The Tor Browser / file comparison
comparison: security/nss/lib/crmf/crmfit.h
security/nss/lib/crmf/crmfit.h
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:c22bee17b6bf |
|---|---|
| 1 /* -*- Mode: C; tab-width: 8 -*-*/ | |
| 2 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 3 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 5 | |
| 6 | |
| 7 #ifndef _CRMFIT_H_ | |
| 8 #define _CRMFIT_H_ | |
| 9 | |
| 10 struct CRMFCertReqMessagesStr { | |
| 11 CRMFCertReqMsg **messages; | |
| 12 PLArenaPool *poolp; | |
| 13 }; | |
| 14 | |
| 15 struct CRMFCertExtensionStr { | |
| 16 SECItem id; | |
| 17 SECItem critical; | |
| 18 SECItem value; | |
| 19 }; | |
| 20 | |
| 21 | |
| 22 struct CRMFOptionalValidityStr { | |
| 23 SECItem notBefore; | |
| 24 SECItem notAfter; | |
| 25 }; | |
| 26 | |
| 27 struct CRMFCertTemplateStr { | |
| 28 SECItem version; | |
| 29 SECItem serialNumber; | |
| 30 SECAlgorithmID *signingAlg; | |
| 31 CERTName *issuer; | |
| 32 CRMFOptionalValidity *validity; | |
| 33 CERTName *subject; | |
| 34 CERTSubjectPublicKeyInfo *publicKey; | |
| 35 SECItem issuerUID; | |
| 36 SECItem subjectUID; | |
| 37 CRMFCertExtension **extensions; | |
| 38 int numExtensions; | |
| 39 }; | |
| 40 | |
| 41 struct CRMFCertIDStr { | |
| 42 SECItem issuer; /* General Name */ | |
| 43 SECItem serialNumber; /*INTEGER*/ | |
| 44 }; | |
| 45 | |
| 46 struct CRMFEncryptedValueStr { | |
| 47 SECAlgorithmID *intendedAlg; | |
| 48 SECAlgorithmID *symmAlg; | |
| 49 SECItem encSymmKey; /*BIT STRING */ | |
| 50 SECAlgorithmID *keyAlg; | |
| 51 SECItem valueHint; /*OCTET STRING */ | |
| 52 SECItem encValue; /*BIT STRING */ | |
| 53 }; | |
| 54 | |
| 55 /* | |
| 56 * The field derValue will contain the actual der | |
| 57 * to include in the encoding or that was read in | |
| 58 * from a der blob. | |
| 59 */ | |
| 60 struct CRMFEncryptedKeyStr { | |
| 61 union { | |
| 62 SEC_PKCS7ContentInfo *envelopedData; | |
| 63 CRMFEncryptedValue encryptedValue; | |
| 64 } value; | |
| 65 CRMFEncryptedKeyChoice encKeyChoice; | |
| 66 SECItem derValue; | |
| 67 }; | |
| 68 | |
| 69 /* ASN1 must only have one of the following 3 options. */ | |
| 70 struct CRMFPKIArchiveOptionsStr { | |
| 71 union { | |
| 72 CRMFEncryptedKey encryptedKey; | |
| 73 SECItem keyGenParameters; | |
| 74 SECItem archiveRemGenPrivKey; /* BOOLEAN */ | |
| 75 } option; | |
| 76 CRMFPKIArchiveOptionsType archOption; | |
| 77 }; | |
| 78 | |
| 79 struct CRMFPKIPublicationInfoStr { | |
| 80 SECItem action; /* Possible values */ | |
| 81 /* dontPublish (0), pleasePublish (1) */ | |
| 82 CRMFSinglePubInfo **pubInfos; | |
| 83 }; | |
| 84 | |
| 85 struct CRMFControlStr { | |
| 86 SECOidTag tag; | |
| 87 SECItem derTag; | |
| 88 SECItem derValue; | |
| 89 /* These will be C structures used to represent the various | |
| 90 * options. Values that can't be stored as der right away. | |
| 91 * After creating these structures, we'll place their der | |
| 92 * encoding in derValue so the encoder knows how to get to | |
| 93 * it. | |
| 94 */ | |
| 95 union { | |
| 96 CRMFCertID oldCertId; | |
| 97 CRMFPKIArchiveOptions archiveOptions; | |
| 98 CRMFPKIPublicationInfo pubInfo; | |
| 99 CRMFProtocolEncrKey protEncrKey; | |
| 100 } value; | |
| 101 }; | |
| 102 | |
| 103 struct CRMFCertRequestStr { | |
| 104 SECItem certReqId; | |
| 105 CRMFCertTemplate certTemplate; | |
| 106 CRMFControl **controls; | |
| 107 /* The following members are used by the internal implementation, but | |
| 108 * are not part of the encoding. | |
| 109 */ | |
| 110 PLArenaPool *poolp; | |
| 111 PRUint32 requestID; /* This is the value that will be encoded into | |
| 112 * the certReqId field. | |
| 113 */ | |
| 114 }; | |
| 115 | |
| 116 struct CRMFAttributeStr { | |
| 117 SECItem derTag; | |
| 118 SECItem derValue; | |
| 119 }; | |
| 120 | |
| 121 struct CRMFCertReqMsgStr { | |
| 122 CRMFCertRequest *certReq; | |
| 123 CRMFProofOfPossession *pop; | |
| 124 CRMFAttribute **regInfo; | |
| 125 SECItem derPOP; | |
| 126 /* This arena will be used for allocating memory when decoding. | |
| 127 */ | |
| 128 PLArenaPool *poolp; | |
| 129 PRBool isDecoded; | |
| 130 }; | |
| 131 | |
| 132 struct CRMFPOPOSigningKeyInputStr { | |
| 133 /* ASN1 must have only one of the next 2 options */ | |
| 134 union { | |
| 135 SECItem sender; /*General Name*/ | |
| 136 CRMFPKMACValue *publicKeyMAC; | |
| 137 }authInfo; | |
| 138 CERTSubjectPublicKeyInfo publicKey; | |
| 139 }; | |
| 140 | |
| 141 struct CRMFPOPOSigningKeyStr { | |
| 142 SECItem derInput; /*If in the future we support | |
| 143 *POPOSigningKeyInput, this will | |
| 144 *a C structure representation | |
| 145 *instead. | |
| 146 */ | |
| 147 SECAlgorithmID *algorithmIdentifier; | |
| 148 SECItem signature; /* This is a BIT STRING. Remember */ | |
| 149 }; /* that when interpreting. */ | |
| 150 | |
| 151 /* ASN1 must only choose one of these members */ | |
| 152 struct CRMFPOPOPrivKeyStr { | |
| 153 union { | |
| 154 SECItem thisMessage; /* BIT STRING */ | |
| 155 SECItem subsequentMessage; /*INTEGER*/ | |
| 156 SECItem dhMAC; /*BIT STRING*/ | |
| 157 } message; | |
| 158 CRMFPOPOPrivKeyChoice messageChoice; | |
| 159 }; | |
| 160 | |
| 161 /* ASN1 must only have one of these options. */ | |
| 162 struct CRMFProofOfPossessionStr { | |
| 163 union { | |
| 164 SECItem raVerified; | |
| 165 CRMFPOPOSigningKey signature; | |
| 166 CRMFPOPOPrivKey keyEncipherment; | |
| 167 CRMFPOPOPrivKey keyAgreement; | |
| 168 } popChoice; | |
| 169 CRMFPOPChoice popUsed; /*Not part of encoding*/ | |
| 170 }; | |
| 171 | |
| 172 struct CRMFPKMACValueStr { | |
| 173 SECAlgorithmID algID; | |
| 174 SECItem value; /*BIT STRING*/ | |
| 175 }; | |
| 176 | |
| 177 struct CRMFSinglePubInfoStr { | |
| 178 SECItem pubMethod; /* Possible Values: | |
| 179 * dontCare (0) | |
| 180 * x500 (1) | |
| 181 * web (2) | |
| 182 * ldap (3) | |
| 183 */ | |
| 184 CERTGeneralName *pubLocation; /* General Name */ | |
| 185 }; | |
| 186 | |
| 187 #endif /* _CRMFIT_H_ */ |
