Print this page
4215 pkcs11_tpm botches shared library initialization, murders its friends
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/lib/pkcs11/pkcs11_tpm/common/tpmtok_int.h
+++ new/usr/src/lib/pkcs11/pkcs11_tpm/common/tpmtok_int.h
1 1 /*
2 2 * The Initial Developer of the Original Code is International
3 3 * Business Machines Corporation. Portions created by IBM
4 4 * Corporation are Copyright(C) 2005 International Business
5 5 * Machines Corporation. All Rights Reserved.
6 6 *
7 7 * This program is free software; you can redistribute it and/or modify
8 8 * it under the terms of the Common Public License as published by
9 9 * IBM Corporation; either version 1 of the License, or(at your option)
10 10 * any later version.
11 11 *
12 12 * This program is distributed in the hope that it will be useful,
13 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 15 * Common Public License for more details.
16 16 *
17 17 * You should have received a copy of the Common Public License
18 18 * along with this program; if not, a copy can be viewed at
19 19 * http://www.opensource.org/licenses/cpl1.0.php.
20 20 */
21 21
22 22 /* (C) COPYRIGHT International Business Machines Corp. 2001, 2002, 2005 */
23 23 /*
24 24 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
25 25 * Use is subject to license terms.
26 26 */
27 27
28 28 #ifndef _TPMTOK_INT_H
29 29 #define _TPMTOK_INT_H
30 30
31 31 #include <stdio.h>
32 32 #include <pthread.h>
33 33 #include <string.h>
34 34 #include <strings.h>
35 35 #include <md5.h>
36 36 #include <sha1.h>
37 37 #include <limits.h>
38 38 #include <syslog.h>
39 39 #include <errno.h>
40 40 #include <sys/types.h>
41 41 #include <sys/stat.h>
42 42 #include <sys/param.h>
43 43 #include <sys/byteorder.h>
44 44 #include <security/cryptoki.h>
45 45
46 46 #include <tss/platform.h>
47 47 #include <tss/tss_defines.h>
48 48 #include <tss/tss_typedef.h>
49 49 #include <tss/tss_structs.h>
50 50 #include <tss/tspi.h>
51 51
52 52 #define VERSION_MAJOR 2
53 53 #define VERSION_MINOR 1
54 54
55 55 #define MAX_SESSION_COUNT 64
56 56 #define MAX_PIN_LEN 256
57 57 #define MIN_PIN_LEN 1
58 58
59 59 #define MAX_SLOT_ID 10
60 60
61 61 #ifndef MIN
62 62 #define MIN(a, b) ((a) < (b) ? (a) : (b))
63 63 #endif
64 64
65 65 #define MODE_COPY (1 << 0)
66 66 #define MODE_CREATE (1 << 1)
67 67 #define MODE_KEYGEN (1 << 2)
68 68 #define MODE_MODIFY (1 << 3)
69 69 #define MODE_DERIVE (1 << 4)
70 70 #define MODE_UNWRAP (1 << 5)
71 71
72 72 // RSA block formatting types
73 73 //
74 74 #define PKCS_BT_1 1
75 75 #define PKCS_BT_2 2
76 76
77 77 #define OP_ENCRYPT_INIT 1
78 78 #define OP_DECRYPT_INIT 2
79 79 #define OP_WRAP 3
80 80 #define OP_UNWRAP 4
81 81 #define OP_SIGN_INIT 5
82 82 #define OP_VERIFY_INIT 6
83 83
84 84 enum {
85 85 STATE_INVALID = 0,
86 86 STATE_ENCR,
87 87 STATE_DECR,
88 88 STATE_DIGEST,
89 89 STATE_SIGN,
90 90 STATE_VERIFY
91 91 };
92 92
93 93 #define SHA1_BLOCK_SIZE 64
94 94 #define SHA1_BLOCK_SIZE_MASK (SHA1_BLOCK_SIZE - 1)
95 95
96 96 #define RSA_BLOCK_SIZE 256
97 97
98 98 #ifndef PATH_MAX
99 99 #define PATH_MAX MAXPATHLEN
100 100 #endif
101 101
102 102 #ifndef PACK_DATA
103 103 #define PACK_DATA
104 104 #endif
105 105
106 106 #define MD5_BLOCK_SIZE 64
107 107
108 108 #define DSA_SIGNATURE_SIZE 40
109 109
110 110 #define DEFAULT_SO_PIN "87654321"
111 111
112 112 typedef enum {
113 113 ALL = 1,
114 114 PRIVATE,
115 115 PUBLIC
116 116 } SESS_OBJ_TYPE;
117 117
118 118 typedef struct _DL_NODE
119 119 {
120 120 struct _DL_NODE *next;
121 121 struct _DL_NODE *prev;
122 122 void *data;
123 123 } DL_NODE;
124 124
125 125 #define TOKEN_DATA_FILE "token.dat"
126 126 #define TOKEN_OBJ_DIR "objects"
127 127 #define TOKEN_OBJ_INDEX_FILE "obj.idx"
128 128
129 129 #define TPMTOK_UUID_INDEX_FILENAME "uuids.idx"
130 130
131 131 /*
132 132 * Filenames used to store migration data.
133 133 */
134 134 #define SO_MAKEY_FILENAME "so_makey.dat"
135 135 #define USER_MAKEY_FILENAME "user_makey.dat"
136 136 #define SO_KEYBLOB_FILENAME "so_blob.dat"
137 137 #define USER_KEYBLOB_FILENAME "user_blob.dat"
138 138
139 139 #define __FUNCTION__ __func__
140 140
141 141 //
142 142 // Both of the strings below have a length of 32 chars and must be
143 143 // padded with spaces, and non - null terminated.
144 144 //
145 145 #define PKW_CRYPTOKI_VERSION_MAJOR 2
146 146 #define PKW_CRYPTOKI_VERSION_MINOR 1
147 147 #define PKW_CRYPTOKI_MANUFACTURER "Sun Microsystems, Inc. "
148 148 #define PKW_CRYPTOKI_LIBDESC "PKCS#11 Interface for TPM "
149 149 #define PKW_CRYPTOKI_LIB_VERSION_MAJOR 1
150 150 #define PKW_CRYPTOKI_LIB_VERSION_MINOR 0
151 151 #define PKW_MAX_DEVICES 10
152 152
153 153 #define MAX_TOK_OBJS 2048
154 154 #define NUMBER_SLOTS_MANAGED 1
155 155 #define TPM_SLOTID 1
156 156
157 157 /*
158 158 * CKA_HIDDEN will be used to filter return results on
159 159 * a C_FindObjects call. Used for objects internal to the
160 160 * TPM token for management
161 161 */
162 162 /* custom attributes for the TPM token */
163 163 #define CKA_HIDDEN CKA_VENDOR_DEFINED + 0x01
164 164 #define CKA_IBM_OPAQUE CKA_VENDOR_DEFINED + 0x02
165 165 /*
166 166 * CKA_ENC_AUTHDATA will be used to store the encrypted SHA-1
167 167 * hashes of auth data passed in for TPM keys. The authdata
168 168 * will be encrypted using either the public
169 169 * leaf key or the private leaf key
170 170 */
171 171 #define CKA_ENC_AUTHDATA CKA_VENDOR_DEFINED + 0x03
172 172
173 173 /* custom return codes for the TPM token */
174 174 #define CKR_KEY_NOT_FOUND CKR_VENDOR_DEFINED + 0x01
175 175 #define CKR_FILE_NOT_FOUND CKR_VENDOR_DEFINED + 0x02
176 176
177 177 typedef struct {
178 178 CK_SLOT_ID slotID;
179 179 CK_SESSION_HANDLE sessionh;
180 180 } ST_SESSION_T;
181 181
182 182 typedef ST_SESSION_T ST_SESSION_HANDLE;
183 183
184 184 typedef struct {
185 185 void *Previous;
186 186 void *Next;
187 187 CK_SLOT_ID SltId;
188 188 CK_SESSION_HANDLE RealHandle;
189 189 } Session_Struct_t;
190 190
191 191 typedef Session_Struct_t *SessStructP;
192 192
193 193 typedef struct {
194 194 pid_t Pid;
195 195 pthread_mutex_t ProcMutex;
196 196 Session_Struct_t *SessListBeg;
197 197 Session_Struct_t *SessListEnd;
198 198 pthread_mutex_t SessListMutex;
199 199 } API_Proc_Struct_t;
200 200
201 201
202 202
203 203
204 204 enum {
205 205 PRF_DUMMYFUNCTION = 1,
206 206 PRF_FCVFUNCTION,
207 207 PRF_INITIALIZE,
208 208 PRF_FINALIZE,
209 209 PRF_GETINFO,
210 210 PRF_GETFUNCTIONLIST,
211 211 PRF_GETSLOTLIST,
212 212 PRF_GETSLOTINFO,
213 213 PRF_GETTOKENINFO,
214 214 PRF_GETMECHLIST,
215 215 PRF_GETMECHINFO,
216 216 PRF_INITTOKEN,
217 217 PRF_INITPIN,
218 218 PRF_SETPIN,
219 219 PRF_OPENSESSION,
220 220 PRF_CLOSESESSION,
221 221 PRF_CLOSEALLSESSIONS,
222 222 PRF_GETSESSIONINFO,
223 223 PRF_GETOPERATIONSTATE,
224 224 PRF_SETOPERATIONSTATE,
225 225 PRF_LOGIN,
226 226 PRF_LOGOUT,
227 227 PRF_CREATEOBJECT,
228 228 PRF_COPYOBJECT,
229 229 PRF_DESTROYOBJECT,
230 230 PRF_GETOBJECTSIZE,
231 231 PRF_GETATTRIBUTEVALUE,
232 232 PRF_SETATTRIBUTEVALUE,
233 233 PRF_FINDOBJECTSINIT,
234 234 PRF_FINDOBJECTS,
235 235 PRF_FINDOBJECTSFINAL,
236 236 PRF_ENCRYPTINIT,
237 237 PRF_ENCRYPT,
238 238 PRF_ENCRYPTUPDATE,
239 239 PRF_ENCRYPTFINAL,
240 240 PRF_DECRYPTINIT,
241 241 PRF_DECRYPT,
242 242 PRF_DECRYPTUPDATE,
243 243 PRF_DECRYPTFINAL,
244 244 PRF_DIGESTINIT,
245 245 PRF_DIGEST,
246 246 PRF_DIGESTUPDATE,
247 247 PRF_DIGESTKEY,
248 248 PRF_DIGESTFINAL,
249 249 PRF_SIGNINIT,
250 250 PRF_SIGN,
251 251 PRF_SIGNUPDATE,
252 252 PRF_SIGNFINAL,
253 253 PRF_SIGNRECOVERINIT,
254 254 PRF_SIGNRECOVER,
255 255 PRF_VERIFYINIT,
256 256 PRF_VERIFY,
257 257 PRF_VERIFYUPDATE,
258 258 PRF_VERIFYFINAL,
259 259 PRF_VERIFYRECOVERINIT,
260 260 PRF_VERIFYRECOVER,
261 261 PRF_GENKEY,
262 262 PRF_GENKEYPAIR,
263 263 PRF_WRAPKEY,
264 264 PRF_UNWRAPKEY,
265 265 PRF_DERIVEKEY,
266 266 PRF_GENRND,
267 267 PRF_LASTENTRY
268 268 };
269 269
270 270 typedef struct _ENCR_DECR_CONTEXT
271 271 {
272 272 CK_OBJECT_HANDLE key;
273 273 CK_MECHANISM mech;
274 274 CK_BYTE *context;
275 275 CK_ULONG context_len;
276 276 CK_BBOOL multi;
277 277 CK_BBOOL active;
278 278 } ENCR_DECR_CONTEXT;
279 279
280 280 typedef struct _DIGEST_CONTEXT
281 281 {
282 282 CK_MECHANISM mech;
283 283 union {
284 284 MD5_CTX *md5ctx;
285 285 SHA1_CTX *sha1ctx;
286 286 void *ref; /* reference ptr for the union */
287 287 } context;
288 288 CK_ULONG context_len;
289 289 CK_BBOOL multi;
290 290 CK_BBOOL active;
291 291 } DIGEST_CONTEXT;
292 292
293 293 typedef struct _SIGN_VERIFY_CONTEXT
294 294 {
295 295 CK_OBJECT_HANDLE key;
296 296 CK_MECHANISM mech; // current sign mechanism
297 297 void *context; // temporary work area
298 298 CK_ULONG context_len;
299 299 CK_BBOOL multi; // is this a multi - part operation?
300 300 CK_BBOOL recover; // are we in recover mode?
301 301 CK_BBOOL active;
302 302 } SIGN_VERIFY_CONTEXT;
303 303
304 304 typedef struct _SESSION
305 305 {
306 306 CK_SESSION_HANDLE handle;
307 307 CK_SESSION_INFO session_info;
308 308
309 309 CK_OBJECT_HANDLE *find_list; // array of CK_OBJECT_HANDLE
310 310 CK_ULONG find_count; // # handles in the list
311 311 CK_ULONG find_len; // max # of handles in the list
312 312 CK_ULONG find_idx; // current position
313 313 CK_BBOOL find_active;
314 314
315 315 ENCR_DECR_CONTEXT encr_ctx;
316 316 ENCR_DECR_CONTEXT decr_ctx;
317 317 DIGEST_CONTEXT digest_ctx;
318 318 SIGN_VERIFY_CONTEXT sign_ctx;
319 319 SIGN_VERIFY_CONTEXT verify_ctx;
320 320
321 321 TSS_HCONTEXT hContext;
322 322 } SESSION;
323 323
324 324 typedef struct _TEMPLATE
325 325 {
326 326 DL_NODE *attribute_list;
327 327 } TEMPLATE;
328 328
329 329 typedef struct _OBJECT
330 330 {
331 331 CK_OBJECT_CLASS class;
332 332 CK_BYTE name[8]; // for token objects
333 333
334 334 SESSION *session; // creator; only for session objects
335 335 TEMPLATE *template;
336 336 CK_ULONG count_hi; // only significant for token objects
337 337 CK_ULONG count_lo; // only significant for token objects
338 338 CK_ULONG index;
339 339 } OBJECT;
340 340
341 341 typedef struct _OBJECT_MAP
342 342 {
343 343 CK_OBJECT_HANDLE handle;
344 344 CK_BBOOL is_private;
345 345 CK_BBOOL is_session_obj;
346 346 SESSION *session;
347 347 OBJECT *ptr;
348 348 } OBJECT_MAP;
349 349
350 350 typedef struct _ATTRIBUTE_PARSE_LIST
351 351 {
352 352 CK_ATTRIBUTE_TYPE type;
353 353 void *ptr;
354 354 CK_ULONG len;
355 355 CK_BBOOL found;
356 356 } ATTRIBUTE_PARSE_LIST;
357 357
358 358 typedef struct _OP_STATE_DATA
359 359 {
360 360 CK_STATE session_state;
361 361 CK_ULONG active_operation;
362 362 CK_ULONG data_len;
363 363 } OP_STATE_DATA;
364 364
365 365 typedef struct _TWEAK_VEC
366 366 {
367 367 int allow_key_mods;
368 368 } TWEAK_VEC;
369 369
370 370 typedef struct _TOKEN_DATA
371 371 {
372 372 CK_TOKEN_INFO token_info;
373 373 CK_BYTE user_pin_sha[SHA1_DIGEST_LENGTH];
374 374 CK_BYTE so_pin_sha[SHA1_DIGEST_LENGTH];
375 375 CK_BYTE next_token_object_name[8];
376 376 TWEAK_VEC tweak_vector;
377 377 } TOKEN_DATA;
378 378
379 379 typedef struct _RSA_DIGEST_CONTEXT {
380 380 DIGEST_CONTEXT hash_context;
381 381 CK_BBOOL flag;
382 382 } RSA_DIGEST_CONTEXT;
383 383
384 384 typedef struct _MECH_LIST_ELEMENT
385 385 {
386 386 CK_MECHANISM_TYPE mech_type;
387 387 CK_MECHANISM_INFO mech_info;
388 388 } MECH_LIST_ELEMENT;
389 389
390 390 struct mech_list_item;
391 391
392 392 struct mech_list_item {
393 393 struct mech_list_item *next;
394 394 MECH_LIST_ELEMENT element;
395 395 };
396 396
397 397 struct mech_list_item *
398 398 find_mech_list_item_for_type(CK_MECHANISM_TYPE type,
399 399 struct mech_list_item *head);
400 400
401 401 typedef struct _TOK_OBJ_ENTRY
402 402 {
403 403 CK_BBOOL deleted;
404 404 char name[8];
405 405 CK_ULONG count_lo;
406 406 CK_ULONG count_hi;
407 407 } TOK_OBJ_ENTRY;
408 408
409 409 typedef struct _LW_SHM_TYPE
410 410 {
411 411 pthread_mutex_t mutex;
412 412 TOKEN_DATA nv_token_data;
413 413 CK_ULONG num_priv_tok_obj;
414 414 CK_ULONG num_publ_tok_obj;
415 415 CK_BBOOL priv_loaded;
416 416 CK_BBOOL publ_loaded;
417 417 CK_BBOOL token_available;
418 418 TOK_OBJ_ENTRY publ_tok_objs[ MAX_TOK_OBJS ];
419 419 TOK_OBJ_ENTRY priv_tok_objs[ MAX_TOK_OBJS ];
420 420 } LW_SHM_TYPE;
421 421
422 422 typedef unsigned int CK_ULONG_32;
423 423 typedef CK_ULONG_32 CK_OBJECT_CLASS_32;
424 424 typedef CK_ULONG_32 CK_ATTRIBUTE_TYPE_32;
425 425
426 426 typedef struct CK_ATTRIBUTE_32 {
427 427 CK_ATTRIBUTE_TYPE_32 type;
428 428 CK_ULONG_32 pValue;
429 429 CK_ULONG_32 ulValueLen;
430 430 } CK_ATTRIBUTE_32;
431 431
432 432 char *get_tpm_keystore_path();
433 433
434 434 struct messages {
435 435 char *msg;
436 436 };
437 437
438 438 struct token_specific_struct {
439 439 CK_BYTE token_debug_tag[MAXPATHLEN];
440 440
441 441 CK_RV (*t_init)(char *, CK_SLOT_ID, TSS_HCONTEXT *);
442 442 int (*t_slot2local)();
443 443
444 444 CK_RV (*t_rng)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
445 445 CK_RV (*t_session)(CK_SLOT_ID);
446 446 CK_RV (*t_final)(TSS_HCONTEXT);
447 447 CK_RV (*t_rsa_decrypt)(TSS_HCONTEXT, CK_BYTE *,
448 448 CK_ULONG, CK_BYTE *, CK_ULONG *, OBJECT *);
449 449
450 450 CK_RV (*t_rsa_encrypt)(
451 451 TSS_HCONTEXT,
452 452 CK_BYTE *, CK_ULONG, CK_BYTE *,
453 453 CK_ULONG *, OBJECT *);
454 454
455 455 CK_RV (*t_rsa_sign)(TSS_HCONTEXT,
456 456 CK_BYTE *,
457 457 CK_ULONG,
458 458 CK_BYTE *,
459 459 CK_ULONG *,
460 460 OBJECT *);
461 461
462 462 CK_RV (*t_rsa_verify)(TSS_HCONTEXT,
463 463 CK_BYTE *,
464 464 CK_ULONG,
465 465 CK_BYTE *,
466 466 CK_ULONG,
467 467 OBJECT *);
468 468
469 469 CK_RV (*t_rsa_generate_keypair)(TSS_HCONTEXT, TEMPLATE *, TEMPLATE *);
470 470
471 471 CK_RV (*t_sha_init)(DIGEST_CONTEXT *);
472 472
473 473 CK_RV (*t_sha_update)(
474 474 DIGEST_CONTEXT *,
475 475 CK_BYTE *,
476 476 CK_ULONG);
477 477
478 478 CK_RV (*t_sha_final)(
479 479 DIGEST_CONTEXT *,
480 480 CK_BYTE *,
481 481 CK_ULONG *);
482 482 CK_RV (*t_login)(TSS_HCONTEXT, CK_USER_TYPE, CK_BYTE *, CK_ULONG);
483 483 CK_RV (*t_logout)(TSS_HCONTEXT);
484 484 CK_RV (*t_init_pin)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
485 485 CK_RV (*t_set_pin)(ST_SESSION_HANDLE, CK_BYTE *,
486 486 CK_ULONG, CK_BYTE *, CK_ULONG);
487 487 CK_RV (*t_verify_so_pin)(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
488 488 };
489 489
490 490 typedef struct token_specific_struct token_spec_t;
491 491
492 492 /*
493 493 * Global Variables
494 494 */
495 495 extern void copy_slot_info(CK_SLOT_ID, CK_SLOT_INFO_PTR);
496 496
497 497 extern struct messages err_msg[];
498 498
499 499 extern token_spec_t token_specific;
500 500 extern CK_BBOOL initialized;
501 501 extern char *card_function_names[];
502 502 extern char *total_function_names[];
503 503
504 504 extern MECH_LIST_ELEMENT mech_list[];
505 505 extern CK_ULONG mech_list_len;
506 506
507 507 extern pthread_mutex_t native_mutex;
508 508
509 509 extern void *xproclock;
510 510
511 511 extern pthread_mutex_t pkcs_mutex, obj_list_mutex,
512 512 sess_list_mutex, login_mutex;
513 513
514 514 extern DL_NODE *sess_list;
515 515 extern DL_NODE *sess_obj_list;
516 516 extern DL_NODE *publ_token_obj_list;
517 517 extern DL_NODE *priv_token_obj_list;
518 518 extern DL_NODE *object_map;
519 519
520 520 extern CK_BYTE so_pin_md5[MD5_DIGEST_LENGTH];
521 521 extern CK_BYTE user_pin_md5[MD5_DIGEST_LENGTH];
522 522
523 523 extern CK_BYTE default_user_pin_sha[SHA1_DIGEST_LENGTH];
524 524 extern CK_BYTE default_so_pin_sha[SHA1_DIGEST_LENGTH];
525 525 extern CK_BYTE default_so_pin_md5[MD5_DIGEST_LENGTH];
526 526
527 527 extern LW_SHM_TYPE *global_shm;
528 528
529 529 extern TOKEN_DATA *nv_token_data;
530 530
531 531 extern CK_ULONG next_object_handle;
532 532 extern CK_ULONG next_session_handle;
533 533
534 534 extern CK_STATE global_login_state;
535 535
536 536 extern CK_BYTE ber_AlgIdRSAEncryption[];
537 537 extern CK_ULONG ber_AlgIdRSAEncryptionLen;
538 538 extern CK_BYTE ber_rsaEncryption[];
539 539 extern CK_ULONG ber_rsaEncryptionLen;
540 540 extern CK_BYTE ber_idDSA[];
541 541 extern CK_ULONG ber_idDSALen;
542 542
543 543 extern CK_BYTE ber_md5WithRSAEncryption[];
544 544 extern CK_ULONG ber_md5WithRSAEncryptionLen;
545 545 extern CK_BYTE ber_sha1WithRSAEncryption[];
546 546 extern CK_ULONG ber_sha1WithRSAEncryptionLen;
547 547 extern CK_BYTE ber_AlgMd5[];
548 548 extern CK_ULONG ber_AlgMd5Len;
549 549 extern CK_BYTE ber_AlgSha1[];
550 550 extern CK_ULONG ber_AlgSha1Len;
551 551
552 552 extern CK_C_INITIALIZE_ARGS cinit_args;
553 553
554 554 /*
555 555 * Function Prototypes
556 556 */
557 557 void *attach_shared_memory();
558 558 void detach_shared_memory(char *);
|
↓ open down ↓ |
558 lines elided |
↑ open up ↑ |
559 559
560 560 int API_Initialized();
561 561 void Terminate_All_Process_Sessions();
562 562 int API_Register();
563 563 void API_UnRegister();
564 564
565 565 void CreateXProcLock(void *);
566 566 int XProcLock(void *);
567 567 int XProcUnLock(void *);
568 568
569 -void _init(void);
570 569 void loginit();
571 570 void logterm();
572 571 void logit(int, char *, ...);
573 572 void AddToSessionList(Session_Struct_t *);
574 573 void RemoveFromSessionList(Session_Struct_t *);
575 574
576 575 int Valid_Session(Session_Struct_t *, ST_SESSION_T *);
577 576
578 577 CK_BBOOL pin_expired(CK_SESSION_INFO *, CK_FLAGS);
579 578 CK_BBOOL pin_locked(CK_SESSION_INFO *, CK_FLAGS);
580 579 void set_login_flags(CK_USER_TYPE, CK_FLAGS *);
581 580
582 581 extern void init_slot_info(TOKEN_DATA *);
583 582
584 583 CK_RV update_migration_data(TSS_HCONTEXT,
585 584 TSS_HKEY, TSS_HKEY, char *, char *, BYTE *, BYTE *);
586 585 CK_RV token_rng(TSS_HCONTEXT, CK_BYTE *, CK_ULONG);
587 586
588 587 TSS_RESULT set_public_modulus(TSS_HCONTEXT, TSS_HKEY,
589 588 unsigned long, unsigned char *);
590 589 TSS_RESULT open_tss_context(TSS_HCONTEXT *);
591 590 CK_RV token_get_tpm_info(TSS_HCONTEXT, TOKEN_DATA *);
592 591
593 592 CK_RV clock_set_default_attributes(TEMPLATE *);
594 593 CK_RV clock_check_required_attributes(TEMPLATE *, CK_ULONG);
595 594 CK_RV clock_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
596 595
597 596 CK_RV counter_set_default_attributes(TEMPLATE *);
598 597 CK_RV counter_check_required_attributes(TEMPLATE *, CK_ULONG);
599 598 CK_RV counter_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
600 599
601 600 CK_RV compute_next_token_obj_name(CK_BYTE *, CK_BYTE *);
602 601
603 602 CK_RV save_token_object(TSS_HCONTEXT, OBJECT *);
604 603 CK_RV save_public_token_object(OBJECT *);
605 604 CK_RV save_private_token_object(TSS_HCONTEXT, OBJECT *);
606 605
607 606 CK_RV load_public_token_objects(void);
608 607 CK_RV load_private_token_objects(TSS_HCONTEXT);
609 608
610 609 CK_RV reload_token_object(TSS_HCONTEXT, OBJECT *);
611 610
612 611 CK_RV delete_token_object(OBJECT *);
613 612
614 613 CK_RV init_token_data(TSS_HCONTEXT, TOKEN_DATA *);
615 614 CK_RV load_token_data(TSS_HCONTEXT, TOKEN_DATA *);
616 615 CK_RV save_token_data(TOKEN_DATA *);
617 616 void copy_slot_info(CK_SLOT_ID, CK_SLOT_INFO_PTR);
618 617
619 618 CK_RV compute_sha(CK_BYTE *, CK_ULONG_32, CK_BYTE *);
620 619
621 620 CK_RV parity_is_odd(CK_BYTE);
622 621
623 622 CK_RV build_attribute(CK_ATTRIBUTE_TYPE,
624 623 CK_BYTE *, CK_ULONG, CK_ATTRIBUTE **);
625 624
626 625 CK_RV add_pkcs_padding(CK_BYTE *, UINT32, UINT32, UINT32);
627 626
628 627 CK_RV strip_pkcs_padding(CK_BYTE *, UINT32, UINT32 *);
629 628
630 629 CK_RV remove_leading_zeros(CK_ATTRIBUTE *);
631 630
632 631 CK_RV rsa_pkcs_encrypt(
633 632 SESSION *,
634 633 CK_BBOOL,
635 634 ENCR_DECR_CONTEXT *,
636 635 CK_BYTE *,
637 636 CK_ULONG,
638 637 CK_BYTE *,
639 638 CK_ULONG *);
640 639
641 640 CK_RV rsa_pkcs_decrypt(SESSION *,
642 641 CK_BBOOL,
643 642 ENCR_DECR_CONTEXT *,
644 643 CK_BYTE *,
645 644 CK_ULONG,
646 645 CK_BYTE *,
647 646 CK_ULONG *);
648 647
649 648 CK_RV rsa_pkcs_sign(SESSION *,
650 649 CK_BBOOL,
651 650 SIGN_VERIFY_CONTEXT *,
652 651 CK_BYTE *,
653 652 CK_ULONG,
654 653 CK_BYTE *,
655 654 CK_ULONG *);
656 655
657 656 CK_RV rsa_pkcs_verify(SESSION *,
658 657 SIGN_VERIFY_CONTEXT *,
659 658 CK_BYTE *,
660 659 CK_ULONG,
661 660 CK_BYTE *,
662 661 CK_ULONG);
663 662
664 663 CK_RV rsa_pkcs_verify_recover(SESSION *,
665 664 CK_BBOOL,
666 665 SIGN_VERIFY_CONTEXT *,
667 666 CK_BYTE *,
668 667 CK_ULONG,
669 668 CK_BYTE *,
670 669 CK_ULONG *);
671 670
672 671 CK_RV rsa_hash_pkcs_sign(SESSION *,
673 672 CK_BBOOL,
674 673 SIGN_VERIFY_CONTEXT *,
675 674 CK_BYTE *,
676 675 CK_ULONG,
677 676 CK_BYTE *,
678 677 CK_ULONG *);
679 678
680 679 CK_RV rsa_hash_pkcs_verify(SESSION *,
681 680 SIGN_VERIFY_CONTEXT *,
682 681 CK_BYTE *,
683 682 CK_ULONG,
684 683 CK_BYTE *,
685 684 CK_ULONG);
686 685
687 686 CK_RV rsa_hash_pkcs_sign_update(SESSION *,
688 687 SIGN_VERIFY_CONTEXT *,
689 688 CK_BYTE *,
690 689 CK_ULONG);
691 690
692 691 CK_RV rsa_hash_pkcs_verify_update(SESSION *,
693 692 SIGN_VERIFY_CONTEXT *,
694 693 CK_BYTE *,
695 694 CK_ULONG);
696 695
697 696 CK_RV rsa_hash_pkcs_sign_final(SESSION *,
698 697 CK_BBOOL,
699 698 SIGN_VERIFY_CONTEXT *,
700 699 CK_BYTE *,
701 700 CK_ULONG *);
702 701
703 702 CK_RV rsa_hash_pkcs_verify_final(SESSION *,
704 703 SIGN_VERIFY_CONTEXT *,
705 704 CK_BYTE *,
706 705 CK_ULONG);
707 706
708 707
709 708 CK_RV ckm_rsa_key_pair_gen(TSS_HCONTEXT, TEMPLATE *, TEMPLATE *);
710 709
711 710 CK_RV sha1_hash(SESSION *, CK_BBOOL,
712 711 DIGEST_CONTEXT *,
713 712 CK_BYTE *, CK_ULONG,
714 713 CK_BYTE *, CK_ULONG *);
715 714
716 715 CK_RV sha1_hmac_sign(SESSION *, CK_BBOOL,
717 716 SIGN_VERIFY_CONTEXT *,
718 717 CK_BYTE *,
719 718 CK_ULONG,
720 719 CK_BYTE *,
721 720 CK_ULONG *);
722 721
723 722 CK_RV sha1_hmac_verify(SESSION *,
724 723 SIGN_VERIFY_CONTEXT *,
725 724 CK_BYTE *,
726 725 CK_ULONG,
727 726 CK_BYTE *,
728 727 CK_ULONG);
729 728
730 729 CK_RV md5_hash(SESSION *, CK_BBOOL,
731 730 DIGEST_CONTEXT *,
732 731 CK_BYTE *, CK_ULONG,
733 732 CK_BYTE *, CK_ULONG *);
734 733
735 734 CK_RV md5_hmac_sign(SESSION *, CK_BBOOL,
736 735 SIGN_VERIFY_CONTEXT *,
737 736 CK_BYTE *,
738 737 CK_ULONG,
739 738 CK_BYTE *,
740 739 CK_ULONG *);
741 740
742 741 CK_RV md5_hmac_verify(SESSION *,
743 742 SIGN_VERIFY_CONTEXT *,
744 743 CK_BYTE *,
745 744 CK_ULONG,
746 745 CK_BYTE *,
747 746 CK_ULONG);
748 747
749 748 DL_NODE *dlist_add_as_first(DL_NODE *, void *);
750 749 DL_NODE *dlist_add_as_last(DL_NODE *, void *);
751 750 DL_NODE *dlist_find(DL_NODE *, void *);
752 751 DL_NODE *dlist_get_first(DL_NODE *);
753 752 DL_NODE *dlist_get_last(DL_NODE *);
754 753 CK_ULONG dlist_length(DL_NODE *);
755 754 DL_NODE *dlist_next(DL_NODE *);
756 755 DL_NODE *dlist_prev(DL_NODE *);
757 756 void dlist_purge(DL_NODE *);
758 757 DL_NODE *dlist_remove_node(DL_NODE *, DL_NODE *);
759 758
760 759 CK_RV attach_shm(void);
761 760 CK_RV detach_shm(void);
762 761
763 762 // encryption manager routines
764 763 //
765 764 CK_RV encr_mgr_init(SESSION *,
766 765 ENCR_DECR_CONTEXT *,
767 766 CK_ULONG,
768 767 CK_MECHANISM *,
769 768 CK_OBJECT_HANDLE);
770 769
771 770 CK_RV encr_mgr_cleanup(ENCR_DECR_CONTEXT *);
772 771
773 772 CK_RV encr_mgr_encrypt(SESSION *, CK_BBOOL,
774 773 ENCR_DECR_CONTEXT *,
775 774 CK_BYTE *, CK_ULONG,
776 775 CK_BYTE *, CK_ULONG *);
777 776
778 777 CK_RV decr_mgr_init(SESSION *,
779 778 ENCR_DECR_CONTEXT *,
780 779 CK_ULONG,
781 780 CK_MECHANISM *,
782 781 CK_OBJECT_HANDLE);
783 782
784 783 CK_RV decr_mgr_cleanup(ENCR_DECR_CONTEXT *);
785 784
786 785 CK_RV decr_mgr_decrypt(SESSION *, CK_BBOOL,
787 786 ENCR_DECR_CONTEXT *,
788 787 CK_BYTE *, CK_ULONG,
789 788 CK_BYTE *, CK_ULONG *);
790 789
791 790 CK_RV digest_mgr_cleanup(DIGEST_CONTEXT *);
792 791
793 792 CK_RV digest_mgr_init(SESSION *,
794 793 DIGEST_CONTEXT *,
795 794 CK_MECHANISM *);
796 795
797 796 CK_RV digest_mgr_digest(SESSION *, CK_BBOOL,
798 797 DIGEST_CONTEXT *,
799 798 CK_BYTE *, CK_ULONG,
800 799 CK_BYTE *, CK_ULONG *);
801 800
802 801 CK_RV digest_mgr_digest_update(SESSION *,
803 802 DIGEST_CONTEXT *,
804 803 CK_BYTE *, CK_ULONG);
805 804
806 805 CK_RV digest_mgr_digest_key(SESSION *,
807 806 DIGEST_CONTEXT *,
808 807 CK_OBJECT_HANDLE);
809 808
810 809 CK_RV digest_mgr_digest_final(SESSION *,
811 810 DIGEST_CONTEXT *,
812 811 CK_BYTE *, CK_ULONG *);
813 812
814 813 CK_RV key_mgr_generate_key_pair(SESSION *,
815 814 CK_MECHANISM *,
816 815 CK_ATTRIBUTE *, CK_ULONG,
817 816 CK_ATTRIBUTE *, CK_ULONG,
818 817 CK_OBJECT_HANDLE *,
819 818 CK_OBJECT_HANDLE *);
820 819
821 820 CK_RV key_mgr_wrap_key(SESSION *,
822 821 CK_BBOOL,
823 822 CK_MECHANISM *,
824 823 CK_OBJECT_HANDLE,
825 824 CK_OBJECT_HANDLE,
826 825 CK_BYTE *,
827 826 CK_ULONG *);
828 827
829 828 CK_RV key_mgr_unwrap_key(SESSION *,
830 829 CK_MECHANISM *,
831 830 CK_ATTRIBUTE *,
832 831 CK_ULONG,
833 832 CK_BYTE *,
834 833 CK_ULONG,
835 834 CK_OBJECT_HANDLE,
836 835 CK_OBJECT_HANDLE *);
837 836
838 837 CK_RV sign_mgr_init(SESSION *,
839 838 SIGN_VERIFY_CONTEXT *,
840 839 CK_MECHANISM *,
841 840 CK_BBOOL,
842 841 CK_OBJECT_HANDLE);
843 842
844 843 CK_RV sign_mgr_cleanup(SIGN_VERIFY_CONTEXT *);
845 844
846 845 CK_RV sign_mgr_sign(SESSION *,
847 846 CK_BBOOL,
848 847 SIGN_VERIFY_CONTEXT *,
849 848 CK_BYTE *,
850 849 CK_ULONG,
851 850 CK_BYTE *,
852 851 CK_ULONG *);
853 852
854 853 CK_RV sign_mgr_sign_recover(SESSION *,
855 854 CK_BBOOL,
856 855 SIGN_VERIFY_CONTEXT *,
857 856 CK_BYTE *,
858 857 CK_ULONG,
859 858 CK_BYTE *,
860 859 CK_ULONG *);
861 860
862 861 CK_RV sign_mgr_sign_final(SESSION *,
863 862 CK_BBOOL,
864 863 SIGN_VERIFY_CONTEXT *,
865 864 CK_BYTE *,
866 865 CK_ULONG *);
867 866
868 867 CK_RV sign_mgr_sign_update(SESSION *,
869 868 SIGN_VERIFY_CONTEXT *,
870 869 CK_BYTE *,
871 870 CK_ULONG);
872 871
873 872 CK_RV verify_mgr_init(SESSION *,
874 873 SIGN_VERIFY_CONTEXT *,
875 874 CK_MECHANISM *,
876 875 CK_BBOOL,
877 876 CK_OBJECT_HANDLE);
878 877
879 878 CK_RV verify_mgr_cleanup(SIGN_VERIFY_CONTEXT *);
880 879
881 880 CK_RV verify_mgr_verify(SESSION *,
882 881 SIGN_VERIFY_CONTEXT *,
883 882 CK_BYTE *,
884 883 CK_ULONG,
885 884 CK_BYTE *,
886 885 CK_ULONG);
887 886
888 887 CK_RV verify_mgr_verify_recover(SESSION *,
889 888 CK_BBOOL,
890 889 SIGN_VERIFY_CONTEXT *,
891 890 CK_BYTE *,
892 891 CK_ULONG,
893 892 CK_BYTE *,
894 893 CK_ULONG *);
895 894
896 895 CK_RV verify_mgr_verify_update(SESSION *,
897 896 SIGN_VERIFY_CONTEXT *,
898 897 CK_BYTE *,
899 898 CK_ULONG);
900 899
901 900 CK_RV verify_mgr_verify_final(SESSION *,
902 901 SIGN_VERIFY_CONTEXT *,
903 902 CK_BYTE *,
904 903 CK_ULONG);
905 904
906 905
907 906 // session manager routines
908 907 //
909 908 CK_RV session_mgr_close_all_sessions(void);
910 909 CK_RV session_mgr_close_session(SESSION *);
911 910 SESSION *session_mgr_find(CK_SESSION_HANDLE);
912 911 CK_RV session_mgr_login_all(CK_USER_TYPE);
913 912 CK_RV session_mgr_logout_all(void);
914 913 CK_RV session_mgr_new(CK_ULONG, SESSION **);
915 914
916 915 CK_BBOOL session_mgr_readonly_exists(void);
917 916 CK_BBOOL session_mgr_so_session_exists(void);
918 917 CK_BBOOL session_mgr_user_session_exists(void);
919 918 CK_BBOOL session_mgr_public_session_exists(void);
920 919
921 920 CK_RV session_mgr_get_op_state(SESSION *, CK_BBOOL,
922 921 CK_BYTE *, CK_ULONG *);
923 922
924 923 CK_RV session_mgr_set_op_state(SESSION *,
925 924 CK_OBJECT_HANDLE, CK_OBJECT_HANDLE, CK_BYTE *);
926 925
927 926 CK_RV object_mgr_add(SESSION *,
928 927 CK_ATTRIBUTE *, CK_ULONG, CK_OBJECT_HANDLE *);
929 928
930 929 CK_RV object_mgr_add_to_map(SESSION *, OBJECT *, CK_OBJECT_HANDLE *);
931 930
932 931 CK_RV object_mgr_add_to_shm(OBJECT *);
933 932 CK_RV object_mgr_del_from_shm(OBJECT *);
934 933
935 934 CK_RV object_mgr_copy(SESSION *,
936 935 CK_ATTRIBUTE *, CK_ULONG, CK_OBJECT_HANDLE,
937 936 CK_OBJECT_HANDLE *);
938 937
939 938 CK_RV object_mgr_create_final(SESSION *,
940 939 OBJECT *, CK_OBJECT_HANDLE *);
941 940
942 941 CK_RV object_mgr_create_skel(SESSION *,
943 942 CK_ATTRIBUTE *, CK_ULONG, CK_ULONG,
944 943 CK_ULONG, CK_ULONG, OBJECT **);
945 944
946 945 CK_RV object_mgr_destroy_object(SESSION *, CK_OBJECT_HANDLE);
947 946
948 947 CK_RV object_mgr_destroy_token_objects(TSS_HCONTEXT);
949 948
950 949 CK_RV object_mgr_find_in_map1(TSS_HCONTEXT, CK_OBJECT_HANDLE, OBJECT **);
951 950
952 951 CK_RV object_mgr_find_in_map2(TSS_HCONTEXT, OBJECT *, CK_OBJECT_HANDLE *);
953 952
954 953 CK_RV object_mgr_find_init(SESSION *, CK_ATTRIBUTE *, CK_ULONG);
955 954
956 955 CK_RV object_mgr_find_build_list(SESSION *,
957 956 CK_ATTRIBUTE *,
958 957 CK_ULONG,
959 958 DL_NODE *,
960 959 CK_BBOOL public_only);
961 960
962 961 CK_RV object_mgr_find_final(SESSION *);
963 962
964 963 CK_RV object_mgr_get_attribute_values(SESSION *,
965 964 CK_OBJECT_HANDLE,
966 965 CK_ATTRIBUTE *,
967 966 CK_ULONG);
968 967
969 968 CK_RV object_mgr_get_object_size(TSS_HCONTEXT, CK_OBJECT_HANDLE,
970 969 CK_ULONG *);
971 970
972 971 CK_BBOOL object_mgr_invalidate_handle1(CK_OBJECT_HANDLE handle);
973 972
974 973 CK_BBOOL object_mgr_invalidate_handle2(OBJECT *);
975 974
976 975 CK_BBOOL object_mgr_purge_session_objects(SESSION *, SESS_OBJ_TYPE);
977 976
978 977 CK_BBOOL object_mgr_purge_token_objects(TSS_HCONTEXT);
979 978
980 979 CK_BBOOL object_mgr_purge_private_token_objects(TSS_HCONTEXT);
981 980
982 981 CK_RV object_mgr_remove_from_map(CK_OBJECT_HANDLE);
983 982
984 983 CK_RV object_mgr_restore_obj(CK_BYTE *, OBJECT *);
985 984
986 985 CK_RV object_mgr_set_attribute_values(SESSION *,
987 986 CK_OBJECT_HANDLE,
988 987 CK_ATTRIBUTE *,
989 988 CK_ULONG);
990 989
991 990 CK_BBOOL object_mgr_purge_map(SESSION *, SESS_OBJ_TYPE);
992 991
993 992 CK_RV object_create(CK_ATTRIBUTE *, CK_ULONG, OBJECT **);
994 993
995 994 CK_RV object_create_skel(CK_ATTRIBUTE *,
996 995 CK_ULONG,
997 996 CK_ULONG,
998 997 CK_ULONG,
999 998 CK_ULONG,
1000 999 OBJECT **);
1001 1000
1002 1001 CK_RV object_copy(CK_ATTRIBUTE *,
1003 1002 CK_ULONG,
1004 1003 OBJECT *,
1005 1004 OBJECT **);
1006 1005
1007 1006 CK_RV object_flatten(OBJECT *,
1008 1007 CK_BYTE **,
1009 1008 CK_ULONG_32 *);
1010 1009
1011 1010 CK_BBOOL object_free(OBJECT *);
1012 1011
1013 1012 CK_RV object_get_attribute_values(OBJECT *,
1014 1013 CK_ATTRIBUTE *,
1015 1014 CK_ULONG);
1016 1015
1017 1016 CK_ULONG object_get_size(OBJECT *);
1018 1017
1019 1018 CK_RV object_restore(CK_BYTE *,
1020 1019 OBJECT **,
1021 1020 CK_BBOOL replace);
1022 1021
1023 1022 CK_RV object_set_attribute_values(OBJECT *,
1024 1023 CK_ATTRIBUTE *,
1025 1024 CK_ULONG);
1026 1025
1027 1026 CK_BBOOL object_is_modifiable(OBJECT *);
1028 1027 CK_BBOOL object_is_private(OBJECT *);
1029 1028 CK_BBOOL object_is_public(OBJECT *);
1030 1029 CK_BBOOL object_is_token_object(OBJECT *);
1031 1030 CK_BBOOL object_is_session_object(OBJECT *);
1032 1031
1033 1032 CK_BBOOL is_attribute_defined(CK_ATTRIBUTE_TYPE);
1034 1033
1035 1034 CK_RV template_add_attributes(TEMPLATE *,
1036 1035 CK_ATTRIBUTE *, CK_ULONG);
1037 1036
1038 1037 CK_RV template_add_default_attributes(TEMPLATE *,
1039 1038 CK_ULONG,
1040 1039 CK_ULONG,
1041 1040 CK_ULONG);
1042 1041
1043 1042 CK_BBOOL template_attribute_find(TEMPLATE *,
1044 1043 CK_ATTRIBUTE_TYPE, CK_ATTRIBUTE **);
1045 1044
1046 1045 void template_attribute_find_multiple(TEMPLATE *,
1047 1046 ATTRIBUTE_PARSE_LIST *,
1048 1047 CK_ULONG);
1049 1048
1050 1049 CK_BBOOL template_check_exportability(TEMPLATE *, CK_ATTRIBUTE_TYPE type);
1051 1050
1052 1051 CK_RV template_check_required_attributes(TEMPLATE *,
1053 1052 CK_ULONG, CK_ULONG, CK_ULONG);
1054 1053
1055 1054 CK_RV template_check_required_base_attributes(TEMPLATE *,
1056 1055 CK_ULONG);
1057 1056
1058 1057 CK_BBOOL template_compare(CK_ATTRIBUTE *,
1059 1058 CK_ULONG, TEMPLATE *);
1060 1059
1061 1060 CK_RV template_copy(TEMPLATE *, TEMPLATE *);
1062 1061
1063 1062 CK_RV template_flatten(TEMPLATE *, CK_BYTE *);
1064 1063
1065 1064 CK_RV template_free(TEMPLATE *);
1066 1065
1067 1066 CK_BBOOL template_get_class(TEMPLATE *, CK_ULONG *, CK_ULONG *);
1068 1067
1069 1068 CK_ULONG template_get_count(TEMPLATE *);
1070 1069
1071 1070 CK_ULONG template_get_size(TEMPLATE *);
1072 1071 CK_ULONG template_get_compressed_size(TEMPLATE *);
1073 1072
1074 1073 CK_RV template_set_default_common_attributes(TEMPLATE *);
1075 1074
1076 1075 CK_RV template_merge(TEMPLATE *, TEMPLATE **);
1077 1076
1078 1077 CK_RV template_update_attribute(TEMPLATE *, CK_ATTRIBUTE *);
1079 1078
1080 1079 CK_RV template_unflatten(TEMPLATE **, CK_BYTE *, CK_ULONG);
1081 1080
1082 1081 CK_RV template_validate_attribute(TEMPLATE *,
1083 1082 CK_ATTRIBUTE *, CK_ULONG, CK_ULONG, CK_ULONG);
1084 1083
1085 1084 CK_RV template_validate_attributes(TEMPLATE *,
1086 1085 CK_ULONG, CK_ULONG, CK_ULONG);
1087 1086
1088 1087 CK_RV template_validate_base_attribute(TEMPLATE *,
1089 1088 CK_ATTRIBUTE *, CK_ULONG);
1090 1089
1091 1090
1092 1091 // DATA OBJECT ROUTINES
1093 1092 //
1094 1093 CK_RV data_object_check_required_attributes(TEMPLATE *, CK_ULONG);
1095 1094 CK_RV data_object_set_default_attributes(TEMPLATE *, CK_ULONG);
1096 1095 CK_RV data_object_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1097 1096
1098 1097 // CERTIFICATE ROUTINES
1099 1098 CK_RV cert_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1100 1099
1101 1100 CK_RV cert_x509_check_required_attributes(TEMPLATE *, CK_ULONG);
1102 1101 CK_RV cert_x509_set_default_attributes(TEMPLATE *, CK_ULONG);
1103 1102 CK_RV cert_x509_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1104 1103 CK_RV cert_vendor_check_required_attributes(TEMPLATE *, CK_ULONG);
1105 1104 CK_RV cert_vendor_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1106 1105
1107 1106 //
1108 1107 // KEY ROUTINES
1109 1108 //
1110 1109 CK_RV key_object_check_required_attributes(TEMPLATE *, CK_ULONG);
1111 1110 CK_RV key_object_set_default_attributes(TEMPLATE *, CK_ULONG);
1112 1111 CK_RV key_object_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1113 1112
1114 1113 CK_RV publ_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1115 1114 CK_RV publ_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1116 1115 CK_RV publ_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1117 1116
1118 1117 CK_RV priv_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1119 1118 CK_RV priv_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1120 1119 CK_RV priv_key_unwrap(TEMPLATE *, CK_ULONG, CK_BYTE *, CK_ULONG);
1121 1120 CK_RV priv_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1122 1121
1123 1122 CK_BBOOL secret_key_check_exportability(CK_ATTRIBUTE_TYPE type);
1124 1123 CK_RV secret_key_check_required_attributes(TEMPLATE *, CK_ULONG);
1125 1124 CK_RV secret_key_set_default_attributes(TEMPLATE *, CK_ULONG);
1126 1125 CK_RV secret_key_unwrap(TEMPLATE *, CK_ULONG, CK_BYTE *, CK_ULONG,
1127 1126 CK_BBOOL fromend);
1128 1127 CK_RV secret_key_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *,
1129 1128 CK_ULONG);
1130 1129
1131 1130 // rsa routines
1132 1131 //
1133 1132 CK_RV rsa_publ_check_required_attributes(TEMPLATE *, CK_ULONG);
1134 1133 CK_RV rsa_publ_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1135 1134 CK_RV rsa_publ_set_default_attributes(TEMPLATE *, CK_ULONG);
1136 1135 CK_BBOOL rsa_priv_check_exportability(CK_ATTRIBUTE_TYPE type);
1137 1136 CK_RV rsa_priv_check_required_attributes(TEMPLATE *, CK_ULONG);
1138 1137 CK_RV rsa_priv_set_default_attributes(TEMPLATE *, CK_ULONG);
1139 1138 CK_RV rsa_priv_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1140 1139 CK_RV rsa_priv_wrap_get_data(TEMPLATE *, CK_BBOOL, CK_BYTE **, CK_ULONG *);
1141 1140 CK_RV rsa_priv_unwrap(TEMPLATE *, CK_BYTE *, CK_ULONG);
1142 1141
1143 1142 // Generic secret key routines
1144 1143 CK_RV generic_secret_check_required_attributes(TEMPLATE *, CK_ULONG);
1145 1144 CK_RV generic_secret_set_default_attributes(TEMPLATE *, CK_ULONG);
1146 1145 CK_RV generic_secret_validate_attribute(TEMPLATE *, CK_ATTRIBUTE *, CK_ULONG);
1147 1146 CK_RV generic_secret_wrap_get_data(TEMPLATE *, CK_BBOOL,
1148 1147 CK_BYTE **, CK_ULONG *);
1149 1148
1150 1149 CK_RV generic_secret_unwrap(TEMPLATE *, CK_BYTE *, CK_ULONG, CK_BBOOL fromend);
1151 1150
1152 1151 CK_RV tpm_encrypt_data(TSS_HCONTEXT,
1153 1152 TSS_HKEY, CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *);
1154 1153
1155 1154 CK_RV tpm_decrypt_data(TSS_HCONTEXT,
1156 1155 TSS_HKEY, CK_BYTE *, CK_ULONG, CK_BYTE *, CK_ULONG *);
1157 1156
1158 1157 CK_ULONG ber_encode_INTEGER(CK_BBOOL,
1159 1158 CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1160 1159
1161 1160 CK_RV ber_decode_INTEGER(CK_BYTE *,
1162 1161 CK_BYTE **, CK_ULONG *, CK_ULONG *);
1163 1162
1164 1163 CK_RV ber_encode_OCTET_STRING(CK_BBOOL,
1165 1164 CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1166 1165
1167 1166 CK_RV ber_decode_OCTET_STRING(CK_BYTE *,
1168 1167 CK_BYTE **, CK_ULONG *, CK_ULONG *);
1169 1168
1170 1169 CK_RV ber_encode_SEQUENCE(CK_BBOOL,
1171 1170 CK_BYTE **, CK_ULONG *, CK_BYTE *, CK_ULONG);
1172 1171
1173 1172 CK_RV ber_decode_SEQUENCE(CK_BYTE *,
1174 1173 CK_BYTE **, CK_ULONG *, CK_ULONG *);
1175 1174
1176 1175 CK_RV ber_encode_PrivateKeyInfo(CK_BBOOL,
1177 1176 CK_BYTE **, CK_ULONG *, CK_BYTE *,
1178 1177 CK_ULONG, CK_BYTE *, CK_ULONG);
1179 1178
1180 1179 CK_RV ber_decode_PrivateKeyInfo(CK_BYTE *,
1181 1180 CK_ULONG, CK_BYTE **, CK_ULONG *, CK_BYTE **);
1182 1181
1183 1182 CK_RV ber_encode_RSAPrivateKey(CK_BBOOL,
1184 1183 CK_BYTE **, CK_ULONG *, CK_ATTRIBUTE *,
1185 1184 CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *,
1186 1185 CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *,
1187 1186 CK_ATTRIBUTE *);
1188 1187
1189 1188 CK_RV ber_decode_RSAPrivateKey(CK_BYTE *,
1190 1189 CK_ULONG, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1191 1190 CK_ATTRIBUTE **, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1192 1191 CK_ATTRIBUTE **, CK_ATTRIBUTE **, CK_ATTRIBUTE **);
1193 1192
1194 1193
1195 1194 CK_RV ber_encode_DSAPrivateKey(CK_BBOOL,
1196 1195 CK_BYTE **, CK_ULONG *, CK_ATTRIBUTE *,
1197 1196 CK_ATTRIBUTE *, CK_ATTRIBUTE *, CK_ATTRIBUTE *);
1198 1197
1199 1198 CK_RV ber_decode_DSAPrivateKey(CK_BYTE *,
1200 1199 CK_ULONG, CK_ATTRIBUTE **, CK_ATTRIBUTE **,
1201 1200 CK_ATTRIBUTE **, CK_ATTRIBUTE **);
1202 1201
1203 1202 #define APPID "TPM_STDLL"
1204 1203
1205 1204 /* log to stdout */
1206 1205 #define LogMessage(dest, priority, layer, fmt, ...) \
1207 1206 (void) fprintf(dest, "%s %s %s:%d " fmt "\n", (char *)priority, \
1208 1207 (char *)layer, (char *)__FILE__,\
1209 1208 (int)__LINE__, __VA_ARGS__);
1210 1209
1211 1210 #define LogMessage1(dest, priority, layer, data) \
1212 1211 (void) fprintf(dest, "%s %s %s:%d %s\n", priority, layer, __FILE__, \
1213 1212 __LINE__, data);
1214 1213
1215 1214 /* Debug logging */
1216 1215 #ifdef DEBUG
1217 1216 #define LogDebug(fmt, ...) LogMessage(stdout, "LOG_DEBUG", APPID, \
1218 1217 fmt, __VA_ARGS__)
1219 1218
1220 1219 #define LogDebug1(data) LogMessage1(stdout, "LOG_DEBUG", APPID, data)
1221 1220
1222 1221 /* Error logging */
1223 1222 #define LogError(fmt, ...) LogMessage(stderr, "LOG_ERR", APPID,\
1224 1223 "ERROR: " fmt, __VA_ARGS__)
1225 1224
1226 1225 #define LogError1(data) LogMessage1(stderr, "LOG_ERR", APPID,\
1227 1226 "ERROR: " data)
1228 1227
1229 1228 /* Warn logging */
1230 1229 #define LogWarn(fmt, ...) LogMessage(stdout, "LOG_WARNING", APPID,\
1231 1230 "WARNING: " fmt, __VA_ARGS__)
1232 1231
1233 1232 #define LogWarn1(data) LogMessage1(stdout, "LOG_WARNING", APPID,\
1234 1233 "WARNING: " data)
1235 1234
1236 1235 /* Info Logging */
1237 1236 #define LogInfo(fmt, ...) LogMessage(stdout, "LOG_INFO", APPID,\
1238 1237 fmt, __VA_ARGS__)
1239 1238
1240 1239 #define LogInfo1(data) LogMessage1(stdout, "LOG_INFO", APPID, data)
1241 1240
1242 1241 #define st_err_log(...) LogMessage(stderr, "ST MSG", APPID,\
1243 1242 "", __VA_ARGS__)
1244 1243 #else
1245 1244 #define LogDebug(...)
1246 1245 #define LogDebug1(...)
1247 1246 #define LogBlob(...)
1248 1247 #define LogError(...)
1249 1248 #define LogError1(...)
1250 1249 #define LogWarn(...)
1251 1250 #define LogWarn1(...)
1252 1251 #define LogInfo(...)
1253 1252 #define LogInfo1(...)
1254 1253 #define st_err_log(...)
1255 1254 #endif
1256 1255
1257 1256 /*
1258 1257 * CK_FUNCTION_LIST is a structure holding a Cryptoki spec
1259 1258 * version and pointers of appropriate types to all the
1260 1259 * Cryptoki functions
1261 1260 */
1262 1261
1263 1262 /* CK_FUNCTION_LIST is new for v2.0 */
1264 1263
1265 1264 typedef CK_RV
1266 1265 (CK_PTR ST_C_Initialize)
1267 1266 (void *ppFunctionList, CK_SLOT_ID slotID, CK_CHAR_PTR pCorrelator);
1268 1267 typedef CK_RV
1269 1268 (CK_PTR ST_C_Finalize)
1270 1269 (CK_VOID_PTR pReserved);
1271 1270 typedef CK_RV
1272 1271 (CK_PTR ST_C_Terminate)();
1273 1272 typedef CK_RV
1274 1273 (CK_PTR ST_C_GetInfo)
1275 1274 (CK_INFO_PTR pInfo);
1276 1275 typedef CK_RV
1277 1276 (CK_PTR ST_C_GetFunctionList)
1278 1277 (CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
1279 1278 typedef CK_RV
1280 1279 (CK_PTR ST_C_GetSlotList)
1281 1280 (CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList,
1282 1281 CK_ULONG_PTR pusCount);
1283 1282 typedef CK_RV
1284 1283 (CK_PTR ST_C_GetSlotInfo)
1285 1284 (CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo);
1286 1285 typedef CK_RV
1287 1286 (CK_PTR ST_C_GetTokenInfo)
1288 1287 (CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo);
1289 1288 typedef CK_RV
1290 1289 (CK_PTR ST_C_GetMechanismList)
1291 1290 (CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList,
1292 1291 CK_ULONG_PTR pusCount);
1293 1292 typedef CK_RV
1294 1293 (CK_PTR ST_C_GetMechanismInfo)
1295 1294 (CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
1296 1295 CK_MECHANISM_INFO_PTR pInfo);
1297 1296 typedef CK_RV
1298 1297 (CK_PTR ST_C_InitToken)
1299 1298 (CK_SLOT_ID slotID, CK_CHAR_PTR pPin, CK_ULONG usPinLen,
1300 1299 CK_CHAR_PTR pLabel);
1301 1300 typedef CK_RV
1302 1301 (CK_PTR ST_C_InitPIN)
1303 1302 (ST_SESSION_T hSession, CK_CHAR_PTR pPin,
1304 1303 CK_ULONG usPinLen);
1305 1304 typedef CK_RV
1306 1305 (CK_PTR ST_C_SetPIN)
1307 1306 (ST_SESSION_T hSession, CK_CHAR_PTR pOldPin,
1308 1307 CK_ULONG usOldLen, CK_CHAR_PTR pNewPin,
1309 1308 CK_ULONG usNewLen);
1310 1309
1311 1310 typedef CK_RV
1312 1311 (CK_PTR ST_C_OpenSession)
1313 1312 (CK_SLOT_ID slotID, CK_FLAGS flags,
1314 1313 CK_SESSION_HANDLE_PTR phSession);
1315 1314
1316 1315 typedef CK_RV
1317 1316 (CK_PTR ST_C_CloseSession)
1318 1317 (ST_SESSION_T hSession);
1319 1318 typedef CK_RV
1320 1319 (CK_PTR ST_C_CloseAllSessions)
1321 1320 (CK_SLOT_ID slotID);
1322 1321 typedef CK_RV
1323 1322 (CK_PTR ST_C_GetSessionInfo)
1324 1323 (ST_SESSION_T hSession, CK_SESSION_INFO_PTR pInfo);
1325 1324 typedef CK_RV
1326 1325 (CK_PTR ST_C_GetOperationState)
1327 1326 (ST_SESSION_T hSession, CK_BYTE_PTR pOperationState,
1328 1327 CK_ULONG_PTR pulOperationStateLen);
1329 1328 typedef CK_RV
1330 1329 (CK_PTR ST_C_SetOperationState)
1331 1330 (ST_SESSION_T hSession, CK_BYTE_PTR pOperationState,
1332 1331 CK_ULONG ulOperationStateLen,
1333 1332 CK_OBJECT_HANDLE hEncryptionKey,
1334 1333 CK_OBJECT_HANDLE hAuthenticationKey);
1335 1334 typedef CK_RV
1336 1335 (CK_PTR ST_C_Login)(ST_SESSION_T hSession,
1337 1336 CK_USER_TYPE userType, CK_CHAR_PTR pPin,
1338 1337 CK_ULONG usPinLen);
1339 1338 typedef CK_RV
1340 1339 (CK_PTR ST_C_Logout)(ST_SESSION_T hSession);
1341 1340 typedef CK_RV
1342 1341 (CK_PTR ST_C_CreateObject)
1343 1342 (ST_SESSION_T hSession, CK_ATTRIBUTE_PTR pTemplate,
1344 1343 CK_ULONG usCount, CK_OBJECT_HANDLE_PTR phObject);
1345 1344
1346 1345 typedef CK_RV
1347 1346 (CK_PTR ST_C_CopyObject)
1348 1347 (ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1349 1348 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
1350 1349 CK_OBJECT_HANDLE_PTR phNewObject);
1351 1350 typedef CK_RV
1352 1351 (CK_PTR ST_C_DestroyObject)
1353 1352 (ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject);
1354 1353 typedef CK_RV
1355 1354 (CK_PTR ST_C_GetObjectSize)
1356 1355 (ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1357 1356 CK_ULONG_PTR pusSize);
1358 1357 typedef CK_RV
1359 1358 (CK_PTR ST_C_GetAttributeValue)
1360 1359 (ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1361 1360 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount);
1362 1361 typedef CK_RV
1363 1362 (CK_PTR ST_C_SetAttributeValue)
1364 1363 (ST_SESSION_T hSession, CK_OBJECT_HANDLE hObject,
1365 1364 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount);
1366 1365 typedef CK_RV
1367 1366 (CK_PTR ST_C_FindObjectsInit)
1368 1367 (ST_SESSION_T hSession, CK_ATTRIBUTE_PTR pTemplate,
1369 1368 CK_ULONG usCount);
1370 1369 typedef CK_RV
1371 1370 (CK_PTR ST_C_FindObjects)
1372 1371 (ST_SESSION_T hSession,
1373 1372 CK_OBJECT_HANDLE_PTR phObject, CK_ULONG usMaxObjectCount,
1374 1373 CK_ULONG_PTR pusObjectCount);
1375 1374 typedef CK_RV
1376 1375 (CK_PTR ST_C_FindObjectsFinal)
1377 1376 (ST_SESSION_T hSession);
1378 1377 typedef CK_RV
1379 1378 (CK_PTR ST_C_EncryptInit)
1380 1379 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1381 1380 CK_OBJECT_HANDLE hKey);
1382 1381 typedef CK_RV
1383 1382 (CK_PTR ST_C_Encrypt)
1384 1383 (ST_SESSION_T hSession, CK_BYTE_PTR pData,
1385 1384 CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
1386 1385 CK_ULONG_PTR pusEncryptedDataLen);
1387 1386 typedef CK_RV
1388 1387 (CK_PTR ST_C_EncryptUpdate)
1389 1388 (ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1390 1389 CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
1391 1390 CK_ULONG_PTR pusEncryptedPartLen);
1392 1391 typedef CK_RV
1393 1392 (CK_PTR ST_C_EncryptFinal)
1394 1393 (ST_SESSION_T hSession,
1395 1394 CK_BYTE_PTR pLastEncryptedPart,
1396 1395 CK_ULONG_PTR pusLastEncryptedPartLen);
1397 1396 typedef CK_RV
1398 1397 (CK_PTR ST_C_DecryptInit)
1399 1398 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1400 1399 CK_OBJECT_HANDLE hKey);
1401 1400 typedef CK_RV
1402 1401 (CK_PTR ST_C_Decrypt)
1403 1402 (ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedData,
1404 1403 CK_ULONG usEncryptedDataLen, CK_BYTE_PTR pData,
1405 1404 CK_ULONG_PTR pusDataLen);
1406 1405 typedef CK_RV
1407 1406 (CK_PTR ST_C_DecryptUpdate)
1408 1407 (ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedPart,
1409 1408 CK_ULONG usEncryptedPartLen, CK_BYTE_PTR pPart,
1410 1409 CK_ULONG_PTR pusPartLen);
1411 1410 typedef CK_RV
1412 1411 (CK_PTR ST_C_DecryptFinal)
1413 1412 (ST_SESSION_T hSession, CK_BYTE_PTR pLastPart,
1414 1413 CK_ULONG_PTR pusLastPartLen);
1415 1414 typedef CK_RV
1416 1415 (CK_PTR ST_C_DigestInit)
1417 1416 (ST_SESSION_T hSession,
1418 1417 CK_MECHANISM_PTR pMechanism);
1419 1418 typedef CK_RV
1420 1419 (CK_PTR ST_C_Digest)
1421 1420 (ST_SESSION_T hSession, CK_BYTE_PTR pData,
1422 1421 CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
1423 1422 CK_ULONG_PTR pusDigestLen);
1424 1423 typedef CK_RV
1425 1424 (CK_PTR ST_C_DigestUpdate)
1426 1425 (ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1427 1426 CK_ULONG usPartLen);
1428 1427 typedef CK_RV
1429 1428 (CK_PTR ST_C_DigestKey)
1430 1429 (ST_SESSION_T hSession, CK_OBJECT_HANDLE hKey);
1431 1430 typedef CK_RV
1432 1431 (CK_PTR ST_C_DigestFinal)
1433 1432 (ST_SESSION_T hSession, CK_BYTE_PTR pDigest,
1434 1433 CK_ULONG_PTR pusDigestLen);
1435 1434 typedef CK_RV
1436 1435 (CK_PTR ST_C_SignInit)
1437 1436 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1438 1437 CK_OBJECT_HANDLE hKey);
1439 1438 typedef CK_RV
1440 1439 (CK_PTR ST_C_Sign)
1441 1440 (ST_SESSION_T hSession, CK_BYTE_PTR pData,
1442 1441 CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
1443 1442 CK_ULONG_PTR pusSignatureLen);
1444 1443 typedef CK_RV
1445 1444 (CK_PTR ST_C_SignUpdate)
1446 1445 (ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1447 1446 CK_ULONG usPartLen);
1448 1447 typedef CK_RV
1449 1448 (CK_PTR ST_C_SignFinal)
1450 1449 (ST_SESSION_T hSession, CK_BYTE_PTR pSignature,
1451 1450 CK_ULONG_PTR pusSignatureLen);
1452 1451 typedef CK_RV
1453 1452 (CK_PTR ST_C_SignRecoverInit)
1454 1453 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1455 1454 CK_OBJECT_HANDLE hKey);
1456 1455 typedef CK_RV
1457 1456 (CK_PTR ST_C_SignRecover)
1458 1457 (ST_SESSION_T hSession, CK_BYTE_PTR pData,
1459 1458 CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
1460 1459 CK_ULONG_PTR pusSignatureLen);
1461 1460 typedef CK_RV
1462 1461 (CK_PTR ST_C_VerifyInit)
1463 1462 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1464 1463 CK_OBJECT_HANDLE hKey);
1465 1464 typedef CK_RV
1466 1465 (CK_PTR ST_C_Verify)
1467 1466 (ST_SESSION_T hSession, CK_BYTE_PTR pData,
1468 1467 CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
1469 1468 CK_ULONG usSignatureLen);
1470 1469 typedef CK_RV
1471 1470 (CK_PTR ST_C_VerifyUpdate)
1472 1471 (ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1473 1472 CK_ULONG usPartLen);
1474 1473 typedef CK_RV
1475 1474 (CK_PTR ST_C_VerifyFinal)
1476 1475 (ST_SESSION_T hSession, CK_BYTE_PTR pSignature,
1477 1476 CK_ULONG usSignatureLen);
1478 1477 typedef CK_RV
1479 1478 (CK_PTR ST_C_VerifyRecoverInit)
1480 1479 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1481 1480 CK_OBJECT_HANDLE hKey);
1482 1481 typedef CK_RV
1483 1482 (CK_PTR ST_C_VerifyRecover)
1484 1483 (ST_SESSION_T hSession, CK_BYTE_PTR pSignature,
1485 1484 CK_ULONG usSignatureLen, CK_BYTE_PTR pData,
1486 1485 CK_ULONG_PTR pusDataLen);
1487 1486 typedef CK_RV
1488 1487 (CK_PTR ST_C_DigestEncryptUpdate)
1489 1488 (ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1490 1489 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1491 1490 CK_ULONG_PTR pulEncryptedPartLen);
1492 1491 typedef CK_RV
1493 1492 (CK_PTR ST_C_DecryptDigestUpdate)
1494 1493 (ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedPart,
1495 1494 CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
1496 1495 CK_ULONG_PTR pulPartLen);
1497 1496 typedef CK_RV
1498 1497 (CK_PTR ST_C_SignEncryptUpdate)
1499 1498 (ST_SESSION_T hSession, CK_BYTE_PTR pPart,
1500 1499 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1501 1500 CK_ULONG_PTR pulEncryptedPartLen);
1502 1501 typedef CK_RV
1503 1502 (CK_PTR ST_C_DecryptVerifyUpdate)
1504 1503 (ST_SESSION_T hSession, CK_BYTE_PTR pEncryptedPart,
1505 1504 CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
1506 1505 CK_ULONG_PTR pulPartLen);
1507 1506 typedef CK_RV
1508 1507 (CK_PTR ST_C_GenerateKey)
1509 1508 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1510 1509 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
1511 1510 CK_OBJECT_HANDLE_PTR phKey);
1512 1511 typedef CK_RV
1513 1512 (CK_PTR ST_C_GenerateKeyPair)
1514 1513 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1515 1514 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1516 1515 CK_ULONG usPublicKeyAttributeCount,
1517 1516 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
1518 1517 CK_ULONG usPrivateKeyAttributeCount,
1519 1518 CK_OBJECT_HANDLE_PTR phPrivateKey,
1520 1519 CK_OBJECT_HANDLE_PTR phPublicKey);
1521 1520 typedef CK_RV
1522 1521 (CK_PTR ST_C_WrapKey)
1523 1522 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1524 1523 CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
1525 1524 CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pusWrappedKeyLen);
1526 1525 typedef CK_RV
1527 1526 (CK_PTR ST_C_UnwrapKey)
1528 1527 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1529 1528 CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey,
1530 1529 CK_ULONG usWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate,
1531 1530 CK_ULONG usAttributeCount, CK_OBJECT_HANDLE_PTR phKey);
1532 1531 typedef CK_RV
1533 1532 (CK_PTR ST_C_DeriveKey)
1534 1533 (ST_SESSION_T hSession, CK_MECHANISM_PTR pMechanism,
1535 1534 CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate,
1536 1535 CK_ULONG usAttributeCount, CK_OBJECT_HANDLE_PTR phKey);
1537 1536 typedef CK_RV
1538 1537 (CK_PTR ST_C_SeedRandom)
1539 1538 (ST_SESSION_T hSession, CK_BYTE_PTR pSeed,
1540 1539 CK_ULONG usSeedLen);
1541 1540 typedef CK_RV
1542 1541 (CK_PTR ST_C_GenerateRandom)
1543 1542 (ST_SESSION_T hSession, CK_BYTE_PTR pRandomData,
1544 1543 CK_ULONG usRandomLen);
1545 1544 typedef CK_RV
1546 1545 (CK_PTR ST_C_GetFunctionStatus)
1547 1546 (ST_SESSION_T hSession);
1548 1547 typedef CK_RV
1549 1548 (CK_PTR ST_C_CancelFunction)
1550 1549 (ST_SESSION_T hSession);
1551 1550 typedef CK_RV
1552 1551 (CK_PTR ST_Notify)
1553 1552 (ST_SESSION_T hSession, CK_NOTIFICATION event,
1554 1553 CK_VOID_PTR pApplication);
1555 1554 typedef CK_RV
1556 1555 (CK_PTR ST_C_WaitForSlotEvent)
1557 1556 (CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
1558 1557 CK_VOID_PTR pReserved);
1559 1558
1560 1559
1561 1560
1562 1561 struct ST_FCN_LIST {
1563 1562
1564 1563 ST_C_Initialize ST_Initialize;
1565 1564 ST_C_Finalize ST_Finalize;
1566 1565
1567 1566 ST_C_GetTokenInfo ST_GetTokenInfo;
1568 1567 ST_C_GetMechanismList ST_GetMechanismList;
1569 1568 ST_C_GetMechanismInfo ST_GetMechanismInfo;
1570 1569 ST_C_InitToken ST_InitToken;
1571 1570 ST_C_InitPIN ST_InitPIN;
1572 1571 ST_C_SetPIN ST_SetPIN;
1573 1572
1574 1573 ST_C_OpenSession ST_OpenSession;
1575 1574 ST_C_CloseSession ST_CloseSession;
1576 1575 ST_C_GetSessionInfo ST_GetSessionInfo;
1577 1576 ST_C_GetOperationState ST_GetOperationState;
1578 1577 ST_C_SetOperationState ST_SetOperationState;
1579 1578 ST_C_Login ST_Login;
1580 1579 ST_C_Logout ST_Logout;
1581 1580
1582 1581 ST_C_CreateObject ST_CreateObject;
1583 1582 ST_C_CopyObject ST_CopyObject;
1584 1583 ST_C_DestroyObject ST_DestroyObject;
1585 1584 ST_C_GetObjectSize ST_GetObjectSize;
1586 1585 ST_C_GetAttributeValue ST_GetAttributeValue;
1587 1586 ST_C_SetAttributeValue ST_SetAttributeValue;
1588 1587 ST_C_FindObjectsInit ST_FindObjectsInit;
1589 1588 ST_C_FindObjects ST_FindObjects;
1590 1589 ST_C_FindObjectsFinal ST_FindObjectsFinal;
1591 1590
1592 1591
1593 1592 ST_C_EncryptInit ST_EncryptInit;
1594 1593 ST_C_Encrypt ST_Encrypt;
1595 1594 ST_C_EncryptUpdate ST_EncryptUpdate;
1596 1595 ST_C_EncryptFinal ST_EncryptFinal;
1597 1596 ST_C_DecryptInit ST_DecryptInit;
1598 1597 ST_C_Decrypt ST_Decrypt;
1599 1598 ST_C_DecryptUpdate ST_DecryptUpdate;
1600 1599 ST_C_DecryptFinal ST_DecryptFinal;
1601 1600 ST_C_DigestInit ST_DigestInit;
1602 1601 ST_C_Digest ST_Digest;
1603 1602 ST_C_DigestUpdate ST_DigestUpdate;
1604 1603 ST_C_DigestKey ST_DigestKey;
1605 1604 ST_C_DigestFinal ST_DigestFinal;
1606 1605 ST_C_SignInit ST_SignInit;
1607 1606 ST_C_Sign ST_Sign;
1608 1607 ST_C_SignUpdate ST_SignUpdate;
1609 1608 ST_C_SignFinal ST_SignFinal;
1610 1609 ST_C_SignRecoverInit ST_SignRecoverInit;
1611 1610 ST_C_SignRecover ST_SignRecover;
1612 1611 ST_C_VerifyInit ST_VerifyInit;
1613 1612 ST_C_Verify ST_Verify;
1614 1613 ST_C_VerifyUpdate ST_VerifyUpdate;
1615 1614 ST_C_VerifyFinal ST_VerifyFinal;
1616 1615 ST_C_VerifyRecoverInit ST_VerifyRecoverInit;
1617 1616 ST_C_VerifyRecover ST_VerifyRecover;
1618 1617 ST_C_DigestEncryptUpdate ST_DigestEncryptUpdate;
1619 1618 ST_C_DecryptDigestUpdate ST_DecryptDigestUpdate;
1620 1619 ST_C_SignEncryptUpdate ST_SignEncryptUpdate;
1621 1620 ST_C_DecryptVerifyUpdate ST_DecryptVerifyUpdate;
1622 1621 ST_C_GenerateKey ST_GenerateKey;
1623 1622 ST_C_GenerateKeyPair ST_GenerateKeyPair;
1624 1623 ST_C_WrapKey ST_WrapKey;
1625 1624 ST_C_UnwrapKey ST_UnwrapKey;
1626 1625 ST_C_DeriveKey ST_DeriveKey;
1627 1626 ST_C_SeedRandom ST_SeedRandom;
1628 1627 ST_C_GenerateRandom ST_GenerateRandom;
1629 1628 ST_C_GetFunctionStatus ST_GetFunctionStatus;
1630 1629 ST_C_CancelFunction ST_CancelFunction;
1631 1630 };
1632 1631
1633 1632 typedef struct ST_FCN_LIST STDLL_FcnList_t;
1634 1633
1635 1634 #endif /* _TPMTOK_INT_H */
|
↓ open down ↓ |
1056 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX