/*
* Copyright (c) 1995-2000 Intel Corporation. All rights reserved.
*/
/*
*/
#ifndef _KMFTYPES_H
#define _KMFTYPES_H
#include <stdlib.h>
#include <strings.h>
#include <pthread.h>
#include <security/cryptoki.h>
#ifdef __cplusplus
extern "C" {
#endif
#define KMF_FALSE (0)
/* KMF_HANDLE_T is a pointer to an incomplete C struct for type safety. */
/*
* KMF_DATA
* The KMF_DATA structure is used to associate a length, in bytes, with
* an arbitrary block of contiguous memory.
*/
typedef struct kmf_data
{
} KMF_DATA;
typedef struct {
} KMF_BIGINT;
/*
* KMF_OID
* The object identifier (OID) structure is used to hold a unique identifier for
* the atomic data fields and the compound substructure that comprise the fields
* of a certificate or CRL.
*/
typedef struct kmf_x509_private {
int keystore_type;
char *label;
/*
* KMF_X509_DER_CERT
* This structure associates packed DER certificate data.
* Also, it contains the private information internal used
* by KMF layer.
*/
typedef struct
{
typedef int KMF_KEYSTORE_TYPE;
(t <= KMF_KEYSTORE_PK11TOKEN))
typedef enum {
KMF_FORMAT_UNDEF = 0,
typedef enum {
KMF_ALL_CERTS = 0,
typedef enum {
KMF_ALL_EXTNS = 0,
typedef enum {
KMF_KU_SIGN_CERT = 0,
/*
* Algorithms
* This type defines a set of constants used to identify cryptographic
* algorithms.
*
* When adding new ALGID, be careful not to rearrange existing
* values, doing so can cause problem in the STC test suite.
*/
typedef enum {
KMF_ALGID_NONE = 0,
/*
* Generic credential structure used by other structures below
* to convey authentication information to the underlying
* mechanisms.
*/
typedef struct {
char *cred;
typedef enum {
KMF_KEYALG_NONE = 0,
typedef enum {
KMF_KEYCLASS_NONE = 0,
typedef enum {
KMF_CERT = 0,
typedef struct {
typedef struct {
typedef struct {
typedef struct {
typedef struct {
union {
}rawdata;
char *label;
typedef struct {
char *keylabel;
void *keyp;
typedef struct {
} KMF_ERROR;
/*
* Typenames to use with subjectAltName
*/
typedef enum {
/*
* KMF_FIELD
* identified by an OID.
*/
typedef struct
{
} KMF_FIELD;
typedef enum {
} KMF_RETURN;
/* Data structures for OCSP support */
typedef enum {
OCSP_GOOD = 0,
typedef enum {
OCSP_SUCCESS = 0,
typedef enum {
OCSP_UNSPECIFIED = 0,
typedef enum {
/*
* KMF_X509_ALGORITHM_IDENTIFIER
* This structure holds an object identifier naming a
* cryptographic algorithm and an optional set of
* parameters to be used as input to that algorithm.
*/
typedef struct
{
/*
* KMF_X509_TYPE_VALUE_PAIR
* This structure contain an type-value pair.
*/
typedef struct
{
/*
* KMF_X509_RDN
* This structure contains a Relative Distinguished Name
* composed of an ordered set of type-value pairs.
*/
typedef struct
{
} KMF_X509_RDN;
/*
* KMF_X509_NAME
* This structure contains a set of Relative Distinguished Names.
*/
typedef struct
{
/*
* KMF_X509_SPKI
* This structure contains the public key and the
* description of the verification algorithm
* appropriate for use with this key.
*/
typedef struct
{
/*
* KMF_X509_TIME
* Time is represented as a string according to the
* definitions of GeneralizedTime and UTCTime
* defined in RFC 2459.
*/
typedef struct
{
/*
* KMF_X509_VALIDITY
*/
typedef struct
{
/*
* KMF_X509EXT_BASICCONSTRAINTS
*/
typedef struct
{
/*
* KMF_X509EXT_DATA_FORMAT
* This list defines the valid formats for a certificate extension.
*/
typedef enum
{
/*
* KMF_X509EXT_TAGandVALUE
* extension value and the type of that value.
*/
typedef struct
{
/*
* KMF_X509EXT_PAIR
* This structure aggregates two extension representations:
* a tag and value, and a parsed X509 extension representation.
*/
typedef struct
{
void *parsedValue;
/*
* KMF_X509_EXTENSION
* This structure contains a complete certificate extension.
*/
typedef struct
{
union
{
void *parsedValue;
} value;
/*
* KMF_X509_EXTENSIONS
* This structure contains the set of all certificate
* extensions contained in a certificate.
*/
typedef struct
{
/*
* KMF_X509_TBS_CERT
* This structure contains a complete X.509 certificate.
*/
typedef struct
{
/*
* KMF_X509_SIGNATURE
* This structure contains a cryptographic digital signature.
*/
typedef struct
{
/*
* KMF_X509_CERTIFICATE
* This structure associates a set of decoded certificate
* values with the signature covering those values.
*/
typedef struct
{
/*
* KMF_TBS_CSR
* This structure contains a complete PKCS#10 certificate request
*/
typedef struct
{
} KMF_TBS_CSR;
/*
* KMF_CSR_DATA
* This structure contains a complete PKCS#10 certificate signed request
*/
typedef struct
{
} KMF_CSR_DATA;
/*
* KMF_X509EXT_POLICYQUALIFIERINFO
*/
typedef struct
{
/*
* KMF_X509EXT_POLICYQUALIFIERS
*/
typedef struct
{
/*
* KMF_X509EXT_POLICYINFO
*/
typedef struct
{
typedef struct
{
typedef struct
{
typedef struct
{
/*
* X509 AuthorityInfoAccess extension
*/
typedef struct
{
typedef struct
{
/*
* X509 Crl Distribution Point extension
*/
typedef struct {
typedef struct {
typedef enum {
typedef struct {
union {
} name;
typedef struct {
typedef enum {
typedef struct {
void *pValue;
/*
* Definitions for common X.509v3 certificate attribute OIDs
*/
/* From the PKCS Standards */
/*
* From RFC 1274:
* {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) }
*/
/*
* From PKIX part1
* { iso(1) identified-organization(3) dod(6) internet(1)
* security(5) mechanisms(5) pkix(7) }
*/
/* private certificate extensions, { id-pkix 1 } */
/* policy qualifier types {id-pkix 2 } */
/* CPS qualifier, { id-qt 1 } */
/* user notice qualifier, { id-qt 2 } */
/* extended key purpose OIDs {id-pkix 3 } */
/* access descriptors {id-pkix 4 } */
/* access descriptors */
/* OCSP */
/* cAIssuers */
/* end PKIX part1 */
/*
* From RFC4556 (PKINIT)
*
* pkinit = { iso(1) identified-organization(3) dod(6) internet(1)
* security(5) kerberosv5(2) pkinit(3) }
*/
/*
* Microsoft OIDs:
* id-ms-san-sc-logon-upn =
* {iso(1) identified-organization(3) dod(6) internet(1) private(4)
* enterprise(1) microsoft(311) 20 2 3}
*
* id-ms-kp-sc-logon =
* {iso(1) identified-organization(3) dod(6) internet(1) private(4)
* enterprise(1) microsoft(311) 20 2 2}
*/
/* From x9.57 */
extern const KMF_OID
extern const KMF_OID
/* For PKINIT support */
extern const KMF_OID
/* For ECC support */
extern const KMF_OID
/*
* ANSI X9-62 prime192v1 is same as secp192r1 and
* ANSI X9-62 prime256v1 is same as secp256r1
*/
/*
* KMF Certificate validation codes. These may be masked together.
*/
/*
* KMF Key Usage bitmasks
*/
/*
* KMF Extended KeyUsage OID definitions
*/
#ifdef __cplusplus
}
#endif
#endif /* _KMFTYPES_H */