xref: /illumos-gate/usr/src/uts/common/sys/crypto/common.h (revision 12b0348ca8dbbcf6f0e2f3fcc93e9880ae1eb0d1) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
23  */
24 /*
25  * Copyright 2013 Saso Kiselkov.  All rights reserved.
26  * Copyright 2023 RackTop Systems, Inc.
27  */
28 
29 #ifndef _SYS_CRYPTO_COMMON_H
30 #define	_SYS_CRYPTO_COMMON_H
31 
32 /*
33  * Header file for the common data structures of the cryptographic framework
34  */
35 
36 #ifdef __cplusplus
37 extern "C" {
38 #endif
39 
40 #include <sys/types.h>
41 #include <sys/uio.h>
42 #include <sys/stream.h>
43 #include <sys/mutex.h>
44 #include <sys/condvar.h>
45 
46 
47 /* Cryptographic Mechanisms */
48 
49 #define	CRYPTO_MAX_MECH_NAME 32
50 typedef char crypto_mech_name_t[CRYPTO_MAX_MECH_NAME];
51 
52 typedef uint64_t crypto_mech_type_t;
53 
54 typedef struct crypto_mechanism {
55 	crypto_mech_type_t	cm_type;	/* mechanism type */
56 	caddr_t			cm_param;	/* mech. parameter */
57 	size_t			cm_param_len;	/* mech. parameter len */
58 } crypto_mechanism_t;
59 
60 #ifdef  _SYSCALL32
61 
62 typedef struct crypto_mechanism32 {
63 	crypto_mech_type_t	cm_type;	/* mechanism type */
64 	caddr32_t		cm_param;	/* mech. parameter */
65 	size32_t		cm_param_len;   /* mech. parameter len */
66 } crypto_mechanism32_t;
67 
68 #endif  /* _SYSCALL32 */
69 
70 /*
71  * New structures that have internal pointers need a custom me_copyin_param
72  * and me_free_param function added to their kcf_mech_entry_t.
73  * See: kcf_copyin_*_param in kcf_mech_tabs.c.
74  */
75 
76 #ifdef _KERNEL
77 /* CK_AES_CTR_PARAMS provides parameters to the CKM_AES_CTR mechanism */
78 typedef struct CK_AES_CTR_PARAMS {
79 	ulong_t	ulCounterBits;
80 	uint8_t cb[16];
81 } CK_AES_CTR_PARAMS;
82 #endif
83 
84 /* CK_AES_CCM_PARAMS provides parameters to the CKM_AES_CCM mechanism */
85 typedef struct CK_AES_CCM_PARAMS {
86 	ulong_t ulMACSize;
87 	ulong_t ulNonceSize;
88 	ulong_t ulAuthDataSize;
89 	ulong_t ulDataSize; /* used for plaintext or ciphertext */
90 	uchar_t *nonce;
91 	uchar_t *authData;
92 } CK_AES_CCM_PARAMS;
93 
94 /* CK_AES_GCM_PARAMS provides parameters to the CKM_AES_GCM mechanism */
95 typedef struct CK_AES_GCM_PARAMS {
96 	uchar_t *pIv;
97 	ulong_t ulIvLen;
98 	ulong_t ulIvBits;
99 	uchar_t *pAAD;
100 	ulong_t ulAADLen;
101 	ulong_t ulTagBits;
102 } CK_AES_GCM_PARAMS;
103 
104 /* CK_AES_GMAC_PARAMS provides parameters to the CKM_AES_GMAC mechanism */
105 typedef struct CK_AES_GMAC_PARAMS {
106 	uchar_t *pIv;	/* Length is AES_GMAC_IV_LEN */
107 	uchar_t *pAAD;
108 	ulong_t ulAADLen;
109 } CK_AES_GMAC_PARAMS;
110 
111 #ifdef _KERNEL
112 /*
113  * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
114  * CKM_ECDH1_KEY_DERIVE mechanism
115  */
116 typedef struct CK_ECDH1_DERIVE_PARAMS {
117 	ulong_t		kdf;
118 	ulong_t		ulSharedDataLen;
119 	uchar_t		*pSharedData;
120 	ulong_t		ulPublicDataLen;
121 	uchar_t		*pPublicData;
122 } CK_ECDH1_DERIVE_PARAMS;
123 #endif
124 
125 #ifdef _KERNEL
126 #ifdef  _SYSCALL32
127 
128 /* needed for 32-bit applications running on 64-bit kernels */
129 typedef struct CK_AES_CTR_PARAMS32 {
130 	uint32_t ulCounterBits;
131 	uint8_t cb[16];
132 } CK_AES_CTR_PARAMS32;
133 
134 /* needed for 32-bit applications running on 64-bit kernels */
135 typedef struct CK_AES_CCM_PARAMS32 {
136 	uint32_t ulMACSize;
137 	uint32_t ulNonceSize;
138 	uint32_t ulAuthDataSize;
139 	uint32_t ulDataSize;
140 	caddr32_t nonce;
141 	caddr32_t authData;
142 } CK_AES_CCM_PARAMS32;
143 
144 /* needed for 32-bit applications running on 64-bit kernels */
145 typedef struct CK_AES_GCM_PARAMS32 {
146 	caddr32_t pIv;
147 	uint32_t ulIvLen;
148 	uint32_t ulIvBits;
149 	caddr32_t pAAD;
150 	uint32_t ulAADLen;
151 	uint32_t ulTagBits;
152 } CK_AES_GCM_PARAMS32;
153 
154 /* needed for 32-bit applications running on 64-bit kernels */
155 typedef struct CK_AES_GMAC_PARAMS32 {
156 	caddr32_t pIv;
157 	caddr32_t pAAD;
158 	uint32_t ulAADLen;
159 } CK_AES_GMAC_PARAMS32;
160 
161 typedef struct CK_ECDH1_DERIVE_PARAMS32 {
162 	uint32_t	kdf;
163 	uint32_t	ulSharedDataLen;
164 	caddr32_t	pSharedData;
165 	uint32_t	ulPublicDataLen;
166 	caddr32_t	pPublicData;
167 } CK_ECDH1_DERIVE_PARAMS32;
168 
169 #endif  /* _SYSCALL32 */
170 #endif /* _KERNEL */
171 
172 /*
173  * The measurement unit bit flag for a mechanism's minimum or maximum key size.
174  * The unit are mechanism dependent.  It can be in bits or in bytes.
175  */
176 typedef uint32_t crypto_keysize_unit_t;
177 
178 /*
179  * The following bit flags are valid in cm_mech_flags field in
180  * the crypto_mech_info_t structure of the SPI.
181  *
182  * Only the first two bit flags are valid in mi_keysize_unit
183  * field in the crypto_mechanism_info_t structure of the API.
184  */
185 #define	CRYPTO_KEYSIZE_UNIT_IN_BITS	0x00000001
186 #define	CRYPTO_KEYSIZE_UNIT_IN_BYTES	0x00000002
187 #define	CRYPTO_CAN_SHARE_OPSTATE	0x00000004 /* supports sharing */
188 
189 
190 /* Mechanisms supported out-of-the-box */
191 #define	SUN_CKM_MD4			"CKM_MD4"
192 #define	SUN_CKM_MD5			"CKM_MD5"
193 #define	SUN_CKM_MD5_HMAC		"CKM_MD5_HMAC"
194 #define	SUN_CKM_MD5_HMAC_GENERAL	"CKM_MD5_HMAC_GENERAL"
195 #define	SUN_CKM_SHA1			"CKM_SHA_1"
196 #define	SUN_CKM_SHA1_HMAC		"CKM_SHA_1_HMAC"
197 #define	SUN_CKM_SHA1_HMAC_GENERAL	"CKM_SHA_1_HMAC_GENERAL"
198 #define	SUN_CKM_SHA256			"CKM_SHA256"
199 #define	SUN_CKM_SHA256_HMAC		"CKM_SHA256_HMAC"
200 #define	SUN_CKM_SHA256_HMAC_GENERAL	"CKM_SHA256_HMAC_GENERAL"
201 #define	SUN_CKM_SHA384			"CKM_SHA384"
202 #define	SUN_CKM_SHA384_HMAC		"CKM_SHA384_HMAC"
203 #define	SUN_CKM_SHA384_HMAC_GENERAL	"CKM_SHA384_HMAC_GENERAL"
204 #define	SUN_CKM_SHA512			"CKM_SHA512"
205 #define	SUN_CKM_SHA512_HMAC		"CKM_SHA512_HMAC"
206 #define	SUN_CKM_SHA512_HMAC_GENERAL	"CKM_SHA512_HMAC_GENERAL"
207 #define	SUN_CKM_SHA512_224		"CKM_SHA512_224"
208 #define	SUN_CKM_SHA512_256		"CKM_SHA512_256"
209 #define	SUN_CKM_DES_CBC			"CKM_DES_CBC"
210 #define	SUN_CKM_DES3_CBC		"CKM_DES3_CBC"
211 #define	SUN_CKM_DES_ECB			"CKM_DES_ECB"
212 #define	SUN_CKM_DES3_ECB		"CKM_DES3_ECB"
213 #define	SUN_CKM_BLOWFISH_CBC		"CKM_BLOWFISH_CBC"
214 #define	SUN_CKM_BLOWFISH_ECB		"CKM_BLOWFISH_ECB"
215 #define	SUN_CKM_AES_CBC			"CKM_AES_CBC"
216 #define	SUN_CKM_AES_CMAC		"CKM_AES_CMAC"
217 #define	SUN_CKM_AES_ECB			"CKM_AES_ECB"
218 #define	SUN_CKM_AES_CTR			"CKM_AES_CTR"
219 #define	SUN_CKM_AES_CCM			"CKM_AES_CCM"
220 #define	SUN_CKM_AES_GCM			"CKM_AES_GCM"
221 #define	SUN_CKM_AES_GMAC		"CKM_AES_GMAC"
222 #define	SUN_CKM_AES_CFB128		"CKM_AES_CFB128"
223 #define	SUN_CKM_RC4			"CKM_RC4"
224 #define	SUN_CKM_RSA_PKCS		"CKM_RSA_PKCS"
225 #define	SUN_CKM_RSA_X_509		"CKM_RSA_X_509"
226 #define	SUN_CKM_MD5_RSA_PKCS		"CKM_MD5_RSA_PKCS"
227 #define	SUN_CKM_SHA1_RSA_PKCS		"CKM_SHA1_RSA_PKCS"
228 #define	SUN_CKM_SHA256_RSA_PKCS		"CKM_SHA256_RSA_PKCS"
229 #define	SUN_CKM_SHA384_RSA_PKCS		"CKM_SHA384_RSA_PKCS"
230 #define	SUN_CKM_SHA512_RSA_PKCS		"CKM_SHA512_RSA_PKCS"
231 #define	SUN_CKM_EC_KEY_PAIR_GEN		"CKM_EC_KEY_PAIR_GEN"
232 #define	SUN_CKM_ECDH1_DERIVE		"CKM_ECDH1_DERIVE"
233 #define	SUN_CKM_ECDSA_SHA1		"CKM_ECDSA_SHA1"
234 #define	SUN_CKM_ECDSA			"CKM_ECDSA"
235 
236 /* Shared operation context format for CKM_RC4 */
237 typedef struct {
238 #if defined(__amd64)
239 	uint32_t	i, j;
240 	uint32_t	arr[256];
241 	uint32_t	flag;
242 #else
243 	uchar_t		arr[256];
244 	uchar_t		i, j;
245 #endif /* __amd64 */
246 	uint64_t	pad;		/* For 64-bit alignment */
247 } arcfour_state_t;
248 
249 /* Data arguments of cryptographic operations */
250 
251 typedef enum crypto_data_format {
252 	CRYPTO_DATA_RAW = 1,
253 	CRYPTO_DATA_UIO,
254 	CRYPTO_DATA_MBLK
255 } crypto_data_format_t;
256 
257 typedef struct crypto_data {
258 	crypto_data_format_t	cd_format;	/* Format identifier	*/
259 	off_t			cd_offset;	/* Offset from the beginning */
260 	size_t			cd_length;	/* # of bytes in use */
261 	caddr_t			cd_miscdata;	/* ancillary data */
262 	union {
263 		/* Raw format */
264 		iovec_t cdu_raw;		/* Pointer and length	    */
265 
266 		/* uio scatter-gather format */
267 		uio_t	*cdu_uio;
268 
269 		/* mblk scatter-gather format */
270 		mblk_t	*cdu_mp;		/* The mblk chain */
271 
272 	} cdu;	/* Crypto Data Union */
273 } crypto_data_t;
274 
275 #define	cd_raw		cdu.cdu_raw
276 #define	cd_uio		cdu.cdu_uio
277 #define	cd_mp		cdu.cdu_mp
278 
279 typedef struct crypto_dual_data {
280 	crypto_data_t		dd_data;	/* The data */
281 	off_t			dd_offset2;	/* Used by dual operation */
282 	size_t			dd_len2;	/* # of bytes to take	*/
283 } crypto_dual_data_t;
284 
285 #define	dd_format	dd_data.cd_format
286 #define	dd_offset1	dd_data.cd_offset
287 #define	dd_len1		dd_data.cd_length
288 #define	dd_miscdata	dd_data.cd_miscdata
289 #define	dd_raw		dd_data.cd_raw
290 #define	dd_uio		dd_data.cd_uio
291 #define	dd_mp		dd_data.cd_mp
292 
293 /* The keys, and their contents */
294 
295 typedef enum {
296 	CRYPTO_KEY_RAW = 1,	/* ck_data is a cleartext key */
297 	CRYPTO_KEY_REFERENCE,	/* ck_obj_id is an opaque reference */
298 	CRYPTO_KEY_ATTR_LIST	/* ck_attrs is a list of object attributes */
299 } crypto_key_format_t;
300 
301 typedef uint64_t crypto_attr_type_t;
302 
303 /* Attribute types to use for passing a RSA public key or a private key. */
304 #define	SUN_CKA_MODULUS			0x00000120
305 #define	SUN_CKA_MODULUS_BITS		0x00000121
306 #define	SUN_CKA_PUBLIC_EXPONENT		0x00000122
307 #define	SUN_CKA_PRIVATE_EXPONENT	0x00000123
308 #define	SUN_CKA_PRIME_1			0x00000124
309 #define	SUN_CKA_PRIME_2			0x00000125
310 #define	SUN_CKA_EXPONENT_1		0x00000126
311 #define	SUN_CKA_EXPONENT_2		0x00000127
312 #define	SUN_CKA_COEFFICIENT		0x00000128
313 #define	SUN_CKA_PRIME			0x00000130
314 #define	SUN_CKA_SUBPRIME		0x00000131
315 #define	SUN_CKA_BASE			0x00000132
316 
317 #define	CKK_EC			0x00000003UL
318 #define	CKK_GENERIC_SECRET	0x00000010UL
319 #define	CKK_RC4			0x00000012UL
320 #define	CKK_AES			0x0000001FUL
321 #define	CKK_DES			0x00000013UL
322 #define	CKK_DES2		0x00000014UL
323 #define	CKK_DES3		0x00000015UL
324 
325 #define	CKO_PUBLIC_KEY		0x00000002UL
326 #define	CKO_PRIVATE_KEY		0x00000003UL
327 #define	CKA_CLASS		0x00000000UL
328 #define	CKA_VALUE		0x00000011UL
329 #define	CKA_KEY_TYPE		0x00000100UL
330 #define	CKA_VALUE_LEN		0x00000161UL
331 #define	CKA_EC_PARAMS		0x00000180UL
332 #define	CKA_EC_POINT		0x00000181UL
333 
334 typedef uint32_t	crypto_object_id_t;
335 
336 typedef struct crypto_object_attribute {
337 	crypto_attr_type_t	oa_type;	/* attribute type */
338 	caddr_t			oa_value;	/* attribute value */
339 	ssize_t			oa_value_len;	/* length of attribute value */
340 } crypto_object_attribute_t;
341 
342 typedef struct crypto_key {
343 	crypto_key_format_t	ck_format;	/* format identifier */
344 	union {
345 		/* for CRYPTO_KEY_RAW ck_format */
346 		struct {
347 			uint_t	cku_v_length;	/* # of bits in ck_data   */
348 			void	*cku_v_data;	/* ptr to key value */
349 		} cku_key_value;
350 
351 		/* for CRYPTO_KEY_REFERENCE ck_format */
352 		crypto_object_id_t cku_key_id;	/* reference to object key */
353 
354 		/* for CRYPTO_KEY_ATTR_LIST ck_format */
355 		struct {
356 			uint_t cku_a_count;	/* number of attributes */
357 			crypto_object_attribute_t *cku_a_oattr;
358 		} cku_key_attrs;
359 	} cku_data;				/* Crypto Key union */
360 } crypto_key_t;
361 
362 #ifdef  _SYSCALL32
363 
364 typedef struct crypto_object_attribute32 {
365 	uint64_t	oa_type;	/* attribute type */
366 	caddr32_t	oa_value;	/* attribute value */
367 	ssize32_t	oa_value_len;	/* length of attribute value */
368 } crypto_object_attribute32_t;
369 
370 typedef struct crypto_key32 {
371 	crypto_key_format_t	ck_format;	/* format identifier */
372 	union {
373 		/* for CRYPTO_KEY_RAW ck_format */
374 		struct {
375 			uint32_t cku_v_length;	/* # of bytes in ck_data */
376 			caddr32_t cku_v_data;	/* ptr to key value */
377 		} cku_key_value;
378 
379 		/* for CRYPTO_KEY_REFERENCE ck_format */
380 		crypto_object_id_t cku_key_id; /* reference to object key */
381 
382 		/* for CRYPTO_KEY_ATTR_LIST ck_format */
383 		struct {
384 			uint32_t cku_a_count;	/* number of attributes */
385 			caddr32_t cku_a_oattr;
386 		} cku_key_attrs;
387 	} cku_data;				/* Crypto Key union */
388 } crypto_key32_t;
389 
390 #endif  /* _SYSCALL32 */
391 
392 #define	ck_data		cku_data.cku_key_value.cku_v_data
393 #define	ck_length	cku_data.cku_key_value.cku_v_length
394 #define	ck_obj_id	cku_data.cku_key_id
395 #define	ck_count	cku_data.cku_key_attrs.cku_a_count
396 #define	ck_attrs	cku_data.cku_key_attrs.cku_a_oattr
397 
398 /*
399  * Raw key lengths are expressed in number of bits.
400  * The following macro returns the minimum number of
401  * bytes that can contain the specified number of bits.
402  * Round up without overflowing the integer type.
403  */
404 #define	CRYPTO_BITS2BYTES(n) ((n) == 0 ? 0 : (((n) - 1) >> 3) + 1)
405 #define	CRYPTO_BYTES2BITS(n) ((n) << 3)
406 
407 /* Providers */
408 
409 typedef enum {
410 	CRYPTO_HW_PROVIDER = 0,
411 	CRYPTO_SW_PROVIDER,
412 	CRYPTO_LOGICAL_PROVIDER
413 } crypto_provider_type_t;
414 
415 typedef uint32_t	crypto_provider_id_t;
416 #define	KCF_PROVID_INVALID	((uint32_t)-1)
417 
418 typedef struct crypto_provider_entry {
419 	crypto_provider_id_t	pe_provider_id;
420 	uint_t			pe_mechanism_count;
421 } crypto_provider_entry_t;
422 
423 typedef struct crypto_dev_list_entry {
424 	char			le_dev_name[MAXNAMELEN];
425 	uint_t			le_dev_instance;
426 	uint_t			le_mechanism_count;
427 } crypto_dev_list_entry_t;
428 
429 /* User type for authentication ioctls and SPI entry points */
430 
431 typedef enum crypto_user_type {
432 	CRYPTO_SO = 0,
433 	CRYPTO_USER
434 } crypto_user_type_t;
435 
436 /* Version for provider management ioctls and SPI entry points */
437 
438 typedef struct crypto_version {
439 	uchar_t	cv_major;
440 	uchar_t	cv_minor;
441 } crypto_version_t;
442 
443 /* session data structure opaque to the consumer */
444 typedef void *crypto_session_t;
445 
446 /* provider data structure opaque to the consumer */
447 typedef void *crypto_provider_t;
448 
449 /* Limits used by both consumers and providers */
450 #define	CRYPTO_EXT_SIZE_LABEL		32
451 #define	CRYPTO_EXT_SIZE_MANUF		32
452 #define	CRYPTO_EXT_SIZE_MODEL		16
453 #define	CRYPTO_EXT_SIZE_SERIAL		16
454 #define	CRYPTO_EXT_SIZE_TIME		16
455 
456 typedef struct crypto_provider_ext_info {
457 	uchar_t			ei_label[CRYPTO_EXT_SIZE_LABEL];
458 	uchar_t			ei_manufacturerID[CRYPTO_EXT_SIZE_MANUF];
459 	uchar_t			ei_model[CRYPTO_EXT_SIZE_MODEL];
460 	uchar_t			ei_serial_number[CRYPTO_EXT_SIZE_SERIAL];
461 	ulong_t			ei_flags;
462 	ulong_t			ei_max_session_count;
463 	ulong_t			ei_max_pin_len;
464 	ulong_t			ei_min_pin_len;
465 	ulong_t			ei_total_public_memory;
466 	ulong_t			ei_free_public_memory;
467 	ulong_t			ei_total_private_memory;
468 	ulong_t			ei_free_private_memory;
469 	crypto_version_t	ei_hardware_version;
470 	crypto_version_t	ei_firmware_version;
471 	uchar_t			ei_time[CRYPTO_EXT_SIZE_TIME];
472 	int			ei_hash_max_input_len;
473 	int			ei_hmac_max_input_len;
474 } crypto_provider_ext_info_t;
475 
476 typedef uint_t		crypto_session_id_t;
477 
478 typedef enum cmd_type {
479 	COPY_FROM_DATA,
480 	COPY_TO_DATA,
481 	COMPARE_TO_DATA,
482 	MD5_DIGEST_DATA,
483 	SHA1_DIGEST_DATA,
484 	SHA2_DIGEST_DATA,
485 	GHASH_DATA
486 } cmd_type_t;
487 
488 #define	CRYPTO_DO_UPDATE	0x01
489 #define	CRYPTO_DO_FINAL		0x02
490 #define	CRYPTO_DO_MD5		0x04
491 #define	CRYPTO_DO_SHA1		0x08
492 #define	CRYPTO_DO_SIGN		0x10
493 #define	CRYPTO_DO_VERIFY	0x20
494 #define	CRYPTO_DO_SHA2		0x40
495 
496 #define	PROVIDER_OWNS_KEY_SCHEDULE	0x00000001
497 
498 /*
499  * Common cryptographic status and error codes.
500  */
501 #define	CRYPTO_SUCCESS				0x00000000
502 #define	CRYPTO_CANCEL				0x00000001
503 #define	CRYPTO_HOST_MEMORY			0x00000002
504 #define	CRYPTO_GENERAL_ERROR			0x00000003
505 #define	CRYPTO_FAILED				0x00000004
506 #define	CRYPTO_ARGUMENTS_BAD			0x00000005
507 #define	CRYPTO_ATTRIBUTE_READ_ONLY		0x00000006
508 #define	CRYPTO_ATTRIBUTE_SENSITIVE		0x00000007
509 #define	CRYPTO_ATTRIBUTE_TYPE_INVALID		0x00000008
510 #define	CRYPTO_ATTRIBUTE_VALUE_INVALID		0x00000009
511 #define	CRYPTO_CANCELED				0x0000000A
512 #define	CRYPTO_DATA_INVALID			0x0000000B
513 #define	CRYPTO_DATA_LEN_RANGE			0x0000000C
514 #define	CRYPTO_DEVICE_ERROR			0x0000000D
515 #define	CRYPTO_DEVICE_MEMORY			0x0000000E
516 #define	CRYPTO_DEVICE_REMOVED			0x0000000F
517 #define	CRYPTO_ENCRYPTED_DATA_INVALID		0x00000010
518 #define	CRYPTO_ENCRYPTED_DATA_LEN_RANGE		0x00000011
519 #define	CRYPTO_KEY_HANDLE_INVALID		0x00000012
520 #define	CRYPTO_KEY_SIZE_RANGE			0x00000013
521 #define	CRYPTO_KEY_TYPE_INCONSISTENT		0x00000014
522 #define	CRYPTO_KEY_NOT_NEEDED			0x00000015
523 #define	CRYPTO_KEY_CHANGED			0x00000016
524 #define	CRYPTO_KEY_NEEDED			0x00000017
525 #define	CRYPTO_KEY_INDIGESTIBLE			0x00000018
526 #define	CRYPTO_KEY_FUNCTION_NOT_PERMITTED	0x00000019
527 #define	CRYPTO_KEY_NOT_WRAPPABLE		0x0000001A
528 #define	CRYPTO_KEY_UNEXTRACTABLE		0x0000001B
529 #define	CRYPTO_MECHANISM_INVALID		0x0000001C
530 #define	CRYPTO_MECHANISM_PARAM_INVALID		0x0000001D
531 #define	CRYPTO_OBJECT_HANDLE_INVALID		0x0000001E
532 #define	CRYPTO_OPERATION_IS_ACTIVE		0x0000001F
533 #define	CRYPTO_OPERATION_NOT_INITIALIZED	0x00000020
534 #define	CRYPTO_PIN_INCORRECT			0x00000021
535 #define	CRYPTO_PIN_INVALID			0x00000022
536 #define	CRYPTO_PIN_LEN_RANGE			0x00000023
537 #define	CRYPTO_PIN_EXPIRED			0x00000024
538 #define	CRYPTO_PIN_LOCKED			0x00000025
539 #define	CRYPTO_SESSION_CLOSED			0x00000026
540 #define	CRYPTO_SESSION_COUNT			0x00000027
541 #define	CRYPTO_SESSION_HANDLE_INVALID		0x00000028
542 #define	CRYPTO_SESSION_READ_ONLY		0x00000029
543 #define	CRYPTO_SESSION_EXISTS			0x0000002A
544 #define	CRYPTO_SESSION_READ_ONLY_EXISTS		0x0000002B
545 #define	CRYPTO_SESSION_READ_WRITE_SO_EXISTS	0x0000002C
546 #define	CRYPTO_SIGNATURE_INVALID		0x0000002D
547 #define	CRYPTO_SIGNATURE_LEN_RANGE		0x0000002E
548 #define	CRYPTO_TEMPLATE_INCOMPLETE		0x0000002F
549 #define	CRYPTO_TEMPLATE_INCONSISTENT		0x00000030
550 #define	CRYPTO_UNWRAPPING_KEY_HANDLE_INVALID	0x00000031
551 #define	CRYPTO_UNWRAPPING_KEY_SIZE_RANGE	0x00000032
552 #define	CRYPTO_UNWRAPPING_KEY_TYPE_INCONSISTENT	0x00000033
553 #define	CRYPTO_USER_ALREADY_LOGGED_IN		0x00000034
554 #define	CRYPTO_USER_NOT_LOGGED_IN		0x00000035
555 #define	CRYPTO_USER_PIN_NOT_INITIALIZED		0x00000036
556 #define	CRYPTO_USER_TYPE_INVALID		0x00000037
557 #define	CRYPTO_USER_ANOTHER_ALREADY_LOGGED_IN	0x00000038
558 #define	CRYPTO_USER_TOO_MANY_TYPES		0x00000039
559 #define	CRYPTO_WRAPPED_KEY_INVALID		0x0000003A
560 #define	CRYPTO_WRAPPED_KEY_LEN_RANGE		0x0000003B
561 #define	CRYPTO_WRAPPING_KEY_HANDLE_INVALID	0x0000003C
562 #define	CRYPTO_WRAPPING_KEY_SIZE_RANGE		0x0000003D
563 #define	CRYPTO_WRAPPING_KEY_TYPE_INCONSISTENT	0x0000003E
564 #define	CRYPTO_RANDOM_SEED_NOT_SUPPORTED	0x0000003F
565 #define	CRYPTO_RANDOM_NO_RNG			0x00000040
566 #define	CRYPTO_DOMAIN_PARAMS_INVALID		0x00000041
567 #define	CRYPTO_BUFFER_TOO_SMALL			0x00000042
568 #define	CRYPTO_INFORMATION_SENSITIVE		0x00000043
569 #define	CRYPTO_NOT_SUPPORTED			0x00000044
570 
571 #define	CRYPTO_QUEUED				0x00000045
572 #define	CRYPTO_BUFFER_TOO_BIG			0x00000046
573 #define	CRYPTO_INVALID_CONTEXT			0x00000047
574 #define	CRYPTO_INVALID_MAC			0x00000048
575 #define	CRYPTO_MECH_NOT_SUPPORTED		0x00000049
576 #define	CRYPTO_INCONSISTENT_ATTRIBUTE		0x0000004A
577 #define	CRYPTO_NO_PERMISSION			0x0000004B
578 #define	CRYPTO_INVALID_PROVIDER_ID		0x0000004C
579 #define	CRYPTO_VERSION_MISMATCH			0x0000004D
580 #define	CRYPTO_BUSY				0x0000004E
581 #define	CRYPTO_UNKNOWN_PROVIDER			0x0000004F
582 #define	CRYPTO_MODVERIFICATION_FAILED		0x00000050
583 #define	CRYPTO_OLD_CTX_TEMPLATE			0x00000051
584 #define	CRYPTO_WEAK_KEY				0x00000052
585 #define	CRYPTO_FIPS140_ERROR			0x00000053
586 /*
587  * Don't forget to update CRYPTO_LAST_ERROR and the error_number_table[]
588  * in kernelUtil.c when new error code is added.
589  */
590 #define	CRYPTO_LAST_ERROR			0x00000053
591 
592 /*
593  * Special values that can be used to indicate that information is unavailable
594  * or that there is not practical limit. These values can be used
595  * by fields of the SPI crypto_provider_ext_info(9S) structure.
596  * The value of CRYPTO_UNAVAILABLE_INFO should be the same as
597  * CK_UNAVAILABLE_INFO in the PKCS#11 spec.
598  */
599 #define	CRYPTO_UNAVAILABLE_INFO		((ulong_t)(-1))
600 #define	CRYPTO_EFFECTIVELY_INFINITE	0x0
601 
602 #ifdef __cplusplus
603 }
604 #endif
605 
606 #endif /* _SYS_CRYPTO_COMMON_H */
607