1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate #ifndef _KERNELOBJECT_H 28*7c478bd9Sstevel@tonic-gate #define _KERNELOBJECT_H 29*7c478bd9Sstevel@tonic-gate 30*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 31*7c478bd9Sstevel@tonic-gate 32*7c478bd9Sstevel@tonic-gate #ifdef __cplusplus 33*7c478bd9Sstevel@tonic-gate extern "C" { 34*7c478bd9Sstevel@tonic-gate #endif 35*7c478bd9Sstevel@tonic-gate 36*7c478bd9Sstevel@tonic-gate #include <security/pkcs11t.h> 37*7c478bd9Sstevel@tonic-gate #include "kernelSession.h" 38*7c478bd9Sstevel@tonic-gate #include "kernelSlot.h" 39*7c478bd9Sstevel@tonic-gate 40*7c478bd9Sstevel@tonic-gate #define KERNELTOKEN_OBJECT_MAGIC 0xECF0B003 41*7c478bd9Sstevel@tonic-gate 42*7c478bd9Sstevel@tonic-gate #define RSA_PRI_ATTR_COUNT 7 43*7c478bd9Sstevel@tonic-gate #define RSA_PUB_ATTR_COUNT 3 44*7c478bd9Sstevel@tonic-gate #define DSA_ATTR_COUNT 4 45*7c478bd9Sstevel@tonic-gate 46*7c478bd9Sstevel@tonic-gate /* 47*7c478bd9Sstevel@tonic-gate * Secret key Struct 48*7c478bd9Sstevel@tonic-gate */ 49*7c478bd9Sstevel@tonic-gate typedef struct secret_key_obj { 50*7c478bd9Sstevel@tonic-gate CK_BYTE *sk_value; 51*7c478bd9Sstevel@tonic-gate CK_ULONG sk_value_len; 52*7c478bd9Sstevel@tonic-gate } secret_key_obj_t; 53*7c478bd9Sstevel@tonic-gate 54*7c478bd9Sstevel@tonic-gate 55*7c478bd9Sstevel@tonic-gate /* 56*7c478bd9Sstevel@tonic-gate * This structure is used to hold the attributes in the 57*7c478bd9Sstevel@tonic-gate * Extra Attribute List. 58*7c478bd9Sstevel@tonic-gate */ 59*7c478bd9Sstevel@tonic-gate typedef struct attribute_info { 60*7c478bd9Sstevel@tonic-gate CK_ATTRIBUTE attr; 61*7c478bd9Sstevel@tonic-gate struct attribute_info *next; 62*7c478bd9Sstevel@tonic-gate } attribute_info_t; 63*7c478bd9Sstevel@tonic-gate 64*7c478bd9Sstevel@tonic-gate typedef attribute_info_t *CK_ATTRIBUTE_INFO_PTR; 65*7c478bd9Sstevel@tonic-gate 66*7c478bd9Sstevel@tonic-gate 67*7c478bd9Sstevel@tonic-gate /* 68*7c478bd9Sstevel@tonic-gate * biginteger Struct 69*7c478bd9Sstevel@tonic-gate */ 70*7c478bd9Sstevel@tonic-gate typedef struct biginteger { 71*7c478bd9Sstevel@tonic-gate CK_BYTE *big_value; 72*7c478bd9Sstevel@tonic-gate CK_ULONG big_value_len; 73*7c478bd9Sstevel@tonic-gate } biginteger_t; 74*7c478bd9Sstevel@tonic-gate 75*7c478bd9Sstevel@tonic-gate 76*7c478bd9Sstevel@tonic-gate /* 77*7c478bd9Sstevel@tonic-gate * PKCS11: RSA Public Key Object Attributes 78*7c478bd9Sstevel@tonic-gate */ 79*7c478bd9Sstevel@tonic-gate typedef struct rsa_pub_key { 80*7c478bd9Sstevel@tonic-gate biginteger_t modulus; 81*7c478bd9Sstevel@tonic-gate CK_ULONG modulus_bits; 82*7c478bd9Sstevel@tonic-gate biginteger_t pub_exponent; 83*7c478bd9Sstevel@tonic-gate } rsa_pub_key_t; 84*7c478bd9Sstevel@tonic-gate 85*7c478bd9Sstevel@tonic-gate 86*7c478bd9Sstevel@tonic-gate /* 87*7c478bd9Sstevel@tonic-gate * PKCS11: DSA Public Key Object Attributes 88*7c478bd9Sstevel@tonic-gate */ 89*7c478bd9Sstevel@tonic-gate typedef struct dsa_pub_key { 90*7c478bd9Sstevel@tonic-gate biginteger_t prime; 91*7c478bd9Sstevel@tonic-gate biginteger_t subprime; 92*7c478bd9Sstevel@tonic-gate biginteger_t base; 93*7c478bd9Sstevel@tonic-gate biginteger_t value; 94*7c478bd9Sstevel@tonic-gate } dsa_pub_key_t; 95*7c478bd9Sstevel@tonic-gate 96*7c478bd9Sstevel@tonic-gate 97*7c478bd9Sstevel@tonic-gate /* 98*7c478bd9Sstevel@tonic-gate * Public Key Main Struct 99*7c478bd9Sstevel@tonic-gate */ 100*7c478bd9Sstevel@tonic-gate typedef struct public_key_obj { 101*7c478bd9Sstevel@tonic-gate union { 102*7c478bd9Sstevel@tonic-gate rsa_pub_key_t rsa_pub_key; /* RSA public key */ 103*7c478bd9Sstevel@tonic-gate dsa_pub_key_t dsa_pub_key; /* DSA public key */ 104*7c478bd9Sstevel@tonic-gate } key_type_u; 105*7c478bd9Sstevel@tonic-gate } public_key_obj_t; 106*7c478bd9Sstevel@tonic-gate 107*7c478bd9Sstevel@tonic-gate 108*7c478bd9Sstevel@tonic-gate /* 109*7c478bd9Sstevel@tonic-gate * PKCS11: RSA Private Key Object Attributes 110*7c478bd9Sstevel@tonic-gate */ 111*7c478bd9Sstevel@tonic-gate typedef struct rsa_pri_key { 112*7c478bd9Sstevel@tonic-gate biginteger_t modulus; 113*7c478bd9Sstevel@tonic-gate biginteger_t pub_exponent; 114*7c478bd9Sstevel@tonic-gate biginteger_t pri_exponent; 115*7c478bd9Sstevel@tonic-gate biginteger_t prime_1; 116*7c478bd9Sstevel@tonic-gate biginteger_t prime_2; 117*7c478bd9Sstevel@tonic-gate biginteger_t exponent_1; 118*7c478bd9Sstevel@tonic-gate biginteger_t exponent_2; 119*7c478bd9Sstevel@tonic-gate biginteger_t coefficient; 120*7c478bd9Sstevel@tonic-gate } rsa_pri_key_t; 121*7c478bd9Sstevel@tonic-gate 122*7c478bd9Sstevel@tonic-gate 123*7c478bd9Sstevel@tonic-gate /* 124*7c478bd9Sstevel@tonic-gate * PKCS11: DSA Private Key Object Attributes 125*7c478bd9Sstevel@tonic-gate */ 126*7c478bd9Sstevel@tonic-gate typedef struct dsa_pri_key { 127*7c478bd9Sstevel@tonic-gate biginteger_t prime; 128*7c478bd9Sstevel@tonic-gate biginteger_t subprime; 129*7c478bd9Sstevel@tonic-gate biginteger_t base; 130*7c478bd9Sstevel@tonic-gate biginteger_t value; 131*7c478bd9Sstevel@tonic-gate } dsa_pri_key_t; 132*7c478bd9Sstevel@tonic-gate 133*7c478bd9Sstevel@tonic-gate 134*7c478bd9Sstevel@tonic-gate /* 135*7c478bd9Sstevel@tonic-gate * Private Key Main Struct 136*7c478bd9Sstevel@tonic-gate */ 137*7c478bd9Sstevel@tonic-gate typedef struct private_key_obj { 138*7c478bd9Sstevel@tonic-gate union { 139*7c478bd9Sstevel@tonic-gate rsa_pri_key_t rsa_pri_key; /* RSA private key */ 140*7c478bd9Sstevel@tonic-gate dsa_pri_key_t dsa_pri_key; /* DSA private key */ 141*7c478bd9Sstevel@tonic-gate } key_type_u; 142*7c478bd9Sstevel@tonic-gate } private_key_obj_t; 143*7c478bd9Sstevel@tonic-gate 144*7c478bd9Sstevel@tonic-gate 145*7c478bd9Sstevel@tonic-gate /* 146*7c478bd9Sstevel@tonic-gate * This is the main structure of the Objects. 147*7c478bd9Sstevel@tonic-gate */ 148*7c478bd9Sstevel@tonic-gate typedef struct object { 149*7c478bd9Sstevel@tonic-gate boolean_t is_lib_obj; /* default is TRUE */ 150*7c478bd9Sstevel@tonic-gate crypto_object_id_t k_handle; 151*7c478bd9Sstevel@tonic-gate 152*7c478bd9Sstevel@tonic-gate /* Generic common fields. Always present */ 153*7c478bd9Sstevel@tonic-gate CK_OBJECT_CLASS class; 154*7c478bd9Sstevel@tonic-gate CK_KEY_TYPE key_type; 155*7c478bd9Sstevel@tonic-gate CK_ULONG magic_marker; 156*7c478bd9Sstevel@tonic-gate uint64_t bool_attr_mask; 157*7c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mechanism; 158*7c478bd9Sstevel@tonic-gate 159*7c478bd9Sstevel@tonic-gate /* Fields for access and arbitration */ 160*7c478bd9Sstevel@tonic-gate pthread_mutex_t object_mutex; 161*7c478bd9Sstevel@tonic-gate struct object *next; 162*7c478bd9Sstevel@tonic-gate struct object *prev; 163*7c478bd9Sstevel@tonic-gate 164*7c478bd9Sstevel@tonic-gate /* Extra non-boolean attribute list */ 165*7c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_INFO_PTR extra_attrlistp; 166*7c478bd9Sstevel@tonic-gate CK_ULONG extra_attrcount; 167*7c478bd9Sstevel@tonic-gate 168*7c478bd9Sstevel@tonic-gate /* For each object, only one object class is presented */ 169*7c478bd9Sstevel@tonic-gate union { 170*7c478bd9Sstevel@tonic-gate secret_key_obj_t *secret_key; 171*7c478bd9Sstevel@tonic-gate public_key_obj_t *public_key; 172*7c478bd9Sstevel@tonic-gate private_key_obj_t *private_key; 173*7c478bd9Sstevel@tonic-gate } object_class_u; 174*7c478bd9Sstevel@tonic-gate 175*7c478bd9Sstevel@tonic-gate /* Session handle that the object belongs to */ 176*7c478bd9Sstevel@tonic-gate CK_SESSION_HANDLE session_handle; 177*7c478bd9Sstevel@tonic-gate 178*7c478bd9Sstevel@tonic-gate } kernel_object_t; 179*7c478bd9Sstevel@tonic-gate 180*7c478bd9Sstevel@tonic-gate 181*7c478bd9Sstevel@tonic-gate typedef struct find_context { 182*7c478bd9Sstevel@tonic-gate kernel_object_t **objs_found; 183*7c478bd9Sstevel@tonic-gate CK_ULONG num_results; 184*7c478bd9Sstevel@tonic-gate CK_ULONG next_result_index; /* next result object to return */ 185*7c478bd9Sstevel@tonic-gate } find_context_t; 186*7c478bd9Sstevel@tonic-gate 187*7c478bd9Sstevel@tonic-gate /* 188*7c478bd9Sstevel@tonic-gate * The following definitions are the shortcuts 189*7c478bd9Sstevel@tonic-gate */ 190*7c478bd9Sstevel@tonic-gate 191*7c478bd9Sstevel@tonic-gate /* 192*7c478bd9Sstevel@tonic-gate * Secret Key Object Attributes 193*7c478bd9Sstevel@tonic-gate */ 194*7c478bd9Sstevel@tonic-gate #define OBJ_SEC(o) \ 195*7c478bd9Sstevel@tonic-gate (o->object_class_u.secret_key) 196*7c478bd9Sstevel@tonic-gate #define OBJ_SEC_VALUE(o) \ 197*7c478bd9Sstevel@tonic-gate (o->object_class_u.secret_key->sk_value) 198*7c478bd9Sstevel@tonic-gate #define OBJ_SEC_VALUE_LEN(o) \ 199*7c478bd9Sstevel@tonic-gate (o->object_class_u.secret_key->sk_value_len) 200*7c478bd9Sstevel@tonic-gate 201*7c478bd9Sstevel@tonic-gate /* 202*7c478bd9Sstevel@tonic-gate * RSA Public Key Object Attributes 203*7c478bd9Sstevel@tonic-gate */ 204*7c478bd9Sstevel@tonic-gate #define OBJ_PUB(o) \ 205*7c478bd9Sstevel@tonic-gate ((o)->object_class_u.public_key) 206*7c478bd9Sstevel@tonic-gate #define KEY_PUB_RSA(k) \ 207*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pub_key) 208*7c478bd9Sstevel@tonic-gate #define OBJ_PUB_RSA_MOD(o) \ 209*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.rsa_pub_key.modulus) 210*7c478bd9Sstevel@tonic-gate #define KEY_PUB_RSA_MOD(k) \ 211*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pub_key.modulus) 212*7c478bd9Sstevel@tonic-gate #define OBJ_PUB_RSA_PUBEXPO(o) \ 213*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.rsa_pub_key.pub_exponent) 214*7c478bd9Sstevel@tonic-gate #define KEY_PUB_RSA_PUBEXPO(k) \ 215*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pub_key.pub_exponent) 216*7c478bd9Sstevel@tonic-gate #define OBJ_PUB_RSA_MOD_BITS(o) \ 217*7c478bd9Sstevel@tonic-gate ((o)->object_class_u.public_key->key_type_u.rsa_pub_key.modulus_bits) 218*7c478bd9Sstevel@tonic-gate #define KEY_PUB_RSA_MOD_BITS(k) \ 219*7c478bd9Sstevel@tonic-gate ((k)->key_type_u.rsa_pub_key.modulus_bits) 220*7c478bd9Sstevel@tonic-gate 221*7c478bd9Sstevel@tonic-gate 222*7c478bd9Sstevel@tonic-gate /* 223*7c478bd9Sstevel@tonic-gate * DSA Public Key Object Attributes 224*7c478bd9Sstevel@tonic-gate */ 225*7c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA(k) \ 226*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key) 227*7c478bd9Sstevel@tonic-gate #define OBJ_PUB_DSA_PRIME(o) \ 228*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dsa_pub_key.prime) 229*7c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA_PRIME(k) \ 230*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key.prime) 231*7c478bd9Sstevel@tonic-gate #define OBJ_PUB_DSA_SUBPRIME(o) \ 232*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dsa_pub_key.subprime) 233*7c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA_SUBPRIME(k) \ 234*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key.subprime) 235*7c478bd9Sstevel@tonic-gate #define OBJ_PUB_DSA_BASE(o) \ 236*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dsa_pub_key.base) 237*7c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA_BASE(k) \ 238*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key.base) 239*7c478bd9Sstevel@tonic-gate #define OBJ_PUB_DSA_VALUE(o) \ 240*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dsa_pub_key.value) 241*7c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA_VALUE(k) \ 242*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key.value) 243*7c478bd9Sstevel@tonic-gate 244*7c478bd9Sstevel@tonic-gate 245*7c478bd9Sstevel@tonic-gate /* 246*7c478bd9Sstevel@tonic-gate * RSA Private Key Object Attributes 247*7c478bd9Sstevel@tonic-gate */ 248*7c478bd9Sstevel@tonic-gate #define OBJ_PRI(o) \ 249*7c478bd9Sstevel@tonic-gate ((o)->object_class_u.private_key) 250*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA(k) \ 251*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key) 252*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_MOD(o) \ 253*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.modulus) 254*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_MOD(k) \ 255*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.modulus) 256*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_PUBEXPO(o) \ 257*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.pub_exponent) 258*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_PUBEXPO(k) \ 259*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.pub_exponent) 260*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_PRIEXPO(o) \ 261*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.pri_exponent) 262*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_PRIEXPO(k) \ 263*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.pri_exponent) 264*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_PRIME1(o) \ 265*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.prime_1) 266*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_PRIME1(k) \ 267*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.prime_1) 268*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_PRIME2(o) \ 269*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.prime_2) 270*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_PRIME2(k) \ 271*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.prime_2) 272*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_EXPO1(o) \ 273*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.exponent_1) 274*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_EXPO1(k) \ 275*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.exponent_1) 276*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_EXPO2(o) \ 277*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.exponent_2) 278*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_EXPO2(k) \ 279*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.exponent_2) 280*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_COEF(o) \ 281*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.coefficient) 282*7c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_COEF(k) \ 283*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.coefficient) 284*7c478bd9Sstevel@tonic-gate 285*7c478bd9Sstevel@tonic-gate /* 286*7c478bd9Sstevel@tonic-gate * DSA Private Key Object Attributes 287*7c478bd9Sstevel@tonic-gate */ 288*7c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA(k) \ 289*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key) 290*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_DSA_PRIME(o) \ 291*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dsa_pri_key.prime) 292*7c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA_PRIME(k) \ 293*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key.prime) 294*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_DSA_SUBPRIME(o) \ 295*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dsa_pri_key.subprime) 296*7c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA_SUBPRIME(k) \ 297*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key.subprime) 298*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_DSA_BASE(o) \ 299*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dsa_pri_key.base) 300*7c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA_BASE(k) \ 301*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key.base) 302*7c478bd9Sstevel@tonic-gate #define OBJ_PRI_DSA_VALUE(o) \ 303*7c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dsa_pri_key.value) 304*7c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA_VALUE(k) \ 305*7c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key.value) 306*7c478bd9Sstevel@tonic-gate 307*7c478bd9Sstevel@tonic-gate /* 308*7c478bd9Sstevel@tonic-gate * key related attributes with CK_BBOOL data type 309*7c478bd9Sstevel@tonic-gate */ 310*7c478bd9Sstevel@tonic-gate #define DERIVE_BOOL_ON 0x00000001 311*7c478bd9Sstevel@tonic-gate #define LOCAL_BOOL_ON 0x00000002 312*7c478bd9Sstevel@tonic-gate #define SENSITIVE_BOOL_ON 0x00000004 313*7c478bd9Sstevel@tonic-gate #define SECONDARY_AUTH_BOOL_ON 0x00000008 314*7c478bd9Sstevel@tonic-gate #define ENCRYPT_BOOL_ON 0x00000010 315*7c478bd9Sstevel@tonic-gate #define DECRYPT_BOOL_ON 0x00000020 316*7c478bd9Sstevel@tonic-gate #define SIGN_BOOL_ON 0x00000040 317*7c478bd9Sstevel@tonic-gate #define SIGN_RECOVER_BOOL_ON 0x00000080 318*7c478bd9Sstevel@tonic-gate #define VERIFY_BOOL_ON 0x00000100 319*7c478bd9Sstevel@tonic-gate #define VERIFY_RECOVER_BOOL_ON 0x00000200 320*7c478bd9Sstevel@tonic-gate #define WRAP_BOOL_ON 0x00000400 321*7c478bd9Sstevel@tonic-gate #define UNWRAP_BOOL_ON 0x00000800 322*7c478bd9Sstevel@tonic-gate #define TRUSTED_BOOL_ON 0x00001000 323*7c478bd9Sstevel@tonic-gate #define EXTRACTABLE_BOOL_ON 0x00002000 324*7c478bd9Sstevel@tonic-gate #define ALWAYS_SENSITIVE_BOOL_ON 0x00004000 325*7c478bd9Sstevel@tonic-gate #define NEVER_EXTRACTABLE_BOOL_ON 0x00008000 326*7c478bd9Sstevel@tonic-gate #define PRIVATE_BOOL_ON 0x00010000 327*7c478bd9Sstevel@tonic-gate #define TOKEN_BOOL_ON 0x00020000 328*7c478bd9Sstevel@tonic-gate #define MODIFIABLE_BOOL_ON 0x00040000 329*7c478bd9Sstevel@tonic-gate 330*7c478bd9Sstevel@tonic-gate #define SECRET_KEY_DEFAULT (ENCRYPT_BOOL_ON|\ 331*7c478bd9Sstevel@tonic-gate DECRYPT_BOOL_ON|\ 332*7c478bd9Sstevel@tonic-gate SIGN_BOOL_ON|\ 333*7c478bd9Sstevel@tonic-gate VERIFY_BOOL_ON|\ 334*7c478bd9Sstevel@tonic-gate EXTRACTABLE_BOOL_ON|\ 335*7c478bd9Sstevel@tonic-gate MODIFIABLE_BOOL_ON) 336*7c478bd9Sstevel@tonic-gate 337*7c478bd9Sstevel@tonic-gate #define PUBLIC_KEY_DEFAULT (ENCRYPT_BOOL_ON|\ 338*7c478bd9Sstevel@tonic-gate VERIFY_BOOL_ON|\ 339*7c478bd9Sstevel@tonic-gate VERIFY_RECOVER_BOOL_ON|\ 340*7c478bd9Sstevel@tonic-gate MODIFIABLE_BOOL_ON) 341*7c478bd9Sstevel@tonic-gate 342*7c478bd9Sstevel@tonic-gate #define PRIVATE_KEY_DEFAULT (DECRYPT_BOOL_ON|\ 343*7c478bd9Sstevel@tonic-gate SIGN_BOOL_ON|\ 344*7c478bd9Sstevel@tonic-gate SIGN_RECOVER_BOOL_ON|\ 345*7c478bd9Sstevel@tonic-gate EXTRACTABLE_BOOL_ON|\ 346*7c478bd9Sstevel@tonic-gate MODIFIABLE_BOOL_ON) 347*7c478bd9Sstevel@tonic-gate 348*7c478bd9Sstevel@tonic-gate /* 349*7c478bd9Sstevel@tonic-gate * This macro is used to type cast an object handle to a pointer to 350*7c478bd9Sstevel@tonic-gate * the object struct. Also, it checks to see if the object struct 351*7c478bd9Sstevel@tonic-gate * is tagged with an object magic number. This is to detect when an 352*7c478bd9Sstevel@tonic-gate * application passes a bogus object pointer. 353*7c478bd9Sstevel@tonic-gate */ 354*7c478bd9Sstevel@tonic-gate #define HANDLE2OBJECT(hObject, object_p, rv) \ 355*7c478bd9Sstevel@tonic-gate if (hObject == NULL) { \ 356*7c478bd9Sstevel@tonic-gate rv = CKR_OBJECT_HANDLE_INVALID; \ 357*7c478bd9Sstevel@tonic-gate } else { \ 358*7c478bd9Sstevel@tonic-gate object_p = (kernel_object_t *)(hObject); \ 359*7c478bd9Sstevel@tonic-gate rv = ((object_p->magic_marker == KERNELTOKEN_OBJECT_MAGIC) \ 360*7c478bd9Sstevel@tonic-gate ? CKR_OK : CKR_OBJECT_HANDLE_INVALID); \ 361*7c478bd9Sstevel@tonic-gate } 362*7c478bd9Sstevel@tonic-gate 363*7c478bd9Sstevel@tonic-gate /* 364*7c478bd9Sstevel@tonic-gate * Function Prototypes. 365*7c478bd9Sstevel@tonic-gate */ 366*7c478bd9Sstevel@tonic-gate void kernel_cleanup_object(kernel_object_t *objp); 367*7c478bd9Sstevel@tonic-gate 368*7c478bd9Sstevel@tonic-gate CK_RV kernel_add_object(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 369*7c478bd9Sstevel@tonic-gate CK_ULONG *objecthandle_p, kernel_session_t *sp); 370*7c478bd9Sstevel@tonic-gate 371*7c478bd9Sstevel@tonic-gate CK_RV kernel_delete_session_object(kernel_session_t *sp, kernel_object_t *objp, 372*7c478bd9Sstevel@tonic-gate boolean_t lock_held, boolean_t wrapper_only); 373*7c478bd9Sstevel@tonic-gate 374*7c478bd9Sstevel@tonic-gate void kernel_cleanup_extra_attr(kernel_object_t *object_p); 375*7c478bd9Sstevel@tonic-gate 376*7c478bd9Sstevel@tonic-gate CK_RV kernel_copy_extra_attr(CK_ATTRIBUTE_INFO_PTR old_attrp, 377*7c478bd9Sstevel@tonic-gate kernel_object_t *object_p); 378*7c478bd9Sstevel@tonic-gate 379*7c478bd9Sstevel@tonic-gate void kernel_cleanup_object_bigint_attrs(kernel_object_t *object_p); 380*7c478bd9Sstevel@tonic-gate 381*7c478bd9Sstevel@tonic-gate CK_RV kernel_build_object(CK_ATTRIBUTE_PTR template, 382*7c478bd9Sstevel@tonic-gate CK_ULONG ulAttrNum, kernel_object_t *new_object, kernel_session_t *sp); 383*7c478bd9Sstevel@tonic-gate 384*7c478bd9Sstevel@tonic-gate CK_RV kernel_copy_object(kernel_object_t *old_object, 385*7c478bd9Sstevel@tonic-gate kernel_object_t **new_object, boolean_t copy_everything, 386*7c478bd9Sstevel@tonic-gate kernel_session_t *sp); 387*7c478bd9Sstevel@tonic-gate 388*7c478bd9Sstevel@tonic-gate void kernel_merge_object(kernel_object_t *old_object, 389*7c478bd9Sstevel@tonic-gate kernel_object_t *new_object); 390*7c478bd9Sstevel@tonic-gate 391*7c478bd9Sstevel@tonic-gate CK_RV kernel_get_attribute(kernel_object_t *object_p, 392*7c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR template); 393*7c478bd9Sstevel@tonic-gate 394*7c478bd9Sstevel@tonic-gate CK_RV kernel_set_attribute(kernel_object_t *object_p, 395*7c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR template, boolean_t copy, kernel_session_t *sp); 396*7c478bd9Sstevel@tonic-gate 397*7c478bd9Sstevel@tonic-gate void copy_bigint_attr(biginteger_t *src, biginteger_t *dst); 398*7c478bd9Sstevel@tonic-gate 399*7c478bd9Sstevel@tonic-gate void kernel_add_object_to_session(kernel_object_t *objp, kernel_session_t *sp); 400*7c478bd9Sstevel@tonic-gate 401*7c478bd9Sstevel@tonic-gate CK_RV kernel_copy_public_key_attr(public_key_obj_t *old_pub_key_obj_p, 402*7c478bd9Sstevel@tonic-gate public_key_obj_t **new_pub_key_obj_p, CK_KEY_TYPE key_type); 403*7c478bd9Sstevel@tonic-gate 404*7c478bd9Sstevel@tonic-gate CK_RV kernel_copy_private_key_attr(private_key_obj_t *old_pri_key_obj_p, 405*7c478bd9Sstevel@tonic-gate private_key_obj_t **new_pri_key_obj_p, CK_KEY_TYPE key_type); 406*7c478bd9Sstevel@tonic-gate 407*7c478bd9Sstevel@tonic-gate CK_RV kernel_copy_secret_key_attr(secret_key_obj_t *old_secret_key_obj_p, 408*7c478bd9Sstevel@tonic-gate secret_key_obj_t **new_secret_key_obj_p); 409*7c478bd9Sstevel@tonic-gate 410*7c478bd9Sstevel@tonic-gate CK_RV kernel_validate_attr(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum, 411*7c478bd9Sstevel@tonic-gate CK_OBJECT_CLASS *class); 412*7c478bd9Sstevel@tonic-gate 413*7c478bd9Sstevel@tonic-gate CK_RV kernel_find_objects_init(kernel_session_t *sp, 414*7c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 415*7c478bd9Sstevel@tonic-gate 416*7c478bd9Sstevel@tonic-gate void kernel_find_objects_final(kernel_session_t *sp); 417*7c478bd9Sstevel@tonic-gate 418*7c478bd9Sstevel@tonic-gate void kernel_find_objects(kernel_session_t *sp, 419*7c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE *obj_found, CK_ULONG max_obj_requested, 420*7c478bd9Sstevel@tonic-gate CK_ULONG *found_obj_count); 421*7c478bd9Sstevel@tonic-gate 422*7c478bd9Sstevel@tonic-gate void kernel_process_find_attr(CK_OBJECT_CLASS *pclasses, 423*7c478bd9Sstevel@tonic-gate CK_ULONG *num_result_pclasses, CK_ATTRIBUTE_PTR pTemplate, 424*7c478bd9Sstevel@tonic-gate CK_ULONG ulCount); 425*7c478bd9Sstevel@tonic-gate 426*7c478bd9Sstevel@tonic-gate boolean_t kernel_find_match_attrs(kernel_object_t *obj, 427*7c478bd9Sstevel@tonic-gate CK_OBJECT_CLASS *pclasses, CK_ULONG num_pclasses, 428*7c478bd9Sstevel@tonic-gate CK_ATTRIBUTE *tmpl_attr, CK_ULONG num_attr); 429*7c478bd9Sstevel@tonic-gate 430*7c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR get_extra_attr(CK_ATTRIBUTE_TYPE type, kernel_object_t *obj); 431*7c478bd9Sstevel@tonic-gate 432*7c478bd9Sstevel@tonic-gate CK_RV get_string_from_template(CK_ATTRIBUTE_PTR dest, CK_ATTRIBUTE_PTR src); 433*7c478bd9Sstevel@tonic-gate 434*7c478bd9Sstevel@tonic-gate void string_attr_cleanup(CK_ATTRIBUTE_PTR template); 435*7c478bd9Sstevel@tonic-gate 436*7c478bd9Sstevel@tonic-gate void kernel_add_token_object_to_slot(kernel_object_t *objp, 437*7c478bd9Sstevel@tonic-gate kernel_slot_t *pslot); 438*7c478bd9Sstevel@tonic-gate 439*7c478bd9Sstevel@tonic-gate void kernel_remove_token_object_from_slot(kernel_slot_t *pslot, 440*7c478bd9Sstevel@tonic-gate kernel_object_t *objp); 441*7c478bd9Sstevel@tonic-gate 442*7c478bd9Sstevel@tonic-gate CK_RV kernel_delete_token_object(kernel_slot_t *pslot, kernel_session_t *sp, 443*7c478bd9Sstevel@tonic-gate kernel_object_t *obj, boolean_t lock_held, boolean_t wrapper_only); 444*7c478bd9Sstevel@tonic-gate 445*7c478bd9Sstevel@tonic-gate void kernel_cleanup_pri_objects_in_slot(kernel_slot_t *pslot, 446*7c478bd9Sstevel@tonic-gate kernel_session_t *sp); 447*7c478bd9Sstevel@tonic-gate 448*7c478bd9Sstevel@tonic-gate CK_RV kernel_get_object_size(kernel_object_t *objp, CK_ULONG_PTR pulSize); 449*7c478bd9Sstevel@tonic-gate 450*7c478bd9Sstevel@tonic-gate #ifdef __cplusplus 451*7c478bd9Sstevel@tonic-gate } 452*7c478bd9Sstevel@tonic-gate #endif 453*7c478bd9Sstevel@tonic-gate 454*7c478bd9Sstevel@tonic-gate #endif /* _KERNELOBJECT_H */ 455