199ebb4caSwyllys /* 299ebb4caSwyllys * CDDL HEADER START 399ebb4caSwyllys * 499ebb4caSwyllys * The contents of this file are subject to the terms of the 599ebb4caSwyllys * Common Development and Distribution License (the "License"). 699ebb4caSwyllys * You may not use this file except in compliance with the License. 799ebb4caSwyllys * 899ebb4caSwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 999ebb4caSwyllys * or http://www.opensolaris.org/os/licensing. 1099ebb4caSwyllys * See the License for the specific language governing permissions 1199ebb4caSwyllys * and limitations under the License. 1299ebb4caSwyllys * 1399ebb4caSwyllys * When distributing Covered Code, include this CDDL HEADER in each 1499ebb4caSwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 1599ebb4caSwyllys * If applicable, add the following below this CDDL HEADER, with the 1699ebb4caSwyllys * fields enclosed by brackets "[]" replaced with your own identifying 1799ebb4caSwyllys * information: Portions Copyright [yyyy] [name of copyright owner] 1899ebb4caSwyllys * 1999ebb4caSwyllys * CDDL HEADER END 2099ebb4caSwyllys */ 2199ebb4caSwyllys /* 22*d00756ccSwyllys * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 2399ebb4caSwyllys * Use is subject to license terms. 2499ebb4caSwyllys * 2599ebb4caSwyllys * 2699ebb4caSwyllys * Constant definitions and function prototypes for the KMF library. 2799ebb4caSwyllys * Commonly used data types are defined in "kmftypes.h". 2899ebb4caSwyllys */ 2999ebb4caSwyllys 3099ebb4caSwyllys #ifndef _KMFAPI_H 3199ebb4caSwyllys #define _KMFAPI_H 3299ebb4caSwyllys 3399ebb4caSwyllys #pragma ident "%Z%%M% %I% %E% SMI" 3499ebb4caSwyllys 3599ebb4caSwyllys #include <kmftypes.h> 3699ebb4caSwyllys #include <security/cryptoki.h> 3799ebb4caSwyllys 3899ebb4caSwyllys #ifdef __cplusplus 3999ebb4caSwyllys extern "C" { 4099ebb4caSwyllys #endif 4199ebb4caSwyllys 4299ebb4caSwyllys /* 4399ebb4caSwyllys * Setup operations. 4499ebb4caSwyllys */ 4530a5e8faSwyllys extern KMF_RETURN kmf_initialize(KMF_HANDLE_T *, char *, char *); 4630a5e8faSwyllys extern KMF_RETURN kmf_configure_keystore(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 4730a5e8faSwyllys extern KMF_RETURN kmf_finalize(KMF_HANDLE_T); 4899ebb4caSwyllys 4999ebb4caSwyllys /* 5099ebb4caSwyllys * Key operations. 5199ebb4caSwyllys */ 5230a5e8faSwyllys extern KMF_RETURN kmf_create_keypair(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5399ebb4caSwyllys 5430a5e8faSwyllys extern KMF_RETURN kmf_delete_key_from_keystore(KMF_HANDLE_T, int, 5530a5e8faSwyllys KMF_ATTRIBUTE *); 5699ebb4caSwyllys 5730a5e8faSwyllys extern KMF_RETURN kmf_find_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 5899ebb4caSwyllys 5930a5e8faSwyllys extern KMF_RETURN kmf_find_prikey_by_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6099ebb4caSwyllys 6130a5e8faSwyllys extern KMF_RETURN kmf_store_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6299ebb4caSwyllys 6330a5e8faSwyllys extern KMF_RETURN kmf_create_sym_key(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 6499ebb4caSwyllys 6530a5e8faSwyllys extern KMF_RETURN kmf_get_sym_key_value(KMF_HANDLE_T, KMF_KEY_HANDLE *, 6699ebb4caSwyllys KMF_RAW_SYM_KEY *); 6799ebb4caSwyllys 6899ebb4caSwyllys /* 6999ebb4caSwyllys * Certificate operations. 7099ebb4caSwyllys */ 7130a5e8faSwyllys extern KMF_RETURN kmf_find_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7299ebb4caSwyllys 7330a5e8faSwyllys extern KMF_RETURN kmf_encode_cert_record(KMF_X509_CERTIFICATE *, KMF_DATA *); 7402744e81Swyllys 7530a5e8faSwyllys extern KMF_RETURN kmf_import_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7699ebb4caSwyllys 7730a5e8faSwyllys extern KMF_RETURN kmf_store_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 7899ebb4caSwyllys 7930a5e8faSwyllys extern KMF_RETURN kmf_delete_cert_from_keystore(KMF_HANDLE_T, int, 8030a5e8faSwyllys KMF_ATTRIBUTE *); 8199ebb4caSwyllys 8230a5e8faSwyllys extern KMF_RETURN kmf_validate_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 8399ebb4caSwyllys 8430a5e8faSwyllys extern KMF_RETURN kmf_create_cert_file(const KMF_DATA *, KMF_ENCODE_FORMAT, 8530a5e8faSwyllys char *); 8699ebb4caSwyllys 8730a5e8faSwyllys extern KMF_RETURN kmf_download_cert(KMF_HANDLE_T, char *, char *, int, 8899ebb4caSwyllys unsigned int, char *, KMF_ENCODE_FORMAT *); 8999ebb4caSwyllys 90*d00756ccSwyllys extern KMF_RETURN kmf_is_cert_data(KMF_DATA *, KMF_ENCODE_FORMAT *); 9130a5e8faSwyllys extern KMF_RETURN kmf_is_cert_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *); 9230a5e8faSwyllys 9330a5e8faSwyllys extern KMF_RETURN kmf_check_cert_date(KMF_HANDLE_T, const KMF_DATA *); 9430a5e8faSwyllys 9530a5e8faSwyllys /* 9630a5e8faSwyllys * Crypto operations with key or cert. 9730a5e8faSwyllys */ 9830a5e8faSwyllys extern KMF_RETURN kmf_encrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 9930a5e8faSwyllys extern KMF_RETURN kmf_decrypt(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10030a5e8faSwyllys extern KMF_RETURN kmf_sign_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10130a5e8faSwyllys extern KMF_RETURN kmf_sign_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10230a5e8faSwyllys extern KMF_RETURN kmf_verify_cert(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10330a5e8faSwyllys extern KMF_RETURN kmf_verify_data(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10499ebb4caSwyllys 10599ebb4caSwyllys /* 10699ebb4caSwyllys * CRL operations. 10799ebb4caSwyllys */ 10830a5e8faSwyllys extern KMF_RETURN kmf_import_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 10930a5e8faSwyllys extern KMF_RETURN kmf_delete_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11030a5e8faSwyllys extern KMF_RETURN kmf_list_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11130a5e8faSwyllys extern KMF_RETURN kmf_find_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11230a5e8faSwyllys extern KMF_RETURN kmf_find_cert_in_crl(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 11330a5e8faSwyllys extern KMF_RETURN kmf_verify_crl_file(KMF_HANDLE_T, char *, KMF_DATA *); 11430a5e8faSwyllys extern KMF_RETURN kmf_check_crl_date(KMF_HANDLE_T, char *); 11530a5e8faSwyllys extern KMF_RETURN kmf_download_crl(KMF_HANDLE_T, char *, char *, 11699ebb4caSwyllys int, unsigned int, char *, KMF_ENCODE_FORMAT *); 11730a5e8faSwyllys extern KMF_RETURN kmf_is_crl_file(KMF_HANDLE_T, char *, KMF_ENCODE_FORMAT *); 11899ebb4caSwyllys 11999ebb4caSwyllys /* 12099ebb4caSwyllys * CSR operations. 12199ebb4caSwyllys */ 12230a5e8faSwyllys extern KMF_RETURN kmf_create_csr_file(KMF_DATA *, KMF_ENCODE_FORMAT, char *); 12330a5e8faSwyllys extern KMF_RETURN kmf_set_csr_pubkey(KMF_HANDLE_T, 12499ebb4caSwyllys KMF_KEY_HANDLE *, KMF_CSR_DATA *); 12530a5e8faSwyllys extern KMF_RETURN kmf_set_csr_version(KMF_CSR_DATA *, uint32_t); 12630a5e8faSwyllys extern KMF_RETURN kmf_set_csr_subject(KMF_CSR_DATA *, KMF_X509_NAME *); 12730a5e8faSwyllys extern KMF_RETURN kmf_set_csr_extn(KMF_CSR_DATA *, KMF_X509_EXTENSION *); 12830a5e8faSwyllys extern KMF_RETURN kmf_set_csr_sig_alg(KMF_CSR_DATA *, KMF_ALGORITHM_INDEX); 12930a5e8faSwyllys extern KMF_RETURN kmf_set_csr_subject_altname(KMF_CSR_DATA *, char *, 13099ebb4caSwyllys int, KMF_GENERALNAMECHOICES); 13130a5e8faSwyllys extern KMF_RETURN kmf_set_csr_ku(KMF_CSR_DATA *, int, uint16_t); 132*d00756ccSwyllys extern KMF_RETURN kmf_decode_csr(KMF_HANDLE_T, KMF_DATA *, KMF_CSR_DATA *); 133*d00756ccSwyllys extern KMF_RETURN kmf_verify_csr(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 13430a5e8faSwyllys extern KMF_RETURN kmf_sign_csr(KMF_HANDLE_T, const KMF_CSR_DATA *, 13599ebb4caSwyllys KMF_KEY_HANDLE *, KMF_DATA *); 136*d00756ccSwyllys extern KMF_RETURN kmf_add_csr_eku(KMF_CSR_DATA *, KMF_OID *, int); 13799ebb4caSwyllys 13899ebb4caSwyllys /* 13999ebb4caSwyllys * GetCert operations. 14099ebb4caSwyllys */ 14130a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extn(const KMF_DATA *, KMF_OID *, 14299ebb4caSwyllys KMF_X509_EXTENSION *); 14399ebb4caSwyllys 14430a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extns(const KMF_DATA *, KMF_FLAG_CERT_EXTN, 14599ebb4caSwyllys KMF_X509_EXTENSION **, int *); 14699ebb4caSwyllys 14730a5e8faSwyllys extern KMF_RETURN kmf_get_cert_ku(const KMF_DATA *, KMF_X509EXT_KEY_USAGE *); 14899ebb4caSwyllys 14930a5e8faSwyllys extern KMF_RETURN kmf_get_cert_eku(const KMF_DATA *, KMF_X509EXT_EKU *); 15099ebb4caSwyllys 15130a5e8faSwyllys extern KMF_RETURN kmf_get_cert_basic_constraint(const KMF_DATA *, 15299ebb4caSwyllys KMF_BOOL *, KMF_X509EXT_BASICCONSTRAINTS *); 15399ebb4caSwyllys 15430a5e8faSwyllys extern KMF_RETURN kmf_get_cert_policies(const KMF_DATA *, 15599ebb4caSwyllys KMF_BOOL *, KMF_X509EXT_CERT_POLICIES *); 15699ebb4caSwyllys 15730a5e8faSwyllys extern KMF_RETURN kmf_get_cert_auth_info_access(const KMF_DATA *, 15899ebb4caSwyllys KMF_X509EXT_AUTHINFOACCESS *); 15999ebb4caSwyllys 16030a5e8faSwyllys extern KMF_RETURN kmf_get_cert_crl_dist_pts(const KMF_DATA *, 16199ebb4caSwyllys KMF_X509EXT_CRLDISTPOINTS *); 16299ebb4caSwyllys 16330a5e8faSwyllys extern KMF_RETURN kmf_get_cert_version_str(KMF_HANDLE_T, const KMF_DATA *, 16499ebb4caSwyllys char **); 16599ebb4caSwyllys 16630a5e8faSwyllys extern KMF_RETURN kmf_get_cert_subject_str(KMF_HANDLE_T, const KMF_DATA *, 16799ebb4caSwyllys char **); 16899ebb4caSwyllys 16930a5e8faSwyllys extern KMF_RETURN kmf_get_cert_issuer_str(KMF_HANDLE_T, const KMF_DATA *, 17030a5e8faSwyllys char **); 17199ebb4caSwyllys 17230a5e8faSwyllys extern KMF_RETURN kmf_get_cert_serial_str(KMF_HANDLE_T, const KMF_DATA *, 17330a5e8faSwyllys char **); 17499ebb4caSwyllys 17530a5e8faSwyllys extern KMF_RETURN kmf_get_cert_start_date_str(KMF_HANDLE_T, const KMF_DATA *, 17630a5e8faSwyllys char **); 17799ebb4caSwyllys 17830a5e8faSwyllys extern KMF_RETURN kmf_get_cert_end_date_str(KMF_HANDLE_T, const KMF_DATA *, 17930a5e8faSwyllys char **); 18099ebb4caSwyllys 18130a5e8faSwyllys extern KMF_RETURN kmf_get_cert_pubkey_alg_str(KMF_HANDLE_T, const KMF_DATA *, 18230a5e8faSwyllys char **); 18399ebb4caSwyllys 18430a5e8faSwyllys extern KMF_RETURN kmf_get_cert_sig_alg_str(KMF_HANDLE_T, const KMF_DATA *, 18530a5e8faSwyllys char **); 18699ebb4caSwyllys 18730a5e8faSwyllys extern KMF_RETURN kmf_get_cert_pubkey_str(KMF_HANDLE_T, const KMF_DATA *, 18830a5e8faSwyllys char **); 18930a5e8faSwyllys 19030a5e8faSwyllys extern KMF_RETURN kmf_get_cert_email_str(KMF_HANDLE_T, const KMF_DATA *, 19130a5e8faSwyllys char **); 19230a5e8faSwyllys 19330a5e8faSwyllys extern KMF_RETURN kmf_get_cert_extn_str(KMF_HANDLE_T, const KMF_DATA *, 19499ebb4caSwyllys KMF_PRINTABLE_ITEM, char **); 19599ebb4caSwyllys 19630a5e8faSwyllys extern KMF_RETURN kmf_get_cert_id_data(const KMF_DATA *, KMF_DATA *); 19730a5e8faSwyllys 19830a5e8faSwyllys extern KMF_RETURN kmf_get_cert_id_str(const KMF_DATA *, char **); 19930a5e8faSwyllys 20030a5e8faSwyllys extern KMF_RETURN kmf_get_cert_validity(const KMF_DATA *, time_t *, time_t *); 20130a5e8faSwyllys 20299ebb4caSwyllys 20399ebb4caSwyllys /* 20499ebb4caSwyllys * SetCert operations 20599ebb4caSwyllys */ 20630a5e8faSwyllys extern KMF_RETURN kmf_set_cert_pubkey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 20799ebb4caSwyllys KMF_X509_CERTIFICATE *); 20899ebb4caSwyllys 20930a5e8faSwyllys extern KMF_RETURN kmf_set_cert_subject(KMF_X509_CERTIFICATE *, 21099ebb4caSwyllys KMF_X509_NAME *); 21199ebb4caSwyllys 21230a5e8faSwyllys extern KMF_RETURN kmf_set_cert_ku(KMF_X509_CERTIFICATE *, int, uint16_t); 21399ebb4caSwyllys 21430a5e8faSwyllys extern KMF_RETURN kmf_set_cert_issuer(KMF_X509_CERTIFICATE *, 21599ebb4caSwyllys KMF_X509_NAME *); 21699ebb4caSwyllys 21730a5e8faSwyllys extern KMF_RETURN kmf_set_cert_sig_alg(KMF_X509_CERTIFICATE *, 21899ebb4caSwyllys KMF_ALGORITHM_INDEX); 21999ebb4caSwyllys 22030a5e8faSwyllys extern KMF_RETURN kmf_set_cert_validity(KMF_X509_CERTIFICATE *, 22199ebb4caSwyllys time_t, uint32_t); 22299ebb4caSwyllys 22330a5e8faSwyllys extern KMF_RETURN kmf_set_cert_serial(KMF_X509_CERTIFICATE *, 22499ebb4caSwyllys KMF_BIGINT *); 22599ebb4caSwyllys 22630a5e8faSwyllys extern KMF_RETURN kmf_set_cert_version(KMF_X509_CERTIFICATE *, uint32_t); 22799ebb4caSwyllys 22830a5e8faSwyllys extern KMF_RETURN kmf_set_cert_issuer_altname(KMF_X509_CERTIFICATE *, 22999ebb4caSwyllys int, KMF_GENERALNAMECHOICES, char *); 23099ebb4caSwyllys 23130a5e8faSwyllys extern KMF_RETURN kmf_set_cert_subject_altname(KMF_X509_CERTIFICATE *, 23299ebb4caSwyllys int, KMF_GENERALNAMECHOICES, char *); 23399ebb4caSwyllys 23430a5e8faSwyllys extern KMF_RETURN kmf_add_cert_eku(KMF_X509_CERTIFICATE *, KMF_OID *, int); 23599ebb4caSwyllys 23630a5e8faSwyllys extern KMF_RETURN kmf_set_cert_extn(KMF_X509_CERTIFICATE *, 23799ebb4caSwyllys KMF_X509_EXTENSION *); 23899ebb4caSwyllys 23930a5e8faSwyllys extern KMF_RETURN kmf_set_cert_basic_constraint(KMF_X509_CERTIFICATE *, 24099ebb4caSwyllys KMF_BOOL, KMF_X509EXT_BASICCONSTRAINTS *); 24199ebb4caSwyllys 24230a5e8faSwyllys 24330a5e8faSwyllys /* 24430a5e8faSwyllys * PK12 operations 24530a5e8faSwyllys */ 24630a5e8faSwyllys extern KMF_RETURN kmf_export_pk12(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 24730a5e8faSwyllys 24830a5e8faSwyllys extern KMF_RETURN kmf_build_pk12(KMF_HANDLE_T, int, KMF_X509_DER_CERT *, 24930a5e8faSwyllys int, KMF_KEY_HANDLE *, KMF_CREDENTIAL *, char *); 25030a5e8faSwyllys 25130a5e8faSwyllys extern KMF_RETURN kmf_import_objects(KMF_HANDLE_T, char *, KMF_CREDENTIAL *, 2525b3e1433Swyllys KMF_X509_DER_CERT **, int *, KMF_RAW_KEY_DATA **, int *); 25399ebb4caSwyllys 25499ebb4caSwyllys /* 25530a5e8faSwyllys * OCSP operations 25699ebb4caSwyllys */ 25730a5e8faSwyllys extern KMF_RETURN kmf_get_ocsp_for_cert(KMF_HANDLE_T, KMF_DATA *, KMF_DATA *, 25899ebb4caSwyllys KMF_DATA *); 25999ebb4caSwyllys 26030a5e8faSwyllys extern KMF_RETURN kmf_create_ocsp_request(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 26199ebb4caSwyllys 26230a5e8faSwyllys extern KMF_RETURN kmf_get_encoded_ocsp_response(KMF_HANDLE_T, char *, 26330a5e8faSwyllys char *, int, char *, int, char *, unsigned int); 26499ebb4caSwyllys 26530a5e8faSwyllys extern KMF_RETURN kmf_get_ocsp_status_for_cert(KMF_HANDLE_T, int, 26630a5e8faSwyllys KMF_ATTRIBUTE *); 26799ebb4caSwyllys 26899ebb4caSwyllys /* 26999ebb4caSwyllys * Policy Operations 27099ebb4caSwyllys */ 27130a5e8faSwyllys extern KMF_RETURN kmf_set_policy(KMF_HANDLE_T, char *, char *); 27299ebb4caSwyllys 27399ebb4caSwyllys /* 27499ebb4caSwyllys * Error handling. 27599ebb4caSwyllys */ 27630a5e8faSwyllys extern KMF_RETURN kmf_get_plugin_error_str(KMF_HANDLE_T, char **); 27730a5e8faSwyllys extern KMF_RETURN kmf_get_kmf_error_str(KMF_RETURN, char **); 27899ebb4caSwyllys 27999ebb4caSwyllys /* 28099ebb4caSwyllys * Miscellaneous 28199ebb4caSwyllys */ 28230a5e8faSwyllys extern KMF_RETURN kmf_dn_parser(char *, KMF_X509_NAME *); 28330a5e8faSwyllys extern KMF_RETURN kmf_read_input_file(KMF_HANDLE_T, char *, KMF_DATA *); 28430a5e8faSwyllys extern KMF_RETURN kmf_der_to_pem(KMF_OBJECT_TYPE, unsigned char *, 28599ebb4caSwyllys int, unsigned char **, int *); 28630a5e8faSwyllys extern KMF_RETURN kmf_pem_to_der(unsigned char *, int, unsigned char **, int *); 28730a5e8faSwyllys extern char *kmf_oid_to_string(KMF_OID *); 28830a5e8faSwyllys extern KMF_RETURN kmf_string_to_oid(char *, KMF_OID *); 28930a5e8faSwyllys extern int kmf_compare_rdns(KMF_X509_NAME *, KMF_X509_NAME *); 290*d00756ccSwyllys extern KMF_RETURN kmf_get_data_format(KMF_DATA *, KMF_ENCODE_FORMAT *); 29130a5e8faSwyllys extern KMF_RETURN kmf_get_file_format(char *, KMF_ENCODE_FORMAT *); 29230a5e8faSwyllys extern uint32_t kmf_string_to_ku(char *); 29330a5e8faSwyllys extern char *kmf_ku_to_string(uint32_t); 29430a5e8faSwyllys extern KMF_RETURN kmf_hexstr_to_bytes(unsigned char *, unsigned char **, 29599ebb4caSwyllys size_t *); 29699ebb4caSwyllys 297431deaa0Shylee extern KMF_RETURN kmf_get_plugin_info(KMF_HANDLE_T, char *, 298431deaa0Shylee KMF_KEYSTORE_TYPE *, char **); 299431deaa0Shylee 300*d00756ccSwyllys extern KMF_OID *kmf_ekuname_to_oid(char *); 301*d00756ccSwyllys extern char *kmf_oid_to_ekuname(KMF_OID *); 302*d00756ccSwyllys 30330a5e8faSwyllys #define KMF_CompareRDNs kmf_compare_rdns 30430a5e8faSwyllys 30599ebb4caSwyllys /* 30699ebb4caSwyllys * Memory cleanup operations 30799ebb4caSwyllys */ 30830a5e8faSwyllys extern void kmf_free_dn(KMF_X509_NAME *); 30930a5e8faSwyllys extern void kmf_free_kmf_cert(KMF_HANDLE_T, KMF_X509_DER_CERT *); 31030a5e8faSwyllys extern void kmf_free_data(KMF_DATA *); 31130a5e8faSwyllys extern void kmf_free_algoid(KMF_X509_ALGORITHM_IDENTIFIER *); 31230a5e8faSwyllys extern void kmf_free_extn(KMF_X509_EXTENSION *); 31330a5e8faSwyllys extern void kmf_free_tbs_csr(KMF_TBS_CSR *); 31430a5e8faSwyllys extern void kmf_free_signed_csr(KMF_CSR_DATA *); 31530a5e8faSwyllys extern void kmf_free_tbs_cert(KMF_X509_TBS_CERT *); 31630a5e8faSwyllys extern void kmf_free_signed_cert(KMF_X509_CERTIFICATE *); 31730a5e8faSwyllys extern void kmf_free_str(char *); 31830a5e8faSwyllys extern void kmf_free_eku(KMF_X509EXT_EKU *); 31930a5e8faSwyllys extern void kmf_free_spki(KMF_X509_SPKI *); 32030a5e8faSwyllys extern void kmf_free_kmf_key(KMF_HANDLE_T, KMF_KEY_HANDLE *); 32130a5e8faSwyllys extern void kmf_free_bigint(KMF_BIGINT *); 32230a5e8faSwyllys extern void kmf_free_raw_key(KMF_RAW_KEY_DATA *); 32330a5e8faSwyllys extern void kmf_free_raw_sym_key(KMF_RAW_SYM_KEY *); 32430a5e8faSwyllys extern void kmf_free_crl_dist_pts(KMF_X509EXT_CRLDISTPOINTS *); 32599ebb4caSwyllys 32699ebb4caSwyllys /* APIs for PKCS#11 token */ 32730a5e8faSwyllys extern KMF_RETURN kmf_pk11_token_lookup(KMF_HANDLE_T, char *, CK_SLOT_ID *); 32830a5e8faSwyllys extern KMF_RETURN kmf_set_token_pin(KMF_HANDLE_T, int, KMF_ATTRIBUTE *); 32930a5e8faSwyllys extern CK_SESSION_HANDLE kmf_get_pk11_handle(KMF_HANDLE_T); 33030a5e8faSwyllys 33130a5e8faSwyllys /* 33230a5e8faSwyllys * Attribute management routines. 33330a5e8faSwyllys */ 33430a5e8faSwyllys int kmf_find_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int); 33530a5e8faSwyllys void *kmf_get_attr_ptr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int); 33630a5e8faSwyllys KMF_RETURN kmf_get_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, void *, 33730a5e8faSwyllys uint32_t *); 33830a5e8faSwyllys KMF_RETURN kmf_get_string_attr(KMF_ATTR_TYPE, KMF_ATTRIBUTE *, int, char **); 33930a5e8faSwyllys KMF_RETURN kmf_set_attr(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, void *, uint32_t); 34030a5e8faSwyllys void kmf_set_attr_at_index(KMF_ATTRIBUTE *, int, KMF_ATTR_TYPE, 34130a5e8faSwyllys void *, uint32_t); 34230a5e8faSwyllys 34330a5e8faSwyllys /* 34430a5e8faSwyllys * Legacy support only - do not use these APIs - they can be removed at any 34530a5e8faSwyllys * time. 34630a5e8faSwyllys */ 34730a5e8faSwyllys extern KMF_RETURN KMF_ConfigureKeystore(KMF_HANDLE_T, KMF_CONFIG_PARAMS *); 34830a5e8faSwyllys extern KMF_RETURN KMF_CreateCSRFile(KMF_DATA *, KMF_ENCODE_FORMAT, char *); 34930a5e8faSwyllys extern KMF_RETURN KMF_CreateKeypair(KMF_HANDLE_T, 35030a5e8faSwyllys KMF_CREATEKEYPAIR_PARAMS *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *); 35130a5e8faSwyllys extern KMF_RETURN KMF_DNParser(char *, KMF_X509_NAME *); 35230a5e8faSwyllys extern KMF_RETURN KMF_Finalize(KMF_HANDLE_T); 35330a5e8faSwyllys extern KMF_RETURN KMF_FindCert(KMF_HANDLE_T, KMF_FINDCERT_PARAMS *, 35430a5e8faSwyllys KMF_X509_DER_CERT *, uint32_t *); 35530a5e8faSwyllys extern KMF_RETURN KMF_FindKey(KMF_HANDLE_T, KMF_FINDKEY_PARAMS *, 35630a5e8faSwyllys KMF_KEY_HANDLE *, uint32_t *); 35730a5e8faSwyllys extern void KMF_FreeData(KMF_DATA *); 35830a5e8faSwyllys extern void KMF_FreeKMFCert(KMF_HANDLE_T, KMF_X509_DER_CERT *); 35930a5e8faSwyllys extern void KMF_FreeKMFKey(KMF_HANDLE_T, KMF_KEY_HANDLE *); 36030a5e8faSwyllys extern void KMF_FreeSignedCSR(KMF_CSR_DATA *); 36130a5e8faSwyllys extern KMF_RETURN KMF_GetCertIDString(const KMF_DATA *, char **); 36230a5e8faSwyllys extern KMF_RETURN KMF_GetCertIssuerNameString(KMF_HANDLE_T, 36330a5e8faSwyllys const KMF_DATA *, char **); 36430a5e8faSwyllys extern KMF_RETURN KMF_GetCertSubjectNameString(KMF_HANDLE_T, 36530a5e8faSwyllys const KMF_DATA *, char **); 36630a5e8faSwyllys extern KMF_RETURN KMF_GetKMFErrorString(KMF_RETURN, char **); 36730a5e8faSwyllys extern KMF_RETURN KMF_Initialize(KMF_HANDLE_T *, char *, char *); 36830a5e8faSwyllys extern KMF_RETURN KMF_ReadInputFile(KMF_HANDLE_T, char *, KMF_DATA *); 36930a5e8faSwyllys extern KMF_RETURN KMF_SetCSRPubKey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 37030a5e8faSwyllys KMF_CSR_DATA *); 37130a5e8faSwyllys extern KMF_RETURN KMF_SetCSRSignatureAlgorithm(KMF_CSR_DATA *, 37230a5e8faSwyllys KMF_ALGORITHM_INDEX); 37330a5e8faSwyllys extern KMF_RETURN KMF_SetCSRSubjectName(KMF_CSR_DATA *, KMF_X509_NAME *); 37430a5e8faSwyllys extern KMF_RETURN KMF_SetCSRVersion(KMF_CSR_DATA *, uint32_t); 37530a5e8faSwyllys extern KMF_RETURN KMF_SignCSR(KMF_HANDLE_T, const KMF_CSR_DATA *, 37630a5e8faSwyllys KMF_KEY_HANDLE *, KMF_DATA *); 37730a5e8faSwyllys extern KMF_RETURN KMF_SignDataWithKey(KMF_HANDLE_T, KMF_KEY_HANDLE *, 37830a5e8faSwyllys KMF_OID *, KMF_DATA *, KMF_DATA *); 37930a5e8faSwyllys extern KMF_RETURN KMF_VerifyCertWithCert(KMF_HANDLE_T, const KMF_DATA *, 38030a5e8faSwyllys const KMF_DATA *); 38130a5e8faSwyllys extern KMF_RETURN KMF_VerifyDataWithCert(KMF_HANDLE_T, 38230a5e8faSwyllys KMF_KEYSTORE_TYPE, KMF_ALGORITHM_INDEX, KMF_DATA *, KMF_DATA *, 38330a5e8faSwyllys const KMF_DATA *); 38499ebb4caSwyllys 38599ebb4caSwyllys #ifdef __cplusplus 38699ebb4caSwyllys } 38799ebb4caSwyllys #endif 38899ebb4caSwyllys #endif /* _KMFAPI_H */ 389