summaryrefslogtreecommitdiff
path: root/usr/src/lib/libkmf/include/kmfapi.h
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/lib/libkmf/include/kmfapi.h')
-rw-r--r--usr/src/lib/libkmf/include/kmfapi.h346
1 files changed, 346 insertions, 0 deletions
diff --git a/usr/src/lib/libkmf/include/kmfapi.h b/usr/src/lib/libkmf/include/kmfapi.h
new file mode 100644
index 0000000000..64ded2ce6a
--- /dev/null
+++ b/usr/src/lib/libkmf/include/kmfapi.h
@@ -0,0 +1,346 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
+ * Use is subject to license terms.
+ *
+ *
+ * Constant definitions and function prototypes for the KMF library.
+ * Commonly used data types are defined in "kmftypes.h".
+ */
+
+#ifndef _KMFAPI_H
+#define _KMFAPI_H
+
+#pragma ident "%Z%%M% %I% %E% SMI"
+
+#include <kmftypes.h>
+#include <security/cryptoki.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Setup operations.
+ */
+extern KMF_RETURN KMF_Initialize(KMF_HANDLE_T *, char *, char *);
+extern KMF_RETURN KMF_ConfigureKeystore(KMF_HANDLE_T, KMF_CONFIG_PARAMS *);
+extern KMF_RETURN KMF_Finalize(KMF_HANDLE_T);
+
+/*
+ * Key operations.
+ */
+extern KMF_RETURN KMF_SignDataWithKey(KMF_HANDLE_T,
+ KMF_KEY_HANDLE *, KMF_OID *,
+ KMF_DATA *, KMF_DATA *);
+
+extern KMF_RETURN KMF_VerifyDataWithKey(KMF_HANDLE_T,
+ KMF_KEY_HANDLE *, KMF_ALGORITHM_INDEX, KMF_DATA *, KMF_DATA *);
+
+extern KMF_RETURN KMF_CreateKeypair(KMF_HANDLE_T,
+ KMF_CREATEKEYPAIR_PARAMS *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *);
+
+extern KMF_RETURN KMF_DeleteKeyFromKeystore(KMF_HANDLE_T,
+ KMF_DELETEKEY_PARAMS *, KMF_KEY_HANDLE *);
+
+extern KMF_RETURN KMF_SignCertRecord(KMF_HANDLE_T, KMF_KEY_HANDLE *,
+ KMF_X509_CERTIFICATE *, KMF_DATA *);
+
+extern KMF_RETURN KMF_FindKey(KMF_HANDLE_T, KMF_FINDKEY_PARAMS *,
+ KMF_KEY_HANDLE *, uint32_t *);
+
+extern KMF_RETURN KMF_StorePrivateKey(KMF_HANDLE_T, KMF_STOREKEY_PARAMS *,
+ KMF_RAW_KEY_DATA *);
+
+extern KMF_RETURN KMF_CreateSymKey(KMF_HANDLE_T, KMF_CREATESYMKEY_PARAMS *,
+ KMF_KEY_HANDLE *);
+
+extern KMF_RETURN KMF_GetSymKeyValue(KMF_HANDLE_T, KMF_KEY_HANDLE *,
+ KMF_RAW_SYM_KEY *);
+
+/*
+ * Certificate operations.
+ */
+extern KMF_RETURN KMF_FindCert(KMF_HANDLE_T, KMF_FINDCERT_PARAMS *,
+ KMF_X509_DER_CERT *, uint32_t *);
+
+extern KMF_RETURN KMF_EncodeCertRecord(KMF_X509_CERTIFICATE *,
+ KMF_DATA *);
+extern KMF_RETURN KMF_SignCertWithKey(KMF_HANDLE_T, const KMF_DATA *,
+ KMF_KEY_HANDLE *, KMF_DATA *);
+extern KMF_RETURN KMF_SignCertWithCert(KMF_HANDLE_T,
+ KMF_CRYPTOWITHCERT_PARAMS *,
+ const KMF_DATA *, KMF_DATA *, KMF_DATA *);
+
+extern KMF_RETURN KMF_SignDataWithCert(KMF_HANDLE_T,
+ KMF_CRYPTOWITHCERT_PARAMS *, KMF_DATA *, KMF_DATA *, KMF_DATA *);
+
+extern KMF_RETURN KMF_VerifyCertWithKey(KMF_HANDLE_T, KMF_KEY_HANDLE *,
+ const KMF_DATA *);
+extern KMF_RETURN KMF_VerifyCertWithCert(KMF_HANDLE_T, const KMF_DATA *,
+ const KMF_DATA *);
+extern KMF_RETURN KMF_VerifyDataWithCert(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *,
+ const KMF_DATA *);
+
+extern KMF_RETURN KMF_EncryptWithCert(KMF_HANDLE_T, KMF_DATA *,
+ KMF_DATA *, KMF_DATA *);
+
+extern KMF_RETURN KMF_DecryptWithCert(KMF_HANDLE_T,
+ KMF_CRYPTOWITHCERT_PARAMS *, KMF_DATA *, KMF_DATA *, KMF_DATA *);
+
+extern KMF_RETURN KMF_StoreCert(KMF_HANDLE_T,
+ KMF_STORECERT_PARAMS *, KMF_DATA *);
+extern KMF_RETURN KMF_ImportCert(KMF_HANDLE_T, KMF_IMPORTCERT_PARAMS *);
+extern KMF_RETURN KMF_DeleteCertFromKeystore(KMF_HANDLE_T,
+ KMF_DELETECERT_PARAMS *);
+
+extern KMF_RETURN KMF_ValidateCert(KMF_HANDLE_T,
+ KMF_VALIDATECERT_PARAMS *, int *);
+
+extern KMF_RETURN KMF_CreateCertFile(KMF_DATA *, KMF_ENCODE_FORMAT, char *);
+
+extern KMF_RETURN KMF_DownloadCert(KMF_HANDLE_T, char *, char *, int,
+ unsigned int, char *, KMF_ENCODE_FORMAT *);
+extern KMF_RETURN KMF_IsCertFile(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *);
+
+extern KMF_RETURN KMF_CheckCertDate(KMF_HANDLE_T, KMF_DATA *);
+
+/*
+ * CRL operations.
+ */
+extern KMF_RETURN KMF_ImportCRL(KMF_HANDLE_T, KMF_IMPORTCRL_PARAMS *);
+extern KMF_RETURN KMF_DeleteCRL(KMF_HANDLE_T, KMF_DELETECRL_PARAMS *);
+extern KMF_RETURN KMF_ListCRL(KMF_HANDLE_T, KMF_LISTCRL_PARAMS *, char **);
+extern KMF_RETURN KMF_FindCRL(KMF_HANDLE_T, KMF_FINDCRL_PARAMS *,
+ char **, int *);
+
+extern KMF_RETURN KMF_FindCertInCRL(KMF_HANDLE_T,
+ KMF_FINDCERTINCRL_PARAMS *);
+extern KMF_RETURN KMF_VerifyCRLFile(KMF_HANDLE_T,
+ KMF_VERIFYCRL_PARAMS *);
+
+extern KMF_RETURN KMF_CheckCRLDate(KMF_HANDLE_T,
+ KMF_CHECKCRLDATE_PARAMS *);
+extern KMF_RETURN KMF_DownloadCRL(KMF_HANDLE_T, char *, char *,
+ int, unsigned int, char *, KMF_ENCODE_FORMAT *);
+extern KMF_RETURN KMF_IsCRLFile(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *);
+
+/*
+ * CSR operations.
+ */
+extern KMF_RETURN KMF_SetCSRPubKey(KMF_HANDLE_T,
+ KMF_KEY_HANDLE *, KMF_CSR_DATA *);
+extern KMF_RETURN KMF_SetCSRVersion(KMF_CSR_DATA *, uint32_t);
+extern KMF_RETURN KMF_SetCSRSubjectName(KMF_CSR_DATA *, KMF_X509_NAME *);
+extern KMF_RETURN KMF_CreateCSRFile(KMF_DATA *, KMF_ENCODE_FORMAT, char *);
+extern KMF_RETURN KMF_SetCSRExtension(KMF_CSR_DATA *, KMF_X509_EXTENSION *);
+extern KMF_RETURN KMF_SetCSRSignatureAlgorithm(KMF_CSR_DATA *,
+ KMF_ALGORITHM_INDEX);
+extern KMF_RETURN KMF_SetCSRSubjectAltName(KMF_CSR_DATA *, char *,
+ int, KMF_GENERALNAMECHOICES);
+extern KMF_RETURN KMF_SetCSRKeyUsage(KMF_CSR_DATA *, int, uint16_t);
+extern KMF_RETURN KMF_SignCSR(KMF_HANDLE_T, const KMF_CSR_DATA *,
+ KMF_KEY_HANDLE *, KMF_DATA *);
+
+/*
+ * GetCert operations.
+ */
+extern KMF_RETURN KMF_GetCertExtensionData(const KMF_DATA *, KMF_OID *,
+ KMF_X509_EXTENSION *);
+
+extern KMF_RETURN KMF_GetCertCriticalExtensions(const KMF_DATA *,
+ KMF_X509_EXTENSION **, int *);
+
+extern KMF_RETURN KMF_GetCertNonCriticalExtensions(const KMF_DATA *,
+ KMF_X509_EXTENSION **, int *);
+
+extern KMF_RETURN KMF_GetCertKeyUsageExt(const KMF_DATA *,
+ KMF_X509EXT_KEY_USAGE *);
+
+extern KMF_RETURN KMF_GetCertEKU(const KMF_DATA *, KMF_X509EXT_EKU *);
+
+extern KMF_RETURN KMF_GetCertBasicConstraintExt(const KMF_DATA *,
+ KMF_BOOL *, KMF_X509EXT_BASICCONSTRAINTS *);
+
+extern KMF_RETURN KMF_GetCertPoliciesExt(const KMF_DATA *,
+ KMF_BOOL *, KMF_X509EXT_CERT_POLICIES *);
+
+extern KMF_RETURN KMF_GetCertAuthInfoAccessExt(const KMF_DATA *,
+ KMF_X509EXT_AUTHINFOACCESS *);
+
+extern KMF_RETURN KMF_GetCertCRLDistributionPointsExt(const KMF_DATA *,
+ KMF_X509EXT_CRLDISTPOINTS *);
+
+extern KMF_RETURN KMF_GetCertVersionString(KMF_HANDLE_T,
+ const KMF_DATA *, char **);
+
+extern KMF_RETURN KMF_GetCertSubjectNameString(KMF_HANDLE_T, const KMF_DATA *,
+ char **);
+
+extern KMF_RETURN KMF_GetCertIssuerNameString(KMF_HANDLE_T,
+ const KMF_DATA *, char **);
+
+extern KMF_RETURN KMF_GetCertSerialNumberString(KMF_HANDLE_T, const KMF_DATA *,
+ char **);
+
+extern KMF_RETURN KMF_GetCertStartDateString(KMF_HANDLE_T,
+ const KMF_DATA *, char **);
+
+extern KMF_RETURN KMF_GetCertEndDateString(KMF_HANDLE_T,
+ const KMF_DATA *, char **);
+
+extern KMF_RETURN KMF_GetCertPubKeyAlgString(KMF_HANDLE_T,
+ const KMF_DATA *, char **);
+
+extern KMF_RETURN KMF_GetCertSignatureAlgString(KMF_HANDLE_T,
+ const KMF_DATA *, char **);
+
+extern KMF_RETURN KMF_GetCertPubKeyDataString(KMF_HANDLE_T,
+ const KMF_DATA *, char **);
+
+extern KMF_RETURN KMF_GetCertEmailString(KMF_HANDLE_T,
+ const KMF_DATA *, char **);
+
+extern KMF_RETURN KMF_GetCertExtensionString(KMF_HANDLE_T, const KMF_DATA *,
+ KMF_PRINTABLE_ITEM, char **);
+
+extern KMF_RETURN KMF_GetCertIDData(const KMF_DATA *, KMF_DATA *);
+extern KMF_RETURN KMF_GetCertIDString(const KMF_DATA *, char **);
+extern KMF_RETURN KMF_GetCertValidity(const KMF_DATA *, time_t *, time_t *);
+
+/*
+ * SetCert operations
+ */
+extern KMF_RETURN KMF_SetCertPubKey(KMF_HANDLE_T, KMF_KEY_HANDLE *,
+ KMF_X509_CERTIFICATE *);
+
+extern KMF_RETURN KMF_SetCertSubjectName(KMF_X509_CERTIFICATE *,
+ KMF_X509_NAME *);
+
+extern KMF_RETURN KMF_SetCertKeyUsage(KMF_X509_CERTIFICATE *, int, uint16_t);
+
+extern KMF_RETURN KMF_SetCertIssuerName(KMF_X509_CERTIFICATE *,
+ KMF_X509_NAME *);
+
+extern KMF_RETURN KMF_SetCertSignatureAlgorithm(KMF_X509_CERTIFICATE *,
+ KMF_ALGORITHM_INDEX);
+
+extern KMF_RETURN KMF_SetCertValidityTimes(KMF_X509_CERTIFICATE *,
+ time_t, uint32_t);
+
+extern KMF_RETURN KMF_SetCertSerialNumber(KMF_X509_CERTIFICATE *,
+ KMF_BIGINT *);
+
+extern KMF_RETURN KMF_SetCertVersion(KMF_X509_CERTIFICATE *, uint32_t);
+
+extern KMF_RETURN KMF_SetCertIssuerAltName(KMF_X509_CERTIFICATE *,
+ int, KMF_GENERALNAMECHOICES, char *);
+
+extern KMF_RETURN KMF_SetCertSubjectAltName(KMF_X509_CERTIFICATE *,
+ int, KMF_GENERALNAMECHOICES, char *);
+
+extern KMF_RETURN KMF_AddCertEKU(KMF_X509_CERTIFICATE *, KMF_OID *, int);
+
+extern KMF_RETURN KMF_SetCertExtension(KMF_X509_CERTIFICATE *,
+ KMF_X509_EXTENSION *);
+
+extern KMF_RETURN KMF_SetCertBasicConstraintExt(KMF_X509_CERTIFICATE *,
+ KMF_BOOL, KMF_X509EXT_BASICCONSTRAINTS *);
+
+extern KMF_RETURN KMF_ExportPK12(KMF_HANDLE_T, KMF_EXPORTP12_PARAMS *, char *);
+extern KMF_RETURN KMF_ImportPK12(KMF_HANDLE_T, char *, KMF_CREDENTIAL *,
+ KMF_DATA **, int *, KMF_RAW_KEY_DATA **, int *);
+
+/*
+ * Get OCSP response operation.
+ */
+extern KMF_RETURN KMF_GetOCSPForCert(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *,
+ KMF_DATA *);
+
+extern KMF_RETURN KMF_CreateOCSPRequest(KMF_HANDLE_T, KMF_OCSPREQUEST_PARAMS *,
+ char *);
+
+extern KMF_RETURN KMF_GetEncodedOCSPResponse(KMF_HANDLE_T, char *, char *, int,
+ char *, int, char *, unsigned int);
+
+extern KMF_RETURN KMF_GetOCSPStatusForCert(KMF_HANDLE_T,
+ KMF_OCSPRESPONSE_PARAMS_INPUT *,
+ KMF_OCSPRESPONSE_PARAMS_OUTPUT *);
+
+/*
+ * Policy Operations
+ */
+extern KMF_RETURN KMF_SetPolicy(KMF_HANDLE_T, char *, char *);
+
+/*
+ * Error handling.
+ */
+extern KMF_RETURN KMF_GetPluginErrorString(KMF_HANDLE_T, char **);
+extern KMF_RETURN KMF_GetKMFErrorString(KMF_RETURN, char **);
+
+/*
+ * Miscellaneous
+ */
+extern KMF_RETURN KMF_DNParser(char *, KMF_X509_NAME *);
+extern KMF_RETURN KMF_DN2Der(KMF_X509_NAME *, KMF_DATA *);
+extern KMF_RETURN KMF_ReadInputFile(KMF_HANDLE_T, char *, KMF_DATA *);
+extern KMF_RETURN KMF_Der2Pem(KMF_OBJECT_TYPE, unsigned char *,
+ int, unsigned char **, int *);
+extern KMF_RETURN KMF_Pem2Der(unsigned char *, int, unsigned char **, int *);
+extern char *KMF_OID2String(KMF_OID *);
+extern KMF_RETURN KMF_String2OID(char *, KMF_OID *);
+extern int KMF_CompareRDNs(KMF_X509_NAME *, KMF_X509_NAME *);
+extern KMF_RETURN KMF_GetFileFormat(char *, KMF_ENCODE_FORMAT *);
+extern uint16_t KMF_StringToKeyUsage(char *);
+extern KMF_RETURN KMF_SetTokenPin(KMF_HANDLE_T, KMF_SETPIN_PARAMS *,
+ KMF_CREDENTIAL *);
+extern KMF_RETURN KMF_HexString2Bytes(unsigned char *, unsigned char **,
+ size_t *);
+
+/*
+ * Memory cleanup operations
+ */
+extern void KMF_FreeDN(KMF_X509_NAME *);
+extern void KMF_FreeKMFCert(KMF_HANDLE_T, KMF_X509_DER_CERT *);
+extern void KMF_FreeData(KMF_DATA *);
+extern void KMF_FreeAlgOID(KMF_X509_ALGORITHM_IDENTIFIER *);
+extern void KMF_FreeExtension(KMF_X509_EXTENSION *);
+extern void KMF_FreeTBSCSR(KMF_TBS_CSR *);
+extern void KMF_FreeSignedCSR(KMF_CSR_DATA *);
+extern void KMF_FreeTBSCert(KMF_X509_TBS_CERT *);
+extern void KMF_FreeSignedCert(KMF_X509_CERTIFICATE *);
+extern void KMF_FreeString(char *);
+extern void KMF_FreeEKU(KMF_X509EXT_EKU *);
+extern void KMF_FreeSPKI(KMF_X509_SPKI *);
+extern void KMF_FreeKMFKey(KMF_HANDLE_T, KMF_KEY_HANDLE *);
+extern void KMF_FreeBigint(KMF_BIGINT *);
+extern void KMF_FreeRawKey(KMF_RAW_KEY_DATA *);
+extern void KMF_FreeRawSymKey(KMF_RAW_SYM_KEY *);
+extern void KMF_FreeCRLDistributionPoints(KMF_X509EXT_CRLDISTPOINTS *);
+
+/* APIs for PKCS#11 token */
+extern KMF_RETURN KMF_PK11TokenLookup(KMF_HANDLE_T, char *, CK_SLOT_ID *);
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* _KMFAPI_H */
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-20 10:18:57 +0000