The Tor Browser: security/nss/lib/jar/jar.h@b8a032363ba2 (annotated)

security/nss/lib/jar/jar.h@b8a032363ba2 (annotated)

security/nss/lib/jar/jar.h

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #ifndef __JAR_h_
 #define __JAR_h_
 /*
  *  In general, any functions that return pointers
  *  have memory owned by the caller.
  *
  */
 /* security includes */
 #include "cert.h"
 #include "hasht.h"
 /* nspr 2.0 includes */
 #include "prio.h"
 #define ZHUGEP
 #include <stdio.h>
 /* various types */
 typedef enum {
     jarTypeMF = 2,
     jarTypeSF = 3,
     jarTypeMeta = 6,
     jarTypePhy = 7,
     jarTypeSign = 10,
     jarTypeSect = 11,
     jarTypeOwner = 13
 } jarType;
 /* void data in ZZList's contain JAR_Item type */
 typedef struct JAR_Item_ {
     char *pathname;	   /* relative. inside zip file */
     jarType type;	   /* various types */
     size_t size;	   /* size of data below */
     void *data; 	   /* totally opaque */
 } JAR_Item;
 /* hashes */
 typedef enum {
     jarHashNone = 0,
     jarHashBad = 1,
     jarHashPresent = 2
 } jarHash;
 typedef struct JAR_Digest_ {
     jarHash md5_status;
     unsigned char md5 [MD5_LENGTH];
     jarHash sha1_status;
     unsigned char sha1 [SHA1_LENGTH];
 } JAR_Digest;
 /* physical archive formats */
 typedef enum {
     jarArchGuess = 0,
     jarArchNone = 1,
     jarArchZip = 2,
     jarArchTar = 3
 } jarArch;
 #include "jar-ds.h"
 struct JAR_;
 typedef int jar_settable_callback_fn(int status, struct JAR_ *jar,
                                      const char *metafile, char *pathname,
 				     char *errortext);
 /* jar object */
 typedef struct JAR_ {
     jarArch format;	  /* physical archive format */
     char *url;		  /* Where it came from */
     char *filename;	  /* Disk location */
     FILE *fp;		  /* For multiple extractions */
     /* JAR_FILE */
     /* various linked lists */
     ZZList *manifest;	  /* Digests of MF sections */
     ZZList *hashes;	  /* Digests of actual signed files */
     ZZList *phy;	  /* Physical layout of JAR file */
     ZZList *metainfo;	  /* Global metainfo */
     JAR_Digest *globalmeta;  /* digest of .MF global portion */
     /* Below will change to a linked list to support multiple sigs */
     int pkcs7;		  /* Enforced opaqueness */
     int valid;		  /* PKCS7 signature validated */
     ZZList *signers;	  /* the above, per signer */
     /* Window context, very necessary for PKCS11 now */
     void *mw;		  /* MWContext window context */
     /* Signal callback function */
     jar_settable_callback_fn *signal;
 } JAR;
 /*
  *  Iterator
  *
  *  Context for iterative operations. Certain operations
  *  require iterating multiple linked lists because of
  *  multiple signers. "nextsign" is used for this purpose.
  *
  */
 typedef struct JAR_Context_ {
     JAR *jar;		  /* Jar we are searching */
     char *pattern;	  /* Regular expression */
     jarType finding;	  /* Type of item to find */
     ZZLink *next;	  /* Next item in find */
     ZZLink *nextsign;	  /* Next signer, sometimes */
 } JAR_Context;
 typedef struct JAR_Signer_ {
     int pkcs7;		  /* Enforced opaqueness */
     int valid;		  /* PKCS7 signature validated */
     char *owner;	  /* name of .RSA file */
     JAR_Digest *digest;   /* of .SF file */
     ZZList *sf; 	  /* Linked list of .SF file contents */
     ZZList *certs;	  /* Signing information */
 } JAR_Signer;
 /* Meta informaton, or "policy", from the manifest file.
    Right now just one tuple per JAR_Item. */
 typedef struct JAR_Metainfo_ {
     char *header;
     char *info;
 } JAR_Metainfo;
 /* This should not be global */
 typedef struct JAR_Physical_ {
     unsigned char compression;
     unsigned long offset;
     unsigned long length;
     unsigned long uncompressed_length;
 #if defined(XP_UNIX) || defined(XP_BEOS)
     PRUint16 mode;
 #endif
 } JAR_Physical;
 typedef struct JAR_Cert_ {
     size_t length;
     void *key;
     CERTCertificate *cert;
 } JAR_Cert;
 /* certificate stuff */
 typedef enum {
     jarCertCompany = 1,
     jarCertCA = 2,
     jarCertSerial = 3,
     jarCertExpires = 4,
     jarCertNickname = 5,
     jarCertFinger = 6,
     jarCertJavaHack = 100
 } jarCert;
 /* callback types */
 #define JAR_CB_SIGNAL	1
 /*
  *  This is the base for the JAR error codes. It will
  *  change when these are incorporated into allxpstr.c,
  *  but right now they won't let me put them there.
  *
  */
 #ifndef SEC_ERR_BASE
 #define SEC_ERR_BASE	    (-0x2000)
 #endif
 #define JAR_BASE	SEC_ERR_BASE + 300
 /* Jar specific error definitions */
 #define JAR_ERR_GENERAL 	(JAR_BASE + 1)
 #define JAR_ERR_FNF		(JAR_BASE + 2)
 #define JAR_ERR_CORRUPT     	(JAR_BASE + 3)
 #define JAR_ERR_MEMORY	    	(JAR_BASE + 4)
 #define JAR_ERR_DISK	    	(JAR_BASE + 5)
 #define JAR_ERR_ORDER		(JAR_BASE + 6)
 #define JAR_ERR_SIG		(JAR_BASE + 7)
 #define JAR_ERR_METADATA	(JAR_BASE + 8)
 #define JAR_ERR_ENTRY	    	(JAR_BASE + 9)
 #define JAR_ERR_HASH	    	(JAR_BASE + 10)
 #define JAR_ERR_PK7		(JAR_BASE + 11)
 #define JAR_ERR_PNF		(JAR_BASE + 12)
 /* Function declarations */
 extern JAR *JAR_new (void);
 extern void PR_CALLBACK JAR_destroy (JAR *jar);
 extern char *JAR_get_error (int status);
 extern int JAR_set_callback(int type, JAR *jar, jar_settable_callback_fn *fn);
 extern void
 JAR_init_callbacks(char *(*string_cb)(int),
                    void *(*find_cx)(void),
 		   void *(*init_cx)(void) );
 /*
  *  JAR_set_context
  *
  *  PKCS11 may require a password to be entered by the user
  *  before any crypto routines may be called. This will require
  *  a window context if used from inside Mozilla.
  *
  *  Call this routine with your context before calling
  *  verifying or signing. If you have no context, call with NULL
  *  and one will be chosen for you.
  *
  */
 int JAR_set_context (JAR *jar, void /*MWContext*/ *mw);
 /*
  *  Iterative operations
  *
  *  JAR_find sets up for repeated calls with JAR_find_next.
  *  I never liked findfirst and findnext, this is nicer.
  *
  *  Pattern contains a relative pathname to match inside the
  *  archive. It is currently assumed to be "*".
  *
  *  To use:
  *
  *     JAR_Item *item;
  *     JAR_find (jar, "*.class", jarTypeMF);
  *     while (JAR_find_next (jar, &item) >= 0)
  *	 { do stuff }
  *
  */
 /* Replacement functions with an external context */
 extern JAR_Context *JAR_find (JAR *jar, char *pattern, jarType type);
 extern int JAR_find_next (JAR_Context *ctx, JAR_Item **it);
 extern void JAR_find_end (JAR_Context *ctx);
 /*
  *  Function to parse manifest file:
  *
  *  Many signatures may be attached to a single filename located
  *  inside the zip file. We only support one.
  *
  *  Several manifests may be included in the zip file.
  *
  *  You must pass the MANIFEST.MF file before any .SF files.
  *
  *  Right now this returns a big ole list, privately in the jar structure.
  *  If you need to traverse it, use JAR_find if possible.
  *
  *  The path is needed to determine what type of binary signature is
  *  being passed, though it is technically not needed for manifest files.
  *
  *  When parsing an ASCII file, null terminate the ASCII raw_manifest
  *  prior to sending it, and indicate a length of 0. For binary digital
  *  signatures only, indicate the true length of the signature.
  *  (This is legacy behavior.)
  *
  *  You may free the manifest after parsing it.
  *
  */
 extern int
 JAR_parse_manifest(JAR *jar, char *raw_manifest, long length, const char *path,
                    const char *url);
 /*
  *  Verify data (nonstreaming). The signature is actually
  *  checked by JAR_parse_manifest or JAR_pass_archive.
  *
  */
 extern JAR_Digest * PR_CALLBACK
 JAR_calculate_digest(void *data, long length);
 extern int PR_CALLBACK
 JAR_verify_digest(JAR *jar, const char *name, JAR_Digest *dig);
 extern int
 JAR_digest_file(char *filename, JAR_Digest *dig);
 /*
  *  Meta information
  *
  *  Currently, since this call does not support passing of an owner
  *  (certificate, or physical name of the .sf file), it is restricted to
  *  returning information located in the manifest.mf file.
  *
  *  Meta information is a name/value pair inside the archive file. Here,
  *  the name is passed in *header and value returned in **info.
  *
  *  Pass a NULL as the name to retrieve metainfo from the global section.
  *
  *  Data is returned in **info, of size *length. The return value
  *  will indicate if no data was found.
  *
  */
 extern int
 JAR_get_metainfo(JAR *jar, char *name, char *header, void **info,
                  unsigned long *length);
 extern char *JAR_get_filename (JAR *jar);
 extern char *JAR_get_url (JAR *jar);
 /* save the certificate with this fingerprint in persistent
    storage, somewhere, for retrieval in a future session when there
    is no corresponding JAR structure. */
 extern int PR_CALLBACK
 JAR_stash_cert(JAR *jar, long keylen, void *key);
 /* retrieve a certificate presumably stashed with the above
    function, but may be any certificate. Type is &CERTCertificate */
 CERTCertificate *
 JAR_fetch_cert(long length, void *key);
 /*
  *  New functions to handle archives alone
  *    (call JAR_new beforehand)
  *
  *  JAR_pass_archive acts much like parse_manifest. Certificates
  *  are returned in the JAR structure but as opaque data. When calling
  *  JAR_verified_extract you still need to decide which of these
  *  certificates to honor.
  *
  *  Code to examine a JAR structure is in jarbert.c. You can obtain both
  *  a list of filenames and certificates from traversing the linked list.
  *
  */
 extern int
 JAR_pass_archive(JAR *jar, jarArch format, char *filename, const char *url);
 /*
  * Same thing, but don't check signatures
  */
 extern int
 JAR_pass_archive_unverified(JAR *jar, jarArch format, char *filename,
                             const char *url);
 /*
  *  Extracts a relative pathname from the archive and places it
  *  in the filename specified.
  *
  *  Call JAR_set_nailed if you want to keep the file descriptors
  *  open between multiple calls to JAR_verify_extract.
  *
  */
 extern int
 JAR_verified_extract(JAR *jar, char *path, char *outpath);
 /*
  *  JAR_extract does no crypto checking. This can be used if you
  *  need to extract a manifest file or signature, etc.
  *
  */
 extern int
 JAR_extract(JAR *jar, char *path, char *outpath);
 #endif /* __JAR_h_ */

The Tor Browser / annotate

security/nss/lib/jar/jar.h@b8a032363ba2 (annotated)

security/nss/lib/jar/jar.h