1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #ifndef _SLP_AMI_H 28 #define _SLP_AMI_H 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 #ifdef __cplusplus 33 extern "C" { 34 #endif 35 36 #include <sys/types.h> 37 38 typedef struct ami_oid { 39 unsigned short count; 40 unsigned long *value; 41 } ami_oid; 42 43 typedef struct Any { 44 unsigned long length; 45 unsigned char *value; 46 } Any; 47 48 typedef struct ami_rdn_seq *ami_dname; 49 50 typedef struct ami_name { 51 unsigned short choice; 52 #define distinguishedName_chosen 1 53 union { 54 struct ami_rdn_seq *distinguishedName; 55 } u; 56 } ami_name; 57 58 typedef struct ami_rdn_seq { 59 struct ami_rdn_seq *next; 60 struct ami_rdname *value; 61 } *ami_rdn_seq; 62 63 typedef struct ami_rdname { 64 struct ami_rdname *next; 65 struct ami_ava *value; 66 } *ami_rdname; 67 68 typedef Any ami_attr_value; 69 70 typedef struct ami_ava { 71 struct ami_oid *objid; 72 ami_attr_value *value; 73 } ami_ava; 74 75 typedef struct ami_attr_list { 76 struct ami_attr_list *next; 77 struct ami_attr *value; 78 } *ami_attr_list; 79 80 typedef struct ami_attr { 81 struct ami_oid *type; 82 struct ami_attr_value_set *values; 83 } ami_attr; 84 85 typedef struct ami_attr_value_set { 86 struct ami_attr_value_set *next; 87 ami_attr_value *value; 88 } *ami_attr_value_set; 89 90 typedef struct CaseIgnoreString { 91 unsigned short choice; 92 #define CaseIgnoreString_t61String_chosen 1 93 #define CaseIgnoreString_printableString_chosen 2 94 union { 95 char *CaseIgnoreString_t61String; 96 char *CaseIgnoreString_printableString; 97 } u; 98 } CaseIgnoreString; 99 100 typedef CaseIgnoreString ami_case_ignore_string; 101 102 typedef char *ami_printable_string; 103 104 typedef struct ami_cert_pair { 105 struct ami_cert *forward; /* NULL for not present */ 106 struct ami_cert *reverse; /* NULL for not present */ 107 } ami_cert_pair; 108 109 typedef struct ami_cert_serialnum { 110 unsigned short length; 111 unsigned char *value; 112 } ami_cert_serialnum; 113 114 typedef struct ami_cert_info { 115 unsigned char bit_mask; 116 #define version_present 0x80 117 #define extensions_present 0x40 118 int version; /* default assumed if omitted */ 119 #define version_v1 0 120 #define version_v2 1 121 #define version_v3 2 122 ami_cert_serialnum serial; 123 struct ami_algid *signature; 124 struct ami_name *issuer; 125 struct ami_validity *validity; 126 struct ami_name *subject; 127 struct ami_pubkey_info *pubKeyInfo; 128 struct ami_uid *issuerUID; /* NULL for not present */ 129 struct ami_uid *subjectUID; /* NULL for not present */ 130 struct ami_cert_extn_list *extensions; /* optional */ 131 } ami_cert_info; 132 133 typedef struct ami_bitstring { 134 unsigned int length; /* number of significant bits */ 135 unsigned char *value; 136 } ami_bitstring; 137 138 typedef struct ami_cert { 139 ami_cert_info info; 140 struct ami_algid *algorithm; 141 ami_bitstring signature; 142 } ami_cert; 143 144 typedef struct ami_uid { 145 unsigned int length; /* number of significant bits */ 146 unsigned char *value; 147 } ami_uid; 148 149 typedef struct ami_octetstring { 150 unsigned int length; 151 unsigned char *value; 152 } ami_octetstring; 153 154 typedef int ami_cert_version; 155 #define CertificateVersion_v1 0 156 #define CertificateVersion_v2 1 157 #define CertificateVersion_v3 2 158 159 typedef char amiBoolean; 160 161 typedef struct { 162 short year; /* YYYY format when used for GeneralizedTime */ 163 /* YY format when used for UTCTime */ 164 short month; 165 short day; 166 short hour; 167 short minute; 168 short second; 169 short millisec; 170 short mindiff; /* UTC +/- minute differential */ 171 amiBoolean utc; /* TRUE means UTC time */ 172 } GeneralizedTime; 173 174 typedef GeneralizedTime UTCTime; 175 176 typedef struct ami_validity { 177 UTCTime *notBefore; 178 UTCTime *notAfter; 179 } ami_validity; 180 181 typedef struct ami_pubkey_info { 182 struct ami_algid *algorithm; 183 ami_bitstring pubKey; 184 } ami_pubkey_info; 185 186 typedef Any ami_alg_params; 187 188 typedef struct ami_algid { 189 struct ami_oid *algorithm; 190 ami_alg_params *parameters; /* NULL for not present */ 191 } ami_algid; 192 193 194 typedef struct ami_cert_extn { 195 unsigned char bit_mask; 196 #define critical_present 0x80 197 struct ami_oid *extend; 198 amiBoolean critical; 199 ami_octetstring extnValue; 200 } ami_cert_extn; 201 202 typedef struct ami_cert_extn_list { 203 struct ami_cert_extn_list *next; 204 struct ami_cert_extn *value; 205 } *ami_cert_extn_list; 206 207 typedef struct ami_cert_list_contents { 208 unsigned char bit_mask; 209 #define nextUpdate_present 0x80 210 #define CertListContents_revokedCertificates_present 0x40 211 ami_algid signature; 212 ami_name issuer; 213 UTCTime thisUpdate; 214 UTCTime nextUpdate; 215 struct _seqof1 { 216 struct _seqof1 *next; 217 struct { 218 ami_cert_serialnum userCertificate; 219 UTCTime revocationDate; 220 } value; 221 } *CertListContents_revokedCertificates; 222 } ami_cert_list_contents; 223 224 typedef struct ami_cert_list { 225 ami_cert_list_contents certListContents; 226 ami_algid algId; 227 ami_bitstring signature; 228 } ami_cert_list; 229 230 typedef struct ami_rc2_cbc_param { 231 unsigned short choice; 232 #define iv_chosen 1 233 #define sequence_chosen 2 234 union { 235 ami_octetstring iv; 236 struct _seq1 { 237 int version; 238 ami_octetstring iv; 239 } sequence; 240 } u; 241 } ami_rc2_cbc_param; 242 243 typedef int INT; 244 245 typedef struct ami_keypkg_info { 246 unsigned char bit_mask; 247 #define keypkgAttrs_present 0x80 248 #define tKeys_present 0x40 249 char *version; 250 char *keypkgId; 251 struct ami_name *owner; 252 struct ami_pubkey_info *pubKeyInfo; 253 struct ami_encr_privkey_info *encrPrivKeyInfo; 254 struct ami_attr_list *keypkgAttrs; /* optional */ 255 int usage; 256 struct ami_tkey_list *tKeys; /* optional */ 257 } ami_keypkg_info; 258 259 typedef struct ami_keypkg { 260 ami_keypkg_info info; 261 struct ami_algid *algorithm; 262 ami_bitstring signature; 263 } ami_keypkg; 264 265 typedef struct ami_tkey_list { 266 struct ami_tkey_list *next; 267 struct ami_tkey *value; 268 } *ami_tkey_list; 269 270 typedef struct ami_tkey { 271 unsigned char bit_mask; 272 #define TrustedKey_extensions_present 0x80 273 struct ami_name *owner; 274 struct ami_pubkey_info *pubKeyInfo; 275 struct ami_name *issuer; /* NULL for not present */ 276 struct ami_validity *validity; /* NULL for not present */ 277 struct ami_cert_serialnum *serial; /* NULL for not present */ 278 struct ami_cert_extn_list *TrustedKey_extensions; /* optional */ 279 } ami_tkey; 280 281 typedef struct ami_serv_key_info { 282 Any keyAlgId; 283 int uid; 284 int flags; 285 Any privKey; 286 char *keypkgId; 287 char *hostIP; 288 Any keypkg; 289 } ami_serv_key_info; 290 291 typedef struct _octet1 { 292 unsigned int length; 293 unsigned char *value; 294 } _octet1; 295 296 typedef struct ami_digest_info { 297 struct ami_algid *digestAlgorithm; 298 _octet1 digest; 299 } ami_digest_info; 300 301 typedef struct ami_crl_set { 302 struct ami_crl_set *next; 303 struct ami_crl *value; 304 } *ami_crl_set; 305 306 typedef struct ami_crl_entry { 307 int userCertificate; 308 UTCTime *revocationDate; 309 } ami_crl_entry; 310 311 typedef struct ami_crl_info { 312 unsigned char bit_mask; 313 #define CertificateRevocationListInfo_revokedCertificates_present 0x80 314 struct ami_algid *signature; 315 struct ami_name *issuer; 316 UTCTime *lastUpdate; 317 UTCTime *nextUpdate; 318 struct _seqof2 { 319 struct _seqof2 *next; 320 ami_crl_entry value; 321 } *CertificateRevocationListInfo_revokedCertificates; 322 } ami_crl_info; 323 324 typedef struct ami_crl { 325 ami_crl_info info; 326 struct ami_algid *algorithm; 327 ami_bitstring signature; 328 } ami_crl; 329 330 typedef struct ami_pbe_param { 331 struct { 332 unsigned short length; 333 unsigned char value[8]; 334 } salt; 335 int iterationCount; 336 } ami_pbe_param; 337 338 typedef struct ami_extcert_info { 339 int version; 340 struct ami_cert *certificate; 341 struct ami_attr_list *attributes; 342 } ami_extcert_info; 343 344 typedef struct ami_extcert { 345 struct ami_extcert_info *extendedCertificateInfo; 346 struct ami_algid *signatureAlgorithm; 347 ami_bitstring signature; 348 } ami_extcert; 349 350 typedef struct ami_extcerts_and_certs { 351 struct ami_extcerts_and_certs *next; 352 struct ami_extcert_or_cert *value; 353 } *ami_extcerts_and_certs; 354 355 typedef struct ami_extcert_or_cert { 356 unsigned short choice; 357 #define cert_chosen 1 358 #define extendedCert_chosen 2 359 union { 360 struct ami_cert *cert; 361 struct ami_extcert *extendedCert; 362 } u; 363 } ami_extcert_or_cert; 364 365 typedef Any Content; 366 367 typedef struct ami_content_info { 368 struct ami_oid *contentType; 369 Content *content; /* NULL for not present */ 370 } ami_content_info; 371 372 typedef struct ami_content_info_fm { 373 struct ami_oid *contentType; 374 Content *content; /* NULL for not present */ 375 } ami_content_info_fm; 376 377 typedef struct ami_enveloped_data { 378 int version; 379 struct ami_rcpt_info_list *recipientInfos; 380 struct ami_encr_content_info *encryptedContentInfo; 381 } ami_enveloped_data; 382 383 typedef struct ami_encr_data { 384 int version; 385 struct ami_encr_content_info *encryptedContentInfo; 386 } ami_encr_data; 387 388 typedef struct ami_signed_data { 389 unsigned char bit_mask; 390 #define SignedData_certs_present 0x80 391 #define SignedData_crls_present 0x40 392 int version; 393 struct ami_digest_alg_list *digestAlgorithms; 394 struct ami_content_info *contentInfo; 395 struct ami_extcerts_and_certs *SignedData_certs; /* optional */ 396 struct ami_crl_set *SignedData_crls; /* optional */ 397 struct ami_signer_info_list *signerInfos; 398 } ami_signed_data; 399 400 typedef struct ami_signed_data_fm { 401 unsigned char bit_mask; 402 #define SignedDataFm_certs_present 0x80 403 #define SignedDataFm_crls_present 0x40 404 int version; 405 struct ami_digest_alg_list *digestAlgorithms; 406 struct ami_content_info_fm *contentInfo; 407 struct ami_extcerts_and_certs *SignedDataFm_certs; /* optional */ 408 struct ami_crl_set *SignedDataFm_crls; /* optional */ 409 struct ami_signer_info_list *signerInfos; 410 } ami_signed_data_fm; 411 412 typedef struct ami_rcpt_info_list { 413 struct ami_rcpt_info_list *next; 414 struct ami_rcpt_info *value; 415 } *ami_rcpt_info_list; 416 417 typedef struct ami_encr_content_info { 418 struct ami_oid *contentType; 419 struct ami_algid *contentEncryptionAlgorithm; 420 struct ami_encr_content *encryptedContent; /* NULL for not present */ 421 } ami_encr_content_info; 422 423 typedef struct ami_pkcs_data { 424 unsigned int length; 425 unsigned char *value; 426 } ami_pkcs_data; 427 428 typedef struct ami_pkcs_data_fm { 429 unsigned int length; 430 unsigned char *value; 431 } ami_pkcs_data_fm; 432 433 typedef struct ami_encr_content { 434 unsigned int length; 435 unsigned char *value; 436 } ami_encr_content; 437 438 typedef struct ami_rcpt_info { 439 int version; 440 struct ami_issuer_and_serialnum *issuerAndSerialNumber; 441 struct ami_algid *keyEncryptionAlgorithm; 442 _octet1 encryptedKey; 443 } ami_rcpt_info; 444 445 typedef struct ami_signer_info { 446 unsigned char bit_mask; 447 #define authenticatedAttributes_present 0x80 448 #define unauthenticatedAttributes_present 0x40 449 int version; 450 struct ami_issuer_and_serialnum *issuerAndSerialNumber; 451 struct ami_algid *digestAlgorithm; 452 struct ami_attr_list *authenticatedAttributes; /* optional */ 453 struct ami_algid *digestEncryptionAlgorithm; 454 _octet1 encryptedDigest; 455 struct ami_attr_list *unauthenticatedAttributes; /* optional */ 456 } ami_signer_info; 457 458 typedef struct ami_signer_info_list { 459 struct ami_signer_info_list *next; 460 struct ami_signer_info *value; 461 } *ami_signer_info_list; 462 463 typedef struct ami_issuer_and_serialnum { 464 struct ami_name *issuer; 465 ami_cert_serialnum serial; 466 } ami_issuer_and_serialnum; 467 468 typedef struct ami_digest_alg_list { 469 struct ami_digest_alg_list *next; 470 struct ami_algid *value; 471 } *ami_digest_alg_list; 472 473 typedef struct ami_privkey_info { 474 unsigned char bit_mask; 475 #define attributes_present 0x80 476 int version; 477 struct ami_algid *privateKeyAlgorithm; 478 _octet1 privateKey; 479 struct ami_attr_list *attributes; /* optional */ 480 } ami_privkey_info; 481 482 typedef struct ami_encr_privkey_info { 483 struct ami_algid *encryptionAlgorithm; 484 ami_octetstring encryptedData; 485 } ami_encr_privkey_info; 486 487 typedef struct ami_certreq_info { 488 int version; 489 struct ami_name *subject; 490 struct ami_pubkey_info *pubKeyInfo; 491 struct ami_attr_list *attributes; 492 } ami_certreq_info; 493 494 typedef struct ami_certreq { 495 ami_certreq_info info; 496 struct ami_algid *algorithm; 497 ami_bitstring signature; 498 } ami_certreq; 499 500 typedef struct ami_challenge_pwd { 501 unsigned short choice; 502 #define ChallengePassword_printableString_chosen 1 503 #define ChallengePassword_t61String_chosen 2 504 union { 505 char *ChallengePassword_printableString; 506 char *ChallengePassword_t61String; 507 } u; 508 } ami_challenge_pwd; 509 510 typedef char *ami_email_addr; 511 512 typedef struct ami_pubkey_and_challenge { 513 struct ami_pubkey_info *spki; 514 char *challenge; 515 } ami_pubkey_and_challenge; 516 517 typedef struct ami_signed_pubkey_and_challenge { 518 ami_pubkey_and_challenge pubKeyAndChallenge; 519 struct ami_algid *sigAlg; 520 ami_bitstring signature; 521 } ami_signed_pubkey_and_challenge; 522 523 extern ami_oid *AMI_MD2_OID; 524 extern ami_oid *AMI_MD4_OID; 525 extern ami_oid *AMI_MD5_OID; 526 extern ami_oid *AMI_SHA_1_OID; 527 extern ami_oid *AMI_RSA_ENCR_OID; 528 extern ami_oid *AMI_MD2WithRSAEncryption_OID; 529 extern ami_oid *AMI_MD5WithRSAEncryption_OID; 530 extern ami_oid *AMI_DSA_OID; 531 extern ami_oid *AMI_SHA1WithDSASignature_OID; 532 extern ami_oid *AMI_DES_ECB_OID; 533 extern ami_oid *AMI_DES_CBC_OID; 534 extern ami_oid *AMI_DES3_CBC_OID; 535 extern ami_oid *AMI_DES_MAC_OID; 536 extern ami_oid *AMI_RC2_CBC_OID; 537 extern ami_oid *AMI_RC4_OID; 538 539 /* 540 * Misc. AlgIDs 541 */ 542 extern struct ami_algid *AMI_RSA_ENCR_AID; 543 extern struct ami_algid *AMI_MD2WithRSAEncryption_AID; 544 extern struct ami_algid *AMI_MD5WithRSAEncryption_AID; 545 extern struct ami_algid *AMI_DSA_AID; 546 extern struct ami_algid *AMI_SHA1WithDSASignature_AID; 547 extern struct ami_algid *AMI_DH_AID; 548 extern struct ami_algid *AMI_MD2_AID; 549 extern struct ami_algid *AMI_MD4_AID; 550 extern struct ami_algid *AMI_MD5_AID; 551 extern struct ami_algid *AMI_SHA1_AID; 552 extern struct ami_algid *AMI_RC4_AID; 553 554 /* Algorithm types */ 555 typedef enum { 556 AMI_OTHER_ALG = -1, 557 AMI_SYM_ENC_ALG, 558 AMI_ASYM_ENC_ALG, 559 AMI_HASH_ALG, 560 AMI_SIG_ALG, 561 AMI_KEYED_INTEGRITY_ALG 562 } ami_alg_type; 563 564 /* Parameter types */ 565 typedef enum { 566 AMI_PARM_OTHER = -1, 567 AMI_PARM_ABSENT, 568 AMI_PARM_INTEGER, 569 AMI_PARM_OCTETSTRING, 570 AMI_PARM_NULL, 571 AMI_PARM_RC2_CBC, 572 AMI_PARM_PBE 573 } ami_parm_type; 574 575 /* Algorithm table */ 576 #define AMI_NO_EXPORT_KEYSIZE_LIMIT 0 577 typedef struct ami_alg_list { 578 ami_oid *oid; 579 char *name; 580 ami_alg_type algType; 581 ami_parm_type parmType; 582 size_t keysize_limit; 583 } ami_alg_list; 584 585 /* 586 * AMI function return values 587 */ 588 589 #define AMI_OK 0 590 #define AMI_EBUFSIZE 1 591 #define AMI_ENOMEM 2 /* ENOMEM MUST be 2 */ 592 #define AMI_BAD_FILE 3 593 #define AMI_FILE_NOT_FOUND 4 594 #define AMI_FILE_IO_ERR 5 595 #define AMI_BAD_PASSWD 6 596 #define AMI_UNKNOWN_USER 7 597 #define AMI_ALGORITHM_UNKNOWN 8 598 #define AMI_ASN1_ENCODE_ERR 9 599 #define AMI_ASN1_DECODE_ERR 10 600 #define AMI_BAD_KEY 11 601 #define AMI_KEYGEN_ERR 12 602 #define AMI_ENCRYPT_ERR 13 603 #define AMI_DECRYPT_ERR 14 604 #define AMI_SIGN_ERR 15 605 #define AMI_VERIFY_ERR 16 606 #define AMI_DIGEST_ERR 17 607 #define AMI_OUTPUT_FORMAT_ERR 18 608 #define AMI_SYSTEM_ERR 19 /* General Errors */ 609 #define AMI_ATTRIBUTE_UNKNOWN 20 610 #define AMI_AMILOGIN_ERR 21 611 #define AMI_AMILOGOUT_ERR 22 612 #define AMI_NO_SUCH_ENTRY 23 613 #define AMI_ENTRY_ALREADY_EXISTS 24 614 #define AMI_AMISERV_DECRYPT_ERR 25 615 #define AMI_AMISERV_SIGN_ERR 26 616 #define AMI_USER_DID_NOT_AMILOGIN 27 617 #define AMI_AMISERV_CONNECT 28 618 #define AMI_KEYPKG_NOT_FOUND 29 619 #define AMI_TIME_INVALID 30 620 #define AMI_UNTRUSTED_PUBLIC_KEY 31 621 #define AMI_EPARM 32 /* EPARM MUST be 32 */ 622 #define AMI_BINARY_TO_RFC1421_ERR 33 623 #define AMI_RFC1421_TO_BINARY_ERR 34 624 #define AMI_RANDOM_NUM_ERR 35 625 #define AMI_XFN_ERR 36 626 #define AMI_CERT_CHAIN_ERR 37 627 #define AMI_RDN_MISSING_EQUAL 38 628 #define AMI_AVA_TYPE_MISSING 39 629 #define AMI_AVA_VALUE_MISSING 40 630 #define AMI_CERT_NOT_FOUND 41 631 #define AMI_DN_NOT_FOUND 42 632 #define AMI_CRITICAL_EXTNS_ERR 43 633 #define AMI_ASN1_INIT_ERROR 44 634 #define AMI_WRAP_ERROR 45 635 #define AMI_UNWRAP_ERROR 46 636 #define AMI_UNSUPPORTED_KEY_TYPE 47 637 #define AMI_DH_PART1_ERR 48 638 #define AMI_DH_PART2_ERR 49 639 #define AMI_DOUBLE_ENCRYPT 50 640 #define AMI_AMISERV_KEYPKG_UPDATE 51 641 #define AMI_AMISERV_STAT_ERR 52 642 #define AMI_GLOBAL_ERR 53 643 #define AMI_TRUSTED_KEY_EXPIRED 54 644 #define AMI_OPEN_ERR 55 645 #define AMI_TOTAL_ERRNUM 56 646 #define AMI_CERT_ERR 57 647 #define AMI_KEYPKG_ERR 58 648 649 /* flags for ami_encrypt, ami_decrypt, ami_sign, ami_verify, ami_digest */ 650 #define AMI_ADD_DATA 1 651 #define AMI_END_DATA 2 652 #define AMI_DIGESTED_DATA 3 /* for ami_verify for digested data */ 653 654 /* AMI Handle and status */ 655 typedef struct ami_handle ami_handle_t; 656 657 /* AMI return variable */ 658 typedef int AMI_STATUS; 659 660 /* 661 * Parameter 662 */ 663 664 typedef struct ami_rsa_keygen_param_t { 665 uint_t modulusBits; 666 uchar_t *publicExponent; /* const */ 667 size_t publicExponentLen; 668 } ami_rsa_keygen_param; 669 670 typedef struct ami_des_keygen_param_t { 671 uchar_t *saltVal; /* const */ 672 size_t saltLen; 673 char *passwd; /* const */ 674 int iterationCount; 675 } ami_des_keygen_param; 676 677 /* 678 * PROTOTYPES should be set to one if and only if the compiler supports 679 * function argument prototyping. 680 * The following makes PROTOTYPES default to 1 if it has not already been 681 * defined as 0 with C compiler flags. 682 */ 683 #ifndef PROTOTYPES 684 #define PROTOTYPES 1 685 #endif 686 687 /* 688 * PROTO_LIST is defined depending on how PROTOTYPES is defined above. 689 * If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it 690 * returns an empty list. 691 */ 692 693 #if PROTOTYPES 694 #define PROTO_LIST(list) list 695 #else 696 #define PROTO_LIST(list) () 697 #endif 698 699 /* 700 * AMI prototypes 701 */ 702 703 /* Init and Terminate a AMI session */ 704 AMI_STATUS ami_init PROTO_LIST(( 705 ami_handle_t **, 706 const char *, 707 const char *, 708 const uint_t, 709 const uint_t, 710 const char *)); 711 712 AMI_STATUS ami_end PROTO_LIST(( 713 ami_handle_t *)); 714 715 char *ami_strerror PROTO_LIST(( 716 ami_handle_t *, 717 const AMI_STATUS)); /* errno */ 718 719 /* Key generation */ 720 AMI_STATUS ami_gen_des_key PROTO_LIST(( 721 const ami_handle_t *, /* IN: ami handle */ 722 uchar_t **, /* OUT: DES session key */ 723 ami_alg_params **)); /* OUT: IV */ 724 725 AMI_STATUS ami_gen_des3_key PROTO_LIST(( 726 const ami_handle_t *, /* IN: ami handle */ 727 uchar_t **, /* OUT: triple DES session key */ 728 ami_alg_params **)); /* OUT: IV */ 729 730 AMI_STATUS ami_gen_rc2_key PROTO_LIST(( 731 const ami_handle_t *, /* IN: AMI handle */ 732 const size_t, /* IN: key length */ 733 const uint_t, /* IN: effective key size in bits */ 734 uchar_t **, /* OUT: RC2 session key */ 735 ami_alg_params **)); /* OUT: RC2 parameter */ 736 737 AMI_STATUS ami_gen_rc4_key PROTO_LIST(( 738 const ami_handle_t *, /* IN: ami handle */ 739 const size_t, /* IN: key length in bytes */ 740 uchar_t **)); /* OUT: RC4 key */ 741 742 AMI_STATUS ami_gen_rsa_keypair PROTO_LIST(( 743 const ami_handle_t *, /* IN: ami handle */ 744 const ami_rsa_keygen_param *, /* IN: keypair generation parameters */ 745 const uchar_t *, 746 const size_t, 747 uchar_t **, /* OUT: public key */ 748 size_t *, /* OUT: public key length */ 749 uchar_t **, /* OUT: private key */ 750 size_t *)); /* OUT: private key length */ 751 752 /* crypto */ 753 AMI_STATUS ami_digest PROTO_LIST(( 754 ami_handle_t *, /* IN: ami handle */ 755 const uchar_t *, /* IN: input data */ 756 const size_t, /* IN: length of data in bytes */ 757 const int, /* IN: more input data flag */ 758 const ami_algid *, /* IN: digest algorithm */ 759 uchar_t **, /* OUT: digest */ 760 size_t *)); /* OUT: length of digest */ 761 AMI_STATUS ami_sign PROTO_LIST(( 762 ami_handle_t *, /* IN: ami handle */ 763 const uchar_t *, /* IN: data to be signed */ 764 const size_t, /* IN: data length */ 765 const int, /* IN: more input data flag */ 766 const ami_algid *, /* IN: signature key algorithm */ 767 const uchar_t *, /* IN: signature key */ 768 const size_t, /* IN: signature key length */ 769 const ami_algid *, /* IN: signature algorithm */ 770 uchar_t **, /* OUT: signature */ 771 size_t *)); /* OUT: signature length */ 772 AMI_STATUS ami_verify PROTO_LIST(( 773 ami_handle_t *, /* IN: ami handle */ 774 const uchar_t *, /* IN: data to be verified */ 775 const size_t, /* IN: data length */ 776 const int, /* IN: more input data flag */ 777 const ami_algid *, /* IN: verification key algorithm */ 778 const uchar_t *, /* IN: verification key */ 779 const size_t, /* IN: verification key length */ 780 const ami_algid *, /* IN: verification algorithm */ 781 const uchar_t *, /* IN: signature */ 782 const size_t)); /* IN: signature length */ 783 AMI_STATUS ami_encrypt PROTO_LIST(( 784 ami_handle_t *, /* IN: ami handle */ 785 const uchar_t *, /* IN: input data */ 786 const size_t, /* IN: input data length */ 787 const int, /* IN: more input data flag */ 788 const ami_algid *, /* IN: encryption key algorithm */ 789 const uchar_t *, /* IN: encryption key */ 790 const size_t, /* IN: encryption key length */ 791 const ami_algid *, /* IN: encryption algorithm */ 792 uchar_t **, /* OUT: ciphertext */ 793 size_t *)); /* OUT: ciphertext length */ 794 AMI_STATUS ami_decrypt PROTO_LIST(( 795 ami_handle_t *, /* IN: ami handle */ 796 const uchar_t *, /* IN: ciphertext */ 797 const size_t, /* IN: ciphertext length */ 798 const int, /* IN: more input data flag */ 799 const ami_algid *, /* IN: decryption key algorithm */ 800 const uchar_t *, /* IN: decryption key */ 801 const size_t, /* IN: decryption key length */ 802 const ami_algid *, /* IN: decryption algorithm */ 803 uchar_t **, /* OUT: cleartext */ 804 size_t *)); /* OUT: cleartext length */ 805 AMI_STATUS ami_wrap_key PROTO_LIST(( 806 const ami_handle_t *, /* IN: ami handle */ 807 const uchar_t *, /* IN: key to be wrapped */ 808 const size_t, /* IN: length of key to be wrapped */ 809 const ami_algid *, /* IN: wrapping key algorithm */ 810 const uchar_t *, /* IN: wrapping key */ 811 const size_t, /* IN: wrapping key length */ 812 const ami_algid *, /* IN: wrapping algorithm */ 813 uchar_t **, /* OUT: wrapped key */ 814 size_t *)); /* IN/OUT: wrapped key length */ 815 AMI_STATUS ami_unwrap_key PROTO_LIST(( 816 const ami_handle_t *, /* IN: ami handle */ 817 const uchar_t *, /* IN: wrapped key */ 818 const size_t, /* IN: wrapped key length */ 819 const ami_algid *, /* IN: unwrapping key algorithm */ 820 const uchar_t *, /* IN: unwrapping key */ 821 const size_t, /* IN: unwrapping key length */ 822 const ami_algid *, /* IN: unwrapping algorithm */ 823 uchar_t **, /* OUT: unwrapped key */ 824 size_t *)); /* OUT: unwrapped key length */ 825 826 /* certificate verification */ 827 AMI_STATUS ami_verify_cert PROTO_LIST(( 828 const ami_handle_t *, /* IN: ami handle */ 829 const ami_cert *, /* IN: certificate to be verified */ 830 const ami_pubkey_info *, /* IN: public verification key */ 831 const int)); /* IN: flags (unused) */ 832 AMI_STATUS ami_verify_cert_chain PROTO_LIST(( 833 const ami_handle_t *, /* IN: ami handle */ 834 const ami_cert *, /* IN: certificate chain to be verified */ 835 const int, /* IN: length of cert chain */ 836 const struct ami_tkey_list *, /* IN: trusted key list */ 837 const int, /* IN: flags (unused) */ 838 ami_cert **)); /* OUT: first expired certificate */ 839 AMI_STATUS ami_verify_cert_est_chain PROTO_LIST(( 840 const ami_handle_t *, /* IN: ami handle */ 841 const ami_cert *, /* IN: certificate to be verified */ 842 const struct ami_tkey_list *, /* IN: trusted key list */ 843 const char **, /* IN: CA Name list */ 844 const int, /* IN: flags (unused) */ 845 ami_cert **, /* OUT: first expired certificate */ 846 ami_cert **, /* OUT: certificate chain */ 847 int *)); /* OUT: length of cert chain */ 848 849 /* certificate chain establishment */ 850 AMI_STATUS ami_get_cert_chain PROTO_LIST(( 851 const ami_handle_t *, /* IN: ami handle */ 852 const ami_cert *, /* IN: user certificate */ 853 const char **, /* IN: CA name list */ 854 int flags, /* IN: flags (unused) */ 855 ami_cert **, /* OUT: certificate chain */ 856 int *)); /* OUT: length of cert chain */ 857 858 /* I/O */ 859 AMI_STATUS ami_set_keypkg PROTO_LIST(( 860 const ami_handle_t *, /* IN: ami handle */ 861 const char *, /* IN: keypkg filename or repository index */ 862 const ami_keypkg *)); /* IN: keypkg to be stored */ 863 AMI_STATUS ami_get_keypkg PROTO_LIST(( 864 const ami_handle_t *, /* IN: ami handle */ 865 const char *, /* IN: keypkg_filename or repository index */ 866 ami_keypkg **)); /* OUT: keypkg */ 867 AMI_STATUS ami_set_cert PROTO_LIST(( 868 const ami_handle_t *, /* IN: ami handle */ 869 const char *, /* IN: cert filename or repository index */ 870 const ami_cert *)); /* IN: certificate */ 871 AMI_STATUS ami_get_cert PROTO_LIST(( 872 const ami_handle_t *, /* IN: ami handle */ 873 const char *, /* IN: certificate filename, rep index, DN */ 874 ami_cert **, /* OUT: set of certificates */ 875 int *)); /* OUT: certificate set length */ 876 877 /* generate random bytes */ 878 AMI_STATUS ami_random PROTO_LIST(( 879 const ushort_t, /* IN: requested number of random bytes */ 880 uchar_t **)); /* OUT: random byte buffer */ 881 882 883 /* Free */ 884 void ami_free_keypkg PROTO_LIST((ami_keypkg **)); 885 void ami_free_cert PROTO_LIST((ami_cert **)); 886 void ami_free_cert_list PROTO_LIST((ami_cert **, int)); 887 void ami_free_dn PROTO_LIST((ami_name **)); 888 889 /* DN */ 890 AMI_STATUS ami_str2dn PROTO_LIST(( 891 const ami_handle_t *, char *, ami_name **)); 892 AMI_STATUS ami_dn2str PROTO_LIST(( 893 const ami_handle_t *, ami_name *, char **)); 894 895 /* Supported algorithms */ 896 AMI_STATUS ami_get_alglist PROTO_LIST((ami_alg_list **)); 897 898 #ifdef __cplusplus 899 } 900 #endif 901 902 #endif /* _SLP_AMI_H */ 903