199ebb4caSwyllys /*
299ebb4caSwyllys * CDDL HEADER START
399ebb4caSwyllys *
499ebb4caSwyllys * The contents of this file are subject to the terms of the
599ebb4caSwyllys * Common Development and Distribution License (the "License").
699ebb4caSwyllys * You may not use this file except in compliance with the License.
799ebb4caSwyllys *
899ebb4caSwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
999ebb4caSwyllys * or http://www.opensolaris.org/os/licensing.
1099ebb4caSwyllys * See the License for the specific language governing permissions
1199ebb4caSwyllys * and limitations under the License.
1299ebb4caSwyllys *
1399ebb4caSwyllys * When distributing Covered Code, include this CDDL HEADER in each
1499ebb4caSwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
1599ebb4caSwyllys * If applicable, add the following below this CDDL HEADER, with the
1699ebb4caSwyllys * fields enclosed by brackets "[]" replaced with your own identifying
1799ebb4caSwyllys * information: Portions Copyright [yyyy] [name of copyright owner]
1899ebb4caSwyllys *
1999ebb4caSwyllys * CDDL HEADER END
2099ebb4caSwyllys */
2199ebb4caSwyllys /*
22*9f0bc604SWyllys Ingersoll * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
2399ebb4caSwyllys * Use is subject to license terms.
2499ebb4caSwyllys */
2599ebb4caSwyllys
2699ebb4caSwyllys #include <stdio.h>
2799ebb4caSwyllys #include <link.h>
2899ebb4caSwyllys #include <fcntl.h>
2999ebb4caSwyllys #include <ctype.h>
3099ebb4caSwyllys #include <sys/param.h>
3199ebb4caSwyllys #include <sys/types.h>
3299ebb4caSwyllys #include <sys/stat.h>
3399ebb4caSwyllys #include <ber_der.h>
3499ebb4caSwyllys #include <kmfapiP.h>
3599ebb4caSwyllys #include <libgen.h>
3699ebb4caSwyllys #include <cryptoutil.h>
3799ebb4caSwyllys
3899ebb4caSwyllys KMF_RETURN
kmf_create_keypair(KMF_HANDLE_T handle,int num_args,KMF_ATTRIBUTE * attrlist)3930a5e8faSwyllys kmf_create_keypair(KMF_HANDLE_T handle,
4030a5e8faSwyllys int num_args,
4130a5e8faSwyllys KMF_ATTRIBUTE *attrlist)
4299ebb4caSwyllys {
4330a5e8faSwyllys KMF_RETURN ret = KMF_OK;
4499ebb4caSwyllys KMF_PLUGIN *plugin;
4530a5e8faSwyllys KMF_KEYSTORE_TYPE kstype;
4630a5e8faSwyllys uint32_t len;
4799ebb4caSwyllys
4830a5e8faSwyllys KMF_ATTRIBUTE_TESTER required_attrs[] = {
4930a5e8faSwyllys {KMF_KEYSTORE_TYPE_ATTR, FALSE, 1, sizeof (KMF_KEYSTORE_TYPE)},
5030a5e8faSwyllys {KMF_PRIVKEY_HANDLE_ATTR, FALSE, sizeof (KMF_KEY_HANDLE),
5130a5e8faSwyllys sizeof (KMF_KEY_HANDLE)},
5230a5e8faSwyllys {KMF_PUBKEY_HANDLE_ATTR, FALSE, sizeof (KMF_KEY_HANDLE),
5330a5e8faSwyllys sizeof (KMF_KEY_HANDLE)},
5430a5e8faSwyllys };
5599ebb4caSwyllys
5630a5e8faSwyllys int num_req_attrs = sizeof (required_attrs) /
5730a5e8faSwyllys sizeof (KMF_ATTRIBUTE_TESTER);
5899ebb4caSwyllys
5930a5e8faSwyllys if (handle == NULL)
6099ebb4caSwyllys return (KMF_ERR_BAD_PARAMETER);
6199ebb4caSwyllys
6230a5e8faSwyllys CLEAR_ERROR(handle, ret);
6399ebb4caSwyllys
6430a5e8faSwyllys ret = test_attributes(num_req_attrs, required_attrs,
6530a5e8faSwyllys 0, NULL, num_args, attrlist);
6699ebb4caSwyllys
6799ebb4caSwyllys if (ret != KMF_OK)
6899ebb4caSwyllys return (ret);
6999ebb4caSwyllys
7030a5e8faSwyllys len = sizeof (kstype);
7130a5e8faSwyllys ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, num_args,
7230a5e8faSwyllys &kstype, &len);
7330a5e8faSwyllys if (ret != KMF_OK)
7430a5e8faSwyllys return (ret);
7599ebb4caSwyllys
7630a5e8faSwyllys plugin = FindPlugin(handle, kstype);
7799ebb4caSwyllys if (plugin != NULL && plugin->funclist->CreateKeypair != NULL) {
7830a5e8faSwyllys return (plugin->funclist->CreateKeypair(handle, num_args,
7930a5e8faSwyllys attrlist));
8099ebb4caSwyllys } else {
8199ebb4caSwyllys return (KMF_ERR_PLUGIN_NOTFOUND);
8299ebb4caSwyllys }
8399ebb4caSwyllys }
8499ebb4caSwyllys
8599ebb4caSwyllys KMF_RETURN
kmf_delete_key_from_keystore(KMF_HANDLE_T handle,int num_args,KMF_ATTRIBUTE * attrlist)8630a5e8faSwyllys kmf_delete_key_from_keystore(KMF_HANDLE_T handle,
8730a5e8faSwyllys int num_args,
8830a5e8faSwyllys KMF_ATTRIBUTE *attrlist)
8999ebb4caSwyllys {
9030a5e8faSwyllys KMF_RETURN ret = KMF_OK;
9199ebb4caSwyllys KMF_PLUGIN *plugin;
9230a5e8faSwyllys KMF_KEYSTORE_TYPE kstype;
9330a5e8faSwyllys uint32_t len;
9430a5e8faSwyllys KMF_KEY_HANDLE *key;
9530a5e8faSwyllys
9699ebb4caSwyllys
9730a5e8faSwyllys KMF_ATTRIBUTE_TESTER required_attrs[] = {
9830a5e8faSwyllys {KMF_KEYSTORE_TYPE_ATTR, FALSE, 1, sizeof (KMF_KEYSTORE_TYPE)},
9930a5e8faSwyllys {KMF_KEY_HANDLE_ATTR, FALSE, sizeof (KMF_KEY_HANDLE),
10030a5e8faSwyllys sizeof (KMF_KEY_HANDLE)},
10130a5e8faSwyllys };
10299ebb4caSwyllys
10330a5e8faSwyllys int num_req_attrs = sizeof (required_attrs) /
10430a5e8faSwyllys sizeof (KMF_ATTRIBUTE_TESTER);
10530a5e8faSwyllys
10630a5e8faSwyllys if (handle == NULL)
10799ebb4caSwyllys return (KMF_ERR_BAD_PARAMETER);
10899ebb4caSwyllys
10930a5e8faSwyllys CLEAR_ERROR(handle, ret);
11030a5e8faSwyllys
11130a5e8faSwyllys ret = test_attributes(num_req_attrs, required_attrs,
11230a5e8faSwyllys 0, NULL, num_args, attrlist);
11330a5e8faSwyllys
11430a5e8faSwyllys if (ret != KMF_OK)
11530a5e8faSwyllys return (ret);
11630a5e8faSwyllys
11730a5e8faSwyllys len = sizeof (kstype);
11830a5e8faSwyllys ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, num_args,
11930a5e8faSwyllys &kstype, &len);
12030a5e8faSwyllys if (ret != KMF_OK)
12130a5e8faSwyllys return (ret);
12230a5e8faSwyllys
12330a5e8faSwyllys plugin = FindPlugin(handle, kstype);
12499ebb4caSwyllys if (plugin != NULL && plugin->funclist->DeleteKey != NULL) {
12530a5e8faSwyllys ret = plugin->funclist->DeleteKey(handle, num_args, attrlist);
12699ebb4caSwyllys } else {
12730a5e8faSwyllys ret = KMF_ERR_PLUGIN_NOTFOUND;
12899ebb4caSwyllys }
12999ebb4caSwyllys
13030a5e8faSwyllys if (ret == KMF_OK) {
13130a5e8faSwyllys key = kmf_get_attr_ptr(KMF_KEY_HANDLE_ATTR, attrlist, num_args);
13230a5e8faSwyllys if (key == NULL)
13330a5e8faSwyllys return (KMF_ERR_BAD_PARAMETER);
13499ebb4caSwyllys if (key->keylabel != NULL)
13599ebb4caSwyllys free(key->keylabel);
13699ebb4caSwyllys
13799ebb4caSwyllys if (key->israw && key->keyp != NULL) {
13899ebb4caSwyllys if (key->keyclass == KMF_ASYM_PUB ||
13999ebb4caSwyllys key->keyclass == KMF_ASYM_PRI) {
14030a5e8faSwyllys kmf_free_raw_key(key->keyp);
14199ebb4caSwyllys free(key->keyp);
14299ebb4caSwyllys } else if (key->keyclass == KMF_SYMMETRIC) {
14330a5e8faSwyllys kmf_free_raw_sym_key(key->keyp);
14499ebb4caSwyllys }
14599ebb4caSwyllys /* Else we don't know how to free the memory. */
14699ebb4caSwyllys }
14799ebb4caSwyllys
14899ebb4caSwyllys (void) memset(key, 0, sizeof (KMF_KEY_HANDLE));
14999ebb4caSwyllys }
15099ebb4caSwyllys
15130a5e8faSwyllys return (ret);
15299ebb4caSwyllys }
15399ebb4caSwyllys
15499ebb4caSwyllys KMF_RETURN
kmf_find_key(KMF_HANDLE_T handle,int num_args,KMF_ATTRIBUTE * attrlist)15530a5e8faSwyllys kmf_find_key(KMF_HANDLE_T handle,
15630a5e8faSwyllys int num_args,
15730a5e8faSwyllys KMF_ATTRIBUTE *attrlist)
15899ebb4caSwyllys {
15930a5e8faSwyllys KMF_RETURN ret = KMF_OK;
16030a5e8faSwyllys KMF_PLUGIN *plugin;
16130a5e8faSwyllys KMF_KEYSTORE_TYPE kstype;
16230a5e8faSwyllys uint32_t len;
16399ebb4caSwyllys
16430a5e8faSwyllys KMF_ATTRIBUTE_TESTER required_attrs[] = {
16530a5e8faSwyllys {KMF_KEYSTORE_TYPE_ATTR, FALSE, 1, sizeof (KMF_KEYSTORE_TYPE)},
16630a5e8faSwyllys {KMF_COUNT_ATTR, FALSE, sizeof (uint32_t),
16730a5e8faSwyllys sizeof (uint32_t)}
16830a5e8faSwyllys };
16930a5e8faSwyllys
17030a5e8faSwyllys int num_req_attrs = sizeof (required_attrs) /
17130a5e8faSwyllys sizeof (KMF_ATTRIBUTE_TESTER);
17299ebb4caSwyllys
17330a5e8faSwyllys if (handle == NULL)
17499ebb4caSwyllys return (KMF_ERR_BAD_PARAMETER);
17599ebb4caSwyllys
17630a5e8faSwyllys CLEAR_ERROR(handle, ret);
17799ebb4caSwyllys
17830a5e8faSwyllys ret = test_attributes(num_req_attrs, required_attrs,
17930a5e8faSwyllys 0, NULL, num_args, attrlist);
18099ebb4caSwyllys
18199ebb4caSwyllys if (ret != KMF_OK)
18299ebb4caSwyllys return (ret);
18399ebb4caSwyllys
18430a5e8faSwyllys len = sizeof (kstype);
18530a5e8faSwyllys ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, num_args,
18630a5e8faSwyllys &kstype, &len);
18730a5e8faSwyllys if (ret != KMF_OK)
18830a5e8faSwyllys return (ret);
18999ebb4caSwyllys
19030a5e8faSwyllys plugin = FindPlugin(handle, kstype);
19199ebb4caSwyllys if (plugin != NULL && plugin->funclist->FindKey != NULL) {
19230a5e8faSwyllys return (plugin->funclist->FindKey(handle, num_args, attrlist));
19399ebb4caSwyllys }
19499ebb4caSwyllys
19599ebb4caSwyllys return (KMF_ERR_PLUGIN_NOTFOUND);
19699ebb4caSwyllys }
19799ebb4caSwyllys
19899ebb4caSwyllys KMF_RETURN
kmf_create_sym_key(KMF_HANDLE_T handle,int num_args,KMF_ATTRIBUTE * attrlist)19930a5e8faSwyllys kmf_create_sym_key(KMF_HANDLE_T handle,
20030a5e8faSwyllys int num_args,
20130a5e8faSwyllys KMF_ATTRIBUTE *attrlist)
20299ebb4caSwyllys {
20330a5e8faSwyllys KMF_RETURN ret = KMF_OK;
20499ebb4caSwyllys KMF_PLUGIN *plugin;
20530a5e8faSwyllys KMF_KEYSTORE_TYPE kstype;
20630a5e8faSwyllys uint32_t len;
20799ebb4caSwyllys
20830a5e8faSwyllys KMF_ATTRIBUTE_TESTER required_attrs[] = {
20930a5e8faSwyllys {KMF_KEYSTORE_TYPE_ATTR, FALSE, 1, sizeof (KMF_KEYSTORE_TYPE)},
21030a5e8faSwyllys {KMF_KEY_HANDLE_ATTR, FALSE, sizeof (KMF_KEY_HANDLE),
21130a5e8faSwyllys sizeof (KMF_KEY_HANDLE)},
21230a5e8faSwyllys {KMF_KEYALG_ATTR, FALSE, 1, sizeof (KMF_KEY_ALG)},
21330a5e8faSwyllys };
21499ebb4caSwyllys
21530a5e8faSwyllys int num_req_attrs = sizeof (required_attrs) /
21630a5e8faSwyllys sizeof (KMF_ATTRIBUTE_TESTER);
21799ebb4caSwyllys
21830a5e8faSwyllys if (handle == NULL)
21930a5e8faSwyllys return (KMF_ERR_BAD_PARAMETER);
22099ebb4caSwyllys
22130a5e8faSwyllys CLEAR_ERROR(handle, ret);
22299ebb4caSwyllys
22330a5e8faSwyllys ret = test_attributes(num_req_attrs, required_attrs,
22430a5e8faSwyllys 0, NULL, num_args, attrlist);
22599ebb4caSwyllys
22699ebb4caSwyllys if (ret != KMF_OK)
22799ebb4caSwyllys return (ret);
22899ebb4caSwyllys
22930a5e8faSwyllys len = sizeof (kstype);
23030a5e8faSwyllys ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, num_args,
23130a5e8faSwyllys &kstype, &len);
23230a5e8faSwyllys if (ret != KMF_OK)
23330a5e8faSwyllys return (ret);
23499ebb4caSwyllys
23530a5e8faSwyllys plugin = FindPlugin(handle, kstype);
23699ebb4caSwyllys if (plugin != NULL && plugin->funclist->CreateSymKey != NULL) {
23730a5e8faSwyllys return (plugin->funclist->CreateSymKey(handle, num_args,
23830a5e8faSwyllys attrlist));
23999ebb4caSwyllys } else {
24099ebb4caSwyllys return (KMF_ERR_PLUGIN_NOTFOUND);
24199ebb4caSwyllys }
24299ebb4caSwyllys }
24399ebb4caSwyllys
24499ebb4caSwyllys KMF_RETURN
kmf_get_sym_key_value(KMF_HANDLE_T handle,KMF_KEY_HANDLE * symkey,KMF_RAW_SYM_KEY * rkey)24530a5e8faSwyllys kmf_get_sym_key_value(KMF_HANDLE_T handle, KMF_KEY_HANDLE *symkey,
24699ebb4caSwyllys KMF_RAW_SYM_KEY *rkey)
24799ebb4caSwyllys {
24899ebb4caSwyllys KMF_PLUGIN *plugin;
24999ebb4caSwyllys KMF_RETURN ret;
25099ebb4caSwyllys
25199ebb4caSwyllys CLEAR_ERROR(handle, ret);
25299ebb4caSwyllys if (ret != KMF_OK)
25399ebb4caSwyllys return (ret);
25499ebb4caSwyllys
25599ebb4caSwyllys if (symkey == NULL || rkey == NULL)
25699ebb4caSwyllys return (KMF_ERR_BAD_PARAMETER);
25799ebb4caSwyllys
25899ebb4caSwyllys plugin = FindPlugin(handle, symkey->kstype);
25999ebb4caSwyllys if (plugin != NULL &&
26099ebb4caSwyllys plugin->funclist->GetSymKeyValue != NULL) {
26199ebb4caSwyllys return (plugin->funclist->GetSymKeyValue(handle,
26299ebb4caSwyllys symkey, rkey));
26399ebb4caSwyllys } else {
26499ebb4caSwyllys return (KMF_ERR_PLUGIN_NOTFOUND);
26599ebb4caSwyllys }
26699ebb4caSwyllys }
26730a5e8faSwyllys
26830a5e8faSwyllys KMF_RETURN
kmf_store_key(KMF_HANDLE_T handle,int numattr,KMF_ATTRIBUTE * attrlist)26930a5e8faSwyllys kmf_store_key(KMF_HANDLE_T handle,
27030a5e8faSwyllys int numattr,
27130a5e8faSwyllys KMF_ATTRIBUTE *attrlist)
27230a5e8faSwyllys {
27330a5e8faSwyllys KMF_RETURN ret = KMF_OK;
27430a5e8faSwyllys KMF_PLUGIN *plugin;
27530a5e8faSwyllys KMF_KEYSTORE_TYPE kstype;
27630a5e8faSwyllys
27730a5e8faSwyllys KMF_ATTRIBUTE_TESTER required_attrs[] = {
27830a5e8faSwyllys {KMF_KEYSTORE_TYPE_ATTR, FALSE, 1, sizeof (KMF_KEYSTORE_TYPE)},
27930a5e8faSwyllys };
28030a5e8faSwyllys
28130a5e8faSwyllys int num_req_attrs = sizeof (required_attrs) /
28230a5e8faSwyllys sizeof (KMF_ATTRIBUTE_TESTER);
28330a5e8faSwyllys
28430a5e8faSwyllys if (handle == NULL)
28530a5e8faSwyllys return (KMF_ERR_BAD_PARAMETER);
28630a5e8faSwyllys
28730a5e8faSwyllys CLEAR_ERROR(handle, ret);
28830a5e8faSwyllys
28930a5e8faSwyllys ret = test_attributes(num_req_attrs, required_attrs,
29030a5e8faSwyllys 0, NULL, numattr, attrlist);
29130a5e8faSwyllys
29230a5e8faSwyllys if (ret != KMF_OK)
29330a5e8faSwyllys return (ret);
29430a5e8faSwyllys
29530a5e8faSwyllys ret = kmf_get_attr(KMF_KEYSTORE_TYPE_ATTR, attrlist, numattr,
29630a5e8faSwyllys &kstype, NULL);
29730a5e8faSwyllys if (ret != KMF_OK)
29830a5e8faSwyllys return (ret);
29930a5e8faSwyllys
30030a5e8faSwyllys plugin = FindPlugin(handle, kstype);
30130a5e8faSwyllys if (plugin != NULL) {
30230a5e8faSwyllys if (plugin->funclist->StoreKey != NULL)
30330a5e8faSwyllys return (plugin->funclist->StoreKey(handle,
30430a5e8faSwyllys numattr, attrlist));
30530a5e8faSwyllys else
30630a5e8faSwyllys return (KMF_ERR_FUNCTION_NOT_FOUND);
30730a5e8faSwyllys }
30830a5e8faSwyllys return (KMF_ERR_PLUGIN_NOTFOUND);
30930a5e8faSwyllys }
310