10 #ifndef P6KEYSTORE_H__
11 #define P6KEYSTORE_H__ 1
123 #define IF_p6IEnumKeystore {0x2fea7c69,0xc0cf,0x4a80,{0x84,0x2f,0x1,0x97,0x4b,0x79,0xeb,0xda}}
361 #define IF_p6IKeystoreQuery {0xb3541c2e,0x703e,0x416d,{0xb0,0xcd,0x30,0x35,0xa7,0xb7,0x60,0x98}}
477 #define IF_p6IKeystoreInit {0xCE121684,0x4E87,0x63FD,{0xBF,0xA6,0xAF,0x86,0xBE,0x5C,0x6D,0xA5}}
990 #define IF_p6IKeystore {0x6ecb5d85,0x2751,0x49ad,{0x99,0xda,0x2a,0xa1,0x73,0xfc,0x27,0x37}}
993 #define COMP_p6Keystore {0xc65cdff1,0x4e4a,0x4bba,{0x9e,0x38,0x12,0x73,0xc8,0x89,0x5e,0xf}}
999 #define P6_KEYSTORE_SERVICE_INTERFACE "p6r.com.p6IKeystore.Global"
P6SIGNHMAC
Supported HMAC algorthms for signing:
virtual P6R::P6ERR updateKeyMetaData(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICryptoKey *pKey)=0
Allows the modification of the meta data associated with an existing key.
virtual P6R::P6ERR getCertificateByFingerprint(P6WCHAR *pFingerprint, P6DIGESTS digest, p6ICert **pCert)=0
Finds and returns an existing certificate with the matching fingerprint.
This interface allows the caller to find an existing key, certificate, or blob (e.g., password) by a namespace and name pair.
virtual P6R::P6ERR replaceCertificateByUUID(P6UUID *pUUID, p6ICert *pCert)=0
Deletes an existing certificate matching the global unique identifer, and then creates a new certific...
virtual P6R::P6ERR replaceCertificate(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICert *pCert)=0
Deletes an existing certificate matching the 'pNamespace pName' identifer, and then creates a new cer...
virtual P6R::P6ERR deleteBlob(const P6WCHAR *pNamespace, const P6WCHAR *pName)=0
Deletes the blob defined by the 'pNamespace pName' from the keystore.
virtual P6R::P6ERR getKeyByUUID(P6UUID *pUUID, p6ICryptoKey **pKey)=0
Finds and returns an existing key with the matching global unique identifer.
Cryptography component definitions.
This interface provides key metadata infrormation and key access.
This is an often used construct where an application needs to provide an unknown number of wide strin...
virtual P6R::P6ERR replaceBlobByUUID(P6UUID *pUUID, P6BSTR blob)=0
Deletes an existing blob matching the global unique identifer, and then creates a new blob (with the ...
virtual P6R::P6ERR enumKeyLikeCipher(const P6WCHAR *pCipher, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
P6UINT32 P6KEYSTOREFLAGS
P6KEYSTOREFLAGS.
const P6KEYSTOREFLAGS P6KEYSTORE_NOFLAGS
virtual P6R::P6ERR getCertificateChainByUUID(P6UUID *pUUID, p6ICert **pCertChain, P6UINT32 numChain, P6UINT32 *pNumWritten)=0
Finds and returns a certificate chain associated with an existing key.
This interface allows the user to enumerate keys or certificates based on different sets of meta data...
P6CRYPTOKEYCLASS
Used to categorize keys:
virtual P6R::P6ERR openSigned(const P6WCHAR *pPath, const P6WCHAR *pKeystoreName)=0
Allows the caller access to the contents of a keystore.
virtual P6R::P6ERR setKey(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICryptoKey *pKey, p6ICert **pCertChain, P6UINT32 numChain, P6UUID *pUUID)=0
Creates a new key in the keystore with the matching 'pNamespace pName' identifier.
P6KEYSTORE_TYPE
Value indicates the type of data returned in a P6R::p6IEnumKeystore enumerator.
virtual P6R::P6ERR getType(P6UUID *pUUID, P6KEYSTORE_ENTRY *pType)=0
Given the UUID return the objects type, Namespace, and Name parameters.
virtual P6R::P6ERR deleteItem(P6UUID *pUUID)=0
Deletes an entry in the keystore by its global unique identifer.
virtual P6R::P6ERR replaceKey(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICryptoKey *pKey, p6ICert **pCertChain, P6UINT32 numChain)=0
Deletes an existing key matching the 'pNamespace pName' identifer, and then creates a new key (with t...
virtual P6R::P6ERR resetStore()=0
Deletes all entries in the openned keystore (i.e., setting the keystore to its initial empty state)...
virtual P6R::P6ERR enumEntries(P6KEYSTORE_TYPE byType, const P6WCHAR *pNamespace, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the entries in a keystore...
virtual P6R::P6ERR next(P6UINT32 cElements, P6KEYSTORE_ENTRY *parElements, P6UINT32 *pcReturned)=0
This method is used to iterate by identifer and type the defined entires in a keystore.
const P6UINT32 P6KSMAXNAME
virtual P6R::P6ERR replaceBlob(const P6WCHAR *pNamespace, const P6WCHAR *pName, P6BSTR blob)=0
Deletes an existing blob matching the 'pNamespace pName' identifer, and then creates a new blob (with...
P6CRYPTOCIPHER
Cipher Type.
virtual P6R::P6ERR setBlob(const P6WCHAR *pNamespace, const P6WCHAR *pName, P6BSTR blob, P6UUID *pUUID)=0
Creates a new blob in the keystore with the matching 'pNamespace pName' identifier.
virtual P6R::P6ERR enumKeyBySizeByCipher(P6UINT32 size, P6INT8 comparator, P6CRYPTOCIPHER cipher, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
const P6KEYSTOREFLAGS P6KEYSTORE_RECOVERBADSIG
const P6KEYSTOREFLAGS P6KEYSTORE_NOLOADMETA
wchar_t P6WCHAR
Wide character type see p6i18n.h.
Interface definitions for symmetric key encryption.
virtual P6R::P6ERR getCertificate(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICert **pCert)=0
Finds and returns an existing certificate with the matching 'pNamespace pName' identifier.
The base interface all [p6]COM components must derive from and implement.
virtual P6R::P6ERR deleteKey(const P6WCHAR *pNamespace, const P6WCHAR *pName)=0
Deletes the key defined by the 'pNamespace pName' identifer from the keystore.
virtual P6R::P6ERR open(const P6WCHAR *pURI)=0
Allows the caller access to the contents of a keystore.
virtual P6R::P6ERR enumKeyByExpired(P6TIME expired, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR initialize(P6KEYSTOREFLAGS flags, p6ISymmetricCrypto *pEncryptKey, P6SIGNHMAC signAlg, p6ICryptoKey *pSignKey)=0
Sets up the component to run properly.
virtual P6R::P6ERR reset()=0
This method is used to re-start the enumerator at the beginning.
The p6IEnumKeystore returns this type in order to distinguish between the keys, certs, and blobs that can all be stored in the same keystore.
virtual P6R::P6ERR replaceKeyByUUID(P6UUID *pUUID, p6ICryptoKey *pKey, p6ICert **pCertChain, P6UINT32 numChain)=0
Deletes an existing key matching the global unique identifer, and then creates a new key (with the sa...
This interface is a general purpose string enumerator.
virtual P6R::P6ERR updateKeyMetaDataByUUID(P6UUID *pUUID, p6ICryptoKey *pKey)=0
Allows the modification of the meta data associated with an existing key.
P6CRYPTOKEYSTATE
The current state of the key as defined in: NIST DRAFT Special Publication 800-130, A Framework for Designing Cryptographic Key Management Systems, June 15, 2010.
Interface definition for X509 V3 Certificates.
A universally unique indentifier (UUID).
virtual P6R::P6ERR setCertificate(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICert *pCert, P6UUID *pUUID)=0
Creates a new certificate in the keystore with the matching 'pNamespace pName' identifier.
virtual P6R::P6ERR getCertificateChain(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICert **pCertChain, P6UINT32 numChain, P6UINT32 *pNumWritten)=0
Finds and returns a certificate chain associated with an existing key.
virtual P6R::P6ERR getKey(const P6WCHAR *pNamespace, const P6WCHAR *pName, p6ICryptoKey **pKey)=0
Finds and returns an existing key with the matching 'pNamespace pName' identifer (e.g., 'SSH host_key' )
const P6UINT32 P6KSMAXNAMESPACE
This enumerator allows the caller to get a list of all defined entries that exist in the openned keys...
This interface allows the caller to access parts of an X509 V3 certificate for use in protocols and i...
virtual P6R::P6ERR enumCertBySubject(const P6WCHAR *pSubject, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to find one or more certificates with the given subject...
virtual P6R::P6ERR getBlob(const P6WCHAR *pNamespace, const P6WCHAR *pName, P6BSTR *pBlob)=0
Finds and returns an existing array of untyped bytes (i.e., a blob) with the matching 'pNamespace pNa...
virtual P6R::P6ERR enumKeyBySizeByClass(P6UINT32 size, P6INT8 comparator, P6CRYPTOKEYCLASS keyClass, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR enumKeyByCipher(P6CRYPTOCIPHER cipher, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
This interface provides symmetric key encryption/decryption using AES, Blowfish, CAST5 DES and varian...
P6INT64 P6TIME
The wallclock time represented as the number of microseconds since midnight January 1 1970 UTC...
virtual P6R::P6ERR deleteCertificate(const P6WCHAR *pNamespace, const P6WCHAR *pName)=0
Deletes the certificate defined by the 'pNamespace pName' identifier from the keystore.
virtual P6R::P6ERR enumKeyByRenewal(P6TIME expired, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR enumKeyBySize(P6UINT32 size, P6INT8 comparator, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
Interface definition for the cryptographic signature generation and verification. ...
virtual P6R::P6ERR getBlobByUUID(P6UUID *pUUID, P6BSTR *pBlob)=0
Finds and returns an existing array of untyped bytes (i.e., a blob) with the matching global unique i...
virtual P6R::P6ERR enumKeyByState(P6CRYPTOKEYSTATE state, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR enumKeyByClass(P6CRYPTOKEYCLASS keyClass, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR enumNamespaces(p6IEnumWStr **ppEnum)=0
The returned enumerator can be used to get a list of all namespaces defined in a keystore.
virtual P6R::P6ERR getCertificateByUUID(P6UUID *pUUID, p6ICert **pCert)=0
Finds and returns an existing certificate with the matching global unique identifier.
virtual P6R::P6ERR enumKeyLikeDescriptiveLabel(const P6WCHAR *pDescription, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
virtual P6R::P6ERR close()=0
Closes access to keystore contents.
virtual P6R::P6ERR enumKeyLikeUse(const P6WCHAR *pUse, p6IEnumKeystore **ppEnum)=0
The returned enumerator can be used to walk all the entires or a subset of the key entries in a keyst...
This interface is used to create/open/manage the keystore.
P6R Cryptographic key interface definitions.