xref: /titanic_41/usr/src/cmd/cmd-crypto/pktool/common.h (revision b7d3956b92a285d8dac2c7f5f7e28d2ef5347ef8) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef _PKTOOL_COMMON_H
27 #define	_PKTOOL_COMMON_H
28 
29 #pragma ident	"%Z%%M%	%I%	%E% SMI"
30 
31 /*
32  * This file contains data and functions shared between all the
33  * modules that comprise this tool.
34  */
35 
36 #ifdef __cplusplus
37 extern "C" {
38 #endif
39 
40 #include <cryptoutil.h>
41 
42 /* I18N helpers. */
43 #include <libintl.h>
44 #include <locale.h>
45 #include <errno.h>
46 #include <kmfapi.h>
47 
48 /* Defines used throughout */
49 
50 /* Error codes */
51 #define	PK_ERR_NONE		0
52 #define	PK_ERR_USAGE		1
53 #define	PK_ERR_QUIT		2
54 #define	PK_ERR_PK11		3
55 #define	PK_ERR_SYSTEM		4
56 #define	PK_ERR_OPENSSL		5
57 #define	PK_ERR_NSS		6
58 
59 /* Types of objects for searches. */
60 #define	PK_PRIVATE_OBJ		0x0001
61 #define	PK_PUBLIC_OBJ		0x0002
62 #define	PK_CERT_OBJ		0x0010
63 #define	PK_PRIKEY_OBJ		0x0020
64 #define	PK_PUBKEY_OBJ		0x0040
65 #define	PK_SYMKEY_OBJ		0x0080
66 #define	PK_CRL_OBJ		0x0100
67 
68 #define	PK_KEY_OBJ		(PK_PRIKEY_OBJ | PK_PUBKEY_OBJ | PK_SYMKEY_OBJ)
69 #define	PK_ALL_OBJ		(PK_PRIVATE_OBJ | PK_PUBLIC_OBJ |\
70 				PK_CERT_OBJ| PK_CRL_OBJ | PK_KEY_OBJ)
71 
72 #define	PK_DEFAULT_KEYTYPE	"rsa"
73 #define	PK_DEFAULT_KEYLENGTH	1024
74 #define	PK_DEFAULT_DIRECTORY	"."
75 #define	PK_DEFAULT_SERIALNUM	1
76 #define	PK_DEFAULT_PK11TOKEN	SOFT_TOKEN_LABEL
77 
78 /* Constants for attribute templates. */
79 extern CK_BBOOL	pk_false;
80 extern CK_BBOOL	pk_true;
81 
82 typedef struct {
83 	int	eku_count;
84 	int	*critlist;
85 	KMF_OID	*ekulist;
86 } EKU_LIST;
87 
88 /* Common functions. */
89 extern void	final_pk11(CK_SESSION_HANDLE sess);
90 
91 extern CK_RV	login_token(CK_SLOT_ID slot_id, CK_UTF8CHAR_PTR pin,
92 		    CK_ULONG pinlen, CK_SESSION_HANDLE_PTR sess);
93 
94 extern CK_RV	quick_start(CK_SLOT_ID slot_id, CK_FLAGS sess_flags,
95 		    CK_UTF8CHAR_PTR pin, CK_ULONG pinlen,
96 		    CK_SESSION_HANDLE_PTR sess);
97 
98 extern CK_RV	get_pin(char *prompt1, char *prompt2, CK_UTF8CHAR_PTR *pin,
99 		    CK_ULONG *pinlen);
100 extern boolean_t	yesno(char *prompt, char *invalid, boolean_t dflt);
101 
102 extern CK_RV	get_token_slots(CK_SLOT_ID_PTR *slot_list,
103 		    CK_ULONG *slot_count);
104 
105 extern int get_subname(char **);
106 extern int get_serial(char **);
107 extern int get_certlabel(char **);
108 extern int get_filename(char *, char **);
109 
110 extern int	getopt_av(int argc, char * const argv[], const char *optstring);
111 extern char	*optarg_av;
112 extern int	optind_av;
113 
114 int OT2Int(char *);
115 int PK2Int(char *);
116 KMF_KEYSTORE_TYPE KS2Int(char *);
117 int Str2KeyType(char *, KMF_KEY_ALG *, KMF_ALGORITHM_INDEX *);
118 int Str2SymKeyType(char *, KMF_KEY_ALG *);
119 int Str2Lifetime(char *, uint32_t *);
120 KMF_RETURN select_token(void *, char *, int);
121 KMF_RETURN configure_nss(void *, char *, char *);
122 
123 KMF_ENCODE_FORMAT Str2Format(char *);
124 KMF_RETURN get_pk12_password(KMF_CREDENTIAL *);
125 KMF_RETURN hexstring2bytes(uchar_t *, uchar_t **, size_t *);
126 KMF_RETURN verify_altname(char *arg, KMF_GENERALNAMECHOICES *, int *);
127 KMF_RETURN verify_keyusage(char *arg, uint16_t *, int *);
128 KMF_RETURN verify_file(char *);
129 KMF_RETURN verify_ekunames(char *, EKU_LIST **);
130 KMF_RETURN token_auth_needed(KMF_HANDLE_T, char *, int *);
131 
132 void free_eku_list(EKU_LIST *);
133 
134 int yn_to_int(char *);
135 
136 int get_token_password(KMF_KEYSTORE_TYPE, char *, KMF_CREDENTIAL *);
137 void display_error(void *, KMF_RETURN, char *);
138 
139 #define	DEFAULT_NSS_TOKEN	"internal"
140 #define	DEFAULT_TOKEN_PROMPT	"Enter PIN for %s: "
141 
142 #define	EMPTYSTRING(s) (s == NULL || !strlen((char *)s))
143 /*
144  * The "dir" option is only valid with the NSS keystore.  This check
145  * forces PK_ERR_USAGE when it is used with non-NSS keystore.
146  */
147 #define	DIR_OPTION_CHECK(k, d) \
148 if (k != KMF_KEYSTORE_NSS && d != NULL) { \
149 	cryptoerror(LOG_STDERR, gettext("The 'dir' option is " \
150 	    "not supported with the indicated keystore\n")); \
151 	return (PK_ERR_USAGE); \
152 }
153 
154 
155 #ifdef __cplusplus
156 }
157 #endif
158 
159 #endif /* _PKTOOL_COMMON_H */
160