/security/nss/lib/crmf/crmfi.h

http://github.com/zpao/v8monkey · C Header · 218 lines · 101 code · 26 blank · 91 comment · 0 complexity · a72e8c677832c0c2f69fc02c5ed946bb MD5 · raw file

  1. /* -*- Mode: C; tab-width: 8 -*-*/
  2. /* ***** BEGIN LICENSE BLOCK *****
  3. * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  4. *
  5. * The contents of this file are subject to the Mozilla Public License Version
  6. * 1.1 (the "License"); you may not use this file except in compliance with
  7. * the License. You may obtain a copy of the License at
  8. * http://www.mozilla.org/MPL/
  9. *
  10. * Software distributed under the License is distributed on an "AS IS" basis,
  11. * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  12. * for the specific language governing rights and limitations under the
  13. * License.
  14. *
  15. * The Original Code is the Netscape security libraries.
  16. *
  17. * The Initial Developer of the Original Code is
  18. * Netscape Communications Corporation.
  19. * Portions created by the Initial Developer are Copyright (C) 1994-2000
  20. * the Initial Developer. All Rights Reserved.
  21. *
  22. * Contributor(s):
  23. *
  24. * Alternatively, the contents of this file may be used under the terms of
  25. * either the GNU General Public License Version 2 or later (the "GPL"), or
  26. * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  27. * in which case the provisions of the GPL or the LGPL are applicable instead
  28. * of those above. If you wish to allow use of your version of this file only
  29. * under the terms of either the GPL or the LGPL, and not to allow others to
  30. * use your version of this file under the terms of the MPL, indicate your
  31. * decision by deleting the provisions above and replace them with the notice
  32. * and other provisions required by the GPL or the LGPL. If you do not delete
  33. * the provisions above, a recipient may use your version of this file under
  34. * the terms of any one of the MPL, the GPL or the LGPL.
  35. *
  36. * ***** END LICENSE BLOCK ***** */
  37. #ifndef _CRMFI_H_
  38. #define _CRMFI_H_
  39. /* This file will contain all declarations common to both
  40. * encoding and decoding of CRMF Cert Requests. This header
  41. * file should only be included internally by CRMF implementation
  42. * files.
  43. */
  44. #include "secasn1.h"
  45. #include "crmfit.h"
  46. #include "secerr.h"
  47. #include "blapit.h"
  48. #define CRMF_DEFAULT_ARENA_SIZE 1024
  49. /*
  50. * Explanation for the definition of MAX_WRAPPED_KEY_LEN:
  51. *
  52. * It's used for internal buffers to transport a wrapped private key.
  53. * The value is in BYTES.
  54. * We want to define a reasonable upper bound for this value.
  55. * Ideally this could be calculated, but in order to simplify the code
  56. * we want to estimate the maximum requires size.
  57. * See also bug 655850 for the full explanation.
  58. *
  59. * We know the largest wrapped keys are RSA keys.
  60. * We'll estimate the maximum size needed for wrapped RSA keys,
  61. * and assume it's sufficient for wrapped keys of any type we support.
  62. *
  63. * The maximum size of RSA keys in bits is defined elsewhere as
  64. * RSA_MAX_MODULUS_BITS
  65. *
  66. * The idea is to define MAX_WRAPPED_KEY_LEN based on the above.
  67. *
  68. * A wrapped RSA key requires about
  69. * ( ( RSA_MAX_MODULUS_BITS / 8 ) * 5.5) + 65
  70. * bytes.
  71. *
  72. * Therefore, a safe upper bound is:
  73. * ( ( RSA_MAX_MODULUS_BITS / 8 ) *8 ) = RSA_MAX_MODULUS_BITS
  74. *
  75. */
  76. #define MAX_WRAPPED_KEY_LEN RSA_MAX_MODULUS_BITS
  77. #define CRMF_BITS_TO_BYTES(bits) (((bits)+7)/8)
  78. #define CRMF_BYTES_TO_BITS(bytes) ((bytes)*8)
  79. struct crmfEncoderArg {
  80. SECItem *buffer;
  81. long allocatedLen;
  82. };
  83. struct crmfEncoderOutput {
  84. CRMFEncoderOutputCallback fn;
  85. void *outputArg;
  86. };
  87. /*
  88. * This function is used by the API for encoding functions that are
  89. * exposed through the API, ie all of the CMMF_Encode* and CRMF_Encode*
  90. * functions.
  91. */
  92. extern void
  93. crmf_encoder_out(void *arg, const char *buf, unsigned long len,
  94. int depth, SEC_ASN1EncodingPart data_kind);
  95. /*
  96. * This function is used when we want to encode something locally within
  97. * the library, ie the CertRequest so that we can produce its signature.
  98. */
  99. extern SECStatus
  100. crmf_init_encoder_callback_arg (struct crmfEncoderArg *encoderArg,
  101. SECItem *derDest);
  102. /*
  103. * This is the callback function we feed to the ASN1 encoder when doing
  104. * internal DER-encodings. ie, encoding the cert request so we can
  105. * produce a signature.
  106. */
  107. extern void
  108. crmf_generic_encoder_callback(void *arg, const char* buf, unsigned long len,
  109. int depth, SEC_ASN1EncodingPart data_kind);
  110. /* The ASN1 templates that need to be seen by internal files
  111. * in order to implement CRMF.
  112. */
  113. extern const SEC_ASN1Template CRMFCertReqMsgTemplate[];
  114. extern const SEC_ASN1Template CRMFRAVerifiedTemplate[];
  115. extern const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[];
  116. extern const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[];
  117. extern const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[];
  118. extern const SEC_ASN1Template CRMFThisMessageTemplate[];
  119. extern const SEC_ASN1Template CRMFSubsequentMessageTemplate[];
  120. extern const SEC_ASN1Template CRMFDHMACTemplate[];
  121. extern const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate[];
  122. extern const SEC_ASN1Template CRMFEncryptedValueTemplate[];
  123. /*
  124. * Use these two values for encoding Boolean values.
  125. */
  126. extern const unsigned char hexTrue;
  127. extern const unsigned char hexFalse;
  128. /*
  129. * Prototypes for helper routines used internally by multiple files.
  130. */
  131. extern SECStatus crmf_encode_integer(PRArenaPool *poolp, SECItem *dest,
  132. long value);
  133. extern SECStatus crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest,
  134. SECItem *src);
  135. extern SECStatus crmf_copy_pkiarchiveoptions(PRArenaPool *poolp,
  136. CRMFPKIArchiveOptions *destOpt,
  137. CRMFPKIArchiveOptions *srcOpt);
  138. extern SECStatus
  139. crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
  140. PRBool freeit);
  141. extern const SEC_ASN1Template*
  142. crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl);
  143. extern SECStatus crmf_copy_encryptedkey(PRArenaPool *poolp,
  144. CRMFEncryptedKey *srcEncrKey,
  145. CRMFEncryptedKey *destEncrKey);
  146. extern SECStatus
  147. crmf_copy_encryptedvalue(PRArenaPool *poolp,
  148. CRMFEncryptedValue *srcValue,
  149. CRMFEncryptedValue *destValue);
  150. extern SECStatus
  151. crmf_copy_encryptedvalue_secalg(PRArenaPool *poolp,
  152. SECAlgorithmID *srcAlgId,
  153. SECAlgorithmID **destAlgId);
  154. extern SECStatus crmf_template_copy_secalg(PRArenaPool *poolp,
  155. SECAlgorithmID **dest,
  156. SECAlgorithmID *src);
  157. extern SECStatus crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest,
  158. CERTName *src);
  159. extern SECStatus crmf_template_add_public_key(PRArenaPool *poolp,
  160. CERTSubjectPublicKeyInfo **dest,
  161. CERTSubjectPublicKeyInfo *pubKey);
  162. extern CRMFCertExtension* crmf_create_cert_extension(PRArenaPool *poolp,
  163. SECOidTag tag,
  164. PRBool isCritical,
  165. SECItem *data);
  166. extern CRMFCertRequest*
  167. crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq);
  168. extern SECStatus crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue,
  169. PRBool freeit);
  170. extern CRMFEncryptedValue *
  171. crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey *inPrivKey,
  172. SECKEYPublicKey *inPubKey,
  173. CRMFEncryptedValue *destValue);
  174. extern CK_MECHANISM_TYPE
  175. crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey);
  176. extern SECStatus
  177. crmf_encrypted_value_unwrap_priv_key(PRArenaPool *poolp,
  178. CRMFEncryptedValue *encValue,
  179. SECKEYPrivateKey *privKey,
  180. SECKEYPublicKey *newPubKey,
  181. SECItem *nickname,
  182. PK11SlotInfo *slot,
  183. unsigned char keyUsage,
  184. SECKEYPrivateKey **unWrappedKey,
  185. void *wincx);
  186. extern SECItem*
  187. crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest);
  188. extern CRMFCertExtension*
  189. crmf_copy_cert_extension(PRArenaPool *poolp, CRMFCertExtension *inExtension);
  190. extern SECStatus
  191. crmf_create_prtime(SECItem *src, PRTime **dest);
  192. #endif /*_CRMFI_H_*/