security/nss/lib/crmf/crmfit.h

   1 /* -*- Mode: C; tab-width: 8 -*-*/
   2 /* ***** BEGIN LICENSE BLOCK *****
   3  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
   4  *
   5  * The contents of this file are subject to the Mozilla Public License Version
   6  * 1.1 (the "License"); you may not use this file except in compliance with
   7  * the License. You may obtain a copy of the License at
   8  * http://www.mozilla.org/MPL/
   9  *
  10  * Software distributed under the License is distributed on an "AS IS" basis,
  11  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  12  * for the specific language governing rights and limitations under the
  13  * License.
  14  *
  15  * The Original Code is the Netscape security libraries.
  16  *
  17  * The Initial Developer of the Original Code is
  18  * Netscape Communications Corporation.
  19  * Portions created by the Initial Developer are Copyright (C) 1994-2000
  20  * the Initial Developer. All Rights Reserved.
  21  *
  22  * Contributor(s):
  23  *
  24  * Alternatively, the contents of this file may be used under the terms of
  25  * either the GNU General Public License Version 2 or later (the "GPL"), or
  26  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  27  * in which case the provisions of the GPL or the LGPL are applicable instead
  28  * of those above. If you wish to allow use of your version of this file only
  29  * under the terms of either the GPL or the LGPL, and not to allow others to
  30  * use your version of this file under the terms of the MPL, indicate your
  31  * decision by deleting the provisions above and replace them with the notice
  32  * and other provisions required by the GPL or the LGPL. If you do not delete
  33  * the provisions above, a recipient may use your version of this file under
  34  * the terms of any one of the MPL, the GPL or the LGPL.
  35  *
  36  * ***** END LICENSE BLOCK ***** */
  37
  38
  39 #ifndef _CRMFIT_H_
  40 #define _CRMFIT_H_
  41
  42 struct CRMFCertReqMessagesStr {
  43     CRMFCertReqMsg **messages;
  44     PRArenaPool     *poolp;
  45 };
  46
  47 struct CRMFCertExtensionStr {
  48     SECItem id;
  49     SECItem critical;
  50     SECItem value;
  51 };
  52
  53
  54 struct CRMFOptionalValidityStr {
  55     SECItem notBefore;
  56     SECItem notAfter;
  57 };
  58
  59 struct CRMFCertTemplateStr {
  60     SECItem                   version;
  61     SECItem                   serialNumber;
  62     SECAlgorithmID           *signingAlg;
  63     CERTName                 *issuer;
  64     CRMFOptionalValidity     *validity;
  65     CERTName                 *subject;
  66     CERTSubjectPublicKeyInfo *publicKey;
  67     SECItem                   issuerUID;
  68     SECItem                   subjectUID;
  69     CRMFCertExtension       **extensions;
  70     int                       numExtensions;
  71 };
  72
  73 struct CRMFCertIDStr {
  74     SECItem issuer; /* General Name */
  75     SECItem serialNumber; /*INTEGER*/
  76 };
  77
  78 struct CRMFEncryptedValueStr {
  79     SECAlgorithmID *intendedAlg;
  80     SECAlgorithmID *symmAlg;
  81     SECItem         encSymmKey; /*BIT STRING   */
  82     SECAlgorithmID *keyAlg;
  83     SECItem         valueHint;  /*OCTET STRING */
  84     SECItem         encValue;   /*BIT STRING   */
  85 };
  86
  87 /*
  88  * The field derValue will contain the actual der
  89  * to include in the encoding or that was read in
  90  * from a der blob.
  91  */
  92 struct CRMFEncryptedKeyStr {
  93     union {
  94         SEC_PKCS7ContentInfo   *envelopedData;
  95         CRMFEncryptedValue      encryptedValue;
  96     } value;
  97     CRMFEncryptedKeyChoice encKeyChoice;
  98     SECItem derValue;
  99 };
 100
 101 /* ASN1 must only have one of the following 3 options. */
 102 struct CRMFPKIArchiveOptionsStr {
 103     union {
 104         CRMFEncryptedKey  encryptedKey;
 105         SECItem           keyGenParameters;
 106         SECItem           archiveRemGenPrivKey; /* BOOLEAN */
 107     } option;
 108     CRMFPKIArchiveOptionsType archOption;
 109 };
 110
 111 struct CRMFPKIPublicationInfoStr {
 112     SECItem action; /* Possible values                    */
 113                     /* dontPublish (0), pleasePublish (1) */
 114     CRMFSinglePubInfo **pubInfos;
 115 };
 116
 117 struct CRMFControlStr {
 118     SECOidTag  tag;
 119     SECItem    derTag;
 120     SECItem    derValue;
 121     /* These will be C structures used to represent the various
 122      * options.  Values that can't be stored as der right away.
 123      * After creating these structures, we'll place their der
 124      * encoding in derValue so the encoder knows how to get to
 125      * it.
 126      */
 127     union {
 128         CRMFCertID              oldCertId;
 129         CRMFPKIArchiveOptions   archiveOptions;
 130         CRMFPKIPublicationInfo  pubInfo;
 131         CRMFProtocolEncrKey     protEncrKey;
 132     } value;
 133 };
 134
 135 struct CRMFCertRequestStr {
 136     SECItem            certReqId;
 137     CRMFCertTemplate   certTemplate;
 138     CRMFControl      **controls;
 139     /* The following members are used by the internal implementation, but
 140      * are not part of the encoding.
 141      */
 142     PRArenaPool *poolp;
 143     PRUint32     requestID; /* This is the value that will be encoded into
 144                              * the certReqId field.
 145                              */
 146 };
 147
 148 struct CRMFAttributeStr {
 149     SECItem derTag;
 150     SECItem derValue;
 151 };
 152
 153 struct CRMFCertReqMsgStr {
 154     CRMFCertRequest            *certReq;
 155     CRMFProofOfPossession      *pop;
 156     CRMFAttribute             **regInfo;
 157     SECItem                     derPOP;
 158     /* This arena will be used for allocating memory when decoding.
 159      */
 160     PRArenaPool *poolp;
 161     PRBool       isDecoded;
 162 };
 163
 164 struct CRMFPOPOSigningKeyInputStr {
 165     /* ASN1 must have only one of the next 2 options */
 166     union {
 167         SECItem          sender; /*General Name*/
 168         CRMFPKMACValue  *publicKeyMAC;
 169     }authInfo;
 170     CERTSubjectPublicKeyInfo publicKey;
 171 };
 172
 173 struct CRMFPOPOSigningKeyStr {
 174     SECItem                  derInput; /*If in the future we support
 175                                         *POPOSigningKeyInput, this will
 176                                         *a C structure representation
 177                                         *instead.
 178                                         */
 179     SECAlgorithmID          *algorithmIdentifier;
 180     SECItem                  signature; /* This is a BIT STRING. Remember */
 181 };                                      /* that when interpreting.        */
 182
 183 /* ASN1 must only choose one of these members */
 184 struct CRMFPOPOPrivKeyStr {
 185     union {
 186         SECItem thisMessage; /* BIT STRING */
 187         SECItem subsequentMessage; /*INTEGER*/
 188         SECItem dhMAC; /*BIT STRING*/
 189     } message;
 190     CRMFPOPOPrivKeyChoice messageChoice;
 191 };
 192
 193 /* ASN1 must only have one of these options. */
 194 struct CRMFProofOfPossessionStr {
 195     union {
 196         SECItem             raVerified;
 197         CRMFPOPOSigningKey  signature;
 198         CRMFPOPOPrivKey     keyEncipherment;
 199         CRMFPOPOPrivKey     keyAgreement;
 200     } popChoice;
 201     CRMFPOPChoice       popUsed; /*Not part of encoding*/
 202 };
 203
 204 struct CRMFPKMACValueStr {
 205     SECAlgorithmID algID;
 206     SECItem        value; /*BIT STRING*/
 207 };
 208
 209 struct CRMFSinglePubInfoStr {
 210     SECItem pubMethod; /* Possible Values:
 211                         *   dontCare (0)
 212                         *   x500     (1)
 213                         *   web      (2)
 214                         *   ldap     (3)
 215                         */
 216     CERTGeneralName *pubLocation; /* General Name */
 217 };
 218
 219 #endif /* _CRMFIT_H_ */