libkmf/include/kmfapi.h

	kmfapi.h revision 2
b897c52f865b2fc4e220e2110b874e59c716456bBob Halley/*
5fbced719b71e659322b4ce3e4a39c9b039674c7Bob Halley * CDDL HEADER START
499b34cea04a46823d003d4c0520c8b03e8513cbBrian Wellington *
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * The contents of this file are subject to the terms of the
5fbced719b71e659322b4ce3e4a39c9b039674c7Bob Halley * Common Development and Distribution License (the "License").
5fbced719b71e659322b4ce3e4a39c9b039674c7Bob Halley * You may not use this file except in compliance with the License.
5fbced719b71e659322b4ce3e4a39c9b039674c7Bob Halley *
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
15a44745412679c30a6d022733925af70a38b715David Lawrence * or http://www.opensolaris.org/os/licensing.
15a44745412679c30a6d022733925af70a38b715David Lawrence * See the License for the specific language governing permissions
15a44745412679c30a6d022733925af70a38b715David Lawrence * and limitations under the License.
15a44745412679c30a6d022733925af70a38b715David Lawrence *
15a44745412679c30a6d022733925af70a38b715David Lawrence * When distributing Covered Code, include this CDDL HEADER in each
15a44745412679c30a6d022733925af70a38b715David Lawrence * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15a44745412679c30a6d022733925af70a38b715David Lawrence * If applicable, add the following below this CDDL HEADER, with the
15a44745412679c30a6d022733925af70a38b715David Lawrence * fields enclosed by brackets "[]" replaced with your own identifying
15a44745412679c30a6d022733925af70a38b715David Lawrence * information: Portions Copyright [yyyy] [name of copyright owner]
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrence *
e85ffb301b294d70ddc1d90234788403666bb944David Lawrence * CDDL HEADER END
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson *
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson *
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson * Constant definitions and function prototypes for the KMF library.
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * Commonly used data types are defined in "kmftypes.h".
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson */
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence#ifndef _KMFAPI_H
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence#define _KMFAPI_H
cb3e854e181373807f7f011e5050c1a8013b4841Brian Wellington
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence#include <kmftypes.h>
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence#include <security/cryptoki.h>
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson#ifdef __cplusplus
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafssonextern "C" {
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson#endif
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson/*
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson * Setup operations.
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson */
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrenceextern KMF_RETURN kmf_initialize(KMF_HANDLE_T *, char *, char *);
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrenceextern KMF_RETURN kmf_configure_keystore(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafssonextern KMF_RETURN kmf_finalize(KMF_HANDLE_T);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * Key operations.
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_create_keypair(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
b897c52f865b2fc4e220e2110b874e59c716456bBob Halley
b897c52f865b2fc4e220e2110b874e59c716456bBob Halleyextern KMF_RETURN kmf_delete_key_from_keystore(KMF_HANDLE_T, int,
b897c52f865b2fc4e220e2110b874e59c716456bBob Halley    KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_find_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_find_prikey_by_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_store_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
4b598d8ae578861d5f3fc1333c9f84c9c9c8be7cDavid Lawrence
4b598d8ae578861d5f3fc1333c9f84c9c9c8be7cDavid Lawrenceextern KMF_RETURN kmf_create_sym_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_sym_key_value(KMF_HANDLE_T, KMF_KEY_HANDLE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_RAW_SYM_KEY *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * Certificate operations.
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
4b598d8ae578861d5f3fc1333c9f84c9c9c8be7cDavid Lawrenceextern KMF_RETURN kmf_find_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_encode_cert_record(KMF_X509_CERTIFICATE *, KMF_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_import_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_store_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
5a48c9f76003a649e16de34fe6206e3b67b97afbBob Halleyextern KMF_RETURN kmf_delete_cert_from_keystore(KMF_HANDLE_T, int,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_validate_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_create_cert_file(const KMF_DATA *, KMF_ENCODE_FORMAT,
86cbec9012b1db3f85789155c38d10c63a96156fAndreas Gustafsson    char *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_download_cert(KMF_HANDLE_T, char *, char *, int,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    unsigned int, char *, KMF_ENCODE_FORMAT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
abfb7fe67fd97adfa4628afa79af5d98c2d9cad0Andreas Gustafssonextern KMF_RETURN kmf_is_cert_data(KMF_DATA *, KMF_ENCODE_FORMAT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_is_cert_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_check_cert_date(KMF_HANDLE_T, const KMF_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * Crypto operations with key or cert.
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_encrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_decrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_sign_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_sign_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
5a48c9f76003a649e16de34fe6206e3b67b97afbBob Halleyextern KMF_RETURN kmf_verify_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
5a48c9f76003a649e16de34fe6206e3b67b97afbBob Halleyextern KMF_RETURN kmf_verify_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * CRL operations.
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_import_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
4b598d8ae578861d5f3fc1333c9f84c9c9c8be7cDavid Lawrenceextern KMF_RETURN kmf_delete_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_list_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_find_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
4b598d8ae578861d5f3fc1333c9f84c9c9c8be7cDavid Lawrenceextern KMF_RETURN kmf_find_cert_in_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_verify_crl_file(KMF_HANDLE_T, char *, KMF_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_check_crl_date(KMF_HANDLE_T, char *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_download_crl(KMF_HANDLE_T, char *, char *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    int, unsigned int, char *, KMF_ENCODE_FORMAT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_is_crl_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * CSR operations.
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_create_csr_file(KMF_DATA *, KMF_ENCODE_FORMAT, char *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_csr_pubkey(KMF_HANDLE_T,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_KEY_HANDLE *, KMF_CSR_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_csr_version(KMF_CSR_DATA *, uint32_t);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_csr_subject(KMF_CSR_DATA *, KMF_X509_NAME *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_csr_extn(KMF_CSR_DATA *, KMF_X509_EXTENSION *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_csr_sig_alg(KMF_CSR_DATA *, KMF_ALGORITHM_INDEX);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_csr_subject_altname(KMF_CSR_DATA *, char *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    int, KMF_GENERALNAMECHOICES);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_csr_ku(KMF_CSR_DATA *, int, uint16_t);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_decode_csr(KMF_HANDLE_T, KMF_DATA *, KMF_CSR_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_verify_csr(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_sign_csr(KMF_HANDLE_T, const KMF_CSR_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_KEY_HANDLE *, KMF_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_add_csr_eku(KMF_CSR_DATA *, KMF_OID *, int);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * GetCert operations.
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_extn(const KMF_DATA *, KMF_OID *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_X509_EXTENSION *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_extns(const KMF_DATA *, KMF_FLAG_CERT_EXTN,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_X509_EXTENSION **, int *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_ku(const KMF_DATA *, KMF_X509EXT_KEY_USAGE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_eku(const KMF_DATA *, KMF_X509EXT_EKU *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_basic_constraint(const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_BOOL *, KMF_X509EXT_BASICCONSTRAINTS *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_policies(const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_BOOL *, KMF_X509EXT_CERT_POLICIES *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_auth_info_access(const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_X509EXT_AUTHINFOACCESS *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_crl_dist_pts(const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_X509EXT_CRLDISTPOINTS *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_version_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_subject_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_issuer_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_serial_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrence
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrenceextern KMF_RETURN kmf_get_cert_start_date_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_end_date_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
5a48c9f76003a649e16de34fe6206e3b67b97afbBob Halley
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_pubkey_alg_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_sig_alg_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_pubkey_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_email_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_extn_str(KMF_HANDLE_T, const KMF_DATA *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_PRINTABLE_ITEM, char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_id_data(const KMF_DATA *, KMF_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_id_str(const KMF_DATA *, char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_cert_validity(const KMF_DATA *, time_t *, time_t *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * SetCert operations
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_pubkey(KMF_HANDLE_T, KMF_KEY_HANDLE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_X509_CERTIFICATE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_subject(KMF_X509_CERTIFICATE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_X509_NAME *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_ku(KMF_X509_CERTIFICATE *, int, uint16_t);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_issuer(KMF_X509_CERTIFICATE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_X509_NAME *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_sig_alg(KMF_X509_CERTIFICATE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_ALGORITHM_INDEX);
4b598d8ae578861d5f3fc1333c9f84c9c9c8be7cDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_validity(KMF_X509_CERTIFICATE *,
4b598d8ae578861d5f3fc1333c9f84c9c9c8be7cDavid Lawrence    time_t, uint32_t);
4b598d8ae578861d5f3fc1333c9f84c9c9c8be7cDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_serial(KMF_X509_CERTIFICATE *,
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafsson    KMF_BIGINT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_version(KMF_X509_CERTIFICATE *, uint32_t);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafssonextern KMF_RETURN kmf_set_cert_issuer_altname(KMF_X509_CERTIFICATE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    int, KMF_GENERALNAMECHOICES, char *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_subject_altname(KMF_X509_CERTIFICATE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    int, KMF_GENERALNAMECHOICES, char *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_add_cert_eku(KMF_X509_CERTIFICATE *, KMF_OID *, int);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_extn(KMF_X509_CERTIFICATE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_X509_EXTENSION *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_cert_basic_constraint(KMF_X509_CERTIFICATE *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_BOOL, KMF_X509EXT_BASICCONSTRAINTS *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence *  PK12 operations
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_export_pk12(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
5a6e6c2c9b2f6cf426aa2a682aa800765e26d540Andreas Gustafssonextern KMF_RETURN kmf_build_pk12(KMF_HANDLE_T, int, KMF_X509_DER_CERT *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    int, KMF_KEY_HANDLE *, KMF_CREDENTIAL *, char *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
541ed6feaf687e97990ad19748faeec744158559David Lawrenceextern KMF_RETURN kmf_import_objects(KMF_HANDLE_T, char *, KMF_CREDENTIAL *,
cb3e854e181373807f7f011e5050c1a8013b4841Brian Wellington    KMF_X509_DER_CERT **, int *, KMF_RAW_KEY_DATA **, int *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
cb3e854e181373807f7f011e5050c1a8013b4841Brian Wellington * OCSP operations
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_ocsp_for_cert(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *,
cb3e854e181373807f7f011e5050c1a8013b4841Brian Wellington    KMF_DATA *);
cb3e854e181373807f7f011e5050c1a8013b4841Brian Wellington
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_create_ocsp_request(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_encoded_ocsp_response(KMF_HANDLE_T, char *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    char *, int, char *, int, char *, unsigned int);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_ocsp_status_for_cert(KMF_HANDLE_T, int,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_ATTRIBUTE *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
541ed6feaf687e97990ad19748faeec744158559David Lawrence * Policy Operations
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_set_policy(KMF_HANDLE_T, char *, char *);
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrence
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrence/*
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrence * Error handling.
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrence */
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrenceextern KMF_RETURN kmf_get_plugin_error_str(KMF_HANDLE_T, char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_kmf_error_str(KMF_RETURN, char **);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * Miscellaneous
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_dn_parser(char *, KMF_X509_NAME *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_read_input_file(KMF_HANDLE_T, char *, KMF_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_der_to_pem(KMF_OBJECT_TYPE, unsigned char *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    int, unsigned char **, int *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_pem_to_der(unsigned char *, int, unsigned char **, int *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern char *kmf_oid_to_string(KMF_OID *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_string_to_oid(char *, KMF_OID *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern int kmf_compare_rdns(KMF_X509_NAME *, KMF_X509_NAME *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_data_format(KMF_DATA *, KMF_ENCODE_FORMAT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_file_format(char *, KMF_ENCODE_FORMAT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern uint32_t kmf_string_to_ku(char *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern char *kmf_ku_to_string(uint32_t);
c968a9ca37964ae0bdc5d452ad784ec93bd04c57David Lawrenceextern KMF_RETURN kmf_hexstr_to_bytes(unsigned char *, unsigned char **,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    size_t *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_RETURN kmf_get_plugin_info(KMF_HANDLE_T, char *,
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence    KMF_KEYSTORE_TYPE *, char **);
541ed6feaf687e97990ad19748faeec744158559David Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern KMF_OID *kmf_ekuname_to_oid(char *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern char *kmf_oid_to_ekuname(KMF_OID *);
541ed6feaf687e97990ad19748faeec744158559David Lawrence
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence#define KMF_CompareRDNs kmf_compare_rdns
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence
541ed6feaf687e97990ad19748faeec744158559David Lawrence/*
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence * Memory cleanup operations
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrence */
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern void kmf_free_dn(KMF_X509_NAME *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern void kmf_free_kmf_cert(KMF_HANDLE_T, KMF_X509_DER_CERT *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern void kmf_free_data(KMF_DATA *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern void kmf_free_algoid(KMF_X509_ALGORITHM_IDENTIFIER *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern void kmf_free_extn(KMF_X509_EXTENSION *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern void kmf_free_tbs_csr(KMF_TBS_CSR *);
f4a7d04843eb62c92f2d4ff338da49ae86e3279bDavid Lawrenceextern void kmf_free_signed_csr(KMF_CSR_DATA *);
b897c52f865b2fc4e220e2110b874e59c716456bBob Halleyextern void kmf_free_tbs_cert(KMF_X509_TBS_CERT *);
extern void kmf_free_signed_cert(KMF_X509_CERTIFICATE *);
extern void kmf_free_str(char *);
extern void kmf_free_eku(KMF_X509EXT_EKU *);
extern void kmf_free_spki(KMF_X509_SPKI *);
extern void kmf_free_kmf_key(KMF_HANDLE_T, KMF_KEY_HANDLE *);
extern void kmf_free_bigint(KMF_BIGINT *);
extern void kmf_free_raw_key(KMF_RAW_KEY_DATA *);
extern void kmf_free_raw_sym_key(KMF_RAW_SYM_KEY *);
extern void kmf_free_crl_dist_pts(KMF_X509EXT_CRLDISTPOINTS *);

/* APIs for PKCS#11 token */
extern KMF_RETURN kmf_pk11_token_lookup(KMF_HANDLE_T, char *, CK_SLOT_ID *);
extern KMF_RETURN kmf_pk11_init_token(KMF_HANDLE_T,
    char *, char *, CK_UTF8CHAR_PTR, CK_ULONG);
extern KMF_RETURN kmf_set_token_pin(KMF_HANDLE_T, int, KMF_ATTRIBUTE *);
extern CK_SESSION_HANDLE kmf_get_pk11_handle(KMF_HANDLE_T);

/*
 * Attribute management routines.
 */
int kmf_find_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int);
void *kmf_get_attr_ptr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int);
KMF_RETURN kmf_get_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, void *,
    uint32_t *);
KMF_RETURN kmf_get_string_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, char **);
KMF_RETURN kmf_set_attr(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, void *, uint32_t);
void kmf_set_attr_at_index(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE,
    void *, uint32_t);

/*
 * Certificate to name mapping functions.
 */
KMF_RETURN kmf_cert_to_name_mapping_initialize(KMF_HANDLE_T, int,
    KMF_ATTRIBUTE *);
KMF_RETURN kmf_cert_to_name_mapping_finalize(KMF_HANDLE_T);
KMF_RETURN kmf_map_cert_to_name(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *);
KMF_RETURN kmf_match_cert_to_name(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *,
    KMF_DATA *);
KMF_RETURN kmf_get_mapper_error_str(KMF_HANDLE_T, char **);
/*
 * Helper functions for handling the mapper internal state. They are part of the
 * public interface, too.
 */
void kmf_set_mapper_lasterror(KMF_HANDLE_T, uint32_t);
uint32_t kmf_get_mapper_lasterror(KMF_HANDLE_T);
void kmf_set_mapper_options(KMF_HANDLE_T, void *);
void *kmf_get_mapper_options(KMF_HANDLE_T);

#ifdef __cplusplus
}
#endif
#endif /* _KMFAPI_H */