| blob | 45206f4e9f7ccd8dc8f7ac33ddb97f2abd1f6b74 |
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 *
23 * Alternatively, the contents of this file may be used under the terms of
24 * either the GNU General Public License Version 2 or later (the "GPL"), or
25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26 * in which case the provisions of the GPL or the LGPL are applicable instead
27 * of those above. If you wish to allow use of your version of this file only
28 * under the terms of either the GPL or the LGPL, and not to allow others to
29 * use your version of this file under the terms of the MPL, indicate your
30 * decision by deleting the provisions above and replace them with the notice
31 * and other provisions required by the GPL or the LGPL. If you do not delete
32 * the provisions above, a recipient may use your version of this file under
33 * the terms of any one of the MPL, the GPL or the LGPL.
34 *
35 * ***** END LICENSE BLOCK ***** */
37 #ifndef _PKCS12T_H_
38 #define _PKCS12T_H_
50 * User certs go to target token */
52 * target token, root certs got to
53 * fixed token */
54 SECPKCS12TargetTokenAllCAs /* All certs go to target token */
57 /* PKCS12 Structures */
82 /* PKCS12 types */
84 /* stores shrouded keys */
85 struct SEC_PKCS12BaggageStr
86 {
91 };
93 /* additional data to be associated with keys. currently there
94 * is nothing defined to be stored here. allows future expansion.
95 */
96 struct SEC_PKCS12PVKAdditionalDataStr
97 {
100 SECItem pvkAdditionalType;
101 SECItem pvkAdditionalContent;
102 };
104 /* cert and other supporting data for private keys. used
105 * for both shrouded and non-shrouded keys.
106 */
107 struct SEC_PKCS12PVKSupportingDataStr
108 {
111 SECItem regenerable;
112 SECItem nickname;
113 SEC_PKCS12PVKAdditionalData pvkAdditional;
114 SECItem pvkAdditionalDER;
116 SECItem uniNickName;
117 /* used locally */
119 };
121 /* shrouded key structure. supports only pkcs8 shrouding
122 * currently.
123 */
124 struct SEC_PKCS12ESPVKItemStr
125 {
128 SECItem espvkOID;
129 SEC_PKCS12PVKSupportingData espvkData;
130 union
131 {
140 };
142 /* generic bag store for the safe. safeBagType identifies
143 * the type of bag stored.
144 */
145 struct SEC_PKCS12SafeBagStr
146 {
149 SECItem safeBagType;
150 union
151 {
157 SECItem derSafeContent;
158 SECItem safeBagName;
160 SECItem uniSafeBagName;
161 };
163 /* stores private keys and certificates in a list. each safebag
164 * has an ID identifying the type of content stored.
165 */
166 struct SEC_PKCS12SafeContentsStr
167 {
171 /* used for tracking purposes */
173 PRBool old;
174 PRBool swapUnicode;
175 PRBool possibleSwapUnicode;
176 };
178 /* private key structure which holds encrypted private key and
179 * supporting data including nickname and certificate thumbprint.
180 */
181 struct SEC_PKCS12PrivateKeyStr
182 {
184 SEC_PKCS12PVKSupportingData pvkData;
192 };
194 /* private key bag, holds a (null terminated) list of private key
195 * structures.
196 */
197 struct SEC_PKCS12PrivateKeyBagStr
198 {
203 };
205 /* container to hold certificates. currently supports x509
206 * and sdsi certificates
207 */
208 struct SEC_PKCS12CertAndCRLStr
209 {
212 SECItem BagID;
213 union
214 {
219 SECItem derValue;
222 };
224 /* x509 certificate structure. typically holds the der encoding
225 * of the x509 certificate. thumbprint contains a digest of the
226 * certificate
227 */
228 struct SEC_PKCS12X509CertCRLStr
229 {
231 SEC_PKCS7ContentInfo certOrCRL;
232 SGNDigestInfo thumbprint;
235 };
237 /* sdsi certificate structure. typically holds the der encoding
238 * of the sdsi certificate. thumbprint contains a digest of the
239 * certificate
240 */
241 struct SEC_PKCS12SDSICertStr
242 {
244 SECItem value;
245 SGNDigestInfo thumbprint;
246 };
248 /* contains a null terminated list of certs and crls */
249 struct SEC_PKCS12CertAndCRLBagStr
250 {
255 };
257 /* additional secret information. currently no information
258 * stored in this structure.
259 */
260 struct SEC_PKCS12SecretAdditionalStr
261 {
264 SECItem secretAdditionalType;
265 SECItem secretAdditionalContent;
266 };
268 /* secrets container. this will be used to contain currently
269 * unspecified secrets. (it's a secret)
270 */
271 struct SEC_PKCS12SecretStr
272 {
274 SECItem secretName;
275 SECItem value;
276 SEC_PKCS12SecretAdditional secretAdditional;
278 SECItem uniSecretName;
279 };
281 struct SEC_PKCS12SecretItemStr
282 {
284 SEC_PKCS12Secret secret;
285 SEC_PKCS12SafeBag subFolder;
286 };
288 /* a bag of secrets. holds a null terminated list of secrets.
289 */
290 struct SEC_PKCS12SecretBagStr
291 {
296 };
298 struct SEC_PKCS12MacDataStr
299 {
300 SGNDigestInfo safeMac;
301 SECItem macSalt;
302 };
304 /* outer transfer unit */
305 struct SEC_PKCS12PFXItemStr
306 {
308 SEC_PKCS12MacData macData;
309 SEC_PKCS7ContentInfo authSafe;
311 /* for compatibility with beta */
312 PRBool old;
313 SGNDigestInfo old_safeMac;
314 SECItem old_macSalt;
316 /* compatibility between platforms for unicode swapping */
317 PRBool swapUnicode;
318 };
327 };
329 /* stores shrouded keys */
330 struct SEC_PKCS12Baggage_OLDStr
331 {
336 };
338 /* authenticated safe, stores certs, keys, and shrouded keys */
339 struct SEC_PKCS12AuthenticatedSafeStr
340 {
342 SECItem version;
344 SECItem transportMode;
345 SECItem privacySalt;
346 SEC_PKCS12Baggage baggage;
349 /* used for beta compatibility */
350 PRBool old;
351 PRBool emptySafe;
352 SEC_PKCS12Baggage_OLD old_baggage;
353 SEC_PKCS7ContentInfo old_safe;
354 PRBool swapUnicode;
355 };
360 /* PKCS 12 Templates */
398 #endif