17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 58047c9fbSmcpowers * Common Development and Distribution License (the "License"). 68047c9fbSmcpowers * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*ac129f9eSKrishna Yenduri * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #ifndef _SYS_CRYPTO_OPS_IMPL_H 277c478bd9Sstevel@tonic-gate #define _SYS_CRYPTO_OPS_IMPL_H 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate /* 307c478bd9Sstevel@tonic-gate * Scheduler internal structures. 317c478bd9Sstevel@tonic-gate */ 327c478bd9Sstevel@tonic-gate 337c478bd9Sstevel@tonic-gate #ifdef __cplusplus 347c478bd9Sstevel@tonic-gate extern "C" { 357c478bd9Sstevel@tonic-gate #endif 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate #include <sys/types.h> 387c478bd9Sstevel@tonic-gate #include <sys/mutex.h> 397c478bd9Sstevel@tonic-gate #include <sys/condvar.h> 407c478bd9Sstevel@tonic-gate #include <sys/crypto/api.h> 417c478bd9Sstevel@tonic-gate #include <sys/crypto/spi.h> 427c478bd9Sstevel@tonic-gate #include <sys/crypto/impl.h> 437c478bd9Sstevel@tonic-gate #include <sys/crypto/common.h> 447c478bd9Sstevel@tonic-gate 457c478bd9Sstevel@tonic-gate /* 467c478bd9Sstevel@tonic-gate * The parameters needed for each function group are batched 477c478bd9Sstevel@tonic-gate * in one structure. This is much simpler than having a 487c478bd9Sstevel@tonic-gate * separate structure for each function. 497c478bd9Sstevel@tonic-gate * 507c478bd9Sstevel@tonic-gate * In some cases, a field is generically named to keep the 517c478bd9Sstevel@tonic-gate * structure small. The comments indicate these cases. 527c478bd9Sstevel@tonic-gate */ 537c478bd9Sstevel@tonic-gate typedef struct kcf_digest_ops_params { 547c478bd9Sstevel@tonic-gate crypto_session_id_t do_sid; 557c478bd9Sstevel@tonic-gate crypto_mech_type_t do_framework_mechtype; 567c478bd9Sstevel@tonic-gate crypto_mechanism_t do_mech; 577c478bd9Sstevel@tonic-gate crypto_data_t *do_data; 587c478bd9Sstevel@tonic-gate crypto_data_t *do_digest; 597c478bd9Sstevel@tonic-gate crypto_key_t *do_digest_key; /* Argument for digest_key() */ 607c478bd9Sstevel@tonic-gate } kcf_digest_ops_params_t; 617c478bd9Sstevel@tonic-gate 627c478bd9Sstevel@tonic-gate typedef struct kcf_mac_ops_params { 637c478bd9Sstevel@tonic-gate crypto_session_id_t mo_sid; 647c478bd9Sstevel@tonic-gate crypto_mech_type_t mo_framework_mechtype; 657c478bd9Sstevel@tonic-gate crypto_mechanism_t mo_mech; 667c478bd9Sstevel@tonic-gate crypto_key_t *mo_key; 677c478bd9Sstevel@tonic-gate crypto_data_t *mo_data; 687c478bd9Sstevel@tonic-gate crypto_data_t *mo_mac; 697c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t mo_templ; 707c478bd9Sstevel@tonic-gate } kcf_mac_ops_params_t; 717c478bd9Sstevel@tonic-gate 727c478bd9Sstevel@tonic-gate typedef struct kcf_encrypt_ops_params { 737c478bd9Sstevel@tonic-gate crypto_session_id_t eo_sid; 747c478bd9Sstevel@tonic-gate crypto_mech_type_t eo_framework_mechtype; 757c478bd9Sstevel@tonic-gate crypto_mechanism_t eo_mech; 767c478bd9Sstevel@tonic-gate crypto_key_t *eo_key; 777c478bd9Sstevel@tonic-gate crypto_data_t *eo_plaintext; 787c478bd9Sstevel@tonic-gate crypto_data_t *eo_ciphertext; 797c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t eo_templ; 807c478bd9Sstevel@tonic-gate } kcf_encrypt_ops_params_t; 817c478bd9Sstevel@tonic-gate 827c478bd9Sstevel@tonic-gate typedef struct kcf_decrypt_ops_params { 837c478bd9Sstevel@tonic-gate crypto_session_id_t dop_sid; 847c478bd9Sstevel@tonic-gate crypto_mech_type_t dop_framework_mechtype; 857c478bd9Sstevel@tonic-gate crypto_mechanism_t dop_mech; 867c478bd9Sstevel@tonic-gate crypto_key_t *dop_key; 877c478bd9Sstevel@tonic-gate crypto_data_t *dop_ciphertext; 887c478bd9Sstevel@tonic-gate crypto_data_t *dop_plaintext; 897c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t dop_templ; 907c478bd9Sstevel@tonic-gate } kcf_decrypt_ops_params_t; 917c478bd9Sstevel@tonic-gate 927c478bd9Sstevel@tonic-gate typedef struct kcf_sign_ops_params { 937c478bd9Sstevel@tonic-gate crypto_session_id_t so_sid; 947c478bd9Sstevel@tonic-gate crypto_mech_type_t so_framework_mechtype; 957c478bd9Sstevel@tonic-gate crypto_mechanism_t so_mech; 967c478bd9Sstevel@tonic-gate crypto_key_t *so_key; 977c478bd9Sstevel@tonic-gate crypto_data_t *so_data; 987c478bd9Sstevel@tonic-gate crypto_data_t *so_signature; 997c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t so_templ; 1007c478bd9Sstevel@tonic-gate } kcf_sign_ops_params_t; 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate typedef struct kcf_verify_ops_params { 1037c478bd9Sstevel@tonic-gate crypto_session_id_t vo_sid; 1047c478bd9Sstevel@tonic-gate crypto_mech_type_t vo_framework_mechtype; 1057c478bd9Sstevel@tonic-gate crypto_mechanism_t vo_mech; 1067c478bd9Sstevel@tonic-gate crypto_key_t *vo_key; 1077c478bd9Sstevel@tonic-gate crypto_data_t *vo_data; 1087c478bd9Sstevel@tonic-gate crypto_data_t *vo_signature; 1097c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t vo_templ; 1107c478bd9Sstevel@tonic-gate } kcf_verify_ops_params_t; 1117c478bd9Sstevel@tonic-gate 1127c478bd9Sstevel@tonic-gate typedef struct kcf_encrypt_mac_ops_params { 1137c478bd9Sstevel@tonic-gate crypto_session_id_t em_sid; 1147c478bd9Sstevel@tonic-gate crypto_mech_type_t em_framework_encr_mechtype; 1157c478bd9Sstevel@tonic-gate crypto_mechanism_t em_encr_mech; 1167c478bd9Sstevel@tonic-gate crypto_key_t *em_encr_key; 1177c478bd9Sstevel@tonic-gate crypto_mech_type_t em_framework_mac_mechtype; 1187c478bd9Sstevel@tonic-gate crypto_mechanism_t em_mac_mech; 1197c478bd9Sstevel@tonic-gate crypto_key_t *em_mac_key; 1207c478bd9Sstevel@tonic-gate crypto_data_t *em_plaintext; 1217c478bd9Sstevel@tonic-gate crypto_dual_data_t *em_ciphertext; 1227c478bd9Sstevel@tonic-gate crypto_data_t *em_mac; 1237c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t em_encr_templ; 1247c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t em_mac_templ; 1257c478bd9Sstevel@tonic-gate } kcf_encrypt_mac_ops_params_t; 1267c478bd9Sstevel@tonic-gate 1277c478bd9Sstevel@tonic-gate typedef struct kcf_mac_decrypt_ops_params { 1287c478bd9Sstevel@tonic-gate crypto_session_id_t md_sid; 1297c478bd9Sstevel@tonic-gate crypto_mech_type_t md_framework_mac_mechtype; 1307c478bd9Sstevel@tonic-gate crypto_mechanism_t md_mac_mech; 1317c478bd9Sstevel@tonic-gate crypto_key_t *md_mac_key; 1327c478bd9Sstevel@tonic-gate crypto_mech_type_t md_framework_decr_mechtype; 1337c478bd9Sstevel@tonic-gate crypto_mechanism_t md_decr_mech; 1347c478bd9Sstevel@tonic-gate crypto_key_t *md_decr_key; 1357c478bd9Sstevel@tonic-gate crypto_dual_data_t *md_ciphertext; 1367c478bd9Sstevel@tonic-gate crypto_data_t *md_mac; 1377c478bd9Sstevel@tonic-gate crypto_data_t *md_plaintext; 1387c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t md_mac_templ; 1397c478bd9Sstevel@tonic-gate crypto_spi_ctx_template_t md_decr_templ; 1407c478bd9Sstevel@tonic-gate } kcf_mac_decrypt_ops_params_t; 1417c478bd9Sstevel@tonic-gate 1427c478bd9Sstevel@tonic-gate typedef struct kcf_random_number_ops_params { 1437c478bd9Sstevel@tonic-gate crypto_session_id_t rn_sid; 1447c478bd9Sstevel@tonic-gate uchar_t *rn_buf; 1457c478bd9Sstevel@tonic-gate size_t rn_buflen; 1468047c9fbSmcpowers uint_t rn_entropy_est; 1478047c9fbSmcpowers uint32_t rn_flags; 1487c478bd9Sstevel@tonic-gate } kcf_random_number_ops_params_t; 1497c478bd9Sstevel@tonic-gate 1507c478bd9Sstevel@tonic-gate /* 1517c478bd9Sstevel@tonic-gate * so_pd is useful when the provider descriptor (pd) supplying the 1527c478bd9Sstevel@tonic-gate * provider handle is different from the pd supplying the ops vector. 1537c478bd9Sstevel@tonic-gate * This is the case for session open/close where so_pd can be the pd 1547c478bd9Sstevel@tonic-gate * of a logical provider. The pd supplying the ops vector is passed 1557c478bd9Sstevel@tonic-gate * as an argument to kcf_submit_request(). 1567c478bd9Sstevel@tonic-gate */ 1577c478bd9Sstevel@tonic-gate typedef struct kcf_session_ops_params { 1587c478bd9Sstevel@tonic-gate crypto_session_id_t *so_sid_ptr; 1597c478bd9Sstevel@tonic-gate crypto_session_id_t so_sid; 1607c478bd9Sstevel@tonic-gate crypto_user_type_t so_user_type; 1617c478bd9Sstevel@tonic-gate char *so_pin; 1627c478bd9Sstevel@tonic-gate size_t so_pin_len; 1637c478bd9Sstevel@tonic-gate kcf_provider_desc_t *so_pd; 1647c478bd9Sstevel@tonic-gate } kcf_session_ops_params_t; 1657c478bd9Sstevel@tonic-gate 1667c478bd9Sstevel@tonic-gate typedef struct kcf_object_ops_params { 1677c478bd9Sstevel@tonic-gate crypto_session_id_t oo_sid; 1687c478bd9Sstevel@tonic-gate crypto_object_id_t oo_object_id; 1697c478bd9Sstevel@tonic-gate crypto_object_attribute_t *oo_template; 1707c478bd9Sstevel@tonic-gate uint_t oo_attribute_count; 1717c478bd9Sstevel@tonic-gate crypto_object_id_t *oo_object_id_ptr; 1727c478bd9Sstevel@tonic-gate size_t *oo_object_size; 1737c478bd9Sstevel@tonic-gate void **oo_find_init_pp_ptr; 1747c478bd9Sstevel@tonic-gate void *oo_find_pp; 1757c478bd9Sstevel@tonic-gate uint_t oo_max_object_count; 1767c478bd9Sstevel@tonic-gate uint_t *oo_object_count_ptr; 1777c478bd9Sstevel@tonic-gate } kcf_object_ops_params_t; 1787c478bd9Sstevel@tonic-gate 1797c478bd9Sstevel@tonic-gate /* 1807c478bd9Sstevel@tonic-gate * ko_key is used to encode wrapping key in key_wrap() and 1817c478bd9Sstevel@tonic-gate * unwrapping key in key_unwrap(). ko_key_template and 1827c478bd9Sstevel@tonic-gate * ko_key_attribute_count are used to encode public template 1837c478bd9Sstevel@tonic-gate * and public template attr count in key_generate_pair(). 1847c478bd9Sstevel@tonic-gate * kops->ko_key_object_id_ptr is used to encode public key 1857c478bd9Sstevel@tonic-gate * in key_generate_pair(). 1867c478bd9Sstevel@tonic-gate */ 1877c478bd9Sstevel@tonic-gate typedef struct kcf_key_ops_params { 1887c478bd9Sstevel@tonic-gate crypto_session_id_t ko_sid; 1897c478bd9Sstevel@tonic-gate crypto_mech_type_t ko_framework_mechtype; 1907c478bd9Sstevel@tonic-gate crypto_mechanism_t ko_mech; 1917c478bd9Sstevel@tonic-gate crypto_object_attribute_t *ko_key_template; 1927c478bd9Sstevel@tonic-gate uint_t ko_key_attribute_count; 1937c478bd9Sstevel@tonic-gate crypto_object_id_t *ko_key_object_id_ptr; 1947c478bd9Sstevel@tonic-gate crypto_object_attribute_t *ko_private_key_template; 1957c478bd9Sstevel@tonic-gate uint_t ko_private_key_attribute_count; 1967c478bd9Sstevel@tonic-gate crypto_object_id_t *ko_private_key_object_id_ptr; 1977c478bd9Sstevel@tonic-gate crypto_key_t *ko_key; 1987c478bd9Sstevel@tonic-gate uchar_t *ko_wrapped_key; 1997c478bd9Sstevel@tonic-gate size_t *ko_wrapped_key_len_ptr; 200034448feSmcpowers crypto_object_attribute_t *ko_out_template1; 201034448feSmcpowers crypto_object_attribute_t *ko_out_template2; 202034448feSmcpowers uint_t ko_out_attribute_count1; 203034448feSmcpowers uint_t ko_out_attribute_count2; 2047c478bd9Sstevel@tonic-gate } kcf_key_ops_params_t; 2057c478bd9Sstevel@tonic-gate 2067c478bd9Sstevel@tonic-gate /* 2077c478bd9Sstevel@tonic-gate * po_pin and po_pin_len are used to encode new_pin and new_pin_len 2087c478bd9Sstevel@tonic-gate * when wrapping set_pin() function parameters. 2097c478bd9Sstevel@tonic-gate * 2107c478bd9Sstevel@tonic-gate * po_pd is useful when the provider descriptor (pd) supplying the 2117c478bd9Sstevel@tonic-gate * provider handle is different from the pd supplying the ops vector. 2127c478bd9Sstevel@tonic-gate * This is true for the ext_info provider entry point where po_pd 2137c478bd9Sstevel@tonic-gate * can be the pd of a logical provider. The pd supplying the ops vector 2147c478bd9Sstevel@tonic-gate * is passed as an argument to kcf_submit_request(). 2157c478bd9Sstevel@tonic-gate */ 2167c478bd9Sstevel@tonic-gate typedef struct kcf_provmgmt_ops_params { 2177c478bd9Sstevel@tonic-gate crypto_session_id_t po_sid; 2187c478bd9Sstevel@tonic-gate char *po_pin; 2197c478bd9Sstevel@tonic-gate size_t po_pin_len; 2207c478bd9Sstevel@tonic-gate char *po_old_pin; 2217c478bd9Sstevel@tonic-gate size_t po_old_pin_len; 2227c478bd9Sstevel@tonic-gate char *po_label; 2237c478bd9Sstevel@tonic-gate crypto_provider_ext_info_t *po_ext_info; 2247c478bd9Sstevel@tonic-gate kcf_provider_desc_t *po_pd; 2257c478bd9Sstevel@tonic-gate } kcf_provmgmt_ops_params_t; 2267c478bd9Sstevel@tonic-gate 2277c478bd9Sstevel@tonic-gate /* 2287c478bd9Sstevel@tonic-gate * The operation type within a function group. 2297c478bd9Sstevel@tonic-gate */ 2307c478bd9Sstevel@tonic-gate typedef enum kcf_op_type { 2317c478bd9Sstevel@tonic-gate /* common ops for all mechanisms */ 2327c478bd9Sstevel@tonic-gate KCF_OP_INIT = 1, 2337c478bd9Sstevel@tonic-gate KCF_OP_SINGLE, /* pkcs11 sense. So, INIT is already done */ 2347c478bd9Sstevel@tonic-gate KCF_OP_UPDATE, 2357c478bd9Sstevel@tonic-gate KCF_OP_FINAL, 2367c478bd9Sstevel@tonic-gate KCF_OP_ATOMIC, 2377c478bd9Sstevel@tonic-gate 2387c478bd9Sstevel@tonic-gate /* digest_key op */ 2397c478bd9Sstevel@tonic-gate KCF_OP_DIGEST_KEY, 2407c478bd9Sstevel@tonic-gate 2417c478bd9Sstevel@tonic-gate /* mac specific op */ 2427c478bd9Sstevel@tonic-gate KCF_OP_MAC_VERIFY_ATOMIC, 2437c478bd9Sstevel@tonic-gate 2447c478bd9Sstevel@tonic-gate /* mac/cipher specific op */ 2457c478bd9Sstevel@tonic-gate KCF_OP_MAC_VERIFY_DECRYPT_ATOMIC, 2467c478bd9Sstevel@tonic-gate 2477c478bd9Sstevel@tonic-gate /* sign_recover ops */ 2487c478bd9Sstevel@tonic-gate KCF_OP_SIGN_RECOVER_INIT, 2497c478bd9Sstevel@tonic-gate KCF_OP_SIGN_RECOVER, 2507c478bd9Sstevel@tonic-gate KCF_OP_SIGN_RECOVER_ATOMIC, 2517c478bd9Sstevel@tonic-gate 2527c478bd9Sstevel@tonic-gate /* verify_recover ops */ 2537c478bd9Sstevel@tonic-gate KCF_OP_VERIFY_RECOVER_INIT, 2547c478bd9Sstevel@tonic-gate KCF_OP_VERIFY_RECOVER, 2557c478bd9Sstevel@tonic-gate KCF_OP_VERIFY_RECOVER_ATOMIC, 2567c478bd9Sstevel@tonic-gate 2577c478bd9Sstevel@tonic-gate /* random number ops */ 2587c478bd9Sstevel@tonic-gate KCF_OP_RANDOM_SEED, 2597c478bd9Sstevel@tonic-gate KCF_OP_RANDOM_GENERATE, 2607c478bd9Sstevel@tonic-gate 2617c478bd9Sstevel@tonic-gate /* session management ops */ 2627c478bd9Sstevel@tonic-gate KCF_OP_SESSION_OPEN, 2637c478bd9Sstevel@tonic-gate KCF_OP_SESSION_CLOSE, 2647c478bd9Sstevel@tonic-gate KCF_OP_SESSION_LOGIN, 2657c478bd9Sstevel@tonic-gate KCF_OP_SESSION_LOGOUT, 2667c478bd9Sstevel@tonic-gate 2677c478bd9Sstevel@tonic-gate /* object management ops */ 2687c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_CREATE, 2697c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_COPY, 2707c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_DESTROY, 2717c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_GET_SIZE, 2727c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_GET_ATTRIBUTE_VALUE, 2737c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_SET_ATTRIBUTE_VALUE, 2747c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_FIND_INIT, 2757c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_FIND, 2767c478bd9Sstevel@tonic-gate KCF_OP_OBJECT_FIND_FINAL, 2777c478bd9Sstevel@tonic-gate 2787c478bd9Sstevel@tonic-gate /* key management ops */ 2797c478bd9Sstevel@tonic-gate KCF_OP_KEY_GENERATE, 2807c478bd9Sstevel@tonic-gate KCF_OP_KEY_GENERATE_PAIR, 2817c478bd9Sstevel@tonic-gate KCF_OP_KEY_WRAP, 2827c478bd9Sstevel@tonic-gate KCF_OP_KEY_UNWRAP, 2837c478bd9Sstevel@tonic-gate KCF_OP_KEY_DERIVE, 2847c478bd9Sstevel@tonic-gate KCF_OP_KEY_CHECK, 2857c478bd9Sstevel@tonic-gate 2867c478bd9Sstevel@tonic-gate /* provider management ops */ 2877c478bd9Sstevel@tonic-gate KCF_OP_MGMT_EXTINFO, 2887c478bd9Sstevel@tonic-gate KCF_OP_MGMT_INITTOKEN, 2897c478bd9Sstevel@tonic-gate KCF_OP_MGMT_INITPIN, 2907c478bd9Sstevel@tonic-gate KCF_OP_MGMT_SETPIN 2917c478bd9Sstevel@tonic-gate } kcf_op_type_t; 2927c478bd9Sstevel@tonic-gate 2937c478bd9Sstevel@tonic-gate /* 2947c478bd9Sstevel@tonic-gate * The operation groups that need wrapping of parameters. This is somewhat 2957c478bd9Sstevel@tonic-gate * similar to the function group type in spi.h except that this also includes 2967c478bd9Sstevel@tonic-gate * all the functions that don't have a mechanism. 2977c478bd9Sstevel@tonic-gate * 2987c478bd9Sstevel@tonic-gate * The wrapper macros should never take these enum values as an argument. 2997c478bd9Sstevel@tonic-gate * Rather, they are assigned in the macro itself since they are known 3007c478bd9Sstevel@tonic-gate * from the macro name. 3017c478bd9Sstevel@tonic-gate */ 3027c478bd9Sstevel@tonic-gate typedef enum kcf_op_group { 3037c478bd9Sstevel@tonic-gate KCF_OG_DIGEST = 1, 3047c478bd9Sstevel@tonic-gate KCF_OG_MAC, 3057c478bd9Sstevel@tonic-gate KCF_OG_ENCRYPT, 3067c478bd9Sstevel@tonic-gate KCF_OG_DECRYPT, 3077c478bd9Sstevel@tonic-gate KCF_OG_SIGN, 3087c478bd9Sstevel@tonic-gate KCF_OG_VERIFY, 3097c478bd9Sstevel@tonic-gate KCF_OG_ENCRYPT_MAC, 3107c478bd9Sstevel@tonic-gate KCF_OG_MAC_DECRYPT, 3117c478bd9Sstevel@tonic-gate KCF_OG_RANDOM, 3127c478bd9Sstevel@tonic-gate KCF_OG_SESSION, 3137c478bd9Sstevel@tonic-gate KCF_OG_OBJECT, 3147c478bd9Sstevel@tonic-gate KCF_OG_KEY, 315034448feSmcpowers KCF_OG_PROVMGMT, 316034448feSmcpowers KCF_OG_NOSTORE_KEY 3177c478bd9Sstevel@tonic-gate } kcf_op_group_t; 3187c478bd9Sstevel@tonic-gate 3197c478bd9Sstevel@tonic-gate /* 3207c478bd9Sstevel@tonic-gate * The kcf_op_type_t enum values used here should be only for those 3217c478bd9Sstevel@tonic-gate * operations for which there is a k-api routine in sys/crypto/api.h. 3227c478bd9Sstevel@tonic-gate */ 3237c478bd9Sstevel@tonic-gate #define IS_INIT_OP(ftype) ((ftype) == KCF_OP_INIT) 3247c478bd9Sstevel@tonic-gate #define IS_SINGLE_OP(ftype) ((ftype) == KCF_OP_SINGLE) 3257c478bd9Sstevel@tonic-gate #define IS_UPDATE_OP(ftype) ((ftype) == KCF_OP_UPDATE) 3267c478bd9Sstevel@tonic-gate #define IS_FINAL_OP(ftype) ((ftype) == KCF_OP_FINAL) 3277c478bd9Sstevel@tonic-gate #define IS_ATOMIC_OP(ftype) ( \ 3287c478bd9Sstevel@tonic-gate (ftype) == KCF_OP_ATOMIC || (ftype) == KCF_OP_MAC_VERIFY_ATOMIC || \ 3297c478bd9Sstevel@tonic-gate (ftype) == KCF_OP_MAC_VERIFY_DECRYPT_ATOMIC || \ 3307c478bd9Sstevel@tonic-gate (ftype) == KCF_OP_SIGN_RECOVER_ATOMIC || \ 3317c478bd9Sstevel@tonic-gate (ftype) == KCF_OP_VERIFY_RECOVER_ATOMIC) 3327c478bd9Sstevel@tonic-gate 3337c478bd9Sstevel@tonic-gate /* 3347c478bd9Sstevel@tonic-gate * Keep the parameters associated with a request around. 3357c478bd9Sstevel@tonic-gate * We need to pass them to the SPI. 3367c478bd9Sstevel@tonic-gate */ 3377c478bd9Sstevel@tonic-gate typedef struct kcf_req_params { 3387c478bd9Sstevel@tonic-gate kcf_op_group_t rp_opgrp; 3397c478bd9Sstevel@tonic-gate kcf_op_type_t rp_optype; 3407c478bd9Sstevel@tonic-gate 3417c478bd9Sstevel@tonic-gate union { 3427c478bd9Sstevel@tonic-gate kcf_digest_ops_params_t digest_params; 3437c478bd9Sstevel@tonic-gate kcf_mac_ops_params_t mac_params; 3447c478bd9Sstevel@tonic-gate kcf_encrypt_ops_params_t encrypt_params; 3457c478bd9Sstevel@tonic-gate kcf_decrypt_ops_params_t decrypt_params; 3467c478bd9Sstevel@tonic-gate kcf_sign_ops_params_t sign_params; 3477c478bd9Sstevel@tonic-gate kcf_verify_ops_params_t verify_params; 3487c478bd9Sstevel@tonic-gate kcf_encrypt_mac_ops_params_t encrypt_mac_params; 3497c478bd9Sstevel@tonic-gate kcf_mac_decrypt_ops_params_t mac_decrypt_params; 3507c478bd9Sstevel@tonic-gate kcf_random_number_ops_params_t random_number_params; 3517c478bd9Sstevel@tonic-gate kcf_session_ops_params_t session_params; 3527c478bd9Sstevel@tonic-gate kcf_object_ops_params_t object_params; 3537c478bd9Sstevel@tonic-gate kcf_key_ops_params_t key_params; 3547c478bd9Sstevel@tonic-gate kcf_provmgmt_ops_params_t provmgmt_params; 3557c478bd9Sstevel@tonic-gate } rp_u; 3567c478bd9Sstevel@tonic-gate } kcf_req_params_t; 3577c478bd9Sstevel@tonic-gate 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate /* 3607c478bd9Sstevel@tonic-gate * The ioctl/k-api code should bundle the parameters into a kcf_req_params_t 3617c478bd9Sstevel@tonic-gate * structure before calling a scheduler routine. The following macros are 3627c478bd9Sstevel@tonic-gate * available for that purpose. 3637c478bd9Sstevel@tonic-gate * 3647c478bd9Sstevel@tonic-gate * For the most part, the macro arguments closely correspond to the 3657c478bd9Sstevel@tonic-gate * function parameters. In some cases, we use generic names. The comments 3667c478bd9Sstevel@tonic-gate * for the structure should indicate these cases. 3677c478bd9Sstevel@tonic-gate */ 3687c478bd9Sstevel@tonic-gate #define KCF_WRAP_DIGEST_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 3697c478bd9Sstevel@tonic-gate _data, _digest) { \ 3707c478bd9Sstevel@tonic-gate kcf_digest_ops_params_t *dops = &(req)->rp_u.digest_params; \ 371*ac129f9eSKrishna Yenduri crypto_mechanism_t *mechp = _mech; \ 3727c478bd9Sstevel@tonic-gate \ 3737c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_DIGEST; \ 3747c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 3757c478bd9Sstevel@tonic-gate dops->do_sid = _sid; \ 376*ac129f9eSKrishna Yenduri if (mechp != NULL) { \ 377*ac129f9eSKrishna Yenduri dops->do_mech = *mechp; \ 378*ac129f9eSKrishna Yenduri dops->do_framework_mechtype = mechp->cm_type; \ 379*ac129f9eSKrishna Yenduri } \ 3807c478bd9Sstevel@tonic-gate dops->do_digest_key = _key; \ 3817c478bd9Sstevel@tonic-gate dops->do_data = _data; \ 3827c478bd9Sstevel@tonic-gate dops->do_digest = _digest; \ 3837c478bd9Sstevel@tonic-gate } 3847c478bd9Sstevel@tonic-gate 3857c478bd9Sstevel@tonic-gate #define KCF_WRAP_MAC_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 3867c478bd9Sstevel@tonic-gate _data, _mac, _templ) { \ 3877c478bd9Sstevel@tonic-gate kcf_mac_ops_params_t *mops = &(req)->rp_u.mac_params; \ 388*ac129f9eSKrishna Yenduri crypto_mechanism_t *mechp = _mech; \ 3897c478bd9Sstevel@tonic-gate \ 3907c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_MAC; \ 3917c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 3927c478bd9Sstevel@tonic-gate mops->mo_sid = _sid; \ 393*ac129f9eSKrishna Yenduri if (mechp != NULL) { \ 394*ac129f9eSKrishna Yenduri mops->mo_mech = *mechp; \ 395*ac129f9eSKrishna Yenduri mops->mo_framework_mechtype = mechp->cm_type; \ 396*ac129f9eSKrishna Yenduri } \ 3977c478bd9Sstevel@tonic-gate mops->mo_key = _key; \ 3987c478bd9Sstevel@tonic-gate mops->mo_data = _data; \ 3997c478bd9Sstevel@tonic-gate mops->mo_mac = _mac; \ 4007c478bd9Sstevel@tonic-gate mops->mo_templ = _templ; \ 4017c478bd9Sstevel@tonic-gate } 4027c478bd9Sstevel@tonic-gate 4037c478bd9Sstevel@tonic-gate #define KCF_WRAP_ENCRYPT_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 4047c478bd9Sstevel@tonic-gate _plaintext, _ciphertext, _templ) { \ 4057c478bd9Sstevel@tonic-gate kcf_encrypt_ops_params_t *cops = &(req)->rp_u.encrypt_params; \ 406*ac129f9eSKrishna Yenduri crypto_mechanism_t *mechp = _mech; \ 4077c478bd9Sstevel@tonic-gate \ 4087c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_ENCRYPT; \ 4097c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 4107c478bd9Sstevel@tonic-gate cops->eo_sid = _sid; \ 411*ac129f9eSKrishna Yenduri if (mechp != NULL) { \ 412*ac129f9eSKrishna Yenduri cops->eo_mech = *mechp; \ 413*ac129f9eSKrishna Yenduri cops->eo_framework_mechtype = mechp->cm_type; \ 414*ac129f9eSKrishna Yenduri } \ 4157c478bd9Sstevel@tonic-gate cops->eo_key = _key; \ 4167c478bd9Sstevel@tonic-gate cops->eo_plaintext = _plaintext; \ 4177c478bd9Sstevel@tonic-gate cops->eo_ciphertext = _ciphertext; \ 4187c478bd9Sstevel@tonic-gate cops->eo_templ = _templ; \ 4197c478bd9Sstevel@tonic-gate } 4207c478bd9Sstevel@tonic-gate 4217c478bd9Sstevel@tonic-gate #define KCF_WRAP_DECRYPT_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 4227c478bd9Sstevel@tonic-gate _ciphertext, _plaintext, _templ) { \ 4237c478bd9Sstevel@tonic-gate kcf_decrypt_ops_params_t *cops = &(req)->rp_u.decrypt_params; \ 424*ac129f9eSKrishna Yenduri crypto_mechanism_t *mechp = _mech; \ 4257c478bd9Sstevel@tonic-gate \ 4267c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_DECRYPT; \ 4277c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 4287c478bd9Sstevel@tonic-gate cops->dop_sid = _sid; \ 429*ac129f9eSKrishna Yenduri if (mechp != NULL) { \ 430*ac129f9eSKrishna Yenduri cops->dop_mech = *mechp; \ 431*ac129f9eSKrishna Yenduri cops->dop_framework_mechtype = mechp->cm_type; \ 432*ac129f9eSKrishna Yenduri } \ 4337c478bd9Sstevel@tonic-gate cops->dop_key = _key; \ 4347c478bd9Sstevel@tonic-gate cops->dop_ciphertext = _ciphertext; \ 4357c478bd9Sstevel@tonic-gate cops->dop_plaintext = _plaintext; \ 4367c478bd9Sstevel@tonic-gate cops->dop_templ = _templ; \ 4377c478bd9Sstevel@tonic-gate } 4387c478bd9Sstevel@tonic-gate 4397c478bd9Sstevel@tonic-gate #define KCF_WRAP_SIGN_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 4407c478bd9Sstevel@tonic-gate _data, _signature, _templ) { \ 4417c478bd9Sstevel@tonic-gate kcf_sign_ops_params_t *sops = &(req)->rp_u.sign_params; \ 442*ac129f9eSKrishna Yenduri crypto_mechanism_t *mechp = _mech; \ 4437c478bd9Sstevel@tonic-gate \ 4447c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_SIGN; \ 4457c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 4467c478bd9Sstevel@tonic-gate sops->so_sid = _sid; \ 447*ac129f9eSKrishna Yenduri if (mechp != NULL) { \ 448*ac129f9eSKrishna Yenduri sops->so_mech = *mechp; \ 449*ac129f9eSKrishna Yenduri sops->so_framework_mechtype = mechp->cm_type; \ 450*ac129f9eSKrishna Yenduri } \ 4517c478bd9Sstevel@tonic-gate sops->so_key = _key; \ 4527c478bd9Sstevel@tonic-gate sops->so_data = _data; \ 4537c478bd9Sstevel@tonic-gate sops->so_signature = _signature; \ 4547c478bd9Sstevel@tonic-gate sops->so_templ = _templ; \ 4557c478bd9Sstevel@tonic-gate } 4567c478bd9Sstevel@tonic-gate 4577c478bd9Sstevel@tonic-gate #define KCF_WRAP_VERIFY_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 4587c478bd9Sstevel@tonic-gate _data, _signature, _templ) { \ 4597c478bd9Sstevel@tonic-gate kcf_verify_ops_params_t *vops = &(req)->rp_u.verify_params; \ 460*ac129f9eSKrishna Yenduri crypto_mechanism_t *mechp = _mech; \ 4617c478bd9Sstevel@tonic-gate \ 4627c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_VERIFY; \ 4637c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 4647c478bd9Sstevel@tonic-gate vops->vo_sid = _sid; \ 465*ac129f9eSKrishna Yenduri if (mechp != NULL) { \ 466*ac129f9eSKrishna Yenduri vops->vo_mech = *mechp; \ 467*ac129f9eSKrishna Yenduri vops->vo_framework_mechtype = mechp->cm_type; \ 468*ac129f9eSKrishna Yenduri } \ 4697c478bd9Sstevel@tonic-gate vops->vo_key = _key; \ 4707c478bd9Sstevel@tonic-gate vops->vo_data = _data; \ 4717c478bd9Sstevel@tonic-gate vops->vo_signature = _signature; \ 4727c478bd9Sstevel@tonic-gate vops->vo_templ = _templ; \ 4737c478bd9Sstevel@tonic-gate } 4747c478bd9Sstevel@tonic-gate 4757c478bd9Sstevel@tonic-gate #define KCF_WRAP_ENCRYPT_MAC_OPS_PARAMS(req, ftype, _sid, _encr_key, \ 4767c478bd9Sstevel@tonic-gate _mac_key, _plaintext, _ciphertext, _mac, _encr_templ, _mac_templ) { \ 4777c478bd9Sstevel@tonic-gate kcf_encrypt_mac_ops_params_t *cmops = &(req)->rp_u.encrypt_mac_params; \ 4787c478bd9Sstevel@tonic-gate \ 4797c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_ENCRYPT_MAC; \ 4807c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 4817c478bd9Sstevel@tonic-gate cmops->em_sid = _sid; \ 4827c478bd9Sstevel@tonic-gate cmops->em_encr_key = _encr_key; \ 4837c478bd9Sstevel@tonic-gate cmops->em_mac_key = _mac_key; \ 4847c478bd9Sstevel@tonic-gate cmops->em_plaintext = _plaintext; \ 4857c478bd9Sstevel@tonic-gate cmops->em_ciphertext = _ciphertext; \ 4867c478bd9Sstevel@tonic-gate cmops->em_mac = _mac; \ 4877c478bd9Sstevel@tonic-gate cmops->em_encr_templ = _encr_templ; \ 4887c478bd9Sstevel@tonic-gate cmops->em_mac_templ = _mac_templ; \ 4897c478bd9Sstevel@tonic-gate } 4907c478bd9Sstevel@tonic-gate 4917c478bd9Sstevel@tonic-gate #define KCF_WRAP_MAC_DECRYPT_OPS_PARAMS(req, ftype, _sid, _mac_key, \ 4927c478bd9Sstevel@tonic-gate _decr_key, _ciphertext, _mac, _plaintext, _mac_templ, _decr_templ) { \ 4937c478bd9Sstevel@tonic-gate kcf_mac_decrypt_ops_params_t *cmops = &(req)->rp_u.mac_decrypt_params; \ 4947c478bd9Sstevel@tonic-gate \ 4957c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_MAC_DECRYPT; \ 4967c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 4977c478bd9Sstevel@tonic-gate cmops->md_sid = _sid; \ 4987c478bd9Sstevel@tonic-gate cmops->md_mac_key = _mac_key; \ 4997c478bd9Sstevel@tonic-gate cmops->md_decr_key = _decr_key; \ 5007c478bd9Sstevel@tonic-gate cmops->md_ciphertext = _ciphertext; \ 5017c478bd9Sstevel@tonic-gate cmops->md_mac = _mac; \ 5027c478bd9Sstevel@tonic-gate cmops->md_plaintext = _plaintext; \ 5037c478bd9Sstevel@tonic-gate cmops->md_mac_templ = _mac_templ; \ 5047c478bd9Sstevel@tonic-gate cmops->md_decr_templ = _decr_templ; \ 5057c478bd9Sstevel@tonic-gate } 5067c478bd9Sstevel@tonic-gate 5078047c9fbSmcpowers #define KCF_WRAP_RANDOM_OPS_PARAMS(req, ftype, _sid, _buf, _buflen, \ 5088047c9fbSmcpowers _est, _flags) { \ 5097c478bd9Sstevel@tonic-gate kcf_random_number_ops_params_t *rops = \ 5107c478bd9Sstevel@tonic-gate &(req)->rp_u.random_number_params; \ 5117c478bd9Sstevel@tonic-gate \ 5127c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_RANDOM; \ 5137c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 5147c478bd9Sstevel@tonic-gate rops->rn_sid = _sid; \ 5157c478bd9Sstevel@tonic-gate rops->rn_buf = _buf; \ 5167c478bd9Sstevel@tonic-gate rops->rn_buflen = _buflen; \ 5178047c9fbSmcpowers rops->rn_entropy_est = _est; \ 5188047c9fbSmcpowers rops->rn_flags = _flags; \ 5197c478bd9Sstevel@tonic-gate } 5207c478bd9Sstevel@tonic-gate 5217c478bd9Sstevel@tonic-gate #define KCF_WRAP_SESSION_OPS_PARAMS(req, ftype, _sid_ptr, _sid, \ 5227c478bd9Sstevel@tonic-gate _user_type, _pin, _pin_len, _pd) { \ 5237c478bd9Sstevel@tonic-gate kcf_session_ops_params_t *sops = &(req)->rp_u.session_params; \ 5247c478bd9Sstevel@tonic-gate \ 5257c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_SESSION; \ 5267c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 5277c478bd9Sstevel@tonic-gate sops->so_sid_ptr = _sid_ptr; \ 5287c478bd9Sstevel@tonic-gate sops->so_sid = _sid; \ 5297c478bd9Sstevel@tonic-gate sops->so_user_type = _user_type; \ 5307c478bd9Sstevel@tonic-gate sops->so_pin = _pin; \ 5317c478bd9Sstevel@tonic-gate sops->so_pin_len = _pin_len; \ 5327c478bd9Sstevel@tonic-gate sops->so_pd = _pd; \ 5337c478bd9Sstevel@tonic-gate } 5347c478bd9Sstevel@tonic-gate 5357c478bd9Sstevel@tonic-gate #define KCF_WRAP_OBJECT_OPS_PARAMS(req, ftype, _sid, _object_id, \ 5367c478bd9Sstevel@tonic-gate _template, _attribute_count, _object_id_ptr, _object_size, \ 5377c478bd9Sstevel@tonic-gate _find_init_pp_ptr, _find_pp, _max_object_count, _object_count_ptr) { \ 5387c478bd9Sstevel@tonic-gate kcf_object_ops_params_t *jops = &(req)->rp_u.object_params; \ 5397c478bd9Sstevel@tonic-gate \ 5407c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_OBJECT; \ 5417c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 5427c478bd9Sstevel@tonic-gate jops->oo_sid = _sid; \ 5437c478bd9Sstevel@tonic-gate jops->oo_object_id = _object_id; \ 5447c478bd9Sstevel@tonic-gate jops->oo_template = _template; \ 5457c478bd9Sstevel@tonic-gate jops->oo_attribute_count = _attribute_count; \ 5467c478bd9Sstevel@tonic-gate jops->oo_object_id_ptr = _object_id_ptr; \ 5477c478bd9Sstevel@tonic-gate jops->oo_object_size = _object_size; \ 5487c478bd9Sstevel@tonic-gate jops->oo_find_init_pp_ptr = _find_init_pp_ptr; \ 5497c478bd9Sstevel@tonic-gate jops->oo_find_pp = _find_pp; \ 5507c478bd9Sstevel@tonic-gate jops->oo_max_object_count = _max_object_count; \ 5517c478bd9Sstevel@tonic-gate jops->oo_object_count_ptr = _object_count_ptr; \ 5527c478bd9Sstevel@tonic-gate } 5537c478bd9Sstevel@tonic-gate 5547c478bd9Sstevel@tonic-gate #define KCF_WRAP_KEY_OPS_PARAMS(req, ftype, _sid, _mech, _key_template, \ 5557c478bd9Sstevel@tonic-gate _key_attribute_count, _key_object_id_ptr, _private_key_template, \ 5567c478bd9Sstevel@tonic-gate _private_key_attribute_count, _private_key_object_id_ptr, \ 5577c478bd9Sstevel@tonic-gate _key, _wrapped_key, _wrapped_key_len_ptr) { \ 5587c478bd9Sstevel@tonic-gate kcf_key_ops_params_t *kops = &(req)->rp_u.key_params; \ 559*ac129f9eSKrishna Yenduri crypto_mechanism_t *mechp = _mech; \ 5607c478bd9Sstevel@tonic-gate \ 5617c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_KEY; \ 5627c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 5637c478bd9Sstevel@tonic-gate kops->ko_sid = _sid; \ 564*ac129f9eSKrishna Yenduri if (mechp != NULL) { \ 565*ac129f9eSKrishna Yenduri kops->ko_mech = *mechp; \ 566*ac129f9eSKrishna Yenduri kops->ko_framework_mechtype = mechp->cm_type; \ 567*ac129f9eSKrishna Yenduri } \ 5687c478bd9Sstevel@tonic-gate kops->ko_key_template = _key_template; \ 5697c478bd9Sstevel@tonic-gate kops->ko_key_attribute_count = _key_attribute_count; \ 5707c478bd9Sstevel@tonic-gate kops->ko_key_object_id_ptr = _key_object_id_ptr; \ 5717c478bd9Sstevel@tonic-gate kops->ko_private_key_template = _private_key_template; \ 5727c478bd9Sstevel@tonic-gate kops->ko_private_key_attribute_count = _private_key_attribute_count; \ 5737c478bd9Sstevel@tonic-gate kops->ko_private_key_object_id_ptr = _private_key_object_id_ptr; \ 5747c478bd9Sstevel@tonic-gate kops->ko_key = _key; \ 5757c478bd9Sstevel@tonic-gate kops->ko_wrapped_key = _wrapped_key; \ 5767c478bd9Sstevel@tonic-gate kops->ko_wrapped_key_len_ptr = _wrapped_key_len_ptr; \ 5777c478bd9Sstevel@tonic-gate } 5787c478bd9Sstevel@tonic-gate 5797c478bd9Sstevel@tonic-gate #define KCF_WRAP_PROVMGMT_OPS_PARAMS(req, ftype, _sid, _old_pin, \ 5807c478bd9Sstevel@tonic-gate _old_pin_len, _pin, _pin_len, _label, _ext_info, _pd) { \ 5817c478bd9Sstevel@tonic-gate kcf_provmgmt_ops_params_t *pops = &(req)->rp_u.provmgmt_params; \ 5827c478bd9Sstevel@tonic-gate \ 5837c478bd9Sstevel@tonic-gate (req)->rp_opgrp = KCF_OG_PROVMGMT; \ 5847c478bd9Sstevel@tonic-gate (req)->rp_optype = ftype; \ 5857c478bd9Sstevel@tonic-gate pops->po_sid = _sid; \ 5867c478bd9Sstevel@tonic-gate pops->po_pin = _pin; \ 5877c478bd9Sstevel@tonic-gate pops->po_pin_len = _pin_len; \ 5887c478bd9Sstevel@tonic-gate pops->po_old_pin = _old_pin; \ 5897c478bd9Sstevel@tonic-gate pops->po_old_pin_len = _old_pin_len; \ 5907c478bd9Sstevel@tonic-gate pops->po_label = _label; \ 5917c478bd9Sstevel@tonic-gate pops->po_ext_info = _ext_info; \ 5927c478bd9Sstevel@tonic-gate pops->po_pd = _pd; \ 5937c478bd9Sstevel@tonic-gate } 5947c478bd9Sstevel@tonic-gate 595034448feSmcpowers #define KCF_WRAP_NOSTORE_KEY_OPS_PARAMS(req, ftype, _sid, _mech, \ 596034448feSmcpowers _key_template, _key_attribute_count, _private_key_template, \ 597034448feSmcpowers _private_key_attribute_count, _key, _out_template1, \ 598034448feSmcpowers _out_attribute_count1, _out_template2, _out_attribute_count2) { \ 599034448feSmcpowers kcf_key_ops_params_t *kops = &(req)->rp_u.key_params; \ 600*ac129f9eSKrishna Yenduri crypto_mechanism_t *mechp = _mech; \ 601034448feSmcpowers \ 602034448feSmcpowers (req)->rp_opgrp = KCF_OG_NOSTORE_KEY; \ 603034448feSmcpowers (req)->rp_optype = ftype; \ 604034448feSmcpowers kops->ko_sid = _sid; \ 605*ac129f9eSKrishna Yenduri if (mechp != NULL) { \ 606*ac129f9eSKrishna Yenduri kops->ko_mech = *mechp; \ 607*ac129f9eSKrishna Yenduri kops->ko_framework_mechtype = mechp->cm_type; \ 608*ac129f9eSKrishna Yenduri } \ 609034448feSmcpowers kops->ko_key_template = _key_template; \ 610034448feSmcpowers kops->ko_key_attribute_count = _key_attribute_count; \ 611034448feSmcpowers kops->ko_key_object_id_ptr = NULL; \ 612034448feSmcpowers kops->ko_private_key_template = _private_key_template; \ 613034448feSmcpowers kops->ko_private_key_attribute_count = _private_key_attribute_count; \ 614034448feSmcpowers kops->ko_private_key_object_id_ptr = NULL; \ 615034448feSmcpowers kops->ko_key = _key; \ 616034448feSmcpowers kops->ko_wrapped_key = NULL; \ 617034448feSmcpowers kops->ko_wrapped_key_len_ptr = 0; \ 618034448feSmcpowers kops->ko_out_template1 = _out_template1; \ 619034448feSmcpowers kops->ko_out_template2 = _out_template2; \ 620034448feSmcpowers kops->ko_out_attribute_count1 = _out_attribute_count1; \ 621034448feSmcpowers kops->ko_out_attribute_count2 = _out_attribute_count2; \ 622034448feSmcpowers } 623034448feSmcpowers 6247c478bd9Sstevel@tonic-gate #define KCF_SET_PROVIDER_MECHNUM(fmtype, pd, mechp) \ 6257c478bd9Sstevel@tonic-gate (mechp)->cm_type = \ 6266a1073f8Skrishna KCF_TO_PROV_MECHNUM(pd, fmtype); 6277c478bd9Sstevel@tonic-gate 6287c478bd9Sstevel@tonic-gate #ifdef __cplusplus 6297c478bd9Sstevel@tonic-gate } 6307c478bd9Sstevel@tonic-gate #endif 6317c478bd9Sstevel@tonic-gate 6327c478bd9Sstevel@tonic-gate #endif /* _SYS_CRYPTO_OPS_IMPL_H */ 633