1 /* |
|
2 * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved. |
|
3 * |
|
4 */ |
|
5 |
|
6 /* |
|
7 * Redistribution and use in source and binary forms, with or without |
|
8 * modification, are permitted provided that the following conditions |
|
9 * are met: |
|
10 * |
|
11 * 1. Redistributions of source code must retain the above copyright |
|
12 * notice, this list of conditions and the following disclaimer. |
|
13 * |
|
14 * 2. Redistributions in binary form must reproduce the above copyright |
|
15 * notice, this list of conditions and the following disclaimer in |
|
16 * the documentation and/or other materials provided with the |
|
17 * distribution. |
|
18 * |
|
19 * 3. All advertising materials mentioning features or use of this |
|
20 * software must display the following acknowledgment: |
|
21 * "This product includes software developed by the OpenSSL Project |
|
22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
|
23 * |
|
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
|
25 * endorse or promote products derived from this software without |
|
26 * prior written permission. For written permission, please contact |
|
27 * [email protected]. |
|
28 * |
|
29 * 5. Products derived from this software may not be called "OpenSSL" |
|
30 * nor may "OpenSSL" appear in their names without prior written |
|
31 * permission of the OpenSSL Project. |
|
32 * |
|
33 * 6. Redistributions of any form whatsoever must retain the following |
|
34 * acknowledgment: |
|
35 * "This product includes software developed by the OpenSSL Project |
|
36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
|
37 * |
|
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
|
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
|
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
|
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
49 * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
50 */ |
|
51 |
|
52 #ifndef HW_PK11_URI_H |
|
53 #define HW_PK11_URI_H |
|
54 |
|
55 #include <security/pkcs11t.h> |
|
56 |
|
57 /* PKCS#11 URI related prefixes and attributes. */ |
|
58 #define PK11_URI_PREFIX "pkcs11:" |
|
59 #define FILE_URI_PREFIX "file://" |
|
60 #define PK11_TOKEN "token" |
|
61 #define PK11_MANUF "manuf" |
|
62 #define PK11_SERIAL "serial" |
|
63 #define PK11_MODEL "model" |
|
64 #define PK11_OBJECT "object" |
|
65 #define PK11_OBJECTTYPE "objecttype" |
|
66 #define PK11_ASKPASS "passphrasedialog" |
|
67 |
|
68 /* PIN caching policy. */ |
|
69 #define POLICY_NOT_INITIALIZED 0 |
|
70 #define POLICY_NONE 1 |
|
71 #define POLICY_MEMORY 2 |
|
72 #define POLICY_MLOCKED_MEMORY 3 |
|
73 #define POLICY_WRONG_VALUE 4 |
|
74 |
|
75 /* |
|
76 * That's what getpassphrase(3c) supports. |
|
77 */ |
|
78 #define PK11_MAX_PIN_LEN 256 |
|
79 |
|
80 /* Add new attributes of the PKCS#11 URI here. */ |
|
81 typedef struct pkcs11_uri_struct |
|
82 { |
|
83 char *object; /* object label, the only mandatory info */ |
|
84 char *objecttype; /* (private|public|cert), currently unused */ |
|
85 char *token; /* token label */ |
|
86 char *manuf; /* manufacturer label */ |
|
87 char *serial; /* serial number label */ |
|
88 char *model; /* model label */ |
|
89 char *askpass; /* full path to the command to get the PIN */ |
|
90 /* Not part of the PKCS11 URI itself. */ |
|
91 char *pin; /* token PIN */ |
|
92 } pkcs11_uri; |
|
93 |
|
94 /* For URI processing. */ |
|
95 extern pthread_mutex_t *uri_lock; |
|
96 |
|
97 int pk11_get_pin(char *dialog, char **pin); |
|
98 int pk11_get_pin_caching_policy(void); |
|
99 int pk11_process_pkcs11_uri(const char *uristr, pkcs11_uri *uri_struct, |
|
100 const char **file); |
|
101 int pk11_check_token_attrs(pkcs11_uri *uri_struct); |
|
102 void pk11_free_pkcs11_uri(pkcs11_uri *uri_struct, CK_BBOOL free_uri_itself); |
|
103 int pk11_cache_pin(char *pin); |
|
104 int pk11_token_login(CK_SESSION_HANDLE session, CK_BBOOL *login_done, |
|
105 pkcs11_uri *uri_struct, CK_BBOOL is_private); |
|
106 int pk11_token_relogin(CK_SESSION_HANDLE session); |
|
107 |
|
108 #endif /* HW_PK11_URI_H */ |
|