1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2003 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate #ifndef _KEY_UTIL_H 28*7c478bd9Sstevel@tonic-gate #define _KEY_UTIL_H 29*7c478bd9Sstevel@tonic-gate 30*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 31*7c478bd9Sstevel@tonic-gate 32*7c478bd9Sstevel@tonic-gate #include <stdio.h> 33*7c478bd9Sstevel@tonic-gate #include <sys/types.h> 34*7c478bd9Sstevel@tonic-gate 35*7c478bd9Sstevel@tonic-gate #ifdef __cplusplus 36*7c478bd9Sstevel@tonic-gate extern "C" { 37*7c478bd9Sstevel@tonic-gate #endif 38*7c478bd9Sstevel@tonic-gate 39*7c478bd9Sstevel@tonic-gate /* Key algorithms */ 40*7c478bd9Sstevel@tonic-gate typedef enum { 41*7c478bd9Sstevel@tonic-gate WBKU_KEY_3DES, 42*7c478bd9Sstevel@tonic-gate WBKU_KEY_AES_128, 43*7c478bd9Sstevel@tonic-gate WBKU_KEY_HMAC_SHA1, 44*7c478bd9Sstevel@tonic-gate WBKU_KEY_RSA, 45*7c478bd9Sstevel@tonic-gate WBKU_KEY_UNKNOWN 46*7c478bd9Sstevel@tonic-gate } wbku_key_type_t; 47*7c478bd9Sstevel@tonic-gate 48*7c478bd9Sstevel@tonic-gate /* Algorithm keywords */ 49*7c478bd9Sstevel@tonic-gate #define WBKU_KW_3DES "3des" 50*7c478bd9Sstevel@tonic-gate #define WBKU_KW_AES_128 "aes" 51*7c478bd9Sstevel@tonic-gate #define WBKU_KW_HMAC_SHA1 "sha1" 52*7c478bd9Sstevel@tonic-gate #define WBKU_KW_RSA "rsa" 53*7c478bd9Sstevel@tonic-gate 54*7c478bd9Sstevel@tonic-gate /* Algorithm types */ 55*7c478bd9Sstevel@tonic-gate #define WBKU_ENCR_KEY (uint_t)0x1 56*7c478bd9Sstevel@tonic-gate #define WBKU_HASH_KEY (uint_t)0x2 57*7c478bd9Sstevel@tonic-gate #define WBKU_ANY_KEY (WBKU_ENCR_KEY | WBKU_HASH_KEY) 58*7c478bd9Sstevel@tonic-gate 59*7c478bd9Sstevel@tonic-gate /* Return codes */ 60*7c478bd9Sstevel@tonic-gate typedef enum { 61*7c478bd9Sstevel@tonic-gate WBKU_SUCCESS, 62*7c478bd9Sstevel@tonic-gate WBKU_INTERNAL_ERR, 63*7c478bd9Sstevel@tonic-gate WBKU_WRITE_ERR, 64*7c478bd9Sstevel@tonic-gate WBKU_NOKEY, 65*7c478bd9Sstevel@tonic-gate WBKU_BAD_KEYTYPE 66*7c478bd9Sstevel@tonic-gate } wbku_retcode_t; 67*7c478bd9Sstevel@tonic-gate 68*7c478bd9Sstevel@tonic-gate #define WBKU_NRET (WBKU_BAD_KEYTYPE + 1) 69*7c478bd9Sstevel@tonic-gate 70*7c478bd9Sstevel@tonic-gate /* The master key file location. */ 71*7c478bd9Sstevel@tonic-gate #define MASTER_KEY_FILE "/etc/netboot/keystore" 72*7c478bd9Sstevel@tonic-gate 73*7c478bd9Sstevel@tonic-gate /* The root directory for all client keys */ 74*7c478bd9Sstevel@tonic-gate #define CLIENT_KEY_DIR "/etc/netboot" 75*7c478bd9Sstevel@tonic-gate 76*7c478bd9Sstevel@tonic-gate /* The structure that defines the attributes of a particular key type */ 77*7c478bd9Sstevel@tonic-gate typedef struct key_attr { 78*7c478bd9Sstevel@tonic-gate wbku_key_type_t ka_type; /* key type */ 79*7c478bd9Sstevel@tonic-gate uint_t ka_atype; /* key algorithm type */ 80*7c478bd9Sstevel@tonic-gate uint_t ka_len; /* length of the current key */ 81*7c478bd9Sstevel@tonic-gate uint_t ka_minlen; /* shortest allowable key value */ 82*7c478bd9Sstevel@tonic-gate uint_t ka_maxlen; /* maximum allowable key length */ 83*7c478bd9Sstevel@tonic-gate char *ka_str; /* key string identifier */ 84*7c478bd9Sstevel@tonic-gate char *ka_oid; /* key algorithm oid */ 85*7c478bd9Sstevel@tonic-gate boolean_t (*ka_keycheck)(const uint8_t *); /* keycheck function */ 86*7c478bd9Sstevel@tonic-gate } wbku_key_attr_t; 87*7c478bd9Sstevel@tonic-gate 88*7c478bd9Sstevel@tonic-gate extern void wbku_errinit(const char *); 89*7c478bd9Sstevel@tonic-gate extern void wbku_printerr(const char *, ...); 90*7c478bd9Sstevel@tonic-gate extern const char *wbku_retmsg(wbku_retcode_t); 91*7c478bd9Sstevel@tonic-gate extern wbku_retcode_t wbku_str_to_keyattr(const char *, wbku_key_attr_t *, 92*7c478bd9Sstevel@tonic-gate uint_t); 93*7c478bd9Sstevel@tonic-gate extern wbku_retcode_t wbku_find_key(FILE *, fpos_t *, wbku_key_attr_t *, 94*7c478bd9Sstevel@tonic-gate uint8_t *, boolean_t); 95*7c478bd9Sstevel@tonic-gate extern wbku_retcode_t wbku_write_key(FILE *, const fpos_t *, 96*7c478bd9Sstevel@tonic-gate const wbku_key_attr_t *, uint8_t *, boolean_t); 97*7c478bd9Sstevel@tonic-gate extern wbku_retcode_t wbku_delete_key(FILE *, FILE *, const wbku_key_attr_t *); 98*7c478bd9Sstevel@tonic-gate 99*7c478bd9Sstevel@tonic-gate #ifdef __cplusplus 100*7c478bd9Sstevel@tonic-gate } 101*7c478bd9Sstevel@tonic-gate #endif 102*7c478bd9Sstevel@tonic-gate 103*7c478bd9Sstevel@tonic-gate #endif /* _KEY_UTIL_H */ 104