HID® Crescendo® PKCS11
|
#include <pkcs11/v2.40/cryptoki.h>
Functions | |
CK_RV | C_Finalize (CK_VOID_PTR pReserved) |
C_Finalize is called to indicate that an application is finished with the Cryptoki library. | |
CK_RV | C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR ppFunctionList) |
C_GetFunctionList obtains a pointer to the Cryptoki library’s list of function pointers. | |
CK_RV | C_GetInfo (CK_INFO_PTR pInfo) |
C_GetInfo returns general information about Cryptoki. | |
CK_RV | C_Initialize (CK_VOID_PTR pInitArgs) |
C_Initialize initializes the Cryptoki library. | |
CK_RV C_Finalize | ( | CK_VOID_PTR | pReserved | ) |
C_Finalize is called to indicate that an application is finished with the Cryptoki library.
It should be the last Cryptoki call made by an application.
pReserved
is reserved for future versions; for this version, it should be set to NULL_PTR
. If C_Finalize is called with a non-NULL_PTR
value for pReserved
, it should return the value CKR_ARGUMENTS_BAD.
If several applications are using Cryptoki, each one should call C_Finalize. Each application’s call to C_Finalize should be preceded by a single call to C_Initialize; in between the two calls, an application can make calls to other Cryptoki functions. See PKCS11 User Guide for further details.
Despite the fact that the parameters supplied to C_Initialize can in general allow for safe multi-threaded access to a Cryptoki library, the behavior of C_Finalize is nevertheless undefined if it is called by an application while other threads of the application are making Cryptoki calls. The exception to this exceptional behavior of C_Finalize occurs when a thread calls C_Finalize while another of the application’s threads is blocking on Cryptoki’s C_WaitForSlotEvent function. When this happens, the blocked thread becomes unblocked and returns the value CKR_CRYPTOKI_NOT_INITIALIZED. See C_WaitForSlotEvent for more information.
Return values: CKR_ARGUMENTS_BAD, CKR_CRYPTOKI_NOT_INITIALIZED, CKR_FUNCTION_FAILED, CKR_GENERAL_ERROR, CKR_HOST_MEMORY, CKR_OK.
CK_RV C_GetFunctionList | ( | CK_FUNCTION_LIST_PTR_PTR | ppFunctionList | ) |
C_GetFunctionList obtains a pointer to the Cryptoki library’s list of function pointers.
ppFunctionList
points to a value which will receive a pointer to the library’s CK_FUNCTION_LIST structure, which in turn contains function pointers for all the Cryptoki API routines in the library. The pointer thus obtained may point into memory which is owned by the Cryptoki library, and which may or may not be writable. Whether or not this is the case, no attempt should be made to write to this memory.
C_GetFunctionList is the only Cryptoki function which an application may call before calling C_Initialize. It is provided to make it easier and faster for applications to use shared Cryptoki libraries and to use more than one Cryptoki library simultaneously.
Return values: CKR_ARGUMENTS_BAD, CKR_FUNCTION_FAILED, CKR_GENERAL_ERROR, CKR_HOST_MEMORY, CKR_OK.
CK_RV C_GetInfo | ( | CK_INFO_PTR | pInfo | ) |
C_GetInfo returns general information about Cryptoki.
pInfo
points to the location that receives the information.
Return values: CKR_ARGUMENTS_BAD, CKR_CRYPTOKI_NOT_INITIALIZED, CKR_FUNCTION_FAILED, CKR_GENERAL_ERROR, CKR_HOST_MEMORY, CKR_OK.
CK_RV C_Initialize | ( | CK_VOID_PTR | pInitArgs | ) |
C_Initialize initializes the Cryptoki library.
pInitArgs
either has the value NULL_PTR
or points to a CK_C_INITIALIZE_ARGS structure containing information on how the library should deal with multi-threaded access. If an application will not be accessing Cryptoki through multiple threads simultaneously, it can generally supply the value NULL_PTR
to C_Initialize (the consequences of supplying this value will be explained below).
If pInitArgs
is non-NULL_PTR
, C_Initialize should cast it to a CK_C_INITIALIZE_ARGS_PTR and then dereference the resulting pointer to obtain the CK_C_INITIALIZE_ARGS fields CreateMutex, DestroyMutex, LockMutex, UnlockMutex, flags, and pReserved. For this version of Cryptoki, the value of pReserved thereby obtained MUST be NULL_PTR
; if it’s not, then C_Initialize should return with the value CKR_ARGUMENTS_BAD.
If the CKF_LIBRARY_CANT_CREATE_OS_THREADS flag in the flags field is set, that indicates that application threads which are executing calls to the Cryptoki library are not permitted to use the native operation system calls to spawn off new threads. In other words, the library’s code may not create its own threads. If the library is unable to function properly under this restriction, C_Initialize should return with the value CKR_NEED_TO_CREATE_THREADS.
A call to C_Initialize specifies one of four different ways to support multi-threaded access via the value of the CKF_OS_LOCKING_OK flag in the flags field and the values of the CreateMutex, DestroyMutex, LockMutex, and UnlockMutex function pointer fields:
NULL_PTR
), that means that the application won’t be accessing the Cryptoki library from multiple threads simultaneously.NULL_PTR
), that means that the application will be performing multi-threaded Cryptoki access, and the library needs to use the native operating system primitives to ensure safe multi-threaded access. If the library is unable to do this, C_Initialize should return with the value CKR_CANT_LOCK.NULL_PTR
values), that means that the application will be performing multi-threaded Cryptoki access, and the library needs to use the supplied function pointers for mutex-handling to ensure safe multi-threaded access. If the library is unable to do this, C_Initialize should return with the value CKR_CANT_LOCK.NULL_PTR
values), that means that the application will be performing multi-threaded Cryptoki access, and the library needs to use either the native operating system primitives or the supplied function pointers for mutex-handling to ensure safe multi-threaded access. If the library is unable to do this, C_Initialize should return with the value CKR_CANT_LOCK.If some, but not all, of the supplied function pointers to C_Initialize are non-NULL_PTR
, then C_Initialize should return with the value CKR_ARGUMENTS_BAD.
A call to C_Initialize with pInitArgs
set to NULL_PTR
is treated like a call to C_Initialize with pInitArgs
pointing to a CK_C_INITIALIZE_ARGS which has the CreateMutex, DestroyMutex, LockMutex, UnlockMutex, and pReserved. fields set * to NULL_PTR
, and has the flags field set to 0
.
C_Initialize should be the first Cryptoki call made by an application, except for calls to C_GetFunctionList. What this function actually does is implementation-dependent; typically, it might cause Cryptoki to initialize its internal memory buffers, or any other resources it requires.
If several applications are using Cryptoki, each one should call C_Initialize. Every call to C_Initialize should (eventually) be succeeded by a single call to C_Finalize. See PKCS11 User Guide for further details.
Return values: CKR_ARGUMENTS_BAD, CKR_CANT_LOCK, CKR_CRYPTOKI_ALREADY_INITIALIZED, CKR_FUNCTION_FAILED, CKR_GENERAL_ERROR, CKR_HOST_MEMORY, CKR_NEED_TO_CREATE_THREADS, CKR_OK.