c28749e97052f09388969427adf7df641cdcdc22kais * CDDL HEADER START
c28749e97052f09388969427adf7df641cdcdc22kais * The contents of this file are subject to the terms of the
c892ebf1bef94f4f922f282c11516677c134dbe0krishna * Common Development and Distribution License (the "License").
c892ebf1bef94f4f922f282c11516677c134dbe0krishna * You may not use this file except in compliance with the License.
c28749e97052f09388969427adf7df641cdcdc22kais * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
c28749e97052f09388969427adf7df641cdcdc22kais * See the License for the specific language governing permissions
c28749e97052f09388969427adf7df641cdcdc22kais * and limitations under the License.
c28749e97052f09388969427adf7df641cdcdc22kais * When distributing Covered Code, include this CDDL HEADER in each
c28749e97052f09388969427adf7df641cdcdc22kais * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
c28749e97052f09388969427adf7df641cdcdc22kais * If applicable, add the following below this CDDL HEADER, with the
c28749e97052f09388969427adf7df641cdcdc22kais * fields enclosed by brackets "[]" replaced with your own identifying
c28749e97052f09388969427adf7df641cdcdc22kais * information: Portions Copyright [yyyy] [name of copyright owner]
c28749e97052f09388969427adf7df641cdcdc22kais * CDDL HEADER END
dd49f125507979bb2ab505a8daf2a46d1be27051Anders Persson * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
c28749e97052f09388969427adf7df641cdcdc22kaisextern "C" {
c28749e97052f09388969427adf7df641cdcdc22kais * Certificate structure. The msg field is the BER data of the
c28749e97052f09388969427adf7df641cdcdc22kais * certificate.
c28749e97052f09388969427adf7df641cdcdc22kais/* Generic linked chain type */
c28749e97052f09388969427adf7df641cdcdc22kais/* Proxies chain. follows the generic kssl_chain_t layout */
c28749e97052f09388969427adf7df641cdcdc22kais/* Fallback endpoints chain. Ditto. */
c892ebf1bef94f4f922f282c11516677c134dbe0krishna * Structure to support using a non-extractable key in
c892ebf1bef94f4f922f282c11516677c134dbe0krishna * a crypto provider. We keep the token label and pin so
c892ebf1bef94f4f922f282c11516677c134dbe0krishna * that we can reauthenticate when needed.
c28749e97052f09388969427adf7df641cdcdc22kais/* kssl_entry_t structure. */
c28749e97052f09388969427adf7df641cdcdc22kais crypto_key_t *ke_private_key; /* instance's private key */
c28749e97052f09388969427adf7df641cdcdc22kais kssl_fallback_t *ke_fallback_head; /* Fall-back endpoints chain */
1a5e258f5471356ca102c7176637cdce45bac147Josef 'Jeff' Sipek atomic_inc_32(&(kssl_entry)->ke_refcnt); \
1a5e258f5471356ca102c7176637cdce45bac147Josef 'Jeff' Sipek if (atomic_dec_32_nv(&(kssl_entry)->ke_refcnt) == 0) { \
c28749e97052f09388969427adf7df641cdcdc22kais#define CRYPTO_ERR(r) ((r) != CRYPTO_SUCCESS && (r) != CRYPTO_QUEUED)
51dd2c77f06e5663c28bd4f7a760cae4cf159e79vk * Enqueue mblk into KSSL input queue. Watch for mblk b_cont chains
51dd2c77f06e5663c28bd4f7a760cae4cf159e79vk * returned by tcp_reass() and enqueue them properly. Caller should
51dd2c77f06e5663c28bd4f7a760cae4cf159e79vk * be aware that mp is modified by this macro.
c28749e97052f09388969427adf7df641cdcdc22kais } else { \
c28749e97052f09388969427adf7df641cdcdc22kais#define KSSL_COUNTER(p, v) atomic_add_64(&kssl_statp->p.value.ui64, v)
c28749e97052f09388969427adf7df641cdcdc22kaisextern int kssl_compute_record_mac(ssl_t *, int, uint64_t, SSL3ContentType,
c28749e97052f09388969427adf7df641cdcdc22kaisextern int kssl_handle_handshake_message(ssl_t *, mblk_t *, int *,
c28749e97052f09388969427adf7df641cdcdc22kaisextern int kssl_handle_v2client_hello(ssl_t *, mblk_t *, int);
c28749e97052f09388969427adf7df641cdcdc22kaisextern void kssl_uncache_sid(sslSessionID *, kssl_entry_t *);
c28749e97052f09388969427adf7df641cdcdc22kaisextern int kssl_mac_encrypt_record(ssl_t *, SSL3ContentType, uchar_t *,
c28749e97052f09388969427adf7df641cdcdc22kais#endif /* _INET_KSSL_KSSLIMPL_H */