pkix_pl_cert.h (3440B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 /* 5 * pkix_pl_cert.h 6 * 7 * Certificate Object Definitions 8 * 9 */ 10 11 #ifndef _PKIX_PL_CERT_H 12 #define _PKIX_PL_CERT_H 13 14 #include "pkix_pl_common.h" 15 16 #ifdef __cplusplus 17 extern "C" { 18 #endif 19 20 struct PKIX_PL_CertStruct { 21 CERTCertificate *nssCert; /* Must be the first field. The 22 * cert_NSSCertFromPKIXCert function in 23 * lib/certhigh/certvfypkix.c depends on 24 * this. */ 25 CERTGeneralName *nssSubjAltNames; 26 PLArenaPool *arenaNameConstraints; 27 PKIX_PL_X500Name *issuer; 28 PKIX_PL_X500Name *subject; 29 PKIX_List *subjAltNames; 30 PKIX_Boolean subjAltNamesAbsent; 31 PKIX_PL_OID *publicKeyAlgId; 32 PKIX_PL_PublicKey *publicKey; 33 PKIX_PL_BigInt *serialNumber; 34 PKIX_List *critExtOids; 35 PKIX_PL_ByteArray *subjKeyId; 36 PKIX_Boolean subjKeyIdAbsent; 37 PKIX_PL_ByteArray *authKeyId; 38 PKIX_Boolean authKeyIdAbsent; 39 PKIX_List *extKeyUsages; 40 PKIX_Boolean extKeyUsagesAbsent; 41 PKIX_PL_CertBasicConstraints *certBasicConstraints; 42 PKIX_Boolean basicConstraintsAbsent; 43 PKIX_List *certPolicyInfos; 44 PKIX_Boolean policyInfoAbsent; 45 PKIX_Boolean policyMappingsAbsent; 46 PKIX_List *certPolicyMappings; /* List of PKIX_PL_CertPolicyMap */ 47 PKIX_Boolean policyConstraintsProcessed; 48 PKIX_Int32 policyConstraintsExplicitPolicySkipCerts; 49 PKIX_Int32 policyConstraintsInhibitMappingSkipCerts; 50 PKIX_Boolean inhibitAnyPolicyProcessed; 51 PKIX_Int32 inhibitAnySkipCerts; 52 PKIX_PL_CertNameConstraints *nameConstraints; 53 PKIX_Boolean nameConstraintsAbsent; 54 PKIX_Boolean cacheFlag; 55 PKIX_CertStore *store; 56 PKIX_List *authorityInfoAccess; /* list of PKIX_PL_InfoAccess */ 57 PKIX_List *subjectInfoAccess; /* list of PKIX_PL_InfoAccess */ 58 PKIX_Boolean isUserTrustAnchor; 59 PKIX_List *crldpList; /* list of CRL DPs based on der in nssCert arena. 60 * Destruction is needed for pkix object and 61 * not for undelying der as it is a part 62 * nssCert arena. */ 63 }; 64 65 /* see source file for function documentation */ 66 67 PKIX_Error * 68 pkix_pl_Cert_RegisterSelf(void *plContext); 69 70 PKIX_Error * 71 pkix_pl_Cert_CreateWithNSSCert( 72 CERTCertificate *nssCert, 73 PKIX_PL_Cert **pCert, 74 void *plContext); 75 76 PKIX_Error * 77 pkix_pl_Cert_CreateToList( 78 SECItem *derCertItem, 79 PKIX_List *certList, 80 void *plContext); 81 82 PKIX_Error * 83 pkix_pl_Cert_CheckSubjectAltNameConstraints( 84 PKIX_PL_Cert *cert, 85 PKIX_PL_CertNameConstraints *nameConstraints, 86 PKIX_Boolean matchAll, 87 void *plContext); 88 89 PKIX_Error * 90 pkix_pl_Cert_ToString_Helper( 91 PKIX_PL_Cert *cert, 92 PKIX_Boolean partialString, 93 PKIX_PL_String **pString, 94 void *plContext); 95 96 PKIX_Error * 97 pkix_pl_Cert_CheckExtendedKeyUsage( 98 PKIX_PL_Cert *cert, 99 PKIX_UInt32 requiredExtendedKeyUsages, 100 PKIX_Boolean *pPass, 101 void *plContext); 102 103 #ifdef __cplusplus 104 } 105 #endif 106 107 #endif /* _PKIX_PL_CERT_H */