usr/src/lib/pkcs11/include/cryptoki.h

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2008 Sun Microsystems, Inc.   All rights reserved.
  23  * Use is subject to license terms.
  24  */
  25
  26 #ifndef _CRYPTOKI_H
  27 #define _CRYPTOKI_H
  28
  29 #ifdef  __cplusplus
  30 extern "C" {
  31 #endif
  32
  33 #ifndef CK_PTR
  34 #define CK_PTR *
  35 #endif
  36
  37 #ifndef CK_DEFINE_FUNCTION
  38 #define CK_DEFINE_FUNCTION(returnType, name) returnType name
  39 #endif
  40
  41 #ifndef CK_DECLARE_FUNCTION
  42 #define CK_DECLARE_FUNCTION(returnType, name) returnType name
  43 #endif
  44
  45 #ifndef CK_DECLARE_FUNCTION_POINTER
  46 #define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType (* name)
  47 #endif
  48
  49 #ifndef CK_CALLBACK_FUNCTION
  50 #define CK_CALLBACK_FUNCTION(returnType, name) returnType (* name)
  51 #endif
  52
  53 #ifndef NULL_PTR
  54 #include <unistd.h>     /* For NULL */
  55 #define NULL_PTR NULL
  56 #endif
  57
  58 /*
  59  * pkcs11t.h defines TRUE and FALSE in a way that upsets lint
  60  */
  61 #ifndef CK_DISABLE_TRUE_FALSE
  62 #define CK_DISABLE_TRUE_FALSE
  63 #ifndef TRUE
  64 #define TRUE    1
  65 #endif /* TRUE */
  66 #ifndef FALSE
  67 #define FALSE   0
  68 #endif /* FALSE */
  69 #endif /* CK_DISABLE_TRUE_FALSE */
  70
  71 #undef CK_PKCS11_FUNCTION_INFO
  72
  73 #include <security/pkcs11.h>
  74
  75 /* Default salt len to generate PKCS#5 key */
  76 #define CK_PKCS5_PBKD2_SALT_SIZE        (16UL)
  77
  78 /* Default number of iterations to generate PKCS#5 key */
  79 #define CK_PKCS5_PBKD2_ITERATIONS       (1000UL)
  80
  81 /* Solaris specific functions */
  82
  83 #include <stdlib.h>
  84
  85 /*
  86  * pkcs11_GetCriteriaSession will initialize the framework and do all
  87  * the necessary work of calling C_GetSlotList(), C_GetMechanismInfo()
  88  * C_OpenSession() to create a session that meets all the criteria in
  89  * the given function pointer.
  90  */
  91 CK_RV pkcs11_GetCriteriaSession(
  92     boolean_t (*criteria)(CK_SLOT_ID slot_id, void *args, CK_RV *rv),
  93     void *args, CK_SESSION_HANDLE_PTR hSession);
  94
  95 /*
  96  * SUNW_C_GetMechSession will initialize the framework and do all
  97  * the necessary PKCS#11 calls to create a session capable of
  98  * providing operations on the requested mechanism
  99  */
 100 CK_RV SUNW_C_GetMechSession(CK_MECHANISM_TYPE mech,
 101     CK_SESSION_HANDLE_PTR hSession);
 102
 103 /*
 104  * SUNW_C_KeyToObject will create a secret key object for the given
 105  * mechanism from the rawkey data.
 106  */
 107 CK_RV SUNW_C_KeyToObject(CK_SESSION_HANDLE hSession,
 108     CK_MECHANISM_TYPE mech, const void *rawkey, size_t rawkey_len,
 109     CK_OBJECT_HANDLE_PTR obj);
 110
 111 /*
 112  * pkcs11_PasswdToPBKD2Object will create a secret key from the given string
 113  * (e.g. passphrase) using PKCS#5 Password-Based Key Derivation Function 2
 114  * (PBKD2).
 115  */
 116 CK_RV
 117 pkcs11_PasswdToPBKD2Object(CK_SESSION_HANDLE hSession, char *passphrase,
 118     size_t passphrase_len, void *salt, size_t salt_len, CK_ULONG iterations,
 119     CK_KEY_TYPE key_type, CK_ULONG key_len, CK_FLAGS key_flags,
 120     CK_OBJECT_HANDLE_PTR obj);
 121
 122 /*
 123  * pkcs11_ObjectToKey gets the rawkey data from a secret key object.
 124  * The caller is responsible to free the allocated rawkey data.
 125  */
 126 CK_RV
 127 pkcs11_ObjectToKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE obj,
 128     void **rawkey, size_t *rawkey_len, boolean_t destroy_obj);
 129
 130 /*
 131  * pkcs11_PasswdToKey will create PKCS#5 PBKD2 rawkey data from the
 132  * given passphrase.  The caller is responsible to free the allocated
 133  * rawkey data.
 134  */
 135 CK_RV
 136 pkcs11_PasswdToKey(CK_SESSION_HANDLE hSession, char *passphrase,
 137     size_t passphrase_len, void *salt, size_t salt_len, CK_KEY_TYPE key_type,
 138     CK_ULONG key_len, void **rawkey, size_t *rawkey_len);
 139
 140 #ifdef  __cplusplus
 141 }
 142 #endif
 143
 144 #endif  /* _CRYPTOKI_H */