michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: /* michael@0: * pkix_build.h michael@0: * michael@0: * Header file for buildChain function michael@0: * michael@0: */ michael@0: michael@0: #ifndef _PKIX_BUILD_H michael@0: #define _PKIX_BUILD_H michael@0: #include "pkix_tools.h" michael@0: #ifndef NSS_PKIX_NO_LDAP michael@0: #include "pkix_pl_ldapt.h" michael@0: #endif michael@0: #include "pkix_ekuchecker.h" michael@0: michael@0: #ifdef __cplusplus michael@0: extern "C" { michael@0: #endif michael@0: michael@0: typedef enum { michael@0: BUILD_SHORTCUTPENDING, michael@0: BUILD_INITIAL, michael@0: BUILD_TRYAIA, michael@0: BUILD_AIAPENDING, michael@0: BUILD_COLLECTINGCERTS, michael@0: BUILD_GATHERPENDING, michael@0: BUILD_CERTVALIDATING, michael@0: BUILD_ABANDONNODE, michael@0: BUILD_DATEPREP, michael@0: BUILD_CHECKTRUSTED, michael@0: BUILD_CHECKTRUSTED2, michael@0: BUILD_ADDTOCHAIN, michael@0: BUILD_VALCHAIN, michael@0: BUILD_VALCHAIN2, michael@0: BUILD_EXTENDCHAIN, michael@0: BUILD_GETNEXTCERT michael@0: } BuildStatus; michael@0: michael@0: typedef struct BuildConstantsStruct BuildConstants; michael@0: michael@0: /* michael@0: * These fields (the ones that are objects) are not reference-counted michael@0: * in *each* state, but only in the root, the state that has no parent. michael@0: * That saves time in creation and destruction of child states, but is michael@0: * safe enough since they are constants. michael@0: */ michael@0: struct BuildConstantsStruct { michael@0: PKIX_UInt32 numAnchors; michael@0: PKIX_UInt32 numCertStores; michael@0: PKIX_UInt32 numHintCerts; michael@0: PKIX_UInt32 maxDepth; michael@0: PKIX_UInt32 maxFanout; michael@0: PKIX_UInt32 maxTime; michael@0: PKIX_ProcessingParams *procParams; michael@0: PKIX_PL_Date *testDate; michael@0: PKIX_PL_Date *timeLimit; michael@0: PKIX_PL_Cert *targetCert; michael@0: PKIX_PL_PublicKey *targetPubKey; michael@0: PKIX_List *certStores; michael@0: PKIX_List *anchors; michael@0: PKIX_List *userCheckers; michael@0: PKIX_List *hintCerts; michael@0: PKIX_RevocationChecker *revChecker; michael@0: PKIX_PL_AIAMgr *aiaMgr; michael@0: PKIX_Boolean useAIAForCertFetching; michael@0: PKIX_Boolean trustOnlyUserAnchors; michael@0: }; michael@0: michael@0: struct PKIX_ForwardBuilderStateStruct{ michael@0: BuildStatus status; michael@0: PKIX_Int32 traversedCACerts; michael@0: PKIX_UInt32 certStoreIndex; michael@0: PKIX_UInt32 numCerts; michael@0: PKIX_UInt32 numAias; michael@0: PKIX_UInt32 certIndex; michael@0: PKIX_UInt32 aiaIndex; michael@0: PKIX_UInt32 certCheckedIndex; michael@0: PKIX_UInt32 checkerIndex; michael@0: PKIX_UInt32 hintCertIndex; michael@0: PKIX_UInt32 numFanout; michael@0: PKIX_UInt32 numDepth; michael@0: PKIX_UInt32 reasonCode; michael@0: PKIX_Boolean canBeCached; michael@0: PKIX_Boolean useOnlyLocal; michael@0: PKIX_Boolean revChecking; michael@0: PKIX_Boolean usingHintCerts; michael@0: PKIX_Boolean certLoopingDetected; michael@0: PKIX_PL_Date *validityDate; michael@0: PKIX_PL_Cert *prevCert; michael@0: PKIX_PL_Cert *candidateCert; michael@0: PKIX_List *traversedSubjNames; michael@0: PKIX_List *trustChain; michael@0: PKIX_List *aia; michael@0: PKIX_List *candidateCerts; michael@0: PKIX_List *reversedCertChain; michael@0: PKIX_List *checkedCritExtOIDs; michael@0: PKIX_List *checkerChain; michael@0: PKIX_CertSelector *certSel; michael@0: PKIX_VerifyNode *verifyNode; michael@0: void *client; /* messageHandler, such as LDAPClient */ michael@0: PKIX_ForwardBuilderState *parentState; michael@0: BuildConstants buildConstants; michael@0: }; michael@0: michael@0: /* --Private-Functions-------------------------------------------- */ michael@0: michael@0: PKIX_Error * michael@0: pkix_ForwardBuilderState_RegisterSelf(void *plContext); michael@0: michael@0: PKIX_Error * michael@0: PKIX_Build_GetNBIOContext(void *state, void **pNBIOContext, void *plContext); michael@0: michael@0: #ifdef __cplusplus michael@0: } michael@0: #endif michael@0: michael@0: #endif /* _PKIX_BUILD_H */