| /* This Source Code Form is subject to the terms of the Mozilla Public |
| * License, v. 2.0. If a copy of the MPL was not distributed with this |
| * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| |
| #ifndef CKCAPI_H |
| #define CKCAPI_H 1 |
| |
| #include "nssckmdt.h" |
| #include "nssckfw.h" |
| |
| /* |
| * I'm including this for access to the arena functions. |
| * Looks like we should publish that API. |
| */ |
| #ifndef BASE_H |
| #include "base.h" |
| #endif /* BASE_H */ |
| |
| /* |
| * This is where the Netscape extensions live, at least for now. |
| */ |
| #ifndef CKT_H |
| #include "ckt.h" |
| #endif /* CKT_H */ |
| |
| #include "wtypes.h" |
| #include "wincrypt.h" |
| |
| /* |
| * statically defined raw objects. Allows us to data description objects |
| * to this PKCS #11 module. |
| */ |
| struct ckcapiRawObjectStr { |
| CK_ULONG n; |
| const CK_ATTRIBUTE_TYPE *types; |
| const NSSItem *items; |
| }; |
| typedef struct ckcapiRawObjectStr ckcapiRawObject; |
| |
| /* |
| * common values needed for both bare keys and cert referenced keys. |
| */ |
| struct ckcapiKeyParamsStr { |
| NSSItem modulus; |
| NSSItem exponent; |
| NSSItem privateExponent; |
| NSSItem prime1; |
| NSSItem prime2; |
| NSSItem exponent1; |
| NSSItem exponent2; |
| NSSItem coefficient; |
| unsigned char publicExponentData[sizeof(CK_ULONG)]; |
| void *privateKey; |
| void *pubKey; |
| }; |
| typedef struct ckcapiKeyParamsStr ckcapiKeyParams; |
| |
| /* |
| * Key objects. Handles bare keys which do not yet have certs associated |
| * with them. These are usually short lived, but may exist for several days |
| * while the CA is issuing the certificate. |
| */ |
| struct ckcapiKeyObjectStr { |
| CRYPT_KEY_PROV_INFO provInfo; |
| char *provName; |
| char *containerName; |
| HCRYPTPROV hProv; |
| ckcapiKeyParams key; |
| }; |
| typedef struct ckcapiKeyObjectStr ckcapiKeyObject; |
| |
| /* |
| * Certificate and certificate referenced keys. |
| */ |
| struct ckcapiCertObjectStr { |
| PCCERT_CONTEXT certContext; |
| PRBool hasID; |
| const char *certStore; |
| NSSItem label; |
| NSSItem subject; |
| NSSItem issuer; |
| NSSItem serial; |
| NSSItem derCert; |
| ckcapiKeyParams key; |
| unsigned char *labelData; |
| /* static data: to do, make this dynamic like labelData */ |
| unsigned char derSerial[128]; |
| }; |
| typedef struct ckcapiCertObjectStr ckcapiCertObject; |
| |
| typedef enum { |
| ckcapiRaw, |
| ckcapiCert, |
| ckcapiBareKey |
| } ckcapiObjectType; |
| |
| /* |
| * all the various types of objects are abstracted away in cobject and |
| * cfind as ckcapiInternalObjects. |
| */ |
| struct ckcapiInternalObjectStr { |
| ckcapiObjectType type; |
| union { |
| ckcapiRawObject raw; |
| ckcapiCertObject cert; |
| ckcapiKeyObject key; |
| } u; |
| CK_OBJECT_CLASS objClass; |
| NSSItem hashKey; |
| NSSItem id; |
| void *idData; |
| unsigned char hashKeyData[128]; |
| NSSCKMDObject mdObject; |
| }; |
| typedef struct ckcapiInternalObjectStr ckcapiInternalObject; |
| |
| /* our raw object data array */ |
| NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[]; |
| NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects; |
| |
| NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion; |
| NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_ManufacturerID; |
| NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_LibraryDescription; |
| NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion; |
| NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_SlotDescription; |
| NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion; |
| NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion; |
| NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenLabel; |
| NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenModel; |
| NSS_EXTERN_DATA const NSSUTF8 *nss_ckcapi_TokenSerialNumber; |
| |
| NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance; |
| NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot; |
| NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken; |
| NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA; |
| |
| NSS_EXTERN NSSCKMDSession * |
| nss_ckcapi_CreateSession( |
| NSSCKFWSession *fwSession, |
| CK_RV *pError); |
| |
| NSS_EXTERN NSSCKMDFindObjects * |
| nss_ckcapi_FindObjectsInit( |
| NSSCKFWSession *fwSession, |
| CK_ATTRIBUTE_PTR pTemplate, |
| CK_ULONG ulAttributeCount, |
| CK_RV *pError); |
| |
| /* |
| * Object Utilities |
| */ |
| NSS_EXTERN NSSCKMDObject * |
| nss_ckcapi_CreateMDObject( |
| NSSArena *arena, |
| ckcapiInternalObject *io, |
| CK_RV *pError); |
| |
| NSS_EXTERN NSSCKMDObject * |
| nss_ckcapi_CreateObject( |
| NSSCKFWSession *fwSession, |
| CK_ATTRIBUTE_PTR pTemplate, |
| CK_ULONG ulAttributeCount, |
| CK_RV *pError); |
| |
| NSS_EXTERN const NSSItem * |
| nss_ckcapi_FetchAttribute( |
| ckcapiInternalObject *io, |
| CK_ATTRIBUTE_TYPE type); |
| |
| NSS_EXTERN void |
| nss_ckcapi_DestroyInternalObject( |
| ckcapiInternalObject *io); |
| |
| NSS_EXTERN CK_RV |
| nss_ckcapi_FetchKeyContainer( |
| ckcapiInternalObject *iKey, |
| HCRYPTPROV *hProv, |
| DWORD *keySpec, |
| HCRYPTKEY *hKey); |
| |
| /* |
| * generic utilities |
| */ |
| |
| /* |
| * So everyone else in the worlds stores their bignum data MSB first, but not |
| * Microsoft, we need to byte swap everything coming into and out of CAPI. |
| */ |
| void |
| ckcapi_ReverseData( |
| NSSItem *item); |
| |
| /* |
| * unwrap a single DER value |
| */ |
| unsigned char * |
| nss_ckcapi_DERUnwrap( |
| unsigned char *src, |
| unsigned int size, |
| unsigned int *outSize, |
| unsigned char **next); |
| |
| /* |
| * Return the size in bytes of a wide string |
| */ |
| int |
| nss_ckcapi_WideSize( |
| LPCWSTR wide); |
| |
| /* |
| * Covert a Unicode wide character string to a UTF8 string |
| */ |
| char * |
| nss_ckcapi_WideToUTF8( |
| LPCWSTR wide); |
| |
| /* |
| * Return a Wide String duplicated with nss allocated memory. |
| */ |
| LPWSTR |
| nss_ckcapi_WideDup( |
| LPCWSTR wide); |
| |
| /* |
| * Covert a UTF8 string to Unicode wide character |
| */ |
| LPWSTR |
| nss_ckcapi_UTF8ToWide( |
| char *buf); |
| |
| NSS_EXTERN PRUint32 |
| nss_ckcapi_collect_all_certs( |
| CK_ATTRIBUTE_PTR pTemplate, |
| CK_ULONG ulAttributeCount, |
| ckcapiInternalObject ***listp, |
| PRUint32 *sizep, |
| PRUint32 count, |
| CK_RV *pError); |
| |
| #define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0]))) |
| |
| #endif |