xref: /titanic_50/usr/src/lib/pkcs11/libpkcs11/common/metaAttrMasters.h (revision 4445fffbbb1ea25fd0e9ea68b9380dd7a6709025)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef _META_ATTRMASTERS_H
27 #define	_META_ATTRMASTERS_H
28 
29 #pragma ident	"%Z%%M%	%I%	%E% SMI"
30 
31 #ifdef	__cplusplus
32 extern "C" {
33 #endif
34 
35 /*
36  * Master object templates
37  *
38  * [This file should only be included by a single source file. This is a
39  * non-traditional header file in that it simply contains a bunch of large,
40  * preinitialized static const structures. They're stored here to keep them
41  * "out of the way."]
42  *
43  * In PKCS#11, each object is well-defined... Each object type has an exact
44  * set of attributes, and each attribute always has some value. Some
45  * attribute values must be specificed when the object is created, others
46  * are optional (ie, a default value exisits). Thus, the template an
47  * application provides when creating a new object may be a subset of the
48  * allowed attributes. The "master" templates presented here, however,
49  * are complete.
50  */
51 
52 
53 /*
54  * Aliases for some field values in generic_attr_t, so that the initialization
55  * below isn't just a confusing mess of B_TRUE and B_FALSE. Lint
56  * complaints about using "!Foo" in const initializers,
57  * so we #define each value.
58  */
59 
60 #define	unused		0
61 #define	Mallocd		B_TRUE
62 #define	Clone		B_TRUE
63 #define	EmptyValue	B_TRUE
64 #define	NotMallocd	B_FALSE
65 #define	NotClone	B_FALSE
66 #define	NotEmptyValue	B_FALSE
67 #define	EMPTYDATE	' ', ' ', ' ', ' ', ' ', ' ', ' ', ' '
68 #define	EMPTY		'\0'
69 
70 /*
71  * A note regarding CKA_CLASS and sub-type (eg CKA_KEY_TYPE)
72  *
73  * These two attributes have been moved to the top of the master template
74  * definitions. All the metaslot code assumes that CKA_CLASS resides in index=0,
75  * and the sub-type resides in index=1.
76  */
77 
78 
79 /*
80  * Common storage object attributes, Table 19 (p81) of PKCS#11 2.11r1 spec.
81  */
82 #define	COMMON_STORAGE_ATTRIBUTES					\
83 	{ { CKA_TOKEN, NULL, sizeof (CK_BBOOL) },			\
84 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
85 		CK_FALSE, unused, { unused } },				\
86 	{ { CKA_PRIVATE, NULL, sizeof (CK_BBOOL) },			\
87 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
88 		CK_FALSE, unused, { unused } },				\
89 	{ { CKA_MODIFIABLE, NULL, sizeof (CK_BBOOL) },			\
90 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
91 		CK_TRUE, unused, { unused } },				\
92 	{ { CKA_LABEL, NULL, 0 },					\
93 		NotMallocd, Clone, EmptyValue, B_FALSE,			\
94 		unused, unused, { EMPTY } }
95 
96 /*
97  * Common certificate attributes, Table 21 (p83) of PKCS#11 2.11r1 spec.
98  * (CKA_CERTIFICATE_TYPE has been moved, to place at top of template)
99  *
100  */
101 #define	COMMON_CERTIFICATE_ATTRIBUTES					\
102 	{ { CKA_TRUSTED, NULL, sizeof (CK_BBOOL) },			\
103 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
104 		CK_FALSE, unused, { unused } }
105 
106 /*
107  * Common key attributes, Table 25 (p89) of PKCS#11 2.11r1 spec.
108  * (CKA_KEY_TYPE has been moved, to place at top of template)
109  *
110  */
111 #define	COMMON_KEY_ATTRIBUTES						\
112 	{ { CKA_ID, NULL, 0 },						\
113 		NotMallocd, Clone, EmptyValue, B_FALSE,			\
114 		unused, unused, { EMPTY } },				\
115 	{ { CKA_START_DATE, NULL, sizeof (CK_DATE) },			\
116 		NotMallocd, Clone, EmptyValue, B_FALSE,			\
117 		unused, unused, { EMPTYDATE } },			\
118 	{ { CKA_END_DATE, NULL, sizeof (CK_DATE) },			\
119 		NotMallocd, Clone, EmptyValue, B_FALSE,			\
120 		unused, unused, { EMPTYDATE } },			\
121 	{ { CKA_DERIVE, NULL, sizeof (CK_BBOOL) },			\
122 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
123 		CK_FALSE, unused, { unused } },				\
124 	{ { CKA_LOCAL, NULL, sizeof (CK_BBOOL) },			\
125 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
126 		CK_FALSE, unused, { unused } },				\
127 	{ { CKA_KEY_GEN_MECHANISM, NULL, sizeof (CK_MECHANISM_TYPE) },	\
128 		NotMallocd, NotClone, EmptyValue, B_FALSE,		\
129 		unused, CK_UNAVAILABLE_INFORMATION, { unused } }
130 
131 /*
132  * Common public-key attributes, Table 26 (p90) of PKCS#11 2.11r1 spec.
133  *
134  * CKA_SUBJECT has the PKCS#11-specified default. The object-usage attributes
135  * are token-specific defaults.
136  *
137  */
138 #define	COMMON_PUBKEY_ATTRIBUTES					\
139 	{ { CKA_SUBJECT, NULL, 0 },					\
140 		NotMallocd, Clone, EmptyValue, B_FALSE,			\
141 		unused, unused, { EMPTY } },				\
142 	{ { CKA_ENCRYPT, NULL, sizeof (CK_BBOOL) },			\
143 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
144 		CK_TRUE, unused, { unused } },				\
145 	{ { CKA_VERIFY, NULL, sizeof (CK_BBOOL) },			\
146 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
147 		CK_TRUE, unused, { unused } },				\
148 	{ { CKA_VERIFY_RECOVER, NULL, sizeof (CK_BBOOL) },		\
149 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
150 		CK_TRUE, unused, { unused } },				\
151 	{ { CKA_WRAP, NULL, sizeof (CK_BBOOL) },			\
152 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
153 		CK_TRUE, unused, { unused } },				\
154 	{ { CKA_TRUSTED, NULL, sizeof (CK_BBOOL) },			\
155 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
156 		CK_FALSE, unused, { unused } }
157 
158 /*
159  * Common private-key attributes, Table 34 (p97) of PKCS#11 2.11r1 spec.
160  */
161 #define	COMMON_PRIVKEY_ATTRIBUTES					\
162 	{ { CKA_SUBJECT, NULL, 0 },					\
163 		NotMallocd, Clone, EmptyValue, B_FALSE,			\
164 		unused, unused, { EMPTY } },				\
165 	{ { CKA_SENSITIVE, NULL, sizeof (CK_BBOOL) },			\
166 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
167 		CK_FALSE, unused, { unused } },				\
168 	{ { CKA_SECONDARY_AUTH, NULL, sizeof (CK_BBOOL) },		\
169 		NotMallocd, Clone, EmptyValue, B_FALSE,			\
170 		CK_FALSE, unused, { unused } },				\
171 	{ { CKA_DECRYPT, NULL, sizeof (CK_BBOOL) },			\
172 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
173 		CK_TRUE, unused, { unused } },				\
174 	{ { CKA_SIGN, NULL, sizeof (CK_BBOOL) },			\
175 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
176 		CK_TRUE, unused, { unused } },				\
177 	{ { CKA_SIGN_RECOVER, NULL, sizeof (CK_BBOOL) },		\
178 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
179 		CK_TRUE, unused, { unused } },				\
180 	{ { CKA_UNWRAP, NULL, sizeof (CK_BBOOL) },			\
181 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
182 		CK_TRUE, unused, { unused } },				\
183 	{ { CKA_EXTRACTABLE, NULL, sizeof (CK_BBOOL) },			\
184 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
185 		CK_TRUE, unused, { unused } },				\
186 	{ { CKA_ALWAYS_SENSITIVE, NULL, sizeof (CK_BBOOL) },		\
187 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
188 		CK_FALSE, unused, { unused } },				\
189 	{ { CKA_NEVER_EXTRACTABLE, NULL, sizeof (CK_BBOOL) },		\
190 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
191 		CK_FALSE, unused, { unused } }
192 
193 
194 /*
195  * Common secret-key attributes, Table 42 (p108) of PKCS#11 2.11r1 spec.
196  */
197 #define	COMMON_SECKEY_ATTRIBUTES					\
198 	{ { CKA_SENSITIVE, NULL, sizeof (CK_BBOOL) },			\
199 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
200 		CK_FALSE, unused, { unused } },				\
201 	{ { CKA_ENCRYPT, NULL, sizeof (CK_BBOOL) },			\
202 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
203 		CK_TRUE, unused, { unused } },				\
204 	{ { CKA_DECRYPT, NULL, sizeof (CK_BBOOL) },			\
205 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
206 		CK_TRUE, unused, { unused } },				\
207 	{ { CKA_SIGN, NULL, sizeof (CK_BBOOL) },			\
208 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
209 		CK_TRUE, unused, { unused } },				\
210 	{ { CKA_VERIFY, NULL, sizeof (CK_BBOOL) },			\
211 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
212 		CK_TRUE, unused, { unused } },				\
213 	{ { CKA_WRAP, NULL, sizeof (CK_BBOOL) },			\
214 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
215 		CK_TRUE, unused, { unused } },				\
216 	{ { CKA_UNWRAP, NULL, sizeof (CK_BBOOL) },			\
217 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
218 		CK_TRUE, unused, { unused } },				\
219 	{ { CKA_EXTRACTABLE, NULL, sizeof (CK_BBOOL) },			\
220 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
221 		CK_TRUE, unused, { unused } },				\
222 	{ { CKA_ALWAYS_SENSITIVE, NULL, sizeof (CK_BBOOL) },		\
223 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
224 		CK_FALSE, unused, { unused } },				\
225 	{ { CKA_NEVER_EXTRACTABLE, NULL, sizeof (CK_BBOOL) },		\
226 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,		\
227 		CK_FALSE, unused, { unused } }
228 
229 /*
230  * Common domain-paramaters attributes, Table 60 (p123) of PKCS#11 2.11r1 spec.
231  * (CKA_KEY_TYPE has been removed, to place elsewhere)
232  */
233 #define	COMMON_DOMAIN_ATTRIBUTES					\
234 	{ { CKA_LOCAL, NULL, sizeof (CK_BBOOL) },			\
235 		NotMallocd, Clone, NotEmptyValue, B_FALSE,		\
236 		CK_FALSE, unused, { unused } }
237 
238 
239 /* ========================= HW Objects ========================= */
240 
241 
242 /*
243  * Master template for: CKO_HW_FEATURE + CKH_CLOCK
244  */
245 static const generic_attr_t OBJ_HW_CLOCK[] =
246 {
247 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
248 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
249 		unused, CKO_HW_FEATURE, { unused } },
250 	{ { CKA_HW_FEATURE_TYPE, NULL, sizeof (CK_HW_FEATURE_TYPE) },
251 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
252 		unused, CKH_CLOCK, { unused } },
253 	{ { CKA_VALUE, NULL, 16 },
254 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
255 		unused, unused, { EMPTYDATE, EMPTYDATE } }
256 };
257 
258 
259 /*
260  * Master template for: CKO_HW_FEATURE + CKH_MONOTONIC_COUNTER
261  *
262  * NOTE: no sub-type for this class!
263  */
264 static const generic_attr_t OBJ_HW_MONOTONIC[] =
265 {
266 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
267 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
268 		unused, CKO_HW_FEATURE, { unused } },
269 	{ { CKA_HW_FEATURE_TYPE, NULL, sizeof (CK_HW_FEATURE_TYPE) },
270 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
271 		unused, CKH_MONOTONIC_COUNTER, { unused } },
272 	{ { CKA_VALUE, NULL, 0 },
273 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
274 		unused, unused, { EMPTY } },
275 	{ { CKA_RESET_ON_INIT, NULL, sizeof (CK_BBOOL) },
276 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
277 		CK_FALSE, unused, { unused } },
278 	{ { CKA_HAS_RESET, NULL, sizeof (CK_BBOOL) },
279 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
280 		CK_FALSE, unused, { unused } }
281 };
282 
283 
284 /* ========================= Data Objects ========================= */
285 
286 
287 /*
288  * Master template for CKO_DATA + (no subtypes for this class)
289  *
290  * Defaults are according to PKCS#11.
291  *
292  * NOTE: no sub-type for this class!
293  */
294 static const generic_attr_t OBJ_DATA[] =
295 {
296 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
297 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
298 		unused, CKO_DATA, { unused } },
299 	COMMON_STORAGE_ATTRIBUTES,
300 	{ { CKA_APPLICATION, NULL, 0 },
301 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
302 		unused, unused, { EMPTY } },
303 	{ { CKA_OBJECT_ID, NULL, 0 },
304 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
305 		unused, unused, { EMPTY } },
306 	{ { CKA_VALUE, NULL, 0 },
307 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
308 		unused, unused, { EMPTY } }
309 };
310 
311 
312 /* ========================= Certificate Objects ========================= */
313 
314 
315 /*
316  * Master template for CKO_CERTIFICATE + CKC_X_509
317  *
318  * Defaults are according to PKCS#11.
319  */
320 static const generic_attr_t OBJ_CERT_X509[] =
321 {
322 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
323 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
324 		unused, CKO_CERTIFICATE, { unused } },
325 	{ { CKA_CERTIFICATE_TYPE, NULL, sizeof (CK_CERTIFICATE_TYPE) },
326 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
327 		unused, CKC_X_509, { unused } },
328 	COMMON_STORAGE_ATTRIBUTES,
329 	COMMON_CERTIFICATE_ATTRIBUTES,
330 	{ { CKA_SUBJECT, NULL, 0 },
331 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
332 		unused, unused, { EMPTY } },
333 	{ { CKA_ID, NULL, 0 },
334 		NotMallocd, Clone, EmptyValue, B_FALSE,
335 		unused, unused, { EMPTY } },
336 	{ { CKA_ISSUER, NULL, 0 },
337 		NotMallocd, Clone, EmptyValue, B_FALSE,
338 		unused, unused, { EMPTY } },
339 	{ { CKA_SERIAL_NUMBER, NULL, 0 },
340 		NotMallocd, Clone, EmptyValue, B_FALSE,
341 		unused, unused, { EMPTY } },
342 	{ { CKA_VALUE, NULL, 0 },
343 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
344 		unused, unused, { EMPTY } }
345 };
346 
347 
348 /*
349  * Master template for CKO_CERTIFICATE + CKC_X_509_ATTR_CERT
350  *
351  * Defaults are according to PKCS#11.
352  */
353 static const generic_attr_t OBJ_CERT_X509ATTR[] =
354 {
355 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
356 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
357 		unused, CKO_CERTIFICATE, { unused } },
358 	{ { CKA_CERTIFICATE_TYPE, NULL, sizeof (CK_CERTIFICATE_TYPE) },
359 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
360 		unused, CKC_X_509_ATTR_CERT, { unused } },
361 	COMMON_STORAGE_ATTRIBUTES,
362 	COMMON_CERTIFICATE_ATTRIBUTES,
363 	{ { CKA_OWNER, NULL, 0 },
364 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
365 		unused, unused, { EMPTY } },
366 	{ { CKA_AC_ISSUER, NULL, 0 },
367 		NotMallocd, Clone, EmptyValue, B_FALSE,
368 		unused, unused, { EMPTY } },
369 	{ { CKA_SERIAL_NUMBER, NULL, 0 },
370 		NotMallocd, Clone, EmptyValue, B_FALSE,
371 		unused, unused, { EMPTY } },
372 	{ { CKA_ATTR_TYPES, NULL, 0 },
373 		NotMallocd, Clone, EmptyValue, B_FALSE,
374 		unused, unused, { EMPTY } },
375 	{ { CKA_VALUE, NULL, 0 },
376 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
377 		unused, unused, { EMPTY } }
378 };
379 
380 
381 /* ========================= Public Keys ========================= */
382 
383 
384 /*
385  * Master template for CKO_PUBLIC_KEY + CKK_RSA
386  */
387 static const generic_attr_t OBJ_PUBKEY_RSA[] =
388 {
389 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
390 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
391 		unused, CKO_PUBLIC_KEY, { unused } },
392 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
393 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
394 		unused, CKK_RSA, { unused } },
395 	COMMON_STORAGE_ATTRIBUTES,
396 	COMMON_KEY_ATTRIBUTES,
397 	COMMON_PUBKEY_ATTRIBUTES,
398 	{ { CKA_MODULUS, NULL, 0 },
399 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
400 		unused, unused, { EMPTY } },
401 	{ { CKA_MODULUS_BITS, NULL, sizeof (CK_ULONG)},
402 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
403 		unused, 0, { unused } },
404 	{ { CKA_PUBLIC_EXPONENT, NULL, 0 },
405 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
406 		unused, unused, { EMPTY } }
407 };
408 
409 
410 /*
411  * Master template for CKO_PUBLIC_KEY + CKK_DSA
412  *
413  */
414 static const generic_attr_t OBJ_PUBKEY_DSA[] =
415 {
416 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
417 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
418 		unused, CKO_PUBLIC_KEY, { unused } },
419 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
420 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
421 		unused, CKK_DSA, { unused } },
422 	COMMON_STORAGE_ATTRIBUTES,
423 	COMMON_KEY_ATTRIBUTES,
424 	COMMON_PUBKEY_ATTRIBUTES,
425 	{ { CKA_PRIME, NULL, 0 },
426 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
427 		unused, unused, { EMPTY } },
428 	{ { CKA_SUBPRIME, NULL, 0 },
429 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
430 		unused, unused, { EMPTY } },
431 	{ { CKA_BASE, NULL, 0 },
432 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
433 		unused, unused, { EMPTY } },
434 	{ { CKA_VALUE, NULL, 0 },
435 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
436 		unused, unused, { EMPTY } }
437 };
438 
439 
440 /*
441  * Master template for CKO_PUBLIC_KEY + CKK_EC
442  *
443  */
444 static const generic_attr_t OBJ_PUBKEY_EC[] =
445 {
446 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
447 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
448 		unused, CKO_PUBLIC_KEY, { unused } },
449 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
450 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
451 		unused, CKK_EC, { unused } },
452 	COMMON_STORAGE_ATTRIBUTES,
453 	COMMON_KEY_ATTRIBUTES,
454 	COMMON_PUBKEY_ATTRIBUTES,
455 	{ { CKA_EC_PARAMS, NULL, 0 },
456 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
457 		unused, unused, { EMPTY } },
458 	{ { CKA_EC_POINT, NULL, 0 },
459 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
460 		unused, unused, { EMPTY } }
461 };
462 
463 
464 /*
465  * Master template for CKO_PUBLIC_KEY + CKK_DH
466  *
467  */
468 static const generic_attr_t OBJ_PUBKEY_DH[] =
469 {
470 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
471 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
472 		unused, CKO_PUBLIC_KEY, { unused } },
473 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
474 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
475 		unused, CKK_DH, { unused } },
476 	COMMON_STORAGE_ATTRIBUTES,
477 	COMMON_KEY_ATTRIBUTES,
478 	COMMON_PUBKEY_ATTRIBUTES,
479 	{ { CKA_PRIME, NULL, 0 },
480 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
481 		unused, unused, { EMPTY } },
482 	{ { CKA_BASE, NULL, 0 },
483 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
484 		unused, unused, { EMPTY } },
485 	{ { CKA_VALUE, NULL, 0 },
486 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
487 		unused, unused, { EMPTY } }
488 };
489 
490 
491 /*
492  * Master template for CKO_PUBLIC_KEY + CKK_X9_42_DH
493  *
494  */
495 static const generic_attr_t OBJ_PUBKEY_X942DH[] =
496 {
497 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
498 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
499 		unused, CKO_PUBLIC_KEY, { unused } },
500 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
501 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
502 		unused, CKK_X9_42_DH, { unused } },
503 	COMMON_STORAGE_ATTRIBUTES,
504 	COMMON_KEY_ATTRIBUTES,
505 	COMMON_PUBKEY_ATTRIBUTES,
506 	{ { CKA_PRIME, NULL, 0 },
507 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
508 		unused, unused, { EMPTY } },
509 	{ { CKA_BASE, NULL, 0 },
510 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
511 		unused, unused, { EMPTY } },
512 	{ { CKA_SUBPRIME, NULL, 0 },
513 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
514 		unused, unused, { EMPTY } },
515 	{ { CKA_VALUE, NULL, 0 },
516 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
517 		unused, unused, { EMPTY } }
518 };
519 
520 
521 /*
522  * Master template for CKO_PUBLIC_KEY + CKK_KEA
523  *
524  */
525 static const generic_attr_t OBJ_PUBKEY_KEA[] =
526 {
527 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
528 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
529 		unused, CKO_PUBLIC_KEY, { unused } },
530 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
531 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
532 		unused, CKK_KEA, { unused } },
533 	COMMON_STORAGE_ATTRIBUTES,
534 	COMMON_KEY_ATTRIBUTES,
535 	COMMON_PUBKEY_ATTRIBUTES,
536 	{ { CKA_PRIME, NULL, 0 },
537 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
538 		unused, unused, { EMPTY } },
539 	{ { CKA_BASE, NULL, 0 },
540 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
541 		unused, unused, { EMPTY } },
542 	{ { CKA_SUBPRIME, NULL, 0 },
543 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
544 		unused, unused, { EMPTY } },
545 	{ { CKA_VALUE, NULL, 0 },
546 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
547 		unused, unused, { EMPTY } }
548 };
549 
550 
551 /* ========================= Private Keys ========================= */
552 
553 
554 /*
555  * Master template for CKO_PRIVATE_KEY + CKK_RSA
556  *
557  */
558 static const generic_attr_t OBJ_PRIVKEY_RSA[] =
559 {
560 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
561 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
562 		unused, CKO_PRIVATE_KEY, { unused } },
563 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
564 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
565 		unused, CKK_RSA, { unused } },
566 	COMMON_STORAGE_ATTRIBUTES,
567 	COMMON_KEY_ATTRIBUTES,
568 	COMMON_PRIVKEY_ATTRIBUTES,
569 	{ { CKA_MODULUS, NULL, 0 },
570 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
571 		unused, unused, { EMPTY } },
572 	{ { CKA_PRIVATE_EXPONENT, NULL, 0 },
573 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
574 		unused, unused, { EMPTY } },
575 	{ { CKA_PUBLIC_EXPONENT, NULL, 0 },
576 		NotMallocd, Clone, EmptyValue, B_FALSE,
577 		unused, unused, { EMPTY } },
578 	{ { CKA_PRIME_1, NULL, 0 },
579 		NotMallocd, Clone, EmptyValue, B_FALSE,
580 		unused, unused, { EMPTY } },
581 	{ { CKA_PRIME_2, NULL, 0 },
582 		NotMallocd, Clone, EmptyValue, B_FALSE,
583 		unused, unused, { EMPTY } },
584 	{ { CKA_EXPONENT_1, NULL, 0 },
585 		NotMallocd, Clone, EmptyValue, B_FALSE,
586 		unused, unused, { EMPTY } },
587 	{ { CKA_EXPONENT_2, NULL, 0 },
588 		NotMallocd, Clone, EmptyValue, B_FALSE,
589 		unused, unused, { EMPTY } },
590 	{ { CKA_COEFFICIENT, NULL, 0 },
591 		NotMallocd, Clone, EmptyValue, B_FALSE,
592 		unused, unused, { EMPTY } }
593 };
594 
595 
596 /*
597  * Master template for CKO_PRIVATE_KEY + CKK_DSA
598  *
599  */
600 static const generic_attr_t OBJ_PRIVKEY_DSA[] =
601 {
602 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
603 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
604 		unused, CKO_PRIVATE_KEY, { unused } },
605 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
606 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
607 		unused, CKK_DSA, { unused } },
608 	COMMON_STORAGE_ATTRIBUTES,
609 	COMMON_KEY_ATTRIBUTES,
610 	COMMON_PRIVKEY_ATTRIBUTES,
611 	{ { CKA_PRIME, NULL, 0 },
612 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
613 		unused, unused, { EMPTY } },
614 	{ { CKA_SUBPRIME, NULL, 0 },
615 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
616 		unused, unused, { EMPTY } },
617 	{ { CKA_BASE, NULL, 0 },
618 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
619 		unused, unused, { EMPTY } },
620 	{ { CKA_VALUE, NULL, 0 },
621 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
622 		unused, unused, { EMPTY } }
623 };
624 
625 
626 /*
627  * Master template for CKO_PRIVATE_KEY + CKK_EC
628  *
629  */
630 static const generic_attr_t OBJ_PRIVKEY_EC[] =
631 {
632 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
633 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
634 		unused, CKO_PRIVATE_KEY, { unused } },
635 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
636 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
637 		unused, CKK_EC, { unused } },
638 	COMMON_STORAGE_ATTRIBUTES,
639 	COMMON_KEY_ATTRIBUTES,
640 	COMMON_PRIVKEY_ATTRIBUTES,
641 	{ { CKA_EC_PARAMS, NULL, 0 },
642 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
643 		unused, unused, { EMPTY } },
644 	{ { CKA_VALUE, NULL, 0 },
645 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
646 		unused, unused, { EMPTY } }
647 };
648 
649 
650 /*
651  * Master template for CKO_PRIVATE_KEY + CKK_DH
652  */
653 static const generic_attr_t OBJ_PRIVKEY_DH[] =
654 {
655 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
656 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
657 		unused, CKO_PRIVATE_KEY, { unused } },
658 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
659 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
660 		unused, CKK_DH, { unused } },
661 	COMMON_STORAGE_ATTRIBUTES,
662 	COMMON_KEY_ATTRIBUTES,
663 	COMMON_PRIVKEY_ATTRIBUTES,
664 	{ { CKA_PRIME, NULL, 0 },
665 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
666 		unused, unused, { EMPTY } },
667 	{ { CKA_BASE, NULL, 0 },
668 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
669 		unused, unused, { EMPTY } },
670 	{ { CKA_VALUE, NULL, 0 },
671 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
672 		unused, unused, { EMPTY } },
673 	{ { CKA_VALUE_BITS, NULL, sizeof (CK_ULONG) },
674 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
675 		unused, 0, { unused } }
676 };
677 
678 
679 /*
680  * Master template for CKO_PRIVATE_KEY + CKK_X9_42_DH
681  *
682  */
683 static const generic_attr_t OBJ_PRIVKEY_X942DH[] =
684 {
685 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
686 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
687 		unused, CKO_PRIVATE_KEY, { unused } },
688 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
689 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
690 		unused, CKK_X9_42_DH, { unused } },
691 	COMMON_STORAGE_ATTRIBUTES,
692 	COMMON_KEY_ATTRIBUTES,
693 	COMMON_PRIVKEY_ATTRIBUTES,
694 	{ { CKA_PRIME, NULL, 0 },
695 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
696 		unused, unused, { EMPTY } },
697 	{ { CKA_SUBPRIME, NULL, 0 },
698 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
699 		unused, unused, { EMPTY } },
700 	{ { CKA_BASE, NULL, 0 },
701 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
702 		unused, unused, { EMPTY } },
703 	{ { CKA_VALUE, NULL, 0 },
704 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
705 		unused, unused, { EMPTY } }
706 };
707 
708 
709 /*
710  * Master template for CKO_PRIVATE_KEY + CKK_KEA
711  *
712  */
713 static const generic_attr_t OBJ_PRIVKEY_KEA[] =
714 {
715 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
716 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
717 		unused, CKO_PRIVATE_KEY, { unused } },
718 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
719 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
720 		unused, CKK_KEA, { unused } },
721 	COMMON_STORAGE_ATTRIBUTES,
722 	COMMON_KEY_ATTRIBUTES,
723 	COMMON_PRIVKEY_ATTRIBUTES,
724 	{ { CKA_PRIME, NULL, 0 },
725 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
726 		unused, unused, { EMPTY } },
727 	{ { CKA_BASE, NULL, 0 },
728 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
729 		unused, unused, { EMPTY } },
730 	{ { CKA_SUBPRIME, NULL, 0 },
731 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
732 		unused, unused, { EMPTY } },
733 	{ { CKA_VALUE, NULL, 0 },
734 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
735 		unused, unused, { EMPTY } }
736 };
737 
738 
739 /* ========================= Secret Keys ========================= */
740 
741 
742 /*
743  * Master template for CKO_SECRET_KEY + (fixed-length keytype)
744  */
745 static const generic_attr_t OBJ_SECKEY[] =
746 {
747 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
748 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
749 		unused, CKO_SECRET_KEY, { unused } },
750 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
751 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
752 		unused, CKK_GENERIC_SECRET, { unused } },
753 	COMMON_STORAGE_ATTRIBUTES,
754 	COMMON_KEY_ATTRIBUTES,
755 	COMMON_SECKEY_ATTRIBUTES,
756 	{ { CKA_VALUE, NULL, 0 },
757 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
758 		unused, unused, { EMPTY } }
759 };
760 
761 
762 /*
763  * Master template for CKO_SECRET_KEY + (variable-length keytype)
764  *
765  */
766 static const generic_attr_t OBJ_SECKEY_WITHLEN[] =
767 {
768 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
769 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
770 		unused, CKO_SECRET_KEY, { unused } },
771 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
772 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
773 		unused, CKK_GENERIC_SECRET, { unused } },
774 	COMMON_STORAGE_ATTRIBUTES,
775 	COMMON_KEY_ATTRIBUTES,
776 	COMMON_SECKEY_ATTRIBUTES,
777 	{ { CKA_VALUE, NULL, 0 },
778 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
779 		unused, unused, { EMPTY } },
780 	{ { CKA_VALUE_LEN, NULL, sizeof (CK_ULONG) },
781 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
782 		unused, 0, { unused } }
783 };
784 
785 
786 /* ========================= Domain Parameters ========================= */
787 
788 
789 /*
790  * Master template for CKO_DOMAIN_PARAMETERS + CKK_DSA
791  *
792  */
793 static const generic_attr_t OBJ_DOM_DSA[] =
794 {
795 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
796 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
797 		unused, CKO_DOMAIN_PARAMETERS, { unused } },
798 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
799 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
800 		unused, CKK_DSA, { unused } },
801 	COMMON_STORAGE_ATTRIBUTES,
802 	COMMON_DOMAIN_ATTRIBUTES,
803 	{ { CKA_PRIME, NULL, 0 },
804 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
805 		unused, unused, { EMPTY } },
806 	{ { CKA_SUBPRIME, NULL, 0 },
807 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
808 		unused, unused, { EMPTY } },
809 	{ { CKA_BASE, NULL, 0 },
810 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
811 		unused, unused, { EMPTY } },
812 	{ { CKA_PRIME_BITS, NULL, sizeof (CK_ULONG) },
813 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
814 		unused, 0, { unused } }
815 };
816 
817 /*
818  * Master template for CKO_DOMAIN_PARAMETERS + CKK_DH
819  *
820  */
821 static const generic_attr_t OBJ_DOM_DH[] =
822 {
823 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
824 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
825 		unused, CKO_DOMAIN_PARAMETERS, { unused } },
826 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
827 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
828 		unused, CKK_DH, { unused } },
829 	COMMON_STORAGE_ATTRIBUTES,
830 	COMMON_DOMAIN_ATTRIBUTES,
831 	{ { CKA_PRIME, NULL, 0 },
832 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
833 		unused, unused, { EMPTY } },
834 	{ { CKA_BASE, NULL, 0 },
835 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
836 		unused, unused, { EMPTY } },
837 	{ { CKA_PRIME_BITS, NULL, sizeof (CK_ULONG) },
838 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
839 		unused, 0, { unused } }
840 };
841 
842 /*
843  * Master template for CKO_DOMAIN_PARAMETERS + CKK_X9_42_DH
844  *
845  */
846 static const generic_attr_t OBJ_DOM_X942DH[] =
847 {
848 	{ { CKA_CLASS, NULL, sizeof (CK_OBJECT_CLASS) },
849 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
850 		unused, CKO_DOMAIN_PARAMETERS, { unused } },
851 	{ { CKA_KEY_TYPE, NULL, sizeof (CK_KEY_TYPE) },
852 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
853 		unused, CKK_X9_42_DH, { unused } },
854 	COMMON_STORAGE_ATTRIBUTES,
855 	COMMON_DOMAIN_ATTRIBUTES,
856 	{ { CKA_PRIME, NULL, 0 },
857 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
858 		unused, unused, { EMPTY } },
859 	{ { CKA_BASE, NULL, 0 },
860 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
861 		unused, unused, { EMPTY } },
862 	{ { CKA_SUBPRIME, NULL, 0 },
863 		NotMallocd, Clone, NotEmptyValue, B_FALSE,
864 		unused, unused, { EMPTY } },
865 	{ { CKA_PRIME_BITS, NULL, sizeof (CK_ULONG) },
866 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
867 		unused, 0, { unused } },
868 	{ { CKA_SUBPRIME_BITS, NULL, sizeof (CK_ULONG) },
869 		NotMallocd, NotClone, NotEmptyValue, B_FALSE,
870 		unused, 0, { unused } }
871 };
872 
873 #ifdef	__cplusplus
874 }
875 #endif
876 
877 #endif /* _META_ATTRMASTERS_H */
878