summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ckcapi-builtin.c4
-rw-r--r--ckcapi-builtin.h30
-rw-r--r--ckcapi-cert.c4
-rw-r--r--ckcapi-cert.h55
-rw-r--r--ckcapi-object.c1
-rw-r--r--ckcapi-object.h123
-rw-r--r--ckcapi-session.c19
-rw-r--r--ckcapi-session.h130
-rw-r--r--ckcapi-token.c3
-rw-r--r--ckcapi-token.h52
-rw-r--r--ckcapi-trust.c5
-rw-r--r--ckcapi-trust.h30
-rw-r--r--ckcapi.c3
-rw-r--r--ckcapi.h274
-rw-r--r--ckcapi.vcproj24
15 files changed, 482 insertions, 275 deletions
diff --git a/ckcapi-builtin.c b/ckcapi-builtin.c
index e113aed..47782ee 100644
--- a/ckcapi-builtin.c
+++ b/ckcapi-builtin.c
@@ -18,6 +18,10 @@
*/
#include "ckcapi.h"
+#include "ckcapi-object.h"
+#include "ckcapi-session.h"
+#include "ckcapi-token.h"
+
#include "pkcs11/pkcs11n.h"
/* --------------------------------------------------------------------------
diff --git a/ckcapi-builtin.h b/ckcapi-builtin.h
new file mode 100644
index 0000000..b7a043c
--- /dev/null
+++ b/ckcapi-builtin.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2007 Stef Walter
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#ifndef CKCAPI_BUILTIN_H
+#define CKCAPI_BUILTIN_H
+
+#include "ckcapi.h"
+
+/* Find builtin objects matching criteria */
+CK_RV ckcapi_builtin_find (CkCapiSession* sess, CK_OBJECT_CLASS cls,
+ CK_ATTRIBUTE_PTR match, CK_ULONG count,
+ CkCapiArray* arr);
+
+#endif /* CRYPTOKI_BUILTIN_H */
diff --git a/ckcapi-cert.c b/ckcapi-cert.c
index 8eeb91c..ebb34ff 100644
--- a/ckcapi-cert.c
+++ b/ckcapi-cert.c
@@ -18,6 +18,10 @@
*/
#include "ckcapi.h"
+#include "ckcapi-cert.h"
+#include "ckcapi-object.h"
+#include "ckcapi-session.h"
+#include "ckcapi-token.h"
#include <memory.h>
diff --git a/ckcapi-cert.h b/ckcapi-cert.h
new file mode 100644
index 0000000..0a7622c
--- /dev/null
+++ b/ckcapi-cert.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2007 Stef Walter
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#ifndef CKCAPI_CERT_H
+#define CKCAPI_CERT_H
+
+/* --------------------------------------------------------------------
+ *
+ * Session = CkCapiSession
+ * - A PKCS#11 Session
+ *
+ * Objects = CkCapiObject
+ * - There's a global list of objects in ckcapi-object.c indexed by
+ * object handle.
+ * - The object itself has no attributes or cached data, but knows how
+ * to load data when needed.
+ * - Each object has a unique key which guarantees we don't load the
+ * same object twice with two different object handles.
+ *
+ * Object Data = CkCapiObjectData
+ * - Object Data is owned by the Session
+ * - Loaded data and/or attributes for an object.
+ */
+
+#include "ckcapi.h"
+#include "ckcapi-util.h"
+
+/* Find certificates matching criteria */
+CK_RV ckcapi_cert_find (CkCapiSession* sess, CK_OBJECT_CLASS cls,
+ CK_ATTRIBUTE_PTR match, CK_ULONG count,
+ CkCapiArray* arr);
+
+
+/* Called by trust stuff */
+CK_RV ckcapi_cert_certificate_get_bytes (PCCERT_CONTEXT cert,
+ CK_ATTRIBUTE_PTR attr);
+PCCERT_CONTEXT ckcapi_cert_object_data_get_certificate (CkCapiObjectData* objdata);
+
+#endif /* CRYPTOKI_CERT_H */
diff --git a/ckcapi-object.c b/ckcapi-object.c
index 473f28c..5c2c6cc 100644
--- a/ckcapi-object.c
+++ b/ckcapi-object.c
@@ -18,6 +18,7 @@
*/
#include "ckcapi.h"
+#include "ckcapi-object.h"
#include "pkcs11/pkcs11n.h"
diff --git a/ckcapi-object.h b/ckcapi-object.h
new file mode 100644
index 0000000..98451f6
--- /dev/null
+++ b/ckcapi-object.h
@@ -0,0 +1,123 @@
+/*
+ * Copyright (C) 2007 Stef Walter
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#ifndef CKCAPI_OBJECT_H
+#define CKCAPI_OBJECT_H
+
+#include "ckcapi.h"
+
+/* Debug print something about an object */
+#define DBGO(obj, msg) \
+ ckcapi_debug("O%d: %s", (obj) ? (obj)->id : 0, (msg))
+
+/* A function to load data for an object */
+typedef CK_RV (*CkCapiLoadData)(CkCapiSession* sess, struct _CkCapiObject* obj,
+ CkCapiObjectData** objdata);
+
+/* A function to free some data */
+typedef void (*CkCapiRelease)(void* data);
+
+/* Object functions */
+typedef struct _CkCapiObjectVtable
+{
+ CkCapiLoadData load_data;
+ CkCapiRelease release;
+}
+CkCapiObjectVtable;
+
+/* Represents a object we've seen */
+struct _CkCapiObject
+{
+ CK_OBJECT_HANDLE id;
+ CK_SLOT_ID slot;
+ CK_SESSION_HANDLE session;
+ const CkCapiObjectVtable* obj_funcs;
+ void* unique_key;
+ size_t unique_len;
+};
+
+/* A function to get an attribute from ObjectData */
+typedef CK_RV (*CkCapiGetAttribute)(CkCapiObjectData* objdata, CK_ATTRIBUTE_PTR attr);
+
+/* Object data functions */
+typedef struct _CkCapiObjectDataVtable
+{
+ CkCapiGetAttribute get_bool;
+ CkCapiGetAttribute get_ulong;
+ CkCapiGetAttribute get_bytes;
+ CkCapiGetAttribute get_date;
+ CkCapiRelease release;
+}
+CkCapiObjectDataVtable;
+
+/*
+ * Base class for object data. Different types of
+ * objects extend this with more detailed data
+ */
+struct _CkCapiObjectData
+{
+ CK_OBJECT_HANDLE object;
+ const CkCapiObjectDataVtable* data_funcs;
+};
+
+/* Match object data against all the given match attributes */
+CK_BBOOL ckcapi_object_data_match (CkCapiObjectData* objdata,
+ CK_ATTRIBUTE_PTR matches, CK_ULONG count);
+
+/* Match a single attribute against object data */
+CK_BBOOL ckcapi_object_data_match_attr (CkCapiObjectData* objdata,
+ CK_ATTRIBUTE_PTR match);
+
+/* Get a bunch of attributes from object data */
+CK_RV ckcapi_object_data_get_attrs (CkCapiObjectData* objdata, CK_ATTRIBUTE_PTR attrs,
+ CK_ULONG count);
+
+/* Debug print something about an object data */
+#define DBGOD(objdata, msg) \
+ ckcapi_debug("O%d: %s", (objdata) ? (objdata)->obj : 0, (msg))
+
+/*
+ * Each object has a unique key which guarantees that we're
+ * not loading the same objects over and over again.
+ * Usually these are contiguous members of a struct. These
+ * macros help calculate the address and length of such a
+ * unique key
+ */
+
+/* The unique key starts at the address of the starting struct member */
+#define UNIQUE_KEY_AT(obj, mem) \
+ (void*)(&((obj->mem)))
+
+/* Calculates key length between first and last struct members */
+#define UNIQUE_KEY_LEN(obj, first, last) \
+ UNIQUE_KEY_VAR_LEN(obj, first, last, sizeof(obj->last))
+
+/* Calcs key len between first and a certain num of bytes past last struct member */
+#define UNIQUE_KEY_VAR_LEN(obj, first, last, len) \
+ ((((char*)&((obj->last))) - ((char*)&((obj->first)))) + (len))
+
+/* Used internally to have a unique id for different object types */
+enum
+{
+ OBJECT_CERT = 1,
+ OBJECT_BUILTIN = 2,
+ OBJECT_TRUST = 3
+};
+
+#endif /* CKCAPI_OBJECT_H */
diff --git a/ckcapi-session.c b/ckcapi-session.c
index e54fcdf..46de60a 100644
--- a/ckcapi-session.c
+++ b/ckcapi-session.c
@@ -20,6 +20,12 @@
#include <stdlib.h>
#include "ckcapi.h"
+#include "ckcapi-builtin.h"
+#include "ckcapi-cert.h"
+#include "ckcapi-object.h"
+#include "ckcapi-session.h"
+#include "ckcapi-token.h"
+#include "ckcapi-trust.h"
static CkCapiArray* all_sessions = NULL;
@@ -573,7 +579,18 @@ gather_objects(CkCapiSession* sess, CK_ATTRIBUTE_PTR match,
if(ret != CKR_OK)
return ret;
- /* Search for certificates */
+ /*
+ * Search through certificates.
+ *
+ * We always do this search first. In Windows a lots hangs off
+ * the certificates. For example private keys are not contained
+ * in the same stores that certificates are in. There are a different
+ * set of key containers many of which can be used together
+ * with a certificate stored in any store.
+ *
+ * The trust objects we expose also depend on the certificates
+ * loaded.
+ */
ret = ckcapi_cert_find(sess, ocls, match, count, arr);
if(ret != CKR_OK)
return ret;
diff --git a/ckcapi-session.h b/ckcapi-session.h
new file mode 100644
index 0000000..6007662
--- /dev/null
+++ b/ckcapi-session.h
@@ -0,0 +1,130 @@
+/*
+ * Copyright (C) 2007 Stef Walter
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#ifndef CKCAPI_SESSION_H
+#define CKCAPI_SESSION_H
+
+#include "ckcapi.h"
+
+/* For operation_type in CkCapiSession */
+enum
+{
+ OPERATION_NONE = 0,
+ OPERATION_FIND = 1,
+};
+
+/* Callback to cancel a current operation */
+typedef void (*CkCapiSessionCancel) (struct _CkCapiSession* sess);
+
+/* Represents an open session */
+typedef struct _CkCapiSession
+{
+ CK_SESSION_HANDLE id; /* Unique ID for this session */
+ CK_SLOT_ID slot;
+ int in_call; /* Whether this session is use in PKCS#11 function */
+
+ HCERTSTORE store; /* Handle to an open certificate store */
+
+ int operation_type; /* Whether an operation is happening or not */
+ void* operation_data; /* Data for this operation */
+ CkCapiSessionCancel operation_cancel; /* Callback to cancel operation when necessary */
+
+ CkCapiHash* object_data;
+
+ CK_NOTIFY notify_callback; /* Application specified callback */
+ CK_VOID_PTR user_data; /* Argument for above */
+
+ int refs; /* Reference count */
+ HANDLE mutex; /* Mutex for protecting this structure */
+}
+CkCapiSession;
+
+/* Debug print something related to a session */
+#define DBGS(sess, msg) \
+ ckcapi_debug("S%d: %s", (sess) ? (sess)->id : 0, (msg))
+
+/* Create a session */
+CK_RV ckcapi_session_create (CK_SLOT_ID slot, CkCapiSession** ret);
+
+/* Destroy a session */
+void ckcapi_session_destroy (CkCapiSession* sess);
+
+/* Register a new session */
+CK_RV ckcapi_session_register (CkCapiSession* sess);
+
+/* Get a session from a handle, and lock it */
+CK_RV ckcapi_session_get_lock_ref (CK_ULONG id, int remove,
+ CkCapiSession **sess);
+
+/* Unlock and unreference a session */
+void ckcapi_session_unref_unlock (CkCapiSession* sess);
+
+/* Close all sessions on a certain slot/token */
+CK_RV ckcapi_session_close_all (CK_SLOT_ID slot);
+
+
+
+/* Start a find operation on a session */
+CK_RV ckcapi_session_find_init (CkCapiSession* sess,
+ CK_ATTRIBUTE_PTR templ,
+ CK_ULONG count);
+
+/* Return results from a find operation */
+CK_RV ckcapi_session_find (CkCapiSession* sess,
+ CK_OBJECT_HANDLE_PTR objects,
+ CK_ULONG max_object_count,
+ CK_ULONG_PTR object_count);
+
+/* End a find operation */
+CK_RV ckcapi_session_find_final (CkCapiSession* sess);
+
+
+
+
+/* Get object data for an object */
+CK_RV ckcapi_session_get_object_data (CkCapiSession* sess,
+ CkCapiObject* obj,
+ CkCapiObjectData** objdata);
+
+/* Get object data for an object handle */
+CK_RV ckcapi_session_get_object_data_for (CkCapiSession* sess,
+ CK_OBJECT_HANDLE hand,
+ CkCapiObjectData** objdata);
+
+/* Set object data for an object */
+void ckcapi_session_take_object_data (CkCapiSession* sess,
+ CkCapiObject* obj,
+ CkCapiObjectData* objdata);
+
+/* Clear object data for an object */
+void ckcapi_session_clear_object_data (CkCapiSession* sess,
+ CkCapiObject* obj);
+
+/* Enumerate object data for all objects */
+typedef void (*CkCapiEnumObjectData) (CkCapiSession* sess,
+ CkCapiObject* obj,
+ CkCapiObjectData* data,
+ void* arg);
+void ckcapi_session_enum_object_data (CkCapiSession* sess,
+ CkCapiEnumObjectData enum_func,
+ void* arg);
+
+void ckcapi_session_cleanup_all (void);
+
+#endif /* CKCAPI_SESSION_H */
diff --git a/ckcapi-token.c b/ckcapi-token.c
index a1db1ab..c0a6977 100644
--- a/ckcapi-token.c
+++ b/ckcapi-token.c
@@ -18,6 +18,8 @@
*/
#include "ckcapi.h"
+#include "ckcapi-object.h"
+#include "ckcapi-token.h"
static CkCapiArray* object_array = NULL;
static CkCapiHash* object_hash = NULL;
@@ -54,6 +56,7 @@ ckcapi_token_get_count(void)
return sizeof(slot_info) / sizeof(slot_info[0]);
}
+CK_SLOT_ID
ckcapi_token_get_slot_id(unsigned int offset)
{
ASSERT(offset < ckcapi_token_get_count());
diff --git a/ckcapi-token.h b/ckcapi-token.h
new file mode 100644
index 0000000..6927241
--- /dev/null
+++ b/ckcapi-token.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2007 Stef Walter
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#ifndef CKCAPI_TOKEN_H
+#define CKCAPI_TOKEN_H
+
+#include "ckcapi.h"
+
+#define CKCAPI_SLOT_CA 0x00000001
+#define CKCAPI_SLOT_TRUSTED 0x00000002
+
+/* Register a new object, a handle will be assigned to obj->id */
+CK_RV ckcapi_token_register_object (CK_SLOT_ID slot, CkCapiObject* obj);
+
+/* Lookup an object for a given object handle */
+CkCapiObject* ckcapi_token_lookup_object (CK_SLOT_ID slot, CK_OBJECT_HANDLE obj);
+
+/* Clear all objects for all tokens. Only done when finalizing */
+void ckcapi_token_cleanup_all (void);
+
+/* Get the number of the maximum object handle currently in memory */
+CK_OBJECT_HANDLE ckcapi_token_get_max_handle (void);
+
+unsigned int ckcapi_token_get_count (void);
+
+CK_SLOT_ID ckcapi_token_get_slot_id (unsigned int index);
+
+CK_BBOOL ckcapi_token_is_valid (CK_SLOT_ID slot);
+
+const char* ckcapi_token_get_display_name (CK_SLOT_ID slot);
+
+const char* ckcapi_token_get_store_name (CK_SLOT_ID slot);
+
+CK_ULONG ckcapi_token_get_flags (CK_SLOT_ID slot);
+
+#endif /* CKCAPI_TOKEN_H */
diff --git a/ckcapi-trust.c b/ckcapi-trust.c
index d783b73..2212d42 100644
--- a/ckcapi-trust.c
+++ b/ckcapi-trust.c
@@ -18,6 +18,11 @@
*/
#include "ckcapi.h"
+#include "ckcapi-cert.h"
+#include "ckcapi-object.h"
+#include "ckcapi-session.h"
+#include "ckcapi-token.h"
+#include "ckcapi-trust.h"
#include "x509-usages.h"
#include "pkcs11/pkcs11n.h"
diff --git a/ckcapi-trust.h b/ckcapi-trust.h
new file mode 100644
index 0000000..f8d8bcc
--- /dev/null
+++ b/ckcapi-trust.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2007 Stef Walter
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
+ */
+
+#ifndef CKCAPI_TRUST_H
+#define CKCAPI_TRUST_H
+
+#include "ckcapi.h"
+
+/* Find trust objects matching criteria */
+CK_RV ckcapi_trust_find (CkCapiSession* sess, CK_OBJECT_CLASS cls,
+ CK_ATTRIBUTE_PTR match, CK_ULONG count,
+ CkCapiArray* arr);
+
+#endif /* CRYPTOKI_TRUST_H */
diff --git a/ckcapi.c b/ckcapi.c
index 7f758cc..1b6654e 100644
--- a/ckcapi.c
+++ b/ckcapi.c
@@ -22,6 +22,9 @@
#include <stdio.h>
#include "ckcapi.h"
+#include "ckcapi-object.h"
+#include "ckcapi-session.h"
+#include "ckcapi-token.h"
/* Warns about all the raw string usage in this file */
#pragma warning (disable : 4996)
diff --git a/ckcapi.h b/ckcapi.h
index abb12b3..5283cc4 100644
--- a/ckcapi.h
+++ b/ckcapi.h
@@ -61,280 +61,6 @@ typedef struct _CkCapiObjectData CkCapiObjectData;
typedef struct _CkCapiSession CkCapiSession;
/* ------------------------------------------------------------------
- * ckcapi-token.c
- */
-
-/* Debug print something about an object */
-#define DBGO(obj, msg) \
- ckcapi_debug("O%d: %s", (obj) ? (obj)->id : 0, (msg))
-
-/* A function to load data for an object */
-typedef CK_RV (*CkCapiLoadData)(CkCapiSession* sess, struct _CkCapiObject* obj,
- CkCapiObjectData** objdata);
-
-/* A function to free some data */
-typedef void (*CkCapiRelease)(void* data);
-
-/* Object functions */
-typedef struct _CkCapiObjectVtable
-{
- CkCapiLoadData load_data;
- CkCapiRelease release;
-}
-CkCapiObjectVtable;
-
-/* Represents a object we've seen */
-struct _CkCapiObject
-{
- CK_OBJECT_HANDLE id;
- CK_SLOT_ID slot;
- CK_SESSION_HANDLE session;
- const CkCapiObjectVtable* obj_funcs;
- void* unique_key;
- size_t unique_len;
-};
-
-/* Register a new object, a handle will be assigned to obj->id */
-CK_RV ckcapi_token_register_object (CK_SLOT_ID slot, CkCapiObject* obj);
-
-/* Lookup an object for a given object handle */
-CkCapiObject* ckcapi_token_lookup_object (CK_SLOT_ID slot, CK_OBJECT_HANDLE obj);
-
-/* Clear all objects for all tokens. Only done when finalizing */
-void ckcapi_token_cleanup_all (void);
-
-/* Get the number of the maximum object handle currently in memory */
-CK_OBJECT_HANDLE ckcapi_token_get_max_handle (void);
-
-unsigned int ckcapi_token_get_count (void);
-
-CK_BBOOL ckcapi_token_is_valid (CK_SLOT_ID slot);
-
-const char* ckcapi_token_get_display_name (CK_SLOT_ID slot);
-
-const char* ckcapi_token_get_store_name (CK_SLOT_ID slot);
-
-#define CKCAPI_SLOT_CA 0x00000001
-#define CKCAPI_SLOT_TRUSTED 0x00000002
-
-CK_ULONG ckcapi_token_get_flags (CK_SLOT_ID slot);
-
-/* ------------------------------------------------------------------
- * ckcapi-object.c
- */
-
-/* A function to get an attribute from ObjectData */
-typedef CK_RV (*CkCapiGetAttribute)(CkCapiObjectData* objdata, CK_ATTRIBUTE_PTR attr);
-
-/* Object data functions */
-typedef struct _CkCapiObjectDataVtable
-{
- CkCapiGetAttribute get_bool;
- CkCapiGetAttribute get_ulong;
- CkCapiGetAttribute get_bytes;
- CkCapiGetAttribute get_date;
- CkCapiRelease release;
-}
-CkCapiObjectDataVtable;
-
-/*
- * Base class for object data. Different types of
- * objects extend this with more detailed data
- */
-struct _CkCapiObjectData
-{
- CK_OBJECT_HANDLE object;
- const CkCapiObjectDataVtable* data_funcs;
-};
-
-/* Match object data against all the given match attributes */
-CK_BBOOL ckcapi_object_data_match (CkCapiObjectData* objdata,
- CK_ATTRIBUTE_PTR matches, CK_ULONG count);
-
-/* Match a single attribute against object data */
-CK_BBOOL ckcapi_object_data_match_attr (CkCapiObjectData* objdata,
- CK_ATTRIBUTE_PTR match);
-
-/* Get a bunch of attributes from object data */
-CK_RV ckcapi_object_data_get_attrs (CkCapiObjectData* objdata, CK_ATTRIBUTE_PTR attrs,
- CK_ULONG count);
-
-/* Debug print something about an object data */
-#define DBGOD(objdata, msg) \
- ckcapi_debug("O%d: %s", (objdata) ? (objdata)->obj : 0, (msg))
-
-/*
- * Each object has a unique key which guarantees that we're
- * not loading the same objects over and over again.
- * Usually these are contiguous members of a struct. These
- * macros help calculate the address and length of such a
- * unique key
- */
-
-/* The unique key starts at the address of the starting struct member */
-#define UNIQUE_KEY_AT(obj, mem) \
- (void*)(&((obj->mem)))
-
-/* Calculates key length between first and last struct members */
-#define UNIQUE_KEY_LEN(obj, first, last) \
- UNIQUE_KEY_VAR_LEN(obj, first, last, sizeof(obj->last))
-
-/* Calcs key len between first and a certain num of bytes past last struct member */
-#define UNIQUE_KEY_VAR_LEN(obj, first, last, len) \
- ((((char*)&((obj->last))) - ((char*)&((obj->first)))) + (len))
-
-/* Used internally to have a unique id for different object types */
-enum
-{
- OBJECT_CERT = 1,
- OBJECT_BUILTIN = 2,
- OBJECT_TRUST = 3
-};
-
-/* ------------------------------------------------------------------
- * cryptoki-capi-session.c
- */
-
-/* For operation_type in CkCapiSession */
-enum
-{
- OPERATION_NONE = 0,
- OPERATION_FIND = 1,
-};
-
-/* Callback to cancel a current operation */
-typedef void (*CkCapiSessionCancel) (struct _CkCapiSession* sess);
-
-/* Represents an open session */
-typedef struct _CkCapiSession
-{
- CK_SESSION_HANDLE id; /* Unique ID for this session */
- CK_SLOT_ID slot;
- int in_call; /* Whether this session is use in PKCS#11 function */
-
- HCERTSTORE store; /* Handle to an open certificate store */
-
- int operation_type; /* Whether an operation is happening or not */
- void* operation_data; /* Data for this operation */
- CkCapiSessionCancel operation_cancel; /* Callback to cancel operation when necessary */
-
- CkCapiHash* object_data;
-
- CK_NOTIFY notify_callback; /* Application specified callback */
- CK_VOID_PTR user_data; /* Argument for above */
-
- int refs; /* Reference count */
- HANDLE mutex; /* Mutex for protecting this structure */
-}
-CkCapiSession;
-
-/* Debug print something related to a session */
-#define DBGS(sess, msg) \
- ckcapi_debug("S%d: %s", (sess) ? (sess)->id : 0, (msg))
-
-/* Create a session */
-CK_RV ckcapi_session_create (CK_SLOT_ID slot, CkCapiSession** ret);
-
-/* Destroy a session */
-void ckcapi_session_destroy (CkCapiSession* sess);
-
-/* Register a new session */
-CK_RV ckcapi_session_register (CkCapiSession* sess);
-
-/* Get a session from a handle, and lock it */
-CK_RV ckcapi_session_get_lock_ref (CK_ULONG id, int remove,
- CkCapiSession **sess);
-
-/* Unlock and unreference a session */
-void ckcapi_session_unref_unlock (CkCapiSession* sess);
-
-/* Close all sessions on a certain slot/token */
-CK_RV ckcapi_session_close_all (CK_SLOT_ID slot);
-
-
-
-/* Start a find operation on a session */
-CK_RV ckcapi_session_find_init (CkCapiSession* sess,
- CK_ATTRIBUTE_PTR templ,
- CK_ULONG count);
-
-/* Return results from a find operation */
-CK_RV ckcapi_session_find (CkCapiSession* sess,
- CK_OBJECT_HANDLE_PTR objects,
- CK_ULONG max_object_count,
- CK_ULONG_PTR object_count);
-
-/* End a find operation */
-CK_RV ckcapi_session_find_final (CkCapiSession* sess);
-
-
-
-
-/* Get object data for an object */
-CK_RV ckcapi_session_get_object_data (CkCapiSession* sess,
- CkCapiObject* obj,
- CkCapiObjectData** objdata);
-
-/* Get object data for an object handle */
-CK_RV ckcapi_session_get_object_data_for (CkCapiSession* sess,
- CK_OBJECT_HANDLE hand,
- CkCapiObjectData** objdata);
-
-/* Set object data for an object */
-void ckcapi_session_take_object_data (CkCapiSession* sess,
- CkCapiObject* obj,
- CkCapiObjectData* objdata);
-
-/* Clear object data for an object */
-void ckcapi_session_clear_object_data (CkCapiSession* sess,
- CkCapiObject* obj);
-
-/* Enumerate object data for all objects */
-typedef void (*CkCapiEnumObjectData) (CkCapiSession* sess,
- CkCapiObject* obj,
- CkCapiObjectData* data,
- void* arg);
-void ckcapi_session_enum_object_data (CkCapiSession* sess,
- CkCapiEnumObjectData enum_func,
- void* arg);
-
-void ckcapi_session_cleanup_all (void);
-
-/* -------------------------------------------------------------------
- * ckcapi-cert.c
- */
-
-/* Find certificates matching criteria */
-CK_RV ckcapi_cert_find (CkCapiSession* sess, CK_OBJECT_CLASS cls,
- CK_ATTRIBUTE_PTR match, CK_ULONG count,
- CkCapiArray* arr);
-
-
-/* Called by trust stuff */
-CK_RV ckcapi_cert_certificate_get_bytes (PCCERT_CONTEXT cert,
- CK_ATTRIBUTE_PTR attr);
-PCCERT_CONTEXT ckcapi_cert_object_data_get_certificate (CkCapiObjectData* objdata);
-
-
-/* -------------------------------------------------------------------
- * ckcapi-builtin.c
- */
-
-/* Find builtin objects matching criteria */
-CK_RV ckcapi_builtin_find (CkCapiSession* sess, CK_OBJECT_CLASS cls,
- CK_ATTRIBUTE_PTR match, CK_ULONG count,
- CkCapiArray* arr);
-
-/* -------------------------------------------------------------------
- * ckcapi-trust.c
- */
-
-/* Find trust objects matching criteria */
-CK_RV ckcapi_trust_find (CkCapiSession* sess, CK_OBJECT_CLASS cls,
- CK_ATTRIBUTE_PTR match, CK_ULONG count,
- CkCapiArray* arr);
-
-/* ------------------------------------------------------------------
* cryptoki-capi.c
*
* Module helper and logging functions.
diff --git a/ckcapi.vcproj b/ckcapi.vcproj
index 0dd6a40..c2a77bb 100644
--- a/ckcapi.vcproj
+++ b/ckcapi.vcproj
@@ -377,6 +377,26 @@
Filter="h;hpp;hxx;hm;inl"
>
<File
+ RelativePath=".\ckcapi-cert.h"
+ >
+ </File>
+ <File
+ RelativePath=".\ckcapi-object.h"
+ >
+ </File>
+ <File
+ RelativePath=".\ckcapi-session.h"
+ >
+ </File>
+ <File
+ RelativePath=".\ckcapi-token.h"
+ >
+ </File>
+ <File
+ RelativePath=".\ckcapi-trust.h"
+ >
+ </File>
+ <File
RelativePath="ckcapi-util.h"
>
</File>
@@ -385,6 +405,10 @@
>
</File>
<File
+ RelativePath=".\pkcs11\ckcapi.h"
+ >
+ </File>
+ <File
RelativePath="pkcs11\pkcs11.h"
>
</File>