feat: add HKDF mechanisms

cryptoki-sys/pkcs11.h

@@ -207,6 +207,15 @@ extern "C" {
 #define string_data pData
 #define string_data_len ulLen
 #define data_params pData
+#define extract bExtract
+#define expand bExpand
+#define prf_hash_mechanism prfHashMechanism
+#define salt_type ulSaltType
+#define salt_ptr pSalt
+#define salt_len ulSaltLen
+#define salt_key hSaltKey
+#define info_ptr pInfo
+#define info_len ulInfoLen
 #endif	/* CRYPTOKI_COMPAT */
 
 
@@ -402,6 +411,10 @@ typedef unsigned long ck_key_type_t;
 #define CKK_GOSTR3411		(0x31UL)
 #define CKK_GOST28147		(0x32UL)
 #define CKK_EC_EDWARDS		(0x40UL)
+
+/* From version 3.0 */
+#define CKK_HKDF    (0x42UL)
+
 #define CKK_VENDOR_DEFINED	((unsigned long) (1UL << 31))
 
 
@@ -888,6 +901,10 @@ typedef unsigned long ck_mechanism_type_t;
 #define CKM_EC_MONTGOMERY_KEY_PAIR_GEN  (0x1056UL)
 #define CKM_EDDSA			(0x1057UL)
 
+#define CKM_HKDF_DERIVE (0x402aUL)
+#define CKM_HKDF_DATA (0x402bUL)
+#define CKM_HKDF_KEY_GEN  (0x402cUL)
+
 /* Attribute and other constants related to OTP */
 #define CK_OTP_FORMAT_DECIMAL		(0UL)
 #define CK_OTP_FORMAT_HEXADECIMAL	(1UL)
@@ -1029,6 +1046,22 @@ struct ck_aes_cbc_encrypt_data_params {
   unsigned long length;
 };
 
+#define CKF_HKDF_SALT_NULL  (0x01UL)
+#define CKF_HKDF_SALT_DATA  (0x02UL)
+#define CKF_HKDF_SALT_KEY   (0x04UL)
+
+struct ck_hkdf_params {
+  unsigned char extract;
+  unsigned char expand;
+  ck_mechanism_type_t prf_hash_mechanism;
+  unsigned long salt_type;
+  unsigned char *salt_ptr;
+  unsigned long salt_len;
+  ck_object_handle_t salt_key;
+  unsigned char *info_ptr;
+  unsigned long info_len;
+};
+
 #define CKF_HW			(1UL << 0)
 #define CKF_ENCRYPT		(1UL << 8)
 #define CKF_DECRYPT		(1UL << 9)
@@ -1644,6 +1677,9 @@ typedef struct ck_des_cbc_encrypt_data_params *CK_DES_CBC_ENCRYPT_DATA_PARAMS_PT
 typedef struct ck_aes_cbc_encrypt_data_params CK_AES_CBC_ENCRYPT_DATA_PARAMS;
 typedef struct ck_aes_cbc_encrypt_data_params *CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;
 
+typedef struct ck_hkdf_params CK_HKDF_PARAMS;
+typedef struct ck_hkdf_params *CK_HKDF_PARAMS_PTR;
+
 #ifndef NULL_PTR
 #define NULL_PTR NULL
 #endif

cryptoki-sys/src/bindings/aarch64-apple-darwin.rs

@@ -91,6 +91,7 @@ pub const CKK_GOSTR3410: CK_KEY_TYPE = 48;
 pub const CKK_GOSTR3411: CK_KEY_TYPE = 49;
 pub const CKK_GOST28147: CK_KEY_TYPE = 50;
 pub const CKK_EC_EDWARDS: CK_KEY_TYPE = 64;
+pub const CKK_HKDF: CK_KEY_TYPE = 66;
 pub const CKC_X_509: CK_CERTIFICATE_TYPE = 0;
 pub const CKC_X_509_ATTR_CERT: CK_CERTIFICATE_TYPE = 1;
 pub const CKC_WTLS: CK_CERTIFICATE_TYPE = 2;
@@ -530,6 +531,9 @@ pub const CKM_RSA_PKCS_OAEP_TPM_1_1: CK_MECHANISM_TYPE = 16386;
 pub const CKM_EC_EDWARDS_KEY_PAIR_GEN: CK_MECHANISM_TYPE = 4181;
 pub const CKM_EC_MONTGOMERY_KEY_PAIR_GEN: CK_MECHANISM_TYPE = 4182;
 pub const CKM_EDDSA: CK_MECHANISM_TYPE = 4183;
+pub const CKM_HKDF_DERIVE: CK_MECHANISM_TYPE = 16426;
+pub const CKM_HKDF_DATA: CK_MECHANISM_TYPE = 16427;
+pub const CKM_HKDF_KEY_GEN: CK_MECHANISM_TYPE = 16428;
 pub const CK_OTP_FORMAT_DECIMAL: CK_ULONG = 0;
 pub const CK_OTP_FORMAT_HEXADECIMAL: CK_ULONG = 1;
 pub const CK_OTP_FORMAT_ALPHANUMERIC: CK_ULONG = 2;
@@ -566,6 +570,9 @@ pub const CKD_SHA256_KDF: CK_EC_KDF_TYPE = 6;
 pub const CKD_SHA384_KDF: CK_EC_KDF_TYPE = 7;
 pub const CKD_SHA512_KDF: CK_EC_KDF_TYPE = 8;
 pub const CKD_CPDIVERSIFY_KDF: CK_EC_KDF_TYPE = 9;
+pub const CKF_HKDF_SALT_NULL: CK_FLAGS = 1;
+pub const CKF_HKDF_SALT_DATA: CK_FLAGS = 2;
+pub const CKF_HKDF_SALT_KEY: CK_FLAGS = 4;
 pub const CKF_HW: CK_FLAGS = 1;
 pub const CKF_ENCRYPT: CK_FLAGS = 256;
 pub const CKF_DECRYPT: CK_FLAGS = 512;
@@ -2105,6 +2112,133 @@ impl Default for ck_aes_cbc_encrypt_data_params {
         }
     }
 }
+#[repr(C)]
+#[derive(Debug, Copy, Clone)]
+pub struct ck_hkdf_params {
+    pub bExtract: ::std::os::raw::c_uchar,
+    pub bExpand: ::std::os::raw::c_uchar,
+    pub prfHashMechanism: CK_MECHANISM_TYPE,
+    pub ulSaltType: ::std::os::raw::c_ulong,
+    pub pSalt: *mut ::std::os::raw::c_uchar,
+    pub ulSaltLen: ::std::os::raw::c_ulong,
+    pub hSaltKey: CK_OBJECT_HANDLE,
+    pub pInfo: *mut ::std::os::raw::c_uchar,
+    pub ulInfoLen: ::std::os::raw::c_ulong,
+}
+#[test]
+fn bindgen_test_layout_ck_hkdf_params() {
+    const UNINIT: ::std::mem::MaybeUninit<ck_hkdf_params> = ::std::mem::MaybeUninit::uninit();
+    let ptr = UNINIT.as_ptr();
+    assert_eq!(
+        ::std::mem::size_of::<ck_hkdf_params>(),
+        64usize,
+        concat!("Size of: ", stringify!(ck_hkdf_params))
+    );
+    assert_eq!(
+        ::std::mem::align_of::<ck_hkdf_params>(),
+        8usize,
+        concat!("Alignment of ", stringify!(ck_hkdf_params))
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).bExtract) as usize - ptr as usize },
+        0usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(bExtract)
+        )
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).bExpand) as usize - ptr as usize },
+        1usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(bExpand)
+        )
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).prfHashMechanism) as usize - ptr as usize },
+        8usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(prfHashMechanism)
+        )
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).ulSaltType) as usize - ptr as usize },
+        16usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(ulSaltType)
+        )
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).pSalt) as usize - ptr as usize },
+        24usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(pSalt)
+        )
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).ulSaltLen) as usize - ptr as usize },
+        32usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(ulSaltLen)
+        )
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).hSaltKey) as usize - ptr as usize },
+        40usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(hSaltKey)
+        )
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).pInfo) as usize - ptr as usize },
+        48usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(pInfo)
+        )
+    );
+    assert_eq!(
+        unsafe { ::std::ptr::addr_of!((*ptr).ulInfoLen) as usize - ptr as usize },
+        56usize,
+        concat!(
+            "Offset of field: ",
+            stringify!(ck_hkdf_params),
+            "::",
+            stringify!(ulInfoLen)
+        )
+    );
+}
+impl Default for ck_hkdf_params {
+    fn default() -> Self {
+        let mut s = ::std::mem::MaybeUninit::<Self>::uninit();
+        unsafe {
+            ::std::ptr::write_bytes(s.as_mut_ptr(), 0, 1);
+            s.assume_init()
+        }
+    }
+}
 pub type CK_RV = ::std::os::raw::c_ulong;
 pub type CK_NOTIFY = ::std::option::Option<
     unsafe extern "C" fn(
@@ -3517,6 +3651,8 @@ pub type CK_DES_CBC_ENCRYPT_DATA_PARAMS = ck_des_cbc_encrypt_data_params;
 pub type CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR = *mut ck_des_cbc_encrypt_data_params;
 pub type CK_AES_CBC_ENCRYPT_DATA_PARAMS = ck_aes_cbc_encrypt_data_params;
 pub type CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR = *mut ck_aes_cbc_encrypt_data_params;
+pub type CK_HKDF_PARAMS = ck_hkdf_params;
+pub type CK_HKDF_PARAMS_PTR = *mut ck_hkdf_params;
 extern crate libloading;
 pub struct Pkcs11 {
     __library: ::libloading::Library,