PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
typedef struct CK_WTLS_RANDOM_DATA { CK_BYTE_PTR pClientRandom; CK_ULONG ulClientRandomLen; CK_BYTE_PTR pServerRandom; CK_ULONG ulServerRandomLen; } CK_WTLS_RANDOM_DATA;
| pClientRandom | pointer to the client's random data |
| ulClientRandomLen | length in bytes of the client's random data |
| pServerRandom | pointer to the server's random data |
| ulServerRandomLen | length in bytes of the server's random data |
CK_WTLS_RANDOM_DATA_PTR is a pointer to a CK_WTLS_RANDOM_DATA.
typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { CK_MECHANISM_TYPE DigestMechanism; CK_WTLS_RANDOM_DATA RandomInfo; CK_BYTE_PTR pVersion; } CK_WTLS_MASTER_KEY_DERIVE_PARAMS;
| DigestMechanism | the mechanism type of the digest mechanism to be used (possible types can be found in [WTLS]) |
| RandomInfo | Client's and server's random data information |
| pVersion | pointer to a CK_BYTE which receives the WTLS protocol version information |
CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR is a pointer to a CK_WTLS_MASTER_KEY_DERIVE_PARAMS.
typedef struct CK_WTLS_PRF_PARAMS { CK_MECHANISM_TYPE DigestMechanism; CK_BYTE_PTR pSeed; CK_ULONG ulSeedLen; CK_BYTE_PTR pLabel; CK_ULONG ulLabelLen; CK_BYTE_PTR pOutput; CK_ULONG_PTR pulOutputLen; } CK_WTLS_PRF_PARAMS;
| DigestMechanism | the mechanism type of the digest mechanism to be used (possible types can be found in [WTLS]) |
| pSeed | pointer to the input seed |
| ulSeedLen | length in bytes of the input seed |
| pLabel | pointer to the identifying label |
| ulLabelLen | length in bytes of the identifying label |
| pOutput | pointer receiving the output of the operation |
| pulOutputLen | pointer to the length in bytes that the output to be created shall have, has to hold the desired length as input and will receive the calculated length as output |
CK_WTLS_PRF_PARAMS_PTR is a pointer to a CK_WTLS_PRF_PARAMS.
typedef struct CK_WTLS_KEY_MAT_OUT { CK_OBJECT_HANDLE hMacSecret; CK_OBJECT_HANDLE hKey; CK_BYTE_PTR pIV; } CK_WTLS_KEY_MAT_OUT;
| hMacSecret | Key handle for the resulting MAC secret key |
| hKey | Key handle for the resulting secret key |
| pIV | Pointer to a location which receives the initialization vector (IV) created (if any) |
CK_WTLS_KEY_MAT_OUT_PTR is a pointer to a CK_WTLS_KEY_MAT_OUT.
typedef struct CK_WTLS_KEY_MAT_PARAMS { CK_MECHANISM_TYPE DigestMechanism; CK_ULONG ulMacSizeInBits; CK_ULONG ulKeySizeInBits; CK_ULONG ulIVSizeInBits; CK_ULONG ulSequenceNumber; CK_BBOOL bIsExport; CK_WTLS_RANDOM_DATA RandomInfo; CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; } CK_WTLS_KEY_MAT_PARAMS;
| DigestMechanism | the mechanism type of the digest mechanism to be used (possible types can be found in [WTLS]) |
| ulMacSizeInBits | the length (in bits) of the MACing key agreed upon during the protocol handshake phase |
| ulKeySizeInBits | the length (in bits) of the secret key agreed upon during the handshake phase |
| ulIVSizeInBits | the length (in bits) of the IV agreed upon during the handshake phase. If no IV is required, the length should be set to 0. |
| ulSequenceNumber | The current sequence number used for records sent by the client and server respectively |
| bIsExport | a boolean value which indicates whether the keys have to be derived for an export version of the protocol. If this value is true (i.e. the keys are exportable) then ulKeySizeInBits is the length of the key in bits before expansion. The length of the key after expansion is determined by the information found in the template sent along with this mechanism during a C_DeriveKey function call (either the CKA_KEY_TYPE or the CKA_VALUE_LEN attribute). |
| RandomInfo | client's and server's random data information |
| pReturnedKeyMaterial | points to a CK_WTLS_KEY_MAT_OUT structure which receives the handles for the keys generated and the IV |
CK_WTLS_KEY_MAT_PARAMS_PTR is a pointer to a CK_WTLS_KEY_MAT_PARAMS.