michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #ifndef CKCAPI_H michael@0: #define CKCAPI_H 1 michael@0: michael@0: #include "nssckmdt.h" michael@0: #include "nssckfw.h" michael@0: michael@0: /* michael@0: * I'm including this for access to the arena functions. michael@0: * Looks like we should publish that API. michael@0: */ michael@0: #ifndef BASE_H michael@0: #include "base.h" michael@0: #endif /* BASE_H */ michael@0: michael@0: /* michael@0: * This is where the Netscape extensions live, at least for now. michael@0: */ michael@0: #ifndef CKT_H michael@0: #include "ckt.h" michael@0: #endif /* CKT_H */ michael@0: michael@0: #include "wtypes.h" michael@0: #include "wincrypt.h" michael@0: michael@0: /* michael@0: * statically defined raw objects. Allows us to data description objects michael@0: * to this PKCS #11 module. michael@0: */ michael@0: struct ckcapiRawObjectStr { michael@0: CK_ULONG n; michael@0: const CK_ATTRIBUTE_TYPE *types; michael@0: const NSSItem *items; michael@0: }; michael@0: typedef struct ckcapiRawObjectStr ckcapiRawObject; michael@0: michael@0: michael@0: /* michael@0: * common values needed for both bare keys and cert referenced keys. michael@0: */ michael@0: struct ckcapiKeyParamsStr { michael@0: NSSItem modulus; michael@0: NSSItem exponent; michael@0: NSSItem privateExponent; michael@0: NSSItem prime1; michael@0: NSSItem prime2; michael@0: NSSItem exponent1; michael@0: NSSItem exponent2; michael@0: NSSItem coefficient; michael@0: unsigned char publicExponentData[sizeof(CK_ULONG)]; michael@0: void *privateKey; michael@0: void *pubKey; michael@0: }; michael@0: typedef struct ckcapiKeyParamsStr ckcapiKeyParams; michael@0: michael@0: /* michael@0: * Key objects. Handles bare keys which do not yet have certs associated michael@0: * with them. These are usually short lived, but may exist for several days michael@0: * while the CA is issuing the certificate. michael@0: */ michael@0: struct ckcapiKeyObjectStr { michael@0: CRYPT_KEY_PROV_INFO provInfo; michael@0: char *provName; michael@0: char *containerName; michael@0: HCRYPTPROV hProv; michael@0: ckcapiKeyParams key; michael@0: }; michael@0: typedef struct ckcapiKeyObjectStr ckcapiKeyObject; michael@0: michael@0: /* michael@0: * Certificate and certificate referenced keys. michael@0: */ michael@0: struct ckcapiCertObjectStr { michael@0: PCCERT_CONTEXT certContext; michael@0: PRBool hasID; michael@0: const char *certStore; michael@0: NSSItem label; michael@0: NSSItem subject; michael@0: NSSItem issuer; michael@0: NSSItem serial; michael@0: NSSItem derCert; michael@0: ckcapiKeyParams key; michael@0: unsigned char *labelData; michael@0: /* static data: to do, make this dynamic like labelData */ michael@0: unsigned char derSerial[128]; michael@0: }; michael@0: typedef struct ckcapiCertObjectStr ckcapiCertObject; michael@0: michael@0: typedef enum { michael@0: ckcapiRaw, michael@0: ckcapiCert, michael@0: ckcapiBareKey michael@0: } ckcapiObjectType; michael@0: michael@0: /* michael@0: * all the various types of objects are abstracted away in cobject and michael@0: * cfind as ckcapiInternalObjects. michael@0: */ michael@0: struct ckcapiInternalObjectStr { michael@0: ckcapiObjectType type; michael@0: union { michael@0: ckcapiRawObject raw; michael@0: ckcapiCertObject cert; michael@0: ckcapiKeyObject key; michael@0: } u; michael@0: CK_OBJECT_CLASS objClass; michael@0: NSSItem hashKey; michael@0: NSSItem id; michael@0: void *idData; michael@0: unsigned char hashKeyData[128]; michael@0: NSSCKMDObject mdObject; michael@0: }; michael@0: typedef struct ckcapiInternalObjectStr ckcapiInternalObject; michael@0: michael@0: /* our raw object data array */ michael@0: NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[]; michael@0: NSS_EXTERN_DATA const PRUint32 nss_ckcapi_nObjects; michael@0: michael@0: NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_CryptokiVersion; michael@0: NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_ManufacturerID; michael@0: NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_LibraryDescription; michael@0: NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_LibraryVersion; michael@0: NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_SlotDescription; michael@0: NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_HardwareVersion; michael@0: NSS_EXTERN_DATA const CK_VERSION nss_ckcapi_FirmwareVersion; michael@0: NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenLabel; michael@0: NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenModel; michael@0: NSS_EXTERN_DATA const NSSUTF8 * nss_ckcapi_TokenSerialNumber; michael@0: michael@0: NSS_EXTERN_DATA const NSSCKMDInstance nss_ckcapi_mdInstance; michael@0: NSS_EXTERN_DATA const NSSCKMDSlot nss_ckcapi_mdSlot; michael@0: NSS_EXTERN_DATA const NSSCKMDToken nss_ckcapi_mdToken; michael@0: NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA; michael@0: michael@0: NSS_EXTERN NSSCKMDSession * michael@0: nss_ckcapi_CreateSession michael@0: ( michael@0: NSSCKFWSession *fwSession, michael@0: CK_RV *pError michael@0: ); michael@0: michael@0: NSS_EXTERN NSSCKMDFindObjects * michael@0: nss_ckcapi_FindObjectsInit michael@0: ( michael@0: NSSCKFWSession *fwSession, michael@0: CK_ATTRIBUTE_PTR pTemplate, michael@0: CK_ULONG ulAttributeCount, michael@0: CK_RV *pError michael@0: ); michael@0: michael@0: /* michael@0: * Object Utilities michael@0: */ michael@0: NSS_EXTERN NSSCKMDObject * michael@0: nss_ckcapi_CreateMDObject michael@0: ( michael@0: NSSArena *arena, michael@0: ckcapiInternalObject *io, michael@0: CK_RV *pError michael@0: ); michael@0: michael@0: NSS_EXTERN NSSCKMDObject * michael@0: nss_ckcapi_CreateObject michael@0: ( michael@0: NSSCKFWSession *fwSession, michael@0: CK_ATTRIBUTE_PTR pTemplate, michael@0: CK_ULONG ulAttributeCount, michael@0: CK_RV *pError michael@0: ); michael@0: michael@0: NSS_EXTERN const NSSItem * michael@0: nss_ckcapi_FetchAttribute michael@0: ( michael@0: ckcapiInternalObject *io, michael@0: CK_ATTRIBUTE_TYPE type michael@0: ); michael@0: michael@0: NSS_EXTERN void michael@0: nss_ckcapi_DestroyInternalObject michael@0: ( michael@0: ckcapiInternalObject *io michael@0: ); michael@0: michael@0: NSS_EXTERN CK_RV michael@0: nss_ckcapi_FetchKeyContainer michael@0: ( michael@0: ckcapiInternalObject *iKey, michael@0: HCRYPTPROV *hProv, michael@0: DWORD *keySpec, michael@0: HCRYPTKEY *hKey michael@0: ); michael@0: michael@0: /* michael@0: * generic utilities michael@0: */ michael@0: michael@0: /* michael@0: * So everyone else in the worlds stores their bignum data MSB first, but not michael@0: * Microsoft, we need to byte swap everything coming into and out of CAPI. michael@0: */ michael@0: void michael@0: ckcapi_ReverseData michael@0: ( michael@0: NSSItem *item michael@0: ); michael@0: michael@0: /* michael@0: * unwrap a single DER value michael@0: */ michael@0: unsigned char * michael@0: nss_ckcapi_DERUnwrap michael@0: ( michael@0: unsigned char *src, michael@0: unsigned int size, michael@0: unsigned int *outSize, michael@0: unsigned char **next michael@0: ); michael@0: michael@0: /* michael@0: * Return the size in bytes of a wide string michael@0: */ michael@0: int michael@0: nss_ckcapi_WideSize michael@0: ( michael@0: LPCWSTR wide michael@0: ); michael@0: michael@0: /* michael@0: * Covert a Unicode wide character string to a UTF8 string michael@0: */ michael@0: char * michael@0: nss_ckcapi_WideToUTF8 michael@0: ( michael@0: LPCWSTR wide michael@0: ); michael@0: michael@0: /* michael@0: * Return a Wide String duplicated with nss allocated memory. michael@0: */ michael@0: LPWSTR michael@0: nss_ckcapi_WideDup michael@0: ( michael@0: LPCWSTR wide michael@0: ); michael@0: michael@0: /* michael@0: * Covert a UTF8 string to Unicode wide character michael@0: */ michael@0: LPWSTR michael@0: nss_ckcapi_UTF8ToWide michael@0: ( michael@0: char *buf michael@0: ); michael@0: michael@0: michael@0: NSS_EXTERN PRUint32 michael@0: nss_ckcapi_collect_all_certs( michael@0: CK_ATTRIBUTE_PTR pTemplate, michael@0: CK_ULONG ulAttributeCount, michael@0: ckcapiInternalObject ***listp, michael@0: PRUint32 *sizep, michael@0: PRUint32 count, michael@0: CK_RV *pError michael@0: ); michael@0: michael@0: #define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof (x))/(sizeof ((x)[0]))) michael@0: michael@0: #endif