1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _SYS_CRYPTO_OPS_IMPL_H 27 #define _SYS_CRYPTO_OPS_IMPL_H 28 29 #pragma ident "%Z%%M% %I% %E% SMI" 30 31 /* 32 * Scheduler internal structures. 33 */ 34 35 #ifdef __cplusplus 36 extern "C" { 37 #endif 38 39 #include <sys/types.h> 40 #include <sys/mutex.h> 41 #include <sys/condvar.h> 42 #include <sys/crypto/api.h> 43 #include <sys/crypto/spi.h> 44 #include <sys/crypto/impl.h> 45 #include <sys/crypto/common.h> 46 47 /* 48 * The parameters needed for each function group are batched 49 * in one structure. This is much simpler than having a 50 * separate structure for each function. 51 * 52 * In some cases, a field is generically named to keep the 53 * structure small. The comments indicate these cases. 54 */ 55 typedef struct kcf_digest_ops_params { 56 crypto_session_id_t do_sid; 57 crypto_mech_type_t do_framework_mechtype; 58 crypto_mechanism_t do_mech; 59 crypto_data_t *do_data; 60 crypto_data_t *do_digest; 61 crypto_key_t *do_digest_key; /* Argument for digest_key() */ 62 } kcf_digest_ops_params_t; 63 64 typedef struct kcf_mac_ops_params { 65 crypto_session_id_t mo_sid; 66 crypto_mech_type_t mo_framework_mechtype; 67 crypto_mechanism_t mo_mech; 68 crypto_key_t *mo_key; 69 crypto_data_t *mo_data; 70 crypto_data_t *mo_mac; 71 crypto_spi_ctx_template_t mo_templ; 72 } kcf_mac_ops_params_t; 73 74 typedef struct kcf_encrypt_ops_params { 75 crypto_session_id_t eo_sid; 76 crypto_mech_type_t eo_framework_mechtype; 77 crypto_mechanism_t eo_mech; 78 crypto_key_t *eo_key; 79 crypto_data_t *eo_plaintext; 80 crypto_data_t *eo_ciphertext; 81 crypto_spi_ctx_template_t eo_templ; 82 } kcf_encrypt_ops_params_t; 83 84 typedef struct kcf_decrypt_ops_params { 85 crypto_session_id_t dop_sid; 86 crypto_mech_type_t dop_framework_mechtype; 87 crypto_mechanism_t dop_mech; 88 crypto_key_t *dop_key; 89 crypto_data_t *dop_ciphertext; 90 crypto_data_t *dop_plaintext; 91 crypto_spi_ctx_template_t dop_templ; 92 } kcf_decrypt_ops_params_t; 93 94 typedef struct kcf_sign_ops_params { 95 crypto_session_id_t so_sid; 96 crypto_mech_type_t so_framework_mechtype; 97 crypto_mechanism_t so_mech; 98 crypto_key_t *so_key; 99 crypto_data_t *so_data; 100 crypto_data_t *so_signature; 101 crypto_spi_ctx_template_t so_templ; 102 } kcf_sign_ops_params_t; 103 104 typedef struct kcf_verify_ops_params { 105 crypto_session_id_t vo_sid; 106 crypto_mech_type_t vo_framework_mechtype; 107 crypto_mechanism_t vo_mech; 108 crypto_key_t *vo_key; 109 crypto_data_t *vo_data; 110 crypto_data_t *vo_signature; 111 crypto_spi_ctx_template_t vo_templ; 112 } kcf_verify_ops_params_t; 113 114 typedef struct kcf_encrypt_mac_ops_params { 115 crypto_session_id_t em_sid; 116 crypto_mech_type_t em_framework_encr_mechtype; 117 crypto_mechanism_t em_encr_mech; 118 crypto_key_t *em_encr_key; 119 crypto_mech_type_t em_framework_mac_mechtype; 120 crypto_mechanism_t em_mac_mech; 121 crypto_key_t *em_mac_key; 122 crypto_data_t *em_plaintext; 123 crypto_dual_data_t *em_ciphertext; 124 crypto_data_t *em_mac; 125 crypto_spi_ctx_template_t em_encr_templ; 126 crypto_spi_ctx_template_t em_mac_templ; 127 } kcf_encrypt_mac_ops_params_t; 128 129 typedef struct kcf_mac_decrypt_ops_params { 130 crypto_session_id_t md_sid; 131 crypto_mech_type_t md_framework_mac_mechtype; 132 crypto_mechanism_t md_mac_mech; 133 crypto_key_t *md_mac_key; 134 crypto_mech_type_t md_framework_decr_mechtype; 135 crypto_mechanism_t md_decr_mech; 136 crypto_key_t *md_decr_key; 137 crypto_dual_data_t *md_ciphertext; 138 crypto_data_t *md_mac; 139 crypto_data_t *md_plaintext; 140 crypto_spi_ctx_template_t md_mac_templ; 141 crypto_spi_ctx_template_t md_decr_templ; 142 } kcf_mac_decrypt_ops_params_t; 143 144 typedef struct kcf_random_number_ops_params { 145 crypto_session_id_t rn_sid; 146 uchar_t *rn_buf; 147 size_t rn_buflen; 148 uint_t rn_entropy_est; 149 uint32_t rn_flags; 150 } kcf_random_number_ops_params_t; 151 152 /* 153 * so_pd is useful when the provider descriptor (pd) supplying the 154 * provider handle is different from the pd supplying the ops vector. 155 * This is the case for session open/close where so_pd can be the pd 156 * of a logical provider. The pd supplying the ops vector is passed 157 * as an argument to kcf_submit_request(). 158 */ 159 typedef struct kcf_session_ops_params { 160 crypto_session_id_t *so_sid_ptr; 161 crypto_session_id_t so_sid; 162 crypto_user_type_t so_user_type; 163 char *so_pin; 164 size_t so_pin_len; 165 kcf_provider_desc_t *so_pd; 166 } kcf_session_ops_params_t; 167 168 typedef struct kcf_object_ops_params { 169 crypto_session_id_t oo_sid; 170 crypto_object_id_t oo_object_id; 171 crypto_object_attribute_t *oo_template; 172 uint_t oo_attribute_count; 173 crypto_object_id_t *oo_object_id_ptr; 174 size_t *oo_object_size; 175 void **oo_find_init_pp_ptr; 176 void *oo_find_pp; 177 uint_t oo_max_object_count; 178 uint_t *oo_object_count_ptr; 179 } kcf_object_ops_params_t; 180 181 /* 182 * ko_key is used to encode wrapping key in key_wrap() and 183 * unwrapping key in key_unwrap(). ko_key_template and 184 * ko_key_attribute_count are used to encode public template 185 * and public template attr count in key_generate_pair(). 186 * kops->ko_key_object_id_ptr is used to encode public key 187 * in key_generate_pair(). 188 */ 189 typedef struct kcf_key_ops_params { 190 crypto_session_id_t ko_sid; 191 crypto_mech_type_t ko_framework_mechtype; 192 crypto_mechanism_t ko_mech; 193 crypto_object_attribute_t *ko_key_template; 194 uint_t ko_key_attribute_count; 195 crypto_object_id_t *ko_key_object_id_ptr; 196 crypto_object_attribute_t *ko_private_key_template; 197 uint_t ko_private_key_attribute_count; 198 crypto_object_id_t *ko_private_key_object_id_ptr; 199 crypto_key_t *ko_key; 200 uchar_t *ko_wrapped_key; 201 size_t *ko_wrapped_key_len_ptr; 202 } kcf_key_ops_params_t; 203 204 /* 205 * po_pin and po_pin_len are used to encode new_pin and new_pin_len 206 * when wrapping set_pin() function parameters. 207 * 208 * po_pd is useful when the provider descriptor (pd) supplying the 209 * provider handle is different from the pd supplying the ops vector. 210 * This is true for the ext_info provider entry point where po_pd 211 * can be the pd of a logical provider. The pd supplying the ops vector 212 * is passed as an argument to kcf_submit_request(). 213 */ 214 typedef struct kcf_provmgmt_ops_params { 215 crypto_session_id_t po_sid; 216 char *po_pin; 217 size_t po_pin_len; 218 char *po_old_pin; 219 size_t po_old_pin_len; 220 char *po_label; 221 crypto_provider_ext_info_t *po_ext_info; 222 kcf_provider_desc_t *po_pd; 223 } kcf_provmgmt_ops_params_t; 224 225 /* 226 * The operation type within a function group. 227 */ 228 typedef enum kcf_op_type { 229 /* common ops for all mechanisms */ 230 KCF_OP_INIT = 1, 231 KCF_OP_SINGLE, /* pkcs11 sense. So, INIT is already done */ 232 KCF_OP_UPDATE, 233 KCF_OP_FINAL, 234 KCF_OP_ATOMIC, 235 236 /* digest_key op */ 237 KCF_OP_DIGEST_KEY, 238 239 /* mac specific op */ 240 KCF_OP_MAC_VERIFY_ATOMIC, 241 242 /* mac/cipher specific op */ 243 KCF_OP_MAC_VERIFY_DECRYPT_ATOMIC, 244 245 /* sign_recover ops */ 246 KCF_OP_SIGN_RECOVER_INIT, 247 KCF_OP_SIGN_RECOVER, 248 KCF_OP_SIGN_RECOVER_ATOMIC, 249 250 /* verify_recover ops */ 251 KCF_OP_VERIFY_RECOVER_INIT, 252 KCF_OP_VERIFY_RECOVER, 253 KCF_OP_VERIFY_RECOVER_ATOMIC, 254 255 /* random number ops */ 256 KCF_OP_RANDOM_SEED, 257 KCF_OP_RANDOM_GENERATE, 258 259 /* session management ops */ 260 KCF_OP_SESSION_OPEN, 261 KCF_OP_SESSION_CLOSE, 262 KCF_OP_SESSION_LOGIN, 263 KCF_OP_SESSION_LOGOUT, 264 265 /* object management ops */ 266 KCF_OP_OBJECT_CREATE, 267 KCF_OP_OBJECT_COPY, 268 KCF_OP_OBJECT_DESTROY, 269 KCF_OP_OBJECT_GET_SIZE, 270 KCF_OP_OBJECT_GET_ATTRIBUTE_VALUE, 271 KCF_OP_OBJECT_SET_ATTRIBUTE_VALUE, 272 KCF_OP_OBJECT_FIND_INIT, 273 KCF_OP_OBJECT_FIND, 274 KCF_OP_OBJECT_FIND_FINAL, 275 276 /* key management ops */ 277 KCF_OP_KEY_GENERATE, 278 KCF_OP_KEY_GENERATE_PAIR, 279 KCF_OP_KEY_WRAP, 280 KCF_OP_KEY_UNWRAP, 281 KCF_OP_KEY_DERIVE, 282 KCF_OP_KEY_CHECK, 283 284 /* provider management ops */ 285 KCF_OP_MGMT_EXTINFO, 286 KCF_OP_MGMT_INITTOKEN, 287 KCF_OP_MGMT_INITPIN, 288 KCF_OP_MGMT_SETPIN 289 } kcf_op_type_t; 290 291 /* 292 * The operation groups that need wrapping of parameters. This is somewhat 293 * similar to the function group type in spi.h except that this also includes 294 * all the functions that don't have a mechanism. 295 * 296 * The wrapper macros should never take these enum values as an argument. 297 * Rather, they are assigned in the macro itself since they are known 298 * from the macro name. 299 */ 300 typedef enum kcf_op_group { 301 KCF_OG_DIGEST = 1, 302 KCF_OG_MAC, 303 KCF_OG_ENCRYPT, 304 KCF_OG_DECRYPT, 305 KCF_OG_SIGN, 306 KCF_OG_VERIFY, 307 KCF_OG_ENCRYPT_MAC, 308 KCF_OG_MAC_DECRYPT, 309 KCF_OG_RANDOM, 310 KCF_OG_SESSION, 311 KCF_OG_OBJECT, 312 KCF_OG_KEY, 313 KCF_OG_PROVMGMT 314 } kcf_op_group_t; 315 316 /* 317 * The kcf_op_type_t enum values used here should be only for those 318 * operations for which there is a k-api routine in sys/crypto/api.h. 319 */ 320 #define IS_INIT_OP(ftype) ((ftype) == KCF_OP_INIT) 321 #define IS_SINGLE_OP(ftype) ((ftype) == KCF_OP_SINGLE) 322 #define IS_UPDATE_OP(ftype) ((ftype) == KCF_OP_UPDATE) 323 #define IS_FINAL_OP(ftype) ((ftype) == KCF_OP_FINAL) 324 #define IS_ATOMIC_OP(ftype) ( \ 325 (ftype) == KCF_OP_ATOMIC || (ftype) == KCF_OP_MAC_VERIFY_ATOMIC || \ 326 (ftype) == KCF_OP_MAC_VERIFY_DECRYPT_ATOMIC || \ 327 (ftype) == KCF_OP_SIGN_RECOVER_ATOMIC || \ 328 (ftype) == KCF_OP_VERIFY_RECOVER_ATOMIC) 329 330 /* 331 * Keep the parameters associated with a request around. 332 * We need to pass them to the SPI. 333 */ 334 typedef struct kcf_req_params { 335 kcf_op_group_t rp_opgrp; 336 kcf_op_type_t rp_optype; 337 338 union { 339 kcf_digest_ops_params_t digest_params; 340 kcf_mac_ops_params_t mac_params; 341 kcf_encrypt_ops_params_t encrypt_params; 342 kcf_decrypt_ops_params_t decrypt_params; 343 kcf_sign_ops_params_t sign_params; 344 kcf_verify_ops_params_t verify_params; 345 kcf_encrypt_mac_ops_params_t encrypt_mac_params; 346 kcf_mac_decrypt_ops_params_t mac_decrypt_params; 347 kcf_random_number_ops_params_t random_number_params; 348 kcf_session_ops_params_t session_params; 349 kcf_object_ops_params_t object_params; 350 kcf_key_ops_params_t key_params; 351 kcf_provmgmt_ops_params_t provmgmt_params; 352 } rp_u; 353 } kcf_req_params_t; 354 355 356 /* 357 * The ioctl/k-api code should bundle the parameters into a kcf_req_params_t 358 * structure before calling a scheduler routine. The following macros are 359 * available for that purpose. 360 * 361 * For the most part, the macro arguments closely correspond to the 362 * function parameters. In some cases, we use generic names. The comments 363 * for the structure should indicate these cases. 364 */ 365 #define KCF_WRAP_DIGEST_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 366 _data, _digest) { \ 367 kcf_digest_ops_params_t *dops = &(req)->rp_u.digest_params; \ 368 \ 369 (req)->rp_opgrp = KCF_OG_DIGEST; \ 370 (req)->rp_optype = ftype; \ 371 dops->do_sid = _sid; \ 372 kcf_dup_mech(_mech, &dops->do_mech, &dops->do_framework_mechtype); \ 373 dops->do_digest_key = _key; \ 374 dops->do_data = _data; \ 375 dops->do_digest = _digest; \ 376 } 377 378 #define KCF_WRAP_MAC_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 379 _data, _mac, _templ) { \ 380 kcf_mac_ops_params_t *mops = &(req)->rp_u.mac_params; \ 381 \ 382 (req)->rp_opgrp = KCF_OG_MAC; \ 383 (req)->rp_optype = ftype; \ 384 mops->mo_sid = _sid; \ 385 kcf_dup_mech(_mech, &mops->mo_mech, &mops->mo_framework_mechtype); \ 386 mops->mo_key = _key; \ 387 mops->mo_data = _data; \ 388 mops->mo_mac = _mac; \ 389 mops->mo_templ = _templ; \ 390 } 391 392 #define KCF_WRAP_ENCRYPT_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 393 _plaintext, _ciphertext, _templ) { \ 394 kcf_encrypt_ops_params_t *cops = &(req)->rp_u.encrypt_params; \ 395 \ 396 (req)->rp_opgrp = KCF_OG_ENCRYPT; \ 397 (req)->rp_optype = ftype; \ 398 cops->eo_sid = _sid; \ 399 kcf_dup_mech(_mech, &cops->eo_mech, &cops->eo_framework_mechtype); \ 400 cops->eo_key = _key; \ 401 cops->eo_plaintext = _plaintext; \ 402 cops->eo_ciphertext = _ciphertext; \ 403 cops->eo_templ = _templ; \ 404 } 405 406 #define KCF_WRAP_DECRYPT_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 407 _ciphertext, _plaintext, _templ) { \ 408 kcf_decrypt_ops_params_t *cops = &(req)->rp_u.decrypt_params; \ 409 \ 410 (req)->rp_opgrp = KCF_OG_DECRYPT; \ 411 (req)->rp_optype = ftype; \ 412 cops->dop_sid = _sid; \ 413 kcf_dup_mech(_mech, &cops->dop_mech, &cops->dop_framework_mechtype); \ 414 cops->dop_key = _key; \ 415 cops->dop_ciphertext = _ciphertext; \ 416 cops->dop_plaintext = _plaintext; \ 417 cops->dop_templ = _templ; \ 418 } 419 420 #define KCF_WRAP_SIGN_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 421 _data, _signature, _templ) { \ 422 kcf_sign_ops_params_t *sops = &(req)->rp_u.sign_params; \ 423 \ 424 (req)->rp_opgrp = KCF_OG_SIGN; \ 425 (req)->rp_optype = ftype; \ 426 sops->so_sid = _sid; \ 427 kcf_dup_mech(_mech, &sops->so_mech, &sops->so_framework_mechtype); \ 428 sops->so_key = _key; \ 429 sops->so_data = _data; \ 430 sops->so_signature = _signature; \ 431 sops->so_templ = _templ; \ 432 } 433 434 #define KCF_WRAP_VERIFY_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 435 _data, _signature, _templ) { \ 436 kcf_verify_ops_params_t *vops = &(req)->rp_u.verify_params; \ 437 \ 438 (req)->rp_opgrp = KCF_OG_VERIFY; \ 439 (req)->rp_optype = ftype; \ 440 vops->vo_sid = _sid; \ 441 kcf_dup_mech(_mech, &vops->vo_mech, &vops->vo_framework_mechtype); \ 442 vops->vo_key = _key; \ 443 vops->vo_data = _data; \ 444 vops->vo_signature = _signature; \ 445 vops->vo_templ = _templ; \ 446 } 447 448 #define KCF_WRAP_ENCRYPT_MAC_OPS_PARAMS(req, ftype, _sid, _encr_key, \ 449 _mac_key, _plaintext, _ciphertext, _mac, _encr_templ, _mac_templ) { \ 450 kcf_encrypt_mac_ops_params_t *cmops = &(req)->rp_u.encrypt_mac_params; \ 451 \ 452 (req)->rp_opgrp = KCF_OG_ENCRYPT_MAC; \ 453 (req)->rp_optype = ftype; \ 454 cmops->em_sid = _sid; \ 455 cmops->em_encr_key = _encr_key; \ 456 cmops->em_mac_key = _mac_key; \ 457 cmops->em_plaintext = _plaintext; \ 458 cmops->em_ciphertext = _ciphertext; \ 459 cmops->em_mac = _mac; \ 460 cmops->em_encr_templ = _encr_templ; \ 461 cmops->em_mac_templ = _mac_templ; \ 462 } 463 464 #define KCF_WRAP_MAC_DECRYPT_OPS_PARAMS(req, ftype, _sid, _mac_key, \ 465 _decr_key, _ciphertext, _mac, _plaintext, _mac_templ, _decr_templ) { \ 466 kcf_mac_decrypt_ops_params_t *cmops = &(req)->rp_u.mac_decrypt_params; \ 467 \ 468 (req)->rp_opgrp = KCF_OG_MAC_DECRYPT; \ 469 (req)->rp_optype = ftype; \ 470 cmops->md_sid = _sid; \ 471 cmops->md_mac_key = _mac_key; \ 472 cmops->md_decr_key = _decr_key; \ 473 cmops->md_ciphertext = _ciphertext; \ 474 cmops->md_mac = _mac; \ 475 cmops->md_plaintext = _plaintext; \ 476 cmops->md_mac_templ = _mac_templ; \ 477 cmops->md_decr_templ = _decr_templ; \ 478 } 479 480 #define KCF_WRAP_RANDOM_OPS_PARAMS(req, ftype, _sid, _buf, _buflen, \ 481 _est, _flags) { \ 482 kcf_random_number_ops_params_t *rops = \ 483 &(req)->rp_u.random_number_params; \ 484 \ 485 (req)->rp_opgrp = KCF_OG_RANDOM; \ 486 (req)->rp_optype = ftype; \ 487 rops->rn_sid = _sid; \ 488 rops->rn_buf = _buf; \ 489 rops->rn_buflen = _buflen; \ 490 rops->rn_entropy_est = _est; \ 491 rops->rn_flags = _flags; \ 492 } 493 494 #define KCF_WRAP_SESSION_OPS_PARAMS(req, ftype, _sid_ptr, _sid, \ 495 _user_type, _pin, _pin_len, _pd) { \ 496 kcf_session_ops_params_t *sops = &(req)->rp_u.session_params; \ 497 \ 498 (req)->rp_opgrp = KCF_OG_SESSION; \ 499 (req)->rp_optype = ftype; \ 500 sops->so_sid_ptr = _sid_ptr; \ 501 sops->so_sid = _sid; \ 502 sops->so_user_type = _user_type; \ 503 sops->so_pin = _pin; \ 504 sops->so_pin_len = _pin_len; \ 505 sops->so_pd = _pd; \ 506 } 507 508 #define KCF_WRAP_OBJECT_OPS_PARAMS(req, ftype, _sid, _object_id, \ 509 _template, _attribute_count, _object_id_ptr, _object_size, \ 510 _find_init_pp_ptr, _find_pp, _max_object_count, _object_count_ptr) { \ 511 kcf_object_ops_params_t *jops = &(req)->rp_u.object_params; \ 512 \ 513 (req)->rp_opgrp = KCF_OG_OBJECT; \ 514 (req)->rp_optype = ftype; \ 515 jops->oo_sid = _sid; \ 516 jops->oo_object_id = _object_id; \ 517 jops->oo_template = _template; \ 518 jops->oo_attribute_count = _attribute_count; \ 519 jops->oo_object_id_ptr = _object_id_ptr; \ 520 jops->oo_object_size = _object_size; \ 521 jops->oo_find_init_pp_ptr = _find_init_pp_ptr; \ 522 jops->oo_find_pp = _find_pp; \ 523 jops->oo_max_object_count = _max_object_count; \ 524 jops->oo_object_count_ptr = _object_count_ptr; \ 525 } 526 527 #define KCF_WRAP_KEY_OPS_PARAMS(req, ftype, _sid, _mech, _key_template, \ 528 _key_attribute_count, _key_object_id_ptr, _private_key_template, \ 529 _private_key_attribute_count, _private_key_object_id_ptr, \ 530 _key, _wrapped_key, _wrapped_key_len_ptr) { \ 531 kcf_key_ops_params_t *kops = &(req)->rp_u.key_params; \ 532 \ 533 (req)->rp_opgrp = KCF_OG_KEY; \ 534 (req)->rp_optype = ftype; \ 535 kops->ko_sid = _sid; \ 536 kcf_dup_mech(_mech, &kops->ko_mech, &kops->ko_framework_mechtype); \ 537 kops->ko_key_template = _key_template; \ 538 kops->ko_key_attribute_count = _key_attribute_count; \ 539 kops->ko_key_object_id_ptr = _key_object_id_ptr; \ 540 kops->ko_private_key_template = _private_key_template; \ 541 kops->ko_private_key_attribute_count = _private_key_attribute_count; \ 542 kops->ko_private_key_object_id_ptr = _private_key_object_id_ptr; \ 543 kops->ko_key = _key; \ 544 kops->ko_wrapped_key = _wrapped_key; \ 545 kops->ko_wrapped_key_len_ptr = _wrapped_key_len_ptr; \ 546 } 547 548 #define KCF_WRAP_PROVMGMT_OPS_PARAMS(req, ftype, _sid, _old_pin, \ 549 _old_pin_len, _pin, _pin_len, _label, _ext_info, _pd) { \ 550 kcf_provmgmt_ops_params_t *pops = &(req)->rp_u.provmgmt_params; \ 551 \ 552 (req)->rp_opgrp = KCF_OG_PROVMGMT; \ 553 (req)->rp_optype = ftype; \ 554 pops->po_sid = _sid; \ 555 pops->po_pin = _pin; \ 556 pops->po_pin_len = _pin_len; \ 557 pops->po_old_pin = _old_pin; \ 558 pops->po_old_pin_len = _old_pin_len; \ 559 pops->po_label = _label; \ 560 pops->po_ext_info = _ext_info; \ 561 pops->po_pd = _pd; \ 562 } 563 564 #define KCF_SET_PROVIDER_MECHNUM(fmtype, pd, mechp) \ 565 (mechp)->cm_type = \ 566 KCF_TO_PROV_MECHNUM(pd, fmtype); 567 568 #ifdef __cplusplus 569 } 570 #endif 571 572 #endif /* _SYS_CRYPTO_OPS_IMPL_H */ 573