1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #ifndef _SYS_CRYPTO_OPS_IMPL_H 28 #define _SYS_CRYPTO_OPS_IMPL_H 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 /* 33 * Scheduler internal structures. 34 */ 35 36 #ifdef __cplusplus 37 extern "C" { 38 #endif 39 40 #include <sys/types.h> 41 #include <sys/mutex.h> 42 #include <sys/condvar.h> 43 #include <sys/crypto/api.h> 44 #include <sys/crypto/spi.h> 45 #include <sys/crypto/impl.h> 46 #include <sys/crypto/common.h> 47 48 /* 49 * The parameters needed for each function group are batched 50 * in one structure. This is much simpler than having a 51 * separate structure for each function. 52 * 53 * In some cases, a field is generically named to keep the 54 * structure small. The comments indicate these cases. 55 */ 56 typedef struct kcf_digest_ops_params { 57 crypto_session_id_t do_sid; 58 crypto_mech_type_t do_framework_mechtype; 59 crypto_mechanism_t do_mech; 60 crypto_data_t *do_data; 61 crypto_data_t *do_digest; 62 crypto_key_t *do_digest_key; /* Argument for digest_key() */ 63 } kcf_digest_ops_params_t; 64 65 typedef struct kcf_mac_ops_params { 66 crypto_session_id_t mo_sid; 67 crypto_mech_type_t mo_framework_mechtype; 68 crypto_mechanism_t mo_mech; 69 crypto_key_t *mo_key; 70 crypto_data_t *mo_data; 71 crypto_data_t *mo_mac; 72 crypto_spi_ctx_template_t mo_templ; 73 } kcf_mac_ops_params_t; 74 75 typedef struct kcf_encrypt_ops_params { 76 crypto_session_id_t eo_sid; 77 crypto_mech_type_t eo_framework_mechtype; 78 crypto_mechanism_t eo_mech; 79 crypto_key_t *eo_key; 80 crypto_data_t *eo_plaintext; 81 crypto_data_t *eo_ciphertext; 82 crypto_spi_ctx_template_t eo_templ; 83 } kcf_encrypt_ops_params_t; 84 85 typedef struct kcf_decrypt_ops_params { 86 crypto_session_id_t dop_sid; 87 crypto_mech_type_t dop_framework_mechtype; 88 crypto_mechanism_t dop_mech; 89 crypto_key_t *dop_key; 90 crypto_data_t *dop_ciphertext; 91 crypto_data_t *dop_plaintext; 92 crypto_spi_ctx_template_t dop_templ; 93 } kcf_decrypt_ops_params_t; 94 95 typedef struct kcf_sign_ops_params { 96 crypto_session_id_t so_sid; 97 crypto_mech_type_t so_framework_mechtype; 98 crypto_mechanism_t so_mech; 99 crypto_key_t *so_key; 100 crypto_data_t *so_data; 101 crypto_data_t *so_signature; 102 crypto_spi_ctx_template_t so_templ; 103 } kcf_sign_ops_params_t; 104 105 typedef struct kcf_verify_ops_params { 106 crypto_session_id_t vo_sid; 107 crypto_mech_type_t vo_framework_mechtype; 108 crypto_mechanism_t vo_mech; 109 crypto_key_t *vo_key; 110 crypto_data_t *vo_data; 111 crypto_data_t *vo_signature; 112 crypto_spi_ctx_template_t vo_templ; 113 } kcf_verify_ops_params_t; 114 115 typedef struct kcf_encrypt_mac_ops_params { 116 crypto_session_id_t em_sid; 117 crypto_mech_type_t em_framework_encr_mechtype; 118 crypto_mechanism_t em_encr_mech; 119 crypto_key_t *em_encr_key; 120 crypto_mech_type_t em_framework_mac_mechtype; 121 crypto_mechanism_t em_mac_mech; 122 crypto_key_t *em_mac_key; 123 crypto_data_t *em_plaintext; 124 crypto_dual_data_t *em_ciphertext; 125 crypto_data_t *em_mac; 126 crypto_spi_ctx_template_t em_encr_templ; 127 crypto_spi_ctx_template_t em_mac_templ; 128 } kcf_encrypt_mac_ops_params_t; 129 130 typedef struct kcf_mac_decrypt_ops_params { 131 crypto_session_id_t md_sid; 132 crypto_mech_type_t md_framework_mac_mechtype; 133 crypto_mechanism_t md_mac_mech; 134 crypto_key_t *md_mac_key; 135 crypto_mech_type_t md_framework_decr_mechtype; 136 crypto_mechanism_t md_decr_mech; 137 crypto_key_t *md_decr_key; 138 crypto_dual_data_t *md_ciphertext; 139 crypto_data_t *md_mac; 140 crypto_data_t *md_plaintext; 141 crypto_spi_ctx_template_t md_mac_templ; 142 crypto_spi_ctx_template_t md_decr_templ; 143 } kcf_mac_decrypt_ops_params_t; 144 145 typedef struct kcf_random_number_ops_params { 146 crypto_session_id_t rn_sid; 147 uchar_t *rn_buf; 148 size_t rn_buflen; 149 } kcf_random_number_ops_params_t; 150 151 /* 152 * so_pd is useful when the provider descriptor (pd) supplying the 153 * provider handle is different from the pd supplying the ops vector. 154 * This is the case for session open/close where so_pd can be the pd 155 * of a logical provider. The pd supplying the ops vector is passed 156 * as an argument to kcf_submit_request(). 157 */ 158 typedef struct kcf_session_ops_params { 159 crypto_session_id_t *so_sid_ptr; 160 crypto_session_id_t so_sid; 161 crypto_user_type_t so_user_type; 162 char *so_pin; 163 size_t so_pin_len; 164 kcf_provider_desc_t *so_pd; 165 } kcf_session_ops_params_t; 166 167 typedef struct kcf_object_ops_params { 168 crypto_session_id_t oo_sid; 169 crypto_object_id_t oo_object_id; 170 crypto_object_attribute_t *oo_template; 171 uint_t oo_attribute_count; 172 crypto_object_id_t *oo_object_id_ptr; 173 size_t *oo_object_size; 174 void **oo_find_init_pp_ptr; 175 void *oo_find_pp; 176 uint_t oo_max_object_count; 177 uint_t *oo_object_count_ptr; 178 } kcf_object_ops_params_t; 179 180 /* 181 * ko_key is used to encode wrapping key in key_wrap() and 182 * unwrapping key in key_unwrap(). ko_key_template and 183 * ko_key_attribute_count are used to encode public template 184 * and public template attr count in key_generate_pair(). 185 * kops->ko_key_object_id_ptr is used to encode public key 186 * in key_generate_pair(). 187 */ 188 typedef struct kcf_key_ops_params { 189 crypto_session_id_t ko_sid; 190 crypto_mech_type_t ko_framework_mechtype; 191 crypto_mechanism_t ko_mech; 192 crypto_object_attribute_t *ko_key_template; 193 uint_t ko_key_attribute_count; 194 crypto_object_id_t *ko_key_object_id_ptr; 195 crypto_object_attribute_t *ko_private_key_template; 196 uint_t ko_private_key_attribute_count; 197 crypto_object_id_t *ko_private_key_object_id_ptr; 198 crypto_key_t *ko_key; 199 uchar_t *ko_wrapped_key; 200 size_t *ko_wrapped_key_len_ptr; 201 } kcf_key_ops_params_t; 202 203 /* 204 * po_pin and po_pin_len are used to encode new_pin and new_pin_len 205 * when wrapping set_pin() function parameters. 206 * 207 * po_pd is useful when the provider descriptor (pd) supplying the 208 * provider handle is different from the pd supplying the ops vector. 209 * This is true for the ext_info provider entry point where po_pd 210 * can be the pd of a logical provider. The pd supplying the ops vector 211 * is passed as an argument to kcf_submit_request(). 212 */ 213 typedef struct kcf_provmgmt_ops_params { 214 crypto_session_id_t po_sid; 215 char *po_pin; 216 size_t po_pin_len; 217 char *po_old_pin; 218 size_t po_old_pin_len; 219 char *po_label; 220 crypto_provider_ext_info_t *po_ext_info; 221 kcf_provider_desc_t *po_pd; 222 } kcf_provmgmt_ops_params_t; 223 224 /* 225 * The operation type within a function group. 226 */ 227 typedef enum kcf_op_type { 228 /* common ops for all mechanisms */ 229 KCF_OP_INIT = 1, 230 KCF_OP_SINGLE, /* pkcs11 sense. So, INIT is already done */ 231 KCF_OP_UPDATE, 232 KCF_OP_FINAL, 233 KCF_OP_ATOMIC, 234 235 /* digest_key op */ 236 KCF_OP_DIGEST_KEY, 237 238 /* mac specific op */ 239 KCF_OP_MAC_VERIFY_ATOMIC, 240 241 /* mac/cipher specific op */ 242 KCF_OP_MAC_VERIFY_DECRYPT_ATOMIC, 243 244 /* sign_recover ops */ 245 KCF_OP_SIGN_RECOVER_INIT, 246 KCF_OP_SIGN_RECOVER, 247 KCF_OP_SIGN_RECOVER_ATOMIC, 248 249 /* verify_recover ops */ 250 KCF_OP_VERIFY_RECOVER_INIT, 251 KCF_OP_VERIFY_RECOVER, 252 KCF_OP_VERIFY_RECOVER_ATOMIC, 253 254 /* random number ops */ 255 KCF_OP_RANDOM_SEED, 256 KCF_OP_RANDOM_GENERATE, 257 258 /* session management ops */ 259 KCF_OP_SESSION_OPEN, 260 KCF_OP_SESSION_CLOSE, 261 KCF_OP_SESSION_LOGIN, 262 KCF_OP_SESSION_LOGOUT, 263 264 /* object management ops */ 265 KCF_OP_OBJECT_CREATE, 266 KCF_OP_OBJECT_COPY, 267 KCF_OP_OBJECT_DESTROY, 268 KCF_OP_OBJECT_GET_SIZE, 269 KCF_OP_OBJECT_GET_ATTRIBUTE_VALUE, 270 KCF_OP_OBJECT_SET_ATTRIBUTE_VALUE, 271 KCF_OP_OBJECT_FIND_INIT, 272 KCF_OP_OBJECT_FIND, 273 KCF_OP_OBJECT_FIND_FINAL, 274 275 /* key management ops */ 276 KCF_OP_KEY_GENERATE, 277 KCF_OP_KEY_GENERATE_PAIR, 278 KCF_OP_KEY_WRAP, 279 KCF_OP_KEY_UNWRAP, 280 KCF_OP_KEY_DERIVE, 281 KCF_OP_KEY_CHECK, 282 283 /* provider management ops */ 284 KCF_OP_MGMT_EXTINFO, 285 KCF_OP_MGMT_INITTOKEN, 286 KCF_OP_MGMT_INITPIN, 287 KCF_OP_MGMT_SETPIN 288 } kcf_op_type_t; 289 290 /* 291 * The operation groups that need wrapping of parameters. This is somewhat 292 * similar to the function group type in spi.h except that this also includes 293 * all the functions that don't have a mechanism. 294 * 295 * The wrapper macros should never take these enum values as an argument. 296 * Rather, they are assigned in the macro itself since they are known 297 * from the macro name. 298 */ 299 typedef enum kcf_op_group { 300 KCF_OG_DIGEST = 1, 301 KCF_OG_MAC, 302 KCF_OG_ENCRYPT, 303 KCF_OG_DECRYPT, 304 KCF_OG_SIGN, 305 KCF_OG_VERIFY, 306 KCF_OG_ENCRYPT_MAC, 307 KCF_OG_MAC_DECRYPT, 308 KCF_OG_RANDOM, 309 KCF_OG_SESSION, 310 KCF_OG_OBJECT, 311 KCF_OG_KEY, 312 KCF_OG_PROVMGMT 313 } kcf_op_group_t; 314 315 /* 316 * The kcf_op_type_t enum values used here should be only for those 317 * operations for which there is a k-api routine in sys/crypto/api.h. 318 */ 319 #define IS_INIT_OP(ftype) ((ftype) == KCF_OP_INIT) 320 #define IS_SINGLE_OP(ftype) ((ftype) == KCF_OP_SINGLE) 321 #define IS_UPDATE_OP(ftype) ((ftype) == KCF_OP_UPDATE) 322 #define IS_FINAL_OP(ftype) ((ftype) == KCF_OP_FINAL) 323 #define IS_ATOMIC_OP(ftype) ( \ 324 (ftype) == KCF_OP_ATOMIC || (ftype) == KCF_OP_MAC_VERIFY_ATOMIC || \ 325 (ftype) == KCF_OP_MAC_VERIFY_DECRYPT_ATOMIC || \ 326 (ftype) == KCF_OP_SIGN_RECOVER_ATOMIC || \ 327 (ftype) == KCF_OP_VERIFY_RECOVER_ATOMIC) 328 329 /* 330 * Keep the parameters associated with a request around. 331 * We need to pass them to the SPI. 332 */ 333 typedef struct kcf_req_params { 334 kcf_op_group_t rp_opgrp; 335 kcf_op_type_t rp_optype; 336 337 union { 338 kcf_digest_ops_params_t digest_params; 339 kcf_mac_ops_params_t mac_params; 340 kcf_encrypt_ops_params_t encrypt_params; 341 kcf_decrypt_ops_params_t decrypt_params; 342 kcf_sign_ops_params_t sign_params; 343 kcf_verify_ops_params_t verify_params; 344 kcf_encrypt_mac_ops_params_t encrypt_mac_params; 345 kcf_mac_decrypt_ops_params_t mac_decrypt_params; 346 kcf_random_number_ops_params_t random_number_params; 347 kcf_session_ops_params_t session_params; 348 kcf_object_ops_params_t object_params; 349 kcf_key_ops_params_t key_params; 350 kcf_provmgmt_ops_params_t provmgmt_params; 351 } rp_u; 352 } kcf_req_params_t; 353 354 355 /* 356 * The ioctl/k-api code should bundle the parameters into a kcf_req_params_t 357 * structure before calling a scheduler routine. The following macros are 358 * available for that purpose. 359 * 360 * For the most part, the macro arguments closely correspond to the 361 * function parameters. In some cases, we use generic names. The comments 362 * for the structure should indicate these cases. 363 */ 364 #define KCF_WRAP_DIGEST_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 365 _data, _digest) { \ 366 kcf_digest_ops_params_t *dops = &(req)->rp_u.digest_params; \ 367 \ 368 (req)->rp_opgrp = KCF_OG_DIGEST; \ 369 (req)->rp_optype = ftype; \ 370 dops->do_sid = _sid; \ 371 kcf_dup_mech(_mech, &dops->do_mech, &dops->do_framework_mechtype); \ 372 dops->do_digest_key = _key; \ 373 dops->do_data = _data; \ 374 dops->do_digest = _digest; \ 375 } 376 377 #define KCF_WRAP_MAC_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 378 _data, _mac, _templ) { \ 379 kcf_mac_ops_params_t *mops = &(req)->rp_u.mac_params; \ 380 \ 381 (req)->rp_opgrp = KCF_OG_MAC; \ 382 (req)->rp_optype = ftype; \ 383 mops->mo_sid = _sid; \ 384 kcf_dup_mech(_mech, &mops->mo_mech, &mops->mo_framework_mechtype); \ 385 mops->mo_key = _key; \ 386 mops->mo_data = _data; \ 387 mops->mo_mac = _mac; \ 388 mops->mo_templ = _templ; \ 389 } 390 391 #define KCF_WRAP_ENCRYPT_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 392 _plaintext, _ciphertext, _templ) { \ 393 kcf_encrypt_ops_params_t *cops = &(req)->rp_u.encrypt_params; \ 394 \ 395 (req)->rp_opgrp = KCF_OG_ENCRYPT; \ 396 (req)->rp_optype = ftype; \ 397 cops->eo_sid = _sid; \ 398 kcf_dup_mech(_mech, &cops->eo_mech, &cops->eo_framework_mechtype); \ 399 cops->eo_key = _key; \ 400 cops->eo_plaintext = _plaintext; \ 401 cops->eo_ciphertext = _ciphertext; \ 402 cops->eo_templ = _templ; \ 403 } 404 405 #define KCF_WRAP_DECRYPT_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 406 _ciphertext, _plaintext, _templ) { \ 407 kcf_decrypt_ops_params_t *cops = &(req)->rp_u.decrypt_params; \ 408 \ 409 (req)->rp_opgrp = KCF_OG_DECRYPT; \ 410 (req)->rp_optype = ftype; \ 411 cops->dop_sid = _sid; \ 412 kcf_dup_mech(_mech, &cops->dop_mech, &cops->dop_framework_mechtype); \ 413 cops->dop_key = _key; \ 414 cops->dop_ciphertext = _ciphertext; \ 415 cops->dop_plaintext = _plaintext; \ 416 cops->dop_templ = _templ; \ 417 } 418 419 #define KCF_WRAP_SIGN_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 420 _data, _signature, _templ) { \ 421 kcf_sign_ops_params_t *sops = &(req)->rp_u.sign_params; \ 422 \ 423 (req)->rp_opgrp = KCF_OG_SIGN; \ 424 (req)->rp_optype = ftype; \ 425 sops->so_sid = _sid; \ 426 kcf_dup_mech(_mech, &sops->so_mech, &sops->so_framework_mechtype); \ 427 sops->so_key = _key; \ 428 sops->so_data = _data; \ 429 sops->so_signature = _signature; \ 430 sops->so_templ = _templ; \ 431 } 432 433 #define KCF_WRAP_VERIFY_OPS_PARAMS(req, ftype, _sid, _mech, _key, \ 434 _data, _signature, _templ) { \ 435 kcf_verify_ops_params_t *vops = &(req)->rp_u.verify_params; \ 436 \ 437 (req)->rp_opgrp = KCF_OG_VERIFY; \ 438 (req)->rp_optype = ftype; \ 439 vops->vo_sid = _sid; \ 440 kcf_dup_mech(_mech, &vops->vo_mech, &vops->vo_framework_mechtype); \ 441 vops->vo_key = _key; \ 442 vops->vo_data = _data; \ 443 vops->vo_signature = _signature; \ 444 vops->vo_templ = _templ; \ 445 } 446 447 #define KCF_WRAP_ENCRYPT_MAC_OPS_PARAMS(req, ftype, _sid, _encr_key, \ 448 _mac_key, _plaintext, _ciphertext, _mac, _encr_templ, _mac_templ) { \ 449 kcf_encrypt_mac_ops_params_t *cmops = &(req)->rp_u.encrypt_mac_params; \ 450 \ 451 (req)->rp_opgrp = KCF_OG_ENCRYPT_MAC; \ 452 (req)->rp_optype = ftype; \ 453 cmops->em_sid = _sid; \ 454 cmops->em_encr_key = _encr_key; \ 455 cmops->em_mac_key = _mac_key; \ 456 cmops->em_plaintext = _plaintext; \ 457 cmops->em_ciphertext = _ciphertext; \ 458 cmops->em_mac = _mac; \ 459 cmops->em_encr_templ = _encr_templ; \ 460 cmops->em_mac_templ = _mac_templ; \ 461 } 462 463 #define KCF_WRAP_MAC_DECRYPT_OPS_PARAMS(req, ftype, _sid, _mac_key, \ 464 _decr_key, _ciphertext, _mac, _plaintext, _mac_templ, _decr_templ) { \ 465 kcf_mac_decrypt_ops_params_t *cmops = &(req)->rp_u.mac_decrypt_params; \ 466 \ 467 (req)->rp_opgrp = KCF_OG_MAC_DECRYPT; \ 468 (req)->rp_optype = ftype; \ 469 cmops->md_sid = _sid; \ 470 cmops->md_mac_key = _mac_key; \ 471 cmops->md_decr_key = _decr_key; \ 472 cmops->md_ciphertext = _ciphertext; \ 473 cmops->md_mac = _mac; \ 474 cmops->md_plaintext = _plaintext; \ 475 cmops->md_mac_templ = _mac_templ; \ 476 cmops->md_decr_templ = _decr_templ; \ 477 } 478 479 #define KCF_WRAP_RANDOM_OPS_PARAMS(req, ftype, _sid, _buf, _buflen) { \ 480 kcf_random_number_ops_params_t *rops = \ 481 &(req)->rp_u.random_number_params; \ 482 \ 483 (req)->rp_opgrp = KCF_OG_RANDOM; \ 484 (req)->rp_optype = ftype; \ 485 rops->rn_sid = _sid; \ 486 rops->rn_buf = _buf; \ 487 rops->rn_buflen = _buflen; \ 488 } 489 490 #define KCF_WRAP_SESSION_OPS_PARAMS(req, ftype, _sid_ptr, _sid, \ 491 _user_type, _pin, _pin_len, _pd) { \ 492 kcf_session_ops_params_t *sops = &(req)->rp_u.session_params; \ 493 \ 494 (req)->rp_opgrp = KCF_OG_SESSION; \ 495 (req)->rp_optype = ftype; \ 496 sops->so_sid_ptr = _sid_ptr; \ 497 sops->so_sid = _sid; \ 498 sops->so_user_type = _user_type; \ 499 sops->so_pin = _pin; \ 500 sops->so_pin_len = _pin_len; \ 501 sops->so_pd = _pd; \ 502 } 503 504 #define KCF_WRAP_OBJECT_OPS_PARAMS(req, ftype, _sid, _object_id, \ 505 _template, _attribute_count, _object_id_ptr, _object_size, \ 506 _find_init_pp_ptr, _find_pp, _max_object_count, _object_count_ptr) { \ 507 kcf_object_ops_params_t *jops = &(req)->rp_u.object_params; \ 508 \ 509 (req)->rp_opgrp = KCF_OG_OBJECT; \ 510 (req)->rp_optype = ftype; \ 511 jops->oo_sid = _sid; \ 512 jops->oo_object_id = _object_id; \ 513 jops->oo_template = _template; \ 514 jops->oo_attribute_count = _attribute_count; \ 515 jops->oo_object_id_ptr = _object_id_ptr; \ 516 jops->oo_object_size = _object_size; \ 517 jops->oo_find_init_pp_ptr = _find_init_pp_ptr; \ 518 jops->oo_find_pp = _find_pp; \ 519 jops->oo_max_object_count = _max_object_count; \ 520 jops->oo_object_count_ptr = _object_count_ptr; \ 521 } 522 523 #define KCF_WRAP_KEY_OPS_PARAMS(req, ftype, _sid, _mech, _key_template, \ 524 _key_attribute_count, _key_object_id_ptr, _private_key_template, \ 525 _private_key_attribute_count, _private_key_object_id_ptr, \ 526 _key, _wrapped_key, _wrapped_key_len_ptr) { \ 527 kcf_key_ops_params_t *kops = &(req)->rp_u.key_params; \ 528 \ 529 (req)->rp_opgrp = KCF_OG_KEY; \ 530 (req)->rp_optype = ftype; \ 531 kops->ko_sid = _sid; \ 532 kcf_dup_mech(_mech, &kops->ko_mech, &kops->ko_framework_mechtype); \ 533 kops->ko_key_template = _key_template; \ 534 kops->ko_key_attribute_count = _key_attribute_count; \ 535 kops->ko_key_object_id_ptr = _key_object_id_ptr; \ 536 kops->ko_private_key_template = _private_key_template; \ 537 kops->ko_private_key_attribute_count = _private_key_attribute_count; \ 538 kops->ko_private_key_object_id_ptr = _private_key_object_id_ptr; \ 539 kops->ko_key = _key; \ 540 kops->ko_wrapped_key = _wrapped_key; \ 541 kops->ko_wrapped_key_len_ptr = _wrapped_key_len_ptr; \ 542 } 543 544 #define KCF_WRAP_PROVMGMT_OPS_PARAMS(req, ftype, _sid, _old_pin, \ 545 _old_pin_len, _pin, _pin_len, _label, _ext_info, _pd) { \ 546 kcf_provmgmt_ops_params_t *pops = &(req)->rp_u.provmgmt_params; \ 547 \ 548 (req)->rp_opgrp = KCF_OG_PROVMGMT; \ 549 (req)->rp_optype = ftype; \ 550 pops->po_sid = _sid; \ 551 pops->po_pin = _pin; \ 552 pops->po_pin_len = _pin_len; \ 553 pops->po_old_pin = _old_pin; \ 554 pops->po_old_pin_len = _old_pin_len; \ 555 pops->po_label = _label; \ 556 pops->po_ext_info = _ext_info; \ 557 pops->po_pd = _pd; \ 558 } 559 560 #define KCF_SET_PROVIDER_MECHNUM(fmtype, pd, mechp) \ 561 (mechp)->cm_type = \ 562 (pd)->pd_map_mechnums[KCF_MECH2CLASS(fmtype)] \ 563 [KCF_MECH2INDEX(fmtype)]; 564 565 #ifdef __cplusplus 566 } 567 #endif 568 569 #endif /* _SYS_CRYPTO_OPS_IMPL_H */ 570