Mercurial > illumos > illumos-gate
view usr/src/lib/libkmf/libkmf/common/algorithm.c @ 5051:cbbb7c8b40a9
PSARC 2007/426 KMFAPI Interface Taxonomy Change
PSARC 2007/465 pktool symmetric key enhancements
6546405 KMF Interfaces need to be extensible
6547894 pktool should be more detailed
6590232 pktool should import and export generic keys
author | wyllys |
---|---|
date | Fri, 14 Sep 2007 12:13:39 -0700 |
parents | 2971a4d3cf72 |
children |
line wrap: on
line source
/* * Copyright (c) 1995-2000 Intel Corporation. All rights reserved. */ /* * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" #include <kmfapiP.h> #include <algorithm.h> #include <security/cryptoki.h> typedef struct _pkcs_key_type_map { KMF_ALGORITHM_INDEX kmfAlgorithmId; CK_KEY_TYPE ckKeyType; } PKCS_KEY_TYPE_MAP; static const PKCS_KEY_TYPE_MAP _PKCS2KMFKeyTypeMap[] = { { KMF_ALGID_RSA, CKK_RSA }, { KMF_ALGID_DSA, CKK_DSA } }; #define SUP(_ckmech_, _kmfalg_, _kmfcls_, _kmfmode_, _multi_, \ _fixkelen_, _keylen_, _fixblksz_, _blksz_, _reqiv_, _ivlen_,\ _regalgflg_, _keytype_, _desc_) \ { _ckmech_, _kmfalg_, _kmfcls_, _kmfmode_, _multi_, _fixkelen_,\ _keylen_, _fixblksz_, _blksz_, _reqiv_, _ivlen_, _regalgflg_,\ _keytype_, _desc_ }, static const PKCS_ALGORITHM_MAP _PKCS2KMFMap[] = { /* * PKCS #11 Mechanism, * Alg. ID * Alg. Class * Alg. Mode * Milti-Part * Fix Key Length * Key Length * Fix Block Size * Block Size * Needs IV * IV Length * Alg. Flags * Type * Description */ SUP(CKM_RSA_PKCS_KEY_PAIR_GEN, KMF_ALGID_RSA, KMF_ALGCLASS_KEYGEN,\ KMF_ALGMODE_NONE, 0, 0, 0,\ 0, 0, 0, 0, CKF_GENERATE_KEY_PAIR,\ CKK_RSA, "RSA PKCS #1 Key Pair Generation") SUP(CKM_RSA_X_509, KMF_ALGID_RSA, KMF_ALGCLASS_ASYMMETRIC, KMF_ALGMODE_NONE, 0, 0, 0, 0, 0, 0, 0, CKF_ENCRYPT, CKK_RSA, "RSA RAW Encryption") SUP(CKM_RSA_X_509, KMF_ALGID_RSA, KMF_ALGCLASS_ASYMMETRIC, KMF_ALGMODE_NONE, 0, 0, 0, 0, 0, 0, 0, CKF_SIGN_RECOVER, CKK_RSA, "RSA RAW Private Key Encryption") SUP(CKM_RSA_X_509, KMF_ALGID_RSA, KMF_ALGCLASS_SIGNATURE, KMF_ALGMODE_NONE, 0, 0, 0, 0, 0, 0, 0, CKF_SIGN, CKK_RSA, "RSA RAW Signature") SUP(CKM_RSA_PKCS, KMF_ALGID_RSA, KMF_ALGCLASS_SIGNATURE, KMF_ALGMODE_PKCS1_EMSA_V15, 0, 0, 0, 0, 0, 0, 0, CKF_SIGN, CKK_RSA, "RSA PKCS #1 Signature") SUP(CKM_MD2_RSA_PKCS, KMF_ALGID_MD2WithRSA, KMF_ALGCLASS_SIGNATURE, KMF_ALGMODE_PKCS1_EMSA_V15, 1, 0, 0, 0, 0, 0, 0, CKF_SIGN, CKK_RSA, "MD2 w/RSA Signature") SUP(CKM_MD5_RSA_PKCS, KMF_ALGID_MD5WithRSA, KMF_ALGCLASS_SIGNATURE, KMF_ALGMODE_PKCS1_EMSA_V15, 1, 0, 0, 0, 0, 0, 0, CKF_SIGN, CKK_RSA, "MD5 w/RSA Signature") SUP(CKM_SHA1_RSA_PKCS, KMF_ALGID_SHA1WithRSA, KMF_ALGCLASS_SIGNATURE, KMF_ALGMODE_PKCS1_EMSA_V15, 1, 0, 0, 0, 0, 0, 0, CKF_SIGN, CKK_RSA, "SHA-1 w/RSA Signature") SUP(CKM_DSA_KEY_PAIR_GEN, KMF_ALGID_DSA, KMF_ALGCLASS_KEYGEN, KMF_ALGMODE_NONE, 0, 0, 0, 0, 0, 0, 0, CKF_GENERATE_KEY_PAIR, CKK_DSA, "DSA Key Pair Generation") SUP(CKM_DSA, KMF_ALGID_DSA, KMF_ALGCLASS_SIGNATURE, KMF_ALGMODE_NONE, 0, 0, 0, 0, 0, 0, 0, CKF_SIGN, CKK_DSA, "DSA Signature") SUP(CKM_DSA_SHA1, KMF_ALGID_SHA1WithDSA, KMF_ALGCLASS_SIGNATURE, KMF_ALGMODE_NONE, 1, 0, 0, 0, 0, 0, 0, CKF_SIGN, CKK_DSA, "SHA-1 w/DSA Signature") SUP(CKM_SHA_1, KMF_ALGID_SHA1, KMF_ALGCLASS_DIGEST, KMF_ALGMODE_NONE, 1, 1, 20, 0, 0, 0, 0, CKF_DIGEST, (CK_KEY_TYPE)-1, "SHA-1") }; /* Undefine the macro definitions */ #undef SUP /* Number of items in the algorithm map table */ #define _PKCS2KMFMapCount (\ sizeof (_PKCS2KMFMap) / sizeof (_PKCS2KMFMap[0])) /* Indicator that the algorithm was not found */ #define PKCS_ALGORITHM_NOT_FOUND ((uint32_t)(~0)) /* * Name: pkcs_get_alg_map * * Description: * Searches the _PKCS2KMFMap table for a matching set of alg. * description parameters. * * Parameters: * algType (input) - KMF_ALGCLASS_* identifier to match. * algID (input) - KMF_ALGID_* identifier to match. * mode (input) - KMF_ALGMODE_* identifier to match. Use * KMF_ALGMODE_NONE if a mode does not apply. * * Returns: * Pointer to the lookup table entry that matches requested parameters. * Ptr->keylength will equal PKCS11CONVERT_NOT_FOUND if no match is found. */ PKCS_ALGORITHM_MAP * pkcs_get_alg_map(KMF_ALGCLASS algType, uint32_t algID, uint32_t mode) { uint32_t i = 0; for (i = 0; i < _PKCS2KMFMapCount; i++) { if ((_PKCS2KMFMap[i].context_type == algType) && (_PKCS2KMFMap[i].algorithm == algID) && (_PKCS2KMFMap[i].enc_mode == mode)) { return ((PKCS_ALGORITHM_MAP *)&(_PKCS2KMFMap[i])); } } return (NULL); } KMF_BOOL pkcs_algid_to_keytype(KMF_ALGORITHM_INDEX AlgId, CK_KEY_TYPE *pckKeyType) { uint32_t uIndex; uint32_t uMapSize = sizeof (_PKCS2KMFKeyTypeMap) / sizeof (PKCS_KEY_TYPE_MAP); for (uIndex = 0; uIndex < uMapSize; uIndex++) { if (_PKCS2KMFKeyTypeMap[uIndex].kmfAlgorithmId == AlgId) { *pckKeyType = _PKCS2KMFKeyTypeMap[uIndex].ckKeyType; return (1); } } return (0); }