diff options
-rw-r--r-- | ckcapi-builtin.c | 4 | ||||
-rw-r--r-- | ckcapi-builtin.h | 30 | ||||
-rw-r--r-- | ckcapi-cert.c | 4 | ||||
-rw-r--r-- | ckcapi-cert.h | 55 | ||||
-rw-r--r-- | ckcapi-object.c | 1 | ||||
-rw-r--r-- | ckcapi-object.h | 123 | ||||
-rw-r--r-- | ckcapi-session.c | 19 | ||||
-rw-r--r-- | ckcapi-session.h | 130 | ||||
-rw-r--r-- | ckcapi-token.c | 3 | ||||
-rw-r--r-- | ckcapi-token.h | 52 | ||||
-rw-r--r-- | ckcapi-trust.c | 5 | ||||
-rw-r--r-- | ckcapi-trust.h | 30 | ||||
-rw-r--r-- | ckcapi.c | 3 | ||||
-rw-r--r-- | ckcapi.h | 274 | ||||
-rw-r--r-- | ckcapi.vcproj | 24 |
15 files changed, 482 insertions, 275 deletions
diff --git a/ckcapi-builtin.c b/ckcapi-builtin.c index e113aed..47782ee 100644 --- a/ckcapi-builtin.c +++ b/ckcapi-builtin.c @@ -18,6 +18,10 @@ */ #include "ckcapi.h" +#include "ckcapi-object.h" +#include "ckcapi-session.h" +#include "ckcapi-token.h" + #include "pkcs11/pkcs11n.h" /* -------------------------------------------------------------------------- diff --git a/ckcapi-builtin.h b/ckcapi-builtin.h new file mode 100644 index 0000000..b7a043c --- /dev/null +++ b/ckcapi-builtin.h @@ -0,0 +1,30 @@ +/* + * Copyright (C) 2007 Stef Walter + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#ifndef CKCAPI_BUILTIN_H +#define CKCAPI_BUILTIN_H + +#include "ckcapi.h" + +/* Find builtin objects matching criteria */ +CK_RV ckcapi_builtin_find (CkCapiSession* sess, CK_OBJECT_CLASS cls, + CK_ATTRIBUTE_PTR match, CK_ULONG count, + CkCapiArray* arr); + +#endif /* CRYPTOKI_BUILTIN_H */ diff --git a/ckcapi-cert.c b/ckcapi-cert.c index 8eeb91c..ebb34ff 100644 --- a/ckcapi-cert.c +++ b/ckcapi-cert.c @@ -18,6 +18,10 @@ */ #include "ckcapi.h" +#include "ckcapi-cert.h" +#include "ckcapi-object.h" +#include "ckcapi-session.h" +#include "ckcapi-token.h" #include <memory.h> diff --git a/ckcapi-cert.h b/ckcapi-cert.h new file mode 100644 index 0000000..0a7622c --- /dev/null +++ b/ckcapi-cert.h @@ -0,0 +1,55 @@ +/* + * Copyright (C) 2007 Stef Walter + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#ifndef CKCAPI_CERT_H +#define CKCAPI_CERT_H + +/* -------------------------------------------------------------------- + * + * Session = CkCapiSession + * - A PKCS#11 Session + * + * Objects = CkCapiObject + * - There's a global list of objects in ckcapi-object.c indexed by + * object handle. + * - The object itself has no attributes or cached data, but knows how + * to load data when needed. + * - Each object has a unique key which guarantees we don't load the + * same object twice with two different object handles. + * + * Object Data = CkCapiObjectData + * - Object Data is owned by the Session + * - Loaded data and/or attributes for an object. + */ + +#include "ckcapi.h" +#include "ckcapi-util.h" + +/* Find certificates matching criteria */ +CK_RV ckcapi_cert_find (CkCapiSession* sess, CK_OBJECT_CLASS cls, + CK_ATTRIBUTE_PTR match, CK_ULONG count, + CkCapiArray* arr); + + +/* Called by trust stuff */ +CK_RV ckcapi_cert_certificate_get_bytes (PCCERT_CONTEXT cert, + CK_ATTRIBUTE_PTR attr); +PCCERT_CONTEXT ckcapi_cert_object_data_get_certificate (CkCapiObjectData* objdata); + +#endif /* CRYPTOKI_CERT_H */ diff --git a/ckcapi-object.c b/ckcapi-object.c index 473f28c..5c2c6cc 100644 --- a/ckcapi-object.c +++ b/ckcapi-object.c @@ -18,6 +18,7 @@ */ #include "ckcapi.h" +#include "ckcapi-object.h" #include "pkcs11/pkcs11n.h" diff --git a/ckcapi-object.h b/ckcapi-object.h new file mode 100644 index 0000000..98451f6 --- /dev/null +++ b/ckcapi-object.h @@ -0,0 +1,123 @@ +/* + * Copyright (C) 2007 Stef Walter + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#ifndef CKCAPI_OBJECT_H +#define CKCAPI_OBJECT_H + +#include "ckcapi.h" + +/* Debug print something about an object */ +#define DBGO(obj, msg) \ + ckcapi_debug("O%d: %s", (obj) ? (obj)->id : 0, (msg)) + +/* A function to load data for an object */ +typedef CK_RV (*CkCapiLoadData)(CkCapiSession* sess, struct _CkCapiObject* obj, + CkCapiObjectData** objdata); + +/* A function to free some data */ +typedef void (*CkCapiRelease)(void* data); + +/* Object functions */ +typedef struct _CkCapiObjectVtable +{ + CkCapiLoadData load_data; + CkCapiRelease release; +} +CkCapiObjectVtable; + +/* Represents a object we've seen */ +struct _CkCapiObject +{ + CK_OBJECT_HANDLE id; + CK_SLOT_ID slot; + CK_SESSION_HANDLE session; + const CkCapiObjectVtable* obj_funcs; + void* unique_key; + size_t unique_len; +}; + +/* A function to get an attribute from ObjectData */ +typedef CK_RV (*CkCapiGetAttribute)(CkCapiObjectData* objdata, CK_ATTRIBUTE_PTR attr); + +/* Object data functions */ +typedef struct _CkCapiObjectDataVtable +{ + CkCapiGetAttribute get_bool; + CkCapiGetAttribute get_ulong; + CkCapiGetAttribute get_bytes; + CkCapiGetAttribute get_date; + CkCapiRelease release; +} +CkCapiObjectDataVtable; + +/* + * Base class for object data. Different types of + * objects extend this with more detailed data + */ +struct _CkCapiObjectData +{ + CK_OBJECT_HANDLE object; + const CkCapiObjectDataVtable* data_funcs; +}; + +/* Match object data against all the given match attributes */ +CK_BBOOL ckcapi_object_data_match (CkCapiObjectData* objdata, + CK_ATTRIBUTE_PTR matches, CK_ULONG count); + +/* Match a single attribute against object data */ +CK_BBOOL ckcapi_object_data_match_attr (CkCapiObjectData* objdata, + CK_ATTRIBUTE_PTR match); + +/* Get a bunch of attributes from object data */ +CK_RV ckcapi_object_data_get_attrs (CkCapiObjectData* objdata, CK_ATTRIBUTE_PTR attrs, + CK_ULONG count); + +/* Debug print something about an object data */ +#define DBGOD(objdata, msg) \ + ckcapi_debug("O%d: %s", (objdata) ? (objdata)->obj : 0, (msg)) + +/* + * Each object has a unique key which guarantees that we're + * not loading the same objects over and over again. + * Usually these are contiguous members of a struct. These + * macros help calculate the address and length of such a + * unique key + */ + +/* The unique key starts at the address of the starting struct member */ +#define UNIQUE_KEY_AT(obj, mem) \ + (void*)(&((obj->mem))) + +/* Calculates key length between first and last struct members */ +#define UNIQUE_KEY_LEN(obj, first, last) \ + UNIQUE_KEY_VAR_LEN(obj, first, last, sizeof(obj->last)) + +/* Calcs key len between first and a certain num of bytes past last struct member */ +#define UNIQUE_KEY_VAR_LEN(obj, first, last, len) \ + ((((char*)&((obj->last))) - ((char*)&((obj->first)))) + (len)) + +/* Used internally to have a unique id for different object types */ +enum +{ + OBJECT_CERT = 1, + OBJECT_BUILTIN = 2, + OBJECT_TRUST = 3 +}; + +#endif /* CKCAPI_OBJECT_H */ diff --git a/ckcapi-session.c b/ckcapi-session.c index e54fcdf..46de60a 100644 --- a/ckcapi-session.c +++ b/ckcapi-session.c @@ -20,6 +20,12 @@ #include <stdlib.h> #include "ckcapi.h" +#include "ckcapi-builtin.h" +#include "ckcapi-cert.h" +#include "ckcapi-object.h" +#include "ckcapi-session.h" +#include "ckcapi-token.h" +#include "ckcapi-trust.h" static CkCapiArray* all_sessions = NULL; @@ -573,7 +579,18 @@ gather_objects(CkCapiSession* sess, CK_ATTRIBUTE_PTR match, if(ret != CKR_OK) return ret; - /* Search for certificates */ + /* + * Search through certificates. + * + * We always do this search first. In Windows a lots hangs off + * the certificates. For example private keys are not contained + * in the same stores that certificates are in. There are a different + * set of key containers many of which can be used together + * with a certificate stored in any store. + * + * The trust objects we expose also depend on the certificates + * loaded. + */ ret = ckcapi_cert_find(sess, ocls, match, count, arr); if(ret != CKR_OK) return ret; diff --git a/ckcapi-session.h b/ckcapi-session.h new file mode 100644 index 0000000..6007662 --- /dev/null +++ b/ckcapi-session.h @@ -0,0 +1,130 @@ +/* + * Copyright (C) 2007 Stef Walter + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#ifndef CKCAPI_SESSION_H +#define CKCAPI_SESSION_H + +#include "ckcapi.h" + +/* For operation_type in CkCapiSession */ +enum +{ + OPERATION_NONE = 0, + OPERATION_FIND = 1, +}; + +/* Callback to cancel a current operation */ +typedef void (*CkCapiSessionCancel) (struct _CkCapiSession* sess); + +/* Represents an open session */ +typedef struct _CkCapiSession +{ + CK_SESSION_HANDLE id; /* Unique ID for this session */ + CK_SLOT_ID slot; + int in_call; /* Whether this session is use in PKCS#11 function */ + + HCERTSTORE store; /* Handle to an open certificate store */ + + int operation_type; /* Whether an operation is happening or not */ + void* operation_data; /* Data for this operation */ + CkCapiSessionCancel operation_cancel; /* Callback to cancel operation when necessary */ + + CkCapiHash* object_data; + + CK_NOTIFY notify_callback; /* Application specified callback */ + CK_VOID_PTR user_data; /* Argument for above */ + + int refs; /* Reference count */ + HANDLE mutex; /* Mutex for protecting this structure */ +} +CkCapiSession; + +/* Debug print something related to a session */ +#define DBGS(sess, msg) \ + ckcapi_debug("S%d: %s", (sess) ? (sess)->id : 0, (msg)) + +/* Create a session */ +CK_RV ckcapi_session_create (CK_SLOT_ID slot, CkCapiSession** ret); + +/* Destroy a session */ +void ckcapi_session_destroy (CkCapiSession* sess); + +/* Register a new session */ +CK_RV ckcapi_session_register (CkCapiSession* sess); + +/* Get a session from a handle, and lock it */ +CK_RV ckcapi_session_get_lock_ref (CK_ULONG id, int remove, + CkCapiSession **sess); + +/* Unlock and unreference a session */ +void ckcapi_session_unref_unlock (CkCapiSession* sess); + +/* Close all sessions on a certain slot/token */ +CK_RV ckcapi_session_close_all (CK_SLOT_ID slot); + + + +/* Start a find operation on a session */ +CK_RV ckcapi_session_find_init (CkCapiSession* sess, + CK_ATTRIBUTE_PTR templ, + CK_ULONG count); + +/* Return results from a find operation */ +CK_RV ckcapi_session_find (CkCapiSession* sess, + CK_OBJECT_HANDLE_PTR objects, + CK_ULONG max_object_count, + CK_ULONG_PTR object_count); + +/* End a find operation */ +CK_RV ckcapi_session_find_final (CkCapiSession* sess); + + + + +/* Get object data for an object */ +CK_RV ckcapi_session_get_object_data (CkCapiSession* sess, + CkCapiObject* obj, + CkCapiObjectData** objdata); + +/* Get object data for an object handle */ +CK_RV ckcapi_session_get_object_data_for (CkCapiSession* sess, + CK_OBJECT_HANDLE hand, + CkCapiObjectData** objdata); + +/* Set object data for an object */ +void ckcapi_session_take_object_data (CkCapiSession* sess, + CkCapiObject* obj, + CkCapiObjectData* objdata); + +/* Clear object data for an object */ +void ckcapi_session_clear_object_data (CkCapiSession* sess, + CkCapiObject* obj); + +/* Enumerate object data for all objects */ +typedef void (*CkCapiEnumObjectData) (CkCapiSession* sess, + CkCapiObject* obj, + CkCapiObjectData* data, + void* arg); +void ckcapi_session_enum_object_data (CkCapiSession* sess, + CkCapiEnumObjectData enum_func, + void* arg); + +void ckcapi_session_cleanup_all (void); + +#endif /* CKCAPI_SESSION_H */ diff --git a/ckcapi-token.c b/ckcapi-token.c index a1db1ab..c0a6977 100644 --- a/ckcapi-token.c +++ b/ckcapi-token.c @@ -18,6 +18,8 @@ */ #include "ckcapi.h" +#include "ckcapi-object.h" +#include "ckcapi-token.h" static CkCapiArray* object_array = NULL; static CkCapiHash* object_hash = NULL; @@ -54,6 +56,7 @@ ckcapi_token_get_count(void) return sizeof(slot_info) / sizeof(slot_info[0]); } +CK_SLOT_ID ckcapi_token_get_slot_id(unsigned int offset) { ASSERT(offset < ckcapi_token_get_count()); diff --git a/ckcapi-token.h b/ckcapi-token.h new file mode 100644 index 0000000..6927241 --- /dev/null +++ b/ckcapi-token.h @@ -0,0 +1,52 @@ +/* + * Copyright (C) 2007 Stef Walter + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#ifndef CKCAPI_TOKEN_H +#define CKCAPI_TOKEN_H + +#include "ckcapi.h" + +#define CKCAPI_SLOT_CA 0x00000001 +#define CKCAPI_SLOT_TRUSTED 0x00000002 + +/* Register a new object, a handle will be assigned to obj->id */ +CK_RV ckcapi_token_register_object (CK_SLOT_ID slot, CkCapiObject* obj); + +/* Lookup an object for a given object handle */ +CkCapiObject* ckcapi_token_lookup_object (CK_SLOT_ID slot, CK_OBJECT_HANDLE obj); + +/* Clear all objects for all tokens. Only done when finalizing */ +void ckcapi_token_cleanup_all (void); + +/* Get the number of the maximum object handle currently in memory */ +CK_OBJECT_HANDLE ckcapi_token_get_max_handle (void); + +unsigned int ckcapi_token_get_count (void); + +CK_SLOT_ID ckcapi_token_get_slot_id (unsigned int index); + +CK_BBOOL ckcapi_token_is_valid (CK_SLOT_ID slot); + +const char* ckcapi_token_get_display_name (CK_SLOT_ID slot); + +const char* ckcapi_token_get_store_name (CK_SLOT_ID slot); + +CK_ULONG ckcapi_token_get_flags (CK_SLOT_ID slot); + +#endif /* CKCAPI_TOKEN_H */ diff --git a/ckcapi-trust.c b/ckcapi-trust.c index d783b73..2212d42 100644 --- a/ckcapi-trust.c +++ b/ckcapi-trust.c @@ -18,6 +18,11 @@ */ #include "ckcapi.h" +#include "ckcapi-cert.h" +#include "ckcapi-object.h" +#include "ckcapi-session.h" +#include "ckcapi-token.h" +#include "ckcapi-trust.h" #include "x509-usages.h" #include "pkcs11/pkcs11n.h" diff --git a/ckcapi-trust.h b/ckcapi-trust.h new file mode 100644 index 0000000..f8d8bcc --- /dev/null +++ b/ckcapi-trust.h @@ -0,0 +1,30 @@ +/* + * Copyright (C) 2007 Stef Walter + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + */ + +#ifndef CKCAPI_TRUST_H +#define CKCAPI_TRUST_H + +#include "ckcapi.h" + +/* Find trust objects matching criteria */ +CK_RV ckcapi_trust_find (CkCapiSession* sess, CK_OBJECT_CLASS cls, + CK_ATTRIBUTE_PTR match, CK_ULONG count, + CkCapiArray* arr); + +#endif /* CRYPTOKI_TRUST_H */ @@ -22,6 +22,9 @@ #include <stdio.h> #include "ckcapi.h" +#include "ckcapi-object.h" +#include "ckcapi-session.h" +#include "ckcapi-token.h" /* Warns about all the raw string usage in this file */ #pragma warning (disable : 4996) @@ -61,280 +61,6 @@ typedef struct _CkCapiObjectData CkCapiObjectData; typedef struct _CkCapiSession CkCapiSession; /* ------------------------------------------------------------------ - * ckcapi-token.c - */ - -/* Debug print something about an object */ -#define DBGO(obj, msg) \ - ckcapi_debug("O%d: %s", (obj) ? (obj)->id : 0, (msg)) - -/* A function to load data for an object */ -typedef CK_RV (*CkCapiLoadData)(CkCapiSession* sess, struct _CkCapiObject* obj, - CkCapiObjectData** objdata); - -/* A function to free some data */ -typedef void (*CkCapiRelease)(void* data); - -/* Object functions */ -typedef struct _CkCapiObjectVtable -{ - CkCapiLoadData load_data; - CkCapiRelease release; -} -CkCapiObjectVtable; - -/* Represents a object we've seen */ -struct _CkCapiObject -{ - CK_OBJECT_HANDLE id; - CK_SLOT_ID slot; - CK_SESSION_HANDLE session; - const CkCapiObjectVtable* obj_funcs; - void* unique_key; - size_t unique_len; -}; - -/* Register a new object, a handle will be assigned to obj->id */ -CK_RV ckcapi_token_register_object (CK_SLOT_ID slot, CkCapiObject* obj); - -/* Lookup an object for a given object handle */ -CkCapiObject* ckcapi_token_lookup_object (CK_SLOT_ID slot, CK_OBJECT_HANDLE obj); - -/* Clear all objects for all tokens. Only done when finalizing */ -void ckcapi_token_cleanup_all (void); - -/* Get the number of the maximum object handle currently in memory */ -CK_OBJECT_HANDLE ckcapi_token_get_max_handle (void); - -unsigned int ckcapi_token_get_count (void); - -CK_BBOOL ckcapi_token_is_valid (CK_SLOT_ID slot); - -const char* ckcapi_token_get_display_name (CK_SLOT_ID slot); - -const char* ckcapi_token_get_store_name (CK_SLOT_ID slot); - -#define CKCAPI_SLOT_CA 0x00000001 -#define CKCAPI_SLOT_TRUSTED 0x00000002 - -CK_ULONG ckcapi_token_get_flags (CK_SLOT_ID slot); - -/* ------------------------------------------------------------------ - * ckcapi-object.c - */ - -/* A function to get an attribute from ObjectData */ -typedef CK_RV (*CkCapiGetAttribute)(CkCapiObjectData* objdata, CK_ATTRIBUTE_PTR attr); - -/* Object data functions */ -typedef struct _CkCapiObjectDataVtable -{ - CkCapiGetAttribute get_bool; - CkCapiGetAttribute get_ulong; - CkCapiGetAttribute get_bytes; - CkCapiGetAttribute get_date; - CkCapiRelease release; -} -CkCapiObjectDataVtable; - -/* - * Base class for object data. Different types of - * objects extend this with more detailed data - */ -struct _CkCapiObjectData -{ - CK_OBJECT_HANDLE object; - const CkCapiObjectDataVtable* data_funcs; -}; - -/* Match object data against all the given match attributes */ -CK_BBOOL ckcapi_object_data_match (CkCapiObjectData* objdata, - CK_ATTRIBUTE_PTR matches, CK_ULONG count); - -/* Match a single attribute against object data */ -CK_BBOOL ckcapi_object_data_match_attr (CkCapiObjectData* objdata, - CK_ATTRIBUTE_PTR match); - -/* Get a bunch of attributes from object data */ -CK_RV ckcapi_object_data_get_attrs (CkCapiObjectData* objdata, CK_ATTRIBUTE_PTR attrs, - CK_ULONG count); - -/* Debug print something about an object data */ -#define DBGOD(objdata, msg) \ - ckcapi_debug("O%d: %s", (objdata) ? (objdata)->obj : 0, (msg)) - -/* - * Each object has a unique key which guarantees that we're - * not loading the same objects over and over again. - * Usually these are contiguous members of a struct. These - * macros help calculate the address and length of such a - * unique key - */ - -/* The unique key starts at the address of the starting struct member */ -#define UNIQUE_KEY_AT(obj, mem) \ - (void*)(&((obj->mem))) - -/* Calculates key length between first and last struct members */ -#define UNIQUE_KEY_LEN(obj, first, last) \ - UNIQUE_KEY_VAR_LEN(obj, first, last, sizeof(obj->last)) - -/* Calcs key len between first and a certain num of bytes past last struct member */ -#define UNIQUE_KEY_VAR_LEN(obj, first, last, len) \ - ((((char*)&((obj->last))) - ((char*)&((obj->first)))) + (len)) - -/* Used internally to have a unique id for different object types */ -enum -{ - OBJECT_CERT = 1, - OBJECT_BUILTIN = 2, - OBJECT_TRUST = 3 -}; - -/* ------------------------------------------------------------------ - * cryptoki-capi-session.c - */ - -/* For operation_type in CkCapiSession */ -enum -{ - OPERATION_NONE = 0, - OPERATION_FIND = 1, -}; - -/* Callback to cancel a current operation */ -typedef void (*CkCapiSessionCancel) (struct _CkCapiSession* sess); - -/* Represents an open session */ -typedef struct _CkCapiSession -{ - CK_SESSION_HANDLE id; /* Unique ID for this session */ - CK_SLOT_ID slot; - int in_call; /* Whether this session is use in PKCS#11 function */ - - HCERTSTORE store; /* Handle to an open certificate store */ - - int operation_type; /* Whether an operation is happening or not */ - void* operation_data; /* Data for this operation */ - CkCapiSessionCancel operation_cancel; /* Callback to cancel operation when necessary */ - - CkCapiHash* object_data; - - CK_NOTIFY notify_callback; /* Application specified callback */ - CK_VOID_PTR user_data; /* Argument for above */ - - int refs; /* Reference count */ - HANDLE mutex; /* Mutex for protecting this structure */ -} -CkCapiSession; - -/* Debug print something related to a session */ -#define DBGS(sess, msg) \ - ckcapi_debug("S%d: %s", (sess) ? (sess)->id : 0, (msg)) - -/* Create a session */ -CK_RV ckcapi_session_create (CK_SLOT_ID slot, CkCapiSession** ret); - -/* Destroy a session */ -void ckcapi_session_destroy (CkCapiSession* sess); - -/* Register a new session */ -CK_RV ckcapi_session_register (CkCapiSession* sess); - -/* Get a session from a handle, and lock it */ -CK_RV ckcapi_session_get_lock_ref (CK_ULONG id, int remove, - CkCapiSession **sess); - -/* Unlock and unreference a session */ -void ckcapi_session_unref_unlock (CkCapiSession* sess); - -/* Close all sessions on a certain slot/token */ -CK_RV ckcapi_session_close_all (CK_SLOT_ID slot); - - - -/* Start a find operation on a session */ -CK_RV ckcapi_session_find_init (CkCapiSession* sess, - CK_ATTRIBUTE_PTR templ, - CK_ULONG count); - -/* Return results from a find operation */ -CK_RV ckcapi_session_find (CkCapiSession* sess, - CK_OBJECT_HANDLE_PTR objects, - CK_ULONG max_object_count, - CK_ULONG_PTR object_count); - -/* End a find operation */ -CK_RV ckcapi_session_find_final (CkCapiSession* sess); - - - - -/* Get object data for an object */ -CK_RV ckcapi_session_get_object_data (CkCapiSession* sess, - CkCapiObject* obj, - CkCapiObjectData** objdata); - -/* Get object data for an object handle */ -CK_RV ckcapi_session_get_object_data_for (CkCapiSession* sess, - CK_OBJECT_HANDLE hand, - CkCapiObjectData** objdata); - -/* Set object data for an object */ -void ckcapi_session_take_object_data (CkCapiSession* sess, - CkCapiObject* obj, - CkCapiObjectData* objdata); - -/* Clear object data for an object */ -void ckcapi_session_clear_object_data (CkCapiSession* sess, - CkCapiObject* obj); - -/* Enumerate object data for all objects */ -typedef void (*CkCapiEnumObjectData) (CkCapiSession* sess, - CkCapiObject* obj, - CkCapiObjectData* data, - void* arg); -void ckcapi_session_enum_object_data (CkCapiSession* sess, - CkCapiEnumObjectData enum_func, - void* arg); - -void ckcapi_session_cleanup_all (void); - -/* ------------------------------------------------------------------- - * ckcapi-cert.c - */ - -/* Find certificates matching criteria */ -CK_RV ckcapi_cert_find (CkCapiSession* sess, CK_OBJECT_CLASS cls, - CK_ATTRIBUTE_PTR match, CK_ULONG count, - CkCapiArray* arr); - - -/* Called by trust stuff */ -CK_RV ckcapi_cert_certificate_get_bytes (PCCERT_CONTEXT cert, - CK_ATTRIBUTE_PTR attr); -PCCERT_CONTEXT ckcapi_cert_object_data_get_certificate (CkCapiObjectData* objdata); - - -/* ------------------------------------------------------------------- - * ckcapi-builtin.c - */ - -/* Find builtin objects matching criteria */ -CK_RV ckcapi_builtin_find (CkCapiSession* sess, CK_OBJECT_CLASS cls, - CK_ATTRIBUTE_PTR match, CK_ULONG count, - CkCapiArray* arr); - -/* ------------------------------------------------------------------- - * ckcapi-trust.c - */ - -/* Find trust objects matching criteria */ -CK_RV ckcapi_trust_find (CkCapiSession* sess, CK_OBJECT_CLASS cls, - CK_ATTRIBUTE_PTR match, CK_ULONG count, - CkCapiArray* arr); - -/* ------------------------------------------------------------------ * cryptoki-capi.c * * Module helper and logging functions. diff --git a/ckcapi.vcproj b/ckcapi.vcproj index 0dd6a40..c2a77bb 100644 --- a/ckcapi.vcproj +++ b/ckcapi.vcproj @@ -377,6 +377,26 @@ Filter="h;hpp;hxx;hm;inl" > <File + RelativePath=".\ckcapi-cert.h" + > + </File> + <File + RelativePath=".\ckcapi-object.h" + > + </File> + <File + RelativePath=".\ckcapi-session.h" + > + </File> + <File + RelativePath=".\ckcapi-token.h" + > + </File> + <File + RelativePath=".\ckcapi-trust.h" + > + </File> + <File RelativePath="ckcapi-util.h" > </File> @@ -385,6 +405,10 @@ > </File> <File + RelativePath=".\pkcs11\ckcapi.h" + > + </File> + <File RelativePath="pkcs11\pkcs11.h" > </File> |