2N/A/*
2N/A * CDDL HEADER START
2N/A *
2N/A * The contents of this file are subject to the terms of the
2N/A * Common Development and Distribution License, Version 1.0 only
2N/A * (the "License"). You may not use this file except in compliance
2N/A * with the License.
2N/A *
2N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A * or http://www.opensolaris.org/os/licensing.
2N/A * See the License for the specific language governing permissions
2N/A * and limitations under the License.
2N/A *
2N/A * When distributing Covered Code, include this CDDL HEADER in each
2N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A * If applicable, add the following below this CDDL HEADER, with the
2N/A * fields enclosed by brackets "[]" replaced with your own identifying
2N/A * information: Portions Copyright [yyyy] [name of copyright owner]
2N/A *
2N/A * CDDL HEADER END
2N/A */
2N/A/*
2N/A * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
2N/A * Use is subject to license terms.
2N/A */
2N/A
2N/A#ifndef _SLP_AMI_H
2N/A#define _SLP_AMI_H
2N/A
2N/A#pragma ident "%Z%%M% %I% %E% SMI"
2N/A
2N/A#ifdef __cplusplus
2N/Aextern "C" {
2N/A#endif
2N/A
2N/A#include <sys/types.h>
2N/A
2N/Atypedef struct ami_oid {
2N/A unsigned short count;
2N/A unsigned long *value;
2N/A} ami_oid;
2N/A
2N/Atypedef struct Any {
2N/A unsigned long length;
2N/A unsigned char *value;
2N/A} Any;
2N/A
2N/Atypedef struct ami_rdn_seq *ami_dname;
2N/A
2N/Atypedef struct ami_name {
2N/A unsigned short choice;
2N/A#define distinguishedName_chosen 1
2N/A union {
2N/A struct ami_rdn_seq *distinguishedName;
2N/A } u;
2N/A} ami_name;
2N/A
2N/Atypedef struct ami_rdn_seq {
2N/A struct ami_rdn_seq *next;
2N/A struct ami_rdname *value;
2N/A} *ami_rdn_seq;
2N/A
2N/Atypedef struct ami_rdname {
2N/A struct ami_rdname *next;
2N/A struct ami_ava *value;
2N/A} *ami_rdname;
2N/A
2N/Atypedef Any ami_attr_value;
2N/A
2N/Atypedef struct ami_ava {
2N/A struct ami_oid *objid;
2N/A ami_attr_value *value;
2N/A} ami_ava;
2N/A
2N/Atypedef struct ami_attr_list {
2N/A struct ami_attr_list *next;
2N/A struct ami_attr *value;
2N/A} *ami_attr_list;
2N/A
2N/Atypedef struct ami_attr {
2N/A struct ami_oid *type;
2N/A struct ami_attr_value_set *values;
2N/A} ami_attr;
2N/A
2N/Atypedef struct ami_attr_value_set {
2N/A struct ami_attr_value_set *next;
2N/A ami_attr_value *value;
2N/A} *ami_attr_value_set;
2N/A
2N/Atypedef struct CaseIgnoreString {
2N/A unsigned short choice;
2N/A#define CaseIgnoreString_t61String_chosen 1
2N/A#define CaseIgnoreString_printableString_chosen 2
2N/A union {
2N/A char *CaseIgnoreString_t61String;
2N/A char *CaseIgnoreString_printableString;
2N/A } u;
2N/A} CaseIgnoreString;
2N/A
2N/Atypedef CaseIgnoreString ami_case_ignore_string;
2N/A
2N/Atypedef char *ami_printable_string;
2N/A
2N/Atypedef struct ami_cert_pair {
2N/A struct ami_cert *forward; /* NULL for not present */
2N/A struct ami_cert *reverse; /* NULL for not present */
2N/A} ami_cert_pair;
2N/A
2N/Atypedef struct ami_cert_serialnum {
2N/A unsigned short length;
2N/A unsigned char *value;
2N/A} ami_cert_serialnum;
2N/A
2N/Atypedef struct ami_cert_info {
2N/A unsigned char bit_mask;
2N/A#define version_present 0x80
2N/A#define extensions_present 0x40
2N/A int version; /* default assumed if omitted */
2N/A#define version_v1 0
2N/A#define version_v2 1
2N/A#define version_v3 2
2N/A ami_cert_serialnum serial;
2N/A struct ami_algid *signature;
2N/A struct ami_name *issuer;
2N/A struct ami_validity *validity;
2N/A struct ami_name *subject;
2N/A struct ami_pubkey_info *pubKeyInfo;
2N/A struct ami_uid *issuerUID; /* NULL for not present */
2N/A struct ami_uid *subjectUID; /* NULL for not present */
2N/A struct ami_cert_extn_list *extensions; /* optional */
2N/A} ami_cert_info;
2N/A
2N/Atypedef struct ami_bitstring {
2N/A unsigned int length; /* number of significant bits */
2N/A unsigned char *value;
2N/A} ami_bitstring;
2N/A
2N/Atypedef struct ami_cert {
2N/A ami_cert_info info;
2N/A struct ami_algid *algorithm;
2N/A ami_bitstring signature;
2N/A} ami_cert;
2N/A
2N/Atypedef struct ami_uid {
2N/A unsigned int length; /* number of significant bits */
2N/A unsigned char *value;
2N/A} ami_uid;
2N/A
2N/Atypedef struct ami_octetstring {
2N/A unsigned int length;
2N/A unsigned char *value;
2N/A} ami_octetstring;
2N/A
2N/Atypedef int ami_cert_version;
2N/A#define CertificateVersion_v1 0
2N/A#define CertificateVersion_v2 1
2N/A#define CertificateVersion_v3 2
2N/A
2N/Atypedef char amiBoolean;
2N/A
2N/Atypedef struct {
2N/A short year; /* YYYY format when used for GeneralizedTime */
2N/A /* YY format when used for UTCTime */
2N/A short month;
2N/A short day;
2N/A short hour;
2N/A short minute;
2N/A short second;
2N/A short millisec;
2N/A short mindiff; /* UTC +/- minute differential */
2N/A amiBoolean utc; /* TRUE means UTC time */
2N/A} GeneralizedTime;
2N/A
2N/Atypedef GeneralizedTime UTCTime;
2N/A
2N/Atypedef struct ami_validity {
2N/A UTCTime *notBefore;
2N/A UTCTime *notAfter;
2N/A} ami_validity;
2N/A
2N/Atypedef struct ami_pubkey_info {
2N/A struct ami_algid *algorithm;
2N/A ami_bitstring pubKey;
2N/A} ami_pubkey_info;
2N/A
2N/Atypedef Any ami_alg_params;
2N/A
2N/Atypedef struct ami_algid {
2N/A struct ami_oid *algorithm;
2N/A ami_alg_params *parameters; /* NULL for not present */
2N/A} ami_algid;
2N/A
2N/A
2N/Atypedef struct ami_cert_extn {
2N/A unsigned char bit_mask;
2N/A#define critical_present 0x80
2N/A struct ami_oid *extend;
2N/A amiBoolean critical;
2N/A ami_octetstring extnValue;
2N/A} ami_cert_extn;
2N/A
2N/Atypedef struct ami_cert_extn_list {
2N/A struct ami_cert_extn_list *next;
2N/A struct ami_cert_extn *value;
2N/A} *ami_cert_extn_list;
2N/A
2N/Atypedef struct ami_cert_list_contents {
2N/A unsigned char bit_mask;
2N/A#define nextUpdate_present 0x80
2N/A#define CertListContents_revokedCertificates_present 0x40
2N/A ami_algid signature;
2N/A ami_name issuer;
2N/A UTCTime thisUpdate;
2N/A UTCTime nextUpdate;
2N/A struct _seqof1 {
2N/A struct _seqof1 *next;
2N/A struct {
2N/A ami_cert_serialnum userCertificate;
2N/A UTCTime revocationDate;
2N/A } value;
2N/A } *CertListContents_revokedCertificates;
2N/A} ami_cert_list_contents;
2N/A
2N/Atypedef struct ami_cert_list {
2N/A ami_cert_list_contents certListContents;
2N/A ami_algid algId;
2N/A ami_bitstring signature;
2N/A} ami_cert_list;
2N/A
2N/Atypedef struct ami_rc2_cbc_param {
2N/A unsigned short choice;
2N/A#define iv_chosen 1
2N/A#define sequence_chosen 2
2N/A union {
2N/A ami_octetstring iv;
2N/A struct _seq1 {
2N/A int version;
2N/A ami_octetstring iv;
2N/A } sequence;
2N/A } u;
2N/A} ami_rc2_cbc_param;
2N/A
2N/Atypedef int INT;
2N/A
2N/Atypedef struct ami_keypkg_info {
2N/A unsigned char bit_mask;
2N/A#define keypkgAttrs_present 0x80
2N/A#define tKeys_present 0x40
2N/A char *version;
2N/A char *keypkgId;
2N/A struct ami_name *owner;
2N/A struct ami_pubkey_info *pubKeyInfo;
2N/A struct ami_encr_privkey_info *encrPrivKeyInfo;
2N/A struct ami_attr_list *keypkgAttrs; /* optional */
2N/A int usage;
2N/A struct ami_tkey_list *tKeys; /* optional */
2N/A} ami_keypkg_info;
2N/A
2N/Atypedef struct ami_keypkg {
2N/A ami_keypkg_info info;
2N/A struct ami_algid *algorithm;
2N/A ami_bitstring signature;
2N/A} ami_keypkg;
2N/A
2N/Atypedef struct ami_tkey_list {
2N/A struct ami_tkey_list *next;
2N/A struct ami_tkey *value;
2N/A} *ami_tkey_list;
2N/A
2N/Atypedef struct ami_tkey {
2N/A unsigned char bit_mask;
2N/A#define TrustedKey_extensions_present 0x80
2N/A struct ami_name *owner;
2N/A struct ami_pubkey_info *pubKeyInfo;
2N/A struct ami_name *issuer; /* NULL for not present */
2N/A struct ami_validity *validity; /* NULL for not present */
2N/A struct ami_cert_serialnum *serial; /* NULL for not present */
2N/A struct ami_cert_extn_list *TrustedKey_extensions; /* optional */
2N/A} ami_tkey;
2N/A
2N/Atypedef struct ami_serv_key_info {
2N/A Any keyAlgId;
2N/A int uid;
2N/A int flags;
2N/A Any privKey;
2N/A char *keypkgId;
2N/A char *hostIP;
2N/A Any keypkg;
2N/A} ami_serv_key_info;
2N/A
2N/Atypedef struct _octet1 {
2N/A unsigned int length;
2N/A unsigned char *value;
2N/A} _octet1;
2N/A
2N/Atypedef struct ami_digest_info {
2N/A struct ami_algid *digestAlgorithm;
2N/A _octet1 digest;
2N/A} ami_digest_info;
2N/A
2N/Atypedef struct ami_crl_set {
2N/A struct ami_crl_set *next;
2N/A struct ami_crl *value;
2N/A} *ami_crl_set;
2N/A
2N/Atypedef struct ami_crl_entry {
2N/A int userCertificate;
2N/A UTCTime *revocationDate;
2N/A} ami_crl_entry;
2N/A
2N/Atypedef struct ami_crl_info {
2N/A unsigned char bit_mask;
2N/A#define CertificateRevocationListInfo_revokedCertificates_present 0x80
2N/A struct ami_algid *signature;
2N/A struct ami_name *issuer;
2N/A UTCTime *lastUpdate;
2N/A UTCTime *nextUpdate;
2N/A struct _seqof2 {
2N/A struct _seqof2 *next;
2N/A ami_crl_entry value;
2N/A } *CertificateRevocationListInfo_revokedCertificates;
2N/A} ami_crl_info;
2N/A
2N/Atypedef struct ami_crl {
2N/A ami_crl_info info;
2N/A struct ami_algid *algorithm;
2N/A ami_bitstring signature;
2N/A} ami_crl;
2N/A
2N/Atypedef struct ami_pbe_param {
2N/A struct {
2N/A unsigned short length;
2N/A unsigned char value[8];
2N/A } salt;
2N/A int iterationCount;
2N/A} ami_pbe_param;
2N/A
2N/Atypedef struct ami_extcert_info {
2N/A int version;
2N/A struct ami_cert *certificate;
2N/A struct ami_attr_list *attributes;
2N/A} ami_extcert_info;
2N/A
2N/Atypedef struct ami_extcert {
2N/A struct ami_extcert_info *extendedCertificateInfo;
2N/A struct ami_algid *signatureAlgorithm;
2N/A ami_bitstring signature;
2N/A} ami_extcert;
2N/A
2N/Atypedef struct ami_extcerts_and_certs {
2N/A struct ami_extcerts_and_certs *next;
2N/A struct ami_extcert_or_cert *value;
2N/A} *ami_extcerts_and_certs;
2N/A
2N/Atypedef struct ami_extcert_or_cert {
2N/A unsigned short choice;
2N/A#define cert_chosen 1
2N/A#define extendedCert_chosen 2
2N/A union {
2N/A struct ami_cert *cert;
2N/A struct ami_extcert *extendedCert;
2N/A } u;
2N/A} ami_extcert_or_cert;
2N/A
2N/Atypedef Any Content;
2N/A
2N/Atypedef struct ami_content_info {
2N/A struct ami_oid *contentType;
2N/A Content *content; /* NULL for not present */
2N/A} ami_content_info;
2N/A
2N/Atypedef struct ami_content_info_fm {
2N/A struct ami_oid *contentType;
2N/A Content *content; /* NULL for not present */
2N/A} ami_content_info_fm;
2N/A
2N/Atypedef struct ami_enveloped_data {
2N/A int version;
2N/A struct ami_rcpt_info_list *recipientInfos;
2N/A struct ami_encr_content_info *encryptedContentInfo;
2N/A} ami_enveloped_data;
2N/A
2N/Atypedef struct ami_encr_data {
2N/A int version;
2N/A struct ami_encr_content_info *encryptedContentInfo;
2N/A} ami_encr_data;
2N/A
2N/Atypedef struct ami_signed_data {
2N/A unsigned char bit_mask;
2N/A#define SignedData_certs_present 0x80
2N/A#define SignedData_crls_present 0x40
2N/A int version;
2N/A struct ami_digest_alg_list *digestAlgorithms;
2N/A struct ami_content_info *contentInfo;
2N/A struct ami_extcerts_and_certs *SignedData_certs; /* optional */
2N/A struct ami_crl_set *SignedData_crls; /* optional */
2N/A struct ami_signer_info_list *signerInfos;
2N/A} ami_signed_data;
2N/A
2N/Atypedef struct ami_signed_data_fm {
2N/A unsigned char bit_mask;
2N/A#define SignedDataFm_certs_present 0x80
2N/A#define SignedDataFm_crls_present 0x40
2N/A int version;
2N/A struct ami_digest_alg_list *digestAlgorithms;
2N/A struct ami_content_info_fm *contentInfo;
2N/A struct ami_extcerts_and_certs *SignedDataFm_certs; /* optional */
2N/A struct ami_crl_set *SignedDataFm_crls; /* optional */
2N/A struct ami_signer_info_list *signerInfos;
2N/A} ami_signed_data_fm;
2N/A
2N/Atypedef struct ami_rcpt_info_list {
2N/A struct ami_rcpt_info_list *next;
2N/A struct ami_rcpt_info *value;
2N/A} *ami_rcpt_info_list;
2N/A
2N/Atypedef struct ami_encr_content_info {
2N/A struct ami_oid *contentType;
2N/A struct ami_algid *contentEncryptionAlgorithm;
2N/A struct ami_encr_content *encryptedContent; /* NULL for not present */
2N/A} ami_encr_content_info;
2N/A
2N/Atypedef struct ami_pkcs_data {
2N/A unsigned int length;
2N/A unsigned char *value;
2N/A} ami_pkcs_data;
2N/A
2N/Atypedef struct ami_pkcs_data_fm {
2N/A unsigned int length;
2N/A unsigned char *value;
2N/A} ami_pkcs_data_fm;
2N/A
2N/Atypedef struct ami_encr_content {
2N/A unsigned int length;
2N/A unsigned char *value;
2N/A} ami_encr_content;
2N/A
2N/Atypedef struct ami_rcpt_info {
2N/A int version;
2N/A struct ami_issuer_and_serialnum *issuerAndSerialNumber;
2N/A struct ami_algid *keyEncryptionAlgorithm;
2N/A _octet1 encryptedKey;
2N/A} ami_rcpt_info;
2N/A
2N/Atypedef struct ami_signer_info {
2N/A unsigned char bit_mask;
2N/A#define authenticatedAttributes_present 0x80
2N/A#define unauthenticatedAttributes_present 0x40
2N/A int version;
2N/A struct ami_issuer_and_serialnum *issuerAndSerialNumber;
2N/A struct ami_algid *digestAlgorithm;
2N/A struct ami_attr_list *authenticatedAttributes; /* optional */
2N/A struct ami_algid *digestEncryptionAlgorithm;
2N/A _octet1 encryptedDigest;
2N/A struct ami_attr_list *unauthenticatedAttributes; /* optional */
2N/A} ami_signer_info;
2N/A
2N/Atypedef struct ami_signer_info_list {
2N/A struct ami_signer_info_list *next;
2N/A struct ami_signer_info *value;
2N/A} *ami_signer_info_list;
2N/A
2N/Atypedef struct ami_issuer_and_serialnum {
2N/A struct ami_name *issuer;
2N/A ami_cert_serialnum serial;
2N/A} ami_issuer_and_serialnum;
2N/A
2N/Atypedef struct ami_digest_alg_list {
2N/A struct ami_digest_alg_list *next;
2N/A struct ami_algid *value;
2N/A} *ami_digest_alg_list;
2N/A
2N/Atypedef struct ami_privkey_info {
2N/A unsigned char bit_mask;
2N/A#define attributes_present 0x80
2N/A int version;
2N/A struct ami_algid *privateKeyAlgorithm;
2N/A _octet1 privateKey;
2N/A struct ami_attr_list *attributes; /* optional */
2N/A} ami_privkey_info;
2N/A
2N/Atypedef struct ami_encr_privkey_info {
2N/A struct ami_algid *encryptionAlgorithm;
2N/A ami_octetstring encryptedData;
2N/A} ami_encr_privkey_info;
2N/A
2N/Atypedef struct ami_certreq_info {
2N/A int version;
2N/A struct ami_name *subject;
2N/A struct ami_pubkey_info *pubKeyInfo;
2N/A struct ami_attr_list *attributes;
2N/A} ami_certreq_info;
2N/A
2N/Atypedef struct ami_certreq {
2N/A ami_certreq_info info;
2N/A struct ami_algid *algorithm;
2N/A ami_bitstring signature;
2N/A} ami_certreq;
2N/A
2N/Atypedef struct ami_challenge_pwd {
2N/A unsigned short choice;
2N/A#define ChallengePassword_printableString_chosen 1
2N/A#define ChallengePassword_t61String_chosen 2
2N/A union {
2N/A char *ChallengePassword_printableString;
2N/A char *ChallengePassword_t61String;
2N/A } u;
2N/A} ami_challenge_pwd;
2N/A
2N/Atypedef char *ami_email_addr;
2N/A
2N/Atypedef struct ami_pubkey_and_challenge {
2N/A struct ami_pubkey_info *spki;
2N/A char *challenge;
2N/A} ami_pubkey_and_challenge;
2N/A
2N/Atypedef struct ami_signed_pubkey_and_challenge {
2N/A ami_pubkey_and_challenge pubKeyAndChallenge;
2N/A struct ami_algid *sigAlg;
2N/A ami_bitstring signature;
2N/A} ami_signed_pubkey_and_challenge;
2N/A
2N/Aextern ami_oid *AMI_MD2_OID;
2N/Aextern ami_oid *AMI_MD4_OID;
2N/Aextern ami_oid *AMI_MD5_OID;
2N/Aextern ami_oid *AMI_SHA_1_OID;
2N/Aextern ami_oid *AMI_RSA_ENCR_OID;
2N/Aextern ami_oid *AMI_MD2WithRSAEncryption_OID;
2N/Aextern ami_oid *AMI_MD5WithRSAEncryption_OID;
2N/Aextern ami_oid *AMI_DSA_OID;
2N/Aextern ami_oid *AMI_SHA1WithDSASignature_OID;
2N/Aextern ami_oid *AMI_DES_ECB_OID;
2N/Aextern ami_oid *AMI_DES_CBC_OID;
2N/Aextern ami_oid *AMI_DES3_CBC_OID;
2N/Aextern ami_oid *AMI_DES_MAC_OID;
2N/Aextern ami_oid *AMI_RC2_CBC_OID;
2N/Aextern ami_oid *AMI_RC4_OID;
2N/A
2N/A/*
2N/A * Misc. AlgIDs
2N/A */
2N/Aextern struct ami_algid *AMI_RSA_ENCR_AID;
2N/Aextern struct ami_algid *AMI_MD2WithRSAEncryption_AID;
2N/Aextern struct ami_algid *AMI_MD5WithRSAEncryption_AID;
2N/Aextern struct ami_algid *AMI_DSA_AID;
2N/Aextern struct ami_algid *AMI_SHA1WithDSASignature_AID;
2N/Aextern struct ami_algid *AMI_DH_AID;
2N/Aextern struct ami_algid *AMI_MD2_AID;
2N/Aextern struct ami_algid *AMI_MD4_AID;
2N/Aextern struct ami_algid *AMI_MD5_AID;
2N/Aextern struct ami_algid *AMI_SHA1_AID;
2N/Aextern struct ami_algid *AMI_RC4_AID;
2N/A
2N/A/* Algorithm types */
2N/Atypedef enum {
2N/A AMI_OTHER_ALG = -1,
2N/A AMI_SYM_ENC_ALG,
2N/A AMI_ASYM_ENC_ALG,
2N/A AMI_HASH_ALG,
2N/A AMI_SIG_ALG,
2N/A AMI_KEYED_INTEGRITY_ALG
2N/A} ami_alg_type;
2N/A
2N/A/* Parameter types */
2N/Atypedef enum {
2N/A AMI_PARM_OTHER = -1,
2N/A AMI_PARM_ABSENT,
2N/A AMI_PARM_INTEGER,
2N/A AMI_PARM_OCTETSTRING,
2N/A AMI_PARM_NULL,
2N/A AMI_PARM_RC2_CBC,
2N/A AMI_PARM_PBE
2N/A} ami_parm_type;
2N/A
2N/A/* Algorithm table */
2N/A#define AMI_NO_EXPORT_KEYSIZE_LIMIT 0
2N/Atypedef struct ami_alg_list {
2N/A ami_oid *oid;
2N/A char *name;
2N/A ami_alg_type algType;
2N/A ami_parm_type parmType;
2N/A size_t keysize_limit;
2N/A} ami_alg_list;
2N/A
2N/A/*
2N/A * AMI function return values
2N/A */
2N/A
2N/A#define AMI_OK 0
2N/A#define AMI_EBUFSIZE 1
2N/A#define AMI_ENOMEM 2 /* ENOMEM MUST be 2 */
2N/A#define AMI_BAD_FILE 3
2N/A#define AMI_FILE_NOT_FOUND 4
2N/A#define AMI_FILE_IO_ERR 5
2N/A#define AMI_BAD_PASSWD 6
2N/A#define AMI_UNKNOWN_USER 7
2N/A#define AMI_ALGORITHM_UNKNOWN 8
2N/A#define AMI_ASN1_ENCODE_ERR 9
2N/A#define AMI_ASN1_DECODE_ERR 10
2N/A#define AMI_BAD_KEY 11
2N/A#define AMI_KEYGEN_ERR 12
2N/A#define AMI_ENCRYPT_ERR 13
2N/A#define AMI_DECRYPT_ERR 14
2N/A#define AMI_SIGN_ERR 15
2N/A#define AMI_VERIFY_ERR 16
2N/A#define AMI_DIGEST_ERR 17
2N/A#define AMI_OUTPUT_FORMAT_ERR 18
2N/A#define AMI_SYSTEM_ERR 19 /* General Errors */
2N/A#define AMI_ATTRIBUTE_UNKNOWN 20
2N/A#define AMI_AMILOGIN_ERR 21
2N/A#define AMI_AMILOGOUT_ERR 22
2N/A#define AMI_NO_SUCH_ENTRY 23
2N/A#define AMI_ENTRY_ALREADY_EXISTS 24
2N/A#define AMI_AMISERV_DECRYPT_ERR 25
2N/A#define AMI_AMISERV_SIGN_ERR 26
2N/A#define AMI_USER_DID_NOT_AMILOGIN 27
2N/A#define AMI_AMISERV_CONNECT 28
2N/A#define AMI_KEYPKG_NOT_FOUND 29
2N/A#define AMI_TIME_INVALID 30
2N/A#define AMI_UNTRUSTED_PUBLIC_KEY 31
2N/A#define AMI_EPARM 32 /* EPARM MUST be 32 */
2N/A#define AMI_BINARY_TO_RFC1421_ERR 33
2N/A#define AMI_RFC1421_TO_BINARY_ERR 34
2N/A#define AMI_RANDOM_NUM_ERR 35
2N/A#define AMI_XFN_ERR 36
2N/A#define AMI_CERT_CHAIN_ERR 37
2N/A#define AMI_RDN_MISSING_EQUAL 38
2N/A#define AMI_AVA_TYPE_MISSING 39
2N/A#define AMI_AVA_VALUE_MISSING 40
2N/A#define AMI_CERT_NOT_FOUND 41
2N/A#define AMI_DN_NOT_FOUND 42
2N/A#define AMI_CRITICAL_EXTNS_ERR 43
2N/A#define AMI_ASN1_INIT_ERROR 44
2N/A#define AMI_WRAP_ERROR 45
2N/A#define AMI_UNWRAP_ERROR 46
2N/A#define AMI_UNSUPPORTED_KEY_TYPE 47
2N/A#define AMI_DH_PART1_ERR 48
2N/A#define AMI_DH_PART2_ERR 49
2N/A#define AMI_DOUBLE_ENCRYPT 50
2N/A#define AMI_AMISERV_KEYPKG_UPDATE 51
2N/A#define AMI_AMISERV_STAT_ERR 52
2N/A#define AMI_GLOBAL_ERR 53
2N/A#define AMI_TRUSTED_KEY_EXPIRED 54
2N/A#define AMI_OPEN_ERR 55
2N/A#define AMI_TOTAL_ERRNUM 56
2N/A#define AMI_CERT_ERR 57
2N/A#define AMI_KEYPKG_ERR 58
2N/A
2N/A/* flags for ami_encrypt, ami_decrypt, ami_sign, ami_verify, ami_digest */
2N/A#define AMI_ADD_DATA 1
2N/A#define AMI_END_DATA 2
2N/A#define AMI_DIGESTED_DATA 3 /* for ami_verify for digested data */
2N/A
2N/A/* AMI Handle and status */
2N/Atypedef struct ami_handle ami_handle_t;
2N/A
2N/A/* AMI return variable */
2N/Atypedef int AMI_STATUS;
2N/A
2N/A/*
2N/A * Parameter
2N/A */
2N/A
2N/Atypedef struct ami_rsa_keygen_param_t {
2N/A uint_t modulusBits;
2N/A uchar_t *publicExponent; /* const */
2N/A size_t publicExponentLen;
2N/A} ami_rsa_keygen_param;
2N/A
2N/Atypedef struct ami_des_keygen_param_t {
2N/A uchar_t *saltVal; /* const */
2N/A size_t saltLen;
2N/A char *passwd; /* const */
2N/A int iterationCount;
2N/A} ami_des_keygen_param;
2N/A
2N/A/*
2N/A * PROTOTYPES should be set to one if and only if the compiler supports
2N/A * function argument prototyping.
2N/A * The following makes PROTOTYPES default to 1 if it has not already been
2N/A * defined as 0 with C compiler flags.
2N/A */
2N/A#ifndef PROTOTYPES
2N/A#define PROTOTYPES 1
2N/A#endif
2N/A
2N/A/*
2N/A * PROTO_LIST is defined depending on how PROTOTYPES is defined above.
2N/A * If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
2N/A * returns an empty list.
2N/A */
2N/A
2N/A#if PROTOTYPES
2N/A#define PROTO_LIST(list) list
2N/A#else
2N/A#define PROTO_LIST(list) ()
2N/A#endif
2N/A
2N/A/*
2N/A * AMI prototypes
2N/A */
2N/A
2N/A/* Init and Terminate a AMI session */
2N/AAMI_STATUS ami_init PROTO_LIST((
2N/A ami_handle_t **,
2N/A const char *,
2N/A const char *,
2N/A const uint_t,
2N/A const uint_t,
2N/A const char *));
2N/A
2N/AAMI_STATUS ami_end PROTO_LIST((
2N/A ami_handle_t *));
2N/A
2N/Achar *ami_strerror PROTO_LIST((
2N/A ami_handle_t *,
2N/A const AMI_STATUS)); /* errno */
2N/A
2N/A/* Key generation */
2N/AAMI_STATUS ami_gen_des_key PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A uchar_t **, /* OUT: DES session key */
2N/A ami_alg_params **)); /* OUT: IV */
2N/A
2N/AAMI_STATUS ami_gen_des3_key PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A uchar_t **, /* OUT: triple DES session key */
2N/A ami_alg_params **)); /* OUT: IV */
2N/A
2N/AAMI_STATUS ami_gen_rc2_key PROTO_LIST((
2N/A const ami_handle_t *, /* IN: AMI handle */
2N/A const size_t, /* IN: key length */
2N/A const uint_t, /* IN: effective key size in bits */
2N/A uchar_t **, /* OUT: RC2 session key */
2N/A ami_alg_params **)); /* OUT: RC2 parameter */
2N/A
2N/AAMI_STATUS ami_gen_rc4_key PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const size_t, /* IN: key length in bytes */
2N/A uchar_t **)); /* OUT: RC4 key */
2N/A
2N/AAMI_STATUS ami_gen_rsa_keypair PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const ami_rsa_keygen_param *, /* IN: keypair generation parameters */
2N/A const uchar_t *,
2N/A const size_t,
2N/A uchar_t **, /* OUT: public key */
2N/A size_t *, /* OUT: public key length */
2N/A uchar_t **, /* OUT: private key */
2N/A size_t *)); /* OUT: private key length */
2N/A
2N/A/* crypto */
2N/AAMI_STATUS ami_digest PROTO_LIST((
2N/A ami_handle_t *, /* IN: ami handle */
2N/A const uchar_t *, /* IN: input data */
2N/A const size_t, /* IN: length of data in bytes */
2N/A const int, /* IN: more input data flag */
2N/A const ami_algid *, /* IN: digest algorithm */
2N/A uchar_t **, /* OUT: digest */
2N/A size_t *)); /* OUT: length of digest */
2N/AAMI_STATUS ami_sign PROTO_LIST((
2N/A ami_handle_t *, /* IN: ami handle */
2N/A const uchar_t *, /* IN: data to be signed */
2N/A const size_t, /* IN: data length */
2N/A const int, /* IN: more input data flag */
2N/A const ami_algid *, /* IN: signature key algorithm */
2N/A const uchar_t *, /* IN: signature key */
2N/A const size_t, /* IN: signature key length */
2N/A const ami_algid *, /* IN: signature algorithm */
2N/A uchar_t **, /* OUT: signature */
2N/A size_t *)); /* OUT: signature length */
2N/AAMI_STATUS ami_verify PROTO_LIST((
2N/A ami_handle_t *, /* IN: ami handle */
2N/A const uchar_t *, /* IN: data to be verified */
2N/A const size_t, /* IN: data length */
2N/A const int, /* IN: more input data flag */
2N/A const ami_algid *, /* IN: verification key algorithm */
2N/A const uchar_t *, /* IN: verification key */
2N/A const size_t, /* IN: verification key length */
2N/A const ami_algid *, /* IN: verification algorithm */
2N/A const uchar_t *, /* IN: signature */
2N/A const size_t)); /* IN: signature length */
2N/AAMI_STATUS ami_encrypt PROTO_LIST((
2N/A ami_handle_t *, /* IN: ami handle */
2N/A const uchar_t *, /* IN: input data */
2N/A const size_t, /* IN: input data length */
2N/A const int, /* IN: more input data flag */
2N/A const ami_algid *, /* IN: encryption key algorithm */
2N/A const uchar_t *, /* IN: encryption key */
2N/A const size_t, /* IN: encryption key length */
2N/A const ami_algid *, /* IN: encryption algorithm */
2N/A uchar_t **, /* OUT: ciphertext */
2N/A size_t *)); /* OUT: ciphertext length */
2N/AAMI_STATUS ami_decrypt PROTO_LIST((
2N/A ami_handle_t *, /* IN: ami handle */
2N/A const uchar_t *, /* IN: ciphertext */
2N/A const size_t, /* IN: ciphertext length */
2N/A const int, /* IN: more input data flag */
2N/A const ami_algid *, /* IN: decryption key algorithm */
2N/A const uchar_t *, /* IN: decryption key */
2N/A const size_t, /* IN: decryption key length */
2N/A const ami_algid *, /* IN: decryption algorithm */
2N/A uchar_t **, /* OUT: cleartext */
2N/A size_t *)); /* OUT: cleartext length */
2N/AAMI_STATUS ami_wrap_key PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const uchar_t *, /* IN: key to be wrapped */
2N/A const size_t, /* IN: length of key to be wrapped */
2N/A const ami_algid *, /* IN: wrapping key algorithm */
2N/A const uchar_t *, /* IN: wrapping key */
2N/A const size_t, /* IN: wrapping key length */
2N/A const ami_algid *, /* IN: wrapping algorithm */
2N/A uchar_t **, /* OUT: wrapped key */
2N/A size_t *)); /* IN/OUT: wrapped key length */
2N/AAMI_STATUS ami_unwrap_key PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const uchar_t *, /* IN: wrapped key */
2N/A const size_t, /* IN: wrapped key length */
2N/A const ami_algid *, /* IN: unwrapping key algorithm */
2N/A const uchar_t *, /* IN: unwrapping key */
2N/A const size_t, /* IN: unwrapping key length */
2N/A const ami_algid *, /* IN: unwrapping algorithm */
2N/A uchar_t **, /* OUT: unwrapped key */
2N/A size_t *)); /* OUT: unwrapped key length */
2N/A
2N/A/* certificate verification */
2N/AAMI_STATUS ami_verify_cert PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const ami_cert *, /* IN: certificate to be verified */
2N/A const ami_pubkey_info *, /* IN: public verification key */
2N/A const int)); /* IN: flags (unused) */
2N/AAMI_STATUS ami_verify_cert_chain PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const ami_cert *, /* IN: certificate chain to be verified */
2N/A const int, /* IN: length of cert chain */
2N/A const struct ami_tkey_list *, /* IN: trusted key list */
2N/A const int, /* IN: flags (unused) */
2N/A ami_cert **)); /* OUT: first expired certificate */
2N/AAMI_STATUS ami_verify_cert_est_chain PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const ami_cert *, /* IN: certificate to be verified */
2N/A const struct ami_tkey_list *, /* IN: trusted key list */
2N/A const char **, /* IN: CA Name list */
2N/A const int, /* IN: flags (unused) */
2N/A ami_cert **, /* OUT: first expired certificate */
2N/A ami_cert **, /* OUT: certificate chain */
2N/A int *)); /* OUT: length of cert chain */
2N/A
2N/A/* certificate chain establishment */
2N/AAMI_STATUS ami_get_cert_chain PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const ami_cert *, /* IN: user certificate */
2N/A const char **, /* IN: CA name list */
2N/A int flags, /* IN: flags (unused) */
2N/A ami_cert **, /* OUT: certificate chain */
2N/A int *)); /* OUT: length of cert chain */
2N/A
2N/A/* I/O */
2N/AAMI_STATUS ami_set_keypkg PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const char *, /* IN: keypkg filename or repository index */
2N/A const ami_keypkg *)); /* IN: keypkg to be stored */
2N/AAMI_STATUS ami_get_keypkg PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const char *, /* IN: keypkg_filename or repository index */
2N/A ami_keypkg **)); /* OUT: keypkg */
2N/AAMI_STATUS ami_set_cert PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const char *, /* IN: cert filename or repository index */
2N/A const ami_cert *)); /* IN: certificate */
2N/AAMI_STATUS ami_get_cert PROTO_LIST((
2N/A const ami_handle_t *, /* IN: ami handle */
2N/A const char *, /* IN: certificate filename, rep index, DN */
2N/A ami_cert **, /* OUT: set of certificates */
2N/A int *)); /* OUT: certificate set length */
2N/A
2N/A/* generate random bytes */
2N/AAMI_STATUS ami_random PROTO_LIST((
2N/A const ushort_t, /* IN: requested number of random bytes */
2N/A uchar_t **)); /* OUT: random byte buffer */
2N/A
2N/A
2N/A/* Free */
2N/Avoid ami_free_keypkg PROTO_LIST((ami_keypkg **));
2N/Avoid ami_free_cert PROTO_LIST((ami_cert **));
2N/Avoid ami_free_cert_list PROTO_LIST((ami_cert **, int));
2N/Avoid ami_free_dn PROTO_LIST((ami_name **));
2N/A
2N/A/* DN */
2N/AAMI_STATUS ami_str2dn PROTO_LIST((
2N/A const ami_handle_t *, char *, ami_name **));
2N/AAMI_STATUS ami_dn2str PROTO_LIST((
2N/A const ami_handle_t *, ami_name *, char **));
2N/A
2N/A/* Supported algorithms */
2N/AAMI_STATUS ami_get_alglist PROTO_LIST((ami_alg_list **));
2N/A
2N/A#ifdef __cplusplus
2N/A}
2N/A#endif
2N/A
2N/A#endif /* _SLP_AMI_H */