/security/nss/lib/crmf/crmfit.h

  1/* -*- Mode: C; tab-width: 8 -*-*/
  2/* ***** BEGIN LICENSE BLOCK *****
  3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  4 *
  5 * The contents of this file are subject to the Mozilla Public License Version
  6 * 1.1 (the "License"); you may not use this file except in compliance with
  7 * the License. You may obtain a copy of the License at
  8 * http://www.mozilla.org/MPL/
  9 *
 10 * Software distributed under the License is distributed on an "AS IS" basis,
 11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 12 * for the specific language governing rights and limitations under the
 13 * License.
 14 *
 15 * The Original Code is the Netscape security libraries.
 16 *
 17 * The Initial Developer of the Original Code is
 18 * Netscape Communications Corporation.
 19 * Portions created by the Initial Developer are Copyright (C) 1994-2000
 20 * the Initial Developer. All Rights Reserved.
 21 *
 22 * Contributor(s):
 23 *
 24 * Alternatively, the contents of this file may be used under the terms of
 25 * either the GNU General Public License Version 2 or later (the "GPL"), or
 26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 27 * in which case the provisions of the GPL or the LGPL are applicable instead
 28 * of those above. If you wish to allow use of your version of this file only
 29 * under the terms of either the GPL or the LGPL, and not to allow others to
 30 * use your version of this file under the terms of the MPL, indicate your
 31 * decision by deleting the provisions above and replace them with the notice
 32 * and other provisions required by the GPL or the LGPL. If you do not delete
 33 * the provisions above, a recipient may use your version of this file under
 34 * the terms of any one of the MPL, the GPL or the LGPL.
 35 *
 36 * ***** END LICENSE BLOCK ***** */
 37
 38
 39#ifndef _CRMFIT_H_
 40#define _CRMFIT_H_
 41
 42struct CRMFCertReqMessagesStr {
 43    CRMFCertReqMsg **messages;
 44    PRArenaPool     *poolp;
 45};
 46
 47struct CRMFCertExtensionStr {
 48    SECItem id;
 49    SECItem critical;
 50    SECItem value;
 51};
 52
 53
 54struct CRMFOptionalValidityStr {
 55    SECItem notBefore; 
 56    SECItem notAfter;
 57};
 58
 59struct CRMFCertTemplateStr {
 60    SECItem                   version;
 61    SECItem                   serialNumber;
 62    SECAlgorithmID           *signingAlg;
 63    CERTName                 *issuer;
 64    CRMFOptionalValidity     *validity;
 65    CERTName                 *subject;
 66    CERTSubjectPublicKeyInfo *publicKey;
 67    SECItem                   issuerUID;
 68    SECItem                   subjectUID; 
 69    CRMFCertExtension       **extensions;
 70    int                       numExtensions;
 71};
 72
 73struct CRMFCertIDStr {
 74    SECItem issuer; /* General Name */
 75    SECItem serialNumber; /*INTEGER*/
 76};
 77
 78struct CRMFEncryptedValueStr {
 79    SECAlgorithmID *intendedAlg;
 80    SECAlgorithmID *symmAlg;
 81    SECItem         encSymmKey; /*BIT STRING   */
 82    SECAlgorithmID *keyAlg;
 83    SECItem         valueHint;  /*OCTET STRING */
 84    SECItem         encValue;   /*BIT STRING   */
 85};
 86
 87/*
 88 * The field derValue will contain the actual der
 89 * to include in the encoding or that was read in
 90 * from a der blob. 
 91 */
 92struct CRMFEncryptedKeyStr {
 93    union {
 94        SEC_PKCS7ContentInfo   *envelopedData;
 95        CRMFEncryptedValue      encryptedValue; 
 96    } value;
 97    CRMFEncryptedKeyChoice encKeyChoice;
 98    SECItem derValue;
 99};
100
101/* ASN1 must only have one of the following 3 options. */
102struct CRMFPKIArchiveOptionsStr {
103    union {
104        CRMFEncryptedKey  encryptedKey;
105        SECItem           keyGenParameters;
106        SECItem           archiveRemGenPrivKey; /* BOOLEAN */
107    } option;
108    CRMFPKIArchiveOptionsType archOption;
109};
110
111struct CRMFPKIPublicationInfoStr {
112    SECItem action; /* Possible values                    */
113                    /* dontPublish (0), pleasePublish (1) */
114    CRMFSinglePubInfo **pubInfos; 
115};
116
117struct CRMFControlStr {
118    SECOidTag  tag;
119    SECItem    derTag;
120    SECItem    derValue;
121    /* These will be C structures used to represent the various 
122     * options.  Values that can't be stored as der right away.
123     * After creating these structures, we'll place their der
124     * encoding in derValue so the encoder knows how to get to
125     * it.
126     */
127    union {
128        CRMFCertID              oldCertId;
129        CRMFPKIArchiveOptions   archiveOptions;
130        CRMFPKIPublicationInfo  pubInfo;
131        CRMFProtocolEncrKey     protEncrKey; 
132    } value;
133};
134
135struct CRMFCertRequestStr {
136    SECItem            certReqId;
137    CRMFCertTemplate   certTemplate;
138    CRMFControl      **controls;
139    /* The following members are used by the internal implementation, but
140     * are not part of the encoding.
141     */
142    PRArenaPool *poolp;
143    PRUint32     requestID; /* This is the value that will be encoded into
144			     * the certReqId field.
145			     */
146};                                   
147
148struct CRMFAttributeStr {
149    SECItem derTag;
150    SECItem derValue;
151};
152
153struct CRMFCertReqMsgStr {
154    CRMFCertRequest            *certReq;
155    CRMFProofOfPossession      *pop;
156    CRMFAttribute             **regInfo;
157    SECItem                     derPOP;
158    /* This arena will be used for allocating memory when decoding.
159     */
160    PRArenaPool *poolp;
161    PRBool       isDecoded;
162};
163
164struct CRMFPOPOSigningKeyInputStr {
165    /* ASN1 must have only one of the next 2 options */
166    union {
167        SECItem          sender; /*General Name*/
168        CRMFPKMACValue  *publicKeyMAC;
169    }authInfo;
170    CERTSubjectPublicKeyInfo publicKey;
171};
172
173struct CRMFPOPOSigningKeyStr {
174    SECItem                  derInput; /*If in the future we support 
175                                        *POPOSigningKeyInput, this will
176                                        *a C structure representation
177                                        *instead.
178                                        */
179    SECAlgorithmID          *algorithmIdentifier;
180    SECItem                  signature; /* This is a BIT STRING. Remember */
181};                                      /* that when interpreting.        */
182
183/* ASN1 must only choose one of these members */
184struct CRMFPOPOPrivKeyStr {
185    union {
186        SECItem thisMessage; /* BIT STRING */
187        SECItem subsequentMessage; /*INTEGER*/ 
188        SECItem dhMAC; /*BIT STRING*/
189    } message;
190    CRMFPOPOPrivKeyChoice messageChoice;
191};
192
193/* ASN1 must only have one of these options. */
194struct CRMFProofOfPossessionStr {
195    union {
196        SECItem             raVerified;
197        CRMFPOPOSigningKey  signature;
198        CRMFPOPOPrivKey     keyEncipherment;
199        CRMFPOPOPrivKey     keyAgreement;
200    } popChoice;
201    CRMFPOPChoice       popUsed; /*Not part of encoding*/
202};
203
204struct CRMFPKMACValueStr {
205    SECAlgorithmID algID;
206    SECItem        value; /*BIT STRING*/
207};
208
209struct CRMFSinglePubInfoStr {
210    SECItem pubMethod; /* Possible Values:
211			*   dontCare (0)
212			*   x500     (1)
213			*   web      (2)
214			*   ldap     (3)
215			*/
216    CERTGeneralName *pubLocation; /* General Name */
217};
218
219#endif /* _CRMFIT_H_ */