Delete bundled copy of NSS and replace with README.

nss/lib/libpkix/include/pkixt.h

-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-/*
- * This file defines the types in the libpkix API.
- * XXX Maybe we should specify the API version number in all API header files
- *
- */
-
-#ifndef _PKIXT_H
-#define _PKIXT_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "secerr.h"
-
-/* Types
- *
- * This header file provides typedefs for the abstract types used by libpkix.
- * It also provides several useful macros.
- *
- * Note that all these abstract types are typedef'd as opaque structures. This
- * is intended to discourage the caller from looking at the contents directly,
- * since the format of the contents may change from one version of the library
- * to the next. Instead, callers should only access these types using the
- * functions defined in the public header files.
- *
- * An instance of an abstract type defined in this file is called an "object"
- * here, although C does not have real support for objects.
- *
- * Because C does not typically have automatic garbage collection, the caller
- * is expected to release the reference to any object that they create or that
- * is returned to them by a libpkix function. The caller should do this by
- * using the PKIX_PL_Object_DecRef function. Note that the caller should not
- * release the reference to an object if the object has been passed to a
- * libpkix function and that function has not returned.
- *
- * Please refer to libpkix Programmer's Guide for more details.
- */
-
-/* Version
- *
- * These macros specify the major and minor version of the libpkix API defined
- * by this header file.
- */
-
-#define PKIX_MAJOR_VERSION              ((PKIX_UInt32) 0)
-#define PKIX_MINOR_VERSION              ((PKIX_UInt32) 3)
-
-/* Maximum minor version
- *
- * This macro is used to specify that the caller wants the largest minor
- * version available.
- */
-
-#define PKIX_MAX_MINOR_VERSION          ((PKIX_UInt32) 4000000000)
-
-/* Define Cert Store type for database access */
-#define PKIX_STORE_TYPE_NONE            0
-#define PKIX_STORE_TYPE_PK11            1
-
-/* Portable Code (PC) data types
- *
- * These types are used to perform the primary operations of this library:
- * building and validating chains of X.509 certificates.
- */
-
-typedef struct PKIX_ErrorStruct PKIX_Error;
-typedef struct PKIX_ProcessingParamsStruct PKIX_ProcessingParams;
-typedef struct PKIX_ValidateParamsStruct PKIX_ValidateParams;
-typedef struct PKIX_ValidateResultStruct PKIX_ValidateResult;
-typedef struct PKIX_ResourceLimitsStruct PKIX_ResourceLimits;
-typedef struct PKIX_BuildResultStruct PKIX_BuildResult;
-typedef struct PKIX_CertStoreStruct PKIX_CertStore;
-typedef struct PKIX_CertChainCheckerStruct PKIX_CertChainChecker;
-typedef struct PKIX_RevocationCheckerStruct PKIX_RevocationChecker;
-typedef struct PKIX_CertSelectorStruct PKIX_CertSelector;
-typedef struct PKIX_CRLSelectorStruct PKIX_CRLSelector;
-typedef struct PKIX_ComCertSelParamsStruct PKIX_ComCertSelParams;
-typedef struct PKIX_ComCRLSelParamsStruct PKIX_ComCRLSelParams;
-typedef struct PKIX_TrustAnchorStruct PKIX_TrustAnchor;
-typedef struct PKIX_PolicyNodeStruct PKIX_PolicyNode;
-typedef struct PKIX_LoggerStruct PKIX_Logger;
-typedef struct PKIX_ListStruct PKIX_List;
-typedef struct PKIX_ForwardBuilderStateStruct PKIX_ForwardBuilderState;
-typedef struct PKIX_DefaultRevocationCheckerStruct
-                        PKIX_DefaultRevocationChecker;
-typedef struct PKIX_VerifyNodeStruct PKIX_VerifyNode;
-
-/* Portability Layer (PL) data types
- *
- * These types are used are used as portable data types that are defined
- * consistently across platforms
- */
-
-typedef struct PKIX_PL_NssContextStruct PKIX_PL_NssContext;
-typedef struct PKIX_PL_ObjectStruct PKIX_PL_Object;
-typedef struct PKIX_PL_ByteArrayStruct PKIX_PL_ByteArray;
-typedef struct PKIX_PL_HashTableStruct PKIX_PL_HashTable;
-typedef struct PKIX_PL_MutexStruct PKIX_PL_Mutex;
-typedef struct PKIX_PL_RWLockStruct PKIX_PL_RWLock;
-typedef struct PKIX_PL_MonitorLockStruct PKIX_PL_MonitorLock;
-typedef struct PKIX_PL_BigIntStruct PKIX_PL_BigInt;
-typedef struct PKIX_PL_StringStruct PKIX_PL_String;
-typedef struct PKIX_PL_OIDStruct PKIX_PL_OID;
-typedef struct PKIX_PL_CertStruct PKIX_PL_Cert;
-typedef struct PKIX_PL_GeneralNameStruct PKIX_PL_GeneralName;
-typedef struct PKIX_PL_X500NameStruct PKIX_PL_X500Name;
-typedef struct PKIX_PL_PublicKeyStruct PKIX_PL_PublicKey;
-typedef struct PKIX_PL_DateStruct PKIX_PL_Date;
-typedef struct PKIX_PL_CertNameConstraintsStruct PKIX_PL_CertNameConstraints;
-typedef struct PKIX_PL_CertBasicConstraintsStruct PKIX_PL_CertBasicConstraints;
-typedef struct PKIX_PL_CertPoliciesStruct PKIX_PL_CertPolicies;
-typedef struct PKIX_PL_CertPolicyInfoStruct PKIX_PL_CertPolicyInfo;
-typedef struct PKIX_PL_CertPolicyQualifierStruct PKIX_PL_CertPolicyQualifier;
-typedef struct PKIX_PL_CertPolicyMapStruct PKIX_PL_CertPolicyMap;
-typedef struct PKIX_PL_CRLStruct PKIX_PL_CRL;
-typedef struct PKIX_PL_CRLEntryStruct PKIX_PL_CRLEntry;
-typedef struct PKIX_PL_CollectionCertStoreStruct PKIX_PL_CollectionCertStore;
-typedef struct PKIX_PL_CollectionCertStoreContext
-                        PKIX_PL_CollectionCertStoreContext;
-typedef struct PKIX_PL_LdapCertStoreContext PKIX_PL_LdapCertStoreContext;
-typedef struct PKIX_PL_LdapRequestStruct PKIX_PL_LdapRequest;
-typedef struct PKIX_PL_LdapResponseStruct PKIX_PL_LdapResponse;
-typedef struct PKIX_PL_LdapDefaultClientStruct PKIX_PL_LdapDefaultClient;
-typedef struct PKIX_PL_SocketStruct PKIX_PL_Socket;
-typedef struct PKIX_PL_InfoAccessStruct PKIX_PL_InfoAccess;
-typedef struct PKIX_PL_AIAMgrStruct PKIX_PL_AIAMgr;
-typedef struct PKIX_PL_OcspCertIDStruct PKIX_PL_OcspCertID;
-typedef struct PKIX_PL_OcspRequestStruct PKIX_PL_OcspRequest;
-typedef struct PKIX_PL_OcspResponseStruct PKIX_PL_OcspResponse;
-typedef struct PKIX_PL_HttpClientStruct PKIX_PL_HttpClient;
-typedef struct PKIX_PL_HttpDefaultClientStruct PKIX_PL_HttpDefaultClient;
-typedef struct PKIX_PL_HttpCertStoreContextStruct PKIX_PL_HttpCertStoreContext;
-
-/* Primitive types
- *
- * In order to guarantee desired behavior as well as platform-independence, we
- * typedef these types depending on the platform. XXX This needs more work!
- */
-
-/* XXX Try compiling these files (and maybe the whole libpkix-nss) on Win32.
- * We don't know what type is at least 32 bits long. ISO C probably requires
- * at least 32 bits for long. we could default to that and only list platforms
- * where that's not true.
- *
- * #elif
- * #error
- * #endif
- */
-
-/* currently, int is 32 bits on all our supported platforms */
-
-typedef unsigned int PKIX_UInt32;
-typedef int PKIX_Int32;
-
-typedef int PKIX_Boolean;
-
-/* Object Types
- *
- * Every reference-counted PKIX_PL_Object is associated with an integer type.
- */
-#define PKIX_TYPES \
-    TYPEMACRO(AIAMGR), \
-    TYPEMACRO(BASICCONSTRAINTSCHECKERSTATE), \
-    TYPEMACRO(BIGINT), \
-    TYPEMACRO(BUILDRESULT), \
-    TYPEMACRO(BYTEARRAY), \
-    TYPEMACRO(CERT), \
-    TYPEMACRO(CERTBASICCONSTRAINTS), \
-    TYPEMACRO(CERTCHAINCHECKER), \
-    TYPEMACRO(CERTNAMECONSTRAINTS), \
-    TYPEMACRO(CERTNAMECONSTRAINTSCHECKERSTATE), \
-    TYPEMACRO(CERTPOLICYCHECKERSTATE), \
-    TYPEMACRO(CERTPOLICYINFO), \
-    TYPEMACRO(CERTPOLICYMAP), \
-    TYPEMACRO(CERTPOLICYNODE), \
-    TYPEMACRO(CERTPOLICYQUALIFIER), \
-    TYPEMACRO(CERTSELECTOR), \
-    TYPEMACRO(CERTSTORE), \
-    TYPEMACRO(COLLECTIONCERTSTORECONTEXT), \
-    TYPEMACRO(COMCERTSELPARAMS), \
-    TYPEMACRO(COMCRLSELPARAMS), \
-    TYPEMACRO(CRL), \
-    TYPEMACRO(CRLDP), \
-    TYPEMACRO(CRLENTRY), \
-    TYPEMACRO(CRLSELECTOR), \
-    TYPEMACRO(DATE), \
-    TYPEMACRO(CRLCHECKER), \
-    TYPEMACRO(EKUCHECKER), \
-    TYPEMACRO(ERROR), \
-    TYPEMACRO(FORWARDBUILDERSTATE), \
-    TYPEMACRO(GENERALNAME), \
-    TYPEMACRO(HASHTABLE), \
-    TYPEMACRO(HTTPCERTSTORECONTEXT), \
-    TYPEMACRO(HTTPDEFAULTCLIENT), \
-    TYPEMACRO(INFOACCESS), \
-    TYPEMACRO(LDAPDEFAULTCLIENT), \
-    TYPEMACRO(LDAPREQUEST), \
-    TYPEMACRO(LDAPRESPONSE), \
-    TYPEMACRO(LIST), \
-    TYPEMACRO(LOGGER), \
-    TYPEMACRO(MONITORLOCK), \
-    TYPEMACRO(MUTEX), \
-    TYPEMACRO(OBJECT), \
-    TYPEMACRO(OCSPCERTID), \
-    TYPEMACRO(OCSPCHECKER), \
-    TYPEMACRO(OCSPREQUEST), \
-    TYPEMACRO(OCSPRESPONSE), \
-    TYPEMACRO(OID), \
-    TYPEMACRO(REVOCATIONCHECKER), \
-    TYPEMACRO(PROCESSINGPARAMS), \
-    TYPEMACRO(PUBLICKEY), \
-    TYPEMACRO(RESOURCELIMITS), \
-    TYPEMACRO(RWLOCK), \
-    TYPEMACRO(SIGNATURECHECKERSTATE), \
-    TYPEMACRO(SOCKET), \
-    TYPEMACRO(STRING), \
-    TYPEMACRO(TARGETCERTCHECKERSTATE), \
-    TYPEMACRO(TRUSTANCHOR), \
-    TYPEMACRO(VALIDATEPARAMS), \
-    TYPEMACRO(VALIDATERESULT), \
-    TYPEMACRO(VERIFYNODE), \
-    TYPEMACRO(X500NAME)
-
-#define TYPEMACRO(type) PKIX_ ## type ## _TYPE
-
-typedef enum {     /* Now invoke all those TYPEMACROs to assign the numbers */
-   PKIX_TYPES,
-   PKIX_NUMTYPES   /* This gets PKIX_NUMTYPES defined as the total number */
-} PKIX_TYPENUM;
-
-
-#ifdef PKIX_USER_OBJECT_TYPE
-
-/* User Define Object Types
- *
- * User may define their own object types offset from PKIX_USER_OBJECT_TYPE
- */
-#define PKIX_USER_OBJECT_TYPEBASE 1000
-
-#endif /* PKIX_USER_OBJECT_TYPE */
-
-/* Error Codes
- *
- * This list is used to define a set of PKIX_Error exception class numbers.
- * ERRMACRO is redefined to produce a corresponding set of
- * strings in the table "const char *PKIX_ERRORCLASSNAMES[PKIX_NUMERRORCLASSES]" in
- * pkix_error.c. For example, since the fifth ERRMACRO entry is MUTEX, then
- * PKIX_MUTEX_ERROR is defined in pkixt.h as 4, and PKIX_ERRORCLASSNAMES[4] is
- * initialized in pkix_error.c with the value "MUTEX".
- */
-#define PKIX_ERRORCLASSES \
-   ERRMACRO(AIAMGR), \
-   ERRMACRO(BASICCONSTRAINTSCHECKERSTATE), \
-   ERRMACRO(BIGINT), \
-   ERRMACRO(BUILD), \
-   ERRMACRO(BUILDRESULT), \
-   ERRMACRO(BYTEARRAY), \
-   ERRMACRO(CERT), \
-   ERRMACRO(CERTBASICCONSTRAINTS), \
-   ERRMACRO(CERTCHAINCHECKER), \
-   ERRMACRO(CERTNAMECONSTRAINTS), \
-   ERRMACRO(CERTNAMECONSTRAINTSCHECKERSTATE), \
-   ERRMACRO(CERTPOLICYCHECKERSTATE), \
-   ERRMACRO(CERTPOLICYINFO), \
-   ERRMACRO(CERTPOLICYMAP), \
-   ERRMACRO(CERTPOLICYNODE), \
-   ERRMACRO(CERTPOLICYQUALIFIER), \
-   ERRMACRO(CERTSELECTOR), \
-   ERRMACRO(CERTSTORE), \
-   ERRMACRO(CERTVFYPKIX), \
-   ERRMACRO(COLLECTIONCERTSTORECONTEXT), \
-   ERRMACRO(COMCERTSELPARAMS), \
-   ERRMACRO(COMCRLSELPARAMS), \
-   ERRMACRO(CONTEXT), \
-   ERRMACRO(CRL), \
-   ERRMACRO(CRLDP), \
-   ERRMACRO(CRLENTRY), \
-   ERRMACRO(CRLSELECTOR), \
-   ERRMACRO(CRLCHECKER), \
-   ERRMACRO(DATE), \
-   ERRMACRO(EKUCHECKER), \
-   ERRMACRO(ERROR), \
-   ERRMACRO(FATAL), \
-   ERRMACRO(FORWARDBUILDERSTATE), \
-   ERRMACRO(GENERALNAME), \
-   ERRMACRO(HASHTABLE), \
-   ERRMACRO(HTTPCERTSTORECONTEXT), \
-   ERRMACRO(HTTPDEFAULTCLIENT), \
-   ERRMACRO(INFOACCESS), \
-   ERRMACRO(LDAPCLIENT), \
-   ERRMACRO(LDAPDEFAULTCLIENT), \
-   ERRMACRO(LDAPREQUEST), \
-   ERRMACRO(LDAPRESPONSE), \
-   ERRMACRO(LIFECYCLE), \
-   ERRMACRO(LIST), \
-   ERRMACRO(LOGGER), \
-   ERRMACRO(MEM), \
-   ERRMACRO(MONITORLOCK), \
-   ERRMACRO(MUTEX), \
-   ERRMACRO(OBJECT), \
-   ERRMACRO(OCSPCERTID), \
-   ERRMACRO(OCSPCHECKER), \
-   ERRMACRO(OCSPREQUEST), \
-   ERRMACRO(OCSPRESPONSE), \
-   ERRMACRO(OID), \
-   ERRMACRO(PROCESSINGPARAMS), \
-   ERRMACRO(PUBLICKEY), \
-   ERRMACRO(RESOURCELIMITS), \
-   ERRMACRO(REVOCATIONMETHOD), \
-   ERRMACRO(REVOCATIONCHECKER), \
-   ERRMACRO(RWLOCK), \
-   ERRMACRO(SIGNATURECHECKERSTATE), \
-   ERRMACRO(SOCKET), \
-   ERRMACRO(STRING), \
-   ERRMACRO(TARGETCERTCHECKERSTATE), \
-   ERRMACRO(TRUSTANCHOR), \
-   ERRMACRO(USERDEFINEDMODULES), \
-   ERRMACRO(VALIDATE), \
-   ERRMACRO(VALIDATEPARAMS), \
-   ERRMACRO(VALIDATERESULT), \
-   ERRMACRO(VERIFYNODE), \
-   ERRMACRO(X500NAME)
-
-#define ERRMACRO(type) PKIX_ ## type ## _ERROR
-
-typedef enum {     /* Now invoke all those ERRMACROs to assign the numbers */
-   PKIX_ERRORCLASSES,
-   PKIX_NUMERRORCLASSES   /* This gets PKIX_NUMERRORCLASSES defined as the total number */
-} PKIX_ERRORCLASS;
-
-/* Now define error strings (for internationalization) */
-
-#define PKIX_ERRORENTRY(name,desc,plerr) PKIX_ ## name
-
-/* Define all the error numbers */
-typedef enum    {
-#include "pkix_errorstrings.h"
-, PKIX_NUMERRORCODES
-} PKIX_ERRORCODE;
-
-extern const char * const PKIX_ErrorText[];
-
-/* String Formats
- *
- * These formats specify supported encoding formats for Strings.
- */
-
-#define PKIX_ESCASCII           0
-#define PKIX_UTF8               1
-#define PKIX_UTF16              2
-#define PKIX_UTF8_NULL_TERM     3
-#define PKIX_ESCASCII_DEBUG     4
-
-/* Name Types
- *
- * These types specify supported formats for GeneralNames.
- */
-
-#define PKIX_OTHER_NAME         1
-#define PKIX_RFC822_NAME        2
-#define PKIX_DNS_NAME           3
-#define PKIX_X400_ADDRESS       4
-#define PKIX_DIRECTORY_NAME     5
-#define PKIX_EDIPARTY_NAME      6
-#define PKIX_URI_NAME           7
-#define PKIX_IP_NAME            8
-#define PKIX_OID_NAME           9
-
-/* Key Usages
- *
- * These types specify supported Key Usages
- */
-
-#define PKIX_DIGITAL_SIGNATURE  0x001
-#define PKIX_NON_REPUDIATION    0x002
-#define PKIX_KEY_ENCIPHERMENT   0x004
-#define PKIX_DATA_ENCIPHERMENT  0x008
-#define PKIX_KEY_AGREEMENT      0x010
-#define PKIX_KEY_CERT_SIGN      0x020
-#define PKIX_CRL_SIGN           0x040
-#define PKIX_ENCIPHER_ONLY      0x080
-#define PKIX_DECIPHER_ONLY      0x100
-
-/* Reason Flags
- *
- * These macros specify supported Reason Flags
- */
-
-#define PKIX_UNUSED                     0x001
-#define PKIX_KEY_COMPROMISE             0x002
-#define PKIX_CA_COMPROMISE              0x004
-#define PKIX_AFFILIATION_CHANGED        0x008
-#define PKIX_SUPERSEDED                 0x010
-#define PKIX_CESSATION_OF_OPERATION     0x020
-#define PKIX_CERTIFICATE_HOLD           0x040
-#define PKIX_PRIVILEGE_WITHDRAWN        0x080
-#define PKIX_AA_COMPROMISE              0x100
-
-/* Boolean values
- *
- * These macros specify the Boolean values of TRUE and FALSE
- * XXX Is it the case that any non-zero value is actually considered TRUE
- * and this is just a convenient mnemonic macro?
- */
-
-#define PKIX_TRUE                       ((PKIX_Boolean) 1)
-#define PKIX_FALSE                      ((PKIX_Boolean) 0)
-
-/*
- * Define constants for basic constraints selector
- *      (see comments in pkix_certsel.h)
- */
-
-#define PKIX_CERTSEL_ENDENTITY_MIN_PATHLENGTH (-2)
-#define PKIX_CERTSEL_ALL_MATCH_MIN_PATHLENGTH (-1)
-
-/*
- * PKIX_ALLOC_ERROR is a special error object hard-coded into the pkix_error.o
- * object file. It is thrown if system memory cannot be allocated or may be
- * thrown for other unrecoverable errors. PKIX_ALLOC_ERROR is immutable.
- * IncRef, DecRef and all Settor functions cannot be called.
- * XXX Does anyone actually need to know about this?
- * XXX Why no DecRef? Would be good to handle it the same.
- */
-
-PKIX_Error* PKIX_ALLOC_ERROR(void);
-
-/*
- * In a CertBasicConstraints extension, if the CA flag is set,
- * indicating the certificate refers to a Certification
- * Authority, then the pathLen field indicates how many intermediate
- * certificates (not counting self-signed ones) can exist in a valid
- * chain following this certificate. If the pathLen has the value
- * of this constant, then the length of the chain is unlimited
- */
-#define PKIX_UNLIMITED_PATH_CONSTRAINT ((PKIX_Int32) -1)
-
-/*
- * Define Certificate Extension hard-coded OID's
- */
-#define PKIX_UNKNOWN_OID                       SEC_OID_UNKNOWN
-#define PKIX_CERTKEYUSAGE_OID                  SEC_OID_X509_KEY_USAGE
-#define PKIX_CERTSUBJALTNAME_OID               SEC_OID_X509_SUBJECT_ALT_NAME
-#define PKIX_BASICCONSTRAINTS_OID              SEC_OID_X509_BASIC_CONSTRAINTS
-#define PKIX_CRLREASONCODE_OID                 SEC_OID_X509_REASON_CODE
-#define PKIX_NAMECONSTRAINTS_OID               SEC_OID_X509_NAME_CONSTRAINTS
-#define PKIX_CERTIFICATEPOLICIES_OID           SEC_OID_X509_CERTIFICATE_POLICIES
-#define PKIX_CERTIFICATEPOLICIES_ANYPOLICY_OID SEC_OID_X509_ANY_POLICY
-#define PKIX_POLICYMAPPINGS_OID                SEC_OID_X509_POLICY_MAPPINGS
-#define PKIX_POLICYCONSTRAINTS_OID             SEC_OID_X509_POLICY_CONSTRAINTS
-#define PKIX_EXTENDEDKEYUSAGE_OID              SEC_OID_X509_EXT_KEY_USAGE
-#define PKIX_INHIBITANYPOLICY_OID              SEC_OID_X509_INHIBIT_ANY_POLICY 
-#define PKIX_NSCERTTYPE_OID                    SEC_OID_NS_CERT_EXT_CERT_TYPE
-#define PKIX_KEY_USAGE_SERVER_AUTH_OID         SEC_OID_EXT_KEY_USAGE_SERVER_AUTH
-#define PKIX_KEY_USAGE_CLIENT_AUTH_OID         SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH
-#define PKIX_KEY_USAGE_CODE_SIGN_OID           SEC_OID_EXT_KEY_USAGE_CODE_SIGN
-#define PKIX_KEY_USAGE_EMAIL_PROTECT_OID       SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT
-#define PKIX_KEY_USAGE_TIME_STAMP_OID          SEC_OID_EXT_KEY_USAGE_TIME_STAMP
-#define PKIX_KEY_USAGE_OCSP_RESPONDER_OID      SEC_OID_OCSP_RESPONDER
-
-
-/* Available revocation method types. */
-typedef enum PKIX_RevocationMethodTypeEnum {
-    PKIX_RevocationMethod_CRL = 0,
-    PKIX_RevocationMethod_OCSP,
-    PKIX_RevocationMethod_MAX
-} PKIX_RevocationMethodType;
-
-/* A set of statuses revocation checker operates on */
-typedef enum PKIX_RevocationStatusEnum {
-    PKIX_RevStatus_NoInfo = 0,
-    PKIX_RevStatus_Revoked,
-    PKIX_RevStatus_Success
-} PKIX_RevocationStatus;
-
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _PKIXT_H */