99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <stdio.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <dlfcn.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <link.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <fcntl.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <ctype.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <sys/param.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <sys/types.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <sys/stat.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <errno.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <sys/socket.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <netinet/in.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <arpa/inet.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <thread.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <ber_der.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <kmfapiP.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <pem_encode.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <rdn_parser.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <libxml2/libxml/uri.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <libgen.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <cryptoutil.h>

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic uchar_t pkcs11_initialized = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysmutex_t init_lock = DEFAULTMUTEX;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysextern int errno;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllystypedef struct {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN code;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys char *message;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys} kmf_error_map;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic kmf_error_map kmf_errcodes[] = {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_OK, "KMF_OK"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_PARAMETER, "KMF_ERR_BAD_PARAMETER"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_KEY_FORMAT, "KMF_ERR_BAD_KEY_FORMAT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_ALGORITHM, "KMF_ERR_BAD_ALGORITHM"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_MEMORY, "KMF_ERR_MEMORY"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_ENCODING, "KMF_ERR_ENCODING"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_PLUGIN_INIT, "KMF_ERR_PLUGIN_INIT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_PLUGIN_NOTFOUND, "KMF_ERR_PLUGIN_NOTFOUND"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_INTERNAL, "KMF_ERR_INTERNAL"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_CERT_FORMAT, "KMF_ERR_BAD_CERT_FORMAT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_KEYGEN_FAILED, "KMF_ERR_KEYGEN_FAILED"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_UNINITIALIZED, "KMF_ERR_UNINITIALIZED"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_ISSUER, "KMF_ERR_ISSUER"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_NOT_REVOKED, "KMF_ERR_NOT_REVOKED"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_CERT_NOT_FOUND, "KMF_ERR_CERT_NOT_FOUND"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_CRL_NOT_FOUND, "KMF_ERR_CRL_NOT_FOUND"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_RDN_PARSER, "KMF_ERR_RDN_PARSER"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_RDN_ATTR, "KMF_ERR_RDN_ATTR"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_SLOTNAME, "KMF_ERR_SLOTNAME"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_EMPTY_CRL, "KMF_ERR_EMPTY_CRL"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BUFFER_SIZE, "KMF_ERR_BUFFER_SIZE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_AUTH_FAILED, "KMF_ERR_AUTH_FAILED"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_TOKEN_SELECTED, "KMF_ERR_TOKEN_SELECTED"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_NO_TOKEN_SELECTED, "KMF_ERR_NO_TOKEN_SELECTED"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_TOKEN_NOT_PRESENT, "KMF_ERR_TOKEN_NOT_PRESENT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_EXTENSION_NOT_FOUND, "KMF_ERR_EXTENSION_NOT_FOUND"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_POLICY_ENGINE, "KMF_ERR_POLICY_ENGINE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_POLICY_DB_FORMAT, "KMF_ERR_POLICY_DB_FORMAT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_POLICY_NOT_FOUND, "KMF_ERR_POLICY_NOT_FOUND"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_POLICY_DB_FILE, "KMF_ERR_POLICY_DB_FILE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_POLICY_NAME, "KMF_ERR_POLICY_NAME"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_POLICY, "KMF_ERR_OCSP_POLICY"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_TA_POLICY, "KMF_ERR_TA_POLICY"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_KEY_NOT_FOUND, "KMF_ERR_KEY_NOT_FOUND"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OPEN_FILE, "KMF_ERR_OPEN_FILE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_BAD_ISSUER, "KMF_ERR_OCSP_BAD_ISSUER"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_BAD_CERT, "KMF_ERR_OCSP_BAD_CERT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_CREATE_REQUEST, "KMF_ERR_OCSP_CREATE_REQUEST"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_CONNECT_SERVER, "KMF_ERR_CONNECT_SERVER"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_SEND_REQUEST, "KMF_ERR_SEND_REQUEST"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_CERTID, "KMF_ERR_OCSP_CERTID"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_MALFORMED_RESPONSE, "KMF_ERR_OCSP_MALFORMED_RESPONSE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_RESPONSE_STATUS, "KMF_ERR_OCSP_RESPONSE_STATUS"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_NO_BASIC_RESPONSE, "KMF_ERR_OCSP_NO_BASIC_RESPONSE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_BAD_SIGNER, "KMF_ERR_OCSP_BAD_SIGNER"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_RESPONSE_SIGNATURE, "KMF_ERR_OCSP_RESPONSE_SIGNATURE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_UNKNOWN_CERT, "KMF_ERR_OCSP_UNKNOWN_CERT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_STATUS_TIME_INVALID, "KMF_ERR_OCSP_STATUS_TIME_INVALID"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_HTTP_RESPONSE, "KMF_ERR_BAD_HTTP_RESPONSE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_RECV_RESPONSE, "KMF_ERR_RECV_RESPONSE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_RECV_TIMEOUT, "KMF_ERR_RECV_TIMEOUT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_DUPLICATE_KEYFILE, "KMF_ERR_DUPLICATE_KEYFILE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_AMBIGUOUS_PATHNAME, "KMF_ERR_AMBIGUOUS_PATHNAME"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_FUNCTION_NOT_FOUND, "KMF_ERR_FUNCTION_NOT_FOUND"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_PKCS12_FORMAT, "KMF_ERR_PKCS12_FORMAT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_KEY_TYPE, "KMF_ERR_BAD_KEY_TYPE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_KEY_CLASS, "KMF_ERR_BAD_KEY_CLASS"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_KEY_SIZE, "KMF_ERR_BAD_KEY_SIZE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_HEX_STRING, "KMF_ERR_BAD_HEX_STRING"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_KEYUSAGE, "KMF_ERR_KEYUSAGE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_VALIDITY_PERIOD, "KMF_ERR_VALIDITY_PERIOD"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_REVOKED, "KMF_ERR_OCSP_REVOKED"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_CERT_MULTIPLE_FOUND, "KMF_ERR_CERT_MULTIPLE_FOUND"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_WRITE_FILE, "KMF_ERR_WRITE_FILE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_URI, "KMF_ERR_BAD_URI"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_CRLFILE, "KMF_ERR_BAD_CRLFILE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_CERTFILE, "KMF_ERR_BAD_CERTFILE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_GETKEYVALUE_FAILED, "KMF_ERR_GETKEYVALUE_FAILED"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_KEYHANDLE, "KMF_ERR_BAD_KEYHANDLE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_BAD_OBJECT_TYPE, "KMF_ERR_BAD_OBJECT_TYPE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_OCSP_RESPONSE_LIFETIME, "KMF_ERR_OCSP_RESPONSE_LIFETIME"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_UNKNOWN_CSR_ATTRIBUTE, "KMF_ERR_UNKNOWN_CSR_ATTRIBUTE"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_UNINITIALIZED_TOKEN, "KMF_ERR_UNINITIALIZED_TOKEN"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_INCOMPLETE_TBS_CERT, "KMF_ERR_INCOMPLETE_TBS_CERT"},

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys {KMF_ERR_MISSING_ERRCODE, "KMF_ERR_MISSING_ERRCODE"},

71593db26bb6ef7b739cffe06d53bf990cac112cwyllys {KMF_KEYSTORE_ALREADY_INITIALIZED, "KMF_KEYSTORE_ALREADY_INITIALIZED"},

71593db26bb6ef7b739cffe06d53bf990cac112cwyllys {KMF_ERR_SENSITIVE_KEY, "KMF_ERR_SENSITIVE_KEY"},

71593db26bb6ef7b739cffe06d53bf990cac112cwyllys {KMF_ERR_UNEXTRACTABLE_KEY, "KMF_ERR_UNEXTRACTABLE_KEY"},

d00756ccb34596a328f8a15d1965da5412d366d0wyllys {KMF_ERR_KEY_MISMATCH, "KMF_ERR_KEY_MISMATCH"},

d00756ccb34596a328f8a15d1965da5412d366d0wyllys {KMF_ERR_ATTR_NOT_FOUND, "KMF_ERR_ATTR_NOT_FOUND"},

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec {KMF_ERR_KMF_CONF, "KMF_ERR_KMF_CONF"},

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec {KMF_ERR_NAME_NOT_MATCHED, "KMF_ERR_NAME_NOT_MATCHED"},

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec {KMF_ERR_MAPPER_OPEN, "KMF_ERR_MAPPER_OPEN"},

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec {KMF_ERR_MAPPER_NOT_FOUND, "KMF_ERR_MAPPER_NOT_FOUND"},

fc2613b0a10c787c0f90e9b36f170183746c63f8Wyllys Ingersoll {KMF_ERR_MAPPING_FAILED, "KMF_ERR_MAPPING_FAILED"},

fc2613b0a10c787c0f90e9b36f170183746c63f8Wyllys Ingersoll {KMF_ERR_CERT_VALIDATION, "KMF_ERR_CERT_VALIDATION"}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys};

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllystypedef struct {

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys KMF_KEYSTORE_TYPE kstype;

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys char *path;

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys boolean_t critical;

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys} KMF_PLUGIN_ITEM;

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllysKMF_PLUGIN_ITEM plugin_list[] = {

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys {KMF_KEYSTORE_OPENSSL, KMF_PLUGIN_PATH "kmf_openssl.so.1", TRUE},

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys {KMF_KEYSTORE_PK11TOKEN, KMF_PLUGIN_PATH "kmf_pkcs11.so.1", TRUE},

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys {KMF_KEYSTORE_NSS, KMF_PLUGIN_PATH "kmf_nss.so.1", FALSE}

85b65b39e9a6fea849facdcfc7d06f5ece340e36wyllys};

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

90c85bf889e3af34323084f00e344a82f120b409wyllysstatic KMF_RETURN InitializePlugin(KMF_KEYSTORE_TYPE, char *, KMF_PLUGIN **);

90c85bf889e3af34323084f00e344a82f120b409wyllysstatic KMF_RETURN AddPlugin(KMF_HANDLE_T, KMF_PLUGIN *);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic void free_extensions(KMF_X509_EXTENSIONS *extns);

90c85bf889e3af34323084f00e344a82f120b409wyllysstatic void DestroyPlugin(KMF_PLUGIN *);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#if defined(__sparcv9)

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#define ISA_PATH "/sparcv9"

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#elif defined(__sparc)

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#define ISA_PATH "/"

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#elif defined(__i386)

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#define ISA_PATH "/"

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#elif defined(__amd64)

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#define ISA_PATH "/amd64"

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#endif

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#define DEFAULT_KEYSTORE_NUM 3

431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleestatic int kstore_num = DEFAULT_KEYSTORE_NUM;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleeconf_entrylist_t *extra_plugin_list = NULL;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleestatic boolean_t check_extra_plugin = B_FALSE;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleemutex_t extra_plugin_lock = DEFAULTMUTEX;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllysinit_pk11()

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys (void) mutex_lock(&init_lock);

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys if (!pkcs11_initialized) {

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys CK_RV rv = C_Initialize(NULL);

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys if ((rv != CKR_OK) &&

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys (rv != CKR_CRYPTOKI_ALREADY_INITIALIZED)) {

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys (void) mutex_unlock(&init_lock);

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys return (KMF_ERR_UNINITIALIZED);

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys } else {

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys pkcs11_initialized = 1;

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys }

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys }

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys (void) mutex_unlock(&init_lock);

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys return (KMF_OK);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysKMF_PLUGIN *

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysFindPlugin(KMF_HANDLE_T handle, KMF_KEYSTORE_TYPE kstype)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN_LIST *node;

90c85bf889e3af34323084f00e344a82f120b409wyllys KMF_RETURN ret = KMF_OK;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee KMF_PLUGIN *pluginrec = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (NULL);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys node = handle->plugins;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

90c85bf889e3af34323084f00e344a82f120b409wyllys /* See if the desired plugin was already initialized. */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys while (node != NULL && node->plugin->type != kstype)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys node = node->next;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (node != NULL)

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee return (node->plugin);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /* The plugin was not found, try to initialize it here. */

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (VALID_DEFAULT_KEYSTORE_TYPE(kstype)) {

90c85bf889e3af34323084f00e344a82f120b409wyllys int i;

90c85bf889e3af34323084f00e344a82f120b409wyllys int numitems = sizeof (plugin_list)/sizeof (KMF_PLUGIN_ITEM);

90c85bf889e3af34323084f00e344a82f120b409wyllys for (i = 0; i < numitems; i++) {

90c85bf889e3af34323084f00e344a82f120b409wyllys if (plugin_list[i].kstype == kstype) {

90c85bf889e3af34323084f00e344a82f120b409wyllys ret = InitializePlugin(plugin_list[i].kstype,

90c85bf889e3af34323084f00e344a82f120b409wyllys plugin_list[i].path, &pluginrec);

90c85bf889e3af34323084f00e344a82f120b409wyllys break;

90c85bf889e3af34323084f00e344a82f120b409wyllys }

90c85bf889e3af34323084f00e344a82f120b409wyllys }

90c85bf889e3af34323084f00e344a82f120b409wyllys

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee } else {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee conf_entrylist_t *phead = extra_plugin_list;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char realpath[MAXPATHLEN];

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee while (phead != NULL) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (phead->entry->kstype == kstype)

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee break;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee else

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee phead = phead->next;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (phead == NULL)

90c85bf889e3af34323084f00e344a82f120b409wyllys return (NULL);

90c85bf889e3af34323084f00e344a82f120b409wyllys

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) memset(realpath, 0, sizeof (realpath));

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (strncmp(phead->entry->modulepath, "/", 1) != 0) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) snprintf(realpath, MAXPATHLEN, "%s%s",

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee KMF_PLUGIN_PATH, phead->entry->modulepath);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee } else {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char *buf = phead->entry->modulepath;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char *isa;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if ((isa = strstr(buf, PKCS11_ISA)) != NULL) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char *isa_str;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) strncpy(realpath, buf, isa - buf);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee isa_str = strdup(ISA_PATH);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (isa_str == NULL) /* not enough memory */

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee return (NULL);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) strncat(realpath, isa_str,

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strlen(isa_str));

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee free(isa_str);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee isa += strlen(PKCS11_ISA);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) strlcat(realpath, isa, MAXPATHLEN);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee } else {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) snprintf(realpath, MAXPATHLEN, "%s",

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee phead->entry->modulepath);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }

90c85bf889e3af34323084f00e344a82f120b409wyllys }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee ret = InitializePlugin(phead->entry->kstype, realpath,

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee &pluginrec);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleeout:

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (ret != KMF_OK || pluginrec == NULL)

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /* No matching plugins found in the built-in list */

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee return (NULL);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee ret = AddPlugin(handle, pluginrec);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (ret != KMF_OK) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee DestroyPlugin(pluginrec);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee pluginrec = NULL;

90c85bf889e3af34323084f00e344a82f120b409wyllys }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee return (pluginrec);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic KMF_RETURN

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysInitializePlugin(KMF_KEYSTORE_TYPE kstype, char *path, KMF_PLUGIN **plugin)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN *p = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN_FUNCLIST *(*sym)();

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (path == NULL || plugin == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *plugin = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys p = (KMF_PLUGIN *)malloc(sizeof (KMF_PLUGIN));

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (p == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys p->type = kstype;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys p->path = strdup(path);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (p->path == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(p);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

2225707c7e7edf7c636ed349df2592ef85329cddValerie Bubb Fenwick /*

2225707c7e7edf7c636ed349df2592ef85329cddValerie Bubb Fenwick p->dldesc = dlopen(path, RTLD_LAZY | RTLD_PARENT);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (p->dldesc == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(p->path);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(p);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_PLUGIN_INIT);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys sym = (KMF_PLUGIN_FUNCLIST *(*)())dlsym(p->dldesc,

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys KMF_PLUGIN_INIT_SYMBOL);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (sym == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) dlclose(p->dldesc);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(p->path);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(p);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_PLUGIN_INIT);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /* Get the function list */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((p->funclist = (*sym)()) == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) dlclose(p->dldesc);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(p->path);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(p);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_PLUGIN_INIT);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *plugin = p;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_OK);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic KMF_RETURN

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysAddPlugin(KMF_HANDLE_T handle, KMF_PLUGIN *plugin)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN_LIST *n;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle == NULL || plugin == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /* If the head is NULL, create it */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle->plugins == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys handle->plugins = (KMF_PLUGIN_LIST *)malloc(

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys sizeof (KMF_PLUGIN_LIST));

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle->plugins == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys handle->plugins->plugin = plugin;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys handle->plugins->next = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys } else {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /* walk the list to find the tail */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys n = handle->plugins;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys while (n->next != NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys n = n->next;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys n->next = (KMF_PLUGIN_LIST *)malloc(sizeof (KMF_PLUGIN_LIST));

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (n->next == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys n->next->plugin = plugin;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys n->next->next = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (0);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic void

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysDestroyPlugin(KMF_PLUGIN *plugin)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (plugin) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (plugin->path)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(plugin->path);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(plugin);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic void

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysCleanup_KMF_Handle(KMF_HANDLE_T handle)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle != NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys while (handle->plugins != NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN_LIST *next = handle->plugins->next;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys DestroyPlugin(handle->plugins->plugin);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(handle->plugins);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys handle->plugins = next;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_policy_record(handle->policy);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(handle->policy);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(handle);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysCleanup_PK11_Session(KMF_HANDLE_T handle)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle != NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /* Close active session on a pkcs11 token */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle->pk11handle != NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) C_CloseSession(handle->pk11handle);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys handle->pk11handle = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_initialize(KMF_HANDLE_T *outhandle, char *policyfile, char *policyname)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret = KMF_OK;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_HANDLE *handle = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (outhandle == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *outhandle = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys handle = (KMF_HANDLE *)malloc(sizeof (KMF_HANDLE));

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) memset(handle, 0, sizeof (KMF_HANDLE));

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys handle->plugins = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) mutex_lock(&extra_plugin_lock);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (!check_extra_plugin) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee ret = get_entrylist(&extra_plugin_list);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee check_extra_plugin = B_TRUE;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (ret == KMF_OK) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee conf_entrylist_t *phead = extra_plugin_list;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee while (phead != NULL) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee phead->entry->kstype = ++kstore_num;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee phead = phead->next;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (ret == KMF_ERR_KMF_CONF) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee cryptoerror(LOG_WARNING, "KMF was unable to parse "

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee "the private KMF config file.\n");

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee ret = KMF_OK;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (ret != KMF_OK) {

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) mutex_unlock(&extra_plugin_lock);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto errout;

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) mutex_unlock(&extra_plugin_lock);

431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /* Initialize the handle with the policy */

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys ret = kmf_set_policy((void *)handle,

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys policyfile == NULL ? KMF_DEFAULT_POLICY_FILE : policyfile,

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys policyname == NULL ? KMF_DEFAULT_POLICY_NAME : policyname);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (ret != KMF_OK)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto errout;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec /*

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec handle->mapstate = malloc(sizeof (KMF_MAPPER_STATE));

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec if (handle->mapstate == NULL) {

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec ret = KMF_ERR_MEMORY;

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec goto errout;

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec }

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec handle->mapstate->lastmappererr = KMF_OK;

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec handle->mapstate->options = NULL;

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec /*

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec (void) kmf_cert_to_name_mapping_initialize(handle, 0, NULL);

269e59f9a28bf47e0f463e64fc5af4a408b73b21Jan Pechanec

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys CLEAR_ERROR(handle, ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllyserrout:

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (ret != KMF_OK) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys Cleanup_KMF_Handle(handle);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys handle = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *outhandle = (KMF_HANDLE_T)handle;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_configure_keystore(KMF_HANDLE_T handle,

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys int num_args,

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys KMF_ATTRIBUTE *attrlist)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys KMF_RETURN ret = KMF_OK;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN *plugin;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys KMF_KEYSTORE_TYPE kstype;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys uint32_t len;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys KMF_ATTRIBUTE_TESTER required_attrs[] = {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys {KMF_KEYSTORE_TYPE_ATTR, FALSE, 1, sizeof (KMF_KEYSTORE_TYPE)},

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys };

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys int num_req_attrs = sizeof (required_attrs) /

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys sizeof (KMF_ATTRIBUTE_TESTER);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys if (handle == NULL)

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys CLEAR_ERROR(handle, ret);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys ret = test_attributes(num_req_attrs, required_attrs,

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys 0, NULL, num_args, attrlist);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (ret != KMF_OK)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys len = sizeof (kstype);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, num_args,

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys &kstype, &len);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys if (ret != KMF_OK)

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys plugin = FindPlugin(handle, kstype);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys if (plugin != NULL && plugin->funclist->ConfigureKeystore != NULL) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys return (plugin->funclist->ConfigureKeystore(handle, num_args,

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys attrlist));

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys } else {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /* return KMF_OK, if the plugin does not have an entry */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_OK);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_finalize(KMF_HANDLE_T handle)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret = KMF_OK;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys CLEAR_ERROR(handle, ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (ret != KMF_OK)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (pkcs11_initialized) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys Cleanup_PK11_Session(handle);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys Cleanup_KMF_Handle(handle);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_get_kmf_error_str(KMF_RETURN errcode, char **errmsg)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret = KMF_OK;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int i, maxerr;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (errmsg == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *errmsg = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys maxerr = sizeof (kmf_errcodes) / sizeof (kmf_error_map);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys for (i = 0; i < maxerr && errcode != kmf_errcodes[i].code; i++)

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys /* empty body */

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys ;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (i == maxerr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MISSING_ERRCODE);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys else {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *errmsg = strdup(kmf_errcodes[i].message);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((*errmsg) == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_get_plugin_error_str(KMF_HANDLE_T handle, char **msgstr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret = KMF_OK;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN *plugin;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle == NULL || msgstr == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *msgstr = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle->lasterr.errcode == 0) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MISSING_ERRCODE);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (handle->lasterr.kstype == -1) { /* System error */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys char *str = strerror(handle->lasterr.errcode);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (str != NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *msgstr = strdup(str);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((*msgstr) == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_OK);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys plugin = FindPlugin(handle, handle->lasterr.kstype);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (plugin == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_PLUGIN_NOTFOUND);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (plugin->funclist->GetErrorString != NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys ret = plugin->funclist->GetErrorString(handle, msgstr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys } else {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_FUNCTION_NOT_FOUND);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys#define SET_SYS_ERROR(h, c) if (h) {\

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys h->lasterr.kstype = -1;\

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys h->lasterr.errcode = c;\

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_read_input_file(KMF_HANDLE_T handle, char *filename, KMF_DATA *pdata)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys struct stat s;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys long nread, total = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int fd;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys unsigned char *buf = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys if (handle) {

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys CLEAR_ERROR(handle, ret);

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys if (ret != KMF_OK)

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys return (ret);

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (filename == NULL || pdata == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((fd = open(filename, O_RDONLY)) < 0) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys SET_SYS_ERROR(handle, errno);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_OPEN_FILE);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (fstat(fd, &s) < 0) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys SET_SYS_ERROR(handle, errno);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) close(fd);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_OPEN_FILE);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((buf = (unsigned char *) malloc(s.st_size)) == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) close(fd);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys do {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys nread = read(fd, buf+total, s.st_size-total);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (nread < 0) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys SET_SYS_ERROR(handle, errno);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) close(fd);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(buf);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_INTERNAL);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys total += nread;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys } while (total < s.st_size);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys pdata->Data = buf;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys pdata->Length = s.st_size;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) close(fd);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_OK);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_der_to_pem(KMF_OBJECT_TYPE type, unsigned char *data,

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int len, unsigned char **out, int *outlen)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN err;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (data == NULL || out == NULL || outlen == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys err = Der2Pem(type, data, len, out, outlen);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (err);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_pem_to_der(unsigned char *in, int inlen,

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys unsigned char **out, int *outlen)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN err;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (in == NULL || out == NULL || outlen == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys err = Pem2Der(in, inlen, out, outlen);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (err);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllyschar *

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_oid_to_string(KMF_OID *oid)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys char numstr[128];

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys uint32_t number;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int numshift;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys uint32_t i, string_length;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys uchar_t *cp;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys char *bp;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /* First determine the size of the string */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys string_length = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys number = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys numshift = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys cp = (unsigned char *)oid->Data;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys number = (uint32_t)cp[0];

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) sprintf(numstr, "%d ", number/40);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys string_length += strlen(numstr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) sprintf(numstr, "%d ", number%40);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys string_length += strlen(numstr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys for (i = 1; i < oid->Length; i++) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((uint32_t)(numshift+7) < (sizeof (uint32_t)*8)) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys number = (number << 7) | (cp[i] & 0x7f);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys numshift += 7;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys } else {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (NULL);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((cp[i] & 0x80) == 0) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) sprintf(numstr, "%d ", number);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys string_length += strlen(numstr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys number = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys numshift = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /*

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys string_length += 4;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((bp = (char *)malloc(string_length))) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys number = (uint32_t)cp[0];

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) sprintf(numstr, "%d.", number/40);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) strcpy(bp, numstr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) sprintf(numstr, "%d.", number%40);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) strcat(bp, numstr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys number = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys cp = (unsigned char *) oid->Data;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys for (i = 1; i < oid->Length; i++) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys number = (number << 7) | (cp[i] & 0x7f);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((cp[i] & 0x80) == 0) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) sprintf(numstr, "%d", number);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) strcat(bp, numstr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys number = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (i+1 < oid->Length)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) strcat(bp, ".");

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (bp);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

02744e811b15322c5f109827a116c33bfe3438b5wyllysstatic boolean_t

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhyleecheck_for_pem(uchar_t *buf, KMF_ENCODE_FORMAT *fmt)

02744e811b15322c5f109827a116c33bfe3438b5wyllys{

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys char *p;

d00756ccb34596a328f8a15d1965da5412d366d0wyllys int i;

02744e811b15322c5f109827a116c33bfe3438b5wyllys

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (buf == NULL)

02744e811b15322c5f109827a116c33bfe3438b5wyllys return (FALSE);

02744e811b15322c5f109827a116c33bfe3438b5wyllys

d00756ccb34596a328f8a15d1965da5412d366d0wyllys for (i = 0; i < 8 && isascii(buf[i]); i++)

d00756ccb34596a328f8a15d1965da5412d366d0wyllys /* loop to make sure this is ascii */;

d00756ccb34596a328f8a15d1965da5412d366d0wyllys if (i != 8)

d00756ccb34596a328f8a15d1965da5412d366d0wyllys return (FALSE);

d00756ccb34596a328f8a15d1965da5412d366d0wyllys

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (memcmp(buf, "Bag Attr", 8) == 0) {

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee *fmt = KMF_FORMAT_PEM_KEYPAIR;

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (TRUE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee }

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys /* Look for "-----BEGIN" right after a newline */

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee p = strtok((char *)buf, "\n");

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys while (p != NULL) {

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys if (strstr(p, "-----BEGIN") != NULL) {

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee *fmt = KMF_FORMAT_PEM;

d00756ccb34596a328f8a15d1965da5412d366d0wyllys /* Restore the buffer */

d00756ccb34596a328f8a15d1965da5412d366d0wyllys buf[strlen(p)] = '\n';

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys return (TRUE);

02744e811b15322c5f109827a116c33bfe3438b5wyllys }

d00756ccb34596a328f8a15d1965da5412d366d0wyllys buf[strlen(p)] = '\n';

9b37d29632d2cb262ba42f1d804f85fcb0aa3709wyllys p = strtok(NULL, "\n");

02744e811b15322c5f109827a116c33bfe3438b5wyllys }

02744e811b15322c5f109827a116c33bfe3438b5wyllys return (FALSE);

02744e811b15322c5f109827a116c33bfe3438b5wyllys}

02744e811b15322c5f109827a116c33bfe3438b5wyllys

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhyleestatic unsigned char pkcs12_version[3] = {0x02, 0x01, 0x03};

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhyleestatic unsigned char pkcs12_oid[11] =

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee{0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01};

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhyleestatic boolean_t

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhyleecheck_for_pkcs12(uchar_t *buf, int buf_len)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee{

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee int index = 0;

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee int length_octets;

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (buf == NULL || buf_len <= 0)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (FALSE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee /*

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee /*

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (buf[index++] != 0x30)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (FALSE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (buf[index] & 0x80) {

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee length_octets = buf[index++] & 0x0F; /* long form */

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee } else {

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee length_octets = 1; /* short form */

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee }

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee index += length_octets;

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (index >= buf_len)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (FALSE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee /* Skip the length octets and check the pkcs12 version */

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (memcmp(buf + index, pkcs12_version, sizeof (pkcs12_version)) != 0)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (FALSE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee index += sizeof (pkcs12_version);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (index >= buf_len)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (FALSE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee /*

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if ((buf[index++] & 0xFF) != 0x30)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (FALSE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (buf[index] & 0x80) {

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee length_octets = buf[index++] & 0x0F;

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee } else {

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee length_octets = 1;

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee }

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee index += length_octets;

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (index + sizeof (pkcs12_oid) >= buf_len)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (FALSE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee /* Skip the length octets and check the oid */

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (memcmp(buf + index, pkcs12_oid, sizeof (pkcs12_oid)) != 0)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (FALSE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee else

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (TRUE);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee}

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee

d00756ccb34596a328f8a15d1965da5412d366d0wyllyskmf_get_data_format(KMF_DATA *data, KMF_ENCODE_FORMAT *fmt)

d00756ccb34596a328f8a15d1965da5412d366d0wyllys{

d00756ccb34596a328f8a15d1965da5412d366d0wyllys uchar_t *buf = data->Data;

d00756ccb34596a328f8a15d1965da5412d366d0wyllys

d00756ccb34596a328f8a15d1965da5412d366d0wyllys if (check_for_pkcs12(buf, data->Length) == TRUE) {

d00756ccb34596a328f8a15d1965da5412d366d0wyllys *fmt = KMF_FORMAT_PKCS12;

d00756ccb34596a328f8a15d1965da5412d366d0wyllys } else if (buf[0] == 0x30 && (buf[1] & 0x80)) {

d00756ccb34596a328f8a15d1965da5412d366d0wyllys /* It is most likely a generic ASN.1 encoded file */

d00756ccb34596a328f8a15d1965da5412d366d0wyllys *fmt = KMF_FORMAT_ASN1;

d00756ccb34596a328f8a15d1965da5412d366d0wyllys } else if (check_for_pem(buf, fmt) != TRUE) {

d00756ccb34596a328f8a15d1965da5412d366d0wyllys /* Cannot determine this file format */

d00756ccb34596a328f8a15d1965da5412d366d0wyllys *fmt = KMF_FORMAT_UNDEF;

d00756ccb34596a328f8a15d1965da5412d366d0wyllys return (KMF_ERR_ENCODING);

d00756ccb34596a328f8a15d1965da5412d366d0wyllys }

d00756ccb34596a328f8a15d1965da5412d366d0wyllys return (KMF_OK);

d00756ccb34596a328f8a15d1965da5412d366d0wyllys}

d00756ccb34596a328f8a15d1965da5412d366d0wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_get_file_format(char *filename, KMF_ENCODE_FORMAT *fmt)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret = KMF_OK;

6b35cb3cf158584a9408d44b9b6796564e8e1882Richard PALO KMF_DATA filebuf = { 0, NULL };

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (filename == NULL || !strlen(filename) || fmt == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *fmt = 0;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys ret = kmf_read_input_file(NULL, filename, &filebuf);

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (ret != KMF_OK)

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee if (filebuf.Length < 8) {

08ec4bd3f3c5e7a69bbb5c947fe80efe2e433c2fhylee ret = KMF_ERR_ENCODING; /* too small */

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto end;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

d00756ccb34596a328f8a15d1965da5412d366d0wyllys ret = kmf_get_data_format(&filebuf, fmt);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysend:

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&filebuf);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_hexstr_to_bytes(unsigned char *hexstr, unsigned char **bytes,

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys size_t *outlen)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret = KMF_OK;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys unsigned char *buf = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int len, stringlen;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int i;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys unsigned char ch;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (hexstr == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_PARAMETER);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys if (hexstr[0] == '0' && ((hexstr[1] == 'x') || (hexstr[1] == 'X')))

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys hexstr += 2;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys for (i = 0; i < strlen((char *)hexstr) && isxdigit(hexstr[i]); i++)

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys /* empty body */

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys ;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /*

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (i != strlen((char *)hexstr))

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_BAD_HEX_STRING);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys stringlen = i;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys len = (i / 2) + (i % 2);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys buf = malloc(len);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (buf == NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (KMF_ERR_MEMORY);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) memset(buf, 0, len);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys for (i = 0; i < stringlen; i++) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys ch = (unsigned char) *hexstr;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys hexstr++;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if ((ch >= '0') && (ch <= '9'))

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys ch -= '0';

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys else if ((ch >= 'A') && (ch <= 'F'))

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys ch = ch - 'A' + 10;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys else if ((ch >= 'a') && (ch <= 'f'))

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys ch = ch - 'a' + 10;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys else {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys ret = KMF_ERR_BAD_HEX_STRING;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto out;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (i & 1) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys buf[i/2] |= ch;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys } else {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys buf[i/2] = (ch << 4);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *bytes = buf;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *outlen = len;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysout:

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (buf != NULL && ret != KMF_OK) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(buf);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_dn(KMF_X509_NAME *name)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_X509_RDN *newrdn = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_X509_TYPE_VALUE_PAIR *av = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int i, j;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (name && name->numberOfRDNs) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys for (i = 0; i < name->numberOfRDNs; i++) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys newrdn = &name->RelativeDistinguishedName[i];

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys for (j = 0; j < newrdn->numberOfPairs; j++) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys av = &newrdn->AttributeTypeAndValue[j];

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&av->type);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&av->value);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(newrdn->AttributeTypeAndValue);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys newrdn->numberOfPairs = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys newrdn->AttributeTypeAndValue = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(name->RelativeDistinguishedName);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys name->numberOfRDNs = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys name->RelativeDistinguishedName = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_kmf_cert(KMF_HANDLE_T handle, KMF_X509_DER_CERT *kmf_cert)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN *plugin;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys CLEAR_ERROR(handle, ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (ret != KMF_OK)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (kmf_cert == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys plugin = FindPlugin(handle, kmf_cert->kmf_private.keystore_type);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (plugin != NULL && plugin->funclist->FreeKMFCert != NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys plugin->funclist->FreeKMFCert(handle, kmf_cert);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_data(KMF_DATA *datablock)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (datablock != NULL && datablock->Data != NULL) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(datablock->Data);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys datablock->Data = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys datablock->Length = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_algoid(KMF_X509_ALGORITHM_IDENTIFIER *algoid)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (algoid == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&algoid->algorithm);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&algoid->parameters);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_extn(KMF_X509_EXTENSION *exptr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (exptr == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data((KMF_DATA *)&exptr->extnId);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&exptr->BERvalue);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (exptr->value.tagAndValue) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&exptr->value.tagAndValue->value);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(exptr->value.tagAndValue);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_tbs_csr(KMF_TBS_CSR *tbscsr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (tbscsr) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&tbscsr->version);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_dn(&tbscsr->subject);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_algoid(&tbscsr->subjectPublicKeyInfo.algorithm);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&tbscsr->subjectPublicKeyInfo.subjectPublicKey);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free_extensions(&tbscsr->extensions);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_signed_csr(KMF_CSR_DATA *csr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (csr) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_tbs_csr(&csr->csr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_algoid(&csr->signature.algorithmIdentifier);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&csr->signature.encrypted);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic void

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysfree_validity(KMF_X509_VALIDITY *validity)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (validity == NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&validity->notBefore.time);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&validity->notAfter.time);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysstatic void

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysfree_extensions(KMF_X509_EXTENSIONS *extns)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int i;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_X509_EXTENSION *exptr;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (extns && extns->numberOfExtensions > 0) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys for (i = 0; i < extns->numberOfExtensions; i++) {

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys exptr = &extns->extensions[i];

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_extn(exptr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(extns->extensions);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys extns->numberOfExtensions = 0;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys extns->extensions = NULL;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_tbs_cert(KMF_X509_TBS_CERT *tbscert)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (tbscert) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&tbscert->version);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_bigint(&tbscert->serialNumber);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_algoid(&tbscert->signature);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_dn(&tbscert->issuer);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_dn(&tbscert->subject);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free_validity(&tbscert->validity);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&tbscert->issuerUniqueIdentifier);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&tbscert->subjectUniqueIdentifier);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_algoid(&tbscert->subjectPublicKeyInfo.algorithm);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&tbscert->subjectPublicKeyInfo.subjectPublicKey);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free_extensions(&tbscert->extensions);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&tbscert->issuerUniqueIdentifier);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&tbscert->subjectUniqueIdentifier);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_signed_cert(KMF_X509_CERTIFICATE *certptr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (!certptr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_tbs_cert(&certptr->certificate);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_algoid(&certptr->signature.algorithmIdentifier);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&certptr->signature.encrypted);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_str(char *pstr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (pstr != NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(pstr);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysfree_keyidlist(KMF_OID *oidlist, int len)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int i;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys for (i = 0; i < len; i++) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data((KMF_DATA *)&oidlist[i]);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(oidlist);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_eku(KMF_X509EXT_EKU *eptr)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys if (eptr && eptr->nEKUs > 0 && eptr->keyPurposeIdList != NULL)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free_keyidlist(eptr->keyPurposeIdList, eptr->nEKUs);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_spki(KMF_X509_SPKI *spki)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (spki != NULL) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_algoid(&spki->algorithm);

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_data(&spki->subjectPublicKey);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_kmf_key(KMF_HANDLE_T handle, KMF_KEY_HANDLE *key)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_PLUGIN *plugin;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys KMF_ATTRIBUTE attlist[2]; /* only 2 attributes for DeleteKey op */

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys int i = 0;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys boolean_t token_destroy = B_FALSE;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys if (key == NULL)

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys return;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys CLEAR_ERROR(handle, ret);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (ret != KMF_OK)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_set_attr_at_index(attlist, i,

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys KMF_KEY_HANDLE_ATTR, key, sizeof (KMF_KEY_HANDLE));

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys i++;

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_set_attr_at_index(attlist, i,

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys KMF_DESTROY_BOOL_ATTR, &token_destroy, sizeof (boolean_t));

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys i++;

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys plugin = FindPlugin(handle, key->kstype);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (plugin != NULL && plugin->funclist->DeleteKey != NULL) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys (void) plugin->funclist->DeleteKey(handle, i, attlist);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (key->keylabel)

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(key->keylabel);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (key->israw) {

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys kmf_free_raw_key(key->keyp);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(key->keyp);

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) memset(key, 0, sizeof (KMF_KEY_HANDLE));

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}

99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys

30a5e8fa1253cb33980ee4514743cf683f584b4ewyllyskmf_free_bigint(KMF_BIGINT *big)