1084 /* object description */
1085 typedef struct dprov_object {
1086 crypto_object_attribute_t do_attr[DPROV_MAX_ATTR]; /* attributes */
1087 uint_t do_token_idx; /* index in per-instance table */
1088 /* for token objects. */
1089 boolean_t do_destroyed; /* object has been destroyed. */
1090 /* keep object around until all */
1091 /* sessions that refer to it */
1092 /* are closed, but mark it */
1093 /* destroyed so that references */
1094 /* to the object fail. */
1095 /* used for token objects only */
1096 uint_t do_refcnt;
1097 } dprov_object_t;
1098
1099 /*
1100 * If a session has a reference to a dprov_object_t,
1101 * it REFHOLD()s.
1102 */
1103 #define DPROV_OBJECT_REFHOLD(object) { \
1104 atomic_add_32(&(object)->do_refcnt, 1); \
1105 ASSERT((object)->do_refcnt != 0); \
1106 }
1107
1108 /*
1109 * Releases a reference to an object. When the last
1110 * reference is released, the object is freed.
1111 */
1112 #define DPROV_OBJECT_REFRELE(object) { \
1113 ASSERT((object)->do_refcnt != 0); \
1114 membar_exit(); \
1115 if (atomic_add_32_nv(&(object)->do_refcnt, -1) == 0) \
1116 dprov_free_object(object); \
1117 }
1118
1119 /*
1120 * Object attributes are passed to the provider using crypto_object_attribute
1121 * structures, which contain the type of the attribute, a pointer to
1122 * it's value, and the length of its value. The attribute types values
1123 * are defined by the PKCS#11 specification. This provider only cares
1124 * about a subset of these attributes. In order to avoid having to
1125 * include the PKCS#11 header files, we define here the attributes values
1126 * which are used by the provider.
1127 */
1128
1129 #define DPROV_CKA_CLASS 0x00000000
1130 #define DPROV_CKA_TOKEN 0x00000001
1131 #define DPROV_CKA_PRIVATE 0x00000002
1132 #define DPROV_CKA_VALUE 0x00000011
1133 #define DPROV_CKA_CERTIFICATE_TYPE 0x00000080
1134 #define DPROV_CKA_KEY_TYPE 0x00000100
1135 #define DPROV_CKA_SENSITIVE 0x00000103
|
1084 /* object description */
1085 typedef struct dprov_object {
1086 crypto_object_attribute_t do_attr[DPROV_MAX_ATTR]; /* attributes */
1087 uint_t do_token_idx; /* index in per-instance table */
1088 /* for token objects. */
1089 boolean_t do_destroyed; /* object has been destroyed. */
1090 /* keep object around until all */
1091 /* sessions that refer to it */
1092 /* are closed, but mark it */
1093 /* destroyed so that references */
1094 /* to the object fail. */
1095 /* used for token objects only */
1096 uint_t do_refcnt;
1097 } dprov_object_t;
1098
1099 /*
1100 * If a session has a reference to a dprov_object_t,
1101 * it REFHOLD()s.
1102 */
1103 #define DPROV_OBJECT_REFHOLD(object) { \
1104 atomic_inc_32(&(object)->do_refcnt); \
1105 ASSERT((object)->do_refcnt != 0); \
1106 }
1107
1108 /*
1109 * Releases a reference to an object. When the last
1110 * reference is released, the object is freed.
1111 */
1112 #define DPROV_OBJECT_REFRELE(object) { \
1113 ASSERT((object)->do_refcnt != 0); \
1114 membar_exit(); \
1115 if (atomic_dec_32_nv(&(object)->do_refcnt) == 0) \
1116 dprov_free_object(object); \
1117 }
1118
1119 /*
1120 * Object attributes are passed to the provider using crypto_object_attribute
1121 * structures, which contain the type of the attribute, a pointer to
1122 * it's value, and the length of its value. The attribute types values
1123 * are defined by the PKCS#11 specification. This provider only cares
1124 * about a subset of these attributes. In order to avoid having to
1125 * include the PKCS#11 header files, we define here the attributes values
1126 * which are used by the provider.
1127 */
1128
1129 #define DPROV_CKA_CLASS 0x00000000
1130 #define DPROV_CKA_TOKEN 0x00000001
1131 #define DPROV_CKA_PRIVATE 0x00000002
1132 #define DPROV_CKA_VALUE 0x00000011
1133 #define DPROV_CKA_CERTIFICATE_TYPE 0x00000080
1134 #define DPROV_CKA_KEY_TYPE 0x00000100
1135 #define DPROV_CKA_SENSITIVE 0x00000103
|