17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5034448feSmcpowers * Common Development and Distribution License (the "License"). 6034448feSmcpowers * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 21726fad2aSDina K Nimeh 227c478bd9Sstevel@tonic-gate /* 23726fad2aSDina K Nimeh * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. 24*cfcec266SJason King * Copyright 2020 Joyent, Inc. 257c478bd9Sstevel@tonic-gate */ 267c478bd9Sstevel@tonic-gate 277c478bd9Sstevel@tonic-gate #ifndef _SOFTOBJECT_H 287c478bd9Sstevel@tonic-gate #define _SOFTOBJECT_H 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #ifdef __cplusplus 317c478bd9Sstevel@tonic-gate extern "C" { 327c478bd9Sstevel@tonic-gate #endif 337c478bd9Sstevel@tonic-gate 347c478bd9Sstevel@tonic-gate #include <pthread.h> 357c478bd9Sstevel@tonic-gate #include <security/pkcs11t.h> 36*cfcec266SJason King #include <sys/avl.h> 377c478bd9Sstevel@tonic-gate #include "softKeystoreUtil.h" 387c478bd9Sstevel@tonic-gate #include "softSession.h" 397c478bd9Sstevel@tonic-gate 407c478bd9Sstevel@tonic-gate 417c478bd9Sstevel@tonic-gate #define SOFTTOKEN_OBJECT_MAGIC 0xECF0B002 427c478bd9Sstevel@tonic-gate 437c478bd9Sstevel@tonic-gate #define SOFT_CREATE_OBJ 1 447c478bd9Sstevel@tonic-gate #define SOFT_GEN_KEY 2 457c478bd9Sstevel@tonic-gate #define SOFT_DERIVE_KEY_DH 3 /* for CKM_DH_PKCS_DERIVE */ 467c478bd9Sstevel@tonic-gate #define SOFT_DERIVE_KEY_OTHER 4 /* for CKM_MD5_KEY_DERIVATION and */ 477c478bd9Sstevel@tonic-gate /* CKM_SHA1_KEY_DERIVATION */ 487c478bd9Sstevel@tonic-gate #define SOFT_UNWRAP_KEY 5 497c478bd9Sstevel@tonic-gate #define SOFT_CREATE_OBJ_INT 6 /* internal object creation */ 507c478bd9Sstevel@tonic-gate 517c478bd9Sstevel@tonic-gate typedef struct biginteger { 527c478bd9Sstevel@tonic-gate CK_BYTE *big_value; 537c478bd9Sstevel@tonic-gate CK_ULONG big_value_len; 547c478bd9Sstevel@tonic-gate } biginteger_t; 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate 577c478bd9Sstevel@tonic-gate /* 587c478bd9Sstevel@tonic-gate * Secret key Struct 597c478bd9Sstevel@tonic-gate */ 607c478bd9Sstevel@tonic-gate typedef struct secret_key_obj { 617c478bd9Sstevel@tonic-gate CK_BYTE *sk_value; 627c478bd9Sstevel@tonic-gate CK_ULONG sk_value_len; 637c478bd9Sstevel@tonic-gate void *key_sched; 647c478bd9Sstevel@tonic-gate size_t keysched_len; 657c478bd9Sstevel@tonic-gate } secret_key_obj_t; 667c478bd9Sstevel@tonic-gate 677c478bd9Sstevel@tonic-gate 687c478bd9Sstevel@tonic-gate /* 697c478bd9Sstevel@tonic-gate * PKCS11: RSA Public Key Object Attributes 707c478bd9Sstevel@tonic-gate */ 717c478bd9Sstevel@tonic-gate typedef struct rsa_pub_key { 727c478bd9Sstevel@tonic-gate biginteger_t modulus; 737c478bd9Sstevel@tonic-gate CK_ULONG modulus_bits; 747c478bd9Sstevel@tonic-gate biginteger_t pub_exponent; 757c478bd9Sstevel@tonic-gate } rsa_pub_key_t; 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate 787c478bd9Sstevel@tonic-gate /* 797c478bd9Sstevel@tonic-gate * PKCS11: DSA Public Key Object Attributes 807c478bd9Sstevel@tonic-gate */ 817c478bd9Sstevel@tonic-gate typedef struct dsa_pub_key { 827c478bd9Sstevel@tonic-gate biginteger_t prime; 837c478bd9Sstevel@tonic-gate biginteger_t subprime; 847c478bd9Sstevel@tonic-gate biginteger_t base; 857c478bd9Sstevel@tonic-gate biginteger_t value; 867c478bd9Sstevel@tonic-gate } dsa_pub_key_t; 877c478bd9Sstevel@tonic-gate 887c478bd9Sstevel@tonic-gate 897c478bd9Sstevel@tonic-gate /* 907c478bd9Sstevel@tonic-gate * PKCS11: Diffie-Hellman Public Key Object Attributes 917c478bd9Sstevel@tonic-gate */ 927c478bd9Sstevel@tonic-gate typedef struct dh_pub_key { 937c478bd9Sstevel@tonic-gate biginteger_t prime; 947c478bd9Sstevel@tonic-gate biginteger_t base; 957c478bd9Sstevel@tonic-gate biginteger_t value; 967c478bd9Sstevel@tonic-gate } dh_pub_key_t; 977c478bd9Sstevel@tonic-gate 987c478bd9Sstevel@tonic-gate 997c478bd9Sstevel@tonic-gate /* 1007c478bd9Sstevel@tonic-gate * PKCS11: X9.42 Diffie-Hellman Public Key Object Attributes 1017c478bd9Sstevel@tonic-gate */ 1027c478bd9Sstevel@tonic-gate typedef struct dh942_pub_key { 1037c478bd9Sstevel@tonic-gate biginteger_t prime; 1047c478bd9Sstevel@tonic-gate biginteger_t base; 1057c478bd9Sstevel@tonic-gate biginteger_t subprime; 1067c478bd9Sstevel@tonic-gate biginteger_t value; 1077c478bd9Sstevel@tonic-gate } dh942_pub_key_t; 1087c478bd9Sstevel@tonic-gate 1097c478bd9Sstevel@tonic-gate 110034448feSmcpowers /* 111034448feSmcpowers * PKCS11: Elliptic Curve Public Key Object Attributes 112034448feSmcpowers */ 113034448feSmcpowers typedef struct ec_pub_key { 114034448feSmcpowers biginteger_t param; 115034448feSmcpowers biginteger_t point; 116034448feSmcpowers } ec_pub_key_t; 117034448feSmcpowers 118034448feSmcpowers 1197c478bd9Sstevel@tonic-gate /* 1207c478bd9Sstevel@tonic-gate * Public Key Main Struct 1217c478bd9Sstevel@tonic-gate */ 1227c478bd9Sstevel@tonic-gate typedef struct public_key_obj { 1237c478bd9Sstevel@tonic-gate union { 1247c478bd9Sstevel@tonic-gate rsa_pub_key_t rsa_pub_key; /* RSA public key */ 1257c478bd9Sstevel@tonic-gate dsa_pub_key_t dsa_pub_key; /* DSA public key */ 1267c478bd9Sstevel@tonic-gate dh_pub_key_t dh_pub_key; /* DH public key */ 1277c478bd9Sstevel@tonic-gate dh942_pub_key_t dh942_pub_key; /* DH9.42 public key */ 128034448feSmcpowers ec_pub_key_t ec_pub_key; /* Elliptic Curve public key */ 1297c478bd9Sstevel@tonic-gate } key_type_u; 1307c478bd9Sstevel@tonic-gate } public_key_obj_t; 1317c478bd9Sstevel@tonic-gate 1327c478bd9Sstevel@tonic-gate /* 1337c478bd9Sstevel@tonic-gate * PKCS11: RSA Private Key Object Attributes 1347c478bd9Sstevel@tonic-gate */ 1357c478bd9Sstevel@tonic-gate typedef struct rsa_pri_key { 1367c478bd9Sstevel@tonic-gate biginteger_t modulus; 1377c478bd9Sstevel@tonic-gate biginteger_t pub_exponent; 1387c478bd9Sstevel@tonic-gate biginteger_t pri_exponent; 1397c478bd9Sstevel@tonic-gate biginteger_t prime_1; 1407c478bd9Sstevel@tonic-gate biginteger_t prime_2; 1417c478bd9Sstevel@tonic-gate biginteger_t exponent_1; 1427c478bd9Sstevel@tonic-gate biginteger_t exponent_2; 1437c478bd9Sstevel@tonic-gate biginteger_t coefficient; 1447c478bd9Sstevel@tonic-gate } rsa_pri_key_t; 1457c478bd9Sstevel@tonic-gate 1467c478bd9Sstevel@tonic-gate /* 1477c478bd9Sstevel@tonic-gate * PKCS11: DSA Private Key Object Attributes 1487c478bd9Sstevel@tonic-gate */ 1497c478bd9Sstevel@tonic-gate typedef struct dsa_pri_key { 1507c478bd9Sstevel@tonic-gate biginteger_t prime; 1517c478bd9Sstevel@tonic-gate biginteger_t subprime; 1527c478bd9Sstevel@tonic-gate biginteger_t base; 1537c478bd9Sstevel@tonic-gate biginteger_t value; 1547c478bd9Sstevel@tonic-gate } dsa_pri_key_t; 1557c478bd9Sstevel@tonic-gate 1567c478bd9Sstevel@tonic-gate 1577c478bd9Sstevel@tonic-gate /* 1587c478bd9Sstevel@tonic-gate * PKCS11: Diffie-Hellman Private Key Object Attributes 1597c478bd9Sstevel@tonic-gate */ 1607c478bd9Sstevel@tonic-gate typedef struct dh_pri_key { 1617c478bd9Sstevel@tonic-gate biginteger_t prime; 1627c478bd9Sstevel@tonic-gate biginteger_t base; 1637c478bd9Sstevel@tonic-gate biginteger_t value; 1647c478bd9Sstevel@tonic-gate CK_ULONG value_bits; 1657c478bd9Sstevel@tonic-gate } dh_pri_key_t; 1667c478bd9Sstevel@tonic-gate 1677c478bd9Sstevel@tonic-gate /* 1687c478bd9Sstevel@tonic-gate * PKCS11: X9.42 Diffie-Hellman Private Key Object Attributes 1697c478bd9Sstevel@tonic-gate */ 1707c478bd9Sstevel@tonic-gate typedef struct dh942_pri_key { 1717c478bd9Sstevel@tonic-gate biginteger_t prime; 1727c478bd9Sstevel@tonic-gate biginteger_t base; 1737c478bd9Sstevel@tonic-gate biginteger_t subprime; 1747c478bd9Sstevel@tonic-gate biginteger_t value; 1757c478bd9Sstevel@tonic-gate } dh942_pri_key_t; 1767c478bd9Sstevel@tonic-gate 177034448feSmcpowers /* 178034448feSmcpowers * PKCS11: Elliptic Curve Private Key Object Attributes 179034448feSmcpowers */ 180034448feSmcpowers typedef struct ec_pri_key { 181034448feSmcpowers biginteger_t param; 182034448feSmcpowers biginteger_t value; 183034448feSmcpowers } ec_pri_key_t; 184034448feSmcpowers 1857c478bd9Sstevel@tonic-gate 1867c478bd9Sstevel@tonic-gate /* 1877c478bd9Sstevel@tonic-gate * Private Key Main Struct 1887c478bd9Sstevel@tonic-gate */ 1897c478bd9Sstevel@tonic-gate typedef struct private_key_obj { 1907c478bd9Sstevel@tonic-gate union { 1917c478bd9Sstevel@tonic-gate rsa_pri_key_t rsa_pri_key; /* RSA private key */ 1927c478bd9Sstevel@tonic-gate dsa_pri_key_t dsa_pri_key; /* DSA private key */ 1937c478bd9Sstevel@tonic-gate dh_pri_key_t dh_pri_key; /* DH private key */ 1947c478bd9Sstevel@tonic-gate dh942_pri_key_t dh942_pri_key; /* DH9.42 private key */ 195034448feSmcpowers ec_pri_key_t ec_pri_key; /* Elliptic Curve private key */ 1967c478bd9Sstevel@tonic-gate } key_type_u; 1977c478bd9Sstevel@tonic-gate } private_key_obj_t; 1987c478bd9Sstevel@tonic-gate 1997c478bd9Sstevel@tonic-gate /* 2007c478bd9Sstevel@tonic-gate * PKCS11: DSA Domain Parameters Object Attributes 2017c478bd9Sstevel@tonic-gate */ 2027c478bd9Sstevel@tonic-gate typedef struct dsa_dom_key { 2037c478bd9Sstevel@tonic-gate biginteger_t prime; 2047c478bd9Sstevel@tonic-gate biginteger_t subprime; 2057c478bd9Sstevel@tonic-gate biginteger_t base; 2067c478bd9Sstevel@tonic-gate CK_ULONG prime_bits; 2077c478bd9Sstevel@tonic-gate } dsa_dom_key_t; 2087c478bd9Sstevel@tonic-gate 2097c478bd9Sstevel@tonic-gate 2107c478bd9Sstevel@tonic-gate /* 2117c478bd9Sstevel@tonic-gate * PKCS11: Diffie-Hellman Domain Parameters Object Attributes 2127c478bd9Sstevel@tonic-gate */ 2137c478bd9Sstevel@tonic-gate typedef struct dh_dom_key { 2147c478bd9Sstevel@tonic-gate biginteger_t prime; 2157c478bd9Sstevel@tonic-gate biginteger_t base; 2167c478bd9Sstevel@tonic-gate CK_ULONG prime_bits; 2177c478bd9Sstevel@tonic-gate } dh_dom_key_t; 2187c478bd9Sstevel@tonic-gate 2197c478bd9Sstevel@tonic-gate 2207c478bd9Sstevel@tonic-gate /* 2217c478bd9Sstevel@tonic-gate * PKCS11: X9.42 Diffie-Hellman Domain Parameters Object Attributes 2227c478bd9Sstevel@tonic-gate */ 2237c478bd9Sstevel@tonic-gate typedef struct dh942_dom_key { 2247c478bd9Sstevel@tonic-gate biginteger_t prime; 2257c478bd9Sstevel@tonic-gate biginteger_t base; 2267c478bd9Sstevel@tonic-gate biginteger_t subprime; 2277c478bd9Sstevel@tonic-gate CK_ULONG prime_bits; 2287c478bd9Sstevel@tonic-gate CK_ULONG subprime_bits; 2297c478bd9Sstevel@tonic-gate } dh942_dom_key_t; 2307c478bd9Sstevel@tonic-gate 2317c478bd9Sstevel@tonic-gate /* 2327c478bd9Sstevel@tonic-gate * Domain Parameters Main Struct 2337c478bd9Sstevel@tonic-gate */ 2347c478bd9Sstevel@tonic-gate typedef struct domain_obj { 2357c478bd9Sstevel@tonic-gate union { 2367c478bd9Sstevel@tonic-gate dsa_dom_key_t dsa_dom_key; /* DSA domain parameters */ 2377c478bd9Sstevel@tonic-gate dh_dom_key_t dh_dom_key; /* DH domain parameters */ 2387c478bd9Sstevel@tonic-gate dh942_dom_key_t dh942_dom_key; /* DH9.42 domain parameters */ 2397c478bd9Sstevel@tonic-gate } key_type_u; 2407c478bd9Sstevel@tonic-gate } domain_obj_t; 2417c478bd9Sstevel@tonic-gate 2427c478bd9Sstevel@tonic-gate typedef struct cert_attr_type { 2437c478bd9Sstevel@tonic-gate CK_BYTE *value; 2447c478bd9Sstevel@tonic-gate CK_ULONG length; 2457c478bd9Sstevel@tonic-gate } cert_attr_t; 2467c478bd9Sstevel@tonic-gate 2477c478bd9Sstevel@tonic-gate /* 2487c478bd9Sstevel@tonic-gate * X.509 Public Key Certificate Structure. 2497c478bd9Sstevel@tonic-gate * This structure contains only the attributes that are 2507c478bd9Sstevel@tonic-gate * NOT modifiable after creation. 2517c478bd9Sstevel@tonic-gate * ID, ISSUER, and SUBJECT attributes are kept in the extra_attrlistp 2527c478bd9Sstevel@tonic-gate * record. 2537c478bd9Sstevel@tonic-gate */ 2547c478bd9Sstevel@tonic-gate typedef struct x509_cert { 2557c478bd9Sstevel@tonic-gate cert_attr_t *subject; /* DER encoding of certificate subject name */ 2567c478bd9Sstevel@tonic-gate cert_attr_t *value; /* BER encoding of the cert */ 2577c478bd9Sstevel@tonic-gate } x509_cert_t; 2587c478bd9Sstevel@tonic-gate 2597c478bd9Sstevel@tonic-gate /* 2607c478bd9Sstevel@tonic-gate * X.509 Attribute Certificiate Structure 2617c478bd9Sstevel@tonic-gate * This structure contains only the attributes that are 2627c478bd9Sstevel@tonic-gate * NOT modifiable after creation. 2637c478bd9Sstevel@tonic-gate * AC_ISSUER, SERIAL_NUMBER, and ATTR_TYPES are kept in the 2647c478bd9Sstevel@tonic-gate * extra_attrlistp record so they may be modified. 2657c478bd9Sstevel@tonic-gate */ 2667c478bd9Sstevel@tonic-gate typedef struct x509_attr_cert { 2677c478bd9Sstevel@tonic-gate cert_attr_t *owner; /* DER encoding of attr cert subject field */ 2687c478bd9Sstevel@tonic-gate cert_attr_t *value; /* BER encoding of cert */ 2697c478bd9Sstevel@tonic-gate } x509_attr_cert_t; 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate /* 2727c478bd9Sstevel@tonic-gate * Certificate Object Main Struct 2737c478bd9Sstevel@tonic-gate */ 2747c478bd9Sstevel@tonic-gate typedef struct certificate_obj { 2757c478bd9Sstevel@tonic-gate CK_CERTIFICATE_TYPE certificate_type; 2767c478bd9Sstevel@tonic-gate union { 277*cfcec266SJason King x509_cert_t x509; 278*cfcec266SJason King x509_attr_cert_t x509_attr; 2797c478bd9Sstevel@tonic-gate } cert_type_u; 2807c478bd9Sstevel@tonic-gate } certificate_obj_t; 2817c478bd9Sstevel@tonic-gate 2827c478bd9Sstevel@tonic-gate /* 2837c478bd9Sstevel@tonic-gate * This structure is used to hold the attributes in the 2847c478bd9Sstevel@tonic-gate * Extra Attribute List. 2857c478bd9Sstevel@tonic-gate */ 2867c478bd9Sstevel@tonic-gate typedef struct attribute_info { 2877c478bd9Sstevel@tonic-gate CK_ATTRIBUTE attr; 2887c478bd9Sstevel@tonic-gate struct attribute_info *next; 2897c478bd9Sstevel@tonic-gate } attribute_info_t; 2907c478bd9Sstevel@tonic-gate 2917c478bd9Sstevel@tonic-gate 2927c478bd9Sstevel@tonic-gate typedef attribute_info_t *CK_ATTRIBUTE_INFO_PTR; 2937c478bd9Sstevel@tonic-gate 2947c478bd9Sstevel@tonic-gate /* 2957c478bd9Sstevel@tonic-gate * This is the main structure of the Objects. 2967c478bd9Sstevel@tonic-gate */ 2977c478bd9Sstevel@tonic-gate typedef struct object { 298*cfcec266SJason King avl_node_t node; 299*cfcec266SJason King CK_OBJECT_HANDLE handle; 3007c478bd9Sstevel@tonic-gate /* Generic common fields. Always present */ 3017c478bd9Sstevel@tonic-gate uint_t version; /* for token objects only */ 302*cfcec266SJason King CK_OBJECT_CLASS class; 3037c478bd9Sstevel@tonic-gate CK_KEY_TYPE key_type; 3047c478bd9Sstevel@tonic-gate CK_CERTIFICATE_TYPE cert_type; 3057c478bd9Sstevel@tonic-gate ulong_t magic_marker; 3067c478bd9Sstevel@tonic-gate uint64_t bool_attr_mask; /* see below */ 3077c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mechanism; 3087c478bd9Sstevel@tonic-gate uchar_t object_type; /* see below */ 3097c478bd9Sstevel@tonic-gate struct ks_obj_handle ks_handle; /* keystore handle */ 3107c478bd9Sstevel@tonic-gate 3117c478bd9Sstevel@tonic-gate /* Fields for access and arbitration */ 3127c478bd9Sstevel@tonic-gate pthread_mutex_t object_mutex; 3137c478bd9Sstevel@tonic-gate struct object *next; 3147c478bd9Sstevel@tonic-gate struct object *prev; 3157c478bd9Sstevel@tonic-gate 3167c478bd9Sstevel@tonic-gate /* Extra non-boolean attribute list */ 3177c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_INFO_PTR extra_attrlistp; 3187c478bd9Sstevel@tonic-gate 3197c478bd9Sstevel@tonic-gate /* For each object, only one of these object classes is presented */ 3207c478bd9Sstevel@tonic-gate union { 3217c478bd9Sstevel@tonic-gate public_key_obj_t *public_key; 3227c478bd9Sstevel@tonic-gate private_key_obj_t *private_key; 3237c478bd9Sstevel@tonic-gate secret_key_obj_t *secret_key; 3247c478bd9Sstevel@tonic-gate domain_obj_t *domain; 3257c478bd9Sstevel@tonic-gate certificate_obj_t *certificate; 3267c478bd9Sstevel@tonic-gate } object_class_u; 3277c478bd9Sstevel@tonic-gate 3287c478bd9Sstevel@tonic-gate /* Session handle that the object belongs to */ 3297c478bd9Sstevel@tonic-gate CK_SESSION_HANDLE session_handle; 3307c478bd9Sstevel@tonic-gate uint32_t obj_refcnt; /* object reference count */ 3317c478bd9Sstevel@tonic-gate pthread_cond_t obj_free_cond; /* cond variable for signal and wait */ 3327c478bd9Sstevel@tonic-gate uint32_t obj_delete_sync; /* object delete sync flags */ 3337c478bd9Sstevel@tonic-gate 3347c478bd9Sstevel@tonic-gate } soft_object_t; 3357c478bd9Sstevel@tonic-gate 3367c478bd9Sstevel@tonic-gate typedef struct find_context { 3377c478bd9Sstevel@tonic-gate soft_object_t **objs_found; 3387c478bd9Sstevel@tonic-gate CK_ULONG num_results; 3397c478bd9Sstevel@tonic-gate CK_ULONG next_result_index; /* next result object to return */ 3407c478bd9Sstevel@tonic-gate } find_context_t; 3417c478bd9Sstevel@tonic-gate 3427c478bd9Sstevel@tonic-gate /* 3437c478bd9Sstevel@tonic-gate * The following structure is used to link the to-be-freed session 3447c478bd9Sstevel@tonic-gate * objects into a linked list. The objects on this linked list have 3457c478bd9Sstevel@tonic-gate * not yet been freed via free() after C_DestroyObject() call; instead 3467c478bd9Sstevel@tonic-gate * they are added to this list. The actual free will take place when 3477c478bd9Sstevel@tonic-gate * the number of objects queued reaches MAX_OBJ_TO_BE_FREED, at which 3487c478bd9Sstevel@tonic-gate * time the first object in the list will be freed. 3497c478bd9Sstevel@tonic-gate */ 3507c478bd9Sstevel@tonic-gate #define MAX_OBJ_TO_BE_FREED 300 3517c478bd9Sstevel@tonic-gate 3527c478bd9Sstevel@tonic-gate typedef struct obj_to_be_freed_list { 3537c478bd9Sstevel@tonic-gate struct object *first; /* points to the first obj in the list */ 3547c478bd9Sstevel@tonic-gate struct object *last; /* points to the last obj in the list */ 3557c478bd9Sstevel@tonic-gate uint32_t count; /* current total objs in the list */ 3567c478bd9Sstevel@tonic-gate pthread_mutex_t obj_to_be_free_mutex; 3577c478bd9Sstevel@tonic-gate } obj_to_be_freed_list_t; 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate /* 3607c478bd9Sstevel@tonic-gate * Object type 3617c478bd9Sstevel@tonic-gate */ 3627c478bd9Sstevel@tonic-gate #define SESSION_PUBLIC 0 /* CKA_TOKEN = 0, CKA_PRIVATE = 0 */ 3637c478bd9Sstevel@tonic-gate #define SESSION_PRIVATE 1 /* CKA_TOKEN = 0, CKA_PRIVATE = 1 */ 3647c478bd9Sstevel@tonic-gate #define TOKEN_PUBLIC 2 /* CKA_TOKEN = 1, CKA_PRIVATE = 0 */ 3657c478bd9Sstevel@tonic-gate #define TOKEN_PRIVATE 3 /* CKA_TOKEN = 1, CKA_PRIVATE = 1 */ 3667c478bd9Sstevel@tonic-gate 3677c478bd9Sstevel@tonic-gate #define TOKEN_OBJECT 2 3687c478bd9Sstevel@tonic-gate #define PRIVATE_OBJECT 1 3697c478bd9Sstevel@tonic-gate 3707c478bd9Sstevel@tonic-gate typedef enum { 3717c478bd9Sstevel@tonic-gate ALL_TOKEN = 0, 3727c478bd9Sstevel@tonic-gate PUBLIC_TOKEN = 1, 3737c478bd9Sstevel@tonic-gate PRIVATE_TOKEN = 2 3747c478bd9Sstevel@tonic-gate } token_obj_type_t; 3757c478bd9Sstevel@tonic-gate 3767c478bd9Sstevel@tonic-gate #define IS_TOKEN_OBJECT(objp) \ 3777c478bd9Sstevel@tonic-gate ((objp->object_type == TOKEN_PUBLIC) || \ 3787c478bd9Sstevel@tonic-gate (objp->object_type == TOKEN_PRIVATE)) 3797c478bd9Sstevel@tonic-gate 3807c478bd9Sstevel@tonic-gate /* 3817c478bd9Sstevel@tonic-gate * Types associated with copying object's content 3827c478bd9Sstevel@tonic-gate */ 3837c478bd9Sstevel@tonic-gate #define SOFT_SET_ATTR_VALUE 1 /* for C_SetAttributeValue */ 3847c478bd9Sstevel@tonic-gate #define SOFT_COPY_OBJECT 2 /* for C_CopyObject */ 3857c478bd9Sstevel@tonic-gate #define SOFT_COPY_OBJ_ORIG_SH 3 /* for copying an object but keeps */ 3867c478bd9Sstevel@tonic-gate /* the original session handle */ 3877c478bd9Sstevel@tonic-gate 3887c478bd9Sstevel@tonic-gate /* 3897c478bd9Sstevel@tonic-gate * The following definitions are the shortcuts 3907c478bd9Sstevel@tonic-gate */ 3917c478bd9Sstevel@tonic-gate 3927c478bd9Sstevel@tonic-gate /* 3937c478bd9Sstevel@tonic-gate * RSA Public Key Object Attributes 3947c478bd9Sstevel@tonic-gate */ 3957c478bd9Sstevel@tonic-gate #define OBJ_PUB(o) \ 3967c478bd9Sstevel@tonic-gate ((o)->object_class_u.public_key) 3977c478bd9Sstevel@tonic-gate #define KEY_PUB_RSA(k) \ 3987c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pub_key) 3997c478bd9Sstevel@tonic-gate #define OBJ_PUB_RSA_MOD(o) \ 4007c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.rsa_pub_key.modulus) 4017c478bd9Sstevel@tonic-gate #define KEY_PUB_RSA_MOD(k) \ 4027c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pub_key.modulus) 4037c478bd9Sstevel@tonic-gate #define OBJ_PUB_RSA_PUBEXPO(o) \ 4047c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.rsa_pub_key.pub_exponent) 4057c478bd9Sstevel@tonic-gate #define KEY_PUB_RSA_PUBEXPO(k) \ 4067c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pub_key.pub_exponent) 4077c478bd9Sstevel@tonic-gate #define OBJ_PUB_RSA_MOD_BITS(o) \ 4087c478bd9Sstevel@tonic-gate ((o)->object_class_u.public_key->key_type_u.rsa_pub_key.modulus_bits) 4097c478bd9Sstevel@tonic-gate #define KEY_PUB_RSA_MOD_BITS(k) \ 4107c478bd9Sstevel@tonic-gate ((k)->key_type_u.rsa_pub_key.modulus_bits) 4117c478bd9Sstevel@tonic-gate 4127c478bd9Sstevel@tonic-gate /* 4137c478bd9Sstevel@tonic-gate * DSA Public Key Object Attributes 4147c478bd9Sstevel@tonic-gate */ 4157c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA(k) \ 4167c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key) 4177c478bd9Sstevel@tonic-gate #define OBJ_PUB_DSA_PRIME(o) \ 4187c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dsa_pub_key.prime) 4197c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA_PRIME(k) \ 4207c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key.prime) 4217c478bd9Sstevel@tonic-gate #define OBJ_PUB_DSA_SUBPRIME(o) \ 4227c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dsa_pub_key.subprime) 4237c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA_SUBPRIME(k) \ 4247c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key.subprime) 4257c478bd9Sstevel@tonic-gate #define OBJ_PUB_DSA_BASE(o) \ 4267c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dsa_pub_key.base) 4277c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA_BASE(k) \ 4287c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key.base) 4297c478bd9Sstevel@tonic-gate #define OBJ_PUB_DSA_VALUE(o) \ 4307c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dsa_pub_key.value) 4317c478bd9Sstevel@tonic-gate #define KEY_PUB_DSA_VALUE(k) \ 4327c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pub_key.value) 4337c478bd9Sstevel@tonic-gate 4347c478bd9Sstevel@tonic-gate /* 4357c478bd9Sstevel@tonic-gate * Diffie-Hellman Public Key Object Attributes 4367c478bd9Sstevel@tonic-gate */ 4377c478bd9Sstevel@tonic-gate #define KEY_PUB_DH(k) \ 4387c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_pub_key) 4397c478bd9Sstevel@tonic-gate #define OBJ_PUB_DH_PRIME(o) \ 4407c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dh_pub_key.prime) 4417c478bd9Sstevel@tonic-gate #define KEY_PUB_DH_PRIME(k) \ 4427c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_pub_key.prime) 4437c478bd9Sstevel@tonic-gate #define OBJ_PUB_DH_BASE(o) \ 4447c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dh_pub_key.base) 4457c478bd9Sstevel@tonic-gate #define KEY_PUB_DH_BASE(k) \ 4467c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_pub_key.base) 4477c478bd9Sstevel@tonic-gate #define OBJ_PUB_DH_VALUE(o) \ 4487c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dh_pub_key.value) 4497c478bd9Sstevel@tonic-gate #define KEY_PUB_DH_VALUE(k) \ 4507c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_pub_key.value) 4517c478bd9Sstevel@tonic-gate 4527c478bd9Sstevel@tonic-gate /* 4537c478bd9Sstevel@tonic-gate * X9.42 Diffie-Hellman Public Key Object Attributes 4547c478bd9Sstevel@tonic-gate */ 4557c478bd9Sstevel@tonic-gate #define KEY_PUB_DH942(k) \ 4567c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pub_key) 4577c478bd9Sstevel@tonic-gate #define OBJ_PUB_DH942_PRIME(o) \ 4587c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dh942_pub_key.prime) 4597c478bd9Sstevel@tonic-gate #define KEY_PUB_DH942_PRIME(k) \ 4607c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pub_key.prime) 4617c478bd9Sstevel@tonic-gate #define OBJ_PUB_DH942_BASE(o) \ 4627c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dh942_pub_key.base) 4637c478bd9Sstevel@tonic-gate #define KEY_PUB_DH942_BASE(k) \ 4647c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pub_key.base) 4657c478bd9Sstevel@tonic-gate #define OBJ_PUB_DH942_SUBPRIME(o) \ 4667c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dh942_pub_key.subprime) 4677c478bd9Sstevel@tonic-gate #define KEY_PUB_DH942_SUBPRIME(k) \ 4687c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pub_key.subprime) 4697c478bd9Sstevel@tonic-gate #define OBJ_PUB_DH942_VALUE(o) \ 4707c478bd9Sstevel@tonic-gate &((o)->object_class_u.public_key->key_type_u.dh942_pub_key.value) 4717c478bd9Sstevel@tonic-gate #define KEY_PUB_DH942_VALUE(k) \ 4727c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pub_key.value) 4737c478bd9Sstevel@tonic-gate 474034448feSmcpowers /* 475034448feSmcpowers * Elliptic Curve Public Key Object Attributes 476034448feSmcpowers */ 477034448feSmcpowers #define KEY_PUB_EC(k) \ 478034448feSmcpowers &((k)->key_type_u.ec_pub_key) 479034448feSmcpowers #define OBJ_PUB_EC_POINT(o) \ 480034448feSmcpowers &((o)->object_class_u.public_key->key_type_u.ec_pub_key.point) 481034448feSmcpowers #define KEY_PUB_EC_POINT(k) \ 482034448feSmcpowers &((k)->key_type_u.ec_pub_key.point) 483034448feSmcpowers 484034448feSmcpowers 4857c478bd9Sstevel@tonic-gate /* 4867c478bd9Sstevel@tonic-gate * RSA Private Key Object Attributes 4877c478bd9Sstevel@tonic-gate */ 4887c478bd9Sstevel@tonic-gate #define OBJ_PRI(o) \ 4897c478bd9Sstevel@tonic-gate ((o)->object_class_u.private_key) 4907c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA(k) \ 4917c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key) 4927c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_MOD(o) \ 4937c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.modulus) 4947c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_MOD(k) \ 4957c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.modulus) 4967c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_PUBEXPO(o) \ 4977c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.pub_exponent) 4987c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_PUBEXPO(k) \ 4997c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.pub_exponent) 5007c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_PRIEXPO(o) \ 5017c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.pri_exponent) 5027c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_PRIEXPO(k) \ 5037c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.pri_exponent) 5047c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_PRIME1(o) \ 5057c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.prime_1) 5067c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_PRIME1(k) \ 5077c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.prime_1) 5087c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_PRIME2(o) \ 5097c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.prime_2) 5107c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_PRIME2(k) \ 5117c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.prime_2) 5127c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_EXPO1(o) \ 5137c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.exponent_1) 5147c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_EXPO1(k) \ 5157c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.exponent_1) 5167c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_EXPO2(o) \ 5177c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.exponent_2) 5187c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_EXPO2(k) \ 5197c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.exponent_2) 5207c478bd9Sstevel@tonic-gate #define OBJ_PRI_RSA_COEF(o) \ 5217c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.rsa_pri_key.coefficient) 5227c478bd9Sstevel@tonic-gate #define KEY_PRI_RSA_COEF(k) \ 5237c478bd9Sstevel@tonic-gate &((k)->key_type_u.rsa_pri_key.coefficient) 5247c478bd9Sstevel@tonic-gate 5257c478bd9Sstevel@tonic-gate /* 5267c478bd9Sstevel@tonic-gate * DSA Private Key Object Attributes 5277c478bd9Sstevel@tonic-gate */ 5287c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA(k) \ 5297c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key) 5307c478bd9Sstevel@tonic-gate #define OBJ_PRI_DSA_PRIME(o) \ 5317c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dsa_pri_key.prime) 5327c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA_PRIME(k) \ 5337c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key.prime) 5347c478bd9Sstevel@tonic-gate #define OBJ_PRI_DSA_SUBPRIME(o) \ 5357c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dsa_pri_key.subprime) 5367c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA_SUBPRIME(k) \ 5377c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key.subprime) 5387c478bd9Sstevel@tonic-gate #define OBJ_PRI_DSA_BASE(o) \ 5397c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dsa_pri_key.base) 5407c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA_BASE(k) \ 5417c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key.base) 5427c478bd9Sstevel@tonic-gate #define OBJ_PRI_DSA_VALUE(o) \ 5437c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dsa_pri_key.value) 5447c478bd9Sstevel@tonic-gate #define KEY_PRI_DSA_VALUE(k) \ 5457c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_pri_key.value) 5467c478bd9Sstevel@tonic-gate 5477c478bd9Sstevel@tonic-gate /* 5487c478bd9Sstevel@tonic-gate * Diffie-Hellman Private Key Object Attributes 5497c478bd9Sstevel@tonic-gate */ 5507c478bd9Sstevel@tonic-gate #define KEY_PRI_DH(k) \ 5517c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_pri_key) 5527c478bd9Sstevel@tonic-gate #define OBJ_PRI_DH_PRIME(o) \ 5537c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dh_pri_key.prime) 5547c478bd9Sstevel@tonic-gate #define KEY_PRI_DH_PRIME(k) \ 5557c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_pri_key.prime) 5567c478bd9Sstevel@tonic-gate #define OBJ_PRI_DH_BASE(o) \ 5577c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dh_pri_key.base) 5587c478bd9Sstevel@tonic-gate #define KEY_PRI_DH_BASE(k) \ 5597c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_pri_key.base) 5607c478bd9Sstevel@tonic-gate #define OBJ_PRI_DH_VALUE(o) \ 5617c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dh_pri_key.value) 5627c478bd9Sstevel@tonic-gate #define KEY_PRI_DH_VALUE(k) \ 5637c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_pri_key.value) 5647c478bd9Sstevel@tonic-gate #define OBJ_PRI_DH_VAL_BITS(o) \ 5657c478bd9Sstevel@tonic-gate ((o)->object_class_u.private_key->key_type_u.dh_pri_key.value_bits) 5667c478bd9Sstevel@tonic-gate #define KEY_PRI_DH_VAL_BITS(k) \ 5677c478bd9Sstevel@tonic-gate ((k)->key_type_u.dh_pri_key.value_bits) 5687c478bd9Sstevel@tonic-gate 5697c478bd9Sstevel@tonic-gate /* 5707c478bd9Sstevel@tonic-gate * X9.42 Diffie-Hellman Private Key Object Attributes 5717c478bd9Sstevel@tonic-gate */ 5727c478bd9Sstevel@tonic-gate #define KEY_PRI_DH942(k) \ 5737c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pri_key) 5747c478bd9Sstevel@tonic-gate #define OBJ_PRI_DH942_PRIME(o) \ 5757c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dh942_pri_key.prime) 5767c478bd9Sstevel@tonic-gate #define KEY_PRI_DH942_PRIME(k) \ 5777c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pri_key.prime) 5787c478bd9Sstevel@tonic-gate #define OBJ_PRI_DH942_BASE(o) \ 5797c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dh942_pri_key.base) 5807c478bd9Sstevel@tonic-gate #define KEY_PRI_DH942_BASE(k) \ 5817c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pri_key.base) 5827c478bd9Sstevel@tonic-gate #define OBJ_PRI_DH942_SUBPRIME(o) \ 5837c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dh942_pri_key.subprime) 5847c478bd9Sstevel@tonic-gate #define KEY_PRI_DH942_SUBPRIME(k) \ 5857c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pri_key.subprime) 5867c478bd9Sstevel@tonic-gate #define OBJ_PRI_DH942_VALUE(o) \ 5877c478bd9Sstevel@tonic-gate &((o)->object_class_u.private_key->key_type_u.dh942_pri_key.value) 5887c478bd9Sstevel@tonic-gate #define KEY_PRI_DH942_VALUE(k) \ 5897c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_pri_key.value) 5907c478bd9Sstevel@tonic-gate 591034448feSmcpowers /* 592034448feSmcpowers * Elliptic Curve Private Key Object Attributes 593034448feSmcpowers */ 594034448feSmcpowers 595034448feSmcpowers #define KEY_PRI_EC(k) \ 596034448feSmcpowers &((k)->key_type_u.ec_pri_key) 597034448feSmcpowers #define OBJ_PRI_EC_VALUE(o) \ 598034448feSmcpowers &((o)->object_class_u.private_key->key_type_u.ec_pri_key.value) 599034448feSmcpowers #define KEY_PRI_EC_VALUE(k) \ 600034448feSmcpowers &((k)->key_type_u.ec_pri_key.value) 601034448feSmcpowers 6027c478bd9Sstevel@tonic-gate /* 6037c478bd9Sstevel@tonic-gate * DSA Domain Parameters Object Attributes 6047c478bd9Sstevel@tonic-gate */ 6057c478bd9Sstevel@tonic-gate #define OBJ_DOM(o) \ 6067c478bd9Sstevel@tonic-gate ((o)->object_class_u.domain) 6077c478bd9Sstevel@tonic-gate #define KEY_DOM_DSA(k) \ 6087c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_dom_key) 6097c478bd9Sstevel@tonic-gate #define OBJ_DOM_DSA_PRIME(o) \ 6107c478bd9Sstevel@tonic-gate &((o)->object_class_u.domain->key_type_u.dsa_dom_key.prime) 6117c478bd9Sstevel@tonic-gate #define KEY_DOM_DSA_PRIME(k) \ 6127c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_dom_key.prime) 6137c478bd9Sstevel@tonic-gate #define OBJ_DOM_DSA_SUBPRIME(o) \ 6147c478bd9Sstevel@tonic-gate &((o)->object_class_u.domain->key_type_u.dsa_dom_key.subprime) 6157c478bd9Sstevel@tonic-gate #define KEY_DOM_DSA_SUBPRIME(k) \ 6167c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_dom_key.subprime) 6177c478bd9Sstevel@tonic-gate #define OBJ_DOM_DSA_BASE(o) \ 6187c478bd9Sstevel@tonic-gate &((o)->object_class_u.domain->key_type_u.dsa_dom_key.base) 6197c478bd9Sstevel@tonic-gate #define KEY_DOM_DSA_BASE(k) \ 6207c478bd9Sstevel@tonic-gate &((k)->key_type_u.dsa_dom_key.base) 6217c478bd9Sstevel@tonic-gate #define OBJ_DOM_DSA_PRIME_BITS(o) \ 6227c478bd9Sstevel@tonic-gate ((o)->object_class_u.domain->key_type_u.dsa_dom_key.prime_bits) 6237c478bd9Sstevel@tonic-gate 6247c478bd9Sstevel@tonic-gate /* 6257c478bd9Sstevel@tonic-gate * Diffie-Hellman Domain Parameters Object Attributes 6267c478bd9Sstevel@tonic-gate */ 6277c478bd9Sstevel@tonic-gate #define KEY_DOM_DH(k) \ 6287c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_dom_key) 6297c478bd9Sstevel@tonic-gate #define OBJ_DOM_DH_PRIME(o) \ 6307c478bd9Sstevel@tonic-gate &((o)->object_class_u.domain->key_type_u.dh_dom_key.prime) 6317c478bd9Sstevel@tonic-gate #define KEY_DOM_DH_PRIME(k) \ 6327c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_dom_key.prime) 6337c478bd9Sstevel@tonic-gate #define OBJ_DOM_DH_BASE(o) \ 6347c478bd9Sstevel@tonic-gate &((o)->object_class_u.domain->key_type_u.dh_dom_key.base) 6357c478bd9Sstevel@tonic-gate #define KEY_DOM_DH_BASE(k) \ 6367c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh_dom_key.base) 6377c478bd9Sstevel@tonic-gate #define OBJ_DOM_DH_PRIME_BITS(o) \ 6387c478bd9Sstevel@tonic-gate ((o)->object_class_u.domain->key_type_u.dh_dom_key.prime_bits) 6397c478bd9Sstevel@tonic-gate 6407c478bd9Sstevel@tonic-gate /* 6417c478bd9Sstevel@tonic-gate * X9.42 Diffie-Hellman Domain Parameters Object Attributes 6427c478bd9Sstevel@tonic-gate */ 6437c478bd9Sstevel@tonic-gate #define KEY_DOM_DH942(k) \ 6447c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_dom_key) 6457c478bd9Sstevel@tonic-gate #define OBJ_DOM_DH942_PRIME(o) \ 6467c478bd9Sstevel@tonic-gate &((o)->object_class_u.domain->key_type_u.dh942_dom_key.prime) 6477c478bd9Sstevel@tonic-gate #define KEY_DOM_DH942_PRIME(k) \ 6487c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_dom_key.prime) 6497c478bd9Sstevel@tonic-gate #define OBJ_DOM_DH942_BASE(o) \ 6507c478bd9Sstevel@tonic-gate &((o)->object_class_u.domain->key_type_u.dh942_dom_key.base) 6517c478bd9Sstevel@tonic-gate #define KEY_DOM_DH942_BASE(k) \ 6527c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_dom_key.base) 6537c478bd9Sstevel@tonic-gate #define OBJ_DOM_DH942_SUBPRIME(o) \ 6547c478bd9Sstevel@tonic-gate &((o)->object_class_u.domain->key_type_u.dh942_dom_key.subprime) 6557c478bd9Sstevel@tonic-gate #define KEY_DOM_DH942_SUBPRIME(k) \ 6567c478bd9Sstevel@tonic-gate &((k)->key_type_u.dh942_dom_key.subprime) 6577c478bd9Sstevel@tonic-gate #define OBJ_DOM_DH942_PRIME_BITS(o) \ 6587c478bd9Sstevel@tonic-gate ((o)->object_class_u.domain->key_type_u.dh942_dom_key.prime_bits) 6597c478bd9Sstevel@tonic-gate #define OBJ_DOM_DH942_SUBPRIME_BITS(o) \ 6607c478bd9Sstevel@tonic-gate ((o)->object_class_u.domain->key_type_u.dh942_dom_key.subprime_bits) 6617c478bd9Sstevel@tonic-gate 6627c478bd9Sstevel@tonic-gate /* 6637c478bd9Sstevel@tonic-gate * Secret Key Object Attributes 6647c478bd9Sstevel@tonic-gate */ 6657c478bd9Sstevel@tonic-gate #define OBJ_SEC(o) \ 6667c478bd9Sstevel@tonic-gate ((o)->object_class_u.secret_key) 6677c478bd9Sstevel@tonic-gate #define OBJ_SEC_VALUE(o) \ 6687c478bd9Sstevel@tonic-gate ((o)->object_class_u.secret_key->sk_value) 6697c478bd9Sstevel@tonic-gate #define OBJ_SEC_VALUE_LEN(o) \ 6707c478bd9Sstevel@tonic-gate ((o)->object_class_u.secret_key->sk_value_len) 6717c478bd9Sstevel@tonic-gate #define OBJ_KEY_SCHED(o) \ 6727c478bd9Sstevel@tonic-gate ((o)->object_class_u.secret_key->key_sched) 6737c478bd9Sstevel@tonic-gate #define OBJ_KEY_SCHED_LEN(o) \ 6747c478bd9Sstevel@tonic-gate ((o)->object_class_u.secret_key->keysched_len) 6757c478bd9Sstevel@tonic-gate 6767c478bd9Sstevel@tonic-gate #define OBJ_CERT(o) \ 6777c478bd9Sstevel@tonic-gate ((o)->object_class_u.certificate) 6787c478bd9Sstevel@tonic-gate /* 6797c478bd9Sstevel@tonic-gate * X.509 Key Certificate object attributes 6807c478bd9Sstevel@tonic-gate */ 6817c478bd9Sstevel@tonic-gate #define X509_CERT(o) \ 6827c478bd9Sstevel@tonic-gate ((o)->object_class_u.certificate->cert_type_u.x509) 6837c478bd9Sstevel@tonic-gate #define X509_CERT_SUBJECT(o) \ 6847c478bd9Sstevel@tonic-gate ((o)->object_class_u.certificate->cert_type_u.x509.subject) 6857c478bd9Sstevel@tonic-gate #define X509_CERT_VALUE(o) \ 6867c478bd9Sstevel@tonic-gate ((o)->object_class_u.certificate->cert_type_u.x509.value) 6877c478bd9Sstevel@tonic-gate 6887c478bd9Sstevel@tonic-gate /* 6897c478bd9Sstevel@tonic-gate * X.509 Attribute Certificate object attributes 6907c478bd9Sstevel@tonic-gate */ 6917c478bd9Sstevel@tonic-gate #define X509_ATTR_CERT(o) \ 6927c478bd9Sstevel@tonic-gate ((o)->object_class_u.certificate->cert_type_u.x509_attr) 6937c478bd9Sstevel@tonic-gate #define X509_ATTR_CERT_OWNER(o) \ 6947c478bd9Sstevel@tonic-gate ((o)->object_class_u.certificate->cert_type_u.x509_attr.owner) 6957c478bd9Sstevel@tonic-gate #define X509_ATTR_CERT_VALUE(o) \ 6967c478bd9Sstevel@tonic-gate ((o)->object_class_u.certificate->cert_type_u.x509_attr.value) 6977c478bd9Sstevel@tonic-gate 6987c478bd9Sstevel@tonic-gate /* 6997c478bd9Sstevel@tonic-gate * key related attributes with CK_BBOOL data type 7007c478bd9Sstevel@tonic-gate */ 7017c478bd9Sstevel@tonic-gate #define DERIVE_BOOL_ON 0x00000001 7027c478bd9Sstevel@tonic-gate #define LOCAL_BOOL_ON 0x00000002 7037c478bd9Sstevel@tonic-gate #define SENSITIVE_BOOL_ON 0x00000004 7047c478bd9Sstevel@tonic-gate #define SECONDARY_AUTH_BOOL_ON 0x00000008 7057c478bd9Sstevel@tonic-gate #define ENCRYPT_BOOL_ON 0x00000010 7067c478bd9Sstevel@tonic-gate #define DECRYPT_BOOL_ON 0x00000020 7077c478bd9Sstevel@tonic-gate #define SIGN_BOOL_ON 0x00000040 7087c478bd9Sstevel@tonic-gate #define SIGN_RECOVER_BOOL_ON 0x00000080 7097c478bd9Sstevel@tonic-gate #define VERIFY_BOOL_ON 0x00000100 7107c478bd9Sstevel@tonic-gate #define VERIFY_RECOVER_BOOL_ON 0x00000200 7117c478bd9Sstevel@tonic-gate #define WRAP_BOOL_ON 0x00000400 7127c478bd9Sstevel@tonic-gate #define UNWRAP_BOOL_ON 0x00000800 7137c478bd9Sstevel@tonic-gate #define TRUSTED_BOOL_ON 0x00001000 7147c478bd9Sstevel@tonic-gate #define EXTRACTABLE_BOOL_ON 0x00002000 7157c478bd9Sstevel@tonic-gate #define ALWAYS_SENSITIVE_BOOL_ON 0x00004000 7167c478bd9Sstevel@tonic-gate #define NEVER_EXTRACTABLE_BOOL_ON 0x00008000 7177c478bd9Sstevel@tonic-gate #define NOT_MODIFIABLE_BOOL_ON 0x00010000 7187c478bd9Sstevel@tonic-gate 7197c478bd9Sstevel@tonic-gate #define PUBLIC_KEY_DEFAULT (ENCRYPT_BOOL_ON|\ 7207c478bd9Sstevel@tonic-gate WRAP_BOOL_ON|\ 7217c478bd9Sstevel@tonic-gate VERIFY_BOOL_ON|\ 7227c478bd9Sstevel@tonic-gate VERIFY_RECOVER_BOOL_ON) 7237c478bd9Sstevel@tonic-gate 7247c478bd9Sstevel@tonic-gate #define PRIVATE_KEY_DEFAULT (DECRYPT_BOOL_ON|\ 7257c478bd9Sstevel@tonic-gate UNWRAP_BOOL_ON|\ 7267c478bd9Sstevel@tonic-gate SIGN_BOOL_ON|\ 7277c478bd9Sstevel@tonic-gate SIGN_RECOVER_BOOL_ON|\ 7287c478bd9Sstevel@tonic-gate EXTRACTABLE_BOOL_ON) 7297c478bd9Sstevel@tonic-gate 7307c478bd9Sstevel@tonic-gate #define SECRET_KEY_DEFAULT (ENCRYPT_BOOL_ON|\ 7317c478bd9Sstevel@tonic-gate DECRYPT_BOOL_ON|\ 7327c478bd9Sstevel@tonic-gate WRAP_BOOL_ON|\ 7337c478bd9Sstevel@tonic-gate UNWRAP_BOOL_ON|\ 7347c478bd9Sstevel@tonic-gate SIGN_BOOL_ON|\ 7357c478bd9Sstevel@tonic-gate VERIFY_BOOL_ON|\ 7367c478bd9Sstevel@tonic-gate EXTRACTABLE_BOOL_ON) 7377c478bd9Sstevel@tonic-gate 7387c478bd9Sstevel@tonic-gate /* 7397c478bd9Sstevel@tonic-gate * MAX_KEY_ATTR_BUFLEN 7407c478bd9Sstevel@tonic-gate * The maximum buffer size needed for public or private key attributes 7417c478bd9Sstevel@tonic-gate * should be 514 bytes. Just to be safe we give a little more space. 7427c478bd9Sstevel@tonic-gate */ 7437c478bd9Sstevel@tonic-gate #define MAX_KEY_ATTR_BUFLEN 1024 7447c478bd9Sstevel@tonic-gate 7457c478bd9Sstevel@tonic-gate /* 7467c478bd9Sstevel@tonic-gate * Flag definitions for obj_delete_sync 7477c478bd9Sstevel@tonic-gate */ 7487c478bd9Sstevel@tonic-gate #define OBJECT_IS_DELETING 1 /* Object is in a deleting state */ 7497c478bd9Sstevel@tonic-gate #define OBJECT_REFCNT_WAITING 2 /* Waiting for object reference */ 7507c478bd9Sstevel@tonic-gate /* count to become zero */ 7517c478bd9Sstevel@tonic-gate 7527c478bd9Sstevel@tonic-gate #define HANDLE2OBJECT(hObject, object_p, rv) \ 753*cfcec266SJason King rv = handle2object(hObject, &(object_p), B_TRUE); 7547c478bd9Sstevel@tonic-gate 7557c478bd9Sstevel@tonic-gate #define HANDLE2OBJECT_DESTROY(hObject, object_p, rv) \ 756*cfcec266SJason King rv = handle2object(hObject, &(object_p), B_FALSE); 7577c478bd9Sstevel@tonic-gate 7587c478bd9Sstevel@tonic-gate 7597c478bd9Sstevel@tonic-gate #define OBJ_REFRELE(object_p) { \ 7607c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&object_p->object_mutex); \ 7617c478bd9Sstevel@tonic-gate if ((--object_p->obj_refcnt) == 0 && \ 7627c478bd9Sstevel@tonic-gate (object_p->obj_delete_sync & OBJECT_REFCNT_WAITING)) { \ 7637c478bd9Sstevel@tonic-gate (void) pthread_cond_signal(&object_p->obj_free_cond); \ 7647c478bd9Sstevel@tonic-gate } \ 7657c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&object_p->object_mutex); \ 7667c478bd9Sstevel@tonic-gate } 7677c478bd9Sstevel@tonic-gate 768*cfcec266SJason King extern pthread_mutex_t soft_object_mutex; 769*cfcec266SJason King extern avl_tree_t soft_object_tree; 770*cfcec266SJason King 7717c478bd9Sstevel@tonic-gate /* 7727c478bd9Sstevel@tonic-gate * Function Prototypes. 7737c478bd9Sstevel@tonic-gate */ 774*cfcec266SJason King 775*cfcec266SJason King CK_RV handle2object(CK_OBJECT_HANDLE hObject, soft_object_t **object_p, 776*cfcec266SJason King boolean_t refhold); 777*cfcec266SJason King 778*cfcec266SJason King CK_ULONG set_objecthandle(soft_object_t *obj); 779*cfcec266SJason King 7807c478bd9Sstevel@tonic-gate void soft_cleanup_object(soft_object_t *objp); 7817c478bd9Sstevel@tonic-gate 7827c478bd9Sstevel@tonic-gate CK_RV soft_add_object(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 783*cfcec266SJason King CK_OBJECT_HANDLE_PTR objecthandle_p, soft_session_t *sp); 7847c478bd9Sstevel@tonic-gate 7857c478bd9Sstevel@tonic-gate void soft_delete_object(soft_session_t *sp, soft_object_t *objp, 7861f49a79aSZdenek Kotala boolean_t force, boolean_t lock_held); 7877c478bd9Sstevel@tonic-gate 7887c478bd9Sstevel@tonic-gate void soft_cleanup_extra_attr(soft_object_t *object_p); 7897c478bd9Sstevel@tonic-gate 7907c478bd9Sstevel@tonic-gate CK_RV soft_copy_extra_attr(CK_ATTRIBUTE_INFO_PTR old_attrp, 7917c478bd9Sstevel@tonic-gate soft_object_t *object_p); 7927c478bd9Sstevel@tonic-gate 7937c478bd9Sstevel@tonic-gate void soft_cleanup_object_bigint_attrs(soft_object_t *object_p); 7947c478bd9Sstevel@tonic-gate 7957c478bd9Sstevel@tonic-gate CK_RV soft_build_object(CK_ATTRIBUTE_PTR template, 7967c478bd9Sstevel@tonic-gate CK_ULONG ulAttrNum, soft_object_t *new_object); 7977c478bd9Sstevel@tonic-gate 7987c478bd9Sstevel@tonic-gate CK_RV soft_build_secret_key_object(CK_ATTRIBUTE_PTR template, 7997c478bd9Sstevel@tonic-gate CK_ULONG ulAttrNum, soft_object_t *new_object, CK_ULONG mode, 8007c478bd9Sstevel@tonic-gate CK_ULONG key_len, CK_KEY_TYPE key_type); 8017c478bd9Sstevel@tonic-gate 8027c478bd9Sstevel@tonic-gate CK_RV soft_copy_object(soft_object_t *old_object, soft_object_t **new_object, 8037c478bd9Sstevel@tonic-gate CK_ULONG object_func, soft_session_t *sp); 8047c478bd9Sstevel@tonic-gate 8057c478bd9Sstevel@tonic-gate void soft_merge_object(soft_object_t *old_object, soft_object_t *new_object); 8067c478bd9Sstevel@tonic-gate 8077c478bd9Sstevel@tonic-gate CK_RV soft_get_attribute(soft_object_t *object_p, CK_ATTRIBUTE_PTR template); 8087c478bd9Sstevel@tonic-gate 8097c478bd9Sstevel@tonic-gate CK_RV soft_set_attribute(soft_object_t *object_p, CK_ATTRIBUTE_PTR template, 8107c478bd9Sstevel@tonic-gate boolean_t copy); 8117c478bd9Sstevel@tonic-gate 8127c478bd9Sstevel@tonic-gate CK_RV soft_set_common_storage_attribute(soft_object_t *object_p, 8137c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR template, boolean_t copy); 8147c478bd9Sstevel@tonic-gate 815c64d15a5Smcpowers CK_RV soft_get_public_value(soft_object_t *, CK_ATTRIBUTE_TYPE, uchar_t *, 8167c478bd9Sstevel@tonic-gate uint32_t *); 8177c478bd9Sstevel@tonic-gate 818c64d15a5Smcpowers CK_RV soft_get_private_value(soft_object_t *, CK_ATTRIBUTE_TYPE, uchar_t *, 8197c478bd9Sstevel@tonic-gate uint32_t *); 8207c478bd9Sstevel@tonic-gate 8217c478bd9Sstevel@tonic-gate CK_RV get_ulong_attr_from_object(CK_ULONG value, CK_ATTRIBUTE_PTR template); 8227c478bd9Sstevel@tonic-gate 8237c478bd9Sstevel@tonic-gate void copy_bigint_attr(biginteger_t *src, biginteger_t *dst); 8247c478bd9Sstevel@tonic-gate 8257c478bd9Sstevel@tonic-gate void soft_add_object_to_session(soft_object_t *, soft_session_t *); 8267c478bd9Sstevel@tonic-gate 8277c478bd9Sstevel@tonic-gate CK_RV soft_build_key(CK_ATTRIBUTE_PTR, CK_ULONG, soft_object_t *, 8287c478bd9Sstevel@tonic-gate CK_OBJECT_CLASS, CK_KEY_TYPE, CK_ULONG, CK_ULONG); 8297c478bd9Sstevel@tonic-gate 8307c478bd9Sstevel@tonic-gate CK_RV soft_copy_public_key_attr(public_key_obj_t *old_pub_key_obj_p, 8317c478bd9Sstevel@tonic-gate public_key_obj_t **new_pub_key_obj_p, CK_KEY_TYPE key_type); 8327c478bd9Sstevel@tonic-gate 8337c478bd9Sstevel@tonic-gate CK_RV soft_copy_private_key_attr(private_key_obj_t *old_pri_key_obj_p, 8347c478bd9Sstevel@tonic-gate private_key_obj_t **new_pri_key_obj_p, CK_KEY_TYPE key_type); 8357c478bd9Sstevel@tonic-gate 8367c478bd9Sstevel@tonic-gate CK_RV soft_copy_secret_key_attr(secret_key_obj_t *old_secret_key_obj_p, 8377c478bd9Sstevel@tonic-gate secret_key_obj_t **new_secret_key_obj_p); 8387c478bd9Sstevel@tonic-gate 8397c478bd9Sstevel@tonic-gate CK_RV soft_copy_domain_attr(domain_obj_t *old_domain_obj_p, 8407c478bd9Sstevel@tonic-gate domain_obj_t **new_domain_obj_p, CK_KEY_TYPE key_type); 8417c478bd9Sstevel@tonic-gate 8427c478bd9Sstevel@tonic-gate CK_RV soft_validate_attr(CK_ATTRIBUTE_PTR template, CK_ULONG ulAttrNum, 8437c478bd9Sstevel@tonic-gate CK_OBJECT_CLASS *class); 8447c478bd9Sstevel@tonic-gate 8457c478bd9Sstevel@tonic-gate CK_RV soft_find_objects_init(soft_session_t *sp, CK_ATTRIBUTE_PTR pTemplate, 8467c478bd9Sstevel@tonic-gate CK_ULONG ulCount); 8477c478bd9Sstevel@tonic-gate 8487c478bd9Sstevel@tonic-gate void soft_find_objects_final(soft_session_t *sp); 8497c478bd9Sstevel@tonic-gate 8507c478bd9Sstevel@tonic-gate void soft_find_objects(soft_session_t *sp, CK_OBJECT_HANDLE *obj_found, 8517c478bd9Sstevel@tonic-gate CK_ULONG max_obj_requested, CK_ULONG *found_obj_count); 8527c478bd9Sstevel@tonic-gate 8537c478bd9Sstevel@tonic-gate void soft_process_find_attr(CK_OBJECT_CLASS *pclasses, 8547c478bd9Sstevel@tonic-gate CK_ULONG *num_result_pclasses, CK_ATTRIBUTE_PTR pTemplate, 8557c478bd9Sstevel@tonic-gate CK_ULONG ulCount); 8567c478bd9Sstevel@tonic-gate 8577c478bd9Sstevel@tonic-gate boolean_t soft_find_match_attrs(soft_object_t *obj, CK_OBJECT_CLASS *pclasses, 8587c478bd9Sstevel@tonic-gate CK_ULONG num_pclasses, CK_ATTRIBUTE *tmpl_attr, CK_ULONG num_attr); 8597c478bd9Sstevel@tonic-gate 8607c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR get_extra_attr(CK_ATTRIBUTE_TYPE type, soft_object_t *obj); 8617c478bd9Sstevel@tonic-gate 8627c478bd9Sstevel@tonic-gate CK_RV get_string_from_template(CK_ATTRIBUTE_PTR dest, CK_ATTRIBUTE_PTR src); 8637c478bd9Sstevel@tonic-gate 8647c478bd9Sstevel@tonic-gate void string_attr_cleanup(CK_ATTRIBUTE_PTR template); 8657c478bd9Sstevel@tonic-gate 8667c478bd9Sstevel@tonic-gate void soft_cleanup_cert_object(soft_object_t *object_p); 8677c478bd9Sstevel@tonic-gate 8687c478bd9Sstevel@tonic-gate CK_RV soft_get_certificate_attribute(soft_object_t *object_p, 8697c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR template); 8707c478bd9Sstevel@tonic-gate 8717c478bd9Sstevel@tonic-gate CK_RV soft_set_certificate_attribute(soft_object_t *object_p, 8727c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR template, boolean_t copy); 8737c478bd9Sstevel@tonic-gate 8747c478bd9Sstevel@tonic-gate CK_RV soft_copy_certificate(certificate_obj_t *old, certificate_obj_t **new, 8757c478bd9Sstevel@tonic-gate CK_CERTIFICATE_TYPE type); 8767c478bd9Sstevel@tonic-gate 8777c478bd9Sstevel@tonic-gate CK_RV get_cert_attr_from_template(cert_attr_t **dest, 8787c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR src); 8797c478bd9Sstevel@tonic-gate 8807c478bd9Sstevel@tonic-gate /* Token object related function prototypes */ 8817c478bd9Sstevel@tonic-gate 8827c478bd9Sstevel@tonic-gate void soft_add_token_object_to_slot(soft_object_t *objp); 8837c478bd9Sstevel@tonic-gate 8847c478bd9Sstevel@tonic-gate void soft_remove_token_object_from_slot(soft_object_t *objp, 8857c478bd9Sstevel@tonic-gate boolean_t lock_held); 8867c478bd9Sstevel@tonic-gate 8877c478bd9Sstevel@tonic-gate void soft_delete_token_object(soft_object_t *objp, boolean_t persistent, 8887c478bd9Sstevel@tonic-gate boolean_t lock_held); 8897c478bd9Sstevel@tonic-gate 8907c478bd9Sstevel@tonic-gate void soft_delete_all_in_core_token_objects(token_obj_type_t type); 8917c478bd9Sstevel@tonic-gate 8927c478bd9Sstevel@tonic-gate void soft_validate_token_objects(boolean_t validate); 8937c478bd9Sstevel@tonic-gate 8947c478bd9Sstevel@tonic-gate CK_RV soft_object_write_access_check(soft_session_t *sp, soft_object_t *objp); 8957c478bd9Sstevel@tonic-gate 8967c478bd9Sstevel@tonic-gate CK_RV soft_pin_expired_check(soft_object_t *objp); 8977c478bd9Sstevel@tonic-gate 8987c478bd9Sstevel@tonic-gate CK_RV soft_copy_to_old_object(soft_object_t *new, soft_object_t *old); 8997c478bd9Sstevel@tonic-gate 9007c478bd9Sstevel@tonic-gate CK_RV soft_keystore_load_latest_object(soft_object_t *old_obj); 9017c478bd9Sstevel@tonic-gate 9027c478bd9Sstevel@tonic-gate CK_RV refresh_token_objects(); 9037c478bd9Sstevel@tonic-gate 9047c478bd9Sstevel@tonic-gate void bigint_attr_cleanup(biginteger_t *big); 9057c478bd9Sstevel@tonic-gate 9067c478bd9Sstevel@tonic-gate CK_RV soft_add_extra_attr(CK_ATTRIBUTE_PTR template, soft_object_t *object_p); 9077c478bd9Sstevel@tonic-gate 9087c478bd9Sstevel@tonic-gate CK_RV get_bigint_attr_from_template(biginteger_t *big, 9097c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR template); 9107c478bd9Sstevel@tonic-gate 911726fad2aSDina K Nimeh CK_RV dup_bigint_attr(biginteger_t *bi, CK_BYTE *buf, CK_ULONG buflen); 912726fad2aSDina K Nimeh 9137c478bd9Sstevel@tonic-gate #ifdef __cplusplus 9147c478bd9Sstevel@tonic-gate } 9157c478bd9Sstevel@tonic-gate #endif 9167c478bd9Sstevel@tonic-gate 9177c478bd9Sstevel@tonic-gate #endif /* _SOFTOBJECT_H */ 918