package pkcs11-driver

  1. Overview
  2. Docs

The bindings come in two flavours. The first one is the Direct mode, in which each function from the PKCS11.h header are binded directly. The second one is the Indirect mode, in which we use an indirection through the list of function returned by GetFunctionList.

Types used in the API

CONVENTIONS.

_t is a type variable used to constrain the Ctypes representation. It appears in Pkcs11.CK_VERSION, for instance. However, only t is exported, which is defined as _t structure. For some modules, it is quite easy to work with t seen as an abstract type. For other modules, the higher-level type such as P11.Version.t is more practical.

Where appropriate, we provide the following functions:

  • create: unit -> Pkcs11.CK_x.t: Allocate a new object of type t (possibly, not initialized).
  • allocate: Pkcs11.CK_x.t -> unit: Update the object in place by allocating memory for its various fields.
  • view: Pkcs11.CK_x.t -> P11.X.t: Build the high-level version of the data represented by the argument.
  • make: P11.X.t -> Pkcs11.CK_x.t: Build the Ctypes version of the data represented by P11.X.t.

N.B. The last two functions raise the question of why we are not using Ctypes views. The problem is that for some functions of the PKCS#11 interface, we have to make several calls to the API to build a proper Pkcs11.CK_x.t, that could then be used to build a P11.X.t.

module CK_ULONG = P11_ulong
module CK_BYTE = Pkcs11_CK_BYTE
module CK_BBOOL = Pkcs11_CK_BBOOL
module CK_UTF8CHAR = Pkcs11_CK_UTF8CHAR
module CK_VOID = Pkcs11_CK_VOID
module CK_FLAGS = Pkcs11_CK_FLAGS
module Data = Pkcs11_data
module CK_OBJECT_CLASS = Pkcs11_CK_OBJECT_CLASS
module CK_KEY_TYPE = Pkcs11_CK_KEY_TYPE
module CK_VERSION = Pkcs11_CK_VERSION
module CK_SESSION_HANDLE = Pkcs11_CK_SESSION_HANDLE
module CK_OBJECT_HANDLE = Pkcs11_CK_OBJECT_HANDLE
module CK_HW_FEATURE_TYPE = Pkcs11_CK_HW_FEATURE_TYPE
module CK_SLOT_ID = Pkcs11_CK_SLOT_ID
module CK_SLOT_INFO = Pkcs11_CK_SLOT_INFO
module Slot_list = Pkcs11_slot_list
module CK_MECHANISM_INFO = Pkcs11_CK_MECHANISM_INFO
module CK_SESSION_INFO = Pkcs11_CK_SESSION_INFO
module CK_BIGINT = P11_bigint
module CK_RV = Pkcs11_CK_RV
module CK_MECHANISM_TYPE = Pkcs11_CK_MECHANISM_TYPE
module Key_gen_mechanism = Pkcs11_key_gen_mechanism
module CK_RSA_PKCS_MGF_TYPE = Pkcs11_CK_RSA_PKCS_MGF_TYPE
module CK_RSA_PKCS_OAEP_PARAMS = Pkcs11_CK_RSA_PKCS_OAEP_PARAMS
module CK_RSA_PKCS_PSS_PARAMS = Pkcs11_CK_RSA_PKCS_PSS_PARAMS
module CK_KEY_DERIVATION_STRING_DATA = Pkcs11_CK_KEY_DERIVATION_STRING_DATA
module CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE = Pkcs11_CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE
module CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE = Pkcs11_CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE
module CK_PKCS5_PBKD2_PARAMS = Pkcs11_CK_PKCS5_PBKD2_PARAMS
module CK_EC_KDF_TYPE = Pkcs11_CK_EC_KDF_TYPE
module CK_ECDH1_DERIVE_PARAMS = Pkcs11_CK_ECDH1_DERIVE_PARAMS
module CK_ECMQV_DERIVE_PARAMS = Pkcs11_CK_ECMQV_DERIVE_PARAMS
module CK_MECHANISM = Pkcs11_CK_MECHANISM
module CK_USER_TYPE = Pkcs11_CK_USER_TYPE
module CK_INFO = Pkcs11_CK_INFO
module CK_TOKEN_INFO = Pkcs11_CK_TOKEN_INFO
module CK_ATTRIBUTE_TYPE = Pkcs11_CK_ATTRIBUTE_TYPE
module CK_ATTRIBUTE = Pkcs11_CK_ATTRIBUTE
module Template = Pkcs11_template
module Mechanism_list = Pkcs11_mechanism_list
module CK_ATTRIBUTE_SET = Pkcs11_CK_ATTRIBUTE_SET
module CK_AES_CTR_PARAMS = Pkcs11_CK_AES_CTR_PARAMS
module CK_GCM_PARAMS = Pkcs11_CK_GCM_PARAMS
val ck_byte : CK_BYTE.t Ctypes.typ
val utf8char : CK_BYTE.t Ctypes.typ
val ck_utf8char : char Ctypes.typ
val ck_bbool : CK_BYTE.t Ctypes.typ
val ck_flags : CK_FLAGS.t Ctypes.typ
val ck_object_class : CK_OBJECT_CLASS.t Ctypes.typ
val ck_version : CK_VERSION.t Ctypes.typ
val ck_session_handle : CK_SESSION_HANDLE.t Ctypes.typ
val ck_object_handle : CK_OBJECT_HANDLE.t Ctypes.typ
val ck_hw_feature_type : CK_HW_FEATURE_TYPE.t Ctypes.typ
val ck_slot_id : CK_SLOT_ID.t Ctypes.typ
val ck_slot_info : CK_SLOT_INFO.t Ctypes.typ
val ck_mechanism_info : CK_MECHANISM_INFO.t Ctypes.typ
val ck_session_info : CK_SESSION_INFO.t Ctypes.typ
val ck_rv : CK_RV.t Ctypes.typ
val ck_mechanism_type : CK_MECHANISM_TYPE.t Ctypes.typ
val ck_rsa_pkcs_mgf_type : CK_RSA_PKCS_MGF_TYPE.t Ctypes.typ
val ck_pkcs5_pbkdf2_salt_source_type : CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE.t Ctypes.typ
val ck_pkcs5_pbkd2_pseudo_random_function_type : CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE.t Ctypes.typ
val ck_mechanism : CK_MECHANISM.t Ctypes.typ
val ck_user_type : CK_USER_TYPE.t Ctypes.typ
val ck_info : CK_INFO.t Ctypes.typ
val ck_token_info : CK_TOKEN_INFO.t Ctypes.typ
val ck_attribute_type : CK_ATTRIBUTE_TYPE.t Ctypes.typ
val ck_attribute : CK_ATTRIBUTE.t Ctypes.typ
type template = Template.t
module Initialize_arg : sig ... end
type _ck_function_list
type ck_function_list = _ck_function_list Ctypes.structure
val ck_function_list : ck_function_list Ctypes.typ
module CK_NOTIFY : sig ... end
module CK : sig ... end
module CK_FUNCTION_LIST : sig ... end
OCaml

Innovation. Community. Security.