static final long CKK_DES2 = 0x00000014L; |
|
286 public static final long CKK_DES3 = 0x00000015L; |
|
287 |
|
288 /* all these key types are new for v2.0 */ |
|
289 public static final long CKK_CAST = 0x00000016L; |
|
290 public static final long CKK_CAST3 = 0x00000017L; |
|
291 /* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ |
|
292 public static final long CKK_CAST5 = 0x00000018L; |
|
293 /* CAST128=CAST5 */ |
|
294 public static final long CKK_CAST128 = 0x00000018L; |
|
295 public static final long CKK_RC5 = 0x00000019L; |
|
296 public static final long CKK_IDEA = 0x0000001AL; |
|
297 public static final long CKK_SKIPJACK = 0x0000001BL; |
|
298 public static final long CKK_BATON = 0x0000001CL; |
|
299 public static final long CKK_JUNIPER = 0x0000001DL; |
|
300 public static final long CKK_CDMF = 0x0000001EL; |
|
301 public static final long CKK_AES = 0x0000001FL; |
|
302 // v2.20 |
|
303 public static final long CKK_BLOWFISH = 0x00000020L; |
|
304 |
|
305 public static final long CKK_VENDOR_DEFINED = 0x80000000L; |
|
306 |
|
307 // new for v2.20 amendment 3 |
|
308 //public static final long CKK_CAMELLIA = 0x00000025L; |
|
309 //public static final long CKK_ARIA = 0x00000026L; |
|
310 |
|
311 // pseudo key type ANY (for template manager) |
|
312 public static final long PCKK_ANY = 0x7FFFFF22L; |
|
313 |
|
314 public static final long PCKK_HMAC = 0x7FFFFF23L; |
|
315 public static final long PCKK_SSLMAC = 0x7FFFFF24L; |
|
316 public static final long PCKK_TLSPREMASTER = 0x7FFFFF25L; |
|
317 public static final long PCKK_TLSRSAPREMASTER = 0x7FFFFF26L; |
|
318 public static final long PCKK_TLSMASTER = 0x7FFFFF27L; |
|
319 |
|
320 /* The following certificate types are defined: */ |
|
321 /* CKC_X_509_ATTR_CERT is new for v2.10 */ |
|
322 public static final long CKC_X_509 = 0x00000000L; |
|
323 public static final long CKC_X_509_ATTR_CERT = 0x00000001L; |
|
324 public static final long CKC_VENDOR_DEFINED = 0x80000000L; |
|
325 |
|
326 |
|
327 /* The following attribute types are defined: */ |
|
328 public static final long CKA_CLASS = 0x00000000L; |
|
329 public static final long CKA_TOKEN = 0x00000001L; |
|
330 public static final long CKA_PRIVATE = 0x00000002L; |
|
331 public static final long CKA_LABEL = 0x00000003L; |
|
332 public static final long CKA_APPLICATION = 0x00000010L; |
|
333 public static final long CKA_VALUE = 0x00000011L; |
|
334 |
|
335 /* CKA_OBJECT_ID is new for v2.10 */ |
|
336 public static final long CKA_OBJECT_ID = 0x00000012L; |
|
337 |
|
338 public static final long CKA_CERTIFICATE_TYPE = 0x00000080L; |
|
339 public static final long CKA_ISSUER = 0x00000081L; |
|
340 public static final long CKA_SERIAL_NUMBER = 0x00000082L; |
|
341 |
|
342 /* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new L; |
|
343 * for v2.10 */ |
|
344 public static final long CKA_AC_ISSUER = 0x00000083L; |
|
345 public static final long CKA_OWNER = 0x00000084L; |
|
346 public static final long CKA_ATTR_TYPES = 0x00000085L; |
|
347 |
|
348 /* CKA_TRUSTED is new for v2.11 */ |
|
349 public static final long CKA_TRUSTED = 0x00000086L; |
|
350 |
|
351 public static final long CKA_KEY_TYPE = 0x00000100L; |
|
352 public static final long CKA_SUBJECT = 0x00000101L; |
|
353 public static final long CKA_ID = 0x00000102L; |
|
354 public static final long CKA_SENSITIVE = 0x00000103L; |
|
355 public static final long CKA_ENCRYPT = 0x00000104L; |
|
356 public static final long CKA_DECRYPT = 0x00000105L; |
|
357 public static final long CKA_WRAP = 0x00000106L; |
|
358 public static final long CKA_UNWRAP = 0x00000107L; |
|
359 public static final long CKA_SIGN = 0x00000108L; |
|
360 public static final long CKA_SIGN_RECOVER = 0x00000109L; |
|
361 public static final long CKA_VERIFY = 0x0000010AL; |
|
362 public static final long CKA_VERIFY_RECOVER = 0x0000010BL; |
|
363 public static final long CKA_DERIVE = 0x0000010CL; |
|
364 public static final long CKA_START_DATE = 0x00000110L; |
|
365 public static final long CKA_END_DATE = 0x00000111L; |
|
366 public static final long CKA_MODULUS = 0x00000120L; |
|
367 public static final long CKA_MODULUS_BITS = 0x00000121L; |
|
368 public static final long CKA_PUBLIC_EXPONENT = 0x00000122L; |
|
369 public static final long CKA_PRIVATE_EXPONENT = 0x00000123L; |
|
370 public static final long CKA_PRIME_1 = 0x00000124L; |
|
371 public static final long CKA_PRIME_2 = 0x00000125L; |
|
372 public static final long CKA_EXPONENT_1 = 0x00000126L; |
|
373 public static final long CKA_EXPONENT_2 = 0x00000127L; |
|
374 public static final long CKA_COEFFICIENT = 0x00000128L; |
|
375 public static final long CKA_PRIME = 0x00000130L; |
|
376 public static final long CKA_SUBPRIME = 0x00000131L; |
|
377 public static final long CKA_BASE = 0x00000132L; |
|
378 |
|
379 /* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ |
|
380 public static final long CKA_PRIME_BITS = 0x00000133L; |
|
381 public static final long CKA_SUB_PRIME_BITS = 0x00000134L; |
|
382 |
|
383 public static final long CKA_VALUE_BITS = 0x00000160L; |
|
384 public static final long CKA_VALUE_LEN = 0x00000161L; |
|
385 |
|
386 /* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, |
|
387 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, |
|
388 * and CKA_EC_POINT are new for v2.0 */ |
|
389 public static final long CKA_EXTRACTABLE = 0x00000162L; |
|
390 public static final long CKA_LOCAL = 0x00000163L; |
|
391 public static final long CKA_NEVER_EXTRACTABLE = 0x00000164L; |
|
392 public static final long CKA_ALWAYS_SENSITIVE = 0x00000165L; |
|
393 |
|
394 /* CKA_KEY_GEN_MECHANISM is new for v2.11 */ |
|
395 public static final long CKA_KEY_GEN_MECHANISM = 0x00000166L; |
|
396 |
|
397 public static final long CKA_MODIFIABLE = 0x00000170L; |
|
398 |
|
399 /* CKA_ECDSA_PARAMS is deprecated in v2.11, |
|
400 * CKA_EC_PARAMS is preferred. */ |
|
401 public static final long CKA_ECDSA_PARAMS = 0x00000180L; |
|
402 public static final long CKA_EC_PARAMS = 0x00000180L; |
|
403 public static final long CKA_EC_POINT = 0x00000181L; |
|
404 |
|
405 /* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, |
|
406 * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET |
|
407 * are new for v2.10 */ |
|
408 public static final long CKA_SECONDARY_AUTH = 0x00000200L; |
|
409 public static final long CKA_AUTH_PIN_FLAGS = 0x00000201L; |
|
410 public static final long CKA_HW_FEATURE_TYPE = 0x00000300L; |
|
411 public static final long CKA_RESET_ON_INIT = 0x00000301L; |
|
412 public static final long CKA_HAS_RESET = 0x00000302L; |
|
413 |
|
414 public static final long CKA_VENDOR_DEFINED = 0x80000000L; |
|
415 |
|
416 /* the following mechanism types are defined: */ |
|
417 public static final long CKM_RSA_PKCS_KEY_PAIR_GEN = 0x00000000L; |
|
418 public static final long CKM_RSA_PKCS = 0x00000001L; |
|
419 public static final long CKM_RSA_9796 = 0x00000002L; |
|
420 public static final long CKM_RSA_X_509 = 0x00000003L; |
|
421 |
|
422 /* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS |
|
423 * are new for v2.0. They are mechanisms which hash and sign */ |
|
424 public static final long CKM_MD2_RSA_PKCS = 0x00000004L; |
|
425 public static final long CKM_MD5_RSA_PKCS = 0x00000005L; |
|
426 public static final long CKM_SHA1_RSA_PKCS = 0x00000006L; |
|
427 |
|
428 /* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and |
|
429 * CKM_RSA_PKCS_OAEP are new for v2.10 */ |
|
430 public static final long CKM_RIPEMD128_RSA_PKCS = 0x00000007L; |
|
431 public static final long CKM_RIPEMD160_RSA_PKCS = 0x00000008L; |
|
432 public static final long CKM_RSA_PKCS_OAEP = 0x00000009L; |
|
433 |
|
434 /* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, |
|
435 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ |
|
436 public static final long CKM_RSA_X9_31_KEY_PAIR_GEN = 0x0000000AL; |
|
437 public static final long CKM_RSA_X9_31 = 0x0000000BL; |
|
438 public static final long CKM_SHA1_RSA_X9_31 = 0x0000000CL; |
|
439 public static final long CKM_RSA_PKCS_PSS = 0x0000000DL; |
|
440 public static final long CKM_SHA1_RSA_PKCS_PSS = 0x0000000EL; |
|
441 |
|
442 public static final long CKM_DSA_KEY_PAIR_GEN = 0x00000010L; |
|
443 public static final long CKM_DSA = 0x00000011L; |
|
444 public static final long CKM_DSA_SHA1 = 0x00000012L; |
|
445 public static final long CKM_DH_PKCS_KEY_PAIR_GEN = 0x00000020L; |
|
446 public static final long CKM_DH_PKCS_DERIVE = 0x00000021L; |
|
447 |
|
448 /* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, |
|
449 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for |
|
450 * v2.11 */ |
|
451 public static final long CKM_X9_42_DH_KEY_PAIR_GEN = 0x00000030L; |
|
452 public static final long CKM_X9_42_DH_DERIVE = 0x00000031L; |
|
453 public static final long CKM_X9_42_DH_HYBRID_DERIVE = 0x00000032L; |
|
454 public static final long CKM_X9_42_MQV_DERIVE = 0x00000033L; |
|
455 |
|
456 // v2.20 |
|
457 public static final long CKM_SHA256_RSA_PKCS = 0x00000040L; |
|
458 public static final long CKM_SHA384_RSA_PKCS = 0x00000041L; |
|
459 public static final long CKM_SHA512_RSA_PKCS = 0x00000042L; |
|
460 |
|
461 public static final long CKM_RC2_KEY_GEN = 0x00000100L; |
|
462 public static final long CKM_RC2_ECB = 0x00000101L; |
|
463 public static final long CKM_RC2_CBC = 0x00000102L; |
|
464 public static final long CKM_RC2_MAC = 0x00000103L; |
|
465 |
|
466 /* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ |
|
467 public static final long CKM_RC2_MAC_GENERAL = 0x00000104L; |
|
468 public static final long CKM_RC2_CBC_PAD = 0x00000105L; |
|
469 |
|
470 public static final long CKM_RC4_KEY_GEN = 0x00000110L; |
|
471 public static final long CKM_RC4 = 0x00000111L; |
|
472 public static final long CKM_DES_KEY_GEN = 0x00000120L; |
|
473 public static final long CKM_DES_ECB = 0x00000121L; |
|
474 public static final long CKM_DES_CBC = 0x00000122L; |
|
475 public static final long CKM_DES_MAC = 0x00000123L; |
|
476 |
|
477 /* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ |
|
478 public static final long CKM_DES_MAC_GENERAL = 0x00000124L; |
|
479 public static final long CKM_DES_CBC_PAD = 0x00000125L; |
|
480 |
|
481 public static final long CKM_DES2_KEY_GEN = 0x00000130L; |
|
482 public static final long CKM_DES3_KEY_GEN = 0x00000131L; |
|
483 public static final long CKM_DES3_ECB = 0x00000132L; |
|
484 public static final long CKM_DES3_CBC = 0x00000133L; |
|
485 public static final long CKM_DES3_MAC = 0x00000134L; |
|
486 |
|
487 /* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, |
|
488 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, |
|
489 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ |
|
490 public static final long CKM_DES3_MAC_GENERAL = 0x00000135L; |
|
491 public static final long CKM_DES3_CBC_PAD = 0x00000136L; |
|
492 public static final long CKM_CDMF_KEY_GEN = 0x00000140L; |
|
493 public static final long CKM_CDMF_ECB = 0x00000141L; |
|
494 public static final long CKM_CDMF_CBC = 0x00000142L; |
|
495 public static final long CKM_CDMF_MAC = 0x00000143L; |
|
496 public static final long CKM_CDMF_MAC_GENERAL = 0x00000144L; |
|
497 public static final long CKM_CDMF_CBC_PAD = 0x00000145L; |
|
498 |
|
499 public static final long CKM_MD2 = 0x00000200L; |
|
500 |
|
501 /* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ |
|
502 public static final long CKM_MD2_HMAC = 0x00000201L; |
|
503 public static final long CKM_MD2_HMAC_GENERAL = 0x00000202L; |
|
504 |
|
505 public static final long CKM_MD5 = 0x00000210L; |
|
506 |
|
507 /* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ |
|
508 public static final long CKM_MD5_HMAC = 0x00000211L; |
|
509 public static final long CKM_MD5_HMAC_GENERAL = 0x00000212L; |
|
510 |
|
511 public static final long CKM_SHA_1 = 0x00000220L; |
|
512 |
|
513 /* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ |
|
514 public static final long CKM_SHA_1_HMAC = 0x00000221L; |
|
515 public static final long CKM_SHA_1_HMAC_GENERAL = 0x00000222L; |
|
516 |
|
517 /* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, |
|
518 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, |
|
519 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ |
|
520 public static final long CKM_RIPEMD128 = 0x00000230L; |
|
521 public static final long CKM_RIPEMD128_HMAC = 0x00000231L; |
|
522 public static final long CKM_RIPEMD128_HMAC_GENERAL = 0x00000232L; |
|
523 public static final long CKM_RIPEMD160 = 0x00000240L; |
|
524 public static final long CKM_RIPEMD160_HMAC = 0x00000241L; |
|
525 public static final long CKM_RIPEMD160_HMAC_GENERAL = 0x00000242L; |
|
526 |
|
527 // v2.20 |
|
528 public static final long CKM_SHA256 = 0x00000250L; |
|
529 public static final long CKM_SHA256_HMAC = 0x00000251L; |
|
530 public static final long CKM_SHA256_HMAC_GENERAL = 0x00000252L; |
|
531 |
|
532 public static final long CKM_SHA384 = 0x00000260L; |
|
533 public static final long CKM_SHA384_HMAC = 0x00000261L; |
|
534 public static final long CKM_SHA384_HMAC_GENERAL = 0x00000262L; |
|
535 |
|
536 public static final long CKM_SHA512 = 0x00000270L; |
|
537 public static final long CKM_SHA512_HMAC = 0x00000271L; |
|
538 public static final long CKM_SHA512_HMAC_GENERAL = 0x00000272L; |
|
539 |
|
540 /* All of the following mechanisms are new for v2.0 */ |
|
541 /* Note that CAST128 and CAST5 are the same algorithm */ |
|
542 public static final long CKM_CAST_KEY_GEN = 0x00000300L; |
|
543 public static final long CKM_CAST_ECB = 0x00000301L; |
|
544 public static final long CKM_CAST_CBC = 0x00000302L; |
|
545 public static final long CKM_CAST_MAC = 0x00000303L; |
|
546 public static final long CKM_CAST_MAC_GENERAL = 0x00000304L; |
|
547 public static final long CKM_CAST_CBC_PAD = 0x00000305L; |
|
548 public static final long CKM_CAST3_KEY_GEN = 0x00000310L; |
|
549 public static final long CKM_CAST3_ECB = 0x00000311L; |
|
550 public static final long CKM_CAST3_CBC = 0x00000312L; |
|
551 public static final long CKM_CAST3_MAC = 0x00000313L; |
|
552 public static final long CKM_CAST3_MAC_GENERAL = 0x00000314L; |
|
553 public static final long CKM_CAST3_CBC_PAD = 0x00000315L; |
|
554 public static final long CKM_CAST5_KEY_GEN = 0x00000320L; |
|
555 public static final long CKM_CAST128_KEY_GEN = 0x00000320L; |
|
556 public static final long CKM_CAST5_ECB = 0x00000321L; |
|
557 public static final long CKM_CAST128_ECB = 0x00000321L; |
|
558 public static final long CKM_CAST5_CBC = 0x00000322L; |
|
559 public static final long CKM_CAST128_CBC = 0x00000322L; |
|
560 public static final long CKM_CAST5_MAC = 0x00000323L; |
|
561 public static final long CKM_CAST128_MAC = 0x00000323L; |
|
562 public static final long CKM_CAST5_MAC_GENERAL = 0x00000324L; |
|
563 public static final long CKM_CAST128_MAC_GENERAL = 0x00000324L; |
|
564 public static final long CKM_CAST5_CBC_PAD = 0x00000325L; |
|
565 public static final long CKM_CAST128_CBC_PAD = 0x00000325L; |
|
566 public static final long CKM_RC5_KEY_GEN = 0x00000330L; |
|
567 public static final long CKM_RC5_ECB = 0x00000331L; |
|
568 public static final long CKM_RC5_CBC = 0x00000332L; |
|
569 public static final long CKM_RC5_MAC = 0x00000333L; |
|
570 public static final long CKM_RC5_MAC_GENERAL = 0x00000334L; |
|
571 public static final long CKM_RC5_CBC_PAD = 0x00000335L; |
|
572 public static final long CKM_IDEA_KEY_GEN = 0x00000340L; |
|
573 public static final long CKM_IDEA_ECB = 0x00000341L; |
|
574 public static final long CKM_IDEA_CBC = 0x00000342L; |
|
575 public static final long CKM_IDEA_MAC = 0x00000343L; |
|
576 public static final long CKM_IDEA_MAC_GENERAL = 0x00000344L; |
|
577 public static final long CKM_IDEA_CBC_PAD = 0x00000345L; |
|
578 public static final long CKM_GENERIC_SECRET_KEY_GEN = 0x00000350L; |
|
579 public static final long CKM_CONCATENATE_BASE_AND_KEY = 0x00000360L; |
|
580 public static final long CKM_CONCATENATE_BASE_AND_DATA = 0x00000362L; |
|
581 public static final long CKM_CONCATENATE_DATA_AND_BASE = 0x00000363L; |
|
582 public static final long CKM_XOR_BASE_AND_DATA = 0x00000364L; |
|
583 public static final long CKM_EXTRACT_KEY_FROM_KEY = 0x00000365L; |
|
584 public static final long CKM_SSL3_PRE_MASTER_KEY_GEN = 0x00000370L; |
|
585 public static final long CKM_SSL3_MASTER_KEY_DERIVE = 0x00000371L; |
|
586 public static final long CKM_SSL3_KEY_AND_MAC_DERIVE = 0x00000372L; |
|
587 |
|
588 /* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, |
|
589 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and |
|
590 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ |
|
591 public static final long CKM_SSL3_MASTER_KEY_DERIVE_DH = 0x00000373L; |
|
592 public static final long CKM_TLS_PRE_MASTER_KEY_GEN = 0x00000374L; |
|
593 public static final long CKM_TLS_MASTER_KEY_DERIVE = 0x00000375L; |
|
594 public static final long CKM_TLS_KEY_AND_MAC_DERIVE = 0x00000376L; |
|
595 public static final long CKM_TLS_MASTER_KEY_DERIVE_DH = 0x00000377L; |
|
596 public static final long CKM_TLS_PRF = 0x00000378L; |
|
597 |
|
598 public static final long CKM_SSL3_MD5_MAC = 0x00000380L; |
|
599 public static final long CKM_SSL3_SHA1_MAC = 0x00000381L; |
|
600 public static final long CKM_MD5_KEY_DERIVATION = 0x00000390L; |
|
601 public static final long CKM_MD2_KEY_DERIVATION = 0x00000391L; |
|
602 public static final long CKM_SHA1_KEY_DERIVATION = 0x00000392L; |
|
603 |
|
604 // v2.20 |
|
605 public static final long CKM_SHA256_KEY_DERIVATION = 0x00000393L; |
|
606 public static final long CKM_SHA384_KEY_DERIVATION = 0x00000394L; |
|
607 public static final long CKM_SHA512_KEY_DERIVATION = 0x00000395L; |
|
608 |
|
609 public static final long CKM_PBE_MD2_DES_CBC = 0x000003A0L; |
|
610 public static final long CKM_PBE_MD5_DES_CBC = 0x000003A1L; |
|
611 public static final long CKM_PBE_MD5_CAST_CBC = 0x000003A2L; |
|
612 public static final long CKM_PBE_MD5_CAST3_CBC = 0x000003A3L; |
|
613 public static final long CKM_PBE_MD5_CAST5_CBC = 0x000003A4L; |
|
614 public static final long CKM_PBE_MD5_CAST128_CBC = 0x000003A4L; |
|
615 public static final long CKM_PBE_SHA1_CAST5_CBC = 0x000003A5L; |
|
616 public static final long CKM_PBE_SHA1_CAST128_CBC = 0x000003A5L; |
|
617 public static final long CKM_PBE_SHA1_RC4_128 = 0x000003A6L; |
|
618 public static final long CKM_PBE_SHA1_RC4_40 = 0x000003A7L; |
|
619 public static final long CKM_PBE_SHA1_DES3_EDE_CBC = 0x000003A8L; |
|
620 public static final long CKM_PBE_SHA1_DES2_EDE_CBC = 0x000003A9L; |
|
621 public static final long CKM_PBE_SHA1_RC2_128_CBC = 0x000003AAL; |
|
622 public static final long CKM_PBE_SHA1_RC2_40_CBC = 0x000003ABL; |
|
623 |
|
624 /* CKM_PKCS5_PBKD2 is new for v2.10 */ |
|
625 public static final long CKM_PKCS5_PBKD2 = 0x000003B0L; |
|
626 |
|
627 public static final long CKM_PBA_SHA1_WITH_SHA1_HMAC = 0x000003C0L; |
|
628 public static final long CKM_KEY_WRAP_LYNKS = 0x00000400L; |
|
629 public static final long CKM_KEY_WRAP_SET_OAEP = 0x00000401L; |
|
630 |
|
631 /* Fortezza mechanisms */ |
|
632 public static final long CKM_SKIPJACK_KEY_GEN = 0x00001000L; |
|
633 public static final long CKM_SKIPJACK_ECB64 = 0x00001001L; |
|
634 public static final long CKM_SKIPJACK_CBC64 = 0x00001002L; |
|
635 public static final long CKM_SKIPJACK_OFB64 = 0x00001003L; |
|
636 public static final long CKM_SKIPJACK_CFB64 = 0x00001004L; |
|
637 public static final long CKM_SKIPJACK_CFB32 = 0x00001005L; |
|
638 public static final long CKM_SKIPJACK_CFB16 = 0x00001006L; |
|
639 public static final long CKM_SKIPJACK_CFB8 = 0x00001007L; |
|
640 public static final long CKM_SKIPJACK_WRAP = 0x00001008L; |
|
641 public static final long CKM_SKIPJACK_PRIVATE_WRAP = 0x00001009L; |
|
642 public static final long CKM_SKIPJACK_RELAYX = 0x0000100AL; |
|
643 public static final long CKM_KEA_KEY_PAIR_GEN = 0x00001010L; |
|
644 public static final long CKM_KEA_KEY_DERIVE = 0x00001011L; |
|
645 public static final long CKM_FORTEZZA_TIMESTAMP = 0x00001020L; |
|
646 public static final long CKM_BATON_KEY_GEN = 0x00001030L; |
|
647 public static final long CKM_BATON_ECB128 = 0x00001031L; |
|
648 public static final long CKM_BATON_ECB96 = 0x00001032L; |
|
649 public static final long CKM_BATON_CBC128 = 0x00001033L; |
|
650 public static final long CKM_BATON_COUNTER = 0x00001034L; |
|
651 public static final long CKM_BATON_SHUFFLE = 0x00001035L; |
|
652 public static final long CKM_BATON_WRAP = 0x00001036L; |
|
653 |
|
654 /* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, |
|
655 * CKM_EC_KEY_PAIR_GEN is preferred */ |
|
656 public static final long CKM_ECDSA_KEY_PAIR_GEN = 0x00001040L; |
|
657 public static final long CKM_EC_KEY_PAIR_GEN = 0x00001040L; |
|
658 |
|
659 public static final long CKM_ECDSA = 0x00001041L; |
|
660 public static final long CKM_ECDSA_SHA1 = 0x00001042L; |
|
661 |
|
662 /* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE |
|
663 * are new for v2.11 */ |
|
664 public static final long CKM_ECDH1_DERIVE = 0x00001050L; |
|
665 public static final long CKM_ECDH1_COFACTOR_DERIVE = 0x00001051L; |
|
666 public static final long CKM_ECMQV_DERIVE = 0x00001052L; |
|
667 |
|
668 public static final long CKM_JUNIPER_KEY_GEN = 0x00001060L; |
|
669 public static final long CKM_JUNIPER_ECB128 = 0x00001061L; |
|
670 public static final long CKM_JUNIPER_CBC128 = 0x00001062L; |
|
671 public static final long CKM_JUNIPER_COUNTER = 0x00001063L; |
|
672 public static final long CKM_JUNIPER_SHUFFLE = 0x00001064L; |
|
673 public static final long CKM_JUNIPER_WRAP = 0x00001065L; |
|
674 public static final long CKM_FASTHASH = 0x00001070L; |
|
675 |
|
676 /* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, |
|
677 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, |
|
678 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are |
|
679 * new for v2.11 */ |
|
680 public static final long CKM_AES_KEY_GEN = 0x00001080L; |
|
681 public static final long CKM_AES_ECB = 0x00001081L; |
|
682 public static final long CKM_AES_CBC = 0x00001082L; |
|
683 public static final long CKM_AES_MAC = 0x00001083L; |
|
684 public static final long CKM_AES_MAC_GENERAL = 0x00001084L; |
|
685 public static final long CKM_AES_CBC_PAD = 0x00001085L; |
|
686 // v2.20 |
|
687 public static final long CKM_BLOWFISH_KEY_GEN = 0x00001090L; |
|
688 public static final long CKM_BLOWFISH_CBC = 0x00001091L; |
|
689 public static final long CKM_DSA_PARAMETER_GEN = 0x00002000L; |
|
690 public static final long CKM_DH_PKCS_PARAMETER_GEN = 0x00002001L; |
|
691 public static final long CKM_X9_42_DH_PARAMETER_GEN = 0x00002002L; |
|
692 |
|
693 public static final long CKM_VENDOR_DEFINED = 0x80000000L; |
|
694 |
|
695 // new for v2.20 amendment 3 |
|
696 public static final long CKM_SHA224 = 0x00000255L; |
|
697 public static final long CKM_SHA224_HMAC = 0x00000256L; |
|
698 public static final long CKM_SHA224_HMAC_GENERAL = 0x00000257L; |
|
699 public static final long CKM_SHA224_KEY_DERIVATION = 0x00000396L; |
|
700 public static final long CKM_SHA224_RSA_PKCS = 0x00000046L; |
|
701 public static final long CKM_SHA224_RSA_PKCS_PSS = 0x00000047L; |
|
702 public static final long CKM_AES_CTR = 0x00001086L; |
|
703 /* |
|
704 public static final long CKM_CAMELLIA_KEY_GEN = 0x00000550L; |
|
705 public static final long CKM_CAMELLIA_ECB = 0x00000551L; |
|
706 public static final long CKM_CAMELLIA_CBC = 0x00000552L; |
|
707 public static final long CKM_CAMELLIA_MAC = 0x00000553L; |
|
708 public static final long CKM_CAMELLIA_MAC_GENERAL = 0x00000554L; |
|
709 public static final long CKM_CAMELLIA_CBC_PAD = 0x00000555L; |
|
710 public static final long CKM_CAMELLIA_ECB_ENCRYPT_DATA = 0x00000556L; |
|
711 public static final long CKM_CAMELLIA_CBC_ENCRYPT_DATA = 0x00000557L; |
|
712 public static final long CKM_CAMELLIA_CTR = 0x00000558L; |
|
713 public static final long CKM_ARIA_KEY_GEN = 0x00000560L; |
|
714 public static final long CKM_ARIA_ECB = 0x00000561L; |
|
715 public static final long CKM_ARIA_CBC = 0x00000562L; |
|
716 public static final long CKM_ARIA_MAC = 0x00000563L; |
|
717 public static final long CKM_ARIA_MAC_GENERAL = 0x00000564L; |
|
718 public static final long CKM_ARIA_CBC_PAD = 0x00000565L; |
|
719 public static final long CKM_ARIA_ECB_ENCRYPT_DATA = 0x00000566L; |
|
720 public static final long CKM_ARIA_CBC_ENCRYPT_DATA = 0x00000567L; |
|
721 */ |
|
722 |
|
723 // NSS private |
|
724 public static final long CKM_NSS_TLS_PRF_GENERAL = 0x80000373L; |
|
725 |
|
726 // ids for our pseudo mechanisms SecureRandom and KeyStore |
|
727 public static final long PCKM_SECURERANDOM = 0x7FFFFF20L; |
|
728 public static final long PCKM_KEYSTORE = 0x7FFFFF21L; |
|
729 |
|
730 /* The flags are defined as follows: |
|
731 * Bit Flag Mask Meaning */ |
|
732 /* performed by HW */ |
|
733 public static final long CKF_HW = 0x00000001L; |
|
734 |
|
735 /* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, |
|
736 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, |
|
737 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, |
|
738 * and CKF_DERIVE are new for v2.0. They specify whether or not |
|
739 * a mechanism can be used for a particular task */ |
|
740 public static final long CKF_ENCRYPT = 0x00000100L; |
|
741 public static final long CKF_DECRYPT = 0x00000200L; |
|
742 public static final long CKF_DIGEST = 0x00000400L; |
|
743 public static final long CKF_SIGN = 0x00000800L; |
|
744 public static final long CKF_SIGN_RECOVER = 0x00001000L; |
|
745 public static final long CKF_VERIFY = 0x00002000L; |
|
746 public static final long CKF_VERIFY_RECOVER = 0x00004000L; |
|
747 public static final long CKF_GENERATE = 0x00008000L; |
|
748 public static final long CKF_GENERATE_KEY_PAIR = 0x00010000L; |
|
749 public static final long CKF_WRAP = 0x00020000L; |
|
750 public static final long CKF_UNWRAP = 0x00040000L; |
|
751 public static final long CKF_DERIVE = 0x00080000L; |
|
752 |
|
753 /* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, |
|
754 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They |
|
755 * describe a token's EC capabilities not available in mechanism |
|
756 * information. */ |
|
757 public static final long CKF_EC_F_P = 0x00100000L; |
|
758 public static final long CKF_EC_F_2M = 0x00200000L; |
|
759 public static final long CKF_EC_ECPARAMETERS = 0x00400000L; |
|
760 public static final long CKF_EC_NAMEDCURVE = 0x00800000L; |
|
761 public static final long CKF_EC_UNCOMPRESS = 0x01000000L; |
|
762 public static final long CKF_EC_COMPRESS = 0x02000000L; |
|
763 |
|
764 /* FALSE for 2.01 */ |
|
765 public static final long CKF_EXTENSION = 0x80000000L; |
|
766 |
|
767 |
|
768 /* CK_RV is a value that identifies the return value of a |
|
769 * Cryptoki function */ |
|
770 /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ |
|
771 public static final long CKR_OK = 0x00000000L; |
|
772 public static final long CKR_CANCEL = 0x00000001L; |
|
773 public static final long CKR_HOST_MEMORY = 0x00000002L; |
|
774 public static final long CKR_SLOT_ID_INVALID = 0x00000003L; |
|
775 |
|
776 /* CKR_FLAGS_INVALID was removed for v2.0 */ |
|
777 |
|
778 /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ |
|
779 public static final long CKR_GENERAL_ERROR = 0x00000005L; |
|
780 public static final long CKR_FUNCTION_FAILED = 0x00000006L; |
|
781 |
|
782 /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, |
|
783 * and CKR_CANT_LOCK are new for v2.01 */ |
|
784 public static final long CKR_ARGUMENTS_BAD = 0x00000007L; |
|
785 public static final long CKR_NO_EVENT = 0x00000008L; |
|
786 public static final long CKR_NEED_TO_CREATE_THREADS = 0x00000009L; |
|
787 public static final long CKR_CANT_LOCK = 0x0000000AL; |
|
788 |
|
789 public static final long CKR_ATTRIBUTE_READ_ONLY = 0x00000010L; |
|
790 public static final long CKR_ATTRIBUTE_SENSITIVE = 0x00000011L; |
|
791 public static final long CKR_ATTRIBUTE_TYPE_INVALID = 0x00000012L; |
|
792 public static final long CKR_ATTRIBUTE_VALUE_INVALID = 0x00000013L; |
|
793 public static final long CKR_DATA_INVALID = 0x00000020L; |
|
794 public static final long CKR_DATA_LEN_RANGE = 0x00000021L; |
|
795 public static final long CKR_DEVICE_ERROR = 0x00000030L; |
|
796 public static final long CKR_DEVICE_MEMORY = 0x00000031L; |
|
797 public static final long CKR_DEVICE_REMOVED = 0x00000032L; |
|
798 public static final long CKR_ENCRYPTED_DATA_INVALID = 0x00000040L; |
|
799 public static final long CKR_ENCRYPTED_DATA_LEN_RANGE = 0x00000041L; |
|
800 public static final long CKR_FUNCTION_CANCELED = 0x00000050L; |
|
801 public static final long CKR_FUNCTION_NOT_PARALLEL = 0x00000051L; |
|
802 |
|
803 /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ |
|
804 public static final long CKR_FUNCTION_NOT_SUPPORTED = 0x00000054L; |
|
805 |
|
806 public static final long CKR_KEY_HANDLE_INVALID = 0x00000060L; |
|
807 |
|
808 /* CKR_KEY_SENSITIVE was removed for v2.0 */ |
|
809 |
|
810 public static final long CKR_KEY_SIZE_RANGE = 0x00000062L; |
|
811 public static final long CKR_KEY_TYPE_INCONSISTENT = 0x00000063L; |
|
812 |
|
813 /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, |
|
814 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, |
|
815 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for |
|
816 * v2.0 */ |
|
817 public static final long CKR_KEY_NOT_NEEDED = 0x00000064L; |
|
818 public static final long CKR_KEY_CHANGED = 0x00000065L; |
|
819 public static final long CKR_KEY_NEEDED = 0x00000066L; |
|
820 public static final long CKR_KEY_INDIGESTIBLE = 0x00000067L; |
|
821 public static final long CKR_KEY_FUNCTION_NOT_PERMITTED = 0x00000068L; |
|
822 public static final long CKR_KEY_NOT_WRAPPABLE = 0x00000069L; |
|
823 public static final long CKR_KEY_UNEXTRACTABLE = 0x0000006AL; |
|
824 |
|
825 public static final long CKR_MECHANISM_INVALID = 0x00000070L; |
|
826 public static final long CKR_MECHANISM_PARAM_INVALID = 0x00000071L; |
|
827 |
|
828 /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID |
|
829 * were removed for v2.0 */ |
|
830 public static final long CKR_OBJECT_HANDLE_INVALID = 0x00000082L; |
|
831 public static final long CKR_OPERATION_ACTIVE = 0x00000090L; |
|
832 public static final long CKR_OPERATION_NOT_INITIALIZED = 0x00000091L; |
|
833 public static final long CKR_PIN_INCORRECT = 0x000000A0L; |
|
834 public static final long CKR_PIN_INVALID = 0x000000A1L; |
|
835 public static final long CKR_PIN_LEN_RANGE = 0x000000A2L; |
|
836 |
|
837 /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ |
|
838 public static final long CKR_PIN_EXPIRED = 0x000000A3L; |
|
839 public static final long CKR_PIN_LOCKED = 0x000000A4L; |
|
840 |
|
841 public static final long CKR_SESSION_CLOSED = 0x000000B0L; |
|
842 public static final long CKR_SESSION_COUNT = 0x000000B1L; |
|
843 public static final long CKR_SESSION_HANDLE_INVALID = 0x000000B3L; |
|
844 public static final long CKR_SESSION_PARALLEL_NOT_SUPPORTED = 0x000000B4L; |
|
845 public static final long CKR_SESSION_READ_ONLY = 0x000000B5L; |
|
846 public static final long CKR_SESSION_EXISTS = 0x000000B6L; |
|
847 |
|
848 /* CKR_SESSION_READ_ONLY_EXISTS and |
|
849 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ |
|
850 public static final long CKR_SESSION_READ_ONLY_EXISTS = 0x000000B7L; |
|
851 public static final long CKR_SESSION_READ_WRITE_SO_EXISTS = 0x000000B8L; |
|
852 |
|
853 public static final long CKR_SIGNATURE_INVALID = 0x000000C0L; |
|
854 public static final long CKR_SIGNATURE_LEN_RANGE = 0x000000C1L; |
|
855 public static final long CKR_TEMPLATE_INCOMPLETE = 0x000000D0L; |
|
856 public static final long CKR_TEMPLATE_INCONSISTENT = 0x000000D1L; |
|
857 public static final long CKR_TOKEN_NOT_PRESENT = 0x000000E0L; |
|
858 public static final long CKR_TOKEN_NOT_RECOGNIZED = 0x000000E1L; |
|
859 public static final long CKR_TOKEN_WRITE_PROTECTED = 0x000000E2L; |
|
860 public static final long CKR_UNWRAPPING_KEY_HANDLE_INVALID = 0x000000F0L; |
|
861 public static final long CKR_UNWRAPPING_KEY_SIZE_RANGE = 0x000000F1L; |
|
862 public static final long CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT = 0x000000F2L; |
|
863 public static final long CKR_USER_ALREADY_LOGGED_IN = 0x00000100L; |
|
864 public static final long CKR_USER_NOT_LOGGED_IN = 0x00000101L; |
|
865 public static final long CKR_USER_PIN_NOT_INITIALIZED = 0x00000102L; |
|
866 public static final long CKR_USER_TYPE_INVALID = 0x00000103L; |
|
867 |
|
868 /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES |
|
869 * are new to v2.01 */ |
|
870 public static final long CKR_USER_ANOTHER_ALREADY_LOGGED_IN = 0x00000104L; |
|
871 public static final long CKR_USER_TOO_MANY_TYPES = 0x00000105L; |
|
872 |
|
873 public static final long CKR_WRAPPED_KEY_INVALID = 0x00000110L; |
|
874 public static final long CKR_WRAPPED_KEY_LEN_RANGE = 0x00000112L; |
|
875 public static final long CKR_WRAPPING_KEY_HANDLE_INVALID = 0x00000113L; |
|
876 public static final long CKR_WRAPPING_KEY_SIZE_RANGE = 0x00000114L; |
|
877 public static final long CKR_WRAPPING_KEY_TYPE_INCONSISTENT = 0x00000115L; |
|
878 public static final long CKR_RANDOM_SEED_NOT_SUPPORTED = 0x00000120L; |
|
879 |
|
880 /* These are new to v2.0 */ |
|
881 public static final long CKR_RANDOM_NO_RNG = 0x00000121L; |
|
882 |
|
883 /* These are new to v2.11 */ |
|
884 public static final long CKR_DOMAIN_PARAMS_INVALID = 0x00000130L; |
|
885 |
|
886 /* These are new to v2.0 */ |
|
887 public static final long CKR_BUFFER_TOO_SMALL = 0x00000150L; |
|
888 public static final long CKR_SAVED_STATE_INVALID = 0x00000160L; |
|
889 public static final long CKR_INFORMATION_SENSITIVE = 0x00000170L; |
|
890 public static final long CKR_STATE_UNSAVEABLE = 0x00000180L; |
|
891 |
|
892 /* These are new to v2.01 */ |
|
893 public static final long CKR_CRYPTOKI_NOT_INITIALIZED = 0x00000190L; |
|
894 public static final long CKR_CRYPTOKI_ALREADY_INITIALIZED = 0x00000191L; |
|
895 public static final long CKR_MUTEX_BAD = 0x000001A0L; |
|
896 public static final long CKR_MUTEX_NOT_LOCKED = 0x000001A1L; |
|
897 |
|
898 public static final long CKR_VENDOR_DEFINED = 0x80000000L; |
|
899 |
|
900 |
|
901 /* flags: bit flags that provide capabilities of the slot |
|
902 * Bit Flag = Mask |
|
903 */ |
|
904 public static final long CKF_LIBRARY_CANT_CREATE_OS_THREADS = 0x00000001L; |
|
905 public static final long CKF_OS_LOCKING_OK = 0x00000002L; |
|
906 |
|
907 |
|
908 /* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ |
|
909 public static final long CKF_DONT_BLOCK = 1L; |
|
910 |
|
911 |
|
912 /* The following MGFs are defined */ |
|
913 public static final long CKG_MGF1_SHA1 = 0x00000001L; |
|
914 // new for v2.20 amendment 3 |
|
915 public static final long CKG_MGF1_SHA224 = 0x00000005L; |
|
916 |
|
917 /* The following encoding parameter sources are defined */ |
|
918 public static final long CKZ_DATA_SPECIFIED = 0x00000001L; |
|
919 |
|
920 |
|
921 /* The following PRFs are defined in PKCS #5 v2.0. */ |
|
922 public static final long CKP_PKCS5_PBKD2_HMAC_SHA1 = 0x00000001L; |
|
923 |
|
924 |
|
925 /* The following salt value sources are defined in PKCS #5 v2.0. */ |
|
926 public static final long CKZ_SALT_SPECIFIED = 0x00000001L; |
|
927 |
|
928 /* the following EC Key Derivation Functions are defined */ |
|
929 public static final long CKD_NULL = 0x00000001L; |
|
930 public static final long CKD_SHA1_KDF = 0x00000002L; |
|
931 |
|
932 /* the following X9.42 Diffie-Hellman Key Derivation Functions are defined */ |
|
933 public static final long CKD_SHA1_KDF_ASN1 = 0x00000003L; |
|
934 public static final long CKD_SHA1_KDF_CONCATENATE = 0x00000004L; |
|
935 |
|
936 |
|
937 // private NSS attribute (for DSA and DH private keys) |
|
938 public static final long CKA_NETSCAPE_DB = 0xD5A0DB00L; |
|
939 |
|
940 // base number of NSS private attributes |
|
941 public static final long CKA_NETSCAPE_BASE = 0x80000000L + 0x4E534350L; |
|
942 |
|
943 // object type for NSS trust |
|
944 public static final long CKO_NETSCAPE_TRUST = CKA_NETSCAPE_BASE + 3; |
|
945 |
|
946 // base number for NSS trust attributes |
|
947 public static final long CKA_NETSCAPE_TRUST_BASE = CKA_NETSCAPE_BASE + 0x2000; |
|
948 |
|
949 // attributes for NSS trust |
|
950 public static final long CKA_NETSCAPE_TRUST_SERVER_AUTH = CKA_NETSCAPE_TRUST_BASE + 8; |
|
951 public static final long CKA_NETSCAPE_TRUST_CLIENT_AUTH = CKA_NETSCAPE_TRUST_BASE + 9; |
|
952 public static final long CKA_NETSCAPE_TRUST_CODE_SIGNING = CKA_NETSCAPE_TRUST_BASE + 10; |
|
953 public static final long CKA_NETSCAPE_TRUST_EMAIL_PROTECTION = CKA_NETSCAPE_TRUST_BASE + 11; |
|
954 public static final long CKA_NETSCAPE_CERT_SHA1_HASH = CKA_NETSCAPE_TRUST_BASE + 100; |
|
955 public static final long CKA_NETSCAPE_CERT_MD5_HASH = CKA_NETSCAPE_TRUST_BASE + 101; |
|
956 |
|
957 // trust values for each of the NSS trust attributes |
|
958 public static final long CKT_NETSCAPE_TRUSTED = CKA_NETSCAPE_BASE + 1; |
|
959 public static final long CKT_NETSCAPE_TRUSTED_DELEGATOR = CKA_NETSCAPE_BASE + 2; |
|
960 public static final long CKT_NETSCAPE_UNTRUSTED = CKA_NETSCAPE_BASE + 3; |
|
961 public static final long CKT_NETSCAPE_MUST_VERIFY = CKA_NETSCAPE_BASE + 4; |
|
962 public static final long CKT_NETSCAPE_TRUST_UNKNOWN = CKA_NETSCAPE_BASE + 5; /* default */ |
|
963 public static final long CKT_NETSCAPE_VALID = CKA_NETSCAPE_BASE + 10; |
|
964 public static final long CKT_NETSCAPE_VALID_DELEGATOR = CKA_NETSCAPE_BASE + 11; |
|
965 |
|
966 } |
|