mozilla/security/nss/lib/pkcs7/pkcs7t.h - Issue 14249009: Change the NSS and NSPR source tree to the new directory structure to be

Side by Side Diff: mozilla/security/nss/lib/pkcs7/pkcs7t.h

Issue 14249009: Change the NSS and NSPR source tree to the new directory structure to be (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/

Patch Set: Created 7 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
	(Empty)
1 /* This Source Code Form is subject to the terms of the Mozilla Public

2 * License, v. 2.0. If a copy of the MPL was not distributed with this

3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

4

5 /*

6 * Header for pkcs7 types.

7 *

8 * $Id: pkcs7t.h,v 1.8 2012/04/25 14:50:06 gerv%gerv.net Exp $

9 */

10

11 #ifndef _PKCS7T_H_

12 #define _PKCS7T_H_

13

14 #include "plarena.h"

15

16 #include "seccomon.h"

17 #include "secoidt.h"

18 #include "certt.h"

19 #include "secmodt.h"

20

21 /* Opaque objects */

22 typedef struct SEC_PKCS7DecoderContextStr SEC_PKCS7DecoderContext;

23 typedef struct SEC_PKCS7EncoderContextStr SEC_PKCS7EncoderContext;

24

25 /* legacy defines that haven't been active for years */

26 typedef void (SECKEYGetPasswordKey)(void arg, void handle);

27

28

29 /* Non-opaque objects. NOTE, though: I want them to be treated as

30 * opaque as much as possible. If I could hide them completely,

31 * I would. (I tried, but ran into trouble that was taking me too

32 * much time to get out of.) I still intend to try to do so.

33 * In fact, the only type that "outsiders" should even name is

34 * SEC_PKCS7ContentInfo, and they should not reference its fields.

35 */

36 /* rjr: PKCS #11 cert handling (pk11cert.c) does use SEC_PKCS7RecipientInfo's.

37 * This is because when we search the recipient list for the cert and key we

38 * want, we need to invert the order of the loops we used to have. The old

39 * loops were:

40 *

41 * For each recipient {

42 * find_cert = PK11_Find_AllCert(recipient->issuerSN);

43 * [which unrolls to... ]

44 * For each slot {

45 * Log into slot;

46 * search slot for cert;

47 * }

48 * }

49 *

50 * the new loop searchs all the recipients at once on a slot. this allows

51 * PKCS #11 to order slots in such a way that logout slots don't get checked

52 * if we can find the cert on a logged in slot. This eliminates lots of

53 * spurious password prompts when smart cards are installed... so why this

54 * comment? If you make SEC_PKCS7RecipientInfo completely opaque, you need

55 * to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs

56 * and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11

57 * function.

58 */

59 typedef struct SEC_PKCS7ContentInfoStr SEC_PKCS7ContentInfo;

60 typedef struct SEC_PKCS7SignedDataStr SEC_PKCS7SignedData;

61 typedef struct SEC_PKCS7EncryptedContentInfoStr SEC_PKCS7EncryptedContentInfo;

62 typedef struct SEC_PKCS7EnvelopedDataStr SEC_PKCS7EnvelopedData;

63 typedef struct SEC_PKCS7SignedAndEnvelopedDataStr

64 SEC_PKCS7SignedAndEnvelopedData;

65 typedef struct SEC_PKCS7SignerInfoStr SEC_PKCS7SignerInfo;

66 typedef struct SEC_PKCS7RecipientInfoStr SEC_PKCS7RecipientInfo;

67 typedef struct SEC_PKCS7DigestedDataStr SEC_PKCS7DigestedData;

68 typedef struct SEC_PKCS7EncryptedDataStr SEC_PKCS7EncryptedData;

69 /*

70 * The following is not actually a PKCS7 type, but for now it is only

71 * used by PKCS7, so we have adopted it. If someone else ever needs

72 * it, its name should be changed and it should be moved out of here.

73 * Do not dare to use it without doing so!

74 */

75 typedef struct SEC_PKCS7AttributeStr SEC_PKCS7Attribute;

76

77 struct SEC_PKCS7ContentInfoStr {

78 PLArenaPool poolp; / local; not part of encoding */

79 PRBool created; /* local; not part of encoding */

80 int refCount; /* local; not part of encoding */

81 SECOidData contentTypeTag; / local; not part of encoding */

82 SECKEYGetPasswordKey pwfn; /* local; not part of encoding */

83 void pwfn_arg; / local; not part of encoding */

84 SECItem contentType;

85 union {

86 SECItem *data;

87 SEC_PKCS7DigestedData *digestedData;

88 SEC_PKCS7EncryptedData *encryptedData;

89 SEC_PKCS7EnvelopedData *envelopedData;

90 SEC_PKCS7SignedData *signedData;

91 SEC_PKCS7SignedAndEnvelopedData *signedAndEnvelopedData;

92 } content;

93 };

94

95 struct SEC_PKCS7SignedDataStr {

96 SECItem version;

97 SECAlgorithmID **digestAlgorithms;

98 SEC_PKCS7ContentInfo contentInfo;

99 SECItem **rawCerts;

100 CERTSignedCrl **crls;

101 SEC_PKCS7SignerInfo **signerInfos;

102 SECItem *digests; / local; not part of encoding */

103 CERTCertificate *certs; / local; not part of encoding */

104 CERTCertificateList *certLists; / local; not part of encoding */

105 };

106 #define SEC_PKCS7_SIGNED_DATA_VERSION 1 /* what we create */

107

108 struct SEC_PKCS7EncryptedContentInfoStr {

109 SECOidData contentTypeTag; / local; not part of encoding */

110 SECItem contentType;

111 SECAlgorithmID contentEncAlg;

112 SECItem encContent;

113 SECItem plainContent; /* local; not part of encoding */

114 /* bytes not encrypted, but encoded */

115 int keysize; /* local; not part of encoding */

116 /* size of bulk encryption key

117 * (only used by creation code) */

118 SECOidTag encalg; /* local; not part of encoding */

119 /* oid tag of encryption algorithm

120 * (only used by creation code) */

121 };

122

123 struct SEC_PKCS7EnvelopedDataStr {

124 SECItem version;

125 SEC_PKCS7RecipientInfo **recipientInfos;

126 SEC_PKCS7EncryptedContentInfo encContentInfo;

127 };

128 #define SEC_PKCS7_ENVELOPED_DATA_VERSION 0 /* what we create */

129

130 struct SEC_PKCS7SignedAndEnvelopedDataStr {

131 SECItem version;

132 SEC_PKCS7RecipientInfo **recipientInfos;

133 SECAlgorithmID **digestAlgorithms;

134 SEC_PKCS7EncryptedContentInfo encContentInfo;

135 SECItem **rawCerts;

136 CERTSignedCrl **crls;

137 SEC_PKCS7SignerInfo **signerInfos;

138 SECItem *digests; / local; not part of encoding */

139 CERTCertificate *certs; / local; not part of encoding */

140 CERTCertificateList *certLists; / local; not part of encoding */

141 PK11SymKey sigKey; / local; not part of encoding */

142 };

143 #define SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION 1 /* what we create */

144

145 struct SEC_PKCS7SignerInfoStr {

146 SECItem version;

147 CERTIssuerAndSN *issuerAndSN;

148 SECAlgorithmID digestAlg;

149 SEC_PKCS7Attribute **authAttr;

150 SECAlgorithmID digestEncAlg;

151 SECItem encDigest;

152 SEC_PKCS7Attribute **unAuthAttr;

153 CERTCertificate cert; / local; not part of encoding */

154 CERTCertificateList certList; / local; not part of encoding */

155 };

156 #define SEC_PKCS7_SIGNER_INFO_VERSION 1 /* what we create */

157

158 struct SEC_PKCS7RecipientInfoStr {

159 SECItem version;

160 CERTIssuerAndSN *issuerAndSN;

161 SECAlgorithmID keyEncAlg;

162 SECItem encKey;

163 CERTCertificate cert; / local; not part of encoding */

164 };

165 #define SEC_PKCS7_RECIPIENT_INFO_VERSION 0 /* what we create */

166

167 struct SEC_PKCS7DigestedDataStr {

168 SECItem version;

169 SECAlgorithmID digestAlg;

170 SEC_PKCS7ContentInfo contentInfo;

171 SECItem digest;

172 };

173 #define SEC_PKCS7_DIGESTED_DATA_VERSION 0 /* what we create */

174

175 struct SEC_PKCS7EncryptedDataStr {

176 SECItem version;

177 SEC_PKCS7EncryptedContentInfo encContentInfo;

178 };

179 #define SEC_PKCS7_ENCRYPTED_DATA_VERSION 0 /* what we create */

180

181 /*

182 * See comment above about this type not really belonging to PKCS7.

183 */

184 struct SEC_PKCS7AttributeStr {

185 /* The following fields make up an encoded Attribute: */

186 SECItem type;

187 SECItem *values; / data may or may not be encoded */

188 /* The following fields are not part of an encoded Attribute: */

189 SECOidData *typeTag;

190 PRBool encoded; /* when true, values are encoded */

191 };

192

193 /*

194 * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.

195 * If specified, this is where the content bytes (only) will be "sent"

196 * as they are recovered during the decoding.

197 *

198 * XXX Should just combine this with SEC_PKCS7EncoderContentCallback type

199 * and use a simpler, common name.

200 */

201 typedef void (* SEC_PKCS7DecoderContentCallback)(void *arg,

202 const char *buf,

203 unsigned long len);

204

205 /*

206 * Type of function passed to SEC_PKCS7Encode or SEC_PKCS7EncoderStart.

207 * This is where the encoded bytes will be "sent".

208 *

209 * XXX Should just combine this with SEC_PKCS7DecoderContentCallback type

210 * and use a simpler, common name.

211 */

212 typedef void (* SEC_PKCS7EncoderOutputCallback)(void *arg,

213 const char *buf,

214 unsigned long len);

215

216

217 /*

218 * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart

219 * to retrieve the decryption key. This function is inteded to be

220 * used for EncryptedData content info's which do not have a key available

221 * in a certificate, etc.

222 */

223 typedef PK11SymKey * (* SEC_PKCS7GetDecryptKeyCallback)(void *arg,

224 SECAlgorithmID *algid);

225

226 /*

227 * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.

228 * This function in intended to be used to verify that decrypting a

229 * particular crypto algorithm is allowed. Content types which do not

230 * require decryption will not need the callback. If the callback

231 * is not specified for content types which require decryption, the

232 * decryption will be disallowed.

233 */

234 typedef PRBool (* SEC_PKCS7DecryptionAllowedCallback)(SECAlgorithmID *algid,

235 PK11SymKey *bulkkey);

236

237 #endif /* _PKCS7T_H_ */

OLD	NEW

« no previous file with comments | « mozilla/security/nss/lib/pkcs7/p7local.c ('k') | mozilla/security/nss/lib/pkcs7/secmime.h » ('j') | no next file with comments »