1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/cmd/crlutil/crlgen.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,186 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +
1.9 +#ifndef _CRLGEN_H_
1.10 +#define _CRLGEN_H_
1.11 +
1.12 +#include "prio.h"
1.13 +#include "prprf.h"
1.14 +#include "plhash.h"
1.15 +#include "seccomon.h"
1.16 +#include "certt.h"
1.17 +#include "secoidt.h"
1.18 +
1.19 +
1.20 +#define CRLGEN_UNKNOWN_CONTEXT 0
1.21 +#define CRLGEN_ISSUER_CONTEXT 1
1.22 +#define CRLGEN_UPDATE_CONTEXT 2
1.23 +#define CRLGEN_NEXT_UPDATE_CONTEXT 3
1.24 +#define CRLGEN_ADD_EXTENSION_CONTEXT 4
1.25 +#define CRLGEN_ADD_CERT_CONTEXT 6
1.26 +#define CRLGEN_CHANGE_RANGE_CONTEXT 7
1.27 +#define CRLGEN_RM_CERT_CONTEXT 8
1.28 +
1.29 +#define CRLGEN_TYPE_DATE 0
1.30 +#define CRLGEN_TYPE_ZDATE 1
1.31 +#define CRLGEN_TYPE_DIGIT 2
1.32 +#define CRLGEN_TYPE_DIGIT_RANGE 3
1.33 +#define CRLGEN_TYPE_OID 4
1.34 +#define CRLGEN_TYPE_STRING 5
1.35 +#define CRLGEN_TYPE_ID 6
1.36 +
1.37 +
1.38 +typedef struct CRLGENGeneratorDataStr CRLGENGeneratorData;
1.39 +typedef struct CRLGENEntryDataStr CRLGENEntryData;
1.40 +typedef struct CRLGENExtensionEntryStr CRLGENExtensionEntry;
1.41 +typedef struct CRLGENCertEntrySrt CRLGENCertEntry;
1.42 +typedef struct CRLGENCrlFieldStr CRLGENCrlField;
1.43 +typedef struct CRLGENEntriesSortedDataStr CRLGENEntriesSortedData;
1.44 +
1.45 +/* Exported functions */
1.46 +
1.47 +/* Used for initialization of extension handles for crl and certs
1.48 + * extensions from existing CRL data then modifying existing CRL.*/
1.49 +extern SECStatus CRLGEN_ExtHandleInit(CRLGENGeneratorData *crlGenData);
1.50 +
1.51 +/* Commits all added entries and their's extensions into CRL. */
1.52 +extern SECStatus CRLGEN_CommitExtensionsAndEntries(CRLGENGeneratorData *crlGenData);
1.53 +
1.54 +/* Lunches the crl generation script parse */
1.55 +extern SECStatus CRLGEN_StartCrlGen(CRLGENGeneratorData *crlGenData);
1.56 +
1.57 +/* Closes crl generation script file and frees crlGenData */
1.58 +extern void CRLGEN_FinalizeCrlGeneration(CRLGENGeneratorData *crlGenData);
1.59 +
1.60 +/* Parser initialization function. Creates CRLGENGeneratorData structure
1.61 + * for the current thread */
1.62 +extern CRLGENGeneratorData* CRLGEN_InitCrlGeneration(CERTSignedCrl *newCrl,
1.63 + PRFileDesc *src);
1.64 +
1.65 +
1.66 +/* This lock is defined in crlgen_lex.c(derived from crlgen_lex.l).
1.67 + * It controls access to invocation of yylex, allows to parse one
1.68 + * script at a time */
1.69 +extern void CRLGEN_InitCrlGenParserLock();
1.70 +extern void CRLGEN_DestroyCrlGenParserLock();
1.71 +
1.72 +
1.73 +/* The following function types are used to define functions for each of
1.74 + * CRLGENExtensionEntryStr, CRLGENCertEntrySrt, CRLGENCrlFieldStr to
1.75 + * provide functionality needed for these structures*/
1.76 +typedef SECStatus updateCrlFn_t(CRLGENGeneratorData *crlGenData, void *str);
1.77 +typedef SECStatus setNextDataFn_t(CRLGENGeneratorData *crlGenData, void *str,
1.78 + void *data, unsigned short dtype);
1.79 +typedef SECStatus createNewLangStructFn_t(CRLGENGeneratorData *crlGenData,
1.80 + void *str, unsigned i);
1.81 +
1.82 +/* Sets reports failure to parser if anything goes wrong */
1.83 +extern void crlgen_setFailure(CRLGENGeneratorData *str, char *);
1.84 +
1.85 +/* Collects data in to one of the current data structure that corresponds
1.86 + * to the correct context type. This function gets called after each token
1.87 + * is found for a particular line */
1.88 +extern SECStatus crlgen_setNextData(CRLGENGeneratorData *str, void *data,
1.89 + unsigned short dtype);
1.90 +
1.91 +/* initiates crl update with collected data. This function is called at the
1.92 + * end of each line */
1.93 +extern SECStatus crlgen_updateCrl(CRLGENGeneratorData *str);
1.94 +
1.95 +/* Creates new context structure depending on token that was parsed
1.96 + * at the beginning of a line */
1.97 +extern SECStatus crlgen_createNewLangStruct(CRLGENGeneratorData *str,
1.98 + unsigned structType);
1.99 +
1.100 +
1.101 +/* CRLGENExtensionEntry is used to store addext request data for either
1.102 + * CRL extensions or CRL entry extensions. The differentiation between
1.103 + * is based on order and type of extension been added.
1.104 + * - extData : all data in request staring from name of the extension are
1.105 + * in saved here.
1.106 + * - nextUpdatedData: counter of elements added to extData
1.107 + */
1.108 +struct CRLGENExtensionEntryStr {
1.109 + char **extData;
1.110 + int nextUpdatedData;
1.111 + updateCrlFn_t *updateCrlFn;
1.112 + setNextDataFn_t *setNextDataFn;
1.113 +};
1.114 +
1.115 +/* CRLGENCeryestEntry is used to store addcert request data
1.116 + * - certId : certificate id or range of certificate with dash as a delimiter
1.117 + * All certs from range will be inclusively added to crl
1.118 + * - revocationTime: revocation time of cert(s)
1.119 + */
1.120 +struct CRLGENCertEntrySrt {
1.121 + char *certId;
1.122 + char *revocationTime;
1.123 + updateCrlFn_t *updateCrlFn;
1.124 + setNextDataFn_t *setNextDataFn;
1.125 +};
1.126 +
1.127 +
1.128 +/* CRLGENCrlField is used to store crl fields record like update time, next
1.129 + * update time, etc.
1.130 + * - value: value of the parsed field data*/
1.131 +struct CRLGENCrlFieldStr {
1.132 + char *value;
1.133 + updateCrlFn_t *updateCrlFn;
1.134 + setNextDataFn_t *setNextDataFn;
1.135 +};
1.136 +
1.137 +/* Can not create entries extension until completely done with parsing.
1.138 + * Therefore need to keep joined data
1.139 + * - certId : serial number of certificate
1.140 + * - extHandle: head pointer to a list of extensions that belong to
1.141 + * entry
1.142 + * - entry : CERTCrlEntry structure pointer*/
1.143 +struct CRLGENEntryDataStr {
1.144 + SECItem *certId;
1.145 + void *extHandle;
1.146 + CERTCrlEntry *entry;
1.147 +};
1.148 +
1.149 +/* Crl generator/parser main structure. Keeps info regarding current state of
1.150 + * parser(context, status), parser helper functions pointers, parsed data and
1.151 + * generated data.
1.152 + * - contextId : current parsing context. Context in this parser environment
1.153 + * defines what type of crl operations parser is going through
1.154 + * in the current line of crl generation script.
1.155 + * setting or new cert or an extension addition, etc.
1.156 + * - createNewLangStructFn: pointer to top level function which creates
1.157 + * data structures according contextId
1.158 + * - setNextDataFn : pointer to top level function which sets new parsed data
1.159 + * in temporary structure
1.160 + * - updateCrlFn : pointer to top level function which triggers actual
1.161 + * crl update functions with gathered data
1.162 + * - union : data union create according to contextId
1.163 + * - rangeFrom, rangeTo : holds last range in which certs was added
1.164 + * - newCrl : pointer to CERTSignedCrl newly created crl
1.165 + * - crlExtHandle : pointer to crl extension handle
1.166 + * - entryDataHashTable: hash of CRLGENEntryData.
1.167 + * key: cert serial number
1.168 + * data: CRLGENEntryData pointer
1.169 + * - parserStatus : current status of parser. Triggers parser to abort when
1.170 + * set to SECFailure
1.171 + * - src : PRFileDesc structure pointer of crl generator config file
1.172 + * - parsedLineNum : currently parsing line. Keeping it to report errors */
1.173 +struct CRLGENGeneratorDataStr {
1.174 + unsigned short contextId;
1.175 + CRLGENCrlField *crlField;
1.176 + CRLGENCertEntry *certEntry;
1.177 + CRLGENExtensionEntry *extensionEntry;
1.178 + PRUint64 rangeFrom;
1.179 + PRUint64 rangeTo;
1.180 + CERTSignedCrl *signCrl;
1.181 + void *crlExtHandle;
1.182 + PLHashTable *entryDataHashTable;
1.183 +
1.184 + PRFileDesc *src;
1.185 + int parsedLineNum;
1.186 +};
1.187 +
1.188 +
1.189 +#endif /* _CRLGEN_H_ */
