summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/crmf/cmmfit.h
blob: 014413f0757805b8bf6a6eff9297d6ccf0718acb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
/* -*- Mode: C; tab-width: 8 -*-*/
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef _CMMFIT_H_
#define _CMMFIT_H_

/*
 * All fields marked by a PKIStausInfo in comments is an integer
 * with the following possible values.
 *
 *  Integer Value          Meaning
 *  -------------          -------
 *         0               granted- got exactly what you asked for.
 *
 *         1               grantedWithMods-got something like what you asked
 *                          for;requester is responsible for ascertainging the
 *                          differences.
 *
 *         2               rejection-you don't get what you asked for; more
 *                          information elsewhere in the message
 *
 *         3               waiting-the request body part has not yet been
 *                          processed, expect to hear more later.
 *
 *         4               revocationWarning-this message contains a warning
 *                          that a revocation is imminent.
 *
 *         5               revocationNotification-notification that a
 *                          revocation has occurred.
 *
 *         6               keyUpdateWarning-update already done for the
 *                          oldCertId specified in FullCertTemplate.
 */

struct CMMFPKIStatusInfoStr {
    SECItem status;
    SECItem statusString;
    SECItem failInfo;
};

struct CMMFCertOrEncCertStr {
    union {
        CERTCertificate *certificate;
        CRMFEncryptedValue *encryptedCert;
    } cert;
    CMMFCertOrEncCertChoice choice;
    SECItem derValue;
};

struct CMMFCertifiedKeyPairStr {
    CMMFCertOrEncCert certOrEncCert;
    CRMFEncryptedValue *privateKey;
    SECItem derPublicationInfo; /* We aren't creating
                                 * PKIPublicationInfo's, so
                                 * we'll store away the der
                                 * here if we decode one that
                                 * does have pubInfo.
                                 */
    SECItem unwrappedPrivKey;
};

struct CMMFCertResponseStr {
    SECItem certReqId;
    CMMFPKIStatusInfo status; /*PKIStatusInfo*/
    CMMFCertifiedKeyPair *certifiedKeyPair;
};

struct CMMFCertRepContentStr {
    CERTCertificate **caPubs;
    CMMFCertResponse **response;
    PLArenaPool *poolp;
    PRBool isDecoded;
};

struct CMMFChallengeStr {
    SECAlgorithmID *owf;
    SECItem witness;
    SECItem senderDER;
    SECItem key;
    SECItem challenge;
    SECItem randomNumber;
};

struct CMMFRandStr {
    SECItem integer;
    SECItem senderHash;
    CERTGeneralName *sender;
};

struct CMMFPOPODecKeyChallContentStr {
    CMMFChallenge **challenges;
    PLArenaPool *poolp;
    int numChallenges;
    int numAllocated;
};

struct CMMFPOPODecKeyRespContentStr {
    SECItem **responses;
    PLArenaPool *poolp;
};

struct CMMFKeyRecRepContentStr {
    CMMFPKIStatusInfo status; /* PKIStatusInfo */
    CERTCertificate *newSigCert;
    CERTCertificate **caCerts;
    CMMFCertifiedKeyPair **keyPairHist;
    PLArenaPool *poolp;
    int numKeyPairs;
    int allocKeyPairs;
    PRBool isDecoded;
};

#endif /* _CMMFIT_H_ */