upstream/oracle/userland-gate: components/openssl/openssl-fips-140/engines/pkcs11/e_pk11

1587 314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	1	/*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	2	* Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	3	*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	4	*/
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	5
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	6	/*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	7	* Redistribution and use in source and binary forms, with or without
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	8	* modification, are permitted provided that the following conditions
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	9	* are met:
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	10	*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	11	* 1. Redistributions of source code must retain the above copyright
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	12	* notice, this list of conditions and the following disclaimer.
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	13	*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	14	* 2. Redistributions in binary form must reproduce the above copyright
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	15	* notice, this list of conditions and the following disclaimer in
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	16	* the documentation and/or other materials provided with the
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	17	* distribution.
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	18	*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	19	* 3. All advertising materials mentioning features or use of this
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	20	* software must display the following acknowledgment:
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	21	* "This product includes software developed by the OpenSSL Project
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	22	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	23	*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	24	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	25	* endorse or promote products derived from this software without
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	26	* prior written permission. For written permission, please contact
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	27	* [email protected].
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	28	*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	29	* 5. Products derived from this software may not be called "OpenSSL"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	30	* nor may "OpenSSL" appear in their names without prior written
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	31	* permission of the OpenSSL Project.
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	32	*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	33	* 6. Redistributions of any form whatsoever must retain the following
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	34	* acknowledgment:
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	35	* "This product includes software developed by the OpenSSL Project
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	36	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	37	*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	38	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	39	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	40	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	41	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	42	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	43	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	44	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	45	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	46	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	47	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	48	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	49	* OF THE POSSIBILITY OF SUCH DAMAGE.
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	50	*/
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	51
1604 b6e3e1ed52a5 17777796 Change the pkcs11 engine into a dynamic engine for FIPS version jenny.yung@oracle.com <jenny.yung@oracle.com> parents: 1596 diff changeset	52	#ifndef E_PK11_URI_H
b6e3e1ed52a5 17777796 Change the pkcs11 engine into a dynamic engine for FIPS version jenny.yung@oracle.com <jenny.yung@oracle.com> parents: 1596 diff changeset	53	#define E_PK11_URI_H
1587 314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	54
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	55	#include <security/pkcs11t.h>
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	56
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	57	/* PKCS#11 URI related prefixes and attributes. */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	58	#define PK11_URI_PREFIX "pkcs11:"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	59	#define FILE_URI_PREFIX "file://"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	60	#define PK11_TOKEN "token"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	61	#define PK11_MANUF "manuf"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	62	#define PK11_SERIAL "serial"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	63	#define PK11_MODEL "model"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	64	#define PK11_OBJECT "object"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	65	#define PK11_OBJECTTYPE "objecttype"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	66	#define PK11_ASKPASS "passphrasedialog"
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	67
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	68	/* PIN caching policy. */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	69	#define POLICY_NOT_INITIALIZED 0
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	70	#define POLICY_NONE 1
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	71	#define POLICY_MEMORY 2
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	72	#define POLICY_MLOCKED_MEMORY 3
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	73	#define POLICY_WRONG_VALUE 4
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	74
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	75	/*
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	76	* That's what getpassphrase(3c) supports.
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	77	*/
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	78	#define PK11_MAX_PIN_LEN 256
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	79
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	80	/* Add new attributes of the PKCS#11 URI here. */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	81	typedef struct pkcs11_uri_struct
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	82	{
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	83	char object; / object label, the only mandatory info */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	84	char objecttype; / (private\|public\|cert), currently unused */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	85	char token; / token label */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	86	char manuf; / manufacturer label */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	87	char serial; / serial number label */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	88	char model; / model label */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	89	char askpass; / full path to the command to get the PIN */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	90	/* Not part of the PKCS11 URI itself. */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	91	char pin; / token PIN */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	92	} pkcs11_uri;
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	93
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	94	/* For URI processing. */
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	95	extern pthread_mutex_t *uri_lock;
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	96
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	97	int pk11_get_pin(char dialog, char *pin);
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	98	int pk11_get_pin_caching_policy(void);
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	99	int pk11_process_pkcs11_uri(const char uristr, pkcs11_uri uri_struct,
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	100	const char **file);
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	101	int pk11_check_token_attrs(pkcs11_uri *uri_struct);
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	102	void pk11_free_pkcs11_uri(pkcs11_uri *uri_struct, CK_BBOOL free_uri_itself);
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	103	int pk11_cache_pin(char *pin);
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	104	int pk11_token_login(CK_SESSION_HANDLE session, CK_BBOOL *login_done,
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	105	pkcs11_uri *uri_struct, CK_BBOOL is_private);
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	106	int pk11_token_relogin(CK_SESSION_HANDLE session);
314c74b881bc backout 15801760 - not yet time Mike Sullivan <Mike.Sullivan@Oracle.COM> parents: diff changeset	107
1604 b6e3e1ed52a5 17777796 Change the pkcs11 engine into a dynamic engine for FIPS version jenny.yung@oracle.com <jenny.yung@oracle.com> parents: 1596 diff changeset	108	#endif /* E_PK11_URI_H */

author	Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
	Fri, 28 Aug 2015 11:04:52 -0700
changeset 4822	1fb8a14c6702
parent 1604	components/openssl/openssl-1.0.1-fips-140/engines/pkcs11/e_pk11_uri.h@b6e3e1ed52a5
permissions	-rw-r--r--