17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 590e0e8c4Sizick * Common Development and Distribution License (the "License"). 690e0e8c4Sizick * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*7b79d846SDina K Nimeh * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #ifndef _SOFTKEYSTORE_H 277c478bd9Sstevel@tonic-gate #define _SOFTKEYSTORE_H 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate #ifdef __cplusplus 307c478bd9Sstevel@tonic-gate extern "C" { 317c478bd9Sstevel@tonic-gate #endif 327c478bd9Sstevel@tonic-gate 337c478bd9Sstevel@tonic-gate #include <sys/types.h> 347c478bd9Sstevel@tonic-gate #include <security/pkcs11t.h> 357c478bd9Sstevel@tonic-gate 367c478bd9Sstevel@tonic-gate #define PBKD2_SALT_SIZE 16 377c478bd9Sstevel@tonic-gate #define PBKD2_ITERATIONS (1000) 38e81dd421Sizick #define PWD_BUFFER_SIZE 1024 397c478bd9Sstevel@tonic-gate 407c478bd9Sstevel@tonic-gate /* 417c478bd9Sstevel@tonic-gate * The following structure is the object header 427c478bd9Sstevel@tonic-gate * in the keystore. 437c478bd9Sstevel@tonic-gate */ 447c478bd9Sstevel@tonic-gate typedef struct ks_obj_hdr { 457c478bd9Sstevel@tonic-gate uint64_t class; 467c478bd9Sstevel@tonic-gate uint64_t key_type; 477c478bd9Sstevel@tonic-gate uint64_t cert_type; 487c478bd9Sstevel@tonic-gate uint64_t bool_attr_mask; 497c478bd9Sstevel@tonic-gate uint64_t mechanism; 507c478bd9Sstevel@tonic-gate uchar_t object_type; 517c478bd9Sstevel@tonic-gate 527c478bd9Sstevel@tonic-gate /* Extra non-boolean attribute list */ 537c478bd9Sstevel@tonic-gate int num_attrs; 547c478bd9Sstevel@tonic-gate } ks_obj_hdr_t; 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate /* 577c478bd9Sstevel@tonic-gate * This structure contains the individual attribute 587c478bd9Sstevel@tonic-gate * (from extra_attrlistp) in the keystore. 597c478bd9Sstevel@tonic-gate */ 607c478bd9Sstevel@tonic-gate typedef struct ks_attr_hdr { 617c478bd9Sstevel@tonic-gate uint64_t type; 627c478bd9Sstevel@tonic-gate uint64_t ulValueLen; 637c478bd9Sstevel@tonic-gate } ks_attr_hdr_t; 647c478bd9Sstevel@tonic-gate 657c478bd9Sstevel@tonic-gate #define ROUNDUP(x, y) roundup(x, y) /* defined in sys/sysmacros.h */ 667c478bd9Sstevel@tonic-gate 677c478bd9Sstevel@tonic-gate #ifdef _LITTLE_ENDIAN 687c478bd9Sstevel@tonic-gate #define SWAP16(value) \ 697c478bd9Sstevel@tonic-gate ((((value) & 0xff) << 8) | ((value) >> 8)) 707c478bd9Sstevel@tonic-gate 717c478bd9Sstevel@tonic-gate #define SWAP32(value) \ 727c478bd9Sstevel@tonic-gate (((uint32_t)SWAP16((uint16_t)((value) & 0xffff)) << 16) | \ 737c478bd9Sstevel@tonic-gate (uint32_t)SWAP16((uint16_t)((value) >> 16))) 747c478bd9Sstevel@tonic-gate 757c478bd9Sstevel@tonic-gate #define SWAP64(value) \ 767c478bd9Sstevel@tonic-gate (((uint64_t)SWAP32((uint32_t)((value) & 0xffffffff)) \ 777c478bd9Sstevel@tonic-gate << 32) | \ 787c478bd9Sstevel@tonic-gate (uint64_t)SWAP32((uint32_t)((value) >> 32))) 797c478bd9Sstevel@tonic-gate #else /* !_LITTLE_ENDIAN */ 807c478bd9Sstevel@tonic-gate #define SWAP16(value) (value) 817c478bd9Sstevel@tonic-gate #define SWAP32(value) (value) 827c478bd9Sstevel@tonic-gate #define SWAP64(value) (value) 837c478bd9Sstevel@tonic-gate #endif 847c478bd9Sstevel@tonic-gate 857c478bd9Sstevel@tonic-gate /* 867c478bd9Sstevel@tonic-gate * Function Prototypes 877c478bd9Sstevel@tonic-gate */ 887c478bd9Sstevel@tonic-gate int soft_gen_hashed_pin(CK_UTF8CHAR_PTR pPin, char **result, char **salt); 897c478bd9Sstevel@tonic-gate 907c478bd9Sstevel@tonic-gate CK_RV soft_verify_pin(CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 917c478bd9Sstevel@tonic-gate 927c478bd9Sstevel@tonic-gate CK_RV soft_gen_crypt_key(uchar_t *pPIN, soft_object_t **key, 937c478bd9Sstevel@tonic-gate CK_BYTE **saltdata); 947c478bd9Sstevel@tonic-gate 957c478bd9Sstevel@tonic-gate CK_RV soft_gen_hmac_key(uchar_t *pPIN, soft_object_t **key, CK_BYTE **saltdata); 967c478bd9Sstevel@tonic-gate 977c478bd9Sstevel@tonic-gate CK_RV soft_keystore_pack_obj(struct object *obj, uchar_t **ks_buf, size_t *len); 987c478bd9Sstevel@tonic-gate 997c478bd9Sstevel@tonic-gate CK_RV soft_keystore_unpack_obj(struct object *obj, ks_obj_t *ks_obj); 1007c478bd9Sstevel@tonic-gate 1017c478bd9Sstevel@tonic-gate CK_RV soft_unpack_obj_attribute(uchar_t *buf, biginteger_t *key_dest, 1027c478bd9Sstevel@tonic-gate cert_attr_t **cert_dest, ulong_t *offset, boolean_t cert); 1037c478bd9Sstevel@tonic-gate 1047c478bd9Sstevel@tonic-gate ulong_t soft_pack_object_size(struct object *objp); 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate CK_RV soft_pack_object(struct object *objp, uchar_t *buf); 1077c478bd9Sstevel@tonic-gate 1087c478bd9Sstevel@tonic-gate CK_RV soft_unpack_object(struct object *objp, uchar_t *buf); 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate CK_RV soft_setpin(CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldPinLen, 1117c478bd9Sstevel@tonic-gate CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewPinLen); 1127c478bd9Sstevel@tonic-gate 1137c478bd9Sstevel@tonic-gate CK_RV soft_put_object_to_keystore(struct object *objp); 1147c478bd9Sstevel@tonic-gate 1157c478bd9Sstevel@tonic-gate CK_RV soft_modify_object_to_keystore(struct object *objp); 1167c478bd9Sstevel@tonic-gate 1177c478bd9Sstevel@tonic-gate CK_RV soft_get_token_objects_from_keystore(ks_search_type_t type); 1187c478bd9Sstevel@tonic-gate 1197c478bd9Sstevel@tonic-gate CK_RV soft_init_token_session(void); 1207c478bd9Sstevel@tonic-gate 1217c478bd9Sstevel@tonic-gate void soft_destroy_token_session(void); 1227c478bd9Sstevel@tonic-gate 1237c478bd9Sstevel@tonic-gate CK_RV soft_keystore_crypt(soft_object_t *key_p, uchar_t *ivec, 1247c478bd9Sstevel@tonic-gate boolean_t encrypt, CK_BYTE_PTR in, CK_ULONG in_len, CK_BYTE_PTR out, 1257c478bd9Sstevel@tonic-gate CK_ULONG_PTR out_len); 1267c478bd9Sstevel@tonic-gate 1277c478bd9Sstevel@tonic-gate CK_RV soft_keystore_hmac(soft_object_t *key_p, boolean_t sign, 1287c478bd9Sstevel@tonic-gate CK_BYTE_PTR in, CK_ULONG in_len, CK_BYTE_PTR out, CK_ULONG_PTR out_len); 1297c478bd9Sstevel@tonic-gate 1307c478bd9Sstevel@tonic-gate 1317c478bd9Sstevel@tonic-gate #ifdef __cplusplus 1327c478bd9Sstevel@tonic-gate } 1337c478bd9Sstevel@tonic-gate #endif 1347c478bd9Sstevel@tonic-gate 1357c478bd9Sstevel@tonic-gate #endif /* _SOFTKEYSTORE_H */ 136