|
Pkcs11Interop
5.1.2
|
Bit flags More...
Public Attributes | |
| const uint | CKF_TOKEN_PRESENT = 0x00000001 |
| True if a token is present in the slot More... | |
| const uint | CKF_REMOVABLE_DEVICE = 0x00000002 |
| True if the reader supports removable devices More... | |
| const uint | CKF_HW_SLOT = 0x00000004 |
| True if the slot is a hardware slot, as opposed to a software slot implementing a "soft token" More... | |
| const uint | CKF_RNG = 0x00000001 |
| True if the token has its own random number generator More... | |
| const uint | CKF_WRITE_PROTECTED = 0x00000002 |
| True if the token is write-protected More... | |
| const uint | CKF_LOGIN_REQUIRED = 0x00000004 |
| True if there are some cryptographic functions that a user must be logged in to perform More... | |
| const uint | CKF_USER_PIN_INITIALIZED = 0x00000008 |
| True if the normal user's PIN has been initialized More... | |
| const uint | CKF_RESTORE_KEY_NOT_NEEDED = 0x00000020 |
| True if a successful save of a session's cryptographic operations state always contains all keys needed to restore the state of the session More... | |
| const uint | CKF_CLOCK_ON_TOKEN = 0x00000040 |
| True if token has its own hardware clock More... | |
| const uint | CKF_PROTECTED_AUTHENTICATION_PATH = 0x00000100 |
| True if token has a "protected authentication path", whereby a user can log into the token without passing a PIN through the Cryptoki library More... | |
| const uint | CKF_DUAL_CRYPTO_OPERATIONS = 0x00000200 |
| True if a single session with the token can perform dual cryptographic operations More... | |
| const uint | CKF_TOKEN_INITIALIZED = 0x00000400 |
| True if the token has been initialized using C_InitializeToken or an equivalent mechanism outside the scope of this standard. Calling C_InitializeToken when this flag is set will cause the token to be reinitialized. More... | |
| const uint | CKF_SECONDARY_AUTHENTICATION = 0x00000800 |
| True if the token supports secondary authentication for private key objects. More... | |
| const uint | CKF_USER_PIN_COUNT_LOW = 0x00010000 |
| True if an incorrect user login PIN has been entered at least once since the last successful authentication. More... | |
| const uint | CKF_USER_PIN_FINAL_TRY = 0x00020000 |
| True if supplying an incorrect user PIN will it to become locked. More... | |
| const uint | CKF_USER_PIN_LOCKED = 0x00040000 |
| True if the user PIN has been locked. User login to the token is not possible. More... | |
| const uint | CKF_USER_PIN_TO_BE_CHANGED = 0x00080000 |
| True if the user PIN value is the default value set by token initialization or manufacturing, or the PIN has been expired by the card. More... | |
| const uint | CKF_SO_PIN_COUNT_LOW = 0x00100000 |
| True if an incorrect SO login PIN has been entered at least once since the last successful authentication. More... | |
| const uint | CKF_SO_PIN_FINAL_TRY = 0x00200000 |
| True if supplying an incorrect SO PIN will it to become locked. More... | |
| const uint | CKF_SO_PIN_LOCKED = 0x00400000 |
| True if the SO PIN has been locked. User login to the token is not possible. More... | |
| const uint | CKF_SO_PIN_TO_BE_CHANGED = 0x00800000 |
| True if the SO PIN value is the default value set by token initialization or manufacturing, or the PIN has been expired by the card. More... | |
| const uint | CKF_ERROR_STATE = 0x01000000 |
| True if the token failed a FIPS 140-2 self-test and entered an error state. More... | |
| const uint | CKF_RW_SESSION = 0x00000002 |
| True if the session is read/write; false if the session is read-only More... | |
| const uint | CKF_SERIAL_SESSION = 0x00000004 |
| This flag is provided for backward compatibility, and should always be set to true More... | |
| const uint | CKF_ARRAY_ATTRIBUTE = 0x40000000 |
| Identifies attribute whose value is an array of attributes More... | |
| const uint | CKF_HW = 0x00000001 |
| True if the mechanism is performed by the device; false if the mechanism is performed in software More... | |
| const uint | CKF_ENCRYPT = 0x00000100 |
| True if the mechanism can be used with C_EncryptInit More... | |
| const uint | CKF_DECRYPT = 0x00000200 |
| True if the mechanism can be used with C_DecryptInit More... | |
| const uint | CKF_DIGEST = 0x00000400 |
| True if the mechanism can be used with C_DigestInit More... | |
| const uint | CKF_SIGN = 0x00000800 |
| True if the mechanism can be used with C_SignInit More... | |
| const uint | CKF_SIGN_RECOVER = 0x00001000 |
| True if the mechanism can be used with C_SignRecoverInit More... | |
| const uint | CKF_VERIFY = 0x00002000 |
| True if the mechanism can be used with C_VerifyInit More... | |
| const uint | CKF_VERIFY_RECOVER = 0x00004000 |
| True if the mechanism can be used with C_VerifyRecoverInit More... | |
| const uint | CKF_GENERATE = 0x00008000 |
| True if the mechanism can be used with C_GenerateKey More... | |
| const uint | CKF_GENERATE_KEY_PAIR = 0x00010000 |
| True if the mechanism can be used with C_GenerateKeyPair More... | |
| const uint | CKF_WRAP = 0x00020000 |
| True if the mechanism can be used with C_WrapKey More... | |
| const uint | CKF_UNWRAP = 0x00040000 |
| True if the mechanism can be used with C_UnwrapKey More... | |
| const uint | CKF_DERIVE = 0x00080000 |
| True if the mechanism can be used with C_DeriveKey More... | |
| const uint | CKF_EC_F_P = 0x00100000 |
| True if the mechanism can be used with EC domain parameters over Fp More... | |
| const uint | CKF_EC_F_2M = 0x00200000 |
| True if the mechanism can be used with EC domain parameters over F2m More... | |
| const uint | CKF_EC_ECPARAMETERS = 0x00400000 |
| True if the mechanism can be used with EC domain parameters of the choice ecParameters More... | |
| const uint | CKF_EC_NAMEDCURVE = 0x00800000 |
| True if the mechanism can be used with EC domain parameters of the choice namedCurve More... | |
| const uint | CKF_EC_UNCOMPRESS = 0x01000000 |
| True if the mechanism can be used with elliptic curve point uncompressed More... | |
| const uint | CKF_EC_COMPRESS = 0x02000000 |
| True if the mechanism can be used with elliptic curve point compressed More... | |
| const uint | CKF_EXTENSION = 0x80000000 |
| True if there is an extension to the flags; false if no extensions More... | |
| const uint | CKF_LIBRARY_CANT_CREATE_OS_THREADS = 0x00000001 |
| True if application threads which are executing calls to the library may not use native operating system calls to spawn new threads; false if they may More... | |
| const uint | CKF_OS_LOCKING_OK = 0x00000002 |
| True if the library can use the native operation system threading model for locking; false otherwise More... | |
| const uint | CKF_DONT_BLOCK = 1 |
| Flag indicating that C_WaitForSlotEvent should not block until an event occurs - it should return immediately instead More... | |
| const uint | CKF_NEXT_OTP = 0x00000001 |
| True if the OTP computation shall be for the next OTP, rather than the current one More... | |
| const uint | CKF_EXCLUDE_TIME = 0x00000002 |
| True if the OTP computation must not include a time value More... | |
| const uint | CKF_EXCLUDE_COUNTER = 0x00000004 |
| True if the OTP computation must not include a counter value More... | |
| const uint | CKF_EXCLUDE_CHALLENGE = 0x00000008 |
| True if the OTP computation must not include a challenge More... | |
| const uint | CKF_EXCLUDE_PIN = 0x00000010 |
| True if the OTP computation must not include a PIN value More... | |
| const uint | CKF_USER_FRIENDLY_OTP = 0x00000020 |
| True if the OTP returned shall be in a form suitable for human consumption More... | |
Bit flags
| const uint Net.Pkcs11Interop.Common.CKF.CKF_ARRAY_ATTRIBUTE = 0x40000000 |
Identifies attribute whose value is an array of attributes
| const uint Net.Pkcs11Interop.Common.CKF.CKF_CLOCK_ON_TOKEN = 0x00000040 |
True if token has its own hardware clock
| const uint Net.Pkcs11Interop.Common.CKF.CKF_DECRYPT = 0x00000200 |
True if the mechanism can be used with C_DecryptInit
| const uint Net.Pkcs11Interop.Common.CKF.CKF_DERIVE = 0x00080000 |
True if the mechanism can be used with C_DeriveKey
| const uint Net.Pkcs11Interop.Common.CKF.CKF_DIGEST = 0x00000400 |
True if the mechanism can be used with C_DigestInit
| const uint Net.Pkcs11Interop.Common.CKF.CKF_DONT_BLOCK = 1 |
Flag indicating that C_WaitForSlotEvent should not block until an event occurs - it should return immediately instead
| const uint Net.Pkcs11Interop.Common.CKF.CKF_DUAL_CRYPTO_OPERATIONS = 0x00000200 |
True if a single session with the token can perform dual cryptographic operations
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EC_COMPRESS = 0x02000000 |
True if the mechanism can be used with elliptic curve point compressed
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EC_ECPARAMETERS = 0x00400000 |
True if the mechanism can be used with EC domain parameters of the choice ecParameters
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EC_F_2M = 0x00200000 |
True if the mechanism can be used with EC domain parameters over F2m
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EC_F_P = 0x00100000 |
True if the mechanism can be used with EC domain parameters over Fp
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EC_NAMEDCURVE = 0x00800000 |
True if the mechanism can be used with EC domain parameters of the choice namedCurve
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EC_UNCOMPRESS = 0x01000000 |
True if the mechanism can be used with elliptic curve point uncompressed
| const uint Net.Pkcs11Interop.Common.CKF.CKF_ENCRYPT = 0x00000100 |
True if the mechanism can be used with C_EncryptInit
| const uint Net.Pkcs11Interop.Common.CKF.CKF_ERROR_STATE = 0x01000000 |
True if the token failed a FIPS 140-2 self-test and entered an error state.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EXCLUDE_CHALLENGE = 0x00000008 |
True if the OTP computation must not include a challenge
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EXCLUDE_COUNTER = 0x00000004 |
True if the OTP computation must not include a counter value
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EXCLUDE_PIN = 0x00000010 |
True if the OTP computation must not include a PIN value
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EXCLUDE_TIME = 0x00000002 |
True if the OTP computation must not include a time value
| const uint Net.Pkcs11Interop.Common.CKF.CKF_EXTENSION = 0x80000000 |
True if there is an extension to the flags; false if no extensions
| const uint Net.Pkcs11Interop.Common.CKF.CKF_GENERATE = 0x00008000 |
True if the mechanism can be used with C_GenerateKey
| const uint Net.Pkcs11Interop.Common.CKF.CKF_GENERATE_KEY_PAIR = 0x00010000 |
True if the mechanism can be used with C_GenerateKeyPair
| const uint Net.Pkcs11Interop.Common.CKF.CKF_HW = 0x00000001 |
True if the mechanism is performed by the device; false if the mechanism is performed in software
| const uint Net.Pkcs11Interop.Common.CKF.CKF_HW_SLOT = 0x00000004 |
True if the slot is a hardware slot, as opposed to a software slot implementing a "soft token"
| const uint Net.Pkcs11Interop.Common.CKF.CKF_LIBRARY_CANT_CREATE_OS_THREADS = 0x00000001 |
True if application threads which are executing calls to the library may not use native operating system calls to spawn new threads; false if they may
| const uint Net.Pkcs11Interop.Common.CKF.CKF_LOGIN_REQUIRED = 0x00000004 |
True if there are some cryptographic functions that a user must be logged in to perform
| const uint Net.Pkcs11Interop.Common.CKF.CKF_NEXT_OTP = 0x00000001 |
True if the OTP computation shall be for the next OTP, rather than the current one
| const uint Net.Pkcs11Interop.Common.CKF.CKF_OS_LOCKING_OK = 0x00000002 |
True if the library can use the native operation system threading model for locking; false otherwise
| const uint Net.Pkcs11Interop.Common.CKF.CKF_PROTECTED_AUTHENTICATION_PATH = 0x00000100 |
True if token has a "protected authentication path", whereby a user can log into the token without passing a PIN through the Cryptoki library
| const uint Net.Pkcs11Interop.Common.CKF.CKF_REMOVABLE_DEVICE = 0x00000002 |
True if the reader supports removable devices
| const uint Net.Pkcs11Interop.Common.CKF.CKF_RESTORE_KEY_NOT_NEEDED = 0x00000020 |
True if a successful save of a session's cryptographic operations state always contains all keys needed to restore the state of the session
| const uint Net.Pkcs11Interop.Common.CKF.CKF_RNG = 0x00000001 |
True if the token has its own random number generator
| const uint Net.Pkcs11Interop.Common.CKF.CKF_RW_SESSION = 0x00000002 |
True if the session is read/write; false if the session is read-only
| const uint Net.Pkcs11Interop.Common.CKF.CKF_SECONDARY_AUTHENTICATION = 0x00000800 |
True if the token supports secondary authentication for private key objects.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_SERIAL_SESSION = 0x00000004 |
This flag is provided for backward compatibility, and should always be set to true
| const uint Net.Pkcs11Interop.Common.CKF.CKF_SIGN = 0x00000800 |
True if the mechanism can be used with C_SignInit
| const uint Net.Pkcs11Interop.Common.CKF.CKF_SIGN_RECOVER = 0x00001000 |
True if the mechanism can be used with C_SignRecoverInit
| const uint Net.Pkcs11Interop.Common.CKF.CKF_SO_PIN_COUNT_LOW = 0x00100000 |
True if an incorrect SO login PIN has been entered at least once since the last successful authentication.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_SO_PIN_FINAL_TRY = 0x00200000 |
True if supplying an incorrect SO PIN will it to become locked.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_SO_PIN_LOCKED = 0x00400000 |
True if the SO PIN has been locked. User login to the token is not possible.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_SO_PIN_TO_BE_CHANGED = 0x00800000 |
True if the SO PIN value is the default value set by token initialization or manufacturing, or the PIN has been expired by the card.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_TOKEN_INITIALIZED = 0x00000400 |
True if the token has been initialized using C_InitializeToken or an equivalent mechanism outside the scope of this standard. Calling C_InitializeToken when this flag is set will cause the token to be reinitialized.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_TOKEN_PRESENT = 0x00000001 |
True if a token is present in the slot
| const uint Net.Pkcs11Interop.Common.CKF.CKF_UNWRAP = 0x00040000 |
True if the mechanism can be used with C_UnwrapKey
| const uint Net.Pkcs11Interop.Common.CKF.CKF_USER_FRIENDLY_OTP = 0x00000020 |
True if the OTP returned shall be in a form suitable for human consumption
| const uint Net.Pkcs11Interop.Common.CKF.CKF_USER_PIN_COUNT_LOW = 0x00010000 |
True if an incorrect user login PIN has been entered at least once since the last successful authentication.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_USER_PIN_FINAL_TRY = 0x00020000 |
True if supplying an incorrect user PIN will it to become locked.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_USER_PIN_INITIALIZED = 0x00000008 |
True if the normal user's PIN has been initialized
| const uint Net.Pkcs11Interop.Common.CKF.CKF_USER_PIN_LOCKED = 0x00040000 |
True if the user PIN has been locked. User login to the token is not possible.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_USER_PIN_TO_BE_CHANGED = 0x00080000 |
True if the user PIN value is the default value set by token initialization or manufacturing, or the PIN has been expired by the card.
| const uint Net.Pkcs11Interop.Common.CKF.CKF_VERIFY = 0x00002000 |
True if the mechanism can be used with C_VerifyInit
| const uint Net.Pkcs11Interop.Common.CKF.CKF_VERIFY_RECOVER = 0x00004000 |
True if the mechanism can be used with C_VerifyRecoverInit
| const uint Net.Pkcs11Interop.Common.CKF.CKF_WRAP = 0x00020000 |
True if the mechanism can be used with C_WrapKey
| const uint Net.Pkcs11Interop.Common.CKF.CKF_WRITE_PROTECTED = 0x00000002 |
True if the token is write-protected
1.8.14