search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dmake: do not set MAKEFLAGS=k
[unleashed/tickless.git] / usr / src / cmd / cmd-crypto / pktool / common.h
blob89e824b1a6fd9ad044f2669b52f8fe69de798746
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #ifndef _PKTOOL_COMMON_H
27 #define _PKTOOL_COMMON_H
28
29 /*
30 * This file contains data and functions shared between all the
31 * modules that comprise this tool.
32 */
33
34 #ifdef __cplusplus
35 extern "C" {
36 #endif
37
38 #include <cryptoutil.h>
39
40 /* I18N helpers. */
41 #include <libintl.h>
42 #include <locale.h>
43 #include <errno.h>
44 #include <kmfapi.h>
45
46 /* Defines used throughout */
47
48 /* Error codes */
49 #define PK_ERR_NONE 0
50 #define PK_ERR_USAGE 1
51 #define PK_ERR_QUIT 2
52 #define PK_ERR_PK11 3
53 #define PK_ERR_SYSTEM 4
54 #define PK_ERR_OPENSSL 5
55 #define PK_ERR_NSS 6
56
57 /* Types of objects for searches. */
58 #define PK_PRIVATE_OBJ 0x0001
59 #define PK_PUBLIC_OBJ 0x0002
60 #define PK_CERT_OBJ 0x0010
61 #define PK_PRIKEY_OBJ 0x0020
62 #define PK_PUBKEY_OBJ 0x0040
63 #define PK_SYMKEY_OBJ 0x0080
64 #define PK_CRL_OBJ 0x0100
65
66 #define PK_KEY_OBJ (PK_PRIKEY_OBJ | PK_PUBKEY_OBJ | PK_SYMKEY_OBJ)
67 #define PK_ALL_OBJ (PK_PRIVATE_OBJ | PK_PUBLIC_OBJ |\
68 PK_CERT_OBJ| PK_CRL_OBJ | PK_KEY_OBJ)
69
70 #define PK_DEFAULT_KEYTYPE "rsa"
71 #define PK_DEFAULT_KEYLENGTH 2048
72 #define PK_DEFAULT_DIRECTORY "."
73 #define PK_DEFAULT_SERIALNUM 1
74 #define PK_DEFAULT_PK11TOKEN SOFT_TOKEN_LABEL
75
76 /* Constants for attribute templates. */
77 extern CK_BBOOL pk_false;
78 extern CK_BBOOL pk_true;
79
80 typedef struct {
81 int eku_count;
82 int *critlist;
83 KMF_OID *ekulist;
84 } EKU_LIST;
85
86 /* Common functions. */
87 extern void final_pk11(CK_SESSION_HANDLE sess);
88
89 extern CK_RV login_token(CK_SLOT_ID slot_id, CK_UTF8CHAR_PTR pin,
90 CK_ULONG pinlen, CK_SESSION_HANDLE_PTR sess);
91
92 extern CK_RV quick_start(CK_SLOT_ID slot_id, CK_FLAGS sess_flags,
93 CK_UTF8CHAR_PTR pin, CK_ULONG pinlen,
94 CK_SESSION_HANDLE_PTR sess);
95
96 extern CK_RV get_pin(char *prompt1, char *prompt2, CK_UTF8CHAR_PTR *pin,
97 CK_ULONG *pinlen);
98 extern boolean_t yesno(char *prompt, char *invalid, boolean_t dflt);
99
100 extern CK_RV get_token_slots(CK_SLOT_ID_PTR *slot_list,
101 CK_ULONG *slot_count);
102
103 extern int get_subname(char **);
104 extern int get_serial(char **);
105 extern int get_certlabel(char **);
106 extern int get_filename(char *, char **);
107
108 extern int getopt_av(int argc, char * const argv[], const char *optstring);
109 extern char *optarg_av;
110 extern int optind_av;
111
112 int OT2Int(char *);
113 int PK2Int(char *);
114 KMF_KEYSTORE_TYPE KS2Int(char *);
115 int Str2KeyType(char *, KMF_OID *, KMF_KEY_ALG *, KMF_ALGORITHM_INDEX *);
116 int Str2SymKeyType(char *, KMF_KEY_ALG *);
117 int Str2Lifetime(char *, uint32_t *);
118 KMF_RETURN select_token(void *, char *, int);
119 KMF_RETURN configure_nss(void *, char *, char *);
120
121 KMF_ENCODE_FORMAT Str2Format(char *);
122 KMF_RETURN get_pk12_password(KMF_CREDENTIAL *);
123 KMF_RETURN hexstring2bytes(uchar_t *, uchar_t **, size_t *);
124 KMF_RETURN verify_altname(char *arg, KMF_GENERALNAMECHOICES *, int *);
125 KMF_RETURN verify_keyusage(char *arg, uint16_t *, int *);
126 KMF_RETURN verify_file(char *);
127 KMF_RETURN verify_ekunames(char *, EKU_LIST **);
128 KMF_RETURN token_auth_needed(KMF_HANDLE_T, char *, int *);
129 KMF_OID *ecc_name_to_oid(char *);
130 void show_ecc_curves();
131 KMF_RETURN genkeypair_pkcs11(KMF_HANDLE_T, char *, char *, KMF_KEY_ALG,
132 int, KMF_CREDENTIAL *, KMF_OID *,
133 KMF_KEY_HANDLE *, KMF_KEY_HANDLE *);
134
135 KMF_RETURN genkeypair_file(KMF_HANDLE_T,
136 KMF_KEY_ALG, int, KMF_ENCODE_FORMAT,
137 char *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *);
138
139 KMF_RETURN genkeypair_nss(KMF_HANDLE_T,
140 char *, char *, char *, char *,
141 KMF_KEY_ALG, int, KMF_CREDENTIAL *,
142 KMF_OID *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *);
143
144 void free_eku_list(EKU_LIST *);
145
146 int yn_to_int(char *);
147
148 int get_token_password(KMF_KEYSTORE_TYPE, char *, KMF_CREDENTIAL *);
149 void display_error(void *, KMF_RETURN, char *);
150
151 #define DEFAULT_NSS_TOKEN "internal"
152 #define DEFAULT_TOKEN_PROMPT "Enter PIN for %s: "
153
154 #define EMPTYSTRING(s) (s == NULL || !strlen((char *)s))
155 /*
156 * The "dir" option is only valid with the NSS keystore. This check
157 * forces PK_ERR_USAGE when it is used with non-NSS keystore.
158 */
159 #define DIR_OPTION_CHECK(k, d) \
160 if (k != KMF_KEYSTORE_NSS && d != NULL) { \
161 cryptoerror(LOG_STDERR, gettext("The 'dir' option is " \
162 "not supported with the indicated keystore\n")); \
163 return (PK_ERR_USAGE); \
164 }
165
166
167 #ifdef __cplusplus
168 }
169 #endif
170
171 #endif /* _PKTOOL_COMMON_H */
unleashed repo fork