199ebb4caSwyllys /* 299ebb4caSwyllys * CDDL HEADER START 399ebb4caSwyllys * 499ebb4caSwyllys * The contents of this file are subject to the terms of the 599ebb4caSwyllys * Common Development and Distribution License (the "License"). 699ebb4caSwyllys * You may not use this file except in compliance with the License. 799ebb4caSwyllys * 899ebb4caSwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 999ebb4caSwyllys * or http://www.opensolaris.org/os/licensing. 1099ebb4caSwyllys * See the License for the specific language governing permissions 1199ebb4caSwyllys * and limitations under the License. 1299ebb4caSwyllys * 1399ebb4caSwyllys * When distributing Covered Code, include this CDDL HEADER in each 1499ebb4caSwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 1599ebb4caSwyllys * If applicable, add the following below this CDDL HEADER, with the 1699ebb4caSwyllys * fields enclosed by brackets "[]" replaced with your own identifying 1799ebb4caSwyllys * information: Portions Copyright [yyyy] [name of copyright owner] 1899ebb4caSwyllys * 1999ebb4caSwyllys * CDDL HEADER END 2099ebb4caSwyllys */ 2199ebb4caSwyllys /* 2271593db2Swyllys * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 2399ebb4caSwyllys * Use is subject to license terms. 2499ebb4caSwyllys * 2599ebb4caSwyllys * 2699ebb4caSwyllys * Constant definitions and function prototypes for the KMF library. 2799ebb4caSwyllys * Commonly used data types are defined in "kmftypes.h". 2899ebb4caSwyllys */ 2999ebb4caSwyllys 3099ebb4caSwyllys #ifndef _KMFAPI_H 3199ebb4caSwyllys #define _KMFAPI_H 3299ebb4caSwyllys 3399ebb4caSwyllys #pragma ident "%Z%%M% %I% %E% SMI" 3499ebb4caSwyllys 3599ebb4caSwyllys #include <kmftypes.h> 3699ebb4caSwyllys #include <security/cryptoki.h> 3799ebb4caSwyllys 3899ebb4caSwyllys #ifdef __cplusplus 3999ebb4caSwyllys extern "C" { 4099ebb4caSwyllys #endif 4199ebb4caSwyllys 4299ebb4caSwyllys /* 4399ebb4caSwyllys * Setup operations. 4499ebb4caSwyllys */ 45*30a5e8faSwyllys extern KMF_RETURN kmf_initialize(KMF_HANDLE_T *, char *, char *); 46*30a5e8faSwyllys extern KMF_RETURN kmf_configure_keystore(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 47*30a5e8faSwyllys extern KMF_RETURN kmf_finalize(KMF_HANDLE_T); 4899ebb4caSwyllys 4999ebb4caSwyllys /* 5099ebb4caSwyllys * Key operations. 5199ebb4caSwyllys */ 52*30a5e8faSwyllys extern KMF_RETURN kmf_create_keypair(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5399ebb4caSwyllys 54*30a5e8faSwyllys extern KMF_RETURN kmf_delete_key_from_keystore(KMF_HANDLE_T, int, 55*30a5e8faSwyllys KMF_ATTRIBUTE *); 5699ebb4caSwyllys 57*30a5e8faSwyllys extern KMF_RETURN kmf_find_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5899ebb4caSwyllys 59*30a5e8faSwyllys extern KMF_RETURN kmf_find_prikey_by_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6099ebb4caSwyllys 61*30a5e8faSwyllys extern KMF_RETURN kmf_store_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6299ebb4caSwyllys 63*30a5e8faSwyllys extern KMF_RETURN kmf_create_sym_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6499ebb4caSwyllys 65*30a5e8faSwyllys extern KMF_RETURN kmf_get_sym_key_value(KMF_HANDLE_T, KMF_KEY_HANDLE *, 6699ebb4caSwyllys KMF_RAW_SYM_KEY *); 6799ebb4caSwyllys 6899ebb4caSwyllys /* 6999ebb4caSwyllys * Certificate operations. 7099ebb4caSwyllys */ 71*30a5e8faSwyllys extern KMF_RETURN kmf_find_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7299ebb4caSwyllys 73*30a5e8faSwyllys extern KMF_RETURN kmf_encode_cert_record(KMF_X509_CERTIFICATE *, KMF_DATA *); 7402744e81Swyllys 75*30a5e8faSwyllys extern KMF_RETURN kmf_import_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7699ebb4caSwyllys 77*30a5e8faSwyllys extern KMF_RETURN kmf_store_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7899ebb4caSwyllys 79*30a5e8faSwyllys extern KMF_RETURN kmf_delete_cert_from_keystore(KMF_HANDLE_T, int, 80*30a5e8faSwyllys KMF_ATTRIBUTE *); 8199ebb4caSwyllys 82*30a5e8faSwyllys extern KMF_RETURN kmf_validate_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 8399ebb4caSwyllys 84*30a5e8faSwyllys extern KMF_RETURN kmf_create_cert_file(const KMF_DATA *, KMF_ENCODE_FORMAT, 85*30a5e8faSwyllys char *); 8699ebb4caSwyllys 87*30a5e8faSwyllys extern KMF_RETURN kmf_download_cert(KMF_HANDLE_T, char *, char *, int, 8899ebb4caSwyllys unsigned int, char *, KMF_ENCODE_FORMAT *); 8999ebb4caSwyllys 90*30a5e8faSwyllys extern KMF_RETURN kmf_is_cert_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *); 91*30a5e8faSwyllys 92*30a5e8faSwyllys extern KMF_RETURN kmf_check_cert_date(KMF_HANDLE_T, const KMF_DATA *); 93*30a5e8faSwyllys 94*30a5e8faSwyllys /* 95*30a5e8faSwyllys * Crypto operations with key or cert. 96*30a5e8faSwyllys */ 97*30a5e8faSwyllys extern KMF_RETURN kmf_encrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 98*30a5e8faSwyllys extern KMF_RETURN kmf_decrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 99*30a5e8faSwyllys extern KMF_RETURN kmf_sign_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 100*30a5e8faSwyllys extern KMF_RETURN kmf_sign_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 101*30a5e8faSwyllys extern KMF_RETURN kmf_verify_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 102*30a5e8faSwyllys extern KMF_RETURN kmf_verify_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10399ebb4caSwyllys 10499ebb4caSwyllys /* 10599ebb4caSwyllys * CRL operations. 10699ebb4caSwyllys */ 107*30a5e8faSwyllys extern KMF_RETURN kmf_import_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 108*30a5e8faSwyllys extern KMF_RETURN kmf_delete_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 109*30a5e8faSwyllys extern KMF_RETURN kmf_list_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 110*30a5e8faSwyllys extern KMF_RETURN kmf_find_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 111*30a5e8faSwyllys extern KMF_RETURN kmf_find_cert_in_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 112*30a5e8faSwyllys extern KMF_RETURN kmf_verify_crl_file(KMF_HANDLE_T, char *, KMF_DATA *); 113*30a5e8faSwyllys extern KMF_RETURN kmf_check_crl_date(KMF_HANDLE_T, char *); 114*30a5e8faSwyllys extern KMF_RETURN kmf_download_crl(KMF_HANDLE_T, char *, char *, 11599ebb4caSwyllys int, unsigned int, char *, KMF_ENCODE_FORMAT *); 116*30a5e8faSwyllys extern KMF_RETURN kmf_is_crl_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *); 11799ebb4caSwyllys 11899ebb4caSwyllys /* 11999ebb4caSwyllys * CSR operations. 12099ebb4caSwyllys */ 121*30a5e8faSwyllys extern KMF_RETURN kmf_create_csr_file(KMF_DATA *, KMF_ENCODE_FORMAT, char *); 122*30a5e8faSwyllys extern KMF_RETURN kmf_set_csr_pubkey(KMF_HANDLE_T, 12399ebb4caSwyllys KMF_KEY_HANDLE *, KMF_CSR_DATA *); 124*30a5e8faSwyllys extern KMF_RETURN kmf_set_csr_version(KMF_CSR_DATA *, uint32_t); 125*30a5e8faSwyllys extern KMF_RETURN kmf_set_csr_subject(KMF_CSR_DATA *, KMF_X509_NAME *); 126*30a5e8faSwyllys extern KMF_RETURN kmf_set_csr_extn(KMF_CSR_DATA *, KMF_X509_EXTENSION *); 127*30a5e8faSwyllys extern KMF_RETURN kmf_set_csr_sig_alg(KMF_CSR_DATA *, KMF_ALGORITHM_INDEX); 128*30a5e8faSwyllys extern KMF_RETURN kmf_set_csr_subject_altname(KMF_CSR_DATA *, char *, 12999ebb4caSwyllys int, KMF_GENERALNAMECHOICES); 130*30a5e8faSwyllys extern KMF_RETURN kmf_set_csr_ku(KMF_CSR_DATA *, int, uint16_t); 131*30a5e8faSwyllys extern KMF_RETURN kmf_sign_csr(KMF_HANDLE_T, const KMF_CSR_DATA *, 13299ebb4caSwyllys KMF_KEY_HANDLE *, KMF_DATA *); 13399ebb4caSwyllys 13499ebb4caSwyllys /* 13599ebb4caSwyllys * GetCert operations. 13699ebb4caSwyllys */ 137*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extn(const KMF_DATA *, KMF_OID *, 13899ebb4caSwyllys KMF_X509_EXTENSION *); 13999ebb4caSwyllys 140*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extns(const KMF_DATA *, KMF_FLAG_CERT_EXTN, 14199ebb4caSwyllys KMF_X509_EXTENSION **, int *); 14299ebb4caSwyllys 143*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_ku(const KMF_DATA *, KMF_X509EXT_KEY_USAGE *); 14499ebb4caSwyllys 145*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_eku(const KMF_DATA *, KMF_X509EXT_EKU *); 14699ebb4caSwyllys 147*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_basic_constraint(const KMF_DATA *, 14899ebb4caSwyllys KMF_BOOL *, KMF_X509EXT_BASICCONSTRAINTS *); 14999ebb4caSwyllys 150*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_policies(const KMF_DATA *, 15199ebb4caSwyllys KMF_BOOL *, KMF_X509EXT_CERT_POLICIES *); 15299ebb4caSwyllys 153*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_auth_info_access(const KMF_DATA *, 15499ebb4caSwyllys KMF_X509EXT_AUTHINFOACCESS *); 15599ebb4caSwyllys 156*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_crl_dist_pts(const KMF_DATA *, 15799ebb4caSwyllys KMF_X509EXT_CRLDISTPOINTS *); 15899ebb4caSwyllys 159*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_version_str(KMF_HANDLE_T, const KMF_DATA *, 16099ebb4caSwyllys char **); 16199ebb4caSwyllys 162*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_subject_str(KMF_HANDLE_T, const KMF_DATA *, 16399ebb4caSwyllys char **); 16499ebb4caSwyllys 165*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_issuer_str(KMF_HANDLE_T, const KMF_DATA *, 166*30a5e8faSwyllys char **); 16799ebb4caSwyllys 168*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_serial_str(KMF_HANDLE_T, const KMF_DATA *, 169*30a5e8faSwyllys char **); 17099ebb4caSwyllys 171*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_start_date_str(KMF_HANDLE_T, const KMF_DATA *, 172*30a5e8faSwyllys char **); 17399ebb4caSwyllys 174*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_end_date_str(KMF_HANDLE_T, const KMF_DATA *, 175*30a5e8faSwyllys char **); 17699ebb4caSwyllys 177*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_pubkey_alg_str(KMF_HANDLE_T, const KMF_DATA *, 178*30a5e8faSwyllys char **); 17999ebb4caSwyllys 180*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_sig_alg_str(KMF_HANDLE_T, const KMF_DATA *, 181*30a5e8faSwyllys char **); 18299ebb4caSwyllys 183*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_pubkey_str(KMF_HANDLE_T, const KMF_DATA *, 184*30a5e8faSwyllys char **); 185*30a5e8faSwyllys 186*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_email_str(KMF_HANDLE_T, const KMF_DATA *, 187*30a5e8faSwyllys char **); 188*30a5e8faSwyllys 189*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extn_str(KMF_HANDLE_T, const KMF_DATA *, 19099ebb4caSwyllys KMF_PRINTABLE_ITEM, char **); 19199ebb4caSwyllys 192*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_id_data(const KMF_DATA *, KMF_DATA *); 193*30a5e8faSwyllys 194*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_id_str(const KMF_DATA *, char **); 195*30a5e8faSwyllys 196*30a5e8faSwyllys extern KMF_RETURN kmf_get_cert_validity(const KMF_DATA *, time_t *, time_t *); 197*30a5e8faSwyllys 19899ebb4caSwyllys 19999ebb4caSwyllys /* 20099ebb4caSwyllys * SetCert operations 20199ebb4caSwyllys */ 202*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_pubkey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 20399ebb4caSwyllys KMF_X509_CERTIFICATE *); 20499ebb4caSwyllys 205*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_subject(KMF_X509_CERTIFICATE *, 20699ebb4caSwyllys KMF_X509_NAME *); 20799ebb4caSwyllys 208*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_ku(KMF_X509_CERTIFICATE *, int, uint16_t); 20999ebb4caSwyllys 210*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_issuer(KMF_X509_CERTIFICATE *, 21199ebb4caSwyllys KMF_X509_NAME *); 21299ebb4caSwyllys 213*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_sig_alg(KMF_X509_CERTIFICATE *, 21499ebb4caSwyllys KMF_ALGORITHM_INDEX); 21599ebb4caSwyllys 216*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_validity(KMF_X509_CERTIFICATE *, 21799ebb4caSwyllys time_t, uint32_t); 21899ebb4caSwyllys 219*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_serial(KMF_X509_CERTIFICATE *, 22099ebb4caSwyllys KMF_BIGINT *); 22199ebb4caSwyllys 222*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_version(KMF_X509_CERTIFICATE *, uint32_t); 22399ebb4caSwyllys 224*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_issuer_altname(KMF_X509_CERTIFICATE *, 22599ebb4caSwyllys int, KMF_GENERALNAMECHOICES, char *); 22699ebb4caSwyllys 227*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_subject_altname(KMF_X509_CERTIFICATE *, 22899ebb4caSwyllys int, KMF_GENERALNAMECHOICES, char *); 22999ebb4caSwyllys 230*30a5e8faSwyllys extern KMF_RETURN kmf_add_cert_eku(KMF_X509_CERTIFICATE *, KMF_OID *, int); 23199ebb4caSwyllys 232*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_extn(KMF_X509_CERTIFICATE *, 23399ebb4caSwyllys KMF_X509_EXTENSION *); 23499ebb4caSwyllys 235*30a5e8faSwyllys extern KMF_RETURN kmf_set_cert_basic_constraint(KMF_X509_CERTIFICATE *, 23699ebb4caSwyllys KMF_BOOL, KMF_X509EXT_BASICCONSTRAINTS *); 23799ebb4caSwyllys 238*30a5e8faSwyllys 239*30a5e8faSwyllys /* 240*30a5e8faSwyllys * PK12 operations 241*30a5e8faSwyllys */ 242*30a5e8faSwyllys extern KMF_RETURN kmf_export_pk12(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 243*30a5e8faSwyllys 244*30a5e8faSwyllys extern KMF_RETURN kmf_build_pk12(KMF_HANDLE_T, int, KMF_X509_DER_CERT *, 245*30a5e8faSwyllys int, KMF_KEY_HANDLE *, KMF_CREDENTIAL *, char *); 246*30a5e8faSwyllys 247*30a5e8faSwyllys extern KMF_RETURN kmf_import_objects(KMF_HANDLE_T, char *, KMF_CREDENTIAL *, 24871593db2Swyllys KMF_DATA **, int *, KMF_RAW_KEY_DATA **, int *); 24999ebb4caSwyllys 25099ebb4caSwyllys /* 251*30a5e8faSwyllys * OCSP operations 25299ebb4caSwyllys */ 253*30a5e8faSwyllys extern KMF_RETURN kmf_get_ocsp_for_cert(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *, 25499ebb4caSwyllys KMF_DATA *); 25599ebb4caSwyllys 256*30a5e8faSwyllys extern KMF_RETURN kmf_create_ocsp_request(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 25799ebb4caSwyllys 258*30a5e8faSwyllys extern KMF_RETURN kmf_get_encoded_ocsp_response(KMF_HANDLE_T, char *, 259*30a5e8faSwyllys char *, int, char *, int, char *, unsigned int); 26099ebb4caSwyllys 261*30a5e8faSwyllys extern KMF_RETURN kmf_get_ocsp_status_for_cert(KMF_HANDLE_T, int, 262*30a5e8faSwyllys KMF_ATTRIBUTE *); 26399ebb4caSwyllys 26499ebb4caSwyllys /* 26599ebb4caSwyllys * Policy Operations 26699ebb4caSwyllys */ 267*30a5e8faSwyllys extern KMF_RETURN kmf_set_policy(KMF_HANDLE_T, char *, char *); 26899ebb4caSwyllys 26999ebb4caSwyllys /* 27099ebb4caSwyllys * Error handling. 27199ebb4caSwyllys */ 272*30a5e8faSwyllys extern KMF_RETURN kmf_get_plugin_error_str(KMF_HANDLE_T, char **); 273*30a5e8faSwyllys extern KMF_RETURN kmf_get_kmf_error_str(KMF_RETURN, char **); 27499ebb4caSwyllys 27599ebb4caSwyllys /* 27699ebb4caSwyllys * Miscellaneous 27799ebb4caSwyllys */ 278*30a5e8faSwyllys extern KMF_RETURN kmf_dn_parser(char *, KMF_X509_NAME *); 279*30a5e8faSwyllys extern KMF_RETURN kmf_read_input_file(KMF_HANDLE_T, char *, KMF_DATA *); 280*30a5e8faSwyllys extern KMF_RETURN kmf_der_to_pem(KMF_OBJECT_TYPE, unsigned char *, 28199ebb4caSwyllys int, unsigned char **, int *); 282*30a5e8faSwyllys extern KMF_RETURN kmf_pem_to_der(unsigned char *, int, unsigned char **, int *); 283*30a5e8faSwyllys extern char *kmf_oid_to_string(KMF_OID *); 284*30a5e8faSwyllys extern KMF_RETURN kmf_string_to_oid(char *, KMF_OID *); 285*30a5e8faSwyllys extern int kmf_compare_rdns(KMF_X509_NAME *, KMF_X509_NAME *); 286*30a5e8faSwyllys extern KMF_RETURN kmf_get_file_format(char *, KMF_ENCODE_FORMAT *); 287*30a5e8faSwyllys extern uint32_t kmf_string_to_ku(char *); 288*30a5e8faSwyllys extern char *kmf_ku_to_string(uint32_t); 289*30a5e8faSwyllys extern KMF_RETURN kmf_hexstr_to_bytes(unsigned char *, unsigned char **, 29099ebb4caSwyllys size_t *); 29199ebb4caSwyllys 292*30a5e8faSwyllys #define KMF_CompareRDNs kmf_compare_rdns 293*30a5e8faSwyllys 29499ebb4caSwyllys /* 29599ebb4caSwyllys * Memory cleanup operations 29699ebb4caSwyllys */ 297*30a5e8faSwyllys extern void kmf_free_dn(KMF_X509_NAME *); 298*30a5e8faSwyllys extern void kmf_free_kmf_cert(KMF_HANDLE_T, KMF_X509_DER_CERT *); 299*30a5e8faSwyllys extern void kmf_free_data(KMF_DATA *); 300*30a5e8faSwyllys extern void kmf_free_algoid(KMF_X509_ALGORITHM_IDENTIFIER *); 301*30a5e8faSwyllys extern void kmf_free_extn(KMF_X509_EXTENSION *); 302*30a5e8faSwyllys extern void kmf_free_tbs_csr(KMF_TBS_CSR *); 303*30a5e8faSwyllys extern void kmf_free_signed_csr(KMF_CSR_DATA *); 304*30a5e8faSwyllys extern void kmf_free_tbs_cert(KMF_X509_TBS_CERT *); 305*30a5e8faSwyllys extern void kmf_free_signed_cert(KMF_X509_CERTIFICATE *); 306*30a5e8faSwyllys extern void kmf_free_str(char *); 307*30a5e8faSwyllys extern void kmf_free_eku(KMF_X509EXT_EKU *); 308*30a5e8faSwyllys extern void kmf_free_spki(KMF_X509_SPKI *); 309*30a5e8faSwyllys extern void kmf_free_kmf_key(KMF_HANDLE_T, KMF_KEY_HANDLE *); 310*30a5e8faSwyllys extern void kmf_free_bigint(KMF_BIGINT *); 311*30a5e8faSwyllys extern void kmf_free_raw_key(KMF_RAW_KEY_DATA *); 312*30a5e8faSwyllys extern void kmf_free_raw_sym_key(KMF_RAW_SYM_KEY *); 313*30a5e8faSwyllys extern void kmf_free_crl_dist_pts(KMF_X509EXT_CRLDISTPOINTS *); 31499ebb4caSwyllys 31599ebb4caSwyllys /* APIs for PKCS#11 token */ 316*30a5e8faSwyllys extern KMF_RETURN kmf_pk11_token_lookup(KMF_HANDLE_T, char *, CK_SLOT_ID *); 317*30a5e8faSwyllys extern KMF_RETURN kmf_set_token_pin(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 318*30a5e8faSwyllys extern CK_SESSION_HANDLE kmf_get_pk11_handle(KMF_HANDLE_T); 319*30a5e8faSwyllys 320*30a5e8faSwyllys /* 321*30a5e8faSwyllys * Attribute management routines. 322*30a5e8faSwyllys */ 323*30a5e8faSwyllys int kmf_find_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int); 324*30a5e8faSwyllys void *kmf_get_attr_ptr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int); 325*30a5e8faSwyllys KMF_RETURN kmf_get_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, void *, 326*30a5e8faSwyllys uint32_t *); 327*30a5e8faSwyllys KMF_RETURN kmf_get_string_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, char **); 328*30a5e8faSwyllys KMF_RETURN kmf_set_attr(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, void *, uint32_t); 329*30a5e8faSwyllys void kmf_set_attr_at_index(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, 330*30a5e8faSwyllys void *, uint32_t); 331*30a5e8faSwyllys 332*30a5e8faSwyllys /* 333*30a5e8faSwyllys * Legacy support only - do not use these APIs - they can be removed at any 334*30a5e8faSwyllys * time. 335*30a5e8faSwyllys */ 336*30a5e8faSwyllys extern KMF_RETURN KMF_ConfigureKeystore(KMF_HANDLE_T, KMF_CONFIG_PARAMS *); 337*30a5e8faSwyllys extern KMF_RETURN KMF_CreateCSRFile(KMF_DATA *, KMF_ENCODE_FORMAT, char *); 338*30a5e8faSwyllys extern KMF_RETURN KMF_CreateKeypair(KMF_HANDLE_T, 339*30a5e8faSwyllys KMF_CREATEKEYPAIR_PARAMS *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *); 340*30a5e8faSwyllys extern KMF_RETURN KMF_DNParser(char *, KMF_X509_NAME *); 341*30a5e8faSwyllys extern KMF_RETURN KMF_Finalize(KMF_HANDLE_T); 342*30a5e8faSwyllys extern KMF_RETURN KMF_FindCert(KMF_HANDLE_T, KMF_FINDCERT_PARAMS *, 343*30a5e8faSwyllys KMF_X509_DER_CERT *, uint32_t *); 344*30a5e8faSwyllys extern KMF_RETURN KMF_FindKey(KMF_HANDLE_T, KMF_FINDKEY_PARAMS *, 345*30a5e8faSwyllys KMF_KEY_HANDLE *, uint32_t *); 346*30a5e8faSwyllys extern void KMF_FreeData(KMF_DATA *); 347*30a5e8faSwyllys extern void KMF_FreeKMFCert(KMF_HANDLE_T, KMF_X509_DER_CERT *); 348*30a5e8faSwyllys extern void KMF_FreeKMFKey(KMF_HANDLE_T, KMF_KEY_HANDLE *); 349*30a5e8faSwyllys extern void KMF_FreeSignedCSR(KMF_CSR_DATA *); 350*30a5e8faSwyllys extern KMF_RETURN KMF_GetCertIDString(const KMF_DATA *, char **); 351*30a5e8faSwyllys extern KMF_RETURN KMF_GetCertIssuerNameString(KMF_HANDLE_T, 352*30a5e8faSwyllys const KMF_DATA *, char **); 353*30a5e8faSwyllys extern KMF_RETURN KMF_GetCertSubjectNameString(KMF_HANDLE_T, 354*30a5e8faSwyllys const KMF_DATA *, char **); 355*30a5e8faSwyllys extern KMF_RETURN KMF_GetKMFErrorString(KMF_RETURN, char **); 356*30a5e8faSwyllys extern KMF_RETURN KMF_Initialize(KMF_HANDLE_T *, char *, char *); 357*30a5e8faSwyllys extern KMF_RETURN KMF_ReadInputFile(KMF_HANDLE_T, char *, KMF_DATA *); 358*30a5e8faSwyllys extern KMF_RETURN KMF_SetCSRPubKey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 359*30a5e8faSwyllys KMF_CSR_DATA *); 360*30a5e8faSwyllys extern KMF_RETURN KMF_SetCSRSignatureAlgorithm(KMF_CSR_DATA *, 361*30a5e8faSwyllys KMF_ALGORITHM_INDEX); 362*30a5e8faSwyllys extern KMF_RETURN KMF_SetCSRSubjectName(KMF_CSR_DATA *, KMF_X509_NAME *); 363*30a5e8faSwyllys extern KMF_RETURN KMF_SetCSRVersion(KMF_CSR_DATA *, uint32_t); 364*30a5e8faSwyllys extern KMF_RETURN KMF_SignCSR(KMF_HANDLE_T, const KMF_CSR_DATA *, 365*30a5e8faSwyllys KMF_KEY_HANDLE *, KMF_DATA *); 366*30a5e8faSwyllys extern KMF_RETURN KMF_SignDataWithKey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 367*30a5e8faSwyllys KMF_OID *, KMF_DATA *, KMF_DATA *); 368*30a5e8faSwyllys extern KMF_RETURN KMF_VerifyCertWithCert(KMF_HANDLE_T, const KMF_DATA *, 369*30a5e8faSwyllys const KMF_DATA *); 370*30a5e8faSwyllys extern KMF_RETURN KMF_VerifyDataWithCert(KMF_HANDLE_T, 371*30a5e8faSwyllys KMF_KEYSTORE_TYPE, KMF_ALGORITHM_INDEX, KMF_DATA *, KMF_DATA *, 372*30a5e8faSwyllys const KMF_DATA *); 37399ebb4caSwyllys 37499ebb4caSwyllys #ifdef __cplusplus 37599ebb4caSwyllys } 37699ebb4caSwyllys #endif 37799ebb4caSwyllys #endif /* _KMFAPI_H */ 378