michael@0: /* -*- Mode: C; tab-width: 8 -*-*/ michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: michael@0: #ifndef _CRMFIT_H_ michael@0: #define _CRMFIT_H_ michael@0: michael@0: struct CRMFCertReqMessagesStr { michael@0: CRMFCertReqMsg **messages; michael@0: PLArenaPool *poolp; michael@0: }; michael@0: michael@0: struct CRMFCertExtensionStr { michael@0: SECItem id; michael@0: SECItem critical; michael@0: SECItem value; michael@0: }; michael@0: michael@0: michael@0: struct CRMFOptionalValidityStr { michael@0: SECItem notBefore; michael@0: SECItem notAfter; michael@0: }; michael@0: michael@0: struct CRMFCertTemplateStr { michael@0: SECItem version; michael@0: SECItem serialNumber; michael@0: SECAlgorithmID *signingAlg; michael@0: CERTName *issuer; michael@0: CRMFOptionalValidity *validity; michael@0: CERTName *subject; michael@0: CERTSubjectPublicKeyInfo *publicKey; michael@0: SECItem issuerUID; michael@0: SECItem subjectUID; michael@0: CRMFCertExtension **extensions; michael@0: int numExtensions; michael@0: }; michael@0: michael@0: struct CRMFCertIDStr { michael@0: SECItem issuer; /* General Name */ michael@0: SECItem serialNumber; /*INTEGER*/ michael@0: }; michael@0: michael@0: struct CRMFEncryptedValueStr { michael@0: SECAlgorithmID *intendedAlg; michael@0: SECAlgorithmID *symmAlg; michael@0: SECItem encSymmKey; /*BIT STRING */ michael@0: SECAlgorithmID *keyAlg; michael@0: SECItem valueHint; /*OCTET STRING */ michael@0: SECItem encValue; /*BIT STRING */ michael@0: }; michael@0: michael@0: /* michael@0: * The field derValue will contain the actual der michael@0: * to include in the encoding or that was read in michael@0: * from a der blob. michael@0: */ michael@0: struct CRMFEncryptedKeyStr { michael@0: union { michael@0: SEC_PKCS7ContentInfo *envelopedData; michael@0: CRMFEncryptedValue encryptedValue; michael@0: } value; michael@0: CRMFEncryptedKeyChoice encKeyChoice; michael@0: SECItem derValue; michael@0: }; michael@0: michael@0: /* ASN1 must only have one of the following 3 options. */ michael@0: struct CRMFPKIArchiveOptionsStr { michael@0: union { michael@0: CRMFEncryptedKey encryptedKey; michael@0: SECItem keyGenParameters; michael@0: SECItem archiveRemGenPrivKey; /* BOOLEAN */ michael@0: } option; michael@0: CRMFPKIArchiveOptionsType archOption; michael@0: }; michael@0: michael@0: struct CRMFPKIPublicationInfoStr { michael@0: SECItem action; /* Possible values */ michael@0: /* dontPublish (0), pleasePublish (1) */ michael@0: CRMFSinglePubInfo **pubInfos; michael@0: }; michael@0: michael@0: struct CRMFControlStr { michael@0: SECOidTag tag; michael@0: SECItem derTag; michael@0: SECItem derValue; michael@0: /* These will be C structures used to represent the various michael@0: * options. Values that can't be stored as der right away. michael@0: * After creating these structures, we'll place their der michael@0: * encoding in derValue so the encoder knows how to get to michael@0: * it. michael@0: */ michael@0: union { michael@0: CRMFCertID oldCertId; michael@0: CRMFPKIArchiveOptions archiveOptions; michael@0: CRMFPKIPublicationInfo pubInfo; michael@0: CRMFProtocolEncrKey protEncrKey; michael@0: } value; michael@0: }; michael@0: michael@0: struct CRMFCertRequestStr { michael@0: SECItem certReqId; michael@0: CRMFCertTemplate certTemplate; michael@0: CRMFControl **controls; michael@0: /* The following members are used by the internal implementation, but michael@0: * are not part of the encoding. michael@0: */ michael@0: PLArenaPool *poolp; michael@0: PRUint32 requestID; /* This is the value that will be encoded into michael@0: * the certReqId field. michael@0: */ michael@0: }; michael@0: michael@0: struct CRMFAttributeStr { michael@0: SECItem derTag; michael@0: SECItem derValue; michael@0: }; michael@0: michael@0: struct CRMFCertReqMsgStr { michael@0: CRMFCertRequest *certReq; michael@0: CRMFProofOfPossession *pop; michael@0: CRMFAttribute **regInfo; michael@0: SECItem derPOP; michael@0: /* This arena will be used for allocating memory when decoding. michael@0: */ michael@0: PLArenaPool *poolp; michael@0: PRBool isDecoded; michael@0: }; michael@0: michael@0: struct CRMFPOPOSigningKeyInputStr { michael@0: /* ASN1 must have only one of the next 2 options */ michael@0: union { michael@0: SECItem sender; /*General Name*/ michael@0: CRMFPKMACValue *publicKeyMAC; michael@0: }authInfo; michael@0: CERTSubjectPublicKeyInfo publicKey; michael@0: }; michael@0: michael@0: struct CRMFPOPOSigningKeyStr { michael@0: SECItem derInput; /*If in the future we support michael@0: *POPOSigningKeyInput, this will michael@0: *a C structure representation michael@0: *instead. michael@0: */ michael@0: SECAlgorithmID *algorithmIdentifier; michael@0: SECItem signature; /* This is a BIT STRING. Remember */ michael@0: }; /* that when interpreting. */ michael@0: michael@0: /* ASN1 must only choose one of these members */ michael@0: struct CRMFPOPOPrivKeyStr { michael@0: union { michael@0: SECItem thisMessage; /* BIT STRING */ michael@0: SECItem subsequentMessage; /*INTEGER*/ michael@0: SECItem dhMAC; /*BIT STRING*/ michael@0: } message; michael@0: CRMFPOPOPrivKeyChoice messageChoice; michael@0: }; michael@0: michael@0: /* ASN1 must only have one of these options. */ michael@0: struct CRMFProofOfPossessionStr { michael@0: union { michael@0: SECItem raVerified; michael@0: CRMFPOPOSigningKey signature; michael@0: CRMFPOPOPrivKey keyEncipherment; michael@0: CRMFPOPOPrivKey keyAgreement; michael@0: } popChoice; michael@0: CRMFPOPChoice popUsed; /*Not part of encoding*/ michael@0: }; michael@0: michael@0: struct CRMFPKMACValueStr { michael@0: SECAlgorithmID algID; michael@0: SECItem value; /*BIT STRING*/ michael@0: }; michael@0: michael@0: struct CRMFSinglePubInfoStr { michael@0: SECItem pubMethod; /* Possible Values: michael@0: * dontCare (0) michael@0: * x500 (1) michael@0: * web (2) michael@0: * ldap (3) michael@0: */ michael@0: CERTGeneralName *pubLocation; /* General Name */ michael@0: }; michael@0: michael@0: #endif /* _CRMFIT_H_ */