michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: michael@0: #ifndef _P12_H_ michael@0: #define _P12_H_ michael@0: michael@0: #include "secoid.h" michael@0: #include "key.h" michael@0: #include "secpkcs7.h" michael@0: #include "p12t.h" michael@0: michael@0: typedef int (PR_CALLBACK * PKCS12OpenFunction)(void *arg); michael@0: typedef int (PR_CALLBACK * PKCS12ReadFunction)(void *arg, michael@0: unsigned char *buffer, michael@0: unsigned int *lenRead, michael@0: unsigned int maxLen); michael@0: typedef int (PR_CALLBACK * PKCS12WriteFunction)(void *arg, michael@0: unsigned char *buffer, michael@0: unsigned int *bufLen, michael@0: unsigned int *lenWritten); michael@0: typedef int (PR_CALLBACK * PKCS12CloseFunction)(void *arg); michael@0: typedef SECStatus (PR_CALLBACK * PKCS12UnicodeConvertFunction)( michael@0: PLArenaPool *arena, michael@0: SECItem *dest, SECItem *src, michael@0: PRBool toUnicode, michael@0: PRBool swapBytes); michael@0: typedef void (PR_CALLBACK * SEC_PKCS12EncoderOutputCallback)( michael@0: void *arg, const char *buf, michael@0: unsigned long len); michael@0: typedef void (PR_CALLBACK * SEC_PKCS12DecoderOutputCallback)( michael@0: void *arg, const char *buf, michael@0: unsigned long len); michael@0: /* michael@0: * In NSS 3.12 or later, 'arg' actually points to a CERTCertificate, michael@0: * the 'leafCert' variable in sec_pkcs12_validate_cert in p12d.c. michael@0: * See r1.35 of p12d.c ("Patch 2" in bug 321584). michael@0: */ michael@0: typedef SECItem * (PR_CALLBACK * SEC_PKCS12NicknameCollisionCallback)( michael@0: SECItem *old_nickname, michael@0: PRBool *cancel, michael@0: void *arg); michael@0: michael@0: michael@0: michael@0: michael@0: typedef SECStatus (PR_CALLBACK *digestOpenFn)(void *arg, PRBool readData); michael@0: typedef SECStatus (PR_CALLBACK *digestCloseFn)(void *arg, PRBool removeFile); michael@0: typedef int (PR_CALLBACK *digestIOFn)(void *arg, unsigned char *buf, michael@0: unsigned long len); michael@0: michael@0: typedef struct SEC_PKCS12ExportContextStr SEC_PKCS12ExportContext; michael@0: typedef struct SEC_PKCS12SafeInfoStr SEC_PKCS12SafeInfo; michael@0: typedef struct SEC_PKCS12DecoderContextStr SEC_PKCS12DecoderContext; michael@0: typedef struct SEC_PKCS12DecoderItemStr SEC_PKCS12DecoderItem; michael@0: michael@0: struct sec_PKCS12PasswordModeInfo { michael@0: SECItem *password; michael@0: SECOidTag algorithm; michael@0: }; michael@0: michael@0: struct sec_PKCS12PublicKeyModeInfo { michael@0: CERTCertificate *cert; michael@0: CERTCertDBHandle *certDb; michael@0: SECOidTag algorithm; michael@0: int keySize; michael@0: }; michael@0: michael@0: struct SEC_PKCS12DecoderItemStr { michael@0: SECItem *der; michael@0: SECOidTag type; michael@0: PRBool hasKey; michael@0: SECItem *friendlyName; /* UTF-8 string */ michael@0: SECAlgorithmID *shroudAlg; michael@0: }; michael@0: michael@0: michael@0: SEC_BEGIN_PROTOS michael@0: michael@0: SEC_PKCS12SafeInfo * michael@0: SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt, michael@0: CERTCertDBHandle *certDb, michael@0: CERTCertificate *signer, michael@0: CERTCertificate **recipients, michael@0: SECOidTag algorithm, int keysize); michael@0: michael@0: extern SEC_PKCS12SafeInfo * michael@0: SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt, michael@0: SECItem *pwitem, SECOidTag privAlg); michael@0: michael@0: extern SEC_PKCS12SafeInfo * michael@0: SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt, michael@0: SECItem *pwitem, SECOidTag integAlg); michael@0: extern SECStatus michael@0: SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt, michael@0: CERTCertificate *cert, CERTCertDBHandle *certDb, michael@0: SECOidTag algorithm, int keySize); michael@0: michael@0: extern SEC_PKCS12ExportContext * michael@0: SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg, michael@0: PK11SlotInfo *slot, void *wincx); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt, michael@0: SEC_PKCS12SafeInfo *safe, void *nestedDest, michael@0: CERTCertificate *cert, CERTCertDBHandle *certDb, michael@0: SECItem *keyId, PRBool includeCertChain); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt, michael@0: SEC_PKCS12SafeInfo *safe, michael@0: void *nestedDest, CERTCertificate *cert, michael@0: PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem, michael@0: SECItem *keyId, SECItem *nickName); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12AddCertOrChainAndKey(SEC_PKCS12ExportContext *p12ctxt, michael@0: void *certSafe, void *certNestedDest, michael@0: CERTCertificate *cert, CERTCertDBHandle *certDb, michael@0: void *keySafe, void *keyNestedDest, PRBool shroudKey, michael@0: SECItem *pwitem, SECOidTag algorithm, michael@0: PRBool includeCertChain); michael@0: michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt, michael@0: void *certSafe, void *certNestedDest, michael@0: CERTCertificate *cert, CERTCertDBHandle *certDb, michael@0: void *keySafe, void *keyNestedDest, michael@0: PRBool shroudKey, SECItem *pwitem, SECOidTag algorithm); michael@0: michael@0: extern void * michael@0: SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt, michael@0: void *baseSafe, void *nestedDest); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp, michael@0: SEC_PKCS12EncoderOutputCallback output, void *outputarg); michael@0: michael@0: extern void michael@0: SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12exp); michael@0: michael@0: extern SEC_PKCS12DecoderContext * michael@0: SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx, michael@0: digestOpenFn dOpen, digestCloseFn dClose, michael@0: digestIOFn dRead, digestIOFn dWrite, void *dArg); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12DecoderSetTargetTokenCAs(SEC_PKCS12DecoderContext *p12dcx, michael@0: SECPKCS12TargetTokenCAs tokenCAs); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx, unsigned char *data, michael@0: unsigned long len); michael@0: michael@0: extern void michael@0: SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx, michael@0: SEC_PKCS12NicknameCollisionCallback nicknameCb); michael@0: michael@0: extern SECStatus michael@0: SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx); michael@0: michael@0: CERTCertList * michael@0: SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx); michael@0: michael@0: SECStatus michael@0: SEC_PKCS12DecoderIterateInit(SEC_PKCS12DecoderContext *p12dcx); michael@0: michael@0: SECStatus michael@0: SEC_PKCS12DecoderIterateNext(SEC_PKCS12DecoderContext *p12dcx, michael@0: const SEC_PKCS12DecoderItem **ipp); michael@0: michael@0: SEC_END_PROTOS michael@0: michael@0: #endif