/security/nss/cmd/crlutil/crlgen.h

  1
  2#ifndef _CRLGEN_H_
  3#define _CRLGEN_H_
  4
  5#include "prio.h"
  6#include "prprf.h"
  7#include "plhash.h"
  8#include "seccomon.h"
  9#include "certt.h"
 10#include "secoidt.h"
 11
 12
 13#define CRLGEN_UNKNOWN_CONTEXT                   0
 14#define CRLGEN_ISSUER_CONTEXT                    1
 15#define CRLGEN_UPDATE_CONTEXT                    2
 16#define CRLGEN_NEXT_UPDATE_CONTEXT               3
 17#define CRLGEN_ADD_EXTENSION_CONTEXT             4
 18#define CRLGEN_ADD_CERT_CONTEXT                  6
 19#define CRLGEN_CHANGE_RANGE_CONTEXT              7
 20#define CRLGEN_RM_CERT_CONTEXT                   8
 21
 22#define CRLGEN_TYPE_DATE                         0
 23#define CRLGEN_TYPE_ZDATE                        1
 24#define CRLGEN_TYPE_DIGIT                        2
 25#define CRLGEN_TYPE_DIGIT_RANGE                  3
 26#define CRLGEN_TYPE_OID                          4
 27#define CRLGEN_TYPE_STRING                       5
 28#define CRLGEN_TYPE_ID                           6
 29
 30
 31typedef struct CRLGENGeneratorDataStr          CRLGENGeneratorData;
 32typedef struct CRLGENEntryDataStr              CRLGENEntryData;
 33typedef struct CRLGENExtensionEntryStr         CRLGENExtensionEntry;
 34typedef struct CRLGENCertEntrySrt              CRLGENCertEntry;
 35typedef struct CRLGENCrlFieldStr               CRLGENCrlField;
 36typedef struct CRLGENEntriesSortedDataStr      CRLGENEntriesSortedData;
 37
 38/* Exported functions */
 39
 40/* Used for initialization of extension handles for crl and certs
 41 * extensions from existing CRL data then modifying existing CRL.*/
 42extern SECStatus CRLGEN_ExtHandleInit(CRLGENGeneratorData *crlGenData);
 43
 44/* Commits all added entries and their's extensions into CRL. */
 45extern SECStatus CRLGEN_CommitExtensionsAndEntries(CRLGENGeneratorData *crlGenData);
 46
 47/* Lunches the crl generation script parse */
 48extern SECStatus CRLGEN_StartCrlGen(CRLGENGeneratorData *crlGenData);
 49
 50/* Closes crl generation script file and frees crlGenData */
 51extern void CRLGEN_FinalizeCrlGeneration(CRLGENGeneratorData *crlGenData);
 52
 53/* Parser initialization function. Creates CRLGENGeneratorData structure
 54 *  for the current thread */
 55extern CRLGENGeneratorData* CRLGEN_InitCrlGeneration(CERTSignedCrl *newCrl,
 56                                                     PRFileDesc *src);
 57
 58
 59/* This lock is defined in crlgen_lex.c(derived from crlgen_lex.l).
 60 * It controls access to invocation of yylex, allows to parse one
 61 * script at a time */
 62extern void CRLGEN_InitCrlGenParserLock();
 63extern void CRLGEN_DestroyCrlGenParserLock();
 64
 65
 66/* The following function types are used to define functions for each of
 67 * CRLGENExtensionEntryStr, CRLGENCertEntrySrt, CRLGENCrlFieldStr to
 68 * provide functionality needed for these structures*/
 69typedef SECStatus updateCrlFn_t(CRLGENGeneratorData *crlGenData, void *str);
 70typedef SECStatus setNextDataFn_t(CRLGENGeneratorData *crlGenData, void *str,
 71                                  void *data, unsigned short dtype);
 72typedef SECStatus createNewLangStructFn_t(CRLGENGeneratorData *crlGenData,
 73                                          void *str, unsigned i);
 74
 75/* Sets reports failure to parser if anything goes wrong */
 76extern void      crlgen_setFailure(CRLGENGeneratorData *str, char *);
 77
 78/* Collects data in to one of the current data structure that corresponds
 79 * to the correct context type. This function gets called after each token
 80 * is found for a particular line */
 81extern SECStatus crlgen_setNextData(CRLGENGeneratorData *str, void *data,
 82                             unsigned short dtype);
 83
 84/* initiates crl update with collected data. This function is called at the
 85 * end of each line */
 86extern SECStatus crlgen_updateCrl(CRLGENGeneratorData *str);
 87
 88/* Creates new context structure depending on token that was parsed
 89 * at the beginning of a line */
 90extern SECStatus crlgen_createNewLangStruct(CRLGENGeneratorData *str,
 91                                            unsigned structType);
 92
 93
 94/* CRLGENExtensionEntry is used to store addext request data for either 
 95 * CRL extensions or CRL entry extensions. The differentiation between
 96 * is based on order and type of extension been added.
 97 *    - extData : all data in request staring from name of the extension are
 98 *                in saved here.
 99 *    - nextUpdatedData: counter of elements added to extData
100 */
101struct CRLGENExtensionEntryStr {
102    char **extData;
103    int    nextUpdatedData;
104    updateCrlFn_t    *updateCrlFn;
105    setNextDataFn_t  *setNextDataFn;
106};
107
108/* CRLGENCeryestEntry is used to store addcert request data
109 *   - certId : certificate id or range of certificate with dash as a delimiter
110 *              All certs from range will be inclusively added to crl
111 *   - revocationTime: revocation time of cert(s)
112 */
113struct CRLGENCertEntrySrt {
114    char *certId;
115    char *revocationTime;
116    updateCrlFn_t   *updateCrlFn;
117    setNextDataFn_t *setNextDataFn;
118};
119
120
121/* CRLGENCrlField is used to store crl fields record like update time, next
122 * update time, etc.
123 *  - value: value of the parsed field data*/
124struct CRLGENCrlFieldStr {
125    char *value;
126    updateCrlFn_t   *updateCrlFn;
127    setNextDataFn_t *setNextDataFn;
128};
129
130/* Can not create entries extension until completely done with parsing.
131 * Therefore need to keep joined data
132 *   - certId : serial number of certificate
133 *   - extHandle: head pointer to a list of extensions that belong to
134 *                 entry
135 *   - entry : CERTCrlEntry structure pointer*/
136struct CRLGENEntryDataStr {
137    SECItem *certId;
138    void *extHandle;
139    CERTCrlEntry *entry;
140};
141
142/* Crl generator/parser main structure. Keeps info regarding current state of
143 * parser(context, status), parser helper functions pointers, parsed data and
144 * generated data.
145 *  - contextId : current parsing context. Context in this parser environment
146 *                defines what type of crl operations parser is going through
147 *                in the current line of crl generation script.
148 *                setting or new cert or an extension addition, etc.
149 *  - createNewLangStructFn: pointer to top level function which creates
150 *                             data structures according contextId
151 *  - setNextDataFn : pointer to top level function which sets new parsed data
152 *                    in temporary structure
153 *  - updateCrlFn   : pointer to top level function which triggers actual
154 *                    crl update functions with gathered data
155 *  - union         : data union create according to contextId
156 *  - rangeFrom, rangeTo : holds last range in which certs was added
157 *  - newCrl        : pointer to CERTSignedCrl newly created crl
158 *  - crlExtHandle : pointer to crl extension handle
159 *  - entryDataHashTable: hash of CRLGENEntryData.
160 *                     key: cert serial number
161 *                     data: CRLGENEntryData pointer
162 *  - parserStatus  : current status of parser. Triggers parser to abort when
163 *                    set to SECFailure
164 *  - src : PRFileDesc structure pointer of crl generator config file
165 *  - parsedLineNum : currently parsing line. Keeping it to report errors */ 
166struct CRLGENGeneratorDataStr {
167    unsigned short contextId;
168    CRLGENCrlField       *crlField;
169    CRLGENCertEntry      *certEntry;
170    CRLGENExtensionEntry *extensionEntry;	
171    PRUint64 rangeFrom;
172    PRUint64 rangeTo;
173    CERTSignedCrl *signCrl;
174    void *crlExtHandle;
175    PLHashTable *entryDataHashTable;
176    
177    PRFileDesc *src;
178    int parsedLineNum;
179};
180
181
182#endif /* _CRLGEN_H_ */