199ebb4caSwyllys /* 299ebb4caSwyllys * CDDL HEADER START 399ebb4caSwyllys * 499ebb4caSwyllys * The contents of this file are subject to the terms of the 599ebb4caSwyllys * Common Development and Distribution License (the "License"). 699ebb4caSwyllys * You may not use this file except in compliance with the License. 799ebb4caSwyllys * 899ebb4caSwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 999ebb4caSwyllys * or http://www.opensolaris.org/os/licensing. 1099ebb4caSwyllys * See the License for the specific language governing permissions 1199ebb4caSwyllys * and limitations under the License. 1299ebb4caSwyllys * 1399ebb4caSwyllys * When distributing Covered Code, include this CDDL HEADER in each 1499ebb4caSwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 1599ebb4caSwyllys * If applicable, add the following below this CDDL HEADER, with the 1699ebb4caSwyllys * fields enclosed by brackets "[]" replaced with your own identifying 1799ebb4caSwyllys * information: Portions Copyright [yyyy] [name of copyright owner] 1899ebb4caSwyllys * 1999ebb4caSwyllys * CDDL HEADER END 2099ebb4caSwyllys */ 2199ebb4caSwyllys /* 2271593db2Swyllys * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 2399ebb4caSwyllys * Use is subject to license terms. 2499ebb4caSwyllys * 2599ebb4caSwyllys * 2699ebb4caSwyllys * Constant definitions and function prototypes for the KMF library. 2799ebb4caSwyllys * Commonly used data types are defined in "kmftypes.h". 2899ebb4caSwyllys */ 2999ebb4caSwyllys 3099ebb4caSwyllys #ifndef _KMFAPI_H 3199ebb4caSwyllys #define _KMFAPI_H 3299ebb4caSwyllys 3399ebb4caSwyllys #pragma ident "%Z%%M% %I% %E% SMI" 3499ebb4caSwyllys 3599ebb4caSwyllys #include <kmftypes.h> 3699ebb4caSwyllys #include <security/cryptoki.h> 3799ebb4caSwyllys 3899ebb4caSwyllys #ifdef __cplusplus 3999ebb4caSwyllys extern "C" { 4099ebb4caSwyllys #endif 4199ebb4caSwyllys 4299ebb4caSwyllys /* 4399ebb4caSwyllys * Setup operations. 4499ebb4caSwyllys */ 4530a5e8faSwyllys extern KMF_RETURN kmf_initialize(KMF_HANDLE_T *, char *, char *); 4630a5e8faSwyllys extern KMF_RETURN kmf_configure_keystore(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 4730a5e8faSwyllys extern KMF_RETURN kmf_finalize(KMF_HANDLE_T); 4899ebb4caSwyllys 4999ebb4caSwyllys /* 5099ebb4caSwyllys * Key operations. 5199ebb4caSwyllys */ 5230a5e8faSwyllys extern KMF_RETURN kmf_create_keypair(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5399ebb4caSwyllys 5430a5e8faSwyllys extern KMF_RETURN kmf_delete_key_from_keystore(KMF_HANDLE_T, int, 5530a5e8faSwyllys KMF_ATTRIBUTE *); 5699ebb4caSwyllys 5730a5e8faSwyllys extern KMF_RETURN kmf_find_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5899ebb4caSwyllys 5930a5e8faSwyllys extern KMF_RETURN kmf_find_prikey_by_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6099ebb4caSwyllys 6130a5e8faSwyllys extern KMF_RETURN kmf_store_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6299ebb4caSwyllys 6330a5e8faSwyllys extern KMF_RETURN kmf_create_sym_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6499ebb4caSwyllys 6530a5e8faSwyllys extern KMF_RETURN kmf_get_sym_key_value(KMF_HANDLE_T, KMF_KEY_HANDLE *, 6699ebb4caSwyllys KMF_RAW_SYM_KEY *); 6799ebb4caSwyllys 6899ebb4caSwyllys /* 6999ebb4caSwyllys * Certificate operations. 7099ebb4caSwyllys */ 7130a5e8faSwyllys extern KMF_RETURN kmf_find_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7299ebb4caSwyllys 7330a5e8faSwyllys extern KMF_RETURN kmf_encode_cert_record(KMF_X509_CERTIFICATE *, KMF_DATA *); 7402744e81Swyllys 7530a5e8faSwyllys extern KMF_RETURN kmf_import_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7699ebb4caSwyllys 7730a5e8faSwyllys extern KMF_RETURN kmf_store_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7899ebb4caSwyllys 7930a5e8faSwyllys extern KMF_RETURN kmf_delete_cert_from_keystore(KMF_HANDLE_T, int, 8030a5e8faSwyllys KMF_ATTRIBUTE *); 8199ebb4caSwyllys 8230a5e8faSwyllys extern KMF_RETURN kmf_validate_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 8399ebb4caSwyllys 8430a5e8faSwyllys extern KMF_RETURN kmf_create_cert_file(const KMF_DATA *, KMF_ENCODE_FORMAT, 8530a5e8faSwyllys char *); 8699ebb4caSwyllys 8730a5e8faSwyllys extern KMF_RETURN kmf_download_cert(KMF_HANDLE_T, char *, char *, int, 8899ebb4caSwyllys unsigned int, char *, KMF_ENCODE_FORMAT *); 8999ebb4caSwyllys 9030a5e8faSwyllys extern KMF_RETURN kmf_is_cert_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *); 9130a5e8faSwyllys 9230a5e8faSwyllys extern KMF_RETURN kmf_check_cert_date(KMF_HANDLE_T, const KMF_DATA *); 9330a5e8faSwyllys 9430a5e8faSwyllys /* 9530a5e8faSwyllys * Crypto operations with key or cert. 9630a5e8faSwyllys */ 9730a5e8faSwyllys extern KMF_RETURN kmf_encrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 9830a5e8faSwyllys extern KMF_RETURN kmf_decrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 9930a5e8faSwyllys extern KMF_RETURN kmf_sign_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10030a5e8faSwyllys extern KMF_RETURN kmf_sign_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10130a5e8faSwyllys extern KMF_RETURN kmf_verify_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10230a5e8faSwyllys extern KMF_RETURN kmf_verify_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10399ebb4caSwyllys 10499ebb4caSwyllys /* 10599ebb4caSwyllys * CRL operations. 10699ebb4caSwyllys */ 10730a5e8faSwyllys extern KMF_RETURN kmf_import_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10830a5e8faSwyllys extern KMF_RETURN kmf_delete_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10930a5e8faSwyllys extern KMF_RETURN kmf_list_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11030a5e8faSwyllys extern KMF_RETURN kmf_find_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11130a5e8faSwyllys extern KMF_RETURN kmf_find_cert_in_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11230a5e8faSwyllys extern KMF_RETURN kmf_verify_crl_file(KMF_HANDLE_T, char *, KMF_DATA *); 11330a5e8faSwyllys extern KMF_RETURN kmf_check_crl_date(KMF_HANDLE_T, char *); 11430a5e8faSwyllys extern KMF_RETURN kmf_download_crl(KMF_HANDLE_T, char *, char *, 11599ebb4caSwyllys int, unsigned int, char *, KMF_ENCODE_FORMAT *); 11630a5e8faSwyllys extern KMF_RETURN kmf_is_crl_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *); 11799ebb4caSwyllys 11899ebb4caSwyllys /* 11999ebb4caSwyllys * CSR operations. 12099ebb4caSwyllys */ 12130a5e8faSwyllys extern KMF_RETURN kmf_create_csr_file(KMF_DATA *, KMF_ENCODE_FORMAT, char *); 12230a5e8faSwyllys extern KMF_RETURN kmf_set_csr_pubkey(KMF_HANDLE_T, 12399ebb4caSwyllys KMF_KEY_HANDLE *, KMF_CSR_DATA *); 12430a5e8faSwyllys extern KMF_RETURN kmf_set_csr_version(KMF_CSR_DATA *, uint32_t); 12530a5e8faSwyllys extern KMF_RETURN kmf_set_csr_subject(KMF_CSR_DATA *, KMF_X509_NAME *); 12630a5e8faSwyllys extern KMF_RETURN kmf_set_csr_extn(KMF_CSR_DATA *, KMF_X509_EXTENSION *); 12730a5e8faSwyllys extern KMF_RETURN kmf_set_csr_sig_alg(KMF_CSR_DATA *, KMF_ALGORITHM_INDEX); 12830a5e8faSwyllys extern KMF_RETURN kmf_set_csr_subject_altname(KMF_CSR_DATA *, char *, 12999ebb4caSwyllys int, KMF_GENERALNAMECHOICES); 13030a5e8faSwyllys extern KMF_RETURN kmf_set_csr_ku(KMF_CSR_DATA *, int, uint16_t); 13130a5e8faSwyllys extern KMF_RETURN kmf_sign_csr(KMF_HANDLE_T, const KMF_CSR_DATA *, 13299ebb4caSwyllys KMF_KEY_HANDLE *, KMF_DATA *); 13399ebb4caSwyllys 13499ebb4caSwyllys /* 13599ebb4caSwyllys * GetCert operations. 13699ebb4caSwyllys */ 13730a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extn(const KMF_DATA *, KMF_OID *, 13899ebb4caSwyllys KMF_X509_EXTENSION *); 13999ebb4caSwyllys 14030a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extns(const KMF_DATA *, KMF_FLAG_CERT_EXTN, 14199ebb4caSwyllys KMF_X509_EXTENSION **, int *); 14299ebb4caSwyllys 14330a5e8faSwyllys extern KMF_RETURN kmf_get_cert_ku(const KMF_DATA *, KMF_X509EXT_KEY_USAGE *); 14499ebb4caSwyllys 14530a5e8faSwyllys extern KMF_RETURN kmf_get_cert_eku(const KMF_DATA *, KMF_X509EXT_EKU *); 14699ebb4caSwyllys 14730a5e8faSwyllys extern KMF_RETURN kmf_get_cert_basic_constraint(const KMF_DATA *, 14899ebb4caSwyllys KMF_BOOL *, KMF_X509EXT_BASICCONSTRAINTS *); 14999ebb4caSwyllys 15030a5e8faSwyllys extern KMF_RETURN kmf_get_cert_policies(const KMF_DATA *, 15199ebb4caSwyllys KMF_BOOL *, KMF_X509EXT_CERT_POLICIES *); 15299ebb4caSwyllys 15330a5e8faSwyllys extern KMF_RETURN kmf_get_cert_auth_info_access(const KMF_DATA *, 15499ebb4caSwyllys KMF_X509EXT_AUTHINFOACCESS *); 15599ebb4caSwyllys 15630a5e8faSwyllys extern KMF_RETURN kmf_get_cert_crl_dist_pts(const KMF_DATA *, 15799ebb4caSwyllys KMF_X509EXT_CRLDISTPOINTS *); 15899ebb4caSwyllys 15930a5e8faSwyllys extern KMF_RETURN kmf_get_cert_version_str(KMF_HANDLE_T, const KMF_DATA *, 16099ebb4caSwyllys char **); 16199ebb4caSwyllys 16230a5e8faSwyllys extern KMF_RETURN kmf_get_cert_subject_str(KMF_HANDLE_T, const KMF_DATA *, 16399ebb4caSwyllys char **); 16499ebb4caSwyllys 16530a5e8faSwyllys extern KMF_RETURN kmf_get_cert_issuer_str(KMF_HANDLE_T, const KMF_DATA *, 16630a5e8faSwyllys char **); 16799ebb4caSwyllys 16830a5e8faSwyllys extern KMF_RETURN kmf_get_cert_serial_str(KMF_HANDLE_T, const KMF_DATA *, 16930a5e8faSwyllys char **); 17099ebb4caSwyllys 17130a5e8faSwyllys extern KMF_RETURN kmf_get_cert_start_date_str(KMF_HANDLE_T, const KMF_DATA *, 17230a5e8faSwyllys char **); 17399ebb4caSwyllys 17430a5e8faSwyllys extern KMF_RETURN kmf_get_cert_end_date_str(KMF_HANDLE_T, const KMF_DATA *, 17530a5e8faSwyllys char **); 17699ebb4caSwyllys 17730a5e8faSwyllys extern KMF_RETURN kmf_get_cert_pubkey_alg_str(KMF_HANDLE_T, const KMF_DATA *, 17830a5e8faSwyllys char **); 17999ebb4caSwyllys 18030a5e8faSwyllys extern KMF_RETURN kmf_get_cert_sig_alg_str(KMF_HANDLE_T, const KMF_DATA *, 18130a5e8faSwyllys char **); 18299ebb4caSwyllys 18330a5e8faSwyllys extern KMF_RETURN kmf_get_cert_pubkey_str(KMF_HANDLE_T, const KMF_DATA *, 18430a5e8faSwyllys char **); 18530a5e8faSwyllys 18630a5e8faSwyllys extern KMF_RETURN kmf_get_cert_email_str(KMF_HANDLE_T, const KMF_DATA *, 18730a5e8faSwyllys char **); 18830a5e8faSwyllys 18930a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extn_str(KMF_HANDLE_T, const KMF_DATA *, 19099ebb4caSwyllys KMF_PRINTABLE_ITEM, char **); 19199ebb4caSwyllys 19230a5e8faSwyllys extern KMF_RETURN kmf_get_cert_id_data(const KMF_DATA *, KMF_DATA *); 19330a5e8faSwyllys 19430a5e8faSwyllys extern KMF_RETURN kmf_get_cert_id_str(const KMF_DATA *, char **); 19530a5e8faSwyllys 19630a5e8faSwyllys extern KMF_RETURN kmf_get_cert_validity(const KMF_DATA *, time_t *, time_t *); 19730a5e8faSwyllys 19899ebb4caSwyllys 19999ebb4caSwyllys /* 20099ebb4caSwyllys * SetCert operations 20199ebb4caSwyllys */ 20230a5e8faSwyllys extern KMF_RETURN kmf_set_cert_pubkey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 20399ebb4caSwyllys KMF_X509_CERTIFICATE *); 20499ebb4caSwyllys 20530a5e8faSwyllys extern KMF_RETURN kmf_set_cert_subject(KMF_X509_CERTIFICATE *, 20699ebb4caSwyllys KMF_X509_NAME *); 20799ebb4caSwyllys 20830a5e8faSwyllys extern KMF_RETURN kmf_set_cert_ku(KMF_X509_CERTIFICATE *, int, uint16_t); 20999ebb4caSwyllys 21030a5e8faSwyllys extern KMF_RETURN kmf_set_cert_issuer(KMF_X509_CERTIFICATE *, 21199ebb4caSwyllys KMF_X509_NAME *); 21299ebb4caSwyllys 21330a5e8faSwyllys extern KMF_RETURN kmf_set_cert_sig_alg(KMF_X509_CERTIFICATE *, 21499ebb4caSwyllys KMF_ALGORITHM_INDEX); 21599ebb4caSwyllys 21630a5e8faSwyllys extern KMF_RETURN kmf_set_cert_validity(KMF_X509_CERTIFICATE *, 21799ebb4caSwyllys time_t, uint32_t); 21899ebb4caSwyllys 21930a5e8faSwyllys extern KMF_RETURN kmf_set_cert_serial(KMF_X509_CERTIFICATE *, 22099ebb4caSwyllys KMF_BIGINT *); 22199ebb4caSwyllys 22230a5e8faSwyllys extern KMF_RETURN kmf_set_cert_version(KMF_X509_CERTIFICATE *, uint32_t); 22399ebb4caSwyllys 22430a5e8faSwyllys extern KMF_RETURN kmf_set_cert_issuer_altname(KMF_X509_CERTIFICATE *, 22599ebb4caSwyllys int, KMF_GENERALNAMECHOICES, char *); 22699ebb4caSwyllys 22730a5e8faSwyllys extern KMF_RETURN kmf_set_cert_subject_altname(KMF_X509_CERTIFICATE *, 22899ebb4caSwyllys int, KMF_GENERALNAMECHOICES, char *); 22999ebb4caSwyllys 23030a5e8faSwyllys extern KMF_RETURN kmf_add_cert_eku(KMF_X509_CERTIFICATE *, KMF_OID *, int); 23199ebb4caSwyllys 23230a5e8faSwyllys extern KMF_RETURN kmf_set_cert_extn(KMF_X509_CERTIFICATE *, 23399ebb4caSwyllys KMF_X509_EXTENSION *); 23499ebb4caSwyllys 23530a5e8faSwyllys extern KMF_RETURN kmf_set_cert_basic_constraint(KMF_X509_CERTIFICATE *, 23699ebb4caSwyllys KMF_BOOL, KMF_X509EXT_BASICCONSTRAINTS *); 23799ebb4caSwyllys 23830a5e8faSwyllys 23930a5e8faSwyllys /* 24030a5e8faSwyllys * PK12 operations 24130a5e8faSwyllys */ 24230a5e8faSwyllys extern KMF_RETURN kmf_export_pk12(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 24330a5e8faSwyllys 24430a5e8faSwyllys extern KMF_RETURN kmf_build_pk12(KMF_HANDLE_T, int, KMF_X509_DER_CERT *, 24530a5e8faSwyllys int, KMF_KEY_HANDLE *, KMF_CREDENTIAL *, char *); 24630a5e8faSwyllys 24730a5e8faSwyllys extern KMF_RETURN kmf_import_objects(KMF_HANDLE_T, char *, KMF_CREDENTIAL *, 2485b3e1433Swyllys KMF_X509_DER_CERT **, int *, KMF_RAW_KEY_DATA **, int *); 24999ebb4caSwyllys 25099ebb4caSwyllys /* 25130a5e8faSwyllys * OCSP operations 25299ebb4caSwyllys */ 25330a5e8faSwyllys extern KMF_RETURN kmf_get_ocsp_for_cert(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *, 25499ebb4caSwyllys KMF_DATA *); 25599ebb4caSwyllys 25630a5e8faSwyllys extern KMF_RETURN kmf_create_ocsp_request(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 25799ebb4caSwyllys 25830a5e8faSwyllys extern KMF_RETURN kmf_get_encoded_ocsp_response(KMF_HANDLE_T, char *, 25930a5e8faSwyllys char *, int, char *, int, char *, unsigned int); 26099ebb4caSwyllys 26130a5e8faSwyllys extern KMF_RETURN kmf_get_ocsp_status_for_cert(KMF_HANDLE_T, int, 26230a5e8faSwyllys KMF_ATTRIBUTE *); 26399ebb4caSwyllys 26499ebb4caSwyllys /* 26599ebb4caSwyllys * Policy Operations 26699ebb4caSwyllys */ 26730a5e8faSwyllys extern KMF_RETURN kmf_set_policy(KMF_HANDLE_T, char *, char *); 26899ebb4caSwyllys 26999ebb4caSwyllys /* 27099ebb4caSwyllys * Error handling. 27199ebb4caSwyllys */ 27230a5e8faSwyllys extern KMF_RETURN kmf_get_plugin_error_str(KMF_HANDLE_T, char **); 27330a5e8faSwyllys extern KMF_RETURN kmf_get_kmf_error_str(KMF_RETURN, char **); 27499ebb4caSwyllys 27599ebb4caSwyllys /* 27699ebb4caSwyllys * Miscellaneous 27799ebb4caSwyllys */ 27830a5e8faSwyllys extern KMF_RETURN kmf_dn_parser(char *, KMF_X509_NAME *); 27930a5e8faSwyllys extern KMF_RETURN kmf_read_input_file(KMF_HANDLE_T, char *, KMF_DATA *); 28030a5e8faSwyllys extern KMF_RETURN kmf_der_to_pem(KMF_OBJECT_TYPE, unsigned char *, 28199ebb4caSwyllys int, unsigned char **, int *); 28230a5e8faSwyllys extern KMF_RETURN kmf_pem_to_der(unsigned char *, int, unsigned char **, int *); 28330a5e8faSwyllys extern char *kmf_oid_to_string(KMF_OID *); 28430a5e8faSwyllys extern KMF_RETURN kmf_string_to_oid(char *, KMF_OID *); 28530a5e8faSwyllys extern int kmf_compare_rdns(KMF_X509_NAME *, KMF_X509_NAME *); 28630a5e8faSwyllys extern KMF_RETURN kmf_get_file_format(char *, KMF_ENCODE_FORMAT *); 28730a5e8faSwyllys extern uint32_t kmf_string_to_ku(char *); 28830a5e8faSwyllys extern char *kmf_ku_to_string(uint32_t); 28930a5e8faSwyllys extern KMF_RETURN kmf_hexstr_to_bytes(unsigned char *, unsigned char **, 29099ebb4caSwyllys size_t *); 29199ebb4caSwyllys 292*431deaa0Shylee extern KMF_RETURN kmf_get_plugin_info(KMF_HANDLE_T, char *, 293*431deaa0Shylee KMF_KEYSTORE_TYPE *, char **); 294*431deaa0Shylee 29530a5e8faSwyllys #define KMF_CompareRDNs kmf_compare_rdns 29630a5e8faSwyllys 29799ebb4caSwyllys /* 29899ebb4caSwyllys * Memory cleanup operations 29999ebb4caSwyllys */ 30030a5e8faSwyllys extern void kmf_free_dn(KMF_X509_NAME *); 30130a5e8faSwyllys extern void kmf_free_kmf_cert(KMF_HANDLE_T, KMF_X509_DER_CERT *); 30230a5e8faSwyllys extern void kmf_free_data(KMF_DATA *); 30330a5e8faSwyllys extern void kmf_free_algoid(KMF_X509_ALGORITHM_IDENTIFIER *); 30430a5e8faSwyllys extern void kmf_free_extn(KMF_X509_EXTENSION *); 30530a5e8faSwyllys extern void kmf_free_tbs_csr(KMF_TBS_CSR *); 30630a5e8faSwyllys extern void kmf_free_signed_csr(KMF_CSR_DATA *); 30730a5e8faSwyllys extern void kmf_free_tbs_cert(KMF_X509_TBS_CERT *); 30830a5e8faSwyllys extern void kmf_free_signed_cert(KMF_X509_CERTIFICATE *); 30930a5e8faSwyllys extern void kmf_free_str(char *); 31030a5e8faSwyllys extern void kmf_free_eku(KMF_X509EXT_EKU *); 31130a5e8faSwyllys extern void kmf_free_spki(KMF_X509_SPKI *); 31230a5e8faSwyllys extern void kmf_free_kmf_key(KMF_HANDLE_T, KMF_KEY_HANDLE *); 31330a5e8faSwyllys extern void kmf_free_bigint(KMF_BIGINT *); 31430a5e8faSwyllys extern void kmf_free_raw_key(KMF_RAW_KEY_DATA *); 31530a5e8faSwyllys extern void kmf_free_raw_sym_key(KMF_RAW_SYM_KEY *); 31630a5e8faSwyllys extern void kmf_free_crl_dist_pts(KMF_X509EXT_CRLDISTPOINTS *); 31799ebb4caSwyllys 31899ebb4caSwyllys /* APIs for PKCS#11 token */ 31930a5e8faSwyllys extern KMF_RETURN kmf_pk11_token_lookup(KMF_HANDLE_T, char *, CK_SLOT_ID *); 32030a5e8faSwyllys extern KMF_RETURN kmf_set_token_pin(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 32130a5e8faSwyllys extern CK_SESSION_HANDLE kmf_get_pk11_handle(KMF_HANDLE_T); 32230a5e8faSwyllys 32330a5e8faSwyllys /* 32430a5e8faSwyllys * Attribute management routines. 32530a5e8faSwyllys */ 32630a5e8faSwyllys int kmf_find_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int); 32730a5e8faSwyllys void *kmf_get_attr_ptr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int); 32830a5e8faSwyllys KMF_RETURN kmf_get_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, void *, 32930a5e8faSwyllys uint32_t *); 33030a5e8faSwyllys KMF_RETURN kmf_get_string_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, char **); 33130a5e8faSwyllys KMF_RETURN kmf_set_attr(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, void *, uint32_t); 33230a5e8faSwyllys void kmf_set_attr_at_index(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, 33330a5e8faSwyllys void *, uint32_t); 33430a5e8faSwyllys 33530a5e8faSwyllys /* 33630a5e8faSwyllys * Legacy support only - do not use these APIs - they can be removed at any 33730a5e8faSwyllys * time. 33830a5e8faSwyllys */ 33930a5e8faSwyllys extern KMF_RETURN KMF_ConfigureKeystore(KMF_HANDLE_T, KMF_CONFIG_PARAMS *); 34030a5e8faSwyllys extern KMF_RETURN KMF_CreateCSRFile(KMF_DATA *, KMF_ENCODE_FORMAT, char *); 34130a5e8faSwyllys extern KMF_RETURN KMF_CreateKeypair(KMF_HANDLE_T, 34230a5e8faSwyllys KMF_CREATEKEYPAIR_PARAMS *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *); 34330a5e8faSwyllys extern KMF_RETURN KMF_DNParser(char *, KMF_X509_NAME *); 34430a5e8faSwyllys extern KMF_RETURN KMF_Finalize(KMF_HANDLE_T); 34530a5e8faSwyllys extern KMF_RETURN KMF_FindCert(KMF_HANDLE_T, KMF_FINDCERT_PARAMS *, 34630a5e8faSwyllys KMF_X509_DER_CERT *, uint32_t *); 34730a5e8faSwyllys extern KMF_RETURN KMF_FindKey(KMF_HANDLE_T, KMF_FINDKEY_PARAMS *, 34830a5e8faSwyllys KMF_KEY_HANDLE *, uint32_t *); 34930a5e8faSwyllys extern void KMF_FreeData(KMF_DATA *); 35030a5e8faSwyllys extern void KMF_FreeKMFCert(KMF_HANDLE_T, KMF_X509_DER_CERT *); 35130a5e8faSwyllys extern void KMF_FreeKMFKey(KMF_HANDLE_T, KMF_KEY_HANDLE *); 35230a5e8faSwyllys extern void KMF_FreeSignedCSR(KMF_CSR_DATA *); 35330a5e8faSwyllys extern KMF_RETURN KMF_GetCertIDString(const KMF_DATA *, char **); 35430a5e8faSwyllys extern KMF_RETURN KMF_GetCertIssuerNameString(KMF_HANDLE_T, 35530a5e8faSwyllys const KMF_DATA *, char **); 35630a5e8faSwyllys extern KMF_RETURN KMF_GetCertSubjectNameString(KMF_HANDLE_T, 35730a5e8faSwyllys const KMF_DATA *, char **); 35830a5e8faSwyllys extern KMF_RETURN KMF_GetKMFErrorString(KMF_RETURN, char **); 35930a5e8faSwyllys extern KMF_RETURN KMF_Initialize(KMF_HANDLE_T *, char *, char *); 36030a5e8faSwyllys extern KMF_RETURN KMF_ReadInputFile(KMF_HANDLE_T, char *, KMF_DATA *); 36130a5e8faSwyllys extern KMF_RETURN KMF_SetCSRPubKey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 36230a5e8faSwyllys KMF_CSR_DATA *); 36330a5e8faSwyllys extern KMF_RETURN KMF_SetCSRSignatureAlgorithm(KMF_CSR_DATA *, 36430a5e8faSwyllys KMF_ALGORITHM_INDEX); 36530a5e8faSwyllys extern KMF_RETURN KMF_SetCSRSubjectName(KMF_CSR_DATA *, KMF_X509_NAME *); 36630a5e8faSwyllys extern KMF_RETURN KMF_SetCSRVersion(KMF_CSR_DATA *, uint32_t); 36730a5e8faSwyllys extern KMF_RETURN KMF_SignCSR(KMF_HANDLE_T, const KMF_CSR_DATA *, 36830a5e8faSwyllys KMF_KEY_HANDLE *, KMF_DATA *); 36930a5e8faSwyllys extern KMF_RETURN KMF_SignDataWithKey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 37030a5e8faSwyllys KMF_OID *, KMF_DATA *, KMF_DATA *); 37130a5e8faSwyllys extern KMF_RETURN KMF_VerifyCertWithCert(KMF_HANDLE_T, const KMF_DATA *, 37230a5e8faSwyllys const KMF_DATA *); 37330a5e8faSwyllys extern KMF_RETURN KMF_VerifyDataWithCert(KMF_HANDLE_T, 37430a5e8faSwyllys KMF_KEYSTORE_TYPE, KMF_ALGORITHM_INDEX, KMF_DATA *, KMF_DATA *, 37530a5e8faSwyllys const KMF_DATA *); 37699ebb4caSwyllys 37799ebb4caSwyllys #ifdef __cplusplus 37899ebb4caSwyllys } 37999ebb4caSwyllys #endif 38099ebb4caSwyllys #endif /* _KMFAPI_H */ 381