RetroZilla/security/nss/lib/ckfw/capi/ckcapi.h

272 lines
5.7 KiB
C
Raw Normal View History

2018-05-04 16:08:28 +02:00
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
2015-10-21 05:03:22 +02:00
#ifndef CKCAPI_H
#define CKCAPI_H 1
#include "nssckmdt.h"
#include "nssckfw.h"
/*
* I'm including this for access to the arena functions.
* Looks like we should publish that API.
*/
#ifndef BASE_H
#include "base.h"
#endif /* BASE_H */
/*
* This is where the Netscape extensions live, at least for now.
*/
#ifndef CKT_H
#include "ckt.h"
#endif /* CKT_H */
#include "wtypes.h"
#include "wincrypt.h"
/*
* statically defined raw objects. Allows us to data description objects
* to this PKCS #11 module.
*/
struct ckcapiRawObjectStr {
CK_ULONG n;
const CK_ATTRIBUTE_TYPE *types;
const NSSItem *items;
};
typedef struct ckcapiRawObjectStr ckcapiRawObject;
/*
* common values needed for both bare keys and cert referenced keys.
*/
struct ckcapiKeyParamsStr {
NSSItem modulus;
NSSItem exponent;
NSSItem privateExponent;
NSSItem prime1;
NSSItem prime2;
NSSItem exponent1;
NSSItem exponent2;
NSSItem coefficient;
unsigned char publicExponentData[sizeof(CK_ULONG)];
void *privateKey;
void *pubKey;
};
typedef struct ckcapiKeyParamsStr ckcapiKeyParams;
/*
* Key objects. Handles bare keys which do not yet have certs associated
* with them. These are usually short lived, but may exist for several days
* while the CA is issuing the certificate.
*/
struct ckcapiKeyObjectStr {
CRYPT_KEY_PROV_INFO provInfo;
char *provName;
char *containerName;
HCRYPTPROV hProv;
ckcapiKeyParams key;
};
typedef struct ckcapiKeyObjectStr ckcapiKeyObject;
/*
* Certificate and certificate referenced keys.
*/
struct ckcapiCertObjectStr {
PCCERT_CONTEXT certContext;
PRBool hasID;
const char *certStore;
NSSItem label;
NSSItem subject;
NSSItem issuer;
NSSItem serial;
NSSItem derCert;
ckcapiKeyParams key;
unsigned char *labelData;
/* static data: to do, make this dynamic like labelData */
unsigned char derSerial[128];
};
typedef struct ckcapiCertObjectStr ckcapiCertObject;
typedef enum {
ckcapiRaw,
ckcapiCert,
ckcapiBareKey
} ckcapiObjectType;
/*
* all the various types of objects are abstracted away in cobject and
* cfind as ckcapiInternalObjects.
*/
struct ckcapiInternalObjectStr {
ckcapiObjectType type;
union {
ckcapiRawObject raw;
ckcapiCertObject cert;
ckcapiKeyObject key;
} u;
CK_OBJECT_CLASS objClass;
NSSItem hashKey;
NSSItem id;
void *idData;
unsigned char hashKeyData[128];
NSSCKMDObject mdObject;
};
typedef struct ckcapiInternalObjectStr ckcapiInternalObject;
/* our raw object data array */
NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[];
NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects;
NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion;
NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_ManufacturerID;
NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_LibraryDescription;
NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion;
NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_SlotDescription;
NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion;
NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion;
NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenLabel;
NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenModel;
NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenSerialNumber;
NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance;
NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot;
NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken;
NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA;
NSS_EXTERN NSSCKMDSession *
nss_ckcapi_CreateSession
(
NSSCKFWSession *fwSession,
CK_RV *pError
);
NSS_EXTERN NSSCKMDFindObjects *
nss_ckcapi_FindObjectsInit
(
NSSCKFWSession *fwSession,
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount,
CK_RV *pError
);
/*
* Object Utilities
*/
NSS_EXTERN NSSCKMDObject *
nss_ckcapi_CreateMDObject
(
NSSArena *arena,
ckcapiInternalObject *io,
CK_RV *pError
);
NSS_EXTERN NSSCKMDObject *
nss_ckcapi_CreateObject
(
NSSCKFWSession *fwSession,
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount,
CK_RV *pError
);
NSS_EXTERN const NSSItem *
nss_ckcapi_FetchAttribute
(
ckcapiInternalObject *io,
CK_ATTRIBUTE_TYPE type
);
NSS_EXTERN void
nss_ckcapi_DestroyInternalObject
(
ckcapiInternalObject *io
);
NSS_EXTERN CK_RV
nss_ckcapi_FetchKeyContainer
(
ckcapiInternalObject *iKey,
HCRYPTPROV *hProv,
DWORD *keySpec,
HCRYPTKEY *hKey
);
/*
* generic utilities
*/
/*
* So everyone else in the worlds stores their bignum data MSB first, but not
* Microsoft, we need to byte swap everything coming into and out of CAPI.
*/
void
ckcapi_ReverseData
(
NSSItem *item
);
/*
* unwrap a single DER value
*/
2018-05-04 16:08:28 +02:00
unsigned char *
2015-10-21 05:03:22 +02:00
nss_ckcapi_DERUnwrap
(
2018-05-04 16:08:28 +02:00
unsigned char *src,
unsigned int size,
unsigned int *outSize,
unsigned char **next
2015-10-21 05:03:22 +02:00
);
/*
* Return the size in bytes of a wide string
*/
int
nss_ckcapi_WideSize
(
LPCWSTR wide
);
/*
* Covert a Unicode wide character string to a UTF8 string
*/
char *
nss_ckcapi_WideToUTF8
(
LPCWSTR wide
);
/*
* Return a Wide String duplicated with nss allocated memory.
*/
LPWSTR
nss_ckcapi_WideDup
(
LPCWSTR wide
);
/*
* Covert a UTF8 string to Unicode wide character
*/
LPWSTR
nss_ckcapi_UTF8ToWide
(
char *buf
);
NSS_EXTERN PRUint32
nss_ckcapi_collect_all_certs(
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount,
ckcapiInternalObject ***listp,
PRUint32 *sizep,
PRUint32 count,
CK_RV *pError
);
#define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof (x))/(sizeof ((x)[0])))
#endif