1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef _META_ATTRMASTERS_H
27#define	_META_ATTRMASTERS_H
28
29#pragma ident	"%Z%%M%	%I%	%E% SMI"
30
31#ifdef	__cplusplus
32extern "C" {
33#endif
34
35/*
36 * Master object templates
37 *
38 * [This file should only be included by a single source file. This is a
39 * non-traditional header file in that it simply contains a bunch of large,
40 * preinitialized static const structures. They're stored here to keep them
41 * "out of the way."]
42 *
43 * In PKCS#11, each object is well-defined... Each object type has an exact
44 * set of attributes, and each attribute always has some value. Some
45 * attribute values must be specificed when the object is created, others
46 * are optional (ie, a default value exisits). Thus, the template an
47 * application provides when creating a new object may be a subset of the
48 * allowed attributes. The "master" templates presented here, however,
49 * are complete.
50 */
51
52
53/*
54 * Aliases for some field values in generic_attr_t, so that the initialization
55 * below isn't just a confusing mess of B_TRUE and B_FALSE. Lint
56 * complaints about using "!Foo" in const initializers,
57 * so we #define each value.
58 */
59
60#define	unused		0
61#define	Mallocd		B_TRUE
62#define	Clone		B_TRUE
63#define	EmptyValue	B_TRUE
64#define	NotMallocd	B_FALSE
65#define	NotClone	B_FALSE
66#define	NotEmptyValue	B_FALSE
67#define	EMPTYDATE	' ', ' ', ' ', ' ', ' ', ' ', ' ', ' '
68#define	EMPTY		'\0'
69
70/*
71 * A note regarding CKA_CLASS and sub-type (eg CKA_KEY_TYPE)
72 *
73 * These two attributes have been moved to the top of the master template
74 * definitions. All the metaslot code assumes that CKA_CLASS resides in index=0,
75 * and the sub-type resides in index=1.
76 */
77
78
79/*
80 * Common storage object attributes, Table 19 (p81) of PKCS#11 2.11r1 spec.
81 */
82#define	COMMON_STORAGE_ATTRIBUTES					\
83	{ { CKA_TOKEN, NULL, sizeof (CK_BBOOL) },			\
84		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
85		CK_FALSE, unused, { unused } },				\
86	{ { CKA_PRIVATE, NULL, sizeof (CK_BBOOL) },			\
87		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
88		CK_FALSE, unused, { unused } },				\
89	{ { CKA_MODIFIABLE, NULL, sizeof (CK_BBOOL) },			\
90		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
91		CK_TRUE, unused, { unused } },				\
92	{ { CKA_LABEL, NULL, 0 },					\
93		NotMallocd, Clone, EmptyValue, B_FALSE,			\
94		unused, unused, { EMPTY } }
95
96/*
97 * Common certificate attributes, Table 21 (p83) of PKCS#11 2.11r1 spec.
98 * (CKA_CERTIFICATE_TYPE has been moved, to place at top of template)
99 *
100 */
101#define	COMMON_CERTIFICATE_ATTRIBUTES					\
102	{ { CKA_TRUSTED, NULL, sizeof (CK_BBOOL) },			\
103		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
104		CK_FALSE, unused, { unused } }
105
106/*
107 * Common key attributes, Table 25 (p89) of PKCS#11 2.11r1 spec.
108 * (CKA_KEY_TYPE has been moved, to place at top of template)
109 *
110 */
111#define	COMMON_KEY_ATTRIBUTES						\
112	{ { CKA_ID, NULL, 0 },						\
113		NotMallocd, Clone, EmptyValue, B_FALSE,			\
114		unused, unused, { EMPTY } },				\
115	{ { CKA_START_DATE, NULL, sizeof (CK_DATE) },			\
116		NotMallocd, Clone, EmptyValue, B_FALSE,			\
117		unused, unused, { EMPTYDATE } },			\
118	{ { CKA_END_DATE, NULL, sizeof (CK_DATE) },			\
119		NotMallocd, Clone, EmptyValue, B_FALSE,			\
120		unused, unused, { EMPTYDATE } },			\
121	{ { CKA_DERIVE, NULL, sizeof (CK_BBOOL) },			\
122		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
123		CK_FALSE, unused, { unused } },				\
124	{ { CKA_LOCAL, NULL, sizeof (CK_BBOOL) },			\
125		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
126		CK_FALSE, unused, { unused } },				\
127	{ { CKA_KEY_GEN_MECHANISM, NULL, sizeof (CK_MECHANISM_TYPE) },	\
128		NotMallocd, NotClone, EmptyValue, B_FALSE,		\
129		unused, CK_UNAVAILABLE_INFORMATION, { unused } }
130
131/*
132 * Common public-key attributes, Table 26 (p90) of PKCS#11 2.11r1 spec.
133 *
134 * CKA_SUBJECT has the PKCS#11-specified default. The object-usage attributes
135 * are token-specific defaults.
136 *
137 */
138#define	COMMON_PUBKEY_ATTRIBUTES					\
139	{ { CKA_SUBJECT, NULL, 0 },					\
140		NotMallocd, Clone, EmptyValue, B_FALSE,			\
141		unused, unused, { EMPTY } },				\
142	{ { CKA_ENCRYPT, NULL, sizeof (CK_BBOOL) },			\
143		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
144		CK_TRUE, unused, { unused } },				\
145	{ { CKA_VERIFY, NULL, sizeof (CK_BBOOL) },			\
146		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
147		CK_TRUE, unused, { unused } },				\
148	{ { CKA_VERIFY_RECOVER, NULL, sizeof (CK_BBOOL) },		\
149		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
150		CK_TRUE, unused, { unused } },				\
151	{ { CKA_WRAP, NULL, sizeof (CK_BBOOL) },			\
152		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
153		CK_TRUE, unused, { unused } },				\
154	{ { CKA_TRUSTED, NULL, sizeof (CK_BBOOL) },			\
155		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
156		CK_FALSE, unused, { unused } }
157
158/*
159 * Common private-key attributes, Table 34 (p97) of PKCS#11 2.11r1 spec.
160 */
161#define	COMMON_PRIVKEY_ATTRIBUTES					\
162	{ { CKA_SUBJECT, NULL, 0 },					\
163		NotMallocd, Clone, EmptyValue, B_FALSE,			\
164		unused, unused, { EMPTY } },				\
165	{ { CKA_SENSITIVE, NULL, sizeof (CK_BBOOL) },			\
166		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
167		CK_FALSE, unused, { unused } },				\
168	{ { CKA_SECONDARY_AUTH, NULL, sizeof (CK_BBOOL) },		\
169		NotMallocd, Clone, EmptyValue, B_FALSE,			\
170		CK_FALSE, unused, { unused } },				\
171	{ { CKA_DECRYPT, NULL, sizeof (CK_BBOOL) },			\
172		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
173		CK_TRUE, unused, { unused } },				\
174	{ { CKA_SIGN, NULL, sizeof (CK_BBOOL) },			\
175		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
176		CK_TRUE, unused, { unused } },				\
177	{ { CKA_SIGN_RECOVER, NULL, sizeof (CK_BBOOL) },		\
178		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
179		CK_TRUE, unused, { unused } },				\
180	{ { CKA_UNWRAP, NULL, sizeof (CK_BBOOL) },			\
181		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
182		CK_TRUE, unused, { unused } },				\
183	{ { CKA_EXTRACTABLE, NULL, sizeof (CK_BBOOL) },			\
184		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
185		CK_TRUE, unused, { unused } },				\
186	{ { CKA_ALWAYS_SENSITIVE, NULL, sizeof (CK_BBOOL) },		\
187		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
188		CK_FALSE, unused, { unused } },				\
189	{ { CKA_NEVER_EXTRACTABLE, NULL, sizeof (CK_BBOOL) },		\
190		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
191		CK_FALSE, unused, { unused } }
192
193
194/*
195 * Common secret-key attributes, Table 42 (p108) of PKCS#11 2.11r1 spec.
196 */
197#define	COMMON_SECKEY_ATTRIBUTES					\
198	{ { CKA_SENSITIVE, NULL, sizeof (CK_BBOOL) },			\
199		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
200		CK_FALSE, unused, { unused } },				\
201	{ { CKA_ENCRYPT, NULL, sizeof (CK_BBOOL) },			\
202		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
203		CK_TRUE, unused, { unused } },				\
204	{ { CKA_DECRYPT, NULL, sizeof (CK_BBOOL) },			\
205		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
206		CK_TRUE, unused, { unused } },				\
207	{ { CKA_SIGN, NULL, sizeof (CK_BBOOL) },			\
208		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
209		CK_TRUE, unused, { unused } },				\
210	{ { CKA_VERIFY, NULL, sizeof (CK_BBOOL) },			\
211		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
212		CK_TRUE, unused, { unused } },				\
213	{ { CKA_WRAP, NULL, sizeof (CK_BBOOL) },			\
214		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
215		CK_TRUE, unused, { unused } },				\
216	{ { CKA_UNWRAP, NULL, sizeof (CK_BBOOL) },			\
217		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
218		CK_TRUE, unused, { unused } },				\
219	{ { CKA_EXTRACTABLE, NULL, sizeof (CK_BBOOL) },			\
220		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
221		CK_TRUE, unused, { unused } },				\
222	{ { CKA_ALWAYS_SENSITIVE, NULL, sizeof (CK_BBOOL) },		\
223		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
224		CK_FALSE, unused, { unused } },				\
225	{ { CKA_NEVER_EXTRACTABLE, NULL, sizeof (CK_BBOOL) },		\
226		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
227		CK_FALSE, unused, { unused } }
228
229/*
230 * Common domain-paramaters attributes, Table 60 (p123) of PKCS#11 2.11r1 spec.
231 * (CKA_KEY_TYPE has been removed, to place elsewhere)
232 */
233#define	COMMON_DOMAIN_ATTRIBUTES					\
234	{ { CKA_LOCAL, NULL, sizeof (CK_BBOOL) },			\
235		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
236		CK_FALSE, unused, { unused } }
237
238
239/* ========================= HW Objects ========================= */
240
241
242/*
243 * Master template for: CKO_HW_FEATURE + CKH_CLOCK
244 */
245static const generic_attr_t OBJ_HW_CLOCK[] =
246{
247	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
248		NotMallocd, Clone, NotEmptyValue, B_FALSE,
249		unused, CKO_HW_FEATURE, { unused } },
250	{ { CKA_HW_FEATURE_TYPE, NULL, sizeof (CK_HW_FEATURE_TYPE) },
251		NotMallocd, Clone, NotEmptyValue, B_FALSE,
252		unused, CKH_CLOCK, { unused } },
253	{ { CKA_VALUE, NULL, 16 },
254		NotMallocd, Clone, NotEmptyValue, B_FALSE,
255		unused, unused, { EMPTYDATE, EMPTYDATE } }
256};
257
258
259/*
260 * Master template for: CKO_HW_FEATURE + CKH_MONOTONIC_COUNTER
261 *
262 * NOTE: no sub-type for this class!
263 */
264static const generic_attr_t OBJ_HW_MONOTONIC[] =
265{
266	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
267		NotMallocd, Clone, NotEmptyValue, B_FALSE,
268		unused, CKO_HW_FEATURE, { unused } },
269	{ { CKA_HW_FEATURE_TYPE, NULL, sizeof (CK_HW_FEATURE_TYPE) },
270		NotMallocd, Clone, NotEmptyValue, B_FALSE,
271		unused, CKH_MONOTONIC_COUNTER, { unused } },
272	{ { CKA_VALUE, NULL, 0 },
273		NotMallocd, Clone, NotEmptyValue, B_FALSE,
274		unused, unused, { EMPTY } },
275	{ { CKA_RESET_ON_INIT, NULL, sizeof (CK_BBOOL) },
276		NotMallocd, Clone, NotEmptyValue, B_FALSE,
277		CK_FALSE, unused, { unused } },
278	{ { CKA_HAS_RESET, NULL, sizeof (CK_BBOOL) },
279		NotMallocd, Clone, NotEmptyValue, B_FALSE,
280		CK_FALSE, unused, { unused } }
281};
282
283
284/* ========================= Data Objects ========================= */
285
286
287/*
288 * Master template for CKO_DATA + (no subtypes for this class)
289 *
290 * Defaults are according to PKCS#11.
291 *
292 * NOTE: no sub-type for this class!
293 */
294static const generic_attr_t OBJ_DATA[] =
295{
296	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
297		NotMallocd, Clone, NotEmptyValue, B_FALSE,
298		unused, CKO_DATA, { unused } },
299	COMMON_STORAGE_ATTRIBUTES,
300	{ { CKA_APPLICATION, NULL, 0 },
301		NotMallocd, Clone, NotEmptyValue, B_FALSE,
302		unused, unused, { EMPTY } },
303	{ { CKA_OBJECT_ID, NULL, 0 },
304		NotMallocd, Clone, NotEmptyValue, B_FALSE,
305		unused, unused, { EMPTY } },
306	{ { CKA_VALUE, NULL, 0 },
307		NotMallocd, Clone, NotEmptyValue, B_FALSE,
308		unused, unused, { EMPTY } }
309};
310
311
312/* ========================= Certificate Objects ========================= */
313
314
315/*
316 * Master template for CKO_CERTIFICATE + CKC_X_509
317 *
318 * Defaults are according to PKCS#11.
319 */
320static const generic_attr_t OBJ_CERT_X509[] =
321{
322	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
323		NotMallocd, Clone, NotEmptyValue, B_FALSE,
324		unused, CKO_CERTIFICATE, { unused } },
325	{ { CKA_CERTIFICATE_TYPE, NULL, sizeof (CK_CERTIFICATE_TYPE) },
326		NotMallocd, Clone, NotEmptyValue, B_FALSE,
327		unused, CKC_X_509, { unused } },
328	COMMON_STORAGE_ATTRIBUTES,
329	COMMON_CERTIFICATE_ATTRIBUTES,
330	{ { CKA_SUBJECT, NULL, 0 },
331		NotMallocd, Clone, NotEmptyValue, B_FALSE,
332		unused, unused, { EMPTY } },
333	{ { CKA_ID, NULL, 0 },
334		NotMallocd, Clone, EmptyValue, B_FALSE,
335		unused, unused, { EMPTY } },
336	{ { CKA_ISSUER, NULL, 0 },
337		NotMallocd, Clone, EmptyValue, B_FALSE,
338		unused, unused, { EMPTY } },
339	{ { CKA_SERIAL_NUMBER, NULL, 0 },
340		NotMallocd, Clone, EmptyValue, B_FALSE,
341		unused, unused, { EMPTY } },
342	{ { CKA_VALUE, NULL, 0 },
343		NotMallocd, Clone, NotEmptyValue, B_FALSE,
344		unused, unused, { EMPTY } }
345};
346
347
348/*
349 * Master template for CKO_CERTIFICATE + CKC_X_509_ATTR_CERT
350 *
351 * Defaults are according to PKCS#11.
352 */
353static const generic_attr_t OBJ_CERT_X509ATTR[] =
354{
355	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
356		NotMallocd, Clone, NotEmptyValue, B_FALSE,
357		unused, CKO_CERTIFICATE, { unused } },
358	{ { CKA_CERTIFICATE_TYPE, NULL, sizeof (CK_CERTIFICATE_TYPE) },
359		NotMallocd, Clone, NotEmptyValue, B_FALSE,
360		unused, CKC_X_509_ATTR_CERT, { unused } },
361	COMMON_STORAGE_ATTRIBUTES,
362	COMMON_CERTIFICATE_ATTRIBUTES,
363	{ { CKA_OWNER, NULL, 0 },
364		NotMallocd, Clone, NotEmptyValue, B_FALSE,
365		unused, unused, { EMPTY } },
366	{ { CKA_AC_ISSUER, NULL, 0 },
367		NotMallocd, Clone, EmptyValue, B_FALSE,
368		unused, unused, { EMPTY } },
369	{ { CKA_SERIAL_NUMBER, NULL, 0 },
370		NotMallocd, Clone, EmptyValue, B_FALSE,
371		unused, unused, { EMPTY } },
372	{ { CKA_ATTR_TYPES, NULL, 0 },
373		NotMallocd, Clone, EmptyValue, B_FALSE,
374		unused, unused, { EMPTY } },
375	{ { CKA_VALUE, NULL, 0 },
376		NotMallocd, Clone, NotEmptyValue, B_FALSE,
377		unused, unused, { EMPTY } }
378};
379
380
381/* ========================= Public Keys ========================= */
382
383
384/*
385 * Master template for CKO_PUBLIC_KEY + CKK_RSA
386 */
387static const generic_attr_t OBJ_PUBKEY_RSA[] =
388{
389	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
390		NotMallocd, Clone, NotEmptyValue, B_FALSE,
391		unused, CKO_PUBLIC_KEY, { unused } },
392	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
393		NotMallocd, Clone, NotEmptyValue, B_FALSE,
394		unused, CKK_RSA, { unused } },
395	COMMON_STORAGE_ATTRIBUTES,
396	COMMON_KEY_ATTRIBUTES,
397	COMMON_PUBKEY_ATTRIBUTES,
398	{ { CKA_MODULUS, NULL, 0 },
399		NotMallocd, Clone, NotEmptyValue, B_FALSE,
400		unused, unused, { EMPTY } },
401	{ { CKA_MODULUS_BITS, NULL, sizeof (CK_ULONG)},
402		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
403		unused, 0, { unused } },
404	{ { CKA_PUBLIC_EXPONENT, NULL, 0 },
405		NotMallocd, Clone, NotEmptyValue, B_FALSE,
406		unused, unused, { EMPTY } }
407};
408
409
410/*
411 * Master template for CKO_PUBLIC_KEY + CKK_DSA
412 *
413 */
414static const generic_attr_t OBJ_PUBKEY_DSA[] =
415{
416	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
417		NotMallocd, Clone, NotEmptyValue, B_FALSE,
418		unused, CKO_PUBLIC_KEY, { unused } },
419	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
420		NotMallocd, Clone, NotEmptyValue, B_FALSE,
421		unused, CKK_DSA, { unused } },
422	COMMON_STORAGE_ATTRIBUTES,
423	COMMON_KEY_ATTRIBUTES,
424	COMMON_PUBKEY_ATTRIBUTES,
425	{ { CKA_PRIME, NULL, 0 },
426		NotMallocd, Clone, NotEmptyValue, B_FALSE,
427		unused, unused, { EMPTY } },
428	{ { CKA_SUBPRIME, NULL, 0 },
429		NotMallocd, Clone, NotEmptyValue, B_FALSE,
430		unused, unused, { EMPTY } },
431	{ { CKA_BASE, NULL, 0 },
432		NotMallocd, Clone, NotEmptyValue, B_FALSE,
433		unused, unused, { EMPTY } },
434	{ { CKA_VALUE, NULL, 0 },
435		NotMallocd, Clone, NotEmptyValue, B_FALSE,
436		unused, unused, { EMPTY } }
437};
438
439
440/*
441 * Master template for CKO_PUBLIC_KEY + CKK_EC
442 *
443 */
444static const generic_attr_t OBJ_PUBKEY_EC[] =
445{
446	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
447		NotMallocd, Clone, NotEmptyValue, B_FALSE,
448		unused, CKO_PUBLIC_KEY, { unused } },
449	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
450		NotMallocd, Clone, NotEmptyValue, B_FALSE,
451		unused, CKK_EC, { unused } },
452	COMMON_STORAGE_ATTRIBUTES,
453	COMMON_KEY_ATTRIBUTES,
454	COMMON_PUBKEY_ATTRIBUTES,
455	{ { CKA_EC_PARAMS, NULL, 0 },
456		NotMallocd, Clone, NotEmptyValue, B_FALSE,
457		unused, unused, { EMPTY } },
458	{ { CKA_EC_POINT, NULL, 0 },
459		NotMallocd, Clone, NotEmptyValue, B_FALSE,
460		unused, unused, { EMPTY } }
461};
462
463
464/*
465 * Master template for CKO_PUBLIC_KEY + CKK_DH
466 *
467 */
468static const generic_attr_t OBJ_PUBKEY_DH[] =
469{
470	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
471		NotMallocd, Clone, NotEmptyValue, B_FALSE,
472		unused, CKO_PUBLIC_KEY, { unused } },
473	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
474		NotMallocd, Clone, NotEmptyValue, B_FALSE,
475		unused, CKK_DH, { unused } },
476	COMMON_STORAGE_ATTRIBUTES,
477	COMMON_KEY_ATTRIBUTES,
478	COMMON_PUBKEY_ATTRIBUTES,
479	{ { CKA_PRIME, NULL, 0 },
480		NotMallocd, Clone, NotEmptyValue, B_FALSE,
481		unused, unused, { EMPTY } },
482	{ { CKA_BASE, NULL, 0 },
483		NotMallocd, Clone, NotEmptyValue, B_FALSE,
484		unused, unused, { EMPTY } },
485	{ { CKA_VALUE, NULL, 0 },
486		NotMallocd, Clone, NotEmptyValue, B_FALSE,
487		unused, unused, { EMPTY } }
488};
489
490
491/*
492 * Master template for CKO_PUBLIC_KEY + CKK_X9_42_DH
493 *
494 */
495static const generic_attr_t OBJ_PUBKEY_X942DH[] =
496{
497	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
498		NotMallocd, Clone, NotEmptyValue, B_FALSE,
499		unused, CKO_PUBLIC_KEY, { unused } },
500	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
501		NotMallocd, Clone, NotEmptyValue, B_FALSE,
502		unused, CKK_X9_42_DH, { unused } },
503	COMMON_STORAGE_ATTRIBUTES,
504	COMMON_KEY_ATTRIBUTES,
505	COMMON_PUBKEY_ATTRIBUTES,
506	{ { CKA_PRIME, NULL, 0 },
507		NotMallocd, Clone, NotEmptyValue, B_FALSE,
508		unused, unused, { EMPTY } },
509	{ { CKA_BASE, NULL, 0 },
510		NotMallocd, Clone, NotEmptyValue, B_FALSE,
511		unused, unused, { EMPTY } },
512	{ { CKA_SUBPRIME, NULL, 0 },
513		NotMallocd, Clone, NotEmptyValue, B_FALSE,
514		unused, unused, { EMPTY } },
515	{ { CKA_VALUE, NULL, 0 },
516		NotMallocd, Clone, NotEmptyValue, B_FALSE,
517		unused, unused, { EMPTY } }
518};
519
520
521/*
522 * Master template for CKO_PUBLIC_KEY + CKK_KEA
523 *
524 */
525static const generic_attr_t OBJ_PUBKEY_KEA[] =
526{
527	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
528		NotMallocd, Clone, NotEmptyValue, B_FALSE,
529		unused, CKO_PUBLIC_KEY, { unused } },
530	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
531		NotMallocd, Clone, NotEmptyValue, B_FALSE,
532		unused, CKK_KEA, { unused } },
533	COMMON_STORAGE_ATTRIBUTES,
534	COMMON_KEY_ATTRIBUTES,
535	COMMON_PUBKEY_ATTRIBUTES,
536	{ { CKA_PRIME, NULL, 0 },
537		NotMallocd, Clone, NotEmptyValue, B_FALSE,
538		unused, unused, { EMPTY } },
539	{ { CKA_BASE, NULL, 0 },
540		NotMallocd, Clone, NotEmptyValue, B_FALSE,
541		unused, unused, { EMPTY } },
542	{ { CKA_SUBPRIME, NULL, 0 },
543		NotMallocd, Clone, NotEmptyValue, B_FALSE,
544		unused, unused, { EMPTY } },
545	{ { CKA_VALUE, NULL, 0 },
546		NotMallocd, Clone, NotEmptyValue, B_FALSE,
547		unused, unused, { EMPTY } }
548};
549
550
551/* ========================= Private Keys ========================= */
552
553
554/*
555 * Master template for CKO_PRIVATE_KEY + CKK_RSA
556 *
557 */
558static const generic_attr_t OBJ_PRIVKEY_RSA[] =
559{
560	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
561		NotMallocd, Clone, NotEmptyValue, B_FALSE,
562		unused, CKO_PRIVATE_KEY, { unused } },
563	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
564		NotMallocd, Clone, NotEmptyValue, B_FALSE,
565		unused, CKK_RSA, { unused } },
566	COMMON_STORAGE_ATTRIBUTES,
567	COMMON_KEY_ATTRIBUTES,
568	COMMON_PRIVKEY_ATTRIBUTES,
569	{ { CKA_MODULUS, NULL, 0 },
570		NotMallocd, Clone, NotEmptyValue, B_FALSE,
571		unused, unused, { EMPTY } },
572	{ { CKA_PRIVATE_EXPONENT, NULL, 0 },
573		NotMallocd, Clone, NotEmptyValue, B_FALSE,
574		unused, unused, { EMPTY } },
575	{ { CKA_PUBLIC_EXPONENT, NULL, 0 },
576		NotMallocd, Clone, EmptyValue, B_FALSE,
577		unused, unused, { EMPTY } },
578	{ { CKA_PRIME_1, NULL, 0 },
579		NotMallocd, Clone, EmptyValue, B_FALSE,
580		unused, unused, { EMPTY } },
581	{ { CKA_PRIME_2, NULL, 0 },
582		NotMallocd, Clone, EmptyValue, B_FALSE,
583		unused, unused, { EMPTY } },
584	{ { CKA_EXPONENT_1, NULL, 0 },
585		NotMallocd, Clone, EmptyValue, B_FALSE,
586		unused, unused, { EMPTY } },
587	{ { CKA_EXPONENT_2, NULL, 0 },
588		NotMallocd, Clone, EmptyValue, B_FALSE,
589		unused, unused, { EMPTY } },
590	{ { CKA_COEFFICIENT, NULL, 0 },
591		NotMallocd, Clone, EmptyValue, B_FALSE,
592		unused, unused, { EMPTY } }
593};
594
595
596/*
597 * Master template for CKO_PRIVATE_KEY + CKK_DSA
598 *
599 */
600static const generic_attr_t OBJ_PRIVKEY_DSA[] =
601{
602	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
603		NotMallocd, Clone, NotEmptyValue, B_FALSE,
604		unused, CKO_PRIVATE_KEY, { unused } },
605	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
606		NotMallocd, Clone, NotEmptyValue, B_FALSE,
607		unused, CKK_DSA, { unused } },
608	COMMON_STORAGE_ATTRIBUTES,
609	COMMON_KEY_ATTRIBUTES,
610	COMMON_PRIVKEY_ATTRIBUTES,
611	{ { CKA_PRIME, NULL, 0 },
612		NotMallocd, Clone, NotEmptyValue, B_FALSE,
613		unused, unused, { EMPTY } },
614	{ { CKA_SUBPRIME, NULL, 0 },
615		NotMallocd, Clone, NotEmptyValue, B_FALSE,
616		unused, unused, { EMPTY } },
617	{ { CKA_BASE, NULL, 0 },
618		NotMallocd, Clone, NotEmptyValue, B_FALSE,
619		unused, unused, { EMPTY } },
620	{ { CKA_VALUE, NULL, 0 },
621		NotMallocd, Clone, NotEmptyValue, B_FALSE,
622		unused, unused, { EMPTY } }
623};
624
625
626/*
627 * Master template for CKO_PRIVATE_KEY + CKK_EC
628 *
629 */
630static const generic_attr_t OBJ_PRIVKEY_EC[] =
631{
632	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
633		NotMallocd, Clone, NotEmptyValue, B_FALSE,
634		unused, CKO_PRIVATE_KEY, { unused } },
635	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
636		NotMallocd, Clone, NotEmptyValue, B_FALSE,
637		unused, CKK_EC, { unused } },
638	COMMON_STORAGE_ATTRIBUTES,
639	COMMON_KEY_ATTRIBUTES,
640	COMMON_PRIVKEY_ATTRIBUTES,
641	{ { CKA_EC_PARAMS, NULL, 0 },
642		NotMallocd, Clone, NotEmptyValue, B_FALSE,
643		unused, unused, { EMPTY } },
644	{ { CKA_VALUE, NULL, 0 },
645		NotMallocd, Clone, NotEmptyValue, B_FALSE,
646		unused, unused, { EMPTY } }
647};
648
649
650/*
651 * Master template for CKO_PRIVATE_KEY + CKK_DH
652 */
653static const generic_attr_t OBJ_PRIVKEY_DH[] =
654{
655	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
656		NotMallocd, Clone, NotEmptyValue, B_FALSE,
657		unused, CKO_PRIVATE_KEY, { unused } },
658	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
659		NotMallocd, Clone, NotEmptyValue, B_FALSE,
660		unused, CKK_DH, { unused } },
661	COMMON_STORAGE_ATTRIBUTES,
662	COMMON_KEY_ATTRIBUTES,
663	COMMON_PRIVKEY_ATTRIBUTES,
664	{ { CKA_PRIME, NULL, 0 },
665		NotMallocd, Clone, NotEmptyValue, B_FALSE,
666		unused, unused, { EMPTY } },
667	{ { CKA_BASE, NULL, 0 },
668		NotMallocd, Clone, NotEmptyValue, B_FALSE,
669		unused, unused, { EMPTY } },
670	{ { CKA_VALUE, NULL, 0 },
671		NotMallocd, Clone, NotEmptyValue, B_FALSE,
672		unused, unused, { EMPTY } },
673	{ { CKA_VALUE_BITS, NULL, sizeof (CK_ULONG) },
674		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
675		unused, 0, { unused } }
676};
677
678
679/*
680 * Master template for CKO_PRIVATE_KEY + CKK_X9_42_DH
681 *
682 */
683static const generic_attr_t OBJ_PRIVKEY_X942DH[] =
684{
685	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
686		NotMallocd, Clone, NotEmptyValue, B_FALSE,
687		unused, CKO_PRIVATE_KEY, { unused } },
688	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
689		NotMallocd, Clone, NotEmptyValue, B_FALSE,
690		unused, CKK_X9_42_DH, { unused } },
691	COMMON_STORAGE_ATTRIBUTES,
692	COMMON_KEY_ATTRIBUTES,
693	COMMON_PRIVKEY_ATTRIBUTES,
694	{ { CKA_PRIME, NULL, 0 },
695		NotMallocd, Clone, NotEmptyValue, B_FALSE,
696		unused, unused, { EMPTY } },
697	{ { CKA_SUBPRIME, NULL, 0 },
698		NotMallocd, Clone, NotEmptyValue, B_FALSE,
699		unused, unused, { EMPTY } },
700	{ { CKA_BASE, NULL, 0 },
701		NotMallocd, Clone, NotEmptyValue, B_FALSE,
702		unused, unused, { EMPTY } },
703	{ { CKA_VALUE, NULL, 0 },
704		NotMallocd, Clone, NotEmptyValue, B_FALSE,
705		unused, unused, { EMPTY } }
706};
707
708
709/*
710 * Master template for CKO_PRIVATE_KEY + CKK_KEA
711 *
712 */
713static const generic_attr_t OBJ_PRIVKEY_KEA[] =
714{
715	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
716		NotMallocd, Clone, NotEmptyValue, B_FALSE,
717		unused, CKO_PRIVATE_KEY, { unused } },
718	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
719		NotMallocd, Clone, NotEmptyValue, B_FALSE,
720		unused, CKK_KEA, { unused } },
721	COMMON_STORAGE_ATTRIBUTES,
722	COMMON_KEY_ATTRIBUTES,
723	COMMON_PRIVKEY_ATTRIBUTES,
724	{ { CKA_PRIME, NULL, 0 },
725		NotMallocd, Clone, NotEmptyValue, B_FALSE,
726		unused, unused, { EMPTY } },
727	{ { CKA_BASE, NULL, 0 },
728		NotMallocd, Clone, NotEmptyValue, B_FALSE,
729		unused, unused, { EMPTY } },
730	{ { CKA_SUBPRIME, NULL, 0 },
731		NotMallocd, Clone, NotEmptyValue, B_FALSE,
732		unused, unused, { EMPTY } },
733	{ { CKA_VALUE, NULL, 0 },
734		NotMallocd, Clone, NotEmptyValue, B_FALSE,
735		unused, unused, { EMPTY } }
736};
737
738
739/* ========================= Secret Keys ========================= */
740
741
742/*
743 * Master template for CKO_SECRET_KEY + (fixed-length keytype)
744 */
745static const generic_attr_t OBJ_SECKEY[] =
746{
747	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
748		NotMallocd, Clone, NotEmptyValue, B_FALSE,
749		unused, CKO_SECRET_KEY, { unused } },
750	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
751		NotMallocd, Clone, NotEmptyValue, B_FALSE,
752		unused, CKK_GENERIC_SECRET, { unused } },
753	COMMON_STORAGE_ATTRIBUTES,
754	COMMON_KEY_ATTRIBUTES,
755	COMMON_SECKEY_ATTRIBUTES,
756	{ { CKA_VALUE, NULL, 0 },
757		NotMallocd, Clone, NotEmptyValue, B_FALSE,
758		unused, unused, { EMPTY } }
759};
760
761
762/*
763 * Master template for CKO_SECRET_KEY + (variable-length keytype)
764 *
765 */
766static const generic_attr_t OBJ_SECKEY_WITHLEN[] =
767{
768	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
769		NotMallocd, Clone, NotEmptyValue, B_FALSE,
770		unused, CKO_SECRET_KEY, { unused } },
771	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
772		NotMallocd, Clone, NotEmptyValue, B_FALSE,
773		unused, CKK_GENERIC_SECRET, { unused } },
774	COMMON_STORAGE_ATTRIBUTES,
775	COMMON_KEY_ATTRIBUTES,
776	COMMON_SECKEY_ATTRIBUTES,
777	{ { CKA_VALUE, NULL, 0 },
778		NotMallocd, Clone, NotEmptyValue, B_FALSE,
779		unused, unused, { EMPTY } },
780	{ { CKA_VALUE_LEN, NULL, sizeof (CK_ULONG) },
781		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
782		unused, 0, { unused } }
783};
784
785
786/* ========================= Domain Parameters ========================= */
787
788
789/*
790 * Master template for CKO_DOMAIN_PARAMETERS + CKK_DSA
791 *
792 */
793static const generic_attr_t OBJ_DOM_DSA[] =
794{
795	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
796		NotMallocd, Clone, NotEmptyValue, B_FALSE,
797		unused, CKO_DOMAIN_PARAMETERS, { unused } },
798	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
799		NotMallocd, Clone, NotEmptyValue, B_FALSE,
800		unused, CKK_DSA, { unused } },
801	COMMON_STORAGE_ATTRIBUTES,
802	COMMON_DOMAIN_ATTRIBUTES,
803	{ { CKA_PRIME, NULL, 0 },
804		NotMallocd, Clone, NotEmptyValue, B_FALSE,
805		unused, unused, { EMPTY } },
806	{ { CKA_SUBPRIME, NULL, 0 },
807		NotMallocd, Clone, NotEmptyValue, B_FALSE,
808		unused, unused, { EMPTY } },
809	{ { CKA_BASE, NULL, 0 },
810		NotMallocd, Clone, NotEmptyValue, B_FALSE,
811		unused, unused, { EMPTY } },
812	{ { CKA_PRIME_BITS, NULL, sizeof (CK_ULONG) },
813		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
814		unused, 0, { unused } }
815};
816
817/*
818 * Master template for CKO_DOMAIN_PARAMETERS + CKK_DH
819 *
820 */
821static const generic_attr_t OBJ_DOM_DH[] =
822{
823	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
824		NotMallocd, Clone, NotEmptyValue, B_FALSE,
825		unused, CKO_DOMAIN_PARAMETERS, { unused } },
826	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
827		NotMallocd, Clone, NotEmptyValue, B_FALSE,
828		unused, CKK_DH, { unused } },
829	COMMON_STORAGE_ATTRIBUTES,
830	COMMON_DOMAIN_ATTRIBUTES,
831	{ { CKA_PRIME, NULL, 0 },
832		NotMallocd, Clone, NotEmptyValue, B_FALSE,
833		unused, unused, { EMPTY } },
834	{ { CKA_BASE, NULL, 0 },
835		NotMallocd, Clone, NotEmptyValue, B_FALSE,
836		unused, unused, { EMPTY } },
837	{ { CKA_PRIME_BITS, NULL, sizeof (CK_ULONG) },
838		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
839		unused, 0, { unused } }
840};
841
842/*
843 * Master template for CKO_DOMAIN_PARAMETERS + CKK_X9_42_DH
844 *
845 */
846static const generic_attr_t OBJ_DOM_X942DH[] =
847{
848	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
849		NotMallocd, Clone, NotEmptyValue, B_FALSE,
850		unused, CKO_DOMAIN_PARAMETERS, { unused } },
851	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
852		NotMallocd, Clone, NotEmptyValue, B_FALSE,
853		unused, CKK_X9_42_DH, { unused } },
854	COMMON_STORAGE_ATTRIBUTES,
855	COMMON_DOMAIN_ATTRIBUTES,
856	{ { CKA_PRIME, NULL, 0 },
857		NotMallocd, Clone, NotEmptyValue, B_FALSE,
858		unused, unused, { EMPTY } },
859	{ { CKA_BASE, NULL, 0 },
860		NotMallocd, Clone, NotEmptyValue, B_FALSE,
861		unused, unused, { EMPTY } },
862	{ { CKA_SUBPRIME, NULL, 0 },
863		NotMallocd, Clone, NotEmptyValue, B_FALSE,
864		unused, unused, { EMPTY } },
865	{ { CKA_PRIME_BITS, NULL, sizeof (CK_ULONG) },
866		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
867		unused, 0, { unused } },
868	{ { CKA_SUBPRIME_BITS, NULL, sizeof (CK_ULONG) },
869		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
870		unused, 0, { unused } }
871};
872
873#ifdef	__cplusplus
874}
875#endif
876
877#endif /* _META_ATTRMASTERS_H */
878