Back to index

lightning-sunbird  0.9+nobinonly
ckcapi.h
Go to the documentation of this file.
00001 /* ***** BEGIN LICENSE BLOCK *****
00002  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00003  *
00004  * The contents of this file are subject to the Mozilla Public License Version
00005  * 1.1 (the "License"); you may not use this file except in compliance with
00006  * the License. You may obtain a copy of the License at
00007  * http://www.mozilla.org/MPL/
00008  *
00009  * Software distributed under the License is distributed on an "AS IS" basis,
00010  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00011  * for the specific language governing rights and limitations under the
00012  * License.
00013  *
00014  * The Original Code is the Netscape security libraries.
00015  *
00016  * The Initial Developer of the Original Code is
00017  * Netscape Communications Corporation.
00018  * Portions created by the Initial Developer are Copyright (C) 1994-2000
00019  * the Initial Developer. All Rights Reserved.
00020  * Portions created by Red Hat, Inc, are Copyright (C) 2005
00021  *
00022  * Contributor(s):
00023  *   Bob Relyea (rrelyea@redhat.com)
00024  *
00025  * Alternatively, the contents of this file may be used under the terms of
00026  * either the GNU General Public License Version 2 or later (the "GPL"), or
00027  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00028  * in which case the provisions of the GPL or the LGPL are applicable instead
00029  * of those above. If you wish to allow use of your version of this file only
00030  * under the terms of either the GPL or the LGPL, and not to allow others to
00031  * use your version of this file under the terms of the MPL, indicate your
00032  * decision by deleting the provisions above and replace them with the notice
00033  * and other provisions required by the GPL or the LGPL. If you do not delete
00034  * the provisions above, a recipient may use your version of this file under
00035  * the terms of any one of the MPL, the GPL or the LGPL.
00036  *
00037  * ***** END LICENSE BLOCK ***** */
00038 
00039 #ifndef CKCAPI_H
00040 #define CKCAPI_H 1
00041 
00042 #ifdef DEBUG
00043 static const char CKCAPI_CVS_ID[] = "@(#) $RCSfile: ckcapi.h,v $ $Revision: 1.2 $ $Date: 2005/11/15 00:13:58 $";
00044 #endif /* DEBUG */
00045 
00046 #include "nssckmdt.h"
00047 #include "nssckfw.h"
00048 
00049 /*
00050  * I'm including this for access to the arena functions.
00051  * Looks like we should publish that API.
00052  */
00053 #ifndef BASE_H
00054 #include "base.h"
00055 #endif /* BASE_H */
00056 
00057 /*
00058  * This is where the Netscape extensions live, at least for now.
00059  */
00060 #ifndef CKT_H
00061 #include "ckt.h"
00062 #endif /* CKT_H */
00063 
00064 #include "WTypes.h"
00065 #include "WinCrypt.h"
00066 
00067 /*
00068  * statically defined raw objects. Allows us to data description objects
00069  * to this PKCS #11 module.
00070  */
00071 struct ckcapiRawObjectStr {
00072   CK_ULONG n;
00073   const CK_ATTRIBUTE_TYPE *types;
00074   const NSSItem *items;
00075 };
00076 typedef struct ckcapiRawObjectStr ckcapiRawObject;
00077 
00078 
00079 /*
00080  * common values needed for both bare keys and cert referenced keys.
00081  */
00082 struct ckcapiKeyParamsStr {
00083   NSSItem       modulus;
00084   NSSItem       exponent;
00085   NSSItem       privateExponent;
00086   NSSItem       prime1;
00087   NSSItem       prime2;
00088   NSSItem       exponent1;
00089   NSSItem       exponent2;
00090   NSSItem       coefficient;
00091   unsigned char   publicExponentData[sizeof(CK_ULONG)];
00092   void          *privateKey;
00093   void          *pubKey;
00094 };
00095 typedef struct ckcapiKeyParamsStr ckcapiKeyParams;
00096 
00097 /*
00098  * Key objects. Handles bare keys which do not yet have certs associated
00099  * with them. These are usually short lived, but may exist for several days
00100  * while the CA is issuing the certificate.
00101  */
00102 struct ckcapiKeyObjectStr {
00103   CRYPT_KEY_PROV_INFO provInfo;
00104   char            *provName;
00105   char            *containerName;
00106   HCRYPTPROV      hProv;
00107   ckcapiKeyParams key;
00108 };
00109 typedef struct ckcapiKeyObjectStr ckcapiKeyObject;
00110 
00111 /*
00112  * Certificate and certificate referenced keys.
00113  */
00114 struct ckcapiCertObjectStr {
00115   PCCERT_CONTEXT  certContext;
00116   PRBool          hasID;
00117   const char    *certStore;
00118   NSSItem       label;
00119   NSSItem       subject;
00120   NSSItem       issuer;
00121   NSSItem       serial;
00122   NSSItem       derCert;
00123   ckcapiKeyParams key;
00124   unsigned char   *labelData;
00125   /* static data: to do, make this dynamic like labelData */
00126   unsigned char   derSerial[128];
00127 };
00128 typedef struct ckcapiCertObjectStr ckcapiCertObject;
00129 
00130 typedef enum {
00131   ckcapiRaw,
00132   ckcapiCert,
00133   ckcapiBareKey
00134 } ckcapiObjectType;
00135 
00136 /*
00137  * all the various types of objects are abstracted away in cobject and
00138  * cfind as ckcapiInternalObjects.
00139  */
00140 struct ckcapiInternalObjectStr {
00141   ckcapiObjectType type;
00142   union {
00143     ckcapiRawObject  raw;
00144     ckcapiCertObject cert;
00145     ckcapiKeyObject  key;
00146   } u;
00147   CK_OBJECT_CLASS objClass;
00148   NSSItem       hashKey;
00149   NSSItem       id;
00150   void          *idData;
00151   unsigned char   hashKeyData[128];
00152   NSSCKMDObject mdObject;
00153 };
00154 typedef struct ckcapiInternalObjectStr ckcapiInternalObject;
00155 
00156 /* our raw object data array */
00157 NSS_EXTERN_DATA ckcapiInternalObject nss_ckcapi_data[];
00158 NSS_EXTERN_DATA const PRUint32               nss_ckcapi_nObjects;
00159 
00160 NSS_EXTERN_DATA const CK_VERSION   nss_ckcapi_CryptokiVersion;
00161 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_ManufacturerID;
00162 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_LibraryDescription;
00163 NSS_EXTERN_DATA const CK_VERSION   nss_ckcapi_LibraryVersion;
00164 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_SlotDescription;
00165 NSS_EXTERN_DATA const CK_VERSION   nss_ckcapi_HardwareVersion;
00166 NSS_EXTERN_DATA const CK_VERSION   nss_ckcapi_FirmwareVersion;
00167 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_TokenLabel;
00168 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_TokenModel;
00169 NSS_EXTERN_DATA const NSSUTF8 *    nss_ckcapi_TokenSerialNumber;
00170 
00171 NSS_EXTERN_DATA const NSSCKMDInstance  nss_ckcapi_mdInstance;
00172 NSS_EXTERN_DATA const NSSCKMDSlot      nss_ckcapi_mdSlot;
00173 NSS_EXTERN_DATA const NSSCKMDToken     nss_ckcapi_mdToken;
00174 NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckcapi_mdMechanismRSA;
00175 
00176 NSS_EXTERN NSSCKMDSession *
00177 nss_ckcapi_CreateSession
00178 (
00179   NSSCKFWSession *fwSession,
00180   CK_RV *pError
00181 );
00182 
00183 NSS_EXTERN NSSCKMDFindObjects *
00184 nss_ckcapi_FindObjectsInit
00185 (
00186   NSSCKFWSession *fwSession,
00187   CK_ATTRIBUTE_PTR pTemplate,
00188   CK_ULONG ulAttributeCount,
00189   CK_RV *pError
00190 );
00191 
00192 /*
00193  * Object Utilities
00194  */
00195 NSS_EXTERN NSSCKMDObject *
00196 nss_ckcapi_CreateMDObject
00197 (
00198   NSSArena *arena,
00199   ckcapiInternalObject *io,
00200   CK_RV *pError
00201 );
00202 
00203 NSS_EXTERN NSSCKMDObject *
00204 nss_ckcapi_CreateObject
00205 (
00206   NSSCKFWSession *fwSession,
00207   CK_ATTRIBUTE_PTR pTemplate,
00208   CK_ULONG ulAttributeCount,
00209   CK_RV *pError
00210 );
00211 
00212 NSS_EXTERN const NSSItem *
00213 nss_ckcapi_FetchAttribute
00214 (
00215   ckcapiInternalObject *io, 
00216   CK_ATTRIBUTE_TYPE type
00217 );
00218 
00219 NSS_EXTERN void
00220 nss_ckcapi_DestroyInternalObject
00221 (
00222   ckcapiInternalObject *io
00223 );
00224 
00225 NSS_EXTERN CK_RV
00226 nss_ckcapi_FetchKeyContainer
00227 (
00228   ckcapiInternalObject *iKey,
00229   HCRYPTPROV  *hProv,
00230   DWORD       *keySpec,
00231   HCRYPTKEY   *hKey
00232 );
00233 
00234 /*
00235  * generic utilities
00236  */
00237 
00238 /*
00239  * So everyone else in the worlds stores their bignum data MSB first, but not
00240  * Microsoft, we need to byte swap everything coming into and out of CAPI.
00241  */
00242 void
00243 ckcapi_ReverseData
00244 (
00245   NSSItem *item
00246 );
00247 
00248 /*
00249  * unwrap a single DER value
00250  */
00251 char *
00252 nss_ckcapi_DERUnwrap
00253 (
00254   char *src, 
00255   int size, 
00256   int *outSize, 
00257   char **next
00258 );
00259 
00260 /*
00261  * Return the size in bytes of a wide string
00262  */
00263 int 
00264 nss_ckcapi_WideSize
00265 (
00266   LPCWSTR wide
00267 );
00268 
00269 /*
00270  * Covert a Unicode wide character string to a UTF8 string
00271  */
00272 char *
00273 nss_ckcapi_WideToUTF8
00274 (
00275   LPCWSTR wide 
00276 );
00277 
00278 /*
00279  * Return a Wide String duplicated with nss allocated memory.
00280  */
00281 LPWSTR
00282 nss_ckcapi_WideDup
00283 (
00284   LPCWSTR wide
00285 );
00286 
00287 /*
00288  * Covert a UTF8 string to Unicode wide character
00289  */
00290 LPWSTR
00291 nss_ckcapi_UTF8ToWide
00292 (
00293   char *buf
00294 );
00295 
00296 
00297 NSS_EXTERN PRUint32
00298 nss_ckcapi_collect_all_certs(
00299   CK_ATTRIBUTE_PTR pTemplate, 
00300   CK_ULONG ulAttributeCount, 
00301   ckcapiInternalObject ***listp,
00302   PRUint32 *sizep,
00303   PRUint32 count,
00304   CK_RV *pError
00305 );
00306 
00307 #define NSS_CKCAPI_ARRAY_SIZE(x) ((sizeof (x))/(sizeof ((x)[0])))
00308  
00309 #endif