1 files changed, 41 insertions, 45 deletions
diff --git a/usr/src/cmd/cmd-crypto/pktool/common.h b/usr/src/cmd/cmd-crypto/pktool/common.h
index 30e2890b4b..e15cee3282 100644
--- a/usr/src/cmd/cmd-crypto/pktool/common.h
+++ b/usr/src/cmd/cmd-crypto/pktool/common.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -39,14 +38,14 @@ extern "C" {
 #endif
 
 #include <cryptoutil.h>
-#include <biginteger.h>
 
 /* I18N helpers. */
 #include <libintl.h>
 #include <locale.h>
+#include <errno.h>
+#include <kmfapi.h>
 
 /* Defines used throughout */
-#define	FULL_NAME_LEN	91	/* See full_token_name() for this number. */
 
 /* Error codes */
 #define	PK_ERR_NONE		0
@@ -55,6 +54,7 @@ extern "C" {
 #define	PK_ERR_PK11		3
 #define	PK_ERR_SYSTEM		4
 #define	PK_ERR_OPENSSL		5
+#define	PK_ERR_NSS		6
 
 /* Types of objects for searches. */
 #define	PK_PRIVATE_OBJ		0x0001
@@ -62,11 +62,18 @@ extern "C" {
 #define	PK_CERT_OBJ		0x0010
 #define	PK_PRIKEY_OBJ		0x0020
 #define	PK_PUBKEY_OBJ		0x0040
-#define	PK_SECKEY_OBJ		0x0080
+#define	PK_SYMKEY_OBJ		0x0080
+#define	PK_CRL_OBJ		0x0100
 
-#define	PK_KEY_OBJ		(PK_PRIKEY_OBJ|PK_PUBKEY_OBJ|PK_SECKEY_OBJ)
-#define	PK_ALL_OBJ		(PK_PRIVATE_OBJ|PK_PUBLIC_OBJ|\
-				PK_CERT_OBJ|PK_KEY_OBJ)
+#define	PK_KEY_OBJ		(PK_PRIKEY_OBJ | PK_PUBKEY_OBJ | PK_SYMKEY_OBJ)
+#define	PK_ALL_OBJ		(PK_PRIVATE_OBJ | PK_PUBLIC_OBJ |\
+				PK_CERT_OBJ| PK_CRL_OBJ | PK_KEY_OBJ)
+
+#define	PK_DEFAULT_KEYTYPE	"rsa"
+#define	PK_DEFAULT_KEYLENGTH	1024
+#define	PK_DEFAULT_DIRECTORY	"."
+#define	PK_DEFAULT_SERIALNUM	1
+#define	PK_DEFAULT_PK11TOKEN	SOFT_TOKEN_LABEL
 
 /* Constants for attribute templates. */
 extern CK_BBOOL	pk_false;
@@ -77,18 +84,12 @@ extern CK_BBOOL	pk_true;
 extern CK_RV	init_pk11(void);
 extern void	final_pk11(CK_SESSION_HANDLE sess);
 
-extern CK_RV	open_sess(CK_SLOT_ID slot_id, CK_FLAGS sess_flags,
-		    CK_SESSION_HANDLE_PTR sess);
-extern void	close_sess(CK_SESSION_HANDLE sess);
-
 extern CK_RV	login_token(CK_SLOT_ID slot_id, CK_UTF8CHAR_PTR pin,
 		    CK_ULONG pinlen, CK_SESSION_HANDLE_PTR sess);
-extern void	logout_token(CK_SESSION_HANDLE sess);
 
 extern CK_RV	quick_start(CK_SLOT_ID slot_id, CK_FLAGS sess_flags,
 		    CK_UTF8CHAR_PTR pin, CK_ULONG pinlen,
 		    CK_SESSION_HANDLE_PTR sess);
-extern void	quick_finish(CK_SESSION_HANDLE sess);
 
 extern CK_RV	get_pin(char *prompt1, char *prompt2, CK_UTF8CHAR_PTR *pin,
 		    CK_ULONG *pinlen);
@@ -96,40 +97,35 @@ extern boolean_t	yesno(char *prompt, char *invalid, boolean_t dflt);
 
 extern CK_RV	get_token_slots(CK_SLOT_ID_PTR *slot_list,
 		    CK_ULONG *slot_count);
-extern CK_RV	find_token_slot(char *token_name, char *manuf_id,
-		    char *serial_no, CK_SLOT_ID *slot_id, CK_FLAGS *pin_state);
-
-extern CK_RV	find_obj_count(CK_SESSION_HANDLE sess, int obj_type,
-		    CK_BYTE *label, CK_ULONG *count);
-extern CK_RV	find_objs(CK_SESSION_HANDLE sess, int obj_type,
-		    CK_BYTE *label, CK_OBJECT_HANDLE_PTR *obj, CK_ULONG *count);
-
-extern int	parse_token_spec(char *spec, char **label, char **manuf,
-		    char **buf);
-extern void	full_token_name(char *token, char *manuf, char *serial,
-		    char *buf);
-
-extern char	*class_str(CK_OBJECT_CLASS class);
-extern char	*keytype_str(CK_KEY_TYPE keytype);
-extern char	*attr_str(CK_ATTRIBUTE_TYPE attrtype);
-
-extern void	octetify(CK_BYTE *str, CK_ULONG str_sz, char *oct, int oct_sz,
-		    boolean_t stop_on_nul, boolean_t do_ascii, int limit,
-		    char *indent, char *blank);
-
-extern void	copy_bigint_to_attr(biginteger_t big, CK_ATTRIBUTE_PTR attr);
-extern void	copy_string_to_attr(CK_BYTE *buf, CK_ULONG buflen,
-		    CK_ATTRIBUTE_PTR attr);
-extern void	copy_attr_to_bigint(CK_ATTRIBUTE_PTR attr, biginteger_t *big);
-extern void	copy_attr_to_string(CK_ATTRIBUTE_PTR attr, CK_BYTE **buf,
-		    CK_ULONG *buflen);
-extern void	copy_attr_to_date(CK_ATTRIBUTE_PTR attr, CK_DATE **buf,
-		    CK_ULONG *buflen);
+
+extern int get_subname(char **);
 
 extern int	getopt_av(int argc, char * const argv[], const char *optstring);
 extern char	*optarg_av;
 extern int	optind_av;
 
+int OT2Int(char *);
+int PK2Int(char *);
+KMF_KEYSTORE_TYPE KS2Int(char *);
+int Str2KeyType(char *, KMF_KEY_ALG *, KMF_ALGORITHM_INDEX *);
+int Str2SymKeyType(char *, KMF_KEY_ALG *);
+int Str2Lifetime(char *, uint32_t *);
+KMF_RETURN select_token(void *, char *, int);
+KMF_RETURN configure_nss(void *, char *, char *);
+
+KMF_ENCODE_FORMAT Str2Format(char *);
+KMF_RETURN get_pk12_password(KMF_CREDENTIAL *);
+KMF_RETURN hexstring2bytes(uchar_t *, uchar_t **, size_t *);
+KMF_RETURN verify_altname(char *arg, KMF_GENERALNAMECHOICES *, int *);
+KMF_RETURN verify_keyusage(char *arg, uint16_t *, int *);
+KMF_RETURN verify_file(char *);
+int get_token_password(KMF_KEYSTORE_TYPE, char *, KMF_CREDENTIAL *);
+void display_error(void *, KMF_RETURN, char *);
+#define	DEFAULT_NSS_TOKEN	"internal"
+#define	DEFAULT_TOKEN_PROMPT	"Enter pin for %s: "
+
+#define	EMPTYSTRING(s) (s == NULL || !strlen((char *)s))
+
 #ifdef __cplusplus
 }
 #endif