xref: /titanic_51/usr/src/uts/common/sys/crypto/api.h (revision 8eea8e29cc4374d1ee24c25a07f45af132db3499)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef	_SYS_CRYPTO_API_H
28 #define	_SYS_CRYPTO_API_H
29 
30 #pragma ident	"%Z%%M%	%I%	%E% SMI"
31 
32 #ifdef	__cplusplus
33 extern "C" {
34 #endif
35 
36 #include <sys/types.h>
37 #include <sys/crypto/common.h>
38 
39 #ifdef	_KERNEL
40 
41 
42 typedef long crypto_req_id_t;
43 typedef void *crypto_bc_t;
44 typedef void *crypto_context_t;
45 typedef void *crypto_ctx_template_t;
46 
47 typedef uint32_t crypto_call_flag_t;
48 
49 /* crypto_call_flag's values */
50 #define	CRYPTO_ALWAYS_QUEUE	0x00000001	/* ALWAYS queue the req. */
51 #define	CRYPTO_NOTIFY_OPDONE	0x00000002	/* Notify intermediate steps */
52 #define	CRYPTO_SKIP_REQID	0x00000004	/* Skip request ID generation */
53 #define	CRYPTO_RESTRICTED	0x00000008	/* cannot use restricted prov */
54 
55 typedef struct {
56 	crypto_call_flag_t	cr_flag;
57 	void			(*cr_callback_func)(void *, int);
58 	void			*cr_callback_arg;
59 	crypto_req_id_t		cr_reqid;
60 } crypto_call_req_t;
61 
62 /*
63  * Returns the mechanism type corresponding to a mechanism name.
64  */
65 
66 #define	CRYPTO_MECH_INVALID	((uint64_t)-1)
67 extern crypto_mech_type_t crypto_mech2id(crypto_mech_name_t name);
68 
69 /*
70  * Create and destroy context templates.
71  */
72 extern int crypto_create_ctx_template(crypto_mechanism_t *mech,
73     crypto_key_t *key, crypto_ctx_template_t *tmpl, int kmflag);
74 extern void crypto_destroy_ctx_template(crypto_ctx_template_t tmpl);
75 
76 /*
77  * Single and multi-part digest operations.
78  */
79 extern int crypto_digest(crypto_mechanism_t *mech, crypto_data_t *data,
80     crypto_data_t *digest, crypto_call_req_t *cr);
81 extern int crypto_digest_init(crypto_mechanism_t *mech, crypto_context_t *ctxp,
82     crypto_call_req_t *cr);
83 extern int crypto_digest_update(crypto_context_t ctx, crypto_data_t *data,
84     crypto_call_req_t *cr);
85 extern int crypto_digest_final(crypto_context_t ctx, crypto_data_t *digest,
86     crypto_call_req_t *cr);
87 
88 /*
89  * Single and multi-part MAC operations.
90  */
91 extern int crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data,
92     crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac,
93     crypto_call_req_t *cr);
94 extern int crypto_mac_verify(crypto_mechanism_t *mech, crypto_data_t *data,
95     crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac,
96     crypto_call_req_t *cr);
97 extern int crypto_mac_init(crypto_mechanism_t *mech, crypto_key_t *key,
98     crypto_ctx_template_t tmpl, crypto_context_t *ctxp, crypto_call_req_t *cr);
99 extern int crypto_mac_update(crypto_context_t ctx, crypto_data_t *data,
100     crypto_call_req_t *cr);
101 extern int crypto_mac_final(crypto_context_t ctx, crypto_data_t *data,
102     crypto_call_req_t *cr);
103 
104 /*
105  * Single and multi-part sign with private key operations.
106  */
107 extern int crypto_sign(crypto_mechanism_t *mech, crypto_key_t *key,
108     crypto_data_t *data, crypto_ctx_template_t tmpl,
109     crypto_data_t *signature, crypto_call_req_t *cr);
110 extern int crypto_sign_init(crypto_mechanism_t *mech, crypto_key_t *key,
111     crypto_ctx_template_t tmpl, crypto_context_t *ctxp, crypto_call_req_t *cr);
112 extern int crypto_sign_update(crypto_context_t ctx, crypto_data_t *data,
113     crypto_call_req_t *cr);
114 extern int crypto_sign_final(crypto_context_t ctx, crypto_data_t *signature,
115     crypto_call_req_t *cr);
116 extern int crypto_sign_recover(crypto_mechanism_t *mech, crypto_key_t *key,
117     crypto_data_t *data, crypto_ctx_template_t tmpl, crypto_data_t *signature,
118     crypto_call_req_t *cr);
119 
120 /*
121  * Single and multi-part verify with public key operations.
122  */
123 extern int crypto_verify(crypto_mechanism_t *mech, crypto_key_t *key,
124     crypto_data_t *data, crypto_ctx_template_t tmpl, crypto_data_t *signature,
125     crypto_call_req_t *cr);
126 extern int crypto_verify_init(crypto_mechanism_t *mech, crypto_key_t *key,
127     crypto_ctx_template_t tmpl, crypto_context_t *ctxp, crypto_call_req_t *cr);
128 extern int crypto_verify_update(crypto_context_t ctx, crypto_data_t *data,
129     crypto_call_req_t *cr);
130 extern int crypto_verify_final(crypto_context_t ctx, crypto_data_t *signature,
131     crypto_call_req_t *cr);
132 extern int crypto_verify_recover(crypto_mechanism_t *mech, crypto_key_t *key,
133     crypto_data_t *signature, crypto_ctx_template_t tmpl, crypto_data_t *data,
134     crypto_call_req_t *cr);
135 
136 /*
137  * Single and multi-part encryption operations.
138  */
139 extern int crypto_encrypt(crypto_mechanism_t *mech, crypto_data_t *plaintext,
140     crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *ciphertext,
141     crypto_call_req_t *cr);
142 extern int crypto_encrypt_init(crypto_mechanism_t *mech, crypto_key_t *key,
143     crypto_ctx_template_t tmpl, crypto_context_t *ctxp, crypto_call_req_t *cr);
144 extern int crypto_encrypt_update(crypto_context_t ctx,
145     crypto_data_t *plaintext, crypto_data_t *ciphertext,
146     crypto_call_req_t *cr);
147 extern int crypto_encrypt_final(crypto_context_t ctx,
148     crypto_data_t *ciphertext, crypto_call_req_t *cr);
149 
150 /*
151  * Single and multi-part decryption operations.
152  */
153 extern int crypto_decrypt(crypto_mechanism_t *mech, crypto_data_t *ciphertext,
154     crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *plaintext,
155     crypto_call_req_t *cr);
156 extern int crypto_decrypt_init(crypto_mechanism_t *mech, crypto_key_t *key,
157     crypto_ctx_template_t tmpl, crypto_context_t *ctxp,
158     crypto_call_req_t *cr);
159 extern int crypto_decrypt_update(crypto_context_t ctx,
160     crypto_data_t *ciphertext, crypto_data_t *plaintext,
161     crypto_call_req_t *cr);
162 extern int crypto_decrypt_final(crypto_context_t ctx, crypto_data_t *plaintext,
163     crypto_call_req_t *cr);
164 
165 /*
166  * Single and multi-part encrypt/MAC dual operations.
167  */
168 extern int crypto_encrypt_mac(crypto_mechanism_t *encr_mech,
169     crypto_mechanism_t *mac_mech, crypto_data_t *pt,
170     crypto_key_t *encr_key, crypto_key_t *mac_key,
171     crypto_ctx_template_t encr_tmpl, crypto_ctx_template_t mac_tmpl,
172     crypto_dual_data_t *ct, crypto_data_t *mac, crypto_call_req_t *cr);
173 extern int crypto_encrypt_mac_init(crypto_mechanism_t *encr_mech,
174     crypto_mechanism_t *mac_mech, crypto_key_t *encr_key,
175     crypto_key_t *mac_key, crypto_ctx_template_t encr_tmpl,
176     crypto_ctx_template_t mac_tmpl, crypto_context_t *ctxp,
177     crypto_call_req_t *cr);
178 extern int crypto_encrypt_mac_update(crypto_context_t ctx,
179     crypto_data_t *pt, crypto_dual_data_t *ct, crypto_call_req_t *cr);
180 extern int crypto_encrypt_mac_final(crypto_context_t ctx,
181     crypto_dual_data_t *ct, crypto_data_t *mac, crypto_call_req_t *cr);
182 
183 /*
184  * Single and multi-part MAC/decrypt dual operations.
185  */
186 extern int crypto_mac_decrypt(crypto_mechanism_t *mac_mech,
187     crypto_mechanism_t *decr_mech, crypto_dual_data_t *ct,
188     crypto_key_t *mac_key, crypto_key_t *decr_key,
189     crypto_ctx_template_t mac_tmpl, crypto_ctx_template_t decr_tmpl,
190     crypto_data_t *mac, crypto_data_t *pt, crypto_call_req_t *cr);
191 extern int crypto_mac_verify_decrypt(crypto_mechanism_t *mac_mech,
192     crypto_mechanism_t *decr_mech, crypto_dual_data_t *ct,
193     crypto_key_t *mac_key, crypto_key_t *decr_key,
194     crypto_ctx_template_t mac_tmpl, crypto_ctx_template_t decr_tmpl,
195     crypto_data_t *mac, crypto_data_t *pt, crypto_call_req_t *cr);
196 extern int crypto_mac_decrypt_init(crypto_mechanism_t *mac_mech,
197     crypto_mechanism_t *decr_mech, crypto_key_t *mac_key,
198     crypto_key_t *decr_key, crypto_ctx_template_t mac_tmpl,
199     crypto_ctx_template_t decr_tmpl, crypto_context_t *ctxp,
200     crypto_call_req_t *cr);
201 extern int crypto_mac_decrypt_update(crypto_context_t ctx,
202     crypto_dual_data_t *ct, crypto_data_t *pt, crypto_call_req_t *cr);
203 extern int crypto_mac_decrypt_final(crypto_context_t ctx, crypto_data_t *mac,
204     crypto_data_t *pt, crypto_call_req_t *cr);
205 
206 /*
207  * Routines to cancel a single asynchronous request or all asynchronous
208  * requests associated with a particular context.
209  */
210 extern void crypto_cancel_req(crypto_req_id_t req);
211 extern void crypto_cancel_ctx(crypto_context_t ctx);
212 
213 /*
214  * crypto_get_mech_list(9F) allocates and returns the list of currently
215  * supported cryptographic mechanisms.
216  */
217 extern crypto_mech_name_t *crypto_get_mech_list(uint_t *count, int kmflag);
218 extern void crypto_free_mech_list(crypto_mech_name_t *mech_names,
219     uint_t count);
220 
221 /*
222  * A kernel consumer can request to be notified when some particular event
223  * occurs. The valid events, callback function type, and functions to
224  * be called to register or unregister for notification are defined below.
225  */
226 
227 #define	CRYPTO_EVENT_PROVIDERS_CHANGE	0x00000001
228 
229 typedef enum crypto_provider_type {
230 	CRYPTO_EVENT_CHANGE_ADDED = 1,
231 	CRYPTO_EVENT_CHANGE_REMOVED
232 } crypto_event_change_t;
233 
234 /* The event_arg argument structure for CRYPTO_EVENT_PROVIDERS_CHANGE event */
235 typedef struct crypto_notify_event_change {
236 	crypto_mech_name_t ec_mech_name;
237 	crypto_provider_type_t ec_provider_type;
238 	crypto_event_change_t ec_change;
239 } crypto_notify_event_change_t;
240 
241 typedef void *crypto_notify_handle_t;
242 typedef void (*crypto_notify_callback_t)(uint32_t event_mask, void *event_arg);
243 
244 extern crypto_notify_handle_t crypto_notify_events(
245     crypto_notify_callback_t nf, uint32_t event_mask);
246 extern void crypto_unnotify_events(crypto_notify_handle_t);
247 
248 /*
249  * crypto_bufcall(9F) group of routines.
250  */
251 extern crypto_bc_t crypto_bufcall_alloc(void);
252 extern int crypto_bufcall_free(crypto_bc_t bc);
253 extern int crypto_bufcall(crypto_bc_t bc, void (*func)(void *arg), void *arg);
254 extern int crypto_unbufcall(crypto_bc_t bc);
255 
256 extern int crypto_key_check(crypto_mechanism_t *mech, crypto_key_t *key);
257 
258 /*
259  * To obtain the list of key size ranges supported by a mechanism.
260  */
261 
262 #define	CRYPTO_MECH_USAGE_ENCRYPT	0x00000001
263 #define	CRYPTO_MECH_USAGE_DECRYPT	0x00000002
264 #define	CRYPTO_MECH_USAGE_MAC		0x00000004
265 
266 typedef	uint32_t crypto_mech_usage_t;
267 
268 typedef struct crypto_mechanism_info {
269 	size_t mi_min_key_size;
270 	size_t mi_max_key_size;
271 	crypto_keysize_unit_t mi_keysize_unit; /* for mi_xxx_key_size */
272 	crypto_mech_usage_t mi_usage;
273 } crypto_mechanism_info_t;
274 
275 extern int crypto_get_all_mech_info(crypto_mech_type_t,
276     crypto_mechanism_info_t **, uint_t *, int);
277 
278 #endif	/* _KERNEL */
279 
280 #ifdef	__cplusplus
281 }
282 #endif
283 
284 #endif	/* _SYS_CRYPTO_API_H */
285