The Tor Browser: security/nss/lib/ckfw/capi/ckcapi.h@b8a032363ba2

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     5 #ifndef CKCAPI_H

     6 #define CKCAPI_H 1

     8 #include "nssckmdt.h"

     9 #include "nssckfw.h"

    11 /*

    12  * I'm including this for access to the arena functions.

    13  * Looks like we should publish that API.

    14  */

    15 #ifndef BASE_H

    16 #include "base.h"

    17 #endif /* BASE_H */

    19 /*

    20  * This is where the Netscape extensions live, at least for now.

    21  */

    22 #ifndef CKT_H

    23 #include "ckt.h"

    24 #endif /* CKT_H */

    26 #include "wtypes.h"

    27 #include "wincrypt.h"

    29 /*

    30  * statically defined raw objects. Allows us to data description objects

    31  * to this PKCS #11 module.

    32  */

    33 struct ckcapiRawObjectStr {

    34   CK_ULONG n;

    35   const CK_ATTRIBUTE_TYPE *types;

    36   const NSSItem *items;

    37 };

    38 typedef struct ckcapiRawObjectStr ckcapiRawObject;

    41 /*

    42  * common values needed for both bare keys and cert referenced keys.

    43  */

    44 struct ckcapiKeyParamsStr {

    45   NSSItem	  modulus;

    46   NSSItem	  exponent;

    47   NSSItem	  privateExponent;

    48   NSSItem	  prime1;

    49   NSSItem	  prime2;

    50   NSSItem	  exponent1;

    51   NSSItem	  exponent2;

    52   NSSItem	  coefficient;

    53   unsigned char   publicExponentData[sizeof(CK_ULONG)];

    54   void		  *privateKey;

    55   void		  *pubKey;

    56 };

    57 typedef struct ckcapiKeyParamsStr ckcapiKeyParams;

    59 /*

    60  * Key objects. Handles bare keys which do not yet have certs associated

    61  * with them. These are usually short lived, but may exist for several days

    62  * while the CA is issuing the certificate.

    63  */

    64 struct ckcapiKeyObjectStr {

    65   CRYPT_KEY_PROV_INFO provInfo;

    66   char            *provName;

    67   char            *containerName;

    68   HCRYPTPROV      hProv;

    69   ckcapiKeyParams key;

    70 };

    71 typedef struct ckcapiKeyObjectStr ckcapiKeyObject;

    73 /*

    74  * Certificate and certificate referenced keys.

    75  */

    76 struct ckcapiCertObjectStr {

    77   PCCERT_CONTEXT  certContext;

    78   PRBool          hasID;

    79   const char	  *certStore;

    80   NSSItem	  label;

    81   NSSItem	  subject;

    82   NSSItem	  issuer;

    83   NSSItem	  serial;

    84   NSSItem	  derCert;

    85   ckcapiKeyParams key;

    86   unsigned char   *labelData;

    87   /* static data: to do, make this dynamic like labelData */

    88   unsigned char   derSerial[128];

    89 };

    90 typedef struct ckcapiCertObjectStr ckcapiCertObject;

    92 typedef enum {

    93   ckcapiRaw,

    94   ckcapiCert,

    95   ckcapiBareKey

    96 } ckcapiObjectType;

    98 /*

    99  * all the various types of objects are abstracted away in cobject and

   100  * cfind as ckcapiInternalObjects.

   101  */

   102 struct ckcapiInternalObjectStr {

   103   ckcapiObjectType type;

   104   union {

   105     ckcapiRawObject  raw;

   106     ckcapiCertObject cert;

   107     ckcapiKeyObject  key;

   108   } u;

   109   CK_OBJECT_CLASS objClass;

   110   NSSItem	  hashKey;

   111   NSSItem	  id;

   112   void		  *idData;

   113   unsigned char   hashKeyData[128];

   114   NSSCKMDObject mdObject;

   115 };

   116 typedef struct ckcapiInternalObjectStr ckcapiInternalObject;

   118 /* our raw object data array */

   119 NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[];

   120 NSS_EXTERN_DATA const PRUint32               nss_ckcapi_nObjects;

   122 NSS_EXTERN_DATA const CK_VERSION   nss_ckcapi_CryptokiVersion;

   123 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_ManufacturerID;

   124 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_LibraryDescription;

   125 NSS_EXTERN_DATA const CK_VERSION   nss_ckcapi_LibraryVersion;

   126 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_SlotDescription;

   127 NSS_EXTERN_DATA const CK_VERSION   nss_ckcapi_HardwareVersion;

   128 NSS_EXTERN_DATA const CK_VERSION   nss_ckcapi_FirmwareVersion;

   129 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_TokenLabel;

   130 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_TokenModel;

   131 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_TokenSerialNumber;

   133 NSS_EXTERN_DATA const NSSCKMDInstance  nss_ckcapi_mdInstance;

   134 NSS_EXTERN_DATA const NSSCKMDSlot      nss_ckcapi_mdSlot;

   135 NSS_EXTERN_DATA const NSSCKMDToken     nss_ckcapi_mdToken;

   136 NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA;

   138 NSS_EXTERN NSSCKMDSession *

   139 nss_ckcapi_CreateSession

   140 (

   141   NSSCKFWSession *fwSession,

   142   CK_RV *pError

   143 );

   145 NSS_EXTERN NSSCKMDFindObjects *

   146 nss_ckcapi_FindObjectsInit

   147 (

   148   NSSCKFWSession *fwSession,

   149   CK_ATTRIBUTE_PTR pTemplate,

   150   CK_ULONG ulAttributeCount,

   151   CK_RV *pError

   152 );

   154 /*

   155  * Object Utilities

   156  */

   157 NSS_EXTERN NSSCKMDObject *

   158 nss_ckcapi_CreateMDObject

   159 (

   160   NSSArena *arena,

   161   ckcapiInternalObject *io,

   162   CK_RV *pError

   163 );

   165 NSS_EXTERN NSSCKMDObject *

   166 nss_ckcapi_CreateObject

   167 (

   168   NSSCKFWSession *fwSession,

   169   CK_ATTRIBUTE_PTR pTemplate,

   170   CK_ULONG ulAttributeCount,

   171   CK_RV *pError

   172 );

   174 NSS_EXTERN const NSSItem *

   175 nss_ckcapi_FetchAttribute

   176 (

   177   ckcapiInternalObject *io,

   178   CK_ATTRIBUTE_TYPE type

   179 );

   181 NSS_EXTERN void

   182 nss_ckcapi_DestroyInternalObject

   183 (

   184   ckcapiInternalObject *io

   185 );

   187 NSS_EXTERN CK_RV

   188 nss_ckcapi_FetchKeyContainer

   189 (

   190   ckcapiInternalObject *iKey,

   191   HCRYPTPROV  *hProv,

   192   DWORD       *keySpec,

   193   HCRYPTKEY   *hKey

   194 );

   196 /*

   197  * generic utilities

   198  */

   200 /*

   201  * So everyone else in the worlds stores their bignum data MSB first, but not

   202  * Microsoft, we need to byte swap everything coming into and out of CAPI.

   203  */

   204 void

   205 ckcapi_ReverseData

   206 (

   207   NSSItem *item

   208 );

   210 /*

   211  * unwrap a single DER value

   212  */

   213 unsigned char *

   214 nss_ckcapi_DERUnwrap

   215 (

   216   unsigned char *src,

   217   unsigned int size,

   218   unsigned int *outSize,

   219   unsigned char **next

   220 );

   222 /*

   223  * Return the size in bytes of a wide string

   224  */

   225 int

   226 nss_ckcapi_WideSize

   227 (

   228   LPCWSTR wide

   229 );

   231 /*

   232  * Covert a Unicode wide character string to a UTF8 string

   233  */

   234 char *

   235 nss_ckcapi_WideToUTF8

   236 (

   237   LPCWSTR wide

   238 );

   240 /*

   241  * Return a Wide String duplicated with nss allocated memory.

   242  */

   243 LPWSTR

   244 nss_ckcapi_WideDup

   245 (

   246   LPCWSTR wide

   247 );

   249 /*

   250  * Covert a UTF8 string to Unicode wide character

   251  */

   252 LPWSTR

   253 nss_ckcapi_UTF8ToWide

   254 (

   255   char *buf

   256 );

   259 NSS_EXTERN PRUint32

   260 nss_ckcapi_collect_all_certs(

   261   CK_ATTRIBUTE_PTR pTemplate,

   262   CK_ULONG ulAttributeCount,

   263   ckcapiInternalObject ***listp,

   264   PRUint32 *sizep,

   265   PRUint32 count,

   266   CK_RV *pError

   267 );

   269 #define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof (x))/(sizeof ((x)[0])))

   271 #endif

The Tor Browser / file revision