kmfapiP.h revision 269e59f9a28bf47e0f463e64fc5af4a408b73b21
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*/
#ifndef _KMFAPIP_H
#define _KMFAPIP_H
#include <kmfapi.h>
#include <kmfpolicy.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Plugin function table */
typedef struct {
int,
KMF_ATTRIBUTE *);
KMF_RETURN (*FindCert) (
int,
KMF_ATTRIBUTE *);
void (*FreeKMFCert) (
KMF_RETURN (*StoreCert) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*ImportCert) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*ImportCRL) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*DeleteCert) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*DeleteCRL) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*CreateKeypair) (
int,
KMF_ATTRIBUTE *);
KMF_RETURN (*FindKey) (
int,
KMF_ATTRIBUTE *);
KMF_DATA *);
KMF_RETURN (*SignData) (
KMF_OID *,
KMF_DATA *,
KMF_DATA *);
KMF_RETURN (*DeleteKey) (
int,
KMF_ATTRIBUTE *);
KMF_RETURN (*ListCRL) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*FindCRL) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*FindCertInCRL) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*GetErrorString) (
char **);
int,
KMF_ATTRIBUTE *);
KMF_RETURN (*DecryptData) (
KMF_OID *,
KMF_DATA *,
KMF_DATA *);
KMF_RETURN (*ExportPK12)(
int,
KMF_ATTRIBUTE *);
KMF_RETURN (*CreateSymKey) (
int,
KMF_ATTRIBUTE *);
KMF_RETURN (*GetSymKeyValue) (
KMF_RAW_SYM_KEY *);
KMF_RETURN (*SetTokenPin) (
int, KMF_ATTRIBUTE *);
KMF_RETURN (*StoreKey) (
int,
KMF_ATTRIBUTE *);
void (*Finalize) ();
typedef struct {
typedef struct {
char *applications;
char *path;
void *dldesc;
} KMF_PLUGIN;
typedef struct _KMF_PLUGIN_LIST {
struct _KMF_PLUGIN_LIST *next;
typedef struct _kmf_handle {
/*
* session handle opened by kmf_select_token() to talk
* to a specific slot in Crypto framework. It is used
* by pkcs11 plugin module.
*/
} KMF_HANDLE;
#define CLEAR_ERROR(h, rv) { \
if (h == NULL) { \
rv = KMF_ERR_BAD_PARAMETER; \
} else { \
} \
}
#define KMF_PLUGIN_INIT_SYMBOL "KMF_Plugin_Initialize"
#ifndef KMF_PLUGIN_PATH
#if defined(__sparcv9)
#define KMF_PLUGIN_PATH "/lib/crypto/sparcv9/"
#define KMF_PLUGIN_PATH "/lib/crypto/"
#define KMF_PLUGIN_PATH "/lib/crypto/"
#define KMF_PLUGIN_PATH "/lib/crypto/amd64/"
#endif
#endif /* !KMF_PLUGIN_PATH */
extern KMF_RETURN
extern KMF_BOOL pkcs_algid_to_keytype(
extern KMF_RETURN PKCS_VerifyData(
KMF_HANDLE *,
extern KMF_RETURN PKCS_EncryptData(
KMF_HANDLE *,
KMF_DATA *,
KMF_DATA *);
KMF_OID *, int, KMF_GENERALNAMECHOICES, char *);
extern void free_keyidlist(KMF_OID *, int);
extern void free_dp_name(KMF_CRL_DIST_POINT *);
extern void free_dp(KMF_CRL_DIST_POINT *);
int, uint32_t);
extern KMF_RETURN init_pk11();
int, KMF_ATTRIBUTE_TESTER *, int, KMF_ATTRIBUTE *);
/* Indexes into the key parts array for RSA keys */
#define KMF_RSA_MODULUS (0)
#define KMF_RSA_PUBLIC_EXPONENT (1)
#define KMF_RSA_PRIVATE_EXPONENT (2)
#define KMF_RSA_PRIME1 (3)
#define KMF_RSA_PRIME2 (4)
#define KMF_RSA_EXPONENT1 (5)
#define KMF_RSA_EXPONENT2 (6)
#define KMF_RSA_COEFFICIENT (7)
/* Key part counts for RSA keys */
#define KMF_NUMBER_RSA_PUBLIC_KEY_PARTS (2)
#define KMF_NUMBER_RSA_PRIVATE_KEY_PARTS (8)
/* Key part counts for DSA keys */
#define KMF_NUMBER_DSA_PUBLIC_KEY_PARTS (4)
#define KMF_NUMBER_DSA_PRIVATE_KEY_PARTS (4)
/* Indexes into the key parts array for DSA keys */
#define KMF_DSA_PRIME (0)
#define KMF_DSA_SUB_PRIME (1)
#define KMF_DSA_BASE (2)
#define KMF_DSA_PUBLIC_VALUE (3)
#define KMF_ECDSA_PARAMS (0)
#define KMF_ECDSA_POINT (1)
#ifndef max
#define max(a, b) ((a) < (b) ? (b) : (a))
#endif
/* Maximum key parts for all algorithms */
#define KMF_MAX_PUBLIC_KEY_PARTS \
#define KMF_MAX_PRIVATE_KEY_PARTS \
#define KMF_MAX_KEY_PARTS \
typedef enum {
KMF_ALGMODE_NONE = 0,
#define KMF_CERT_PRINTABLE_LEN 1024
#define SHA1_HASH_LENGTH 20
#define OCSPREQ_TEMPNAME "/tmp/ocsp.reqXXXXXX"
#define OCSPRESP_TEMPNAME "/tmp/ocsp.respXXXXXX"
#define _PATH_KMF_CONF "/etc/crypto/kmf.conf"
#define CONF_MODULEPATH "modulepath="
#define CONF_OPTION "option="
typedef struct {
char *keystore;
char *modulepath;
char *option;
} conf_entry_t;
typedef struct conf_entrylist {
struct conf_entrylist *next;
extern void free_entrylist(conf_entrylist_t *);
extern void free_entry(conf_entry_t *);
extern char *get_mapper_pathname(char *, char *);
#ifdef __cplusplus
}
#endif
#endif /* _KMFAPIP_H */