![]() | Cryptographic Token Interface Standard |
PKCS#11 |
Symbol | Definition |
N/A | Not applicable |
R/O | Read-only |
R/W | Read/write |
The following prefixes are used in this standard:
Prefix | Description |
C_ | Function |
CK_ | Data type |
CKA_ | Attribute |
CKC_ | Certificate type |
CKF_ | Bit flag |
CKK_ | Key type |
CKM_ | Mechanism type |
CKN_ | Notification |
CKO_ | Object class |
CKS_ | Session state |
CKR_ | Return value |
CKU_ | User type |
p | a pointer |
pb | a pointer to a CK_BYTE |
ph | a pointer to a handle |
pus | a pointer to a CK_USHORT |
ul | a CK_ULONG |
us | a CK_USHORT |
In Cryptoki, a flag is a boolean flag that can be TRUE or FALSE. A zero value means the flag is FALSE, and a non-zero value means the flag is TRUE. Cryptoki defines these labels if they are not already defined.
#ifndef FALSE #define FALSE 0 #endif #ifndef TRUE #define TRUE (!FALSE) #endif
Cryptoki is based on ANSI C types and defines the following data types:
/* an unsigned 8-bit value */ typedef unsigned char CK_BYTE; /* an unsigned 8-bit character */ typedef CK_BYTE CK_CHAR; /* a BYTE-sized Boolean flag */ typedef CK_BYTE CK_BBOOL; /* an unsigned value, at least 16 bits long */ typedef unsigned short int CK_USHORT; /* an unsigned value, at least 32 bits long */ typedef unsigned long int CK_ULONG; /* at least 32 bits, each bit is a Boolean flag */ typedef CK_ULONG CK_FLAGS;
Cryptoki also uses pointers to these data types which are implementation dependent. These pointers are:
CK_BYTE_PTR /* Pointer to a CK_BYTE */ CK_CHAR_PTR /* Pointer to a CK_CHAR */ CK_USHORT_PTR /* Pointer to a CK_USHORT */ CK_VOID_PTR /* Pointer to a void */ NULL_PTR /* a NULL pointer */
It follows that many of the data and pointer types will vary somewhat from one environment to another (e.g., a CK_ULONG will sometimes be 32 bits, and sometimes perhaps 64 bits). However, these details should not affect the application, assuming it is compiled with a Cryptoki header file consistent with the Cryptoki library to which the application is linked.
All numbers and values expressed in this document are decimal, unless they are preceded by "0x", in which case they are hexadecimal values.
The CK_CHAR data type holds characters from the following table, taken from ANSI C:
Category | Characters |
Letters | A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a b c d e f g h i j k l m n o p q r s t u v w x y z |
Numbers | 0 1 2 3 4 5 6 7 8 9 |
Graphic characters | ! " # % & ' () * + , - . / : ; < = > ? [ \ ] ^ _ { | } ~ |
Blank character | ' ' |