tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

pkitm.h (2741B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 #ifndef PKITM_H
      6 #define PKITM_H
      7 
      8 /*
      9 * pkitm.h
     10 *
     11 * This file contains PKI-module specific types.
     12 */
     13 
     14 #ifndef BASET_H
     15 #include "baset.h"
     16 #endif /* BASET_H */
     17 
     18 #ifndef PKIT_H
     19 #include "pkit.h"
     20 #endif /* PKIT_H */
     21 
     22 PR_BEGIN_EXTERN_C
     23 
     24 typedef enum nssCertIDMatchEnum {
     25    nssCertIDMatch_Yes = 0,
     26    nssCertIDMatch_No = 1,
     27    nssCertIDMatch_Unknown = 2
     28 } nssCertIDMatch;
     29 
     30 /*
     31 * nssDecodedCert
     32 *
     33 * This is an interface to allow the PKI module access to certificate
     34 * information that can only be found by decoding.  The interface is
     35 * generic, allowing each certificate type its own way of providing
     36 * the information
     37 */
     38 struct nssDecodedCertStr {
     39    NSSCertificateType type;
     40    void *data;
     41    /* returns the unique identifier for the cert */
     42    NSSItem *(*getIdentifier)(nssDecodedCert *dc);
     43    /* returns the unique identifier for this cert's issuer */
     44    void *(*getIssuerIdentifier)(nssDecodedCert *dc);
     45    /* is id the identifier for this cert? */
     46    nssCertIDMatch (*matchIdentifier)(nssDecodedCert *dc, void *id);
     47    /* is this cert a valid CA cert? */
     48    PRBool (*isValidIssuer)(nssDecodedCert *dc);
     49    /* returns the cert usage */
     50    NSSUsage *(*getUsage)(nssDecodedCert *dc);
     51    /* is time within the validity period of the cert? */
     52    PRBool (*isValidAtTime)(nssDecodedCert *dc, NSSTime *time);
     53    /* is the validity period of this cert newer than cmpdc? */
     54    PRBool (*isNewerThan)(nssDecodedCert *dc, nssDecodedCert *cmpdc);
     55    /* does the usage for this cert match the requested usage? */
     56    PRBool (*matchUsage)(nssDecodedCert *dc, const NSSUsage *usage);
     57    /* is this cert trusted for the requested usage? */
     58    PRBool (*isTrustedForUsage)(nssDecodedCert *dc,
     59                                const NSSUsage *usage);
     60    /* extract the email address */
     61    NSSASCII7 *(*getEmailAddress)(nssDecodedCert *dc);
     62    /* extract the DER-encoded serial number */
     63    PRStatus (*getDERSerialNumber)(nssDecodedCert *dc,
     64                                   NSSDER *derSerial, NSSArena *arena);
     65 };
     66 
     67 struct NSSUsageStr {
     68    PRBool anyUsage;
     69    SECCertUsage nss3usage;
     70    PRBool nss3lookingForCA;
     71 };
     72 
     73 typedef struct nssPKIObjectCollectionStr nssPKIObjectCollection;
     74 
     75 typedef struct
     76 {
     77    union {
     78        PRStatus (*cert)(NSSCertificate *c, void *arg);
     79        PRStatus (*crl)(NSSCRL *crl, void *arg);
     80        PRStatus (*pvkey)(NSSPrivateKey *vk, void *arg);
     81        PRStatus (*pbkey)(NSSPublicKey *bk, void *arg);
     82    } func;
     83    void *arg;
     84 } nssPKIObjectCallback;
     85 
     86 PR_END_EXTERN_C
     87 
     88 #endif /* PKITM_H */