randombit / botan / 12805544433

/*

* PKCS #11

* (C) 2016 Daniel Neus, Sirrix AG

* (C) 2016 Philipp Weber, Sirrix AG

* (C) 2025 Fabian Albert, Rohde & Schwarz Cybersecurity

*

* Botan is released under the Simplified BSD License (see license.txt)

*/

#ifndef BOTAN_P11_H_

#define BOTAN_P11_H_

#include <botan/exceptn.h>

#include <botan/secmem.h>

#include <map>

#include <string>

#include <vector>

#define CK_PTR *

#if defined(_MSC_VER)

   #define CK_DECLARE_FUNCTION(returnType, name) returnType __declspec(dllimport) name

#else

   #define CK_DECLARE_FUNCTION(returnType, name) returnType name

#endif

#if defined(_MSC_VER)

   #define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType __declspec(dllimport)(*name)

#else

   #define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType(*name)

#endif

#define CK_CALLBACK_FUNCTION(returnType, name) returnType(*name)

#ifndef NULL_PTR

   #define NULL_PTR nullptr

#endif

#if defined(_MSC_VER)

   #pragma pack(push, cryptoki, 1)

#endif

#include "pkcs11.h"

#if defined(_MSC_VER)

   #pragma pack(pop, cryptoki)

#endif

static_assert(CRYPTOKI_VERSION_MAJOR == 3 && CRYPTOKI_VERSION_MINOR == 2,

              "The Botan PKCS#11 module was implemented against PKCS#11 v3.2. Please use the correct PKCS#11 headers.");

namespace Botan {

class Dynamically_Loaded_Library;

namespace PKCS11 {

using secure_string = secure_vector<uint8_t>;

enum class AttributeType : CK_ATTRIBUTE_TYPE {

   Class = CKA_CLASS,

   Token = CKA_TOKEN,

   Private = CKA_PRIVATE,

   Label = CKA_LABEL,

   UniqueId = CKA_UNIQUE_ID,

   Application = CKA_APPLICATION,

   Value = CKA_VALUE,

   ObjectId = CKA_OBJECT_ID,

   CertificateType = CKA_CERTIFICATE_TYPE,

   Issuer = CKA_ISSUER,

   SerialNumber = CKA_SERIAL_NUMBER,

   AcIssuer = CKA_AC_ISSUER,

   Owner = CKA_OWNER,

   AttrTypes = CKA_ATTR_TYPES,

   Trusted = CKA_TRUSTED,

   CertificateCategory = CKA_CERTIFICATE_CATEGORY,

   JavaMidpSecurityDomain = CKA_JAVA_MIDP_SECURITY_DOMAIN,

   Url = CKA_URL,

   HashOfSubjectPublicKey = CKA_HASH_OF_SUBJECT_PUBLIC_KEY,

   HashOfIssuerPublicKey = CKA_HASH_OF_ISSUER_PUBLIC_KEY,

   NameHashAlgorithm = CKA_NAME_HASH_ALGORITHM,

   CheckValue = CKA_CHECK_VALUE,

   KeyType = CKA_KEY_TYPE,

   Subject = CKA_SUBJECT,

   Id = CKA_ID,

   Sensitive = CKA_SENSITIVE,

   Encrypt = CKA_ENCRYPT,

   Decrypt = CKA_DECRYPT,

   Wrap = CKA_WRAP,

   Unwrap = CKA_UNWRAP,

   Sign = CKA_SIGN,

   SignRecover = CKA_SIGN_RECOVER,

   Verify = CKA_VERIFY,

   VerifyRecover = CKA_VERIFY_RECOVER,

   Derive = CKA_DERIVE,

   StartDate = CKA_START_DATE,

   EndDate = CKA_END_DATE,

   Modulus = CKA_MODULUS,

   ModulusBits = CKA_MODULUS_BITS,

   PublicExponent = CKA_PUBLIC_EXPONENT,

   PrivateExponent = CKA_PRIVATE_EXPONENT,

   Prime1 = CKA_PRIME_1,

   Prime2 = CKA_PRIME_2,

   Exponent1 = CKA_EXPONENT_1,

   Exponent2 = CKA_EXPONENT_2,

   Coefficient = CKA_COEFFICIENT,

   PublicKeyInfo = CKA_PUBLIC_KEY_INFO,

   Prime = CKA_PRIME,

   Subprime = CKA_SUBPRIME,

   Base = CKA_BASE,

   PrimeBits = CKA_PRIME_BITS,

   SubprimeBits = CKA_SUBPRIME_BITS,

   SubPrimeBits = CKA_SUB_PRIME_BITS,

   ValueBits = CKA_VALUE_BITS,

   ValueLen = CKA_VALUE_LEN,

   Extractable = CKA_EXTRACTABLE,

   Local = CKA_LOCAL,

   NeverExtractable = CKA_NEVER_EXTRACTABLE,

   AlwaysSensitive = CKA_ALWAYS_SENSITIVE,

   KeyGenMechanism = CKA_KEY_GEN_MECHANISM,

   Modifiable = CKA_MODIFIABLE,

   Copyable = CKA_COPYABLE,

   Destroyable = CKA_DESTROYABLE,

   EcdsaParams = CKA_ECDSA_PARAMS,

   EcParams = CKA_EC_PARAMS,

   EcPoint = CKA_EC_POINT,

   SecondaryAuth = CKA_SECONDARY_AUTH,

   AuthPinFlags = CKA_AUTH_PIN_FLAGS,

   AlwaysAuthenticate = CKA_ALWAYS_AUTHENTICATE,

   WrapWithTrusted = CKA_WRAP_WITH_TRUSTED,

   WrapTemplate = CKA_WRAP_TEMPLATE,

   UnwrapTemplate = CKA_UNWRAP_TEMPLATE,

   DeriveTemplate = CKA_DERIVE_TEMPLATE,

   OtpFormat = CKA_OTP_FORMAT,

   OtpLength = CKA_OTP_LENGTH,

   OtpTimeInterval = CKA_OTP_TIME_INTERVAL,

   OtpUserFriendlyMode = CKA_OTP_USER_FRIENDLY_MODE,

   OtpChallengeRequirement = CKA_OTP_CHALLENGE_REQUIREMENT,

   OtpTimeRequirement = CKA_OTP_TIME_REQUIREMENT,

   OtpCounterRequirement = CKA_OTP_COUNTER_REQUIREMENT,

   OtpPinRequirement = CKA_OTP_PIN_REQUIREMENT,

   OtpCounter = CKA_OTP_COUNTER,

   OtpTime = CKA_OTP_TIME,

   OtpUserIdentifier = CKA_OTP_USER_IDENTIFIER,

   OtpServiceIdentifier = CKA_OTP_SERVICE_IDENTIFIER,

   OtpServiceLogo = CKA_OTP_SERVICE_LOGO,

   OtpServiceLogoType = CKA_OTP_SERVICE_LOGO_TYPE,

   Gostr3410Params = CKA_GOSTR3410_PARAMS,

   Gostr3411Params = CKA_GOSTR3411_PARAMS,

   Gost28147Params = CKA_GOST28147_PARAMS,

   HwFeatureType = CKA_HW_FEATURE_TYPE,

   ResetOnInit = CKA_RESET_ON_INIT,

   HasReset = CKA_HAS_RESET,

   PixelX = CKA_PIXEL_X,

   PixelY = CKA_PIXEL_Y,

   Resolution = CKA_RESOLUTION,

   CharRows = CKA_CHAR_ROWS,

   CharColumns = CKA_CHAR_COLUMNS,

   Color = CKA_COLOR,

   BitsPerPixel = CKA_BITS_PER_PIXEL,

   CharSets = CKA_CHAR_SETS,

   EncodingMethods = CKA_ENCODING_METHODS,

   MimeTypes = CKA_MIME_TYPES,

   MechanismType = CKA_MECHANISM_TYPE,

   RequiredCmsAttributes = CKA_REQUIRED_CMS_ATTRIBUTES,

   DefaultCmsAttributes = CKA_DEFAULT_CMS_ATTRIBUTES,

   SupportedCmsAttributes = CKA_SUPPORTED_CMS_ATTRIBUTES,

   AllowedMechanisms = CKA_ALLOWED_MECHANISMS,

   ProfileId = CKA_PROFILE_ID,

   X2ratchetBag = CKA_X2RATCHET_BAG,

   X2ratchetBagsize = CKA_X2RATCHET_BAGSIZE,

   X2ratchetBobs1stmsg = CKA_X2RATCHET_BOBS1STMSG,

   X2ratchetCkr = CKA_X2RATCHET_CKR,

   X2ratchetCks = CKA_X2RATCHET_CKS,

   X2ratchetDhp = CKA_X2RATCHET_DHP,

   X2ratchetDhr = CKA_X2RATCHET_DHR,

   X2ratchetDhs = CKA_X2RATCHET_DHS,

   X2ratchetHkr = CKA_X2RATCHET_HKR,

   X2ratchetHks = CKA_X2RATCHET_HKS,

   X2ratchetIsalice = CKA_X2RATCHET_ISALICE,

   X2ratchetNhkr = CKA_X2RATCHET_NHKR,

   X2ratchetNhks = CKA_X2RATCHET_NHKS,

   X2ratchetNr = CKA_X2RATCHET_NR,

   X2ratchetNs = CKA_X2RATCHET_NS,

   X2ratchetPns = CKA_X2RATCHET_PNS,

   X2ratchetRk = CKA_X2RATCHET_RK,

   HssLevels = CKA_HSS_LEVELS,

   HssLmsType = CKA_HSS_LMS_TYPE,

   HssLmotsType = CKA_HSS_LMOTS_TYPE,

   HssLmsTypes = CKA_HSS_LMS_TYPES,

   HssLmotsTypes = CKA_HSS_LMOTS_TYPES,

   HssKeysRemaining = CKA_HSS_KEYS_REMAINING,

   ParameterSet = CKA_PARAMETER_SET,

   ValidationFlags = CKA_VALIDATION_FLAGS,

   ValidationType = CKA_VALIDATION_TYPE,

   ValidationVersion = CKA_VALIDATION_VERSION,

   ValidationLevel = CKA_VALIDATION_LEVEL,

   ValidationModuleId = CKA_VALIDATION_MODULE_ID,

   ValidationFlag = CKA_VALIDATION_FLAG,

   ValidationAuthorityType = CKA_VALIDATION_AUTHORITY_TYPE,

   ValidationCountry = CKA_VALIDATION_COUNTRY,

   ValidationCertificateIdentifier = CKA_VALIDATION_CERTIFICATE_IDENTIFIER,

   ValidationCertificateUri = CKA_VALIDATION_CERTIFICATE_URI,

   ValidationVendor = CKA_VALIDATION_VENDOR,

   ValidationProfile = CKA_VALIDATION_PROFILE,

   EncapsulateTemplate = CKA_ENCAPSULATE_TEMPLATE,

   DecapsulateTemplate = CKA_DECAPSULATE_TEMPLATE,

   TrustServerAuth = CKA_TRUST_SERVER_AUTH,

   TrustClientAuth = CKA_TRUST_CLIENT_AUTH,

   TrustCodeSigning = CKA_TRUST_CODE_SIGNING,

   TrustEmailProtection = CKA_TRUST_EMAIL_PROTECTION,

   TrustIpsecIke = CKA_TRUST_IPSEC_IKE,

   TrustTimeStamping = CKA_TRUST_TIME_STAMPING,

   TrustOcspSigning = CKA_TRUST_OCSP_SIGNING,

   Encapsulate = CKA_ENCAPSULATE,

   Decapsulate = CKA_DECAPSULATE,

   HashOfCertificate = CKA_HASH_OF_CERTIFICATE,

   VendorDefined = CKA_VENDOR_DEFINED,

};

enum class CertificateType : CK_CERTIFICATE_TYPE {

   X509 = CKC_X_509,

   X509AttrCert = CKC_X_509_ATTR_CERT,

   Wtls = CKC_WTLS,

   VendorDefined = CKC_VENDOR_DEFINED,

};

/// Indicates if a stored certificate is a user certificate for which the corresponding private key is available

/// on the token ("token user"), a CA certificate ("authority"), or another end-entity certificate ("other entity").

enum class CertificateCategory : CK_ULONG {

   Unspecified = CK_CERTIFICATE_CATEGORY_UNSPECIFIED,

   TokenUser = CK_CERTIFICATE_CATEGORY_TOKEN_USER,

   Authority = CK_CERTIFICATE_CATEGORY_AUTHORITY,

   OtherEntity = CK_CERTIFICATE_CATEGORY_OTHER_ENTITY

};

enum class KeyDerivation : CK_ULONG {

   Null = CKD_NULL,

   Sha1Kdf = CKD_SHA1_KDF,

   Sha1KdfAsn1 = CKD_SHA1_KDF_ASN1,

   Sha1KdfConcatenate = CKD_SHA1_KDF_CONCATENATE,

   Sha224Kdf = CKD_SHA224_KDF,

   Sha256Kdf = CKD_SHA256_KDF,

   Sha384Kdf = CKD_SHA384_KDF,

   Sha512Kdf = CKD_SHA512_KDF,

   CpdiversifyKdf = CKD_CPDIVERSIFY_KDF,

   Sha3_224Kdf = CKD_SHA3_224_KDF,

   Sha3_256Kdf = CKD_SHA3_256_KDF,

   Sha3_384Kdf = CKD_SHA3_384_KDF,

   Sha3_512Kdf = CKD_SHA3_512_KDF,

   Sha1KdfSp800 = CKD_SHA1_KDF_SP800,

   Sha224KdfSp800 = CKD_SHA224_KDF_SP800,

   Sha256KdfSp800 = CKD_SHA256_KDF_SP800,

   Sha384KdfSp800 = CKD_SHA384_KDF_SP800,

   Sha512KdfSp800 = CKD_SHA512_KDF_SP800,

   Sha3_224KdfSp800 = CKD_SHA3_224_KDF_SP800,

   Sha3_256KdfSp800 = CKD_SHA3_256_KDF_SP800,

   Sha3_384KdfSp800 = CKD_SHA3_384_KDF_SP800,

   Sha3_512KdfSp800 = CKD_SHA3_512_KDF_SP800,

   Blake2b160Kdf = CKD_BLAKE2B_160_KDF,

   Blake2b256Kdf = CKD_BLAKE2B_256_KDF,

   Blake2b384Kdf = CKD_BLAKE2B_384_KDF,

   Blake2b512Kdf = CKD_BLAKE2B_512_KDF,

};

enum class Flag : CK_FLAGS {

   None = 0,

   TokenPresent = CKF_TOKEN_PRESENT,

   RemovableDevice = CKF_REMOVABLE_DEVICE,

   HwSlot = CKF_HW_SLOT,

   Rng = CKF_RNG,

   WriteProtected = CKF_WRITE_PROTECTED,

   LoginRequired = CKF_LOGIN_REQUIRED,

   UserPinInitialized = CKF_USER_PIN_INITIALIZED,

   RestoreKeyNotNeeded = CKF_RESTORE_KEY_NOT_NEEDED,

   ClockOnToken = CKF_CLOCK_ON_TOKEN,

   ProtectedAuthenticationPath = CKF_PROTECTED_AUTHENTICATION_PATH,

   DualCryptoOperations = CKF_DUAL_CRYPTO_OPERATIONS,

   TokenInitialized = CKF_TOKEN_INITIALIZED,

   SecondaryAuthentication = CKF_SECONDARY_AUTHENTICATION,

   UserPinCountLow = CKF_USER_PIN_COUNT_LOW,

   UserPinFinalTry = CKF_USER_PIN_FINAL_TRY,

   UserPinLocked = CKF_USER_PIN_LOCKED,

   UserPinToBeChanged = CKF_USER_PIN_TO_BE_CHANGED,

   SoPinCountLow = CKF_SO_PIN_COUNT_LOW,

   SoPinFinalTry = CKF_SO_PIN_FINAL_TRY,

   SoPinLocked = CKF_SO_PIN_LOCKED,

   SoPinToBeChanged = CKF_SO_PIN_TO_BE_CHANGED,

   ErrorState = CKF_ERROR_STATE,

   SeedRandomRequired = CKF_SEED_RANDOM_REQUIRED,

   AsyncSessionSupported = CKF_ASYNC_SESSION_SUPPORTED,

   RwSession = CKF_RW_SESSION,

   SerialSession = CKF_SERIAL_SESSION,

   AsyncSession = CKF_ASYNC_SESSION,

   ArrayAttribute = CKF_ARRAY_ATTRIBUTE,

   Hw = CKF_HW,

   MessageEncrypt = CKF_MESSAGE_ENCRYPT,

   MessageDecrypt = CKF_MESSAGE_DECRYPT,

   MessageSign = CKF_MESSAGE_SIGN,

   MessageVerify = CKF_MESSAGE_VERIFY,

   MultiMessage = CKF_MULTI_MESSAGE,

   MultiMessge = CKF_MULTI_MESSGE,

   FindObjects = CKF_FIND_OBJECTS,

   Encrypt = CKF_ENCRYPT,

   Decrypt = CKF_DECRYPT,

   Digest = CKF_DIGEST,

   Sign = CKF_SIGN,

   SignRecover = CKF_SIGN_RECOVER,

   Verify = CKF_VERIFY,

   VerifyRecover = CKF_VERIFY_RECOVER,

   Generate = CKF_GENERATE,

   GenerateKeyPair = CKF_GENERATE_KEY_PAIR,

   Wrap = CKF_WRAP,

   Unwrap = CKF_UNWRAP,

   Derive = CKF_DERIVE,

   EcFP = CKF_EC_F_P,

   EcF2m = CKF_EC_F_2M,

   EcEcparameters = CKF_EC_ECPARAMETERS,

   EcOid = CKF_EC_OID,

   EcNamedcurve = CKF_EC_NAMEDCURVE,

   EcUncompress = CKF_EC_UNCOMPRESS,

   EcCompress = CKF_EC_COMPRESS,

   EcCurvename = CKF_EC_CURVENAME,

   Encapsulate = CKF_ENCAPSULATE,

   Decapsulate = CKF_DECAPSULATE,

   Extension = CKF_EXTENSION,

   EndOfMessage = CKF_END_OF_MESSAGE,

   InterfaceForkSafe = CKF_INTERFACE_FORK_SAFE,

   LibraryCantCreateOsThreads = CKF_LIBRARY_CANT_CREATE_OS_THREADS,

   OsLockingOk = CKF_OS_LOCKING_OK,

   DontBlock = CKF_DONT_BLOCK,

   NextOtp = CKF_NEXT_OTP,

   ExcludeTime = CKF_EXCLUDE_TIME,

   ExcludeCounter = CKF_EXCLUDE_COUNTER,

   ExcludeChallenge = CKF_EXCLUDE_CHALLENGE,

   ExcludePin = CKF_EXCLUDE_PIN,

   UserFriendlyOtp = CKF_USER_FRIENDLY_OTP,

   HkdfSaltNull = CKF_HKDF_SALT_NULL,

   HkdfSaltData = CKF_HKDF_SALT_DATA,

   HkdfSaltKey = CKF_HKDF_SALT_KEY,

};

   // NOLINTNEXTLINE(clang-analyzer-optin.core.EnumCastOutOfRange)

}

enum class MGF : CK_RSA_PKCS_MGF_TYPE {

   MgfUnused = 0,

   Mgf1Sha1 = CKG_MGF1_SHA1,

   Mgf1Sha256 = CKG_MGF1_SHA256,

   Mgf1Sha384 = CKG_MGF1_SHA384,

   Mgf1Sha512 = CKG_MGF1_SHA512,

   Mgf1Sha224 = CKG_MGF1_SHA224,

   Mgf1Sha3_224 = CKG_MGF1_SHA3_224,

   Mgf1Sha3_256 = CKG_MGF1_SHA3_256,

   Mgf1Sha3_384 = CKG_MGF1_SHA3_384,

   Mgf1Sha3_512 = CKG_MGF1_SHA3_512,

};

enum class HardwareType : CK_HW_FEATURE_TYPE {

   MonotonicCounter = CKH_MONOTONIC_COUNTER,

   Clock = CKH_CLOCK,

   UserInterface = CKH_USER_INTERFACE,

   VendorDefined = CKH_VENDOR_DEFINED,

};

enum class KeyType : CK_KEY_TYPE {

   Rsa = CKK_RSA,

   Dsa = CKK_DSA,

   Dh = CKK_DH,

   Ecdsa = CKK_ECDSA,

   Ec = CKK_EC,

   X942Dh = CKK_X9_42_DH,

   Kea = CKK_KEA,

   GenericSecret = CKK_GENERIC_SECRET,

   Rc2 = CKK_RC2,

   Rc4 = CKK_RC4,

   Des = CKK_DES,

   Des2 = CKK_DES2,

   Des3 = CKK_DES3,

   Cast = CKK_CAST,

   Cast3 = CKK_CAST3,

   Cast5 = CKK_CAST5,

   Cast128 = CKK_CAST128,

   Rc5 = CKK_RC5,

   Idea = CKK_IDEA,

   Skipjack = CKK_SKIPJACK,

   Baton = CKK_BATON,

   Juniper = CKK_JUNIPER,

   Cdmf = CKK_CDMF,

   Aes = CKK_AES,

   Blowfish = CKK_BLOWFISH,

   Twofish = CKK_TWOFISH,

   Securid = CKK_SECURID,

   Hotp = CKK_HOTP,

   Acti = CKK_ACTI,

   Camellia = CKK_CAMELLIA,

   Aria = CKK_ARIA,

   Md5Hmac = CKK_MD5_HMAC,

   Sha1Hmac = CKK_SHA_1_HMAC,

   Ripemd128Hmac = CKK_RIPEMD128_HMAC,

   Ripemd160Hmac = CKK_RIPEMD160_HMAC,

   Sha256Hmac = CKK_SHA256_HMAC,

   Sha384Hmac = CKK_SHA384_HMAC,

   Sha512Hmac = CKK_SHA512_HMAC,

   Sha224Hmac = CKK_SHA224_HMAC,

   Seed = CKK_SEED,

   Gostr3410 = CKK_GOSTR3410,

   Gostr3411 = CKK_GOSTR3411,

   Gost28147 = CKK_GOST28147,

   Chacha20 = CKK_CHACHA20,

   Poly1305 = CKK_POLY1305,

   AesXts = CKK_AES_XTS,

   Sha3_224Hmac = CKK_SHA3_224_HMAC,

   Sha3_256Hmac = CKK_SHA3_256_HMAC,

   Sha3_384Hmac = CKK_SHA3_384_HMAC,

   Sha3_512Hmac = CKK_SHA3_512_HMAC,

   Blake2b160Hmac = CKK_BLAKE2B_160_HMAC,

   Blake2b256Hmac = CKK_BLAKE2B_256_HMAC,

   Blake2b384Hmac = CKK_BLAKE2B_384_HMAC,

   Blake2b512Hmac = CKK_BLAKE2B_512_HMAC,

   Salsa20 = CKK_SALSA20,

   X2ratchet = CKK_X2RATCHET,

   EcEdwards = CKK_EC_EDWARDS,

   EcMontgomery = CKK_EC_MONTGOMERY,

   Hkdf = CKK_HKDF,

   Sha512_224Hmac = CKK_SHA512_224_HMAC,

   Sha512_256Hmac = CKK_SHA512_256_HMAC,

   Sha512THmac = CKK_SHA512_T_HMAC,

   Hss = CKK_HSS,

   Xmss = CKK_XMSS,

   Xmssmt = CKK_XMSSMT,

   MlKem = CKK_ML_KEM,

   MlDsa = CKK_ML_DSA,

   SlhDsa = CKK_SLH_DSA,

   VendorDefined = CKK_VENDOR_DEFINED,

};

enum class MechanismType : CK_MECHANISM_TYPE {

   RsaPkcsKeyPairGen = CKM_RSA_PKCS_KEY_PAIR_GEN,

   RsaPkcs = CKM_RSA_PKCS,

   Rsa9796 = CKM_RSA_9796,

   RsaX509 = CKM_RSA_X_509,

   Md2RsaPkcs = CKM_MD2_RSA_PKCS,

   Md5RsaPkcs = CKM_MD5_RSA_PKCS,

   Sha1RsaPkcs = CKM_SHA1_RSA_PKCS,

   Ripemd128RsaPkcs = CKM_RIPEMD128_RSA_PKCS,

   Ripemd160RsaPkcs = CKM_RIPEMD160_RSA_PKCS,

   RsaPkcsOaep = CKM_RSA_PKCS_OAEP,

   RsaX931KeyPairGen = CKM_RSA_X9_31_KEY_PAIR_GEN,

   RsaX931 = CKM_RSA_X9_31,

   Sha1RsaX931 = CKM_SHA1_RSA_X9_31,

   RsaPkcsPss = CKM_RSA_PKCS_PSS,

   Sha1RsaPkcsPss = CKM_SHA1_RSA_PKCS_PSS,

   DsaKeyPairGen = CKM_DSA_KEY_PAIR_GEN,

   Dsa = CKM_DSA,

   DsaSha1 = CKM_DSA_SHA1,

   DsaSha224 = CKM_DSA_SHA224,

   DsaSha256 = CKM_DSA_SHA256,

   DsaSha384 = CKM_DSA_SHA384,

   DsaSha512 = CKM_DSA_SHA512,

   DsaSha3_224 = CKM_DSA_SHA3_224,

   DsaSha3_256 = CKM_DSA_SHA3_256,

   DsaSha3_384 = CKM_DSA_SHA3_384,

   DsaSha3_512 = CKM_DSA_SHA3_512,

   DhPkcsKeyPairGen = CKM_DH_PKCS_KEY_PAIR_GEN,

   DhPkcsDerive = CKM_DH_PKCS_DERIVE,

   X942DhKeyPairGen = CKM_X9_42_DH_KEY_PAIR_GEN,

   X942DhDerive = CKM_X9_42_DH_DERIVE,

   X942DhHybridDerive = CKM_X9_42_DH_HYBRID_DERIVE,

   X942MqvDerive = CKM_X9_42_MQV_DERIVE,

   Sha256RsaPkcs = CKM_SHA256_RSA_PKCS,

   Sha384RsaPkcs = CKM_SHA384_RSA_PKCS,

   Sha512RsaPkcs = CKM_SHA512_RSA_PKCS,

   Sha256RsaPkcsPss = CKM_SHA256_RSA_PKCS_PSS,

   Sha384RsaPkcsPss = CKM_SHA384_RSA_PKCS_PSS,

   Sha512RsaPkcsPss = CKM_SHA512_RSA_PKCS_PSS,

   Sha224RsaPkcs = CKM_SHA224_RSA_PKCS,

   Sha224RsaPkcsPss = CKM_SHA224_RSA_PKCS_PSS,

   Sha512224 = CKM_SHA512_224,

   Sha512224Hmac = CKM_SHA512_224_HMAC,

   Sha512224HmacGeneral = CKM_SHA512_224_HMAC_GENERAL,

   Sha512224KeyDerivation = CKM_SHA512_224_KEY_DERIVATION,

   Sha512256 = CKM_SHA512_256,

   Sha512256Hmac = CKM_SHA512_256_HMAC,

   Sha512256HmacGeneral = CKM_SHA512_256_HMAC_GENERAL,

   Sha512256KeyDerivation = CKM_SHA512_256_KEY_DERIVATION,

   Sha512T = CKM_SHA512_T,

   Sha512THmac = CKM_SHA512_T_HMAC,

   Sha512THmacGeneral = CKM_SHA512_T_HMAC_GENERAL,

   Sha512TKeyDerivation = CKM_SHA512_T_KEY_DERIVATION,

   Sha3_256RsaPkcs = CKM_SHA3_256_RSA_PKCS,

   Sha3_384RsaPkcs = CKM_SHA3_384_RSA_PKCS,

   Sha3_512RsaPkcs = CKM_SHA3_512_RSA_PKCS,

   Sha3_256RsaPkcsPss = CKM_SHA3_256_RSA_PKCS_PSS,

   Sha3_384RsaPkcsPss = CKM_SHA3_384_RSA_PKCS_PSS,

   Sha3_512RsaPkcsPss = CKM_SHA3_512_RSA_PKCS_PSS,

   Sha3_224RsaPkcs = CKM_SHA3_224_RSA_PKCS,

   Sha3_224RsaPkcsPss = CKM_SHA3_224_RSA_PKCS_PSS,

   Rc2KeyGen = CKM_RC2_KEY_GEN,

   Rc2Ecb = CKM_RC2_ECB,

   Rc2Cbc = CKM_RC2_CBC,

   Rc2Mac = CKM_RC2_MAC,

   Rc2MacGeneral = CKM_RC2_MAC_GENERAL,

   Rc2CbcPad = CKM_RC2_CBC_PAD,

   Rc4KeyGen = CKM_RC4_KEY_GEN,

   Rc4 = CKM_RC4,

   DesKeyGen = CKM_DES_KEY_GEN,

   DesEcb = CKM_DES_ECB,

   DesCbc = CKM_DES_CBC,

   DesMac = CKM_DES_MAC,

   DesMacGeneral = CKM_DES_MAC_GENERAL,

   DesCbcPad = CKM_DES_CBC_PAD,

   Des2KeyGen = CKM_DES2_KEY_GEN,

   Des3KeyGen = CKM_DES3_KEY_GEN,

   Des3Ecb = CKM_DES3_ECB,

   Des3Cbc = CKM_DES3_CBC,

   Des3Mac = CKM_DES3_MAC,

   Des3MacGeneral = CKM_DES3_MAC_GENERAL,

   Des3CbcPad = CKM_DES3_CBC_PAD,

   Des3CmacGeneral = CKM_DES3_CMAC_GENERAL,

   Des3Cmac = CKM_DES3_CMAC,

   CdmfKeyGen = CKM_CDMF_KEY_GEN,

   CdmfEcb = CKM_CDMF_ECB,

   CdmfCbc = CKM_CDMF_CBC,

   CdmfMac = CKM_CDMF_MAC,

   CdmfMacGeneral = CKM_CDMF_MAC_GENERAL,

   CdmfCbcPad = CKM_CDMF_CBC_PAD,

   DesOfb64 = CKM_DES_OFB64,

   DesOfb8 = CKM_DES_OFB8,

   DesCfb64 = CKM_DES_CFB64,

   DesCfb8 = CKM_DES_CFB8,

   Md2 = CKM_MD2,

   Md2Hmac = CKM_MD2_HMAC,

   Md2HmacGeneral = CKM_MD2_HMAC_GENERAL,

   Md5 = CKM_MD5,

   Md5Hmac = CKM_MD5_HMAC,

   Md5HmacGeneral = CKM_MD5_HMAC_GENERAL,

   Sha1 = CKM_SHA_1,

   Sha1Hmac = CKM_SHA_1_HMAC,

   Sha1HmacGeneral = CKM_SHA_1_HMAC_GENERAL,

   Ripemd128 = CKM_RIPEMD128,

   Ripemd128Hmac = CKM_RIPEMD128_HMAC,

   Ripemd128HmacGeneral = CKM_RIPEMD128_HMAC_GENERAL,

   Ripemd160 = CKM_RIPEMD160,

   Ripemd160Hmac = CKM_RIPEMD160_HMAC,

   Ripemd160HmacGeneral = CKM_RIPEMD160_HMAC_GENERAL,

   Sha256 = CKM_SHA256,

   Sha256Hmac = CKM_SHA256_HMAC,

   Sha256HmacGeneral = CKM_SHA256_HMAC_GENERAL,

   Sha224 = CKM_SHA224,

   Sha224Hmac = CKM_SHA224_HMAC,

   Sha224HmacGeneral = CKM_SHA224_HMAC_GENERAL,

   Sha384 = CKM_SHA384,

   Sha384Hmac = CKM_SHA384_HMAC,

   Sha384HmacGeneral = CKM_SHA384_HMAC_GENERAL,

   Sha512 = CKM_SHA512,

   Sha512Hmac = CKM_SHA512_HMAC,

   Sha512HmacGeneral = CKM_SHA512_HMAC_GENERAL,

   SecuridKeyGen = CKM_SECURID_KEY_GEN,

   Securid = CKM_SECURID,

   HotpKeyGen = CKM_HOTP_KEY_GEN,

   Hotp = CKM_HOTP,

   Acti = CKM_ACTI,

   ActiKeyGen = CKM_ACTI_KEY_GEN,

   Sha3_256 = CKM_SHA3_256,

   Sha3_256Hmac = CKM_SHA3_256_HMAC,

   Sha3_256HmacGeneral = CKM_SHA3_256_HMAC_GENERAL,

   Sha3_256KeyGen = CKM_SHA3_256_KEY_GEN,

   Sha3_224 = CKM_SHA3_224,

   Sha3_224Hmac = CKM_SHA3_224_HMAC,

   Sha3_224HmacGeneral = CKM_SHA3_224_HMAC_GENERAL,

   Sha3_224KeyGen = CKM_SHA3_224_KEY_GEN,

   Sha3_384 = CKM_SHA3_384,

   Sha3_384Hmac = CKM_SHA3_384_HMAC,

   Sha3_384HmacGeneral = CKM_SHA3_384_HMAC_GENERAL,

   Sha3_384KeyGen = CKM_SHA3_384_KEY_GEN,

   Sha3_512 = CKM_SHA3_512,

   Sha3_512Hmac = CKM_SHA3_512_HMAC,

   Sha3_512HmacGeneral = CKM_SHA3_512_HMAC_GENERAL,

   Sha3_512KeyGen = CKM_SHA3_512_KEY_GEN,

   CastKeyGen = CKM_CAST_KEY_GEN,

   CastEcb = CKM_CAST_ECB,

   CastCbc = CKM_CAST_CBC,

   CastMac = CKM_CAST_MAC,

   CastMacGeneral = CKM_CAST_MAC_GENERAL,

   CastCbcPad = CKM_CAST_CBC_PAD,

   Cast3KeyGen = CKM_CAST3_KEY_GEN,

   Cast3Ecb = CKM_CAST3_ECB,

   Cast3Cbc = CKM_CAST3_CBC,

   Cast3Mac = CKM_CAST3_MAC,

   Cast3MacGeneral = CKM_CAST3_MAC_GENERAL,

   Cast3CbcPad = CKM_CAST3_CBC_PAD,

   Cast5KeyGen = CKM_CAST5_KEY_GEN,

   Cast128KeyGen = CKM_CAST128_KEY_GEN,

   Cast5Ecb = CKM_CAST5_ECB,

   Cast128Ecb = CKM_CAST128_ECB,

   Cast5Cbc = CKM_CAST5_CBC,

   Cast128Cbc = CKM_CAST128_CBC,

   Cast5Mac = CKM_CAST5_MAC,

   Cast128Mac = CKM_CAST128_MAC,

   Cast5MacGeneral = CKM_CAST5_MAC_GENERAL,

   Cast128MacGeneral = CKM_CAST128_MAC_GENERAL,

   Cast5CbcPad = CKM_CAST5_CBC_PAD,

   Cast128CbcPad = CKM_CAST128_CBC_PAD,

   Rc5KeyGen = CKM_RC5_KEY_GEN,

   Rc5Ecb = CKM_RC5_ECB,

   Rc5Cbc = CKM_RC5_CBC,

   Rc5Mac = CKM_RC5_MAC,

   Rc5MacGeneral = CKM_RC5_MAC_GENERAL,

   Rc5CbcPad = CKM_RC5_CBC_PAD,

   IdeaKeyGen = CKM_IDEA_KEY_GEN,

   IdeaEcb = CKM_IDEA_ECB,

   IdeaCbc = CKM_IDEA_CBC,

   IdeaMac = CKM_IDEA_MAC,

   IdeaMacGeneral = CKM_IDEA_MAC_GENERAL,

   IdeaCbcPad = CKM_IDEA_CBC_PAD,

   GenericSecretKeyGen = CKM_GENERIC_SECRET_KEY_GEN,

   ConcatenateBaseAndKey = CKM_CONCATENATE_BASE_AND_KEY,

   ConcatenateBaseAndData = CKM_CONCATENATE_BASE_AND_DATA,

   ConcatenateDataAndBase = CKM_CONCATENATE_DATA_AND_BASE,

   XorBaseAndData = CKM_XOR_BASE_AND_DATA,

   ExtractKeyFromKey = CKM_EXTRACT_KEY_FROM_KEY,

   Ssl3PreMasterKeyGen = CKM_SSL3_PRE_MASTER_KEY_GEN,

   Ssl3MasterKeyDerive = CKM_SSL3_MASTER_KEY_DERIVE,

   Ssl3KeyAndMacDerive = CKM_SSL3_KEY_AND_MAC_DERIVE,

   Ssl3MasterKeyDeriveDh = CKM_SSL3_MASTER_KEY_DERIVE_DH,

   TlsPreMasterKeyGen = CKM_TLS_PRE_MASTER_KEY_GEN,

   TlsMasterKeyDerive = CKM_TLS_MASTER_KEY_DERIVE,

   TlsKeyAndMacDerive = CKM_TLS_KEY_AND_MAC_DERIVE,

   TlsMasterKeyDeriveDh = CKM_TLS_MASTER_KEY_DERIVE_DH,

   TlsPrf = CKM_TLS_PRF,

   Ssl3Md5Mac = CKM_SSL3_MD5_MAC,

   Ssl3Sha1Mac = CKM_SSL3_SHA1_MAC,

   Md5KeyDerivation = CKM_MD5_KEY_DERIVATION,

   Md2KeyDerivation = CKM_MD2_KEY_DERIVATION,

   Sha1KeyDerivation = CKM_SHA1_KEY_DERIVATION,

   Sha256KeyDerivation = CKM_SHA256_KEY_DERIVATION,

   Sha384KeyDerivation = CKM_SHA384_KEY_DERIVATION,

   Sha512KeyDerivation = CKM_SHA512_KEY_DERIVATION,

   Sha224KeyDerivation = CKM_SHA224_KEY_DERIVATION,

   Sha3_256KeyDerivation = CKM_SHA3_256_KEY_DERIVATION,

   Sha3_224KeyDerivation = CKM_SHA3_224_KEY_DERIVATION,

   Sha3_384KeyDerivation = CKM_SHA3_384_KEY_DERIVATION,

   Sha3_512KeyDerivation = CKM_SHA3_512_KEY_DERIVATION,

   Shake128KeyDerivation = CKM_SHAKE_128_KEY_DERIVATION,

   Shake256KeyDerivation = CKM_SHAKE_256_KEY_DERIVATION,

   PbeMd2DesCbc = CKM_PBE_MD2_DES_CBC,

   PbeMd5DesCbc = CKM_PBE_MD5_DES_CBC,

   PbeMd5CastCbc = CKM_PBE_MD5_CAST_CBC,

   PbeMd5Cast3Cbc = CKM_PBE_MD5_CAST3_CBC,

   PbeMd5Cast5Cbc = CKM_PBE_MD5_CAST5_CBC,

   PbeMd5Cast128Cbc = CKM_PBE_MD5_CAST128_CBC,

   PbeSha1Cast5Cbc = CKM_PBE_SHA1_CAST5_CBC,

   PbeSha1Cast128Cbc = CKM_PBE_SHA1_CAST128_CBC,

   PbeSha1Rc4128 = CKM_PBE_SHA1_RC4_128,

   PbeSha1Rc440 = CKM_PBE_SHA1_RC4_40,

   PbeSha1Des3EdeCbc = CKM_PBE_SHA1_DES3_EDE_CBC,

   PbeSha1Des2EdeCbc = CKM_PBE_SHA1_DES2_EDE_CBC,

   PbeSha1Rc2128Cbc = CKM_PBE_SHA1_RC2_128_CBC,

   PbeSha1Rc240Cbc = CKM_PBE_SHA1_RC2_40_CBC,

   Pkcs5Pbkd2 = CKM_PKCS5_PBKD2,

   PbaSha1WithSha1Hmac = CKM_PBA_SHA1_WITH_SHA1_HMAC,

   WtlsPreMasterKeyGen = CKM_WTLS_PRE_MASTER_KEY_GEN,

   WtlsMasterKeyDerive = CKM_WTLS_MASTER_KEY_DERIVE,

   WtlsMasterKeyDeriveDhEcc = CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC,

   WtlsPrf = CKM_WTLS_PRF,

   WtlsServerKeyAndMacDerive = CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE,

   WtlsClientKeyAndMacDerive = CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE,

   Tls10MacServer = CKM_TLS10_MAC_SERVER,

   Tls10MacClient = CKM_TLS10_MAC_CLIENT,

   Tls12Mac = CKM_TLS12_MAC,

   Tls12Kdf = CKM_TLS12_KDF,

   Tls12MasterKeyDerive = CKM_TLS12_MASTER_KEY_DERIVE,

   Tls12KeyAndMacDerive = CKM_TLS12_KEY_AND_MAC_DERIVE,

   Tls12MasterKeyDeriveDh = CKM_TLS12_MASTER_KEY_DERIVE_DH,

   Tls12KeySafeDerive = CKM_TLS12_KEY_SAFE_DERIVE,

   TlsMac = CKM_TLS_MAC,

   TlsKdf = CKM_TLS_KDF,

   KeyWrapLynks = CKM_KEY_WRAP_LYNKS,

   KeyWrapSetOaep = CKM_KEY_WRAP_SET_OAEP,

   CmsSig = CKM_CMS_SIG,

   KipDerive = CKM_KIP_DERIVE,

   KipWrap = CKM_KIP_WRAP,

   KipMac = CKM_KIP_MAC,

   CamelliaKeyGen = CKM_CAMELLIA_KEY_GEN,

   CamelliaEcb = CKM_CAMELLIA_ECB,

   CamelliaCbc = CKM_CAMELLIA_CBC,

   CamelliaMac = CKM_CAMELLIA_MAC,

   CamelliaMacGeneral = CKM_CAMELLIA_MAC_GENERAL,

   CamelliaCbcPad = CKM_CAMELLIA_CBC_PAD,

   CamelliaEcbEncryptData = CKM_CAMELLIA_ECB_ENCRYPT_DATA,

   CamelliaCbcEncryptData = CKM_CAMELLIA_CBC_ENCRYPT_DATA,

   CamelliaCtr = CKM_CAMELLIA_CTR,

   AriaKeyGen = CKM_ARIA_KEY_GEN,

   AriaEcb = CKM_ARIA_ECB,

   AriaCbc = CKM_ARIA_CBC,

   AriaMac = CKM_ARIA_MAC,

   AriaMacGeneral = CKM_ARIA_MAC_GENERAL,

   AriaCbcPad = CKM_ARIA_CBC_PAD,

   AriaEcbEncryptData = CKM_ARIA_ECB_ENCRYPT_DATA,

   AriaCbcEncryptData = CKM_ARIA_CBC_ENCRYPT_DATA,

   SeedKeyGen = CKM_SEED_KEY_GEN,

   SeedEcb = CKM_SEED_ECB,

   SeedCbc = CKM_SEED_CBC,

   SeedMac = CKM_SEED_MAC,

   SeedMacGeneral = CKM_SEED_MAC_GENERAL,

   SeedCbcPad = CKM_SEED_CBC_PAD,

   SeedEcbEncryptData = CKM_SEED_ECB_ENCRYPT_DATA,

   SeedCbcEncryptData = CKM_SEED_CBC_ENCRYPT_DATA,

   SkipjackKeyGen = CKM_SKIPJACK_KEY_GEN,

   SkipjackEcb64 = CKM_SKIPJACK_ECB64,

   SkipjackCbc64 = CKM_SKIPJACK_CBC64,

   SkipjackOfb64 = CKM_SKIPJACK_OFB64,

   SkipjackCfb64 = CKM_SKIPJACK_CFB64,

   SkipjackCfb32 = CKM_SKIPJACK_CFB32,

   SkipjackCfb16 = CKM_SKIPJACK_CFB16,

   SkipjackCfb8 = CKM_SKIPJACK_CFB8,

   SkipjackWrap = CKM_SKIPJACK_WRAP,

   SkipjackPrivateWrap = CKM_SKIPJACK_PRIVATE_WRAP,

   SkipjackRelayx = CKM_SKIPJACK_RELAYX,

   KeaKeyPairGen = CKM_KEA_KEY_PAIR_GEN,

   KeaKeyDerive = CKM_KEA_KEY_DERIVE,

   KeaDerive = CKM_KEA_DERIVE,

   FortezzaTimestamp = CKM_FORTEZZA_TIMESTAMP,

   BatonKeyGen = CKM_BATON_KEY_GEN,

   BatonEcb128 = CKM_BATON_ECB128,

   BatonEcb96 = CKM_BATON_ECB96,

   BatonCbc128 = CKM_BATON_CBC128,

   BatonCounter = CKM_BATON_COUNTER,

   BatonShuffle = CKM_BATON_SHUFFLE,

   BatonWrap = CKM_BATON_WRAP,

   EcdsaKeyPairGen = CKM_ECDSA_KEY_PAIR_GEN,

   EcKeyPairGen = CKM_EC_KEY_PAIR_GEN,

   Ecdsa = CKM_ECDSA,

   EcdsaSha1 = CKM_ECDSA_SHA1,

   EcdsaSha224 = CKM_ECDSA_SHA224,

   EcdsaSha256 = CKM_ECDSA_SHA256,

   EcdsaSha384 = CKM_ECDSA_SHA384,

   EcdsaSha512 = CKM_ECDSA_SHA512,

   EcKeyPairGenWExtraBits = CKM_EC_KEY_PAIR_GEN_W_EXTRA_BITS,

   Ecdh1Derive = CKM_ECDH1_DERIVE,

   Ecdh1CofactorDerive = CKM_ECDH1_COFACTOR_DERIVE,

   EcmqvDerive = CKM_ECMQV_DERIVE,

   EcdhAesKeyWrap = CKM_ECDH_AES_KEY_WRAP,

   RsaAesKeyWrap = CKM_RSA_AES_KEY_WRAP,

   JuniperKeyGen = CKM_JUNIPER_KEY_GEN,

   JuniperEcb128 = CKM_JUNIPER_ECB128,

   JuniperCbc128 = CKM_JUNIPER_CBC128,

   JuniperCounter = CKM_JUNIPER_COUNTER,

   JuniperShuffle = CKM_JUNIPER_SHUFFLE,

   JuniperWrap = CKM_JUNIPER_WRAP,

   Fasthash = CKM_FASTHASH,

   AesXts = CKM_AES_XTS,

   AesXtsKeyGen = CKM_AES_XTS_KEY_GEN,

   AesKeyGen = CKM_AES_KEY_GEN,

   AesEcb = CKM_AES_ECB,

   AesCbc = CKM_AES_CBC,

   AesMac = CKM_AES_MAC,

   AesMacGeneral = CKM_AES_MAC_GENERAL,

   AesCbcPad = CKM_AES_CBC_PAD,

   AesCtr = CKM_AES_CTR,

   AesGcm = CKM_AES_GCM,

   AesCcm = CKM_AES_CCM,

   AesCts = CKM_AES_CTS,

   AesCmac = CKM_AES_CMAC,

   AesCmacGeneral = CKM_AES_CMAC_GENERAL,

   AesXcbcMac = CKM_AES_XCBC_MAC,

   AesXcbcMac96 = CKM_AES_XCBC_MAC_96,

   AesGmac = CKM_AES_GMAC,

   BlowfishKeyGen = CKM_BLOWFISH_KEY_GEN,

   BlowfishCbc = CKM_BLOWFISH_CBC,

   TwofishKeyGen = CKM_TWOFISH_KEY_GEN,

   TwofishCbc = CKM_TWOFISH_CBC,

   BlowfishCbcPad = CKM_BLOWFISH_CBC_PAD,

   TwofishCbcPad = CKM_TWOFISH_CBC_PAD,

   DesEcbEncryptData = CKM_DES_ECB_ENCRYPT_DATA,

   DesCbcEncryptData = CKM_DES_CBC_ENCRYPT_DATA,

   Des3EcbEncryptData = CKM_DES3_ECB_ENCRYPT_DATA,

   Des3CbcEncryptData = CKM_DES3_CBC_ENCRYPT_DATA,

   AesEcbEncryptData = CKM_AES_ECB_ENCRYPT_DATA,

   AesCbcEncryptData = CKM_AES_CBC_ENCRYPT_DATA,

   Gostr3410KeyPairGen = CKM_GOSTR3410_KEY_PAIR_GEN,

   Gostr3410 = CKM_GOSTR3410,

   Gostr3410WithGostr3411 = CKM_GOSTR3410_WITH_GOSTR3411,

   Gostr3410KeyWrap = CKM_GOSTR3410_KEY_WRAP,

   Gostr3410Derive = CKM_GOSTR3410_DERIVE,

   Gostr3411 = CKM_GOSTR3411,

   Gostr3411Hmac = CKM_GOSTR3411_HMAC,

   Gost28147KeyGen = CKM_GOST28147_KEY_GEN,

   Gost28147Ecb = CKM_GOST28147_ECB,

   Gost28147 = CKM_GOST28147,

   Gost28147Mac = CKM_GOST28147_MAC,

   Gost28147KeyWrap = CKM_GOST28147_KEY_WRAP,

   Chacha20KeyGen = CKM_CHACHA20_KEY_GEN,

   Chacha20 = CKM_CHACHA20,

   Poly1305KeyGen = CKM_POLY1305_KEY_GEN,

   Poly1305 = CKM_POLY1305,

   DsaParameterGen = CKM_DSA_PARAMETER_GEN,

   DhPkcsParameterGen = CKM_DH_PKCS_PARAMETER_GEN,

   X942DhParameterGen = CKM_X9_42_DH_PARAMETER_GEN,

   DsaProbablisticParameterGen = CKM_DSA_PROBABILISTIC_PARAMETER_GEN,

   DsaShaweTaylorParameterGen = CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN,

   DsaFipsGGen = CKM_DSA_FIPS_G_GEN,

   AesOfb = CKM_AES_OFB,

   AesCfb64 = CKM_AES_CFB64,

   AesCfb8 = CKM_AES_CFB8,

   AesCfb128 = CKM_AES_CFB128,

   AesCfb1 = CKM_AES_CFB1,

   AesKeyWrap = CKM_AES_KEY_WRAP,

   AesKeyWrapPad = CKM_AES_KEY_WRAP_PAD,

   AesKeyWrapKwp = CKM_AES_KEY_WRAP_KWP,

   AesKeyWrapPkcs7 = CKM_AES_KEY_WRAP_PKCS7,

   RsaPkcsTpm11 = CKM_RSA_PKCS_TPM_1_1,

   RsaPkcsOaepTpm11 = CKM_RSA_PKCS_OAEP_TPM_1_1,

   Sha1KeyGen = CKM_SHA_1_KEY_GEN,

   Sha224KeyGen = CKM_SHA224_KEY_GEN,

   Sha256KeyGen = CKM_SHA256_KEY_GEN,

   Sha384KeyGen = CKM_SHA384_KEY_GEN,

   Sha512KeyGen = CKM_SHA512_KEY_GEN,

   Sha512_224KeyGen = CKM_SHA512_224_KEY_GEN,

   Sha512_256KeyGen = CKM_SHA512_256_KEY_GEN,

   Sha512TKeyGen = CKM_SHA512_T_KEY_GEN,

   Null = CKM_NULL,

   Blake2b160 = CKM_BLAKE2B_160,

   Blake2b160Hmac = CKM_BLAKE2B_160_HMAC,

   Blake2b160HmacGeneral = CKM_BLAKE2B_160_HMAC_GENERAL,

   Blake2b160KeyDerive = CKM_BLAKE2B_160_KEY_DERIVE,

   Blake2b160KeyGen = CKM_BLAKE2B_160_KEY_GEN,

   Blake2b256 = CKM_BLAKE2B_256,

   Blake2b256Hmac = CKM_BLAKE2B_256_HMAC,

   Blake2b256HmacGeneral = CKM_BLAKE2B_256_HMAC_GENERAL,

   Blake2b256KeyDerive = CKM_BLAKE2B_256_KEY_DERIVE,

   Blake2b256KeyGen = CKM_BLAKE2B_256_KEY_GEN,

   Blake2b384 = CKM_BLAKE2B_384,

   Blake2b384Hmac = CKM_BLAKE2B_384_HMAC,

   Blake2b384HmacGeneral = CKM_BLAKE2B_384_HMAC_GENERAL,

   Blake2b384KeyDerive = CKM_BLAKE2B_384_KEY_DERIVE,

   Blake2b384KeyGen = CKM_BLAKE2B_384_KEY_GEN,

   Blake2b512 = CKM_BLAKE2B_512,

   Blake2b512Hmac = CKM_BLAKE2B_512_HMAC,

   Blake2b512HmacGeneral = CKM_BLAKE2B_512_HMAC_GENERAL,

   Blake2b512KeyDerive = CKM_BLAKE2B_512_KEY_DERIVE,

   Blake2b512KeyGen = CKM_BLAKE2B_512_KEY_GEN,

   Salsa20 = CKM_SALSA20,

   Chacha20Poly1305 = CKM_CHACHA20_POLY1305,

   Salsa20Poly1305 = CKM_SALSA20_POLY1305,

   X3dhInitialize = CKM_X3DH_INITIALIZE,

   X3dhRespond = CKM_X3DH_RESPOND,

   X2ratchetInitialize = CKM_X2RATCHET_INITIALIZE,

   X2ratchetRespond = CKM_X2RATCHET_RESPOND,

   X2ratchetEncrypt = CKM_X2RATCHET_ENCRYPT,

   X2ratchetDecrypt = CKM_X2RATCHET_DECRYPT,

   Xeddsa = CKM_XEDDSA,

   HkdfDerive = CKM_HKDF_DERIVE,

   HkdfData = CKM_HKDF_DATA,

   HkdfKeyGen = CKM_HKDF_KEY_GEN,

   Salsa20_KeyGen = CKM_SALSA20_KEY_GEN,

   EcdsaSha3_224 = CKM_ECDSA_SHA3_224,

   EcdsaSha3_256 = CKM_ECDSA_SHA3_256,

   EcdsaSha3_384 = CKM_ECDSA_SHA3_384,

   EcdsaSha3_512 = CKM_ECDSA_SHA3_512,

   EcEdwardsKeyPairGen = CKM_EC_EDWARDS_KEY_PAIR_GEN,

   EcMontgomeryKeyPairGen = CKM_EC_MONTGOMERY_KEY_PAIR_GEN,

   Eddsa = CKM_EDDSA,

   Sp800_108CounterKdf = CKM_SP800_108_COUNTER_KDF,

   Sp800_108FeedbackKdf = CKM_SP800_108_FEEDBACK_KDF,

   Sp800_108DoublePipelineKdf = CKM_SP800_108_DOUBLE_PIPELINE_KDF,

   Ike2PrfPlusDerive = CKM_IKE2_PRF_PLUS_DERIVE,

   IkePrfDerive = CKM_IKE_PRF_DERIVE,

   Ike1PrfDerive = CKM_IKE1_PRF_DERIVE,

   Ike1ExtendedDerive = CKM_IKE1_EXTENDED_DERIVE,

   HssKeyPairGen = CKM_HSS_KEY_PAIR_GEN,

   Hss = CKM_HSS,

   XmssKeyPairGen = CKM_XMSS_KEY_PAIR_GEN,

   XmssmtKeyPairGen = CKM_XMSSMT_KEY_PAIR_GEN,

   Xmss = CKM_XMSS,

   Xmssmt = CKM_XMSSMT,

   EcdhXAesKeyWrap = CKM_ECDH_X_AES_KEY_WRAP,

   EcdhCofAesKeyWrap = CKM_ECDH_COF_AES_KEY_WRAP,

   PubKeyFromPrivKey = CKM_PUB_KEY_FROM_PRIV_KEY,

   MlKemKeyPairGen = CKM_ML_KEM_KEY_PAIR_GEN,

   MlKem = CKM_ML_KEM,

   MlDsaKeyPairGen = CKM_ML_DSA_KEY_PAIR_GEN,

   MlDsa = CKM_ML_DSA,

   HashMlDsa = CKM_HASH_ML_DSA,

   HashMlDsaSha224 = CKM_HASH_ML_DSA_SHA224,

   HashMlDsaSha256 = CKM_HASH_ML_DSA_SHA256,

   HashMlDsaSha384 = CKM_HASH_ML_DSA_SHA384,

   HashMlDsaSha512 = CKM_HASH_ML_DSA_SHA512,

   HashMlDsaSha3_224 = CKM_HASH_ML_DSA_SHA3_224,

   HashMlDsaSha3_256 = CKM_HASH_ML_DSA_SHA3_256,

   HashMlDsaSha3_384 = CKM_HASH_ML_DSA_SHA3_384,

   HashMlDsaSha3_512 = CKM_HASH_ML_DSA_SHA3_512,

   HashMlDsaShake128 = CKM_HASH_ML_DSA_SHAKE128,

   HashMlDsaShake256 = CKM_HASH_ML_DSA_SHAKE256,

   SlhDsaKeyPairGen = CKM_SLH_DSA_KEY_PAIR_GEN,

   SlhDsa = CKM_SLH_DSA,

   HashSlhDsa = CKM_HASH_SLH_DSA,

   HashSlhDsaSha224 = CKM_HASH_SLH_DSA_SHA224,

   HashSlhDsaSha256 = CKM_HASH_SLH_DSA_SHA256,

   HashSlhDsaSha384 = CKM_HASH_SLH_DSA_SHA384,

   HashSlhDsaSha512 = CKM_HASH_SLH_DSA_SHA512,

   HashSlhDsaSha3_224 = CKM_HASH_SLH_DSA_SHA3_224,

   HashSlhDsaSha3_256 = CKM_HASH_SLH_DSA_SHA3_256,

   HashSlhDsaSha3_384 = CKM_HASH_SLH_DSA_SHA3_384,

   HashSlhDsaSha3_512 = CKM_HASH_SLH_DSA_SHA3_512,

   HashSlhDsaShake128 = CKM_HASH_SLH_DSA_SHAKE128,

   HashSlhDsaShake256 = CKM_HASH_SLH_DSA_SHAKE256,

   Tls12ExtendedMasterKeyDerive = CKM_TLS12_EXTENDED_MASTER_KEY_DERIVE,

   Tls12ExtendedMasterKeyDeriveDh = CKM_TLS12_EXTENDED_MASTER_KEY_DERIVE_DH,

   VendorDefined = CKM_VENDOR_DEFINED,

};

enum class Notification : CK_NOTIFICATION {

   Surrender = CKN_SURRENDER,

   OtpChanged = CKN_OTP_CHANGED,

};

enum class ObjectClass : CK_OBJECT_CLASS {

   Data = CKO_DATA,

   Certificate = CKO_CERTIFICATE,

   PublicKey = CKO_PUBLIC_KEY,

   PrivateKey = CKO_PRIVATE_KEY,

   SecretKey = CKO_SECRET_KEY,

   HwFeature = CKO_HW_FEATURE,

   DomainParameters = CKO_DOMAIN_PARAMETERS,

   Mechanism = CKO_MECHANISM,

   OtpKey = CKO_OTP_KEY,

   Profile = CKO_PROFILE,

   Validation = CKO_VALIDATION,

   Trust = CKO_TRUST,

   VendorDefined = CKO_VENDOR_DEFINED,

};

enum class PseudoRandom : CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE {

   Pkcs5Pbkd2HmacSha1 = CKP_PKCS5_PBKD2_HMAC_SHA1,

   Pkcs5Pbkd2HmacGostr3411 = CKP_PKCS5_PBKD2_HMAC_GOSTR3411,

   Pkcs5Pbkd2HmacSha224 = CKP_PKCS5_PBKD2_HMAC_SHA224,

   Pkcs5Pbkd2HmacSha256 = CKP_PKCS5_PBKD2_HMAC_SHA256,

   Pkcs5Pbkd2HmacSha384 = CKP_PKCS5_PBKD2_HMAC_SHA384,

   Pkcs5Pbkd2HmacSha512 = CKP_PKCS5_PBKD2_HMAC_SHA512,

   Pkcs5Pbkd2HmacSha512224 = CKP_PKCS5_PBKD2_HMAC_SHA512_224,

   Pkcs5Pbkd2HmacSha512256 = CKP_PKCS5_PBKD2_HMAC_SHA512_256,

};

enum class MlDsaParameterSet : CK_ML_DSA_PARAMETER_SET_TYPE {

   MlDsa44 = CKP_ML_DSA_44,

   MlDsa65 = CKP_ML_DSA_65,

   MlDsa87 = CKP_ML_DSA_87,

};

enum class SlhDsaParameterSet : CK_SLH_DSA_PARAMETER_SET_TYPE {

   SlhDsaSha2_128s = CKP_SLH_DSA_SHA2_128S,

   SlhDsaShake128s = CKP_SLH_DSA_SHAKE_128S,

   SlhDsaSha2_128f = CKP_SLH_DSA_SHA2_128F,

   SlhDsaShake128f = CKP_SLH_DSA_SHAKE_128F,

   SlhDsaSha2_192s = CKP_SLH_DSA_SHA2_192S,

   SlhDsaShake192s = CKP_SLH_DSA_SHAKE_192S,

   SlhDsaSha2_192f = CKP_SLH_DSA_SHA2_192F,

   SlhDsaShake192f = CKP_SLH_DSA_SHAKE_192F,

   SlhDsaSha2_256s = CKP_SLH_DSA_SHA2_256S,

   SlhDsaShake256s = CKP_SLH_DSA_SHAKE_256S,

   SlhDsaSha2_256f = CKP_SLH_DSA_SHA2_256F,

   SlhDsaShake256f = CKP_SLH_DSA_SHAKE_256F,

};

enum class MlKemParameterSet : CK_ML_KEM_PARAMETER_SET_TYPE {

   MlKem512 = CKP_ML_KEM_512,

   MlKem768 = CKP_ML_KEM_768,

   MlKem1024 = CKP_ML_KEM_1024,

};

enum class SessionState : CK_STATE {

   RoPublicSession = CKS_RO_PUBLIC_SESSION,

   RoUserFunctions = CKS_RO_USER_FUNCTIONS,

   RwPublicSession = CKS_RW_PUBLIC_SESSION,

   RwUserFunctions = CKS_RW_USER_FUNCTIONS,

   RwSoFunctions = CKS_RW_SO_FUNCTIONS,

};

enum class ReturnValue : CK_RV {

   OK = CKR_OK,

   Cancel = CKR_CANCEL,

   HostMemory = CKR_HOST_MEMORY,

   SlotIdInvalid = CKR_SLOT_ID_INVALID,

   GeneralError = CKR_GENERAL_ERROR,

   FunctionFailed = CKR_FUNCTION_FAILED,

   ArgumentsBad = CKR_ARGUMENTS_BAD,

   NoEvent = CKR_NO_EVENT,

   NeedToCreateThreads = CKR_NEED_TO_CREATE_THREADS,

   CantLock = CKR_CANT_LOCK,

   AttributeReadOnly = CKR_ATTRIBUTE_READ_ONLY,

   AttributeSensitive = CKR_ATTRIBUTE_SENSITIVE,

   AttributeTypeInvalid = CKR_ATTRIBUTE_TYPE_INVALID,

   AttributeValueInvalid = CKR_ATTRIBUTE_VALUE_INVALID,

   ActionProhibited = CKR_ACTION_PROHIBITED,

   DataInvalid = CKR_DATA_INVALID,

   DataLenRange = CKR_DATA_LEN_RANGE,

   DeviceError = CKR_DEVICE_ERROR,

   DeviceMemory = CKR_DEVICE_MEMORY,

   DeviceRemoved = CKR_DEVICE_REMOVED,

   EncryptedDataInvalid = CKR_ENCRYPTED_DATA_INVALID,

   EncryptedDataLenRange = CKR_ENCRYPTED_DATA_LEN_RANGE,

   AeadDecryptFailed = CKR_AEAD_DECRYPT_FAILED,

   FunctionCanceled = CKR_FUNCTION_CANCELED,

   FunctionNotParallel = CKR_FUNCTION_NOT_PARALLEL,

   FunctionNotSupported = CKR_FUNCTION_NOT_SUPPORTED,

   KeyHandleInvalid = CKR_KEY_HANDLE_INVALID,

   KeySizeRange = CKR_KEY_SIZE_RANGE,

   KeyTypeInconsistent = CKR_KEY_TYPE_INCONSISTENT,

   KeyNotNeeded = CKR_KEY_NOT_NEEDED,

   KeyChanged = CKR_KEY_CHANGED,

   KeyNeeded = CKR_KEY_NEEDED,

   KeyIndigestible = CKR_KEY_INDIGESTIBLE,

   KeyFunctionNotPermitted = CKR_KEY_FUNCTION_NOT_PERMITTED,

   KeyNotWrappable = CKR_KEY_NOT_WRAPPABLE,

   KeyUnextractable = CKR_KEY_UNEXTRACTABLE,

   MechanismInvalid = CKR_MECHANISM_INVALID,

   MechanismParamInvalid = CKR_MECHANISM_PARAM_INVALID,

   ObjectHandleInvalid = CKR_OBJECT_HANDLE_INVALID,

   OperationActive = CKR_OPERATION_ACTIVE,

   OperationNotInitialized = CKR_OPERATION_NOT_INITIALIZED,

   PinIncorrect = CKR_PIN_INCORRECT,

   PinInvalid = CKR_PIN_INVALID,

   PinLenRange = CKR_PIN_LEN_RANGE,

   PinExpired = CKR_PIN_EXPIRED,

   PinLocked = CKR_PIN_LOCKED,

   SessionClosed = CKR_SESSION_CLOSED,

   SessionCount = CKR_SESSION_COUNT,

   SessionHandleInvalid = CKR_SESSION_HANDLE_INVALID,

   SessionParallelNotSupported = CKR_SESSION_PARALLEL_NOT_SUPPORTED,

   SessionReadOnly = CKR_SESSION_READ_ONLY,

   SessionExists = CKR_SESSION_EXISTS,

   SessionReadOnlyExists = CKR_SESSION_READ_ONLY_EXISTS,

   SessionReadWriteSoExists = CKR_SESSION_READ_WRITE_SO_EXISTS,

   SignatureInvalid = CKR_SIGNATURE_INVALID,

   SignatureLenRange = CKR_SIGNATURE_LEN_RANGE,

   TemplateIncomplete = CKR_TEMPLATE_INCOMPLETE,

   TemplateInconsistent = CKR_TEMPLATE_INCONSISTENT,

   TokenNotPresent = CKR_TOKEN_NOT_PRESENT,

   TokenNotRecognized = CKR_TOKEN_NOT_RECOGNIZED,

   TokenWriteProtected = CKR_TOKEN_WRITE_PROTECTED,

   UnwrappingKeyHandleInvalid = CKR_UNWRAPPING_KEY_HANDLE_INVALID,

   UnwrappingKeySizeRange = CKR_UNWRAPPING_KEY_SIZE_RANGE,

   UnwrappingKeyTypeInconsistent = CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT,

   UserAlreadyLoggedIn = CKR_USER_ALREADY_LOGGED_IN,

   UserNotLoggedIn = CKR_USER_NOT_LOGGED_IN,

   UserPinNotInitialized = CKR_USER_PIN_NOT_INITIALIZED,

   UserTypeInvalid = CKR_USER_TYPE_INVALID,

   UserAnotherAlreadyLoggedIn = CKR_USER_ANOTHER_ALREADY_LOGGED_IN,

   UserTooManyTypes = CKR_USER_TOO_MANY_TYPES,

   WrappedKeyInvalid = CKR_WRAPPED_KEY_INVALID,

   WrappedKeyLenRange = CKR_WRAPPED_KEY_LEN_RANGE,

   WrappingKeyHandleInvalid = CKR_WRAPPING_KEY_HANDLE_INVALID,

   WrappingKeySizeRange = CKR_WRAPPING_KEY_SIZE_RANGE,

   WrappingKeyTypeInconsistent = CKR_WRAPPING_KEY_TYPE_INCONSISTENT,

   RandomSeedNotSupported = CKR_RANDOM_SEED_NOT_SUPPORTED,

   RandomNoRng = CKR_RANDOM_NO_RNG,

   DomainParamsInvalid = CKR_DOMAIN_PARAMS_INVALID,

   CurveNotSupported = CKR_CURVE_NOT_SUPPORTED,

   BufferTooSmall = CKR_BUFFER_TOO_SMALL,

   SavedStateInvalid = CKR_SAVED_STATE_INVALID,

   InformationSensitive = CKR_INFORMATION_SENSITIVE,

   StateUnsaveable = CKR_STATE_UNSAVEABLE,

   CryptokiNotInitialized = CKR_CRYPTOKI_NOT_INITIALIZED,

   CryptokiAlreadyInitialized = CKR_CRYPTOKI_ALREADY_INITIALIZED,

   MutexBad = CKR_MUTEX_BAD,

   MutexNotLocked = CKR_MUTEX_NOT_LOCKED,

   NewPinMode = CKR_NEW_PIN_MODE,

   NextOtp = CKR_NEXT_OTP,

   ExceededMaxIterations = CKR_EXCEEDED_MAX_ITERATIONS,

   FipsSelfTestFailed = CKR_FIPS_SELF_TEST_FAILED,

   LibraryLoadFailed = CKR_LIBRARY_LOAD_FAILED,

   PinTooWeak = CKR_PIN_TOO_WEAK,

   PublicKeyInvalid = CKR_PUBLIC_KEY_INVALID,

   FunctionRejected = CKR_FUNCTION_REJECTED,

   TokenResourceExceeded = CKR_TOKEN_RESOURCE_EXCEEDED,

   OperationCancelFailed = CKR_OPERATION_CANCEL_FAILED,

   KeyExhausted = CKR_KEY_EXHAUSTED,

   Pending = CKR_PENDING,

   SessionAsyncNotSupported = CKR_SESSION_ASYNC_NOT_SUPPORTED,

   SeedRandomRequired = CKR_SEED_RANDOM_REQUIRED,

   OperationNotValidated = CKR_OPERATION_NOT_VALIDATED,

   TokenNotInitialized = CKR_TOKEN_NOT_INITIALIZED,

   VendorDefined = CKR_VENDOR_DEFINED,

};

enum class UserType : CK_USER_TYPE {

   SO = CKU_SO,

   User = CKU_USER,

   ContextSpecific = CKU_CONTEXT_SPECIFIC,

};

enum class PublicPointEncoding : uint32_t { Raw, Der };

using FunctionList = CK_FUNCTION_LIST;

using FunctionListPtr = CK_FUNCTION_LIST_PTR;

using FunctionList30 = CK_FUNCTION_LIST_3_0;

using FunctionList32 = CK_FUNCTION_LIST_3_2;

using Interface = CK_INTERFACE;

using VoidPtr = CK_VOID_PTR;

using C_InitializeArgs = CK_C_INITIALIZE_ARGS;

using CreateMutex = CK_CREATEMUTEX;

using DestroyMutex = CK_DESTROYMUTEX;

using LockMutex = CK_LOCKMUTEX;

using UnlockMutex = CK_UNLOCKMUTEX;

using Flags = CK_FLAGS;

using Info = CK_INFO;

using Version = CK_VERSION;

using Bbool = CK_BBOOL;

using SlotId = CK_SLOT_ID;

using Ulong = CK_ULONG;

using SlotInfo = CK_SLOT_INFO;

using TokenInfo = CK_TOKEN_INFO;

using Mechanism = CK_MECHANISM;

using MechanismInfo = CK_MECHANISM_INFO;

using Utf8Char = CK_UTF8CHAR;

using Notify = CK_NOTIFY;

using SessionHandle = CK_SESSION_HANDLE;

using SessionInfo = CK_SESSION_INFO;

using Attribute = CK_ATTRIBUTE;