xref: /titanic_41/usr/src/uts/common/sys/crypto/common.h (revision da14cebe459d3275048785f25bd869cb09b5307f)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef _SYS_CRYPTO_COMMON_H
27 #define	_SYS_CRYPTO_COMMON_H
28 
29 /*
30  * Header file for the common data structures of the cryptographic framework
31  */
32 
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36 
37 #include <sys/types.h>
38 #include <sys/uio.h>
39 #include <sys/stream.h>
40 #include <sys/mutex.h>
41 #include <sys/condvar.h>
42 
43 
44 /* Cryptographic Mechanisms */
45 
46 #define	CRYPTO_MAX_MECH_NAME 32
47 typedef char crypto_mech_name_t[CRYPTO_MAX_MECH_NAME];
48 
49 typedef uint64_t crypto_mech_type_t;
50 
51 typedef struct crypto_mechanism {
52 	crypto_mech_type_t	cm_type;	/* mechanism type */
53 	caddr_t			cm_param;	/* mech. parameter */
54 	size_t			cm_param_len;	/* mech. parameter len */
55 } crypto_mechanism_t;
56 
57 #ifdef  _SYSCALL32
58 
59 typedef struct crypto_mechanism32 {
60 	crypto_mech_type_t	cm_type;	/* mechanism type */
61 	caddr32_t		cm_param;	/* mech. parameter */
62 	size32_t		cm_param_len;   /* mech. parameter len */
63 } crypto_mechanism32_t;
64 
65 #endif  /* _SYSCALL32 */
66 
67 #ifdef _KERNEL
68 /* CK_AES_CTR_PARAMS provides parameters to the CKM_AES_CTR mechanism */
69 typedef struct CK_AES_CTR_PARAMS {
70 	ulong_t	ulCounterBits;
71 	uint8_t cb[16];
72 } CK_AES_CTR_PARAMS;
73 #endif
74 
75 /* CK_AES_CCM_PARAMS provides parameters to the CKM_AES_CCM mechanism */
76 typedef struct CK_AES_CCM_PARAMS {
77 	ulong_t ulMACSize;
78 	ulong_t ulNonceSize;
79 	ulong_t ulAuthDataSize;
80 	ulong_t ulDataSize; /* used for plaintext or ciphertext */
81 	uchar_t *nonce;
82 	uchar_t *authData;
83 } CK_AES_CCM_PARAMS;
84 
85 /* CK_AES_GCM_PARAMS provides parameters to the CKM_AES_GCM mechanism */
86 typedef struct CK_AES_GCM_PARAMS {
87 	uchar_t *pIv;
88 	ulong_t ulIvLen;
89 	ulong_t ulIvBits;
90 	uchar_t *pAAD;
91 	ulong_t ulAADLen;
92 	ulong_t ulTagBits;
93 } CK_AES_GCM_PARAMS;
94 
95 #ifdef _KERNEL
96 /*
97  * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
98  * CKM_ECDH1_KEY_DERIVE mechanism
99  */
100 typedef struct CK_ECDH1_DERIVE_PARAMS {
101 	ulong_t		kdf;
102 	ulong_t		ulSharedDataLen;
103 	uchar_t		*pSharedData;
104 	ulong_t		ulPublicDataLen;
105 	uchar_t		*pPublicData;
106 } CK_ECDH1_DERIVE_PARAMS;
107 #endif
108 
109 #ifdef _KERNEL
110 #ifdef  _SYSCALL32
111 
112 /* needed for 32-bit applications running on 64-bit kernels */
113 typedef struct CK_AES_CTR_PARAMS32 {
114 	uint32_t ulCounterBits;
115 	uint8_t cb[16];
116 } CK_AES_CTR_PARAMS32;
117 
118 /* needed for 32-bit applications running on 64-bit kernels */
119 typedef struct CK_AES_CCM_PARAMS32 {
120 	uint32_t ulMACSize;
121 	uint32_t ulNonceSize;
122 	uint32_t ulAuthDataSize;
123 	uint32_t ulDataSize;
124 	caddr32_t nonce;
125 	caddr32_t authData;
126 } CK_AES_CCM_PARAMS32;
127 
128 /* needed for 32-bit applications running on 64-bit kernels */
129 typedef struct CK_AES_GCM_PARAMS32 {
130 	caddr32_t pIv;
131 	uint32_t ulIvLen;
132 	uint32_t ulIvBits;
133 	caddr32_t pAAD;
134 	uint32_t ulAADLen;
135 	uint32_t ulTagBits;
136 } CK_AES_GCM_PARAMS32;
137 
138 typedef struct CK_ECDH1_DERIVE_PARAMS32 {
139 	uint32_t	kdf;
140 	uint32_t	ulSharedDataLen;
141 	caddr32_t	pSharedData;
142 	uint32_t	ulPublicDataLen;
143 	caddr32_t	pPublicData;
144 } CK_ECDH1_DERIVE_PARAMS32;
145 
146 #endif  /* _SYSCALL32 */
147 #endif /* _KERNEL */
148 
149 /*
150  * The measurement unit bit flag for a mechanism's minimum or maximum key size.
151  * The unit are mechanism dependant.  It can be in bits or in bytes.
152  */
153 typedef uint32_t crypto_keysize_unit_t;
154 
155 /*
156  * The following bit flags are valid in cm_mech_flags field in
157  * the crypto_mech_info_t structure of the SPI.
158  *
159  * Only the first two bit flags are valid in mi_keysize_unit
160  * field in the crypto_mechanism_info_t structure of the API.
161  */
162 #define	CRYPTO_KEYSIZE_UNIT_IN_BITS	0x00000001
163 #define	CRYPTO_KEYSIZE_UNIT_IN_BYTES	0x00000002
164 #define	CRYPTO_CAN_SHARE_OPSTATE	0x00000004 /* supports sharing */
165 
166 
167 /* Mechanisms supported out-of-the-box */
168 #define	SUN_CKM_MD4			"CKM_MD4"
169 #define	SUN_CKM_MD5			"CKM_MD5"
170 #define	SUN_CKM_MD5_HMAC		"CKM_MD5_HMAC"
171 #define	SUN_CKM_MD5_HMAC_GENERAL	"CKM_MD5_HMAC_GENERAL"
172 #define	SUN_CKM_SHA1			"CKM_SHA_1"
173 #define	SUN_CKM_SHA1_HMAC		"CKM_SHA_1_HMAC"
174 #define	SUN_CKM_SHA1_HMAC_GENERAL	"CKM_SHA_1_HMAC_GENERAL"
175 #define	SUN_CKM_SHA256			"CKM_SHA256"
176 #define	SUN_CKM_SHA256_HMAC		"CKM_SHA256_HMAC"
177 #define	SUN_CKM_SHA256_HMAC_GENERAL	"CKM_SHA256_HMAC_GENERAL"
178 #define	SUN_CKM_SHA384			"CKM_SHA384"
179 #define	SUN_CKM_SHA384_HMAC		"CKM_SHA384_HMAC"
180 #define	SUN_CKM_SHA384_HMAC_GENERAL	"CKM_SHA384_HMAC_GENERAL"
181 #define	SUN_CKM_SHA512			"CKM_SHA512"
182 #define	SUN_CKM_SHA512_HMAC		"CKM_SHA512_HMAC"
183 #define	SUN_CKM_SHA512_HMAC_GENERAL	"CKM_SHA512_HMAC_GENERAL"
184 #define	SUN_CKM_DES_CBC			"CKM_DES_CBC"
185 #define	SUN_CKM_DES3_CBC		"CKM_DES3_CBC"
186 #define	SUN_CKM_DES_ECB			"CKM_DES_ECB"
187 #define	SUN_CKM_DES3_ECB		"CKM_DES3_ECB"
188 #define	SUN_CKM_BLOWFISH_CBC		"CKM_BLOWFISH_CBC"
189 #define	SUN_CKM_BLOWFISH_ECB		"CKM_BLOWFISH_ECB"
190 #define	SUN_CKM_AES_CBC			"CKM_AES_CBC"
191 #define	SUN_CKM_AES_ECB			"CKM_AES_ECB"
192 #define	SUN_CKM_AES_CTR			"CKM_AES_CTR"
193 #define	SUN_CKM_AES_CCM			"CKM_AES_CCM"
194 #define	SUN_CKM_AES_GCM			"CKM_AES_GCM"
195 #define	SUN_CKM_RC4			"CKM_RC4"
196 #define	SUN_CKM_RSA_PKCS		"CKM_RSA_PKCS"
197 #define	SUN_CKM_RSA_X_509		"CKM_RSA_X_509"
198 #define	SUN_CKM_MD5_RSA_PKCS		"CKM_MD5_RSA_PKCS"
199 #define	SUN_CKM_SHA1_RSA_PKCS		"CKM_SHA1_RSA_PKCS"
200 #define	SUN_CKM_SHA256_RSA_PKCS		"CKM_SHA256_RSA_PKCS"
201 #define	SUN_CKM_SHA384_RSA_PKCS		"CKM_SHA384_RSA_PKCS"
202 #define	SUN_CKM_SHA512_RSA_PKCS		"CKM_SHA512_RSA_PKCS"
203 #define	SUN_CKM_EC_KEY_PAIR_GEN		"CKM_EC_KEY_PAIR_GEN"
204 #define	SUN_CKM_ECDH1_DERIVE		"CKM_ECDH1_DERIVE"
205 #define	SUN_CKM_ECDSA_SHA1		"CKM_ECDSA_SHA1"
206 #define	SUN_CKM_ECDSA			"CKM_ECDSA"
207 
208 /* Shared operation context format for CKM_RC4 */
209 typedef struct {
210 #if defined(__amd64)
211 	uint32_t i, j;
212 	uint32_t arr[256];
213 #else
214 	uchar_t arr[256];
215 	uchar_t i, j;
216 #endif /* __amd64 */
217 	uint64_t pad;		/* For 64-bit alignment */
218 } arcfour_state_t;
219 
220 /* Data arguments of cryptographic operations */
221 
222 typedef enum crypto_data_format {
223 	CRYPTO_DATA_RAW = 1,
224 	CRYPTO_DATA_UIO,
225 	CRYPTO_DATA_MBLK
226 } crypto_data_format_t;
227 
228 typedef struct crypto_data {
229 	crypto_data_format_t	cd_format;	/* Format identifier	*/
230 	off_t			cd_offset;	/* Offset from the beginning */
231 	size_t			cd_length;	/* # of bytes in use */
232 	caddr_t			cd_miscdata;	/* ancillary data */
233 	union {
234 		/* Raw format */
235 		iovec_t cdu_raw;		/* Pointer and length	    */
236 
237 		/* uio scatter-gather format */
238 		uio_t	*cdu_uio;
239 
240 		/* mblk scatter-gather format */
241 		mblk_t	*cdu_mp;		/* The mblk chain */
242 
243 	} cdu;	/* Crypto Data Union */
244 } crypto_data_t;
245 
246 #define	cd_raw		cdu.cdu_raw
247 #define	cd_uio		cdu.cdu_uio
248 #define	cd_mp		cdu.cdu_mp
249 
250 typedef struct crypto_dual_data {
251 	crypto_data_t		dd_data;	/* The data */
252 	off_t			dd_offset2;	/* Used by dual operation */
253 	size_t			dd_len2;	/* # of bytes to take	*/
254 } crypto_dual_data_t;
255 
256 #define	dd_format	dd_data.cd_format
257 #define	dd_offset1	dd_data.cd_offset
258 #define	dd_len1		dd_data.cd_length
259 #define	dd_miscdata	dd_data.cd_miscdata
260 #define	dd_raw		dd_data.cd_raw
261 #define	dd_uio		dd_data.cd_uio
262 #define	dd_mp		dd_data.cd_mp
263 
264 /* The keys, and their contents */
265 
266 typedef enum {
267 	CRYPTO_KEY_RAW = 1,	/* ck_data is a cleartext key */
268 	CRYPTO_KEY_REFERENCE,	/* ck_obj_id is an opaque reference */
269 	CRYPTO_KEY_ATTR_LIST	/* ck_attrs is a list of object attributes */
270 } crypto_key_format_t;
271 
272 typedef uint64_t crypto_attr_type_t;
273 
274 /* Attribute types to use for passing a RSA public key or a private key. */
275 #define	SUN_CKA_MODULUS			0x00000120
276 #define	SUN_CKA_MODULUS_BITS		0x00000121
277 #define	SUN_CKA_PUBLIC_EXPONENT		0x00000122
278 #define	SUN_CKA_PRIVATE_EXPONENT	0x00000123
279 #define	SUN_CKA_PRIME_1			0x00000124
280 #define	SUN_CKA_PRIME_2			0x00000125
281 #define	SUN_CKA_EXPONENT_1		0x00000126
282 #define	SUN_CKA_EXPONENT_2		0x00000127
283 #define	SUN_CKA_COEFFICIENT		0x00000128
284 #define	SUN_CKA_PRIME			0x00000130
285 #define	SUN_CKA_SUBPRIME		0x00000131
286 #define	SUN_CKA_BASE			0x00000132
287 
288 #define	CKK_EC			0x00000003
289 #define	CKK_GENERIC_SECRET	0x00000010
290 #define	CKK_RC4			0x00000012
291 #define	CKK_AES			0x0000001F
292 #define	CKK_DES			0x00000013
293 #define	CKK_DES2		0x00000014
294 #define	CKK_DES3		0x00000015
295 
296 #define	CKO_PUBLIC_KEY		0x00000002
297 #define	CKO_PRIVATE_KEY		0x00000003
298 #define	CKA_CLASS		0x00000000
299 #define	CKA_VALUE		0x00000011
300 #define	CKA_KEY_TYPE		0x00000100
301 #define	CKA_VALUE_LEN		0x00000161
302 #define	CKA_EC_PARAMS		0x00000180
303 #define	CKA_EC_POINT		0x00000181
304 
305 typedef uint32_t	crypto_object_id_t;
306 
307 typedef struct crypto_object_attribute {
308 	crypto_attr_type_t	oa_type;	/* attribute type */
309 	caddr_t			oa_value;	/* attribute value */
310 	ssize_t			oa_value_len;	/* length of attribute value */
311 } crypto_object_attribute_t;
312 
313 typedef struct crypto_key {
314 	crypto_key_format_t	ck_format;	/* format identifier */
315 	union {
316 		/* for CRYPTO_KEY_RAW ck_format */
317 		struct {
318 			uint_t	cku_v_length;	/* # of bits in ck_data   */
319 			void	*cku_v_data;	/* ptr to key value */
320 		} cku_key_value;
321 
322 		/* for CRYPTO_KEY_REFERENCE ck_format */
323 		crypto_object_id_t cku_key_id;	/* reference to object key */
324 
325 		/* for CRYPTO_KEY_ATTR_LIST ck_format */
326 		struct {
327 			uint_t cku_a_count;	/* number of attributes */
328 			crypto_object_attribute_t *cku_a_oattr;
329 		} cku_key_attrs;
330 	} cku_data;				/* Crypto Key union */
331 } crypto_key_t;
332 
333 #ifdef  _SYSCALL32
334 
335 typedef struct crypto_object_attribute32 {
336 	uint64_t	oa_type;	/* attribute type */
337 	caddr32_t	oa_value;	/* attribute value */
338 	ssize32_t	oa_value_len;	/* length of attribute value */
339 } crypto_object_attribute32_t;
340 
341 typedef struct crypto_key32 {
342 	crypto_key_format_t	ck_format;	/* format identifier */
343 	union {
344 		/* for CRYPTO_KEY_RAW ck_format */
345 		struct {
346 			uint32_t cku_v_length;	/* # of bytes in ck_data */
347 			caddr32_t cku_v_data;	/* ptr to key value */
348 		} cku_key_value;
349 
350 		/* for CRYPTO_KEY_REFERENCE ck_format */
351 		crypto_object_id_t cku_key_id; /* reference to object key */
352 
353 		/* for CRYPTO_KEY_ATTR_LIST ck_format */
354 		struct {
355 			uint32_t cku_a_count;	/* number of attributes */
356 			caddr32_t cku_a_oattr;
357 		} cku_key_attrs;
358 	} cku_data;				/* Crypto Key union */
359 } crypto_key32_t;
360 
361 #endif  /* _SYSCALL32 */
362 
363 #define	ck_data		cku_data.cku_key_value.cku_v_data
364 #define	ck_length	cku_data.cku_key_value.cku_v_length
365 #define	ck_obj_id	cku_data.cku_key_id
366 #define	ck_count	cku_data.cku_key_attrs.cku_a_count
367 #define	ck_attrs	cku_data.cku_key_attrs.cku_a_oattr
368 
369 /*
370  * Raw key lengths are expressed in number of bits.
371  * The following macro returns the minimum number of
372  * bytes that can contain the specified number of bits.
373  */
374 #define	CRYPTO_BITS2BYTES(n) (((n) + 7) >> 3)
375 
376 /* Providers */
377 
378 typedef enum {
379 	CRYPTO_HW_PROVIDER = 0,
380 	CRYPTO_SW_PROVIDER,
381 	CRYPTO_LOGICAL_PROVIDER
382 } crypto_provider_type_t;
383 
384 typedef uint32_t 	crypto_provider_id_t;
385 #define	KCF_PROVID_INVALID	((uint32_t)-1)
386 
387 typedef struct crypto_provider_entry {
388 	crypto_provider_id_t	pe_provider_id;
389 	uint_t			pe_mechanism_count;
390 } crypto_provider_entry_t;
391 
392 typedef struct crypto_dev_list_entry {
393 	char			le_dev_name[MAXNAMELEN];
394 	uint_t			le_dev_instance;
395 	uint_t			le_mechanism_count;
396 } crypto_dev_list_entry_t;
397 
398 /* User type for authentication ioctls and SPI entry points */
399 
400 typedef enum crypto_user_type {
401 	CRYPTO_SO = 0,
402 	CRYPTO_USER
403 } crypto_user_type_t;
404 
405 /* Version for provider management ioctls and SPI entry points */
406 
407 typedef struct crypto_version {
408 	uchar_t	cv_major;
409 	uchar_t	cv_minor;
410 } crypto_version_t;
411 
412 /* session data structure opaque to the consumer */
413 typedef void *crypto_session_t;
414 
415 /* provider data structure opaque to the consumer */
416 typedef void *crypto_provider_t;
417 
418 /* Limits used by both consumers and providers */
419 #define	CRYPTO_EXT_SIZE_LABEL		32
420 #define	CRYPTO_EXT_SIZE_MANUF		32
421 #define	CRYPTO_EXT_SIZE_MODEL		16
422 #define	CRYPTO_EXT_SIZE_SERIAL		16
423 #define	CRYPTO_EXT_SIZE_TIME		16
424 
425 typedef struct crypto_provider_ext_info {
426 	uchar_t			ei_label[CRYPTO_EXT_SIZE_LABEL];
427 	uchar_t			ei_manufacturerID[CRYPTO_EXT_SIZE_MANUF];
428 	uchar_t			ei_model[CRYPTO_EXT_SIZE_MODEL];
429 	uchar_t			ei_serial_number[CRYPTO_EXT_SIZE_SERIAL];
430 	ulong_t			ei_flags;
431 	ulong_t			ei_max_session_count;
432 	ulong_t			ei_max_pin_len;
433 	ulong_t			ei_min_pin_len;
434 	ulong_t			ei_total_public_memory;
435 	ulong_t			ei_free_public_memory;
436 	ulong_t			ei_total_private_memory;
437 	ulong_t			ei_free_private_memory;
438 	crypto_version_t	ei_hardware_version;
439 	crypto_version_t	ei_firmware_version;
440 	uchar_t			ei_time[CRYPTO_EXT_SIZE_TIME];
441 } crypto_provider_ext_info_t;
442 
443 typedef uint_t		crypto_session_id_t;
444 
445 typedef enum cmd_type {
446 	COPY_FROM_DATA,
447 	COPY_TO_DATA,
448 	COMPARE_TO_DATA,
449 	MD5_DIGEST_DATA,
450 	SHA1_DIGEST_DATA,
451 	SHA2_DIGEST_DATA
452 } cmd_type_t;
453 
454 #define	CRYPTO_DO_UPDATE	0x01
455 #define	CRYPTO_DO_FINAL		0x02
456 #define	CRYPTO_DO_MD5		0x04
457 #define	CRYPTO_DO_SHA1		0x08
458 #define	CRYPTO_DO_SIGN		0x10
459 #define	CRYPTO_DO_VERIFY	0x20
460 #define	CRYPTO_DO_SHA2		0x40
461 
462 #define	PROVIDER_OWNS_KEY_SCHEDULE	0x00000001
463 
464 /*
465  * Common cryptographic status and error codes.
466  */
467 #define	CRYPTO_SUCCESS				0x00000000
468 #define	CRYPTO_CANCEL				0x00000001
469 #define	CRYPTO_HOST_MEMORY			0x00000002
470 #define	CRYPTO_GENERAL_ERROR			0x00000003
471 #define	CRYPTO_FAILED				0x00000004
472 #define	CRYPTO_ARGUMENTS_BAD			0x00000005
473 #define	CRYPTO_ATTRIBUTE_READ_ONLY		0x00000006
474 #define	CRYPTO_ATTRIBUTE_SENSITIVE		0x00000007
475 #define	CRYPTO_ATTRIBUTE_TYPE_INVALID		0x00000008
476 #define	CRYPTO_ATTRIBUTE_VALUE_INVALID		0x00000009
477 #define	CRYPTO_CANCELED				0x0000000A
478 #define	CRYPTO_DATA_INVALID			0x0000000B
479 #define	CRYPTO_DATA_LEN_RANGE			0x0000000C
480 #define	CRYPTO_DEVICE_ERROR			0x0000000D
481 #define	CRYPTO_DEVICE_MEMORY			0x0000000E
482 #define	CRYPTO_DEVICE_REMOVED			0x0000000F
483 #define	CRYPTO_ENCRYPTED_DATA_INVALID		0x00000010
484 #define	CRYPTO_ENCRYPTED_DATA_LEN_RANGE		0x00000011
485 #define	CRYPTO_KEY_HANDLE_INVALID		0x00000012
486 #define	CRYPTO_KEY_SIZE_RANGE			0x00000013
487 #define	CRYPTO_KEY_TYPE_INCONSISTENT		0x00000014
488 #define	CRYPTO_KEY_NOT_NEEDED			0x00000015
489 #define	CRYPTO_KEY_CHANGED			0x00000016
490 #define	CRYPTO_KEY_NEEDED			0x00000017
491 #define	CRYPTO_KEY_INDIGESTIBLE			0x00000018
492 #define	CRYPTO_KEY_FUNCTION_NOT_PERMITTED	0x00000019
493 #define	CRYPTO_KEY_NOT_WRAPPABLE		0x0000001A
494 #define	CRYPTO_KEY_UNEXTRACTABLE		0x0000001B
495 #define	CRYPTO_MECHANISM_INVALID		0x0000001C
496 #define	CRYPTO_MECHANISM_PARAM_INVALID		0x0000001D
497 #define	CRYPTO_OBJECT_HANDLE_INVALID		0x0000001E
498 #define	CRYPTO_OPERATION_IS_ACTIVE		0x0000001F
499 #define	CRYPTO_OPERATION_NOT_INITIALIZED	0x00000020
500 #define	CRYPTO_PIN_INCORRECT			0x00000021
501 #define	CRYPTO_PIN_INVALID			0x00000022
502 #define	CRYPTO_PIN_LEN_RANGE			0x00000023
503 #define	CRYPTO_PIN_EXPIRED			0x00000024
504 #define	CRYPTO_PIN_LOCKED			0x00000025
505 #define	CRYPTO_SESSION_CLOSED			0x00000026
506 #define	CRYPTO_SESSION_COUNT			0x00000027
507 #define	CRYPTO_SESSION_HANDLE_INVALID		0x00000028
508 #define	CRYPTO_SESSION_READ_ONLY		0x00000029
509 #define	CRYPTO_SESSION_EXISTS			0x0000002A
510 #define	CRYPTO_SESSION_READ_ONLY_EXISTS		0x0000002B
511 #define	CRYPTO_SESSION_READ_WRITE_SO_EXISTS	0x0000002C
512 #define	CRYPTO_SIGNATURE_INVALID		0x0000002D
513 #define	CRYPTO_SIGNATURE_LEN_RANGE		0x0000002E
514 #define	CRYPTO_TEMPLATE_INCOMPLETE		0x0000002F
515 #define	CRYPTO_TEMPLATE_INCONSISTENT		0x00000030
516 #define	CRYPTO_UNWRAPPING_KEY_HANDLE_INVALID	0x00000031
517 #define	CRYPTO_UNWRAPPING_KEY_SIZE_RANGE	0x00000032
518 #define	CRYPTO_UNWRAPPING_KEY_TYPE_INCONSISTENT	0x00000033
519 #define	CRYPTO_USER_ALREADY_LOGGED_IN		0x00000034
520 #define	CRYPTO_USER_NOT_LOGGED_IN		0x00000035
521 #define	CRYPTO_USER_PIN_NOT_INITIALIZED		0x00000036
522 #define	CRYPTO_USER_TYPE_INVALID		0x00000037
523 #define	CRYPTO_USER_ANOTHER_ALREADY_LOGGED_IN	0x00000038
524 #define	CRYPTO_USER_TOO_MANY_TYPES		0x00000039
525 #define	CRYPTO_WRAPPED_KEY_INVALID		0x0000003A
526 #define	CRYPTO_WRAPPED_KEY_LEN_RANGE		0x0000003B
527 #define	CRYPTO_WRAPPING_KEY_HANDLE_INVALID	0x0000003C
528 #define	CRYPTO_WRAPPING_KEY_SIZE_RANGE		0x0000003D
529 #define	CRYPTO_WRAPPING_KEY_TYPE_INCONSISTENT	0x0000003E
530 #define	CRYPTO_RANDOM_SEED_NOT_SUPPORTED	0x0000003F
531 #define	CRYPTO_RANDOM_NO_RNG			0x00000040
532 #define	CRYPTO_DOMAIN_PARAMS_INVALID		0x00000041
533 #define	CRYPTO_BUFFER_TOO_SMALL			0x00000042
534 #define	CRYPTO_INFORMATION_SENSITIVE		0x00000043
535 #define	CRYPTO_NOT_SUPPORTED			0x00000044
536 
537 #define	CRYPTO_QUEUED				0x00000045
538 #define	CRYPTO_BUFFER_TOO_BIG			0x00000046
539 #define	CRYPTO_INVALID_CONTEXT			0x00000047
540 #define	CRYPTO_INVALID_MAC			0x00000048
541 #define	CRYPTO_MECH_NOT_SUPPORTED		0x00000049
542 #define	CRYPTO_INCONSISTENT_ATTRIBUTE		0x0000004A
543 #define	CRYPTO_NO_PERMISSION			0x0000004B
544 #define	CRYPTO_INVALID_PROVIDER_ID		0x0000004C
545 #define	CRYPTO_VERSION_MISMATCH			0x0000004D
546 #define	CRYPTO_BUSY				0x0000004E
547 #define	CRYPTO_UNKNOWN_PROVIDER			0x0000004F
548 #define	CRYPTO_MODVERIFICATION_FAILED		0x00000050
549 #define	CRYPTO_OLD_CTX_TEMPLATE			0x00000051
550 #define	CRYPTO_WEAK_KEY				0x00000052
551 
552 /*
553  * Special values that can be used to indicate that information is unavailable
554  * or that there is not practical limit. These values can be used
555  * by fields of the SPI crypto_provider_ext_info(9S) structure.
556  * The value of CRYPTO_UNAVAILABLE_INFO should be the same as
557  * CK_UNAVAILABLE_INFO in the PKCS#11 spec.
558  */
559 #define	CRYPTO_UNAVAILABLE_INFO		((ulong_t)(-1))
560 #define	CRYPTO_EFFECTIVELY_INFINITE	0x0
561 
562 #ifdef __cplusplus
563 }
564 #endif
565 
566 #endif /* _SYS_CRYPTO_COMMON_H */
567