Home | History | Annotate | Download | only in pktool
      1 /*
      2  * CDDL HEADER START
      3  *
      4  * The contents of this file are subject to the terms of the
      5  * Common Development and Distribution License (the "License").
      6  * You may not use this file except in compliance with the License.
      7  *
      8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
      9  * or http://www.opensolaris.org/os/licensing.
     10  * See the License for the specific language governing permissions
     11  * and limitations under the License.
     12  *
     13  * When distributing Covered Code, include this CDDL HEADER in each
     14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     15  * If applicable, add the following below this CDDL HEADER, with the
     16  * fields enclosed by brackets "[]" replaced with your own identifying
     17  * information: Portions Copyright [yyyy] [name of copyright owner]
     18  *
     19  * CDDL HEADER END
     20  */
     21 /*
     22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
     23  * Use is subject to license terms.
     24  */
     25 
     26 #ifndef _PKTOOL_COMMON_H
     27 #define	_PKTOOL_COMMON_H
     28 
     29 #pragma ident	"%Z%%M%	%I%	%E% SMI"
     30 
     31 /*
     32  * This file contains data and functions shared between all the
     33  * modules that comprise this tool.
     34  */
     35 
     36 #ifdef __cplusplus
     37 extern "C" {
     38 #endif
     39 
     40 #include <cryptoutil.h>
     41 
     42 /* I18N helpers. */
     43 #include <libintl.h>
     44 #include <locale.h>
     45 #include <errno.h>
     46 #include <kmfapi.h>
     47 
     48 /* Defines used throughout */
     49 
     50 /* Error codes */
     51 #define	PK_ERR_NONE		0
     52 #define	PK_ERR_USAGE		1
     53 #define	PK_ERR_QUIT		2
     54 #define	PK_ERR_PK11		3
     55 #define	PK_ERR_SYSTEM		4
     56 #define	PK_ERR_OPENSSL		5
     57 #define	PK_ERR_NSS		6
     58 
     59 /* Types of objects for searches. */
     60 #define	PK_PRIVATE_OBJ		0x0001
     61 #define	PK_PUBLIC_OBJ		0x0002
     62 #define	PK_CERT_OBJ		0x0010
     63 #define	PK_PRIKEY_OBJ		0x0020
     64 #define	PK_PUBKEY_OBJ		0x0040
     65 #define	PK_SYMKEY_OBJ		0x0080
     66 #define	PK_CRL_OBJ		0x0100
     67 
     68 #define	PK_KEY_OBJ		(PK_PRIKEY_OBJ | PK_PUBKEY_OBJ | PK_SYMKEY_OBJ)
     69 #define	PK_ALL_OBJ		(PK_PRIVATE_OBJ | PK_PUBLIC_OBJ |\
     70 				PK_CERT_OBJ| PK_CRL_OBJ | PK_KEY_OBJ)
     71 
     72 #define	PK_DEFAULT_KEYTYPE	"rsa"
     73 #define	PK_DEFAULT_KEYLENGTH	1024
     74 #define	PK_DEFAULT_DIRECTORY	"."
     75 #define	PK_DEFAULT_SERIALNUM	1
     76 #define	PK_DEFAULT_PK11TOKEN	SOFT_TOKEN_LABEL
     77 
     78 /* Constants for attribute templates. */
     79 extern CK_BBOOL	pk_false;
     80 extern CK_BBOOL	pk_true;
     81 
     82 typedef struct {
     83 	int	eku_count;
     84 	int	*critlist;
     85 	KMF_OID	*ekulist;
     86 } EKU_LIST;
     87 
     88 /* Common functions. */
     89 extern void	final_pk11(CK_SESSION_HANDLE sess);
     90 
     91 extern CK_RV	login_token(CK_SLOT_ID slot_id, CK_UTF8CHAR_PTR pin,
     92 		    CK_ULONG pinlen, CK_SESSION_HANDLE_PTR sess);
     93 
     94 extern CK_RV	quick_start(CK_SLOT_ID slot_id, CK_FLAGS sess_flags,
     95 		    CK_UTF8CHAR_PTR pin, CK_ULONG pinlen,
     96 		    CK_SESSION_HANDLE_PTR sess);
     97 
     98 extern CK_RV	get_pin(char *prompt1, char *prompt2, CK_UTF8CHAR_PTR *pin,
     99 		    CK_ULONG *pinlen);
    100 extern boolean_t	yesno(char *prompt, char *invalid, boolean_t dflt);
    101 
    102 extern CK_RV	get_token_slots(CK_SLOT_ID_PTR *slot_list,
    103 		    CK_ULONG *slot_count);
    104 
    105 extern int get_subname(char **);
    106 extern int get_serial(char **);
    107 extern int get_certlabel(char **);
    108 extern int get_filename(char *, char **);
    109 
    110 extern int	getopt_av(int argc, char * const argv[], const char *optstring);
    111 extern char	*optarg_av;
    112 extern int	optind_av;
    113 
    114 int OT2Int(char *);
    115 int PK2Int(char *);
    116 KMF_KEYSTORE_TYPE KS2Int(char *);
    117 int Str2KeyType(char *, KMF_KEY_ALG *, KMF_ALGORITHM_INDEX *);
    118 int Str2SymKeyType(char *, KMF_KEY_ALG *);
    119 int Str2Lifetime(char *, uint32_t *);
    120 KMF_RETURN select_token(void *, char *, int);
    121 KMF_RETURN configure_nss(void *, char *, char *);
    122 
    123 KMF_ENCODE_FORMAT Str2Format(char *);
    124 KMF_RETURN get_pk12_password(KMF_CREDENTIAL *);
    125 KMF_RETURN hexstring2bytes(uchar_t *, uchar_t **, size_t *);
    126 KMF_RETURN verify_altname(char *arg, KMF_GENERALNAMECHOICES *, int *);
    127 KMF_RETURN verify_keyusage(char *arg, uint16_t *, int *);
    128 KMF_RETURN verify_file(char *);
    129 KMF_RETURN verify_ekunames(char *, EKU_LIST **);
    130 KMF_RETURN token_auth_needed(KMF_HANDLE_T, char *, int *);
    131 
    132 void free_eku_list(EKU_LIST *);
    133 
    134 int yn_to_int(char *);
    135 
    136 int get_token_password(KMF_KEYSTORE_TYPE, char *, KMF_CREDENTIAL *);
    137 void display_error(void *, KMF_RETURN, char *);
    138 
    139 #define	DEFAULT_NSS_TOKEN	"internal"
    140 #define	DEFAULT_TOKEN_PROMPT	"Enter PIN for %s: "
    141 
    142 #define	EMPTYSTRING(s) (s == NULL || !strlen((char *)s))
    143 /*
    144  * The "dir" option is only valid with the NSS keystore.  This check
    145  * forces PK_ERR_USAGE when it is used with non-NSS keystore.
    146  */
    147 #define	DIR_OPTION_CHECK(k, d) \
    148 if (k != KMF_KEYSTORE_NSS && d != NULL) { \
    149 	cryptoerror(LOG_STDERR, gettext("The 'dir' option is " \
    150 	    "not supported with the indicated keystore\n")); \
    151 	return (PK_ERR_USAGE); \
    152 }
    153 
    154 
    155 #ifdef __cplusplus
    156 }
    157 #endif
    158 
    159 #endif /* _PKTOOL_COMMON_H */
    160