The Tor Browser / annotate

security/nss/lib/ckfw/capi/ckcapi.h@b8a032363ba2 (annotated)

security/nss/lib/ckfw/capi/ckcapi.h

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4
michael@0 5 #ifndef CKCAPI_H
michael@0 6 #define CKCAPI_H 1
michael@0 7
michael@0 8 #include "nssckmdt.h"
michael@0 9 #include "nssckfw.h"
michael@0 10
michael@0 11 /*
michael@0 12 * I'm including this for access to the arena functions.
michael@0 13 * Looks like we should publish that API.
michael@0 14 */
michael@0 15 #ifndef BASE_H
michael@0 16 #include "base.h"
michael@0 17 #endif /* BASE_H */
michael@0 18
michael@0 19 /*
michael@0 20 * This is where the Netscape extensions live, at least for now.
michael@0 21 */
michael@0 22 #ifndef CKT_H
michael@0 23 #include "ckt.h"
michael@0 24 #endif /* CKT_H */
michael@0 25
michael@0 26 #include "wtypes.h"
michael@0 27 #include "wincrypt.h"
michael@0 28
michael@0 29 /*
michael@0 30 * statically defined raw objects. Allows us to data description objects
michael@0 31 * to this PKCS #11 module.
michael@0 32 */
michael@0 33 struct ckcapiRawObjectStr {
michael@0 34 CK_ULONG n;
michael@0 35 const CK_ATTRIBUTE_TYPE *types;
michael@0 36 const NSSItem *items;
michael@0 37 };
michael@0 38 typedef struct ckcapiRawObjectStr ckcapiRawObject;
michael@0 39
michael@0 40
michael@0 41 /*
michael@0 42 * common values needed for both bare keys and cert referenced keys.
michael@0 43 */
michael@0 44 struct ckcapiKeyParamsStr {
michael@0 45 NSSItem modulus;
michael@0 46 NSSItem exponent;
michael@0 47 NSSItem privateExponent;
michael@0 48 NSSItem prime1;
michael@0 49 NSSItem prime2;
michael@0 50 NSSItem exponent1;
michael@0 51 NSSItem exponent2;
michael@0 52 NSSItem coefficient;
michael@0 53 unsigned char publicExponentData[sizeof(CK_ULONG)];
michael@0 54 void *privateKey;
michael@0 55 void *pubKey;
michael@0 56 };
michael@0 57 typedef struct ckcapiKeyParamsStr ckcapiKeyParams;
michael@0 58
michael@0 59 /*
michael@0 60 * Key objects. Handles bare keys which do not yet have certs associated
michael@0 61 * with them. These are usually short lived, but may exist for several days
michael@0 62 * while the CA is issuing the certificate.
michael@0 63 */
michael@0 64 struct ckcapiKeyObjectStr {
michael@0 65 CRYPT_KEY_PROV_INFO provInfo;
michael@0 66 char *provName;
michael@0 67 char *containerName;
michael@0 68 HCRYPTPROV hProv;
michael@0 69 ckcapiKeyParams key;
michael@0 70 };
michael@0 71 typedef struct ckcapiKeyObjectStr ckcapiKeyObject;
michael@0 72
michael@0 73 /*
michael@0 74 * Certificate and certificate referenced keys.
michael@0 75 */
michael@0 76 struct ckcapiCertObjectStr {
michael@0 77 PCCERT_CONTEXT certContext;
michael@0 78 PRBool hasID;
michael@0 79 const char *certStore;
michael@0 80 NSSItem label;
michael@0 81 NSSItem subject;
michael@0 82 NSSItem issuer;
michael@0 83 NSSItem serial;
michael@0 84 NSSItem derCert;
michael@0 85 ckcapiKeyParams key;
michael@0 86 unsigned char *labelData;
michael@0 87 /* static data: to do, make this dynamic like labelData */
michael@0 88 unsigned char derSerial[128];
michael@0 89 };
michael@0 90 typedef struct ckcapiCertObjectStr ckcapiCertObject;
michael@0 91
michael@0 92 typedef enum {
michael@0 93 ckcapiRaw,
michael@0 94 ckcapiCert,
michael@0 95 ckcapiBareKey
michael@0 96 } ckcapiObjectType;
michael@0 97
michael@0 98 /*
michael@0 99 * all the various types of objects are abstracted away in cobject and
michael@0 100 * cfind as ckcapiInternalObjects.
michael@0 101 */
michael@0 102 struct ckcapiInternalObjectStr {
michael@0 103 ckcapiObjectType type;
michael@0 104 union {
michael@0 105 ckcapiRawObject raw;
michael@0 106 ckcapiCertObject cert;
michael@0 107 ckcapiKeyObject key;
michael@0 108 } u;
michael@0 109 CK_OBJECT_CLASS objClass;
michael@0 110 NSSItem hashKey;
michael@0 111 NSSItem id;
michael@0 112 void *idData;
michael@0 113 unsigned char hashKeyData[128];
michael@0 114 NSSCKMDObject mdObject;
michael@0 115 };
michael@0 116 typedef struct ckcapiInternalObjectStr ckcapiInternalObject;
michael@0 117
michael@0 118 /* our raw object data array */
michael@0 119 NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[];
michael@0 120 NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects;
michael@0 121
michael@0 122 NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion;
michael@0 123 NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_ManufacturerID;
michael@0 124 NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_LibraryDescription;
michael@0 125 NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion;
michael@0 126 NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_SlotDescription;
michael@0 127 NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion;
michael@0 128 NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion;
michael@0 129 NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenLabel;
michael@0 130 NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenModel;
michael@0 131 NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenSerialNumber;
michael@0 132
michael@0 133 NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance;
michael@0 134 NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot;
michael@0 135 NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken;
michael@0 136 NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA;
michael@0 137
michael@0 138 NSS_EXTERN NSSCKMDSession *
michael@0 139 nss_ckcapi_CreateSession
michael@0 140 (
michael@0 141 NSSCKFWSession *fwSession,
michael@0 142 CK_RV *pError
michael@0 143 );
michael@0 144
michael@0 145 NSS_EXTERN NSSCKMDFindObjects *
michael@0 146 nss_ckcapi_FindObjectsInit
michael@0 147 (
michael@0 148 NSSCKFWSession *fwSession,
michael@0 149 CK_ATTRIBUTE_PTR pTemplate,
michael@0 150 CK_ULONG ulAttributeCount,
michael@0 151 CK_RV *pError
michael@0 152 );
michael@0 153
michael@0 154 /*
michael@0 155 * Object Utilities
michael@0 156 */
michael@0 157 NSS_EXTERN NSSCKMDObject *
michael@0 158 nss_ckcapi_CreateMDObject
michael@0 159 (
michael@0 160 NSSArena *arena,
michael@0 161 ckcapiInternalObject *io,
michael@0 162 CK_RV *pError
michael@0 163 );
michael@0 164
michael@0 165 NSS_EXTERN NSSCKMDObject *
michael@0 166 nss_ckcapi_CreateObject
michael@0 167 (
michael@0 168 NSSCKFWSession *fwSession,
michael@0 169 CK_ATTRIBUTE_PTR pTemplate,
michael@0 170 CK_ULONG ulAttributeCount,
michael@0 171 CK_RV *pError
michael@0 172 );
michael@0 173
michael@0 174 NSS_EXTERN const NSSItem *
michael@0 175 nss_ckcapi_FetchAttribute
michael@0 176 (
michael@0 177 ckcapiInternalObject *io,
michael@0 178 CK_ATTRIBUTE_TYPE type
michael@0 179 );
michael@0 180
michael@0 181 NSS_EXTERN void
michael@0 182 nss_ckcapi_DestroyInternalObject
michael@0 183 (
michael@0 184 ckcapiInternalObject *io
michael@0 185 );
michael@0 186
michael@0 187 NSS_EXTERN CK_RV
michael@0 188 nss_ckcapi_FetchKeyContainer
michael@0 189 (
michael@0 190 ckcapiInternalObject *iKey,
michael@0 191 HCRYPTPROV *hProv,
michael@0 192 DWORD *keySpec,
michael@0 193 HCRYPTKEY *hKey
michael@0 194 );
michael@0 195
michael@0 196 /*
michael@0 197 * generic utilities
michael@0 198 */
michael@0 199
michael@0 200 /*
michael@0 201 * So everyone else in the worlds stores their bignum data MSB first, but not
michael@0 202 * Microsoft, we need to byte swap everything coming into and out of CAPI.
michael@0 203 */
michael@0 204 void
michael@0 205 ckcapi_ReverseData
michael@0 206 (
michael@0 207 NSSItem *item
michael@0 208 );
michael@0 209
michael@0 210 /*
michael@0 211 * unwrap a single DER value
michael@0 212 */
michael@0 213 unsigned char *
michael@0 214 nss_ckcapi_DERUnwrap
michael@0 215 (
michael@0 216 unsigned char *src,
michael@0 217 unsigned int size,
michael@0 218 unsigned int *outSize,
michael@0 219 unsigned char **next
michael@0 220 );
michael@0 221
michael@0 222 /*
michael@0 223 * Return the size in bytes of a wide string
michael@0 224 */
michael@0 225 int
michael@0 226 nss_ckcapi_WideSize
michael@0 227 (
michael@0 228 LPCWSTR wide
michael@0 229 );
michael@0 230
michael@0 231 /*
michael@0 232 * Covert a Unicode wide character string to a UTF8 string
michael@0 233 */
michael@0 234 char *
michael@0 235 nss_ckcapi_WideToUTF8
michael@0 236 (
michael@0 237 LPCWSTR wide
michael@0 238 );
michael@0 239
michael@0 240 /*
michael@0 241 * Return a Wide String duplicated with nss allocated memory.
michael@0 242 */
michael@0 243 LPWSTR
michael@0 244 nss_ckcapi_WideDup
michael@0 245 (
michael@0 246 LPCWSTR wide
michael@0 247 );
michael@0 248
michael@0 249 /*
michael@0 250 * Covert a UTF8 string to Unicode wide character
michael@0 251 */
michael@0 252 LPWSTR
michael@0 253 nss_ckcapi_UTF8ToWide
michael@0 254 (
michael@0 255 char *buf
michael@0 256 );
michael@0 257
michael@0 258
michael@0 259 NSS_EXTERN PRUint32
michael@0 260 nss_ckcapi_collect_all_certs(
michael@0 261 CK_ATTRIBUTE_PTR pTemplate,
michael@0 262 CK_ULONG ulAttributeCount,
michael@0 263 ckcapiInternalObject ***listp,
michael@0 264 PRUint32 *sizep,
michael@0 265 PRUint32 count,
michael@0 266 CK_RV *pError
michael@0 267 );
michael@0 268
michael@0 269 #define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof (x))/(sizeof ((x)[0])))
michael@0 270
michael@0 271 #endif

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial