v0.0.0-...-926964d Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Feb 23, 2016 License: BSD-3-Clause, Apache-2.0 Imports: 5 Imported by: 0


PKCS#11 Build Status

This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom were it makes sense. It has been tested with SoftHSM.


  • Make it use a custom configuration file export SOFTHSM_CONF=$PWD/softhsm.conf

  • Then use softhsm to init it

      softhsm --init-token --slot 0 --label test --pin 1234
  • Then use as the pkcs11 module:

      p := pkcs11.New("/usr/lib/softhsm/")


A skeleton program would look somewhat like this (yes, pkcs#11 is verbose):

p := pkcs11.New("/usr/lib/softhsm/")
err := p.Initialize()
if err != nil {

defer p.Destroy()
defer p.Finalize()

slots, err := p.GetSlotList(true)
if err != nil {

session, err := p.OpenSession(slots[0], pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION)
if err != nil {
defer p.CloseSession(session)

err = p.Login(session, pkcs11.CKU_USER, "1234")
if err != nil {
defer p.Logout(session)

p.DigestInit(session, []*pkcs11.Mechanism{pkcs11.NewMechanism(pkcs11.CKM_SHA_1, nil)})
hash, err := p.Digest(session, []byte("this is a string"))
if err != nil {

for _, d := range hash {
        fmt.Printf("%x", d)

Further examples are included in the tests.


  • Fix/double check endian stuff, see types.go NewAttribute()
  • Look at the memory copying in fast functions (sign, hash etc)



Package pkcs11 is a wrapper around the PKCS#11 cryptographic library.



View Source
const (
	CKU_SO               uint = 0
	CKU_USER             uint = 1
View Source
const (
	CKO_DATA              uint = 0x00000000
	CKO_CERTIFICATE       uint = 0x00000001
	CKO_PUBLIC_KEY        uint = 0x00000002
	CKO_PRIVATE_KEY       uint = 0x00000003
	CKO_SECRET_KEY        uint = 0x00000004
	CKO_HW_FEATURE        uint = 0x00000005
	CKO_DOMAIN_PARAMETERS uint = 0x00000006
	CKO_MECHANISM         uint = 0x00000007
	CKO_OTP_KEY           uint = 0x00000008
	CKO_VENDOR_DEFINED    uint = 0x80000000
View Source
const (
	CKF_TOKEN_PRESENT                    = 0x00000001
	CKF_REMOVABLE_DEVICE                 = 0x00000002
	CKF_HW_SLOT                          = 0x00000004
	CKF_RNG                              = 0x00000001
	CKF_WRITE_PROTECTED                  = 0x00000002
	CKF_LOGIN_REQUIRED                   = 0x00000004
	CKF_USER_PIN_INITIALIZED             = 0x00000008
	CKF_RESTORE_KEY_NOT_NEEDED           = 0x00000020
	CKF_CLOCK_ON_TOKEN                   = 0x00000040
	CKF_DUAL_CRYPTO_OPERATIONS           = 0x00000200
	CKF_TOKEN_INITIALIZED                = 0x00000400
	CKF_USER_PIN_COUNT_LOW               = 0x00010000
	CKF_USER_PIN_FINAL_TRY               = 0x00020000
	CKF_USER_PIN_LOCKED                  = 0x00040000
	CKF_USER_PIN_TO_BE_CHANGED           = 0x00080000
	CKF_SO_PIN_COUNT_LOW                 = 0x00100000
	CKF_SO_PIN_FINAL_TRY                 = 0x00200000
	CKF_SO_PIN_LOCKED                    = 0x00400000
	CKF_SO_PIN_TO_BE_CHANGED             = 0x00800000
	CKF_RW_SESSION                       = 0x00000002
	CKF_SERIAL_SESSION                   = 0x00000004
	CKK_RSA                              = 0x00000000
	CKK_DSA                              = 0x00000001
	CKK_DH                               = 0x00000002
	CKK_ECDSA                            = 0x00000003
	CKK_EC                               = 0x00000003
	CKK_X9_42_DH                         = 0x00000004
	CKK_KEA                              = 0x00000005
	CKK_GENERIC_SECRET                   = 0x00000010
	CKK_RC2                              = 0x00000011
	CKK_RC4                              = 0x00000012
	CKK_DES                              = 0x00000013
	CKK_DES2                             = 0x00000014
	CKK_DES3                             = 0x00000015
	CKK_CAST                             = 0x00000016
	CKK_CAST3                            = 0x00000017
	CKK_CAST5                            = 0x00000018
	CKK_CAST128                          = 0x00000018
	CKK_RC5                              = 0x00000019
	CKK_IDEA                             = 0x0000001A
	CKK_SKIPJACK                         = 0x0000001B
	CKK_BATON                            = 0x0000001C
	CKK_JUNIPER                          = 0x0000001D
	CKK_CDMF                             = 0x0000001E
	CKK_AES                              = 0x0000001F
	CKK_BLOWFISH                         = 0x00000020
	CKK_TWOFISH                          = 0x00000021
	CKK_SECURID                          = 0x00000022
	CKK_HOTP                             = 0x00000023
	CKK_ACTI                             = 0x00000024
	CKK_CAMELLIA                         = 0x00000025
	CKK_ARIA                             = 0x00000026
	CKK_VENDOR_DEFINED                   = 0x80000000
	CKC_X_509                            = 0x00000000
	CKC_X_509_ATTR_CERT                  = 0x00000001
	CKC_WTLS                             = 0x00000002
	CKC_VENDOR_DEFINED                   = 0x80000000
	CKF_ARRAY_ATTRIBUTE                  = 0x40000000
	CKA_CLASS                            = 0x00000000
	CKA_TOKEN                            = 0x00000001
	CKA_PRIVATE                          = 0x00000002
	CKA_LABEL                            = 0x00000003
	CKA_APPLICATION                      = 0x00000010
	CKA_VALUE                            = 0x00000011
	CKA_OBJECT_ID                        = 0x00000012
	CKA_CERTIFICATE_TYPE                 = 0x00000080
	CKA_ISSUER                           = 0x00000081
	CKA_SERIAL_NUMBER                    = 0x00000082
	CKA_AC_ISSUER                        = 0x00000083
	CKA_OWNER                            = 0x00000084
	CKA_ATTR_TYPES                       = 0x00000085
	CKA_TRUSTED                          = 0x00000086
	CKA_CERTIFICATE_CATEGORY             = 0x00000087
	CKA_JAVA_MIDP_SECURITY_DOMAIN        = 0x00000088
	CKA_URL                              = 0x00000089
	CKA_HASH_OF_ISSUER_PUBLIC_KEY        = 0x0000008B
	CKA_CHECK_VALUE                      = 0x00000090
	CKA_KEY_TYPE                         = 0x00000100
	CKA_SUBJECT                          = 0x00000101
	CKA_ID                               = 0x00000102
	CKA_SENSITIVE                        = 0x00000103
	CKA_ENCRYPT                          = 0x00000104
	CKA_DECRYPT                          = 0x00000105
	CKA_WRAP                             = 0x00000106
	CKA_UNWRAP                           = 0x00000107
	CKA_SIGN                             = 0x00000108
	CKA_SIGN_RECOVER                     = 0x00000109
	CKA_VERIFY                           = 0x0000010A
	CKA_VERIFY_RECOVER                   = 0x0000010B
	CKA_DERIVE                           = 0x0000010C
	CKA_START_DATE                       = 0x00000110
	CKA_END_DATE                         = 0x00000111
	CKA_MODULUS                          = 0x00000120
	CKA_MODULUS_BITS                     = 0x00000121
	CKA_PUBLIC_EXPONENT                  = 0x00000122
	CKA_PRIVATE_EXPONENT                 = 0x00000123
	CKA_PRIME_1                          = 0x00000124
	CKA_PRIME_2                          = 0x00000125
	CKA_EXPONENT_1                       = 0x00000126
	CKA_EXPONENT_2                       = 0x00000127
	CKA_COEFFICIENT                      = 0x00000128
	CKA_PRIME                            = 0x00000130
	CKA_SUBPRIME                         = 0x00000131
	CKA_BASE                             = 0x00000132
	CKA_PRIME_BITS                       = 0x00000133
	CKA_SUBPRIME_BITS                    = 0x00000134
	CKA_VALUE_BITS                       = 0x00000160
	CKA_VALUE_LEN                        = 0x00000161
	CKA_EXTRACTABLE                      = 0x00000162
	CKA_LOCAL                            = 0x00000163
	CKA_NEVER_EXTRACTABLE                = 0x00000164
	CKA_ALWAYS_SENSITIVE                 = 0x00000165
	CKA_KEY_GEN_MECHANISM                = 0x00000166
	CKA_MODIFIABLE                       = 0x00000170
	CKA_ECDSA_PARAMS                     = 0x00000180
	CKA_EC_PARAMS                        = 0x00000180
	CKA_EC_POINT                         = 0x00000181
	CKA_SECONDARY_AUTH                   = 0x00000200
	CKA_AUTH_PIN_FLAGS                   = 0x00000201
	CKA_ALWAYS_AUTHENTICATE              = 0x00000202
	CKA_WRAP_WITH_TRUSTED                = 0x00000210
	CKA_WRAP_TEMPLATE                    = (CKF_ARRAY_ATTRIBUTE | 0x00000211)
	CKA_UNWRAP_TEMPLATE                  = (CKF_ARRAY_ATTRIBUTE | 0x00000212)
	CKA_OTP_FORMAT                       = 0x00000220
	CKA_OTP_LENGTH                       = 0x00000221
	CKA_OTP_TIME_INTERVAL                = 0x00000222
	CKA_OTP_USER_FRIENDLY_MODE           = 0x00000223
	CKA_OTP_TIME_REQUIREMENT             = 0x00000225
	CKA_OTP_COUNTER_REQUIREMENT          = 0x00000226
	CKA_OTP_PIN_REQUIREMENT              = 0x00000227
	CKA_OTP_COUNTER                      = 0x0000022E
	CKA_OTP_TIME                         = 0x0000022F
	CKA_OTP_USER_IDENTIFIER              = 0x0000022A
	CKA_OTP_SERVICE_IDENTIFIER           = 0x0000022B
	CKA_OTP_SERVICE_LOGO_TYPE            = 0x0000022D
	CKA_HW_FEATURE_TYPE                  = 0x00000300
	CKA_RESET_ON_INIT                    = 0x00000301
	CKA_HAS_RESET                        = 0x00000302
	CKA_PIXEL_X                          = 0x00000400
	CKA_PIXEL_Y                          = 0x00000401
	CKA_RESOLUTION                       = 0x00000402
	CKA_CHAR_ROWS                        = 0x00000403
	CKA_CHAR_COLUMNS                     = 0x00000404
	CKA_COLOR                            = 0x00000405
	CKA_BITS_PER_PIXEL                   = 0x00000406
	CKA_CHAR_SETS                        = 0x00000480
	CKA_ENCODING_METHODS                 = 0x00000481
	CKA_MIME_TYPES                       = 0x00000482
	CKA_MECHANISM_TYPE                   = 0x00000500
	CKA_REQUIRED_CMS_ATTRIBUTES          = 0x00000501
	CKA_DEFAULT_CMS_ATTRIBUTES           = 0x00000502
	CKA_SUPPORTED_CMS_ATTRIBUTES         = 0x00000503
	CKA_ALLOWED_MECHANISMS               = (CKF_ARRAY_ATTRIBUTE | 0x00000600)
	CKA_VENDOR_DEFINED                   = 0x80000000
	CKM_RSA_PKCS_KEY_PAIR_GEN            = 0x00000000
	CKM_RSA_PKCS                         = 0x00000001
	CKM_RSA_9796                         = 0x00000002
	CKM_RSA_X_509                        = 0x00000003
	CKM_MD2_RSA_PKCS                     = 0x00000004
	CKM_MD5_RSA_PKCS                     = 0x00000005
	CKM_SHA1_RSA_PKCS                    = 0x00000006
	CKM_RIPEMD128_RSA_PKCS               = 0x00000007
	CKM_RIPEMD160_RSA_PKCS               = 0x00000008
	CKM_RSA_PKCS_OAEP                    = 0x00000009
	CKM_RSA_X9_31_KEY_PAIR_GEN           = 0x0000000A
	CKM_RSA_X9_31                        = 0x0000000B
	CKM_SHA1_RSA_X9_31                   = 0x0000000C
	CKM_RSA_PKCS_PSS                     = 0x0000000D
	CKM_SHA1_RSA_PKCS_PSS                = 0x0000000E
	CKM_DSA_KEY_PAIR_GEN                 = 0x00000010
	CKM_DSA                              = 0x00000011
	CKM_DSA_SHA1                         = 0x00000012
	CKM_DH_PKCS_KEY_PAIR_GEN             = 0x00000020
	CKM_DH_PKCS_DERIVE                   = 0x00000021
	CKM_X9_42_DH_KEY_PAIR_GEN            = 0x00000030
	CKM_X9_42_DH_DERIVE                  = 0x00000031
	CKM_X9_42_DH_HYBRID_DERIVE           = 0x00000032
	CKM_X9_42_MQV_DERIVE                 = 0x00000033
	CKM_SHA256_RSA_PKCS                  = 0x00000040
	CKM_SHA384_RSA_PKCS                  = 0x00000041
	CKM_SHA512_RSA_PKCS                  = 0x00000042
	CKM_SHA256_RSA_PKCS_PSS              = 0x00000043
	CKM_SHA384_RSA_PKCS_PSS              = 0x00000044
	CKM_SHA512_RSA_PKCS_PSS              = 0x00000045
	CKM_SHA224_RSA_PKCS                  = 0x00000046
	CKM_SHA224_RSA_PKCS_PSS              = 0x00000047
	CKM_RC2_KEY_GEN                      = 0x00000100
	CKM_RC2_ECB                          = 0x00000101
	CKM_RC2_CBC                          = 0x00000102
	CKM_RC2_MAC                          = 0x00000103
	CKM_RC2_MAC_GENERAL                  = 0x00000104
	CKM_RC2_CBC_PAD                      = 0x00000105
	CKM_RC4_KEY_GEN                      = 0x00000110
	CKM_RC4                              = 0x00000111
	CKM_DES_KEY_GEN                      = 0x00000120
	CKM_DES_ECB                          = 0x00000121
	CKM_DES_CBC                          = 0x00000122
	CKM_DES_MAC                          = 0x00000123
	CKM_DES_MAC_GENERAL                  = 0x00000124
	CKM_DES_CBC_PAD                      = 0x00000125
	CKM_DES2_KEY_GEN                     = 0x00000130
	CKM_DES3_KEY_GEN                     = 0x00000131
	CKM_DES3_ECB                         = 0x00000132
	CKM_DES3_CBC                         = 0x00000133
	CKM_DES3_MAC                         = 0x00000134
	CKM_DES3_MAC_GENERAL                 = 0x00000135
	CKM_DES3_CBC_PAD                     = 0x00000136
	CKM_CDMF_KEY_GEN                     = 0x00000140
	CKM_CDMF_ECB                         = 0x00000141
	CKM_CDMF_CBC                         = 0x00000142
	CKM_CDMF_MAC                         = 0x00000143
	CKM_CDMF_MAC_GENERAL                 = 0x00000144
	CKM_CDMF_CBC_PAD                     = 0x00000145
	CKM_DES_OFB64                        = 0x00000150
	CKM_DES_OFB8                         = 0x00000151
	CKM_DES_CFB64                        = 0x00000152
	CKM_DES_CFB8                         = 0x00000153
	CKM_MD2                              = 0x00000200
	CKM_MD2_HMAC                         = 0x00000201
	CKM_MD2_HMAC_GENERAL                 = 0x00000202
	CKM_MD5                              = 0x00000210
	CKM_MD5_HMAC                         = 0x00000211
	CKM_MD5_HMAC_GENERAL                 = 0x00000212
	CKM_SHA_1                            = 0x00000220
	CKM_SHA_1_HMAC                       = 0x00000221
	CKM_SHA_1_HMAC_GENERAL               = 0x00000222
	CKM_RIPEMD128                        = 0x00000230
	CKM_RIPEMD128_HMAC                   = 0x00000231
	CKM_RIPEMD128_HMAC_GENERAL           = 0x00000232
	CKM_RIPEMD160                        = 0x00000240
	CKM_RIPEMD160_HMAC                   = 0x00000241
	CKM_RIPEMD160_HMAC_GENERAL           = 0x00000242
	CKM_SHA256                           = 0x00000250
	CKM_SHA256_HMAC                      = 0x00000251
	CKM_SHA256_HMAC_GENERAL              = 0x00000252
	CKM_SHA224                           = 0x00000255
	CKM_SHA224_HMAC                      = 0x00000256
	CKM_SHA224_HMAC_GENERAL              = 0x00000257
	CKM_SHA384                           = 0x00000260
	CKM_SHA384_HMAC                      = 0x00000261
	CKM_SHA384_HMAC_GENERAL              = 0x00000262
	CKM_SHA512                           = 0x00000270
	CKM_SHA512_HMAC                      = 0x00000271
	CKM_SHA512_HMAC_GENERAL              = 0x00000272
	CKM_SECURID_KEY_GEN                  = 0x00000280
	CKM_SECURID                          = 0x00000282
	CKM_HOTP_KEY_GEN                     = 0x00000290
	CKM_HOTP                             = 0x00000291
	CKM_ACTI                             = 0x000002A0
	CKM_ACTI_KEY_GEN                     = 0x000002A1
	CKM_CAST_KEY_GEN                     = 0x00000300
	CKM_CAST_ECB                         = 0x00000301
	CKM_CAST_CBC                         = 0x00000302
	CKM_CAST_MAC                         = 0x00000303
	CKM_CAST_MAC_GENERAL                 = 0x00000304
	CKM_CAST_CBC_PAD                     = 0x00000305
	CKM_CAST3_KEY_GEN                    = 0x00000310
	CKM_CAST3_ECB                        = 0x00000311
	CKM_CAST3_CBC                        = 0x00000312
	CKM_CAST3_MAC                        = 0x00000313
	CKM_CAST3_MAC_GENERAL                = 0x00000314
	CKM_CAST3_CBC_PAD                    = 0x00000315
	CKM_CAST5_KEY_GEN                    = 0x00000320
	CKM_CAST128_KEY_GEN                  = 0x00000320
	CKM_CAST5_ECB                        = 0x00000321
	CKM_CAST128_ECB                      = 0x00000321
	CKM_CAST5_CBC                        = 0x00000322
	CKM_CAST128_CBC                      = 0x00000322
	CKM_CAST5_MAC                        = 0x00000323
	CKM_CAST128_MAC                      = 0x00000323
	CKM_CAST5_MAC_GENERAL                = 0x00000324
	CKM_CAST128_MAC_GENERAL              = 0x00000324
	CKM_CAST5_CBC_PAD                    = 0x00000325
	CKM_CAST128_CBC_PAD                  = 0x00000325
	CKM_RC5_KEY_GEN                      = 0x00000330
	CKM_RC5_ECB                          = 0x00000331
	CKM_RC5_CBC                          = 0x00000332
	CKM_RC5_MAC                          = 0x00000333
	CKM_RC5_MAC_GENERAL                  = 0x00000334
	CKM_RC5_CBC_PAD                      = 0x00000335
	CKM_IDEA_KEY_GEN                     = 0x00000340
	CKM_IDEA_ECB                         = 0x00000341
	CKM_IDEA_CBC                         = 0x00000342
	CKM_IDEA_MAC                         = 0x00000343
	CKM_IDEA_MAC_GENERAL                 = 0x00000344
	CKM_IDEA_CBC_PAD                     = 0x00000345
	CKM_GENERIC_SECRET_KEY_GEN           = 0x00000350
	CKM_CONCATENATE_BASE_AND_KEY         = 0x00000360
	CKM_CONCATENATE_BASE_AND_DATA        = 0x00000362
	CKM_CONCATENATE_DATA_AND_BASE        = 0x00000363
	CKM_XOR_BASE_AND_DATA                = 0x00000364
	CKM_EXTRACT_KEY_FROM_KEY             = 0x00000365
	CKM_SSL3_PRE_MASTER_KEY_GEN          = 0x00000370
	CKM_SSL3_MASTER_KEY_DERIVE           = 0x00000371
	CKM_SSL3_KEY_AND_MAC_DERIVE          = 0x00000372
	CKM_SSL3_MASTER_KEY_DERIVE_DH        = 0x00000373
	CKM_TLS_PRE_MASTER_KEY_GEN           = 0x00000374
	CKM_TLS_MASTER_KEY_DERIVE            = 0x00000375
	CKM_TLS_KEY_AND_MAC_DERIVE           = 0x00000376
	CKM_TLS_MASTER_KEY_DERIVE_DH         = 0x00000377
	CKM_TLS_PRF                          = 0x00000378
	CKM_SSL3_MD5_MAC                     = 0x00000380
	CKM_SSL3_SHA1_MAC                    = 0x00000381
	CKM_MD5_KEY_DERIVATION               = 0x00000390
	CKM_MD2_KEY_DERIVATION               = 0x00000391
	CKM_SHA1_KEY_DERIVATION              = 0x00000392
	CKM_SHA256_KEY_DERIVATION            = 0x00000393
	CKM_SHA384_KEY_DERIVATION            = 0x00000394
	CKM_SHA512_KEY_DERIVATION            = 0x00000395
	CKM_SHA224_KEY_DERIVATION            = 0x00000396
	CKM_PBE_MD2_DES_CBC                  = 0x000003A0
	CKM_PBE_MD5_DES_CBC                  = 0x000003A1
	CKM_PBE_MD5_CAST_CBC                 = 0x000003A2
	CKM_PBE_MD5_CAST3_CBC                = 0x000003A3
	CKM_PBE_MD5_CAST5_CBC                = 0x000003A4
	CKM_PBE_MD5_CAST128_CBC              = 0x000003A4
	CKM_PBE_SHA1_CAST5_CBC               = 0x000003A5
	CKM_PBE_SHA1_CAST128_CBC             = 0x000003A5
	CKM_PBE_SHA1_RC4_128                 = 0x000003A6
	CKM_PBE_SHA1_RC4_40                  = 0x000003A7
	CKM_PBE_SHA1_DES3_EDE_CBC            = 0x000003A8
	CKM_PBE_SHA1_DES2_EDE_CBC            = 0x000003A9
	CKM_PBE_SHA1_RC2_128_CBC             = 0x000003AA
	CKM_PBE_SHA1_RC2_40_CBC              = 0x000003AB
	CKM_PKCS5_PBKD2                      = 0x000003B0
	CKM_PBA_SHA1_WITH_SHA1_HMAC          = 0x000003C0
	CKM_WTLS_PRE_MASTER_KEY_GEN          = 0x000003D0
	CKM_WTLS_MASTER_KEY_DERIVE           = 0x000003D1
	CKM_WTLS_PRF                         = 0x000003D3
	CKM_KEY_WRAP_LYNKS                   = 0x00000400
	CKM_KEY_WRAP_SET_OAEP                = 0x00000401
	CKM_CMS_SIG                          = 0x00000500
	CKM_KIP_DERIVE                       = 0x00000510
	CKM_KIP_WRAP                         = 0x00000511
	CKM_KIP_MAC                          = 0x00000512
	CKM_CAMELLIA_KEY_GEN                 = 0x00000550
	CKM_CAMELLIA_ECB                     = 0x00000551
	CKM_CAMELLIA_CBC                     = 0x00000552
	CKM_CAMELLIA_MAC                     = 0x00000553
	CKM_CAMELLIA_MAC_GENERAL             = 0x00000554
	CKM_CAMELLIA_CBC_PAD                 = 0x00000555
	CKM_CAMELLIA_ECB_ENCRYPT_DATA        = 0x00000556
	CKM_CAMELLIA_CBC_ENCRYPT_DATA        = 0x00000557
	CKM_CAMELLIA_CTR                     = 0x00000558
	CKM_ARIA_KEY_GEN                     = 0x00000560
	CKM_ARIA_ECB                         = 0x00000561
	CKM_ARIA_CBC                         = 0x00000562
	CKM_ARIA_MAC                         = 0x00000563
	CKM_ARIA_MAC_GENERAL                 = 0x00000564
	CKM_ARIA_CBC_PAD                     = 0x00000565
	CKM_ARIA_ECB_ENCRYPT_DATA            = 0x00000566
	CKM_ARIA_CBC_ENCRYPT_DATA            = 0x00000567
	CKM_SKIPJACK_KEY_GEN                 = 0x00001000
	CKM_SKIPJACK_ECB64                   = 0x00001001
	CKM_SKIPJACK_CBC64                   = 0x00001002
	CKM_SKIPJACK_OFB64                   = 0x00001003
	CKM_SKIPJACK_CFB64                   = 0x00001004
	CKM_SKIPJACK_CFB32                   = 0x00001005
	CKM_SKIPJACK_CFB16                   = 0x00001006
	CKM_SKIPJACK_CFB8                    = 0x00001007
	CKM_SKIPJACK_WRAP                    = 0x00001008
	CKM_SKIPJACK_PRIVATE_WRAP            = 0x00001009
	CKM_SKIPJACK_RELAYX                  = 0x0000100a
	CKM_KEA_KEY_PAIR_GEN                 = 0x00001010
	CKM_KEA_KEY_DERIVE                   = 0x00001011
	CKM_FORTEZZA_TIMESTAMP               = 0x00001020
	CKM_BATON_KEY_GEN                    = 0x00001030
	CKM_BATON_ECB128                     = 0x00001031
	CKM_BATON_ECB96                      = 0x00001032
	CKM_BATON_CBC128                     = 0x00001033
	CKM_BATON_COUNTER                    = 0x00001034
	CKM_BATON_SHUFFLE                    = 0x00001035
	CKM_BATON_WRAP                       = 0x00001036
	CKM_ECDSA_KEY_PAIR_GEN               = 0x00001040
	CKM_EC_KEY_PAIR_GEN                  = 0x00001040
	CKM_ECDSA                            = 0x00001041
	CKM_ECDSA_SHA1                       = 0x00001042
	CKM_ECDH1_DERIVE                     = 0x00001050
	CKM_ECDH1_COFACTOR_DERIVE            = 0x00001051
	CKM_ECMQV_DERIVE                     = 0x00001052
	CKM_JUNIPER_KEY_GEN                  = 0x00001060
	CKM_JUNIPER_ECB128                   = 0x00001061
	CKM_JUNIPER_CBC128                   = 0x00001062
	CKM_JUNIPER_COUNTER                  = 0x00001063
	CKM_JUNIPER_SHUFFLE                  = 0x00001064
	CKM_JUNIPER_WRAP                     = 0x00001065
	CKM_FASTHASH                         = 0x00001070
	CKM_AES_KEY_GEN                      = 0x00001080
	CKM_AES_ECB                          = 0x00001081
	CKM_AES_CBC                          = 0x00001082
	CKM_AES_MAC                          = 0x00001083
	CKM_AES_MAC_GENERAL                  = 0x00001084
	CKM_AES_CBC_PAD                      = 0x00001085
	CKM_AES_CTR                          = 0x00001086
	CKM_BLOWFISH_KEY_GEN                 = 0x00001090
	CKM_BLOWFISH_CBC                     = 0x00001091
	CKM_TWOFISH_KEY_GEN                  = 0x00001092
	CKM_TWOFISH_CBC                      = 0x00001093
	CKM_DES_ECB_ENCRYPT_DATA             = 0x00001100
	CKM_DES_CBC_ENCRYPT_DATA             = 0x00001101
	CKM_DES3_ECB_ENCRYPT_DATA            = 0x00001102
	CKM_DES3_CBC_ENCRYPT_DATA            = 0x00001103
	CKM_AES_ECB_ENCRYPT_DATA             = 0x00001104
	CKM_AES_CBC_ENCRYPT_DATA             = 0x00001105
	CKM_DSA_PARAMETER_GEN                = 0x00002000
	CKM_DH_PKCS_PARAMETER_GEN            = 0x00002001
	CKM_X9_42_DH_PARAMETER_GEN           = 0x00002002
	CKM_VENDOR_DEFINED                   = 0x80000000
	CKF_HW                               = 0x00000001
	CKF_ENCRYPT                          = 0x00000100
	CKF_DECRYPT                          = 0x00000200
	CKF_DIGEST                           = 0x00000400
	CKF_SIGN                             = 0x00000800
	CKF_SIGN_RECOVER                     = 0x00001000
	CKF_VERIFY                           = 0x00002000
	CKF_VERIFY_RECOVER                   = 0x00004000
	CKF_GENERATE                         = 0x00008000
	CKF_GENERATE_KEY_PAIR                = 0x00010000
	CKF_WRAP                             = 0x00020000
	CKF_UNWRAP                           = 0x00040000
	CKF_DERIVE                           = 0x00080000
	CKF_EC_F_P                           = 0x00100000
	CKF_EC_F_2M                          = 0x00200000
	CKF_EC_ECPARAMETERS                  = 0x00400000
	CKF_EC_NAMEDCURVE                    = 0x00800000
	CKF_EC_UNCOMPRESS                    = 0x01000000
	CKF_EC_COMPRESS                      = 0x02000000
	CKF_EXTENSION                        = 0x80000000
	CKR_OK                               = 0x00000000
	CKR_CANCEL                           = 0x00000001
	CKR_HOST_MEMORY                      = 0x00000002
	CKR_SLOT_ID_INVALID                  = 0x00000003
	CKR_GENERAL_ERROR                    = 0x00000005
	CKR_FUNCTION_FAILED                  = 0x00000006
	CKR_ARGUMENTS_BAD                    = 0x00000007
	CKR_NO_EVENT                         = 0x00000008
	CKR_NEED_TO_CREATE_THREADS           = 0x00000009
	CKR_CANT_LOCK                        = 0x0000000A
	CKR_ATTRIBUTE_READ_ONLY              = 0x00000010
	CKR_ATTRIBUTE_SENSITIVE              = 0x00000011
	CKR_ATTRIBUTE_TYPE_INVALID           = 0x00000012
	CKR_ATTRIBUTE_VALUE_INVALID          = 0x00000013
	CKR_DATA_INVALID                     = 0x00000020
	CKR_DATA_LEN_RANGE                   = 0x00000021
	CKR_DEVICE_ERROR                     = 0x00000030
	CKR_DEVICE_MEMORY                    = 0x00000031
	CKR_DEVICE_REMOVED                   = 0x00000032
	CKR_ENCRYPTED_DATA_INVALID           = 0x00000040
	CKR_ENCRYPTED_DATA_LEN_RANGE         = 0x00000041
	CKR_FUNCTION_CANCELED                = 0x00000050
	CKR_FUNCTION_NOT_PARALLEL            = 0x00000051
	CKR_FUNCTION_NOT_SUPPORTED           = 0x00000054
	CKR_KEY_HANDLE_INVALID               = 0x00000060
	CKR_KEY_SIZE_RANGE                   = 0x00000062
	CKR_KEY_TYPE_INCONSISTENT            = 0x00000063
	CKR_KEY_NOT_NEEDED                   = 0x00000064
	CKR_KEY_CHANGED                      = 0x00000065
	CKR_KEY_NEEDED                       = 0x00000066
	CKR_KEY_INDIGESTIBLE                 = 0x00000067
	CKR_KEY_NOT_WRAPPABLE                = 0x00000069
	CKR_KEY_UNEXTRACTABLE                = 0x0000006A
	CKR_MECHANISM_INVALID                = 0x00000070
	CKR_MECHANISM_PARAM_INVALID          = 0x00000071
	CKR_OBJECT_HANDLE_INVALID            = 0x00000082
	CKR_OPERATION_ACTIVE                 = 0x00000090
	CKR_PIN_INCORRECT                    = 0x000000A0
	CKR_PIN_INVALID                      = 0x000000A1
	CKR_PIN_LEN_RANGE                    = 0x000000A2
	CKR_PIN_EXPIRED                      = 0x000000A3
	CKR_PIN_LOCKED                       = 0x000000A4
	CKR_SESSION_CLOSED                   = 0x000000B0
	CKR_SESSION_COUNT                    = 0x000000B1
	CKR_SESSION_HANDLE_INVALID           = 0x000000B3
	CKR_SESSION_READ_ONLY                = 0x000000B5
	CKR_SESSION_EXISTS                   = 0x000000B6
	CKR_SESSION_READ_ONLY_EXISTS         = 0x000000B7
	CKR_SIGNATURE_INVALID                = 0x000000C0
	CKR_SIGNATURE_LEN_RANGE              = 0x000000C1
	CKR_TEMPLATE_INCOMPLETE              = 0x000000D0
	CKR_TEMPLATE_INCONSISTENT            = 0x000000D1
	CKR_TOKEN_NOT_PRESENT                = 0x000000E0
	CKR_TOKEN_NOT_RECOGNIZED             = 0x000000E1
	CKR_TOKEN_WRITE_PROTECTED            = 0x000000E2
	CKR_USER_ALREADY_LOGGED_IN           = 0x00000100
	CKR_USER_NOT_LOGGED_IN               = 0x00000101
	CKR_USER_PIN_NOT_INITIALIZED         = 0x00000102
	CKR_USER_TYPE_INVALID                = 0x00000103
	CKR_USER_TOO_MANY_TYPES              = 0x00000105
	CKR_WRAPPED_KEY_INVALID              = 0x00000110
	CKR_WRAPPED_KEY_LEN_RANGE            = 0x00000112
	CKR_WRAPPING_KEY_SIZE_RANGE          = 0x00000114
	CKR_RANDOM_SEED_NOT_SUPPORTED        = 0x00000120
	CKR_RANDOM_NO_RNG                    = 0x00000121
	CKR_DOMAIN_PARAMS_INVALID            = 0x00000130
	CKR_BUFFER_TOO_SMALL                 = 0x00000150
	CKR_SAVED_STATE_INVALID              = 0x00000160
	CKR_INFORMATION_SENSITIVE            = 0x00000170
	CKR_STATE_UNSAVEABLE                 = 0x00000180
	CKR_CRYPTOKI_NOT_INITIALIZED         = 0x00000190
	CKR_MUTEX_BAD                        = 0x000001A0
	CKR_MUTEX_NOT_LOCKED                 = 0x000001A1
	CKR_NEW_PIN_MODE                     = 0x000001B0
	CKR_NEXT_OTP                         = 0x000001B1
	CKR_FUNCTION_REJECTED                = 0x00000200
	CKR_VENDOR_DEFINED                   = 0x80000000
	CKF_OS_LOCKING_OK                    = 0x00000002
	CKF_DONT_BLOCK                       = 1
	CKF_NEXT_OTP                         = 0x00000001
	CKF_EXCLUDE_TIME                     = 0x00000002
	CKF_EXCLUDE_COUNTER                  = 0x00000004
	CKF_EXCLUDE_CHALLENGE                = 0x00000008
	CKF_EXCLUDE_PIN                      = 0x00000010
	CKF_USER_FRIENDLY_OTP                = 0x00000020

All the flag (CKF_), attribute (CKA_), error code (CKR_), key type (CKK_), certificate type (CKC_) and mechanism (CKM_) constants as defined in PKCS#11.


This section is empty.


This section is empty.


type Attribute

type Attribute struct {
	Type  uint
	Value []byte

Attribute holds an attribute type/value combination.

func NewAttribute

func NewAttribute(typ uint, x interface{}) *Attribute

NewAttribute allocates a Attribute and returns a pointer to it. Note that this is merely a convience function, as values returned from the HSM are not converted back to Go values, those are just raw byte slices.

type Ctx

type Ctx struct {
	// contains filtered or unexported fields

Ctx contains the current pkcs11 context.

func New

func New(module string) *Ctx

New creates a new context and initializes the module/library for use.

func (*Ctx) CloseAllSessions

func (c *Ctx) CloseAllSessions(slotID uint) error

CloseAllSessions closes all sessions with a token.

func (*Ctx) CloseSession

func (c *Ctx) CloseSession(sh SessionHandle) error

CloseSession closes a session between an application and a token.

func (*Ctx) CopyObject

func (c *Ctx) CopyObject(sh SessionHandle, o ObjectHandle, temp []*Attribute) (ObjectHandle, error)

CopyObject copies an object, creating a new object for the copy.

func (*Ctx) CreateObject

func (c *Ctx) CreateObject(sh SessionHandle, temp []*Attribute) (ObjectHandle, error)

CreateObject creates a new object.

func (*Ctx) Decrypt

func (c *Ctx) Decrypt(sh SessionHandle, cypher []byte) ([]byte, error)

Decrypt decrypts encrypted data in a single part.

func (*Ctx) DecryptDigestUpdate

func (c *Ctx) DecryptDigestUpdate(sh SessionHandle, cipher []byte) ([]byte, error)

DecryptDigestUpdate continues a multiple-part decryption and digesting operation.

func (*Ctx) DecryptFinal

func (c *Ctx) DecryptFinal(sh SessionHandle) ([]byte, error)

DecryptFinal finishes a multiple-part decryption operation.

func (*Ctx) DecryptInit

func (c *Ctx) DecryptInit(sh SessionHandle, m []*Mechanism, o ObjectHandle) error

DecryptInit initializes a decryption operation.

func (*Ctx) DecryptUpdate

func (c *Ctx) DecryptUpdate(sh SessionHandle, cipher []byte) ([]byte, error)

DecryptUpdate continues a multiple-part decryption operation.

func (*Ctx) DecryptVerifyUpdate

func (c *Ctx) DecryptVerifyUpdate(sh SessionHandle, cipher []byte) ([]byte, error)

DecryptVerifyUpdate continues a multiple-part decryption and verify operation.

func (*Ctx) DeriveKey

func (c *Ctx) DeriveKey(sh SessionHandle, m []*Mechanism, basekey ObjectHandle, a []*Attribute) (ObjectHandle, error)

DeriveKey derives a key from a base key, creating a new key object. */

func (*Ctx) Destroy

func (c *Ctx) Destroy()

Destroy unloads the module/library and frees any remaining memory.

func (*Ctx) DestroyObject

func (c *Ctx) DestroyObject(sh SessionHandle, oh ObjectHandle) error

DestroyObject destroys an object.

func (*Ctx) Digest

func (c *Ctx) Digest(sh SessionHandle, message []byte) ([]byte, error)

Digest digests message in a single part.

func (*Ctx) DigestEncryptUpdate

func (c *Ctx) DigestEncryptUpdate(sh SessionHandle, part []byte) ([]byte, error)

DigestEncryptUpdate continues a multiple-part digesting and encryption operation.

func (*Ctx) DigestFinal

func (c *Ctx) DigestFinal(sh SessionHandle) ([]byte, error)

DigestFinal finishes a multiple-part message-digesting operation.

func (*Ctx) DigestInit

func (c *Ctx) DigestInit(sh SessionHandle, m []*Mechanism) error

DigestInit initializes a message-digesting operation.

func (*Ctx) DigestKey

func (c *Ctx) DigestKey(sh SessionHandle, key ObjectHandle) error

DigestKey continues a multi-part message-digesting operation, by digesting the value of a secret key as part of the data already digested.

func (*Ctx) DigestUpdate

func (c *Ctx) DigestUpdate(sh SessionHandle, message []byte) error

DigestUpdate continues a multiple-part message-digesting operation.

func (*Ctx) Encrypt

func (c *Ctx) Encrypt(sh SessionHandle, message []byte) ([]byte, error)

Encrypt encrypts single-part data.

func (*Ctx) EncryptFinal

func (c *Ctx) EncryptFinal(sh SessionHandle) ([]byte, error)

EncryptFinal finishes a multiple-part encryption operation.

func (*Ctx) EncryptInit

func (c *Ctx) EncryptInit(sh SessionHandle, m []*Mechanism, o ObjectHandle) error

EncryptInit initializes an encryption operation.

func (*Ctx) EncryptUpdate

func (c *Ctx) EncryptUpdate(sh SessionHandle, plain []byte) ([]byte, error)

EncryptUpdate continues a multiple-part encryption operation.

func (*Ctx) Finalize

func (c *Ctx) Finalize() error

Finalize indicates that an application is done with the Cryptoki library.

func (*Ctx) FindObjects

func (c *Ctx) FindObjects(sh SessionHandle, max int) ([]ObjectHandle, bool, error)

FindObjects continues a search for token and session objects that match a template, obtaining additional object handles. The returned boolean indicates if the list would have been larger than max.

func (*Ctx) FindObjectsFinal

func (c *Ctx) FindObjectsFinal(sh SessionHandle) error

FindObjectsFinal finishes a search for token and session objects.

func (*Ctx) FindObjectsInit

func (c *Ctx) FindObjectsInit(sh SessionHandle, temp []*Attribute) error

FindObjectsInit initializes a search for token and session objects that match a template.

func (*Ctx) GenerateKey

func (c *Ctx) GenerateKey(sh SessionHandle, m []*Mechanism, temp []*Attribute) (ObjectHandle, error)

GenerateKey generates a secret key, creating a new key object.

func (*Ctx) GenerateKeyPair

func (c *Ctx) GenerateKeyPair(sh SessionHandle, m []*Mechanism, public, private []*Attribute) (ObjectHandle, ObjectHandle, error)

GenerateKeyPair generates a public-key/private-key pair creating new key objects.

func (*Ctx) GenerateRandom

func (c *Ctx) GenerateRandom(sh SessionHandle, length int) ([]byte, error)

GenerateRandom generates random data.

func (*Ctx) GetAttributeValue

func (c *Ctx) GetAttributeValue(sh SessionHandle, o ObjectHandle, a []*Attribute) ([]*Attribute, error)

GetAttributeValue obtains the value of one or more object attributes.

func (*Ctx) GetInfo

func (c *Ctx) GetInfo() (Info, error)

GetInfo returns general information about Cryptoki.

func (*Ctx) GetMechanismInfo

func (c *Ctx) GetMechanismInfo(slotID uint, m []*Mechanism) (MechanismInfo, error)

GetMechanismInfo obtains information about a particular mechanism possibly supported by a token.

func (*Ctx) GetMechanismList

func (c *Ctx) GetMechanismList(slotID uint) ([]*Mechanism, error)

GetMechanismList obtains a list of mechanism types supported by a token.

func (*Ctx) GetObjectSize

func (c *Ctx) GetObjectSize(sh SessionHandle, oh ObjectHandle) (uint, error)

GetObjectSize gets the size of an object in bytes.

func (*Ctx) GetOperationState

func (c *Ctx) GetOperationState(sh SessionHandle) ([]byte, error)

GetOperationState obtains the state of the cryptographic operation in a session.

func (*Ctx) GetSessionInfo

func (c *Ctx) GetSessionInfo(sh SessionHandle) (SessionInfo, error)

GetSessionInfo obtains information about the session.

func (*Ctx) GetSlotInfo

func (c *Ctx) GetSlotInfo(slotID uint) (SlotInfo, error)

GetSlotInfo obtains information about a particular slot in the system.

func (*Ctx) GetSlotList

func (c *Ctx) GetSlotList(tokenPresent bool) ([]uint, error)

GetSlotList obtains a list of slots in the system.

func (*Ctx) GetTokenInfo

func (c *Ctx) GetTokenInfo(slotID uint) (TokenInfo, error)

GetTokenInfo obtains information about a particular token in the system.

func (*Ctx) InitPIN

func (c *Ctx) InitPIN(sh SessionHandle, pin string) error

InitPIN initializes the normal user's PIN.

func (*Ctx) InitToken

func (c *Ctx) InitToken(slotID uint, pin string, label string) error

InitToken initializes a token. The label must be 32 characters long, it is blank padded if it is not. If it is longer it is capped to 32 characters.

func (*Ctx) Initialize

func (c *Ctx) Initialize() error

Initialize initializes the Cryptoki library.

func (*Ctx) Login

func (c *Ctx) Login(sh SessionHandle, userType uint, pin string) error

Login logs a user into a token.

func (*Ctx) Logout

func (c *Ctx) Logout(sh SessionHandle) error

Logout logs a user out from a token.

func (*Ctx) OpenSession

func (c *Ctx) OpenSession(slotID uint, flags uint) (SessionHandle, error)

OpenSession opens a session between an application and a token.

func (*Ctx) SeedRandom

func (c *Ctx) SeedRandom(sh SessionHandle, seed []byte) error

SeedRandom mixes additional seed material into the token's random number generator.

func (*Ctx) SetAttributeValue

func (c *Ctx) SetAttributeValue(sh SessionHandle, o ObjectHandle, a []*Attribute) error

SetAttributeValue modifies the value of one or more object attributes

func (*Ctx) SetOperationState

func (c *Ctx) SetOperationState(sh SessionHandle, state []byte, encryptKey, authKey ObjectHandle) error

SetOperationState restores the state of the cryptographic operation in a session.

func (*Ctx) SetPIN

func (c *Ctx) SetPIN(sh SessionHandle, oldpin string, newpin string) error

SetPIN modifies the PIN of the user who is logged in.

func (*Ctx) Sign

func (c *Ctx) Sign(sh SessionHandle, message []byte) ([]byte, error)

Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.

func (*Ctx) SignEncryptUpdate

func (c *Ctx) SignEncryptUpdate(sh SessionHandle, part []byte) ([]byte, error)

SignEncryptUpdate continues a multiple-part signing and encryption operation.

func (*Ctx) SignFinal

func (c *Ctx) SignFinal(sh SessionHandle) ([]byte, error)

SignFinal finishes a multiple-part signature operation returning the signature.

func (*Ctx) SignInit

func (c *Ctx) SignInit(sh SessionHandle, m []*Mechanism, o ObjectHandle) error

SignInit initializes a signature (private key encryption) operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.

func (*Ctx) SignRecover

func (c *Ctx) SignRecover(sh SessionHandle, data []byte) ([]byte, error)

SignRecover signs data in a single operation, where the data can be recovered from the signature.

func (*Ctx) SignRecoverInit

func (c *Ctx) SignRecoverInit(sh SessionHandle, m []*Mechanism, key ObjectHandle) error

SignRecoverInit initializes a signature operation, where the data can be recovered from the signature.

func (*Ctx) SignUpdate

func (c *Ctx) SignUpdate(sh SessionHandle, message []byte) error

SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.

func (*Ctx) UnwrapKey

func (c *Ctx) UnwrapKey(sh SessionHandle, m []*Mechanism, unwrappingkey ObjectHandle, wrappedkey []byte, a []*Attribute) (ObjectHandle, error)

UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object.

func (*Ctx) Verify

func (c *Ctx) Verify(sh SessionHandle, data []byte, signature []byte) error

Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.

func (*Ctx) VerifyFinal

func (c *Ctx) VerifyFinal(sh SessionHandle, signature []byte) error

VerifyFinal finishes a multiple-part verification operation, checking the signature.

func (*Ctx) VerifyInit

func (c *Ctx) VerifyInit(sh SessionHandle, m []*Mechanism, key ObjectHandle) error

VerifyInit initializes a verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature (e.g. DSA).

func (*Ctx) VerifyRecover

func (c *Ctx) VerifyRecover(sh SessionHandle, signature []byte) ([]byte, error)

VerifyRecover verifies a signature in a single-part operation, where the data is recovered from the signature.

func (*Ctx) VerifyRecoverInit

func (c *Ctx) VerifyRecoverInit(sh SessionHandle, m []*Mechanism, key ObjectHandle) error

VerifyRecoverInit initializes a signature verification operation, where the data is recovered from the signature.

func (*Ctx) VerifyUpdate

func (c *Ctx) VerifyUpdate(sh SessionHandle, part []byte) error

VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.

func (*Ctx) WaitForSlotEvent

func (c *Ctx) WaitForSlotEvent(flags uint) chan SlotEvent

WaitForSlotEvent returns a channel which returns a slot event (token insertion, removal, etc.) when it occurs.

func (*Ctx) WrapKey

func (c *Ctx) WrapKey(sh SessionHandle, m []*Mechanism, wrappingkey, key ObjectHandle) ([]byte, error)

WrapKey wraps (i.e., encrypts) a key.

type Error

type Error uint

Error represents an PKCS#11 error.

func (Error) Error

func (e Error) Error() string

type Info

type Info struct {
	CryptokiVersion    Version
	ManufacturerID     string
	Flags              uint
	LibraryDescription string
	LibraryVersion     Version

Info provides information about the library and hardware used.

type Mechanism

type Mechanism struct {
	Mechanism uint
	Parameter []byte

Mechanism holds an mechanism type/value combination.

func NewMechanism

func NewMechanism(mech uint, x interface{}) *Mechanism

type MechanismInfo

type MechanismInfo struct {
	MinKeySize uint
	MaxKeySize uint
	Flags      uint

MechanismInfo provides information about a particular mechanism.

type ObjectHandle

type ObjectHandle uint

ObjectHandle is a token-specific identifier for an object.

type SessionHandle

type SessionHandle uint

SessionHandle is a Cryptoki-assigned value that identifies a session.

type SessionInfo

type SessionInfo struct {
	SlotID      uint
	State       uint
	Flags       uint
	DeviceError uint

SesionInfo provides information about a session.

type SlotEvent

type SlotEvent struct {
	SlotID uint

SlotEvent holds the SlotID which for which an slot event (token insertion, removal, etc.) occurred.

type SlotInfo

type SlotInfo struct {
	SlotDescription string // 64 bytes.
	ManufacturerID  string // 32 bytes.
	Flags           uint
	HardwareVersion Version
	FirmwareVersion Version

SlotInfo provides information about a slot.

type TokenInfo

type TokenInfo struct {
	Label              string
	ManufacturerID     string
	Model              string
	SerialNumber       string
	Flags              uint
	MaxSessionCount    uint
	SessionCount       uint
	MaxRwSessionCount  uint
	RwSessionCount     uint
	MaxPinLen          uint
	MinPinLen          uint
	TotalPublicMemory  uint
	FreePublicMemory   uint
	TotalPrivateMemory uint
	FreePrivateMemory  uint
	HardwareVersion    Version
	FirmwareVersion    Version
	UTCTime            string

TokenInfo provides information about a token.

type Version

type Version struct {
	Major byte
	Minor byte

Version represents any version information from the library.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL