csrcrlop.c revision 9a7670889e9c36ec355371e6b02f2d9084f040dc
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <stdio.h>
#include <link.h>
#include <fcntl.h>
#include <ctype.h>
#include <ber_der.h>
#include <kmfapiP.h>
#include <pem_encode.h>
#include <libgen.h>
#include <cryptoutil.h>
/*
*
* Name: KMF_SetCSRPubKey
*
* Description:
* This function converts the specified plugin public key to SPKI form,
* and save it in the KMF_CSR_DATA internal structure
*
* Parameters:
* KMFkey(input) - pointer to the KMF_KEY_HANDLE structure containing the
* public key generated by the plug-in CreateKeypair
* SPKI
*
* Returns:
* A KMF_RETURN value indicating success or specifying a particular
* error condition.
* The value KMF_OK indicates success. All other values represent
* an error condition.
*
*/
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
}
/* The keystore must extract the pubkey data */
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
return (ret);
}
{
return (KMF_ERR_BAD_PARAMETER);
/*
* From RFC 3280:
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
return (KMF_ERR_BAD_PARAMETER);
sizeof (uint32_t)));
}
{
else
return (KMF_ERR_BAD_PARAMETER);
return (KMF_OK);
}
char *csrfile)
{
int fd = -1;
return (KMF_ERR_BAD_PARAMETER);
return (KMF_ERR_BAD_PARAMETER);
if (format == KMF_FORMAT_PEM) {
int len;
goto cleanup;
}
goto cleanup;
}
if (format == KMF_FORMAT_PEM) {
}
} else {
}
}
if (fd != -1)
return (rv);
}
{
return (KMF_ERR_BAD_PARAMETER);
return (ret);
}
{
return (KMF_ERR_BAD_PARAMETER);
(void) copy_data(
} else {
return (KMF_ERR_BAD_PARAMETER);
}
return (KMF_OK);
}
{
return (KMF_ERR_BAD_PARAMETER);
altname);
return (ret);
}
{
return (KMF_ERR_BAD_PARAMETER);
return (ret);
}
/*
*
* Name: KMF_SignCSR
*
* Description:
* This function signs a CSR and returns the result as a
* signed, encoded CSR in SignedCsr
*
* Parameters:
* tbsCsr(input) - pointer to a KMF_DATA structure containing a
* DER encoded TBS CSR data
* Signkey(input) - pointer to the KMF_KEY_HANDLE structure containing
* the private key generated by the plug-in CreateKeypair
* algo(input) - contains algorithm info needed for signing
* SignedCsr(output) - pointer to the KMF_DATA structure containing
* the signed CSR
*
* Returns:
* A KMF_RETURN value indicating success or specifying a particular
* error condition.
* The value KMF_OK indicates success. All other values represent
* an error condition.
*
*/
const KMF_CSR_DATA *tbsCsr,
{
return (err);
return (KMF_ERR_BAD_PARAMETER);
}
}
return (err);
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
case KMF_KEYSTORE_NSS:
break;
case KMF_KEYSTORE_OPENSSL:
case KMF_KEYSTORE_PK11TOKEN: /* PKCS#11 CRL is file-based */
break;
default:
return (KMF_ERR_PLUGIN_NOTFOUND);
}
}
return (KMF_ERR_PLUGIN_NOTFOUND);
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
case KMF_KEYSTORE_NSS:
break;
case KMF_KEYSTORE_OPENSSL:
case KMF_KEYSTORE_PK11TOKEN: /* PKCS#11 CRL is file-based */
break;
default:
return (KMF_ERR_PLUGIN_NOTFOUND);
}
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
case KMF_KEYSTORE_NSS:
break;
case KMF_KEYSTORE_OPENSSL:
case KMF_KEYSTORE_PK11TOKEN: /* PKCS#11 CRL is file-based */
break;
default:
return (KMF_ERR_PLUGIN_NOTFOUND);
}
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
}
char **CRLNameList, int *CRLCount)
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
CRLNameList, CRLCount));
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
case KMF_KEYSTORE_NSS:
break;
case KMF_KEYSTORE_OPENSSL:
case KMF_KEYSTORE_PK11TOKEN: /* PKCS#11 CRL is file-based */
break;
default:
return (KMF_ERR_PLUGIN_NOTFOUND);
}
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
return (KMF_ERR_PLUGIN_NOTFOUND);
}
"OpenSSL_VerifyCRLFile");
if (verifyCRLFile == NULL) {
return (KMF_ERR_FUNCTION_NOT_FOUND);
}
}
{
KMF_RETURN (*checkCRLDate)(void *,
return (ret);
return (KMF_ERR_BAD_PARAMETER);
return (KMF_ERR_PLUGIN_NOTFOUND);
}
"OpenSSL_CheckCRLDate");
if (checkCRLDate == NULL) {
return (KMF_ERR_FUNCTION_NOT_FOUND);
}
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
}
/*
* This framework function is actually implemented in the openssl
* plugin library, so we find the function address and call it.
*/
return (KMF_ERR_PLUGIN_NOTFOUND);
}
"OpenSSL_IsCRLFile");
if (IsCRLFileFn == NULL) {
return (KMF_ERR_FUNCTION_NOT_FOUND);
}
}