1 | /* $Id: store-internal.h 84329 2020-05-18 13:35:33Z vboxsync $ */
|
---|
2 | /** @file
|
---|
3 | * IPRT - Cryptographic Store, Internal Header.
|
---|
4 | */
|
---|
5 |
|
---|
6 | /*
|
---|
7 | * Copyright (C) 2006-2020 Oracle Corporation
|
---|
8 | *
|
---|
9 | * This file is part of VirtualBox Open Source Edition (OSE), as
|
---|
10 | * available from http://www.virtualbox.org. This file is free software;
|
---|
11 | * you can redistribute it and/or modify it under the terms of the GNU
|
---|
12 | * General Public License (GPL) as published by the Free Software
|
---|
13 | * Foundation, in version 2 as it comes in the "COPYING" file of the
|
---|
14 | * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
|
---|
15 | * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
|
---|
16 | *
|
---|
17 | * The contents of this file may alternatively be used under the terms
|
---|
18 | * of the Common Development and Distribution License Version 1.0
|
---|
19 | * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
|
---|
20 | * VirtualBox OSE distribution, in which case the provisions of the
|
---|
21 | * CDDL are applicable instead of those of the GPL.
|
---|
22 | *
|
---|
23 | * You may elect to license modified versions of this file under the
|
---|
24 | * terms and conditions of either the GPL or the CDDL or both.
|
---|
25 | */
|
---|
26 |
|
---|
27 | #ifndef IPRT_INCLUDED_SRC_common_crypto_store_internal_h
|
---|
28 | #define IPRT_INCLUDED_SRC_common_crypto_store_internal_h
|
---|
29 | #ifndef RT_WITHOUT_PRAGMA_ONCE
|
---|
30 | # pragma once
|
---|
31 | #endif
|
---|
32 |
|
---|
33 |
|
---|
34 | /**
|
---|
35 | * Internal certificate context.
|
---|
36 | *
|
---|
37 | * In addition to the externally visible structure (RTCRCERTCTX) this has the
|
---|
38 | * reference counter and store reference. (This structure may again be part of
|
---|
39 | * a larger structure internal to the store, depending on the source store.)
|
---|
40 | */
|
---|
41 | typedef struct RTCRCERTCTXINT
|
---|
42 | {
|
---|
43 | /** Magic number (RTCRCERTCTXINT_MAGIC). */
|
---|
44 | uint32_t u32Magic;
|
---|
45 | /** Reference counter. */
|
---|
46 | uint32_t volatile cRefs;
|
---|
47 | /**
|
---|
48 | * Destructor that gets called with cRefs reaches zero.
|
---|
49 | * @param pCertCtx The internal certificate context.
|
---|
50 | */
|
---|
51 | DECLCALLBACKMEMBER(void, pfnDtor)(struct RTCRCERTCTXINT *pCertCtx);
|
---|
52 | /** The public store context. */
|
---|
53 | RTCRCERTCTX Public;
|
---|
54 | } RTCRCERTCTXINT;
|
---|
55 | /** Pointer to an internal certificate context. */
|
---|
56 | typedef RTCRCERTCTXINT *PRTCRCERTCTXINT;
|
---|
57 |
|
---|
58 | /** Magic value for RTCRCERTCTXINT::u32Magic (Alan Mathison Turing). */
|
---|
59 | #define RTCRCERTCTXINT_MAGIC UINT32_C(0x19120623)
|
---|
60 | /** Dead magic value for RTCRCERTCTXINT::u32Magic. */
|
---|
61 | #define RTCRCERTCTXINT_MAGIC_DEAD UINT32_C(0x19540607)
|
---|
62 |
|
---|
63 |
|
---|
64 | /**
|
---|
65 | * IPRT Cryptographic Store Provider.
|
---|
66 | *
|
---|
67 | * @remarks This is a very incomplete sketch.
|
---|
68 | */
|
---|
69 | typedef struct RTCRSTOREPROVIDER
|
---|
70 | {
|
---|
71 | /** The provider name. */
|
---|
72 | const char *pszName;
|
---|
73 |
|
---|
74 | /**
|
---|
75 | * Called to destroy an open store.
|
---|
76 | *
|
---|
77 | * @param pvProvider The provider specific data.
|
---|
78 | */
|
---|
79 | DECLCALLBACKMEMBER(void, pfnDestroyStore)(void *pvProvider);
|
---|
80 |
|
---|
81 | /**
|
---|
82 | * Queries the private key.
|
---|
83 | *
|
---|
84 | * @returns IPRT status code.
|
---|
85 | * @retval VERR_NOT_FOUND if not private key.
|
---|
86 | * @retval VERR_ACCESS_DENIED if the private key isn't allowed to leave the
|
---|
87 | * store. One would then have to use the pfnCertCtxSign method.
|
---|
88 | *
|
---|
89 | * @param pvProvider The provider specific data.
|
---|
90 | * @param pCertCtx The internal certificate context.
|
---|
91 | * @param pbKey Where to return the key bytes.
|
---|
92 | * @param cbKey The size of the buffer @a pbKey points to.
|
---|
93 | * @param pcbKeyRet Where to return the size of the returned key.
|
---|
94 | */
|
---|
95 | DECLCALLBACKMEMBER(int, pfnCertCtxQueryPrivateKey)(void *pvProvider, PRTCRCERTCTXINT pCertCtx,
|
---|
96 | uint8_t *pbKey, size_t cbKey, size_t *pcbKeyRet);
|
---|
97 |
|
---|
98 | /**
|
---|
99 | * Open an enumeration of all certificates.
|
---|
100 | *
|
---|
101 | * @returns IPRT status code
|
---|
102 | * @param pvProvider The provider specific data.
|
---|
103 | * @param pSearch Pointer to opaque search state structure. The
|
---|
104 | * provider should initalize this on success.
|
---|
105 | */
|
---|
106 | DECLCALLBACKMEMBER(int, pfnCertFindAll)(void *pvProvider, PRTCRSTORECERTSEARCH pSearch);
|
---|
107 |
|
---|
108 | /**
|
---|
109 | * Get the next certificate.
|
---|
110 | *
|
---|
111 | * @returns Reference to the next certificate context (must be released by
|
---|
112 | * caller). NULL if no more certificates in the search result.
|
---|
113 | * @param pvProvider The provider specific data.
|
---|
114 | * @param pSearch Pointer to opaque search state structure.
|
---|
115 | */
|
---|
116 | DECLCALLBACKMEMBER(PCRTCRCERTCTX, pfnCertSearchNext)(void *pvProvider, PRTCRSTORECERTSEARCH pSearch);
|
---|
117 |
|
---|
118 | /**
|
---|
119 | * Closes a certficate search state.
|
---|
120 | *
|
---|
121 | * @param pvProvider The provider specific data.
|
---|
122 | * @param pSearch Pointer to opaque search state structure to destroy.
|
---|
123 | */
|
---|
124 | DECLCALLBACKMEMBER(void, pfnCertSearchDestroy)(void *pvProvider, PRTCRSTORECERTSEARCH pSearch);
|
---|
125 |
|
---|
126 | /**
|
---|
127 | * Adds a certificate to the store.
|
---|
128 | *
|
---|
129 | * @returns IPRT status code.
|
---|
130 | * @retval VWRN_ALREADY_EXISTS if the certificate is already present and
|
---|
131 | * RTCRCERTCTX_F_ADD_IF_NOT_FOUND was specified.
|
---|
132 | * @param pvProvider The provider specific data.
|
---|
133 | * @param fFlags RTCRCERTCTX_F_XXX.
|
---|
134 | * @param pbEncoded The encoded certificate bytes.
|
---|
135 | * @param cbEncoded The size of the encoded certificate.
|
---|
136 | * @param pErrInfo Where to store extended error info. Optional.
|
---|
137 | */
|
---|
138 | DECLCALLBACKMEMBER(int, pfnCertAddEncoded)(void *pvProvider, uint32_t fFlags, uint8_t const *pbEncoded, uint32_t cbEncoded,
|
---|
139 | PRTERRINFO pErrInfo);
|
---|
140 |
|
---|
141 |
|
---|
142 | /* Optional: */
|
---|
143 |
|
---|
144 | /**
|
---|
145 | * Find all certficates matching a given issuer and serial number.
|
---|
146 | *
|
---|
147 | * (Usually only one result.)
|
---|
148 | *
|
---|
149 | * @returns IPRT status code
|
---|
150 | * @param pvProvider The provider specific data.
|
---|
151 | * @param phSearch Pointer to a provider specific search handle.
|
---|
152 | */
|
---|
153 | DECLCALLBACKMEMBER(int, pfnCertFindByIssuerAndSerialNo)(void *pvProvider, PCRTCRX509NAME pIssuer, PCRTASN1INTEGER pSerialNo,
|
---|
154 | PRTCRSTORECERTSEARCH phSearch);
|
---|
155 | /** Non-zero end marker. */
|
---|
156 | uintptr_t uEndMarker;
|
---|
157 | } RTCRSTOREPROVIDER;
|
---|
158 |
|
---|
159 | /** Pointer to a store provider call table. */
|
---|
160 | typedef RTCRSTOREPROVIDER const *PCRTCRSTOREPROVIDER;
|
---|
161 |
|
---|
162 |
|
---|
163 | DECLHIDDEN(int) rtCrStoreCreate(PCRTCRSTOREPROVIDER pProvider, void *pvProvider, PRTCRSTORE phStore);
|
---|
164 | DECLHIDDEN(PCRTCRSTOREPROVIDER) rtCrStoreGetProvider(RTCRSTORE hStore, void **ppvProvider);
|
---|
165 |
|
---|
166 | #endif /* !IPRT_INCLUDED_SRC_common_crypto_store_internal_h */
|
---|
167 |
|
---|