8354 sync regcomp(3C) with upstream (fix make catalog)
[unleashed/tickless.git] / usr / src / lib / libslp / clib / slp_ami.h
blobc9b97c3ba90f331f5380bf94a905d13898550bab
1 /*
2 * CDDL HEADER START
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License, Version 1.0 only
6 * (the "License"). You may not use this file except in compliance
7 * with the License.
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or http://www.opensolaris.org/os/licensing.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
20 * CDDL HEADER END
23 * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
27 #ifndef _SLP_AMI_H
28 #define _SLP_AMI_H
30 #pragma ident "%Z%%M% %I% %E% SMI"
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
36 #include <sys/types.h>
38 typedef struct ami_oid {
39 unsigned short count;
40 unsigned long *value;
41 } ami_oid;
43 typedef struct Any {
44 unsigned long length;
45 unsigned char *value;
46 } Any;
48 typedef struct ami_rdn_seq *ami_dname;
50 typedef struct ami_name {
51 unsigned short choice;
52 #define distinguishedName_chosen 1
53 union {
54 struct ami_rdn_seq *distinguishedName;
55 } u;
56 } ami_name;
58 typedef struct ami_rdn_seq {
59 struct ami_rdn_seq *next;
60 struct ami_rdname *value;
61 } *ami_rdn_seq;
63 typedef struct ami_rdname {
64 struct ami_rdname *next;
65 struct ami_ava *value;
66 } *ami_rdname;
68 typedef Any ami_attr_value;
70 typedef struct ami_ava {
71 struct ami_oid *objid;
72 ami_attr_value *value;
73 } ami_ava;
75 typedef struct ami_attr_list {
76 struct ami_attr_list *next;
77 struct ami_attr *value;
78 } *ami_attr_list;
80 typedef struct ami_attr {
81 struct ami_oid *type;
82 struct ami_attr_value_set *values;
83 } ami_attr;
85 typedef struct ami_attr_value_set {
86 struct ami_attr_value_set *next;
87 ami_attr_value *value;
88 } *ami_attr_value_set;
90 typedef struct CaseIgnoreString {
91 unsigned short choice;
92 #define CaseIgnoreString_t61String_chosen 1
93 #define CaseIgnoreString_printableString_chosen 2
94 union {
95 char *CaseIgnoreString_t61String;
96 char *CaseIgnoreString_printableString;
97 } u;
98 } CaseIgnoreString;
100 typedef CaseIgnoreString ami_case_ignore_string;
102 typedef char *ami_printable_string;
104 typedef struct ami_cert_pair {
105 struct ami_cert *forward; /* NULL for not present */
106 struct ami_cert *reverse; /* NULL for not present */
107 } ami_cert_pair;
109 typedef struct ami_cert_serialnum {
110 unsigned short length;
111 unsigned char *value;
112 } ami_cert_serialnum;
114 typedef struct ami_cert_info {
115 unsigned char bit_mask;
116 #define version_present 0x80
117 #define extensions_present 0x40
118 int version; /* default assumed if omitted */
119 #define version_v1 0
120 #define version_v2 1
121 #define version_v3 2
122 ami_cert_serialnum serial;
123 struct ami_algid *signature;
124 struct ami_name *issuer;
125 struct ami_validity *validity;
126 struct ami_name *subject;
127 struct ami_pubkey_info *pubKeyInfo;
128 struct ami_uid *issuerUID; /* NULL for not present */
129 struct ami_uid *subjectUID; /* NULL for not present */
130 struct ami_cert_extn_list *extensions; /* optional */
131 } ami_cert_info;
133 typedef struct ami_bitstring {
134 unsigned int length; /* number of significant bits */
135 unsigned char *value;
136 } ami_bitstring;
138 typedef struct ami_cert {
139 ami_cert_info info;
140 struct ami_algid *algorithm;
141 ami_bitstring signature;
142 } ami_cert;
144 typedef struct ami_uid {
145 unsigned int length; /* number of significant bits */
146 unsigned char *value;
147 } ami_uid;
149 typedef struct ami_octetstring {
150 unsigned int length;
151 unsigned char *value;
152 } ami_octetstring;
154 typedef int ami_cert_version;
155 #define CertificateVersion_v1 0
156 #define CertificateVersion_v2 1
157 #define CertificateVersion_v3 2
159 typedef char amiBoolean;
161 typedef struct {
162 short year; /* YYYY format when used for GeneralizedTime */
163 /* YY format when used for UTCTime */
164 short month;
165 short day;
166 short hour;
167 short minute;
168 short second;
169 short millisec;
170 short mindiff; /* UTC +/- minute differential */
171 amiBoolean utc; /* TRUE means UTC time */
172 } GeneralizedTime;
174 typedef GeneralizedTime UTCTime;
176 typedef struct ami_validity {
177 UTCTime *notBefore;
178 UTCTime *notAfter;
179 } ami_validity;
181 typedef struct ami_pubkey_info {
182 struct ami_algid *algorithm;
183 ami_bitstring pubKey;
184 } ami_pubkey_info;
186 typedef Any ami_alg_params;
188 typedef struct ami_algid {
189 struct ami_oid *algorithm;
190 ami_alg_params *parameters; /* NULL for not present */
191 } ami_algid;
194 typedef struct ami_cert_extn {
195 unsigned char bit_mask;
196 #define critical_present 0x80
197 struct ami_oid *extend;
198 amiBoolean critical;
199 ami_octetstring extnValue;
200 } ami_cert_extn;
202 typedef struct ami_cert_extn_list {
203 struct ami_cert_extn_list *next;
204 struct ami_cert_extn *value;
205 } *ami_cert_extn_list;
207 typedef struct ami_cert_list_contents {
208 unsigned char bit_mask;
209 #define nextUpdate_present 0x80
210 #define CertListContents_revokedCertificates_present 0x40
211 ami_algid signature;
212 ami_name issuer;
213 UTCTime thisUpdate;
214 UTCTime nextUpdate;
215 struct _seqof1 {
216 struct _seqof1 *next;
217 struct {
218 ami_cert_serialnum userCertificate;
219 UTCTime revocationDate;
220 } value;
221 } *CertListContents_revokedCertificates;
222 } ami_cert_list_contents;
224 typedef struct ami_cert_list {
225 ami_cert_list_contents certListContents;
226 ami_algid algId;
227 ami_bitstring signature;
228 } ami_cert_list;
230 typedef struct ami_rc2_cbc_param {
231 unsigned short choice;
232 #define iv_chosen 1
233 #define sequence_chosen 2
234 union {
235 ami_octetstring iv;
236 struct _seq1 {
237 int version;
238 ami_octetstring iv;
239 } sequence;
240 } u;
241 } ami_rc2_cbc_param;
243 typedef int INT;
245 typedef struct ami_keypkg_info {
246 unsigned char bit_mask;
247 #define keypkgAttrs_present 0x80
248 #define tKeys_present 0x40
249 char *version;
250 char *keypkgId;
251 struct ami_name *owner;
252 struct ami_pubkey_info *pubKeyInfo;
253 struct ami_encr_privkey_info *encrPrivKeyInfo;
254 struct ami_attr_list *keypkgAttrs; /* optional */
255 int usage;
256 struct ami_tkey_list *tKeys; /* optional */
257 } ami_keypkg_info;
259 typedef struct ami_keypkg {
260 ami_keypkg_info info;
261 struct ami_algid *algorithm;
262 ami_bitstring signature;
263 } ami_keypkg;
265 typedef struct ami_tkey_list {
266 struct ami_tkey_list *next;
267 struct ami_tkey *value;
268 } *ami_tkey_list;
270 typedef struct ami_tkey {
271 unsigned char bit_mask;
272 #define TrustedKey_extensions_present 0x80
273 struct ami_name *owner;
274 struct ami_pubkey_info *pubKeyInfo;
275 struct ami_name *issuer; /* NULL for not present */
276 struct ami_validity *validity; /* NULL for not present */
277 struct ami_cert_serialnum *serial; /* NULL for not present */
278 struct ami_cert_extn_list *TrustedKey_extensions; /* optional */
279 } ami_tkey;
281 typedef struct ami_serv_key_info {
282 Any keyAlgId;
283 int uid;
284 int flags;
285 Any privKey;
286 char *keypkgId;
287 char *hostIP;
288 Any keypkg;
289 } ami_serv_key_info;
291 typedef struct _octet1 {
292 unsigned int length;
293 unsigned char *value;
294 } _octet1;
296 typedef struct ami_digest_info {
297 struct ami_algid *digestAlgorithm;
298 _octet1 digest;
299 } ami_digest_info;
301 typedef struct ami_crl_set {
302 struct ami_crl_set *next;
303 struct ami_crl *value;
304 } *ami_crl_set;
306 typedef struct ami_crl_entry {
307 int userCertificate;
308 UTCTime *revocationDate;
309 } ami_crl_entry;
311 typedef struct ami_crl_info {
312 unsigned char bit_mask;
313 #define CertificateRevocationListInfo_revokedCertificates_present 0x80
314 struct ami_algid *signature;
315 struct ami_name *issuer;
316 UTCTime *lastUpdate;
317 UTCTime *nextUpdate;
318 struct _seqof2 {
319 struct _seqof2 *next;
320 ami_crl_entry value;
321 } *CertificateRevocationListInfo_revokedCertificates;
322 } ami_crl_info;
324 typedef struct ami_crl {
325 ami_crl_info info;
326 struct ami_algid *algorithm;
327 ami_bitstring signature;
328 } ami_crl;
330 typedef struct ami_pbe_param {
331 struct {
332 unsigned short length;
333 unsigned char value[8];
334 } salt;
335 int iterationCount;
336 } ami_pbe_param;
338 typedef struct ami_extcert_info {
339 int version;
340 struct ami_cert *certificate;
341 struct ami_attr_list *attributes;
342 } ami_extcert_info;
344 typedef struct ami_extcert {
345 struct ami_extcert_info *extendedCertificateInfo;
346 struct ami_algid *signatureAlgorithm;
347 ami_bitstring signature;
348 } ami_extcert;
350 typedef struct ami_extcerts_and_certs {
351 struct ami_extcerts_and_certs *next;
352 struct ami_extcert_or_cert *value;
353 } *ami_extcerts_and_certs;
355 typedef struct ami_extcert_or_cert {
356 unsigned short choice;
357 #define cert_chosen 1
358 #define extendedCert_chosen 2
359 union {
360 struct ami_cert *cert;
361 struct ami_extcert *extendedCert;
362 } u;
363 } ami_extcert_or_cert;
365 typedef Any Content;
367 typedef struct ami_content_info {
368 struct ami_oid *contentType;
369 Content *content; /* NULL for not present */
370 } ami_content_info;
372 typedef struct ami_content_info_fm {
373 struct ami_oid *contentType;
374 Content *content; /* NULL for not present */
375 } ami_content_info_fm;
377 typedef struct ami_enveloped_data {
378 int version;
379 struct ami_rcpt_info_list *recipientInfos;
380 struct ami_encr_content_info *encryptedContentInfo;
381 } ami_enveloped_data;
383 typedef struct ami_encr_data {
384 int version;
385 struct ami_encr_content_info *encryptedContentInfo;
386 } ami_encr_data;
388 typedef struct ami_signed_data {
389 unsigned char bit_mask;
390 #define SignedData_certs_present 0x80
391 #define SignedData_crls_present 0x40
392 int version;
393 struct ami_digest_alg_list *digestAlgorithms;
394 struct ami_content_info *contentInfo;
395 struct ami_extcerts_and_certs *SignedData_certs; /* optional */
396 struct ami_crl_set *SignedData_crls; /* optional */
397 struct ami_signer_info_list *signerInfos;
398 } ami_signed_data;
400 typedef struct ami_signed_data_fm {
401 unsigned char bit_mask;
402 #define SignedDataFm_certs_present 0x80
403 #define SignedDataFm_crls_present 0x40
404 int version;
405 struct ami_digest_alg_list *digestAlgorithms;
406 struct ami_content_info_fm *contentInfo;
407 struct ami_extcerts_and_certs *SignedDataFm_certs; /* optional */
408 struct ami_crl_set *SignedDataFm_crls; /* optional */
409 struct ami_signer_info_list *signerInfos;
410 } ami_signed_data_fm;
412 typedef struct ami_rcpt_info_list {
413 struct ami_rcpt_info_list *next;
414 struct ami_rcpt_info *value;
415 } *ami_rcpt_info_list;
417 typedef struct ami_encr_content_info {
418 struct ami_oid *contentType;
419 struct ami_algid *contentEncryptionAlgorithm;
420 struct ami_encr_content *encryptedContent; /* NULL for not present */
421 } ami_encr_content_info;
423 typedef struct ami_pkcs_data {
424 unsigned int length;
425 unsigned char *value;
426 } ami_pkcs_data;
428 typedef struct ami_pkcs_data_fm {
429 unsigned int length;
430 unsigned char *value;
431 } ami_pkcs_data_fm;
433 typedef struct ami_encr_content {
434 unsigned int length;
435 unsigned char *value;
436 } ami_encr_content;
438 typedef struct ami_rcpt_info {
439 int version;
440 struct ami_issuer_and_serialnum *issuerAndSerialNumber;
441 struct ami_algid *keyEncryptionAlgorithm;
442 _octet1 encryptedKey;
443 } ami_rcpt_info;
445 typedef struct ami_signer_info {
446 unsigned char bit_mask;
447 #define authenticatedAttributes_present 0x80
448 #define unauthenticatedAttributes_present 0x40
449 int version;
450 struct ami_issuer_and_serialnum *issuerAndSerialNumber;
451 struct ami_algid *digestAlgorithm;
452 struct ami_attr_list *authenticatedAttributes; /* optional */
453 struct ami_algid *digestEncryptionAlgorithm;
454 _octet1 encryptedDigest;
455 struct ami_attr_list *unauthenticatedAttributes; /* optional */
456 } ami_signer_info;
458 typedef struct ami_signer_info_list {
459 struct ami_signer_info_list *next;
460 struct ami_signer_info *value;
461 } *ami_signer_info_list;
463 typedef struct ami_issuer_and_serialnum {
464 struct ami_name *issuer;
465 ami_cert_serialnum serial;
466 } ami_issuer_and_serialnum;
468 typedef struct ami_digest_alg_list {
469 struct ami_digest_alg_list *next;
470 struct ami_algid *value;
471 } *ami_digest_alg_list;
473 typedef struct ami_privkey_info {
474 unsigned char bit_mask;
475 #define attributes_present 0x80
476 int version;
477 struct ami_algid *privateKeyAlgorithm;
478 _octet1 privateKey;
479 struct ami_attr_list *attributes; /* optional */
480 } ami_privkey_info;
482 typedef struct ami_encr_privkey_info {
483 struct ami_algid *encryptionAlgorithm;
484 ami_octetstring encryptedData;
485 } ami_encr_privkey_info;
487 typedef struct ami_certreq_info {
488 int version;
489 struct ami_name *subject;
490 struct ami_pubkey_info *pubKeyInfo;
491 struct ami_attr_list *attributes;
492 } ami_certreq_info;
494 typedef struct ami_certreq {
495 ami_certreq_info info;
496 struct ami_algid *algorithm;
497 ami_bitstring signature;
498 } ami_certreq;
500 typedef struct ami_challenge_pwd {
501 unsigned short choice;
502 #define ChallengePassword_printableString_chosen 1
503 #define ChallengePassword_t61String_chosen 2
504 union {
505 char *ChallengePassword_printableString;
506 char *ChallengePassword_t61String;
507 } u;
508 } ami_challenge_pwd;
510 typedef char *ami_email_addr;
512 typedef struct ami_pubkey_and_challenge {
513 struct ami_pubkey_info *spki;
514 char *challenge;
515 } ami_pubkey_and_challenge;
517 typedef struct ami_signed_pubkey_and_challenge {
518 ami_pubkey_and_challenge pubKeyAndChallenge;
519 struct ami_algid *sigAlg;
520 ami_bitstring signature;
521 } ami_signed_pubkey_and_challenge;
523 extern ami_oid *AMI_MD2_OID;
524 extern ami_oid *AMI_MD4_OID;
525 extern ami_oid *AMI_MD5_OID;
526 extern ami_oid *AMI_SHA_1_OID;
527 extern ami_oid *AMI_RSA_ENCR_OID;
528 extern ami_oid *AMI_MD2WithRSAEncryption_OID;
529 extern ami_oid *AMI_MD5WithRSAEncryption_OID;
530 extern ami_oid *AMI_DSA_OID;
531 extern ami_oid *AMI_SHA1WithDSASignature_OID;
532 extern ami_oid *AMI_DES_ECB_OID;
533 extern ami_oid *AMI_DES_CBC_OID;
534 extern ami_oid *AMI_DES3_CBC_OID;
535 extern ami_oid *AMI_DES_MAC_OID;
536 extern ami_oid *AMI_RC2_CBC_OID;
537 extern ami_oid *AMI_RC4_OID;
540 * Misc. AlgIDs
542 extern struct ami_algid *AMI_RSA_ENCR_AID;
543 extern struct ami_algid *AMI_MD2WithRSAEncryption_AID;
544 extern struct ami_algid *AMI_MD5WithRSAEncryption_AID;
545 extern struct ami_algid *AMI_DSA_AID;
546 extern struct ami_algid *AMI_SHA1WithDSASignature_AID;
547 extern struct ami_algid *AMI_DH_AID;
548 extern struct ami_algid *AMI_MD2_AID;
549 extern struct ami_algid *AMI_MD4_AID;
550 extern struct ami_algid *AMI_MD5_AID;
551 extern struct ami_algid *AMI_SHA1_AID;
552 extern struct ami_algid *AMI_RC4_AID;
554 /* Algorithm types */
555 typedef enum {
556 AMI_OTHER_ALG = -1,
557 AMI_SYM_ENC_ALG,
558 AMI_ASYM_ENC_ALG,
559 AMI_HASH_ALG,
560 AMI_SIG_ALG,
561 AMI_KEYED_INTEGRITY_ALG
562 } ami_alg_type;
564 /* Parameter types */
565 typedef enum {
566 AMI_PARM_OTHER = -1,
567 AMI_PARM_ABSENT,
568 AMI_PARM_INTEGER,
569 AMI_PARM_OCTETSTRING,
570 AMI_PARM_NULL,
571 AMI_PARM_RC2_CBC,
572 AMI_PARM_PBE
573 } ami_parm_type;
575 /* Algorithm table */
576 #define AMI_NO_EXPORT_KEYSIZE_LIMIT 0
577 typedef struct ami_alg_list {
578 ami_oid *oid;
579 char *name;
580 ami_alg_type algType;
581 ami_parm_type parmType;
582 size_t keysize_limit;
583 } ami_alg_list;
586 * AMI function return values
589 #define AMI_OK 0
590 #define AMI_EBUFSIZE 1
591 #define AMI_ENOMEM 2 /* ENOMEM MUST be 2 */
592 #define AMI_BAD_FILE 3
593 #define AMI_FILE_NOT_FOUND 4
594 #define AMI_FILE_IO_ERR 5
595 #define AMI_BAD_PASSWD 6
596 #define AMI_UNKNOWN_USER 7
597 #define AMI_ALGORITHM_UNKNOWN 8
598 #define AMI_ASN1_ENCODE_ERR 9
599 #define AMI_ASN1_DECODE_ERR 10
600 #define AMI_BAD_KEY 11
601 #define AMI_KEYGEN_ERR 12
602 #define AMI_ENCRYPT_ERR 13
603 #define AMI_DECRYPT_ERR 14
604 #define AMI_SIGN_ERR 15
605 #define AMI_VERIFY_ERR 16
606 #define AMI_DIGEST_ERR 17
607 #define AMI_OUTPUT_FORMAT_ERR 18
608 #define AMI_SYSTEM_ERR 19 /* General Errors */
609 #define AMI_ATTRIBUTE_UNKNOWN 20
610 #define AMI_AMILOGIN_ERR 21
611 #define AMI_AMILOGOUT_ERR 22
612 #define AMI_NO_SUCH_ENTRY 23
613 #define AMI_ENTRY_ALREADY_EXISTS 24
614 #define AMI_AMISERV_DECRYPT_ERR 25
615 #define AMI_AMISERV_SIGN_ERR 26
616 #define AMI_USER_DID_NOT_AMILOGIN 27
617 #define AMI_AMISERV_CONNECT 28
618 #define AMI_KEYPKG_NOT_FOUND 29
619 #define AMI_TIME_INVALID 30
620 #define AMI_UNTRUSTED_PUBLIC_KEY 31
621 #define AMI_EPARM 32 /* EPARM MUST be 32 */
622 #define AMI_BINARY_TO_RFC1421_ERR 33
623 #define AMI_RFC1421_TO_BINARY_ERR 34
624 #define AMI_RANDOM_NUM_ERR 35
625 #define AMI_XFN_ERR 36
626 #define AMI_CERT_CHAIN_ERR 37
627 #define AMI_RDN_MISSING_EQUAL 38
628 #define AMI_AVA_TYPE_MISSING 39
629 #define AMI_AVA_VALUE_MISSING 40
630 #define AMI_CERT_NOT_FOUND 41
631 #define AMI_DN_NOT_FOUND 42
632 #define AMI_CRITICAL_EXTNS_ERR 43
633 #define AMI_ASN1_INIT_ERROR 44
634 #define AMI_WRAP_ERROR 45
635 #define AMI_UNWRAP_ERROR 46
636 #define AMI_UNSUPPORTED_KEY_TYPE 47
637 #define AMI_DH_PART1_ERR 48
638 #define AMI_DH_PART2_ERR 49
639 #define AMI_DOUBLE_ENCRYPT 50
640 #define AMI_AMISERV_KEYPKG_UPDATE 51
641 #define AMI_AMISERV_STAT_ERR 52
642 #define AMI_GLOBAL_ERR 53
643 #define AMI_TRUSTED_KEY_EXPIRED 54
644 #define AMI_OPEN_ERR 55
645 #define AMI_TOTAL_ERRNUM 56
646 #define AMI_CERT_ERR 57
647 #define AMI_KEYPKG_ERR 58
649 /* flags for ami_encrypt, ami_decrypt, ami_sign, ami_verify, ami_digest */
650 #define AMI_ADD_DATA 1
651 #define AMI_END_DATA 2
652 #define AMI_DIGESTED_DATA 3 /* for ami_verify for digested data */
654 /* AMI Handle and status */
655 typedef struct ami_handle ami_handle_t;
657 /* AMI return variable */
658 typedef int AMI_STATUS;
661 * Parameter
664 typedef struct ami_rsa_keygen_param_t {
665 uint_t modulusBits;
666 uchar_t *publicExponent; /* const */
667 size_t publicExponentLen;
668 } ami_rsa_keygen_param;
670 typedef struct ami_des_keygen_param_t {
671 uchar_t *saltVal; /* const */
672 size_t saltLen;
673 char *passwd; /* const */
674 int iterationCount;
675 } ami_des_keygen_param;
678 * PROTOTYPES should be set to one if and only if the compiler supports
679 * function argument prototyping.
680 * The following makes PROTOTYPES default to 1 if it has not already been
681 * defined as 0 with C compiler flags.
683 #ifndef PROTOTYPES
684 #define PROTOTYPES 1
685 #endif
688 * PROTO_LIST is defined depending on how PROTOTYPES is defined above.
689 * If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
690 * returns an empty list.
693 #if PROTOTYPES
694 #define PROTO_LIST(list) list
695 #else
696 #define PROTO_LIST(list) ()
697 #endif
700 * AMI prototypes
703 /* Init and Terminate a AMI session */
704 AMI_STATUS ami_init PROTO_LIST((
705 ami_handle_t **,
706 const char *,
707 const char *,
708 const uint_t,
709 const uint_t,
710 const char *));
712 AMI_STATUS ami_end PROTO_LIST((
713 ami_handle_t *));
715 char *ami_strerror PROTO_LIST((
716 ami_handle_t *,
717 const AMI_STATUS)); /* errno */
719 /* Key generation */
720 AMI_STATUS ami_gen_des_key PROTO_LIST((
721 const ami_handle_t *, /* IN: ami handle */
722 uchar_t **, /* OUT: DES session key */
723 ami_alg_params **)); /* OUT: IV */
725 AMI_STATUS ami_gen_des3_key PROTO_LIST((
726 const ami_handle_t *, /* IN: ami handle */
727 uchar_t **, /* OUT: triple DES session key */
728 ami_alg_params **)); /* OUT: IV */
730 AMI_STATUS ami_gen_rc2_key PROTO_LIST((
731 const ami_handle_t *, /* IN: AMI handle */
732 const size_t, /* IN: key length */
733 const uint_t, /* IN: effective key size in bits */
734 uchar_t **, /* OUT: RC2 session key */
735 ami_alg_params **)); /* OUT: RC2 parameter */
737 AMI_STATUS ami_gen_rc4_key PROTO_LIST((
738 const ami_handle_t *, /* IN: ami handle */
739 const size_t, /* IN: key length in bytes */
740 uchar_t **)); /* OUT: RC4 key */
742 AMI_STATUS ami_gen_rsa_keypair PROTO_LIST((
743 const ami_handle_t *, /* IN: ami handle */
744 const ami_rsa_keygen_param *, /* IN: keypair generation parameters */
745 const uchar_t *,
746 const size_t,
747 uchar_t **, /* OUT: public key */
748 size_t *, /* OUT: public key length */
749 uchar_t **, /* OUT: private key */
750 size_t *)); /* OUT: private key length */
752 /* crypto */
753 AMI_STATUS ami_digest PROTO_LIST((
754 ami_handle_t *, /* IN: ami handle */
755 const uchar_t *, /* IN: input data */
756 const size_t, /* IN: length of data in bytes */
757 const int, /* IN: more input data flag */
758 const ami_algid *, /* IN: digest algorithm */
759 uchar_t **, /* OUT: digest */
760 size_t *)); /* OUT: length of digest */
761 AMI_STATUS ami_sign PROTO_LIST((
762 ami_handle_t *, /* IN: ami handle */
763 const uchar_t *, /* IN: data to be signed */
764 const size_t, /* IN: data length */
765 const int, /* IN: more input data flag */
766 const ami_algid *, /* IN: signature key algorithm */
767 const uchar_t *, /* IN: signature key */
768 const size_t, /* IN: signature key length */
769 const ami_algid *, /* IN: signature algorithm */
770 uchar_t **, /* OUT: signature */
771 size_t *)); /* OUT: signature length */
772 AMI_STATUS ami_verify PROTO_LIST((
773 ami_handle_t *, /* IN: ami handle */
774 const uchar_t *, /* IN: data to be verified */
775 const size_t, /* IN: data length */
776 const int, /* IN: more input data flag */
777 const ami_algid *, /* IN: verification key algorithm */
778 const uchar_t *, /* IN: verification key */
779 const size_t, /* IN: verification key length */
780 const ami_algid *, /* IN: verification algorithm */
781 const uchar_t *, /* IN: signature */
782 const size_t)); /* IN: signature length */
783 AMI_STATUS ami_encrypt PROTO_LIST((
784 ami_handle_t *, /* IN: ami handle */
785 const uchar_t *, /* IN: input data */
786 const size_t, /* IN: input data length */
787 const int, /* IN: more input data flag */
788 const ami_algid *, /* IN: encryption key algorithm */
789 const uchar_t *, /* IN: encryption key */
790 const size_t, /* IN: encryption key length */
791 const ami_algid *, /* IN: encryption algorithm */
792 uchar_t **, /* OUT: ciphertext */
793 size_t *)); /* OUT: ciphertext length */
794 AMI_STATUS ami_decrypt PROTO_LIST((
795 ami_handle_t *, /* IN: ami handle */
796 const uchar_t *, /* IN: ciphertext */
797 const size_t, /* IN: ciphertext length */
798 const int, /* IN: more input data flag */
799 const ami_algid *, /* IN: decryption key algorithm */
800 const uchar_t *, /* IN: decryption key */
801 const size_t, /* IN: decryption key length */
802 const ami_algid *, /* IN: decryption algorithm */
803 uchar_t **, /* OUT: cleartext */
804 size_t *)); /* OUT: cleartext length */
805 AMI_STATUS ami_wrap_key PROTO_LIST((
806 const ami_handle_t *, /* IN: ami handle */
807 const uchar_t *, /* IN: key to be wrapped */
808 const size_t, /* IN: length of key to be wrapped */
809 const ami_algid *, /* IN: wrapping key algorithm */
810 const uchar_t *, /* IN: wrapping key */
811 const size_t, /* IN: wrapping key length */
812 const ami_algid *, /* IN: wrapping algorithm */
813 uchar_t **, /* OUT: wrapped key */
814 size_t *)); /* IN/OUT: wrapped key length */
815 AMI_STATUS ami_unwrap_key PROTO_LIST((
816 const ami_handle_t *, /* IN: ami handle */
817 const uchar_t *, /* IN: wrapped key */
818 const size_t, /* IN: wrapped key length */
819 const ami_algid *, /* IN: unwrapping key algorithm */
820 const uchar_t *, /* IN: unwrapping key */
821 const size_t, /* IN: unwrapping key length */
822 const ami_algid *, /* IN: unwrapping algorithm */
823 uchar_t **, /* OUT: unwrapped key */
824 size_t *)); /* OUT: unwrapped key length */
826 /* certificate verification */
827 AMI_STATUS ami_verify_cert PROTO_LIST((
828 const ami_handle_t *, /* IN: ami handle */
829 const ami_cert *, /* IN: certificate to be verified */
830 const ami_pubkey_info *, /* IN: public verification key */
831 const int)); /* IN: flags (unused) */
832 AMI_STATUS ami_verify_cert_chain PROTO_LIST((
833 const ami_handle_t *, /* IN: ami handle */
834 const ami_cert *, /* IN: certificate chain to be verified */
835 const int, /* IN: length of cert chain */
836 const struct ami_tkey_list *, /* IN: trusted key list */
837 const int, /* IN: flags (unused) */
838 ami_cert **)); /* OUT: first expired certificate */
839 AMI_STATUS ami_verify_cert_est_chain PROTO_LIST((
840 const ami_handle_t *, /* IN: ami handle */
841 const ami_cert *, /* IN: certificate to be verified */
842 const struct ami_tkey_list *, /* IN: trusted key list */
843 const char **, /* IN: CA Name list */
844 const int, /* IN: flags (unused) */
845 ami_cert **, /* OUT: first expired certificate */
846 ami_cert **, /* OUT: certificate chain */
847 int *)); /* OUT: length of cert chain */
849 /* certificate chain establishment */
850 AMI_STATUS ami_get_cert_chain PROTO_LIST((
851 const ami_handle_t *, /* IN: ami handle */
852 const ami_cert *, /* IN: user certificate */
853 const char **, /* IN: CA name list */
854 int flags, /* IN: flags (unused) */
855 ami_cert **, /* OUT: certificate chain */
856 int *)); /* OUT: length of cert chain */
858 /* I/O */
859 AMI_STATUS ami_set_keypkg PROTO_LIST((
860 const ami_handle_t *, /* IN: ami handle */
861 const char *, /* IN: keypkg filename or repository index */
862 const ami_keypkg *)); /* IN: keypkg to be stored */
863 AMI_STATUS ami_get_keypkg PROTO_LIST((
864 const ami_handle_t *, /* IN: ami handle */
865 const char *, /* IN: keypkg_filename or repository index */
866 ami_keypkg **)); /* OUT: keypkg */
867 AMI_STATUS ami_set_cert PROTO_LIST((
868 const ami_handle_t *, /* IN: ami handle */
869 const char *, /* IN: cert filename or repository index */
870 const ami_cert *)); /* IN: certificate */
871 AMI_STATUS ami_get_cert PROTO_LIST((
872 const ami_handle_t *, /* IN: ami handle */
873 const char *, /* IN: certificate filename, rep index, DN */
874 ami_cert **, /* OUT: set of certificates */
875 int *)); /* OUT: certificate set length */
877 /* generate random bytes */
878 AMI_STATUS ami_random PROTO_LIST((
879 const ushort_t, /* IN: requested number of random bytes */
880 uchar_t **)); /* OUT: random byte buffer */
883 /* Free */
884 void ami_free_keypkg PROTO_LIST((ami_keypkg **));
885 void ami_free_cert PROTO_LIST((ami_cert **));
886 void ami_free_cert_list PROTO_LIST((ami_cert **, int));
887 void ami_free_dn PROTO_LIST((ami_name **));
889 /* DN */
890 AMI_STATUS ami_str2dn PROTO_LIST((
891 const ami_handle_t *, char *, ami_name **));
892 AMI_STATUS ami_dn2str PROTO_LIST((
893 const ami_handle_t *, ami_name *, char **));
895 /* Supported algorithms */
896 AMI_STATUS ami_get_alglist PROTO_LIST((ami_alg_list **));
898 #ifdef __cplusplus
900 #endif
902 #endif /* _SLP_AMI_H */