pkcs12t.h - mozsearch

mozilla-central/security/nss/lib/pkcs12/pkcs12t.h (file symbol)

Enable keyboard shortcuts

Source code

File a bug in NSS :: Libraries

Revision control

Copy as Markdown

Other Tools

/* This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef _PKCS12T_H_

#define _PKCS12T_H_

#include "seccomon.h"

#include "secoid.h"

#include "cert.h"

#include "keythi.h"

#include "plarena.h"

#include "secpkcs7.h"

#include "secdig.h" /* for SGNDigestInfo */

typedef enum {

    SECPKCS12TargetTokenNoCAs,           /* CA get loaded intothe fixed token,

                                          * User certs go to target token */

    SECPKCS12TargetTokenIntermediateCAs, /* User certs and intermediates go to

                                          * target token, root certs got to

                                          * fixed token */

    SECPKCS12TargetTokenAllCAs           /* All certs go to target token */

} SECPKCS12TargetTokenCAs;

/* PKCS12 Structures */

typedef struct SEC_PKCS12PFXItemStr SEC_PKCS12PFXItem;

typedef struct SEC_PKCS12MacDataStr SEC_PKCS12MacData;

typedef struct SEC_PKCS12AuthenticatedSafeStr SEC_PKCS12AuthenticatedSafe;

typedef struct SEC_PKCS12BaggageItemStr SEC_PKCS12BaggageItem;

typedef struct SEC_PKCS12BaggageStr SEC_PKCS12Baggage;

typedef struct SEC_PKCS12Baggage_OLDStr SEC_PKCS12Baggage_OLD;

typedef struct SEC_PKCS12ESPVKItemStr SEC_PKCS12ESPVKItem;

typedef struct SEC_PKCS12PVKSupportingDataStr SEC_PKCS12PVKSupportingData;

typedef struct SEC_PKCS12PVKAdditionalDataStr SEC_PKCS12PVKAdditionalData;

typedef struct SEC_PKCS12SafeContentsStr SEC_PKCS12SafeContents;

typedef struct SEC_PKCS12SafeBagStr SEC_PKCS12SafeBag;

typedef struct SEC_PKCS12PrivateKeyStr SEC_PKCS12PrivateKey;

typedef struct SEC_PKCS12PrivateKeyBagStr SEC_PKCS12PrivateKeyBag;

typedef struct SEC_PKCS12CertAndCRLBagStr SEC_PKCS12CertAndCRLBag;

typedef struct SEC_PKCS12CertAndCRLStr SEC_PKCS12CertAndCRL;

typedef struct SEC_PKCS12X509CertCRLStr SEC_PKCS12X509CertCRL;

typedef struct SEC_PKCS12SDSICertStr SEC_PKCS12SDSICert;

typedef struct SEC_PKCS12SecretStr SEC_PKCS12Secret;

typedef struct SEC_PKCS12SecretAdditionalStr SEC_PKCS12SecretAdditional;

typedef struct SEC_PKCS12SecretItemStr SEC_PKCS12SecretItem;

typedef struct SEC_PKCS12SecretBagStr SEC_PKCS12SecretBag;

typedef SECItem *(*SEC_PKCS12PasswordFunc)(SECItem *args);

/* PKCS12 types */

/* stores shrouded keys */

struct SEC_PKCS12BaggageStr {

    PLArenaPool *poolp;

    SEC_PKCS12BaggageItem **bags;

    int luggage_size; /* used locally */

};

/* additional data to be associated with keys.  currently there

 * is nothing defined to be stored here.  allows future expansion.

*/

struct SEC_PKCS12PVKAdditionalDataStr {

    PLArenaPool *poolp;

    SECOidData *pvkAdditionalTypeTag; /* used locally */

    SECItem pvkAdditionalType;

    SECItem pvkAdditionalContent;

};

/* cert and other supporting data for private keys.  used

 * for both shrouded and non-shrouded keys.

*/

struct SEC_PKCS12PVKSupportingDataStr {

    PLArenaPool *poolp;

    SGNDigestInfo **assocCerts;

    SECItem regenerable;

    SECItem nickname;

    SEC_PKCS12PVKAdditionalData pvkAdditional;

    SECItem pvkAdditionalDER;

    SECItem uniNickName;

    /* used locally */

    int nThumbs;

};

/* shrouded key structure.  supports only pkcs8 shrouding

 * currently.

*/

struct SEC_PKCS12ESPVKItemStr {

    PLArenaPool *poolp;   /* used locally */

    SECOidData *espvkTag; /* used locally */

    SECItem espvkOID;

    SEC_PKCS12PVKSupportingData espvkData;

    union {

        SECKEYEncryptedPrivateKeyInfo *pkcs8KeyShroud;

    } espvkCipherText;

    PRBool duplicate;    /* used locally */

    PRBool problem_cert; /* used locally */

    PRBool single_cert;  /* used locally */

    int nCerts;          /* used locally */

    SECItem derCert;     /* used locally */

};

/* generic bag store for the safe.  safeBagType identifies

 * the type of bag stored.

*/

struct SEC_PKCS12SafeBagStr {

    PLArenaPool *poolp;

    SECOidData *safeBagTypeTag; /* used locally */

    SECItem safeBagType;

    union {

        SEC_PKCS12PrivateKeyBag *keyBag;

        SEC_PKCS12CertAndCRLBag *certAndCRLBag;

        SEC_PKCS12SecretBag *secretBag;

    } safeContent;

    SECItem derSafeContent;

    SECItem safeBagName;

    SECItem uniSafeBagName;

};

/* stores private keys and certificates in a list.  each safebag

 * has an ID identifying the type of content stored.

*/

struct SEC_PKCS12SafeContentsStr {

    PLArenaPool *poolp;

    SEC_PKCS12SafeBag **contents;

    /* used for tracking purposes */

    int safe_size;

    PRBool old;

    PRBool swapUnicode;

    PRBool possibleSwapUnicode;

};

/* private key structure which holds encrypted private key and

 * supporting data including nickname and certificate thumbprint.

*/

struct SEC_PKCS12PrivateKeyStr {

    PLArenaPool *poolp;

    SEC_PKCS12PVKSupportingData pvkData;

    SECKEYPrivateKeyInfo pkcs8data; /* borrowed from PKCS 8 */

    PRBool duplicate;    /* used locally */

    PRBool problem_cert; /* used locally */

    PRBool single_cert;  /* used locally */

    int nCerts;          /* used locally */

    SECItem derCert;     /* used locally */

};

/* private key bag, holds a (null terminated) list of private key

 * structures.

*/

struct SEC_PKCS12PrivateKeyBagStr {

    PLArenaPool *poolp;

    SEC_PKCS12PrivateKey **privateKeys;

    int bag_size; /* used locally */

};

/* container to hold certificates.  currently supports x509

 * and sdsi certificates

*/

struct SEC_PKCS12CertAndCRLStr {

    PLArenaPool *poolp;

    SECOidData *BagTypeTag; /* used locally */

    SECItem BagID;

    union {

        SEC_PKCS12X509CertCRL *x509;

        SEC_PKCS12SDSICert *sdsi;

    } value;

    SECItem derValue;

    SECItem nickname; /* used locally */

    PRBool duplicate; /* used locally */

};

/* x509 certificate structure.  typically holds the der encoding

 * of the x509 certificate.  thumbprint contains a digest of the

 * certificate

*/

struct SEC_PKCS12X509CertCRLStr {

    PLArenaPool *poolp;

    SEC_PKCS7ContentInfo certOrCRL;

    SGNDigestInfo thumbprint;

    SECItem *derLeafCert; /* used locally */

};

/* sdsi certificate structure.  typically holds the der encoding

 * of the sdsi certificate.  thumbprint contains a digest of the

 * certificate

*/

struct SEC_PKCS12SDSICertStr {

    PLArenaPool *poolp;

    SECItem value;

    SGNDigestInfo thumbprint;

};

/* contains a null terminated list of certs and crls */

struct SEC_PKCS12CertAndCRLBagStr {

    PLArenaPool *poolp;

    SEC_PKCS12CertAndCRL **certAndCRLs;

    int bag_size; /* used locally */

};

/* additional secret information.  currently no information

 * stored in this structure.

*/

struct SEC_PKCS12SecretAdditionalStr {

    PLArenaPool *poolp;

    SECOidData *secretTypeTag; /* used locally */

    SECItem secretAdditionalType;

    SECItem secretAdditionalContent;

};

/* secrets container.  this will be used to contain currently

 * unspecified secrets.  (it's a secret)

*/

struct SEC_PKCS12SecretStr {

    PLArenaPool *poolp;

    SECItem secretName;

    SECItem value;

    SEC_PKCS12SecretAdditional secretAdditional;

    SECItem uniSecretName;

};

struct SEC_PKCS12SecretItemStr {

    PLArenaPool *poolp;

    SEC_PKCS12Secret secret;

    SEC_PKCS12SafeBag subFolder;

};

/* a bag of secrets.  holds a null terminated list of secrets.

*/

struct SEC_PKCS12SecretBagStr {

    PLArenaPool *poolp;

    SEC_PKCS12SecretItem **secrets;

    int bag_size; /* used locally */

};

struct SEC_PKCS12MacDataStr {

    SGNDigestInfo safeMac;

    SECItem macSalt;

};

/* outer transfer unit */

struct SEC_PKCS12PFXItemStr {

    PLArenaPool *poolp;

    SEC_PKCS12MacData macData;

    SEC_PKCS7ContentInfo authSafe;

    /* for compatibility with beta */

    PRBool old;

    SGNDigestInfo old_safeMac;

    SECItem old_macSalt;

    /* compatibility between platforms for unicode swapping */

    PRBool swapUnicode;

};

struct SEC_PKCS12BaggageItemStr {

    PLArenaPool *poolp;

    SEC_PKCS12ESPVKItem **espvks;

    SEC_PKCS12SafeBag **unencSecrets;

    int nEspvks;

    int nSecrets;

};

/* stores shrouded keys */

struct SEC_PKCS12Baggage_OLDStr {

    PLArenaPool *poolp;

    SEC_PKCS12ESPVKItem **espvks;

    int luggage_size; /* used locally */

};

/* authenticated safe, stores certs, keys, and shrouded keys */

struct SEC_PKCS12AuthenticatedSafeStr {

    PLArenaPool *poolp;

    SECItem version;

    SECOidData *transportTypeTag; /* local not part of encoding*/

    SECItem transportMode;

    SECItem privacySalt;

    SEC_PKCS12Baggage baggage;

    SEC_PKCS7ContentInfo *safe;

    /* used for beta compatibility */

    PRBool old;

    PRBool emptySafe;

    SEC_PKCS12Baggage_OLD old_baggage;

    SEC_PKCS7ContentInfo old_safe;

    PRBool swapUnicode;

};

#define SEC_PKCS12_PFX_VERSION 1 /* what we create */

/* PKCS 12 Templates */

extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[];

extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[];

extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[];

extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[];

extern const SEC_ASN1Template SEC_PKCS12MacDataTemplate[];

extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[];

extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate[];

extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[];

extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[];

extern const SEC_ASN1Template SEC_PKCS12PVKAdditionalTemplate[];

extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[];

extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[];

extern const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[];

extern const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[];

extern const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[];

extern const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[];

extern const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[];

extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[];

extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[];

extern const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[];

extern const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[];

extern const SEC_ASN1Template SEC_PKCS12SecretTemplate[];

extern const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[];

extern const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[];

extern const SEC_ASN1Template SGN_DigestInfoTemplate[];

extern const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[];

extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[];

extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[];

extern const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[];

extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[];

extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[];

extern const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[];

extern const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[];

extern const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[];

extern const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[];

extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[];

extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[];

#endif