nss-3.41/nss/lib/ckfw/capi/ckcapi.h - manifest_repos/nss - Git at Google

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

 #ifndef CKCAPI_H
 #define CKCAPI_H 1

 #include "nssckmdt.h"
 #include "nssckfw.h"

 /*
  * I'm including this for access to the arena functions.
  * Looks like we should publish that API.
  */
 #ifndef BASE_H
 #include "base.h"
 #endif /* BASE_H */

 /*
  * This is where the Netscape extensions live, at least for now.
  */
 #ifndef CKT_H
 #include "ckt.h"
 #endif /* CKT_H */

 #include "wtypes.h"
 #include "wincrypt.h"

 /*
  * statically defined raw objects. Allows us to data description objects
  * to this PKCS #11 module.
  */
 struct ckcapiRawObjectStr {
     CK_ULONG n;
     const CK_ATTRIBUTE_TYPE *types;
     const NSSItem *items;
 };
 typedef struct ckcapiRawObjectStr ckcapiRawObject;

 /*
  * common values needed for both bare keys and cert referenced keys.
  */
 struct ckcapiKeyParamsStr {
     NSSItem modulus;
     NSSItem exponent;
     NSSItem privateExponent;
     NSSItem prime1;
     NSSItem prime2;
     NSSItem exponent1;
     NSSItem exponent2;
     NSSItem coefficient;
     unsigned char publicExponentData[sizeof(CK_ULONG)];
     void *privateKey;
     void *pubKey;
 };
 typedef struct ckcapiKeyParamsStr ckcapiKeyParams;

 /*
  * Key objects. Handles bare keys which do not yet have certs associated
  * with them. These are usually short lived, but may exist for several days
  * while the CA is issuing the certificate.
  */
 struct ckcapiKeyObjectStr {
     CRYPT_KEY_PROV_INFO provInfo;
     char *provName;
     char *containerName;
     HCRYPTPROV hProv;
     ckcapiKeyParams key;
 };
 typedef struct ckcapiKeyObjectStr ckcapiKeyObject;

 /*
  * Certificate and certificate referenced keys.
  */
 struct ckcapiCertObjectStr {
     PCCERT_CONTEXT certContext;
     PRBool hasID;
     const char *certStore;
     NSSItem label;
     NSSItem subject;
     NSSItem issuer;
     NSSItem serial;
     NSSItem derCert;
     ckcapiKeyParams key;
     unsigned char *labelData;
     /* static data: to do, make this dynamic like labelData */
     unsigned char derSerial[128];
 };
 typedef struct ckcapiCertObjectStr ckcapiCertObject;

 typedef enum {
     ckcapiRaw,
     ckcapiCert,
     ckcapiBareKey
 } ckcapiObjectType;

 /*
  * all the various types of objects are abstracted away in cobject and
  * cfind as ckcapiInternalObjects.
  */
 struct ckcapiInternalObjectStr {
     ckcapiObjectType type;
     union {
         ckcapiRawObject raw;
         ckcapiCertObject cert;
         ckcapiKeyObject key;
     } u;
     CK_OBJECT_CLASS objClass;
     NSSItem hashKey;
     NSSItem id;
     void *idData;
     unsigned char hashKeyData[128];
     NSSCKMDObject mdObject;
 };
 typedef struct ckcapiInternalObjectStr ckcapiInternalObject;

 /* our raw object data array */
 NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[];
 NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects;

 NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion;
 NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_ManufacturerID;
 NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_LibraryDescription;
 NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion;
 NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_SlotDescription;
 NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion;
 NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion;
 NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenLabel;
 NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenModel;
 NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenSerialNumber;

 NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance;
 NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot;
 NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken;
 NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA;

 NSS_EXTERN NSSCKMDSession *
 nss_ckcapi_CreateSession(
     NSSCKFWSession *fwSession,
     CK_RV *pError);

 NSS_EXTERN NSSCKMDFindObjects *
 nss_ckcapi_FindObjectsInit(
     NSSCKFWSession *fwSession,
     CK_ATTRIBUTE_PTR pTemplate,
     CK_ULONG ulAttributeCount,
     CK_RV *pError);

 /*
  * Object Utilities
  */
 NSS_EXTERN NSSCKMDObject *
 nss_ckcapi_CreateMDObject(
     NSSArena *arena,
     ckcapiInternalObject *io,
     CK_RV *pError);

 NSS_EXTERN NSSCKMDObject *
 nss_ckcapi_CreateObject(
     NSSCKFWSession *fwSession,
     CK_ATTRIBUTE_PTR pTemplate,
     CK_ULONG ulAttributeCount,
     CK_RV *pError);

 NSS_EXTERN const NSSItem *
 nss_ckcapi_FetchAttribute(
     ckcapiInternalObject *io,
     CK_ATTRIBUTE_TYPE type);

 NSS_EXTERN void
 nss_ckcapi_DestroyInternalObject(
     ckcapiInternalObject *io);

 NSS_EXTERN CK_RV
 nss_ckcapi_FetchKeyContainer(
     ckcapiInternalObject *iKey,
     HCRYPTPROV *hProv,
     DWORD *keySpec,
     HCRYPTKEY *hKey);

 /*
  * generic utilities
  */

 /*
  * So everyone else in the worlds stores their bignum data MSB first, but not
  * Microsoft, we need to byte swap everything coming into and out of CAPI.
  */
 void
 ckcapi_ReverseData(
     NSSItem *item);

 /*
  * unwrap a single DER value
  */
 unsigned char *
 nss_ckcapi_DERUnwrap(
     unsigned char *src,
     unsigned int size,
     unsigned int *outSize,
     unsigned char **next);

 /*
  * Return the size in bytes of a wide string
  */
 int
 nss_ckcapi_WideSize(
     LPCWSTR wide);

 /*
  * Covert a Unicode wide character string to a UTF8 string
  */
 char *
 nss_ckcapi_WideToUTF8(
     LPCWSTR wide);

 /*
  * Return a Wide String duplicated with nss allocated memory.
  */
 LPWSTR
 nss_ckcapi_WideDup(
     LPCWSTR wide);

 /*
  * Covert a UTF8 string to Unicode wide character
  */
 LPWSTR
 nss_ckcapi_UTF8ToWide(
     char *buf);

 NSS_EXTERN PRUint32
 nss_ckcapi_collect_all_certs(
     CK_ATTRIBUTE_PTR pTemplate,
     CK_ULONG ulAttributeCount,
     ckcapiInternalObject ***listp,
     PRUint32 *sizep,
     PRUint32 count,
     CK_RV *pError);

 #define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0])))

 #endif
	/* This Source Code Form is subject to the terms of the Mozilla Public
	* License, v. 2.0. If a copy of the MPL was not distributed with this
	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */

	#ifndef CKCAPI_H
	#define CKCAPI_H 1

	#include "nssckmdt.h"
	#include "nssckfw.h"

	/*
	* I'm including this for access to the arena functions.
	* Looks like we should publish that API.
	*/
	#ifndef BASE_H
	#include "base.h"
	#endif /* BASE_H */

	/*
	* This is where the Netscape extensions live, at least for now.
	*/
	#ifndef CKT_H
	#include "ckt.h"
	#endif /* CKT_H */

	#include "wtypes.h"
	#include "wincrypt.h"

	/*
	* statically defined raw objects. Allows us to data description objects
	* to this PKCS #11 module.
	*/
	struct ckcapiRawObjectStr {
	CK_ULONG n;
	const CK_ATTRIBUTE_TYPE *types;
	const NSSItem *items;
	};
	typedef struct ckcapiRawObjectStr ckcapiRawObject;

	/*
	* common values needed for both bare keys and cert referenced keys.
	*/
	struct ckcapiKeyParamsStr {
	NSSItem modulus;
	NSSItem exponent;
	NSSItem privateExponent;
	NSSItem prime1;
	NSSItem prime2;
	NSSItem exponent1;
	NSSItem exponent2;
	NSSItem coefficient;
	unsigned char publicExponentData[sizeof(CK_ULONG)];
	void *privateKey;
	void *pubKey;
	};
	typedef struct ckcapiKeyParamsStr ckcapiKeyParams;

	/*
	* Key objects. Handles bare keys which do not yet have certs associated
	* with them. These are usually short lived, but may exist for several days
	* while the CA is issuing the certificate.
	*/
	struct ckcapiKeyObjectStr {
	CRYPT_KEY_PROV_INFO provInfo;
	char *provName;
	char *containerName;
	HCRYPTPROV hProv;
	ckcapiKeyParams key;
	};
	typedef struct ckcapiKeyObjectStr ckcapiKeyObject;

	/*
	* Certificate and certificate referenced keys.
	*/
	struct ckcapiCertObjectStr {
	PCCERT_CONTEXT certContext;
	PRBool hasID;
	const char *certStore;
	NSSItem label;
	NSSItem subject;
	NSSItem issuer;
	NSSItem serial;
	NSSItem derCert;
	ckcapiKeyParams key;
	unsigned char *labelData;
	/* static data: to do, make this dynamic like labelData */
	unsigned char derSerial[128];
	};
	typedef struct ckcapiCertObjectStr ckcapiCertObject;

	typedef enum {
	ckcapiRaw,
	ckcapiCert,
	ckcapiBareKey
	} ckcapiObjectType;

	/*
	* all the various types of objects are abstracted away in cobject and
	* cfind as ckcapiInternalObjects.
	*/
	struct ckcapiInternalObjectStr {
	ckcapiObjectType type;
	union {
	ckcapiRawObject raw;
	ckcapiCertObject cert;
	ckcapiKeyObject key;
	} u;
	CK_OBJECT_CLASS objClass;
	NSSItem hashKey;
	NSSItem id;
	void *idData;
	unsigned char hashKeyData[128];
	NSSCKMDObject mdObject;
	};
	typedef struct ckcapiInternalObjectStr ckcapiInternalObject;

	/* our raw object data array */
	NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[];
	NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects;

	NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion;
	NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_ManufacturerID;
	NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_LibraryDescription;
	NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion;
	NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_SlotDescription;
	NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion;
	NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion;
	NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenLabel;
	NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenModel;
	NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenSerialNumber;

	NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance;
	NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot;
	NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken;
	NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA;

	NSS_EXTERN NSSCKMDSession *
	nss_ckcapi_CreateSession(
	NSSCKFWSession *fwSession,
	CK_RV *pError);

	NSS_EXTERN NSSCKMDFindObjects *
	nss_ckcapi_FindObjectsInit(
	NSSCKFWSession *fwSession,
	CK_ATTRIBUTE_PTR pTemplate,
	CK_ULONG ulAttributeCount,
	CK_RV *pError);

	/*
	* Object Utilities
	*/
	NSS_EXTERN NSSCKMDObject *
	nss_ckcapi_CreateMDObject(
	NSSArena *arena,
	ckcapiInternalObject *io,
	CK_RV *pError);

	NSS_EXTERN NSSCKMDObject *
	nss_ckcapi_CreateObject(
	NSSCKFWSession *fwSession,
	CK_ATTRIBUTE_PTR pTemplate,
	CK_ULONG ulAttributeCount,
	CK_RV *pError);

	NSS_EXTERN const NSSItem *
	nss_ckcapi_FetchAttribute(
	ckcapiInternalObject *io,
	CK_ATTRIBUTE_TYPE type);

	NSS_EXTERN void
	nss_ckcapi_DestroyInternalObject(
	ckcapiInternalObject *io);

	NSS_EXTERN CK_RV
	nss_ckcapi_FetchKeyContainer(
	ckcapiInternalObject *iKey,
	HCRYPTPROV *hProv,
	DWORD *keySpec,
	HCRYPTKEY *hKey);

	/*
	* generic utilities
	*/

	/*
	* So everyone else in the worlds stores their bignum data MSB first, but not
	* Microsoft, we need to byte swap everything coming into and out of CAPI.
	*/
	void
	ckcapi_ReverseData(
	NSSItem *item);

	/*
	* unwrap a single DER value
	*/
	unsigned char *
	nss_ckcapi_DERUnwrap(
	unsigned char *src,
	unsigned int size,
	unsigned int *outSize,
	unsigned char **next);

	/*
	* Return the size in bytes of a wide string
	*/
	int
	nss_ckcapi_WideSize(
	LPCWSTR wide);

	/*
	* Covert a Unicode wide character string to a UTF8 string
	*/
	char *
	nss_ckcapi_WideToUTF8(
	LPCWSTR wide);

	/*
	* Return a Wide String duplicated with nss allocated memory.
	*/
	LPWSTR
	nss_ckcapi_WideDup(
	LPCWSTR wide);

	/*
	* Covert a UTF8 string to Unicode wide character
	*/
	LPWSTR
	nss_ckcapi_UTF8ToWide(
	char *buf);

	NSS_EXTERN PRUint32
	nss_ckcapi_collect_all_certs(
	CK_ATTRIBUTE_PTR pTemplate,
	CK_ULONG ulAttributeCount,
	ckcapiInternalObject ***listp,
	PRUint32 *sizep,
	PRUint32 count,
	CK_RV *pError);

	#define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0])))

	#endif