cryptoki.h revision 1c9bd843ebc00801cc418156a3893362a1dc872e
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2007 Sun Microsystems, Inc.   All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef	_CRYPTOKI_H
27#define	_CRYPTOKI_H
28
29#pragma ident	"%Z%%M%	%I%	%E% SMI"
30
31#ifdef	__cplusplus
32extern "C" {
33#endif
34
35#ifndef	CK_PTR
36#define	CK_PTR *
37#endif
38
39#ifndef CK_DEFINE_FUNCTION
40#define	CK_DEFINE_FUNCTION(returnType, name) returnType name
41#endif
42
43#ifndef CK_DECLARE_FUNCTION
44#define	CK_DECLARE_FUNCTION(returnType, name) returnType name
45#endif
46
47#ifndef CK_DECLARE_FUNCTION_POINTER
48#define	CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType (* name)
49#endif
50
51#ifndef CK_CALLBACK_FUNCTION
52#define	CK_CALLBACK_FUNCTION(returnType, name) returnType (* name)
53#endif
54
55#ifndef NULL_PTR
56#include <unistd.h>	/* For NULL */
57#define	NULL_PTR NULL
58#endif
59
60/*
61 * pkcs11t.h defines TRUE and FALSE in a way that upsets lint
62 */
63#ifndef	CK_DISABLE_TRUE_FALSE
64#define	CK_DISABLE_TRUE_FALSE
65#ifndef	TRUE
66#define	TRUE	1
67#endif /* TRUE */
68#ifndef	FALSE
69#define	FALSE	0
70#endif /* FALSE */
71#endif /* CK_DISABLE_TRUE_FALSE */
72
73#undef CK_PKCS11_FUNCTION_INFO
74
75#include <security/pkcs11.h>
76
77/* Default salt len to generate PKCS#5 key */
78#define	CK_PKCS5_PBKD2_SALT_SIZE	(16UL)
79
80/* Default number of iterations to generate PKCS#5 key */
81#define	CK_PKCS5_PBKD2_ITERATIONS	(1000UL)
82
83/* Solaris specific functions */
84
85#include <stdlib.h>
86
87/*
88 * SUNW_C_GetMechSession will initialize the framework and do all
89 * the necessary PKCS#11 calls to create a session capable of
90 * providing operations on the requested mechanism
91 */
92CK_RV SUNW_C_GetMechSession(CK_MECHANISM_TYPE mech,
93    CK_SESSION_HANDLE_PTR hSession);
94
95/*
96 * SUNW_C_KeyToObject will create a secret key object for the given
97 * mechanism from the rawkey data.
98 */
99CK_RV SUNW_C_KeyToObject(CK_SESSION_HANDLE hSession,
100    CK_MECHANISM_TYPE mech, const void *rawkey, size_t rawkey_len,
101    CK_OBJECT_HANDLE_PTR obj);
102
103/*
104 * pkcs11_PasswdToPBKD2Object will create a secret key from the given string
105 * (e.g. passphrase) using PKCS#5 Password-Based Key Derivation Function 2
106 * (PBKD2).
107 */
108CK_RV
109pkcs11_PasswdToPBKD2Object(CK_SESSION_HANDLE hSession, char *passphrase,
110    size_t passphrase_len, void *salt, size_t salt_len, CK_ULONG iterations,
111    CK_KEY_TYPE key_type, CK_ULONG key_len, CK_FLAGS key_flags,
112    CK_OBJECT_HANDLE_PTR obj);
113
114/*
115 * pkcs11_ObjectToKey gets the rawkey data from a secret key object.
116 * The caller is responsible to free the allocated rawkey data.
117 */
118CK_RV
119pkcs11_ObjectToKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE obj,
120    void **rawkey, size_t *rawkey_len, boolean_t destroy_obj);
121
122/*
123 * pkcs11_PasswdToKey will create PKCS#5 PBKD2 rawkey data from the
124 * given passphrase.  The caller is responsible to free the allocated
125 * rawkey data.
126 */
127CK_RV
128pkcs11_PasswdToKey(CK_SESSION_HANDLE hSession, char *passphrase,
129    size_t passphrase_len, void *salt, size_t salt_len, CK_KEY_TYPE key_type,
130    CK_ULONG key_len, void **rawkey, size_t *rawkey_len);
131
132#ifdef	__cplusplus
133}
134#endif
135
136#endif	/* _CRYPTOKI_H */
137