17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 58047c9fbSmcpowers * Common Development and Distribution License (the "License"). 68047c9fbSmcpowers * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 228cae6764SAnthony Scarpino * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 26924d6d8dSdinak #ifndef _METAGLOBAL_H 27924d6d8dSdinak #define _METAGLOBAL_H 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate /* 317c478bd9Sstevel@tonic-gate * This file contains all the data structures used for the meta slot 327c478bd9Sstevel@tonic-gate */ 337c478bd9Sstevel@tonic-gate 347c478bd9Sstevel@tonic-gate #ifdef __cplusplus 357c478bd9Sstevel@tonic-gate extern "C" { 367c478bd9Sstevel@tonic-gate #endif 377c478bd9Sstevel@tonic-gate 38c8adf4edSvk199839 #include <assert.h> 397c478bd9Sstevel@tonic-gate #include <pthread.h> 407c478bd9Sstevel@tonic-gate #include <synch.h> 417c478bd9Sstevel@tonic-gate #include <unistd.h> 427c478bd9Sstevel@tonic-gate #include <security/cryptoki.h> 437c478bd9Sstevel@tonic-gate #include <stdio.h> 447c478bd9Sstevel@tonic-gate #include <cryptoutil.h> 457c478bd9Sstevel@tonic-gate #include <pkcs11Session.h> 467c478bd9Sstevel@tonic-gate #include <pkcs11Slot.h> 47a039cd31Shaimay #include <sys/crypto/ioctl.h> 487c478bd9Sstevel@tonic-gate 497c478bd9Sstevel@tonic-gate /* 507c478bd9Sstevel@tonic-gate * In "generic_attr_t", attributes that are not CK_BBOOL and 517c478bd9Sstevel@tonic-gate * CK_ULONG, the data will be stored in generic_data. 527c478bd9Sstevel@tonic-gate * Currently, 16 bytes will be pre-allocated for this. 537c478bd9Sstevel@tonic-gate * This is just a _WILD_ guess. If actual 547c478bd9Sstevel@tonic-gate * experience shows that 16 bytes is too small for most of the 557c478bd9Sstevel@tonic-gate * data that will be stored here, and cause this 567c478bd9Sstevel@tonic-gate * memory to be reallocated all the time, this should be increased. 577c478bd9Sstevel@tonic-gate */ 587c478bd9Sstevel@tonic-gate #define INITIAL_ATTR_LEN 16 597c478bd9Sstevel@tonic-gate 607c478bd9Sstevel@tonic-gate /* We provide one slot, with the following arbitrary identifier. */ 617c478bd9Sstevel@tonic-gate #define METASLOT_SLOTID 42 627c478bd9Sstevel@tonic-gate 637c478bd9Sstevel@tonic-gate /* Metaslot is always the first slot in the framdwork, with slotID=0 */ 647c478bd9Sstevel@tonic-gate #define METASLOT_FRAMEWORK_ID 0 657c478bd9Sstevel@tonic-gate 667c478bd9Sstevel@tonic-gate /* 677c478bd9Sstevel@tonic-gate * These are the 2 acceptable string values for ${METASLOT_ENABLE} and 687c478bd9Sstevel@tonic-gate * ${METASLOT_AUTO_KEY_MIGRATE} environment variable 697c478bd9Sstevel@tonic-gate */ 707c478bd9Sstevel@tonic-gate #define TRUE_STRING "true" 717c478bd9Sstevel@tonic-gate #define FALSE_STRING "false" 727c478bd9Sstevel@tonic-gate 737c478bd9Sstevel@tonic-gate /* Magic values for different data structures */ 747c478bd9Sstevel@tonic-gate #define METASLOT_SESSION_MAGIC 0xECF00004 757c478bd9Sstevel@tonic-gate #define METASLOT_SESSION_BADMAGIC 0xBAD00004 767c478bd9Sstevel@tonic-gate #define METASLOT_OBJECT_MAGIC 0xECF0B004 777c478bd9Sstevel@tonic-gate #define METASLOT_OBJECT_BADMAGIC 0xBAD0B004 787c478bd9Sstevel@tonic-gate #define METASLOT_OPSTATE_MAGIC 0xECF09004 797c478bd9Sstevel@tonic-gate #define METASLOT_OPSTATE_BADMAGIC 0xBAD09004 807c478bd9Sstevel@tonic-gate 817c478bd9Sstevel@tonic-gate #define IS_READ_ONLY_SESSION(session_flag) \ 827c478bd9Sstevel@tonic-gate (!(session_flag & CKF_RW_SESSION)) 837c478bd9Sstevel@tonic-gate 847c478bd9Sstevel@tonic-gate /* 857c478bd9Sstevel@tonic-gate * Operation modes passed to meta_do_operation() 867c478bd9Sstevel@tonic-gate * MODE_UPDATE_WITHKEY is only used for C_DigestKey. 877c478bd9Sstevel@tonic-gate */ 887c478bd9Sstevel@tonic-gate #define MODE_SINGLE 0x0100 897c478bd9Sstevel@tonic-gate #define MODE_UPDATE 0x0200 907c478bd9Sstevel@tonic-gate #define MODE_UPDATE_WITHKEY 0x0400 917c478bd9Sstevel@tonic-gate #define MODE_FINAL 0x1000 927c478bd9Sstevel@tonic-gate 937c478bd9Sstevel@tonic-gate 947c478bd9Sstevel@tonic-gate /* CK_INFO: Information about cryptoki */ 957c478bd9Sstevel@tonic-gate #define METASLOT_CRYPTOKI_VERSION_MAJOR 2 96*b106467fSJason King #define METASLOT_CRYPTOKI_VERSION_MINOR 40 977c478bd9Sstevel@tonic-gate #define METASLOT_MANUFACTURER_ID "Sun Microsystems, Inc. " 987c478bd9Sstevel@tonic-gate #define METASLOT_LIBRARY_DESCRIPTION "Sun Metaslot " 997c478bd9Sstevel@tonic-gate #define METASLOT_LIBRARY_VERSION_MAJOR 1 1007c478bd9Sstevel@tonic-gate #define METASLOT_LIBRARY_VERSION_MINOR 1 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate /* CK_SLOT_INFO */ 1037c478bd9Sstevel@tonic-gate #define METASLOT_SLOT_DESCRIPTION "Sun Metaslot " \ 1047c478bd9Sstevel@tonic-gate " " 1057c478bd9Sstevel@tonic-gate #define METASLOT_HARDWARE_VERSION_MAJOR 0 1067c478bd9Sstevel@tonic-gate #define METASLOT_HARDWARE_VERSION_MINOR 0 1077c478bd9Sstevel@tonic-gate #define METASLOT_FIRMWARE_VERSION_MAJOR 0 1087c478bd9Sstevel@tonic-gate #define METASLOT_FIRMWARE_VERSION_MINOR 0 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate /* CK_TOKEN_INFO: More information about token */ 1117c478bd9Sstevel@tonic-gate #define METASLOT_TOKEN_LABEL "Sun Metaslot " 1127c478bd9Sstevel@tonic-gate #define METASLOT_TOKEN_MODEL "1.0 " 1137c478bd9Sstevel@tonic-gate 1147c478bd9Sstevel@tonic-gate /* 1157c478bd9Sstevel@tonic-gate * Maximum number of objects and sessions to queue up before actually 1167c478bd9Sstevel@tonic-gate * freeing them using the free() system. This is necessary to workaround 1177c478bd9Sstevel@tonic-gate * a problem in which applications re-uses handles that are no longer valid 1187c478bd9Sstevel@tonic-gate */ 1197c478bd9Sstevel@tonic-gate #define MAX_OBJ_TO_BE_FREED 300 1207c478bd9Sstevel@tonic-gate #define MAX_SESSION_TO_BE_FREED 300 1217c478bd9Sstevel@tonic-gate 1227c478bd9Sstevel@tonic-gate /* 1237c478bd9Sstevel@tonic-gate * The following 2 functions deals with inserting and deleting 1247c478bd9Sstevel@tonic-gate * from double linked lists. It can work with any data structure 1257c478bd9Sstevel@tonic-gate * that have "prev" and "next" defined. 1267c478bd9Sstevel@tonic-gate */ 1277c478bd9Sstevel@tonic-gate 1287c478bd9Sstevel@tonic-gate /* This always inserts into the head of the list */ 1297c478bd9Sstevel@tonic-gate #define INSERT_INTO_LIST(list, item) \ 1307c478bd9Sstevel@tonic-gate { \ 1317c478bd9Sstevel@tonic-gate if ((list) == NULL) { \ 1327c478bd9Sstevel@tonic-gate (item)->prev = NULL; \ 1337c478bd9Sstevel@tonic-gate (item)->next = NULL; \ 1347c478bd9Sstevel@tonic-gate (list) = (item); \ 1357c478bd9Sstevel@tonic-gate } else { \ 1367c478bd9Sstevel@tonic-gate (item)->next = (list); \ 1377c478bd9Sstevel@tonic-gate (item)->prev = NULL; \ 1387c478bd9Sstevel@tonic-gate (list)->prev = (item); \ 1397c478bd9Sstevel@tonic-gate (list) = (item); \ 1407c478bd9Sstevel@tonic-gate } \ 1417c478bd9Sstevel@tonic-gate } 1427c478bd9Sstevel@tonic-gate 1437c478bd9Sstevel@tonic-gate 1447c478bd9Sstevel@tonic-gate /* 1457c478bd9Sstevel@tonic-gate * Remove item from list 1467c478bd9Sstevel@tonic-gate */ 1477c478bd9Sstevel@tonic-gate #define REMOVE_FROM_LIST(list, item) \ 1487c478bd9Sstevel@tonic-gate { \ 149c8adf4edSvk199839 /* item is at the beginning of the list */ \ 1507c478bd9Sstevel@tonic-gate if ((list) == item) { \ 1517c478bd9Sstevel@tonic-gate if ((item)->next == NULL) { \ 1527c478bd9Sstevel@tonic-gate (list) = NULL; \ 1537c478bd9Sstevel@tonic-gate } else { \ 1547c478bd9Sstevel@tonic-gate (item)->next->prev = NULL; \ 1557c478bd9Sstevel@tonic-gate (list) = (item)->next; \ 1567c478bd9Sstevel@tonic-gate } \ 1577c478bd9Sstevel@tonic-gate } else { \ 158c8adf4edSvk199839 /* \ 159c8adf4edSvk199839 * let the items which are initialized and not \ 160c8adf4edSvk199839 * connected to the list trip over the asserts \ 161c8adf4edSvk199839 */ \ 1627c478bd9Sstevel@tonic-gate if ((item)->next) { \ 1637c478bd9Sstevel@tonic-gate (item)->next->prev = item->prev; \ 164c8adf4edSvk199839 assert((item)->prev != NULL); \ 1657c478bd9Sstevel@tonic-gate (item)->prev->next = (item)->next; \ 1667c478bd9Sstevel@tonic-gate } else { \ 167c8adf4edSvk199839 assert((item)->prev != NULL); \ 1687c478bd9Sstevel@tonic-gate (item)->prev->next = NULL; \ 1697c478bd9Sstevel@tonic-gate } \ 1707c478bd9Sstevel@tonic-gate } \ 1717c478bd9Sstevel@tonic-gate } 1727c478bd9Sstevel@tonic-gate 1737c478bd9Sstevel@tonic-gate /* 1747c478bd9Sstevel@tonic-gate * OBJRELEASE 1757c478bd9Sstevel@tonic-gate * 1767c478bd9Sstevel@tonic-gate * Signal that a metaobject is no longer in use (but is still valid). 1777c478bd9Sstevel@tonic-gate */ 1787c478bd9Sstevel@tonic-gate #define OBJRELEASE(object) \ 1797c478bd9Sstevel@tonic-gate if (object != NULL) { \ 1807c478bd9Sstevel@tonic-gate (void) pthread_rwlock_unlock(&object->object_lock); \ 1817c478bd9Sstevel@tonic-gate } 1827c478bd9Sstevel@tonic-gate 1837c478bd9Sstevel@tonic-gate /* 1847c478bd9Sstevel@tonic-gate * REFRELEASE 1857c478bd9Sstevel@tonic-gate * 1867c478bd9Sstevel@tonic-gate * Signal that a metasession is no longer in use (but is still valid). 1877c478bd9Sstevel@tonic-gate * 1887c478bd9Sstevel@tonic-gate */ 1897c478bd9Sstevel@tonic-gate #define REFRELEASE(session) \ 1907c478bd9Sstevel@tonic-gate if (session != NULL) { \ 1917c478bd9Sstevel@tonic-gate (void) pthread_rwlock_unlock(&session->session_lock); \ 1927c478bd9Sstevel@tonic-gate } 1937c478bd9Sstevel@tonic-gate 194034448feSmcpowers /* FreeObject/FreeToken Enumeration */ 195034448feSmcpowers typedef enum { 196034448feSmcpowers FREE_UNCHECKED = 0, /* Has not been checked */ 197034448feSmcpowers FREE_DISABLED = 1, /* No supported provider or key type */ 198034448feSmcpowers FREE_ALLOWED_KEY = 2, /* Supported key type */ 199034448feSmcpowers FREE_ENABLED = 3 /* FreeObject/Token enabled */ 200034448feSmcpowers } freeobject_state_t; 201034448feSmcpowers 2027c478bd9Sstevel@tonic-gate 2037c478bd9Sstevel@tonic-gate /* Generic attribute type, for storing and managing PKCS#11 attributes. */ 2047c478bd9Sstevel@tonic-gate typedef struct _attr { 2057c478bd9Sstevel@tonic-gate CK_ATTRIBUTE attribute; 2067c478bd9Sstevel@tonic-gate 2077c478bd9Sstevel@tonic-gate boolean_t isMalloced; 2087c478bd9Sstevel@tonic-gate 2097c478bd9Sstevel@tonic-gate /* attr is necessary for creating a clone of the object */ 2107c478bd9Sstevel@tonic-gate boolean_t isCloneAttr; 2117c478bd9Sstevel@tonic-gate 2127c478bd9Sstevel@tonic-gate /* 2137c478bd9Sstevel@tonic-gate * depends on the PKCS#11 implementation, this attr might or might 2147c478bd9Sstevel@tonic-gate * not have a value. It's OK for it to not have a value 2157c478bd9Sstevel@tonic-gate * (ie: the default value is empty) 2167c478bd9Sstevel@tonic-gate */ 2177c478bd9Sstevel@tonic-gate boolean_t canBeEmptyValue; 2187c478bd9Sstevel@tonic-gate 2197c478bd9Sstevel@tonic-gate boolean_t hasValueForClone; 2207c478bd9Sstevel@tonic-gate 2217c478bd9Sstevel@tonic-gate CK_BBOOL generic_bbool; 2227c478bd9Sstevel@tonic-gate CK_ULONG generic_ulong; 2237c478bd9Sstevel@tonic-gate CK_BYTE generic_data[INITIAL_ATTR_LEN]; 2247c478bd9Sstevel@tonic-gate } generic_attr_t; 2257c478bd9Sstevel@tonic-gate 2267c478bd9Sstevel@tonic-gate /* 2277c478bd9Sstevel@tonic-gate * These need to be defined here before the actual structures are defined 2287c478bd9Sstevel@tonic-gate * because they are used in some of the structure definitions. 2297c478bd9Sstevel@tonic-gate */ 2307c478bd9Sstevel@tonic-gate typedef struct slotobject slot_object_t; 2317c478bd9Sstevel@tonic-gate typedef struct metasession meta_session_t; 2327c478bd9Sstevel@tonic-gate typedef struct metaobject meta_object_t; 2337c478bd9Sstevel@tonic-gate typedef struct metaopstate meta_opstate_t; 2347c478bd9Sstevel@tonic-gate 2357c478bd9Sstevel@tonic-gate /* 2367c478bd9Sstevel@tonic-gate * slot_session_t 2377c478bd9Sstevel@tonic-gate * 2387c478bd9Sstevel@tonic-gate * Wrapper for a session on a provider. This structure is only used internally 2397c478bd9Sstevel@tonic-gate * in metaslot; it is never revealed to applications. 2407c478bd9Sstevel@tonic-gate */ 2417c478bd9Sstevel@tonic-gate typedef struct slotsession { 2427c478bd9Sstevel@tonic-gate CK_ULONG slotnum; 2437c478bd9Sstevel@tonic-gate CK_SLOT_ID fw_st_id; /* used for accessing framework's slottable */ 2447c478bd9Sstevel@tonic-gate CK_SESSION_HANDLE hSession; 2457c478bd9Sstevel@tonic-gate 2467c478bd9Sstevel@tonic-gate boolean_t is_dualop_capable; 2477c478bd9Sstevel@tonic-gate CK_FLAGS session_flags; /* what type of session */ 2487c478bd9Sstevel@tonic-gate 2497c478bd9Sstevel@tonic-gate struct slotsession *next; 2507c478bd9Sstevel@tonic-gate struct slotsession *prev; 2517c478bd9Sstevel@tonic-gate 2527c478bd9Sstevel@tonic-gate pthread_rwlock_t object_list_lock; 2537c478bd9Sstevel@tonic-gate slot_object_t *object_list_head; 2547c478bd9Sstevel@tonic-gate } slot_session_t; 2557c478bd9Sstevel@tonic-gate 2567c478bd9Sstevel@tonic-gate 2577c478bd9Sstevel@tonic-gate /* 2587c478bd9Sstevel@tonic-gate * slot_object_t 2597c478bd9Sstevel@tonic-gate * 2607c478bd9Sstevel@tonic-gate * Wrapper for an object on a provider. This structure is only used internally 2617c478bd9Sstevel@tonic-gate * in metaslot; it is never revealed to applications. 2627c478bd9Sstevel@tonic-gate */ 2637c478bd9Sstevel@tonic-gate struct slotobject { 2647c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hObject; 2657c478bd9Sstevel@tonic-gate 2667c478bd9Sstevel@tonic-gate struct slotobject *next; 2677c478bd9Sstevel@tonic-gate struct slotobject *prev; 2687c478bd9Sstevel@tonic-gate 2697c478bd9Sstevel@tonic-gate slot_session_t *creator_session; 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate boolean_t isToken; 2727c478bd9Sstevel@tonic-gate }; 2737c478bd9Sstevel@tonic-gate 2747c478bd9Sstevel@tonic-gate 2757c478bd9Sstevel@tonic-gate /* 2767c478bd9Sstevel@tonic-gate * mechinfo_t 2777c478bd9Sstevel@tonic-gate * 2787c478bd9Sstevel@tonic-gate * A mechinfo_t is created for each mechanism on a slot. 2797c478bd9Sstevel@tonic-gate * 2807c478bd9Sstevel@tonic-gate * This information is used for selecting which slots support the given 2817c478bd9Sstevel@tonic-gate * mechanism for a crypto operation. 2827c478bd9Sstevel@tonic-gate * 2837c478bd9Sstevel@tonic-gate */ 2847c478bd9Sstevel@tonic-gate typedef struct mechinfo { 2857c478bd9Sstevel@tonic-gate CK_ULONG slotnum; 2867c478bd9Sstevel@tonic-gate 2877c478bd9Sstevel@tonic-gate boolean_t initialized; 2887c478bd9Sstevel@tonic-gate boolean_t supported; 2897c478bd9Sstevel@tonic-gate CK_MECHANISM_INFO mechanism_info; 2907c478bd9Sstevel@tonic-gate } mechinfo_t; 2917c478bd9Sstevel@tonic-gate 2927c478bd9Sstevel@tonic-gate 2937c478bd9Sstevel@tonic-gate /* 2947c478bd9Sstevel@tonic-gate * operation_info_t 2957c478bd9Sstevel@tonic-gate * 2967c478bd9Sstevel@tonic-gate * Part of a meta_session_t, used to track active operations. 2977c478bd9Sstevel@tonic-gate */ 2987c478bd9Sstevel@tonic-gate typedef struct opinfo { 299d3a28a55Sdinak CK_FLAGS type; 3007c478bd9Sstevel@tonic-gate slot_session_t *session; 3017c478bd9Sstevel@tonic-gate mechinfo_t *stats; 3027c478bd9Sstevel@tonic-gate } operation_info_t; 3037c478bd9Sstevel@tonic-gate 3047c478bd9Sstevel@tonic-gate typedef struct find_objs_info { 3057c478bd9Sstevel@tonic-gate boolean_t op_active; /* Indicate whether FindObjects is active */ 3067c478bd9Sstevel@tonic-gate meta_object_t **matched_objs; 3077c478bd9Sstevel@tonic-gate int num_matched_objs; 3087c478bd9Sstevel@tonic-gate int next_result_index; /* index of next object to be returned */ 3097c478bd9Sstevel@tonic-gate } find_objs_info_t; 3107c478bd9Sstevel@tonic-gate 3117c478bd9Sstevel@tonic-gate typedef struct mech_support_info { 3127c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mech; 3137c478bd9Sstevel@tonic-gate /* Array of mechinfo_t allocated based on number of slots */ 3147c478bd9Sstevel@tonic-gate mechinfo_t **supporting_slots; 3157c478bd9Sstevel@tonic-gate unsigned long num_supporting_slots; 3167c478bd9Sstevel@tonic-gate } mech_support_info_t; 3177c478bd9Sstevel@tonic-gate 3184a5b2e70Shaimay typedef struct crypto_init { 3194a5b2e70Shaimay CK_FLAGS optype; /* place holder for init parameters */ 3204a5b2e70Shaimay struct metasession *session; /* place holder for init parameters */ 3214a5b2e70Shaimay CK_MECHANISM *pMech; /* place holder for init parameters */ 3224a5b2e70Shaimay struct metaobject *key; /* place holder for init parameters */ 3234a5b2e70Shaimay CK_ULONG slotnum; /* slot where the init operation took place */ 3244a5b2e70Shaimay boolean_t done; /* set when the real init is done */ 3254a5b2e70Shaimay boolean_t app; /* set when C_xxxInit is called by app */ 3264a5b2e70Shaimay } crypto_init_t; 3274a5b2e70Shaimay 3287c478bd9Sstevel@tonic-gate /* 3297c478bd9Sstevel@tonic-gate * meta_session_t 3307c478bd9Sstevel@tonic-gate * 3317c478bd9Sstevel@tonic-gate * The internal state for a meta-session is kept here. The session handles 3327c478bd9Sstevel@tonic-gate * given to applications are always pointers to a structure of this type. 3337c478bd9Sstevel@tonic-gate * 3347c478bd9Sstevel@tonic-gate */ 3357c478bd9Sstevel@tonic-gate struct metasession { 3367c478bd9Sstevel@tonic-gate ulong_t magic_marker; 3377c478bd9Sstevel@tonic-gate pthread_rwlock_t session_lock; 3387c478bd9Sstevel@tonic-gate 3397c478bd9Sstevel@tonic-gate pthread_mutex_t isClosingSession_lock; 3407c478bd9Sstevel@tonic-gate boolean_t isClosingSession; 3417c478bd9Sstevel@tonic-gate 3427c478bd9Sstevel@tonic-gate struct metasession *next; 3437c478bd9Sstevel@tonic-gate struct metasession *prev; 3447c478bd9Sstevel@tonic-gate 3457c478bd9Sstevel@tonic-gate CK_FLAGS session_flags; 3467c478bd9Sstevel@tonic-gate 3477c478bd9Sstevel@tonic-gate /* 3487c478bd9Sstevel@tonic-gate * Could have just declared this as "op", but declaring it as 3497c478bd9Sstevel@tonic-gate * op1 so that "op2" can be easily added when dual-op support 3507c478bd9Sstevel@tonic-gate * is implemented in the future 3517c478bd9Sstevel@tonic-gate */ 3527c478bd9Sstevel@tonic-gate operation_info_t op1; 3537c478bd9Sstevel@tonic-gate 3547c478bd9Sstevel@tonic-gate /* 3557c478bd9Sstevel@tonic-gate * This is for keeping track of which slots support a particular 3567c478bd9Sstevel@tonic-gate * mechanism. This information doesn't 3577c478bd9Sstevel@tonic-gate * have to be kept on a per session bases, but having the 3587c478bd9Sstevel@tonic-gate * memory pre-allocated per session would make things much simpiler, 3597c478bd9Sstevel@tonic-gate * because memory doesn't need to be allocated/deallocated everytime 3607c478bd9Sstevel@tonic-gate * we do an operation. 3617c478bd9Sstevel@tonic-gate */ 3627c478bd9Sstevel@tonic-gate mech_support_info_t mech_support_info; 3637c478bd9Sstevel@tonic-gate 3647c478bd9Sstevel@tonic-gate 3657c478bd9Sstevel@tonic-gate /* Session objects created by this session. */ 3667c478bd9Sstevel@tonic-gate pthread_rwlock_t object_list_lock; 3677c478bd9Sstevel@tonic-gate meta_object_t *object_list_head; 3687c478bd9Sstevel@tonic-gate 3697c478bd9Sstevel@tonic-gate /* C_FindObjects support. */ 3707c478bd9Sstevel@tonic-gate find_objs_info_t find_objs_info; 3714a5b2e70Shaimay 3724a5b2e70Shaimay /* deferred init to be used by digest, encrypt, decrypt */ 3734a5b2e70Shaimay crypto_init_t init; 3747c478bd9Sstevel@tonic-gate }; 3757c478bd9Sstevel@tonic-gate 3767c478bd9Sstevel@tonic-gate 3777c478bd9Sstevel@tonic-gate /* 3787c478bd9Sstevel@tonic-gate * meta_object_t 3797c478bd9Sstevel@tonic-gate * 3807c478bd9Sstevel@tonic-gate * The internal state for a meta-object is kept here. The object handles 3817c478bd9Sstevel@tonic-gate * given to applications are always pointers to a structure of this type. 3827c478bd9Sstevel@tonic-gate */ 3837c478bd9Sstevel@tonic-gate struct metaobject { 3847c478bd9Sstevel@tonic-gate ulong_t magic_marker; 3857c478bd9Sstevel@tonic-gate pthread_rwlock_t object_lock; 3867c478bd9Sstevel@tonic-gate 3877c478bd9Sstevel@tonic-gate pthread_mutex_t isClosingObject_lock; 3887c478bd9Sstevel@tonic-gate boolean_t isClosingObject; 3897c478bd9Sstevel@tonic-gate 3907c478bd9Sstevel@tonic-gate struct metaobject *next; 3917c478bd9Sstevel@tonic-gate struct metaobject *prev; 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate meta_session_t *creator_session; /* Only set for session objects */ 3947c478bd9Sstevel@tonic-gate 3957c478bd9Sstevel@tonic-gate boolean_t isToken; /* alias for CKA_TOKEN */ 3967c478bd9Sstevel@tonic-gate boolean_t isPrivate; /* alias for CKA_PRIVATE */ 3977c478bd9Sstevel@tonic-gate boolean_t isSensitive; /* alias for CKA_SENSITIVE */ 3987c478bd9Sstevel@tonic-gate boolean_t isExtractable; /* alias for CKA_EXTRACTABLE */ 3997c478bd9Sstevel@tonic-gate 400034448feSmcpowers freeobject_state_t isFreeToken; 401034448feSmcpowers freeobject_state_t isFreeObject; 402034448feSmcpowers 4037c478bd9Sstevel@tonic-gate CK_ULONG master_clone_slotnum; /* set when object is created */ 4047c478bd9Sstevel@tonic-gate slot_object_t **clones; 4057c478bd9Sstevel@tonic-gate /* indicate if tried to create clone object in a slot */ 4067c478bd9Sstevel@tonic-gate boolean_t *tried_create_clone; 4077c478bd9Sstevel@tonic-gate 4087c478bd9Sstevel@tonic-gate pthread_rwlock_t attribute_lock; 4097c478bd9Sstevel@tonic-gate size_t num_attributes; 4107c478bd9Sstevel@tonic-gate generic_attr_t *attributes; 4117c478bd9Sstevel@tonic-gate 4127c478bd9Sstevel@tonic-gate pthread_mutex_t clone_create_lock; 4137c478bd9Sstevel@tonic-gate size_t clone_template_size; /* 0 if not yet known. */ 4147c478bd9Sstevel@tonic-gate CK_ATTRIBUTE *clone_template; /* NULL if not yet known. */ 4157c478bd9Sstevel@tonic-gate }; 4167c478bd9Sstevel@tonic-gate 4177c478bd9Sstevel@tonic-gate 4187c478bd9Sstevel@tonic-gate /* 4197c478bd9Sstevel@tonic-gate * struct metaopstate 4207c478bd9Sstevel@tonic-gate * 4217c478bd9Sstevel@tonic-gate * Used as the format for the operation state returned via 4227c478bd9Sstevel@tonic-gate * C_GetOperationState. 4237c478bd9Sstevel@tonic-gate */ 4247c478bd9Sstevel@tonic-gate typedef struct opstate_data { 425d3a28a55Sdinak CK_FLAGS op_type; 4267c478bd9Sstevel@tonic-gate CK_ULONG op_slotnum; 4277c478bd9Sstevel@tonic-gate CK_ULONG op_state_len; 428f4526a4aShaimay boolean_t op_init_app; 429f4526a4aShaimay boolean_t op_init_done; 4307c478bd9Sstevel@tonic-gate } opstate_data_t; 4317c478bd9Sstevel@tonic-gate 4327c478bd9Sstevel@tonic-gate struct metaopstate { 4337c478bd9Sstevel@tonic-gate ulong_t magic_marker; 4347c478bd9Sstevel@tonic-gate /* 4357c478bd9Sstevel@tonic-gate * Could have just declared this as "state", but declaring it like this 4367c478bd9Sstevel@tonic-gate * so that when dual-op support is implemented in the future, the 4377c478bd9Sstevel@tonic-gate * changes will be simplier. 4387c478bd9Sstevel@tonic-gate */ 4397c478bd9Sstevel@tonic-gate struct opstate_data state[1]; 4407c478bd9Sstevel@tonic-gate }; 4417c478bd9Sstevel@tonic-gate 4427c478bd9Sstevel@tonic-gate 4437c478bd9Sstevel@tonic-gate /* 4447c478bd9Sstevel@tonic-gate * session_pool_t 4457c478bd9Sstevel@tonic-gate * 4467c478bd9Sstevel@tonic-gate * Used to cache open sessions in a slot. 4477c478bd9Sstevel@tonic-gate */ 4487c478bd9Sstevel@tonic-gate typedef struct sessionpool { 4497c478bd9Sstevel@tonic-gate pthread_mutex_t list_lock; 4507c478bd9Sstevel@tonic-gate 4517c478bd9Sstevel@tonic-gate /* list of sessions that's currently in use */ 4527c478bd9Sstevel@tonic-gate slot_session_t *active_list_head; 4537c478bd9Sstevel@tonic-gate 4547c478bd9Sstevel@tonic-gate /* 4557c478bd9Sstevel@tonic-gate * list of sessions that are not in use, but can't be deleted because 4567c478bd9Sstevel@tonic-gate * either session/token objects are created using these sessions 4577c478bd9Sstevel@tonic-gate * or we need to have one session left with the provider to maintain 4587c478bd9Sstevel@tonic-gate * the logged in state. Any of these sessions could be re-used if 4597c478bd9Sstevel@tonic-gate * a session is needed to be established with a provider. 4607c478bd9Sstevel@tonic-gate */ 4617c478bd9Sstevel@tonic-gate slot_session_t *persist_list_head; 4627c478bd9Sstevel@tonic-gate 4637c478bd9Sstevel@tonic-gate /* 4647c478bd9Sstevel@tonic-gate * List of sessions that are not in use at the moment. We keep 4657c478bd9Sstevel@tonic-gate * a list of sessions with a particular provider instead of 4667c478bd9Sstevel@tonic-gate * creating a new session everytime for efficiency 4677c478bd9Sstevel@tonic-gate */ 4687c478bd9Sstevel@tonic-gate slot_session_t *idle_list_head; 4697c478bd9Sstevel@tonic-gate boolean_t keep_one_alive; 4707c478bd9Sstevel@tonic-gate int num_idle_sessions; /* number of sessions in "idle_list_head" */ 4717c478bd9Sstevel@tonic-gate } session_pool_t; 4727c478bd9Sstevel@tonic-gate 4737c478bd9Sstevel@tonic-gate 4747c478bd9Sstevel@tonic-gate /* 4757c478bd9Sstevel@tonic-gate * slot_data_t 4767c478bd9Sstevel@tonic-gate * 4777c478bd9Sstevel@tonic-gate * Each slot has a session pool, a collection of persistant sessions to 4787c478bd9Sstevel@tonic-gate * allow for more efficient operation. Specifically, to allow reuse of 4797c478bd9Sstevel@tonic-gate * previously session objects (which need the creating session to stick 4807c478bd9Sstevel@tonic-gate * around), as well as being frugal with creating/closing sessions. 4817c478bd9Sstevel@tonic-gate */ 4827c478bd9Sstevel@tonic-gate typedef struct slotdata { 4837c478bd9Sstevel@tonic-gate CK_SLOT_ID fw_st_id; /* framework slot table ID */ 4847c478bd9Sstevel@tonic-gate 4857c478bd9Sstevel@tonic-gate session_pool_t session_pool; 4867c478bd9Sstevel@tonic-gate 4877c478bd9Sstevel@tonic-gate pthread_rwlock_t tokenobject_list_lock; 4887c478bd9Sstevel@tonic-gate slot_object_t *tokenobject_list_head; 4897c478bd9Sstevel@tonic-gate } slot_data_t; 4907c478bd9Sstevel@tonic-gate 4917c478bd9Sstevel@tonic-gate 4927c478bd9Sstevel@tonic-gate typedef enum { 4937c478bd9Sstevel@tonic-gate ALL_TOKEN = 0, 4947c478bd9Sstevel@tonic-gate PUBLIC_TOKEN = 1, 4957c478bd9Sstevel@tonic-gate PRIVATE_TOKEN = 2 4967c478bd9Sstevel@tonic-gate } token_obj_type_t; 4977c478bd9Sstevel@tonic-gate 4987c478bd9Sstevel@tonic-gate /* 4997c478bd9Sstevel@tonic-gate * metaslot_config_t 5007c478bd9Sstevel@tonic-gate * 5017c478bd9Sstevel@tonic-gate * This holds the configuration information for meta slot. 5027c478bd9Sstevel@tonic-gate * It will first be filled with values that users defined 5037c478bd9Sstevel@tonic-gate * in environment variables. Any value not defined by the user 5047c478bd9Sstevel@tonic-gate * will be filled with values from the system wide configuration file. 5057c478bd9Sstevel@tonic-gate */ 5067c478bd9Sstevel@tonic-gate typedef struct _metaslot_config { 5077c478bd9Sstevel@tonic-gate /* token to be used as the keystore for metaslot */ 5087c478bd9Sstevel@tonic-gate boolean_t keystore_token_specified; 5097c478bd9Sstevel@tonic-gate CK_UTF8CHAR keystore_token[TOKEN_LABEL_SIZE + 1]; 5107c478bd9Sstevel@tonic-gate 5117c478bd9Sstevel@tonic-gate /* slot to be used as the keystore for metaslot */ 5127c478bd9Sstevel@tonic-gate boolean_t keystore_slot_specified; 5137c478bd9Sstevel@tonic-gate CK_UTF8CHAR keystore_slot[SLOT_DESCRIPTION_SIZE + 1]; 5147c478bd9Sstevel@tonic-gate 5157c478bd9Sstevel@tonic-gate /* should meta slot be enabled or not */ 5167c478bd9Sstevel@tonic-gate boolean_t enabled_specified; 5177c478bd9Sstevel@tonic-gate boolean_t enabled; 5187c478bd9Sstevel@tonic-gate 5197c478bd9Sstevel@tonic-gate /* should auto migration of sensitive token objects be enabled or not */ 5207c478bd9Sstevel@tonic-gate boolean_t auto_key_migrate_specified; 5217c478bd9Sstevel@tonic-gate boolean_t auto_key_migrate; 5227c478bd9Sstevel@tonic-gate } metaslot_config_t; 5237c478bd9Sstevel@tonic-gate 5247c478bd9Sstevel@tonic-gate /* 5257c478bd9Sstevel@tonic-gate * The following 2 structures are used to link the to-be-freed 5267c478bd9Sstevel@tonic-gate * meta sessions and meta objects into linked lists. 5277c478bd9Sstevel@tonic-gate * The items on these linked list have not yet been freed via free(); instead 5287c478bd9Sstevel@tonic-gate * they are added to this list. The actual free will take place when 5297c478bd9Sstevel@tonic-gate * the number of objects queued reaches MAX_OBJ_TO_BE_FREED or 5307c478bd9Sstevel@tonic-gate * MAX_SESSION_TO_BE_FREED, at which time the first object in the 5317c478bd9Sstevel@tonic-gate * list will be freed. 5327c478bd9Sstevel@tonic-gate */ 5337c478bd9Sstevel@tonic-gate typedef struct obj_to_be_freed_list { 5347c478bd9Sstevel@tonic-gate meta_object_t *first; /* points to first obj in the list */ 5357c478bd9Sstevel@tonic-gate meta_object_t *last; /* points to last obj in the list */ 5367c478bd9Sstevel@tonic-gate uint32_t count; /* current total objs in the list */ 5377c478bd9Sstevel@tonic-gate pthread_mutex_t obj_to_be_free_mutex; 5387c478bd9Sstevel@tonic-gate } object_to_be_freed_list_t; 5397c478bd9Sstevel@tonic-gate 5407c478bd9Sstevel@tonic-gate typedef struct ses_to_be_freed_list { 5417c478bd9Sstevel@tonic-gate meta_session_t *first; /* points to first session in the list */ 5427c478bd9Sstevel@tonic-gate meta_session_t *last; /* points to last session in the list */ 5437c478bd9Sstevel@tonic-gate uint32_t count; /* current total session in the list */ 5447c478bd9Sstevel@tonic-gate pthread_mutex_t ses_to_be_free_mutex; 5457c478bd9Sstevel@tonic-gate } ses_to_be_freed_list_t; 5467c478bd9Sstevel@tonic-gate 547a039cd31Shaimay typedef struct cipher_mechs_threshold { 548a039cd31Shaimay int mech_type; 549a039cd31Shaimay uint32_t mech_threshold; 550a039cd31Shaimay } cipher_mechs_threshold_t; 551a039cd31Shaimay 5527c478bd9Sstevel@tonic-gate /* Global variables */ 5537c478bd9Sstevel@tonic-gate extern metaslot_config_t metaslot_config; 5547c478bd9Sstevel@tonic-gate extern boolean_t metaslot_enabled; 5557c478bd9Sstevel@tonic-gate extern CK_SLOT_ID metaslot_keystore_slotid; 5567c478bd9Sstevel@tonic-gate extern boolean_t metaslot_auto_key_migrate; 5577c478bd9Sstevel@tonic-gate extern struct CK_FUNCTION_LIST metaslot_functionList; 5588047c9fbSmcpowers extern pthread_mutex_t initmutex; 5597c478bd9Sstevel@tonic-gate 5607c478bd9Sstevel@tonic-gate extern ses_to_be_freed_list_t ses_delay_freed; 5617c478bd9Sstevel@tonic-gate extern object_to_be_freed_list_t obj_delay_freed; 562a039cd31Shaimay extern void (*Tmp_GetThreshold)(void *); 5637c478bd9Sstevel@tonic-gate 564034448feSmcpowers extern CK_BBOOL falsevalue; 565034448feSmcpowers extern CK_BBOOL truevalue; 566034448feSmcpowers 5677c478bd9Sstevel@tonic-gate /* --- Prototypes --- */ 5687c478bd9Sstevel@tonic-gate 5697c478bd9Sstevel@tonic-gate CK_RV meta_slotManager_initialize(); 5707c478bd9Sstevel@tonic-gate void meta_slotManager_finalize(); 5717c478bd9Sstevel@tonic-gate void meta_slotManager_find_object_token(); 5727c478bd9Sstevel@tonic-gate CK_RV meta_get_slot_session(CK_ULONG slotnum, slot_session_t **session, 5737c478bd9Sstevel@tonic-gate CK_FLAGS flags); 5747c478bd9Sstevel@tonic-gate void meta_release_slot_session(slot_session_t *session); 5757c478bd9Sstevel@tonic-gate 5767c478bd9Sstevel@tonic-gate CK_RV meta_mechManager_initialize(); 5777c478bd9Sstevel@tonic-gate void meta_mechManager_finalize(); 5787c478bd9Sstevel@tonic-gate CK_RV meta_mechManager_get_mechs(CK_MECHANISM_TYPE *list, CK_ULONG *listsize); 5797c478bd9Sstevel@tonic-gate CK_RV meta_mechManager_get_slots(mech_support_info_t *mech_support_info, 580d3a28a55Sdinak boolean_t force_update, CK_MECHANISM_INFO *mech_info); 5817c478bd9Sstevel@tonic-gate CK_RV meta_mechManager_slot_supports_mech(CK_MECHANISM_TYPE mechanism, 5827c478bd9Sstevel@tonic-gate CK_ULONG slotnum, boolean_t *supports, mechinfo_t **slot_info, 583d3a28a55Sdinak boolean_t force_update, CK_MECHANISM_INFO *mech_info); 5847c478bd9Sstevel@tonic-gate 585d3a28a55Sdinak CK_RV meta_operation_init(CK_FLAGS optype, meta_session_t *session, 5867c478bd9Sstevel@tonic-gate CK_MECHANISM *pMechanism, meta_object_t *key); 5874a5b2e70Shaimay CK_RV meta_operation_init_defer(CK_FLAGS optype, meta_session_t *session, 5884a5b2e70Shaimay CK_MECHANISM *pMechanism, meta_object_t *key); 589d3a28a55Sdinak CK_RV meta_do_operation(CK_FLAGS optype, int mode, 5907c478bd9Sstevel@tonic-gate meta_session_t *session, meta_object_t *object, 5917c478bd9Sstevel@tonic-gate CK_BYTE *in, CK_ULONG inLen, CK_BYTE *out, CK_ULONG *outLen); 5927c478bd9Sstevel@tonic-gate 593d3a28a55Sdinak void meta_operation_cleanup(meta_session_t *session, CK_FLAGS optype, 5947c478bd9Sstevel@tonic-gate boolean_t finished_normally); 5957c478bd9Sstevel@tonic-gate 5967c478bd9Sstevel@tonic-gate CK_RV meta_generate_keys(meta_session_t *session, CK_MECHANISM *pMechanism, 5977c478bd9Sstevel@tonic-gate CK_ATTRIBUTE *k1Template, CK_ULONG k1AttrCount, meta_object_t *key1, 5987c478bd9Sstevel@tonic-gate CK_ATTRIBUTE *k2Template, CK_ULONG k2AttrCount, meta_object_t *key2); 5997c478bd9Sstevel@tonic-gate 6007c478bd9Sstevel@tonic-gate CK_RV meta_wrap_key(meta_session_t *session, 6017c478bd9Sstevel@tonic-gate CK_MECHANISM *pMechanism, meta_object_t *wrappingkey, 6027c478bd9Sstevel@tonic-gate meta_object_t *inputkey, 6037c478bd9Sstevel@tonic-gate CK_BYTE *wrapped_key, CK_ULONG *wrapped_key_len); 6047c478bd9Sstevel@tonic-gate 6057c478bd9Sstevel@tonic-gate CK_RV meta_unwrap_key(meta_session_t *session, 6067c478bd9Sstevel@tonic-gate CK_MECHANISM *pMechanism, meta_object_t *unwrapping_key, 6077c478bd9Sstevel@tonic-gate CK_BYTE *wrapped_key, CK_ULONG wrapped_key_len, 6087c478bd9Sstevel@tonic-gate CK_ATTRIBUTE *template, CK_ULONG template_size, 6097c478bd9Sstevel@tonic-gate meta_object_t *unwrapped_key); 6107c478bd9Sstevel@tonic-gate 6117c478bd9Sstevel@tonic-gate CK_RV meta_derive_key(meta_session_t *session, CK_MECHANISM *pMech, 6127c478bd9Sstevel@tonic-gate meta_object_t *basekey1, meta_object_t *basekey2, 6137c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE *phBaseKey2, 6147c478bd9Sstevel@tonic-gate CK_ATTRIBUTE *pTemplate, CK_ULONG ulAttributeCount, 6157c478bd9Sstevel@tonic-gate meta_object_t *newKey1, meta_object_t *newKey2, 6167c478bd9Sstevel@tonic-gate meta_object_t *newKey3, meta_object_t *newKey4); 6177c478bd9Sstevel@tonic-gate 6187c478bd9Sstevel@tonic-gate void get_user_metaslot_config(); 6197c478bd9Sstevel@tonic-gate 6207c478bd9Sstevel@tonic-gate CK_RV meta_sessionManager_initialize(); 6217c478bd9Sstevel@tonic-gate void meta_sessionManager_finalize(); 6227c478bd9Sstevel@tonic-gate CK_RV meta_handle2session(CK_SESSION_HANDLE hSession, 6237c478bd9Sstevel@tonic-gate meta_session_t **session_p); 6247c478bd9Sstevel@tonic-gate CK_RV meta_session_alloc(meta_session_t **newSession); 6257c478bd9Sstevel@tonic-gate CK_RV meta_session_activate(meta_session_t *session); 6267c478bd9Sstevel@tonic-gate CK_RV meta_session_deactivate(meta_session_t *session, 6277c478bd9Sstevel@tonic-gate boolean_t have_sessionlist_lock); 6287c478bd9Sstevel@tonic-gate void meta_session_dealloc(meta_session_t *session); 6297c478bd9Sstevel@tonic-gate void meta_session_delay_free(meta_session_t *sp); 6307c478bd9Sstevel@tonic-gate 6317c478bd9Sstevel@tonic-gate CK_RV meta_objectManager_initialize(); 6327c478bd9Sstevel@tonic-gate void meta_objectManager_finalize(); 6337c478bd9Sstevel@tonic-gate CK_RV meta_handle2object(CK_OBJECT_HANDLE hObject, meta_object_t **object); 6347c478bd9Sstevel@tonic-gate CK_RV meta_object_alloc(meta_session_t *session, meta_object_t **object); 6357c478bd9Sstevel@tonic-gate CK_RV meta_object_get_attr(slot_session_t *slot_session, 6367c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hObject, meta_object_t *object); 6377c478bd9Sstevel@tonic-gate void meta_object_activate(meta_object_t *object); 6387c478bd9Sstevel@tonic-gate CK_RV meta_object_deactivate(meta_object_t *object, boolean_t have_list_lock, 6397c478bd9Sstevel@tonic-gate boolean_t have_object_lock); 6408cae6764SAnthony Scarpino CK_RV meta_object_dealloc(meta_session_t *session, meta_object_t *object, 6418cae6764SAnthony Scarpino boolean_t nukeSourceObj); 6427c478bd9Sstevel@tonic-gate CK_RV meta_slot_object_alloc(slot_object_t **object); 6437c478bd9Sstevel@tonic-gate void meta_slot_object_activate(slot_object_t *object, slot_session_t *session, 6447c478bd9Sstevel@tonic-gate boolean_t isToken); 6457c478bd9Sstevel@tonic-gate void meta_slot_object_deactivate(slot_object_t *object); 6467c478bd9Sstevel@tonic-gate void meta_slot_object_dealloc(slot_object_t *object); 6477c478bd9Sstevel@tonic-gate CK_RV meta_object_copyin(meta_object_t *object); 6487c478bd9Sstevel@tonic-gate CK_RV meta_object_get_clone(meta_object_t *object, 6497c478bd9Sstevel@tonic-gate CK_ULONG slot_num, slot_session_t *slot_session, 6507c478bd9Sstevel@tonic-gate slot_object_t **clone); 6517c478bd9Sstevel@tonic-gate meta_object_t *meta_object_find_by_handle(CK_OBJECT_HANDLE hObject, 6527c478bd9Sstevel@tonic-gate CK_ULONG slotnum, boolean_t token_only); 6537c478bd9Sstevel@tonic-gate CK_RV meta_token_object_deactivate(token_obj_type_t token_type); 6547c478bd9Sstevel@tonic-gate void meta_object_delay_free(meta_object_t *objp); 655034448feSmcpowers boolean_t meta_freeobject_set(meta_object_t *object, CK_ATTRIBUTE *tmpl, 656034448feSmcpowers CK_ULONG tmpl_len, boolean_t create); 657034448feSmcpowers CK_RV meta_freetoken_set(CK_ULONG slot_num, CK_BBOOL *current_value, 658034448feSmcpowers CK_ATTRIBUTE *tmpl, CK_ULONG tmpl_len); 659034448feSmcpowers boolean_t meta_freeobject_check(meta_session_t *session, meta_object_t *obj, 660034448feSmcpowers CK_MECHANISM *pMech, CK_ATTRIBUTE *tmpl, CK_ULONG tmpl_len, 661034448feSmcpowers CK_KEY_TYPE keytype); 662034448feSmcpowers boolean_t meta_freeobject_clone(meta_session_t *session, meta_object_t *object); 6637c478bd9Sstevel@tonic-gate 6647c478bd9Sstevel@tonic-gate CK_RV get_master_attributes_by_object(slot_session_t *session, 6657c478bd9Sstevel@tonic-gate slot_object_t *slot_object, generic_attr_t **attributes, 6667c478bd9Sstevel@tonic-gate size_t *num_attributes); 6677c478bd9Sstevel@tonic-gate CK_RV get_master_attributes_by_template( 6687c478bd9Sstevel@tonic-gate CK_ATTRIBUTE *template, CK_ULONG template_size, 6697c478bd9Sstevel@tonic-gate generic_attr_t **attributes, size_t *num_attributes); 6707c478bd9Sstevel@tonic-gate CK_RV get_master_template_by_type(CK_OBJECT_CLASS class, CK_ULONG subtype, 6717c478bd9Sstevel@tonic-gate generic_attr_t **attributes, size_t *num_attributes); 6727c478bd9Sstevel@tonic-gate CK_RV get_master_attributes_by_type(CK_OBJECT_CLASS class, CK_ULONG subtype, 6737c478bd9Sstevel@tonic-gate generic_attr_t **attributes, size_t *num_attributes); 6747c478bd9Sstevel@tonic-gate CK_RV get_master_attributes_by_duplication( 6757c478bd9Sstevel@tonic-gate generic_attr_t *src_attrs, size_t num_src_attrs, 6767c478bd9Sstevel@tonic-gate generic_attr_t **dst_attrs, size_t *num_dst_attrs); 6777c478bd9Sstevel@tonic-gate void dealloc_attributes(generic_attr_t *attributes, size_t num_attributes); 6787c478bd9Sstevel@tonic-gate CK_RV attribute_set_value(CK_ATTRIBUTE *new_attr, 6797c478bd9Sstevel@tonic-gate generic_attr_t *attributes, size_t num_attributes); 6807c478bd9Sstevel@tonic-gate boolean_t get_template_ulong(CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE *attributes, 6817c478bd9Sstevel@tonic-gate CK_ULONG num_attributes, CK_ULONG *result); 6827c478bd9Sstevel@tonic-gate boolean_t get_template_boolean(CK_ATTRIBUTE_TYPE type, 6837c478bd9Sstevel@tonic-gate CK_ATTRIBUTE *attributes, CK_ULONG num_attributes, boolean_t *result); 684034448feSmcpowers int set_template_boolean(CK_ATTRIBUTE_TYPE type, 685034448feSmcpowers CK_ATTRIBUTE *attributes, CK_ULONG num_attributes, boolean_t local, 686034448feSmcpowers CK_BBOOL *value); 6877c478bd9Sstevel@tonic-gate CK_ULONG get_keystore_slotnum(void); 6884a5b2e70Shaimay CK_ULONG get_softtoken_slotnum(void); 6897c478bd9Sstevel@tonic-gate CK_SLOT_ID meta_slotManager_get_framework_table_id(CK_ULONG slotnum); 6907c478bd9Sstevel@tonic-gate CK_ULONG meta_slotManager_get_slotcount(void); 6917c478bd9Sstevel@tonic-gate boolean_t meta_slotManager_token_write_protected(void); 6927c478bd9Sstevel@tonic-gate boolean_t metaslot_logged_in(); 6937c478bd9Sstevel@tonic-gate void metaslot_set_logged_in_flag(boolean_t value); 6947c478bd9Sstevel@tonic-gate 6957c478bd9Sstevel@tonic-gate /* 6967c478bd9Sstevel@tonic-gate * Prototypes for the various meta_Foo implementations of C_Foo. 6977c478bd9Sstevel@tonic-gate * 6987c478bd9Sstevel@tonic-gate */ 6997c478bd9Sstevel@tonic-gate CK_RV meta_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList); 7007c478bd9Sstevel@tonic-gate CK_RV meta_Initialize(CK_VOID_PTR pInitArgs); 7017c478bd9Sstevel@tonic-gate CK_RV meta_Finalize(CK_VOID_PTR pReserved); 7027c478bd9Sstevel@tonic-gate CK_RV meta_GetInfo(CK_INFO_PTR pInfo); 7037c478bd9Sstevel@tonic-gate CK_RV meta_GetSlotList(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, 7047c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulCount); 7057c478bd9Sstevel@tonic-gate CK_RV meta_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo); 7067c478bd9Sstevel@tonic-gate CK_RV meta_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo); 7077c478bd9Sstevel@tonic-gate CK_RV meta_GetMechanismList(CK_SLOT_ID slotID, 7087c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount); 7097c478bd9Sstevel@tonic-gate CK_RV meta_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, 7107c478bd9Sstevel@tonic-gate CK_MECHANISM_INFO_PTR pInfo); 7117c478bd9Sstevel@tonic-gate CK_RV meta_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, 7127c478bd9Sstevel@tonic-gate CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel); 7137c478bd9Sstevel@tonic-gate CK_RV meta_InitPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, 7147c478bd9Sstevel@tonic-gate CK_ULONG ulPinLen); 7157c478bd9Sstevel@tonic-gate CK_RV meta_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, 7167c478bd9Sstevel@tonic-gate CK_ULONG ulOldPinLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewPinLen); 7177c478bd9Sstevel@tonic-gate CK_RV meta_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, 7187c478bd9Sstevel@tonic-gate CK_VOID_PTR pApplication, CK_NOTIFY Notify, 7197c478bd9Sstevel@tonic-gate CK_SESSION_HANDLE_PTR phSession); 7207c478bd9Sstevel@tonic-gate CK_RV meta_CloseSession(CK_SESSION_HANDLE hSession); 7217c478bd9Sstevel@tonic-gate CK_RV meta_CloseAllSessions(CK_SLOT_ID slotID); 7227c478bd9Sstevel@tonic-gate CK_RV meta_GetSessionInfo(CK_SESSION_HANDLE hSession, 7237c478bd9Sstevel@tonic-gate CK_SESSION_INFO_PTR pInfo); 7247c478bd9Sstevel@tonic-gate CK_RV meta_GetOperationState(CK_SESSION_HANDLE hSession, 7257c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen); 7267c478bd9Sstevel@tonic-gate CK_RV meta_SetOperationState(CK_SESSION_HANDLE hSession, 7277c478bd9Sstevel@tonic-gate CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen, 7287c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey); 7297c478bd9Sstevel@tonic-gate CK_RV meta_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, 7307c478bd9Sstevel@tonic-gate CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen); 7317c478bd9Sstevel@tonic-gate CK_RV meta_Logout(CK_SESSION_HANDLE hSession); 7327c478bd9Sstevel@tonic-gate CK_RV meta_CreateObject(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, 7337c478bd9Sstevel@tonic-gate CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phObject); 7347c478bd9Sstevel@tonic-gate CK_RV meta_CopyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 7357c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 7367c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE_PTR phNewObject); 7377c478bd9Sstevel@tonic-gate CK_RV meta_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject); 7387c478bd9Sstevel@tonic-gate CK_RV meta_GetObjectSize(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, 7397c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulSize); 7407c478bd9Sstevel@tonic-gate CK_RV meta_GetAttributeValue(CK_SESSION_HANDLE hSession, 7417c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 7427c478bd9Sstevel@tonic-gate CK_RV meta_SetAttributeValue(CK_SESSION_HANDLE hSession, 7437c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 7447c478bd9Sstevel@tonic-gate CK_RV meta_FindObjectsInit(CK_SESSION_HANDLE hSession, 7457c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); 7467c478bd9Sstevel@tonic-gate CK_RV meta_FindObjects(CK_SESSION_HANDLE hSession, 7477c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount, 7487c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulObjectCount); 7497c478bd9Sstevel@tonic-gate CK_RV meta_FindObjectsFinal(CK_SESSION_HANDLE hSession); 7507c478bd9Sstevel@tonic-gate CK_RV meta_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 7517c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hKey); 7527c478bd9Sstevel@tonic-gate CK_RV meta_Encrypt(CK_SESSION_HANDLE hSession, 7537c478bd9Sstevel@tonic-gate CK_BYTE_PTR pData, CK_ULONG ulDataLen, 7547c478bd9Sstevel@tonic-gate CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen); 7557c478bd9Sstevel@tonic-gate CK_RV meta_EncryptUpdate(CK_SESSION_HANDLE hSession, 7567c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPart, CK_ULONG ulPartLen, 7577c478bd9Sstevel@tonic-gate CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen); 7587c478bd9Sstevel@tonic-gate CK_RV meta_EncryptFinal(CK_SESSION_HANDLE hSession, 7597c478bd9Sstevel@tonic-gate CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen); 7607c478bd9Sstevel@tonic-gate CK_RV meta_DecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 7617c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hKey); 7627c478bd9Sstevel@tonic-gate CK_RV meta_Decrypt(CK_SESSION_HANDLE hSession, 7637c478bd9Sstevel@tonic-gate CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, 7647c478bd9Sstevel@tonic-gate CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 7657c478bd9Sstevel@tonic-gate CK_RV meta_DecryptUpdate(CK_SESSION_HANDLE hSession, 7667c478bd9Sstevel@tonic-gate CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, 7677c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 7687c478bd9Sstevel@tonic-gate CK_RV meta_DecryptFinal(CK_SESSION_HANDLE hSession, 7697c478bd9Sstevel@tonic-gate CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen); 7707c478bd9Sstevel@tonic-gate CK_RV meta_DigestInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism); 7717c478bd9Sstevel@tonic-gate CK_RV meta_Digest(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, 7727c478bd9Sstevel@tonic-gate CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen); 7737c478bd9Sstevel@tonic-gate CK_RV meta_DigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, 7747c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen); 7757c478bd9Sstevel@tonic-gate CK_RV meta_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey); 7767c478bd9Sstevel@tonic-gate CK_RV meta_DigestFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, 7777c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulDigestLen); 7787c478bd9Sstevel@tonic-gate CK_RV meta_SignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 7797c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hKey); 7807c478bd9Sstevel@tonic-gate CK_RV meta_Sign(CK_SESSION_HANDLE hSession, 7817c478bd9Sstevel@tonic-gate CK_BYTE_PTR pData, CK_ULONG ulDataLen, 7827c478bd9Sstevel@tonic-gate CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 7837c478bd9Sstevel@tonic-gate CK_RV meta_SignUpdate(CK_SESSION_HANDLE hSession, 7847c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPart, CK_ULONG ulPartLen); 7857c478bd9Sstevel@tonic-gate CK_RV meta_SignFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, 7867c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulSignatureLen); 7877c478bd9Sstevel@tonic-gate CK_RV meta_SignRecoverInit(CK_SESSION_HANDLE hSession, 7887c478bd9Sstevel@tonic-gate CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); 7897c478bd9Sstevel@tonic-gate CK_RV meta_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, 7907c478bd9Sstevel@tonic-gate CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen); 7917c478bd9Sstevel@tonic-gate CK_RV meta_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 7927c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hKey); 7937c478bd9Sstevel@tonic-gate CK_RV meta_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, 7947c478bd9Sstevel@tonic-gate CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen); 7957c478bd9Sstevel@tonic-gate CK_RV meta_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, 7967c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen); 7977c478bd9Sstevel@tonic-gate CK_RV meta_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, 7987c478bd9Sstevel@tonic-gate CK_ULONG ulSignatureLen); 7997c478bd9Sstevel@tonic-gate CK_RV meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession, 8007c478bd9Sstevel@tonic-gate CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey); 8017c478bd9Sstevel@tonic-gate CK_RV meta_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, 8027c478bd9Sstevel@tonic-gate CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); 8037c478bd9Sstevel@tonic-gate CK_RV meta_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, 8047c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, 8057c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulEncryptedPartLen); 8067c478bd9Sstevel@tonic-gate CK_RV meta_DecryptDigestUpdate(CK_SESSION_HANDLE hSession, 8077c478bd9Sstevel@tonic-gate CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, 8087c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 8097c478bd9Sstevel@tonic-gate CK_RV meta_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, 8107c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, 8117c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulEncryptedPartLen); 8127c478bd9Sstevel@tonic-gate CK_RV meta_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, 8137c478bd9Sstevel@tonic-gate CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, 8147c478bd9Sstevel@tonic-gate CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen); 8157c478bd9Sstevel@tonic-gate CK_RV meta_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 8167c478bd9Sstevel@tonic-gate CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey); 8177c478bd9Sstevel@tonic-gate CK_RV meta_GenerateKeyPair(CK_SESSION_HANDLE hSession, 8187c478bd9Sstevel@tonic-gate CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate, 8197c478bd9Sstevel@tonic-gate CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate, 8207c478bd9Sstevel@tonic-gate CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey, 8217c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE_PTR phPrivateKey); 8227c478bd9Sstevel@tonic-gate CK_RV meta_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 8237c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, 8247c478bd9Sstevel@tonic-gate CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen); 8257c478bd9Sstevel@tonic-gate CK_RV meta_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 8267c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey, 8277c478bd9Sstevel@tonic-gate CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate, 8287c478bd9Sstevel@tonic-gate CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey); 8297c478bd9Sstevel@tonic-gate CK_RV meta_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 8307c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, 8317c478bd9Sstevel@tonic-gate CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey); 8327c478bd9Sstevel@tonic-gate CK_RV meta_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, 8337c478bd9Sstevel@tonic-gate CK_ULONG ulSeedLen); 8347c478bd9Sstevel@tonic-gate CK_RV meta_GenerateRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomData, 8357c478bd9Sstevel@tonic-gate CK_ULONG ulRandomLen); 8367c478bd9Sstevel@tonic-gate CK_RV meta_GetFunctionStatus(CK_SESSION_HANDLE hSession); 8377c478bd9Sstevel@tonic-gate CK_RV meta_CancelFunction(CK_SESSION_HANDLE hSession); 8387c478bd9Sstevel@tonic-gate CK_RV meta_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, 8397c478bd9Sstevel@tonic-gate CK_VOID_PTR pReserved); 8407c478bd9Sstevel@tonic-gate 8417c478bd9Sstevel@tonic-gate #ifdef __cplusplus 8427c478bd9Sstevel@tonic-gate } 8437c478bd9Sstevel@tonic-gate #endif 8447c478bd9Sstevel@tonic-gate 845924d6d8dSdinak #endif /* _METAGLOBAL_H */ 846