keyop.c revision 99ebb4ca412cb0a19d77a3899a87c055b9c30fa8
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*
* Copyright(c) 1995-2000 Intel Corporation. All rights reserved.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <stdio.h>
#include <link.h>
#include <fcntl.h>
#include <ctype.h>
#include <ber_der.h>
#include <kmfapiP.h>
#include <libgen.h>
#include <cryptoutil.h>
/*
*
* Name: KMF_SignDataWithKey
*
* Description:
* This function signs a block of data using the private key
* and returns the signature in output
*
* Parameters:
* handle(input) - opaque handle for KMF session
* key(input) - contains private key handle needed for signing
* AlgOID(input) - contains algorithm to be used for signing
* tobesigned(input) - pointer to a KMF_DATA structure containing
* the data to be signed
* output(output) - pointer to the KMF_DATA structure containing the
* signed data
*
* Returns:
* A KMF_RETURN value indicating success or specifying a particular
* error condition.
* The value KMF_OK indicates success. All other values represent
* an error condition.
*
*/
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
/*
* The plugin must be based on the key since private keys
* cannot be extracted.
*/
goto cleanup;
/*
* For DSA, NSS returns an encoded signature. Decode the
* signature as DSA signature should be 40-byte long.
*/
if ((AlgId == KMF_ALGID_SHA1WithDSA) &&
goto cleanup;
} else {
}
} else if (AlgId == KMF_ALGID_NONE) {
}
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
return (ret);
}
/*
*
* Name: KMF_VerifyDataWithKey
*
* Description:
* This function verifies the signature of a block of data
* using the input public key
*
* Parameters:
* handle(input) - opaque handle for KMF session
* KMFKey(input) - holds public key information for verification
* sigAlg(input) - algorithm to verify
* indata(input) - pointer to the block of data whose signature
* is to be verified
* insig(input) - pointer to the signature to be verified
*
* Returns:
* A KMF_RETURN value indicating success or specifying a particular
* error condition.
* The value KMF_OK indicates success. All other values represent
* an error condition.
*
*/
{
return (err);
return (KMF_ERR_BAD_PARAMETER);
/* Retrieve public key data from keystore */
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
return (err);
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
}
{
return (rv);
return (KMF_ERR_BAD_PARAMETER);
} else {
}
}
/* Else we don't know how to free the memory. */
}
}
return (rv);
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
return (ret);
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
}
return (KMF_ERR_PLUGIN_NOTFOUND);
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
/* Find the private key from the keystore */
}
return (KMF_ERR_PLUGIN_NOTFOUND);
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
symkey));
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
}
{
return (ret);
return (KMF_ERR_BAD_PARAMETER);
} else {
return (KMF_ERR_PLUGIN_NOTFOUND);
}
}