OLD | NEW |
1 /* ***** BEGIN LICENSE BLOCK ***** | 1 /* ***** BEGIN LICENSE BLOCK ***** |
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
3 * | 3 * |
4 * The contents of this file are subject to the Mozilla Public License Version | 4 * The contents of this file are subject to the Mozilla Public License Version |
5 * 1.1 (the "License"); you may not use this file except in compliance with | 5 * 1.1 (the "License"); you may not use this file except in compliance with |
6 * the License. You may obtain a copy of the License at | 6 * the License. You may obtain a copy of the License at |
7 * http://www.mozilla.org/MPL/ | 7 * http://www.mozilla.org/MPL/ |
8 * | 8 * |
9 * Software distributed under the License is distributed on an "AS IS" basis, | 9 * Software distributed under the License is distributed on an "AS IS" basis, |
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License | 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
(...skipping 18 matching lines...) Expand all Loading... |
29 * use your version of this file under the terms of the MPL, indicate your | 29 * use your version of this file under the terms of the MPL, indicate your |
30 * decision by deleting the provisions above and replace them with the notice | 30 * decision by deleting the provisions above and replace them with the notice |
31 * and other provisions required by the GPL or the LGPL. If you do not delete | 31 * and other provisions required by the GPL or the LGPL. If you do not delete |
32 * the provisions above, a recipient may use your version of this file under | 32 * the provisions above, a recipient may use your version of this file under |
33 * the terms of any one of the MPL, the GPL or the LGPL. | 33 * the terms of any one of the MPL, the GPL or the LGPL. |
34 * | 34 * |
35 * ***** END LICENSE BLOCK ***** */ | 35 * ***** END LICENSE BLOCK ***** */ |
36 /* | 36 /* |
37 * certt.h - public data structures for the certificate library | 37 * certt.h - public data structures for the certificate library |
38 * | 38 * |
39 * $Id: certt.h,v 1.52 2009/05/29 18:10:38 alexei.volkov.bugs%sun.com Exp $ | 39 * $Id: certt.h,v 1.54 2010/06/18 00:34:22 wtc%google.com Exp $ |
40 */ | 40 */ |
41 #ifndef _CERTT_H_ | 41 #ifndef _CERTT_H_ |
42 #define _CERTT_H_ | 42 #define _CERTT_H_ |
43 | 43 |
44 #include "prclist.h" | 44 #include "prclist.h" |
45 #include "pkcs11t.h" | 45 #include "pkcs11t.h" |
46 #include "seccomon.h" | 46 #include "seccomon.h" |
47 #include "secmodt.h" | 47 #include "secmodt.h" |
48 #include "secoidt.h" | 48 #include "secoidt.h" |
49 #include "plarena.h" | 49 #include "plarena.h" |
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
246 SECItem subjectID; | 246 SECItem subjectID; |
247 CERTCertExtension **extensions; | 247 CERTCertExtension **extensions; |
248 char *emailAddr; | 248 char *emailAddr; |
249 CERTCertDBHandle *dbhandle; | 249 CERTCertDBHandle *dbhandle; |
250 SECItem subjectKeyID; /* x509v3 subject key identifier */ | 250 SECItem subjectKeyID; /* x509v3 subject key identifier */ |
251 PRBool keyIDGenerated; /* was the keyid generated? */ | 251 PRBool keyIDGenerated; /* was the keyid generated? */ |
252 unsigned int keyUsage; /* what uses are allowed for this cert */ | 252 unsigned int keyUsage; /* what uses are allowed for this cert */ |
253 unsigned int rawKeyUsage; /* value of the key usage extension */ | 253 unsigned int rawKeyUsage; /* value of the key usage extension */ |
254 PRBool keyUsagePresent; /* was the key usage extension present */ | 254 PRBool keyUsagePresent; /* was the key usage extension present */ |
255 PRUint32 nsCertType; /* value of the ns cert type extension */ | 255 PRUint32 nsCertType; /* value of the ns cert type extension */ |
256 » » » » /* must be 32-bit for PR_AtomicSet */ | 256 » » » » /* must be 32-bit for PR_ATOMIC_SET */ |
257 | 257 |
258 /* these values can be set by the application to bypass certain checks | 258 /* these values can be set by the application to bypass certain checks |
259 * or to keep the cert in memory for an entire session. | 259 * or to keep the cert in memory for an entire session. |
260 * XXX - need an api to set these | 260 * XXX - need an api to set these |
261 */ | 261 */ |
262 PRBool keepSession; /* keep this cert for entire session*/ | 262 PRBool keepSession; /* keep this cert for entire session*/ |
263 PRBool timeOK; /* is the bad validity time ok? */ | 263 PRBool timeOK; /* is the bad validity time ok? */ |
264 CERTOKDomainName *domainOK; /* these domain names are ok */ | 264 CERTOKDomainName *domainOK; /* these domain names are ok */ |
265 | 265 |
266 /* | 266 /* |
(...skipping 637 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
904 * Specified in value.pointer.p. If the | 904 * Specified in value.pointer.p. If the |
905 * operation succeeds the context will be | 905 * operation succeeds the context will be |
906 * freed. */ | 906 * freed. */ |
907 cert_pi_certList = 3, /* specify the chain to validate against. If | 907 cert_pi_certList = 3, /* specify the chain to validate against. If |
908 * this value is given, then the path | 908 * this value is given, then the path |
909 * construction step in the validation is | 909 * construction step in the validation is |
910 * skipped. Specified in value.pointer.chain */ | 910 * skipped. Specified in value.pointer.chain */ |
911 cert_pi_policyOID = 4, /* validate certificate for policy OID. | 911 cert_pi_policyOID = 4, /* validate certificate for policy OID. |
912 * Specified in value.array.oids. Cert must | 912 * Specified in value.array.oids. Cert must |
913 * be good for at least one OID in order | 913 * be good for at least one OID in order |
914 » » » » * to validate. Default is no policyOID */ | 914 » » » » * to validate. Default is that the user is not |
| 915 » » » » * concerned about certificate policy. */ |
915 cert_pi_policyFlags = 5, /* flags for each policy specified in policyOID. | 916 cert_pi_policyFlags = 5, /* flags for each policy specified in policyOID. |
916 * Specified in value.scalar.ul. Policy flags | 917 * Specified in value.scalar.ul. Policy flags |
917 * apply to all specified oids. | 918 * apply to all specified oids. |
918 * Use CERT_POLICY_FLAG_* macros below. If not | 919 * Use CERT_POLICY_FLAG_* macros below. If not |
919 * specified policy flags default to 0 */ | 920 * specified policy flags default to 0 */ |
920 cert_pi_keyusage = 6, /* specify what the keyusages the certificate | 921 cert_pi_keyusage = 6, /* specify what the keyusages the certificate |
921 * will be evaluated against, specified in | 922 * will be evaluated against, specified in |
922 * value.scalar.ui. The cert must validate for | 923 * value.scalar.ui. The cert must validate for |
923 * at least one of the specified key usages. | 924 * at least one of the specified key usages. |
924 * Values match the KU_ bit flags defined | 925 * Values match the KU_ bit flags defined |
(...skipping 386 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1311 SEC_ASN1_CHOOSER_DECLARE(CERT_SetOfSignedCrlTemplate) | 1312 SEC_ASN1_CHOOSER_DECLARE(CERT_SetOfSignedCrlTemplate) |
1312 SEC_ASN1_CHOOSER_DECLARE(CERT_SignedDataTemplate) | 1313 SEC_ASN1_CHOOSER_DECLARE(CERT_SignedDataTemplate) |
1313 SEC_ASN1_CHOOSER_DECLARE(CERT_SubjectPublicKeyInfoTemplate) | 1314 SEC_ASN1_CHOOSER_DECLARE(CERT_SubjectPublicKeyInfoTemplate) |
1314 SEC_ASN1_CHOOSER_DECLARE(SEC_SignedCertificateTemplate) | 1315 SEC_ASN1_CHOOSER_DECLARE(SEC_SignedCertificateTemplate) |
1315 SEC_ASN1_CHOOSER_DECLARE(CERT_SignedCrlTemplate) | 1316 SEC_ASN1_CHOOSER_DECLARE(CERT_SignedCrlTemplate) |
1316 SEC_ASN1_CHOOSER_DECLARE(CERT_TimeChoiceTemplate) | 1317 SEC_ASN1_CHOOSER_DECLARE(CERT_TimeChoiceTemplate) |
1317 | 1318 |
1318 SEC_END_PROTOS | 1319 SEC_END_PROTOS |
1319 | 1320 |
1320 #endif /* _CERTT_H_ */ | 1321 #endif /* _CERTT_H_ */ |
OLD | NEW |