The Tor Browser: comparison security/nss/lib/jar/jar.h

--1:000000000000
+:d70fb2f49171
+/* This Source Code Form is subject to the terms of the Mozilla Public
+* License, v. 2.0. If a copy of the MPL was not distributed with this
+* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#ifndef __JAR_h_
+#define __JAR_h_
+/*
+*  In general, any functions that return pointers
+*  have memory owned by the caller.
+*
+*/
+/* security includes */
+#include "cert.h"
+#include "hasht.h"
+/* nspr 2.0 includes */
+#include "prio.h"
+#define ZHUGEP
+#include <stdio.h>
+/* various types */
+typedef enum {
+jarTypeMF = 2,
+jarTypeSF = 3,
+jarTypeMeta = 6,
+jarTypePhy = 7,
+jarTypeSign = 10,
+jarTypeSect = 11,
+jarTypeOwner = 13
+} jarType;
+/* void data in ZZList's contain JAR_Item type */
+typedef struct JAR_Item_ {
+char *pathname;	   /* relative. inside zip file */
+jarType type;	   /* various types */
+size_t size;	   /* size of data below */
+void *data; 	   /* totally opaque */
+} JAR_Item;
+/* hashes */
+typedef enum {
+jarHashNone = 0,
+jarHashBad = 1,
+jarHashPresent = 2
+} jarHash;
+typedef struct JAR_Digest_ {
+jarHash md5_status;
+unsigned char md5 [MD5_LENGTH];
+jarHash sha1_status;
+unsigned char sha1 [SHA1_LENGTH];
+} JAR_Digest;
+/* physical archive formats */
+typedef enum {
+jarArchGuess = 0,
+jarArchNone = 1,
+jarArchZip = 2,
+jarArchTar = 3
+} jarArch;
+#include "jar-ds.h"
+struct JAR_;
+typedef int jar_settable_callback_fn(int status, struct JAR_ *jar,
+const char *metafile, char *pathname,
+				     char *errortext);
+/* jar object */
+typedef struct JAR_ {
+jarArch format;	  /* physical archive format */
+char *url;		  /* Where it came from */
+char *filename;	  /* Disk location */
+FILE *fp;		  /* For multiple extractions */
+/* JAR_FILE */
+/* various linked lists */
+ZZList *manifest;	  /* Digests of MF sections */
+ZZList *hashes;	  /* Digests of actual signed files */
+ZZList *phy;	  /* Physical layout of JAR file */
+ZZList *metainfo;	  /* Global metainfo */
+JAR_Digest *globalmeta;  /* digest of .MF global portion */
+/* Below will change to a linked list to support multiple sigs */
+int pkcs7;		  /* Enforced opaqueness */
+int valid;		  /* PKCS7 signature validated */
+ZZList *signers;	  /* the above, per signer */
+/* Window context, very necessary for PKCS11 now */
+void *mw;		  /* MWContext window context */
+/* Signal callback function */
+jar_settable_callback_fn *signal;
+} JAR;
+/*
+*  Iterator
+*
+*  Context for iterative operations. Certain operations
+*  require iterating multiple linked lists because of
+*  multiple signers. "nextsign" is used for this purpose.
+*
+*/
+typedef struct JAR_Context_ {
+JAR *jar;		  /* Jar we are searching */
+char *pattern;	  /* Regular expression */
+jarType finding;	  /* Type of item to find */
+ZZLink *next;	  /* Next item in find */
+ZZLink *nextsign;	  /* Next signer, sometimes */
+} JAR_Context;
+typedef struct JAR_Signer_ {
+int pkcs7;		  /* Enforced opaqueness */
+int valid;		  /* PKCS7 signature validated */
+char *owner;	  /* name of .RSA file */
+JAR_Digest *digest;   /* of .SF file */
+ZZList *sf; 	  /* Linked list of .SF file contents */
+ZZList *certs;	  /* Signing information */
+} JAR_Signer;
+/* Meta informaton, or "policy", from the manifest file.
+Right now just one tuple per JAR_Item. */
+typedef struct JAR_Metainfo_ {
+char *header;
+char *info;
+} JAR_Metainfo;
+/* This should not be global */
+typedef struct JAR_Physical_ {
+unsigned char compression;
+unsigned long offset;
+unsigned long length;
+unsigned long uncompressed_length;
+#if defined(XP_UNIX) || defined(XP_BEOS)
+PRUint16 mode;
+#endif
+} JAR_Physical;
+typedef struct JAR_Cert_ {
+size_t length;
+void *key;
+CERTCertificate *cert;
+} JAR_Cert;
+/* certificate stuff */
+typedef enum {
+jarCertCompany = 1,
+jarCertCA = 2,
+jarCertSerial = 3,
+jarCertExpires = 4,
+jarCertNickname = 5,
+jarCertFinger = 6,
+jarCertJavaHack = 100
+} jarCert;
+/* callback types */
+#define JAR_CB_SIGNAL	1
+/*
+*  This is the base for the JAR error codes. It will
+*  change when these are incorporated into allxpstr.c,
+*  but right now they won't let me put them there.
+*
+*/
+#ifndef SEC_ERR_BASE
+#define SEC_ERR_BASE	    (-0x2000)
+#endif
+#define JAR_BASE	SEC_ERR_BASE + 300
+/* Jar specific error definitions */
+#define JAR_ERR_GENERAL 	(JAR_BASE + 1)
+#define JAR_ERR_FNF		(JAR_BASE + 2)
+#define JAR_ERR_CORRUPT     	(JAR_BASE + 3)
+#define JAR_ERR_MEMORY	    	(JAR_BASE + 4)
+#define JAR_ERR_DISK	    	(JAR_BASE + 5)
+#define JAR_ERR_ORDER		(JAR_BASE + 6)
+#define JAR_ERR_SIG		(JAR_BASE + 7)
+#define JAR_ERR_METADATA	(JAR_BASE + 8)
+#define JAR_ERR_ENTRY	    	(JAR_BASE + 9)
+#define JAR_ERR_HASH	    	(JAR_BASE + 10)
+#define JAR_ERR_PK7		(JAR_BASE + 11)
+#define JAR_ERR_PNF		(JAR_BASE + 12)
+/* Function declarations */
+extern JAR *JAR_new (void);
+extern void PR_CALLBACK JAR_destroy (JAR *jar);
+extern char *JAR_get_error (int status);
+extern int JAR_set_callback(int type, JAR *jar, jar_settable_callback_fn *fn);
+extern void
+JAR_init_callbacks(char *(*string_cb)(int),
+void *(*find_cx)(void),
+		   void *(*init_cx)(void) );
+/*
+*  JAR_set_context
+*
+*  PKCS11 may require a password to be entered by the user
+*  before any crypto routines may be called. This will require
+*  a window context if used from inside Mozilla.
+*
+*  Call this routine with your context before calling
+*  verifying or signing. If you have no context, call with NULL
+*  and one will be chosen for you.
+*
+*/
+int JAR_set_context (JAR *jar, void /*MWContext*/ *mw);
+/*
+*  Iterative operations
+*
+*  JAR_find sets up for repeated calls with JAR_find_next.
+*  I never liked findfirst and findnext, this is nicer.
+*
+*  Pattern contains a relative pathname to match inside the
+*  archive. It is currently assumed to be "*".
+*
+*  To use:
+*
+*     JAR_Item *item;
+*     JAR_find (jar, "*.class", jarTypeMF);
+*     while (JAR_find_next (jar, &item) >= 0)
+*	 { do stuff }
+*
+*/
+/* Replacement functions with an external context */
+extern JAR_Context *JAR_find (JAR *jar, char *pattern, jarType type);
+extern int JAR_find_next (JAR_Context *ctx, JAR_Item **it);
+extern void JAR_find_end (JAR_Context *ctx);
+/*
+*  Function to parse manifest file:
+*
+*  Many signatures may be attached to a single filename located
+*  inside the zip file. We only support one.
+*
+*  Several manifests may be included in the zip file.
+*
+*  You must pass the MANIFEST.MF file before any .SF files.
+*
+*  Right now this returns a big ole list, privately in the jar structure.
+*  If you need to traverse it, use JAR_find if possible.
+*
+*  The path is needed to determine what type of binary signature is
+*  being passed, though it is technically not needed for manifest files.
+*
+*  When parsing an ASCII file, null terminate the ASCII raw_manifest
+*  prior to sending it, and indicate a length of 0. For binary digital
+*  signatures only, indicate the true length of the signature.
+*  (This is legacy behavior.)
+*
+*  You may free the manifest after parsing it.
+*
+*/
+extern int
+JAR_parse_manifest(JAR *jar, char *raw_manifest, long length, const char *path,
+const char *url);
+/*
+*  Verify data (nonstreaming). The signature is actually
+*  checked by JAR_parse_manifest or JAR_pass_archive.
+*
+*/
+extern JAR_Digest * PR_CALLBACK
+JAR_calculate_digest(void *data, long length);
+extern int PR_CALLBACK
+JAR_verify_digest(JAR *jar, const char *name, JAR_Digest *dig);
+extern int
+JAR_digest_file(char *filename, JAR_Digest *dig);
+/*
+*  Meta information
+*
+*  Currently, since this call does not support passing of an owner
+*  (certificate, or physical name of the .sf file), it is restricted to
+*  returning information located in the manifest.mf file.
+*
+*  Meta information is a name/value pair inside the archive file. Here,
+*  the name is passed in *header and value returned in **info.
+*
+*  Pass a NULL as the name to retrieve metainfo from the global section.
+*
+*  Data is returned in **info, of size *length. The return value
+*  will indicate if no data was found.
+*
+*/
+extern int
+JAR_get_metainfo(JAR *jar, char *name, char *header, void **info,
+unsigned long *length);
+extern char *JAR_get_filename (JAR *jar);
+extern char *JAR_get_url (JAR *jar);
+/* save the certificate with this fingerprint in persistent
+storage, somewhere, for retrieval in a future session when there
+is no corresponding JAR structure. */
+extern int PR_CALLBACK
+JAR_stash_cert(JAR *jar, long keylen, void *key);
+/* retrieve a certificate presumably stashed with the above
+function, but may be any certificate. Type is &CERTCertificate */
+CERTCertificate *
+JAR_fetch_cert(long length, void *key);
+/*
+*  New functions to handle archives alone
+*    (call JAR_new beforehand)
+*
+*  JAR_pass_archive acts much like parse_manifest. Certificates
+*  are returned in the JAR structure but as opaque data. When calling
+*  JAR_verified_extract you still need to decide which of these
+*  certificates to honor.
+*
+*  Code to examine a JAR structure is in jarbert.c. You can obtain both
+*  a list of filenames and certificates from traversing the linked list.
+*
+*/
+extern int
+JAR_pass_archive(JAR *jar, jarArch format, char *filename, const char *url);
+/*
+* Same thing, but don't check signatures
+*/
+extern int
+JAR_pass_archive_unverified(JAR *jar, jarArch format, char *filename,
+const char *url);
+/*
+*  Extracts a relative pathname from the archive and places it
+*  in the filename specified.
+*
+*  Call JAR_set_nailed if you want to keep the file descriptors
+*  open between multiple calls to JAR_verify_extract.
+*
+*/
+extern int
+JAR_verified_extract(JAR *jar, char *path, char *outpath);
+/*
+*  JAR_extract does no crypto checking. This can be used if you
+*  need to extract a manifest file or signature, etc.
+*
+*/
+extern int
+JAR_extract(JAR *jar, char *path, char *outpath);
+#endif /* __JAR_h_ */

The Tor Browser / file comparison

comparison: security/nss/lib/jar/jar.h

security/nss/lib/jar/jar.h