1 /* |
|
2 * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. |
|
3 */ |
|
4 |
|
5 /* |
|
6 * Redistribution and use in source and binary forms, with or without |
|
7 * modification, are permitted provided that the following conditions |
|
8 * are met: |
|
9 * |
|
10 * 1. Redistributions of source code must retain the above copyright |
|
11 * notice, this list of conditions and the following disclaimer. |
|
12 * |
|
13 * 2. Redistributions in binary form must reproduce the above copyright |
|
14 * notice, this list of conditions and the following disclaimer in |
|
15 * the documentation and/or other materials provided with the |
|
16 * distribution. |
|
17 * |
|
18 * 3. All advertising materials mentioning features or use of this |
|
19 * software must display the following acknowledgment: |
|
20 * "This product includes software developed by the OpenSSL Project |
|
21 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
|
22 * |
|
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
|
24 * endorse or promote products derived from this software without |
|
25 * prior written permission. For written permission, please contact |
|
26 * [email protected]. |
|
27 * |
|
28 * 5. Products derived from this software may not be called "OpenSSL" |
|
29 * nor may "OpenSSL" appear in their names without prior written |
|
30 * permission of the OpenSSL Project. |
|
31 * |
|
32 * 6. Redistributions of any form whatsoever must retain the following |
|
33 * acknowledgment: |
|
34 * "This product includes software developed by the OpenSSL Project |
|
35 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
|
36 * |
|
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
|
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
|
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
|
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
48 * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
49 */ |
|
50 |
|
51 #ifndef HW_PK11_URI_H |
|
52 #define HW_PK11_URI_H |
|
53 |
|
54 #include <security/pkcs11t.h> |
|
55 |
|
56 #ifdef __cplusplus |
|
57 extern "C" { |
|
58 #endif |
|
59 |
|
60 /* PKCS#11 URI related prefixes and attributes. */ |
|
61 #define PK11_URI_PREFIX "pkcs11:" |
|
62 #define FILE_URI_PREFIX "file://" |
|
63 #define PK11_TOKEN "token" |
|
64 #define PK11_MANUF "manuf" |
|
65 #define PK11_SERIAL "serial" |
|
66 #define PK11_MODEL "model" |
|
67 #define PK11_OBJECT "object" |
|
68 #define PK11_OBJECTTYPE "objecttype" |
|
69 #define PK11_ASKPASS "passphrasedialog" |
|
70 |
|
71 /* PIN caching policy. */ |
|
72 #define POLICY_NOT_INITIALIZED 0 |
|
73 #define POLICY_NONE 1 |
|
74 #define POLICY_MEMORY 2 |
|
75 #define POLICY_MLOCKED_MEMORY 3 |
|
76 #define POLICY_WRONG_VALUE 4 |
|
77 |
|
78 /* |
|
79 * That's what getpassphrase(3c) supports. |
|
80 */ |
|
81 #define PK11_MAX_PIN_LEN 256 |
|
82 |
|
83 /* Add new attributes of the PKCS#11 URI here. */ |
|
84 typedef struct pkcs11_uri_struct { |
|
85 char *object; /* object label, the only mandatory info */ |
|
86 char *objecttype; /* (private|public|cert), currently unused */ |
|
87 char *token; /* token label */ |
|
88 char *manuf; /* manufacturer label */ |
|
89 char *serial; /* serial number label */ |
|
90 char *model; /* model label */ |
|
91 char *askpass; /* full path to the command to get the PIN */ |
|
92 /* Not part of the PKCS11 URI itself. */ |
|
93 char *pin; /* token PIN */ |
|
94 } pkcs11_uri; |
|
95 |
|
96 /* For URI processing. */ |
|
97 extern pthread_mutex_t *uri_lock; |
|
98 |
|
99 int pk11_get_pin(char *dialog, char **pin); |
|
100 int pk11_get_pin_caching_policy(void); |
|
101 int pk11_process_pkcs11_uri(const char *uristr, pkcs11_uri *uri_struct, |
|
102 const char **file); |
|
103 int pk11_check_token_attrs(pkcs11_uri *uri_struct); |
|
104 void pk11_free_pkcs11_uri(pkcs11_uri *uri_struct, CK_BBOOL free_uri_itself); |
|
105 int pk11_cache_pin(char *pin); |
|
106 int pk11_token_login(CK_SESSION_HANDLE session, CK_BBOOL *login_done, |
|
107 pkcs11_uri *uri_struct, CK_BBOOL is_private); |
|
108 int pk11_token_relogin(CK_SESSION_HANDLE session); |
|
109 |
|
110 #ifdef __cplusplus |
|
111 } |
|
112 #endif |
|
113 #endif /* HW_PK11_URI_H */ |
|