xref: /illumos-gate/usr/src/lib/pkcs11/include/cryptoki.h (revision b106467fd72e9bfd9e2bd78fbaa00a96a4eead45)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.   All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef	_CRYPTOKI_H
27 #define	_CRYPTOKI_H
28 
29 #ifdef	__cplusplus
30 extern "C" {
31 #endif
32 
33 #ifndef	CK_PTR
34 #define	CK_PTR *
35 #endif
36 
37 #ifndef CK_DEFINE_FUNCTION
38 #define	CK_DEFINE_FUNCTION(returnType, name) returnType name
39 #endif
40 
41 #ifndef CK_DECLARE_FUNCTION
42 #define	CK_DECLARE_FUNCTION(returnType, name) returnType name
43 #endif
44 
45 #ifndef CK_DECLARE_FUNCTION_POINTER
46 #define	CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType (* name)
47 #endif
48 
49 #ifndef CK_CALLBACK_FUNCTION
50 #define	CK_CALLBACK_FUNCTION(returnType, name) returnType (* name)
51 #endif
52 
53 #ifndef NULL_PTR
54 #include <unistd.h>	/* For NULL */
55 #define	NULL_PTR NULL
56 #endif
57 
58 /*
59  * pkcs11t.h defines TRUE and FALSE in a way that upsets lint
60  */
61 #ifndef	CK_DISABLE_TRUE_FALSE
62 #define	CK_DISABLE_TRUE_FALSE
63 #ifndef	TRUE
64 #define	TRUE	1
65 #endif /* TRUE */
66 #ifndef	FALSE
67 #define	FALSE	0
68 #endif /* FALSE */
69 #endif /* CK_DISABLE_TRUE_FALSE */
70 
71 #undef CK_PKCS11_FUNCTION_INFO
72 
73 #include <security/pkcs11.h>
74 
75 /* Default salt len to generate PKCS#5 key */
76 #define	CK_PKCS5_PBKD2_SALT_SIZE	(16UL)
77 
78 /* Default number of iterations to generate PKCS#5 key */
79 #define	CK_PKCS5_PBKD2_ITERATIONS	(1000UL)
80 
81 /* Solaris specific functions */
82 
83 #include <stdlib.h>
84 
85 /*
86  * pkcs11_GetCriteriaSession will initialize the framework and do all
87  * the necessary work of calling C_GetSlotList(), C_GetMechanismInfo()
88  * C_OpenSession() to create a session that meets all the criteria in
89  * the given function pointer.
90  */
91 CK_RV pkcs11_GetCriteriaSession(
92     boolean_t (*criteria)(CK_SLOT_ID slot_id, void *args, CK_RV *rv),
93     void *args, CK_SESSION_HANDLE_PTR hSession);
94 
95 /*
96  * SUNW_C_GetMechSession will initialize the framework and do all
97  * the necessary PKCS#11 calls to create a session capable of
98  * providing operations on the requested mechanism
99  */
100 CK_RV SUNW_C_GetMechSession(CK_MECHANISM_TYPE mech,
101     CK_SESSION_HANDLE_PTR hSession);
102 
103 /*
104  * SUNW_C_KeyToObject will create a secret key object for the given
105  * mechanism from the rawkey data.
106  */
107 CK_RV SUNW_C_KeyToObject(CK_SESSION_HANDLE hSession,
108     CK_MECHANISM_TYPE mech, const void *rawkey, size_t rawkey_len,
109     CK_OBJECT_HANDLE_PTR obj);
110 
111 /*
112  * pkcs11_PasswdToPBKD2Object will create a secret key from the given string
113  * (e.g. passphrase) using PKCS#5 Password-Based Key Derivation Function 2
114  * (PBKD2).
115  */
116 CK_RV
117 pkcs11_PasswdToPBKD2Object(CK_SESSION_HANDLE hSession, char *passphrase,
118     size_t passphrase_len, void *salt, size_t salt_len, CK_ULONG iterations,
119     CK_KEY_TYPE key_type, CK_ULONG key_len, CK_FLAGS key_flags,
120     CK_OBJECT_HANDLE_PTR obj);
121 
122 /*
123  * pkcs11_ObjectToKey gets the rawkey data from a secret key object.
124  * The caller is responsible to free the allocated rawkey data.
125  */
126 CK_RV
127 pkcs11_ObjectToKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE obj,
128     void **rawkey, size_t *rawkey_len, boolean_t destroy_obj);
129 
130 /*
131  * pkcs11_PasswdToKey will create PKCS#5 PBKD2 rawkey data from the
132  * given passphrase.  The caller is responsible to free the allocated
133  * rawkey data.
134  */
135 CK_RV
136 pkcs11_PasswdToKey(CK_SESSION_HANDLE hSession, char *passphrase,
137     size_t passphrase_len, void *salt, size_t salt_len, CK_KEY_TYPE key_type,
138     CK_ULONG key_len, void **rawkey, size_t *rawkey_len);
139 
140 #ifdef	__cplusplus
141 }
142 #endif
143 
144 #endif	/* _CRYPTOKI_H */
145