PageRenderTime 40ms CodeModel.GetById 9ms app.highlight 24ms RepoModel.GetById 2ms app.codeStats 0ms

/security/nss/lib/crmf/crmfi.h

http://github.com/zpao/v8monkey
C Header | 218 lines | 101 code | 26 blank | 91 comment | 0 complexity | a72e8c677832c0c2f69fc02c5ed946bb MD5 | raw file
  1/* -*- Mode: C; tab-width: 8 -*-*/
  2/* ***** BEGIN LICENSE BLOCK *****
  3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  4 *
  5 * The contents of this file are subject to the Mozilla Public License Version
  6 * 1.1 (the "License"); you may not use this file except in compliance with
  7 * the License. You may obtain a copy of the License at
  8 * http://www.mozilla.org/MPL/
  9 *
 10 * Software distributed under the License is distributed on an "AS IS" basis,
 11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 12 * for the specific language governing rights and limitations under the
 13 * License.
 14 *
 15 * The Original Code is the Netscape security libraries.
 16 *
 17 * The Initial Developer of the Original Code is
 18 * Netscape Communications Corporation.
 19 * Portions created by the Initial Developer are Copyright (C) 1994-2000
 20 * the Initial Developer. All Rights Reserved.
 21 *
 22 * Contributor(s):
 23 *
 24 * Alternatively, the contents of this file may be used under the terms of
 25 * either the GNU General Public License Version 2 or later (the "GPL"), or
 26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 27 * in which case the provisions of the GPL or the LGPL are applicable instead
 28 * of those above. If you wish to allow use of your version of this file only
 29 * under the terms of either the GPL or the LGPL, and not to allow others to
 30 * use your version of this file under the terms of the MPL, indicate your
 31 * decision by deleting the provisions above and replace them with the notice
 32 * and other provisions required by the GPL or the LGPL. If you do not delete
 33 * the provisions above, a recipient may use your version of this file under
 34 * the terms of any one of the MPL, the GPL or the LGPL.
 35 *
 36 * ***** END LICENSE BLOCK ***** */
 37
 38
 39#ifndef _CRMFI_H_
 40#define _CRMFI_H_
 41/* This file will contain all declarations common to both 
 42 * encoding and decoding of CRMF Cert Requests.  This header 
 43 * file should only be included internally by CRMF implementation
 44 * files.
 45 */
 46#include "secasn1.h"
 47#include "crmfit.h"
 48#include "secerr.h"
 49#include "blapit.h"
 50
 51#define CRMF_DEFAULT_ARENA_SIZE   1024
 52
 53/*
 54 * Explanation for the definition of MAX_WRAPPED_KEY_LEN:
 55 * 
 56 * It's used for internal buffers to transport a wrapped private key.
 57 * The value is in BYTES.
 58 * We want to define a reasonable upper bound for this value.
 59 * Ideally this could be calculated, but in order to simplify the code
 60 * we want to estimate the maximum requires size.
 61 * See also bug 655850 for the full explanation.
 62 * 
 63 * We know the largest wrapped keys are RSA keys.
 64 * We'll estimate the maximum size needed for wrapped RSA keys,
 65 * and assume it's sufficient for wrapped keys of any type we support.
 66 * 
 67 * The maximum size of RSA keys in bits is defined elsewhere as
 68 *   RSA_MAX_MODULUS_BITS
 69 * 
 70 * The idea is to define MAX_WRAPPED_KEY_LEN based on the above.
 71 * 
 72 * A wrapped RSA key requires about
 73 *   ( ( RSA_MAX_MODULUS_BITS / 8 ) * 5.5) + 65
 74 * bytes.
 75 * 
 76 * Therefore, a safe upper bound is:
 77 *   ( ( RSA_MAX_MODULUS_BITS / 8 ) *8 ) = RSA_MAX_MODULUS_BITS
 78 * 
 79 */
 80#define MAX_WRAPPED_KEY_LEN       RSA_MAX_MODULUS_BITS
 81
 82#define CRMF_BITS_TO_BYTES(bits) (((bits)+7)/8)
 83#define CRMF_BYTES_TO_BITS(bytes) ((bytes)*8)
 84
 85struct crmfEncoderArg {
 86    SECItem *buffer;
 87    long     allocatedLen;
 88};
 89
 90struct crmfEncoderOutput {
 91    CRMFEncoderOutputCallback fn;
 92    void *outputArg;
 93};
 94
 95/*
 96 * This function is used by the API for encoding functions that are 
 97 * exposed through the API, ie all of the CMMF_Encode* and CRMF_Encode*
 98 * functions.
 99 */
100extern void
101       crmf_encoder_out(void *arg, const char *buf, unsigned long len,
102                        int depth, SEC_ASN1EncodingPart data_kind);
103
104/*
105 * This function is used when we want to encode something locally within
106 * the library, ie the CertRequest so that we can produce its signature.
107 */
108extern SECStatus 
109       crmf_init_encoder_callback_arg (struct crmfEncoderArg *encoderArg,
110				       SECItem               *derDest);
111
112/*
113 * This is the callback function we feed to the ASN1 encoder when doing
114 * internal DER-encodings.  ie, encoding the cert request so we can 
115 * produce a signature.
116 */
117extern void
118crmf_generic_encoder_callback(void *arg, const char* buf, unsigned long len,
119			      int depth, SEC_ASN1EncodingPart data_kind);
120
121/* The ASN1 templates that need to be seen by internal files
122 * in order to implement CRMF.
123 */
124extern const SEC_ASN1Template CRMFCertReqMsgTemplate[];
125extern const SEC_ASN1Template CRMFRAVerifiedTemplate[];
126extern const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[];
127extern const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[];
128extern const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[];
129extern const SEC_ASN1Template CRMFThisMessageTemplate[];
130extern const SEC_ASN1Template CRMFSubsequentMessageTemplate[];
131extern const SEC_ASN1Template CRMFDHMACTemplate[];
132extern const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate[];
133extern const SEC_ASN1Template CRMFEncryptedValueTemplate[];
134
135/*
136 * Use these two values for encoding Boolean values.
137 */
138extern const unsigned char hexTrue;
139extern const unsigned char hexFalse;
140/*
141 * Prototypes for helper routines used internally by multiple files.
142 */
143extern SECStatus crmf_encode_integer(PRArenaPool *poolp, SECItem *dest, 
144				     long value);
145extern SECStatus crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest, 
146					  SECItem *src);
147
148extern SECStatus crmf_copy_pkiarchiveoptions(PRArenaPool           *poolp, 
149					     CRMFPKIArchiveOptions *destOpt,
150					     CRMFPKIArchiveOptions *srcOpt);
151extern SECStatus  
152       crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
153				      PRBool                 freeit);
154extern const SEC_ASN1Template*
155       crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl);
156
157extern SECStatus crmf_copy_encryptedkey(PRArenaPool       *poolp,
158					CRMFEncryptedKey  *srcEncrKey,
159					CRMFEncryptedKey  *destEncrKey);
160extern SECStatus
161crmf_copy_encryptedvalue(PRArenaPool        *poolp,
162			 CRMFEncryptedValue *srcValue,
163			 CRMFEncryptedValue *destValue);
164
165extern SECStatus
166crmf_copy_encryptedvalue_secalg(PRArenaPool     *poolp,
167				SECAlgorithmID  *srcAlgId,
168				SECAlgorithmID **destAlgId);
169
170extern SECStatus crmf_template_copy_secalg(PRArenaPool *poolp, 
171					   SECAlgorithmID **dest,
172					   SECAlgorithmID *src);
173
174extern SECStatus crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest, 
175				     CERTName *src);
176
177extern SECStatus crmf_template_add_public_key(PRArenaPool               *poolp,
178					      CERTSubjectPublicKeyInfo **dest,
179					      CERTSubjectPublicKeyInfo  *pubKey);
180
181extern CRMFCertExtension* crmf_create_cert_extension(PRArenaPool *poolp, 
182						     SECOidTag    tag, 
183						     PRBool       isCritical,
184						     SECItem     *data);
185extern CRMFCertRequest*
186crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq);
187
188extern SECStatus crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue, 
189					      PRBool freeit);
190
191extern CRMFEncryptedValue *
192crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey   *inPrivKey,
193					    SECKEYPublicKey    *inPubKey,
194					    CRMFEncryptedValue *destValue);
195
196extern CK_MECHANISM_TYPE 
197       crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey);
198
199extern SECStatus
200crmf_encrypted_value_unwrap_priv_key(PRArenaPool        *poolp,
201				     CRMFEncryptedValue *encValue,
202				     SECKEYPrivateKey   *privKey,
203				     SECKEYPublicKey    *newPubKey,
204				     SECItem            *nickname,
205				     PK11SlotInfo       *slot,
206				     unsigned char       keyUsage,
207				     SECKEYPrivateKey  **unWrappedKey,
208				     void               *wincx);
209
210extern SECItem*
211crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest);
212
213extern CRMFCertExtension*
214crmf_copy_cert_extension(PRArenaPool *poolp, CRMFCertExtension *inExtension);
215
216extern SECStatus
217crmf_create_prtime(SECItem *src, PRTime **dest);
218#endif /*_CRMFI_H_*/