ikev2 New usr/src/cmd/cmd-inet/usr.lib/in.ikev2/common/pkcs11.h

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 
  22 /*
  23  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  *
  26  * Copyright 2017 Jason King.  All rights reserved.
  27  * Use is subject to license terms.
  28  */
  29 
  30 #ifndef _PKCS11_H
  31 #define _PKCS11_H
  32 
  33 #include <sys/types.h>
  34 #include <security/cryptoki.h>
  35 #include <bunyan.h>
  36 #include "defs.h"
  37 #include "ikev2.h"
  38 #include "buf.h"
  39 
  40 #ifdef __cplusplus
  41 extern "C" {
  42 #endif
  43 
  44 #define PKCS11ERR(_lvl, _log, _p11f, _rv, ...)                          \
  45         (void) bunyan_##_lvl((_log), "PKCS#11 call failed",             \
  46         BUNYAN_T_STRING, "func", _p11f,                                 \
  47         BUNYAN_T_UINT64, "errnum", (uint64_t)(_rv),                     \
  48         BUNYAN_T_STRING, "err", pkcs11_strerror(_rv),                   \
  49         ## __VA_ARGS__,                                                 \
  50         BUNYAN_T_END)
  51 
  52 typedef enum encr_mode {
  53         MODE_NONE,
  54         MODE_CBC,
  55         MODE_CTR,
  56         MODE_CCM,
  57         MODE_GCM
  58 } encr_modes_t;
  59 
  60 extern CK_INFO pkcs11_info;
  61 extern CK_SESSION_HANDLE p11h;
  62 
  63 /* PKCS#11 functions. */
  64 void pkcs11_init(void);
  65 void pkcs11_fini(void);
  66 
  67 boolean_t pkcs11_digest(CK_MECHANISM_TYPE, const buf_t *restrict, size_t,
  68     buf_t *restrict, bunyan_logger_t *);
  69 void pkcs11_destroy_obj(const char *, CK_OBJECT_HANDLE_PTR, bunyan_logger_t *);
  70 
  71 CK_MECHANISM_TYPE ikev2_encr_to_p11(ikev2_xf_encr_t);
  72 encr_modes_t ikev2_encr_mode(ikev2_xf_encr_t);
  73 size_t ikev2_encr_block_size(ikev2_xf_encr_t);
  74 size_t ikev2_encr_iv_size(ikev2_xf_encr_t);
  75 
  76 CK_MECHANISM_TYPE ikev2_auth_to_p11(ikev2_xf_auth_t);
  77 size_t ikev2_auth_icv_size(ikev2_xf_encr_t, ikev2_xf_auth_t);
  78 
  79 #ifdef __cplusplus
  80 }
  81 #endif
  82 
  83 #endif /* _PKCS11_H */