PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
Cryptoki represents session information with the following types:
typedef CK_ULONG CK_SESSION_HANDLE;
Valid session handles in Cryptoki always have nonzero values. For developers' convenience, Cryptoki defines the following symbolic value:
#define CK_INVALID_HANDLE 0
CK_SESSION_HANDLE_PTR is a pointer to a CK_SESSION_HANDLE.
typedef CK_ULONG CK_USER_TYPE;
For this version of Cryptoki, the following types of users are defined:
#define CKU_SO 0 #define CKU_USER 1
For this version of Cryptoki, the following session states are defined:
#define CKS_RO_PUBLIC_SESSION 0 #define CKS_RO_USER_FUNCTIONS 1 #define CKS_RW_PUBLIC_SESSION 2 #define CKS_RW_USER_FUNCTIONS 3 #define CKS_RW_SO_FUNCTIONS 4
typedef struct CK_SESSION_INFO { CK_SLOT_ID slotID; CK_STATE state; CK_FLAGS flags; CK_ULONG ulDeviceError; } CK_SESSION_INFO;
| slotID | ID of the slot that interfaces with the token |
| state | the state of the session |
| flags | bit flags that define the type of session; the flags are defined below |
| ulDeviceError | an error code defined by the cryptographic device. Used for errors not covered by Cryptoki. |
The following table defines the flags field:
Table 12, Session Information Flags
| Bit Flag | Mask | Meaning |
| CKF_RW_SESSION | 0x00000002 | TRUE if the session is read/write; FALSE if the session is read-only |
| CKF_SERIAL_SESSION | 0x00000004 | This flag is provided for backward compatibility, and should always be set to TRUE |
CK_SESSION_INFO_PTR is a pointer to a CK_SESSION_INFO.