common.h revision 11973:480f5412d630
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26#ifndef _PKTOOL_COMMON_H 27#define _PKTOOL_COMMON_H 28 29/* 30 * This file contains data and functions shared between all the 31 * modules that comprise this tool. 32 */ 33 34#ifdef __cplusplus 35extern "C" { 36#endif 37 38#include <cryptoutil.h> 39 40/* I18N helpers. */ 41#include <libintl.h> 42#include <locale.h> 43#include <errno.h> 44#include <kmfapi.h> 45 46/* Defines used throughout */ 47 48/* Error codes */ 49#define PK_ERR_NONE 0 50#define PK_ERR_USAGE 1 51#define PK_ERR_QUIT 2 52#define PK_ERR_PK11 3 53#define PK_ERR_SYSTEM 4 54#define PK_ERR_OPENSSL 5 55#define PK_ERR_NSS 6 56 57/* Types of objects for searches. */ 58#define PK_PRIVATE_OBJ 0x0001 59#define PK_PUBLIC_OBJ 0x0002 60#define PK_CERT_OBJ 0x0010 61#define PK_PRIKEY_OBJ 0x0020 62#define PK_PUBKEY_OBJ 0x0040 63#define PK_SYMKEY_OBJ 0x0080 64#define PK_CRL_OBJ 0x0100 65 66#define PK_KEY_OBJ (PK_PRIKEY_OBJ | PK_PUBKEY_OBJ | PK_SYMKEY_OBJ) 67#define PK_ALL_OBJ (PK_PRIVATE_OBJ | PK_PUBLIC_OBJ |\ 68 PK_CERT_OBJ| PK_CRL_OBJ | PK_KEY_OBJ) 69 70#define PK_DEFAULT_KEYTYPE "rsa" 71#define PK_DEFAULT_KEYLENGTH 2048 72#define PK_DEFAULT_DIRECTORY "." 73#define PK_DEFAULT_SERIALNUM 1 74#define PK_DEFAULT_PK11TOKEN SOFT_TOKEN_LABEL 75 76/* Constants for attribute templates. */ 77extern CK_BBOOL pk_false; 78extern CK_BBOOL pk_true; 79 80typedef struct { 81 int eku_count; 82 int *critlist; 83 KMF_OID *ekulist; 84} EKU_LIST; 85 86/* Common functions. */ 87extern void final_pk11(CK_SESSION_HANDLE sess); 88 89extern CK_RV login_token(CK_SLOT_ID slot_id, CK_UTF8CHAR_PTR pin, 90 CK_ULONG pinlen, CK_SESSION_HANDLE_PTR sess); 91 92extern CK_RV quick_start(CK_SLOT_ID slot_id, CK_FLAGS sess_flags, 93 CK_UTF8CHAR_PTR pin, CK_ULONG pinlen, 94 CK_SESSION_HANDLE_PTR sess); 95 96extern CK_RV get_pin(char *prompt1, char *prompt2, CK_UTF8CHAR_PTR *pin, 97 CK_ULONG *pinlen); 98extern boolean_t yesno(char *prompt, char *invalid, boolean_t dflt); 99 100extern CK_RV get_token_slots(CK_SLOT_ID_PTR *slot_list, 101 CK_ULONG *slot_count); 102 103extern int get_subname(char **); 104extern int get_serial(char **); 105extern int get_certlabel(char **); 106extern int get_filename(char *, char **); 107 108extern int getopt_av(int argc, char * const argv[], const char *optstring); 109extern char *optarg_av; 110extern int optind_av; 111 112int OT2Int(char *); 113int PK2Int(char *); 114KMF_KEYSTORE_TYPE KS2Int(char *); 115int Str2KeyType(char *, KMF_OID *, KMF_KEY_ALG *, KMF_ALGORITHM_INDEX *); 116int Str2SymKeyType(char *, KMF_KEY_ALG *); 117int Str2Lifetime(char *, uint32_t *); 118KMF_RETURN select_token(void *, char *, int); 119KMF_RETURN configure_nss(void *, char *, char *); 120 121KMF_ENCODE_FORMAT Str2Format(char *); 122KMF_RETURN get_pk12_password(KMF_CREDENTIAL *); 123KMF_RETURN hexstring2bytes(uchar_t *, uchar_t **, size_t *); 124KMF_RETURN verify_altname(char *arg, KMF_GENERALNAMECHOICES *, int *); 125KMF_RETURN verify_keyusage(char *arg, uint16_t *, int *); 126KMF_RETURN verify_file(char *); 127KMF_RETURN verify_ekunames(char *, EKU_LIST **); 128KMF_RETURN token_auth_needed(KMF_HANDLE_T, char *, int *); 129KMF_OID *ecc_name_to_oid(char *); 130void show_ecc_curves(); 131KMF_RETURN genkeypair_pkcs11(KMF_HANDLE_T, char *, char *, KMF_KEY_ALG, 132 int, KMF_CREDENTIAL *, KMF_OID *, 133 KMF_KEY_HANDLE *, KMF_KEY_HANDLE *); 134 135KMF_RETURN genkeypair_file(KMF_HANDLE_T, 136 KMF_KEY_ALG, int, KMF_ENCODE_FORMAT, 137 char *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *); 138 139KMF_RETURN genkeypair_nss(KMF_HANDLE_T, 140 char *, char *, char *, char *, 141 KMF_KEY_ALG, int, KMF_CREDENTIAL *, 142 KMF_OID *, KMF_KEY_HANDLE *, KMF_KEY_HANDLE *); 143 144void free_eku_list(EKU_LIST *); 145 146int yn_to_int(char *); 147 148int get_token_password(KMF_KEYSTORE_TYPE, char *, KMF_CREDENTIAL *); 149void display_error(void *, KMF_RETURN, char *); 150 151#define DEFAULT_NSS_TOKEN "internal" 152#define DEFAULT_TOKEN_PROMPT "Enter PIN for %s: " 153 154#define EMPTYSTRING(s) (s == NULL || !strlen((char *)s)) 155/* 156 * The "dir" option is only valid with the NSS keystore. This check 157 * forces PK_ERR_USAGE when it is used with non-NSS keystore. 158 */ 159#define DIR_OPTION_CHECK(k, d) \ 160if (k != KMF_KEYSTORE_NSS && d != NULL) { \ 161 cryptoerror(LOG_STDERR, gettext("The 'dir' option is " \ 162 "not supported with the indicated keystore\n")); \ 163 return (PK_ERR_USAGE); \ 164} 165 166 167#ifdef __cplusplus 168} 169#endif 170 171#endif /* _PKTOOL_COMMON_H */ 172