199ebb4caSwyllys /* 299ebb4caSwyllys * CDDL HEADER START 399ebb4caSwyllys * 499ebb4caSwyllys * The contents of this file are subject to the terms of the 599ebb4caSwyllys * Common Development and Distribution License (the "License"). 699ebb4caSwyllys * You may not use this file except in compliance with the License. 799ebb4caSwyllys * 899ebb4caSwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 999ebb4caSwyllys * or http://www.opensolaris.org/os/licensing. 1099ebb4caSwyllys * See the License for the specific language governing permissions 1199ebb4caSwyllys * and limitations under the License. 1299ebb4caSwyllys * 1399ebb4caSwyllys * When distributing Covered Code, include this CDDL HEADER in each 1499ebb4caSwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 1599ebb4caSwyllys * If applicable, add the following below this CDDL HEADER, with the 1699ebb4caSwyllys * fields enclosed by brackets "[]" replaced with your own identifying 1799ebb4caSwyllys * information: Portions Copyright [yyyy] [name of copyright owner] 1899ebb4caSwyllys * 1999ebb4caSwyllys * CDDL HEADER END 2099ebb4caSwyllys */ 2199ebb4caSwyllys /* 22*47e946e7SWyllys Ingersoll * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 2399ebb4caSwyllys * Use is subject to license terms. 2499ebb4caSwyllys * 2599ebb4caSwyllys * 2699ebb4caSwyllys * Constant definitions and function prototypes for the KMF library. 2799ebb4caSwyllys * Commonly used data types are defined in "kmftypes.h". 2899ebb4caSwyllys */ 2999ebb4caSwyllys 3099ebb4caSwyllys #ifndef _KMFAPI_H 3199ebb4caSwyllys #define _KMFAPI_H 3299ebb4caSwyllys 3399ebb4caSwyllys #include <kmftypes.h> 3499ebb4caSwyllys #include <security/cryptoki.h> 3599ebb4caSwyllys 3699ebb4caSwyllys #ifdef __cplusplus 3799ebb4caSwyllys extern "C" { 3899ebb4caSwyllys #endif 3999ebb4caSwyllys 4099ebb4caSwyllys /* 4199ebb4caSwyllys * Setup operations. 4299ebb4caSwyllys */ 4330a5e8faSwyllys extern KMF_RETURN kmf_initialize(KMF_HANDLE_T *, char *, char *); 4430a5e8faSwyllys extern KMF_RETURN kmf_configure_keystore(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 4530a5e8faSwyllys extern KMF_RETURN kmf_finalize(KMF_HANDLE_T); 4699ebb4caSwyllys 4799ebb4caSwyllys /* 4899ebb4caSwyllys * Key operations. 4999ebb4caSwyllys */ 5030a5e8faSwyllys extern KMF_RETURN kmf_create_keypair(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5199ebb4caSwyllys 5230a5e8faSwyllys extern KMF_RETURN kmf_delete_key_from_keystore(KMF_HANDLE_T, int, 5330a5e8faSwyllys KMF_ATTRIBUTE *); 5499ebb4caSwyllys 5530a5e8faSwyllys extern KMF_RETURN kmf_find_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5699ebb4caSwyllys 5730a5e8faSwyllys extern KMF_RETURN kmf_find_prikey_by_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5899ebb4caSwyllys 5930a5e8faSwyllys extern KMF_RETURN kmf_store_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6099ebb4caSwyllys 6130a5e8faSwyllys extern KMF_RETURN kmf_create_sym_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6299ebb4caSwyllys 6330a5e8faSwyllys extern KMF_RETURN kmf_get_sym_key_value(KMF_HANDLE_T, KMF_KEY_HANDLE *, 6499ebb4caSwyllys KMF_RAW_SYM_KEY *); 6599ebb4caSwyllys 6699ebb4caSwyllys /* 6799ebb4caSwyllys * Certificate operations. 6899ebb4caSwyllys */ 6930a5e8faSwyllys extern KMF_RETURN kmf_find_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7099ebb4caSwyllys 7130a5e8faSwyllys extern KMF_RETURN kmf_encode_cert_record(KMF_X509_CERTIFICATE *, KMF_DATA *); 7202744e81Swyllys 7330a5e8faSwyllys extern KMF_RETURN kmf_import_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7499ebb4caSwyllys 7530a5e8faSwyllys extern KMF_RETURN kmf_store_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7699ebb4caSwyllys 7730a5e8faSwyllys extern KMF_RETURN kmf_delete_cert_from_keystore(KMF_HANDLE_T, int, 7830a5e8faSwyllys KMF_ATTRIBUTE *); 7999ebb4caSwyllys 8030a5e8faSwyllys extern KMF_RETURN kmf_validate_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 8199ebb4caSwyllys 8230a5e8faSwyllys extern KMF_RETURN kmf_create_cert_file(const KMF_DATA *, KMF_ENCODE_FORMAT, 8330a5e8faSwyllys char *); 8499ebb4caSwyllys 8530a5e8faSwyllys extern KMF_RETURN kmf_download_cert(KMF_HANDLE_T, char *, char *, int, 8699ebb4caSwyllys unsigned int, char *, KMF_ENCODE_FORMAT *); 8799ebb4caSwyllys 88d00756ccSwyllys extern KMF_RETURN kmf_is_cert_data(KMF_DATA *, KMF_ENCODE_FORMAT *); 8930a5e8faSwyllys extern KMF_RETURN kmf_is_cert_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *); 9030a5e8faSwyllys 9130a5e8faSwyllys extern KMF_RETURN kmf_check_cert_date(KMF_HANDLE_T, const KMF_DATA *); 9230a5e8faSwyllys 9330a5e8faSwyllys /* 9430a5e8faSwyllys * Crypto operations with key or cert. 9530a5e8faSwyllys */ 9630a5e8faSwyllys extern KMF_RETURN kmf_encrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 9730a5e8faSwyllys extern KMF_RETURN kmf_decrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 9830a5e8faSwyllys extern KMF_RETURN kmf_sign_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 9930a5e8faSwyllys extern KMF_RETURN kmf_sign_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10030a5e8faSwyllys extern KMF_RETURN kmf_verify_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10130a5e8faSwyllys extern KMF_RETURN kmf_verify_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10299ebb4caSwyllys 10399ebb4caSwyllys /* 10499ebb4caSwyllys * CRL operations. 10599ebb4caSwyllys */ 10630a5e8faSwyllys extern KMF_RETURN kmf_import_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10730a5e8faSwyllys extern KMF_RETURN kmf_delete_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10830a5e8faSwyllys extern KMF_RETURN kmf_list_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10930a5e8faSwyllys extern KMF_RETURN kmf_find_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11030a5e8faSwyllys extern KMF_RETURN kmf_find_cert_in_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11130a5e8faSwyllys extern KMF_RETURN kmf_verify_crl_file(KMF_HANDLE_T, char *, KMF_DATA *); 11230a5e8faSwyllys extern KMF_RETURN kmf_check_crl_date(KMF_HANDLE_T, char *); 11330a5e8faSwyllys extern KMF_RETURN kmf_download_crl(KMF_HANDLE_T, char *, char *, 11499ebb4caSwyllys int, unsigned int, char *, KMF_ENCODE_FORMAT *); 11530a5e8faSwyllys extern KMF_RETURN kmf_is_crl_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *); 11699ebb4caSwyllys 11799ebb4caSwyllys /* 11899ebb4caSwyllys * CSR operations. 11999ebb4caSwyllys */ 12030a5e8faSwyllys extern KMF_RETURN kmf_create_csr_file(KMF_DATA *, KMF_ENCODE_FORMAT, char *); 12130a5e8faSwyllys extern KMF_RETURN kmf_set_csr_pubkey(KMF_HANDLE_T, 12299ebb4caSwyllys KMF_KEY_HANDLE *, KMF_CSR_DATA *); 12330a5e8faSwyllys extern KMF_RETURN kmf_set_csr_version(KMF_CSR_DATA *, uint32_t); 12430a5e8faSwyllys extern KMF_RETURN kmf_set_csr_subject(KMF_CSR_DATA *, KMF_X509_NAME *); 12530a5e8faSwyllys extern KMF_RETURN kmf_set_csr_extn(KMF_CSR_DATA *, KMF_X509_EXTENSION *); 12630a5e8faSwyllys extern KMF_RETURN kmf_set_csr_sig_alg(KMF_CSR_DATA *, KMF_ALGORITHM_INDEX); 12730a5e8faSwyllys extern KMF_RETURN kmf_set_csr_subject_altname(KMF_CSR_DATA *, char *, 12899ebb4caSwyllys int, KMF_GENERALNAMECHOICES); 12930a5e8faSwyllys extern KMF_RETURN kmf_set_csr_ku(KMF_CSR_DATA *, int, uint16_t); 130d00756ccSwyllys extern KMF_RETURN kmf_decode_csr(KMF_HANDLE_T, KMF_DATA *, KMF_CSR_DATA *); 131d00756ccSwyllys extern KMF_RETURN kmf_verify_csr(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 13230a5e8faSwyllys extern KMF_RETURN kmf_sign_csr(KMF_HANDLE_T, const KMF_CSR_DATA *, 13399ebb4caSwyllys KMF_KEY_HANDLE *, KMF_DATA *); 134d00756ccSwyllys extern KMF_RETURN kmf_add_csr_eku(KMF_CSR_DATA *, KMF_OID *, int); 13599ebb4caSwyllys 13699ebb4caSwyllys /* 13799ebb4caSwyllys * GetCert operations. 13899ebb4caSwyllys */ 13930a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extn(const KMF_DATA *, KMF_OID *, 14099ebb4caSwyllys KMF_X509_EXTENSION *); 14199ebb4caSwyllys 14230a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extns(const KMF_DATA *, KMF_FLAG_CERT_EXTN, 14399ebb4caSwyllys KMF_X509_EXTENSION **, int *); 14499ebb4caSwyllys 14530a5e8faSwyllys extern KMF_RETURN kmf_get_cert_ku(const KMF_DATA *, KMF_X509EXT_KEY_USAGE *); 14699ebb4caSwyllys 14730a5e8faSwyllys extern KMF_RETURN kmf_get_cert_eku(const KMF_DATA *, KMF_X509EXT_EKU *); 14899ebb4caSwyllys 14930a5e8faSwyllys extern KMF_RETURN kmf_get_cert_basic_constraint(const KMF_DATA *, 15099ebb4caSwyllys KMF_BOOL *, KMF_X509EXT_BASICCONSTRAINTS *); 15199ebb4caSwyllys 15230a5e8faSwyllys extern KMF_RETURN kmf_get_cert_policies(const KMF_DATA *, 15399ebb4caSwyllys KMF_BOOL *, KMF_X509EXT_CERT_POLICIES *); 15499ebb4caSwyllys 15530a5e8faSwyllys extern KMF_RETURN kmf_get_cert_auth_info_access(const KMF_DATA *, 15699ebb4caSwyllys KMF_X509EXT_AUTHINFOACCESS *); 15799ebb4caSwyllys 15830a5e8faSwyllys extern KMF_RETURN kmf_get_cert_crl_dist_pts(const KMF_DATA *, 15999ebb4caSwyllys KMF_X509EXT_CRLDISTPOINTS *); 16099ebb4caSwyllys 16130a5e8faSwyllys extern KMF_RETURN kmf_get_cert_version_str(KMF_HANDLE_T, const KMF_DATA *, 16299ebb4caSwyllys char **); 16399ebb4caSwyllys 16430a5e8faSwyllys extern KMF_RETURN kmf_get_cert_subject_str(KMF_HANDLE_T, const KMF_DATA *, 16599ebb4caSwyllys char **); 16699ebb4caSwyllys 16730a5e8faSwyllys extern KMF_RETURN kmf_get_cert_issuer_str(KMF_HANDLE_T, const KMF_DATA *, 16830a5e8faSwyllys char **); 16999ebb4caSwyllys 17030a5e8faSwyllys extern KMF_RETURN kmf_get_cert_serial_str(KMF_HANDLE_T, const KMF_DATA *, 17130a5e8faSwyllys char **); 17299ebb4caSwyllys 17330a5e8faSwyllys extern KMF_RETURN kmf_get_cert_start_date_str(KMF_HANDLE_T, const KMF_DATA *, 17430a5e8faSwyllys char **); 17599ebb4caSwyllys 17630a5e8faSwyllys extern KMF_RETURN kmf_get_cert_end_date_str(KMF_HANDLE_T, const KMF_DATA *, 17730a5e8faSwyllys char **); 17899ebb4caSwyllys 17930a5e8faSwyllys extern KMF_RETURN kmf_get_cert_pubkey_alg_str(KMF_HANDLE_T, const KMF_DATA *, 18030a5e8faSwyllys char **); 18199ebb4caSwyllys 18230a5e8faSwyllys extern KMF_RETURN kmf_get_cert_sig_alg_str(KMF_HANDLE_T, const KMF_DATA *, 18330a5e8faSwyllys char **); 18499ebb4caSwyllys 18530a5e8faSwyllys extern KMF_RETURN kmf_get_cert_pubkey_str(KMF_HANDLE_T, const KMF_DATA *, 18630a5e8faSwyllys char **); 18730a5e8faSwyllys 18830a5e8faSwyllys extern KMF_RETURN kmf_get_cert_email_str(KMF_HANDLE_T, const KMF_DATA *, 18930a5e8faSwyllys char **); 19030a5e8faSwyllys 19130a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extn_str(KMF_HANDLE_T, const KMF_DATA *, 19299ebb4caSwyllys KMF_PRINTABLE_ITEM, char **); 19399ebb4caSwyllys 19430a5e8faSwyllys extern KMF_RETURN kmf_get_cert_id_data(const KMF_DATA *, KMF_DATA *); 19530a5e8faSwyllys 19630a5e8faSwyllys extern KMF_RETURN kmf_get_cert_id_str(const KMF_DATA *, char **); 19730a5e8faSwyllys 19830a5e8faSwyllys extern KMF_RETURN kmf_get_cert_validity(const KMF_DATA *, time_t *, time_t *); 19930a5e8faSwyllys 20099ebb4caSwyllys 20199ebb4caSwyllys /* 20299ebb4caSwyllys * SetCert operations 20399ebb4caSwyllys */ 20430a5e8faSwyllys extern KMF_RETURN kmf_set_cert_pubkey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 20599ebb4caSwyllys KMF_X509_CERTIFICATE *); 20699ebb4caSwyllys 20730a5e8faSwyllys extern KMF_RETURN kmf_set_cert_subject(KMF_X509_CERTIFICATE *, 20899ebb4caSwyllys KMF_X509_NAME *); 20999ebb4caSwyllys 21030a5e8faSwyllys extern KMF_RETURN kmf_set_cert_ku(KMF_X509_CERTIFICATE *, int, uint16_t); 21199ebb4caSwyllys 21230a5e8faSwyllys extern KMF_RETURN kmf_set_cert_issuer(KMF_X509_CERTIFICATE *, 21399ebb4caSwyllys KMF_X509_NAME *); 21499ebb4caSwyllys 21530a5e8faSwyllys extern KMF_RETURN kmf_set_cert_sig_alg(KMF_X509_CERTIFICATE *, 21699ebb4caSwyllys KMF_ALGORITHM_INDEX); 21799ebb4caSwyllys 21830a5e8faSwyllys extern KMF_RETURN kmf_set_cert_validity(KMF_X509_CERTIFICATE *, 21999ebb4caSwyllys time_t, uint32_t); 22099ebb4caSwyllys 22130a5e8faSwyllys extern KMF_RETURN kmf_set_cert_serial(KMF_X509_CERTIFICATE *, 22299ebb4caSwyllys KMF_BIGINT *); 22399ebb4caSwyllys 22430a5e8faSwyllys extern KMF_RETURN kmf_set_cert_version(KMF_X509_CERTIFICATE *, uint32_t); 22599ebb4caSwyllys 22630a5e8faSwyllys extern KMF_RETURN kmf_set_cert_issuer_altname(KMF_X509_CERTIFICATE *, 22799ebb4caSwyllys int, KMF_GENERALNAMECHOICES, char *); 22899ebb4caSwyllys 22930a5e8faSwyllys extern KMF_RETURN kmf_set_cert_subject_altname(KMF_X509_CERTIFICATE *, 23099ebb4caSwyllys int, KMF_GENERALNAMECHOICES, char *); 23199ebb4caSwyllys 23230a5e8faSwyllys extern KMF_RETURN kmf_add_cert_eku(KMF_X509_CERTIFICATE *, KMF_OID *, int); 23399ebb4caSwyllys 23430a5e8faSwyllys extern KMF_RETURN kmf_set_cert_extn(KMF_X509_CERTIFICATE *, 23599ebb4caSwyllys KMF_X509_EXTENSION *); 23699ebb4caSwyllys 23730a5e8faSwyllys extern KMF_RETURN kmf_set_cert_basic_constraint(KMF_X509_CERTIFICATE *, 23899ebb4caSwyllys KMF_BOOL, KMF_X509EXT_BASICCONSTRAINTS *); 23999ebb4caSwyllys 24030a5e8faSwyllys 24130a5e8faSwyllys /* 24230a5e8faSwyllys * PK12 operations 24330a5e8faSwyllys */ 24430a5e8faSwyllys extern KMF_RETURN kmf_export_pk12(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 24530a5e8faSwyllys 24630a5e8faSwyllys extern KMF_RETURN kmf_build_pk12(KMF_HANDLE_T, int, KMF_X509_DER_CERT *, 24730a5e8faSwyllys int, KMF_KEY_HANDLE *, KMF_CREDENTIAL *, char *); 24830a5e8faSwyllys 24930a5e8faSwyllys extern KMF_RETURN kmf_import_objects(KMF_HANDLE_T, char *, KMF_CREDENTIAL *, 2505b3e1433Swyllys KMF_X509_DER_CERT **, int *, KMF_RAW_KEY_DATA **, int *); 25199ebb4caSwyllys 25299ebb4caSwyllys /* 25330a5e8faSwyllys * OCSP operations 25499ebb4caSwyllys */ 25530a5e8faSwyllys extern KMF_RETURN kmf_get_ocsp_for_cert(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *, 25699ebb4caSwyllys KMF_DATA *); 25799ebb4caSwyllys 25830a5e8faSwyllys extern KMF_RETURN kmf_create_ocsp_request(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 25999ebb4caSwyllys 26030a5e8faSwyllys extern KMF_RETURN kmf_get_encoded_ocsp_response(KMF_HANDLE_T, char *, 26130a5e8faSwyllys char *, int, char *, int, char *, unsigned int); 26299ebb4caSwyllys 26330a5e8faSwyllys extern KMF_RETURN kmf_get_ocsp_status_for_cert(KMF_HANDLE_T, int, 26430a5e8faSwyllys KMF_ATTRIBUTE *); 26599ebb4caSwyllys 26699ebb4caSwyllys /* 26799ebb4caSwyllys * Policy Operations 26899ebb4caSwyllys */ 26930a5e8faSwyllys extern KMF_RETURN kmf_set_policy(KMF_HANDLE_T, char *, char *); 27099ebb4caSwyllys 27199ebb4caSwyllys /* 27299ebb4caSwyllys * Error handling. 27399ebb4caSwyllys */ 27430a5e8faSwyllys extern KMF_RETURN kmf_get_plugin_error_str(KMF_HANDLE_T, char **); 27530a5e8faSwyllys extern KMF_RETURN kmf_get_kmf_error_str(KMF_RETURN, char **); 27699ebb4caSwyllys 27799ebb4caSwyllys /* 27899ebb4caSwyllys * Miscellaneous 27999ebb4caSwyllys */ 28030a5e8faSwyllys extern KMF_RETURN kmf_dn_parser(char *, KMF_X509_NAME *); 28130a5e8faSwyllys extern KMF_RETURN kmf_read_input_file(KMF_HANDLE_T, char *, KMF_DATA *); 28230a5e8faSwyllys extern KMF_RETURN kmf_der_to_pem(KMF_OBJECT_TYPE, unsigned char *, 28399ebb4caSwyllys int, unsigned char **, int *); 28430a5e8faSwyllys extern KMF_RETURN kmf_pem_to_der(unsigned char *, int, unsigned char **, int *); 28530a5e8faSwyllys extern char *kmf_oid_to_string(KMF_OID *); 28630a5e8faSwyllys extern KMF_RETURN kmf_string_to_oid(char *, KMF_OID *); 28730a5e8faSwyllys extern int kmf_compare_rdns(KMF_X509_NAME *, KMF_X509_NAME *); 288d00756ccSwyllys extern KMF_RETURN kmf_get_data_format(KMF_DATA *, KMF_ENCODE_FORMAT *); 28930a5e8faSwyllys extern KMF_RETURN kmf_get_file_format(char *, KMF_ENCODE_FORMAT *); 29030a5e8faSwyllys extern uint32_t kmf_string_to_ku(char *); 29130a5e8faSwyllys extern char *kmf_ku_to_string(uint32_t); 29230a5e8faSwyllys extern KMF_RETURN kmf_hexstr_to_bytes(unsigned char *, unsigned char **, 29399ebb4caSwyllys size_t *); 29499ebb4caSwyllys 295431deaa0Shylee extern KMF_RETURN kmf_get_plugin_info(KMF_HANDLE_T, char *, 296431deaa0Shylee KMF_KEYSTORE_TYPE *, char **); 297431deaa0Shylee 298d00756ccSwyllys extern KMF_OID *kmf_ekuname_to_oid(char *); 299d00756ccSwyllys extern char *kmf_oid_to_ekuname(KMF_OID *); 300d00756ccSwyllys 30130a5e8faSwyllys #define KMF_CompareRDNs kmf_compare_rdns 30230a5e8faSwyllys 30399ebb4caSwyllys /* 30499ebb4caSwyllys * Memory cleanup operations 30599ebb4caSwyllys */ 30630a5e8faSwyllys extern void kmf_free_dn(KMF_X509_NAME *); 30730a5e8faSwyllys extern void kmf_free_kmf_cert(KMF_HANDLE_T, KMF_X509_DER_CERT *); 30830a5e8faSwyllys extern void kmf_free_data(KMF_DATA *); 30930a5e8faSwyllys extern void kmf_free_algoid(KMF_X509_ALGORITHM_IDENTIFIER *); 31030a5e8faSwyllys extern void kmf_free_extn(KMF_X509_EXTENSION *); 31130a5e8faSwyllys extern void kmf_free_tbs_csr(KMF_TBS_CSR *); 31230a5e8faSwyllys extern void kmf_free_signed_csr(KMF_CSR_DATA *); 31330a5e8faSwyllys extern void kmf_free_tbs_cert(KMF_X509_TBS_CERT *); 31430a5e8faSwyllys extern void kmf_free_signed_cert(KMF_X509_CERTIFICATE *); 31530a5e8faSwyllys extern void kmf_free_str(char *); 31630a5e8faSwyllys extern void kmf_free_eku(KMF_X509EXT_EKU *); 31730a5e8faSwyllys extern void kmf_free_spki(KMF_X509_SPKI *); 31830a5e8faSwyllys extern void kmf_free_kmf_key(KMF_HANDLE_T, KMF_KEY_HANDLE *); 31930a5e8faSwyllys extern void kmf_free_bigint(KMF_BIGINT *); 32030a5e8faSwyllys extern void kmf_free_raw_key(KMF_RAW_KEY_DATA *); 32130a5e8faSwyllys extern void kmf_free_raw_sym_key(KMF_RAW_SYM_KEY *); 32230a5e8faSwyllys extern void kmf_free_crl_dist_pts(KMF_X509EXT_CRLDISTPOINTS *); 32399ebb4caSwyllys 32499ebb4caSwyllys /* APIs for PKCS#11 token */ 32530a5e8faSwyllys extern KMF_RETURN kmf_pk11_token_lookup(KMF_HANDLE_T, char *, CK_SLOT_ID *); 326*47e946e7SWyllys Ingersoll extern KMF_RETURN kmf_pk11_init_token(KMF_HANDLE_T, 327*47e946e7SWyllys Ingersoll char *, char *, CK_UTF8CHAR_PTR, CK_ULONG); 32830a5e8faSwyllys extern KMF_RETURN kmf_set_token_pin(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 32930a5e8faSwyllys extern CK_SESSION_HANDLE kmf_get_pk11_handle(KMF_HANDLE_T); 33030a5e8faSwyllys 33130a5e8faSwyllys /* 33230a5e8faSwyllys * Attribute management routines. 33330a5e8faSwyllys */ 33430a5e8faSwyllys int kmf_find_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int); 33530a5e8faSwyllys void *kmf_get_attr_ptr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int); 33630a5e8faSwyllys KMF_RETURN kmf_get_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, void *, 33730a5e8faSwyllys uint32_t *); 33830a5e8faSwyllys KMF_RETURN kmf_get_string_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, char **); 33930a5e8faSwyllys KMF_RETURN kmf_set_attr(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, void *, uint32_t); 34030a5e8faSwyllys void kmf_set_attr_at_index(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, 34130a5e8faSwyllys void *, uint32_t); 34230a5e8faSwyllys 34330a5e8faSwyllys /* 34430a5e8faSwyllys * Legacy support only - do not use these APIs - they can be removed at any 34530a5e8faSwyllys * time. 34630a5e8faSwyllys */ 34730a5e8faSwyllys extern KMF_RETURN KMF_ConfigureKeystore(KMF_HANDLE_T, KMF_CONFIG_PARAMS *); 34830a5e8faSwyllys extern KMF_RETURN KMF_CreateCSRFile(KMF_DATA *, KMF_ENCODE_FORMAT, char *); 34930a5e8faSwyllys extern KMF_RETURN KMF_CreateKeypair(KMF_HANDLE_T, 35030a5e8faSwyllys KMF_CREATEKEYPAIR_PARAMS *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *); 35130a5e8faSwyllys extern KMF_RETURN KMF_DNParser(char *, KMF_X509_NAME *); 35230a5e8faSwyllys extern KMF_RETURN KMF_Finalize(KMF_HANDLE_T); 35330a5e8faSwyllys extern KMF_RETURN KMF_FindCert(KMF_HANDLE_T, KMF_FINDCERT_PARAMS *, 35430a5e8faSwyllys KMF_X509_DER_CERT *, uint32_t *); 35530a5e8faSwyllys extern KMF_RETURN KMF_FindKey(KMF_HANDLE_T, KMF_FINDKEY_PARAMS *, 35630a5e8faSwyllys KMF_KEY_HANDLE *, uint32_t *); 35730a5e8faSwyllys extern void KMF_FreeData(KMF_DATA *); 35830a5e8faSwyllys extern void KMF_FreeKMFCert(KMF_HANDLE_T, KMF_X509_DER_CERT *); 35930a5e8faSwyllys extern void KMF_FreeKMFKey(KMF_HANDLE_T, KMF_KEY_HANDLE *); 36030a5e8faSwyllys extern void KMF_FreeSignedCSR(KMF_CSR_DATA *); 36130a5e8faSwyllys extern KMF_RETURN KMF_GetCertIDString(const KMF_DATA *, char **); 36230a5e8faSwyllys extern KMF_RETURN KMF_GetCertIssuerNameString(KMF_HANDLE_T, 36330a5e8faSwyllys const KMF_DATA *, char **); 36430a5e8faSwyllys extern KMF_RETURN KMF_GetCertSubjectNameString(KMF_HANDLE_T, 36530a5e8faSwyllys const KMF_DATA *, char **); 36630a5e8faSwyllys extern KMF_RETURN KMF_GetKMFErrorString(KMF_RETURN, char **); 36730a5e8faSwyllys extern KMF_RETURN KMF_Initialize(KMF_HANDLE_T *, char *, char *); 36830a5e8faSwyllys extern KMF_RETURN KMF_ReadInputFile(KMF_HANDLE_T, char *, KMF_DATA *); 36930a5e8faSwyllys extern KMF_RETURN KMF_SetCSRPubKey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 37030a5e8faSwyllys KMF_CSR_DATA *); 37130a5e8faSwyllys extern KMF_RETURN KMF_SetCSRSignatureAlgorithm(KMF_CSR_DATA *, 37230a5e8faSwyllys KMF_ALGORITHM_INDEX); 37330a5e8faSwyllys extern KMF_RETURN KMF_SetCSRSubjectName(KMF_CSR_DATA *, KMF_X509_NAME *); 37430a5e8faSwyllys extern KMF_RETURN KMF_SetCSRVersion(KMF_CSR_DATA *, uint32_t); 37530a5e8faSwyllys extern KMF_RETURN KMF_SignCSR(KMF_HANDLE_T, const KMF_CSR_DATA *, 37630a5e8faSwyllys KMF_KEY_HANDLE *, KMF_DATA *); 37730a5e8faSwyllys extern KMF_RETURN KMF_SignDataWithKey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 37830a5e8faSwyllys KMF_OID *, KMF_DATA *, KMF_DATA *); 37930a5e8faSwyllys extern KMF_RETURN KMF_VerifyCertWithCert(KMF_HANDLE_T, const KMF_DATA *, 38030a5e8faSwyllys const KMF_DATA *); 38130a5e8faSwyllys extern KMF_RETURN KMF_VerifyDataWithCert(KMF_HANDLE_T, 38230a5e8faSwyllys KMF_KEYSTORE_TYPE, KMF_ALGORITHM_INDEX, KMF_DATA *, KMF_DATA *, 38330a5e8faSwyllys const KMF_DATA *); 38499ebb4caSwyllys 38599ebb4caSwyllys #ifdef __cplusplus 38699ebb4caSwyllys } 38799ebb4caSwyllys #endif 38899ebb4caSwyllys #endif /* _KMFAPI_H */ 389